diff --git a/examples/approvals-by-spending-limit/.env.default b/examples/approvals-by-spending-limit/.env.default new file mode 100644 index 000000000..47a515e69 --- /dev/null +++ b/examples/approvals-by-spending-limit/.env.default @@ -0,0 +1,12 @@ +ADMIN_USER_ADDR=0xaaa... +MEMBER_USER_ADDR=-0xbbb... +SYSTEM_MANAGER_KEY=0xddd... +MEMBER_USER_CRED=0xeee... + +AUTH_HOST=https://auth.armory.narval.xyz +AUTH_CLIENT_ID=narval-example +VAULT_HOST=https://vault.armory.narval.xyz +VAULT_CLIENT_ID=narval-example + +AUTH_API_KEY=armory-admin-api-key +VAULT_API_KEY=vault-admin-api-key diff --git a/examples/approvals-by-spending-limit/README.md b/examples/approvals-by-spending-limit/README.md new file mode 100644 index 000000000..caf0ba392 --- /dev/null +++ b/examples/approvals-by-spending-limit/README.md @@ -0,0 +1 @@ +# Collect approval before authorizing a request diff --git a/examples/approvals-by-spending-limit/approve.ts b/examples/approvals-by-spending-limit/approve.ts new file mode 100644 index 000000000..561a4c68b --- /dev/null +++ b/examples/approvals-by-spending-limit/approve.ts @@ -0,0 +1,61 @@ +import { AuthClient, AuthConfig, buildSignerEip191, privateKeyToJwk } from '@narval/armory-sdk' +import { hexSchema } from '@narval/policy-engine-shared' +import 'dotenv/config' +import minimist from 'minimist' + +const main = async () => { + console.log('Starting...') + + const args = minimist(process.argv.slice(2)) + + const userType = args.user + const authId = args._[0] + + // Check if userType is provided + if (!userType) { + console.error('Please specify the user type: --user=member or --user=admin') + process.exit(1) + } + + // Check if authId is provided + if (!authId) { + console.error('Please provide the authId as the second argument') + process.exit(1) + } + + const CRED = + userType === 'admin' ? hexSchema.parse(process.env.ADMIN_USER_CRED) : hexSchema.parse(process.env.MEMBER_USER_CRED) + + const AUTH_HOST = process.env.AUTH_HOST + const AUTH_CLIENT_ID = process.env.AUTH_CLIENT_ID + + if (!AUTH_HOST || !AUTH_CLIENT_ID) { + console.error('Missing environment variables') + return + } + + const authJwk = privateKeyToJwk(CRED) + + const authConfig: AuthConfig = { + host: AUTH_HOST, + clientId: AUTH_CLIENT_ID, + signer: { + jwk: authJwk, + alg: 'EIP191', + sign: buildSignerEip191(CRED) + } + } + + const auth = new AuthClient(authConfig) + + const authRequest = await auth.getAuthorizationById(authId) + console.log('### authRequestBeforeApproval', JSON.stringify(authRequest, null, 2)) + + await auth.approve(authId) + + const approvedAuthorizationRequest = await auth.getAuthorizationById(authId) + console.log('### approvedAuthorizationRequest', JSON.stringify(approvedAuthorizationRequest, null, 2)) + console.log('Done') +} + +main().catch(console.error) diff --git a/examples/approvals-by-spending-limit/armory.account.ts b/examples/approvals-by-spending-limit/armory.account.ts new file mode 100644 index 000000000..88140bab9 --- /dev/null +++ b/examples/approvals-by-spending-limit/armory.account.ts @@ -0,0 +1,28 @@ +import { + AuthClient, + AuthConfig, + DataStoreConfig, + EntityStoreClient, + PolicyStoreClient, + VaultClient, + VaultConfig +} from '@narval-xyz/armory-sdk' + +export const armoryClient = (configs: { + auth: AuthConfig + vault: VaultConfig + entityStore: DataStoreConfig + policyStore: DataStoreConfig +}) => { + const authClient = new AuthClient(configs.auth) + const vaultClient = new VaultClient(configs.vault) + const entityStoreClient = new EntityStoreClient(configs.entityStore) + const policyStoreClient = new PolicyStoreClient(configs.policyStore) + + return { + authClient, + vaultClient, + entityStoreClient, + policyStoreClient + } +} diff --git a/examples/approvals-by-spending-limit/armory.data.ts b/examples/approvals-by-spending-limit/armory.data.ts new file mode 100644 index 000000000..c39deea40 --- /dev/null +++ b/examples/approvals-by-spending-limit/armory.data.ts @@ -0,0 +1,240 @@ +import { + AuthClient, + EntityStoreClient, + Permission, + PolicyStoreClient, + PublicKey, + VaultClient +} from '@narval-xyz/armory-sdk' +import { AccountEntity, CredentialEntity } from '@narval-xyz/armory-sdk/policy-engine-shared' +import { addressToKid, publicKeySchema } from '@narval-xyz/armory-sdk/signature' +import { + Action, + Criterion, + EntityType, + Policy, + Then, + UserEntity, + UserRole, + ValueOperators +} from '@narval/policy-engine-shared' +import { Curves, KeyTypes, SigningAlg, jwkEoaSchema, privateKeyToJwk } from '@narval/signature' +import { v4 } from 'uuid' +import { Hex } from 'viem' + +const setPolicies = async (policyStoreClient: PolicyStoreClient) => { + const policies: Policy[] = [ + { + id: v4(), + description: 'Allows admin to do anything', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.ADMIN] + } + ], + then: Then.PERMIT + }, + { + id: v4(), + description: 'Allows managers to read, create and import wallets', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.MANAGER] + }, + { + criterion: Criterion.CHECK_PERMISSION, + args: ['wallet:read', 'wallet:create', 'wallet:import'] + } + ], + then: Then.PERMIT + }, + { + id: v4(), + description: 'Allows members to read wallets', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.MEMBER] + }, + { + criterion: Criterion.CHECK_PERMISSION, + args: ['wallet:read'] + } + ], + then: Then.PERMIT + }, + { + id: 'members-can-transfer-1-eth-per-minute', + description: 'members can transfer 1 ETH', + when: [ + { + criterion: 'checkAction', + args: ['signTransaction'] + }, + { + criterion: 'checkPrincipalRole', + args: ['member'] + }, + { + criterion: 'checkIntentType', + args: ['transferNative'] + }, + { + criterion: 'checkIntentToken', + args: ['eip155:1/slip44:60'] + }, + { + criterion: 'checkSpendingLimit', + args: { + limit: '1000000000000000000', + operator: 'lt' as ValueOperators, + timeWindow: { + type: 'rolling', + value: 30 + }, + filters: { + perPrincipal: true, + tokens: ['eip155:1/slip44:60'] + } + } + } + ], + then: 'permit' + }, + { + id: 'members-can-transfer-gt-1-eth-per-minute-with-approval', + description: 'members transfers for more than 1 ETH per day requires an admin approval', + when: [ + { + criterion: 'checkAction', + args: ['signTransaction'] + }, + { + criterion: 'checkPrincipalRole', + args: ['member'] + }, + { + criterion: 'checkIntentType', + args: ['transferNative'] + }, + { + criterion: 'checkIntentToken', + args: ['eip155:1/slip44:60'] + }, + { + criterion: 'checkSpendingLimit', + args: { + limit: '1000000000000000000', + operator: 'gte' as ValueOperators, + timeWindow: { + type: 'rolling', + value: 30 + }, + filters: { + perPrincipal: true, + tokens: ['eip155:1/slip44:60'] + } + } + }, + { + criterion: 'checkApprovals', + args: [ + { + approvalCount: 1, + countPrincipal: false, + approvalEntityType: 'Narval::UserRole' as EntityType, + entityIds: ['admin'] + } + ] + } + ], + then: 'permit' + } + ] + await policyStoreClient.signAndPush(policies) +} + +export const createPublicKey = (credInput: Hex): PublicKey => { + return credInput.length === 42 + ? jwkEoaSchema.parse({ + kty: KeyTypes.EC, + crv: Curves.SECP256K1, + alg: SigningAlg.ES256K, + kid: addressToKid(credInput), + addr: credInput + }) + : publicKeySchema.parse(privateKeyToJwk(credInput, 'ES256K')) +} + +const setEntities = async ( + entityStoreClient: EntityStoreClient, + userAndCredentials: { credential: Hex; role: UserRole; id?: string }[], + accounts: AccountEntity[] +) => { + const entitiesInput = userAndCredentials.reduce( + (acc, { credential: credInput, role, id }) => { + const user: UserEntity = { + id: id || v4(), + role + } + + const publicKey = createPublicKey(credInput) + + const cred: CredentialEntity = { + id: publicKey.kid, + key: publicKey, + userId: user.id + } + + acc.users.push(user) + acc.credentials.push(cred) + + return acc + }, + { + users: [] as UserEntity[], + credentials: [] as CredentialEntity[], + accounts + } + ) + + await entityStoreClient.signAndPush(entitiesInput) +} + +export const setInitialState = async ({ + armory, + userAndCredentials +}: { + armory: { + vaultClient: VaultClient + authClient: AuthClient + entityStoreClient: EntityStoreClient + policyStoreClient: PolicyStoreClient + } + userAndCredentials: { credential: Hex; role: UserRole; id?: string }[] +}) => { + const { vaultClient, authClient, entityStoreClient, policyStoreClient } = armory + + await setPolicies(policyStoreClient) + await setEntities(entityStoreClient, userAndCredentials, []) + + const accessToken = await authClient.requestAccessToken({ + action: Action.GRANT_PERMISSION, + resourceId: 'vault', + nonce: v4(), + permissions: [Permission.WALLET_IMPORT, Permission.WALLET_CREATE, Permission.WALLET_READ] + }) + + const { account } = await vaultClient.generateWallet({ accessToken }) + + await setEntities(entityStoreClient, userAndCredentials, [ + { + id: account.id, + accountType: 'eoa', + address: account.address as Hex + } + ]) + return account +} diff --git a/examples/approvals-by-spending-limit/armory.sdk.ts b/examples/approvals-by-spending-limit/armory.sdk.ts new file mode 100644 index 000000000..64a401ea1 --- /dev/null +++ b/examples/approvals-by-spending-limit/armory.sdk.ts @@ -0,0 +1,132 @@ +import { + AuthAdminClient, + AuthConfig, + DataStoreConfig, + Hex, + VaultAdminClient, + VaultConfig, + buildSignerForAlg, + createHttpDataStore, + getPublicKey, + privateKeyToJwk +} from '@narval-xyz/armory-sdk' +import { format } from 'date-fns' +import { v4 } from 'uuid' + +const createClient = async ( + SYSTEM_MANAGER_KEY: Hex, + { + authHost, + authAdminApiKey, + vaultHost, + vaultAdminApiKey + }: { + vaultHost: string + authHost: string + authAdminApiKey: string + vaultAdminApiKey: string + } +) => { + const clientId = v4() + const authAdminClient = new AuthAdminClient({ + host: authHost, + adminApiKey: authAdminApiKey + }) + const vaultAdminClient = new VaultAdminClient({ + host: vaultHost, + adminApiKey: vaultAdminApiKey + }) + + const jwk = privateKeyToJwk(SYSTEM_MANAGER_KEY) + const publicKey = getPublicKey(jwk) + + const authClient = await authAdminClient.createClient({ + id: clientId, + name: `Armory SDK E2E test ${format(new Date(), 'dd/MM/yyyy HH:mm:ss')}`, + dataStore: createHttpDataStore({ + host: authHost, + clientId, + keys: [publicKey] + }), + useManagedDataStore: true + }) + + await vaultAdminClient.createClient({ + clientId: authClient.id, + engineJwk: authClient.policyEngine.nodes[0].publicKey + }) + + return { + clientId + } +} + +export const getArmoryConfig = async ( + SYSTEM_MANAGER_KEY: Hex, + { + authHost, + authAdminApiKey, + vaultHost, + vaultAdminApiKey + }: { + vaultHost: string + authHost: string + authAdminApiKey: string + vaultAdminApiKey: string + } +) => { + const { clientId } = await createClient(SYSTEM_MANAGER_KEY, { + authAdminApiKey, + authHost, + vaultAdminApiKey, + vaultHost + }) + + const jwk = privateKeyToJwk(SYSTEM_MANAGER_KEY) + const auth: AuthConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const vault: VaultConfig = { + host: vaultHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const entityStore: DataStoreConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const policyStore: DataStoreConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + return { + auth, + vault, + entityStore, + policyStore + } +} diff --git a/examples/approvals-by-spending-limit/package-lock.json b/examples/approvals-by-spending-limit/package-lock.json new file mode 100644 index 000000000..07cb125ef --- /dev/null +++ b/examples/approvals-by-spending-limit/package-lock.json @@ -0,0 +1,905 @@ +{ + "name": "wildcard-transactions", + "version": "1.0.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "wildcard-transactions", + "version": "1.0.0", + "license": "ISC", + "dependencies": { + "@narval-xyz/armory-sdk": "0.7.0", + "dotenv": "^16.4.5", + "minimist": "^1.2.8", + "tsx": "^4.16.2", + "viem": "^2.17.4" + }, + "devDependencies": { + "@types/minimist": "^1.2.5" + } + }, + "node_modules/@adraffy/ens-normalize": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/@adraffy/ens-normalize/-/ens-normalize-1.10.0.tgz", + "integrity": "sha512-nA9XHtlAkYfJxY7bce8DcN7eKxWWCWkU+1GR9d+U6MbNpfwQp8TI7vqOsBsMcHoT4mBu2kypKoSKnghEzOOq5Q==" + }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.23.1.tgz", + "integrity": "sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==", + "cpu": [ + "ppc64" + ], + "optional": true, + "os": [ + "aix" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.23.1.tgz", + "integrity": "sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==", + "cpu": [ + "arm" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.23.1.tgz", + "integrity": "sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.23.1.tgz", + "integrity": "sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.23.1.tgz", + "integrity": "sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.23.1.tgz", + "integrity": "sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.23.1.tgz", + "integrity": "sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.23.1.tgz", + "integrity": "sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.23.1.tgz", + "integrity": "sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==", + "cpu": [ + "arm" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.23.1.tgz", + "integrity": "sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ia32": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.23.1.tgz", + "integrity": "sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==", + "cpu": [ + "ia32" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-loong64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.23.1.tgz", + "integrity": "sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==", + "cpu": [ + "loong64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-mips64el": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.23.1.tgz", + "integrity": "sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==", + "cpu": [ + "mips64el" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ppc64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.23.1.tgz", + "integrity": "sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==", + "cpu": [ + "ppc64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-riscv64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.23.1.tgz", + "integrity": "sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==", + "cpu": [ + "riscv64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-s390x": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.23.1.tgz", + "integrity": "sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==", + "cpu": [ + "s390x" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.23.1.tgz", + "integrity": "sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.23.1.tgz", + "integrity": "sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.23.1.tgz", + "integrity": "sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.23.1.tgz", + "integrity": "sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/sunos-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.23.1.tgz", + "integrity": "sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "sunos" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.23.1.tgz", + "integrity": "sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-ia32": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.23.1.tgz", + "integrity": "sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==", + "cpu": [ + "ia32" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.23.1.tgz", + "integrity": "sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@narval-xyz/armory-sdk": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@narval-xyz/armory-sdk/-/armory-sdk-0.7.0.tgz", + "integrity": "sha512-Pzu1FcRhaO4i6dgfcBQSjvCDeYp+s/7CXbINZTS2BUpi+Lf2VsOCgCmYUuJc8dBY41g0t5rgyXufpZcmdjHPjQ==", + "dependencies": { + "@noble/curves": "1.4.0", + "axios": "1.7.2", + "jose": "5.5.0", + "lodash": "4.17.21", + "tslib": "2.6.3", + "uuid": "9.0.1", + "viem": "2.16.2", + "zod": "3.23.8" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@noble/hashes": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.2.tgz", + "integrity": "sha512-MVC8EAQp7MvEcm30KWENFjgR+Mkmf+D189XJTkFIlwohU5hcBbn1ZkKq7KVTi2Hme3PMGF390DaL52beVrIihQ==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip32": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.3.2.tgz", + "integrity": "sha512-N1ZhksgwD3OBlwTv3R6KFEcPojl/W4ElJOeCZdi+vuI5QmTFwLq3OFf2zd2ROpKvxFdgZ6hUpb0dx9bVNEwYCA==", + "dependencies": { + "@noble/curves": "~1.2.0", + "@noble/hashes": "~1.3.2", + "@scure/base": "~1.1.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip32/node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip39": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.2.1.tgz", + "integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==", + "dependencies": { + "@noble/hashes": "~1.3.0", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/abitype": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/abitype/-/abitype-1.0.4.tgz", + "integrity": "sha512-UivtYZOGJGE8rsrM/N5vdRkUpqEZVmuTumfTuolm7m/6O09wprd958rx8kUBwVAAAhQDveGAgD0GJdBuR8s6tw==", + "funding": { + "url": "https://github.com/sponsors/wevm" + }, + "peerDependencies": { + "typescript": ">=5.0.4", + "zod": "^3 >=3.22.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + }, + "zod": { + "optional": true + } + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/viem": { + "version": "2.16.2", + "resolved": "https://registry.npmjs.org/viem/-/viem-2.16.2.tgz", + "integrity": "sha512-qor3v1cJFR3jcPtcJxPbKfKURAH2agNf2IWZIaSReV6teNLERiu4Sr7kbqpkIeTAEpiDCVQwg336M+mub1m+pg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@adraffy/ens-normalize": "1.10.0", + "@noble/curves": "1.2.0", + "@noble/hashes": "1.3.2", + "@scure/bip32": "1.3.2", + "@scure/bip39": "1.2.1", + "abitype": "1.0.4", + "isows": "1.0.4", + "ws": "8.17.1" + }, + "peerDependencies": { + "typescript": ">=5.0.4" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/viem/node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.4.0.tgz", + "integrity": "sha512-p+4cb332SFCrReJkCYe8Xzm0OWi4Jji5jVdIZRL/PmacmDkFNw6MrrV+gGpiPxLHbV+zKFRywUWbaseT+tZRXg==", + "dependencies": { + "@noble/hashes": "1.4.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/hashes": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.4.0.tgz", + "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/base": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@scure/base/-/base-1.1.7.tgz", + "integrity": "sha512-PPNYBslrLNNUQ/Yad37MHYsNQtK67EhWb6WtSvNLLPo7SdVZgkUjD6Dg+5On7zNwmskf8OX7I7Nx5oN+MIWE0g==", + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip32": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.4.0.tgz", + "integrity": "sha512-sVUpc0Vq3tXCkDGYVWGIZTRfnvu8LoTDaev7vbwh0omSvVORONr960MQWdKqJDCReIEmTj3PAr73O3aoxz7OPg==", + "dependencies": { + "@noble/curves": "~1.4.0", + "@noble/hashes": "~1.4.0", + "@scure/base": "~1.1.6" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip39": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.3.0.tgz", + "integrity": "sha512-disdg7gHuTDZtY+ZdkmLpPCk7fxZSu3gBiEGuoC1XYxv9cGx3Z6cpTggCgW6odSOOIXCiDjuGejW+aJKCY/pIQ==", + "dependencies": { + "@noble/hashes": "~1.4.0", + "@scure/base": "~1.1.6" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@types/minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/@types/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-hov8bUuiLiyFPGyFPE1lwWhmzYbirOXQNNo40+y3zow8aFVTeyn3VWL0VFFfdNddA8S4Vf0Tc062rzyNr7Paag==", + "dev": true + }, + "node_modules/abitype": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/abitype/-/abitype-1.0.5.tgz", + "integrity": "sha512-YzDhti7cjlfaBhHutMaboYB21Ha3rXR9QTkNJFzYC4kC8YclaiwPBBBJY8ejFdu2wnJeZCVZSMlQJ7fi8S6hsw==", + "funding": { + "url": "https://github.com/sponsors/wevm" + }, + "peerDependencies": { + "typescript": ">=5.0.4", + "zod": "^3 >=3.22.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + }, + "zod": { + "optional": true + } + } + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" + }, + "node_modules/axios": { + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "integrity": "sha512-2A8QhOMrbomlDuiLeK9XibIBzuHeRcqqNOHp0Cyp5EoJ1IFDh+XZH3A6BkXtv0K4gFGCI0Y4BM7B1wOEi0Rmgw==", + "dependencies": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dependencies": { + "delayed-stream": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/dotenv": { + "version": "16.4.5", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://dotenvx.com" + } + }, + "node_modules/esbuild": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.23.1.tgz", + "integrity": "sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==", + "hasInstallScript": true, + "bin": { + "esbuild": "bin/esbuild" + }, + "engines": { + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.23.1", + "@esbuild/android-arm": "0.23.1", + "@esbuild/android-arm64": "0.23.1", + "@esbuild/android-x64": "0.23.1", + "@esbuild/darwin-arm64": "0.23.1", + "@esbuild/darwin-x64": "0.23.1", + "@esbuild/freebsd-arm64": "0.23.1", + "@esbuild/freebsd-x64": "0.23.1", + "@esbuild/linux-arm": "0.23.1", + "@esbuild/linux-arm64": "0.23.1", + "@esbuild/linux-ia32": "0.23.1", + "@esbuild/linux-loong64": "0.23.1", + "@esbuild/linux-mips64el": "0.23.1", + "@esbuild/linux-ppc64": "0.23.1", + "@esbuild/linux-riscv64": "0.23.1", + "@esbuild/linux-s390x": "0.23.1", + "@esbuild/linux-x64": "0.23.1", + "@esbuild/netbsd-x64": "0.23.1", + "@esbuild/openbsd-arm64": "0.23.1", + "@esbuild/openbsd-x64": "0.23.1", + "@esbuild/sunos-x64": "0.23.1", + "@esbuild/win32-arm64": "0.23.1", + "@esbuild/win32-ia32": "0.23.1", + "@esbuild/win32-x64": "0.23.1" + } + }, + "node_modules/follow-redirects": { + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", + "funding": [ + { + "type": "individual", + "url": "https://github.com/sponsors/RubenVerborgh" + } + ], + "engines": { + "node": ">=4.0" + }, + "peerDependenciesMeta": { + "debug": { + "optional": true + } + } + }, + "node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/fsevents": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "hasInstallScript": true, + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^8.16.0 || ^10.6.0 || >=11.0.0" + } + }, + "node_modules/get-tsconfig": { + "version": "4.7.6", + "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.7.6.tgz", + "integrity": "sha512-ZAqrLlu18NbDdRaHq+AKXzAmqIUPswPWKUchfytdAjiRFnCe5ojG2bstg6mRiZabkKfCoL/e98pbBELIV/YCeA==", + "dependencies": { + "resolve-pkg-maps": "^1.0.0" + }, + "funding": { + "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1" + } + }, + "node_modules/isows": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/isows/-/isows-1.0.4.tgz", + "integrity": "sha512-hEzjY+x9u9hPmBom9IIAqdJCwNLax+xrPb51vEPpERoFlIxgmZcHzsT5jKG06nvInKOBGvReAVz80Umed5CczQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wagmi-dev" + } + ], + "peerDependencies": { + "ws": "*" + } + }, + "node_modules/jose": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/jose/-/jose-5.5.0.tgz", + "integrity": "sha512-DUPr/1kYXbuqYpkCj9r66+B4SGCKXCLQ5ZbKCgmn4sJveJqcwNqWtAR56u4KPmpXjrmBO2uNuLdEAEiqIhFNBg==", + "funding": { + "url": "https://github.com/sponsors/panva" + } + }, + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, + "node_modules/resolve-pkg-maps": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/resolve-pkg-maps/-/resolve-pkg-maps-1.0.0.tgz", + "integrity": "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==", + "funding": { + "url": "https://github.com/privatenumber/resolve-pkg-maps?sponsor=1" + } + }, + "node_modules/tslib": { + "version": "2.6.3", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "integrity": "sha512-xNvxJEOUiWPGhUuUdQgAJPKOOJfGnIyKySOc09XkKsgdUV/3E2zvwZYdejjmRgPCgcym1juLH3226yA7sEFJKQ==" + }, + "node_modules/tsx": { + "version": "4.17.0", + "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.17.0.tgz", + "integrity": "sha512-eN4mnDA5UMKDt4YZixo9tBioibaMBpoxBkD+rIPAjVmYERSG0/dWEY1CEFuV89CgASlKL499q8AhmkMnnjtOJg==", + "dependencies": { + "esbuild": "~0.23.0", + "get-tsconfig": "^4.7.5" + }, + "bin": { + "tsx": "dist/cli.mjs" + }, + "engines": { + "node": ">=18.0.0" + }, + "optionalDependencies": { + "fsevents": "~2.3.3" + } + }, + "node_modules/uuid": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/viem": { + "version": "2.19.8", + "resolved": "https://registry.npmjs.org/viem/-/viem-2.19.8.tgz", + "integrity": "sha512-2SkT6kHgp1MZnPl+fJ8kT2Eozv2tOuri30DI5dSnOecJpvachZY5PdgCdvXw7AUZCwNUkLX9ZEpKqyhqjQoUPg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@adraffy/ens-normalize": "1.10.0", + "@noble/curves": "1.4.0", + "@noble/hashes": "1.4.0", + "@scure/bip32": "1.4.0", + "@scure/bip39": "1.3.0", + "abitype": "1.0.5", + "isows": "1.0.4", + "webauthn-p256": "0.0.5", + "ws": "8.17.1" + }, + "peerDependencies": { + "typescript": ">=5.0.4" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/webauthn-p256": { + "version": "0.0.5", + "resolved": "https://registry.npmjs.org/webauthn-p256/-/webauthn-p256-0.0.5.tgz", + "integrity": "sha512-drMGNWKdaixZNobeORVIqq7k5DsRC9FnG201K2QjeOoQLmtSDaSsVZdkg6n5jUALJKcAG++zBPJXmv6hy0nWFg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@noble/curves": "^1.4.0", + "@noble/hashes": "^1.4.0" + } + }, + "node_modules/ws": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, + "node_modules/zod": { + "version": "3.23.8", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.23.8.tgz", + "integrity": "sha512-XBx9AXhXktjUqnepgTiE5flcKIYWi/rme0Eaj+5Y0lftuGBq+jyRu/md4WnuxqgP1ubdpNCsYEYPxrzVHD8d6g==", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } + } + } +} diff --git a/examples/approvals-by-spending-limit/package.json b/examples/approvals-by-spending-limit/package.json new file mode 100644 index 000000000..54d9a2a2d --- /dev/null +++ b/examples/approvals-by-spending-limit/package.json @@ -0,0 +1,25 @@ +{ + "name": "approvals-by-spending-limit", + "version": "1.0.0", + "description": "A typescript example to setup and use the armory stack with approvals by spending limit", + "main": "index.js", + "scripts": { + "setup": "tsx setup.ts", + "transfer-admin": "tsx transfer.ts --user=admin", + "transfer-member": "tsx transfer.ts --user=member", + "approve-admin": "tsx approve.ts --user=admin", + "approve-member": "tsx approve.ts --user=member" + }, + "author": "", + "license": "ISC", + "dependencies": { + "@narval-xyz/armory-sdk": "0.7.0", + "dotenv": "^16.4.5", + "minimist": "^1.2.8", + "tsx": "^4.16.2", + "viem": "^2.17.4" + }, + "devDependencies": { + "@types/minimist": "^1.2.5" + } +} \ No newline at end of file diff --git a/examples/approvals-by-spending-limit/setup.ts b/examples/approvals-by-spending-limit/setup.ts new file mode 100644 index 000000000..b1f9022db --- /dev/null +++ b/examples/approvals-by-spending-limit/setup.ts @@ -0,0 +1,100 @@ +/* eslint-disable no-console */ +import { Hex } from '@narval-xyz/armory-sdk' +import { hexSchema } from '@narval-xyz/armory-sdk/policy-engine-shared' +import { privateKeyToHex } from '@narval-xyz/armory-sdk/signature' +import 'dotenv/config' +import fs from 'fs' +import { armoryClient } from './armory.account' +import { setInitialState } from './armory.data' +import { getArmoryConfig } from './armory.sdk' + +const main = async () => { + console.log('Starting...') + + const SYSTEM_MANAGER_KEY = hexSchema.parse(process.env.SYSTEM_MANAGER_KEY?.toLowerCase()) + const vaultHost = process.env.VAULT_HOST + const authHost = process.env.AUTH_HOST + const vaultAdminApiKey = process.env.VAULT_API_KEY + const authAdminApiKey = process.env.AUTH_API_KEY + + if (!vaultAdminApiKey || !authHost || !authAdminApiKey || !vaultHost) { + throw new Error('Missing configuration') + } + const config = await getArmoryConfig(SYSTEM_MANAGER_KEY, { + vaultAdminApiKey, + vaultHost, + authAdminApiKey, + authHost + }) + const armory = armoryClient(config) + + const ADMIN_USER_ADDR = hexSchema.parse(process.env.ADMIN_USER_ADDR).toLowerCase() + const MEMBER_USER_ADDR = hexSchema.parse(process.env.MEMBER_USER_ADDR).toLowerCase() + const { address: signerAddress } = await setInitialState({ + armory, + userAndCredentials: [ + { credential: ADMIN_USER_ADDR as Hex, role: 'admin' }, + { credential: MEMBER_USER_ADDR as Hex, role: 'member' }, + { credential: SYSTEM_MANAGER_KEY, role: 'manager' } + ] + }) + + const vaultSigner = await privateKeyToHex(config.vault.signer.jwk) + const authSigner = await privateKeyToHex(config.auth.signer.jwk) + + if (!config.entityStore.signer || !config.policyStore.signer) { + throw new Error('Missing signer configuration') + } + const entitySigner = await privateKeyToHex(config.entityStore.signer?.jwk) + const policySigner = await privateKeyToHex(config.policyStore.signer?.jwk) + + const envVariables = { + VAULT_CLIENT_ID: config.vault.clientId, + VAULT_SIGNER: vaultSigner, + AUTH_CLIENT_ID: config.auth.clientId, + AUTH_SIGNER: authSigner, + ENTITY_HOST: 'http://localhost:3005', + ENTITY_CLIENT_ID: config.entityStore.clientId, + ENTITY_SIGNER: entitySigner, + POLICY_HOST: 'http://localhost:3005', + POLICY_CLIENT_ID: config.policyStore.clientId, + POLICY_SIGNER: policySigner, + SIGNER_ADDRESS: signerAddress + } + + // Load the existing .env file if it exists + let existingEnvContent = '' + if (fs.existsSync('.env')) { + existingEnvContent = fs.readFileSync('.env', 'utf-8') + } + + // Split the existing content into lines and create a key-value map + const existingEnv = existingEnvContent.split('\n').reduce( + (acc, line) => { + const [key, value] = line.split('=') + if (key && value !== undefined) { + acc[key] = value + } + return acc + }, + {} as Record + ) + + // Update or add new variables + for (const [key, value] of Object.entries(envVariables)) { + existingEnv[key] = value + } + + // Convert the map back to the .env file format + const newEnvContent = Object.entries(existingEnv) + .map(([key, value]) => `${key}=${value}`) + .join('\n') + + // Write the updated content back to the .env file + fs.writeFileSync('.env', newEnvContent) + console.log('Environment variables have been updated in the .env file') + + console.log('Finished') +} + +main().catch(console.error) diff --git a/examples/approvals-by-spending-limit/transfer.ts b/examples/approvals-by-spending-limit/transfer.ts new file mode 100644 index 000000000..656e9c371 --- /dev/null +++ b/examples/approvals-by-spending-limit/transfer.ts @@ -0,0 +1,143 @@ +import { + AuthClient, + AuthConfig, + buildSignerEip191, + privateKeyToJwk, + Request, + resourceId, + TransactionRequest, + VaultClient, + VaultConfig +} from '@narval/armory-sdk' +import { Decision, hexSchema } from '@narval/policy-engine-shared' +import 'dotenv/config' +import minimist from 'minimist' +import { v4 } from 'uuid' + +const transactionRequest = { + from: '0x084e6A5e3442D348BA5e149E362846BE6fcf2E9E', + to: '0x9c874A1034275f4Aa960f141265e9bF86a5b1334', + chainId: 1, + value: '0x429D069189E0000', // 0.3 ETH + gas: 123n, + maxFeePerGas: 789n, + maxPriorityFeePerGas: 456n, + nonce: 193 +} as TransactionRequest + +const main = async () => { + console.log('Starting...') + + const args = minimist(process.argv.slice(2)) + const userType = args.user + + if (!userType) { + console.error('Please specify the user type: --user=member or --user=admin') + process.exit(1) + } + + const CRED = + userType === 'admin' ? hexSchema.parse(process.env.ADMIN_USER_CRED) : hexSchema.parse(process.env.MEMBER_USER_CRED) + const VAULT_HOST = process.env.VAULT_HOST + const VAULT_CLIENT_ID = process.env.VAULT_CLIENT_ID + + const AUTH_HOST = process.env.AUTH_HOST + const AUTH_CLIENT_ID = process.env.AUTH_CLIENT_ID + + if (!VAULT_HOST || !VAULT_CLIENT_ID || !AUTH_HOST || !AUTH_CLIENT_ID) { + console.error('Missing environment variables') + return + } + + const authJwk = privateKeyToJwk(CRED) + const vaultJwk = privateKeyToJwk(CRED) + + const authSigner = buildSignerEip191(CRED) + const vaultSigner = buildSignerEip191(CRED) + + const authConfig: AuthConfig = { + host: AUTH_HOST, + clientId: AUTH_CLIENT_ID, + signer: { + jwk: authJwk, + alg: 'EIP191', + sign: authSigner + } + } + + const vaultConfig: VaultConfig = { + host: VAULT_HOST, + clientId: VAULT_CLIENT_ID, + signer: { + jwk: vaultJwk, + alg: 'EIP191', + sign: vaultSigner + } + } + const auth = new AuthClient(authConfig) + const authId = args._[0] + const signerAddress = hexSchema.parse(process.env.SIGNER_ADDRESS) + const nonce = v4() + const request: Request = { + action: 'signTransaction', + resourceId: resourceId(signerAddress), + transactionRequest, + nonce + } + + if (authId) { + console.log('Checking auth request...') + const authRequest = await auth.getAuthorizationById(authId) + + switch (authRequest.status) { + case 'APPROVING': { + console.log( + 'Request is waiting for approvals', + JSON.stringify(auth.findApprovalRequirements(authRequest), null, 2) + ) + break + } + case 'PERMITTED': { + const vault = new VaultClient(vaultConfig) + const accessToken = await auth.getAccessToken(authId) + const res = await vault.sign({ + data: Request.parse(authRequest.request), + accessToken + }) + console.log('This is your signed transaction', JSON.stringify(res, null, 2)) + break + } + default: { + console.log('Handle other statuses as you see fit', JSON.stringify(authRequest, null, 2)) + } + } + } else { + const response = await auth.authorize(request, { + id: v4() + }) + + switch (response.decision) { + case Decision.PERMIT: { + const vault = new VaultClient(vaultConfig) + const res = await vault.sign({ + data: request, + accessToken: response.accessToken + }) + console.log('This is your signed transaction', JSON.stringify(res, null, 2)) + break + } + case Decision.CONFIRM: { + console.log('Request needs approvals', JSON.stringify(response, null, 2)) + break + } + case Decision.FORBID: { + console.error('Unauthorized') + console.log('Response', response) + } + } + } + + console.log('Done') +} + +main().catch(console.error) diff --git a/examples/approvals-by-spending-limit/tsconfig.json b/examples/approvals-by-spending-limit/tsconfig.json new file mode 100644 index 000000000..c32bd409c --- /dev/null +++ b/examples/approvals-by-spending-limit/tsconfig.json @@ -0,0 +1,105 @@ +{ + "extends": "../../tsconfig.base.json", + // TODO @ptroger: remove this when all the new functionality implemented in the examples is exposed in the sdk. + // Then no need to import from monorepo anymore. + + "compilerOptions": { + /* Visit https://aka.ms/tsconfig to read more about this file */ + /* Projects */ + // "incremental": true, /* Save .tsbuildinfo files to allow for incremental compilation of projects. */ + // "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */ + // "tsBuildInfoFile": "./.tsbuildinfo", /* Specify the path to .tsbuildinfo incremental compilation file. */ + // "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects. */ + // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */ + // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ + /* Language and Environment */ + "target": "ES2022" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */, + // "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ + // "jsx": "preserve", /* Specify what JSX code is generated. */ + // "experimentalDecorators": true, /* Enable experimental support for legacy experimental decorators. */ + // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */ + // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h'. */ + // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */ + // "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using 'jsx: react-jsx*'. */ + // "reactNamespace": "", /* Specify the object invoked for 'createElement'. This only applies when targeting 'react' JSX emit. */ + // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ + // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ + // "moduleDetection": "auto", /* Control what method is used to detect module-format JS files. */ + /* Modules */ + "module": "ES2022" /* Specify what module code is generated. */, + // "rootDir": "./", /* Specify the root folder within your source files. */ + "moduleResolution": "Node" /* Specify how TypeScript looks up a file from a given module specifier. */, + // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ + // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ + // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ + // "typeRoots": [], /* Specify multiple folders that act like './node_modules/@types'. */ + // "types": [], /* Specify type package names to be included without being referenced in a source file. */ + // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */ + // "moduleSuffixes": [], /* List of file name suffixes to search when resolving a module. */ + // "allowImportingTsExtensions": true, /* Allow imports to include TypeScript file extensions. Requires '--moduleResolution bundler' and either '--noEmit' or '--emitDeclarationOnly' to be set. */ + // "resolvePackageJsonExports": true, /* Use the package.json 'exports' field when resolving package imports. */ + // "resolvePackageJsonImports": true, /* Use the package.json 'imports' field when resolving imports. */ + // "customConditions": [], /* Conditions to set in addition to the resolver-specific defaults when resolving imports. */ + // "resolveJsonModule": true, /* Enable importing .json files. */ + // "allowArbitraryExtensions": true, /* Enable importing files with any extension, provided a declaration file is present. */ + // "noResolve": true, /* Disallow 'import's, 'require's or ''s from expanding the number of files TypeScript should add to a project. */ + /* JavaScript Support */ + // "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the 'checkJS' option to get errors from these files. */ + // "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */ + // "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from 'node_modules'. Only applicable with 'allowJs'. */ + /* Emit */ + // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ + // "declarationMap": true, /* Create sourcemaps for d.ts files. */ + // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */ + // "sourceMap": true, /* Create source map files for emitted JavaScript files. */ + // "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */ + // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */ + // "outDir": "./", /* Specify an output folder for all emitted files. */ + // "removeComments": true, /* Disable emitting comments. */ + // "noEmit": true, /* Disable emitting files from a compilation. */ + // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */ + // "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types. */ + // "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */ + // "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */ + // "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */ + // "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */ + // "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */ + // "newLine": "crlf", /* Set the newline character for emitting files. */ + // "stripInternal": true, /* Disable emitting declarations that have '@internal' in their JSDoc comments. */ + // "noEmitHelpers": true, /* Disable generating custom helper functions like '__extends' in compiled output. */ + // "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */ + // "preserveConstEnums": true, /* Disable erasing 'const enum' declarations in generated code. */ + // "declarationDir": "./", /* Specify the output directory for generated declaration files. */ + // "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */ + /* Interop Constraints */ + // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */ + // "verbatimModuleSyntax": true, /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */ + // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ + "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */, + // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */ + "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */, + /* Type Checking */ + "strict": true /* Enable all strict type-checking options. */, + // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied 'any' type. */ + // "strictNullChecks": true, /* When type checking, take into account 'null' and 'undefined'. */ + // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */ + // "strictBindCallApply": true, /* Check that the arguments for 'bind', 'call', and 'apply' methods match the original function. */ + // "strictPropertyInitialization": true, /* Check for class properties that are declared but not set in the constructor. */ + // "noImplicitThis": true, /* Enable error reporting when 'this' is given the type 'any'. */ + // "useUnknownInCatchVariables": true, /* Default catch clause variables as 'unknown' instead of 'any'. */ + // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */ + // "noUnusedLocals": true, /* Enable error reporting when local variables aren't read. */ + // "noUnusedParameters": true, /* Raise an error when a function parameter isn't read. */ + // "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */ + // "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */ + // "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */ + // "noUncheckedIndexedAccess": true, /* Add 'undefined' to a type when accessed using an index. */ + // "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */ + // "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type. */ + // "allowUnusedLabels": true, /* Disable error reporting for unused labels. */ + // "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */ + /* Completeness */ + // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */ + "skipLibCheck": true /* Skip type checking all .d.ts files. */ + } +} diff --git a/examples/rate-limit/.env.default b/examples/rate-limit/.env.default new file mode 100644 index 000000000..7dd1a6d96 --- /dev/null +++ b/examples/rate-limit/.env.default @@ -0,0 +1,9 @@ +ADMIN_USER_ADDR= +MEMBER_USER_ADDR= +SYSTEM_MANAGER_KEY= +MEMBER_USER_CRED= + +AUTH_HOST="http://localhost:3005" +VAULT_HOST="http://localhost:3011" +AUTH_API_KEY="armory-admin-api-key" +VAULT_API_KEY="vault-admin-api-key" diff --git a/examples/rate-limit/README.md b/examples/rate-limit/README.md new file mode 100644 index 000000000..52c248d73 --- /dev/null +++ b/examples/rate-limit/README.md @@ -0,0 +1 @@ +# Use historical values to rate limit members diff --git a/examples/rate-limit/armory.account.ts b/examples/rate-limit/armory.account.ts new file mode 100644 index 000000000..88140bab9 --- /dev/null +++ b/examples/rate-limit/armory.account.ts @@ -0,0 +1,28 @@ +import { + AuthClient, + AuthConfig, + DataStoreConfig, + EntityStoreClient, + PolicyStoreClient, + VaultClient, + VaultConfig +} from '@narval-xyz/armory-sdk' + +export const armoryClient = (configs: { + auth: AuthConfig + vault: VaultConfig + entityStore: DataStoreConfig + policyStore: DataStoreConfig +}) => { + const authClient = new AuthClient(configs.auth) + const vaultClient = new VaultClient(configs.vault) + const entityStoreClient = new EntityStoreClient(configs.entityStore) + const policyStoreClient = new PolicyStoreClient(configs.policyStore) + + return { + authClient, + vaultClient, + entityStoreClient, + policyStoreClient + } +} diff --git a/examples/rate-limit/armory.data.ts b/examples/rate-limit/armory.data.ts new file mode 100644 index 000000000..af6ff29c4 --- /dev/null +++ b/examples/rate-limit/armory.data.ts @@ -0,0 +1,163 @@ +import { + AuthClient, + EntityStoreClient, + Permission, + PolicyStoreClient, + PublicKey, + VaultClient +} from '@narval-xyz/armory-sdk' +import { AccountEntity, CredentialEntity } from '@narval-xyz/armory-sdk/policy-engine-shared' +import { addressToKid, publicKeySchema } from '@narval-xyz/armory-sdk/signature' +import { Action, Criterion, Policy, Then, UserEntity, UserRole } from '@narval/policy-engine-shared' +import { Curves, KeyTypes, SigningAlg, jwkEoaSchema, privateKeyToJwk } from '@narval/signature' +import { v4 } from 'uuid' +import { Hex } from 'viem' + +const setPolicies = async (policyStoreClient: PolicyStoreClient) => { + const policies: Policy[] = [ + { + id: v4(), + description: 'Allows admin to do anything', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.ADMIN] + } + ], + then: Then.PERMIT + }, + { + id: v4(), + description: 'Allows managers to read, create and import wallets', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.MANAGER] + }, + { + criterion: Criterion.CHECK_PERMISSION, + args: ['wallet:read', 'wallet:create', 'wallet:import'] + } + ], + then: Then.PERMIT + }, + { + id: v4(), + description: 'Allows members to read wallets', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.MEMBER] + }, + { + criterion: Criterion.CHECK_PERMISSION, + args: ['wallet:read'] + } + ], + then: Then.PERMIT + }, + { + id: v4(), + description: 'Forbid member to transferNative more than 3 times', + when: [ + { + criterion: Criterion.CHECK_PRINCIPAL_ROLE, + args: [UserRole.MEMBER] + }, + { + criterion: Criterion.CHECK_INTENT_TYPE, + args: ['transferNative'] + }, + { + criterion: Criterion.CHECK_RATE_LIMIT, + args: { limit: 2, filters: { perPrincipal: true } } + } + ], + then: Then.PERMIT + } + ] + await policyStoreClient.signAndPush(policies) +} + +export const createPublicKey = (credInput: Hex): PublicKey => { + return credInput.length === 42 + ? jwkEoaSchema.parse({ + kty: KeyTypes.EC, + crv: Curves.SECP256K1, + alg: SigningAlg.ES256K, + kid: addressToKid(credInput), + addr: credInput + }) + : publicKeySchema.parse(privateKeyToJwk(credInput, 'ES256K')) +} + +const setEntities = async ( + entityStoreClient: EntityStoreClient, + userAndCredentials: { credential: Hex; role: UserRole; id?: string }[], + accounts: AccountEntity[] +) => { + const entitiesInput = userAndCredentials.reduce( + (acc, { credential: credInput, role, id }) => { + const user: UserEntity = { + id: id || v4(), + role + } + + const publicKey = createPublicKey(credInput) + + const cred: CredentialEntity = { + id: publicKey.kid, + key: publicKey, + userId: user.id + } + + acc.users.push(user) + acc.credentials.push(cred) + + return acc + }, + { + users: [] as UserEntity[], + credentials: [] as CredentialEntity[], + accounts + } + ) + + await entityStoreClient.signAndPush(entitiesInput) +} + +export const setInitialState = async ({ + armory, + userAndCredentials +}: { + armory: { + vaultClient: VaultClient + authClient: AuthClient + entityStoreClient: EntityStoreClient + policyStoreClient: PolicyStoreClient + } + userAndCredentials: { credential: Hex; role: UserRole; id?: string }[] +}) => { + const { vaultClient, authClient, entityStoreClient, policyStoreClient } = armory + + await setPolicies(policyStoreClient) + await setEntities(entityStoreClient, userAndCredentials, []) + + const accessToken = await authClient.requestAccessToken({ + action: Action.GRANT_PERMISSION, + resourceId: 'vault', + nonce: v4(), + permissions: [Permission.WALLET_IMPORT, Permission.WALLET_CREATE, Permission.WALLET_READ] + }) + + const { account } = await vaultClient.generateWallet({ accessToken }) + + await setEntities(entityStoreClient, userAndCredentials, [ + { + id: account.id, + accountType: 'eoa', + address: account.address as Hex + } + ]) + return account +} diff --git a/examples/rate-limit/armory.sdk.ts b/examples/rate-limit/armory.sdk.ts new file mode 100644 index 000000000..64a401ea1 --- /dev/null +++ b/examples/rate-limit/armory.sdk.ts @@ -0,0 +1,132 @@ +import { + AuthAdminClient, + AuthConfig, + DataStoreConfig, + Hex, + VaultAdminClient, + VaultConfig, + buildSignerForAlg, + createHttpDataStore, + getPublicKey, + privateKeyToJwk +} from '@narval-xyz/armory-sdk' +import { format } from 'date-fns' +import { v4 } from 'uuid' + +const createClient = async ( + SYSTEM_MANAGER_KEY: Hex, + { + authHost, + authAdminApiKey, + vaultHost, + vaultAdminApiKey + }: { + vaultHost: string + authHost: string + authAdminApiKey: string + vaultAdminApiKey: string + } +) => { + const clientId = v4() + const authAdminClient = new AuthAdminClient({ + host: authHost, + adminApiKey: authAdminApiKey + }) + const vaultAdminClient = new VaultAdminClient({ + host: vaultHost, + adminApiKey: vaultAdminApiKey + }) + + const jwk = privateKeyToJwk(SYSTEM_MANAGER_KEY) + const publicKey = getPublicKey(jwk) + + const authClient = await authAdminClient.createClient({ + id: clientId, + name: `Armory SDK E2E test ${format(new Date(), 'dd/MM/yyyy HH:mm:ss')}`, + dataStore: createHttpDataStore({ + host: authHost, + clientId, + keys: [publicKey] + }), + useManagedDataStore: true + }) + + await vaultAdminClient.createClient({ + clientId: authClient.id, + engineJwk: authClient.policyEngine.nodes[0].publicKey + }) + + return { + clientId + } +} + +export const getArmoryConfig = async ( + SYSTEM_MANAGER_KEY: Hex, + { + authHost, + authAdminApiKey, + vaultHost, + vaultAdminApiKey + }: { + vaultHost: string + authHost: string + authAdminApiKey: string + vaultAdminApiKey: string + } +) => { + const { clientId } = await createClient(SYSTEM_MANAGER_KEY, { + authAdminApiKey, + authHost, + vaultAdminApiKey, + vaultHost + }) + + const jwk = privateKeyToJwk(SYSTEM_MANAGER_KEY) + const auth: AuthConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const vault: VaultConfig = { + host: vaultHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const entityStore: DataStoreConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + const policyStore: DataStoreConfig = { + host: authHost, + clientId, + signer: { + jwk, + alg: 'ES256K', + sign: await buildSignerForAlg(jwk) + } + } + + return { + auth, + vault, + entityStore, + policyStore + } +} diff --git a/examples/rate-limit/package-lock.json b/examples/rate-limit/package-lock.json new file mode 100644 index 000000000..07cb125ef --- /dev/null +++ b/examples/rate-limit/package-lock.json @@ -0,0 +1,905 @@ +{ + "name": "wildcard-transactions", + "version": "1.0.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "wildcard-transactions", + "version": "1.0.0", + "license": "ISC", + "dependencies": { + "@narval-xyz/armory-sdk": "0.7.0", + "dotenv": "^16.4.5", + "minimist": "^1.2.8", + "tsx": "^4.16.2", + "viem": "^2.17.4" + }, + "devDependencies": { + "@types/minimist": "^1.2.5" + } + }, + "node_modules/@adraffy/ens-normalize": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/@adraffy/ens-normalize/-/ens-normalize-1.10.0.tgz", + "integrity": "sha512-nA9XHtlAkYfJxY7bce8DcN7eKxWWCWkU+1GR9d+U6MbNpfwQp8TI7vqOsBsMcHoT4mBu2kypKoSKnghEzOOq5Q==" + }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.23.1.tgz", + "integrity": "sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==", + "cpu": [ + "ppc64" + ], + "optional": true, + "os": [ + "aix" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.23.1.tgz", + "integrity": "sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==", + "cpu": [ + "arm" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.23.1.tgz", + "integrity": "sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.23.1.tgz", + "integrity": "sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.23.1.tgz", + "integrity": "sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.23.1.tgz", + "integrity": "sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.23.1.tgz", + "integrity": "sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.23.1.tgz", + "integrity": "sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.23.1.tgz", + "integrity": "sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==", + "cpu": [ + "arm" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.23.1.tgz", + "integrity": "sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ia32": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.23.1.tgz", + "integrity": "sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==", + "cpu": [ + "ia32" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-loong64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.23.1.tgz", + "integrity": "sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==", + "cpu": [ + "loong64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-mips64el": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.23.1.tgz", + "integrity": "sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==", + "cpu": [ + "mips64el" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ppc64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.23.1.tgz", + "integrity": "sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==", + "cpu": [ + "ppc64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-riscv64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.23.1.tgz", + "integrity": "sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==", + "cpu": [ + "riscv64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-s390x": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.23.1.tgz", + "integrity": "sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==", + "cpu": [ + "s390x" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.23.1.tgz", + "integrity": "sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.23.1.tgz", + "integrity": "sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.23.1.tgz", + "integrity": "sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.23.1.tgz", + "integrity": "sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/sunos-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.23.1.tgz", + "integrity": "sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "sunos" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-arm64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.23.1.tgz", + "integrity": "sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-ia32": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.23.1.tgz", + "integrity": "sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==", + "cpu": [ + "ia32" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-x64": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.23.1.tgz", + "integrity": "sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@narval-xyz/armory-sdk": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@narval-xyz/armory-sdk/-/armory-sdk-0.7.0.tgz", + "integrity": "sha512-Pzu1FcRhaO4i6dgfcBQSjvCDeYp+s/7CXbINZTS2BUpi+Lf2VsOCgCmYUuJc8dBY41g0t5rgyXufpZcmdjHPjQ==", + "dependencies": { + "@noble/curves": "1.4.0", + "axios": "1.7.2", + "jose": "5.5.0", + "lodash": "4.17.21", + "tslib": "2.6.3", + "uuid": "9.0.1", + "viem": "2.16.2", + "zod": "3.23.8" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@noble/hashes": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.2.tgz", + "integrity": "sha512-MVC8EAQp7MvEcm30KWENFjgR+Mkmf+D189XJTkFIlwohU5hcBbn1ZkKq7KVTi2Hme3PMGF390DaL52beVrIihQ==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip32": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.3.2.tgz", + "integrity": "sha512-N1ZhksgwD3OBlwTv3R6KFEcPojl/W4ElJOeCZdi+vuI5QmTFwLq3OFf2zd2ROpKvxFdgZ6hUpb0dx9bVNEwYCA==", + "dependencies": { + "@noble/curves": "~1.2.0", + "@noble/hashes": "~1.3.2", + "@scure/base": "~1.1.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip32/node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/@scure/bip39": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.2.1.tgz", + "integrity": "sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==", + "dependencies": { + "@noble/hashes": "~1.3.0", + "@scure/base": "~1.1.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/abitype": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/abitype/-/abitype-1.0.4.tgz", + "integrity": "sha512-UivtYZOGJGE8rsrM/N5vdRkUpqEZVmuTumfTuolm7m/6O09wprd958rx8kUBwVAAAhQDveGAgD0GJdBuR8s6tw==", + "funding": { + "url": "https://github.com/sponsors/wevm" + }, + "peerDependencies": { + "typescript": ">=5.0.4", + "zod": "^3 >=3.22.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + }, + "zod": { + "optional": true + } + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/viem": { + "version": "2.16.2", + "resolved": "https://registry.npmjs.org/viem/-/viem-2.16.2.tgz", + "integrity": "sha512-qor3v1cJFR3jcPtcJxPbKfKURAH2agNf2IWZIaSReV6teNLERiu4Sr7kbqpkIeTAEpiDCVQwg336M+mub1m+pg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@adraffy/ens-normalize": "1.10.0", + "@noble/curves": "1.2.0", + "@noble/hashes": "1.3.2", + "@scure/bip32": "1.3.2", + "@scure/bip39": "1.2.1", + "abitype": "1.0.4", + "isows": "1.0.4", + "ws": "8.17.1" + }, + "peerDependencies": { + "typescript": ">=5.0.4" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/@narval-xyz/armory-sdk/node_modules/viem/node_modules/@noble/curves": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", + "integrity": "sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw==", + "dependencies": { + "@noble/hashes": "1.3.2" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/curves": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.4.0.tgz", + "integrity": "sha512-p+4cb332SFCrReJkCYe8Xzm0OWi4Jji5jVdIZRL/PmacmDkFNw6MrrV+gGpiPxLHbV+zKFRywUWbaseT+tZRXg==", + "dependencies": { + "@noble/hashes": "1.4.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@noble/hashes": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.4.0.tgz", + "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/base": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@scure/base/-/base-1.1.7.tgz", + "integrity": "sha512-PPNYBslrLNNUQ/Yad37MHYsNQtK67EhWb6WtSvNLLPo7SdVZgkUjD6Dg+5On7zNwmskf8OX7I7Nx5oN+MIWE0g==", + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip32": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@scure/bip32/-/bip32-1.4.0.tgz", + "integrity": "sha512-sVUpc0Vq3tXCkDGYVWGIZTRfnvu8LoTDaev7vbwh0omSvVORONr960MQWdKqJDCReIEmTj3PAr73O3aoxz7OPg==", + "dependencies": { + "@noble/curves": "~1.4.0", + "@noble/hashes": "~1.4.0", + "@scure/base": "~1.1.6" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@scure/bip39": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@scure/bip39/-/bip39-1.3.0.tgz", + "integrity": "sha512-disdg7gHuTDZtY+ZdkmLpPCk7fxZSu3gBiEGuoC1XYxv9cGx3Z6cpTggCgW6odSOOIXCiDjuGejW+aJKCY/pIQ==", + "dependencies": { + "@noble/hashes": "~1.4.0", + "@scure/base": "~1.1.6" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "node_modules/@types/minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/@types/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-hov8bUuiLiyFPGyFPE1lwWhmzYbirOXQNNo40+y3zow8aFVTeyn3VWL0VFFfdNddA8S4Vf0Tc062rzyNr7Paag==", + "dev": true + }, + "node_modules/abitype": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/abitype/-/abitype-1.0.5.tgz", + "integrity": "sha512-YzDhti7cjlfaBhHutMaboYB21Ha3rXR9QTkNJFzYC4kC8YclaiwPBBBJY8ejFdu2wnJeZCVZSMlQJ7fi8S6hsw==", + "funding": { + "url": "https://github.com/sponsors/wevm" + }, + "peerDependencies": { + "typescript": ">=5.0.4", + "zod": "^3 >=3.22.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + }, + "zod": { + "optional": true + } + } + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" + }, + "node_modules/axios": { + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "integrity": "sha512-2A8QhOMrbomlDuiLeK9XibIBzuHeRcqqNOHp0Cyp5EoJ1IFDh+XZH3A6BkXtv0K4gFGCI0Y4BM7B1wOEi0Rmgw==", + "dependencies": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dependencies": { + "delayed-stream": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/dotenv": { + "version": "16.4.5", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://dotenvx.com" + } + }, + "node_modules/esbuild": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.23.1.tgz", + "integrity": "sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==", + "hasInstallScript": true, + "bin": { + "esbuild": "bin/esbuild" + }, + "engines": { + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.23.1", + "@esbuild/android-arm": "0.23.1", + "@esbuild/android-arm64": "0.23.1", + "@esbuild/android-x64": "0.23.1", + "@esbuild/darwin-arm64": "0.23.1", + "@esbuild/darwin-x64": "0.23.1", + "@esbuild/freebsd-arm64": "0.23.1", + "@esbuild/freebsd-x64": "0.23.1", + "@esbuild/linux-arm": "0.23.1", + "@esbuild/linux-arm64": "0.23.1", + "@esbuild/linux-ia32": "0.23.1", + "@esbuild/linux-loong64": "0.23.1", + "@esbuild/linux-mips64el": "0.23.1", + "@esbuild/linux-ppc64": "0.23.1", + "@esbuild/linux-riscv64": "0.23.1", + "@esbuild/linux-s390x": "0.23.1", + "@esbuild/linux-x64": "0.23.1", + "@esbuild/netbsd-x64": "0.23.1", + "@esbuild/openbsd-arm64": "0.23.1", + "@esbuild/openbsd-x64": "0.23.1", + "@esbuild/sunos-x64": "0.23.1", + "@esbuild/win32-arm64": "0.23.1", + "@esbuild/win32-ia32": "0.23.1", + "@esbuild/win32-x64": "0.23.1" + } + }, + "node_modules/follow-redirects": { + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", + "funding": [ + { + "type": "individual", + "url": "https://github.com/sponsors/RubenVerborgh" + } + ], + "engines": { + "node": ">=4.0" + }, + "peerDependenciesMeta": { + "debug": { + "optional": true + } + } + }, + "node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/fsevents": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", + "hasInstallScript": true, + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^8.16.0 || ^10.6.0 || >=11.0.0" + } + }, + "node_modules/get-tsconfig": { + "version": "4.7.6", + "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.7.6.tgz", + "integrity": "sha512-ZAqrLlu18NbDdRaHq+AKXzAmqIUPswPWKUchfytdAjiRFnCe5ojG2bstg6mRiZabkKfCoL/e98pbBELIV/YCeA==", + "dependencies": { + "resolve-pkg-maps": "^1.0.0" + }, + "funding": { + "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1" + } + }, + "node_modules/isows": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/isows/-/isows-1.0.4.tgz", + "integrity": "sha512-hEzjY+x9u9hPmBom9IIAqdJCwNLax+xrPb51vEPpERoFlIxgmZcHzsT5jKG06nvInKOBGvReAVz80Umed5CczQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wagmi-dev" + } + ], + "peerDependencies": { + "ws": "*" + } + }, + "node_modules/jose": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/jose/-/jose-5.5.0.tgz", + "integrity": "sha512-DUPr/1kYXbuqYpkCj9r66+B4SGCKXCLQ5ZbKCgmn4sJveJqcwNqWtAR56u4KPmpXjrmBO2uNuLdEAEiqIhFNBg==", + "funding": { + "url": "https://github.com/sponsors/panva" + } + }, + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, + "node_modules/resolve-pkg-maps": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/resolve-pkg-maps/-/resolve-pkg-maps-1.0.0.tgz", + "integrity": "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==", + "funding": { + "url": "https://github.com/privatenumber/resolve-pkg-maps?sponsor=1" + } + }, + "node_modules/tslib": { + "version": "2.6.3", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "integrity": "sha512-xNvxJEOUiWPGhUuUdQgAJPKOOJfGnIyKySOc09XkKsgdUV/3E2zvwZYdejjmRgPCgcym1juLH3226yA7sEFJKQ==" + }, + "node_modules/tsx": { + "version": "4.17.0", + "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.17.0.tgz", + "integrity": "sha512-eN4mnDA5UMKDt4YZixo9tBioibaMBpoxBkD+rIPAjVmYERSG0/dWEY1CEFuV89CgASlKL499q8AhmkMnnjtOJg==", + "dependencies": { + "esbuild": "~0.23.0", + "get-tsconfig": "^4.7.5" + }, + "bin": { + "tsx": "dist/cli.mjs" + }, + "engines": { + "node": ">=18.0.0" + }, + "optionalDependencies": { + "fsevents": "~2.3.3" + } + }, + "node_modules/uuid": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/viem": { + "version": "2.19.8", + "resolved": "https://registry.npmjs.org/viem/-/viem-2.19.8.tgz", + "integrity": "sha512-2SkT6kHgp1MZnPl+fJ8kT2Eozv2tOuri30DI5dSnOecJpvachZY5PdgCdvXw7AUZCwNUkLX9ZEpKqyhqjQoUPg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@adraffy/ens-normalize": "1.10.0", + "@noble/curves": "1.4.0", + "@noble/hashes": "1.4.0", + "@scure/bip32": "1.4.0", + "@scure/bip39": "1.3.0", + "abitype": "1.0.5", + "isows": "1.0.4", + "webauthn-p256": "0.0.5", + "ws": "8.17.1" + }, + "peerDependencies": { + "typescript": ">=5.0.4" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, + "node_modules/webauthn-p256": { + "version": "0.0.5", + "resolved": "https://registry.npmjs.org/webauthn-p256/-/webauthn-p256-0.0.5.tgz", + "integrity": "sha512-drMGNWKdaixZNobeORVIqq7k5DsRC9FnG201K2QjeOoQLmtSDaSsVZdkg6n5jUALJKcAG++zBPJXmv6hy0nWFg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/wevm" + } + ], + "dependencies": { + "@noble/curves": "^1.4.0", + "@noble/hashes": "^1.4.0" + } + }, + "node_modules/ws": { + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, + "node_modules/zod": { + "version": "3.23.8", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.23.8.tgz", + "integrity": "sha512-XBx9AXhXktjUqnepgTiE5flcKIYWi/rme0Eaj+5Y0lftuGBq+jyRu/md4WnuxqgP1ubdpNCsYEYPxrzVHD8d6g==", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } + } + } +} diff --git a/examples/rate-limit/package.json b/examples/rate-limit/package.json new file mode 100644 index 000000000..8ee4d582f --- /dev/null +++ b/examples/rate-limit/package.json @@ -0,0 +1,23 @@ +{ + "name": "rate-limit-example", + "version": "1.0.0", + "description": "A typescript example to setup and use the armory stack to rate limit transactions", + "main": "index.js", + "scripts": { + "setup": "tsx setup.ts", + "transfer-admin": "tsx transfer.ts --user=admin", + "transfer-member": "tsx transfer.ts --user=member" + }, + "author": "", + "license": "ISC", + "dependencies": { + "@narval-xyz/armory-sdk": "0.7.0", + "dotenv": "^16.4.5", + "minimist": "^1.2.8", + "tsx": "^4.16.2", + "viem": "^2.17.4" + }, + "devDependencies": { + "@types/minimist": "^1.2.5" + } +} diff --git a/examples/rate-limit/setup.ts b/examples/rate-limit/setup.ts new file mode 100644 index 000000000..b1f9022db --- /dev/null +++ b/examples/rate-limit/setup.ts @@ -0,0 +1,100 @@ +/* eslint-disable no-console */ +import { Hex } from '@narval-xyz/armory-sdk' +import { hexSchema } from '@narval-xyz/armory-sdk/policy-engine-shared' +import { privateKeyToHex } from '@narval-xyz/armory-sdk/signature' +import 'dotenv/config' +import fs from 'fs' +import { armoryClient } from './armory.account' +import { setInitialState } from './armory.data' +import { getArmoryConfig } from './armory.sdk' + +const main = async () => { + console.log('Starting...') + + const SYSTEM_MANAGER_KEY = hexSchema.parse(process.env.SYSTEM_MANAGER_KEY?.toLowerCase()) + const vaultHost = process.env.VAULT_HOST + const authHost = process.env.AUTH_HOST + const vaultAdminApiKey = process.env.VAULT_API_KEY + const authAdminApiKey = process.env.AUTH_API_KEY + + if (!vaultAdminApiKey || !authHost || !authAdminApiKey || !vaultHost) { + throw new Error('Missing configuration') + } + const config = await getArmoryConfig(SYSTEM_MANAGER_KEY, { + vaultAdminApiKey, + vaultHost, + authAdminApiKey, + authHost + }) + const armory = armoryClient(config) + + const ADMIN_USER_ADDR = hexSchema.parse(process.env.ADMIN_USER_ADDR).toLowerCase() + const MEMBER_USER_ADDR = hexSchema.parse(process.env.MEMBER_USER_ADDR).toLowerCase() + const { address: signerAddress } = await setInitialState({ + armory, + userAndCredentials: [ + { credential: ADMIN_USER_ADDR as Hex, role: 'admin' }, + { credential: MEMBER_USER_ADDR as Hex, role: 'member' }, + { credential: SYSTEM_MANAGER_KEY, role: 'manager' } + ] + }) + + const vaultSigner = await privateKeyToHex(config.vault.signer.jwk) + const authSigner = await privateKeyToHex(config.auth.signer.jwk) + + if (!config.entityStore.signer || !config.policyStore.signer) { + throw new Error('Missing signer configuration') + } + const entitySigner = await privateKeyToHex(config.entityStore.signer?.jwk) + const policySigner = await privateKeyToHex(config.policyStore.signer?.jwk) + + const envVariables = { + VAULT_CLIENT_ID: config.vault.clientId, + VAULT_SIGNER: vaultSigner, + AUTH_CLIENT_ID: config.auth.clientId, + AUTH_SIGNER: authSigner, + ENTITY_HOST: 'http://localhost:3005', + ENTITY_CLIENT_ID: config.entityStore.clientId, + ENTITY_SIGNER: entitySigner, + POLICY_HOST: 'http://localhost:3005', + POLICY_CLIENT_ID: config.policyStore.clientId, + POLICY_SIGNER: policySigner, + SIGNER_ADDRESS: signerAddress + } + + // Load the existing .env file if it exists + let existingEnvContent = '' + if (fs.existsSync('.env')) { + existingEnvContent = fs.readFileSync('.env', 'utf-8') + } + + // Split the existing content into lines and create a key-value map + const existingEnv = existingEnvContent.split('\n').reduce( + (acc, line) => { + const [key, value] = line.split('=') + if (key && value !== undefined) { + acc[key] = value + } + return acc + }, + {} as Record + ) + + // Update or add new variables + for (const [key, value] of Object.entries(envVariables)) { + existingEnv[key] = value + } + + // Convert the map back to the .env file format + const newEnvContent = Object.entries(existingEnv) + .map(([key, value]) => `${key}=${value}`) + .join('\n') + + // Write the updated content back to the .env file + fs.writeFileSync('.env', newEnvContent) + console.log('Environment variables have been updated in the .env file') + + console.log('Finished') +} + +main().catch(console.error) diff --git a/examples/rate-limit/transfer.ts b/examples/rate-limit/transfer.ts new file mode 100644 index 000000000..7a1a71f45 --- /dev/null +++ b/examples/rate-limit/transfer.ts @@ -0,0 +1,145 @@ +import { buildSignerEip191, privateKeyToJwk, Request, resourceId, TransactionRequest } from '@narval-xyz/armory-sdk' +import { hexSchema } from '@narval-xyz/armory-sdk/policy-engine-shared' +import { buildSignerEs256k } from '@narval-xyz/armory-sdk/signature' +import 'dotenv/config' +import minimist from 'minimist' +import { v4 } from 'uuid' +import { armoryClient } from './armory.account' + +const transactionRequest = { + from: '0x084e6A5e3442D348BA5e149E362846BE6fcf2E9E', + to: '0x9c874A1034275f4Aa960f141265e9bF86a5b1334', + chainId: 137, + value: '0x01', + data: '0x00000000', + type: '2', + gas: 123n, + maxFeePerGas: 789n, + maxPriorityFeePerGas: 456n, + nonce: 193 +} as TransactionRequest + +const main = async () => { + console.log('Starting...') + + const args = minimist(process.argv.slice(2)) + const userType = args.user + + // Check if userType is provided + if (!userType) { + console.error('Please specify the user type: --user=member or --user=admin') + process.exit(1) + } + const CRED = + userType === 'admin' ? hexSchema.parse(process.env.ADMIN_USER_CRED) : hexSchema.parse(process.env.MEMBER_USER_CRED) + const VAULT_HOST = process.env.VAULT_HOST + const VAULT_CLIENT_ID = process.env.VAULT_CLIENT_ID + + const AUTH_HOST = process.env.AUTH_HOST + const AUTH_CLIENT_ID = process.env.AUTH_CLIENT_ID + + const ENTITY_HOST = process.env.ENTITY_HOST + const ENTITY_SIGNER = hexSchema.parse(process.env.ENTITY_SIGNER) + const ENTITY_CLIENT_ID = process.env.ENTITY_CLIENT_ID + const ENTITY_CLIENT_SECRET = process.env.ENTITY_CLIENT_SECRET + + const POLICY_HOST = process.env.POLICY_HOST + const POLICY_SIGNER = hexSchema.parse(process.env.POLICY_SIGNER) + const POLICY_CLIENT_ID = process.env.POLICY_CLIENT_ID + const POLICY_CLIENT_SECRET = process.env.POLICY_CLIENT_SECRET + + if ( + !VAULT_HOST || + !VAULT_CLIENT_ID || + !AUTH_HOST || + !AUTH_CLIENT_ID || + !ENTITY_HOST || + !ENTITY_CLIENT_ID || + !POLICY_HOST || + !POLICY_CLIENT_ID + ) { + console.error('Missing environment variables') + return + } + + const authJwk = privateKeyToJwk(CRED) + const vaultJwk = privateKeyToJwk(CRED) + const entityJwk = privateKeyToJwk(ENTITY_SIGNER) + const policyJwk = privateKeyToJwk(POLICY_SIGNER) + + const authSigner = buildSignerEip191(CRED) + const vaultSigner = buildSignerEip191(CRED) + const entitySigner = buildSignerEs256k(ENTITY_SIGNER) + const policySigner = buildSignerEs256k(POLICY_SIGNER) + + const authAlg = 'EIP191' as 'EIP191' + const vaultAlg = 'EIP191' as 'EIP191' + const entityAlg = 'ES256K' as 'ES256K' + const policyAlg = 'ES256K' as 'ES256K' + + const config = { + auth: { + host: AUTH_HOST, + clientId: AUTH_CLIENT_ID, + signer: { + jwk: authJwk, + alg: authAlg, + sign: authSigner + } + }, + vault: { + host: VAULT_HOST, + clientId: VAULT_CLIENT_ID, + signer: { + jwk: vaultJwk, + alg: vaultAlg, + sign: vaultSigner + } + }, + entityStore: { + host: ENTITY_HOST, + clientId: ENTITY_CLIENT_ID, + signer: { + jwk: entityJwk, + alg: entityAlg, + sign: entitySigner + }, + clientSecret: ENTITY_CLIENT_SECRET + }, + policyStore: { + host: POLICY_HOST, + clientId: POLICY_CLIENT_ID, + signer: { + jwk: policyJwk, + alg: policyAlg, + sign: policySigner + }, + clientSecret: POLICY_CLIENT_SECRET + } + } + + const armory = armoryClient(config) + const signerAddress = hexSchema.parse(process.env.SIGNER_ADDRESS) + + const nonce = v4() + const request: Request = { + action: 'signTransaction', + resourceId: resourceId(signerAddress), + transactionRequest, + nonce + } + + const accessToken = await armory.authClient.requestAccessToken(request, { + id: v4() + }) + + const res = await armory.vaultClient.sign({ + data: request, + accessToken + }) + + console.log('res', res) + console.log('Finished') +} + +main().catch(console.error) diff --git a/examples/rate-limit/tsconfig.json b/examples/rate-limit/tsconfig.json new file mode 100644 index 000000000..c32bd409c --- /dev/null +++ b/examples/rate-limit/tsconfig.json @@ -0,0 +1,105 @@ +{ + "extends": "../../tsconfig.base.json", + // TODO @ptroger: remove this when all the new functionality implemented in the examples is exposed in the sdk. + // Then no need to import from monorepo anymore. + + "compilerOptions": { + /* Visit https://aka.ms/tsconfig to read more about this file */ + /* Projects */ + // "incremental": true, /* Save .tsbuildinfo files to allow for incremental compilation of projects. */ + // "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */ + // "tsBuildInfoFile": "./.tsbuildinfo", /* Specify the path to .tsbuildinfo incremental compilation file. */ + // "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects. */ + // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */ + // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ + /* Language and Environment */ + "target": "ES2022" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */, + // "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ + // "jsx": "preserve", /* Specify what JSX code is generated. */ + // "experimentalDecorators": true, /* Enable experimental support for legacy experimental decorators. */ + // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */ + // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h'. */ + // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */ + // "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using 'jsx: react-jsx*'. */ + // "reactNamespace": "", /* Specify the object invoked for 'createElement'. This only applies when targeting 'react' JSX emit. */ + // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ + // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ + // "moduleDetection": "auto", /* Control what method is used to detect module-format JS files. */ + /* Modules */ + "module": "ES2022" /* Specify what module code is generated. */, + // "rootDir": "./", /* Specify the root folder within your source files. */ + "moduleResolution": "Node" /* Specify how TypeScript looks up a file from a given module specifier. */, + // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ + // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ + // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ + // "typeRoots": [], /* Specify multiple folders that act like './node_modules/@types'. */ + // "types": [], /* Specify type package names to be included without being referenced in a source file. */ + // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */ + // "moduleSuffixes": [], /* List of file name suffixes to search when resolving a module. */ + // "allowImportingTsExtensions": true, /* Allow imports to include TypeScript file extensions. Requires '--moduleResolution bundler' and either '--noEmit' or '--emitDeclarationOnly' to be set. */ + // "resolvePackageJsonExports": true, /* Use the package.json 'exports' field when resolving package imports. */ + // "resolvePackageJsonImports": true, /* Use the package.json 'imports' field when resolving imports. */ + // "customConditions": [], /* Conditions to set in addition to the resolver-specific defaults when resolving imports. */ + // "resolveJsonModule": true, /* Enable importing .json files. */ + // "allowArbitraryExtensions": true, /* Enable importing files with any extension, provided a declaration file is present. */ + // "noResolve": true, /* Disallow 'import's, 'require's or ''s from expanding the number of files TypeScript should add to a project. */ + /* JavaScript Support */ + // "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the 'checkJS' option to get errors from these files. */ + // "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */ + // "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from 'node_modules'. Only applicable with 'allowJs'. */ + /* Emit */ + // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ + // "declarationMap": true, /* Create sourcemaps for d.ts files. */ + // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */ + // "sourceMap": true, /* Create source map files for emitted JavaScript files. */ + // "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */ + // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */ + // "outDir": "./", /* Specify an output folder for all emitted files. */ + // "removeComments": true, /* Disable emitting comments. */ + // "noEmit": true, /* Disable emitting files from a compilation. */ + // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */ + // "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types. */ + // "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */ + // "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */ + // "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */ + // "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */ + // "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */ + // "newLine": "crlf", /* Set the newline character for emitting files. */ + // "stripInternal": true, /* Disable emitting declarations that have '@internal' in their JSDoc comments. */ + // "noEmitHelpers": true, /* Disable generating custom helper functions like '__extends' in compiled output. */ + // "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */ + // "preserveConstEnums": true, /* Disable erasing 'const enum' declarations in generated code. */ + // "declarationDir": "./", /* Specify the output directory for generated declaration files. */ + // "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */ + /* Interop Constraints */ + // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */ + // "verbatimModuleSyntax": true, /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */ + // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ + "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */, + // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */ + "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */, + /* Type Checking */ + "strict": true /* Enable all strict type-checking options. */, + // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied 'any' type. */ + // "strictNullChecks": true, /* When type checking, take into account 'null' and 'undefined'. */ + // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */ + // "strictBindCallApply": true, /* Check that the arguments for 'bind', 'call', and 'apply' methods match the original function. */ + // "strictPropertyInitialization": true, /* Check for class properties that are declared but not set in the constructor. */ + // "noImplicitThis": true, /* Enable error reporting when 'this' is given the type 'any'. */ + // "useUnknownInCatchVariables": true, /* Default catch clause variables as 'unknown' instead of 'any'. */ + // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */ + // "noUnusedLocals": true, /* Enable error reporting when local variables aren't read. */ + // "noUnusedParameters": true, /* Raise an error when a function parameter isn't read. */ + // "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */ + // "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */ + // "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */ + // "noUncheckedIndexedAccess": true, /* Add 'undefined' to a type when accessed using an index. */ + // "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */ + // "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type. */ + // "allowUnusedLabels": true, /* Disable error reporting for unused labels. */ + // "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */ + /* Completeness */ + // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */ + "skipLibCheck": true /* Skip type checking all .d.ts files. */ + } +}