@blazium/ton-connect-mobile 1.1.5 → 1.2.1

package/dist/adapters/react-native.js

@@ -55,15 +55,15 @@ class ReactNativeAdapter {
             else {
                 console.log('[ReactNativeAdapter] Skipping canOpenURL check (Android compatibility)');
             }
-            // CRITICAL FIX: Android'de canOpenURL() tonconnect:// protokolünü tanımayabilir
-            // Bu yüzden direkt openURL() çağırıyoruz. Eğer açılamazsa hata fırlatır.
+            // CRITICAL FIX: On Android, canOpenURL() may not recognize tonconnect:// protocol
+            // So we call openURL() directly. If it fails, it will throw an error.
             await Linking.openURL(url);
             console.log('[ReactNativeAdapter] URL opened successfully');
             return true;
         }
         catch (error) {
             console.error('[ReactNativeAdapter] Error in openURL:', error);
-            // Android'de tonconnect:// protokolü tanınmıyorsa veya cüzdan yüklü değilse hata verir
+            // On Android, if tonconnect:// protocol is not recognized or wallet is not installed, it will throw an error
             const errorMessage = error?.message || String(error);
             if (errorMessage.includes('No Activity found') || errorMessage.includes('No app found') || errorMessage.includes('Cannot open URL')) {
                 throw new Error('No TON wallet app found. Please install Tonkeeper or another TON Connect compatible wallet from Google Play Store.');

package/dist/core/protocol.d.ts

@@ -35,6 +35,7 @@ export declare function parseCallbackURL(url: string, scheme: string): {
 };
 /**
  * Extract wallet info from connection response
+ * CRITICAL: This function assumes response has been validated by validateConnectionResponse
  */
 export declare function extractWalletInfo(response: ConnectionResponsePayload): WalletInfo;
 /**

package/dist/core/protocol.js

@@ -195,12 +195,21 @@ function parseCallbackURL(url, scheme) {
             return { type: 'unknown', data: null };
         }
         // Extract encoded payload
-        const encoded = url.substring(expectedPrefix.length);
+        let encoded = url.substring(expectedPrefix.length);
+        // CRITICAL FIX: Decode URL encoding first (wallet may URL-encode the payload)
+        try {
+            encoded = decodeURIComponent(encoded);
+        }
+        catch (error) {
+            // If decodeURIComponent fails, try using the original encoded string
+            // Some wallets may not URL-encode the payload
+            console.log('[TON Connect] Payload not URL-encoded, using as-is');
+        }
         // CRITICAL FIX: Validate base64 payload size (prevent DoS)
         if (encoded.length === 0 || encoded.length > 5000) {
             return { type: 'unknown', data: null };
         }
-        // CRITICAL FIX: Validate base64 characters only
+        // CRITICAL FIX: Validate base64 characters only (after URL decoding)
         if (!/^[A-Za-z0-9_-]+$/.test(encoded)) {
             return { type: 'unknown', data: null };
         }
@@ -241,12 +250,17 @@ function parseCallbackURL(url, scheme) {
 }
 /**
  * Extract wallet info from connection response
+ * CRITICAL: This function assumes response has been validated by validateConnectionResponse
  */
 function extractWalletInfo(response) {
+    // CRITICAL FIX: Add null checks to prevent runtime errors
+    if (!response || !response.name || !response.address || !response.publicKey) {
+        throw new Error('Invalid connection response: missing required fields');
+    }
     return {
         name: response.name,
-        appName: response.appName,
-        version: response.version,
+        appName: response.appName || response.name,
+        version: response.version || 'unknown',
         platform: response.platform || 'unknown',
         address: response.address,
         publicKey: response.publicKey,
@@ -280,13 +294,59 @@ function validateTransactionRequest(request) {
     if (!request.messages || request.messages.length === 0) {
         return { valid: false, error: 'Transaction must have at least one message' };
     }
-    for (const msg of request.messages) {
-        if (!msg.address) {
-            return { valid: false, error: 'Message address is required' };
+    // CRITICAL: Validate each message
+    for (let i = 0; i < request.messages.length; i++) {
+        const msg = request.messages[i];
+        // Validate address
+        if (!msg.address || typeof msg.address !== 'string') {
+            return { valid: false, error: `Message ${i + 1}: Address is required and must be a string` };
+        }
+        // CRITICAL: Validate TON address format (EQ... or 0Q...)
+        if (!/^(EQ|0Q)[A-Za-z0-9_-]{46}$/.test(msg.address)) {
+            return { valid: false, error: `Message ${i + 1}: Invalid TON address format. Address must start with EQ or 0Q and be 48 characters long.` };
+        }
+        // Validate amount
+        if (!msg.amount || typeof msg.amount !== 'string') {
+            return { valid: false, error: `Message ${i + 1}: Amount is required and must be a string (nanotons)` };
+        }
+        // CRITICAL: Validate amount is a valid positive number (nanotons)
+        try {
+            const amount = BigInt(msg.amount);
+            if (amount <= 0n) {
+                return { valid: false, error: `Message ${i + 1}: Amount must be greater than 0` };
+            }
+            // Check for reasonable maximum (prevent overflow)
+            if (amount > BigInt('1000000000000000000')) { // 1 billion TON
+                return { valid: false, error: `Message ${i + 1}: Amount exceeds maximum allowed (1 billion TON)` };
+            }
         }
-        if (!msg.amount || isNaN(Number(msg.amount))) {
-            return { valid: false, error: 'Message amount must be a valid number' };
+        catch (error) {
+            return { valid: false, error: `Message ${i + 1}: Amount must be a valid number string (nanotons)` };
         }
+        // Validate payload if provided (must be base64)
+        if (msg.payload !== undefined && msg.payload !== null) {
+            if (typeof msg.payload !== 'string') {
+                return { valid: false, error: `Message ${i + 1}: Payload must be a base64 string` };
+            }
+            // Basic base64 validation
+            if (msg.payload.length > 0 && !/^[A-Za-z0-9+/=]+$/.test(msg.payload)) {
+                return { valid: false, error: `Message ${i + 1}: Payload must be valid base64 encoded` };
+            }
+        }
+        // Validate stateInit if provided (must be base64)
+        if (msg.stateInit !== undefined && msg.stateInit !== null) {
+            if (typeof msg.stateInit !== 'string') {
+                return { valid: false, error: `Message ${i + 1}: StateInit must be a base64 string` };
+            }
+            // Basic base64 validation
+            if (msg.stateInit.length > 0 && !/^[A-Za-z0-9+/=]+$/.test(msg.stateInit)) {
+                return { valid: false, error: `Message ${i + 1}: StateInit must be valid base64 encoded` };
+            }
+        }
+    }
+    // CRITICAL: Limit maximum number of messages (prevent DoS)
+    if (request.messages.length > 255) {
+        return { valid: false, error: 'Transaction cannot have more than 255 messages' };
     }
     return { valid: true };
 }

package/dist/core/wallets.js

@@ -17,7 +17,7 @@ exports.SUPPORTED_WALLETS = [
         appName: 'Tonkeeper',
         universalLink: 'https://app.tonkeeper.com/ton-connect',
         deepLink: 'tonkeeper://',
-        platforms: ['ios', 'android'],
+        platforms: ['ios', 'android', 'web'], // CRITICAL FIX: Tonkeeper Web is supported
         preferredReturnStrategy: 'post_redirect', // CRITICAL FIX: 'back' strategy may not send callback properly, use 'post_redirect'
         requiresReturnScheme: true, // CRITICAL FIX: Mobile apps need returnScheme for proper callback handling
     },

package/dist/index.d.ts

@@ -9,7 +9,8 @@ import { type WalletDefinition } from './core/wallets';
  */
 export declare class TonConnectError extends Error {
     code?: string | undefined;
-    constructor(message: string, code?: string | undefined);
+    recoverySuggestion?: string | undefined;
+    constructor(message: string, code?: string | undefined, recoverySuggestion?: string | undefined);
 }
 export declare class ConnectionTimeoutError extends TonConnectError {
     constructor();
@@ -18,7 +19,7 @@ export declare class TransactionTimeoutError extends TonConnectError {
     constructor();
 }
 export declare class UserRejectedError extends TonConnectError {
-    constructor();
+    constructor(message?: string);
 }
 export declare class ConnectionInProgressError extends TonConnectError {
     constructor();
@@ -99,6 +100,13 @@ export declare class TonConnectMobile {
      * Get current wallet being used
      */
     getCurrentWallet(): WalletDefinition;
+    /**
+     * Check if a wallet is available on the current platform
+     * Note: This is a best-effort check and may not be 100% accurate
+     * CRITICAL FIX: On web, if wallet has universalLink, it's considered available
+     * because universal links can open in new tabs/windows
+     */
+    isWalletAvailable(walletName?: string): Promise<boolean>;
     /**
      * Set preferred wallet for connections
      */
@@ -135,3 +143,5 @@ export declare class TonConnectMobile {
 export * from './types';
 export type { WalletDefinition } from './core/wallets';
 export { SUPPORTED_WALLETS, getWalletByName, getDefaultWallet, getWalletsForPlatform } from './core/wallets';
+export * from './utils/transactionBuilder';
+export * from './utils/retry';

package/dist/index.js

@@ -29,44 +29,45 @@ const wallets_1 = require("./core/wallets");
  * Custom error classes
  */
 class TonConnectError extends Error {
-    constructor(message, code) {
+    constructor(message, code, recoverySuggestion) {
         super(message);
         this.code = code;
+        this.recoverySuggestion = recoverySuggestion;
         this.name = 'TonConnectError';
     }
 }
 exports.TonConnectError = TonConnectError;
 class ConnectionTimeoutError extends TonConnectError {
     constructor() {
-        super('Connection request timed out', 'CONNECTION_TIMEOUT');
+        super('Connection request timed out. The wallet did not respond in time.', 'CONNECTION_TIMEOUT', 'Please make sure the wallet app is installed and try again. If the issue persists, check your internet connection.');
         this.name = 'ConnectionTimeoutError';
     }
 }
 exports.ConnectionTimeoutError = ConnectionTimeoutError;
 class TransactionTimeoutError extends TonConnectError {
     constructor() {
-        super('Transaction request timed out', 'TRANSACTION_TIMEOUT');
+        super('Transaction request timed out. The wallet did not respond in time.', 'TRANSACTION_TIMEOUT', 'Please check the wallet app and try again. Make sure you approve or reject the transaction in the wallet.');
         this.name = 'TransactionTimeoutError';
     }
 }
 exports.TransactionTimeoutError = TransactionTimeoutError;
 class UserRejectedError extends TonConnectError {
-    constructor() {
-        super('User rejected the request', 'USER_REJECTED');
+    constructor(message) {
+        super(message || 'User rejected the request', 'USER_REJECTED', 'The user cancelled the operation in the wallet app.');
         this.name = 'UserRejectedError';
     }
 }
 exports.UserRejectedError = UserRejectedError;
 class ConnectionInProgressError extends TonConnectError {
     constructor() {
-        super('Connection request already in progress', 'CONNECTION_IN_PROGRESS');
+        super('Connection request already in progress', 'CONNECTION_IN_PROGRESS', 'Please wait for the current connection attempt to complete before trying again.');
         this.name = 'ConnectionInProgressError';
     }
 }
 exports.ConnectionInProgressError = ConnectionInProgressError;
 class TransactionInProgressError extends TonConnectError {
     constructor() {
-        super('Transaction request already in progress', 'TRANSACTION_IN_PROGRESS');
+        super('Transaction request already in progress', 'TRANSACTION_IN_PROGRESS', 'Please wait for the current transaction to complete before sending another one.');
         this.name = 'TransactionInProgressError';
     }
 }
@@ -197,8 +198,9 @@ class TonConnectMobile {
         const parsed = (0, protocol_1.parseCallbackURL)(url, this.config.scheme);
         console.log('[TON Connect] Parsed callback:', parsed.type, parsed.data ? 'has data' : 'no data');
         // CRITICAL FIX: Check for sign data response first (before other handlers)
-        if (this.signDataPromise && !this.signDataPromise.timeout) {
-            // Sign data request is pending
+        // Note: We check if promise exists and hasn't timed out (timeout !== null means not timed out yet)
+        if (this.signDataPromise && this.signDataPromise.timeout !== null) {
+            // Sign data request is pending and hasn't timed out
             if (parsed.type === 'error' && parsed.data) {
                 const errorData = parsed.data;
                 if (errorData?.error) {
@@ -283,12 +285,18 @@ class TonConnectMobile {
         this.currentStatus = { connected: true, wallet };
         this.notifyStatusChange();
         // Resolve connection promise
+        // CRITICAL: Only resolve if promise still exists and hasn't timed out
         if (this.connectionPromise) {
+            // Clear timeout if it exists
             if (this.connectionPromise.timeout !== null) {
                 clearTimeout(this.connectionPromise.timeout);
             }
-            this.connectionPromise.resolve(wallet);
+            // Store reference before clearing to prevent race conditions
+            const promise = this.connectionPromise;
+            // Clear promise first
             this.connectionPromise = null;
+            // Then resolve
+            promise.resolve(wallet);
         }
     }
     /**
@@ -300,15 +308,21 @@ class TonConnectMobile {
             return;
         }
         // Resolve transaction promise
+        // CRITICAL: Only resolve if promise still exists and hasn't timed out
         if (this.transactionPromise) {
+            // Clear timeout if it exists
             if (this.transactionPromise.timeout !== null) {
                 clearTimeout(this.transactionPromise.timeout);
             }
-            this.transactionPromise.resolve({
+            // Store reference before clearing
+            const promise = this.transactionPromise;
+            // Clear promise first to prevent race conditions
+            this.transactionPromise = null;
+            // Then resolve
+            promise.resolve({
                 boc: response.boc,
                 signature: response.signature,
             });
-            this.transactionPromise = null;
         }
     }
     /**
@@ -329,6 +343,14 @@ class TonConnectMobile {
             this.transactionPromise.reject(error);
             this.transactionPromise = null;
         }
+        // CRITICAL FIX: Also clear signDataPromise to prevent memory leaks
+        if (this.signDataPromise) {
+            if (this.signDataPromise.timeout !== null) {
+                clearTimeout(this.signDataPromise.timeout);
+            }
+            this.signDataPromise.reject(error);
+            this.signDataPromise = null;
+        }
     }
     /**
      * Connect to wallet
@@ -645,6 +667,33 @@ class TonConnectMobile {
     getCurrentWallet() {
         return this.currentWallet;
     }
+    /**
+     * Check if a wallet is available on the current platform
+     * Note: This is a best-effort check and may not be 100% accurate
+     * CRITICAL FIX: On web, if wallet has universalLink, it's considered available
+     * because universal links can open in new tabs/windows
+     */
+    async isWalletAvailable(walletName) {
+        const wallet = walletName ? (0, wallets_1.getWalletByName)(walletName) : this.currentWallet;
+        if (!wallet) {
+            return false;
+        }
+        // CRITICAL FIX: Check adapter type to reliably detect web platform
+        // WebAdapter is only used on web, so this is the most reliable check
+        const isWeb = this.adapter.constructor.name === 'WebAdapter';
+        if (isWeb) {
+            // On web, if wallet has universalLink or supports web platform, it's available
+            // Universal links can open in a new tab on web
+            return wallet.platforms.includes('web') || !!wallet.universalLink;
+        }
+        // On mobile, we can't reliably check if wallet is installed
+        // Return true if wallet supports the current platform
+        // eslint-disable-next-line no-undef
+        const platform = typeof globalThis !== 'undefined' && globalThis.Platform
+            ? globalThis.Platform.OS === 'ios' ? 'ios' : 'android'
+            : 'android';
+        return wallet.platforms.includes(platform);
+    }
     /**
      * Set preferred wallet for connections
      */
@@ -805,3 +854,6 @@ Object.defineProperty(exports, "SUPPORTED_WALLETS", { enumerable: true, get: fun
 Object.defineProperty(exports, "getWalletByName", { enumerable: true, get: function () { return wallets_2.getWalletByName; } });
 Object.defineProperty(exports, "getDefaultWallet", { enumerable: true, get: function () { return wallets_2.getDefaultWallet; } });
 Object.defineProperty(exports, "getWalletsForPlatform", { enumerable: true, get: function () { return wallets_2.getWalletsForPlatform; } });
+// Export utilities
+__exportStar(require("./utils/transactionBuilder"), exports);
+__exportStar(require("./utils/retry"), exports);

package/dist/react/TonConnectUIProvider.js

@@ -44,13 +44,26 @@ exports.useTonConnectModal = useTonConnectModal;
 exports.useTonConnectSDK = useTonConnectSDK;
 const react_1 = __importStar(require("react"));
 const index_1 = require("../index");
+const WalletSelectionModal_1 = require("./WalletSelectionModal");
 const TonConnectUIContext = (0, react_1.createContext)(null);
 /**
  * TonConnectUIProvider - React context provider for TON Connect
  * Compatible with @tonconnect/ui-react API
  */
 function TonConnectUIProvider({ config, children, sdkInstance, }) {
-    const [sdk] = (0, react_1.useState)(() => sdkInstance || new index_1.TonConnectMobile(config));
+    // CRITICAL: Initialize SDK only once
+    const [sdk] = (0, react_1.useState)(() => {
+        if (sdkInstance) {
+            return sdkInstance;
+        }
+        try {
+            return new index_1.TonConnectMobile(config);
+        }
+        catch (error) {
+            console.error('[TonConnectUIProvider] Failed to initialize SDK:', error);
+            throw error;
+        }
+    });
     const [walletState, setWalletState] = (0, react_1.useState)(null);
     const [modalOpen, setModalOpen] = (0, react_1.useState)(false);
     const [isConnecting, setIsConnecting] = (0, react_1.useState)(false);
@@ -98,8 +111,10 @@ function TonConnectUIProvider({ config, children, sdkInstance, }) {
     }, [sdk, updateWalletState]);
     // Open modal
     const openModal = (0, react_1.useCallback)(async () => {
-        setModalOpen(true);
-    }, []);
+        if (!walletState?.connected) {
+            setModalOpen(true);
+        }
+    }, [walletState?.connected]);
     // Close modal
     const closeModal = (0, react_1.useCallback)(() => {
         setModalOpen(false);
@@ -132,19 +147,42 @@ function TonConnectUIProvider({ config, children, sdkInstance, }) {
     }, [sdk]);
     // Send transaction
     const sendTransaction = (0, react_1.useCallback)(async (transaction) => {
-        const response = await sdk.sendTransaction(transaction);
-        return {
-            boc: response.boc,
-            signature: response.signature,
-        };
+        try {
+            // Validate transaction before sending
+            if (!transaction || !transaction.messages || transaction.messages.length === 0) {
+                throw new Error('Invalid transaction: messages array is required and cannot be empty');
+            }
+            if (!transaction.validUntil || transaction.validUntil <= Date.now()) {
+                throw new Error('Invalid transaction: validUntil must be in the future');
+            }
+            const response = await sdk.sendTransaction(transaction);
+            return {
+                boc: response.boc,
+                signature: response.signature,
+            };
+        }
+        catch (error) {
+            console.error('[TonConnectUIProvider] Transaction error:', error);
+            throw error;
+        }
     }, [sdk]);
     // Sign data
     const signData = (0, react_1.useCallback)(async (request) => {
-        const response = await sdk.signData(request.data, request.version);
-        return {
-            signature: response.signature,
-            timestamp: response.timestamp,
-        };
+        try {
+            // Validate request
+            if (!request || (!request.data && request.data !== '')) {
+                throw new Error('Invalid sign data request: data is required');
+            }
+            const response = await sdk.signData(request.data, request.version);
+            return {
+                signature: response.signature,
+                timestamp: response.timestamp,
+            };
+        }
+        catch (error) {
+            console.error('[TonConnectUIProvider] Sign data error:', error);
+            throw error;
+        }
     }, [sdk]);
     // Create TonConnectUI instance
     const tonConnectUI = {
@@ -164,7 +202,9 @@ function TonConnectUIProvider({ config, children, sdkInstance, }) {
         tonConnectUI,
         sdk,
     };
-    return react_1.default.createElement(TonConnectUIContext.Provider, { value: contextValue }, children);
+    return (react_1.default.createElement(TonConnectUIContext.Provider, { value: contextValue },
+        children,
+        react_1.default.createElement(WalletSelectionModal_1.WalletSelectionModal, { visible: modalOpen && !walletState?.connected, onClose: closeModal })));
 }
 /**
  * Hook to access TonConnectUI instance

package/dist/react/WalletSelectionModal.d.ts

@@ -0,0 +1,20 @@
+/**
+ * WalletSelectionModal component
+ * Provides a beautiful wallet selection UI compatible with @tonconnect/ui-react
+ */
+import type { WalletDefinition } from '../index';
+export interface WalletSelectionModalProps {
+    /** Whether the modal is visible */
+    visible: boolean;
+    /** Callback when modal should close */
+    onClose: () => void;
+    /** Custom wallet list (optional, uses SDK's supported wallets by default) */
+    wallets?: WalletDefinition[];
+    /** Custom styles */
+    style?: any;
+}
+/**
+ * WalletSelectionModal - Beautiful wallet selection modal
+ * Compatible with @tonconnect/ui-react modal behavior
+ */
+export declare function WalletSelectionModal({ visible, onClose, wallets: customWallets, style, }: WalletSelectionModalProps): JSX.Element;