WalletDaemonSigner
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:37
A Signer that delegates signing to a running wallet daemon over its JRPC interface,
using @tari-project/wallet_jrpc_client for all communication.
The wallet daemon holds the secret key and returns signatures, so the key never lives in JavaScript memory. This signer is suitable for server-side or trusted environment usage where the wallet daemon is reachable.
Stealth boundary (intentionally not implemented). Client-side stealth spending and
scanning need the raw view secret, which the daemon never exports — it keeps the key and
exposes its own server-side stealth JRPC instead (stealthTransfer, stealthUtxosList,
stealthUtxosDecryptValue, accountsAssociateStealthResource, viewVaultBalance on
@tari-project/wallet_jrpc_client). This signer therefore does not implement
Signer.addStealthSignature and its getViewSecret throws. For client-side stealth
spend, use SecretKeyWallet; for daemon-managed stealth, call the daemon’s stealth
JRPC methods directly. Daemon-delegated stealth wiring is future work.
Implements
Section titled “Implements”Signer
Methods
Section titled “Methods”fetchAccountInfo()
Section titled “fetchAccountInfo()”fetchAccountInfo():
Promise<void>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:142
Fetches the default account info from the daemon and caches it on this signer. Re-calls are idempotent — once cached, subsequent calls do not re-fetch.
Returns
Section titled “Returns”Promise<void>
Throws
Section titled “Throws”if the daemon’s accounts.get_default response is missing the
public key or address.
getAddress()
Section titled “getAddress()”getAddress():
Promise<string>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:80
Returns the component address derived from this signer’s public key.
Returns
Section titled “Returns”Promise<string>
Implementation of
Section titled “Implementation of”Signer.getAddress
getPublicKey()
Section titled “getPublicKey()”getPublicKey():
Promise<Uint8Array<ArrayBufferLike>>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:84
Returns the raw public key bytes for this signer.
Returns
Section titled “Returns”Promise<Uint8Array<ArrayBufferLike>>
Implementation of
Section titled “Implementation of”Signer.getPublicKey
getViewSecret()
Section titled “getViewSecret()”getViewSecret():
Promise<Uint8Array<ArrayBufferLike>>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:125
The daemon never exports its view secret, so client-side stealth scanning/spending is unsupported via this signer. Always throws — see the class doc for the server-side stealth JRPC alternative. Signer.addStealthSignature is likewise not implemented.
Returns
Section titled “Returns”Promise<Uint8Array<ArrayBufferLike>>
Throws
Section titled “Throws”always — the daemon never exports its view secret.
Implementation of
Section titled “Implementation of”Signer.getViewSecret
signTransaction()
Section titled “signTransaction()”signTransaction(
unsignedTx,sealPublicKey):Promise<TransactionSignature[]>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:106
Signs unsignedTx via the daemon’s transactions.sign JRPC. sealPublicKey is
forwarded as hex so the daemon hashes the transaction with the SAME seal public key the
SDK’s seal step uses — otherwise the per-signer hash and the seal hash diverge and the
engine rejects the envelope.
TODO(daemon): the transactions.sign JRPC’s acceptance of seal_public_key is unverified
against a running tari_ootle_walletd, and there is no capability/version handshake on the
typed client (v1.14.0 exposes only the generic sendRequest) to feature-detect support, so
this call cannot fail fast the way getViewSecret does. If the daemon ignores the
parameter and hashes with its own pk, the per-signer signatures will not verify and the
failure surfaces only LATE — at submit time — as the opaque engine error
"Transaction has one or more invalid signature(s)", not here. An unconditional throw is
deliberately NOT added: it would break a daemon build that does honour seal_public_key.
Until a daemon-side capability signal lands (tracked by this TODO), use
SecretKeyWallet for client-side signing — it is the supported signer for sealed
transactions.
Parameters
Section titled “Parameters”unsignedTx
Section titled “unsignedTx”UnsignedTransactionV1
sealPublicKey
Section titled “sealPublicKey”Uint8Array
Returns
Section titled “Returns”Promise<TransactionSignature[]>
Implementation of
Section titled “Implementation of”Signer.signTransaction
connect()
Section titled “connect()”
staticconnect(options):Promise<WalletDaemonSigner>
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:63
Connect to the daemon and cache the public key / address.
If no authToken is provided, automatically authenticates using the daemon’s
configured auth method. For WebAuthn, this triggers the browser’s passkey
registration or login flow.
Parameters
Section titled “Parameters”options
Section titled “options”WalletDaemonSignerOptions & AuthOptions
Returns
Section titled “Returns”Promise<WalletDaemonSigner>
staticnew(options):WalletDaemonSigner
Defined in: ootle-wallet-daemon-signer/src/wallet-daemon-signer.ts:50
Creates a new signer with the given auth token, without verifying connectivity.
Prefer connect() for eager validation and automatic authentication.
Parameters
Section titled “Parameters”options
Section titled “options”WalletDaemonSignerOptions & object
Returns
Section titled “Returns”WalletDaemonSigner