Merge pull request #2 from dusk-network/docs/v01-release-docs

Consolidate v0.1 Wallet + Connect docs

Author: HDauven

README.md

@@ -9,11 +9,14 @@ A tiny, framework-agnostic SDK for **Dusk wallet discovery + dApp integration**.
 - Includes an **optional connect modal** (conceptually similar to a very small Reown/AppKit)
 - Includes an optional **connect button** (`<dusk-connect-button />`) for drop-in UI
 
-This SDK targets the wallet provider described in the
-[Dusk Wallet provider API](https://github.com/dusk-network/wallet/blob/main/docs/provider-api.md).
-The discovery protocol itself is specified in [docs/wallet-discovery.md](./docs/wallet-discovery.md).
-If you're implementing a wallet, start with
-[docs/wallet-implementer.md](./docs/wallet-implementer.md).
+Canonical v0.1 docs:
+
+- Provider API: [dusk-network/wallet docs/provider-api.md](https://github.com/dusk-network/wallet/blob/main/docs/provider-api.md)
+- Discovery protocol: [docs/wallet-discovery.md](./docs/wallet-discovery.md)
+- Connect SDK usage: this README
+- Wallet implementer guidance: [docs/wallet-implementer.md](./docs/wallet-implementer.md)
+- Security/threat model: [dusk-network/wallet docs/SECURITY.md](https://github.com/dusk-network/wallet/blob/main/docs/SECURITY.md)
+- v0.1 release checklist: [docs/RELEASE_CHECKLIST_v0.1.md](./docs/RELEASE_CHECKLIST_v0.1.md)
 
 Wallet discovery is **event-based**, not singleton-based:
 
@@ -508,7 +511,11 @@ Example (served from your own site):
     console.log("Dusk Wallet not installed");
   } else {
     await wallet.connect();
-    await wallet.sendTransfer({ to: "<base58>", amount: parseDuskToLux("1") });
+    await wallet.sendTransfer({
+      privacy: "public",
+      to: "<base58-public-account-id>",
+      amount: parseDuskToLux("1"),
+    });
   }
 </script>
 ```

docs/RELEASE_CHECKLIST_v0.1.md

@@ -0,0 +1,36 @@
+# v0.1 Release Checklist
+
+This is the canonical Dusk Wallet + Connect v0.1 release checklist. It links to
+the owner docs instead of restating their full specifications.
+
+## Canonical Docs
+
+- [ ] Wallet provider API is current in `dusk-network/wallet/docs/provider-api.md`.
+- [ ] Discovery protocol is current in `dusk-network/connect/docs/wallet-discovery.md`.
+- [ ] Connect SDK usage is current in `dusk-network/connect/README.md`.
+- [ ] Wallet implementer guidance is current in `dusk-network/connect/docs/wallet-implementer.md`.
+- [ ] Security/threat model is current in `dusk-network/wallet/docs/SECURITY.md`.
+- [ ] Vulnerability reporting contact or private reporting instructions are present and non-placeholder in `dusk-network/wallet/docs/SECURITY.md`.
+
+## Provider Surface
+
+- [ ] Public docs use `dusk_requestProfiles`, `dusk_profiles`, and `profilesChanged`.
+- [ ] `shieldedAddress` is documented as present only after explicit approval.
+- [ ] Deprecated account-style APIs are absent from v0.1 examples or clearly marked deprecated.
+- [ ] Wallet `providerSurface` constants, provider docs, Connect README, and conformance tests agree on RPC methods.
+- [ ] Error codes, permissions, limits, and event names match the wallet provider API.
+
+## Verification
+
+- [ ] Wallet conformance tests pass.
+- [ ] Connect conformance tests pass.
+- [ ] Wallet build passes for supported extension targets.
+- [ ] Connect build passes and generated types match source.
+- [ ] Remaining v0.1 ambiguities are listed in the release notes or final audit report.
+
+## Release Hygiene
+
+- [ ] Version numbers and package metadata match the intended v0.1 release.
+- [ ] Published package contents and extension artifacts are validated from clean builds.
+- [ ] Dependency update and security advisory PRs are triaged before release tagging.
+- [ ] Vulnerability reporting instructions are checked after branch/tag publication.

docs/wallet-discovery.md

@@ -1,6 +1,9 @@
 # Dusk Wallet Discovery Standard
 
-This document defines the canonical browser discovery flow for Dusk wallets.
+This document is the canonical browser discovery protocol for Dusk wallets.
+It deliberately does not duplicate the provider RPC specification. The
+provider API is owned by
+[dusk-network/wallet docs/provider-api.md](https://github.com/dusk-network/wallet/blob/main/docs/provider-api.md).
 
 If you want an implementer-oriented walkthrough with a minimal provider fixture,
 see [wallet-implementer.md](./wallet-implementer.md).
@@ -78,9 +81,17 @@ Expected semantics:
 
 Wallets should keep `uuid` stable across page loads and product versions. dApps should de-duplicate discovered wallets by `uuid`.
 
-## Provider Contract
+## Provider Summary
 
-The announced `provider` should expose the Dusk provider API:
+Discovery only hands the dApp a provider object. The current v0.1 provider
+identity model is profile-based:
+
+- connect with `dusk_requestProfiles`
+- read current grants with `dusk_profiles`
+- listen for `profilesChanged`
+- request a `shieldedAddress` only through explicit user approval
+
+The provider should expose:
 
 - `request({ method, params })`
 - `on`, `once`, `off`, `removeListener`, `removeAllListeners`
@@ -90,21 +101,9 @@ The announced `provider` should expose the Dusk provider API:
 - `isAuthorized`
 - `isDusk === true`
 
-RPC methods remain Dusk-prefixed:
-
-- `dusk_getCapabilities`
-- `dusk_requestProfiles`
-- `dusk_profiles`
-- `dusk_requestShieldedAddress`
-- `dusk_chainId`
-- `dusk_switchNetwork`
-- `dusk_getPublicBalance`
-- `dusk_estimateGas`
-- `dusk_sendTransaction`
-- `dusk_watchAsset`
-- `dusk_signMessage`
-- `dusk_signAuth`
-- `dusk_disconnect`
+See the wallet repo's
+[provider API](https://github.com/dusk-network/wallet/blob/main/docs/provider-api.md)
+for the canonical method, event, error, permission, and limit definitions.
 
 ## Selection Rules
 

docs/wallet-implementer.md

@@ -1,7 +1,15 @@
 # Dusk Wallet Implementer Guide
 
 This guide is for wallet teams that want to expose a Dusk provider compatible
-with `@dusk-network/connect`.
+with `@dusk-network/connect` and the v0.1 Dusk Wallet provider API.
+
+Canonical source ownership:
+
+- Discovery protocol: [wallet-discovery.md](./wallet-discovery.md)
+- Provider API: [dusk-network/wallet docs/provider-api.md](https://github.com/dusk-network/wallet/blob/main/docs/provider-api.md)
+- Security/threat model: [dusk-network/wallet docs/SECURITY.md](https://github.com/dusk-network/wallet/blob/main/docs/SECURITY.md)
+- Runnable SDK fixture: `examples/reference-wallet/`
+- SDK conformance coverage: `src/wallet-implementer.integration.test.ts`
 
 Discovery is event-based:
 
@@ -56,9 +64,10 @@ type DuskProfile = {
 };
 ```
 
-## RPC Methods
+## RPC Method Summary
 
-Wallets should expose the Dusk Send provider methods:
+The wallet repo's provider API is the canonical source for method parameters,
+permissions, errors, and limits. Wallets should expose these v0.1 methods:
 
 - `dusk_getCapabilities`
 - `dusk_requestProfiles`

src/discovery.conformance.test.ts

@@ -36,6 +36,19 @@ function extractSectionBacktickedBullets(markdown: string, sectionTitle: string)
   return out;
 }
 
+function extractCallObjectArgs(source: string, callName: string): string[] {
+  const out: string[] = [];
+  const re = new RegExp(`${callName}\\s*\\(\\s*\\{([\\s\\S]*?)\\}\\s*\\)`, "g");
+
+  for (;;) {
+    const match = re.exec(source);
+    if (!match) break;
+    out.push(match[1] ?? "");
+  }
+
+  return out;
+}
+
 describe("Discovery Conformance", () => {
   it("docs/wallet-discovery.md matches exported discovery events and info fields", async () => {
     const docPath = path.resolve(process.cwd(), "docs", "wallet-discovery.md");
@@ -88,4 +101,27 @@ describe("Discovery Conformance", () => {
       }
     }
   });
+
+  it("README documents the canonical v0.1 doc owners", async () => {
+    const readmePath = path.resolve(process.cwd(), "README.md");
+    const md = await readFile(readmePath, "utf8");
+
+    expect(md).toContain("Provider API");
+    expect(md).toContain("Discovery protocol");
+    expect(md).toContain("Connect SDK usage");
+    expect(md).toContain("Wallet implementer guidance");
+    expect(md).toContain("Security/threat model");
+    expect(md).toContain("v0.1 release checklist");
+  });
+
+  it("README sendTransfer examples include required transfer privacy", async () => {
+    const readmePath = path.resolve(process.cwd(), "README.md");
+    const md = await readFile(readmePath, "utf8");
+    const examples = extractCallObjectArgs(md, "sendTransfer");
+
+    expect(examples.length).toBeGreaterThan(0);
+    for (const example of examples) {
+      expect(example, example).toMatch(/\bprivacy\s*:\s*["'](?:public|shielded)["']/);
+    }
+  });
 });