import { Bytes } from '../types/index.js'; /** * Session signing envelope types */ export declare enum SigningEnvelope { RawTxHash = 0, BitcoinMessageV0 = 1, WebAuthnV0 = 2 } export declare class WebauthnEnvelopeData { authenticator_data: Uint8Array; client_data_json: Uint8Array; constructor(authenticator_data: Uint8Array, client_data_json: Uint8Array); encode(): Bytes; } export declare const WebauthnEnvelopeDataSchema: import("../bcs/index.js").BcsType<{ authenticator_data: number[]; client_data_json: number[]; }, { authenticator_data: Iterable & { length: number; }; client_data_json: Iterable & { length: number; }; }>; /** * WebAuthn assertion data parsed from AuthenticatorAssertionResponse */ export interface WebAuthnAssertionData { signature: Bytes; rawSignature: Bytes; authenticatorData: Bytes; clientDataJSON: Bytes; credentialId?: string; } /** * WebAuthn utilities for parsing and validating WebAuthn data */ export declare class WebAuthnUtils { /** * Parse AuthenticatorAssertionResponse into standardized data */ static parseAssertionResponse(response: AuthenticatorAssertionResponse): WebAuthnAssertionData; /** * Validate that the challenge in clientDataJSON matches the expected txHash * The challenge should be the URL-safe base64 encoding of the txHash (WebAuthn standard) */ static validateChallenge(clientDataJSON: Bytes, txHash: Bytes): boolean; /** * Encode Uint8Array to URL-safe base64 string (base64url) * WebAuthn uses base64url encoding (RFC 4648) */ static toUrlSafeBase64(bytes: Bytes): string; /** * Decode base64url string to Uint8Array with proper padding handling * WebAuthn often omits padding characters, so we need to add them back */ private static decodeBase64Url; /** * Compute WebAuthn verification message: authenticator_data || SHA256(client_data_json) */ static computeVerificationMessage(authenticatorData: Bytes, clientDataJSON: Bytes): Bytes; /** * Convert DER signature to raw format and canonicalize (low-S form) */ private static derToRaw; }