@b3dotfun/sdk 0.1.70-alpha.1 → 0.1.70-alpha.11

package/dist/cjs/global-account/better-auth-client.js

@@ -2,16 +2,41 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.betterAuthClient = void 0;
 exports.createB3BetterAuthClient = createB3BetterAuthClient;
+exports.getBetterAuthClient = getBetterAuthClient;
+exports.resetBetterAuthClient = resetBetterAuthClient;
 const client_1 = require("better-auth/client");
+const plugins_1 = require("better-auth/client/plugins");
 const app_shared_1 = require("../app.shared");
-function createB3BetterAuthClient(baseURL = app_shared_1.B3_API_URL) {
+function createB3BetterAuthClient(baseURL) {
     return (0, client_1.createAuthClient)({
-        baseURL,
+        baseURL: baseURL ?? (0, app_shared_1.getB3ApiUrl)(),
         basePath: "/auth",
         fetchOptions: {
             credentials: "include",
         },
+        plugins: [(0, plugins_1.twoFactorClient)()],
     });
 }
-// Default singleton for standard usage
+// Lazily-initialized singleton. Recreated when the API URL changes via
+// `resetBetterAuthClient()` (called by B3Provider when `apiUrl` changes).
+let _client = null;
+let _clientUrl = null;
+/** Get the shared BetterAuth client, creating it if needed. */
+function getBetterAuthClient() {
+    const url = (0, app_shared_1.getB3ApiUrl)();
+    if (!_client || _clientUrl !== url) {
+        _client = createB3BetterAuthClient(url);
+        _clientUrl = url;
+    }
+    return _client;
+}
+/** Force-recreate the client on next access (e.g. after API URL change). */
+function resetBetterAuthClient() {
+    _client = null;
+    _clientUrl = null;
+}
+/**
+ * @deprecated Use `getBetterAuthClient()` instead. This static singleton
+ * does not reflect runtime API URL changes via `B3Provider apiUrl` prop.
+ */
 exports.betterAuthClient = createB3BetterAuthClient();

package/dist/cjs/global-account/bsmnt.d.ts

@@ -1,5 +1,5 @@
 declare const app: import("@b3dotfun/basement-api").ClientApplication;
-export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<Record<string, any> | null>;
 export declare const resetSocket: () => void;
-export declare const authenticateWithB3JWT: (fullToken: string, params?: Record<string, any>) => Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare const authenticateWithB3JWT: (fullToken: string, params?: Record<string, any>) => Promise<Record<string, any> | null>;
 export default app;

package/dist/cjs/global-account/bsmnt.native.d.ts

@@ -1,5 +1,5 @@
 import { MMKV } from "react-native-mmkv";
 export declare const localStoreInstance: MMKV;
 declare const app: import("@b3dotfun/basement-api").ClientApplication;
-export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<Record<string, any> | null>;
 export default app;

package/dist/cjs/global-account/client-manager.d.ts

@@ -1,5 +1,7 @@
 import { ClientApplication } from "@b3dotfun/b3-api";
 export type ClientType = "socket" | "rest";
+/** Reset all cached clients (called when API URL changes). */
+export declare function resetClients(): void;
 /**
  * Sets the active client type and creates the appropriate client
  *
@@ -25,20 +27,20 @@ export declare function resetSocket(): void;
 /**
  * Authenticates with the current active client
  */
-export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare const authenticate: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<Record<string, any> | null>;
 /**
  * Authenticates with a specific client type
  */
-export declare const authenticateWithClient: (clientType: ClientType, accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare const authenticateWithClient: (clientType: ClientType, accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<Record<string, any> | null>;
 /**
  * Authenticates with both clients in parallel (useful for migration scenarios)
  */
 export declare const authenticateBoth: (accessToken: string, identityToken: string, params?: Record<string, any>) => Promise<{
-    socket: import("@feathersjs/authentication").AuthenticationResult | null;
-    rest: import("@feathersjs/authentication").AuthenticationResult | null;
+    socket: Record<string, any> | null;
+    rest: Record<string, any> | null;
     success: boolean;
 }>;
 /**
  * Switches the client type and authenticates
  */
-export declare function switchClientAndAuth(type: ClientType, access: string, id: string, params?: any): Promise<import("@feathersjs/authentication").AuthenticationResult | null>;
+export declare function switchClientAndAuth(type: ClientType, access: string, id: string, params?: any): Promise<Record<string, any> | null>;

package/dist/cjs/global-account/client-manager.js

@@ -4,6 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.authenticateBoth = exports.authenticateWithClient = exports.authenticate = void 0;
+exports.resetClients = resetClients;
 exports.setClientType = setClientType;
 exports.getClient = getClient;
 exports.getClientType = getClientType;
@@ -21,15 +22,19 @@ let currentClient = null;
 // Socket client instance
 let socketClient = null;
 let socketInstance = null;
+let socketClientUrl = null;
 // REST client instance
 let restClient = null;
+let restClientUrl = null;
 /**
  * Creates a socket client
  */
 function createSocketClient() {
-    if (!socketClient) {
-        socketInstance = (0, socket_io_client_1.default)(app_shared_1.B3_API_URL, { transports: ["websocket"] });
+    const url = (0, app_shared_1.getB3ApiUrl)();
+    if (!socketClient || socketClientUrl !== url) {
+        socketInstance = (0, socket_io_client_1.default)(url, { transports: ["websocket"] });
         socketClient = (0, b3_api_1.createClient)((0, socketio_client_1.default)(socketInstance), app_shared_1.clientOptions);
+        socketClientUrl = url;
     }
     return socketClient;
 }
@@ -45,12 +50,22 @@ function resolveFetch() {
     return require("cross-fetch").fetch;
 }
 function createRestClient() {
-    if (!restClient) {
-        const connection = (0, rest_client_1.default)(app_shared_1.B3_API_URL).fetch(resolveFetch());
+    const url = (0, app_shared_1.getB3ApiUrl)();
+    if (!restClient || restClientUrl !== url) {
+        const connection = (0, rest_client_1.default)(url).fetch(resolveFetch());
         restClient = (0, b3_api_1.createClient)(connection, app_shared_1.clientOptions);
+        restClientUrl = url;
     }
     return restClient;
 }
+/** Reset all cached clients (called when API URL changes). */
+function resetClients() {
+    socketClient = null;
+    socketClientUrl = null;
+    restClient = null;
+    restClientUrl = null;
+    currentClient = null;
+}
 /**
  * Sets the active client type and creates the appropriate client
  *

package/dist/cjs/global-account/react/components/AvatarEditor/AvatarEditor.js

@@ -12,13 +12,12 @@ const profileDisplay_1 = require("../../../../global-account/react/utils/profile
 const cn_1 = require("../../../../shared/utils/cn");
 const debug_1 = require("../../../../shared/utils/debug");
 const ipfs_1 = require("../../../../shared/utils/ipfs");
-const thirdweb_1 = require("../../../../shared/utils/thirdweb");
+const upload_1 = require("../../../../shared/utils/upload");
 const lucide_react_1 = require("lucide-react");
 const react_2 = require("react");
 const react_easy_crop_1 = __importDefault(require("react-easy-crop"));
 require("react-easy-crop/react-easy-crop.css");
 const react_3 = require("thirdweb/react");
-const storage_1 = require("thirdweb/storage");
 const stores_1 = require("../../stores");
 const ModalHeader_1 = __importDefault(require("../ModalHeader/ModalHeader"));
 const debug = (0, debug_1.debugB3React)("AvatarEditor");
@@ -201,18 +200,14 @@ function AvatarEditor({ onSetAvatar, className }) {
                     return;
                 }
             }
-            // Upload to IPFS if we have a file
+            // Upload file if we have one
             if (fileToUpload) {
-                debug("Starting upload to IPFS", fileToUpload);
-                // Upload to IPFS using Thirdweb
-                const ipfsUrl = await (0, storage_1.upload)({
-                    client: thirdweb_1.client,
-                    files: [fileToUpload],
-                });
-                debug("Upload successful", ipfsUrl);
+                debug("Starting upload", fileToUpload);
+                const avatarUrl = await (0, upload_1.uploadFile)(fileToUpload);
+                debug("Upload successful", avatarUrl);
                 // Save avatar URL using profiles service
                 const user = await app_1.default.service("users").setAvatar({
-                    avatar: ipfsUrl,
+                    avatar: avatarUrl,
                 }, 
                 // @ts-expect-error - our typed client is expecting context even though it's set elsewhere
                 {});

package/dist/cjs/global-account/react/components/B3Provider/B3ConfigProvider.d.ts

@@ -15,10 +15,8 @@ export interface B3ConfigContextType {
     stripePublishableKey?: string;
     createClientReferenceId?: (params: CreateOrderParams | CreateOnrampOrderParams) => Promise<string>;
     authStrategy: AuthStrategy;
-    /** Override the API base URL for all auth operations (Better Auth client, Feathers JWT exchange). */
-    apiUrl?: string;
 }
-export declare function B3ConfigProvider({ children, accountOverride, environment, defaultPermissions, automaticallySetFirstEoa, theme, clientType, partnerId, stripePublishableKey, createClientReferenceId, authStrategy, apiUrl, }: {
+export declare function B3ConfigProvider({ children, accountOverride, environment, defaultPermissions, automaticallySetFirstEoa, theme, clientType, partnerId, stripePublishableKey, createClientReferenceId, authStrategy, }: {
     children: React.ReactNode;
     accountOverride?: Account;
     environment?: "development" | "production";
@@ -30,7 +28,5 @@ export declare function B3ConfigProvider({ children, accountOverride, environmen
     stripePublishableKey?: string;
     createClientReferenceId?: (params: CreateOrderParams | CreateOnrampOrderParams) => Promise<string>;
     authStrategy?: AuthStrategy;
-    /** Override the API base URL for all auth operations (Better Auth client, Feathers JWT exchange). */
-    apiUrl?: string;
 }): import("react/jsx-runtime").JSX.Element;
 export declare function useB3Config(): B3ConfigContextType;

package/dist/cjs/global-account/react/components/B3Provider/B3ConfigProvider.js

@@ -14,7 +14,7 @@ const DEFAULT_PERMISSIONS = {
     endDate: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365), // 1 year from now
 };
 const B3ConfigContext = (0, react_1.createContext)(null);
-function B3ConfigProvider({ children, accountOverride, environment = "development", defaultPermissions = DEFAULT_PERMISSIONS, automaticallySetFirstEoa = false, theme = "light", clientType = "rest", partnerId, stripePublishableKey, createClientReferenceId, authStrategy = "thirdweb", apiUrl, }) {
+function B3ConfigProvider({ children, accountOverride, environment = "development", defaultPermissions = DEFAULT_PERMISSIONS, automaticallySetFirstEoa = false, theme = "light", clientType = "rest", partnerId, stripePublishableKey, createClientReferenceId, authStrategy = "thirdweb", }) {
     return ((0, jsx_runtime_1.jsx)(B3ConfigContext.Provider, { value: {
             accountOverride,
             environment,
@@ -26,7 +26,6 @@ function B3ConfigProvider({ children, accountOverride, environment = "developmen
             stripePublishableKey,
             createClientReferenceId,
             authStrategy,
-            apiUrl,
         }, children: children }));
 }
 function useB3Config() {

package/dist/cjs/global-account/react/components/B3Provider/B3Provider.d.ts

@@ -10,7 +10,7 @@ import { ClientType } from "../../../client-manager";
 /**
  * Main B3Provider component
  */
-export declare function B3Provider({ theme, children, accountOverride, environment, automaticallySetFirstEoa, defaultEoaProvider, simDuneApiKey, toaster: _toaster, clientType, rpcUrls, partnerId, stripePublishableKey, onConnect, onLogout, connectors, overrideDefaultConnectors, createClientReferenceId, defaultPermissions, disableBSMNTAuthentication, queryClient, authStrategy, apiUrl, }: {
+export declare function B3Provider({ theme, children, accountOverride, environment, automaticallySetFirstEoa, defaultEoaProvider, simDuneApiKey, toaster: _toaster, clientType, rpcUrls, partnerId, stripePublishableKey, onConnect, onLogout, connectors, overrideDefaultConnectors, createClientReferenceId, defaultPermissions, disableBSMNTAuthentication, queryClient, authStrategy, apiUrl, notificationsApiUrl, }: {
     theme: "light" | "dark";
     children: React.ReactNode;
     accountOverride?: Account;
@@ -40,19 +40,14 @@ export declare function B3Provider({ theme, children, accountOverride, environme
     /** Auth strategy: "thirdweb" (default, ecosystem wallet) or "better-auth" (email/password via Better Auth) */
     authStrategy?: AuthStrategy;
     /**
-     * Override the API base URL for Better Auth operations.
+     * Override the B3 API URL. When provided, all SDK requests (auth, Feathers,
+     * BetterAuth) will use this URL instead of the `NEXT_PUBLIC_B3_API` env var.
      *
-     * When set, the Better Auth client (signIn, signUp, signOut, getSession) will
-     * target this URL instead of the default `B3_API_URL` / `NEXT_PUBLIC_B3_API`.
-     *
-     * Useful for local development where the frontend runs on localhost:3003 and
-     * the b3-api runs on localhost:3031 — keeps the entire OAuth flow local so
-     * sessions, cookies, and token exchange all hit the same server.
-     *
-     * @example
-     * ```tsx
-     * <B3Provider apiUrl="http://localhost:3031" ... />
-     * ```
+     * Useful for local development: pass `http://localhost:3031` to route
+     * OAuth callbacks and session checks through your local B3 API.
+     * If omitted, defaults to `NEXT_PUBLIC_B3_API` or `https://api.b3.fun`.
      */
     apiUrl?: string;
+    /** Override the notifications worker URL. Defaults to `https://notifications.b3.fun`. */
+    notificationsApiUrl?: string;
 }): import("react/jsx-runtime").JSX.Element;

package/dist/cjs/global-account/react/components/B3Provider/B3Provider.js

@@ -12,19 +12,40 @@ const react_2 = require("../../../../wallet/react");
 require("@relayprotocol/relay-kit-ui/styles.css");
 const react_3 = require("react");
 const client_manager_1 = require("../../../client-manager");
+const app_shared_1 = require("../../../../app.shared");
+const api_1 = require("../../../../notifications/services/api");
+const better_auth_client_1 = require("../../../better-auth-client");
 const StyleRoot_1 = require("../StyleRoot");
 const index_1 = require("../Toast/index");
 const AuthenticationProvider_1 = __importDefault(require("./AuthenticationProvider"));
 const B3ConfigProvider_1 = require("./B3ConfigProvider");
-const BetterAuthClientProvider_1 = require("./BetterAuthClientProvider");
 const BetterAuthProvider_1 = __importDefault(require("./BetterAuthProvider"));
 const LocalSDKProvider_1 = require("./LocalSDKProvider");
+const NOTIFICATIONS_URL_BY_ENV = {
+    development: "https://dev-notifications.b3.fun",
+    production: "https://notifications.b3.fun",
+};
 /**
  * Main B3Provider component
  */
 function B3Provider({ theme = "light", children, accountOverride, environment, automaticallySetFirstEoa, defaultEoaProvider, simDuneApiKey, 
 // deprecated since v0.0.87
-toaster: _toaster, clientType = "rest", rpcUrls, partnerId, stripePublishableKey, onConnect, onLogout, connectors, overrideDefaultConnectors = false, createClientReferenceId, defaultPermissions, disableBSMNTAuthentication = false, queryClient, authStrategy = "thirdweb", apiUrl, }) {
+toaster: _toaster, clientType = "rest", rpcUrls, partnerId, stripePublishableKey, onConnect, onLogout, connectors, overrideDefaultConnectors = false, createClientReferenceId, defaultPermissions, disableBSMNTAuthentication = false, queryClient, authStrategy = "thirdweb", apiUrl, notificationsApiUrl, }) {
+    // Override the B3 API URL when the `apiUrl` prop is provided.
+    // Must run before client initialization and auth providers mount.
+    (0, react_3.useEffect)(() => {
+        (0, app_shared_1.setB3ApiUrl)(apiUrl ?? null);
+        if (apiUrl) {
+            (0, better_auth_client_1.resetBetterAuthClient)();
+            (0, client_manager_1.resetClients)();
+        }
+        return () => {
+            (0, app_shared_1.setB3ApiUrl)(null);
+        };
+    }, [apiUrl]);
+    (0, react_3.useEffect)(() => {
+        (0, api_1.setApiUrl)(notificationsApiUrl ?? NOTIFICATIONS_URL_BY_ENV[environment ?? "production"]);
+    }, [notificationsApiUrl, environment]);
     // Initialize Google Analytics on mount
     (0, react_3.useEffect)(() => {
         (0, analytics_1.loadGA4Script)();
@@ -34,7 +55,7 @@ toaster: _toaster, clientType = "rest", rpcUrls, partnerId, stripePublishableKey
         (0, client_manager_1.setClientType)(clientType);
     }, [clientType]);
     const wagmiConfig = (0, react_3.useMemo)(() => (0, createWagmiConfig_1.createWagmiConfig)({ partnerId, rpcUrls, connectors, overrideDefaultConnectors }), [partnerId, rpcUrls, connectors, overrideDefaultConnectors]);
-    return ((0, jsx_runtime_1.jsx)(react_2.WalletProvider, { wagmiConfig: wagmiConfig, queryClient: queryClient, children: (0, jsx_runtime_1.jsx)(react_1.TooltipProvider, { children: (0, jsx_runtime_1.jsx)(index_1.ToastProvider, { children: (0, jsx_runtime_1.jsx)(LocalSDKProvider_1.LocalSDKProvider, { onConnectCallback: onConnect, onLogoutCallback: onLogout, disableBSMNTAuthentication: disableBSMNTAuthentication, children: (0, jsx_runtime_1.jsx)(B3ConfigProvider_1.B3ConfigProvider, { accountOverride: accountOverride, environment: environment, automaticallySetFirstEoa: !!automaticallySetFirstEoa, theme: theme, clientType: clientType, partnerId: partnerId, stripePublishableKey: stripePublishableKey, createClientReferenceId: createClientReferenceId, defaultPermissions: defaultPermissions, authStrategy: authStrategy, apiUrl: apiUrl, children: (0, jsx_runtime_1.jsxs)(BetterAuthClientProvider_1.BetterAuthClientProvider, { apiUrl: apiUrl, children: [(0, jsx_runtime_1.jsx)(ToastContextConnector, {}), (0, jsx_runtime_1.jsxs)(react_1.RelayKitProviderWrapper, { simDuneApiKey: simDuneApiKey, children: [children, (0, jsx_runtime_1.jsx)(StyleRoot_1.StyleRoot, { id: "b3-root" })] }), authStrategy === "better-auth" ? ((0, jsx_runtime_1.jsx)(BetterAuthProvider_1.default, { partnerId: partnerId })) : ((0, jsx_runtime_1.jsx)(AuthenticationProvider_1.default, { partnerId: partnerId, automaticallySetFirstEoa: !!automaticallySetFirstEoa, defaultEoaProvider: defaultEoaProvider }))] }) }) }) }) }) }));
+    return ((0, jsx_runtime_1.jsx)(react_2.WalletProvider, { wagmiConfig: wagmiConfig, queryClient: queryClient, children: (0, jsx_runtime_1.jsx)(react_1.TooltipProvider, { children: (0, jsx_runtime_1.jsx)(index_1.ToastProvider, { children: (0, jsx_runtime_1.jsx)(LocalSDKProvider_1.LocalSDKProvider, { onConnectCallback: onConnect, onLogoutCallback: onLogout, disableBSMNTAuthentication: disableBSMNTAuthentication, children: (0, jsx_runtime_1.jsxs)(B3ConfigProvider_1.B3ConfigProvider, { accountOverride: accountOverride, environment: environment, automaticallySetFirstEoa: !!automaticallySetFirstEoa, theme: theme, clientType: clientType, partnerId: partnerId, stripePublishableKey: stripePublishableKey, createClientReferenceId: createClientReferenceId, defaultPermissions: defaultPermissions, authStrategy: authStrategy, children: [(0, jsx_runtime_1.jsx)(ToastContextConnector, {}), (0, jsx_runtime_1.jsxs)(react_1.RelayKitProviderWrapper, { simDuneApiKey: simDuneApiKey, children: [children, (0, jsx_runtime_1.jsx)(StyleRoot_1.StyleRoot, { id: "b3-root" })] }), authStrategy === "better-auth" ? ((0, jsx_runtime_1.jsx)(BetterAuthProvider_1.default, { partnerId: partnerId })) : ((0, jsx_runtime_1.jsx)(AuthenticationProvider_1.default, { partnerId: partnerId, automaticallySetFirstEoa: !!automaticallySetFirstEoa, defaultEoaProvider: defaultEoaProvider }))] }) }) }) }) }));
 }
 /**
  * Component to connect the toast context to the global toast API

package/dist/cjs/global-account/react/components/B3Provider/BetterAuthProvider.js

@@ -9,8 +9,8 @@ const constants_1 = require("../../../../shared/constants");
 const debug_1 = require("../../../../shared/utils/debug");
 const js_cookie_1 = __importDefault(require("js-cookie"));
 const react_2 = require("react");
+const better_auth_client_1 = require("../../../better-auth-client");
 const useUserQuery_1 = require("../../hooks/useUserQuery");
-const BetterAuthClientProvider_1 = require("./BetterAuthClientProvider");
 const debug = (0, debug_1.debugB3React)("BetterAuthProvider");
 /**
  * Parallel to AuthenticationProvider for Better Auth strategy.
@@ -25,7 +25,6 @@ const debug = (0, debug_1.debugB3React)("BetterAuthProvider");
  * useAuth, SignIn component, etc.) automatically clears the Better Auth session.
  */
 const BetterAuthProvider = ({ partnerId }) => {
-    const betterAuthClient = (0, BetterAuthClientProvider_1.useBetterAuthClient)();
     const setIsAuthenticated = (0, react_1.useAuthStore)(state => state.setIsAuthenticated);
     const setIsAuthenticating = (0, react_1.useAuthStore)(state => state.setIsAuthenticating);
     const setIsConnected = (0, react_1.useAuthStore)(state => state.setIsConnected);
@@ -46,7 +45,7 @@ const BetterAuthProvider = ({ partnerId }) => {
         app_1.default.logout = async () => {
             debug("Patched logout: clearing Better Auth session");
             try {
-                await betterAuthClient.signOut();
+                await (0, better_auth_client_1.getBetterAuthClient)().signOut();
             }
             catch {
                 debug("Better Auth signOut failed (non-critical)");
@@ -57,7 +56,7 @@ const BetterAuthProvider = ({ partnerId }) => {
             app_1.default.logout = originalLogout;
             hasPatched.current = false;
         };
-    }, [betterAuthClient]);
+    }, []);
     // Session restore on mount
     (0, react_2.useEffect)(() => {
         if (hasAttemptedRestore.current)
@@ -80,9 +79,50 @@ const BetterAuthProvider = ({ partnerId }) => {
             catch {
                 debug("No existing Feathers JWT");
             }
-            // 2. Check for a Better Auth session (e.g. after OAuth redirect sets a cookie)
+            // 2. Check for _ba_token in URL (OAuth callback with third-party cookie bypass).
+            //    When the API and frontend are on different domains, browsers with third-party
+            //    cookie blocking (Firefox TCP, Safari ITP, Chrome Privacy Sandbox) prevent the
+            //    better-auth.session_token cookie from being sent on cross-origin requests.
+            //    The B3 API injects the session token into the redirect URL as _ba_token,
+            //    allowing direct exchange without relying on cookies.
+            const params = new URLSearchParams(window.location.search);
+            const baToken = params.get("_ba_token");
+            if (baToken) {
+                debug("Found _ba_token in URL, exchanging for Feathers JWT");
+                // Clean the token from the URL immediately (security)
+                params.delete("_ba_token");
+                const cleanSearch = params.toString();
+                const cleanUrl = window.location.pathname + (cleanSearch ? `?${cleanSearch}` : "") + window.location.hash;
+                window.history.replaceState({}, "", cleanUrl);
+                try {
+                    const response = await app_1.default.authenticate({
+                        strategy: "better-auth",
+                        accessToken: baToken,
+                        partnerId,
+                    });
+                    if (response.accessToken) {
+                        js_cookie_1.default.set(constants_1.B3_AUTH_COOKIE_NAME, response.accessToken, {
+                            secure: true,
+                            sameSite: "Lax",
+                        });
+                    }
+                    if (response.user) {
+                        setUser(response.user);
+                        setIsAuthenticated(true);
+                        setIsConnected(true);
+                    }
+                    debug("_ba_token exchanged for Feathers JWT", { userId: response.user?.userId });
+                    setIsAuthenticating(false);
+                    return;
+                }
+                catch (err) {
+                    debug("_ba_token exchange failed", err);
+                }
+            }
+            // 3. Check for a Better Auth session via cookie (works when API and frontend
+            //    share a domain or when cookies aren't partitioned)
             try {
-                const session = await betterAuthClient.getSession();
+                const session = await (0, better_auth_client_1.getBetterAuthClient)().getSession();
                 if (session.data?.session?.token) {
                     debug("Better Auth session found, exchanging for Feathers JWT", {
                         betterAuthUserId: session.data.user?.id,
@@ -111,11 +151,11 @@ const BetterAuthProvider = ({ partnerId }) => {
             catch {
                 debug("No Better Auth session to restore");
             }
-            // 3. Nothing found — show login UI
+            // 4. Nothing found — show login UI
             setIsAuthenticating(false);
         };
         restoreSession();
-    }, [setIsAuthenticated, setIsAuthenticating, setIsConnected, setUser, partnerId, betterAuthClient]);
+    }, [setIsAuthenticated, setIsAuthenticating, setIsConnected, setUser, partnerId]);
     return null;
 };
 exports.default = BetterAuthProvider;

package/dist/cjs/global-account/react/components/ManageAccount/SettingsProfileCard.js

@@ -77,7 +77,7 @@ const SettingsProfileCard = () => {
                 // Better Auth: register username without wallet signing (DB-only, no ENS)
                 // Skip ens_normalize — it rejects underscores/mixed-case that are valid non-ENS usernames
                 const sanitizedUsername = editedUsername.trim().toLowerCase();
-                // Type assertion needed: b3-mono now accepts message/hash as optional for Better Auth users
+                // Type assertion needed: API now accepts message/hash as optional for Better Auth users
                 updatedUser = (await app_1.default
                     .service("users")
                     .registerUsername({ username: sanitizedUsername }, {}));

package/dist/cjs/global-account/react/components/SignInWithB3/SignInWithB3Flow.js

@@ -7,7 +7,6 @@ const LoginStepBetterAuth_1 = require("./steps/LoginStepBetterAuth");
 const debug_1 = require("../../../../shared/utils/debug");
 const react_2 = require("react");
 const react_3 = require("thirdweb/react");
-const SignInWithB3Privy_1 = require("./SignInWithB3Privy");
 const LoginStep_1 = require("./steps/LoginStep");
 const LoginStepCustom_1 = require("./steps/LoginStepCustom");
 const debug = (0, debug_1.debugB3React)("SignInWithB3Flow");
@@ -254,10 +253,7 @@ function SignInWithB3Flow({ strategies, onLoginSuccess, onSessionKeySuccess, onE
         }
         else {
             // Custom strategy
-            if (strategies?.[0] === "privy") {
-                content = (0, jsx_runtime_1.jsx)(SignInWithB3Privy_1.SignInWithB3Privy, { onSuccess: handleLoginSuccess, chain: chain });
-            }
-            else if (strategies) {
+            if (strategies) {
                 // Strategies are explicitly provided
                 content = ((0, jsx_runtime_1.jsx)(LoginStepCustom_1.LoginStepCustom, { strategies: strategies, chain: chain, onSuccess: handleLoginSuccess, onError: onError, automaticallySetFirstEoa: !!automaticallySetFirstEoa }));
             }

package/dist/cjs/global-account/react/components/SignInWithB3/utils/signInUtils.d.ts

@@ -2,10 +2,11 @@ import { Chain } from "thirdweb";
 import { SingleStepAuthArgsType, Wallet } from "thirdweb/wallets";
 type WalletType = Wallet["id"];
 type StrategyType = SingleStepAuthArgsType["strategy"];
-type CustomStrategyType = "basement" | "privy";
+declare const customStrategies: readonly ["basement"];
+type CustomStrategyType = (typeof customStrategies)[number];
 type AllowedStrategies = StrategyType | WalletType | CustomStrategyType | "email";
 type NonWalletStrategyType = Exclude<AllowedStrategies, WalletType>;
-export declare const allowedStrategies: readonly ["apple", "google", "github", "x", "discord", "email", "guest", "walletConnect", "io.metamask", "com.coinbase.wallet", "basement", "privy"];
+export declare const allowedStrategies: readonly ["apple", "google", "github", "x", "discord", "email", "guest", "walletConnect", "io.metamask", "com.coinbase.wallet", "basement"];
 export type AllowedStrategy = (typeof allowedStrategies)[number];
 export declare function isWalletType(strategy: AllowedStrategies): strategy is WalletType;
 export declare function isStrategyType(strategy: AllowedStrategies): strategy is NonWalletStrategyType;

package/dist/cjs/global-account/react/components/SignInWithB3/utils/signInUtils.js

@@ -5,8 +5,7 @@ exports.isWalletType = isWalletType;
 exports.isStrategyType = isStrategyType;
 exports.getConnectOptionsFromStrategy = getConnectOptionsFromStrategy;
 const wallets_1 = require("thirdweb/wallets");
-const customStrategies = ["basement", "privy"];
-// type CustomStrategy = (typeof customStrategies)[number];
+const customStrategies = ["basement"];
 exports.allowedStrategies = [
     // Auth strategies
     "apple",
@@ -21,7 +20,6 @@ exports.allowedStrategies = [
     "io.metamask",
     "com.coinbase.wallet",
     // Custom strategies
-    // TODO: Audit we don't use "privy" directly anymore
     ...customStrategies,
 ];
 function isWalletType(strategy) {

package/dist/cjs/global-account/react/components/index.d.ts

@@ -5,7 +5,6 @@ export { RelayKitProviderWrapper } from "./B3Provider/RelayKitProviderWrapper";
 export { useB3 } from "./B3Provider/useB3";
 export { useB3Account } from "./B3Provider/useB3Account";
 export { useB3Config } from "./B3Provider/useB3Config";
-export { useBetterAuthClient } from "./B3Provider/BetterAuthClientProvider";
 export { StyleRoot } from "./StyleRoot";
 export { BetterAuthResetPassword, type BetterAuthResetPasswordProps } from "./SignInWithB3/BetterAuthResetPassword";
 export { BetterAuthSignIn, type BetterAuthSignInProps } from "./SignInWithB3/BetterAuthSignIn";
@@ -15,7 +14,6 @@ export { PermissionItem } from "./SignInWithB3/components/PermissionItem";
 export { WalletRow } from "./SignInWithB3/components/WalletRow";
 export { SignInWithB3 } from "./SignInWithB3/SignInWithB3";
 export { SignInWithB3Flow } from "./SignInWithB3/SignInWithB3Flow";
-export { SignInWithB3Privy } from "./SignInWithB3/SignInWithB3Privy";
 export { LoginStepContainer } from "./SignInWithB3/steps/LoginStep";
 export { getConnectOptionsFromStrategy, isWalletType, type AllowedStrategy } from "./SignInWithB3/utils/signInUtils";
 export { ManageAccount } from "./ManageAccount/ManageAccount";

package/dist/cjs/global-account/react/components/index.js

@@ -3,9 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CommandSeparator = exports.CommandList = exports.CommandItem = exports.CommandInput = exports.CommandGroup = exports.CommandEmpty = exports.CommandDialog = exports.Command = exports.buttonVariants = exports.Button = exports.badgeVariants = exports.Badge = exports.WalletConnectorIcon = exports.StaggeredFadeLoader = exports.CopyToClipboard = exports.ClientOnly = exports.customButtonVariants = exports.CustomButton = exports.SingleUserSearchSelector = exports.SendERC20Button = exports.SendETHButton = exports.MintButton = exports.AccountAssets = exports.RequestPermissionsButton = exports.RequestPermissions = exports.IPFSMediaRenderer = exports.Send = exports.Deposit = exports.UserAvatar = exports.ManageAccount = exports.isWalletType = exports.getConnectOptionsFromStrategy = exports.LoginStepContainer = exports.SignInWithB3Privy = exports.SignInWithB3Flow = exports.SignInWithB3 = exports.WalletRow = exports.PermissionItem = exports.AuthButton = exports.BetterAuthVerifyEmail = exports.BetterAuthSignIn = exports.BetterAuthResetPassword = exports.StyleRoot = exports.useBetterAuthClient = exports.useB3Config = exports.useB3Account = exports.useB3 = exports.RelayKitProviderWrapper = exports.B3Provider = exports.B3DynamicModal = void 0;
-exports.TooltipContent = exports.Tooltip = exports.TextShimmer = exports.TextLoop = exports.TabTrigger = exports.TabsTransitionWrapper = exports.TabsList = exports.TabsContent = exports.Tabs = exports.TabTriggerPrimitive = exports.TabsPrimitive = exports.TabsListPrimitive = exports.TabsContentPrimitive = exports.Skeleton = exports.ShinyButton = exports.ScrollBar = exports.ScrollArea = exports.PopoverTrigger = exports.PopoverContent = exports.Popover = exports.Loading = exports.Input = exports.GlareCardRounded = exports.GlareCard = exports.DropdownMenuTrigger = exports.DropdownMenuSeparator = exports.DropdownMenuItem = exports.DropdownMenuContent = exports.DropdownMenu = exports.DrawerTrigger = exports.DrawerTitle = exports.DrawerPortal = exports.DrawerOverlay = exports.DrawerHeader = exports.DrawerFooter = exports.DrawerDescription = exports.DrawerContent = exports.DrawerClose = exports.Drawer = exports.DialogTrigger = exports.DialogTitle = exports.DialogPortal = exports.DialogOverlay = exports.DialogHeader = exports.DialogFooter = exports.DialogDescription = exports.DialogContent = exports.DialogClose = exports.Dialog = exports.CommandShortcut = void 0;
-exports.WalletImage = exports.useToastContext = exports.ToastProvider = exports.ToastContainer = exports.Toast = exports.toast = exports.AnimatedLottie = exports.TransitionPanel = exports.TooltipTrigger = exports.TooltipProvider = void 0;
+exports.Dialog = exports.CommandShortcut = exports.CommandSeparator = exports.CommandList = exports.CommandItem = exports.CommandInput = exports.CommandGroup = exports.CommandEmpty = exports.CommandDialog = exports.Command = exports.buttonVariants = exports.Button = exports.badgeVariants = exports.Badge = exports.WalletConnectorIcon = exports.StaggeredFadeLoader = exports.CopyToClipboard = exports.ClientOnly = exports.customButtonVariants = exports.CustomButton = exports.SingleUserSearchSelector = exports.SendERC20Button = exports.SendETHButton = exports.MintButton = exports.AccountAssets = exports.RequestPermissionsButton = exports.RequestPermissions = exports.IPFSMediaRenderer = exports.Send = exports.Deposit = exports.UserAvatar = exports.ManageAccount = exports.isWalletType = exports.getConnectOptionsFromStrategy = exports.LoginStepContainer = exports.SignInWithB3Flow = exports.SignInWithB3 = exports.WalletRow = exports.PermissionItem = exports.AuthButton = exports.BetterAuthVerifyEmail = exports.BetterAuthSignIn = exports.BetterAuthResetPassword = exports.StyleRoot = exports.useB3Config = exports.useB3Account = exports.useB3 = exports.RelayKitProviderWrapper = exports.B3Provider = exports.B3DynamicModal = void 0;
+exports.TooltipTrigger = exports.TooltipProvider = exports.TooltipContent = exports.Tooltip = exports.TextShimmer = exports.TextLoop = exports.TabTrigger = exports.TabsTransitionWrapper = exports.TabsList = exports.TabsContent = exports.Tabs = exports.TabTriggerPrimitive = exports.TabsPrimitive = exports.TabsListPrimitive = exports.TabsContentPrimitive = exports.Skeleton = exports.ShinyButton = exports.ScrollBar = exports.ScrollArea = exports.PopoverTrigger = exports.PopoverContent = exports.Popover = exports.Loading = exports.Input = exports.GlareCardRounded = exports.GlareCard = exports.DropdownMenuTrigger = exports.DropdownMenuSeparator = exports.DropdownMenuItem = exports.DropdownMenuContent = exports.DropdownMenu = exports.DrawerTrigger = exports.DrawerTitle = exports.DrawerPortal = exports.DrawerOverlay = exports.DrawerHeader = exports.DrawerFooter = exports.DrawerDescription = exports.DrawerContent = exports.DrawerClose = exports.Drawer = exports.DialogTrigger = exports.DialogTitle = exports.DialogPortal = exports.DialogOverlay = exports.DialogHeader = exports.DialogFooter = exports.DialogDescription = exports.DialogContent = exports.DialogClose = void 0;
+exports.WalletImage = exports.useToastContext = exports.ToastProvider = exports.ToastContainer = exports.Toast = exports.toast = exports.AnimatedLottie = exports.TransitionPanel = void 0;
 // TODO woj: Barrel file for all components, this might be reason of bundle size issues
 // Core Components
 var B3DynamicModal_1 = require("./B3DynamicModal");
@@ -20,8 +20,6 @@ var useB3Account_1 = require("./B3Provider/useB3Account");
 Object.defineProperty(exports, "useB3Account", { enumerable: true, get: function () { return useB3Account_1.useB3Account; } });
 var useB3Config_1 = require("./B3Provider/useB3Config");
 Object.defineProperty(exports, "useB3Config", { enumerable: true, get: function () { return useB3Config_1.useB3Config; } });
-var BetterAuthClientProvider_1 = require("./B3Provider/BetterAuthClientProvider");
-Object.defineProperty(exports, "useBetterAuthClient", { enumerable: true, get: function () { return BetterAuthClientProvider_1.useBetterAuthClient; } });
 var StyleRoot_1 = require("./StyleRoot");
 Object.defineProperty(exports, "StyleRoot", { enumerable: true, get: function () { return StyleRoot_1.StyleRoot; } });
 // SignInWithB3 Components
@@ -41,8 +39,6 @@ var SignInWithB3_1 = require("./SignInWithB3/SignInWithB3");
 Object.defineProperty(exports, "SignInWithB3", { enumerable: true, get: function () { return SignInWithB3_1.SignInWithB3; } });
 var SignInWithB3Flow_1 = require("./SignInWithB3/SignInWithB3Flow");
 Object.defineProperty(exports, "SignInWithB3Flow", { enumerable: true, get: function () { return SignInWithB3Flow_1.SignInWithB3Flow; } });
-var SignInWithB3Privy_1 = require("./SignInWithB3/SignInWithB3Privy");
-Object.defineProperty(exports, "SignInWithB3Privy", { enumerable: true, get: function () { return SignInWithB3Privy_1.SignInWithB3Privy; } });
 var LoginStep_1 = require("./SignInWithB3/steps/LoginStep");
 Object.defineProperty(exports, "LoginStepContainer", { enumerable: true, get: function () { return LoginStep_1.LoginStepContainer; } });
 var signInUtils_1 = require("./SignInWithB3/utils/signInUtils");

package/dist/cjs/global-account/react/hooks/index.d.ts

@@ -17,7 +17,6 @@ export { useFirstEOA } from "./useFirstEOA";
 export { useGetAllTWSigners, type TWSignerWithMetadata } from "./useGetAllTWSigners";
 export { useGetGeo } from "./useGetGeo";
 export { useGlobalAccount } from "./useGlobalAccount";
-export { useHandleConnectWithPrivy } from "./useHandleConnectWithPrivy";
 export { useHasMounted } from "./useHasMounted";
 export { useIsMobile } from "./useIsMobile";
 export { useIsomorphicLayoutEffect } from "./useIsomorphicLayoutEffect";

package/dist/cjs/global-account/react/hooks/index.js

@@ -14,8 +14,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.useTokensFromAddress = exports.useTokenPriceWithFallback = exports.useTokenPrice = exports.useTokenFromUrl = exports.useTokenData = exports.useTokenBalancesByChain = exports.useTokenBalanceDirect = exports.useTokenBalance = exports.useSiwe = exports.useSimCollectibles = exports.useSimTokenBalance = exports.useSimSvmBalance = exports.useSimBalance = exports.useSearchParamsSSR = exports.useRouter = exports.useRemoveSessionKey = exports.useQueryBSMNT = exports.useQueryB3 = exports.useProfileSettings = exports.useProfilePreference = exports.useProfile = exports.useDisplayName = exports.useOneBalance = exports.useNotifications = exports.useNativeBalanceFromRPC = exports.useNativeBalance = exports.useMediaQuery = exports.useIsomorphicLayoutEffect = exports.useIsMobile = exports.useHasMounted = exports.useHandleConnectWithPrivy = exports.useGlobalAccount = exports.useGetGeo = exports.useGetAllTWSigners = exports.useFirstEOA = exports.useExchangeRate = exports.useConnect = exports.useClient = exports.useChainSwitchWithAction = exports.useB3EnsName = exports.useB3BalanceFromAddresses = exports.EmailVerificationRequiredError = exports.useBetterAuth = exports.useAuthentication = exports.useAuth = exports.useAnalytics = exports.useAddTWSessionKey = exports.useAccountWallet = exports.useAccountAssets = exports.createWagmiConfig = void 0;
-exports.useUser = exports.useURLParams = exports.useUnifiedChainSwitchAndExecute = void 0;
+exports.useUnifiedChainSwitchAndExecute = exports.useTokensFromAddress = exports.useTokenPriceWithFallback = exports.useTokenPrice = exports.useTokenFromUrl = exports.useTokenData = exports.useTokenBalancesByChain = exports.useTokenBalanceDirect = exports.useTokenBalance = exports.useSiwe = exports.useSimCollectibles = exports.useSimTokenBalance = exports.useSimSvmBalance = exports.useSimBalance = exports.useSearchParamsSSR = exports.useRouter = exports.useRemoveSessionKey = exports.useQueryBSMNT = exports.useQueryB3 = exports.useProfileSettings = exports.useProfilePreference = exports.useProfile = exports.useDisplayName = exports.useOneBalance = exports.useNotifications = exports.useNativeBalanceFromRPC = exports.useNativeBalance = exports.useMediaQuery = exports.useIsomorphicLayoutEffect = exports.useIsMobile = exports.useHasMounted = exports.useGlobalAccount = exports.useGetGeo = exports.useGetAllTWSigners = exports.useFirstEOA = exports.useExchangeRate = exports.useConnect = exports.useClient = exports.useChainSwitchWithAction = exports.useB3EnsName = exports.useB3BalanceFromAddresses = exports.EmailVerificationRequiredError = exports.useBetterAuth = exports.useAuthentication = exports.useAuth = exports.useAnalytics = exports.useAddTWSessionKey = exports.useAccountWallet = exports.useAccountAssets = exports.createWagmiConfig = void 0;
+exports.useUser = exports.useURLParams = void 0;
 var createWagmiConfig_1 = require("../utils/createWagmiConfig");
 Object.defineProperty(exports, "createWagmiConfig", { enumerable: true, get: function () { return createWagmiConfig_1.createWagmiConfig; } });
 var useAccountAssets_1 = require("./useAccountAssets");
@@ -54,8 +54,6 @@ var useGetGeo_1 = require("./useGetGeo");
 Object.defineProperty(exports, "useGetGeo", { enumerable: true, get: function () { return useGetGeo_1.useGetGeo; } });
 var useGlobalAccount_1 = require("./useGlobalAccount");
 Object.defineProperty(exports, "useGlobalAccount", { enumerable: true, get: function () { return useGlobalAccount_1.useGlobalAccount; } });
-var useHandleConnectWithPrivy_1 = require("./useHandleConnectWithPrivy");
-Object.defineProperty(exports, "useHandleConnectWithPrivy", { enumerable: true, get: function () { return useHandleConnectWithPrivy_1.useHandleConnectWithPrivy; } });
 var useHasMounted_1 = require("./useHasMounted");
 Object.defineProperty(exports, "useHasMounted", { enumerable: true, get: function () { return useHasMounted_1.useHasMounted; } });
 var useIsMobile_1 = require("./useIsMobile");

package/dist/cjs/global-account/react/hooks/useAuth.d.ts

@@ -6,8 +6,8 @@ import { preAuthenticate } from "thirdweb/wallets/in-app";
  * This hook provides 1:1 feature parity with useAuthentication.ts
  */
 export declare function useAuth(): {
-    authenticate: (accessToken: string, partnerId: string, strategy?: string) => Promise<import("@feathersjs/authentication").AuthenticationResult>;
-    reAuthenticate: () => Promise<import("@feathersjs/authentication").AuthenticationResult>;
+    authenticate: (accessToken: string, partnerId: string, strategy?: string) => Promise<Record<string, any>>;
+    reAuthenticate: () => Promise<Record<string, any>>;
     logout: (callback?: () => void) => Promise<void>;
     isAuthenticated: boolean;
     isReady: boolean;
@@ -70,6 +70,6 @@ export declare function useAuth(): {
             turnkeyOtpId?: string | undefined;
         };
     } | undefined;
-    refetchUser: () => Promise<import("@feathersjs/authentication").AuthenticationResult>;
+    refetchUser: () => Promise<Record<string, any>>;
     setUser: (newUser?: import("@b3dotfun/b3-api").Users) => void;
 };

package/dist/cjs/global-account/react/hooks/useAuthentication.d.ts

@@ -65,6 +65,6 @@ export declare function useAuthentication(partnerId: string, { skipAutoConnect }
             turnkeyOtpId?: string | undefined;
         };
     } | undefined;
-    refetchUser: (wallet?: Wallet) => Promise<import("@feathersjs/authentication").AuthenticationResult>;
+    refetchUser: (wallet?: Wallet) => Promise<Record<string, any>>;
     setUser: (newUser?: import("@b3dotfun/b3-api").Users) => void;
 };