@aztec/wallets 5.0.0-private.20260319 → 5.0.0-rc.1

package/dest/embedded/embedded_wallet.js

@@ -1,26 +1,49 @@
-import { SignerlessAccount } from '@aztec/aztec.js/account';
+import { NO_FROM } from '@aztec/aztec.js/account';
 import { CallAuthorizationRequest } from '@aztec/aztec.js/authorization';
-import { getGasLimits } from '@aztec/aztec.js/contracts';
-import { AccountManager } from '@aztec/aztec.js/wallet';
+import { ContractFunctionInteraction, NO_WAIT } from '@aztec/aztec.js/contracts';
+import { AccountManager, TxSimulationResultWithAppOffset } from '@aztec/aztec.js/wallet';
+import { DefaultEntrypoint } from '@aztec/entrypoints/default';
+import { poseidon2Hash } from '@aztec/foundation/crypto/poseidon';
+import { Schnorr } from '@aztec/foundation/crypto/schnorr';
 import { Fq, Fr } from '@aztec/foundation/curves/bn254';
-import { AztecAddress } from '@aztec/stdlib/aztec-address';
-import { getContractInstanceFromInstantiationParams } from '@aztec/stdlib/contract';
+import { getContractClassFromArtifact } from '@aztec/stdlib/contract';
 import { GasSettings } from '@aztec/stdlib/gas';
 import { deriveSigningKey } from '@aztec/stdlib/keys';
-import { collectOffchainEffects, mergeExecutionPayloads } from '@aztec/stdlib/tx';
-import { BaseWallet } from '@aztec/wallet-sdk/base-wallet';
+import { SimulationOverrides, TxStatus, collectOffchainEffects, mergeExecutionPayloads } from '@aztec/stdlib/tx';
+import { BaseWallet, getGasLimits } from '@aztec/wallet-sdk/base-wallet';
+/** Splits a unified EmbeddedWalletPXEOptions into PXEConfig overrides and PXECreationOptions. */ export function splitPxeOptions(pxe) {
+    if (!pxe) {
+        return {
+            config: {},
+            creation: {}
+        };
+    }
+    const { loggers, loggerActorLabel, proverOrOptions, store, simulator, hooks, preloadedContractsProvider, ...config } = pxe;
+    return {
+        config,
+        creation: {
+            loggers,
+            loggerActorLabel,
+            proverOrOptions,
+            store,
+            simulator,
+            hooks,
+            preloadedContractsProvider
+        }
+    };
+}
 const DEFAULT_ESTIMATED_GAS_PADDING = 0.1;
 export class EmbeddedWallet extends BaseWallet {
     walletDB;
     accountContracts;
     estimatedGasPadding;
+    // Stub class ids, populated on wallet startup
+    // to avoid redundant work per simulation
+    stubClassIds;
     constructor(pxe, aztecNode, walletDB, accountContracts, log){
-        super(pxe, aztecNode, log), this.walletDB = walletDB, this.accountContracts = accountContracts, this.estimatedGasPadding = DEFAULT_ESTIMATED_GAS_PADDING;
+        super(pxe, aztecNode, log), this.walletDB = walletDB, this.accountContracts = accountContracts, this.estimatedGasPadding = DEFAULT_ESTIMATED_GAS_PADDING, this.stubClassIds = new Map();
     }
     async getAccountFromAddress(address) {
-        if (address.equals(AztecAddress.ZERO)) {
-            return new SignerlessAccount();
-        }
         const { secretKey, salt, signingKey, type } = await this.walletDB.retrieveAccount(address);
         const accountManager = await this.createAccountInternal(type, secretKey, salt, signingKey);
         const account = await accountManager.getAccount();
@@ -51,20 +74,29 @@ export class EmbeddedWallet extends BaseWallet {
    * estimates actual gas usage and captures call authorization requests to generate
    * the necessary authwitnesses.
    */ async sendTx(executionPayload, opts) {
-        const feeOptions = await this.completeFeeOptionsForEstimation(opts.from, executionPayload.feePayer, opts.fee?.gasSettings);
+        // PXE has autoSync disabled by the embedded wallet entrypoints, so we sync once here to cover
+        // both the inner simulateTx (via simulateViaEntrypoint) and the proveTx that super.sendTx
+        await this.pxe.sync();
+        const feeOptions = await this.completeFeeOptions({
+            from: opts.from,
+            feePayer: executionPayload.feePayer,
+            gasSettings: opts.fee?.gasSettings,
+            forEstimation: true
+        });
         // Simulate the transaction first to estimate gas and capture required
         // private authwitnesses based on offchain effects.
         const simulationResult = await this.simulateViaEntrypoint(executionPayload, {
             from: opts.from,
             feeOptions,
-            scopes: this.scopesFrom(opts.from, opts.additionalScopes),
-            skipTxValidation: true
+            additionalScopes: opts.additionalScopes,
+            skipTxValidation: true,
+            sendMessagesAs: opts.sendMessagesAs
         });
         const offchainEffects = collectOffchainEffects(simulationResult.privateExecutionResult);
         const authWitnesses = await Promise.all(offchainEffects.map(async (effect)=>{
             try {
                 const authRequest = await CallAuthorizationRequest.fromFields(effect.data);
-                return this.createAuthWit(opts.from, {
+                return this.createAuthWit(authRequest.onBehalfOf, {
                     consumer: effect.contractAddress,
                     innerHash: authRequest.innerHash
                 });
@@ -77,7 +109,8 @@ export class EmbeddedWallet extends BaseWallet {
                 executionPayload.authWitnesses.push(authwit);
             }
         }
-        const estimated = getGasLimits(simulationResult, this.estimatedGasPadding);
+        const maxTxGasLimits = await this.getMaxTxGasLimits();
+        const estimated = getGasLimits(simulationResult.gasUsed, maxTxGasLimits, this.estimatedGasPadding);
         this.log.verbose(`Estimated gas limits for tx: DA=${estimated.gasLimits.daGas} L2=${estimated.gasLimits.l2Gas} teardownDA=${estimated.teardownGasLimits.daGas} teardownL2=${estimated.teardownGasLimits.l2Gas}`);
         const gasSettings = GasSettings.from({
             ...opts.fee?.gasSettings,
@@ -86,8 +119,24 @@ export class EmbeddedWallet extends BaseWallet {
             gasLimits: opts.fee?.gasSettings?.gasLimits ?? estimated.gasLimits,
             teardownGasLimits: opts.fee?.gasSettings?.teardownGasLimits ?? estimated.teardownGasLimits
         });
+        let wait = opts.wait;
+        if (wait !== NO_WAIT) {
+            const callerWaitOpts = typeof wait === 'object' ? wait : {};
+            wait = {
+                ...callerWaitOpts,
+                // Default to PROPOSED so the wait returns as soon as the tx lands in a proposed L2 block,
+                // rather than waiting until the end of the slot for the checkpoint to be published to L1.
+                // This is what makes MBPS (Multiple Blocks Per Slot) actually improve UX: with CHECKPOINTED
+                // we'd block until L1 inclusion regardless of how early in the slot the tx was sequenced.
+                // The tradeoff is a weaker guarantee — a proposed block only becomes canonical once it (or
+                // a later block in the same slot) is checkpointed, so a tx could be re-orged out if the
+                // proposer fails to publish to L1 (which should be rare, since they'd get slashed for it).
+                waitForStatus: callerWaitOpts.waitForStatus ?? TxStatus.PROPOSED
+            };
+        }
         return super.sendTx(executionPayload, {
             ...opts,
+            wait: wait,
             fee: {
                 ...opts.fee,
                 gasSettings
@@ -95,76 +144,141 @@ export class EmbeddedWallet extends BaseWallet {
         });
     }
     /**
+   * Overrides the base simulateTx to drive PXE syncing explicitly. The PXE created by the embedded
+   * wallet has autoSync disabled (so we can share one sync across simulate+send in sendTx); for
+   * standalone simulations we still need a fresh anchor block, which we provide here.
+   */ async simulateTx(executionPayload, opts) {
+        await this.pxe.sync();
+        return super.simulateTx(executionPayload, opts);
+    }
+    async profileTx(executionPayload, opts) {
+        await this.pxe.sync();
+        return super.profileTx(executionPayload, opts);
+    }
+    async executeUtility(call, opts) {
+        await this.pxe.sync();
+        return super.executeUtility(call, opts);
+    }
+    async getPrivateEvents(eventDef, eventFilter) {
+        await this.pxe.sync();
+        return super.getPrivateEvents(eventDef, eventFilter);
+    }
+    async registerContract(instance, artifact, secretKey) {
+        // registerContract may call pxe.updateContract under the hood, which depends on a fresh anchor
+        // block to verify the current class id from the node.
+        await this.pxe.sync();
+        return super.registerContract(instance, artifact, secretKey);
+    }
+    /**
+   * Hashes and registers the stub class for every supported account type with PXE, populating
+   * stubClassIds. Called on wallet initialization.
+   */ async initStubClasses() {
+        const schnorrArtifact = await this.accountContracts.getStubAccountContractArtifact('schnorr');
+        const { id: schnorrClassId } = await getContractClassFromArtifact(schnorrArtifact);
+        await this.pxe.registerContractClass(schnorrArtifact);
+        // ecdsa stubs share the same class id
+        const ecdsaArtifact = await this.accountContracts.getStubAccountContractArtifact('ecdsasecp256r1');
+        const { id: ecdsaClassId } = await getContractClassFromArtifact(ecdsaArtifact);
+        await this.pxe.registerContractClass(ecdsaArtifact);
+        this.stubClassIds.set('schnorr', schnorrClassId);
+        this.stubClassIds.set('schnorr_initializerless', schnorrClassId);
+        this.stubClassIds.set('ecdsasecp256k1', ecdsaClassId);
+        this.stubClassIds.set('ecdsasecp256r1', ecdsaClassId);
+    }
+    /**
+   * Builds contract overrides for all provided addresses by replacing their account contracts with stub implementations.
+   * Uses a type-specific stub artifact so that the stub's constructor selector matches the real account's constructor.
+   */ async buildAccountOverrides(addresses) {
+        const accounts = await this.getAccounts();
+        const contracts = {};
+        const filtered = accounts.filter((acc)=>addresses.some((addr)=>addr.equals(acc.item)));
+        for (const account of filtered){
+            const address = account.item;
+            const { type } = await this.walletDB.retrieveAccount(address);
+            const stubClassId = this.stubClassIds.get(type);
+            if (!stubClassId) {
+                throw new Error(`Stub class for account type '${type}' was not registered at wallet init. This is a bug — initStubClasses should cover every supported AccountType.`);
+            }
+            const originalAccount = await this.getAccountFromAddress(address);
+            const completeAddress = originalAccount.getCompleteAddress();
+            const contractInstance = await this.pxe.getContractInstance(completeAddress.address);
+            if (!contractInstance) {
+                throw new Error(`No contract instance found for address: ${completeAddress.address} during account override building. This is a bug!`);
+            }
+            contracts[address.toString()] = {
+                instance: {
+                    ...contractInstance,
+                    currentContractClassId: stubClassId
+                }
+            };
+        }
+        return contracts;
+    }
+    /**
    * Simulates calls via a stub account entrypoint, bypassing real account authorization.
    * This allows kernelless simulation with contract overrides, skipping expensive
    * private kernel circuit execution.
    */ async simulateViaEntrypoint(executionPayload, opts) {
-        const { from, feeOptions, scopes, skipTxValidation, skipFeeEnforcement } = opts;
-        let overrides;
-        let fromAccount;
-        if (!from.equals(AztecAddress.ZERO)) {
-            const { account, instance, artifact } = await this.getFakeAccountDataFor(from);
-            fromAccount = account;
-            overrides = {
-                contracts: {
-                    [from.toString()]: {
-                        instance,
-                        artifact
-                    }
-                }
-            };
-        } else {
-            fromAccount = await this.getAccountFromAddress(from);
-        }
+        const { from, feeOptions, additionalScopes, skipTxValidation, skipFeeEnforcement, sendMessagesAs } = opts;
+        const scopes = this.scopesFrom(from, additionalScopes);
         const feeExecutionPayload = await feeOptions.walletFeePaymentMethod?.getExecutionPayload();
-        const executionOptions = {
-            txNonce: Fr.random(),
-            cancellable: this.cancellableTransactions,
-            feePaymentMethodOptions: feeOptions.accountFeePaymentMethodOptions
-        };
         const finalExecutionPayload = feeExecutionPayload ? mergeExecutionPayloads([
             feeExecutionPayload,
             executionPayload
         ]) : executionPayload;
         const chainInfo = await this.getChainInfo();
-        const txRequest = await fromAccount.createTxExecutionRequest(finalExecutionPayload, feeOptions.gasSettings, chainInfo, executionOptions);
-        return this.pxe.simulateTx(txRequest, {
+        const accountOverrides = await this.buildAccountOverrides(scopes);
+        const overrides = new SimulationOverrides({
+            contracts: accountOverrides
+        });
+        let txRequest;
+        if (from === NO_FROM) {
+            const entrypoint = new DefaultEntrypoint();
+            txRequest = await entrypoint.createTxExecutionRequest(finalExecutionPayload, feeOptions.gasSettings, chainInfo);
+        } else {
+            const { type } = await this.walletDB.retrieveAccount(from);
+            const originalAccount = await this.getAccountFromAddress(from);
+            const completeAddress = originalAccount.getCompleteAddress();
+            const account = await this.accountContracts.createStubAccount(completeAddress, type);
+            const executionOptions = {
+                txNonce: Fr.random(),
+                cancellable: this.cancellableTransactions,
+                // If from is an address, feeOptions include the way the account contract should handle the fee payment
+                feePaymentMethodOptions: feeOptions.accountFeePaymentMethodOptions
+            };
+            txRequest = await account.createTxExecutionRequest(finalExecutionPayload, feeOptions.gasSettings, chainInfo, executionOptions);
+        }
+        const result = await this.pxe.simulateTx(txRequest, {
             simulatePublic: true,
             skipFeeEnforcement,
             skipTxValidation,
             overrides,
-            scopes
+            scopes,
+            senderForTags: this.senderForTagsFrom(from, sendMessagesAs)
         });
-    }
-    async getFakeAccountDataFor(address) {
-        const originalAccount = await this.getAccountFromAddress(address);
-        if (originalAccount instanceof SignerlessAccount) {
-            throw new Error(`Cannot create fake account data for SignerlessAccount at address: ${address}`);
-        }
-        const originalAddress = originalAccount.getCompleteAddress();
-        const contractInstance = await this.pxe.getContractInstance(originalAddress.address);
-        if (!contractInstance) {
-            throw new Error(`No contract instance found for address: ${originalAddress.address}`);
-        }
-        const stubAccount = await this.accountContracts.createStubAccount(originalAddress);
-        const stubArtifact = await this.accountContracts.getStubAccountContractArtifact();
-        const instance = await getContractInstanceFromInstantiationParams(stubArtifact, {
-            salt: Fr.random()
-        });
-        return {
-            account: stubAccount,
-            instance,
-            artifact: stubArtifact
-        };
+        const appCallOffset = await this.computeAppCallOffset(from, feeOptions);
+        return TxSimulationResultWithAppOffset.fromResultAndOffset(result, appCallOffset);
     }
     async createAccountInternal(type, secret, salt, signingKey) {
         let contract;
+        let immutablesHash;
+        let publicKey;
         switch(type){
             case 'schnorr':
                 {
                     contract = await this.accountContracts.getSchnorrAccountContract(Fq.fromBuffer(signingKey));
                     break;
                 }
+            case 'schnorr_initializerless':
+                {
+                    contract = await this.accountContracts.getSchnorrInitializerlessAccountContract(Fq.fromBuffer(signingKey));
+                    publicKey = await new Schnorr().computePublicKey(Fq.fromBuffer(signingKey));
+                    immutablesHash = await poseidon2Hash([
+                        publicKey.x,
+                        publicKey.y
+                    ]);
+                    break;
+                }
             case 'ecdsasecp256k1':
                 {
                     contract = await this.accountContracts.getEcdsaKAccountContract(signingKey);
@@ -180,12 +294,29 @@ export class EmbeddedWallet extends BaseWallet {
                     throw new Error(`Unknown account type ${type}`);
                 }
         }
-        const accountManager = await AccountManager.create(this, secret, contract, salt);
+        const accountManager = await AccountManager.create(this, secret, contract, {
+            salt,
+            immutablesHash
+        });
         const instance = accountManager.getInstance();
         const existingInstance = await this.pxe.getContractInstance(instance.address);
         if (!existingInstance) {
             const existingArtifact = await this.pxe.getContractArtifact(instance.currentContractClassId);
+            const artifact = existingArtifact ?? await accountManager.getAccountContract().getContractArtifact();
             await this.registerContract(instance, !existingArtifact ? await accountManager.getAccountContract().getContractArtifact() : undefined, accountManager.getSecretKey());
+            if (type === 'schnorr_initializerless') {
+                const constructor = artifact.functions.find((f)=>f.name === 'constructor');
+                if (!constructor) {
+                    throw new Error('Could not create SchnorrInitializerlessAccountContract: constructor ABI not found');
+                }
+                const storeCall = new ContractFunctionInteraction(this, instance.address, constructor, [
+                    publicKey.x,
+                    publicKey.y
+                ]);
+                await storeCall.simulate({
+                    from: instance.address
+                });
+            }
         }
         return accountManager;
     }
@@ -204,6 +335,10 @@ export class EmbeddedWallet extends BaseWallet {
         const sk = signingKey ?? deriveSigningKey(secret);
         return this.createAndStoreAccount(alias ?? '', 'schnorr', secret, salt, sk.toBuffer());
     }
+    createSchnorrInitializerlessAccount(secret, salt, signingKey, alias) {
+        const sk = signingKey ?? deriveSigningKey(secret);
+        return this.createAndStoreAccount(alias ?? '', 'schnorr_initializerless', secret, salt, sk.toBuffer());
+    }
     createECDSARAccount(secret, salt, signingKey, alias) {
         return this.createAndStoreAccount(alias ?? '', 'ecdsasecp256r1', secret, salt, signingKey);
     }
@@ -216,7 +351,8 @@ export class EmbeddedWallet extends BaseWallet {
     setEstimatedGasPadding(value) {
         this.estimatedGasPadding = value ?? DEFAULT_ESTIMATED_GAS_PADDING;
     }
-    stop() {
-        return this.pxe.stop();
+    async stop() {
+        await this.pxe.stop();
+        await this.walletDB.close();
     }
 }

package/dest/embedded/entrypoints/browser.d.ts

@@ -8,7 +8,7 @@ export declare class BrowserEmbeddedWallet extends EmbeddedWallet {
     static create<T extends BrowserEmbeddedWallet = BrowserEmbeddedWallet>(this: new (pxe: PXE, aztecNode: AztecNode, walletDB: WalletDB, accountContracts: AccountContractsProvider, log?: Logger) => T, nodeOrUrl: string | AztecNode, options?: EmbeddedWalletOptions): Promise<T>;
 }
 export { BrowserEmbeddedWallet as EmbeddedWallet };
-export type { EmbeddedWalletOptions } from '../embedded_wallet.js';
+export type { EmbeddedWalletOptions, EmbeddedWalletPXEOptions } from '../embedded_wallet.js';
 export { WalletDB } from '../wallet_db.js';
 export type { AccountType } from '../wallet_db.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnJvd3Nlci5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2VtYmVkZGVkL2VudHJ5cG9pbnRzL2Jyb3dzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLEtBQUssU0FBUyxFQUF5QixNQUFNLHNCQUFzQixDQUFDO0FBQzdFLE9BQU8sRUFBRSxLQUFLLE1BQU0sRUFBZ0IsTUFBTSx1QkFBdUIsQ0FBQztBQUVsRSxPQUFPLEVBQUUsS0FBSyxHQUFHLEVBQXNDLE1BQU0sd0JBQXdCLENBQUM7QUFJdEYsT0FBTyxLQUFLLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSx3Q0FBd0MsQ0FBQztBQUN2RixPQUFPLEVBQUUsY0FBYyxFQUFFLEtBQUsscUJBQXFCLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUNuRixPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFM0MscUJBQWEscUJBQXNCLFNBQVEsY0FBYztJQUN2RCxPQUFhLE1BQU0sQ0FBQyxDQUFDLFNBQVMscUJBQXFCLEdBQUcscUJBQXFCLEVBQ3pFLElBQUksRUFBRSxLQUNKLEdBQUcsRUFBRSxHQUFHLEVBQ1IsU0FBUyxFQUFFLFNBQVMsRUFDcEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsZ0JBQWdCLEVBQUUsd0JBQXdCLEVBQzFDLEdBQUcsQ0FBQyxFQUFFLE1BQU0sS0FDVCxDQUFDLEVBQ04sU0FBUyxFQUFFLE1BQU0sR0FBRyxTQUFTLEVBQzdCLE9BQU8sR0FBRSxxQkFBMEIsR0FDbEMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQTJDWjtDQUNGO0FBRUQsT0FBTyxFQUFFLHFCQUFxQixJQUFJLGNBQWMsRUFBRSxDQUFDO0FBQ25ELFlBQVksRUFBRSxxQkFBcUIsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ25FLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUMzQyxZQUFZLEVBQUUsV0FBVyxFQUFFLE1BQU0saUJBQWlCLENBQUMifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnJvd3Nlci5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2VtYmVkZGVkL2VudHJ5cG9pbnRzL2Jyb3dzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLEtBQUssU0FBUyxFQUF5QixNQUFNLHNCQUFzQixDQUFDO0FBQzdFLE9BQU8sRUFBRSxLQUFLLE1BQU0sRUFBZ0IsTUFBTSx1QkFBdUIsQ0FBQztBQUVsRSxPQUFPLEVBQUUsS0FBSyxHQUFHLEVBQXNDLE1BQU0sd0JBQXdCLENBQUM7QUFPdEYsT0FBTyxLQUFLLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSx3Q0FBd0MsQ0FBQztBQUN2RixPQUFPLEVBQUUsY0FBYyxFQUFFLEtBQUsscUJBQXFCLEVBQW1CLE1BQU0sdUJBQXVCLENBQUM7QUFDcEcsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBRTNDLHFCQUFhLHFCQUFzQixTQUFRLGNBQWM7SUFDdkQsT0FBYSxNQUFNLENBQUMsQ0FBQyxTQUFTLHFCQUFxQixHQUFHLHFCQUFxQixFQUN6RSxJQUFJLEVBQUUsS0FDSixHQUFHLEVBQUUsR0FBRyxFQUNSLFNBQVMsRUFBRSxTQUFTLEVBQ3BCLFFBQVEsRUFBRSxRQUFRLEVBQ2xCLGdCQUFnQixFQUFFLHdCQUF3QixFQUMxQyxHQUFHLENBQUMsRUFBRSxNQUFNLEtBQ1QsQ0FBQyxFQUNOLFNBQVMsRUFBRSxNQUFNLEdBQUcsU0FBUyxFQUM3QixPQUFPLEdBQUUscUJBQTBCLEdBQ2xDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0E0RFo7Q0FDRjtBQUVELE9BQU8sRUFBRSxxQkFBcUIsSUFBSSxjQUFjLEVBQUUsQ0FBQztBQUNuRCxZQUFZLEVBQUUscUJBQXFCLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUM3RixPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDM0MsWUFBWSxFQUFFLFdBQVcsRUFBRSxNQUFNLGlCQUFpQixDQUFDIn0=

package/dest/embedded/entrypoints/browser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../src/embedded/entrypoints/browser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAyB,MAAM,sBAAsB,CAAC;AAC7E,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAElE,OAAO,EAAE,KAAK,GAAG,EAAsC,MAAM,wBAAwB,CAAC;AAItF,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnF,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,qBAAa,qBAAsB,SAAQ,cAAc;IACvD,OAAa,MAAM,CAAC,CAAC,SAAS,qBAAqB,GAAG,qBAAqB,EACzE,IAAI,EAAE,KACJ,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,QAAQ,EAClB,gBAAgB,EAAE,wBAAwB,EAC1C,GAAG,CAAC,EAAE,MAAM,KACT,CAAC,EACN,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,CAAC,CAAC,CA2CZ;CACF;AAED,OAAO,EAAE,qBAAqB,IAAI,cAAc,EAAE,CAAC;AACnD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC"}
+{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../src/embedded/entrypoints/browser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAyB,MAAM,sBAAsB,CAAC;AAC7E,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAElE,OAAO,EAAE,KAAK,GAAG,EAAsC,MAAM,wBAAwB,CAAC;AAOtF,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAmB,MAAM,uBAAuB,CAAC;AACpG,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,qBAAa,qBAAsB,SAAQ,cAAc;IACvD,OAAa,MAAM,CAAC,CAAC,SAAS,qBAAqB,GAAG,qBAAqB,EACzE,IAAI,EAAE,KACJ,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,QAAQ,EAClB,gBAAgB,EAAE,wBAAwB,EAC1C,GAAG,CAAC,EAAE,MAAM,KACT,CAAC,EACN,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,CAAC,CAAC,CA4DZ;CACF;AAED,OAAO,EAAE,qBAAqB,IAAI,cAAc,EAAE,CAAC;AACnD,YAAY,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AAC7F,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC"}

package/dest/embedded/entrypoints/browser.js

@@ -3,40 +3,69 @@ import { createLogger } from '@aztec/foundation/log';
 import { createStore, openTmpStore } from '@aztec/kv-store/indexeddb';
 import { createPXE } from '@aztec/pxe/client/lazy';
 import { getPXEConfig } from '@aztec/pxe/config';
+import { getStandardAuthRegistry } from '@aztec/standard-contracts/auth-registry/lazy';
+import { getStandardHandshakeRegistry } from '@aztec/standard-contracts/handshake-registry/lazy';
+import { getStandardMultiCallEntrypoint } from '@aztec/standard-contracts/multi-call-entrypoint/lazy';
 import { LazyAccountContractsProvider } from '../account-contract-providers/lazy.js';
-import { EmbeddedWallet } from '../embedded_wallet.js';
+import { EmbeddedWallet, splitPxeOptions } from '../embedded_wallet.js';
 import { WalletDB } from '../wallet_db.js';
 export class BrowserEmbeddedWallet extends EmbeddedWallet {
     static async create(nodeOrUrl, options = {}) {
         const rootLogger = options.logger ?? createLogger('embedded-wallet');
         const aztecNode = typeof nodeOrUrl === 'string' ? createAztecNodeClient(nodeOrUrl) : nodeOrUrl;
         const l1Contracts = await aztecNode.getL1ContractAddresses();
+        // Support both the new unified `pxe` option and the deprecated `pxeConfig`/`pxeOptions`.
+        const { config: pxeConfigFromPxe, creation: pxeCreationFromPxe } = splitPxeOptions(options.pxe);
+        const mergedConfigOverrides = {
+            ...options.pxeConfig,
+            ...pxeConfigFromPxe
+        };
+        const mergedCreationOverrides = {
+            ...options.pxeOptions,
+            ...pxeCreationFromPxe
+        };
         const pxeConfig = Object.assign(getPXEConfig(), {
-            proverEnabled: options.pxeConfig?.proverEnabled ?? false,
+            proverEnabled: mergedConfigOverrides.proverEnabled ?? false,
             dataDirectory: `pxe_data_${l1Contracts.rollupAddress}`,
-            ...options.pxeConfig
+            autoSync: false,
+            ...mergedConfigOverrides
         });
         if (options.ephemeral) {
             delete pxeConfig.dataDirectory;
         }
         const pxeOptions = {
-            ...options.pxeOptions,
+            ...mergedCreationOverrides,
+            preloadedContractsProvider: mergedCreationOverrides.preloadedContractsProvider ?? {
+                getPreloadedContracts: async ()=>[
+                        await getStandardMultiCallEntrypoint(),
+                        await getStandardAuthRegistry(),
+                        await getStandardHandshakeRegistry()
+                    ]
+            },
             loggers: {
                 store: rootLogger.createChild('pxe:data'),
                 pxe: rootLogger.createChild('pxe:service'),
                 prover: rootLogger.createChild('pxe:prover'),
-                ...options.pxeOptions?.loggers
+                ...mergedCreationOverrides.loggers
             }
         };
         const pxe = await createPXE(aztecNode, pxeConfig, pxeOptions);
-        const walletDBStore = options.ephemeral ? await openTmpStore(true) : await createStore('wallet_data', {
+        const walletDBStore = options.walletDb?.store ?? (options.ephemeral ? await openTmpStore(true) : await createStore('wallet_data', {
             dataDirectory: `wallet_data_${l1Contracts.rollupAddress}`,
             dataStoreMapSizeKb: pxeConfig.dataStoreMapSizeKb,
-            l1Contracts
-        }, 1, rootLogger.createChild('wallet:data'));
-        const walletDB = WalletDB.init(walletDBStore, rootLogger.createChild('wallet:db').info);
-        return new this(pxe, aztecNode, walletDB, new LazyAccountContractsProvider(), rootLogger);
+            rollupAddress: l1Contracts.rollupAddress
+        }, 1, rootLogger.createChild('wallet:data')));
+        const walletDB = new WalletDB(walletDBStore, rootLogger.createChild('wallet:db').info);
+        const wallet = new this(pxe, aztecNode, walletDB, new LazyAccountContractsProvider(), rootLogger);
+        await wallet.initStubClasses();
+        return wallet;
     }
 }
 export { BrowserEmbeddedWallet as EmbeddedWallet };
 export { WalletDB } from '../wallet_db.js';
+ // At-rest encryption helpers are intentionally NOT re-exported here. They live
+ // on the `@aztec/wallets/embedded/store-encryption` sub-path so consumers
+ // (and bundlers) of this entrypoint don't transitively pull in
+ // `@aztec/kv-store/sqlite-opfs` and its `new Worker(new URL('./worker.js'))`
+ // chain into `@aztec/sqlite3mc-wasm`. Apps that don't use encryption-at-rest
+ // (e.g. the playground) should never see sqlite-opfs in their bundle.

package/dest/embedded/entrypoints/node.d.ts

@@ -8,7 +8,7 @@ export declare class NodeEmbeddedWallet extends EmbeddedWallet {
     static create<T extends NodeEmbeddedWallet = NodeEmbeddedWallet>(this: new (pxe: PXE, aztecNode: AztecNode, walletDB: WalletDB, accountContracts: AccountContractsProvider, log?: Logger) => T, nodeOrUrl: string | AztecNode, options?: EmbeddedWalletOptions): Promise<T>;
 }
 export { NodeEmbeddedWallet as EmbeddedWallet };
-export type { EmbeddedWalletOptions } from '../embedded_wallet.js';
+export type { EmbeddedWalletOptions, EmbeddedWalletPXEOptions } from '../embedded_wallet.js';
 export { WalletDB } from '../wallet_db.js';
 export type { AccountType } from '../wallet_db.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2VtYmVkZGVkL2VudHJ5cG9pbnRzL25vZGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLEtBQUssTUFBTSxFQUFnQixNQUFNLHVCQUF1QixDQUFDO0FBR2xFLE9BQU8sRUFBRSxLQUFLLEdBQUcsRUFBc0MsTUFBTSxtQkFBbUIsQ0FBQztBQUNqRixPQUFPLEtBQUssRUFBRSxTQUFTLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUdqRSxPQUFPLEtBQUssRUFBRSx3QkFBd0IsRUFBRSxNQUFNLHdDQUF3QyxDQUFDO0FBQ3ZGLE9BQU8sRUFBRSxjQUFjLEVBQUUsS0FBSyxxQkFBcUIsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ25GLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUUzQyxxQkFBYSxrQkFBbUIsU0FBUSxjQUFjO0lBQ3BELE9BQWEsTUFBTSxDQUFDLENBQUMsU0FBUyxrQkFBa0IsR0FBRyxrQkFBa0IsRUFDbkUsSUFBSSxFQUFFLEtBQ0osR0FBRyxFQUFFLEdBQUcsRUFDUixTQUFTLEVBQUUsU0FBUyxFQUNwQixRQUFRLEVBQUUsUUFBUSxFQUNsQixnQkFBZ0IsRUFBRSx3QkFBd0IsRUFDMUMsR0FBRyxDQUFDLEVBQUUsTUFBTSxLQUNULENBQUMsRUFDTixTQUFTLEVBQUUsTUFBTSxHQUFHLFNBQVMsRUFDN0IsT0FBTyxHQUFFLHFCQUEwQixHQUNsQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBaURaO0NBQ0Y7QUFFRCxPQUFPLEVBQUUsa0JBQWtCLElBQUksY0FBYyxFQUFFLENBQUM7QUFDaEQsWUFBWSxFQUFFLHFCQUFxQixFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDbkUsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQzNDLFlBQVksRUFBRSxXQUFXLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQyJ9
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2VtYmVkZGVkL2VudHJ5cG9pbnRzL25vZGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLEtBQUssTUFBTSxFQUFnQixNQUFNLHVCQUF1QixDQUFDO0FBR2xFLE9BQU8sRUFBRSxLQUFLLEdBQUcsRUFBc0MsTUFBTSxtQkFBbUIsQ0FBQztBQUlqRixPQUFPLEtBQUssRUFBRSxTQUFTLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUdqRSxPQUFPLEtBQUssRUFBRSx3QkFBd0IsRUFBRSxNQUFNLHdDQUF3QyxDQUFDO0FBQ3ZGLE9BQU8sRUFBRSxjQUFjLEVBQUUsS0FBSyxxQkFBcUIsRUFBbUIsTUFBTSx1QkFBdUIsQ0FBQztBQUNwRyxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFM0MscUJBQWEsa0JBQW1CLFNBQVEsY0FBYztJQUNwRCxPQUFhLE1BQU0sQ0FBQyxDQUFDLFNBQVMsa0JBQWtCLEdBQUcsa0JBQWtCLEVBQ25FLElBQUksRUFBRSxLQUNKLEdBQUcsRUFBRSxHQUFHLEVBQ1IsU0FBUyxFQUFFLFNBQVMsRUFDcEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsZ0JBQWdCLEVBQUUsd0JBQXdCLEVBQzFDLEdBQUcsQ0FBQyxFQUFFLE1BQU0sS0FDVCxDQUFDLEVBQ04sU0FBUyxFQUFFLE1BQU0sR0FBRyxTQUFTLEVBQzdCLE9BQU8sR0FBRSxxQkFBMEIsR0FDbEMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQWtFWjtDQUNGO0FBRUQsT0FBTyxFQUFFLGtCQUFrQixJQUFJLGNBQWMsRUFBRSxDQUFDO0FBQ2hELFlBQVksRUFBRSxxQkFBcUIsRUFBRSx3QkFBd0IsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQzdGLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUMzQyxZQUFZLEVBQUUsV0FBVyxFQUFFLE1BQU0saUJBQWlCLENBQUMifQ==

package/dest/embedded/entrypoints/node.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../../src/embedded/entrypoints/node.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAGlE,OAAO,EAAE,KAAK,GAAG,EAAsC,MAAM,mBAAmB,CAAC;AACjF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAGjE,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnF,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,qBAAa,kBAAmB,SAAQ,cAAc;IACpD,OAAa,MAAM,CAAC,CAAC,SAAS,kBAAkB,GAAG,kBAAkB,EACnE,IAAI,EAAE,KACJ,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,QAAQ,EAClB,gBAAgB,EAAE,wBAAwB,EAC1C,GAAG,CAAC,EAAE,MAAM,KACT,CAAC,EACN,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,CAAC,CAAC,CAiDZ;CACF;AAED,OAAO,EAAE,kBAAkB,IAAI,cAAc,EAAE,CAAC;AAChD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC"}
+{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../../src/embedded/entrypoints/node.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAGlE,OAAO,EAAE,KAAK,GAAG,EAAsC,MAAM,mBAAmB,CAAC;AAIjF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAGjE,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAmB,MAAM,uBAAuB,CAAC;AACpG,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,qBAAa,kBAAmB,SAAQ,cAAc;IACpD,OAAa,MAAM,CAAC,CAAC,SAAS,kBAAkB,GAAG,kBAAkB,EACnE,IAAI,EAAE,KACJ,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,QAAQ,EAClB,gBAAgB,EAAE,wBAAwB,EAC1C,GAAG,CAAC,EAAE,MAAM,KACT,CAAC,EACN,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,CAAC,CAAC,CAkEZ;CACF;AAED,OAAO,EAAE,kBAAkB,IAAI,cAAc,EAAE,CAAC;AAChD,YAAY,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AAC7F,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC"}

package/dest/embedded/entrypoints/node.js

@@ -3,39 +3,62 @@ import { createLogger } from '@aztec/foundation/log';
 import { createStore, openTmpStore } from '@aztec/kv-store/lmdb-v2';
 import { getPXEConfig } from '@aztec/pxe/config';
 import { createPXE } from '@aztec/pxe/server';
+import { getStandardAuthRegistry } from '@aztec/standard-contracts/auth-registry';
+import { getStandardHandshakeRegistry } from '@aztec/standard-contracts/handshake-registry';
+import { getStandardMultiCallEntrypoint } from '@aztec/standard-contracts/multi-call-entrypoint';
 import { BundleAccountContractsProvider } from '../account-contract-providers/bundle.js';
-import { EmbeddedWallet } from '../embedded_wallet.js';
+import { EmbeddedWallet, splitPxeOptions } from '../embedded_wallet.js';
 import { WalletDB } from '../wallet_db.js';
 export class NodeEmbeddedWallet extends EmbeddedWallet {
     static async create(nodeOrUrl, options = {}) {
         const rootLogger = options.logger ?? createLogger('embedded-wallet');
         const aztecNode = typeof nodeOrUrl === 'string' ? createAztecNodeClient(nodeOrUrl) : nodeOrUrl;
         const l1Contracts = await aztecNode.getL1ContractAddresses();
+        // Support both the new unified `pxe` option and the deprecated `pxeConfig`/`pxeOptions`.
+        const { config: pxeConfigFromPxe, creation: pxeCreationFromPxe } = splitPxeOptions(options.pxe);
+        const mergedConfigOverrides = {
+            ...options.pxeConfig,
+            ...pxeConfigFromPxe
+        };
+        const mergedCreationOverrides = {
+            ...options.pxeOptions,
+            ...pxeCreationFromPxe
+        };
         const pxeConfig = Object.assign(getPXEConfig(), {
-            proverEnabled: options.pxeConfig?.proverEnabled ?? false,
+            proverEnabled: mergedConfigOverrides.proverEnabled ?? false,
             dataDirectory: `pxe_data_${l1Contracts.rollupAddress}`,
-            ...options.pxeConfig
+            autoSync: false,
+            ...mergedConfigOverrides
         });
         if (options.ephemeral) {
             delete pxeConfig.dataDirectory;
         }
         const pxeOptions = {
-            ...options.pxeOptions,
+            ...mergedCreationOverrides,
+            preloadedContractsProvider: mergedCreationOverrides.preloadedContractsProvider ?? {
+                getPreloadedContracts: async ()=>[
+                        await getStandardMultiCallEntrypoint(),
+                        await getStandardAuthRegistry(),
+                        await getStandardHandshakeRegistry()
+                    ]
+            },
             loggers: {
                 store: rootLogger.createChild('pxe:data'),
                 pxe: rootLogger.createChild('pxe:service'),
                 prover: rootLogger.createChild('pxe:prover'),
-                ...options.pxeOptions?.loggers
+                ...mergedCreationOverrides.loggers
             }
         };
         const pxe = await createPXE(aztecNode, pxeConfig, pxeOptions);
-        const walletDBStore = options.ephemeral ? await openTmpStore(`wallet_data_${l1Contracts.rollupAddress}`, true, undefined, undefined, rootLogger.createChild('wallet:data').getBindings()) : await createStore('wallet_data', 1, {
+        const walletDBStore = options.walletDb?.store ?? (options.ephemeral ? await openTmpStore(`wallet_data_${l1Contracts.rollupAddress}`, true, undefined, undefined, rootLogger.createChild('wallet:data').getBindings()) : await createStore('wallet_data', 1, {
             dataDirectory: `wallet_data_${l1Contracts.rollupAddress}`,
             dataStoreMapSizeKb: pxeConfig.dataStoreMapSizeKb,
-            l1Contracts
-        }, rootLogger.createChild('wallet:data').getBindings());
-        const walletDB = WalletDB.init(walletDBStore, rootLogger.createChild('wallet:db').info);
-        return new this(pxe, aztecNode, walletDB, new BundleAccountContractsProvider(), rootLogger);
+            rollupAddress: l1Contracts.rollupAddress
+        }, rootLogger.createChild('wallet:data').getBindings()));
+        const walletDB = new WalletDB(walletDBStore, rootLogger.createChild('wallet:db').info);
+        const wallet = new this(pxe, aztecNode, walletDB, new BundleAccountContractsProvider(), rootLogger);
+        await wallet.initStubClasses();
+        return wallet;
     }
 }
 export { NodeEmbeddedWallet as EmbeddedWallet };

package/dest/embedded/store_encryption.d.ts

@@ -0,0 +1,67 @@
+/**
+ * Wallet-layer helpers for opening the embedded wallet's two encrypted stores (PXE + walletDB) as a cohesive unit.
+ *
+ * Sits on top of `@aztec/kv-store/sqlite-opfs`'s typed `SqliteEncryptionError` and adds:
+ *
+ *   - `storeName: 'pxe' | 'wallet'`, telling callers WHICH store failed.
+ *   - Cleanup: when the wallet store fails to open, ensures the already-opened PXE store is closed before the error
+ *     surfaces, so callers don't leak the SAH Pool's OPFS lock.
+ */
+import type { Logger } from '@aztec/foundation/log';
+import { AztecSQLiteOPFSStore, SqliteEncryptionError } from '@aztec/kv-store/sqlite-opfs';
+/** Which of the embedded wallet's two stores failed to open. */
+export type EmbeddedStoreName = 'pxe' | 'wallet';
+/**
+ * Thrown by {@link openEncryptedEmbeddedStores} when one of the two stores cannot be decrypted with the supplied
+ * key. The original {@link SqliteEncryptionError} is preserved as `cause`.
+ */
+export declare class EmbeddedWalletEncryptionError extends Error {
+    readonly storeName: EmbeddedStoreName;
+    constructor(storeName: EmbeddedStoreName, opts: {
+        cause: SqliteEncryptionError;
+    });
+}
+/** Configuration for {@link openEncryptedEmbeddedStores}. */
+export interface OpenEncryptedEmbeddedStoresOptions {
+    pxe: {
+        name: string;
+        poolDirectory?: string;
+    };
+    wallet: {
+        name: string;
+        poolDirectory?: string;
+    };
+}
+/**
+ * Internal seam for tests to inject a fake store opener. Defaults to `AztecSQLiteOPFSStore.open`. Not part of the
+ * public API.
+ *
+ * @internal
+ */
+export type OpenSqliteEncryptedStoreFn = (log: Logger, name: string, poolDirectory: string | undefined, encryptionKey: Uint8Array) => Promise<AztecSQLiteOPFSStore>;
+/**
+ * Opens the PXE and wallet stores in sequence, both encrypted with keys obtained from `getEncryptionKey`.
+ *
+ * The callback is invoked once per store (twice total per call) because `AztecSQLiteOPFSStore.open` *transfers*
+ * the key buffer to its worker. A single buffer would detach between the two opens.
+ *
+ * Failure modes:
+ *
+ *   - PXE store fails to decrypt → throws `EmbeddedWalletEncryptionError({ storeName: 'pxe', cause })`. No cleanup
+ *     needed (nothing was opened).
+ *   - Wallet store fails to decrypt → closes the already-opened PXE store then throws
+ *     `EmbeddedWalletEncryptionError({ storeName: 'wallet', cause })`.
+ *   - Any non-decrypt error during the wallet open → still closes PXE, then re-throws the original error unwrapped
+ *     (preserves callers' existing untyped error handling for non-encryption faults).
+ *
+ * @param config           - Per-store name/poolDirectory.
+ * @param getEncryptionKey - Returns a fresh 32-byte key per call (the buffer
+ *                           detaches on transfer, so each call must allocate).
+ * @param log              - Logger for both stores.
+ * @param openStore        - Internal test seam. Do not pass in production code.
+ */
+export declare function openEncryptedEmbeddedStores(config: OpenEncryptedEmbeddedStoresOptions, getEncryptionKey: () => Promise<Uint8Array>, log: Logger, openStore?: OpenSqliteEncryptedStoreFn): Promise<{
+    pxeStore: AztecSQLiteOPFSStore;
+    walletStore: AztecSQLiteOPFSStore;
+}>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RvcmVfZW5jcnlwdGlvbi5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2VtYmVkZGVkL3N0b3JlX2VuY3J5cHRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7Ozs7O0dBUUc7QUFDSCxPQUFPLEtBQUssRUFBRSxNQUFNLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUNwRCxPQUFPLEVBQUUsb0JBQW9CLEVBQUUscUJBQXFCLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUUxRixnRUFBZ0U7QUFDaEUsTUFBTSxNQUFNLGlCQUFpQixHQUFHLEtBQUssR0FBRyxRQUFRLENBQUM7QUFFakQ7OztHQUdHO0FBQ0gscUJBQWEsNkJBQThCLFNBQVEsS0FBSztJQUN0RCxRQUFRLENBQUMsU0FBUyxFQUFFLGlCQUFpQixDQUFDO0lBRXRDLFlBQVksU0FBUyxFQUFFLGlCQUFpQixFQUFFLElBQUksRUFBRTtRQUFFLEtBQUssRUFBRSxxQkFBcUIsQ0FBQTtLQUFFLEVBSS9FO0NBQ0Y7QUFFRCw2REFBNkQ7QUFDN0QsTUFBTSxXQUFXLGtDQUFrQztJQUNqRCxHQUFHLEVBQUU7UUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDO1FBQUMsYUFBYSxDQUFDLEVBQUUsTUFBTSxDQUFBO0tBQUUsQ0FBQztJQUM5QyxNQUFNLEVBQUU7UUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDO1FBQUMsYUFBYSxDQUFDLEVBQUUsTUFBTSxDQUFBO0tBQUUsQ0FBQztDQUNsRDtBQUVEOzs7OztHQUtHO0FBQ0gsTUFBTSxNQUFNLDBCQUEwQixHQUFHLENBQ3ZDLEdBQUcsRUFBRSxNQUFNLEVBQ1gsSUFBSSxFQUFFLE1BQU0sRUFDWixhQUFhLEVBQUUsTUFBTSxHQUFHLFNBQVMsRUFDakMsYUFBYSxFQUFFLFVBQVUsS0FDdEIsT0FBTyxDQUFDLG9CQUFvQixDQUFDLENBQUM7QUFLbkM7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBb0JHO0FBQ0gsd0JBQXNCLDJCQUEyQixDQUMvQyxNQUFNLEVBQUUsa0NBQWtDLEVBQzFDLGdCQUFnQixFQUFFLE1BQU0sT0FBTyxDQUFDLFVBQVUsQ0FBQyxFQUMzQyxHQUFHLEVBQUUsTUFBTSxFQUNYLFNBQVMsR0FBRSwwQkFBNkMsR0FDdkQsT0FBTyxDQUFDO0lBQUUsUUFBUSxFQUFFLG9CQUFvQixDQUFDO0lBQUMsV0FBVyxFQUFFLG9CQUFvQixDQUFBO0NBQUUsQ0FBQyxDQVdoRiJ9

package/dest/embedded/store_encryption.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store_encryption.d.ts","sourceRoot":"","sources":["../../src/embedded/store_encryption.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAE1F,gEAAgE;AAChE,MAAM,MAAM,iBAAiB,GAAG,KAAK,GAAG,QAAQ,CAAC;AAEjD;;;GAGG;AACH,qBAAa,6BAA8B,SAAQ,KAAK;IACtD,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAC;IAEtC,YAAY,SAAS,EAAE,iBAAiB,EAAE,IAAI,EAAE;QAAE,KAAK,EAAE,qBAAqB,CAAA;KAAE,EAI/E;CACF;AAED,6DAA6D;AAC7D,MAAM,WAAW,kCAAkC;IACjD,GAAG,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9C,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAClD;AAED;;;;;GAKG;AACH,MAAM,MAAM,0BAA0B,GAAG,CACvC,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,MAAM,GAAG,SAAS,EACjC,aAAa,EAAE,UAAU,KACtB,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAKnC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,kCAAkC,EAC1C,gBAAgB,EAAE,MAAM,OAAO,CAAC,UAAU,CAAC,EAC3C,GAAG,EAAE,MAAM,EACX,SAAS,GAAE,0BAA6C,GACvD,OAAO,CAAC;IAAE,QAAQ,EAAE,oBAAoB,CAAC;IAAC,WAAW,EAAE,oBAAoB,CAAA;CAAE,CAAC,CAWhF"}