npm - @blazium/ton-connect-mobile - Versions diffs - 1.2.4 → 1.2.6 - Mend

@blazium/ton-connect-mobile 1.2.4 → 1.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/README.md +7 -20
package/dist/adapters/react-native.js +8 -1
package/dist/core/bridge.d.ts +61 -0
package/dist/core/bridge.js +237 -0
package/dist/core/crypto.d.ts +8 -19
package/dist/core/crypto.js +15 -141
package/dist/core/index.d.ts +5 -3
package/dist/core/index.js +20 -17
package/dist/core/protocol.d.ts +35 -32
package/dist/core/protocol.js +109 -285
package/dist/core/session.d.ts +65 -0
package/dist/core/session.js +235 -0
package/dist/core/wallets.d.ts +6 -6
package/dist/core/wallets.js +17 -18
package/dist/index.d.ts +33 -72
package/dist/index.js +322 -769
package/dist/react/TonConnectUIProvider.d.ts +4 -52
package/dist/react/TonConnectUIProvider.js +18 -122
package/dist/react/index.d.ts +1 -2
package/dist/react/index.js +0 -1
package/dist/types/index.d.ts +84 -139
package/dist/types/index.js +1 -1
package/package.json +2 -3
package/src/adapters/react-native.ts +7 -1
package/src/core/bridge.ts +307 -0
package/src/core/crypto.ts +62 -238
package/src/core/index.ts +17 -7
package/src/core/protocol.ts +217 -441
package/src/core/session.ts +247 -0
package/src/core/wallets.ts +90 -93
package/src/index.ts +811 -1338
package/src/react/TonConnectUIProvider.tsx +272 -441
package/src/react/index.ts +23 -27
package/src/types/index.ts +217 -272

package/dist/core/index.js CHANGED Viewed

@@ -1,21 +1,24 @@
 "use strict";
 /**
- * Core protocol exports
+ * Core module exports
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./protocol"), exports);
-__exportStar(require("./crypto"), exports);
+exports.getWalletsForPlatform = exports.getDefaultWallet = exports.getWalletByName = exports.SUPPORTED_WALLETS = exports.validateTransactionRequest = exports.extractWalletInfoFromEvent = exports.parseRpcResponse = exports.parseConnectResponse = exports.buildDisconnectRpcRequest = exports.buildSendTransactionRpcRequest = exports.buildReturnUniversalLink = exports.buildConnectUniversalLink = exports.BridgeGateway = exports.SessionCrypto = void 0;
+var session_1 = require("./session");
+Object.defineProperty(exports, "SessionCrypto", { enumerable: true, get: function () { return session_1.SessionCrypto; } });
+var bridge_1 = require("./bridge");
+Object.defineProperty(exports, "BridgeGateway", { enumerable: true, get: function () { return bridge_1.BridgeGateway; } });
+var protocol_1 = require("./protocol");
+Object.defineProperty(exports, "buildConnectUniversalLink", { enumerable: true, get: function () { return protocol_1.buildConnectUniversalLink; } });
+Object.defineProperty(exports, "buildReturnUniversalLink", { enumerable: true, get: function () { return protocol_1.buildReturnUniversalLink; } });
+Object.defineProperty(exports, "buildSendTransactionRpcRequest", { enumerable: true, get: function () { return protocol_1.buildSendTransactionRpcRequest; } });
+Object.defineProperty(exports, "buildDisconnectRpcRequest", { enumerable: true, get: function () { return protocol_1.buildDisconnectRpcRequest; } });
+Object.defineProperty(exports, "parseConnectResponse", { enumerable: true, get: function () { return protocol_1.parseConnectResponse; } });
+Object.defineProperty(exports, "parseRpcResponse", { enumerable: true, get: function () { return protocol_1.parseRpcResponse; } });
+Object.defineProperty(exports, "extractWalletInfoFromEvent", { enumerable: true, get: function () { return protocol_1.extractWalletInfoFromEvent; } });
+Object.defineProperty(exports, "validateTransactionRequest", { enumerable: true, get: function () { return protocol_1.validateTransactionRequest; } });
+var wallets_1 = require("./wallets");
+Object.defineProperty(exports, "SUPPORTED_WALLETS", { enumerable: true, get: function () { return wallets_1.SUPPORTED_WALLETS; } });
+Object.defineProperty(exports, "getWalletByName", { enumerable: true, get: function () { return wallets_1.getWalletByName; } });
+Object.defineProperty(exports, "getDefaultWallet", { enumerable: true, get: function () { return wallets_1.getDefaultWallet; } });
+Object.defineProperty(exports, "getWalletsForPlatform", { enumerable: true, get: function () { return wallets_1.getWalletsForPlatform; } });

package/dist/core/protocol.d.ts CHANGED Viewed

@@ -1,51 +1,54 @@
 /**
- * Core TonConnect protocol implementation
- * Pure TypeScript, no platform dependencies
+ * TON Connect v2 Protocol Implementation
+ * Builds correct universal links and parses bridge responses
  */
-import { ConnectionResponsePayload, TransactionResponsePayload, ErrorResponse, WalletInfo, SendTransactionRequest } from '../types';
+import type { SendTransactionRequest, WalletInfo, ConnectEvent, ConnectErrorEvent, RpcResponse, RpcErrorResponse } from '../types';
 /**
- * Encode JSON to base64 URL-safe string
+ * Build a TON Connect v2 universal link for wallet connection
+ * Format: {universalLink}?v=2&id={sessionId}&r={connectRequest}&ret={returnStrategy}
  */
-export declare function encodeBase64URL(data: unknown): string;
+export declare function buildConnectUniversalLink(universalLink: string, sessionId: string, manifestUrl: string, returnStrategy?: string): string;
 /**
- * Decode base64 URL-safe string to JSON
+ * Build a universal link to bring wallet to foreground (for pending transactions)
+ * Format: {universalLink}?ret={returnStrategy}
  */
-export declare function decodeBase64URL<T>(encoded: string): T;
+export declare function buildReturnUniversalLink(universalLink: string, returnStrategy?: string): string;
 /**
- * Build connection request URL
- * Format: tonconnect://connect?<base64_encoded_payload>
- * Or universal link: https://app.tonkeeper.com/ton-connect?<base64_encoded_payload>
- * Or custom wallet universal link
+ * Build a JSON-RPC request for sendTransaction
  */
-export declare function buildConnectionRequest(manifestUrl: string, returnScheme: string, walletUniversalLink?: string, returnStrategy?: 'back' | 'post_redirect' | 'none', requiresReturnScheme?: boolean): string;
+export declare function buildSendTransactionRpcRequest(request: SendTransactionRequest, id: number): string;
 /**
- * Build transaction request URL
- * Format: tonconnect://send-transaction?<base64_encoded_payload>
- * Or universal link: https://app.tonkeeper.com/ton-connect/send-transaction?<base64_encoded_payload>
- * Or custom wallet universal link
+ * Build a JSON-RPC request for disconnect
  */
-export declare function buildTransactionRequest(manifestUrl: string, request: SendTransactionRequest, returnScheme: string, walletUniversalLink?: string, returnStrategy?: 'back' | 'post_redirect' | 'none', requiresReturnScheme?: boolean): string;
+export declare function buildDisconnectRpcRequest(id: number): string;
 /**
- * Parse callback URL
- * Format: <scheme>://tonconnect?<base64_encoded_response>
+ * Parse a connect response from the wallet (received via bridge, after decryption)
  */
-export declare function parseCallbackURL(url: string, scheme: string): {
-    type: 'connect' | 'transaction' | 'error' | 'unknown';
-    data: ConnectionResponsePayload | TransactionResponsePayload | ErrorResponse | null;
-};
-/**
- * Extract wallet info from connection response
- * CRITICAL: This function assumes response has been validated by validateConnectionResponse
- */
-export declare function extractWalletInfo(response: ConnectionResponsePayload): WalletInfo;
+export declare function parseConnectResponse(decrypted: string): {
+    type: 'connect';
+    data: ConnectEvent;
+} | {
+    type: 'error';
+    data: ConnectErrorEvent;
+} | null;
 /**
- * Validate connection response
+ * Parse an RPC response from the wallet (for sendTransaction, disconnect, etc.)
  */
-export declare function validateConnectionResponse(response: ConnectionResponsePayload): boolean;
+export declare function parseRpcResponse(decrypted: string): {
+    type: 'result';
+    data: RpcResponse;
+} | {
+    type: 'error';
+    data: RpcErrorResponse;
+} | {
+    type: 'event';
+    event: string;
+    data: any;
+} | null;
 /**
- * Validate transaction response
+ * Extract wallet info from a connect event
  */
-export declare function validateTransactionResponse(response: TransactionResponsePayload): boolean;
+export declare function extractWalletInfoFromEvent(event: ConnectEvent): WalletInfo;
 /**
  * Validate transaction request
  */

package/dist/core/protocol.js CHANGED Viewed

@@ -1,289 +1,146 @@
 "use strict";
 /**
- * Core TonConnect protocol implementation
- * Pure TypeScript, no platform dependencies
+ * TON Connect v2 Protocol Implementation
+ * Builds correct universal links and parses bridge responses
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.encodeBase64URL = encodeBase64URL;
-exports.decodeBase64URL = decodeBase64URL;
-exports.buildConnectionRequest = buildConnectionRequest;
-exports.buildTransactionRequest = buildTransactionRequest;
-exports.parseCallbackURL = parseCallbackURL;
-exports.extractWalletInfo = extractWalletInfo;
-exports.validateConnectionResponse = validateConnectionResponse;
-exports.validateTransactionResponse = validateTransactionResponse;
+exports.buildConnectUniversalLink = buildConnectUniversalLink;
+exports.buildReturnUniversalLink = buildReturnUniversalLink;
+exports.buildSendTransactionRpcRequest = buildSendTransactionRpcRequest;
+exports.buildDisconnectRpcRequest = buildDisconnectRpcRequest;
+exports.parseConnectResponse = parseConnectResponse;
+exports.parseRpcResponse = parseRpcResponse;
+exports.extractWalletInfoFromEvent = extractWalletInfoFromEvent;
 exports.validateTransactionRequest = validateTransactionRequest;
 /**
- * TonConnect protocol constants
+ * Protocol version
  */
 const PROTOCOL_VERSION = '2';
-const CONNECT_PREFIX = 'tonconnect://connect';
-const CONNECT_UNIVERSAL_PREFIX = 'https://app.tonkeeper.com/ton-connect';
-const SEND_TRANSACTION_PREFIX = 'tonconnect://send-transaction';
-const SEND_TRANSACTION_UNIVERSAL_PREFIX = 'https://app.tonkeeper.com/ton-connect/send-transaction';
-const CALLBACK_PREFIX = 'tonconnect';
 /**
- * Get TextEncoder with availability check
+ * Build a TON Connect v2 universal link for wallet connection
+ * Format: {universalLink}?v=2&id={sessionId}&r={connectRequest}&ret={returnStrategy}
  */
-function getTextEncoder() {
-    if (typeof TextEncoder !== 'undefined') {
-        return new TextEncoder();
-    }
-    throw new Error('TextEncoder is not available. Please use React Native 0.59+ or add a polyfill.');
-}
-/**
- * Encode string to base64
- */
-function base64Encode(str) {
-    // Use TextEncoder to convert string to bytes
-    const encoder = getTextEncoder();
-    const bytes = encoder.encode(str);
-    // Convert bytes to base64
-    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-    let result = '';
-    let i = 0;
-    while (i < bytes.length) {
-        const a = bytes[i++];
-        const b = i < bytes.length ? bytes[i++] : 0;
-        const c = i < bytes.length ? bytes[i++] : 0;
-        const bitmap = (a << 16) | (b << 8) | c;
-        result += chars.charAt((bitmap >> 18) & 63);
-        result += chars.charAt((bitmap >> 12) & 63);
-        result += i - 2 < bytes.length ? chars.charAt((bitmap >> 6) & 63) : '=';
-        result += i - 1 < bytes.length ? chars.charAt(bitmap & 63) : '=';
-    }
-    return result;
+function buildConnectUniversalLink(universalLink, sessionId, manifestUrl, returnStrategy = 'back') {
+    // Build connect request (TON Connect v2 format)
+    const connectRequest = {
+        manifestUrl,
+        items: [{ name: 'ton_addr' }],
+    };
+    // Build URL with proper query parameters
+    const r = JSON.stringify(connectRequest);
+    const params = [
+        `v=${PROTOCOL_VERSION}`,
+        `id=${sessionId}`,
+        `r=${encodeURIComponent(r)}`,
+        `ret=${encodeURIComponent(returnStrategy)}`,
+    ];
+    // Handle wallet universal links that may already have query params
+    const separator = universalLink.includes('?') ? '&' : '?';
+    return `${universalLink}${separator}${params.join('&')}`;
 }
 /**
- * Decode base64 to string
+ * Build a universal link to bring wallet to foreground (for pending transactions)
+ * Format: {universalLink}?ret={returnStrategy}
  */
-function base64Decode(base64) {
-    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-    let buffer = 0;
-    let bitsCollected = 0;
-    let result = '';
-    for (let i = 0; i < base64.length; i++) {
-        const ch = base64[i];
-        if (ch === '=')
-            break;
-        const index = chars.indexOf(ch);
-        if (index === -1)
-            continue;
-        buffer = (buffer << 6) | index;
-        bitsCollected += 6;
-        if (bitsCollected >= 8) {
-            bitsCollected -= 8;
-            result += String.fromCharCode((buffer >> bitsCollected) & 0xff);
-            buffer &= (1 << bitsCollected) - 1;
-        }
-    }
-    return result;
+function buildReturnUniversalLink(universalLink, returnStrategy = 'back') {
+    const separator = universalLink.includes('?') ? '&' : '?';
+    return `${universalLink}${separator}ret=${encodeURIComponent(returnStrategy)}`;
 }
 /**
- * Encode JSON to base64 URL-safe string
+ * Build a JSON-RPC request for sendTransaction
  */
-function encodeBase64URL(data) {
-    const json = JSON.stringify(data);
-    const base64 = base64Encode(json);
-    // Convert to URL-safe base64
-    return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+function buildSendTransactionRpcRequest(request, id) {
+    // TON Connect v2 sendTransaction format
+    const params = JSON.stringify({
+        valid_until: Math.floor(request.validUntil / 1000), // Convert ms to seconds
+        network: request.network === 'testnet' ? '-3' : '-239',
+        from: request.from,
+        messages: request.messages.map((msg) => ({
+            address: msg.address,
+            amount: msg.amount,
+            payload: msg.payload,
+            stateInit: msg.stateInit,
+        })),
+    });
+    return JSON.stringify({
+        method: 'sendTransaction',
+        params: [params],
+        id,
+    });
 }
 /**
- * Decode base64 URL-safe string to JSON
+ * Build a JSON-RPC request for disconnect
  */
-function decodeBase64URL(encoded) {
-    // Convert from URL-safe base64
-    const base64 = encoded.replace(/-/g, '+').replace(/_/g, '/');
-    // Add padding if needed
-    const padded = base64 + '='.repeat((4 - (base64.length % 4)) % 4);
-    const json = base64Decode(padded);
-    return JSON.parse(json);
+function buildDisconnectRpcRequest(id) {
+    return JSON.stringify({
+        method: 'disconnect',
+        params: [],
+        id,
+    });
 }
 /**
- * Build connection request URL
- * Format: tonconnect://connect?<base64_encoded_payload>
- * Or universal link: https://app.tonkeeper.com/ton-connect?<base64_encoded_payload>
- * Or custom wallet universal link
+ * Parse a connect response from the wallet (received via bridge, after decryption)
  */
-function buildConnectionRequest(manifestUrl, returnScheme, walletUniversalLink, returnStrategy, requiresReturnScheme) {
-    // Build payload with required fields
-    const payload = {
-        manifestUrl,
-        items: [{ name: 'ton_addr' }],
-        returnStrategy: returnStrategy || 'back',
-    };
-    // CRITICAL FIX: Many wallets (Tonhub, MyTonWallet, Telegram Wallet) require returnScheme
-    // in the payload to properly handle mobile app callbacks. While not in the official
-    // protocol spec, it's a de-facto requirement for mobile apps.
-    if (requiresReturnScheme !== false) {
-        // Default to true if not specified - safer to include it
-        payload.returnScheme = returnScheme;
-    }
-    const encoded = encodeBase64URL(payload);
-    // Use custom wallet universal link if provided
-    if (walletUniversalLink) {
-        return `${walletUniversalLink}?${encoded}`;
-    }
-    // Default to Tonkeeper universal link for Android compatibility
-    return `${CONNECT_UNIVERSAL_PREFIX}?${encoded}`;
-}
-/**
- * Build transaction request URL
- * Format: tonconnect://send-transaction?<base64_encoded_payload>
- * Or universal link: https://app.tonkeeper.com/ton-connect/send-transaction?<base64_encoded_payload>
- * Or custom wallet universal link
- */
-function buildTransactionRequest(manifestUrl, request, returnScheme, walletUniversalLink, returnStrategy, requiresReturnScheme) {
-    const payload = {
-        manifestUrl,
-        request: {
-            validUntil: request.validUntil,
-            messages: request.messages.map((msg) => ({
-                address: msg.address,
-                amount: msg.amount,
-                payload: msg.payload,
-                stateInit: msg.stateInit,
-            })),
-            network: request.network,
-            from: request.from,
-        },
-        returnStrategy: returnStrategy || 'back',
-    };
-    // CRITICAL FIX: Include returnScheme for mobile wallets that require it
-    if (requiresReturnScheme !== false) {
-        payload.returnScheme = returnScheme;
+function parseConnectResponse(decrypted) {
+    try {
+        const parsed = JSON.parse(decrypted);
+        if (parsed.event === 'connect' && parsed.payload) {
+            return { type: 'connect', data: parsed };
+        }
+        if (parsed.event === 'connect_error' && parsed.payload) {
+            return { type: 'error', data: parsed };
+        }
+        return null;
     }
-    const encoded = encodeBase64URL(payload);
-    // Use custom wallet universal link if provided
-    if (walletUniversalLink) {
-        // For transaction, append /send-transaction to the base universal link
-        const baseUrl = walletUniversalLink.endsWith('/ton-connect')
-            ? walletUniversalLink
-            : `${walletUniversalLink}/ton-connect`;
-        return `${baseUrl}/send-transaction?${encoded}`;
+    catch {
+        return null;
     }
-    // Default to Tonkeeper universal link for Android compatibility
-    return `${SEND_TRANSACTION_UNIVERSAL_PREFIX}?${encoded}`;
 }
 /**
- * Parse callback URL
- * Format: <scheme>://tonconnect?<base64_encoded_response>
+ * Parse an RPC response from the wallet (for sendTransaction, disconnect, etc.)
  */
-function parseCallbackURL(url, scheme) {
+function parseRpcResponse(decrypted) {
     try {
-        // CRITICAL FIX: Validate URL input
-        if (!url || typeof url !== 'string') {
-            return { type: 'unknown', data: null };
-        }
-        // CRITICAL FIX: Validate URL length (prevent DoS)
-        if (url.length > 10000) {
-            return { type: 'unknown', data: null };
-        }
-        // CRITICAL FIX: Validate scheme format
-        if (!scheme || typeof scheme !== 'string' || scheme.length === 0 || scheme.length > 50) {
-            return { type: 'unknown', data: null };
+        const parsed = JSON.parse(decrypted);
+        // Check for events (disconnect, etc.)
+        if (parsed.event) {
+            return { type: 'event', event: parsed.event, data: parsed.payload || null };
         }
-        // CRITICAL FIX: Exact scheme matching (case-sensitive)
-        const expectedPrefix = `${scheme}://${CALLBACK_PREFIX}?`;
-        if (!url.startsWith(expectedPrefix)) {
-            return { type: 'unknown', data: null };
+        // Check for RPC result
+        if ('result' in parsed && parsed.id !== undefined) {
+            return { type: 'result', data: parsed };
         }
-        // CRITICAL FIX: Validate URL structure - should be exactly scheme://tonconnect?<payload>
-        // Check that there's no additional path or query params
-        const urlAfterScheme = url.substring(scheme.length + 3); // After "scheme://"
-        if (!urlAfterScheme.startsWith(`${CALLBACK_PREFIX}?`)) {
-            return { type: 'unknown', data: null };
+        // Check for RPC error
+        if ('error' in parsed && parsed.id !== undefined) {
+            return { type: 'error', data: parsed };
         }
-        // Extract encoded payload
-        let encoded = url.substring(expectedPrefix.length);
-        // CRITICAL FIX: Decode URL encoding first (wallet may URL-encode the payload)
-        try {
-            encoded = decodeURIComponent(encoded);
-        }
-        catch (error) {
-            // If decodeURIComponent fails, try using the original encoded string
-            // Some wallets may not URL-encode the payload
-            console.log('[TON Connect] Payload not URL-encoded, using as-is');
-        }
-        // CRITICAL FIX: Validate base64 payload size (prevent DoS)
-        if (encoded.length === 0 || encoded.length > 5000) {
-            return { type: 'unknown', data: null };
-        }
-        // CRITICAL FIX: Validate base64 characters only (after URL decoding)
-        if (!/^[A-Za-z0-9_-]+$/.test(encoded)) {
-            return { type: 'unknown', data: null };
-        }
-        const decoded = decodeBase64URL(encoded);
-        // Validate decoded data is an object
-        if (!decoded || typeof decoded !== 'object' || Array.isArray(decoded)) {
-            return { type: 'unknown', data: null };
-        }
-        // Check if it's an error response
-        if ('error' in decoded && typeof decoded.error === 'object') {
-            const errorData = decoded;
-            if (errorData.error && typeof errorData.error.code === 'number' && typeof errorData.error.message === 'string') {
-                return { type: 'error', data: errorData };
-            }
-        }
-        // Check if it's a connection response (has session, address, publicKey)
-        if ('session' in decoded &&
-            'address' in decoded &&
-            'publicKey' in decoded &&
-            typeof decoded.session === 'string' &&
-            typeof decoded.address === 'string' &&
-            typeof decoded.publicKey === 'string') {
-            return { type: 'connect', data: decoded };
-        }
-        // Check if it's a transaction response (has boc, signature)
-        if ('boc' in decoded &&
-            'signature' in decoded &&
-            typeof decoded.boc === 'string' &&
-            typeof decoded.signature === 'string') {
-            return { type: 'transaction', data: decoded };
-        }
-        return { type: 'unknown', data: null };
+        return null;
     }
-    catch (error) {
-        // Log error for debugging but don't expose details
-        return { type: 'unknown', data: null };
+    catch {
+        return null;
     }
 }
 /**
- * Extract wallet info from connection response
- * CRITICAL: This function assumes response has been validated by validateConnectionResponse
+ * Extract wallet info from a connect event
  */
-function extractWalletInfo(response) {
-    // CRITICAL FIX: Add null checks to prevent runtime errors
-    if (!response || !response.name || !response.address || !response.publicKey) {
-        throw new Error('Invalid connection response: missing required fields');
+function extractWalletInfoFromEvent(event) {
+    const tonAddr = event.payload.items.find((item) => item.name === 'ton_addr');
+    if (!tonAddr) {
+        throw new Error('Connect response missing ton_addr item');
     }
+    const device = event.payload.device || {};
     return {
-        name: response.name,
-        appName: response.appName || response.name,
-        version: response.version || 'unknown',
-        platform: response.platform || 'unknown',
-        address: response.address,
-        publicKey: response.publicKey,
-        icon: response.icon,
+        name: device.appName || 'Unknown Wallet',
+        appName: device.appName || 'unknown',
+        version: device.appVersion || 'unknown',
+        platform: device.platform || 'unknown',
+        address: tonAddr.address,
+        publicKey: tonAddr.publicKey,
+        network: tonAddr.network,
+        walletStateInit: tonAddr.walletStateInit,
+        icon: undefined,
     };
 }
-/**
- * Validate connection response
- */
-function validateConnectionResponse(response) {
-    return !!(response.session &&
-        response.address &&
-        response.publicKey &&
-        response.name &&
-        response.appName &&
-        response.version);
-}
-/**
- * Validate transaction response
- */
-function validateTransactionResponse(response) {
-    return !!(response.boc && response.signature);
-}
 /**
  * Validate transaction request
  */
@@ -294,59 +151,26 @@ function validateTransactionRequest(request) {
     if (!request.messages || request.messages.length === 0) {
         return { valid: false, error: 'Transaction must have at least one message' };
     }
-    // CRITICAL: Validate each message
     for (let i = 0; i < request.messages.length; i++) {
         const msg = request.messages[i];
-        // Validate address
         if (!msg.address || typeof msg.address !== 'string') {
-            return { valid: false, error: `Message ${i + 1}: Address is required and must be a string` };
-        }
-        // CRITICAL: Validate TON address format (EQ... or 0Q...)
-        if (!/^(EQ|0Q)[A-Za-z0-9_-]{46}$/.test(msg.address)) {
-            return { valid: false, error: `Message ${i + 1}: Invalid TON address format. Address must start with EQ or 0Q and be 48 characters long.` };
+            return { valid: false, error: `Message ${i + 1}: Address is required` };
         }
-        // Validate amount
         if (!msg.amount || typeof msg.amount !== 'string') {
-            return { valid: false, error: `Message ${i + 1}: Amount is required and must be a string (nanotons)` };
+            return { valid: false, error: `Message ${i + 1}: Amount is required (nanotons string)` };
         }
-        // CRITICAL: Validate amount is a valid positive number (nanotons)
         try {
             const amount = BigInt(msg.amount);
             if (amount <= 0n) {
-                return { valid: false, error: `Message ${i + 1}: Amount must be greater than 0` };
-            }
-            // Check for reasonable maximum (prevent overflow)
-            if (amount > BigInt('1000000000000000000')) { // 1 billion TON
-                return { valid: false, error: `Message ${i + 1}: Amount exceeds maximum allowed (1 billion TON)` };
+                return { valid: false, error: `Message ${i + 1}: Amount must be > 0` };
             }
         }
-        catch (error) {
-            return { valid: false, error: `Message ${i + 1}: Amount must be a valid number string (nanotons)` };
-        }
-        // Validate payload if provided (must be base64)
-        if (msg.payload !== undefined && msg.payload !== null) {
-            if (typeof msg.payload !== 'string') {
-                return { valid: false, error: `Message ${i + 1}: Payload must be a base64 string` };
-            }
-            // Basic base64 validation
-            if (msg.payload.length > 0 && !/^[A-Za-z0-9+/=]+$/.test(msg.payload)) {
-                return { valid: false, error: `Message ${i + 1}: Payload must be valid base64 encoded` };
-            }
-        }
-        // Validate stateInit if provided (must be base64)
-        if (msg.stateInit !== undefined && msg.stateInit !== null) {
-            if (typeof msg.stateInit !== 'string') {
-                return { valid: false, error: `Message ${i + 1}: StateInit must be a base64 string` };
-            }
-            // Basic base64 validation
-            if (msg.stateInit.length > 0 && !/^[A-Za-z0-9+/=]+$/.test(msg.stateInit)) {
-                return { valid: false, error: `Message ${i + 1}: StateInit must be valid base64 encoded` };
-            }
+        catch {
+            return { valid: false, error: `Message ${i + 1}: Amount must be a valid number string` };
         }
     }
-    // CRITICAL: Limit maximum number of messages (prevent DoS)
     if (request.messages.length > 255) {
-        return { valid: false, error: 'Transaction cannot have more than 255 messages' };
+        return { valid: false, error: 'Maximum 255 messages per transaction' };
     }
     return { valid: true };
 }

package/dist/core/session.d.ts ADDED Viewed

@@ -0,0 +1,65 @@
+/**
+ * Session crypto for TON Connect v2 protocol
+ * Uses X25519 (NaCl box) for key exchange and message encryption
+ */
+/**
+ * Convert Uint8Array to hex string
+ */
+export declare function bytesToHex(bytes: Uint8Array): string;
+/**
+ * Convert hex string to Uint8Array
+ */
+export declare function hexToBytes(hex: string): Uint8Array;
+/**
+ * Convert Uint8Array to base64
+ */
+export declare function bytesToBase64(bytes: Uint8Array): string;
+/**
+ * Convert base64 to Uint8Array
+ */
+export declare function base64ToBytes(base64: string): Uint8Array;
+/**
+ * Serialized session state for persistence
+ */
+export interface SessionState {
+    secretKey: string;
+    walletPublicKey?: string;
+}
+/**
+ * Session crypto for TON Connect v2
+ * Handles X25519 key exchange and NaCl box encryption/decryption
+ */
+export declare class SessionCrypto {
+    private keypair;
+    constructor(existingSecretKey?: Uint8Array);
+    /**
+     * Session ID = hex-encoded public key (used as client_id in bridge)
+     */
+    get sessionId(): string;
+    /**
+     * Public key bytes
+     */
+    get publicKey(): Uint8Array;
+    /**
+     * Secret key bytes (for persistence)
+     */
+    get secretKey(): Uint8Array;
+    /**
+     * Encrypt a message for a recipient
+     * Format: nonce (24 bytes) + ciphertext
+     */
+    encrypt(message: string, receiverPublicKey: Uint8Array): Uint8Array;
+    /**
+     * Decrypt a message from a sender
+     * Input format: nonce (24 bytes) + ciphertext
+     */
+    decrypt(encryptedMessage: Uint8Array, senderPublicKey: Uint8Array): string;
+    /**
+     * Serialize session for persistence
+     */
+    serialize(): SessionState;
+    /**
+     * Restore session from persisted state
+     */
+    static fromState(state: SessionState): SessionCrypto;
+}