import type { GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2";
import type { Timestamp } from "@bufbuild/protobuf/wkt";
import type { Message } from "@bufbuild/protobuf";
/**
 * Describes the file auth.proto.
 */
export declare const file_auth: GenFile;
/**
 * @generated from message river.StartAuthenticationRequest
 */
export type StartAuthenticationRequest = Message<"river.StartAuthenticationRequest"> & {
    /**
     * user id of the user that wants to authenticate
     *
     * @generated from field: bytes user_id = 1;
     */
    userId: Uint8Array;
};
/**
 * Describes the message river.StartAuthenticationRequest.
 * Use `create(StartAuthenticationRequestSchema)` to create a new message.
 */
export declare const StartAuthenticationRequestSchema: GenMessage<StartAuthenticationRequest>;
/**
 * @generated from message river.StartAuthenticationResponse
 */
export type StartAuthenticationResponse = Message<"river.StartAuthenticationResponse"> & {
    /**
     * user id of the user that wants to authenticate
     *
     * @generated from field: bytes user_id = 1;
     */
    userId: Uint8Array;
    /**
     * challenge that must be signed.
     * clients must verify before signing that the challenge is >= 128 bits
     *
     * @generated from field: bytes challenge = 2;
     */
    challenge: Uint8Array;
    /**
     * timestamp until the challenge is valid
     *
     * @generated from field: google.protobuf.Timestamp expiration = 3;
     */
    expiration?: Timestamp;
};
/**
 * Describes the message river.StartAuthenticationResponse.
 * Use `create(StartAuthenticationResponseSchema)` to create a new message.
 */
export declare const StartAuthenticationResponseSchema: GenMessage<StartAuthenticationResponse>;
/**
 * note, challenge expiration is stored in the notification service and therefore doesn't have to be provided
 * in the request. Expiration is looked up through the challenge.
 *
 * @generated from message river.FinishAuthenticationRequest
 */
export type FinishAuthenticationRequest = Message<"river.FinishAuthenticationRequest"> & {
    /**
     * user id of the user that wants to authenticate.
     *
     * For the response to be valid:
     * If delegate_sig is present, user_id must match delegate_sig signer address.
     * If delegate_sig is not present, user_id must match signature signer address.
     *
     * @generated from field: bytes user_id = 1;
     */
    userId: Uint8Array;
    /**
     * signature is calculated with the delegate keypair with:
     * ecdsa_sign(delegate_key, sha256(PREFIX || user_id || expiration || challenge)
     * with
     * PREFIX=NS_AUTH: (string with length 8)
     * user_id raw user id bytes (160 bits)
     * expiration is a 64 bits unix timestamp encoded in big endian
     * || means concatenation
     *
     * @generated from field: bytes signature = 2;
     */
    signature: Uint8Array;
    /**
     * delegate_sig contains signature of the
     * public key of the delegate keypair + the delegate_expiry_epoch_ms.
     * User's primary wallet is used to produce this signature.
     *
     * @generated from field: bytes delegate_sig = 3;
     */
    delegateSig: Uint8Array;
    /**
     * DelegateExpiry is the time when the delegate signature expires.
     *
     * @generated from field: int64 delegate_expiry_epoch_ms = 4;
     */
    delegateExpiryEpochMs: bigint;
    /**
     * challenge that must be signed to prove identity.
     *
     * @generated from field: bytes challenge = 5;
     */
    challenge: Uint8Array;
};
/**
 * Describes the message river.FinishAuthenticationRequest.
 * Use `create(FinishAuthenticationRequestSchema)` to create a new message.
 */
export declare const FinishAuthenticationRequestSchema: GenMessage<FinishAuthenticationRequest>;
/**
 * @generated from message river.FinishAuthenticationResponse
 */
export type FinishAuthenticationResponse = Message<"river.FinishAuthenticationResponse"> & {
    /**
     * session_token holds the token that must be provided in the AUTHORIZATION header when making
     * rpc calls to the NotificationService.
     *
     * @generated from field: string session_token = 1;
     */
    sessionToken: string;
};
/**
 * Describes the message river.FinishAuthenticationResponse.
 * Use `create(FinishAuthenticationResponseSchema)` to create a new message.
 */
export declare const FinishAuthenticationResponseSchema: GenMessage<FinishAuthenticationResponse>;
/**
 * AuthenticationService provides client functionality to obtain a session token that can be used
 * in the NotificationService.
 *
 * @generated from service river.AuthenticationService
 */
export declare const AuthenticationService: GenService<{
    /**
     * StartAuthentication returns a challenge that the client must sign to prove its identity.
     *
     * @generated from rpc river.AuthenticationService.StartAuthentication
     */
    startAuthentication: {
        methodKind: "unary";
        input: typeof StartAuthenticationRequestSchema;
        output: typeof StartAuthenticationResponseSchema;
    };
    /**
     * FinishAuthentication expects the signed challenge and if valid returns a session token
     * that can be used in the NotificationService.
     *
     * @generated from rpc river.AuthenticationService.FinishAuthentication
     */
    finishAuthentication: {
        methodKind: "unary";
        input: typeof FinishAuthenticationRequestSchema;
        output: typeof FinishAuthenticationResponseSchema;
    };
}>;
//# sourceMappingURL=auth_pb.d.ts.map