@cedros/login-react 0.0.12 → 0.0.13

package/dist/types/wallet.d.ts

@@ -1,309 +0,0 @@
-import { WalletStatus, CryptoCapabilities, EnrollmentState, RecoveryState, KdfParams } from '../crypto';
-export type { WalletStatus, CryptoCapabilities, EnrollmentState, RecoveryState, KdfParams };
-/**
- * Wallet recovery mode (configured server-side via WALLET_RECOVERY_MODE)
- * - share_c_only: User gets Share C only. Recovery within app, not portable.
- * - full_seed: User gets full seed. Can use wallet elsewhere (portable).
- * - none: No recovery option. Used for Privacy Cash deposits to prevent front-running.
- */
-export type WalletRecoveryMode = 'share_c_only' | 'full_seed' | 'none';
-/**
- * Wallet discovery config from server
- */
-export interface WalletDiscoveryConfig {
-    /** Whether wallet feature is enabled */
-    enabled: boolean;
-    /** Recovery mode: share_c_only or full_seed */
-    recoveryMode: WalletRecoveryMode;
-    /** Session unlock TTL in seconds */
-    unlockTtlSeconds: number;
-}
-/**
- * Authentication method for Share A encryption
- * - password: Email users use their login password (Argon2id KDF)
- * - passkey: Users with passkey login use PRF extension (HKDF)
- */
-export type ShareAAuthMethod = 'password' | 'passkey';
-/**
- * Wallet material response from server
- * Note: Server no longer returns share ciphertexts - shares stay on server
- */
-export interface WalletMaterialResponse {
-    solanaPubkey: string;
-    schemeVersion: number;
-    shareAAuthMethod: ShareAAuthMethod;
-    /** PRF salt for passkey auth method (base64, 32 bytes) */
-    prfSalt?: string;
-    createdAt: string;
-    updatedAt: string;
-}
-/** Request to enroll wallet  */
-export interface WalletEnrollRequest {
-    solanaPubkey: string;
-    /** Auth method for Share A encryption */
-    shareAAuthMethod: ShareAAuthMethod;
-    /** Encrypted Share A (base64) */
-    shareACiphertext: string;
-    /** Nonce for Share A encryption (base64, 12 bytes) */
-    shareANonce: string;
-    /** KDF salt for password/PIN method (base64) */
-    shareAKdfSalt?: string;
-    /** KDF params for password/PIN method */
-    shareAKdfParams?: KdfParams;
-    /** PRF salt for passkey method (base64, 32 bytes) */
-    prfSalt?: string;
-    /** Plaintext Share B (base64) - SSS math protects it */
-    shareB: string;
-    /**
-     * Recovery data (base64) - sent when recovery mode is enabled
-     * Contains the full seed for server-side storage until user acknowledges
-     */
-    recoveryData?: string;
-}
-/** Request to get Share B for Share C recovery mode */
-export interface ShareCRecoveryRequest {
-    /** Share C data (base64, 32 bytes decoded from mnemonic) */
-    shareC: string;
-}
-/** Response from Share C recovery endpoint */
-export interface ShareCRecoveryResponse {
-    /** Share B (base64) */
-    shareB: string;
-    /** Solana pubkey (for verification) */
-    solanaPubkey: string;
-}
-/** Request to recover wallet (replace existing with new credentials) */
-export interface WalletRecoverRequest {
-    /** Solana pubkey (must match existing wallet to prove ownership) */
-    solanaPubkey: string;
-    /** Auth method for Share A encryption */
-    shareAAuthMethod: ShareAAuthMethod;
-    /** Encrypted Share A (base64) */
-    shareACiphertext: string;
-    /** Nonce for Share A encryption (base64, 12 bytes) */
-    shareANonce: string;
-    /** KDF salt for password/PIN method (base64) */
-    shareAKdfSalt?: string;
-    /** KDF params for password/PIN method */
-    shareAKdfParams?: KdfParams;
-    /** PRF salt for passkey method (base64, 32 bytes) */
-    prfSalt?: string;
-    /** Plaintext Share B (base64) */
-    shareB: string;
-}
-/**
- * Credential for unlocking wallet / signing transactions (frontend internal use)
- *
- * TYPE-02: This type uses explicit `type` discriminator for TypeScript narrowing.
- * When sending to server API, convert to `UnlockCredentialRequest` which uses
- * the flattened format expected by the backend (`{ password: '...' }` not
- * `{ type: 'password', password: '...' }`).
- *
- * @see UnlockCredentialRequest for API request format
- */
-export type UnlockCredential = {
-    type: 'password';
-    password: string;
-} | {
-    type: 'prfOutput';
-    prfOutput: string;
-};
-/** Request to sign a transaction  */
-export interface SignTransactionRequest {
-    /** Transaction bytes (base64) */
-    transaction: string;
-    /** Unlock credential */
-    credential?: UnlockCredentialRequest;
-}
-/**
- * Credential for API request (flattened format matching server)
- *
- * TYPE-02: Server uses Serde's flattened enum format, so only ONE of these
- * fields should be present in the request object. Do NOT include `type` field.
- *
- * @example { password: 'secret' }
- * @example { prfOutput: 'base64...' }
- */
-export type UnlockCredentialRequest = {
-    password: string;
-} | {
-    prfOutput: string;
-};
-/** Response from transaction signing */
-export interface SignTransactionResponse {
-    /** Ed25519 signature (base64, 64 bytes) */
-    signature: string;
-    /** Solana pubkey that signed */
-    pubkey: string;
-}
-/**
- * Request to rotate user secret (re-encrypt Share A)
- *
- * TYPE-04: Current credential fields are FLATTENED into this struct (not nested).
- * The server uses `#[serde(flatten)]` so credential fields appear at root level.
- * E.g., send `{ password: "xxx", newAuthMethod: "passkey", ... }` not `{ currentCredential: {...} }`
- *
- * BUILD-01: Uses intersection type instead of interface-extends because
- * UnlockCredentialRequest is a union type (TypeScript doesn't allow interfaces
- * to extend union types).
- */
-export type RotateUserSecretRequest = UnlockCredentialRequest & {
-    /** New auth method */
-    newAuthMethod: ShareAAuthMethod;
-    /** New encrypted Share A (base64) */
-    shareACiphertext: string;
-    /** New nonce (base64, 12 bytes) */
-    shareANonce: string;
-    /** New KDF salt for password/PIN (base64) */
-    shareAKdfSalt?: string;
-    /** New KDF params for password/PIN */
-    shareAKdfParams?: KdfParams;
-    /** New PRF salt for passkey (base64, 32 bytes) */
-    prfSalt?: string;
-};
-/** Message response from server */
-export interface MessageResponse {
-    message: string;
-}
-/** Request to unlock wallet for session-based signing */
-export interface WalletUnlockRequest {
-    /** Unlock credential (flattened format) */
-    credential: UnlockCredentialRequest;
-}
-/** Response from wallet unlock */
-export interface WalletUnlockResponse {
-    /** Whether wallet is now unlocked */
-    unlocked: boolean;
-    /** TTL in seconds until auto-lock */
-    ttlSeconds: number;
-}
-/** Wallet status response from server */
-export interface WalletStatusApiResponse {
-    /** Whether SSS embedded wallet is enrolled */
-    enrolled: boolean;
-    /** Whether wallet is currently unlocked for signing */
-    unlocked: boolean;
-    /** Solana public key (from SSS wallet if enrolled, or external wallet if connected) */
-    solanaPubkey?: string;
-    /** Auth method for SSS wallet (if enrolled) */
-    authMethod?: ShareAAuthMethod;
-    /** Whether user signed in with external Solana wallet (not SSS) */
-    hasExternalWallet: boolean;
-}
-/** Wallet context value */
-export interface WalletContextValue {
-    /** Current wallet status */
-    status: WalletStatus;
-    /** Solana public key (from SSS wallet if enrolled, or external wallet) */
-    solanaPubkey: string | null;
-    /** Auth method for Share A (if enrolled in SSS wallet) */
-    authMethod: ShareAAuthMethod | null;
-    /** Whether user signed in with external Solana wallet (not SSS) */
-    hasExternalWallet: boolean;
-    /** Whether SSS wallet is unlocked for signing */
-    isUnlocked: boolean;
-    /** Crypto capabilities */
-    capabilities: CryptoCapabilities | null;
-    /** Whether all required capabilities are available */
-    isSupported: boolean;
-    /** Error message if any */
-    error: string | null;
-    /** Refresh wallet status */
-    refresh: () => Promise<void>;
-    /** Clear error */
-    clearError: () => void;
-}
-/** Enrollment hook return value  */
-export interface UseWalletEnrollmentReturn {
-    /** Current enrollment state */
-    state: EnrollmentState;
-    /** Start enrollment with password (email users) */
-    startEnrollmentWithPassword: (password: string) => Promise<void>;
-    /** Start enrollment with passkey PRF */
-    startEnrollmentWithPasskey: () => Promise<void>;
-    /** Confirm user has saved recovery phrase */
-    confirmRecoveryPhrase: () => void;
-    /** Cancel enrollment */
-    cancel: () => void;
-    /** Whether enrollment is in progress */
-    isEnrolling: boolean;
-}
-/**
- * Signing hook return value
- * Signing is server-side. Client just provides credential.
- */
-export interface UseWalletSigningReturn {
-    /** Sign a transaction */
-    signTransaction: (transaction: Uint8Array, credential?: UnlockCredential) => Promise<Uint8Array>;
-    /** Whether signing is in progress */
-    isSigning: boolean;
-    /** Error from last signing attempt */
-    error: string | null;
-    /** Clear error */
-    clearError: () => void;
-}
-/** Recovery hook return value */
-export interface UseWalletRecoveryReturn {
-    /** Current recovery state */
-    state: RecoveryState;
-    /** Start recovery: validate phrase, then set new credential */
-    startRecovery: (words: string[], method: ShareAAuthMethod, credential: string) => Promise<void>;
-    /** Cancel recovery */
-    cancel: () => void;
-    /** Whether recovery is in progress */
-    isRecovering: boolean;
-}
-/** Wallet material hook return value */
-export interface UseWalletMaterialReturn {
-    /** Fetch wallet status (enrolled, unlocked, external wallet) */
-    getStatus: () => Promise<WalletStatusApiResponse>;
-    /** Fetch wallet material (for SSS wallet details) */
-    getMaterial: () => Promise<WalletMaterialResponse | null>;
-    /** Enroll new SSS wallet */
-    enroll: (request: WalletEnrollRequest) => Promise<void>;
-    /** Recover wallet (replace existing with new credentials) */
-    recover: (request: WalletRecoverRequest) => Promise<void>;
-    /** Sign a transaction (SSS wallet) */
-    signTransaction: (request: SignTransactionRequest) => Promise<SignTransactionResponse>;
-    /** Rotate user secret */
-    rotateUserSecret: (request: RotateUserSecretRequest) => Promise<void>;
-    /** Unlock wallet for session-based signing (credential cached server-side) */
-    unlock: (credential: UnlockCredential) => Promise<WalletUnlockResponse>;
-    /** Lock wallet (clear cached credential) */
-    lock: () => Promise<void>;
-    /** Get Share B for Share C recovery mode (proves ownership via Share C) */
-    getShareBForRecovery: (request: ShareCRecoveryRequest) => Promise<ShareCRecoveryResponse>;
-    /** Whether request is in progress */
-    isLoading: boolean;
-    /** Error from last request */
-    error: string | null;
-    /** Clear error */
-    clearError: () => void;
-}
-/** PRF capability hook return value */
-export interface UsePrfCapabilityReturn {
-    /** Whether PRF is supported */
-    isSupported: boolean;
-    /** Whether check is in progress */
-    isChecking: boolean;
-    /** Error message if check failed */
-    error: string | null;
-    /** Recheck PRF support */
-    recheck: () => Promise<void>;
-}
-/** Response from pending wallet recovery check */
-export interface PendingWalletRecoveryResponse {
-    /** Whether there is pending recovery data to acknowledge */
-    hasPendingRecovery: boolean;
-    /** Type of recovery data: "share_c" or "full_seed" */
-    recoveryType?: string;
-    /** Recovery phrase (BIP-39 mnemonic or base64 seed) */
-    recoveryPhrase?: string;
-    /** When the recovery data expires */
-    expiresAt?: string;
-}
-/** Request to acknowledge receipt of recovery phrase */
-export interface AcknowledgeRecoveryRequest {
-    /** Confirmation that user has saved the recovery phrase */
-    confirmed: boolean;
-}

package/dist/utils/adminUserApi.d.ts

@@ -1,60 +0,0 @@
-import { AdminUser, AdminUserChatsResponse, AdminUserCreditsResponse, AdminUserStatsResponse, AdjustCreditsRequest, ListAdminUsersResponse, ListUsersParams, UpdateUserRequest } from '../types';
-import { AdminDepositListResponse, AdminUserWithdrawalHistoryResponse } from '../types/deposit';
-/**
- * API client for admin user operations
- *
- * Requires system admin privileges.
- */
-export declare class AdminUserApiClient {
-    private client;
-    constructor(baseUrl: string, timeoutMs?: number, retryAttempts?: number, getAccessToken?: () => string | null);
-    /**
-     * List all users in the system
-     */
-    listUsers(params?: ListUsersParams): Promise<ListAdminUsersResponse>;
-    /**
-     * Get a specific user by ID
-     */
-    getUser(userId: string): Promise<AdminUser>;
-    /**
-     * Set a user's system admin status
-     */
-    setSystemAdmin(userId: string, isAdmin: boolean): Promise<void>;
-    /**
-     * Update a user's profile
-     */
-    updateUser(userId: string, data: UpdateUserRequest): Promise<AdminUser>;
-    /**
-     * Delete a user
-     */
-    deleteUser(userId: string): Promise<void>;
-    /**
-     * Send a password reset email to a user
-     */
-    forcePasswordReset(userId: string): Promise<void>;
-    /**
-     * Adjust a user's credits
-     */
-    adjustCredits(userId: string, data: AdjustCreditsRequest): Promise<void>;
-    /**
-     * Get a user's deposit history
-     */
-    getUserDeposits(userId: string, params?: ListUsersParams): Promise<AdminDepositListResponse>;
-    /**
-     * Get a user's credit stats and transaction history
-     */
-    getUserCredits(userId: string, params?: ListUsersParams): Promise<AdminUserCreditsResponse>;
-    /**
-     * Get a user's withdrawal history
-     */
-    getUserWithdrawalHistory(userId: string, params?: ListUsersParams): Promise<AdminUserWithdrawalHistoryResponse>;
-    /**
-     * Get a user's chat history (from cedros-pay)
-     * Only available when cedros-pay is enabled.
-     */
-    getUserChats(userId: string, params?: ListUsersParams): Promise<AdminUserChatsResponse>;
-    /**
-     * Get user statistics by auth method
-     */
-    getStats(): Promise<AdminUserStatsResponse>;
-}

package/dist/utils/apiClient.d.ts

@@ -1,78 +0,0 @@
-import { AuthError } from '../types';
-export interface ApiClientConfig {
-    baseUrl: string;
-    timeoutMs?: number;
-    retryAttempts?: number;
-    getAccessToken?: () => string | null;
-}
-/**
- * M-02: Response validator function type.
- * Returns the validated data or throws on invalid shape.
- */
-export type ResponseValidator<T> = (data: unknown) => T;
-export interface RequestOptions<T = unknown> {
-    method: 'GET' | 'HEAD' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
-    path: string;
-    body?: unknown;
-    credentials?: RequestCredentials;
-    skipRetry?: boolean;
-    /** M-02: Optional validator to verify response shape at runtime */
-    validator?: ResponseValidator<T>;
-}
-/**
- * Creates an authentication error from response data
- */
-export declare function createAuthError(data: {
-    code?: string;
-    message?: string;
-    details?: Record<string, unknown>;
-}, fallbackMessage: string): AuthError;
-/**
- * Creates a network error
- */
-export declare function createNetworkError(): AuthError;
-/**
- * API client for making authenticated requests with timeout and retry support
- */
-export declare class ApiClient {
-    private baseUrl;
-    private timeoutMs;
-    private retryAttempts;
-    private getAccessToken?;
-    constructor(config: ApiClientConfig);
-    /**
-     * Make an API request with timeout and optional retry
-     */
-    request<T>(options: RequestOptions<T>): Promise<T>;
-    /**
-     * POST request helper
-     */
-    post<T>(path: string, body: unknown, options?: Partial<RequestOptions<T>>): Promise<T>;
-    /**
-     * GET request helper
-     */
-    get<T>(path: string, options?: Partial<RequestOptions<T>>): Promise<T>;
-    /**
-     * PATCH request helper
-     */
-    patch<T>(path: string, body: unknown, options?: Partial<RequestOptions<T>>): Promise<T>;
-    /**
-     * DELETE request helper
-     */
-    delete<T>(path: string, options?: Partial<RequestOptions<T>>): Promise<T>;
-}
-/**
- * M-02: Helper to create a basic object shape validator.
- * Checks that required keys exist and are of expected types.
- * @example
- * const validateUser = createValidator<User>({
- *   id: 'string',
- *   email: 'string',
- *   role: 'string',
- * });
- */
-export declare function createValidator<T>(shape: Record<keyof T & string, 'string' | 'number' | 'boolean' | 'object'>): ResponseValidator<T>;
-/**
- * Converts API errors to AuthError format
- */
-export declare function handleApiError(err: unknown, fallbackMessage: string): AuthError;

package/dist/utils/cryptoShim.d.ts

@@ -1,17 +0,0 @@
-/**
- * Shim for Node's `crypto` module.
- * Maps `require('crypto')` / `import 'crypto'` to Web Crypto API in the browser.
- * Used by vite.config.ts alias to support CJS dependencies that expect Node crypto.
- */
-declare const _default: Crypto;
-export default _default;
-export declare const webcrypto: Crypto;
-export declare const subtle: SubtleCrypto;
-export declare const getRandomValues: {
-    <T extends ArrayBufferView>(array: T): T;
-    <T extends ArrayBufferView>(array: T): T;
-};
-export declare const randomUUID: {
-    (): `${string}-${string}-${string}-${string}-${string}`;
-    (): `${string}-${string}-${string}-${string}-${string}`;
-};

package/dist/utils/csrf.d.ts

@@ -1 +0,0 @@
-export declare function getCsrfToken(): string | null;

package/dist/utils/deviceDetection.d.ts

@@ -1,17 +0,0 @@
-/**
- * Device detection utilities
- */
-/**
- * Detects if the current device is an Apple device (macOS, iOS, iPadOS).
- * Apple Sign In is most useful on Apple devices where users have Apple ID readily available.
- *
- * @returns true if running on an Apple device
- *
- * @example
- * ```tsx
- * if (isAppleDevice()) {
- *   // Show Apple Sign In button
- * }
- * ```
- */
-export declare function isAppleDevice(): boolean;

package/dist/utils/embeddedWallet.d.ts

@@ -1,75 +0,0 @@
-/**
- * Embedded wallet detection utilities
- *
- * Allows other Cedros modules (like cedros-pay) to detect if an embedded
- * wallet is available in the current application.
- *
- * @security The window global only exposes availability info, NOT the signing
- * function. Signing must go through React context to prevent unauthorized access.
- */
-/** Window global name for embedded wallet detection */
-declare const GLOBAL_KEY = "__CEDROS_EMBEDDED_WALLET__";
-/**
- * Embedded wallet info exposed via window global
- */
-export interface EmbeddedWalletInfo {
-    /** Whether user has enrolled SSS embedded wallet */
-    available: boolean;
-    /** Solana public key (base58) if available */
-    publicKey: string | null;
-}
-declare global {
-    interface Window {
-        [GLOBAL_KEY]?: EmbeddedWalletInfo;
-    }
-}
-/**
- * Set embedded wallet availability on window global
- *
- * Called by CedrosLoginProvider when wallet.exposeAvailability is true.
- *
- * @internal
- */
-export declare function setEmbeddedWalletGlobal(info: EmbeddedWalletInfo): void;
-/**
- * Clear embedded wallet availability from window global
- *
- * Called when user logs out or config changes.
- *
- * @internal
- */
-export declare function clearEmbeddedWalletGlobal(): void;
-/**
- * Check if embedded wallet is available
- *
- * Use this in other Cedros modules (like cedros-pay) to detect
- * if an embedded wallet is available for signing.
- *
- * @example
- * ```tsx
- * import { isEmbeddedWalletAvailable, getEmbeddedWalletInfo } from '@cedros/login-react';
- *
- * // Simple check
- * if (isEmbeddedWalletAvailable()) {
- *   // Show "Pay with Crypto" button
- * }
- *
- * // Get full info
- * const walletInfo = getEmbeddedWalletInfo();
- * if (walletInfo?.available && walletInfo.publicKey) {
- *   console.log('User wallet:', walletInfo.publicKey);
- * }
- * ```
- *
- * @returns true if embedded wallet is enrolled and available
- */
-export declare function isEmbeddedWalletAvailable(): boolean;
-/**
- * Get embedded wallet info
- *
- * Returns the full wallet info object if available.
- *
- * @returns Wallet info or null if not exposed
- */
-export declare function getEmbeddedWalletInfo(): EmbeddedWalletInfo | null;
-export {};

package/dist/utils/inviteApi.d.ts

@@ -1,31 +0,0 @@
-import { Invite, CreateInviteRequest, AcceptInviteRequest, CreateInviteResponse, AcceptInviteResponse } from '../types';
-/**
- * API client for invite operations
- */
-export declare class InviteApiClient {
-    private client;
-    constructor(baseUrl: string, timeoutMs?: number, retryAttempts?: number, getAccessToken?: () => string | null);
-    /**
-     * List all pending invites for an organization
-     */
-    listInvites(orgId: string, limit?: number, offset?: number): Promise<{
-        invites: Invite[];
-        total: number;
-    }>;
-    /**
-     * Create a new invite
-     */
-    createInvite(orgId: string, data: CreateInviteRequest): Promise<CreateInviteResponse>;
-    /**
-     * Cancel a pending invite
-     */
-    cancelInvite(orgId: string, inviteId: string): Promise<void>;
-    /**
-     * Resend an invite email
-     */
-    resendInvite(orgId: string, inviteId: string): Promise<void>;
-    /**
-     * Accept an invite (public endpoint)
-     */
-    acceptInvite(data: AcceptInviteRequest): Promise<AcceptInviteResponse>;
-}

package/dist/utils/memberApi.d.ts

@@ -1,23 +0,0 @@
-import { Member, UpdateMemberRoleRequest } from '../types';
-/**
- * API client for member operations within an organization
- */
-export declare class MemberApiClient {
-    private client;
-    constructor(baseUrl: string, timeoutMs?: number, retryAttempts?: number, getAccessToken?: () => string | null);
-    /**
-     * List all members of an organization
-     */
-    listMembers(orgId: string, limit?: number, offset?: number): Promise<{
-        members: Member[];
-        total: number;
-    }>;
-    /**
-     * Update a member's role
-     */
-    updateMemberRole(orgId: string, userId: string, data: UpdateMemberRoleRequest): Promise<Member>;
-    /**
-     * Remove a member from the organization
-     */
-    removeMember(orgId: string, userId: string): Promise<void>;
-}

package/dist/utils/orgApi.d.ts

@@ -1,36 +0,0 @@
-import { Organization, OrgWithMembership, CreateOrgRequest, UpdateOrgRequest, AuthorizeRequest, AuthorizeResponse, PermissionsResponse } from '../types';
-/**
- * API client for organization operations
- */
-export declare class OrgApiClient {
-    private client;
-    constructor(baseUrl: string, timeoutMs?: number, retryAttempts?: number, getAccessToken?: () => string | null);
-    /**
-     * List all organizations the current user belongs to
-     */
-    listOrgs(): Promise<OrgWithMembership[]>;
-    /**
-     * Get a single organization by ID
-     */
-    getOrg(orgId: string): Promise<Organization>;
-    /**
-     * Create a new organization
-     */
-    createOrg(data: CreateOrgRequest): Promise<Organization>;
-    /**
-     * Update an organization
-     */
-    updateOrg(orgId: string, data: UpdateOrgRequest): Promise<Organization>;
-    /**
-     * Delete an organization
-     */
-    deleteOrg(orgId: string): Promise<void>;
-    /**
-     * Check authorization for an action
-     */
-    authorize(data: AuthorizeRequest): Promise<AuthorizeResponse>;
-    /**
-     * Get current user's permissions in an organization
-     */
-    getPermissions(orgId: string): Promise<PermissionsResponse>;
-}

package/dist/utils/profileApi.d.ts

@@ -1,26 +0,0 @@
-import { ChangePasswordRequest, ChangePasswordResponse, UpdateProfileRequest, UpdateProfileResponse } from '../types';
-/**
- * API client for user profile operations
- *
- * Supports:
- * - POST /auth/change-password - Change user password
- * - PATCH /auth/me - Update profile (name, picture) [requires backend support]
- */
-export declare class ProfileApiClient {
-    private client;
-    constructor(baseUrl: string, timeoutMs?: number, retryAttempts?: number, getAccessToken?: () => string | null);
-    /**
-     * Change the user's password
-     *
-     * Requires the current password for verification. Also revokes all other sessions
-     * and re-encrypts wallet Share A if using password-based wallet protection.
-     */
-    changePassword(data: ChangePasswordRequest): Promise<ChangePasswordResponse>;
-    /**
-     * Update user profile (name, picture)
-     *
-     * NOTE: Requires PATCH /auth/me endpoint on the backend.
-     * If not implemented, returns a rejection.
-     */
-    updateProfile(data: UpdateProfileRequest): Promise<UpdateProfileResponse>;
-}