@cedros/login-react 0.0.15 → 0.0.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (125) hide show
  1. package/dist/{AuthenticationSettings-Dg6ATgOl.js → AuthenticationSettings-BipaLyGg.js} +19 -19
  2. package/dist/{AuthenticationSettings-Dg6ATgOl.js.map → AuthenticationSettings-BipaLyGg.js.map} +1 -1
  3. package/dist/{AuthenticationSettings-CjGGqbcS.cjs → AuthenticationSettings-Cb80XWPm.cjs} +1 -1
  4. package/dist/{AuthenticationSettings-CjGGqbcS.cjs.map → AuthenticationSettings-Cb80XWPm.cjs.map} +1 -1
  5. package/dist/{AuthenticationSettings-DGWktSVw.js → AuthenticationSettings-Cfn0No6U.js} +1 -1
  6. package/dist/{AuthenticationSettings-DGWktSVw.js.map → AuthenticationSettings-Cfn0No6U.js.map} +1 -1
  7. package/dist/{AuthenticationSettings-HhrUAmM6.cjs → AuthenticationSettings-Cu0S0Z7s.cjs} +1 -1
  8. package/dist/{AuthenticationSettings-HhrUAmM6.cjs.map → AuthenticationSettings-Cu0S0Z7s.cjs.map} +1 -1
  9. package/dist/{AutosaveStatus-DeViUyyI.js → AutosaveStatus-BKc7T2Tw.js} +323 -242
  10. package/dist/AutosaveStatus-BKc7T2Tw.js.map +1 -0
  11. package/dist/AutosaveStatus-BjLMt52a.cjs +1 -0
  12. package/dist/AutosaveStatus-BjLMt52a.cjs.map +1 -0
  13. package/dist/{CreditSystemSettings-DBr7QS59.js → CreditSystemSettings-CvcacgMM.js} +1 -1
  14. package/dist/{CreditSystemSettings-DBr7QS59.js.map → CreditSystemSettings-CvcacgMM.js.map} +1 -1
  15. package/dist/{CreditSystemSettings-CSlsQynZ.js → CreditSystemSettings-D13lZbIw.js} +1 -1
  16. package/dist/{CreditSystemSettings-CSlsQynZ.js.map → CreditSystemSettings-D13lZbIw.js.map} +1 -1
  17. package/dist/{CreditSystemSettings-CyFQbXMh.cjs → CreditSystemSettings-DO-dUcxN.cjs} +1 -1
  18. package/dist/{CreditSystemSettings-CyFQbXMh.cjs.map → CreditSystemSettings-DO-dUcxN.cjs.map} +1 -1
  19. package/dist/{CreditSystemSettings-BykhytcS.cjs → CreditSystemSettings-DV0VkPIe.cjs} +1 -1
  20. package/dist/{CreditSystemSettings-BykhytcS.cjs.map → CreditSystemSettings-DV0VkPIe.cjs.map} +1 -1
  21. package/dist/{EmailRegisterForm-Pvm3I8GP.cjs → EmailRegisterForm-DcpT5LU6.cjs} +1 -1
  22. package/dist/{EmailRegisterForm-Pvm3I8GP.cjs.map → EmailRegisterForm-DcpT5LU6.cjs.map} +1 -1
  23. package/dist/{EmailRegisterForm-nI0BOIxR.js → EmailRegisterForm-HMcnD3KA.js} +1 -1
  24. package/dist/{EmailRegisterForm-nI0BOIxR.js.map → EmailRegisterForm-HMcnD3KA.js.map} +1 -1
  25. package/dist/{EmailSettings-Bup2rCgU.cjs → EmailSettings-BkR7vlWL.cjs} +1 -1
  26. package/dist/{EmailSettings-Bup2rCgU.cjs.map → EmailSettings-BkR7vlWL.cjs.map} +1 -1
  27. package/dist/EmailSettings-CLMdw3rB.js +78 -0
  28. package/dist/EmailSettings-CLMdw3rB.js.map +1 -0
  29. package/dist/EmailSettings-Dq3mfUr2.cjs +1 -0
  30. package/dist/EmailSettings-Dq3mfUr2.cjs.map +1 -0
  31. package/dist/{EmailSettings-C04qdJCz.js → EmailSettings-ulEHtH2y.js} +1 -1
  32. package/dist/{EmailSettings-C04qdJCz.js.map → EmailSettings-ulEHtH2y.js.map} +1 -1
  33. package/dist/{EmbeddedWalletSettings-DYh884HP.js → EmbeddedWalletSettings-BTTV8Nqi.js} +46 -31
  34. package/dist/EmbeddedWalletSettings-BTTV8Nqi.js.map +1 -0
  35. package/dist/EmbeddedWalletSettings-C7H0E8Uz.cjs +1 -0
  36. package/dist/EmbeddedWalletSettings-C7H0E8Uz.cjs.map +1 -0
  37. package/dist/{EmbeddedWalletSettings-DDFQhQOw.js → EmbeddedWalletSettings-CLWh2TbV.js} +1 -1
  38. package/dist/{EmbeddedWalletSettings-DDFQhQOw.js.map → EmbeddedWalletSettings-CLWh2TbV.js.map} +1 -1
  39. package/dist/{EmbeddedWalletSettings-YX0Dk_b_.cjs → EmbeddedWalletSettings-DGmCVyex.cjs} +1 -1
  40. package/dist/{EmbeddedWalletSettings-YX0Dk_b_.cjs.map → EmbeddedWalletSettings-DGmCVyex.cjs.map} +1 -1
  41. package/dist/PermissionsSection-BPbE-hNx.cjs.map +1 -1
  42. package/dist/PermissionsSection-CighC1p6.js.map +1 -1
  43. package/dist/{ServerSettings-CInJe4jY.cjs → ServerSettings-CPAoiDtn.cjs} +1 -1
  44. package/dist/{ServerSettings-CInJe4jY.cjs.map → ServerSettings-CPAoiDtn.cjs.map} +1 -1
  45. package/dist/ServerSettings-Ch8MCmAY.js +91 -0
  46. package/dist/ServerSettings-Ch8MCmAY.js.map +1 -0
  47. package/dist/ServerSettings-CqDd59iM.cjs +1 -0
  48. package/dist/ServerSettings-CqDd59iM.cjs.map +1 -0
  49. package/dist/{ServerSettings-DVEtfDQo.js → ServerSettings-DooVeOet.js} +1 -1
  50. package/dist/{ServerSettings-DVEtfDQo.js.map → ServerSettings-DooVeOet.js.map} +1 -1
  51. package/dist/{WebhookSettings-DdbxNPZ9.js → WebhookSettings-B6mjH90_.js} +1 -1
  52. package/dist/{WebhookSettings-DdbxNPZ9.js.map → WebhookSettings-B6mjH90_.js.map} +1 -1
  53. package/dist/WebhookSettings-BG77iqJC.js +63 -0
  54. package/dist/WebhookSettings-BG77iqJC.js.map +1 -0
  55. package/dist/{WebhookSettings-BMeykdRP.cjs → WebhookSettings-BeiUAcKs.cjs} +1 -1
  56. package/dist/{WebhookSettings-BMeykdRP.cjs.map → WebhookSettings-BeiUAcKs.cjs.map} +1 -1
  57. package/dist/WebhookSettings-WMJ5zPjY.cjs +1 -0
  58. package/dist/WebhookSettings-WMJ5zPjY.cjs.map +1 -0
  59. package/dist/admin-only.cjs +1 -1
  60. package/dist/admin-only.d.ts +109 -14
  61. package/dist/admin-only.js +4 -3
  62. package/dist/email-only.cjs +1 -1
  63. package/dist/email-only.d.ts +56 -6
  64. package/dist/email-only.js +2 -2
  65. package/dist/google-only.cjs +1 -1
  66. package/dist/google-only.d.ts +56 -6
  67. package/dist/google-only.js +1 -1
  68. package/dist/index.cjs +13 -13
  69. package/dist/index.cjs.map +1 -1
  70. package/dist/index.d.ts +330 -34
  71. package/dist/index.js +2505 -3553
  72. package/dist/index.js.map +1 -1
  73. package/dist/login-react.css +1 -1
  74. package/dist/mobileWalletAdapter-Dp4yFxCm.cjs +1 -0
  75. package/dist/mobileWalletAdapter-Dp4yFxCm.cjs.map +1 -0
  76. package/dist/mobileWalletAdapter-coZRD4Yx.js +291 -0
  77. package/dist/mobileWalletAdapter-coZRD4Yx.js.map +1 -0
  78. package/dist/{plugin-CnbFRy5o.cjs → plugin-BgMAc6DA.cjs} +1 -1
  79. package/dist/{plugin-CnbFRy5o.cjs.map → plugin-BgMAc6DA.cjs.map} +1 -1
  80. package/dist/{plugin-CW_ycXye.js → plugin-Bhf9zaly.js} +82 -70
  81. package/dist/{plugin-CW_ycXye.js.map → plugin-Bhf9zaly.js.map} +1 -1
  82. package/dist/{shamir-L-s-Tp1Z.js → shamir-CDbZS8I1.js} +1 -1
  83. package/dist/{shamir-L-s-Tp1Z.js.map → shamir-CDbZS8I1.js.map} +1 -1
  84. package/dist/{shamir-4DyQMJCk.cjs → shamir-DAa54dMh.cjs} +1 -1
  85. package/dist/{shamir-4DyQMJCk.cjs.map → shamir-DAa54dMh.cjs.map} +1 -1
  86. package/dist/{silentWalletEnroll-DWt6Pr3B.js → silentWalletEnroll-CRHzr4Zy.js} +2 -2
  87. package/dist/{silentWalletEnroll-DWt6Pr3B.js.map → silentWalletEnroll-CRHzr4Zy.js.map} +1 -1
  88. package/dist/{silentWalletEnroll-BgTb4H5I.cjs → silentWalletEnroll-Dl_oFapH.cjs} +1 -1
  89. package/dist/{silentWalletEnroll-BgTb4H5I.cjs.map → silentWalletEnroll-Dl_oFapH.cjs.map} +1 -1
  90. package/dist/solana-only.cjs +1 -1
  91. package/dist/solana-only.d.ts +112 -6
  92. package/dist/solana-only.js +6 -5
  93. package/dist/{useAuth-C3dpk0po.js → useAuth-D1NSN6yY.js} +822 -777
  94. package/dist/useAuth-D1NSN6yY.js.map +1 -0
  95. package/dist/{useAuth-D3Pk_H3z.cjs → useAuth-dS_6wAMp.cjs} +1 -1
  96. package/dist/useAuth-dS_6wAMp.cjs.map +1 -0
  97. package/package.json +4 -1
  98. package/dist/AutosaveStatus-BDWxAg4U.cjs +0 -1
  99. package/dist/AutosaveStatus-BDWxAg4U.cjs.map +0 -1
  100. package/dist/AutosaveStatus-DeViUyyI.js.map +0 -1
  101. package/dist/EmailSettings-C0Ss6Cne.cjs +0 -1
  102. package/dist/EmailSettings-C0Ss6Cne.cjs.map +0 -1
  103. package/dist/EmailSettings-DAqH_xum.js +0 -17
  104. package/dist/EmailSettings-DAqH_xum.js.map +0 -1
  105. package/dist/EmbeddedWalletSettings-B0XkNuPR.cjs +0 -1
  106. package/dist/EmbeddedWalletSettings-B0XkNuPR.cjs.map +0 -1
  107. package/dist/EmbeddedWalletSettings-DYh884HP.js.map +0 -1
  108. package/dist/ServerSettings-CwnEI-PC.cjs +0 -1
  109. package/dist/ServerSettings-CwnEI-PC.cjs.map +0 -1
  110. package/dist/ServerSettings-DakhpYcO.js +0 -84
  111. package/dist/ServerSettings-DakhpYcO.js.map +0 -1
  112. package/dist/SettingsPageLayout-C6DWgyXS.cjs +0 -1
  113. package/dist/SettingsPageLayout-C6DWgyXS.cjs.map +0 -1
  114. package/dist/SettingsPageLayout-CLJI6hFQ.js +0 -50
  115. package/dist/SettingsPageLayout-CLJI6hFQ.js.map +0 -1
  116. package/dist/SolanaLoginButton-BjOxpE1C.cjs +0 -1
  117. package/dist/SolanaLoginButton-BjOxpE1C.cjs.map +0 -1
  118. package/dist/SolanaLoginButton-P22QjBaO.js +0 -262
  119. package/dist/SolanaLoginButton-P22QjBaO.js.map +0 -1
  120. package/dist/WebhookSettings-BNVooF0B.cjs +0 -1
  121. package/dist/WebhookSettings-BNVooF0B.cjs.map +0 -1
  122. package/dist/WebhookSettings-DXeDYhAe.js +0 -17
  123. package/dist/WebhookSettings-DXeDYhAe.js.map +0 -1
  124. package/dist/useAuth-C3dpk0po.js.map +0 -1
  125. package/dist/useAuth-D3Pk_H3z.cjs.map +0 -1
package/dist/{silentWalletEnroll-DWt6Pr3B.js → silentWalletEnroll-CRHzr4Zy.js} RENAMED
@@ -1,6 +1,6 @@
1
1
  import { A as g } from "./useCedrosLogin-_94MmGGq.js";
2
- import { g as f, a as w, D as i, b as K, t as b, c as p, w as S } from "./useAuth-C3dpk0po.js";
3
- import { s as T, a as k, g as B, p as D } from "./shamir-L-s-Tp1Z.js";
2
+ import { g as f, a as w, D as i, b as K, t as b, c as p, w as S } from "./useAuth-D1NSN6yY.js";
3
+ import { s as T, a as k, g as B, p as D } from "./shamir-CDbZS8I1.js";
4
4
  async function P(u) {
5
5
  const { password: A, serverUrl: h, accessToken: r, timeoutMs: y = 3e4 } = u, s = [];
6
6
  try {
package/dist/{silentWalletEnroll-DWt6Pr3B.js.map → silentWalletEnroll-CRHzr4Zy.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"silentWalletEnroll-DWt6Pr3B.js","sources":["../src/utils/silentWalletEnroll.ts"],"sourcesContent":["/**\n * Silent wallet enrollment utility\n *\n * Performs wallet enrollment in the background without UI interaction.\n * Used for auto-enrolling wallets during registration.\n *\n * Security: Uses the same Shamir Secret Sharing scheme as manual enrollment.\n * The recovery phrase is not shown - user can retrieve it later if needed.\n */\n\nimport {\n generateSeed,\n generateArgon2Salt,\n splitSecret,\n argon2DeriveInWorker,\n aesGcmEncryptToBase64,\n uint8ArrayToBase64,\n getPublicKeyFromSeed,\n publicKeyToBase58,\n wipeAll,\n toEncryptionKey,\n DEFAULT_KDF_PARAMS,\n} from '../crypto';\nimport { ApiClient } from './apiClient';\nimport type { WalletEnrollRequest } from '../types/wallet';\n\nexport interface SilentEnrollOptions {\n /** User's password for Share A encryption */\n password: string;\n /** Server base URL */\n serverUrl: string;\n /** Access token for authentication (optional if using cookies) */\n accessToken?: string;\n /** Request timeout in ms */\n timeoutMs?: number;\n}\n\nexport interface SilentEnrollResult {\n success: boolean;\n solanaPubkey?: string;\n error?: string;\n}\n\n/**\n * Silently enroll a wallet for a user\n *\n * This function performs the complete wallet enrollment process:\n * 1. Generate 32-byte seed\n * 2. Split into 3 Shamir shares (threshold 2)\n * 3. Encrypt Share A with password-derived key (Argon2id)\n * 4. Derive Solana public key from seed\n * 5. Upload encrypted Share A + plaintext Share B to server\n *\n * The recovery phrase (Share C) is not returned - user can recover it\n * later through the wallet recovery flow if needed.\n *\n * @param options - Enrollment options\n * @returns Result with success status and Solana public key\n */\nexport async function silentWalletEnroll(\n options: SilentEnrollOptions\n): Promise<SilentEnrollResult> {\n const { password, serverUrl, accessToken, timeoutMs = 30000 } = options;\n\n // Track sensitive data for cleanup\n const sensitiveData: Uint8Array[] = [];\n\n try {\n // Step 1: Generate seed\n const seed = generateSeed();\n sensitiveData.push(seed);\n\n // Step 2: Split into shares\n const { shareA, shareB } = splitSecret(seed);\n sensitiveData.push(shareA, shareB);\n\n // Step 3: Derive encryption key from password\n const salt = generateArgon2Salt();\n const key = await argon2DeriveInWorker(password, salt, DEFAULT_KDF_PARAMS);\n sensitiveData.push(key);\n\n // Step 4: Encrypt Share A\n const encryptedA = await aesGcmEncryptToBase64(shareA, toEncryptionKey(key));\n\n // Step 5: Derive Solana public key\n const publicKey = getPublicKeyFromSeed(seed);\n const solanaPubkey = publicKeyToBase58(publicKey);\n\n // Step 6: Build enrollment request\n // Only send encrypted shares — never send the raw seed to the server\n const request: WalletEnrollRequest = {\n solanaPubkey,\n shareAAuthMethod: 'password',\n shareACiphertext: encryptedA.ciphertext,\n shareANonce: encryptedA.nonce,\n shareB: uint8ArrayToBase64(shareB),\n shareAKdfSalt: uint8ArrayToBase64(salt),\n shareAKdfParams: DEFAULT_KDF_PARAMS,\n };\n\n // Step 7: Upload to server\n // If accessToken provided, use it; otherwise rely on cookies\n const apiClient = new ApiClient({\n baseUrl: serverUrl,\n timeoutMs,\n getAccessToken: accessToken ? () => accessToken : undefined,\n });\n\n await apiClient.post('/wallet/enroll', request);\n\n return {\n success: true,\n solanaPubkey,\n };\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Wallet enrollment failed';\n // Silent failure - don't break registration flow\n return {\n success: false,\n error: errorMessage,\n };\n } finally {\n // Always wipe sensitive data\n wipeAll(...sensitiveData);\n }\n}\n"],"names":["silentWalletEnroll","options","password","serverUrl","accessToken","timeoutMs","sensitiveData","seed","generateSeed","shareA","shareB","splitSecret","salt","generateArgon2Salt","key","argon2DeriveInWorker","DEFAULT_KDF_PARAMS","encryptedA","aesGcmEncryptToBase64","toEncryptionKey","publicKey","getPublicKeyFromSeed","solanaPubkey","publicKeyToBase58","request","uint8ArrayToBase64","ApiClient","err","wipeAll"],"mappings":";;;AA2DA,eAAsBA,EACpBC,GAC6B;AAC7B,QAAM,EAAE,UAAAC,GAAU,WAAAC,GAAW,aAAAC,GAAa,WAAAC,IAAY,QAAUJ,GAG1DK,IAA8B,CAAA;AAEpC,MAAI;AAEF,UAAMC,IAAOC,EAAA;AACb,IAAAF,EAAc,KAAKC,CAAI;AAGvB,UAAM,EAAE,QAAAE,GAAQ,QAAAC,MAAWC,EAAYJ,CAAI;AAC3C,IAAAD,EAAc,KAAKG,GAAQC,CAAM;AAGjC,UAAME,IAAOC,EAAA,GACPC,IAAM,MAAMC,EAAqBb,GAAUU,GAAMI,CAAkB;AACzE,IAAAV,EAAc,KAAKQ,CAAG;AAGtB,UAAMG,IAAa,MAAMC,EAAsBT,GAAQU,EAAgBL,CAAG,CAAC,GAGrEM,IAAYC,EAAqBd,CAAI,GACrCe,IAAeC,EAAkBH,CAAS,GAI1CI,IAA+B;AAAA,MACnC,cAAAF;AAAA,MACA,kBAAkB;AAAA,MAClB,kBAAkBL,EAAW;AAAA,MAC7B,aAAaA,EAAW;AAAA,MACxB,QAAQQ,EAAmBf,CAAM;AAAA,MACjC,eAAee,EAAmBb,CAAI;AAAA,MACtC,iBAAiBI;AAAA,IAAA;AAWnB,iBANkB,IAAIU,EAAU;AAAA,MAC9B,SAASvB;AAAA,MACT,WAAAE;AAAA,MACA,gBAAgBD,IAAc,MAAMA,IAAc;AAAA,IAAA,CACnD,EAEe,KAAK,kBAAkBoB,CAAO,GAEvC;AAAA,MACL,SAAS;AAAA,MACT,cAAAF;AAAA,IAAA;AAAA,EAEJ,SAASK,GAAK;AAGZ,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAJmBA,aAAe,QAAQA,EAAI,UAAU;AAAA,IAIjD;AAAA,EAEX,UAAA;AAEE,IAAAC,EAAQ,GAAGtB,CAAa;AAAA,EAC1B;AACF;"}
1
+ {"version":3,"file":"silentWalletEnroll-CRHzr4Zy.js","sources":["../src/utils/silentWalletEnroll.ts"],"sourcesContent":["/**\n * Silent wallet enrollment utility\n *\n * Performs wallet enrollment in the background without UI interaction.\n * Used for auto-enrolling wallets during registration.\n *\n * Security: Uses the same Shamir Secret Sharing scheme as manual enrollment.\n * The recovery phrase is not shown - user can retrieve it later if needed.\n */\n\nimport {\n generateSeed,\n generateArgon2Salt,\n splitSecret,\n argon2DeriveInWorker,\n aesGcmEncryptToBase64,\n uint8ArrayToBase64,\n getPublicKeyFromSeed,\n publicKeyToBase58,\n wipeAll,\n toEncryptionKey,\n DEFAULT_KDF_PARAMS,\n} from '../crypto';\nimport { ApiClient } from './apiClient';\nimport type { WalletEnrollRequest } from '../types/wallet';\n\nexport interface SilentEnrollOptions {\n /** User's password for Share A encryption */\n password: string;\n /** Server base URL */\n serverUrl: string;\n /** Access token for authentication (optional if using cookies) */\n accessToken?: string;\n /** Request timeout in ms */\n timeoutMs?: number;\n}\n\nexport interface SilentEnrollResult {\n success: boolean;\n solanaPubkey?: string;\n error?: string;\n}\n\n/**\n * Silently enroll a wallet for a user\n *\n * This function performs the complete wallet enrollment process:\n * 1. Generate 32-byte seed\n * 2. Split into 3 Shamir shares (threshold 2)\n * 3. Encrypt Share A with password-derived key (Argon2id)\n * 4. Derive Solana public key from seed\n * 5. Upload encrypted Share A + plaintext Share B to server\n *\n * The recovery phrase (Share C) is not returned - user can recover it\n * later through the wallet recovery flow if needed.\n *\n * @param options - Enrollment options\n * @returns Result with success status and Solana public key\n */\nexport async function silentWalletEnroll(\n options: SilentEnrollOptions\n): Promise<SilentEnrollResult> {\n const { password, serverUrl, accessToken, timeoutMs = 30000 } = options;\n\n // Track sensitive data for cleanup\n const sensitiveData: Uint8Array[] = [];\n\n try {\n // Step 1: Generate seed\n const seed = generateSeed();\n sensitiveData.push(seed);\n\n // Step 2: Split into shares\n const { shareA, shareB } = splitSecret(seed);\n sensitiveData.push(shareA, shareB);\n\n // Step 3: Derive encryption key from password\n const salt = generateArgon2Salt();\n const key = await argon2DeriveInWorker(password, salt, DEFAULT_KDF_PARAMS);\n sensitiveData.push(key);\n\n // Step 4: Encrypt Share A\n const encryptedA = await aesGcmEncryptToBase64(shareA, toEncryptionKey(key));\n\n // Step 5: Derive Solana public key\n const publicKey = getPublicKeyFromSeed(seed);\n const solanaPubkey = publicKeyToBase58(publicKey);\n\n // Step 6: Build enrollment request\n // Only send encrypted shares — never send the raw seed to the server\n const request: WalletEnrollRequest = {\n solanaPubkey,\n shareAAuthMethod: 'password',\n shareACiphertext: encryptedA.ciphertext,\n shareANonce: encryptedA.nonce,\n shareB: uint8ArrayToBase64(shareB),\n shareAKdfSalt: uint8ArrayToBase64(salt),\n shareAKdfParams: DEFAULT_KDF_PARAMS,\n };\n\n // Step 7: Upload to server\n // If accessToken provided, use it; otherwise rely on cookies\n const apiClient = new ApiClient({\n baseUrl: serverUrl,\n timeoutMs,\n getAccessToken: accessToken ? () => accessToken : undefined,\n });\n\n await apiClient.post('/wallet/enroll', request);\n\n return {\n success: true,\n solanaPubkey,\n };\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Wallet enrollment failed';\n // Silent failure - don't break registration flow\n return {\n success: false,\n error: errorMessage,\n };\n } finally {\n // Always wipe sensitive data\n wipeAll(...sensitiveData);\n }\n}\n"],"names":["silentWalletEnroll","options","password","serverUrl","accessToken","timeoutMs","sensitiveData","seed","generateSeed","shareA","shareB","splitSecret","salt","generateArgon2Salt","key","argon2DeriveInWorker","DEFAULT_KDF_PARAMS","encryptedA","aesGcmEncryptToBase64","toEncryptionKey","publicKey","getPublicKeyFromSeed","solanaPubkey","publicKeyToBase58","request","uint8ArrayToBase64","ApiClient","err","wipeAll"],"mappings":";;;AA2DA,eAAsBA,EACpBC,GAC6B;AAC7B,QAAM,EAAE,UAAAC,GAAU,WAAAC,GAAW,aAAAC,GAAa,WAAAC,IAAY,QAAUJ,GAG1DK,IAA8B,CAAA;AAEpC,MAAI;AAEF,UAAMC,IAAOC,EAAA;AACb,IAAAF,EAAc,KAAKC,CAAI;AAGvB,UAAM,EAAE,QAAAE,GAAQ,QAAAC,MAAWC,EAAYJ,CAAI;AAC3C,IAAAD,EAAc,KAAKG,GAAQC,CAAM;AAGjC,UAAME,IAAOC,EAAA,GACPC,IAAM,MAAMC,EAAqBb,GAAUU,GAAMI,CAAkB;AACzE,IAAAV,EAAc,KAAKQ,CAAG;AAGtB,UAAMG,IAAa,MAAMC,EAAsBT,GAAQU,EAAgBL,CAAG,CAAC,GAGrEM,IAAYC,EAAqBd,CAAI,GACrCe,IAAeC,EAAkBH,CAAS,GAI1CI,IAA+B;AAAA,MACnC,cAAAF;AAAA,MACA,kBAAkB;AAAA,MAClB,kBAAkBL,EAAW;AAAA,MAC7B,aAAaA,EAAW;AAAA,MACxB,QAAQQ,EAAmBf,CAAM;AAAA,MACjC,eAAee,EAAmBb,CAAI;AAAA,MACtC,iBAAiBI;AAAA,IAAA;AAWnB,iBANkB,IAAIU,EAAU;AAAA,MAC9B,SAASvB;AAAA,MACT,WAAAE;AAAA,MACA,gBAAgBD,IAAc,MAAMA,IAAc;AAAA,IAAA,CACnD,EAEe,KAAK,kBAAkBoB,CAAO,GAEvC;AAAA,MACL,SAAS;AAAA,MACT,cAAAF;AAAA,IAAA;AAAA,EAEJ,SAASK,GAAK;AAGZ,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAJmBA,aAAe,QAAQA,EAAI,UAAU;AAAA,IAIjD;AAAA,EAEX,UAAA;AAEE,IAAAC,EAAQ,GAAGtB,CAAa;AAAA,EAC1B;AACF;"}
package/dist/{silentWalletEnroll-BgTb4H5I.cjs → silentWalletEnroll-Dl_oFapH.cjs} RENAMED
@@ -1 +1 @@
1
- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const S=require("./useCedrosLogin-C9MrcZvh.cjs"),e=require("./useAuth-D3Pk_H3z.cjs"),t=require("./shamir-4DyQMJCk.cjs");async function T(A){const{password:p,serverUrl:h,accessToken:n,timeoutMs:y=3e4}=A,r=[];try{const s=e.generateSeed();r.push(s);const{shareA:a,shareB:o}=t.splitSecret(s);r.push(a,o);const c=e.generateArgon2Salt(),l=await t.argon2DeriveInWorker(p,c,e.DEFAULT_KDF_PARAMS);r.push(l);const i=await e.aesGcmEncryptToBase64(a,e.toEncryptionKey(l)),d=t.getPublicKeyFromSeed(s),u=t.publicKeyToBase58(d),g={solanaPubkey:u,shareAAuthMethod:"password",shareACiphertext:i.ciphertext,shareANonce:i.nonce,shareB:e.uint8ArrayToBase64(o),shareAKdfSalt:e.uint8ArrayToBase64(c),shareAKdfParams:e.DEFAULT_KDF_PARAMS};return await new S.ApiClient({baseUrl:h,timeoutMs:y,getAccessToken:n?()=>n:void 0}).post("/wallet/enroll",g),{success:!0,solanaPubkey:u}}catch(s){return{success:!1,error:s instanceof Error?s.message:"Wallet enrollment failed"}}finally{e.wipeAll(...r)}}exports.silentWalletEnroll=T;
1
+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const S=require("./useCedrosLogin-C9MrcZvh.cjs"),e=require("./useAuth-dS_6wAMp.cjs"),t=require("./shamir-DAa54dMh.cjs");async function T(A){const{password:p,serverUrl:h,accessToken:n,timeoutMs:y=3e4}=A,r=[];try{const s=e.generateSeed();r.push(s);const{shareA:a,shareB:o}=t.splitSecret(s);r.push(a,o);const c=e.generateArgon2Salt(),l=await t.argon2DeriveInWorker(p,c,e.DEFAULT_KDF_PARAMS);r.push(l);const i=await e.aesGcmEncryptToBase64(a,e.toEncryptionKey(l)),d=t.getPublicKeyFromSeed(s),u=t.publicKeyToBase58(d),g={solanaPubkey:u,shareAAuthMethod:"password",shareACiphertext:i.ciphertext,shareANonce:i.nonce,shareB:e.uint8ArrayToBase64(o),shareAKdfSalt:e.uint8ArrayToBase64(c),shareAKdfParams:e.DEFAULT_KDF_PARAMS};return await new S.ApiClient({baseUrl:h,timeoutMs:y,getAccessToken:n?()=>n:void 0}).post("/wallet/enroll",g),{success:!0,solanaPubkey:u}}catch(s){return{success:!1,error:s instanceof Error?s.message:"Wallet enrollment failed"}}finally{e.wipeAll(...r)}}exports.silentWalletEnroll=T;
package/dist/{silentWalletEnroll-BgTb4H5I.cjs.map → silentWalletEnroll-Dl_oFapH.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"silentWalletEnroll-BgTb4H5I.cjs","sources":["../src/utils/silentWalletEnroll.ts"],"sourcesContent":["/**\n * Silent wallet enrollment utility\n *\n * Performs wallet enrollment in the background without UI interaction.\n * Used for auto-enrolling wallets during registration.\n *\n * Security: Uses the same Shamir Secret Sharing scheme as manual enrollment.\n * The recovery phrase is not shown - user can retrieve it later if needed.\n */\n\nimport {\n generateSeed,\n generateArgon2Salt,\n splitSecret,\n argon2DeriveInWorker,\n aesGcmEncryptToBase64,\n uint8ArrayToBase64,\n getPublicKeyFromSeed,\n publicKeyToBase58,\n wipeAll,\n toEncryptionKey,\n DEFAULT_KDF_PARAMS,\n} from '../crypto';\nimport { ApiClient } from './apiClient';\nimport type { WalletEnrollRequest } from '../types/wallet';\n\nexport interface SilentEnrollOptions {\n /** User's password for Share A encryption */\n password: string;\n /** Server base URL */\n serverUrl: string;\n /** Access token for authentication (optional if using cookies) */\n accessToken?: string;\n /** Request timeout in ms */\n timeoutMs?: number;\n}\n\nexport interface SilentEnrollResult {\n success: boolean;\n solanaPubkey?: string;\n error?: string;\n}\n\n/**\n * Silently enroll a wallet for a user\n *\n * This function performs the complete wallet enrollment process:\n * 1. Generate 32-byte seed\n * 2. Split into 3 Shamir shares (threshold 2)\n * 3. Encrypt Share A with password-derived key (Argon2id)\n * 4. Derive Solana public key from seed\n * 5. Upload encrypted Share A + plaintext Share B to server\n *\n * The recovery phrase (Share C) is not returned - user can recover it\n * later through the wallet recovery flow if needed.\n *\n * @param options - Enrollment options\n * @returns Result with success status and Solana public key\n */\nexport async function silentWalletEnroll(\n options: SilentEnrollOptions\n): Promise<SilentEnrollResult> {\n const { password, serverUrl, accessToken, timeoutMs = 30000 } = options;\n\n // Track sensitive data for cleanup\n const sensitiveData: Uint8Array[] = [];\n\n try {\n // Step 1: Generate seed\n const seed = generateSeed();\n sensitiveData.push(seed);\n\n // Step 2: Split into shares\n const { shareA, shareB } = splitSecret(seed);\n sensitiveData.push(shareA, shareB);\n\n // Step 3: Derive encryption key from password\n const salt = generateArgon2Salt();\n const key = await argon2DeriveInWorker(password, salt, DEFAULT_KDF_PARAMS);\n sensitiveData.push(key);\n\n // Step 4: Encrypt Share A\n const encryptedA = await aesGcmEncryptToBase64(shareA, toEncryptionKey(key));\n\n // Step 5: Derive Solana public key\n const publicKey = getPublicKeyFromSeed(seed);\n const solanaPubkey = publicKeyToBase58(publicKey);\n\n // Step 6: Build enrollment request\n // Only send encrypted shares — never send the raw seed to the server\n const request: WalletEnrollRequest = {\n solanaPubkey,\n shareAAuthMethod: 'password',\n shareACiphertext: encryptedA.ciphertext,\n shareANonce: encryptedA.nonce,\n shareB: uint8ArrayToBase64(shareB),\n shareAKdfSalt: uint8ArrayToBase64(salt),\n shareAKdfParams: DEFAULT_KDF_PARAMS,\n };\n\n // Step 7: Upload to server\n // If accessToken provided, use it; otherwise rely on cookies\n const apiClient = new ApiClient({\n baseUrl: serverUrl,\n timeoutMs,\n getAccessToken: accessToken ? () => accessToken : undefined,\n });\n\n await apiClient.post('/wallet/enroll', request);\n\n return {\n success: true,\n solanaPubkey,\n };\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Wallet enrollment failed';\n // Silent failure - don't break registration flow\n return {\n success: false,\n error: errorMessage,\n };\n } finally {\n // Always wipe sensitive data\n wipeAll(...sensitiveData);\n }\n}\n"],"names":["silentWalletEnroll","options","password","serverUrl","accessToken","timeoutMs","sensitiveData","seed","generateSeed","shareA","shareB","splitSecret","salt","generateArgon2Salt","key","argon2DeriveInWorker","DEFAULT_KDF_PARAMS","encryptedA","aesGcmEncryptToBase64","toEncryptionKey","publicKey","getPublicKeyFromSeed","solanaPubkey","publicKeyToBase58","request","uint8ArrayToBase64","ApiClient","err","wipeAll"],"mappings":"wMA2DA,eAAsBA,EACpBC,EAC6B,CAC7B,KAAM,CAAE,SAAAC,EAAU,UAAAC,EAAW,YAAAC,EAAa,UAAAC,EAAY,KAAUJ,EAG1DK,EAA8B,CAAA,EAEpC,GAAI,CAEF,MAAMC,EAAOC,EAAAA,aAAA,EACbF,EAAc,KAAKC,CAAI,EAGvB,KAAM,CAAE,OAAAE,EAAQ,OAAAC,GAAWC,EAAAA,YAAYJ,CAAI,EAC3CD,EAAc,KAAKG,EAAQC,CAAM,EAGjC,MAAME,EAAOC,EAAAA,mBAAA,EACPC,EAAM,MAAMC,EAAAA,qBAAqBb,EAAUU,EAAMI,EAAAA,kBAAkB,EACzEV,EAAc,KAAKQ,CAAG,EAGtB,MAAMG,EAAa,MAAMC,EAAAA,sBAAsBT,EAAQU,EAAAA,gBAAgBL,CAAG,CAAC,EAGrEM,EAAYC,EAAAA,qBAAqBd,CAAI,EACrCe,EAAeC,EAAAA,kBAAkBH,CAAS,EAI1CI,EAA+B,CACnC,aAAAF,EACA,iBAAkB,WAClB,iBAAkBL,EAAW,WAC7B,YAAaA,EAAW,MACxB,OAAQQ,EAAAA,mBAAmBf,CAAM,EACjC,cAAee,EAAAA,mBAAmBb,CAAI,EACtC,gBAAiBI,EAAAA,kBAAA,EAWnB,aANkB,IAAIU,YAAU,CAC9B,QAASvB,EACT,UAAAE,EACA,eAAgBD,EAAc,IAAMA,EAAc,MAAA,CACnD,EAEe,KAAK,iBAAkBoB,CAAO,EAEvC,CACL,QAAS,GACT,aAAAF,CAAA,CAEJ,OAASK,EAAK,CAGZ,MAAO,CACL,QAAS,GACT,MAJmBA,aAAe,MAAQA,EAAI,QAAU,0BAIjD,CAEX,QAAA,CAEEC,EAAAA,QAAQ,GAAGtB,CAAa,CAC1B,CACF"}
1
+ {"version":3,"file":"silentWalletEnroll-Dl_oFapH.cjs","sources":["../src/utils/silentWalletEnroll.ts"],"sourcesContent":["/**\n * Silent wallet enrollment utility\n *\n * Performs wallet enrollment in the background without UI interaction.\n * Used for auto-enrolling wallets during registration.\n *\n * Security: Uses the same Shamir Secret Sharing scheme as manual enrollment.\n * The recovery phrase is not shown - user can retrieve it later if needed.\n */\n\nimport {\n generateSeed,\n generateArgon2Salt,\n splitSecret,\n argon2DeriveInWorker,\n aesGcmEncryptToBase64,\n uint8ArrayToBase64,\n getPublicKeyFromSeed,\n publicKeyToBase58,\n wipeAll,\n toEncryptionKey,\n DEFAULT_KDF_PARAMS,\n} from '../crypto';\nimport { ApiClient } from './apiClient';\nimport type { WalletEnrollRequest } from '../types/wallet';\n\nexport interface SilentEnrollOptions {\n /** User's password for Share A encryption */\n password: string;\n /** Server base URL */\n serverUrl: string;\n /** Access token for authentication (optional if using cookies) */\n accessToken?: string;\n /** Request timeout in ms */\n timeoutMs?: number;\n}\n\nexport interface SilentEnrollResult {\n success: boolean;\n solanaPubkey?: string;\n error?: string;\n}\n\n/**\n * Silently enroll a wallet for a user\n *\n * This function performs the complete wallet enrollment process:\n * 1. Generate 32-byte seed\n * 2. Split into 3 Shamir shares (threshold 2)\n * 3. Encrypt Share A with password-derived key (Argon2id)\n * 4. Derive Solana public key from seed\n * 5. Upload encrypted Share A + plaintext Share B to server\n *\n * The recovery phrase (Share C) is not returned - user can recover it\n * later through the wallet recovery flow if needed.\n *\n * @param options - Enrollment options\n * @returns Result with success status and Solana public key\n */\nexport async function silentWalletEnroll(\n options: SilentEnrollOptions\n): Promise<SilentEnrollResult> {\n const { password, serverUrl, accessToken, timeoutMs = 30000 } = options;\n\n // Track sensitive data for cleanup\n const sensitiveData: Uint8Array[] = [];\n\n try {\n // Step 1: Generate seed\n const seed = generateSeed();\n sensitiveData.push(seed);\n\n // Step 2: Split into shares\n const { shareA, shareB } = splitSecret(seed);\n sensitiveData.push(shareA, shareB);\n\n // Step 3: Derive encryption key from password\n const salt = generateArgon2Salt();\n const key = await argon2DeriveInWorker(password, salt, DEFAULT_KDF_PARAMS);\n sensitiveData.push(key);\n\n // Step 4: Encrypt Share A\n const encryptedA = await aesGcmEncryptToBase64(shareA, toEncryptionKey(key));\n\n // Step 5: Derive Solana public key\n const publicKey = getPublicKeyFromSeed(seed);\n const solanaPubkey = publicKeyToBase58(publicKey);\n\n // Step 6: Build enrollment request\n // Only send encrypted shares — never send the raw seed to the server\n const request: WalletEnrollRequest = {\n solanaPubkey,\n shareAAuthMethod: 'password',\n shareACiphertext: encryptedA.ciphertext,\n shareANonce: encryptedA.nonce,\n shareB: uint8ArrayToBase64(shareB),\n shareAKdfSalt: uint8ArrayToBase64(salt),\n shareAKdfParams: DEFAULT_KDF_PARAMS,\n };\n\n // Step 7: Upload to server\n // If accessToken provided, use it; otherwise rely on cookies\n const apiClient = new ApiClient({\n baseUrl: serverUrl,\n timeoutMs,\n getAccessToken: accessToken ? () => accessToken : undefined,\n });\n\n await apiClient.post('/wallet/enroll', request);\n\n return {\n success: true,\n solanaPubkey,\n };\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Wallet enrollment failed';\n // Silent failure - don't break registration flow\n return {\n success: false,\n error: errorMessage,\n };\n } finally {\n // Always wipe sensitive data\n wipeAll(...sensitiveData);\n }\n}\n"],"names":["silentWalletEnroll","options","password","serverUrl","accessToken","timeoutMs","sensitiveData","seed","generateSeed","shareA","shareB","splitSecret","salt","generateArgon2Salt","key","argon2DeriveInWorker","DEFAULT_KDF_PARAMS","encryptedA","aesGcmEncryptToBase64","toEncryptionKey","publicKey","getPublicKeyFromSeed","solanaPubkey","publicKeyToBase58","request","uint8ArrayToBase64","ApiClient","err","wipeAll"],"mappings":"wMA2DA,eAAsBA,EACpBC,EAC6B,CAC7B,KAAM,CAAE,SAAAC,EAAU,UAAAC,EAAW,YAAAC,EAAa,UAAAC,EAAY,KAAUJ,EAG1DK,EAA8B,CAAA,EAEpC,GAAI,CAEF,MAAMC,EAAOC,EAAAA,aAAA,EACbF,EAAc,KAAKC,CAAI,EAGvB,KAAM,CAAE,OAAAE,EAAQ,OAAAC,GAAWC,EAAAA,YAAYJ,CAAI,EAC3CD,EAAc,KAAKG,EAAQC,CAAM,EAGjC,MAAME,EAAOC,EAAAA,mBAAA,EACPC,EAAM,MAAMC,EAAAA,qBAAqBb,EAAUU,EAAMI,EAAAA,kBAAkB,EACzEV,EAAc,KAAKQ,CAAG,EAGtB,MAAMG,EAAa,MAAMC,EAAAA,sBAAsBT,EAAQU,EAAAA,gBAAgBL,CAAG,CAAC,EAGrEM,EAAYC,EAAAA,qBAAqBd,CAAI,EACrCe,EAAeC,EAAAA,kBAAkBH,CAAS,EAI1CI,EAA+B,CACnC,aAAAF,EACA,iBAAkB,WAClB,iBAAkBL,EAAW,WAC7B,YAAaA,EAAW,MACxB,OAAQQ,EAAAA,mBAAmBf,CAAM,EACjC,cAAee,EAAAA,mBAAmBb,CAAI,EACtC,gBAAiBI,EAAAA,kBAAA,EAWnB,aANkB,IAAIU,YAAU,CAC9B,QAASvB,EACT,UAAAE,EACA,eAAgBD,EAAc,IAAMA,EAAc,MAAA,CACnD,EAEe,KAAK,iBAAkBoB,CAAO,EAEvC,CACL,QAAS,GACT,aAAAF,CAAA,CAEJ,OAASK,EAAK,CAGZ,MAAO,CACL,QAAS,GACT,MAJmBA,aAAe,MAAQA,EAAI,QAAU,0BAIjD,CAEX,QAAA,CAEEC,EAAAA,QAAQ,GAAGtB,CAAa,CAC1B,CACF"}
package/dist/solana-only.cjs CHANGED
@@ -1 +1 @@
1
- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("./useAuth-D3Pk_H3z.cjs"),r=require("./useCedrosLogin-C9MrcZvh.cjs"),o=require("./SolanaLoginButton-BjOxpE1C.cjs"),n=require("./LoadingSpinner-d6sSxgQN.cjs"),s=require("./ErrorMessage-CHbYbVi2.cjs");exports.CedrosLoginProvider=e.CedrosLoginProvider;exports.useAuth=e.useAuth;exports.useCedrosLogin=r.useCedrosLogin;exports.SolanaLoginButton=o.SolanaLoginButton;exports.useSolanaAuth=o.useSolanaAuth;exports.LoadingSpinner=n.LoadingSpinner;exports.ErrorMessage=s.ErrorMessage;
1
+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const r=require("./useAuth-dS_6wAMp.cjs"),o=require("./useCedrosLogin-C9MrcZvh.cjs"),e=require("./mobileWalletAdapter-Dp4yFxCm.cjs"),n=require("./LoadingSpinner-d6sSxgQN.cjs"),i=require("./ErrorMessage-CHbYbVi2.cjs");exports.CedrosLoginProvider=r.CedrosLoginProvider;exports.useAuth=r.useAuth;exports.useCedrosLogin=o.useCedrosLogin;exports.SolanaLoginButton=e.SolanaLoginButton;exports.registerMobileWallet=e.registerMobileWallet;exports.useSolanaAuth=e.useSolanaAuth;exports.LoadingSpinner=n.LoadingSpinner;exports.ErrorMessage=i.ErrorMessage;
package/dist/solana-only.d.ts CHANGED
@@ -98,16 +98,44 @@ export declare interface AuthUser {
98
98
  }
99
99
 
100
100
  /**
101
- * Full configuration for CedrosLoginProvider
101
+ * Full configuration for the authentication system.
102
+ *
103
+ * **Note:** When passing config to `<CedrosLoginProvider>`, use
104
+ * {@link CedrosLoginProviderConfig} instead — it extends this type
105
+ * with `features: 'auto'` support. This base type is used internally
106
+ * after the provider resolves auto-discovery.
107
+ *
108
+ * ```
109
+ * CedrosLoginProviderConfig (public prop type — accepts features: 'auto')
110
+ * └── CedrosLoginConfig (internal type — features is always FeatureFlags)
111
+ * ```
102
112
  */
103
113
  export declare interface CedrosLoginConfig {
104
114
  /** Auth server base URL */
105
115
  serverUrl: string;
106
116
  /** App name for Solana message: "Login to {appName}". Default: window.location.hostname */
107
117
  appName?: string;
108
- /** Google OAuth client ID. Required if Google auth enabled */
118
+ /**
119
+ * Google OAuth client ID. Required if Google auth enabled.
120
+ *
121
+ * **CSP requirements** (when using Google One Tap / credential popup):
122
+ * ```
123
+ * script-src https://accounts.google.com;
124
+ * connect-src https://accounts.google.com;
125
+ * frame-src https://accounts.google.com;
126
+ * ```
127
+ */
109
128
  googleClientId?: string;
110
- /** Apple Sign In client ID (Services ID). Required if Apple auth enabled */
129
+ /**
130
+ * Apple Sign In client ID (Services ID). Required if Apple auth enabled.
131
+ *
132
+ * **CSP requirements** (when using Apple Sign In popup):
133
+ * ```
134
+ * script-src https://appleid.cdn-apple.com;
135
+ * connect-src https://appleid.apple.com;
136
+ * frame-src https://appleid.apple.com;
137
+ * ```
138
+ */
111
139
  appleClientId?: string;
112
140
  /** Solana configuration options */
113
141
  solana?: SolanaConfig;
@@ -160,9 +188,31 @@ declare interface CedrosLoginInternalAPI {
160
188
  export declare function CedrosLoginProvider({ config, children }: CedrosLoginProviderProps): JSX.Element | null;
161
189
 
162
190
  /**
163
- * Config accepted by CedrosLoginProvider.
164
- * Same as CedrosLoginConfig but `features` also accepts `'auto'`
165
- * to fetch enabled methods from the server at startup.
191
+ * Config prop type for `<CedrosLoginProvider>`.
192
+ *
193
+ * Extends {@link CedrosLoginConfig} with one additional feature:
194
+ * the `features` field also accepts `'auto'` to fetch enabled
195
+ * auth methods from the server at startup.
196
+ *
197
+ * **`features: 'auto'` discovery contract:**
198
+ * - Calls `GET {serverUrl}/features` (no auth required, credentials omitted).
199
+ * - Response shape: `{ email, google, apple, solana, webauthn, instantLink }` (all booleans).
200
+ * - Timeout: `requestTimeout` or 5 000 ms. 1 retry on failure.
201
+ * - Fallback: all methods enabled (so the login page is never blank).
202
+ * - Children are not rendered until discovery completes.
203
+ * - `walletEnrollment` flag is client-only and is not part of the server response.
204
+ *
205
+ * When `features` is omitted or set to a `FeatureFlags` object, no server
206
+ * call is made and the flags are used as-is.
207
+ *
208
+ * @example
209
+ * ```tsx
210
+ * // Auto-discover enabled methods from the server:
211
+ * <CedrosLoginProvider config={{ serverUrl: '...', features: 'auto' }}>
212
+ *
213
+ * // Or specify explicitly:
214
+ * <CedrosLoginProvider config={{ serverUrl: '...', features: { email: true, google: true } }}>
215
+ * ```
166
216
  */
167
217
  declare type CedrosLoginProviderConfig = Omit<CedrosLoginConfig, 'features'> & {
168
218
  features?: FeatureFlags | 'auto';
@@ -292,6 +342,62 @@ declare interface LoadingSpinnerProps {
292
342
  announce?: boolean;
293
343
  }
294
344
 
345
+ /**
346
+ * Mobile Wallet Adapter (MWA) registration for web.
347
+ *
348
+ * On Android Chrome, MWA lets users authenticate with their installed Solana
349
+ * wallet app (e.g., Phantom, Solflare) via Android Intents — no browser
350
+ * extension needed.
351
+ *
352
+ * Once registered, MWA appears as a wallet option in the wallet adapter's
353
+ * wallet list (alongside browser extension wallets). Users see it as
354
+ * "Use Installed Wallet" in the wallet selector.
355
+ *
356
+ * Requires the optional peer dependency: @solana-mobile/wallet-standard-mobile
357
+ *
358
+ * @see https://docs.solanamobile.com/get-started/web/installation
359
+ */
360
+ export declare interface MobileWalletConfig {
361
+ /** App name shown in the wallet's authorization dialog */
362
+ name?: string;
363
+ /** App URI for identity verification */
364
+ uri?: string;
365
+ /** App icon path/URL shown in the wallet dialog */
366
+ icon?: string;
367
+ /** Solana cluster(s) to support. Default: ['solana:mainnet'] */
368
+ chains?: string[];
369
+ }
370
+
371
+ /**
372
+ * Register Mobile Wallet Adapter as a wallet-standard wallet.
373
+ *
374
+ * Call this once at your application root (before rendering). After registration,
375
+ * MWA automatically appears as "Use Installed Wallet" for users browsing on
376
+ * Android Chrome with a Solana wallet app installed.
377
+ *
378
+ * Must be called in a non-SSR context (browser only). For Next.js, call in a
379
+ * Client Component with `'use client'`.
380
+ *
381
+ * @example
382
+ * ```tsx
383
+ * import { registerMobileWallet, CedrosLoginProvider } from '@cedros/login-react';
384
+ *
385
+ * // Register before provider mounts
386
+ * registerMobileWallet({ name: 'My App', uri: 'https://myapp.com' });
387
+ *
388
+ * function App() {
389
+ * return (
390
+ * <CedrosLoginProvider config={{ serverUrl: '...' }}>
391
+ * <LoginForm />
392
+ * </CedrosLoginProvider>
393
+ * );
394
+ * }
395
+ * ```
396
+ *
397
+ * @returns true if registration succeeded, false if package not installed or SSR
398
+ */
399
+ export declare function registerMobileWallet(config?: MobileWalletConfig): boolean;
400
+
295
401
  /**
296
402
  * Session handling configuration
297
403
  *
package/dist/solana-only.js CHANGED
@@ -1,6 +1,6 @@
1
- import { C as e, u as s } from "./useAuth-C3dpk0po.js";
2
- import { u as n } from "./useCedrosLogin-_94MmGGq.js";
3
- import { S as u, u as i } from "./SolanaLoginButton-P22QjBaO.js";
1
+ import { C as e, u as s } from "./useAuth-D1NSN6yY.js";
2
+ import { u as t } from "./useCedrosLogin-_94MmGGq.js";
3
+ import { S as u, r as i, u as g } from "./mobileWalletAdapter-coZRD4Yx.js";
4
4
  import { L as f } from "./LoadingSpinner-6vml-zwr.js";
5
5
  import { E as m } from "./ErrorMessage-CcEK0pYO.js";
6
6
  export {
@@ -8,7 +8,8 @@ export {
8
8
  m as ErrorMessage,
9
9
  f as LoadingSpinner,
10
10
  u as SolanaLoginButton,
11
+ i as registerMobileWallet,
11
12
  s as useAuth,
12
- n as useCedrosLogin,
13
- i as useSolanaAuth
13
+ t as useCedrosLogin,
14
+ g as useSolanaAuth
14
15
  };