@aztec/wallet-sdk 4.0.0-devnet.2-patch.3 → 4.0.0-devnet.3-patch.0

package/dest/iframe/provider/iframe_discovery.js

@@ -0,0 +1,167 @@
+/**
+ * Web wallet discovery — creates {@link IframeWalletProvider} instances from a list of URLs.
+ *
+ * For each configured URL we probe the wallet by loading a tiny invisible iframe,
+ * waiting for WALLET_READY, then sending a DISCOVERY request. On a successful
+ * DISCOVERY_RESPONSE we emit an IframeWalletProvider to the caller.
+ *
+ * This is intentionally lightweight (no key exchange yet) — key exchange happens
+ * later when the user selects the wallet and calls `provider.establishSecureChannel()`.
+ */ import { promiseWithResolvers } from '@aztec/foundation/promise';
+import { WalletMessageType } from '../../types.js';
+import { IframeWalletProvider } from './iframe_provider.js';
+const PROBE_TIMEOUT_MS = 10_000;
+/**
+ * Probes a list of web wallet URLs and returns a {@link DiscoverySession} compatible
+ * with WalletManager's `getAvailableWallets()` interface.
+ *
+ * Discovered {@link IframeWalletProvider} instances are yielded asynchronously as each
+ * wallet responds to the probe.
+ *
+ * @param walletUrls - URLs of web wallets to probe
+ * @param chainInfo - Network information to pass during discovery
+ * @returns A cancellable discovery session
+ */ export function discoverWebWallets(walletUrls, chainInfo) {
+    const { promise: donePromise, resolve: resolveDone } = promiseWithResolvers();
+    /* eslint-enable jsdoc/require-jsdoc */ let state = {
+        status: 'discovering',
+        resolve: null
+    };
+    const pendingProviders = [];
+    // eslint-disable-next-line jsdoc/require-jsdoc
+    function emit(provider) {
+        if (state.status !== 'discovering') {
+            return;
+        }
+        if (state.resolve) {
+            const resolve = state.resolve;
+            state.resolve = null;
+            resolve({
+                value: provider,
+                done: false
+            });
+        } else {
+            pendingProviders.push(provider);
+        }
+    }
+    // eslint-disable-next-line jsdoc/require-jsdoc
+    function markComplete() {
+        if (state.status !== 'discovering') {
+            return;
+        }
+        const pendingResolve = state.resolve;
+        state = {
+            status: 'done'
+        };
+        resolveDone();
+        if (pendingResolve) {
+            pendingResolve({
+                value: undefined,
+                done: true
+            });
+        }
+    }
+    // Probe all URLs in parallel
+    const probes = walletUrls.map((url)=>probeWallet(url, chainInfo, PROBE_TIMEOUT_MS).then((provider)=>{
+            if (provider) {
+                emit(provider);
+            }
+        }, ()=>{
+        // ignore probe errors
+        }));
+    void Promise.all(probes).then(markComplete);
+    const wallets = {
+        // eslint-disable-next-line jsdoc/require-jsdoc
+        [Symbol.asyncIterator] () {
+            return {
+                // eslint-disable-next-line jsdoc/require-jsdoc
+                next () {
+                    if (pendingProviders.length > 0) {
+                        return Promise.resolve({
+                            value: pendingProviders.shift(),
+                            done: false
+                        });
+                    }
+                    if (state.status === 'done') {
+                        return Promise.resolve({
+                            value: undefined,
+                            done: true
+                        });
+                    }
+                    return new Promise((resolve)=>{
+                        if (state.status === 'discovering') {
+                            state.resolve = resolve;
+                        }
+                    });
+                },
+                // eslint-disable-next-line jsdoc/require-jsdoc
+                return () {
+                    markComplete();
+                    return Promise.resolve({
+                        value: undefined,
+                        done: true
+                    });
+                }
+            };
+        }
+    };
+    return {
+        wallets,
+        done: donePromise,
+        cancel: markComplete
+    };
+}
+/**
+ * Probes a single web wallet URL.
+ * Creates a temporary hidden iframe, waits for WALLET_READY, sends DISCOVERY_REQUEST.
+ * Returns an IframeWalletProvider on success, null on timeout/failure.
+ * @internal
+ */ function probeWallet(walletUrl, chainInfo, timeoutMs) {
+    const walletOrigin = new URL(walletUrl).origin;
+    const iframe = document.createElement('iframe');
+    iframe.src = walletUrl;
+    iframe.style.cssText = 'display:none;width:0;height:0;border:none;position:absolute;top:-9999px;';
+    iframe.allow = 'storage-access; cross-origin-isolated';
+    let timer;
+    // Register listener BEFORE appending to DOM to avoid race with WALLET_READY
+    const result = new Promise((resolve)=>{
+        const cleanup = ()=>{
+            if (iframe.parentNode) {
+                iframe.parentNode.removeChild(iframe);
+            }
+            window.removeEventListener('message', handler);
+            clearTimeout(timer);
+        };
+        timer = setTimeout(()=>{
+            cleanup();
+            resolve(null);
+        }, timeoutMs);
+        let step = 'waiting-ready';
+        const requestId = globalThis.crypto.randomUUID();
+        // eslint-disable-next-line jsdoc/require-jsdoc
+        function handler(event) {
+            if (event.origin !== walletOrigin) {
+                return;
+            }
+            const msg = event.data;
+            if (!msg || typeof msg !== 'object') {
+                return;
+            }
+            if (step === 'waiting-ready' && msg.type === WalletMessageType.WALLET_READY) {
+                step = 'waiting-discovery';
+                iframe.contentWindow?.postMessage({
+                    type: WalletMessageType.DISCOVERY,
+                    requestId,
+                    appId: 'discovery-probe'
+                }, walletOrigin);
+            } else if (step === 'waiting-discovery' && msg.type === WalletMessageType.DISCOVERY_RESPONSE && msg.requestId === requestId) {
+                const info = msg.walletInfo;
+                cleanup();
+                resolve(new IframeWalletProvider(info.id, info.name, info.icon, walletUrl, chainInfo));
+            }
+        }
+        window.addEventListener('message', handler);
+    });
+    document.body.appendChild(iframe);
+    return result;
+}

package/dest/iframe/provider/iframe_provider.d.ts

@@ -0,0 +1,65 @@
+/**
+ * IframeWalletProvider — implements {@link WalletProvider} for web wallets loaded in iframes.
+ *
+ * Flow (mirrors ExtensionProvider):
+ *   1. Creates an `<iframe src="walletUrl">` (in app-provided container or floating panel)
+ *   2. Waits for WALLET_READY message from the iframe
+ *   3. Sends DISCOVERY → waits for DISCOVERY_RESPONSE
+ *   4. Sends KEY_EXCHANGE_REQUEST (ECDH public key) → waits for KEY_EXCHANGE_RESPONSE
+ *   5. Derives shared session keys, exposes verificationHash
+ *   6. On confirm(): returns IframeWallet backed by the established session
+ */
+import type { ChainInfo } from '@aztec/aztec.js/account';
+import type { PendingConnection, ProviderDisconnectionCallback, WalletProvider } from '../../manager/types.js';
+/**
+ * Options for {@link IframeWalletProvider.establishSecureChannel}.
+ */
+export interface IframeConnectionOptions {
+    /** Container element to inject the iframe into. If omitted, a floating panel is created. */
+    container?: HTMLElement;
+}
+/**
+ * A {@link WalletProvider} that connects to a web wallet loaded in a cross-origin iframe.
+ *
+ * Discovered via {@link discoverWebWallets} and used through the standard
+ * `WalletProvider.establishSecureChannel()` flow.
+ */
+export declare class IframeWalletProvider implements WalletProvider {
+    /** Unique wallet identifier. */
+    readonly id: string;
+    /** Display name for the wallet. */
+    readonly name: string;
+    /** Optional wallet icon URL. */
+    readonly icon: string | undefined;
+    private readonly walletUrl;
+    private readonly chainInfo;
+    readonly type: "web";
+    private iframe;
+    private _container;
+    private _appOwnsContainer;
+    private _dragCleanup;
+    private wallet;
+    private _disconnected;
+    private disconnectCallbacks;
+    constructor(
+    /** Unique wallet identifier. */
+    id: string, 
+    /** Display name for the wallet. */
+    name: string, 
+    /** Optional wallet icon URL. */
+    icon: string | undefined, walletUrl: string, chainInfo: ChainInfo);
+    /**
+     * Establishes a secure encrypted channel with the iframe wallet.
+     *
+     * @param appId - Application identifier for the requesting dApp
+     * @param options - Optional container element for the iframe
+     * @returns A {@link PendingConnection} with verification hash and confirm/cancel
+     */
+    establishSecureChannel(appId: string, options?: IframeConnectionOptions): Promise<PendingConnection>;
+    disconnect(): Promise<void>;
+    onDisconnect(callback: ProviderDisconnectionCallback): () => void;
+    isDisconnected(): boolean;
+    private createFloatingPanel;
+    private cleanup;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWZyYW1lX3Byb3ZpZGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvaWZyYW1lL3Byb3ZpZGVyL2lmcmFtZV9wcm92aWRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7Ozs7Ozs7OztHQVVHO0FBQ0gsT0FBTyxLQUFLLEVBQUUsU0FBUyxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFVekQsT0FBTyxLQUFLLEVBQUUsaUJBQWlCLEVBQUUsNkJBQTZCLEVBQUUsY0FBYyxFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFTL0c7O0dBRUc7QUFDSCxNQUFNLFdBQVcsdUJBQXVCO0lBQ3RDLDRGQUE0RjtJQUM1RixTQUFTLENBQUMsRUFBRSxXQUFXLENBQUM7Q0FDekI7QUFFRDs7Ozs7R0FLRztBQUNILHFCQUFhLG9CQUFxQixZQUFXLGNBQWM7SUFZdkQsZ0NBQWdDO2FBQ2hCLEVBQUUsRUFBRSxNQUFNO0lBQzFCLG1DQUFtQzthQUNuQixJQUFJLEVBQUUsTUFBTTtJQUM1QixnQ0FBZ0M7YUFDaEIsSUFBSSxFQUFFLE1BQU0sR0FBRyxTQUFTO0lBQ3hDLE9BQU8sQ0FBQyxRQUFRLENBQUMsU0FBUztJQUMxQixPQUFPLENBQUMsUUFBUSxDQUFDLFNBQVM7SUFsQjVCLFFBQVEsQ0FBQyxJQUFJLFFBQWtCO0lBRS9CLE9BQU8sQ0FBQyxNQUFNLENBQWtDO0lBQ2hELE9BQU8sQ0FBQyxVQUFVLENBQStCO0lBQ2pELE9BQU8sQ0FBQyxpQkFBaUIsQ0FBUztJQUNsQyxPQUFPLENBQUMsWUFBWSxDQUE2QjtJQUNqRCxPQUFPLENBQUMsTUFBTSxDQUE2QjtJQUMzQyxPQUFPLENBQUMsYUFBYSxDQUFTO0lBQzlCLE9BQU8sQ0FBQyxtQkFBbUIsQ0FBdUM7SUFFbEU7SUFDRSxnQ0FBZ0M7SUFDaEIsRUFBRSxFQUFFLE1BQU07SUFDMUIsbUNBQW1DO0lBQ25CLElBQUksRUFBRSxNQUFNO0lBQzVCLGdDQUFnQztJQUNoQixJQUFJLEVBQUUsTUFBTSxHQUFHLFNBQVMsRUFDdkIsU0FBUyxFQUFFLE1BQU0sRUFDakIsU0FBUyxFQUFFLFNBQVMsRUFDbkM7SUFFSjs7Ozs7O09BTUc7SUFDRyxzQkFBc0IsQ0FBQyxLQUFLLEVBQUUsTUFBTSxFQUFFLE9BQU8sQ0FBQyxFQUFFLHVCQUF1QixHQUFHLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxDQXdGekc7SUFFRCxVQUFVLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQU0xQjtJQUVELFlBQVksQ0FBQyxRQUFRLEVBQUUsNkJBQTZCLEdBQUcsTUFBTSxJQUFJLENBUWhFO0lBRUQsY0FBYyxJQUFJLE9BQU8sQ0FFeEI7SUFJRCxPQUFPLENBQUMsbUJBQW1CO0lBZ0czQixPQUFPLENBQUMsT0FBTztDQWVoQiJ9

package/dest/iframe/provider/iframe_provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"iframe_provider.d.ts","sourceRoot":"","sources":["../../../src/iframe/provider/iframe_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAUzD,OAAO,KAAK,EAAE,iBAAiB,EAAE,6BAA6B,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAS/G;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,4FAA4F;IAC5F,SAAS,CAAC,EAAE,WAAW,CAAC;CACzB;AAED;;;;;GAKG;AACH,qBAAa,oBAAqB,YAAW,cAAc;IAYvD,gCAAgC;aAChB,EAAE,EAAE,MAAM;IAC1B,mCAAmC;aACnB,IAAI,EAAE,MAAM;IAC5B,gCAAgC;aAChB,IAAI,EAAE,MAAM,GAAG,SAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAlB5B,QAAQ,CAAC,IAAI,QAAkB;IAE/B,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,UAAU,CAA+B;IACjD,OAAO,CAAC,iBAAiB,CAAS;IAClC,OAAO,CAAC,YAAY,CAA6B;IACjD,OAAO,CAAC,MAAM,CAA6B;IAC3C,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,mBAAmB,CAAuC;IAElE;IACE,gCAAgC;IAChB,EAAE,EAAE,MAAM;IAC1B,mCAAmC;IACnB,IAAI,EAAE,MAAM;IAC5B,gCAAgC;IAChB,IAAI,EAAE,MAAM,GAAG,SAAS,EACvB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,SAAS,EACnC;IAEJ;;;;;;OAMG;IACG,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAwFzG;IAED,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAM1B;IAED,YAAY,CAAC,QAAQ,EAAE,6BAA6B,GAAG,MAAM,IAAI,CAQhE;IAED,cAAc,IAAI,OAAO,CAExB;IAID,OAAO,CAAC,mBAAmB;IAgG3B,OAAO,CAAC,OAAO;CAehB"}

package/dest/iframe/provider/iframe_provider.js

@@ -0,0 +1,257 @@
+/**
+ * IframeWalletProvider — implements {@link WalletProvider} for web wallets loaded in iframes.
+ *
+ * Flow (mirrors ExtensionProvider):
+ *   1. Creates an `<iframe src="walletUrl">` (in app-provided container or floating panel)
+ *   2. Waits for WALLET_READY message from the iframe
+ *   3. Sends DISCOVERY → waits for DISCOVERY_RESPONSE
+ *   4. Sends KEY_EXCHANGE_REQUEST (ECDH public key) → waits for KEY_EXCHANGE_RESPONSE
+ *   5. Derives shared session keys, exposes verificationHash
+ *   6. On confirm(): returns IframeWallet backed by the established session
+ */ import { deriveSessionKeys, exportPublicKey, generateKeyPair, importPublicKey } from '../../crypto.js';
+import { WalletMessageType } from '../../types.js';
+import { IframeWallet } from './iframe_wallet.js';
+const READY_TIMEOUT_MS = 15_000;
+const DISCOVERY_TIMEOUT_MS = 15_000;
+const KEY_EXCHANGE_TIMEOUT_MS = 15_000;
+/**
+ * A {@link WalletProvider} that connects to a web wallet loaded in a cross-origin iframe.
+ *
+ * Discovered via {@link discoverWebWallets} and used through the standard
+ * `WalletProvider.establishSecureChannel()` flow.
+ */ export class IframeWalletProvider {
+    id;
+    name;
+    icon;
+    walletUrl;
+    chainInfo;
+    type;
+    iframe;
+    _container;
+    _appOwnsContainer;
+    _dragCleanup;
+    wallet;
+    _disconnected;
+    disconnectCallbacks;
+    constructor(/** Unique wallet identifier. */ id, /** Display name for the wallet. */ name, /** Optional wallet icon URL. */ icon, walletUrl, chainInfo){
+        this.id = id;
+        this.name = name;
+        this.icon = icon;
+        this.walletUrl = walletUrl;
+        this.chainInfo = chainInfo;
+        this.type = 'web';
+        this.iframe = null;
+        this._container = null;
+        this._appOwnsContainer = false;
+        this._dragCleanup = null;
+        this.wallet = null;
+        this._disconnected = false;
+        this.disconnectCallbacks = [];
+    }
+    /**
+   * Establishes a secure encrypted channel with the iframe wallet.
+   *
+   * @param appId - Application identifier for the requesting dApp
+   * @param options - Optional container element for the iframe
+   * @returns A {@link PendingConnection} with verification hash and confirm/cancel
+   */ async establishSecureChannel(appId, options) {
+        const iframe = document.createElement('iframe');
+        iframe.src = this.walletUrl;
+        iframe.style.cssText = 'flex:1;border:none;width:100%;height:100%;display:block;';
+        iframe.allow = 'storage-access; cross-origin-isolated';
+        this.iframe = iframe;
+        if (options?.container) {
+            this._appOwnsContainer = true;
+            options.container.appendChild(iframe);
+        } else {
+            this.createFloatingPanel(iframe);
+        }
+        const walletOrigin = new URL(this.walletUrl).origin;
+        const post = (msg)=>{
+            if (!iframe.contentWindow) {
+                throw new Error('Iframe not ready');
+            }
+            iframe.contentWindow.postMessage(msg, walletOrigin);
+        };
+        await waitForMessage((msg)=>msg.type === WalletMessageType.WALLET_READY, READY_TIMEOUT_MS, walletOrigin);
+        const requestId = globalThis.crypto.randomUUID();
+        post({
+            type: WalletMessageType.DISCOVERY,
+            requestId,
+            appId
+        });
+        const discoveryResp = await waitForMessage((msg)=>msg.type === WalletMessageType.DISCOVERY_RESPONSE && msg.requestId === requestId, DISCOVERY_TIMEOUT_MS, walletOrigin);
+        const walletInfo = discoveryResp.walletInfo;
+        const keyPair = await generateKeyPair();
+        const dAppPublicKey = await exportPublicKey(keyPair.publicKey);
+        post({
+            type: WalletMessageType.KEY_EXCHANGE_REQUEST,
+            requestId,
+            publicKey: dAppPublicKey
+        });
+        const keyExchangeResp = await waitForMessage((msg)=>msg.type === WalletMessageType.KEY_EXCHANGE_RESPONSE && msg.requestId === requestId, KEY_EXCHANGE_TIMEOUT_MS, walletOrigin);
+        const walletPublicKey = await importPublicKey(keyExchangeResp.publicKey);
+        const sessionKeys = await deriveSessionKeys(keyPair, walletPublicKey, true);
+        const { verificationHash, encryptionKey: sharedKey } = sessionKeys;
+        const iframeWallet = IframeWallet.create(walletInfo.id, requestId, iframe.contentWindow, walletOrigin, sharedKey, this.chainInfo, appId);
+        this.wallet = iframeWallet;
+        iframeWallet.onDisconnect(()=>{
+            this._disconnected = true;
+            for (const cb of this.disconnectCallbacks){
+                try {
+                    cb();
+                } catch  {
+                // ignore
+                }
+            }
+        });
+        let cancelled = false;
+        return {
+            verificationHash,
+            confirm: ()=>{
+                if (cancelled) {
+                    throw new Error('Connection was cancelled');
+                }
+                return Promise.resolve(iframeWallet.asWallet());
+            },
+            cancel: ()=>{
+                cancelled = true;
+                this.cleanup();
+            }
+        };
+    }
+    disconnect() {
+        if (this.wallet && !this.wallet.isDisconnected()) {
+            this.wallet.disconnect();
+        }
+        this.cleanup();
+        return Promise.resolve();
+    }
+    onDisconnect(callback) {
+        this.disconnectCallbacks.push(callback);
+        return ()=>{
+            const i = this.disconnectCallbacks.indexOf(callback);
+            if (i !== -1) {
+                this.disconnectCallbacks.splice(i, 1);
+            }
+        };
+    }
+    isDisconnected() {
+        return this._disconnected;
+    }
+    // ── Floating panel creation ─────────────────────────────────────────────────
+    createFloatingPanel(iframe) {
+        const W = 420, H = 500;
+        const initLeft = window.innerWidth - W - 24;
+        const initTop = window.innerHeight - H - 24;
+        const container = document.createElement('div');
+        container.style.cssText = `
+      position:fixed;left:${initLeft}px;top:${initTop}px;width:${W}px;height:${H}px;
+      border-radius:12px;box-shadow:0 8px 32px rgba(0,0,0,0.4);z-index:999999;
+      overflow:hidden;display:flex;flex-direction:column;user-select:none;
+    `;
+        const dragHandle = document.createElement('div');
+        dragHandle.style.cssText = `
+      height:28px;min-height:28px;background:rgba(30,30,30,0.95);cursor:grab;
+      display:flex;align-items:center;justify-content:center;
+      border-bottom:1px solid rgba(255,255,255,0.08);flex-shrink:0;
+    `;
+        dragHandle.innerHTML = `<span style="color:rgba(255,255,255,0.3);font-size:14px;letter-spacing:4px">&#8942;&#8942;&#8942;</span>`;
+        const resizeHandle = document.createElement('div');
+        resizeHandle.style.cssText = 'position:absolute;bottom:0;right:0;width:16px;height:16px;cursor:se-resize;z-index:1;';
+        resizeHandle.innerHTML = `<svg width="16" height="16" style="opacity:0.3;display:block"><path d="M2 14 L14 2 M6 14 L14 6 M10 14 L14 10" stroke="white" stroke-width="1.5"/></svg>`;
+        container.appendChild(dragHandle);
+        container.appendChild(iframe);
+        container.appendChild(resizeHandle);
+        document.body.appendChild(container);
+        this._container = container;
+        let dragging = false;
+        let dragOffsetX = 0, dragOffsetY = 0;
+        dragHandle.addEventListener('mousedown', (e)=>{
+            dragging = true;
+            dragHandle.style.cursor = 'grabbing';
+            const rect = container.getBoundingClientRect();
+            dragOffsetX = e.clientX - rect.left;
+            dragOffsetY = e.clientY - rect.top;
+            iframe.style.pointerEvents = 'none';
+            e.preventDefault();
+        });
+        let resizing = false;
+        let resizeStartX = 0, resizeStartY = 0;
+        let resizeStartW = 0, resizeStartH = 0;
+        const MIN_W = 280, MIN_H = 320;
+        resizeHandle.addEventListener('mousedown', (e)=>{
+            resizing = true;
+            resizeStartX = e.clientX;
+            resizeStartY = e.clientY;
+            resizeStartW = container.offsetWidth;
+            resizeStartH = container.offsetHeight;
+            iframe.style.pointerEvents = 'none';
+            e.preventDefault();
+            e.stopPropagation();
+        });
+        const onMouseMove = (e)=>{
+            if (dragging) {
+                const newLeft = Math.max(0, Math.min(window.innerWidth - container.offsetWidth, e.clientX - dragOffsetX));
+                const newTop = Math.max(0, Math.min(window.innerHeight - container.offsetHeight, e.clientY - dragOffsetY));
+                container.style.left = `${newLeft}px`;
+                container.style.top = `${newTop}px`;
+            } else if (resizing) {
+                const newW = Math.max(MIN_W, resizeStartW + (e.clientX - resizeStartX));
+                const newH = Math.max(MIN_H, resizeStartH + (e.clientY - resizeStartY));
+                container.style.width = `${newW}px`;
+                container.style.height = `${newH}px`;
+            }
+        };
+        const onMouseUp = ()=>{
+            if (dragging) {
+                dragHandle.style.cursor = 'grab';
+            }
+            dragging = false;
+            resizing = false;
+            iframe.style.pointerEvents = '';
+        };
+        document.addEventListener('mousemove', onMouseMove);
+        document.addEventListener('mouseup', onMouseUp);
+        this._dragCleanup = ()=>{
+            document.removeEventListener('mousemove', onMouseMove);
+            document.removeEventListener('mouseup', onMouseUp);
+        };
+    }
+    cleanup() {
+        this._dragCleanup?.();
+        this._dragCleanup = null;
+        if (this._appOwnsContainer) {
+            if (this.iframe && this.iframe.parentNode) {
+                this.iframe.parentNode.removeChild(this.iframe);
+            }
+        } else if (this._container && this._container.parentNode) {
+            this._container.parentNode.removeChild(this._container);
+        }
+        this._container = null;
+        this.iframe = null;
+    }
+}
+/** @internal */ function waitForMessage(predicate, timeoutMs, expectedOrigin) {
+    return new Promise((resolve, reject)=>{
+        const timer = setTimeout(()=>{
+            window.removeEventListener('message', handler);
+            reject(new Error(`Iframe wallet: timed out waiting for message (${timeoutMs}ms)`));
+        }, timeoutMs);
+        /** Handles incoming postMessage events, filtering by origin and predicate. */ function handler(event) {
+            if (event.origin !== expectedOrigin) {
+                return;
+            }
+            const msg = event.data;
+            if (!msg || typeof msg !== 'object') {
+                return;
+            }
+            if (predicate(msg)) {
+                clearTimeout(timer);
+                window.removeEventListener('message', handler);
+                resolve(msg);
+            }
+        }
+        window.addEventListener('message', handler);
+    });
+}

package/dest/iframe/provider/iframe_wallet.d.ts

@@ -0,0 +1,68 @@
+/**
+ * IframeWallet — Wallet proxy that communicates with a web wallet loaded in an iframe.
+ *
+ * This mirrors {@link ExtensionWallet} from `@aztec/wallet-sdk/extension/provider` but uses
+ * `window.postMessage` / `window.addEventListener('message')` instead of MessagePort.
+ *
+ * The wire protocol (encrypted {@link WalletMessage} / {@link WalletResponse}) is identical.
+ */
+import type { ChainInfo } from '@aztec/aztec.js/account';
+import { type Wallet } from '@aztec/aztec.js/wallet';
+import { type DisconnectCallback } from '../../types.js';
+/**
+ * A wallet implementation that communicates with a web wallet loaded in an iframe
+ * using encrypted postMessage.
+ *
+ * Uses the same Proxy pattern as {@link ExtensionWallet}: intercepts property access,
+ * checks if the property is a Wallet method via {@link WalletSchema}, and routes the
+ * call through an encrypted postMessage channel.
+ *
+ * @example
+ * ```typescript
+ * const wallet = IframeWallet.create(walletId, sessionId, iframeWindow, walletOrigin, sharedKey, chainInfo, appId);
+ * const accounts = await wallet.asWallet().getAccounts();
+ * ```
+ */
+export declare class IframeWallet {
+    private chainInfo;
+    private appId;
+    private walletId;
+    private sessionId;
+    private iframeWindow;
+    private walletOrigin;
+    private sharedKey;
+    private inFlight;
+    private disconnected;
+    private disconnectCallbacks;
+    private messageListener;
+    private constructor();
+    /**
+     * Creates a proxied IframeWallet that implements the {@link Wallet} interface.
+     *
+     * All Wallet method calls are intercepted by a Proxy, encrypted with the shared
+     * AES-256-GCM key, sent via postMessage, and the response is decrypted and
+     * validated against {@link WalletSchema}.
+     *
+     * @param walletId - Unique identifier of the remote wallet
+     * @param sessionId - Session identifier from the key exchange
+     * @param iframeWindow - The iframe's contentWindow to post messages to
+     * @param walletOrigin - Origin of the wallet iframe (for postMessage targeting)
+     * @param sharedKey - AES-256-GCM key derived from ECDH key exchange
+     * @param chainInfo - Network information (chainId and version)
+     * @param appId - Application identifier for the requesting dApp
+     * @returns A proxied IframeWallet — call `.asWallet()` to get the typed `Wallet`
+     */
+    static create(walletId: string, sessionId: string, iframeWindow: Window, walletOrigin: string, sharedKey: CryptoKey, chainInfo: ChainInfo, appId: string): IframeWallet;
+    /**
+     * Returns this wallet as a typed {@link Wallet} interface.
+     * When accessed through the Proxy (via `create()`), returns the proxy itself.
+     */
+    asWallet(): Wallet;
+    private handleEncryptedResponse;
+    private postMessage;
+    private handleDisconnect;
+    onDisconnect(callback: DisconnectCallback): () => void;
+    isDisconnected(): boolean;
+    disconnect(): void;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWZyYW1lX3dhbGxldC5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2lmcmFtZS9wcm92aWRlci9pZnJhbWVfd2FsbGV0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7Ozs7O0dBT0c7QUFDSCxPQUFPLEtBQUssRUFBRSxTQUFTLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUN6RCxPQUFPLEVBQUUsS0FBSyxNQUFNLEVBQWdCLE1BQU0sd0JBQXdCLENBQUM7QUFPbkUsT0FBTyxFQUFFLEtBQUssa0JBQWtCLEVBQThELE1BQU0sZ0JBQWdCLENBQUM7QUFhckg7Ozs7Ozs7Ozs7Ozs7R0FhRztBQUNILHFCQUFhLFlBQVk7SUFPckIsT0FBTyxDQUFDLFNBQVM7SUFDakIsT0FBTyxDQUFDLEtBQUs7SUFDYixPQUFPLENBQUMsUUFBUTtJQUNoQixPQUFPLENBQUMsU0FBUztJQUNqQixPQUFPLENBQUMsWUFBWTtJQUNwQixPQUFPLENBQUMsWUFBWTtJQUNwQixPQUFPLENBQUMsU0FBUztJQVpuQixPQUFPLENBQUMsUUFBUSxDQUFvRDtJQUNwRSxPQUFPLENBQUMsWUFBWSxDQUFTO0lBQzdCLE9BQU8sQ0FBQyxtQkFBbUIsQ0FBNEI7SUFDdkQsT0FBTyxDQUFDLGVBQWUsQ0FBNEM7SUFFbkUsT0FBTyxlQVFIO0lBRUo7Ozs7Ozs7Ozs7Ozs7OztPQWVHO0lBQ0gsTUFBTSxDQUFDLE1BQU0sQ0FDWCxRQUFRLEVBQUUsTUFBTSxFQUNoQixTQUFTLEVBQUUsTUFBTSxFQUNqQixZQUFZLEVBQUUsTUFBTSxFQUNwQixZQUFZLEVBQUUsTUFBTSxFQUNwQixTQUFTLEVBQUUsU0FBUyxFQUNwQixTQUFTLEVBQUUsU0FBUyxFQUNwQixLQUFLLEVBQUUsTUFBTSxHQUNaLFlBQVksQ0FxQ2Q7SUFFRDs7O09BR0c7SUFDSCxRQUFRLElBQUksTUFBTSxDQUVqQjtZQUVhLHVCQUF1QjtZQXlCdkIsV0FBVztJQTBCekIsT0FBTyxDQUFDLGdCQUFnQjtJQTBCeEIsWUFBWSxDQUFDLFFBQVEsRUFBRSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FRckQ7SUFFRCxjQUFjLElBQUksT0FBTyxDQUV4QjtJQUVELFVBQVUsSUFBSSxJQUFJLENBTWpCO0NBQ0YifQ==

package/dest/iframe/provider/iframe_wallet.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"iframe_wallet.d.ts","sourceRoot":"","sources":["../../../src/iframe/provider/iframe_wallet.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,wBAAwB,CAAC;AAOnE,OAAO,EAAE,KAAK,kBAAkB,EAA8D,MAAM,gBAAgB,CAAC;AAarH;;;;;;;;;;;;;GAaG;AACH,qBAAa,YAAY;IAOrB,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,SAAS;IAZnB,OAAO,CAAC,QAAQ,CAAoD;IACpE,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,mBAAmB,CAA4B;IACvD,OAAO,CAAC,eAAe,CAA4C;IAEnE,OAAO,eAQH;IAEJ;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CAAC,MAAM,CACX,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,EACpB,KAAK,EAAE,MAAM,GACZ,YAAY,CAqCd;IAED;;;OAGG;IACH,QAAQ,IAAI,MAAM,CAEjB;YAEa,uBAAuB;YAyBvB,WAAW;IA0BzB,OAAO,CAAC,gBAAgB;IA0BxB,YAAY,CAAC,QAAQ,EAAE,kBAAkB,GAAG,MAAM,IAAI,CAQrD;IAED,cAAc,IAAI,OAAO,CAExB;IAED,UAAU,IAAI,IAAI,CAMjB;CACF"}