From 30f8c1e661d90c7a681278ed40be47b9b87b9e4f Mon Sep 17 00:00:00 2001
From: Support <support@noreply.localhost>
Date: Thu, 4 Dec 2025 20:02:16 +0000
Subject: [PATCH] Add client-side/hydraveil-operator.sh

---
 client-side/hydraveil-operator.sh | 143 ++++++++++++++++++++++++++++++
 1 file changed, 143 insertions(+)
 create mode 100644 client-side/hydraveil-operator.sh

diff --git a/client-side/hydraveil-operator.sh b/client-side/hydraveil-operator.sh
new file mode 100644
index 0000000..dc78023
--- /dev/null
+++ b/client-side/hydraveil-operator.sh
@@ -0,0 +1,143 @@
+#!/bin/bash
+
+usage() {
+    echo
+    echo "Usage: $0 <action>"
+    echo
+    echo "Actions:"
+    echo
+    echo "  initialize"
+    echo "  sign-contract <file>"
+    echo "  sign <endpoint>"
+    echo "  verify <endpoint> <signature>"
+    echo
+    exit 1
+}
+
+if [ -z "$1" ]; then
+    usage
+fi
+
+action=$1
+
+case $action in
+
+initialize)
+
+    if [ -f id_ed25519 ] || [ -f id_ed25519.pub ]; then
+        echo
+        echo "Error: The environment has already been initialized."
+        echo
+        exit 1
+    fi
+
+    openssl genpkey -out id_ed25519 -algorithm ED25519
+    openssl pkey -in id_ed25519 -pubout -out id_ed25519.pub
+
+    id_ed25519_pub="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
+
+    echo
+    echo "Public Key: $id_ed25519_pub"
+    echo
+    ;;
+
+sign)
+
+    if [ -z "$2" ]; then
+        usage
+    fi
+
+    temporary_file_1=$(mktemp)
+    trap 'rm -f $temporary_file_1' EXIT
+
+    temporary_file_2=$(mktemp)
+    trap 'rm -f $temporary_file_2' EXIT
+
+    echo -n "$2" >"$temporary_file_1"
+
+    openssl pkeyutl -sign -inkey id_ed25519 -rawin -in "$temporary_file_1" -out "$temporary_file_2"
+
+    id_ed25519_pub_hex="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
+    signature=$(base64 -w 0 <"$temporary_file_2")
+
+    echo
+    echo " Signature: ${signature:0:64}"
+    echo "              ${signature:64}"
+    echo
+    echo " Provider: $id_ed25519_pub_hex"
+    echo " Endpoint: $2"
+    echo
+    ;;
+
+verify)
+
+    if [ -z "$2" ] || [ -z "$3" ]; then
+        usage
+    fi
+
+    temporary_file_1=$(mktemp)
+    trap 'rm -f $temporary_file_1' EXIT
+
+    temporary_file_2=$(mktemp)
+    trap 'rm -f $temporary_file_2' EXIT
+
+    echo -n "$2" >"$temporary_file_1"
+    echo -n "$3" | base64 --decode >"$temporary_file_2"
+
+    echo
+    openssl pkeyutl -verify -inkey id_ed25519 -rawin -in "$temporary_file_1" -sigfile "$temporary_file_2"
+    echo
+    ;;
+
+sign-contract)
+
+    if [ -z "$2" ]; then
+        usage
+    fi
+
+    temporary_file_1=$(mktemp)
+    trap 'rm -f $temporary_file_1' EXIT
+
+    temporary_file_2=$(mktemp)
+    trap 'rm -f $temporary_file_2' EXIT
+
+    file_path="$2"
+
+    # Check if the file exists
+    if [ ! -f "$file_path" ]; then
+    echo "File not found: $file_path"
+    exit 1
+    fi
+
+    # Compute the SHA-512 hash
+    sha512_hash=$(sha512sum "$file_path" | awk '{print $1}')
+
+    # Store in temp file:
+    echo -n "$sha512_hash" >"$temporary_file_1"
+
+    # sign it:
+    openssl pkeyutl -sign -inkey id_ed25519 -rawin -in "$temporary_file_1" -out "$temporary_file_2"
+
+    id_ed25519_pub_hex="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
+    signature=$(base64 -w 0 <"$temporary_file_2")
+
+    echo
+    echo
+    echo "SHA-512 hash of the Contract $file_path:"
+    echo "$sha512_hash"
+    echo
+    echo "Operator's Public Key:"
+    echo "$id_ed25519_pub_hex"
+    echo
+    echo "Signature of Contract:"
+    echo "${signature}"
+    echo
+    ;;
+
+
+*)
+
+    usage
+    ;;
+
+esac