[V3] Upgrade ACC-based encryption + JWT signing

[hwrdtm]

What

Closes LIT-804.
Closes LIT-695.
Related to LIT-951.

⚠️ This is a massive PR. Brace yourself with some 🍿 and 🍵 !! ⚠️

This PR:

• Deserves a major version bump. We are completely overhauling the ACC-based encryption and JWT signing schemes with new schemes, and are bringing in a number of incompatible changes.
• ID-based encryption: This new scheme is also known as Timelock Encryption, or TimeCrypt, where there exists an Identity Parameter, and the signature over it is a decryption key over a ciphertext that has been generated with this Identity Parameter. In other words, signature shares - with the Identity Parameter as the signature payload - are combined into a signature, and this signature can be used to decrypt an associated ciphertext. Read more in the spec here: https://www.notion.so/litprotocol/Switch-from-Signcryption-to-BLS-signature-is-key-scheme-b75c21927ed64511b523c8a93b870a65.
  • Note that the encryption step is non-interactive and happens entirely client-side.
• ACC-based JWT Signing (V2): This new scheme simplifies the overall flow by baking into each dapp endpoint the required access control conditions directly. This means that there is no "store signing condition" step as dapp developers just write it into their dapp code and an additional check against the access control condition is performed there. When clients request for a signed JWT with claims of the specified access control condition, the signature of this JWT is only provided when the nodes determine that the user satisfy this access control condition. Read more in the spec here: https://www.notion.so/litprotocol/ACC-based-JWT-signing-V2-a4db1446bac54eea90b7ab08e5455246.
• The BLS WASM (bls-sdk.ts) is entirely replaced with new code. Unit tests are added to this package.
• The SDK no longer supports the jalapeno network moving forward. Developers can use the old SDK versions to continue using the old encryption and JWT signing schemes. serrano network is the new default.
• Updated crypto package to be a lightweight wrapper over bls-sdk package with minor conversion logic.
• Updated encryption package to replace the old encryption + JWT signing logic with the new schemes. This is becoming more a helper library over lit-node-client-nodejs and crypto.
• Refactored params-validators to use a plugin-based approach with various *Validators.
• Updated all manual tests in apps/html to use the new ID-based encryption and JWT signing schemes. You will notice quite a few test cases are removed since we no longer need to store encryption keys, or store signing conditions respectively.
• demo-encrypt-decrypt-react:
  • Turned this into a TS project.
  • Updated this demo to use the new ID-based encryption scheme - just a encryptString and decryptToString call.
• Implement demo-locked-express-app to demo the new JWT signing flow. Instructions in its README.md.
• Made use of generics in a number of places, eg. IEither, SuccessNodePromises and benchmark()

Testing

• A large number of HTML manual tests have been tested (against local network)
• E2E tests pass
• Unit tests pass

TODO

• Re-test demo-encrypt-decrypt-react after rebasing
• Re-test demo-locked-express-app after rebasing
• Update demo-encrypt-decrypt-react/package.json to use newly published SDK version.
• Update demo-locked-express-app/package.json to use newly published SDK version.
• Remove support for serrano too and introduce cayenne as the new default.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
html-test-app-lit-js-sdk-v2	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 11, 2023 5:44pm

[hwrdtm]

the types don't seem to be linking properly...

[hwrdtm]

I'm not sure why, but without wrapping each functionality with this cy.window() the wasm is undefined and not initialized

[hwrdtm]

TODO: need to update version once published.

[hwrdtm]

TODO: need to update version once published.

[hwrdtm]

Not sure why CI is failing, can't repro locally too with npx nx run auth-helpers:test

[Ansonhkg]

We probably want to refactor the IEither type at some point so we don't have to do this

[sarahzdev]

(can't seem to comment on the packages/bls-sdk/src/lib/bls-sdk.ts file directly)

maybe we should strive to keep casing consistent across the sdk

[joshLong145]

Closing as functionality has been merged into: https://github.com/LIT-Protocol/js-sdk/tree/feat/SDK-V3