arbundles - npm Package Compare versions

Comparing version 0.2.11 to 0.3.0

build/ar-data-create.js

@@ -10,7 +10,4 @@ "use strict";
 const parser_1 = require("./parser");
-const EMPTY_ARRAY = new Array(512).fill(0);
-const OWNER_LENGTH = 512;
 function createData(data, signer, opts) {
     const _owner = signer.publicKey;
-    assert_1.default(_owner.byteLength == OWNER_LENGTH, new Error(`Public key isn't the correct length: ${_owner.byteLength}`));
     const _target = opts?.target ? base64url_1.default.toBuffer(opts.target) : null;
@@ -25,4 +22,4 @@ const target_length = 1 + (_target?.byteLength ?? 0);
     const length = 2 +
-        512 +
-        _owner.byteLength +
+        signer.signatureLength +
+        signer.ownerLength +
         target_length +
@@ -34,11 +31,12 @@ anchor_length +
     bytes.set(utils_1.shortTo2ByteArray(signer.signatureType), 0);
-    bytes.set(EMPTY_ARRAY, 2);
-    assert_1.default(_owner.byteLength == 512, new Error("Owner must be 512 bytes"));
-    bytes.set(_owner, 514);
-    bytes[1026] = _target ? 1 : 0;
+    bytes.set(new Uint8Array(signer.signatureLength).fill(0), 2);
+    assert_1.default(_owner.byteLength == signer.ownerLength, new Error(`Owner must be ${signer.ownerLength} bytes`));
+    bytes.set(_owner, 2 + signer.signatureLength);
+    const position = 2 + signer.signatureLength + signer.ownerLength;
+    bytes[position] = _target ? 1 : 0;
     if (_target) {
         assert_1.default(_target.byteLength == 32, new Error("Target must be 32 bytes"));
-        bytes.set(_target, 1027);
+        bytes.set(_target, position + 1);
     }
-    const anchor_start = 1026 + target_length;
+    const anchor_start = position + target_length;
     let tags_start = anchor_start + 1;
@@ -45,0 +43,0 @@ bytes[anchor_start] = _anchor ? 1 : 0;

build/Bundle.js

@@ -62,4 +62,5 @@ "use strict";
             const expected = base64url_1.default(crypto.createHash("sha256").update(item.rawSignature).digest());
-            if (!(valid && item.id === expected))
+            if (!(valid && item.id === expected)) {
                 return false;
+            }
         }
@@ -66,0 +67,0 @@ return true;

build/BundleItem.d.ts

@@ -9,4 +9,6 @@ /// <reference types="node" />
     readonly signature: ResolvesTo<string>;
+    readonly signatureLength: ResolvesTo<number>;
     readonly rawOwner: ResolvesTo<Buffer>;
     readonly owner: ResolvesTo<string>;
+    readonly ownerLength: ResolvesTo<number>;
     readonly rawTarget: ResolvesTo<Buffer>;
@@ -13,0 +15,0 @@ readonly target: ResolvesTo<string>;

build/BundleItem.js

@@ -8,4 +8,6 @@ "use strict";
     signature;
+    signatureLength;
     rawOwner;
     owner;
+    ownerLength;
     rawTarget;
@@ -12,0 +14,0 @@ target;

build/constants.d.ts

@@ -1,1 +0,14 @@
-export declare const BUNDLER = "http://bundler.arweave.net:10000";
+export declare const SIG_CONFIG: {
+    1: {
+        sigLength: number;
+        pubLength: number;
+    };
+    2: {
+        sigLength: number;
+        pubLength: number;
+    };
+    3: {
+        sigLength: number;
+        pubLength: number;
+    };
+};

build/constants.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.BUNDLER = void 0;
-exports.BUNDLER = "http://bundler.arweave.net:10000";
+exports.SIG_CONFIG = void 0;
+exports.SIG_CONFIG = {
+    1: {
+        sigLength: 512,
+        pubLength: 512
+    },
+    2: {
+        sigLength: 64,
+        pubLength: 32
+    },
+    3: {
+        sigLength: 64,
+        pubLength: 65
+    }
+};
 //# sourceMappingURL=constants.js.map

build/DataItem.d.ts

@@ -6,3 +6,3 @@ /// <reference types="node" />
 import { AxiosResponse } from "axios";
-export declare const MIN_BINARY_SIZE = 1044;
+export declare const MIN_BINARY_SIZE = 80;
 export default class DataItem implements BundleItem {
@@ -21,4 +21,6 @@ private readonly binary;
     get signature(): string;
+    get signatureLength(): number;
     get rawOwner(): Buffer;
     get owner(): string;
+    get ownerLength(): number;
     get rawTarget(): Buffer;
@@ -53,3 +55,3 @@ get target(): string;
     };
-    sendToBundler(bundler?: string): Promise<AxiosResponse>;
+    sendToBundler(bundler: string): Promise<AxiosResponse>;
     static verify(buffer: Buffer): Promise<boolean>;
@@ -56,0 +58,0 @@ private getTagsStart;

build/DataItem.js

@@ -14,3 +14,3 @@ "use strict";
 const constants_1 = require("./constants");
-exports.MIN_BINARY_SIZE = 1044;
+exports.MIN_BINARY_SIZE = 80;
 class DataItem {
@@ -47,3 +47,3 @@ binary;
     get rawSignature() {
-        return this.binary.subarray(2, 514);
+        return this.binary.subarray(2, 2 + this.signatureLength);
     }
@@ -53,8 +53,10 @@ get signature() {
     }
+    get signatureLength() {
+        const length = constants_1.SIG_CONFIG[this.signatureType]?.sigLength;
+        if (!length)
+            throw new Error("Signature type not supported");
+        return length;
+    }
     get rawOwner() {
-        switch (this.signatureType) {
-            case 1:
-                return this.binary.subarray(514, 514 + 512);
-        }
-        throw new Error("Not a valid signature type");
+        return this.binary.subarray(2 + this.signatureLength, 2 + this.signatureLength + this.ownerLength);
     }
@@ -64,2 +66,8 @@ get owner() {
     }
+    get ownerLength() {
+        const length = constants_1.SIG_CONFIG[this.signatureType]?.pubLength;
+        if (!length)
+            throw new Error("Signature type not supported");
+        return length;
+    }
     get rawTarget() {
@@ -150,3 +158,3 @@ const targetStart = this.getTargetStart();
             throw new Error("You must sign before sending to bundler");
-        const response = await axios_1.default.post(`${bundler ?? constants_1.BUNDLER}/tx`, this.getRaw(), {
+        const response = await axios_1.default.post(`${bundler}/tx`, this.getRaw(), {
             headers,
@@ -165,9 +173,5 @@ timeout: 100000,
         }
-        const sigType = utils_1.byteArrayToLong(buffer.subarray(0, 2));
-        let tagsStart = 2 + 512 + 512 + 2;
-        const targetPresent = buffer[1026] == 1;
-        tagsStart += targetPresent ? 32 : 0;
-        const anchorPresentByte = targetPresent ? 1059 : 1027;
-        const anchorPresent = buffer[anchorPresentByte] == 1;
-        tagsStart += anchorPresent ? 32 : 0;
+        const item = new DataItem(buffer);
+        const sigType = item.signatureType;
+        const tagsStart = item.getTagsStart();
         const numberOfTags = utils_1.byteArrayToLong(buffer.subarray(tagsStart, tagsStart + 8));
@@ -190,17 +194,15 @@ const numberOfTagBytesArray = buffer.subarray(tagsStart + 8, tagsStart + 16);
         const Signer = index_1.indexToType[sigType];
-        const item = new DataItem(buffer);
         const signatureData = await ar_data_base_1.getSignatureData(item);
-        return await Signer.verify(item.owner, signatureData, buffer.subarray(2, 514));
+        return await Signer.verify(item.rawOwner, signatureData, item.rawSignature);
     }
     getTagsStart() {
-        let tagsStart = 2 + 512 + 512 + 2;
-        const targetPresent = this.binary[1026] == 1;
-        tagsStart += targetPresent ? 32 : 0;
-        const anchorPresentByte = targetPresent ? 1059 : 1027;
-        const anchorPresent = this.binary[anchorPresentByte] == 1;
-        tagsStart += anchorPresent ? 32 : 0;
+        const targetStart = this.getTargetStart();
+        const targetPresent = this.binary[targetStart] == 1;
+        let tagsStart = targetStart + (targetPresent ? 33 : 1);
+        const anchorPresent = this.binary[tagsStart] == 1;
+        tagsStart += anchorPresent ? 33 : 1;
         return tagsStart;
     }
     getTargetStart() {
-        return 1026;
+        return 2 + this.signatureLength + this.ownerLength;
     }
@@ -207,0 +209,0 @@ getAnchorStart() {

build/index.d.ts

@@ -1,2 +0,1 @@
-import { createData } from "./ar-data-create";
 import { bundleAndSignData, unbundleData } from "./ar-data-bundle";
@@ -8,3 +7,4 @@ import Bundle from "./Bundle";
 import { ArweaveSigner } from "./signing";
+import { createData } from "./ar-data-create";
 export { MIN_BINARY_SIZE, Bundle, DataItem, createData, bundleAndSignData, unbundleData, deepHash, DataItemCreateOptions, };
 export { ArweaveSigner };

build/index.js

@@ -5,4 +5,2 @@ "use strict";
 const tslib_1 = require("tslib");
-const ar_data_create_1 = require("./ar-data-create");
-Object.defineProperty(exports, "createData", { enumerable: true, get: function () { return ar_data_create_1.createData; } });
 const ar_data_bundle_1 = require("./ar-data-bundle");
@@ -20,2 +18,4 @@ Object.defineProperty(exports, "bundleAndSignData", { enumerable: true, get: function () { return ar_data_bundle_1.bundleAndSignData; } });
 Object.defineProperty(exports, "ArweaveSigner", { enumerable: true, get: function () { return signing_1.ArweaveSigner; } });
+const ar_data_create_1 = require("./ar-data-create");
+Object.defineProperty(exports, "createData", { enumerable: true, get: function () { return ar_data_create_1.createData; } });
 //# sourceMappingURL=index.js.map

build/signing/chains/index.d.ts

@@ -1,2 +0,2 @@
-import ArweaveSigner from "./arweave/ArweaveSigner";
+import ArweaveSigner from "./ArweaveSigner";
 export default ArweaveSigner;

build/signing/chains/index.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const tslib_1 = require("tslib");
-const ArweaveSigner_1 = tslib_1.__importDefault(require("./arweave/ArweaveSigner"));
+const ArweaveSigner_1 = tslib_1.__importDefault(require("./ArweaveSigner"));
 exports.default = ArweaveSigner_1.default;
 //# sourceMappingURL=index.js.map

build/signing/constants.d.ts

@@ -1,2 +0,1 @@
-/// <reference types="node" />
 import { Signer } from "./Signer";
@@ -6,3 +5,5 @@ interface IndexToType {
         new (...args: any[]): Signer;
-        verify(pk: string | Buffer, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
+        readonly signatureLength: number;
+        readonly ownerLength: number;
+        verify(pk: string | Uint8Array, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
     };
@@ -9,0 +10,0 @@ }

build/signing/constants.js

@@ -5,6 +5,10 @@ "use strict";
 const tslib_1 = require("tslib");
-const Rsa4096Pss_1 = tslib_1.__importDefault(require("./keys/Rsa4096Pss"));
+const curve25519_1 = tslib_1.__importDefault(require("./keys/curve25519"));
+const ethereum_1 = tslib_1.__importDefault(require("./chains/ethereum"));
+const chains_1 = tslib_1.__importDefault(require("./chains"));
 exports.indexToType = {
-    1: Rsa4096Pss_1.default,
+    1: chains_1.default,
+    2: curve25519_1.default,
+    3: ethereum_1.default
 };
 //# sourceMappingURL=constants.js.map

build/signing/keys/Rsa4096Pss.d.ts

@@ -7,6 +7,9 @@ /// <reference types="node" />
     readonly signatureType: number;
+    readonly ownerLength: number;
+    readonly signatureLength: number;
+    private readonly _publicKey;
     get publicKey(): Buffer;
     constructor(_key: string, pk?: string);
     sign(message: Uint8Array): Uint8Array;
-    static verify(pk: string, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
+    static verify(pk: string | Buffer, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
 }

build/signing/keys/Rsa4096Pss.js

@@ -7,2 +7,4 @@ "use strict";
 const arweave_1 = tslib_1.__importDefault(require("arweave"));
+const base64url_1 = tslib_1.__importDefault(require("base64url"));
+const constants_1 = require("../../constants");
 class Rsa4096Pss {
@@ -12,4 +14,7 @@ _key;
     signatureType = 1;
+    ownerLength = constants_1.SIG_CONFIG[1].pubLength;
+    signatureLength = constants_1.SIG_CONFIG[1].sigLength;
+    _publicKey;
     get publicKey() {
-        return Buffer.allocUnsafe(0);
+        return this._publicKey;
     }
@@ -40,3 +45,3 @@ constructor(_key, pk) {
     static async verify(pk, message, signature) {
-        return await arweave_1.default.crypto.verify(pk, message, signature);
+        return await arweave_1.default.crypto.verify(Buffer.isBuffer(pk) ? base64url_1.default.encode(pk) : pk, message, signature);
     }
@@ -43,0 +48,0 @@ }

build/signing/Signer.d.ts

@@ -5,4 +5,7 @@ /// <reference types="node" />
     readonly signatureType: number;
+    readonly signatureLength: number;
+    readonly ownerLength: number;
+    readonly pem?: string | Buffer;
     abstract sign(message: Uint8Array): Promise<Uint8Array> | Uint8Array;
     static verify(_: string | Buffer): boolean;
 }

build/signing/Signer.js

@@ -7,2 +7,5 @@ "use strict";
     signatureType;
+    signatureLength;
+    ownerLength;
+    pem;
     static verify(_) {
@@ -9,0 +12,0 @@ throw new Error("You must implement verify method on child");

file/bundleData.d.ts

 import { Signer } from '../build/signing';
 import FileBundle from './FileBundle';
 import FileDataItem from './FileDataItem';
-export declare function bundleAndSignData(dataItems: (FileDataItem)[], signer: Signer, dir?: string): Promise<FileBundle>;
+export declare function bundleAndSignData(dataItems: FileDataItem[], signer: Signer, dir?: string): Promise<FileBundle>;

file/createData.d.ts

@@ -0,4 +1,5 @@
+/// <reference types="node" />
 import FileDataItem from "./FileDataItem";
 import { DataItemCreateOptions } from "../build/ar-data-base";
 import { Signer } from '../build/signing';
-export declare function createData(data: string | Uint8Array, signer: Signer, opts?: DataItemCreateOptions): Promise<FileDataItem>;
+export declare function createData(data: string | Uint8Array | NodeJS.ReadableStream, signer: Signer, opts?: DataItemCreateOptions): Promise<FileDataItem>;

file/createData.js

@@ -10,7 +10,5 @@ "use strict";
 const assert_1 = tslib_1.__importDefault(require("assert"));
-const buffer_1 = require("buffer");
 const utils_1 = require("../build/utils");
 const parser_1 = require("../build/parser");
-const EMPTY_ARRAY = new Array(512).fill(0);
-const OWNER_LENGTH = 512;
+const promises_1 = require("stream/promises");
 async function createData(data, signer, opts) {
@@ -20,9 +18,8 @@ const filename = await tmp_promise_1.tmpName();
     const _owner = signer.publicKey;
-    assert_1.default(_owner.byteLength == OWNER_LENGTH, new Error(`Public key isn't the correct length: ${_owner.byteLength}`));
     const _target = opts?.target ? base64url_1.default.toBuffer(opts.target) : null;
-    const _anchor = opts?.anchor ? buffer_1.Buffer.from(opts.anchor) : null;
+    const _anchor = opts?.anchor ? Buffer.from(opts.anchor) : null;
     const _tags = (opts?.tags?.length ?? 0) > 0 ? await parser_1.serializeTags(opts.tags) : null;
-    const _data = buffer_1.Buffer.from(data);
     stream.write(utils_1.shortTo2ByteArray(signer.signatureType));
-    stream.write(Uint8Array.from(EMPTY_ARRAY));
+    stream.write(new Uint8Array(signer.signatureLength).fill(0));
+    assert_1.default(_owner.byteLength == signer.ownerLength, new Error(`Owner must be ${signer.ownerLength} bytes`));
     stream.write(_owner);
@@ -45,3 +42,9 @@ stream.write(_target ? singleItemBuffer(1) : singleItemBuffer(0));
     }
-    stream.write(_data);
+    if (typeof data[Symbol.asyncIterator] ===
+        "function") {
+        await promises_1.pipeline(data, stream);
+    }
+    else {
+        stream.write(Buffer.from(data));
+    }
     await new Promise((resolve) => {
@@ -54,4 +57,4 @@ stream.end(resolve);
 function singleItemBuffer(i) {
-    return buffer_1.Buffer.from([i]);
+    return Buffer.from([i]);
 }
 //# sourceMappingURL=createData.js.map

file/FileBundle.d.ts

@@ -1,2 +0,3 @@
-/// <reference types="node" />
+
+// <reference types="node" />
 import { BundleInterface } from "../build/BundleInterface";
@@ -3,0 +4,0 @@ import FileDataItem from "./FileDataItem";

file/FileDataItem.d.ts

 /// <reference types="node" />
-import { PathLike } from "fs";
-import { BundleItem } from "../build/BundleItem";
-import { Signer } from "../build/signing";
+import { PathLike } from 'fs';
+import { BundleItem } from '../build/BundleItem';
+import { Signer } from '../build/signing';
 import { AxiosResponse } from 'axios';
 export default class FileDataItem implements BundleItem {
     readonly filename: PathLike;
+    signatureLength(): Promise<number>;
+    ownerLength(): Promise<number>;
     constructor(filename: PathLike, id?: Buffer);
@@ -25,2 +27,3 @@ private _id?;
     target(): Promise<string>;
+    getTargetStart(): Promise<number>;
     rawAnchor(): Promise<Buffer>;
@@ -37,5 +40,5 @@ anchor(): Promise<string>;
     sendToBundler(bundler: string): Promise<AxiosResponse>;
+    getTagsStart(): Promise<number>;
+    dataStart(): Promise<number>;
     private anchorStart;
-    tagsStart(): Promise<number>;
-    dataStart(): Promise<number>;
 }

file/FileDataItem.js

@@ -19,2 +19,14 @@ "use strict";
     filename;
+    async signatureLength() {
+        const length = constants_1.SIG_CONFIG[await this.signatureType()]?.sigLength;
+        if (!length)
+            throw new Error("Signature type not supported");
+        return length;
+    }
+    async ownerLength() {
+        const length = constants_1.SIG_CONFIG[await this.signatureType()]?.pubLength;
+        if (!length)
+            throw new Error("Signature type not supported");
+        return length;
+    }
     constructor(filename, id) {
@@ -32,3 +44,3 @@ this.filename = filename;
         }
-        throw new Error("ID is not set");
+        throw new Error('ID is not set');
     }
@@ -39,24 +51,15 @@ set rawId(id) {
     static isDataItem(obj) {
-        return obj.filename && typeof obj.filename === "string";
+        return obj.filename && typeof obj.filename === 'string';
     }
     static async verify(filename) {
-        const handle = await fs.promises.open(filename, "r");
-        const sigType = await read(handle.fd, Buffer.allocUnsafe(2), 0, 2, 0).then((r) => utils_1.byteArrayToLong(r.buffer));
-        let anchorStart = 1027;
-        const targetPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, 1026).then((r) => r.buffer);
-        const targetPresent = targetPresentBuffer[0] === 1;
-        if (targetPresent) {
-            anchorStart += 32;
-        }
-        const anchorPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, anchorStart).then((r) => r.buffer);
-        const anchorPresent = anchorPresentBuffer[0] === 1;
-        let tagsStart = anchorStart;
-        if (anchorPresent) {
-            tagsStart += 32;
-        }
-        tagsStart++;
+        const handle = await fs.promises.open(filename, 'r');
+        const item = new FileDataItem(filename);
+        const sigType = await item.signatureType();
+        const tagsStart = await item.getTagsStart();
         const numberOfTags = await read(handle.fd, Buffer.allocUnsafe(8), 0, 8, tagsStart).then((r) => utils_1.byteArrayToLong(r.buffer));
         const numberOfTagsBytes = await read(handle.fd, Buffer.allocUnsafe(8), 0, 8, tagsStart + 8).then((r) => utils_1.byteArrayToLong(r.buffer));
-        if (numberOfTagsBytes > 2048)
+        if (numberOfTagsBytes > 2048) {
+            await handle.close();
             return false;
+        }
         const tagsBytes = await read(handle.fd, Buffer.allocUnsafe(numberOfTagsBytes), 0, numberOfTagsBytes, tagsStart + 16).then((r) => r.buffer);
@@ -73,25 +76,24 @@ if (numberOfTags > 0) {
         const Signer = signing_1.indexToType[sigType];
-        const owner = await read(handle.fd, Buffer.allocUnsafe(512), 0, 512, 514).then((r) => r.buffer);
-        const target = targetPresent
-            ? await read(handle.fd, Buffer.allocUnsafe(32), 0, 32, 1027).then((r) => r.buffer)
-            : Buffer.allocUnsafe(0);
-        const anchor = anchorPresent
-            ? await read(handle.fd, Buffer.allocUnsafe(32), 0, 32, anchorStart + 1).then((r) => r.buffer)
-            : Buffer.allocUnsafe(0);
+        const owner = await item.rawOwner();
+        let b = Buffer.alloc(0);
+        for await (const chunk of fs.createReadStream(filename, { start: await item.dataStart() })) {
+            b = Buffer.concat([b, chunk]);
+        }
         const signatureData = await index_1.deepHash([
-            utils_2.stringToBuffer("dataitem"),
-            utils_2.stringToBuffer("1"),
+            utils_2.stringToBuffer('dataitem'),
+            utils_2.stringToBuffer('1'),
             utils_2.stringToBuffer(sigType.toString()),
             owner,
-            target,
-            anchor,
-            tagsBytes,
+            await item.rawTarget(),
+            await item.rawAnchor(),
+            await item.rawTags(),
             fs.createReadStream(filename, {
-                start: tagsStart + 16 + numberOfTagsBytes,
+                start: await item.dataStart(),
             }),
         ]);
-        const signature = await read(handle.fd, Buffer.allocUnsafe(512), 0, 512, 2).then((r) => r.buffer);
-        await handle.close();
-        if (!(await Signer.verify(owner, signatureData, signature)))
+        const sig = await item.rawSignature();
+        if (!(await Signer.verify(owner, signatureData, sig))) {
+            await handle.close();
             return false;
+        }
         await handle.close();
@@ -110,3 +112,3 @@ return true;
     async signatureType() {
-        const handle = await fs.promises.open(this.filename, "r");
+        const handle = await fs.promises.open(this.filename, 'r');
         const buffer = await read(handle.fd, Buffer.allocUnsafe(2), 0, 2, 0).then((r) => r.buffer);
@@ -117,4 +119,5 @@ await handle.close();
     async rawSignature() {
-        const handle = await fs.promises.open(this.filename, "r");
-        const buffer = await read(handle.fd, Buffer.allocUnsafe(512), 0, 512, 2).then((r) => r.buffer);
+        const handle = await fs.promises.open(this.filename, 'r');
+        const length = await this.signatureLength();
+        const buffer = await read(handle.fd, Buffer.alloc(length), 0, length, 2).then((r) => r.buffer);
         await handle.close();
@@ -127,4 +130,5 @@ return buffer;
     async rawOwner() {
-        const handle = await fs.promises.open(this.filename, "r");
-        const buffer = await read(handle.fd, Buffer.allocUnsafe(512), 0, 512, 514).then((r) => r.buffer);
+        const handle = await fs.promises.open(this.filename, 'r');
+        const length = await this.ownerLength();
+        const buffer = await read(handle.fd, Buffer.allocUnsafe(length), 0, length, 2 + await this.signatureLength()).then((r) => r.buffer);
         await handle.close();
@@ -137,7 +141,8 @@ return buffer;
     async rawTarget() {
-        const handle = await fs.promises.open(this.filename, "r");
-        const targetPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, 1026).then((r) => r.buffer);
+        const handle = await fs.promises.open(this.filename, 'r');
+        const targetStart = await this.getTargetStart();
+        const targetPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, targetStart).then((r) => r.buffer);
         const targetPresent = targetPresentBuffer[0] === 1;
         if (targetPresent) {
-            const targetBuffer = await read(handle.fd, Buffer.allocUnsafe(32), 0, 32, 1027).then((r) => r.buffer);
+            const targetBuffer = await read(handle.fd, Buffer.allocUnsafe(32), 0, 32, targetStart + 1).then((r) => r.buffer);
             await handle.close();
@@ -152,6 +157,9 @@ return targetBuffer;
     }
+    async getTargetStart() {
+        return 2 + await this.signatureLength() + await this.ownerLength();
+    }
     async rawAnchor() {
         const [anchorPresent, anchorStart] = await this.anchorStart();
         if (anchorPresent) {
-            const handle = await fs.promises.open(this.filename, "r");
+            const handle = await fs.promises.open(this.filename, 'r');
             const anchorBuffer = await read(handle.fd, Buffer.allocUnsafe(32), 0, 32, anchorStart + 1).then((r) => r.buffer);
@@ -164,7 +172,7 @@ await handle.close();
     async anchor() {
-        return base64url_1.default.encode(await this.rawAnchor());
+        return (await this.rawAnchor()).toString();
     }
     async rawTags() {
-        const handle = await fs.promises.open(this.filename, "r");
-        const tagsStart = await this.tagsStart();
+        const handle = await fs.promises.open(this.filename, 'r');
+        const tagsStart = await this.getTagsStart();
         const numberOfTagsBuffer = await read(handle.fd, Buffer.allocUnsafe(8), 0, 8, tagsStart).then((r) => r.buffer);
@@ -176,2 +184,6 @@ const numberOfTags = utils_1.byteArrayToLong(numberOfTagsBuffer);
         const numberOfTagsBytes = utils_1.byteArrayToLong(numberOfTagsBytesBuffer);
+        if (numberOfTagsBytes > 2048) {
+            await handle.close();
+            throw new Error('Tags too large');
+        }
         const tagsBytes = await read(handle.fd, Buffer.allocUnsafe(numberOfTagsBytes), 0, numberOfTagsBytes, tagsStart + 16).then((r) => r.buffer);
@@ -194,3 +206,3 @@ await handle.close();
         }
-        const handle = await fs.promises.open(this.filename, "r");
+        const handle = await fs.promises.open(this.filename, 'r');
         const dataBuffer = await read(handle.fd, Buffer.allocUnsafe(dataSize), 0, dataSize, dataStart).then((r) => r.buffer);
@@ -205,7 +217,6 @@ await handle.close();
         const dataStart = await this.dataStart();
-        const end = await this.size();
         const signatureData = await index_1.deepHash([
-            utils_2.stringToBuffer("dataitem"),
-            utils_2.stringToBuffer("1"),
-            utils_2.stringToBuffer(await this.signatureType().then((n) => n.toString())),
+            utils_2.stringToBuffer('dataitem'),
+            utils_2.stringToBuffer('1'),
+            utils_2.stringToBuffer((await this.signatureType()).toString()),
             await this.rawOwner(),
@@ -215,8 +226,8 @@ await this.rawTarget(),
             await this.rawTags(),
-            fs.createReadStream(this.filename, { start: dataStart, end }),
+            fs.createReadStream(this.filename, { start: dataStart }),
         ]);
         const signatureBytes = await signer.sign(signatureData);
         const idBytes = await arweave_1.default.crypto.hash(signatureBytes);
-        const handle = await fs.promises.open(this.filename, "r+");
-        await write(handle.fd, signatureBytes, 0, 512, 2);
+        const handle = await fs.promises.open(this.filename, 'r+');
+        await write(handle.fd, signatureBytes, 0, await this.signatureLength(), 2);
         this.rawId = Buffer.from(idBytes);
@@ -228,30 +239,17 @@ await handle.close();
         const headers = {
-            "Content-Type": "application/octet-stream",
+            'Content-Type': 'application/octet-stream',
         };
         if (!this.isSigned())
-            throw new Error("You must sign before sending to bundler");
-        const response = await axios_1.default.post(`${bundler ?? constants_1.BUNDLER}/tx`, fs.createReadStream(this.filename), {
+            throw new Error('You must sign before sending to bundler');
+        const response = await axios_1.default.post(`${bundler}/tx`, fs.createReadStream(this.filename), {
             headers,
             timeout: 100000,
             maxBodyLength: Infinity,
-            validateStatus: (status) => (status > 200 && status < 300) || status !== 402
+            validateStatus: (status) => (status > 200 && status < 300) || status !== 402,
         });
         if (response.status === 402)
-            throw new Error("Not enough funds to send data");
+            throw new Error('Not enough funds to send data');
         return response;
     }
-    async anchorStart() {
-        let anchorStart = 1027;
-        const handle = await fs.promises.open(this.filename, "r");
-        const targetPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, 1026).then((r) => r.buffer);
-        const targetPresent = targetPresentBuffer[0] === 1;
-        if (targetPresent) {
-            anchorStart += 32;
-        }
-        const anchorPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, anchorStart).then((r) => r.buffer);
-        const anchorPresent = anchorPresentBuffer[0] === 1;
-        await handle.close();
-        return [anchorPresent, anchorStart];
-    }
-    async tagsStart() {
+    async getTagsStart() {
         const [anchorPresent, anchorStart] = await this.anchorStart();
@@ -263,4 +261,4 @@ let tagsStart = anchorStart;
     async dataStart() {
-        const handle = await fs.promises.open(this.filename, "r");
-        const tagsStart = await this.tagsStart();
+        const handle = await fs.promises.open(this.filename, 'r');
+        const tagsStart = await this.getTagsStart();
         const numberOfTagsBytesBuffer = await read(handle.fd, Buffer.allocUnsafe(8), 0, 8, tagsStart + 8).then((r) => r.buffer);
@@ -271,4 +269,15 @@ const numberOfTagsBytes = utils_1.byteArrayToLong(numberOfTagsBytesBuffer);
     }
+    async anchorStart() {
+        const targetStart = await this.getTargetStart();
+        const handle = await fs.promises.open(this.filename, 'r');
+        const targetPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, targetStart).then((r) => r.buffer);
+        const targetPresent = targetPresentBuffer[0] === 1;
+        const anchorStart = targetStart + (targetPresent ? 33 : 1);
+        const anchorPresentBuffer = await read(handle.fd, Buffer.allocUnsafe(1), 0, 1, anchorStart).then((r) => r.buffer);
+        const anchorPresent = anchorPresentBuffer[0] === 1;
+        await handle.close();
+        return [anchorPresent, anchorStart];
+    }
 }
 exports.default = FileDataItem;
 //# sourceMappingURL=FileDataItem.js.map

file/signing/chains/index.d.ts

@@ -1,2 +0,2 @@
-import ArweaveSigner from "./arweave/ArweaveSigner";
+import ArweaveSigner from "./ArweaveSigner";
 export default ArweaveSigner;

file/signing/chains/index.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const tslib_1 = require("tslib");
-const ArweaveSigner_1 = tslib_1.__importDefault(require("./arweave/ArweaveSigner"));
+const ArweaveSigner_1 = tslib_1.__importDefault(require("./ArweaveSigner"));
 exports.default = ArweaveSigner_1.default;
 //# sourceMappingURL=index.js.map

file/signing/constants.d.ts

@@ -1,2 +0,1 @@
-/// <reference types="node" />
 import { Signer } from "./Signer";
@@ -6,3 +5,5 @@ interface IndexToType {
         new (...args: any[]): Signer;
-        verify(pk: string | Buffer, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
+        readonly signatureLength: number;
+        readonly ownerLength: number;
+        verify(pk: string | Uint8Array, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
     };
@@ -9,0 +10,0 @@ }

file/signing/constants.js

@@ -5,6 +5,10 @@ "use strict";
 const tslib_1 = require("tslib");
-const Rsa4096Pss_1 = tslib_1.__importDefault(require("./keys/Rsa4096Pss"));
+const curve25519_1 = tslib_1.__importDefault(require("./keys/curve25519"));
+const ethereum_1 = tslib_1.__importDefault(require("./chains/ethereum"));
+const chains_1 = tslib_1.__importDefault(require("./chains"));
 exports.indexToType = {
-    1: Rsa4096Pss_1.default,
+    1: chains_1.default,
+    2: curve25519_1.default,
+    3: ethereum_1.default
 };
 //# sourceMappingURL=constants.js.map

file/signing/keys/Rsa4096Pss.d.ts

@@ -7,6 +7,9 @@ /// <reference types="node" />
     readonly signatureType: number;
+    readonly ownerLength: number;
+    readonly signatureLength: number;
+    private readonly _publicKey;
     get publicKey(): Buffer;
     constructor(_key: string, pk?: string);
     sign(message: Uint8Array): Uint8Array;
-    static verify(pk: string, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
+    static verify(pk: string | Buffer, message: Uint8Array, signature: Uint8Array): Promise<boolean>;
 }

file/signing/keys/Rsa4096Pss.js

@@ -7,2 +7,4 @@ "use strict";
 const arweave_1 = tslib_1.__importDefault(require("arweave"));
+const base64url_1 = tslib_1.__importDefault(require("base64url"));
+const constants_1 = require("../../constants");
 class Rsa4096Pss {
@@ -12,4 +14,7 @@ _key;
     signatureType = 1;
+    ownerLength = constants_1.SIG_CONFIG[1].pubLength;
+    signatureLength = constants_1.SIG_CONFIG[1].sigLength;
+    _publicKey;
     get publicKey() {
-        return Buffer.allocUnsafe(0);
+        return this._publicKey;
     }
@@ -40,3 +45,3 @@ constructor(_key, pk) {
     static async verify(pk, message, signature) {
-        return await arweave_1.default.crypto.verify(pk, message, signature);
+        return await arweave_1.default.crypto.verify(Buffer.isBuffer(pk) ? base64url_1.default.encode(pk) : pk, message, signature);
     }
@@ -43,0 +48,0 @@ }

file/signing/Signer.d.ts

@@ -5,4 +5,7 @@ /// <reference types="node" />
     readonly signatureType: number;
+    readonly signatureLength: number;
+    readonly ownerLength: number;
+    readonly pem?: string | Buffer;
     abstract sign(message: Uint8Array): Promise<Uint8Array> | Uint8Array;
     static verify(_: string | Buffer): boolean;
 }

file/signing/Signer.js

@@ -7,2 +7,5 @@ "use strict";
     signatureType;
+    signatureLength;
+    ownerLength;
+    pem;
     static verify(_) {
@@ -9,0 +12,0 @@ throw new Error("You must implement verify method on child");

package.json

 {
   "name": "arbundles",
-  "version": "0.2.11",
+  "version": "0.3.0",
   "description": "Arweave bundling library",
@@ -52,3 +52,5 @@ "author": "Josh Benaron <joshbenaron@gmail.com>",
     "@types/browser-or-node": "^1.3.0",
+    "@types/bs58": "^4.0.1",
     "@types/multistream": "^2.1.1",
+    "@types/secp256k1": "^4.0.3",
     "@types/tmp": "^0.2.1",
@@ -60,4 +62,9 @@ "arweave": "^1.10.15",
     "base64url": "^3.0.1",
+    "bs58": "^4.0.1",
     "combined-stream2": "^1.1.2",
+    "curve25519-js": "^0.0.4",
+    "keccak256": "^1.0.3",
     "multistream": "^4.1.0",
+    "noble-ed25519": "^1.2.6",
+    "secp256k1": "^4.0.2",
     "starkbank-ecdsa": "^1.1.2",
@@ -64,0 +71,0 @@ "stream-chunker": "^1.2.8",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

110139

increased by19.63%

Number of package files

99

increased by32%

Lines of code

2494

increased by25.77%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

25

increased by38.89%

Dependency changes

• + Added@types/bs58@^4.0.1

• + Added@types/secp256k1@^4.0.3

• + Addedbs58@^4.0.1

• + Addedcurve25519-js@^0.0.4

• + Addedkeccak256@^1.0.3

• + Addednoble-ed25519@^1.2.6

• + Addedsecp256k1@^4.0.2

• + Added@types/bs58@4.0.4(transitive)

• + Added@types/secp256k1@4.0.6(transitive)

• + Addedbase-x@3.0.10(transitive)

• + Addedbn.js@5.2.1(transitive)

• + Addedbs58@4.0.1(transitive)

• + Addedbuffer@6.0.3(transitive)

• + Addedcurve25519-js@0.0.4(transitive)

• + Addedieee754@1.2.1(transitive)

• + Addedkeccak@3.0.4(transitive)

• + Addedkeccak256@1.0.6(transitive)

• + Addednoble-ed25519@1.2.6(transitive)

• + Addednode-addon-api@2.0.2(transitive)

• + Addednode-gyp-build@4.8.2(transitive)

• + Addedsecp256k1@4.0.3(transitive)