.gitignore

@@ -185,7 +185,7 @@ poetry.toml
 pyrightconfig.json
 
 ### VisualStudioCode ###
-.vscode/*
+.vscode/
 
 # Local History for Visual Studio Code
 .history/
@@ -230,5 +230,7 @@ storage_root-node
 
 # Ignore lock files in examples
 /examples/ts/**/pnpm-lock.yaml
+# Ignore directory holding browser extention binaries to verify external signers (like Hive Keychain)
+/examples/ts/signature-extension/__tests__/extensions
 
 .DS_Store
\ No newline at end of file

.gitlab-ci.yml

@@ -6,7 +6,7 @@ stages:
 
 include:
   - project: 'hive/common-ci-configuration'
-    ref: 5806284d3c6feb2ce52bdb6077c20a9a578bb643
+    ref: 590bfd88a491efba5a39571bc2c82ffbabda2ec8
     file:
       - '/templates/npm_projects.gitlab-ci.yml'
       - '/templates/wasm_build.gitlab-ci.yml'
@@ -16,7 +16,7 @@ variables:
   GIT_DEPTH: 0
   GIT_STRATEGY: clone
   # only build steps needs to have access to the hive submodule
-  GIT_SUBMODULE_STRATEGY: none
+  GIT_SUBMODULE_STRATEGY: normal
   # uses registry.gitlab.syncad.com/hive/wax/ci-base-image:ubuntu22.04-3
   CI_BASE_IMAGE_TAG: "@sha256:f263bfa8a0ea40a29d99d147601171fb6320c447abc8f3ab1e9082cd51a2254a"
   CI_BASE_IMAGE: "registry.gitlab.syncad.com/hive/wax/ci-base-image${CI_BASE_IMAGE_TAG}"
@@ -79,6 +79,7 @@ wax_wasm_proto_tsc_generation:
     when: always
     paths:
       - "${DIST_DIR}/*.tgz"  # Built package
+      - "${SOURCE_DIR}/packages/*/dist"
       - "${REPLACE_FILE_PATH}"  # Modified README
       - "${CI_PROJECT_DIR}/ts/wasm/lib/proto" # For documentation generator
       - "${CI_PROJECT_DIR}/ts/wasm/lib/build_wasm" # For documentation generator

core/foundation.cpp

@@ -269,6 +269,38 @@ private_key_data foundation::cpp_generate_private_key(const std::string& account
   );
 }
 
+std::string foundation::cpp_convert_raw_private_key_to_wif(const std::string& hexData)
+{
+  FC_ASSERT(hexData.size() == 64 && "Expected hex string pointing 32 byte buffer");
+
+  fc::sha256 sharedSecret(hexData);
+
+  return fc::ecc::private_key::regenerate(sharedSecret).key_to_wif();
+}
+
+std::string foundation::cpp_convert_raw_public_key_to_wif(const std::string& hexData)
+{
+  if(hexData.size() == 2 * sizeof(fc::ecc::public_key_data))
+  {
+    /// compressed form
+    fc::ecc::public_key_data keyData;
+    detail::convert_from_hex(hexData, keyData);
+
+    return fc::ecc::public_key::to_base58_with_prefix(keyData, HIVE_ADDRESS_PREFIX);
+
+  }
+  else
+  {
+    FC_ASSERT(hexData.size() == 2 * sizeof(fc::ecc::public_key_point_data), "Invalid size of raw public key buffer: ${s}", ("s", (hexData.size())));
+    /// uncompressed form
+    fc::ecc::public_key_point_data keyData;
+    detail::convert_from_hex(hexData, keyData);
+
+    fc::ecc::public_key key(keyData);
+    return key.to_base58_with_prefix(HIVE_ADDRESS_PREFIX);
+  }
+}
+
 brain_key_data foundation::cpp_suggest_brain_key()
 {
   return cpp::safe_exception_wrapper(

core/foundation.hpp

@@ -15,8 +15,16 @@ public:
 
   result cpp_calculate_public_key(const std::string& wif);
   result cpp_generate_private_key();
-
   private_key_data cpp_generate_private_key(const std::string& account, const std::string& role, const std::string& password);
+  /** Allows to convert 32 bytes data buffer expressed as hex string (pointing private key secret) into private key encoded as WIF format.
+  */
+  std::string cpp_convert_raw_private_key_to_wif(const std::string& hexData);
+
+  /** Allows to convert raw public key form (expressed as hex string) into Hive WIF format (with prefix).
+  *   \param hexData - depending on length compressed or uncompressed key format is chosen
+  */
+  std::string cpp_convert_raw_public_key_to_wif(const std::string& hexData);
+
   brain_key_data cpp_suggest_brain_key();
 
   /** Returns map of hive::protocol constants in form:

examples/ts/signature-extension/.npmrc

+# https://gitlab.syncad.com/hive group specification, offering aggregated package view: https://gitlab.syncad.com/groups/hive/-/packages
+@hiveio:registry=https://gitlab.syncad.com/api/v4/groups/136/-/packages/npm/

examples/ts/signature-extension/.parcelrc

+{
+  "extends": "@parcel/config-default",
+  "transformers": {
+    "*.{ts,tsx}": ["@parcel/transformer-typescript-tsc"]
+  }
+}
\ No newline at end of file

examples/ts/signature-extension/README.md

+# signature-extension
+
+> [!WARNING]
+> This example will not be ran automatically on the CI as it requires direct user action, e.g. OAuth 3rd party app Hive blockchain user authorization
+
+This example presents different ways of implementing 3rd party apps authorization using wax
+
+To test this example:
+
+1. Install keychain extension
+2. Import `guest4test` posting key to your wallet
+3. Install dependencies: `pnpm install`
+4. Run parcel: `pnpm test`
+5. Goto [http://localhost:1234](http://localhost:1234), sign the transaction and check logs

examples/ts/signature-extension/common-data.ts

+export const accountName = "guest4test";
+export const publicKey = "STM8XQJiRBND7q6Cu1kxyRgLVLU3y1B5iGFU5VAqSpaAK38YFGZP8";
+export const privateKey = process.env.PRIVATE_KEY as string;
+
+export const voteData = {
+  voter: accountName,
+  author: "c0ff33a",
+  permlink: "ewxhnjbj",
+  weight: 2200
+};

examples/ts/signature-extension/package.json

+{
+  "name": "signature-extension",
+  "version": "1.0.0",
+  "type": "module",
+  "scripts": {
+    "test": "parcel test/index.html"
+  },
+  "dependencies": {
+    "@hiveio/wax": "file:../../../ts",
+    "@hiveio/wax-signers-keychain": "file:../../../ts/packages/signers-keychain",
+    "@hiveio/wax-signers-peakvault": "file:../../../ts/packages/signers-peakvault"
+  },
+  "devDependencies": {
+    "@parcel/config-default": "^2.13.3",
+    "@parcel/transformer-typescript-tsc": "^2.13.3",
+    "buffer": "^5.5.0||^6.0.0",
+    "parcel": "^2.13.3",
+    "process": "^0.11.10"
+  }
+}

examples/ts/signature-extension/test/index.html

+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+</head>
+<body>
+  <h1>Signing example</h1>
+  <h3>Remember to unlock Peak Vault before using it</h3>
+  <button onclick="useKeychain()">Use Keychain</button>
+  <button onclick="usePeakVault()">Use Peak Vault</button>
+  <pre><code id="tx-result"></code></pre>
+  <script type="module">
+    import { createHiveChain } from "@hiveio/wax";
+    import { accountName, publicKey, voteData } from "../common-data";
+    import KeychainProvider from "@hiveio/wax-signers-keychain";
+    import PeakVaultProvider from "@hiveio/wax-signers-peakvault";
+
+    const txResult = document.getElementById('tx-result');
+
+    (async()=> {
+      const keychainProvider = KeychainProvider.for(accountName, "posting");
+      const peakVaultProvider = PeakVaultProvider.for(accountName, "posting");
+
+      const chain = await createHiveChain();
+
+      const createTransaction = async () => {
+        txResult.textContent = 'Signing...';
+        const tx = await chain.createTransaction();
+        tx.pushOperation({
+          vote: voteData
+        });
+        console.log(tx.transaction);
+        console.log(`Sig digest: ${tx.sigDigest}`);
+        return tx;
+      };
+
+      const sign = async (provider) => {
+        try {
+          const tx = await createTransaction();
+          await tx.sign(provider);
+          const apiJson = tx.toApiJson();
+          console.log('Transaction:', apiJson);
+          console.log(`Keys match: ${tx.signatureKeys[0] === publicKey}`);
+          txResult.textContent = JSON.stringify(apiJson, null, 2);
+        } catch (error) {
+          console.error(error);
+          txResult.textContent = `Error: ${error.message}`;
+        }
+      };
+
+      window.useKeychain = () => void sign(keychainProvider);
+      window.usePeakVault = () => void sign(peakVaultProvider);
+    })();
+  </script>
+</body>
+</html>

examples/ts/signature-extension/tsconfig.json

+{
+  "extends": "../../../ts/tsconfig.json",
+  "compilerOptions": {
+    "rootDir": ".",
+    "baseUrl": ".",
+    "outDir": "dist"
+  },
+  "include": [
+    "."
+  ]
+}
\ No newline at end of file

ts/README.md

@@ -187,54 +187,6 @@ const manaTime = await chain.calculateManabarFullRegenerationTimeForAccount("ini
 console.info(manaTime); // Date
 ```
 
-#### Extend API interface and call custom endpoints
-
-In this example we will extend the base Wax endpoints and create our classes with validators
-in order to use the [transaction_status_api.find_transaction](https://developers.hive.io/apidefinitions/#transaction_status_api.find_transaction) API:
-
-```ts
-import { IsHexadecimal, IsDateString, IsString } from 'class-validator';
-import { createHiveChain, TWaxExtended } from '@hiveio/wax';
-const chain = await createHiveChain();
-
-// https://developers.hive.io/apidefinitions/#transaction_status_api.find_transaction-parameter_json
-// Create a request class with validators that will require a valid input from the end user
-class FindTransactionRequest {
-  @IsHexadecimal()
-  public transaction_id!: string;
-
-  @IsDateString()
-  public expiration!: string;
-}
-
-// https://developers.hive.io/apidefinitions/#transaction_status_api.find_transaction-expected_response_json
-// Create a response class with validators that will require a valid output from the remote API
-class FindTransactionResponse {
-  @IsString()
-  public status!: 'unknown' | string;
-}
-
-// Create the proper API structure
-const ExtendedApi = {
-  transaction_status_api: { // API
-    find_transaction: { // Method
-      params: FindTransactionRequest, // params is our request
-      result: FindTransactionResponse // result is out response
-    }
-  }
-};
-
-const extended: TWaxExtended<typeof ExtendedApi> = chain.extend(ExtendedApi);
-
-// Call the transaction_status_api API using our extended interface
-const result = await extended.api.transaction_status_api.find_transaction({
-  transaction_id: "0000000000000000000000000000000000000000",
-  expiration: "2016-03-24T18:00:21"
-});
-
-console.info(result); // { status: 'unknown' }
-```
-
 #### Extend API interface using interfaces only and call custom endpoints
 
 In this example we will extend the base Wax endpoints without creating any validators.
@@ -275,42 +227,6 @@ const result = await extended.api.transaction_status_api.find_transaction({
 console.info(result); // { status: 'unknown' }
 ```
 
-#### Extend REST API interface and call custom endpoints
-
-In this example we will extend REST API Wax endpoints and create our classes with validators
-in order to use the [hafah_endpoints.get_transaction](https://api.syncad.com/?urls.primaryName=HAfAH#/Transactions/hafah_endpoints.get_transaction) API:
-
-```ts
-import { IsHexadecimal } from 'class-validator';
-import { createHiveChain, TWaxRestExtended } from '@hiveio/wax';
-const chain = await createHiveChain();
-
-class TransactionByIdRequest {
-  @IsHexadecimal()
-  public transactionId!: string;
-}
-
-// Create the proper API structure
-const ExtendedRestApi = {
-  'hafah-api': { // API type - structure-like - pushed to the query path during call
-    transactions: { // method name - also pushed to the query path during call
-      byId: { // next query path to be added. It will be replaced though due to the urlPath property defined
-        params: TransactionByIdRequest, // params is our request
-        result: Number, // result is our response (Number is a NumberConstructor - we cannot use number as a type in this context, so we pass NumberConstructor as a value)
-        urlPath: "{transactionId}" // url that will replace `byId`. We have `{}` format syntax here, so it means data from `params` matching given property names will be replaced in braces
-      }
-    }
-  }
-};
-
-const extended: TWaxRestExtended<typeof ExtendedRestApi> = chain.extendRest(ExtendedRestApi);
-
-// Call the REST API using our extended interface
-const result = await await extended.restApi['hafah-api'].transactions.byId({ transactionId: "954f6de36e6715d128fa8eb5a053fc254b05ded0" });
-
-console.info(result); // URL response from "https://api.syncad.com/hafah-api/transactions/954f6de36e6715d128fa8eb5a053fc254b05ded0"
-```
-
 #### Extend REST API interface using interfaces only and call custom endpoints
 
 In this example we will extend the REST API Wax endpoints without creating any validators.

npm-common-config @ 590bfd88

-Subproject commit 5806284d3c6feb2ce52bdb6077c20a9a578bb643
+Subproject commit 590bfd88a491efba5a39571bc2c82ffbabda2ec8

ts/package.json

@@ -71,8 +71,6 @@
     "@types/express": "^5.0.0",
     "@types/express-http-proxy": "^1.6.6",
     "@types/node": "^22.10.6",
-    "class-transformer": "^0.5.1",
-    "class-validator": "^0.14.0",
     "cors": "^2.8.5",
     "express": "^4.21.2",
     "express-http-proxy": "^2.1.1",
@@ -81,7 +79,7 @@
     "npm-run-all": "^4.1.5",
     "playwright": "catalog:playwright-toolset",
     "protobufjs": "catalog:proto-toolset",
-    "reflect-metadata": "^0.1.13",
+    "reflect-metadata": "^0.2.2",
     "rimraf": "^6.0.1",
     "rollup": "catalog:rollup-toolset",
     "rollup-plugin-copy": "catalog:rollup-toolset",
@@ -106,7 +104,7 @@
       "path": [
         "./wasm/dist/bundle"
       ],
-      "limit": "5500 kB",
+      "limit": "5400 kB",
       "brotli": false
     }
   ],

ts/packages/README.md

+# Wax packages
+
+This Wax subdirectory is responsible for maintaining Wax "extensions", e.g. signers using the pnpm's workspaces strategy
+
+## Building
+
+1. Install dependencies using `pnpm install` - this will automatically install dependencies for all of the package directories from this directory.
+2. Build all the packages using `pnpm run build`
+3. Now you can either pack: `pnpm run pack` or publish: `pnpm publish -r`. Note: All of the packages will be saved under [`dist`](./dist) directory

ts/packages/signers-keychain/README.md

+# @hiveio/wax-signers-keychain
+
+Wax signer library extending transaction signing possibilities by a 3rd party Web-only extension - Keychain
+
+## Prerequisites
+
+- Configured [@hiveio/wax](https://www.npmjs.com/package/@hiveio/wax) library. Wax Keychain signer is an extension the base Wax library, extending its signing possibilities by using 3rd party wallet
+- Configured [Keychain browser extension](https://hive-keychain.com/) with imported keys
+
+## Example usage
+
+```ts
+import { createHiveChain } from "@hiveio/wax";
+import KeychainProvider from "@hiveio/wax-signers-keychain";
+
+const chain = await createHiveChain();
+
+const provider = KeychainProvider.for("myaccount", "active");
+
+// Create a transaction using the Wax Hive chain instance
+const tx = await chain.createTransaction();
+
+// Perform some operations, e.g. push the vote operation:
+tx.pushOperation({
+  vote: {
+    voter: "alice",
+    author: "bob",
+    permlink: "example-post",
+    weight: 10000
+  }
+});
+
+// Wait for the keychain to sign the transaction
+await tx.sign(provider);
+
+// broadcast the transaction
+await chain.broadcast(tx);
+```
+
+## License
+
+See license in [LICENSE.md](LICENSE.md) file

ts/packages/signers-keychain/package.json

+{
+  "name": "@hiveio/wax-signers-keychain",
+  "version": "0.0.0-Run-Prepack",
+  "description": "Wax signer library extending transaction signing possibilities by a 3rd party Web-only extension - Keychain",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "type": "module",
+  "private": false,
+  "scripts": {
+    "build": "tsc",
+    "prepack": "jq --argfile source ../../package.json '.version = $source.version | .publishConfig.registry = $source.publishConfig.registry | .publishConfig.tag = $source.publishConfig.tag' package.json > package.json.tmp && mv package.json.tmp package.json"
+  },
+  "devDependencies": {
+    "typescript": "catalog:typescript-toolset"
+  },
+  "dependencies": {
+    "@hiveio/wax": "workspace:../..",
+    "keychain-sdk": "^0.8.5"
+  },
+  "files": [
+    "dist/index.d.ts",
+    "dist/index.js",
+    "README.md",
+    "LICENSE.md"
+  ],
+  "license": "SEE LICENSE IN LICENSE.md",
+  "keywords": [
+    "wax",
+    "blockchain",
+    "hive"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://gitlab.syncad.com/hive/wax.git"
+  },
+  "publishConfig": {
+    "registry": "https://RegistryPlaceholder",
+    "tag": "DistTagPlaceholder"
+  }
+}
\ No newline at end of file

ts/packages/signers-keychain/src/index.ts

+import type { IOnlineSignatureProvider, ITransaction, TAccountName, TRole } from "@hiveio/wax";
+
+import { KeychainKeyTypes, KeychainSDK } from "keychain-sdk";
+
+const mapRoles: Record<TRole, KeychainKeyTypes | undefined> = {
+  active: KeychainKeyTypes.active,
+  posting: KeychainKeyTypes.posting,
+  owner: undefined,
+  memo: KeychainKeyTypes.memo
+};
+
+// We do not extend from WaxError to avoid runtime dependencies, such as: /vite or /web - without it we can import only types
+export class WaxKeychainProviderError extends Error {}
+
+/**
+ * Wax transaction signature provider using the Keychain SDK.
+ *
+ * @example
+ * ```
+ * const provider = KeychainProvider.for("myaccount", "active");
+ *
+ * // Create a transaction using the Wax Hive chain instance
+ * const tx = await chain.createTransaction();
+ *
+ * // Perform some operations, e.g. pushing operations...
+ *
+ * // Sign the transaction
+ * await tx.sign(provider);
+ *
+ * // broadcast
+ * await chain.broadcast(tx);
+ * ```
+ */
+class KeychainProvider implements IOnlineSignatureProvider {
+  private readonly role: KeychainKeyTypes;
+
+  private static keychain: KeychainSDK;
+
+  private constructor(
+    private readonly accountName: TAccountName,
+    role: TRole
+  ) {
+    if (!mapRoles[role])
+      throw new Error(`Role ${role} is not supported by the Wax signature provider: ${KeychainProvider.name}`);
+
+    if(!KeychainProvider.keychain)
+      KeychainProvider.keychain = new KeychainSDK(window);
+
+    this.role = mapRoles[role];
+  }
+
+  public static for(accountName: TAccountName, role: TRole): KeychainProvider {
+    return new KeychainProvider(accountName, role);
+  }
+
+  public async signTransaction(transaction: ITransaction): Promise<void> {
+    const data = await KeychainProvider.keychain.signTx({
+      method: this.role,
+      username: this.accountName,
+      tx: JSON.parse(transaction.toLegacyApi())
+    });
+
+    for(const sig of data.result.signatures)
+      transaction.sign(sig);
+  }
+}
+
+export default KeychainProvider;

ts/packages/signers-keychain/tsconfig.json

+{
+  "extends": "../../npm-common-config/ts-common/tsconfig.base.json",
+  "compilerOptions": {
+    "rootDir": "./src",
+    "baseUrl": ".",
+    "outDir": "./dist",
+    "incremental": true,
+    "tsBuildInfoFile": "./dist/.tsbuildinfo",
+    "skipLibCheck": true
+  },
+  "include": [
+    "./src"
+  ]
+}
\ No newline at end of file

ts/packages/signers-peakvault/README.md

+# @hiveio/wax-signers-peakvault
+
+Wax signer library extending transaction signing possibilities by a 3rd party Web-only extension - Peak Vault
+
+## Prerequisites
+
+- Configured [@hiveio/wax](https://www.npmjs.com/package/@hiveio/wax) library. Wax Peak Vault signer is an extension the base Wax library, extending its signing possibilities by using 3rd party wallet
+- Configured [Peak Vault browser extension](https://vault.peakd.com/peakvault/releases.html) with imported keys
+
+## Example usage
+
+```ts
+import { createHiveChain } from "@hiveio/wax";
+import PeakVaultProvider from "@hiveio/wax-signers-peakvault";
+
+const chain = await createHiveChain();
+
+const provider = PeakVaultProvider.for("myaccount", "active");
+
+// Create a transaction using the Wax Hive chain instance
+const tx = await chain.createTransaction();
+
+// Perform some operations, e.g. push the vote operation:
+tx.pushOperation({
+  vote: {
+    voter: "alice",
+    author: "bob",
+    permlink: "example-post",
+    weight: 10000
+  }
+});
+
+// Wait for the keychain to sign the transaction
+await tx.sign(provider);
+
+// broadcast the transaction
+await chain.broadcast(tx);
+```
+
+## License
+
+See license in [LICENSE.md](LICENSE.md) file