@cavos/kit 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.mts CHANGED
@@ -1,6 +1,7 @@
1
- import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-C2KHZxxu.mjs';
2
- export { f as Cavos, g as CavosSolana, h as CavosWallet, i as Chain, j as ConnectOptions, k as ConnectSolanaOptions, l as ConnectStatus, m as DEVICE_ACCOUNT_PROGRAM_ID, n as InMemoryWalletRegistry, o as InstructionAccount, p as InstructionData, N as NetworkEnv, q as RecoverSolanaOptions, r as RecoveryOptions, S as SECP256R1_PROGRAM_ID, s as SOLANA_NETWORKS, t as SolanaAdapter, u as SolanaAdapterOptions, v as SolanaNetwork, w as SolanaRelayer, x as SolanaRelayerOptions, y as StaticIdentity, z as anchorDiscriminator, B as buildSecp256r1Instruction, E as compressedPubkey, F as encodeLowSSignature, G as serializeInstructions } from './Cavos-C2KHZxxu.mjs';
1
+ import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-BH2_tOQ2.mjs';
2
+ export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-BH2_tOQ2.mjs';
3
3
  import { Signer, ArraySignatureType } from 'starknet';
4
+ import { rpc, xdr } from '@stellar/stellar-sdk';
4
5
  import '@solana/web3.js';
5
6
 
6
7
  interface CavosAuthOptions {
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
91
92
  * address on each chain (different address spaces, one identity).
92
93
  */
93
94
  declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
95
+ /**
96
+ * Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
97
+ * and folded (with the initial device signer) into the factory deploy salt.
98
+ * Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
99
+ * domain so the same user maps to a distinct address per chain.
100
+ */
101
+ declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
94
102
 
95
103
  interface HttpWalletRegistryOptions {
96
104
  /** Cavos backend base URL (e.g. https://cavos.xyz). */
@@ -249,6 +257,18 @@ declare class StarknetAdapter implements ChainAdapter {
249
257
  buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
250
258
  isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
251
259
  buildSignature(txHash: bigint): Promise<string[]>;
260
+ buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
261
+ buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
262
+ isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
263
+ getPasskeyNonce(accountAddress: string): Promise<bigint>;
264
+ /** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
265
+ * `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
266
+ * challenge the passkey signs is `sha256(concat(leaves))` across chains. */
267
+ passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
268
+ /** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
269
+ * leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
270
+ * matches the raw `(r, s)` — the contract normalizes high-S internally. */
271
+ buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
252
272
  }
253
273
 
254
274
  /**
@@ -290,11 +310,111 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
290
310
  * DeviceAccount class hash, per network. Populated from
291
311
  * `account-contracts/starknet/deployments/<network>.json` after declaring.
292
312
  *
293
- * Both networks were re-declared 2026-06-26 (code changed) to the same class
294
- * hash, so mainnet and sepolia run identical contract source.
313
+ * Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
314
+ * multi-chain challenge (one passkey prompt approves a device on all chains).
315
+ * Mainnet still runs the prior class (no passkey) until it is re-declared.
295
316
  */
296
317
  declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
297
318
 
319
+ interface StellarAdapterOptions {
320
+ network: StellarNetwork;
321
+ /** RPC override (else the network default). */
322
+ rpcUrl?: string;
323
+ /** Factory contract id override (else the per-network default). */
324
+ factoryId?: string;
325
+ /** The device signer that authorizes account operations. */
326
+ signer: DeviceSigner;
327
+ }
328
+ /**
329
+ * Stellar / Soroban implementation of the Cavos device-account surface. Unlike
330
+ * Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
331
+ * 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
332
+ * own model — this adapter exposes chain-native methods rather than the generic
333
+ * `ChainAdapter` shape. Its job:
334
+ * - derive the deterministic account address off-chain (matches the factory),
335
+ * - build the factory/account/token invocations as host functions, and
336
+ * - sign a Soroban authorization entry with the silent P-256 device key,
337
+ * producing the `Vec<DeviceSignature>` ScVal that the contract's
338
+ * `__check_auth` verifies.
339
+ */
340
+ declare class StellarAdapter {
341
+ readonly chain: "stellar";
342
+ readonly network: StellarNetwork;
343
+ readonly passphrase: string;
344
+ private readonly rpcUrl;
345
+ private readonly factoryId;
346
+ private readonly signer;
347
+ private _server?;
348
+ constructor(opts: StellarAdapterOptions);
349
+ server(): rpc.Server;
350
+ private networkId;
351
+ /**
352
+ * Deterministic account address for `(addressSeed, initialSigner)` — computed
353
+ * off-chain, byte-identical to the factory's on-chain `account_address`.
354
+ * `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
355
+ * `salt = sha256(addressSeed || sec1(initialSigner))`.
356
+ */
357
+ computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
358
+ /** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
359
+ accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
360
+ /** Host function: `factory.deploy(address_seed, initial_signer)`. */
361
+ buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
362
+ /** Host function: `account.add_signer(new_signer)` (requires device auth). */
363
+ buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
364
+ /** Host function: `account.remove_signer(signer)` (requires device auth). */
365
+ buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
366
+ /** Host function: `account.add_approver(passkey)` (requires device auth). */
367
+ buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
368
+ /** Host function: `account.remove_approver(passkey)` (requires device auth). */
369
+ buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
370
+ /** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
371
+ * `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
372
+ * is `sha256(concat(leaves))` across chains. */
373
+ passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
374
+ /** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
375
+ * authorized by the embedded WebAuthn assertion, so any relayer can submit).
376
+ * `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
377
+ buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
378
+ /** Read whether `passkey` is a registered approver (read-only simulation). */
379
+ isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
380
+ /** Read the current passkey-approval nonce (read-only simulation). */
381
+ passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
382
+ /** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
383
+ buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
384
+ /**
385
+ * Sign a Soroban authorization entry with the silent device key, producing the
386
+ * `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
387
+ * signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
388
+ * exactly what the contract recomputes. Mutates + returns the entry.
389
+ */
390
+ signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
391
+ /**
392
+ * Read a SEP-41 token balance of `account` via a read-only simulation of
393
+ * `token.balance(account)`. Returns 0 when the account isn't deployed or holds
394
+ * none. `readSource` is any funded G-account (used only for the simulation).
395
+ */
396
+ readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
397
+ /** Whether the account contract instance exists on-chain (is deployed). */
398
+ isDeployed(accountAddress: string): Promise<boolean>;
399
+ /**
400
+ * Read whether `signer` is a currently-authorized signer of the account, via a
401
+ * read-only simulation of `account.is_authorized(signer)`. `readSource` is any
402
+ * funded G-account (used only for the simulation's source/sequence).
403
+ */
404
+ isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
405
+ }
406
+ /** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
407
+ declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
408
+ /** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
409
+ declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
410
+ /**
411
+ * The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
412
+ * element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
413
+ * Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
414
+ * precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
415
+ */
416
+ declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
417
+
298
418
  /**
299
419
  * Serialize a device signature to the felt array for `tx_info.signature`:
300
420
  * [ r_low, r_high, s_low, s_high, y_parity ]
@@ -320,4 +440,4 @@ declare function hexToBytes(hex: string): Uint8Array;
320
440
  /** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
321
441
  declare function bigIntTo32Bytes(value: bigint): Uint8Array;
322
442
 
323
- export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
443
+ export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };
package/dist/index.d.ts CHANGED
@@ -1,6 +1,7 @@
1
- import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-C2KHZxxu.js';
2
- export { f as Cavos, g as CavosSolana, h as CavosWallet, i as Chain, j as ConnectOptions, k as ConnectSolanaOptions, l as ConnectStatus, m as DEVICE_ACCOUNT_PROGRAM_ID, n as InMemoryWalletRegistry, o as InstructionAccount, p as InstructionData, N as NetworkEnv, q as RecoverSolanaOptions, r as RecoveryOptions, S as SECP256R1_PROGRAM_ID, s as SOLANA_NETWORKS, t as SolanaAdapter, u as SolanaAdapterOptions, v as SolanaNetwork, w as SolanaRelayer, x as SolanaRelayerOptions, y as StaticIdentity, z as anchorDiscriminator, B as buildSecp256r1Instruction, E as compressedPubkey, F as encodeLowSSignature, G as serializeInstructions } from './Cavos-C2KHZxxu.js';
1
+ import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-BH2_tOQ2.js';
2
+ export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-BH2_tOQ2.js';
3
3
  import { Signer, ArraySignatureType } from 'starknet';
4
+ import { rpc, xdr } from '@stellar/stellar-sdk';
4
5
  import '@solana/web3.js';
5
6
 
6
7
  interface CavosAuthOptions {
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
91
92
  * address on each chain (different address spaces, one identity).
92
93
  */
93
94
  declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
95
+ /**
96
+ * Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
97
+ * and folded (with the initial device signer) into the factory deploy salt.
98
+ * Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
99
+ * domain so the same user maps to a distinct address per chain.
100
+ */
101
+ declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
94
102
 
95
103
  interface HttpWalletRegistryOptions {
96
104
  /** Cavos backend base URL (e.g. https://cavos.xyz). */
@@ -249,6 +257,18 @@ declare class StarknetAdapter implements ChainAdapter {
249
257
  buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
250
258
  isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
251
259
  buildSignature(txHash: bigint): Promise<string[]>;
260
+ buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
261
+ buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
262
+ isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
263
+ getPasskeyNonce(accountAddress: string): Promise<bigint>;
264
+ /** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
265
+ * `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
266
+ * challenge the passkey signs is `sha256(concat(leaves))` across chains. */
267
+ passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
268
+ /** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
269
+ * leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
270
+ * matches the raw `(r, s)` — the contract normalizes high-S internally. */
271
+ buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
252
272
  }
253
273
 
254
274
  /**
@@ -290,11 +310,111 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
290
310
  * DeviceAccount class hash, per network. Populated from
291
311
  * `account-contracts/starknet/deployments/<network>.json` after declaring.
292
312
  *
293
- * Both networks were re-declared 2026-06-26 (code changed) to the same class
294
- * hash, so mainnet and sepolia run identical contract source.
313
+ * Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
314
+ * multi-chain challenge (one passkey prompt approves a device on all chains).
315
+ * Mainnet still runs the prior class (no passkey) until it is re-declared.
295
316
  */
296
317
  declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
297
318
 
319
+ interface StellarAdapterOptions {
320
+ network: StellarNetwork;
321
+ /** RPC override (else the network default). */
322
+ rpcUrl?: string;
323
+ /** Factory contract id override (else the per-network default). */
324
+ factoryId?: string;
325
+ /** The device signer that authorizes account operations. */
326
+ signer: DeviceSigner;
327
+ }
328
+ /**
329
+ * Stellar / Soroban implementation of the Cavos device-account surface. Unlike
330
+ * Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
331
+ * 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
332
+ * own model — this adapter exposes chain-native methods rather than the generic
333
+ * `ChainAdapter` shape. Its job:
334
+ * - derive the deterministic account address off-chain (matches the factory),
335
+ * - build the factory/account/token invocations as host functions, and
336
+ * - sign a Soroban authorization entry with the silent P-256 device key,
337
+ * producing the `Vec<DeviceSignature>` ScVal that the contract's
338
+ * `__check_auth` verifies.
339
+ */
340
+ declare class StellarAdapter {
341
+ readonly chain: "stellar";
342
+ readonly network: StellarNetwork;
343
+ readonly passphrase: string;
344
+ private readonly rpcUrl;
345
+ private readonly factoryId;
346
+ private readonly signer;
347
+ private _server?;
348
+ constructor(opts: StellarAdapterOptions);
349
+ server(): rpc.Server;
350
+ private networkId;
351
+ /**
352
+ * Deterministic account address for `(addressSeed, initialSigner)` — computed
353
+ * off-chain, byte-identical to the factory's on-chain `account_address`.
354
+ * `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
355
+ * `salt = sha256(addressSeed || sec1(initialSigner))`.
356
+ */
357
+ computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
358
+ /** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
359
+ accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
360
+ /** Host function: `factory.deploy(address_seed, initial_signer)`. */
361
+ buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
362
+ /** Host function: `account.add_signer(new_signer)` (requires device auth). */
363
+ buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
364
+ /** Host function: `account.remove_signer(signer)` (requires device auth). */
365
+ buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
366
+ /** Host function: `account.add_approver(passkey)` (requires device auth). */
367
+ buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
368
+ /** Host function: `account.remove_approver(passkey)` (requires device auth). */
369
+ buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
370
+ /** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
371
+ * `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
372
+ * is `sha256(concat(leaves))` across chains. */
373
+ passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
374
+ /** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
375
+ * authorized by the embedded WebAuthn assertion, so any relayer can submit).
376
+ * `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
377
+ buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
378
+ /** Read whether `passkey` is a registered approver (read-only simulation). */
379
+ isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
380
+ /** Read the current passkey-approval nonce (read-only simulation). */
381
+ passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
382
+ /** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
383
+ buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
384
+ /**
385
+ * Sign a Soroban authorization entry with the silent device key, producing the
386
+ * `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
387
+ * signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
388
+ * exactly what the contract recomputes. Mutates + returns the entry.
389
+ */
390
+ signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
391
+ /**
392
+ * Read a SEP-41 token balance of `account` via a read-only simulation of
393
+ * `token.balance(account)`. Returns 0 when the account isn't deployed or holds
394
+ * none. `readSource` is any funded G-account (used only for the simulation).
395
+ */
396
+ readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
397
+ /** Whether the account contract instance exists on-chain (is deployed). */
398
+ isDeployed(accountAddress: string): Promise<boolean>;
399
+ /**
400
+ * Read whether `signer` is a currently-authorized signer of the account, via a
401
+ * read-only simulation of `account.is_authorized(signer)`. `readSource` is any
402
+ * funded G-account (used only for the simulation's source/sequence).
403
+ */
404
+ isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
405
+ }
406
+ /** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
407
+ declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
408
+ /** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
409
+ declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
410
+ /**
411
+ * The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
412
+ * element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
413
+ * Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
414
+ * precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
415
+ */
416
+ declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
417
+
298
418
  /**
299
419
  * Serialize a device signature to the felt array for `tx_info.signature`:
300
420
  * [ r_low, r_high, s_low, s_high, y_parity ]
@@ -320,4 +440,4 @@ declare function hexToBytes(hex: string): Uint8Array;
320
440
  /** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
321
441
  declare function bigIntTo32Bytes(value: bigint): Uint8Array;
322
442
 
323
- export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
443
+ export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };