@aztec/wallet-sdk 0.0.1-commit.7d4e6cd → 0.0.1-commit.9372f48

package/dest/providers/extension/extension_wallet.d.ts

@@ -1,95 +0,0 @@
-import type { ChainInfo } from '@aztec/aztec.js/account';
-import { type Wallet } from '@aztec/aztec.js/wallet';
-import type { WalletInfo } from '../../types.js';
-/**
- * A wallet implementation that communicates with browser extension wallets
- * using a secure encrypted MessageChannel.
- *
- * This class establishes a private communication channel with a wallet extension
- * using the following security mechanisms:
- *
- * 1. **MessageChannel**: Creates a private communication channel that is not
- *    visible to other scripts on the page (unlike window.postMessage).
- *
- * 2. **ECDH Key Exchange**: Uses Elliptic Curve Diffie-Hellman to derive a
- *    shared secret between the dApp and wallet without transmitting private keys.
- *
- * 3. **AES-GCM Encryption**: All messages after channel establishment are
- *    encrypted using AES-256-GCM, providing both confidentiality and authenticity.
- *
- * @example
- * ```typescript
- * // Discovery returns wallet info including the wallet's public key
- * const wallets = await ExtensionProvider.discoverExtensions(chainInfo);
- * const walletInfo = wallets[0];
- *
- * // Create a secure connection to the wallet
- * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-dapp');
- *
- * // All subsequent calls are encrypted
- * const accounts = await wallet.getAccounts();
- * ```
- */
-export declare class ExtensionWallet {
-    private chainInfo;
-    private appId;
-    private extensionId;
-    /** Map of pending requests awaiting responses, keyed by message ID */
-    private inFlight;
-    /** The MessagePort for private communication with the extension */
-    private port;
-    /** The derived AES-GCM key for encrypting/decrypting messages */
-    private sharedKey;
-    /**
-     * Private constructor - use {@link ExtensionWallet.create} to instantiate.
-     * @param chainInfo - The chain information (chainId and version)
-     * @param appId - Application identifier for the requesting dApp
-     * @param extensionId - The unique identifier of the target wallet extension
-     */
-    private constructor();
-    /**
-     * Creates an ExtensionWallet instance that proxies wallet calls to a browser extension
-     * over a secure encrypted MessageChannel.
-     *
-     * The connection process:
-     * 1. Generates an ECDH key pair for this session
-     * 2. Derives a shared AES-256 key using the wallet's public key
-     * 3. Creates a MessageChannel and transfers one port to the extension
-     * 4. Returns a Proxy that encrypts all wallet method calls
-     *
-     * @param walletInfo - The discovered wallet information, including the wallet's ECDH public key
-     * @param chainInfo - The chain information (chainId and version) for request context
-     * @param appId - Application identifier used to identify the requesting dApp to the wallet
-     * @returns A Promise resolving to a Wallet implementation that encrypts all communication
-     *
-     * @throws Error if the secure channel cannot be established
-     *
-     * @example
-     * ```typescript
-     * const wallet = await ExtensionWallet.create(
-     *   walletInfo,
-     *   { chainId: Fr(31337), version: Fr(0) },
-     *   'my-defi-app'
-     * );
-     * ```
-     */
-    static create(walletInfo: WalletInfo, chainInfo: ChainInfo, appId: string): Promise<Wallet>;
-    private establishSecureChannel;
-    private handleEncryptedResponse;
-    private postMessage;
-    /**
-     * Closes the secure channel and cleans up resources.
-     *
-     * After calling this method, the wallet instance can no longer be used.
-     * Any pending requests will not receive responses.
-     *
-     * @example
-     * ```typescript
-     * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-app');
-     * // ... use wallet ...
-     * wallet.close(); // Clean up when done
-     * ```
-     */
-    close(): void;
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXh0ZW5zaW9uX3dhbGxldC5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3Byb3ZpZGVycy9leHRlbnNpb24vZXh0ZW5zaW9uX3dhbGxldC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssRUFBRSxTQUFTLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUN6RCxPQUFPLEVBQUUsS0FBSyxNQUFNLEVBQWdCLE1BQU0sd0JBQXdCLENBQUM7QUFnQm5FLE9BQU8sS0FBSyxFQUFrQixVQUFVLEVBQWlDLE1BQU0sZ0JBQWdCLENBQUM7QUFhaEc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0E0Qkc7QUFDSCxxQkFBYSxlQUFlO0lBaUJ4QixPQUFPLENBQUMsU0FBUztJQUNqQixPQUFPLENBQUMsS0FBSztJQUNiLE9BQU8sQ0FBQyxXQUFXO0lBbEJyQixzRUFBc0U7SUFDdEUsT0FBTyxDQUFDLFFBQVEsQ0FBb0Q7SUFFcEUsbUVBQW1FO0lBQ25FLE9BQU8sQ0FBQyxJQUFJLENBQTRCO0lBRXhDLGlFQUFpRTtJQUNqRSxPQUFPLENBQUMsU0FBUyxDQUEwQjtJQUUzQzs7Ozs7T0FLRztJQUNILE9BQU8sZUFJSDtJQUVKOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09BeUJHO0lBQ0gsT0FBYSxNQUFNLENBQUMsVUFBVSxFQUFFLFVBQVUsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLEtBQUssRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQXlCaEc7WUFjYSxzQkFBc0I7WUFxQ3RCLHVCQUF1QjtZQThDdkIsV0FBVztJQXdCekI7Ozs7Ozs7Ozs7OztPQVlHO0lBQ0gsS0FBSyxJQUFJLElBQUksQ0FPWjtDQUNGIn0=

package/dest/providers/extension/extension_wallet.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"extension_wallet.d.ts","sourceRoot":"","sources":["../../../src/providers/extension/extension_wallet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,wBAAwB,CAAC;AAgBnE,OAAO,KAAK,EAAkB,UAAU,EAAiC,MAAM,gBAAgB,CAAC;AAahG;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAe;IAiBxB,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,WAAW;IAlBrB,sEAAsE;IACtE,OAAO,CAAC,QAAQ,CAAoD;IAEpE,mEAAmE;IACnE,OAAO,CAAC,IAAI,CAA4B;IAExC,iEAAiE;IACjE,OAAO,CAAC,SAAS,CAA0B;IAE3C;;;;;OAKG;IACH,OAAO,eAIH;IAEJ;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACH,OAAa,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAyBhG;YAca,sBAAsB;YAqCtB,uBAAuB;YA8CvB,WAAW;IAwBzB;;;;;;;;;;;;OAYG;IACH,KAAK,IAAI,IAAI,CAOZ;CACF"}

package/dest/providers/extension/extension_wallet.js

@@ -1,225 +0,0 @@
-import { WalletSchema } from '@aztec/aztec.js/wallet';
-import { jsonStringify } from '@aztec/foundation/json-rpc';
-import { promiseWithResolvers } from '@aztec/foundation/promise';
-import { schemaHasMethod } from '@aztec/foundation/schemas';
-import { decrypt, deriveSharedKey, encrypt, exportPublicKey, generateKeyPair, importPublicKey } from '../../crypto.js';
-/**
- * A wallet implementation that communicates with browser extension wallets
- * using a secure encrypted MessageChannel.
- *
- * This class establishes a private communication channel with a wallet extension
- * using the following security mechanisms:
- *
- * 1. **MessageChannel**: Creates a private communication channel that is not
- *    visible to other scripts on the page (unlike window.postMessage).
- *
- * 2. **ECDH Key Exchange**: Uses Elliptic Curve Diffie-Hellman to derive a
- *    shared secret between the dApp and wallet without transmitting private keys.
- *
- * 3. **AES-GCM Encryption**: All messages after channel establishment are
- *    encrypted using AES-256-GCM, providing both confidentiality and authenticity.
- *
- * @example
- * ```typescript
- * // Discovery returns wallet info including the wallet's public key
- * const wallets = await ExtensionProvider.discoverExtensions(chainInfo);
- * const walletInfo = wallets[0];
- *
- * // Create a secure connection to the wallet
- * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-dapp');
- *
- * // All subsequent calls are encrypted
- * const accounts = await wallet.getAccounts();
- * ```
- */ export class ExtensionWallet {
-    chainInfo;
-    appId;
-    extensionId;
-    /** Map of pending requests awaiting responses, keyed by message ID */ inFlight;
-    /** The MessagePort for private communication with the extension */ port;
-    /** The derived AES-GCM key for encrypting/decrypting messages */ sharedKey;
-    /**
-   * Private constructor - use {@link ExtensionWallet.create} to instantiate.
-   * @param chainInfo - The chain information (chainId and version)
-   * @param appId - Application identifier for the requesting dApp
-   * @param extensionId - The unique identifier of the target wallet extension
-   */ constructor(chainInfo, appId, extensionId){
-        this.chainInfo = chainInfo;
-        this.appId = appId;
-        this.extensionId = extensionId;
-        this.inFlight = new Map();
-        this.port = null;
-        this.sharedKey = null;
-    }
-    /**
-   * Creates an ExtensionWallet instance that proxies wallet calls to a browser extension
-   * over a secure encrypted MessageChannel.
-   *
-   * The connection process:
-   * 1. Generates an ECDH key pair for this session
-   * 2. Derives a shared AES-256 key using the wallet's public key
-   * 3. Creates a MessageChannel and transfers one port to the extension
-   * 4. Returns a Proxy that encrypts all wallet method calls
-   *
-   * @param walletInfo - The discovered wallet information, including the wallet's ECDH public key
-   * @param chainInfo - The chain information (chainId and version) for request context
-   * @param appId - Application identifier used to identify the requesting dApp to the wallet
-   * @returns A Promise resolving to a Wallet implementation that encrypts all communication
-   *
-   * @throws Error if the secure channel cannot be established
-   *
-   * @example
-   * ```typescript
-   * const wallet = await ExtensionWallet.create(
-   *   walletInfo,
-   *   { chainId: Fr(31337), version: Fr(0) },
-   *   'my-defi-app'
-   * );
-   * ```
-   */ static async create(walletInfo, chainInfo, appId) {
-        const wallet = new ExtensionWallet(chainInfo, appId, walletInfo.id);
-        if (!walletInfo.publicKey) {
-            throw new Error('Wallet does not support secure channel establishment (missing public key)');
-        }
-        await wallet.establishSecureChannel(walletInfo.publicKey);
-        // Create a Proxy that intercepts wallet method calls and forwards them to the extension
-        return new Proxy(wallet, {
-            get: (target, prop)=>{
-                if (schemaHasMethod(WalletSchema, prop.toString())) {
-                    return async (...args)=>{
-                        const result = await target.postMessage({
-                            type: prop.toString(),
-                            args
-                        });
-                        return WalletSchema[prop.toString()].returnType().parseAsync(result);
-                    };
-                } else {
-                    return target[prop];
-                }
-            }
-        });
-    }
-    /**
-   * Establishes a secure MessageChannel with ECDH key exchange.
-   *
-   * This method performs the cryptographic handshake:
-   * 1. Generates a new ECDH P-256 key pair for this session
-   * 2. Imports the wallet's public key and derives a shared secret
-   * 3. Creates a MessageChannel for private communication
-   * 4. Sends a connection request with our public key via window.postMessage
-   *    (this is the only public message - subsequent communication uses the private channel)
-   *
-   * @param walletExportedPublicKey - The wallet's ECDH public key in JWK format
-   */ async establishSecureChannel(walletExportedPublicKey) {
-        const keyPair = await generateKeyPair();
-        const exportedPublicKey = await exportPublicKey(keyPair.publicKey);
-        const walletPublicKey = await importPublicKey(walletExportedPublicKey);
-        this.sharedKey = await deriveSharedKey(keyPair.privateKey, walletPublicKey);
-        const channel = new MessageChannel();
-        this.port = channel.port1;
-        this.port.onmessage = async (event)=>{
-            await this.handleEncryptedResponse(event.data);
-        };
-        this.port.start();
-        // Send connection request with our public key and transfer port2 to content script
-        // This is the only public postMessage - it contains our public key (safe to expose)
-        // and transfers the MessagePort for subsequent private communication
-        const connectRequest = {
-            type: 'aztec-wallet-connect',
-            walletId: this.extensionId,
-            appId: this.appId,
-            publicKey: exportedPublicKey
-        };
-        window.postMessage(jsonStringify(connectRequest), '*', [
-            channel.port2
-        ]);
-    }
-    /**
-   * Handles an encrypted response received from the wallet extension.
-   *
-   * Decrypts the response using the shared AES key and resolves or rejects
-   * the corresponding pending promise based on the response content.
-   *
-   * @param encrypted - The encrypted response from the wallet
-   */ async handleEncryptedResponse(encrypted) {
-        if (!this.sharedKey) {
-            return;
-        }
-        try {
-            const response = await decrypt(this.sharedKey, encrypted);
-            const { messageId, result, error, walletId: responseWalletId } = response;
-            if (!messageId || !responseWalletId) {
-                return;
-            }
-            if (this.extensionId !== responseWalletId) {
-                return;
-            }
-            if (!this.inFlight.has(messageId)) {
-                return;
-            }
-            const { resolve, reject } = this.inFlight.get(messageId);
-            if (error) {
-                reject(new Error(jsonStringify(error)));
-            } else {
-                resolve(result);
-            }
-            this.inFlight.delete(messageId);
-        // eslint-disable-next-line no-empty
-        } catch  {}
-    }
-    /**
-   * Sends an encrypted wallet method call over the secure MessageChannel.
-   *
-   * The message is encrypted using AES-256-GCM with the shared key derived
-   * during channel establishment. A unique message ID is generated to correlate
-   * the response.
-   *
-   * @param call - The wallet method call containing method name and arguments
-   * @returns A Promise that resolves with the decrypted result from the wallet
-   *
-   * @throws Error if the secure channel has not been established
-   */ async postMessage(call) {
-        if (!this.port || !this.sharedKey) {
-            throw new Error('Secure channel not established');
-        }
-        const messageId = globalThis.crypto.randomUUID();
-        const message = {
-            type: call.type,
-            args: call.args,
-            messageId,
-            chainInfo: this.chainInfo,
-            appId: this.appId,
-            walletId: this.extensionId
-        };
-        // Encrypt the message and send over the private MessageChannel
-        const encrypted = await encrypt(this.sharedKey, message);
-        this.port.postMessage(encrypted);
-        const { promise, resolve, reject } = promiseWithResolvers();
-        this.inFlight.set(messageId, {
-            promise,
-            resolve,
-            reject
-        });
-        return promise;
-    }
-    /**
-   * Closes the secure channel and cleans up resources.
-   *
-   * After calling this method, the wallet instance can no longer be used.
-   * Any pending requests will not receive responses.
-   *
-   * @example
-   * ```typescript
-   * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-app');
-   * // ... use wallet ...
-   * wallet.close(); // Clean up when done
-   * ```
-   */ close() {
-        if (this.port) {
-            this.port.close();
-            this.port = null;
-        }
-        this.sharedKey = null;
-        this.inFlight.clear();
-    }
-}

package/dest/providers/extension/index.d.ts

@@ -1,5 +0,0 @@
-export { ExtensionWallet } from './extension_wallet.js';
-export { ExtensionProvider } from './extension_provider.js';
-export * from '../../crypto.js';
-export type { WalletInfo, WalletMessage, WalletResponse, DiscoveryRequest, DiscoveryResponse, ConnectRequest, } from '../../types.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9wcm92aWRlcnMvZXh0ZW5zaW9uL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUN4RCxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUM1RCxjQUFjLGlCQUFpQixDQUFDO0FBQ2hDLFlBQVksRUFDVixVQUFVLEVBQ1YsYUFBYSxFQUNiLGNBQWMsRUFDZCxnQkFBZ0IsRUFDaEIsaUJBQWlCLEVBQ2pCLGNBQWMsR0FDZixNQUFNLGdCQUFnQixDQUFDIn0=

package/dest/providers/extension/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/providers/extension/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,cAAc,iBAAiB,CAAC;AAChC,YAAY,EACV,UAAU,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,cAAc,GACf,MAAM,gBAAgB,CAAC"}

package/src/providers/extension/extension_provider.ts

@@ -1,72 +0,0 @@
-import type { ChainInfo } from '@aztec/aztec.js/account';
-import { jsonStringify } from '@aztec/foundation/json-rpc';
-import { promiseWithResolvers } from '@aztec/foundation/promise';
-
-import type { DiscoveryRequest, DiscoveryResponse, WalletInfo } from '../../types.js';
-
-/**
- * Provider for discovering and managing Aztec wallet extensions
- */
-export class ExtensionProvider {
-  private static discoveredExtensions: Map<string, WalletInfo> = new Map();
-  private static discoveryInProgress = false;
-
-  /**
-   * Discovers all installed Aztec wallet extensions
-   * @param chainInfo - Chain information to check if extensions support this network
-   * @param timeout - How long to wait for extensions to respond (ms)
-   * @returns Array of discovered extension information
-   */
-  static async discoverExtensions(chainInfo: ChainInfo, timeout: number = 1000): Promise<WalletInfo[]> {
-    // If discovery is in progress, wait for it to complete
-    if (this.discoveryInProgress) {
-      await new Promise(resolve => setTimeout(resolve, timeout));
-      return Array.from(this.discoveredExtensions.values());
-    }
-
-    this.discoveryInProgress = true;
-    this.discoveredExtensions.clear();
-
-    const { promise, resolve } = promiseWithResolvers<WalletInfo[]>();
-    const requestId = globalThis.crypto.randomUUID();
-    const responses: WalletInfo[] = [];
-
-    // Set up listener for discovery responses
-    const handleMessage = (event: MessageEvent) => {
-      if (event.source !== window) {
-        return;
-      }
-
-      let data: DiscoveryResponse;
-      try {
-        data = JSON.parse(event.data);
-      } catch {
-        return;
-      }
-
-      if (data.type === 'aztec-wallet-discovery-response' && data.requestId === requestId) {
-        responses.push(data.walletInfo);
-        this.discoveredExtensions.set(data.walletInfo.id, data.walletInfo);
-      }
-    };
-
-    window.addEventListener('message', handleMessage);
-
-    // Send discovery message
-    const discoveryMessage: DiscoveryRequest = {
-      type: 'aztec-wallet-discovery',
-      requestId,
-      chainInfo,
-    };
-    window.postMessage(jsonStringify(discoveryMessage), '*');
-
-    // Wait for responses
-    setTimeout(() => {
-      window.removeEventListener('message', handleMessage);
-      this.discoveryInProgress = false;
-      resolve(responses);
-    }, timeout);
-
-    return promise;
-  }
-}

package/src/providers/extension/extension_wallet.ts

@@ -1,275 +0,0 @@
-import type { ChainInfo } from '@aztec/aztec.js/account';
-import { type Wallet, WalletSchema } from '@aztec/aztec.js/wallet';
-import { jsonStringify } from '@aztec/foundation/json-rpc';
-import { type PromiseWithResolvers, promiseWithResolvers } from '@aztec/foundation/promise';
-import { schemaHasMethod } from '@aztec/foundation/schemas';
-import type { FunctionsOf } from '@aztec/foundation/types';
-
-import {
-  type EncryptedPayload,
-  type ExportedPublicKey,
-  decrypt,
-  deriveSharedKey,
-  encrypt,
-  exportPublicKey,
-  generateKeyPair,
-  importPublicKey,
-} from '../../crypto.js';
-import type { ConnectRequest, WalletInfo, WalletMessage, WalletResponse } from '../../types.js';
-
-/**
- * Internal type representing a wallet method call before encryption.
- * @internal
- */
-type WalletMethodCall = {
-  /** The wallet method name to invoke */
-  type: keyof FunctionsOf<Wallet>;
-  /** Arguments to pass to the wallet method */
-  args: unknown[];
-};
-
-/**
- * A wallet implementation that communicates with browser extension wallets
- * using a secure encrypted MessageChannel.
- *
- * This class establishes a private communication channel with a wallet extension
- * using the following security mechanisms:
- *
- * 1. **MessageChannel**: Creates a private communication channel that is not
- *    visible to other scripts on the page (unlike window.postMessage).
- *
- * 2. **ECDH Key Exchange**: Uses Elliptic Curve Diffie-Hellman to derive a
- *    shared secret between the dApp and wallet without transmitting private keys.
- *
- * 3. **AES-GCM Encryption**: All messages after channel establishment are
- *    encrypted using AES-256-GCM, providing both confidentiality and authenticity.
- *
- * @example
- * ```typescript
- * // Discovery returns wallet info including the wallet's public key
- * const wallets = await ExtensionProvider.discoverExtensions(chainInfo);
- * const walletInfo = wallets[0];
- *
- * // Create a secure connection to the wallet
- * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-dapp');
- *
- * // All subsequent calls are encrypted
- * const accounts = await wallet.getAccounts();
- * ```
- */
-export class ExtensionWallet {
-  /** Map of pending requests awaiting responses, keyed by message ID */
-  private inFlight = new Map<string, PromiseWithResolvers<unknown>>();
-
-  /** The MessagePort for private communication with the extension */
-  private port: MessagePort | null = null;
-
-  /** The derived AES-GCM key for encrypting/decrypting messages */
-  private sharedKey: CryptoKey | null = null;
-
-  /**
-   * Private constructor - use {@link ExtensionWallet.create} to instantiate.
-   * @param chainInfo - The chain information (chainId and version)
-   * @param appId - Application identifier for the requesting dApp
-   * @param extensionId - The unique identifier of the target wallet extension
-   */
-  private constructor(
-    private chainInfo: ChainInfo,
-    private appId: string,
-    private extensionId: string,
-  ) {}
-
-  /**
-   * Creates an ExtensionWallet instance that proxies wallet calls to a browser extension
-   * over a secure encrypted MessageChannel.
-   *
-   * The connection process:
-   * 1. Generates an ECDH key pair for this session
-   * 2. Derives a shared AES-256 key using the wallet's public key
-   * 3. Creates a MessageChannel and transfers one port to the extension
-   * 4. Returns a Proxy that encrypts all wallet method calls
-   *
-   * @param walletInfo - The discovered wallet information, including the wallet's ECDH public key
-   * @param chainInfo - The chain information (chainId and version) for request context
-   * @param appId - Application identifier used to identify the requesting dApp to the wallet
-   * @returns A Promise resolving to a Wallet implementation that encrypts all communication
-   *
-   * @throws Error if the secure channel cannot be established
-   *
-   * @example
-   * ```typescript
-   * const wallet = await ExtensionWallet.create(
-   *   walletInfo,
-   *   { chainId: Fr(31337), version: Fr(0) },
-   *   'my-defi-app'
-   * );
-   * ```
-   */
-  static async create(walletInfo: WalletInfo, chainInfo: ChainInfo, appId: string): Promise<Wallet> {
-    const wallet = new ExtensionWallet(chainInfo, appId, walletInfo.id);
-
-    if (!walletInfo.publicKey) {
-      throw new Error('Wallet does not support secure channel establishment (missing public key)');
-    }
-
-    await wallet.establishSecureChannel(walletInfo.publicKey);
-
-    // Create a Proxy that intercepts wallet method calls and forwards them to the extension
-    return new Proxy(wallet, {
-      get: (target, prop) => {
-        if (schemaHasMethod(WalletSchema, prop.toString())) {
-          return async (...args: unknown[]) => {
-            const result = await target.postMessage({
-              type: prop.toString() as keyof FunctionsOf<Wallet>,
-              args,
-            });
-            return WalletSchema[prop.toString() as keyof typeof WalletSchema].returnType().parseAsync(result);
-          };
-        } else {
-          return target[prop as keyof ExtensionWallet];
-        }
-      },
-    }) as unknown as Wallet;
-  }
-
-  /**
-   * Establishes a secure MessageChannel with ECDH key exchange.
-   *
-   * This method performs the cryptographic handshake:
-   * 1. Generates a new ECDH P-256 key pair for this session
-   * 2. Imports the wallet's public key and derives a shared secret
-   * 3. Creates a MessageChannel for private communication
-   * 4. Sends a connection request with our public key via window.postMessage
-   *    (this is the only public message - subsequent communication uses the private channel)
-   *
-   * @param walletExportedPublicKey - The wallet's ECDH public key in JWK format
-   */
-  private async establishSecureChannel(walletExportedPublicKey: ExportedPublicKey): Promise<void> {
-    const keyPair = await generateKeyPair();
-    const exportedPublicKey = await exportPublicKey(keyPair.publicKey);
-
-    const walletPublicKey = await importPublicKey(walletExportedPublicKey);
-    this.sharedKey = await deriveSharedKey(keyPair.privateKey, walletPublicKey);
-
-    const channel = new MessageChannel();
-    this.port = channel.port1;
-
-    this.port.onmessage = async (event: MessageEvent<EncryptedPayload>) => {
-      await this.handleEncryptedResponse(event.data);
-    };
-
-    this.port.start();
-
-    // Send connection request with our public key and transfer port2 to content script
-    // This is the only public postMessage - it contains our public key (safe to expose)
-    // and transfers the MessagePort for subsequent private communication
-    const connectRequest: ConnectRequest = {
-      type: 'aztec-wallet-connect',
-      walletId: this.extensionId,
-      appId: this.appId,
-      publicKey: exportedPublicKey,
-    };
-
-    window.postMessage(jsonStringify(connectRequest), '*', [channel.port2]);
-  }
-
-  /**
-   * Handles an encrypted response received from the wallet extension.
-   *
-   * Decrypts the response using the shared AES key and resolves or rejects
-   * the corresponding pending promise based on the response content.
-   *
-   * @param encrypted - The encrypted response from the wallet
-   */
-  private async handleEncryptedResponse(encrypted: EncryptedPayload): Promise<void> {
-    if (!this.sharedKey) {
-      return;
-    }
-
-    try {
-      const response = await decrypt<WalletResponse>(this.sharedKey, encrypted);
-
-      const { messageId, result, error, walletId: responseWalletId } = response;
-
-      if (!messageId || !responseWalletId) {
-        return;
-      }
-
-      if (this.extensionId !== responseWalletId) {
-        return;
-      }
-
-      if (!this.inFlight.has(messageId)) {
-        return;
-      }
-
-      const { resolve, reject } = this.inFlight.get(messageId)!;
-
-      if (error) {
-        reject(new Error(jsonStringify(error)));
-      } else {
-        resolve(result);
-      }
-      this.inFlight.delete(messageId);
-      // eslint-disable-next-line no-empty
-    } catch {}
-  }
-
-  /**
-   * Sends an encrypted wallet method call over the secure MessageChannel.
-   *
-   * The message is encrypted using AES-256-GCM with the shared key derived
-   * during channel establishment. A unique message ID is generated to correlate
-   * the response.
-   *
-   * @param call - The wallet method call containing method name and arguments
-   * @returns A Promise that resolves with the decrypted result from the wallet
-   *
-   * @throws Error if the secure channel has not been established
-   */
-  private async postMessage(call: WalletMethodCall): Promise<unknown> {
-    if (!this.port || !this.sharedKey) {
-      throw new Error('Secure channel not established');
-    }
-
-    const messageId = globalThis.crypto.randomUUID();
-    const message: WalletMessage = {
-      type: call.type,
-      args: call.args,
-      messageId,
-      chainInfo: this.chainInfo,
-      appId: this.appId,
-      walletId: this.extensionId,
-    };
-
-    // Encrypt the message and send over the private MessageChannel
-    const encrypted = await encrypt(this.sharedKey, message);
-    this.port.postMessage(encrypted);
-
-    const { promise, resolve, reject } = promiseWithResolvers<unknown>();
-    this.inFlight.set(messageId, { promise, resolve, reject });
-    return promise;
-  }
-
-  /**
-   * Closes the secure channel and cleans up resources.
-   *
-   * After calling this method, the wallet instance can no longer be used.
-   * Any pending requests will not receive responses.
-   *
-   * @example
-   * ```typescript
-   * const wallet = await ExtensionWallet.create(walletInfo, chainInfo, 'my-app');
-   * // ... use wallet ...
-   * wallet.close(); // Clean up when done
-   * ```
-   */
-  close(): void {
-    if (this.port) {
-      this.port.close();
-      this.port = null;
-    }
-    this.sharedKey = null;
-    this.inFlight.clear();
-  }
-}