@aspect-wallet/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (164) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/LICENSE +21 -0
  3. package/README.md +708 -0
  4. package/dist/audit/history.d.ts +44 -0
  5. package/dist/audit/history.d.ts.map +1 -0
  6. package/dist/audit/history.js +80 -0
  7. package/dist/audit/history.js.map +1 -0
  8. package/dist/auth/email.d.ts +52 -0
  9. package/dist/auth/email.d.ts.map +1 -0
  10. package/dist/auth/email.js +66 -0
  11. package/dist/auth/email.js.map +1 -0
  12. package/dist/auth/oauth.d.ts +47 -0
  13. package/dist/auth/oauth.d.ts.map +1 -0
  14. package/dist/auth/oauth.js +103 -0
  15. package/dist/auth/oauth.js.map +1 -0
  16. package/dist/auth/passkey-auth.d.ts +39 -0
  17. package/dist/auth/passkey-auth.d.ts.map +1 -0
  18. package/dist/auth/passkey-auth.js +108 -0
  19. package/dist/auth/passkey-auth.js.map +1 -0
  20. package/dist/auth/session.d.ts +30 -0
  21. package/dist/auth/session.d.ts.map +1 -0
  22. package/dist/auth/session.js +61 -0
  23. package/dist/auth/session.js.map +1 -0
  24. package/dist/chain/registry.d.ts +25 -0
  25. package/dist/chain/registry.d.ts.map +1 -0
  26. package/dist/chain/registry.js +46 -0
  27. package/dist/chain/registry.js.map +1 -0
  28. package/dist/core/client.d.ts +78 -0
  29. package/dist/core/client.d.ts.map +1 -0
  30. package/dist/core/client.js +129 -0
  31. package/dist/core/client.js.map +1 -0
  32. package/dist/core/config.d.ts +22 -0
  33. package/dist/core/config.d.ts.map +1 -0
  34. package/dist/core/config.js +91 -0
  35. package/dist/core/config.js.map +1 -0
  36. package/dist/core/errors.d.ts +32 -0
  37. package/dist/core/errors.d.ts.map +1 -0
  38. package/dist/core/errors.js +95 -0
  39. package/dist/core/errors.js.map +1 -0
  40. package/dist/index.d.ts +55 -0
  41. package/dist/index.d.ts.map +1 -0
  42. package/dist/index.js +64 -0
  43. package/dist/index.js.map +1 -0
  44. package/dist/mfa/guardian.d.ts +27 -0
  45. package/dist/mfa/guardian.d.ts.map +1 -0
  46. package/dist/mfa/guardian.js +37 -0
  47. package/dist/mfa/guardian.js.map +1 -0
  48. package/dist/mfa/multisig.d.ts +28 -0
  49. package/dist/mfa/multisig.d.ts.map +1 -0
  50. package/dist/mfa/multisig.js +40 -0
  51. package/dist/mfa/multisig.js.map +1 -0
  52. package/dist/mfa/tiers.d.ts +34 -0
  53. package/dist/mfa/tiers.d.ts.map +1 -0
  54. package/dist/mfa/tiers.js +66 -0
  55. package/dist/mfa/tiers.js.map +1 -0
  56. package/dist/mfa/timelock.d.ts +32 -0
  57. package/dist/mfa/timelock.d.ts.map +1 -0
  58. package/dist/mfa/timelock.js +47 -0
  59. package/dist/mfa/timelock.js.map +1 -0
  60. package/dist/recovery/devices.d.ts +31 -0
  61. package/dist/recovery/devices.d.ts.map +1 -0
  62. package/dist/recovery/devices.js +33 -0
  63. package/dist/recovery/devices.js.map +1 -0
  64. package/dist/recovery/export.d.ts +33 -0
  65. package/dist/recovery/export.d.ts.map +1 -0
  66. package/dist/recovery/export.js +44 -0
  67. package/dist/recovery/export.js.map +1 -0
  68. package/dist/recovery/rotation.d.ts +26 -0
  69. package/dist/recovery/rotation.d.ts.map +1 -0
  70. package/dist/recovery/rotation.js +31 -0
  71. package/dist/recovery/rotation.js.map +1 -0
  72. package/dist/recovery/social.d.ts +33 -0
  73. package/dist/recovery/social.d.ts.map +1 -0
  74. package/dist/recovery/social.js +36 -0
  75. package/dist/recovery/social.js.map +1 -0
  76. package/dist/security/freeze.d.ts +34 -0
  77. package/dist/security/freeze.d.ts.map +1 -0
  78. package/dist/security/freeze.js +42 -0
  79. package/dist/security/freeze.js.map +1 -0
  80. package/dist/security/revoke.d.ts +27 -0
  81. package/dist/security/revoke.d.ts.map +1 -0
  82. package/dist/security/revoke.js +27 -0
  83. package/dist/security/revoke.js.map +1 -0
  84. package/dist/security/watchtower.d.ts +34 -0
  85. package/dist/security/watchtower.d.ts.map +1 -0
  86. package/dist/security/watchtower.js +38 -0
  87. package/dist/security/watchtower.js.map +1 -0
  88. package/dist/session-keys/manager.d.ts +40 -0
  89. package/dist/session-keys/manager.d.ts.map +1 -0
  90. package/dist/session-keys/manager.js +65 -0
  91. package/dist/session-keys/manager.js.map +1 -0
  92. package/dist/session-keys/permissions.d.ts +44 -0
  93. package/dist/session-keys/permissions.d.ts.map +1 -0
  94. package/dist/session-keys/permissions.js +63 -0
  95. package/dist/session-keys/permissions.js.map +1 -0
  96. package/dist/session-keys/templates.d.ts +49 -0
  97. package/dist/session-keys/templates.d.ts.map +1 -0
  98. package/dist/session-keys/templates.js +65 -0
  99. package/dist/session-keys/templates.js.map +1 -0
  100. package/dist/signer/eoa.d.ts +24 -0
  101. package/dist/signer/eoa.d.ts.map +1 -0
  102. package/dist/signer/eoa.js +32 -0
  103. package/dist/signer/eoa.js.map +1 -0
  104. package/dist/signer/interface.d.ts +60 -0
  105. package/dist/signer/interface.d.ts.map +1 -0
  106. package/dist/signer/interface.js +47 -0
  107. package/dist/signer/interface.js.map +1 -0
  108. package/dist/signer/multisig.d.ts +38 -0
  109. package/dist/signer/multisig.d.ts.map +1 -0
  110. package/dist/signer/multisig.js +56 -0
  111. package/dist/signer/multisig.js.map +1 -0
  112. package/dist/signer/passkey.d.ts +35 -0
  113. package/dist/signer/passkey.d.ts.map +1 -0
  114. package/dist/signer/passkey.js +112 -0
  115. package/dist/signer/passkey.js.map +1 -0
  116. package/dist/signer/session.d.ts +24 -0
  117. package/dist/signer/session.d.ts.map +1 -0
  118. package/dist/signer/session.js +32 -0
  119. package/dist/signer/session.js.map +1 -0
  120. package/dist/sponsor/paymaster.d.ts +27 -0
  121. package/dist/sponsor/paymaster.d.ts.map +1 -0
  122. package/dist/sponsor/paymaster.js +43 -0
  123. package/dist/sponsor/paymaster.js.map +1 -0
  124. package/dist/transport/api.d.ts +25 -0
  125. package/dist/transport/api.d.ts.map +1 -0
  126. package/dist/transport/api.js +79 -0
  127. package/dist/transport/api.js.map +1 -0
  128. package/dist/transport/bundler.d.ts +52 -0
  129. package/dist/transport/bundler.d.ts.map +1 -0
  130. package/dist/transport/bundler.js +109 -0
  131. package/dist/transport/bundler.js.map +1 -0
  132. package/dist/transport/iframe.d.ts +33 -0
  133. package/dist/transport/iframe.d.ts.map +1 -0
  134. package/dist/transport/iframe.js +131 -0
  135. package/dist/transport/iframe.js.map +1 -0
  136. package/dist/types.d.ts +366 -0
  137. package/dist/types.d.ts.map +1 -0
  138. package/dist/types.js +6 -0
  139. package/dist/types.js.map +1 -0
  140. package/dist/userop/builder.d.ts +75 -0
  141. package/dist/userop/builder.d.ts.map +1 -0
  142. package/dist/userop/builder.js +150 -0
  143. package/dist/userop/builder.js.map +1 -0
  144. package/dist/userop/encoding.d.ts +44 -0
  145. package/dist/userop/encoding.d.ts.map +1 -0
  146. package/dist/userop/encoding.js +99 -0
  147. package/dist/userop/encoding.js.map +1 -0
  148. package/dist/userop/gas.d.ts +35 -0
  149. package/dist/userop/gas.d.ts.map +1 -0
  150. package/dist/userop/gas.js +53 -0
  151. package/dist/userop/gas.js.map +1 -0
  152. package/dist/userop/hash.d.ts +34 -0
  153. package/dist/userop/hash.d.ts.map +1 -0
  154. package/dist/userop/hash.js +55 -0
  155. package/dist/userop/hash.js.map +1 -0
  156. package/dist/userop/nonce.d.ts +53 -0
  157. package/dist/userop/nonce.d.ts.map +1 -0
  158. package/dist/userop/nonce.js +79 -0
  159. package/dist/userop/nonce.js.map +1 -0
  160. package/dist/wallet/factory.d.ts +63 -0
  161. package/dist/wallet/factory.d.ts.map +1 -0
  162. package/dist/wallet/factory.js +63 -0
  163. package/dist/wallet/factory.js.map +1 -0
  164. package/package.json +70 -0
package/dist/index.d.ts ADDED
@@ -0,0 +1,55 @@
1
+ /**
2
+ * @aspect-wallet/sdk - FcxWallet SDK for ERC-4337 smart wallets.
3
+ *
4
+ * @example
5
+ * ```ts
6
+ * import { FcxWalletClient } from '@aspect-wallet/sdk';
7
+ *
8
+ * const client = new FcxWalletClient({
9
+ * apiKey: 'fcx_live_abc123...',
10
+ * chain: 'arbitrum-one',
11
+ * });
12
+ * ```
13
+ */
14
+ export { FcxWalletClient } from './core/client.js';
15
+ export { FcxError } from './core/errors.js';
16
+ export type { FcxErrorCode } from './core/errors.js';
17
+ export { ENTRYPOINT_V06, RIP7212_PRECOMPILE, ERC1967_IMPLEMENTATION_SLOT, P256_N, GAS_SAFETY_MARGIN, FEE_SAFETY_MARGIN, CHAIN_IDS, } from './core/config.js';
18
+ export { getUserOpHash } from './userop/hash.js';
19
+ export { UserOpBuilder } from './userop/builder.js';
20
+ export { encodeCallData, encodeBatchCallData, encodeInitCode } from './userop/encoding.js';
21
+ export { NonceManager } from './userop/nonce.js';
22
+ export { estimateGas, applyGasSafetyMargin } from './userop/gas.js';
23
+ export type { ISigner } from './signer/interface.js';
24
+ export { EoaSigner } from './signer/eoa.js';
25
+ export { PasskeySigner } from './signer/passkey.js';
26
+ export { SessionKeySigner } from './signer/session.js';
27
+ export { MultiSigCollector } from './signer/multisig.js';
28
+ export { encodeModuleSignature } from './signer/interface.js';
29
+ export { WalletFactory, computeWalletAddress } from './wallet/factory.js';
30
+ export { PaymasterClient } from './sponsor/paymaster.js';
31
+ export { AuthClient } from './auth/email.js';
32
+ export { OAuthClient } from './auth/oauth.js';
33
+ export { PasskeyAuthClient } from './auth/passkey-auth.js';
34
+ export { SessionManager } from './auth/session.js';
35
+ export { GuardianManager } from './mfa/guardian.js';
36
+ export { MultiSigManager } from './mfa/multisig.js';
37
+ export { TimelockManager } from './mfa/timelock.js';
38
+ export { TierSelector } from './mfa/tiers.js';
39
+ export { SessionKeyManager } from './session-keys/manager.js';
40
+ export { PermissionBuilder } from './session-keys/permissions.js';
41
+ export { SessionKeyTemplates } from './session-keys/templates.js';
42
+ export { SocialRecovery } from './recovery/social.js';
43
+ export { KeyRotation } from './recovery/rotation.js';
44
+ export { KeyExport } from './recovery/export.js';
45
+ export { DeviceManager } from './recovery/devices.js';
46
+ export { FreezeManager } from './security/freeze.js';
47
+ export { WatchtowerClient } from './security/watchtower.js';
48
+ export { RevokeManager } from './security/revoke.js';
49
+ export { AuditClient } from './audit/history.js';
50
+ export { ChainRegistry } from './chain/registry.js';
51
+ export { BundlerClient } from './transport/bundler.js';
52
+ export { ApiClient } from './transport/api.js';
53
+ export { IframeBridge } from './transport/iframe.js';
54
+ export type * from './types.js';
55
+ //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,2BAA2B,EAC3B,MAAM,EACN,iBAAiB,EACjB,iBAAiB,EACjB,SAAS,GACV,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAGpE,YAAY,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAG9D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAG1E,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAGzD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGnD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAGlE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAGtD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAGrD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAGjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAGpD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAGrD,mBAAmB,YAAY,CAAC"}
package/dist/index.js ADDED
@@ -0,0 +1,64 @@
1
+ /**
2
+ * @aspect-wallet/sdk - FcxWallet SDK for ERC-4337 smart wallets.
3
+ *
4
+ * @example
5
+ * ```ts
6
+ * import { FcxWalletClient } from '@aspect-wallet/sdk';
7
+ *
8
+ * const client = new FcxWalletClient({
9
+ * apiKey: 'fcx_live_abc123...',
10
+ * chain: 'arbitrum-one',
11
+ * });
12
+ * ```
13
+ */
14
+ // Core
15
+ export { FcxWalletClient } from './core/client.js';
16
+ export { FcxError } from './core/errors.js';
17
+ export { ENTRYPOINT_V06, RIP7212_PRECOMPILE, ERC1967_IMPLEMENTATION_SLOT, P256_N, GAS_SAFETY_MARGIN, FEE_SAFETY_MARGIN, CHAIN_IDS, } from './core/config.js';
18
+ // UserOp
19
+ export { getUserOpHash } from './userop/hash.js';
20
+ export { UserOpBuilder } from './userop/builder.js';
21
+ export { encodeCallData, encodeBatchCallData, encodeInitCode } from './userop/encoding.js';
22
+ export { NonceManager } from './userop/nonce.js';
23
+ export { estimateGas, applyGasSafetyMargin } from './userop/gas.js';
24
+ export { EoaSigner } from './signer/eoa.js';
25
+ export { PasskeySigner } from './signer/passkey.js';
26
+ export { SessionKeySigner } from './signer/session.js';
27
+ export { MultiSigCollector } from './signer/multisig.js';
28
+ export { encodeModuleSignature } from './signer/interface.js';
29
+ // Wallet
30
+ export { WalletFactory, computeWalletAddress } from './wallet/factory.js';
31
+ // Sponsor
32
+ export { PaymasterClient } from './sponsor/paymaster.js';
33
+ // Auth
34
+ export { AuthClient } from './auth/email.js';
35
+ export { OAuthClient } from './auth/oauth.js';
36
+ export { PasskeyAuthClient } from './auth/passkey-auth.js';
37
+ export { SessionManager } from './auth/session.js';
38
+ // MFA
39
+ export { GuardianManager } from './mfa/guardian.js';
40
+ export { MultiSigManager } from './mfa/multisig.js';
41
+ export { TimelockManager } from './mfa/timelock.js';
42
+ export { TierSelector } from './mfa/tiers.js';
43
+ // Session Keys
44
+ export { SessionKeyManager } from './session-keys/manager.js';
45
+ export { PermissionBuilder } from './session-keys/permissions.js';
46
+ export { SessionKeyTemplates } from './session-keys/templates.js';
47
+ // Recovery
48
+ export { SocialRecovery } from './recovery/social.js';
49
+ export { KeyRotation } from './recovery/rotation.js';
50
+ export { KeyExport } from './recovery/export.js';
51
+ export { DeviceManager } from './recovery/devices.js';
52
+ // Security
53
+ export { FreezeManager } from './security/freeze.js';
54
+ export { WatchtowerClient } from './security/watchtower.js';
55
+ export { RevokeManager } from './security/revoke.js';
56
+ // Audit
57
+ export { AuditClient } from './audit/history.js';
58
+ // Chain
59
+ export { ChainRegistry } from './chain/registry.js';
60
+ // Transport
61
+ export { BundlerClient } from './transport/bundler.js';
62
+ export { ApiClient } from './transport/api.js';
63
+ export { IframeBridge } from './transport/iframe.js';
64
+ //# sourceMappingURL=index.js.map
package/dist/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO;AACP,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,2BAA2B,EAC3B,MAAM,EACN,iBAAiB,EACjB,iBAAiB,EACjB,SAAS,GACV,MAAM,kBAAkB,CAAC;AAE1B,SAAS;AACT,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAIpE,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAE9D,SAAS;AACT,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE1E,UAAU;AACV,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO;AACP,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD,MAAM;AACN,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,eAAe;AACf,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAElE,WAAW;AACX,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,WAAW;AACX,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,QAAQ;AACR,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEjD,QAAQ;AACR,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,YAAY;AACZ,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC"}
package/dist/mfa/guardian.d.ts ADDED
@@ -0,0 +1,27 @@
1
+ /**
2
+ * Guardian co-signing management.
3
+ * Corresponds to SPEC-013 Section 8.2.
4
+ */
5
+ import type { Address, GuardianInfo } from '../types.js';
6
+ import { ApiClient } from '../transport/api.js';
7
+ /**
8
+ * Manages guardian relationships for MFA and recovery.
9
+ */
10
+ export declare class GuardianManager {
11
+ private readonly api;
12
+ constructor(api: ApiClient);
13
+ /** Add a guardian (requires owner signature) */
14
+ addGuardian(params: {
15
+ guardian: Address;
16
+ label: string;
17
+ }): Promise<void>;
18
+ /** Remove a guardian (requires owner signature, must stay above threshold) */
19
+ removeGuardian(guardian: Address): Promise<void>;
20
+ /** List all guardians for a wallet */
21
+ listGuardians(walletAddress: Address): Promise<GuardianInfo[]>;
22
+ /** Set the guardian threshold (K-of-N) */
23
+ setThreshold(threshold: number): Promise<void>;
24
+ /** Get the current threshold */
25
+ getThreshold(walletAddress: Address): Promise<number>;
26
+ }
27
+ //# sourceMappingURL=guardian.d.ts.map
package/dist/mfa/guardian.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"guardian.d.ts","sourceRoot":"","sources":["../../src/mfa/guardian.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;GAEG;AACH,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAE3C,gDAAgD;IAC1C,WAAW,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9E,8EAA8E;IACxE,cAAc,CAAC,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAItD,sCAAsC;IAChC,aAAa,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAIpE,0CAA0C;IACpC,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpD,gCAAgC;IAC1B,YAAY,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;CAM5D"}
package/dist/mfa/guardian.js ADDED
@@ -0,0 +1,37 @@
1
+ /**
2
+ * Guardian co-signing management.
3
+ * Corresponds to SPEC-013 Section 8.2.
4
+ */
5
+ /**
6
+ * Manages guardian relationships for MFA and recovery.
7
+ */
8
+ export class GuardianManager {
9
+ api;
10
+ constructor(api) {
11
+ this.api = api;
12
+ }
13
+ /** Add a guardian (requires owner signature) */
14
+ async addGuardian(params) {
15
+ await this.api.post('/mfa/guardians', params);
16
+ }
17
+ /** Remove a guardian (requires owner signature, must stay above threshold) */
18
+ async removeGuardian(guardian) {
19
+ await this.api.delete(`/mfa/guardians/${guardian}`);
20
+ }
21
+ /** List all guardians for a wallet */
22
+ async listGuardians(walletAddress) {
23
+ return this.api.get('/mfa/guardians', { wallet: walletAddress });
24
+ }
25
+ /** Set the guardian threshold (K-of-N) */
26
+ async setThreshold(threshold) {
27
+ await this.api.post('/mfa/threshold', { threshold });
28
+ }
29
+ /** Get the current threshold */
30
+ async getThreshold(walletAddress) {
31
+ const result = await this.api.get('/mfa/threshold', {
32
+ wallet: walletAddress,
33
+ });
34
+ return result.threshold;
35
+ }
36
+ }
37
+ //# sourceMappingURL=guardian.js.map
package/dist/mfa/guardian.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"guardian.js","sourceRoot":"","sources":["../../src/mfa/guardian.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;GAEG;AACH,MAAM,OAAO,eAAe;IACG;IAA7B,YAA6B,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAE/C,gDAAgD;IAChD,KAAK,CAAC,WAAW,CAAC,MAA4C;QAC5D,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAChD,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,cAAc,CAAC,QAAiB;QACpC,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,kBAAkB,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,sCAAsC;IACtC,KAAK,CAAC,aAAa,CAAC,aAAsB;QACxC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAiB,gBAAgB,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,0CAA0C;IAC1C,KAAK,CAAC,YAAY,CAAC,SAAiB;QAClC,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,gCAAgC;IAChC,KAAK,CAAC,YAAY,CAAC,aAAsB;QACvC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,CAAwB,gBAAgB,EAAE;YACzE,MAAM,EAAE,aAAa;SACtB,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,SAAS,CAAC;IAC1B,CAAC;CACF"}
package/dist/mfa/multisig.d.ts ADDED
@@ -0,0 +1,28 @@
1
+ /**
2
+ * Multi-sig operations for MFA.
3
+ * Corresponds to SPEC-013 Section 8.3.
4
+ */
5
+ import type { Address, MultiSigProposal, CallRequest } from '../types.js';
6
+ import { ApiClient } from '../transport/api.js';
7
+ /**
8
+ * Manages multi-sig transaction proposals and approvals.
9
+ */
10
+ export declare class MultiSigManager {
11
+ private readonly api;
12
+ constructor(api: ApiClient);
13
+ /**
14
+ * Propose a multi-sig transaction (owner signs first).
15
+ * Returns the proposal with current signature count.
16
+ */
17
+ proposeMultiSig(call: CallRequest): Promise<MultiSigProposal>;
18
+ /**
19
+ * Approve a multi-sig proposal (co-signer).
20
+ * If threshold is met, the UserOp is submitted automatically.
21
+ */
22
+ approveMultiSig(proposalId: string): Promise<MultiSigProposal>;
23
+ /** Get the status of a multi-sig proposal */
24
+ getProposal(proposalId: string): Promise<MultiSigProposal>;
25
+ /** List pending multi-sig proposals for a wallet */
26
+ listPending(walletAddress: Address): Promise<MultiSigProposal[]>;
27
+ }
28
+ //# sourceMappingURL=multisig.d.ts.map
package/dist/mfa/multisig.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"multisig.d.ts","sourceRoot":"","sources":["../../src/mfa/multisig.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAO,gBAAgB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/E,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;GAEG;AACH,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAE3C;;;OAGG;IACG,eAAe,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAQnE;;;OAGG;IACG,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIpE,6CAA6C;IACvC,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIhE,oDAAoD;IAC9C,WAAW,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;CAGvE"}
package/dist/mfa/multisig.js ADDED
@@ -0,0 +1,40 @@
1
+ /**
2
+ * Multi-sig operations for MFA.
3
+ * Corresponds to SPEC-013 Section 8.3.
4
+ */
5
+ /**
6
+ * Manages multi-sig transaction proposals and approvals.
7
+ */
8
+ export class MultiSigManager {
9
+ api;
10
+ constructor(api) {
11
+ this.api = api;
12
+ }
13
+ /**
14
+ * Propose a multi-sig transaction (owner signs first).
15
+ * Returns the proposal with current signature count.
16
+ */
17
+ async proposeMultiSig(call) {
18
+ return this.api.post('/mfa/multisig/propose', {
19
+ target: call.target,
20
+ value: call.value.toString(),
21
+ data: call.data,
22
+ });
23
+ }
24
+ /**
25
+ * Approve a multi-sig proposal (co-signer).
26
+ * If threshold is met, the UserOp is submitted automatically.
27
+ */
28
+ async approveMultiSig(proposalId) {
29
+ return this.api.post(`/mfa/multisig/${proposalId}/approve`, {});
30
+ }
31
+ /** Get the status of a multi-sig proposal */
32
+ async getProposal(proposalId) {
33
+ return this.api.get(`/mfa/multisig/${proposalId}`);
34
+ }
35
+ /** List pending multi-sig proposals for a wallet */
36
+ async listPending(walletAddress) {
37
+ return this.api.get('/mfa/multisig', { wallet: walletAddress });
38
+ }
39
+ }
40
+ //# sourceMappingURL=multisig.js.map
package/dist/mfa/multisig.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"multisig.js","sourceRoot":"","sources":["../../src/mfa/multisig.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;GAEG;AACH,MAAM,OAAO,eAAe;IACG;IAA7B,YAA6B,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAE/C;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,IAAiB;QACrC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAmB,uBAAuB,EAAE;YAC9D,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE;YAC5B,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,UAAkB;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAmB,iBAAiB,UAAU,UAAU,EAAE,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,6CAA6C;IAC7C,KAAK,CAAC,WAAW,CAAC,UAAkB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAmB,iBAAiB,UAAU,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,oDAAoD;IACpD,KAAK,CAAC,WAAW,CAAC,aAAsB;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAqB,eAAe,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;IACtF,CAAC;CACF"}
package/dist/mfa/tiers.d.ts ADDED
@@ -0,0 +1,34 @@
1
+ /**
2
+ * Step-up auth tier selection.
3
+ * Corresponds to SPEC-013 Section 8.1.
4
+ *
5
+ * Tier 1: Session key (value < 0.01 ETH + target in allowlist)
6
+ * Tier 2: Owner key (value < 1 ETH)
7
+ * Tier 3: Device + Guardian (value < 10 ETH)
8
+ * Tier 4: Multi-sig + Timelock (account management OR value >= 10 ETH)
9
+ */
10
+ import type { Address, Hex, SessionKeyPermissions } from '../types.js';
11
+ /** Auth tier levels */
12
+ export type AuthTier = 1 | 2 | 3 | 4;
13
+ /**
14
+ * Automatically selects the appropriate auth tier based on
15
+ * transaction value, target, and active session key permissions.
16
+ */
17
+ export declare class TierSelector {
18
+ /**
19
+ * Determine the required auth tier for a transaction.
20
+ *
21
+ * @param value - Transaction value in wei
22
+ * @param target - Target contract address
23
+ * @param selector - Function selector (first 4 bytes of callData)
24
+ * @param activeSessionPermissions - Permissions of any active session key
25
+ * @returns The required auth tier
26
+ */
27
+ static select(params: {
28
+ value: bigint;
29
+ target?: Address;
30
+ selector?: Hex;
31
+ activeSessionPermissions?: SessionKeyPermissions;
32
+ }): AuthTier;
33
+ }
34
+ //# sourceMappingURL=tiers.d.ts.map
package/dist/mfa/tiers.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tiers.d.ts","sourceRoot":"","sources":["../../src/mfa/tiers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEvE,uBAAuB;AACvB,MAAM,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AAiBrC;;;GAGG;AACH,qBAAa,YAAY;IACvB;;;;;;;;OAQG;IACH,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;QACpB,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,OAAO,CAAC;QACjB,QAAQ,CAAC,EAAE,GAAG,CAAC;QACf,wBAAwB,CAAC,EAAE,qBAAqB,CAAC;KAClD,GAAG,QAAQ;CAoCb"}
package/dist/mfa/tiers.js ADDED
@@ -0,0 +1,66 @@
1
+ /**
2
+ * Step-up auth tier selection.
3
+ * Corresponds to SPEC-013 Section 8.1.
4
+ *
5
+ * Tier 1: Session key (value < 0.01 ETH + target in allowlist)
6
+ * Tier 2: Owner key (value < 1 ETH)
7
+ * Tier 3: Device + Guardian (value < 10 ETH)
8
+ * Tier 4: Multi-sig + Timelock (account management OR value >= 10 ETH)
9
+ */
10
+ /** Tier thresholds in wei */
11
+ const TIER_THRESHOLDS = {
12
+ TIER_1_MAX: 10000000000000000n, // 0.01 ETH
13
+ TIER_2_MAX: 1000000000000000000n, // 1 ETH
14
+ TIER_3_MAX: 10000000000000000000n, // 10 ETH
15
+ };
16
+ /** Account management selectors that always require Tier 4 */
17
+ const TIER_4_SELECTORS = new Set([
18
+ '0xf2fde38b', // transferOwnership(address)
19
+ '0x79ba5097', // acceptOwnership()
20
+ '0x3659cfe6', // upgradeTo(address)
21
+ '0x4f1ef286', // upgradeToAndCall(address,bytes)
22
+ ]);
23
+ /**
24
+ * Automatically selects the appropriate auth tier based on
25
+ * transaction value, target, and active session key permissions.
26
+ */
27
+ export class TierSelector {
28
+ /**
29
+ * Determine the required auth tier for a transaction.
30
+ *
31
+ * @param value - Transaction value in wei
32
+ * @param target - Target contract address
33
+ * @param selector - Function selector (first 4 bytes of callData)
34
+ * @param activeSessionPermissions - Permissions of any active session key
35
+ * @returns The required auth tier
36
+ */
37
+ static select(params) {
38
+ const { value, target, selector, activeSessionPermissions } = params;
39
+ // Tier 4: Account management operations always
40
+ if (selector && TIER_4_SELECTORS.has(selector.slice(0, 10).toLowerCase())) {
41
+ return 4;
42
+ }
43
+ // Tier 4: Very high value (>= 10 ETH)
44
+ if (value >= TIER_THRESHOLDS.TIER_3_MAX) {
45
+ return 4;
46
+ }
47
+ // Tier 3: High value (< 10 ETH, >= 1 ETH)
48
+ if (value >= TIER_THRESHOLDS.TIER_2_MAX) {
49
+ return 3;
50
+ }
51
+ // Tier 2: Medium value (< 1 ETH, >= 0.01 ETH)
52
+ if (value >= TIER_THRESHOLDS.TIER_1_MAX) {
53
+ return 2;
54
+ }
55
+ // Tier 1: Low value + target in session allowlist
56
+ if (activeSessionPermissions && target && selector) {
57
+ const isAllowed = activeSessionPermissions.allowlist.some((entry) => entry.target.toLowerCase() === target.toLowerCase() &&
58
+ (entry.selector === '0xffffffff' || entry.selector.toLowerCase() === selector.slice(0, 10).toLowerCase()));
59
+ if (isAllowed)
60
+ return 1;
61
+ }
62
+ // Default to Tier 2 for low-value without active session
63
+ return 2;
64
+ }
65
+ }
66
+ //# sourceMappingURL=tiers.js.map
package/dist/mfa/tiers.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tiers.js","sourceRoot":"","sources":["../../src/mfa/tiers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAOH,6BAA6B;AAC7B,MAAM,eAAe,GAAG;IACtB,UAAU,EAAE,kBAAuB,EAAQ,WAAW;IACtD,UAAU,EAAE,oBAA0B,EAAM,QAAQ;IACpD,UAAU,EAAE,qBAA2B,EAAK,SAAS;CACtD,CAAC;AAEF,8DAA8D;AAC9D,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAS;IACvC,YAAY,EAAE,6BAA6B;IAC3C,YAAY,EAAE,oBAAoB;IAClC,YAAY,EAAE,qBAAqB;IACnC,YAAY,EAAE,kCAAkC;CACjD,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,OAAO,YAAY;IACvB;;;;;;;;OAQG;IACH,MAAM,CAAC,MAAM,CAAC,MAKb;QACC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,wBAAwB,EAAE,GAAG,MAAM,CAAC;QAErE,+CAA+C;QAC/C,IAAI,QAAQ,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC1E,OAAO,CAAC,CAAC;QACX,CAAC;QAED,sCAAsC;QACtC,IAAI,KAAK,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,CAAC;QACX,CAAC;QAED,0CAA0C;QAC1C,IAAI,KAAK,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,CAAC;QACX,CAAC;QAED,8CAA8C;QAC9C,IAAI,KAAK,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,CAAC;QACX,CAAC;QAED,kDAAkD;QAClD,IAAI,wBAAwB,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;YACnD,MAAM,SAAS,GAAG,wBAAwB,CAAC,SAAS,CAAC,IAAI,CACvD,CAAC,KAAK,EAAE,EAAE,CACR,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC,WAAW,EAAE;gBACnD,CAAC,KAAK,CAAC,QAAQ,KAAK,YAAY,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAC5G,CAAC;YACF,IAAI,SAAS;gBAAE,OAAO,CAAC,CAAC;QAC1B,CAAC;QAED,yDAAyD;QACzD,OAAO,CAAC,CAAC;IACX,CAAC;CACF"}
package/dist/mfa/timelock.d.ts ADDED
@@ -0,0 +1,32 @@
1
+ /**
2
+ * Timelock operations for high-value MFA (Tier 4).
3
+ * Corresponds to SPEC-013 Section 8.3.
4
+ */
5
+ import type { Address, TimelockOperation, CallRequest } from '../types.js';
6
+ import { ApiClient } from '../transport/api.js';
7
+ /**
8
+ * Manages timelocked operations that require a delay before execution.
9
+ * Used for Tier 4 operations (account management, high-value transfers).
10
+ */
11
+ export declare class TimelockManager {
12
+ private readonly api;
13
+ constructor(api: ApiClient);
14
+ /**
15
+ * Propose a timelocked operation (multi-sig + delay).
16
+ * The operation can only be executed after the timelock expires.
17
+ */
18
+ proposeWithTimelock(call: CallRequest, timelockDelay: number): Promise<TimelockOperation>;
19
+ /**
20
+ * Execute a timelocked operation after the delay has passed.
21
+ */
22
+ executeTimelocked(operationId: string): Promise<void>;
23
+ /**
24
+ * Cancel a pending timelocked operation (owner only).
25
+ */
26
+ cancelTimelocked(operationId: string): Promise<void>;
27
+ /** Get the status of a timelocked operation */
28
+ getStatus(operationId: string): Promise<TimelockOperation>;
29
+ /** List all pending timelocked operations for a wallet */
30
+ listPending(walletAddress: Address): Promise<TimelockOperation[]>;
31
+ }
32
+ //# sourceMappingURL=timelock.d.ts.map
package/dist/mfa/timelock.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"timelock.d.ts","sourceRoot":"","sources":["../../src/mfa/timelock.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAO,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;;GAGG;AACH,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAE3C;;;OAGG;IACG,mBAAmB,CACvB,IAAI,EAAE,WAAW,EACjB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,iBAAiB,CAAC;IAS7B;;OAEG;IACG,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3D;;OAEG;IACG,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1D,+CAA+C;IACzC,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAIhE,0DAA0D;IACpD,WAAW,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC;CAGxE"}
package/dist/mfa/timelock.js ADDED
@@ -0,0 +1,47 @@
1
+ /**
2
+ * Timelock operations for high-value MFA (Tier 4).
3
+ * Corresponds to SPEC-013 Section 8.3.
4
+ */
5
+ /**
6
+ * Manages timelocked operations that require a delay before execution.
7
+ * Used for Tier 4 operations (account management, high-value transfers).
8
+ */
9
+ export class TimelockManager {
10
+ api;
11
+ constructor(api) {
12
+ this.api = api;
13
+ }
14
+ /**
15
+ * Propose a timelocked operation (multi-sig + delay).
16
+ * The operation can only be executed after the timelock expires.
17
+ */
18
+ async proposeWithTimelock(call, timelockDelay) {
19
+ return this.api.post('/mfa/timelock/propose', {
20
+ target: call.target,
21
+ value: call.value.toString(),
22
+ data: call.data,
23
+ timelockDelay,
24
+ });
25
+ }
26
+ /**
27
+ * Execute a timelocked operation after the delay has passed.
28
+ */
29
+ async executeTimelocked(operationId) {
30
+ await this.api.post(`/mfa/timelock/${operationId}/execute`, {});
31
+ }
32
+ /**
33
+ * Cancel a pending timelocked operation (owner only).
34
+ */
35
+ async cancelTimelocked(operationId) {
36
+ await this.api.post(`/mfa/timelock/${operationId}/cancel`, {});
37
+ }
38
+ /** Get the status of a timelocked operation */
39
+ async getStatus(operationId) {
40
+ return this.api.get(`/mfa/timelock/${operationId}`);
41
+ }
42
+ /** List all pending timelocked operations for a wallet */
43
+ async listPending(walletAddress) {
44
+ return this.api.get('/mfa/timelock', { wallet: walletAddress });
45
+ }
46
+ }
47
+ //# sourceMappingURL=timelock.js.map
package/dist/mfa/timelock.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"timelock.js","sourceRoot":"","sources":["../../src/mfa/timelock.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;;GAGG;AACH,MAAM,OAAO,eAAe;IACG;IAA7B,YAA6B,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAE/C;;;OAGG;IACH,KAAK,CAAC,mBAAmB,CACvB,IAAiB,EACjB,aAAqB;QAErB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAoB,uBAAuB,EAAE;YAC/D,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE;YAC5B,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,aAAa;SACd,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,WAAmB;QACzC,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,WAAW,UAAU,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,WAAmB;QACxC,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,WAAW,SAAS,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,+CAA+C;IAC/C,KAAK,CAAC,SAAS,CAAC,WAAmB;QACjC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAoB,iBAAiB,WAAW,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,0DAA0D;IAC1D,KAAK,CAAC,WAAW,CAAC,aAAsB;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAsB,eAAe,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;IACvF,CAAC;CACF"}
package/dist/recovery/devices.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ /**
2
+ * Multi-device management.
3
+ * Corresponds to SPEC-013 Section 10.3.
4
+ */
5
+ import type { Address, DeviceInfo } from '../types.js';
6
+ import { ApiClient } from '../transport/api.js';
7
+ /**
8
+ * Device management module.
9
+ * Add/remove devices (passkeys) as validation modules on the smart account.
10
+ */
11
+ export declare class DeviceManager {
12
+ private readonly api;
13
+ constructor(api: ApiClient);
14
+ /**
15
+ * Add a new device (e.g., passkey on phone).
16
+ * Prompts passkey creation, installs WebAuthn validation module on-chain.
17
+ */
18
+ addDevice(params: {
19
+ name: string;
20
+ type: 'passkey' | 'turnkey';
21
+ moduleId: number;
22
+ }): Promise<DeviceInfo>;
23
+ /** List all registered devices for a wallet */
24
+ listDevices(walletAddress: Address): Promise<DeviceInfo[]>;
25
+ /**
26
+ * Remove a lost device (from any remaining device).
27
+ * Uninstalls the validation module -- device can no longer sign.
28
+ */
29
+ removeDevice(moduleId: number): Promise<void>;
30
+ }
31
+ //# sourceMappingURL=devices.d.ts.map
package/dist/recovery/devices.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../../src/recovery/devices.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;;GAGG;AACH,qBAAa,aAAa;IACZ,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAE3C;;;OAGG;IACG,SAAS,CAAC,MAAM,EAAE;QACtB,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;QAC5B,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,UAAU,CAAC;IAIvB,+CAA+C;IACzC,WAAW,CAAC,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAIhE;;;OAGG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGpD"}
package/dist/recovery/devices.js ADDED
@@ -0,0 +1,33 @@
1
+ /**
2
+ * Multi-device management.
3
+ * Corresponds to SPEC-013 Section 10.3.
4
+ */
5
+ /**
6
+ * Device management module.
7
+ * Add/remove devices (passkeys) as validation modules on the smart account.
8
+ */
9
+ export class DeviceManager {
10
+ api;
11
+ constructor(api) {
12
+ this.api = api;
13
+ }
14
+ /**
15
+ * Add a new device (e.g., passkey on phone).
16
+ * Prompts passkey creation, installs WebAuthn validation module on-chain.
17
+ */
18
+ async addDevice(params) {
19
+ return this.api.post('/recovery/devices', params);
20
+ }
21
+ /** List all registered devices for a wallet */
22
+ async listDevices(walletAddress) {
23
+ return this.api.get('/recovery/devices', { wallet: walletAddress });
24
+ }
25
+ /**
26
+ * Remove a lost device (from any remaining device).
27
+ * Uninstalls the validation module -- device can no longer sign.
28
+ */
29
+ async removeDevice(moduleId) {
30
+ await this.api.delete(`/recovery/devices/${moduleId}`);
31
+ }
32
+ }
33
+ //# sourceMappingURL=devices.js.map
package/dist/recovery/devices.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"devices.js","sourceRoot":"","sources":["../../src/recovery/devices.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;;GAGG;AACH,MAAM,OAAO,aAAa;IACK;IAA7B,YAA6B,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAE/C;;;OAGG;IACH,KAAK,CAAC,SAAS,CAAC,MAIf;QACC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAa,mBAAmB,EAAE,MAAM,CAAC,CAAC;IAChE,CAAC;IAED,+CAA+C;IAC/C,KAAK,CAAC,WAAW,CAAC,aAAsB;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAe,mBAAmB,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;IACpF,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;IACzD,CAAC;CACF"}
package/dist/recovery/export.d.ts ADDED
@@ -0,0 +1,33 @@
1
+ /**
2
+ * Key export from Turnkey enclave.
3
+ * Corresponds to SPEC-013 Section 10.4.
4
+ *
5
+ * Non-custodial guarantee: user can always export their private key,
6
+ * even if the app backend is down.
7
+ */
8
+ import type { KeyExportResult } from '../types.js';
9
+ import { ApiClient } from '../transport/api.js';
10
+ import { IframeBridge } from '../transport/iframe.js';
11
+ /**
12
+ * Key export module.
13
+ * Exports private keys from the Turnkey enclave via the signer iframe.
14
+ */
15
+ export declare class KeyExport {
16
+ private readonly api;
17
+ private readonly iframe;
18
+ constructor(api: ApiClient, iframe: IframeBridge | null);
19
+ /**
20
+ * Export the private key from the Turnkey enclave.
21
+ *
22
+ * Process:
23
+ * 1. SDK generates one-time keypair in browser
24
+ * 2. Sends public key to Turnkey enclave (via iframe)
25
+ * 3. Enclave encrypts user's key, returns blob
26
+ * 4. SDK decrypts locally
27
+ * 5. Returns raw private key
28
+ *
29
+ * Works even if the app backend is down (direct Turnkey communication).
30
+ */
31
+ exportKey(): Promise<KeyExportResult>;
32
+ }
33
+ //# sourceMappingURL=export.d.ts.map
package/dist/recovery/export.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"export.d.ts","sourceRoot":"","sources":["../../src/recovery/export.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEtD;;;GAGG;AACH,qBAAa,SAAS;IAElB,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,MAAM;gBADN,GAAG,EAAE,SAAS,EACd,MAAM,EAAE,YAAY,GAAG,IAAI;IAG9C;;;;;;;;;;;OAWG;IACG,SAAS,IAAI,OAAO,CAAC,eAAe,CAAC;CAa5C"}
package/dist/recovery/export.js ADDED
@@ -0,0 +1,44 @@
1
+ /**
2
+ * Key export from Turnkey enclave.
3
+ * Corresponds to SPEC-013 Section 10.4.
4
+ *
5
+ * Non-custodial guarantee: user can always export their private key,
6
+ * even if the app backend is down.
7
+ */
8
+ /**
9
+ * Key export module.
10
+ * Exports private keys from the Turnkey enclave via the signer iframe.
11
+ */
12
+ export class KeyExport {
13
+ api;
14
+ iframe;
15
+ constructor(api, iframe) {
16
+ this.api = api;
17
+ this.iframe = iframe;
18
+ }
19
+ /**
20
+ * Export the private key from the Turnkey enclave.
21
+ *
22
+ * Process:
23
+ * 1. SDK generates one-time keypair in browser
24
+ * 2. Sends public key to Turnkey enclave (via iframe)
25
+ * 3. Enclave encrypts user's key, returns blob
26
+ * 4. SDK decrypts locally
27
+ * 5. Returns raw private key
28
+ *
29
+ * Works even if the app backend is down (direct Turnkey communication).
30
+ */
31
+ async exportKey() {
32
+ if (this.iframe) {
33
+ const privateKey = await this.iframe.exportKey();
34
+ return {
35
+ privateKey,
36
+ address: '0x0000000000000000000000000000000000000000', // Will be resolved by iframe
37
+ warning: 'Store this securely. Anyone with this key can sign for your wallet.',
38
+ };
39
+ }
40
+ // Fallback: request via API
41
+ return this.api.post('/recovery/export', {});
42
+ }
43
+ }
44
+ //# sourceMappingURL=export.js.map
package/dist/recovery/export.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"export.js","sourceRoot":"","sources":["../../src/recovery/export.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH;;;GAGG;AACH,MAAM,OAAO,SAAS;IAED;IACA;IAFnB,YACmB,GAAc,EACd,MAA2B;QAD3B,QAAG,GAAH,GAAG,CAAW;QACd,WAAM,GAAN,MAAM,CAAqB;IAC3C,CAAC;IAEJ;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,SAAS;QACb,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACjD,OAAO;gBACL,UAAU;gBACV,OAAO,EAAE,4CAA4C,EAAE,6BAA6B;gBACpF,OAAO,EAAE,qEAAqE;aAC/E,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAkB,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAChE,CAAC;CACF"}