@charterlabs/rhinestone-sdk 0.3.9 → 0.4.1

package/dist/src/index.d.ts

@@ -1,4 +1,4 @@
-import type { Address, Chain, HashTypedDataParameters, Hex, SignableMessage, SignedAuthorizationList, TypedData, TypedDataDefinition, Account } from 'viem';
+import type { Account, Address, Chain, HashTypedDataParameters, Hex, SignableMessage, SignedAuthorizationList, TypedData, TypedDataDefinition } from 'viem';
 import type { UserOperationReceipt } from 'viem/account-abstraction';
 import { deployStandaloneWithEoa as deployStandaloneWithEoaInternal } from './accounts';
 import { walletClientToAccount, wrapParaAccount } from './accounts/walletClient';
@@ -9,7 +9,7 @@ import { type IntentRoute, type PreparedTransactionData, type PreparedUserOperat
 import { MULTI_FACTOR_VALIDATOR_ADDRESS, OWNABLE_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS } from './modules';
 import { type SessionDetails } from './modules/validators/smart-sessions';
 import { type ApprovalRequired, type AuxiliaryFunds, getAllSupportedChainsAndTokens, getSupportedTokens, getTokenAddress, getTokenDecimals, type IntentInput, type IntentOp, type IntentOpStatus, type Portfolio, type SettlementLayer, type SignedIntentOp, type SplitIntentsInput, type SplitIntentsResult, type TokenRequirements, type WrapRequired } from './orchestrator';
-import type { AccountProviderConfig, AccountType, BundlerConfig, Call, CallInput, MultiFactorValidatorConfig, OwnableValidatorConfig, OwnerSet, PaymasterConfig, Policy, ProviderConfig, Recovery, RhinestoneAccountConfig, RhinestoneConfig, RhinestoneSDKConfig, Session, SignerSet, TokenRequest, TokenSymbol, Transaction, UniversalActionPolicyParamCondition, UserOperationTransaction, WebauthnValidatorConfig } from './types';
+import type { AccountProviderConfig, AccountType, BundlerConfig, Call, CallInput, ChainSessionConfig, MultiFactorValidatorConfig, OwnableValidatorConfig, OwnerSet, PaymasterConfig, Permit2ClaimPolicy, Policy, ProviderConfig, Recovery, RhinestoneAccountConfig, RhinestoneConfig, RhinestoneSDKConfig, Session, SignerSet, TokenRequest, TokenSymbol, Transaction, UniversalActionPolicyParamCondition, UserOperationTransaction, WebauthnValidatorConfig } from './types';
 interface RhinestoneAccount {
     config: RhinestoneAccountConfig;
     deploy: (chain: Chain, params?: {
@@ -62,7 +62,7 @@ interface RhinestoneAccount {
  */
 declare function createRhinestoneAccount(config: RhinestoneConfig): Promise<RhinestoneAccount>;
 declare class RhinestoneSDK {
-    private apiKey;
+    private authProvider;
     private endpointUrl?;
     private provider?;
     private bundler?;
@@ -77,7 +77,7 @@ declare class RhinestoneSDK {
     splitIntents(input: SplitIntentsInput): Promise<SplitIntentsResult>;
 }
 export { RhinestoneSDK, createRhinestoneAccount, deployAccountsForOwners, walletClientToAccount, wrapParaAccount, OWNABLE_VALIDATOR_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS, MULTI_FACTOR_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, getSupportedTokens, getTokenAddress, getTokenDecimals, getAllSupportedChainsAndTokens, deployStandaloneWithEoaInternal as deployStandaloneWithEoa, checkERC20AllowanceDirect, getPermit2Address, signPermit2Batch, signPermit2Sequential, };
-export type { RhinestoneAccount, AccountType, RhinestoneAccountConfig, AccountProviderConfig, ProviderConfig, BundlerConfig, PaymasterConfig, Transaction, TokenSymbol, CallInput, Call, TokenRequest, OwnerSet, OwnableValidatorConfig, WebauthnValidatorConfig, MultiFactorValidatorConfig, SignerSet, Session, Recovery, Policy, UniversalActionPolicyParamCondition, PreparedTransactionData, SignedTransactionData, TransactionResult, PreparedUserOperationData, SignedUserOperationData, UserOperationResult, AuxiliaryFunds, IntentInput, IntentOp, IntentOpStatus, IntentRoute, SettlementLayer, SignedIntentOp, SplitIntentsInput, SplitIntentsResult, Portfolio, TokenRequirements, WrapRequired, ApprovalRequired, MultiChainPermit2Config, MultiChainPermit2Result, BatchPermit2Result, };
-export { generateCredentialId, getCredentialIds, hasCredentialById, hasCredential, addCredential, removeCredential, setThreshold, getCredentialInfo, getThreshold, getCredentials, WEBAUTHN_VALIDATOR_ABI, } from './modules/validators/webauthn-contract';
+export type { RhinestoneAccount, AccountType, RhinestoneAccountConfig, AccountProviderConfig, ProviderConfig, BundlerConfig, PaymasterConfig, Transaction, TokenSymbol, CallInput, Call, TokenRequest, OwnerSet, OwnableValidatorConfig, WebauthnValidatorConfig, MultiFactorValidatorConfig, SignerSet, ChainSessionConfig, Session, Recovery, Policy, Permit2ClaimPolicy, UniversalActionPolicyParamCondition, PreparedTransactionData, SignedTransactionData, TransactionResult, PreparedUserOperationData, SignedUserOperationData, UserOperationResult, AuxiliaryFunds, IntentInput, IntentOp, IntentOpStatus, IntentRoute, SettlementLayer, SignedIntentOp, SplitIntentsInput, SplitIntentsResult, Portfolio, TokenRequirements, WrapRequired, ApprovalRequired, MultiChainPermit2Config, MultiChainPermit2Result, BatchPermit2Result, };
+export { addCredential, generateCredentialId, getCredentialIds, getCredentialInfo, getCredentials, getThreshold, hasCredential, hasCredentialById, removeCredential, setThreshold, WEBAUTHN_VALIDATOR_ABI, } from './modules/validators/webauthn-contract';
 export { getOrchestrator } from './orchestrator';
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,OAAO,EACP,KAAK,EACL,uBAAuB,EACvB,GAAG,EACH,eAAe,EACf,uBAAuB,EACvB,SAAS,EACT,mBAAmB,EACnB,OAAO,EACR,MAAM,MAAM,CAAA;AACb,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAA;AACpE,OAAO,EAWL,uBAAuB,IAAI,+BAA+B,EAC3D,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAChF,OAAO,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAA;AAC9D,OAAO,EAML,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EAEzB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,KAAK,kBAAkB,EACvB,yBAAyB,EAEzB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,EAC5B,gBAAgB,EAChB,qBAAqB,EACtB,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAG9B,KAAK,qBAAqB,EAC1B,KAAK,uBAAuB,EAQ7B,MAAM,mBAAmB,CAAA;AAC1B,OAAO,EAKL,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAE9B,0BAA0B,EAC3B,MAAM,WAAW,CAAA;AAClB,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,qCAAqC,CAAA;AAC5C,OAAO,EACL,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,8BAA8B,EAC9B,kBAAkB,EAClB,eAAe,EACf,gBAAgB,EAChB,KAAK,WAAW,EAChB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,SAAS,EACd,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EAClB,MAAM,gBAAgB,CAAA;AACvB,OAAO,KAAK,EACV,qBAAqB,EACrB,WAAW,EACX,aAAa,EACb,IAAI,EACJ,SAAS,EACT,0BAA0B,EAC1B,sBAAsB,EACtB,QAAQ,EACR,eAAe,EACf,MAAM,EACN,cAAc,EACd,QAAQ,EACR,uBAAuB,EACvB,gBAAgB,EAChB,mBAAmB,EACnB,OAAO,EACP,SAAS,EACT,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mCAAmC,EACnC,wBAAwB,EACxB,uBAAuB,EACxB,MAAM,SAAS,CAAA;AAEhB,UAAU,iBAAiB;IACzB,MAAM,EAAE,uBAAuB,CAAA;IAC/B,MAAM,EAAE,CACN,KAAK,EAAE,KAAK,EACZ,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,SAAS,CAAC,EAAE,OAAO,CAAA;KAAE,KAChD,OAAO,CAAC,OAAO,CAAC,CAAA;IACrB,UAAU,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IAC9C,KAAK,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IACzC,uBAAuB,EAAE,CACvB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,uBAAuB,EAC/B,QAAQ,EAAE,OAAO,KACd,OAAO,CAAC,IAAI,CAAC,CAAA;IAClB,WAAW,IAAI;QACb,OAAO,EAAE,OAAO,CAAA;QAChB,WAAW,EAAE,GAAG,CAAA;KACjB,CAAA;IACD,mBAAmB,EAAE,MAAM,OAAO,CAAC,GAAG,CAAC,CAAA;IACvC,kBAAkB,EAAE,CAClB,WAAW,EAAE,WAAW,KACrB,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,sBAAsB,EAAE,CAAC,mBAAmB,EAAE,uBAAuB,KAAK;QACxE,MAAM,EAAE,mBAAmB,EAAE,CAAA;QAC7B,WAAW,EAAE,mBAAmB,CAAA;KACjC,CAAA;IACD,eAAe,EAAE,CACf,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,qBAAqB,CAAC,CAAA;IACnC,kBAAkB,EAAE,CAClB,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,WAAW,EAAE,CACX,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,SAAS,GAAG,SAAS,KAC3B,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,aAAa,EAAE,CACb,SAAS,SAAS,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,EACjE,WAAW,SAAS,MAAM,SAAS,GAAG,cAAc,GAAG,MAAM,SAAS,EAEtE,UAAU,EAAE,uBAAuB,CAAC,SAAS,EAAE,WAAW,CAAC,EAC3D,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,SAAS,GAAG,SAAS,KAC3B,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,iBAAiB,EAAE,CACjB,iBAAiB,EAAE,qBAAqB,EACxC,cAAc,CAAC,EAAE,uBAAuB,EACxC,MAAM,CAAC,EAAE,OAAO,KACb,OAAO,CAAC,iBAAiB,CAAC,CAAA;IAC/B,eAAe,EAAE,CAAC,WAAW,EAAE,WAAW,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAA;IACzE,oBAAoB,EAAE,CACpB,WAAW,EAAE,wBAAwB,KAClC,OAAO,CAAC,yBAAyB,CAAC,CAAA;IACvC,iBAAiB,EAAE,CACjB,qBAAqB,EAAE,yBAAyB,KAC7C,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,mBAAmB,EAAE,CACnB,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,mBAAmB,CAAC,CAAA;IACjC,iBAAiB,EAAE,CACjB,WAAW,EAAE,wBAAwB,KAClC,OAAO,CAAC,mBAAmB,CAAC,CAAA;IACjC,gBAAgB,CACd,MAAM,EAAE,iBAAiB,EACzB,uBAAuB,CAAC,EAAE,OAAO,GAChC,OAAO,CAAC,iBAAiB,CAAC,CAAA;IAC7B,gBAAgB,CACd,MAAM,EAAE,mBAAmB,EAC3B,uBAAuB,CAAC,EAAE,OAAO,GAChC,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAChC,UAAU,EAAE,MAAM,OAAO,CAAA;IACzB,YAAY,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,SAAS,CAAC,CAAA;IAC1D,8BAA8B,EAAE,CAC9B,QAAQ,EAAE,OAAO,EAAE,KAChB,OAAO,CAAC,cAAc,CAAC,CAAA;IAC5B,6BAA6B,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IACrE,8BAA8B,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;IACzE,SAAS,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC;QACnC,QAAQ,EAAE,OAAO,EAAE,CAAA;QACnB,SAAS,EAAE,MAAM,CAAA;KAClB,GAAG,IAAI,CAAC,CAAA;IACT,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IACnD,YAAY,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IAClD,mBAAmB,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;CAC9E;AAED;;;;;GAKG;AACH,iBAAe,uBAAuB,CACpC,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,iBAAiB,CAAC,CAoW5B;AAED,cAAM,aAAa;IACjB,OAAO,CAAC,MAAM,CAAQ;IACtB,OAAO,CAAC,WAAW,CAAC,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,CAAgB;IACjC,OAAO,CAAC,OAAO,CAAC,CAAe;IAC/B,OAAO,CAAC,SAAS,CAAC,CAAiB;IACnC,OAAO,CAAC,eAAe,CAAC,CAAS;IACjC,OAAO,CAAC,OAAO,CAAC,CAAwB;gBAE5B,OAAO,EAAE,mBAAmB;IAUxC,aAAa,CAAC,MAAM,EAAE,uBAAuB;IAc7C,eAAe,CAAC,QAAQ,EAAE,MAAM;;;IAShC,YAAY,CAAC,KAAK,EAAE,iBAAiB;CAQtC;AAED,OAAO,EACL,aAAa,EACb,uBAAuB,EACvB,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EAEf,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAE9B,kBAAkB,EAClB,eAAe,EACf,gBAAgB,EAChB,8BAA8B,EAE9B,+BAA+B,IAAI,uBAAuB,EAE1D,yBAAyB,EACzB,iBAAiB,EAEjB,gBAAgB,EAChB,qBAAqB,GACtB,CAAA;AACD,YAAY,EACV,iBAAiB,EACjB,WAAW,EACX,uBAAuB,EACvB,qBAAqB,EACrB,cAAc,EACd,aAAa,EACb,eAAe,EACf,WAAW,EACX,WAAW,EACX,SAAS,EACT,IAAI,EACJ,YAAY,EACZ,QAAQ,EACR,sBAAsB,EACtB,uBAAuB,EACvB,0BAA0B,EAC1B,SAAS,EACT,OAAO,EACP,QAAQ,EACR,MAAM,EACN,mCAAmC,EACnC,uBAAuB,EACvB,qBAAqB,EACrB,iBAAiB,EACjB,yBAAyB,EACzB,uBAAuB,EACvB,mBAAmB,EACnB,cAAc,EACd,WAAW,EACX,QAAQ,EACR,cAAc,EACd,WAAW,EACX,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,EAEhB,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,GACnB,CAAA;AAGD,OAAO,EACL,oBAAoB,EACpB,gBAAgB,EAChB,iBAAiB,EACjB,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,sBAAsB,GACvB,MAAM,wCAAwC,CAAA;AAG/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,OAAO,EACP,OAAO,EACP,KAAK,EACL,uBAAuB,EACvB,GAAG,EACH,eAAe,EACf,uBAAuB,EACvB,SAAS,EACT,mBAAmB,EACpB,MAAM,MAAM,CAAA;AACb,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAA;AACpE,OAAO,EAGL,uBAAuB,IAAI,+BAA+B,EAS3D,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAChF,OAAO,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAA;AAE9D,OAAO,EAML,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EAEzB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,KAAK,kBAAkB,EACvB,yBAAyB,EAEzB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,EAC5B,gBAAgB,EAChB,qBAAqB,EACtB,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAG9B,KAAK,qBAAqB,EAC1B,KAAK,uBAAuB,EAQ7B,MAAM,mBAAmB,CAAA;AAC1B,OAAO,EAKL,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAE9B,0BAA0B,EAC3B,MAAM,WAAW,CAAA;AAClB,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,qCAAqC,CAAA;AAC5C,OAAO,EACL,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,8BAA8B,EAC9B,kBAAkB,EAClB,eAAe,EACf,gBAAgB,EAChB,KAAK,WAAW,EAChB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,SAAS,EACd,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EAClB,MAAM,gBAAgB,CAAA;AACvB,OAAO,KAAK,EACV,qBAAqB,EACrB,WAAW,EACX,aAAa,EACb,IAAI,EACJ,SAAS,EACT,kBAAkB,EAClB,0BAA0B,EAC1B,sBAAsB,EACtB,QAAQ,EACR,eAAe,EACf,kBAAkB,EAClB,MAAM,EACN,cAAc,EACd,QAAQ,EACR,uBAAuB,EACvB,gBAAgB,EAChB,mBAAmB,EACnB,OAAO,EACP,SAAS,EACT,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mCAAmC,EACnC,wBAAwB,EACxB,uBAAuB,EACxB,MAAM,SAAS,CAAA;AAEhB,UAAU,iBAAiB;IACzB,MAAM,EAAE,uBAAuB,CAAA;IAC/B,MAAM,EAAE,CACN,KAAK,EAAE,KAAK,EACZ,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,SAAS,CAAC,EAAE,OAAO,CAAA;KAAE,KAChD,OAAO,CAAC,OAAO,CAAC,CAAA;IACrB,UAAU,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IAC9C,KAAK,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IACzC,uBAAuB,EAAE,CACvB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,uBAAuB,EAC/B,QAAQ,EAAE,OAAO,KACd,OAAO,CAAC,IAAI,CAAC,CAAA;IAClB,WAAW,IAAI;QACb,OAAO,EAAE,OAAO,CAAA;QAChB,WAAW,EAAE,GAAG,CAAA;KACjB,CAAA;IACD,mBAAmB,EAAE,MAAM,OAAO,CAAC,GAAG,CAAC,CAAA;IACvC,kBAAkB,EAAE,CAClB,WAAW,EAAE,WAAW,KACrB,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,sBAAsB,EAAE,CAAC,mBAAmB,EAAE,uBAAuB,KAAK;QACxE,MAAM,EAAE,mBAAmB,EAAE,CAAA;QAC7B,WAAW,EAAE,mBAAmB,CAAA;KACjC,CAAA;IACD,eAAe,EAAE,CACf,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,qBAAqB,CAAC,CAAA;IACnC,kBAAkB,EAAE,CAClB,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,WAAW,EAAE,CACX,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,SAAS,GAAG,SAAS,KAC3B,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,aAAa,EAAE,CACb,SAAS,SAAS,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,EACjE,WAAW,SAAS,MAAM,SAAS,GAAG,cAAc,GAAG,MAAM,SAAS,EAEtE,UAAU,EAAE,uBAAuB,CAAC,SAAS,EAAE,WAAW,CAAC,EAC3D,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,SAAS,GAAG,SAAS,KAC3B,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,iBAAiB,EAAE,CACjB,iBAAiB,EAAE,qBAAqB,EACxC,cAAc,CAAC,EAAE,uBAAuB,EACxC,MAAM,CAAC,EAAE,OAAO,KACb,OAAO,CAAC,iBAAiB,CAAC,CAAA;IAC/B,eAAe,EAAE,CAAC,WAAW,EAAE,WAAW,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAA;IACzE,oBAAoB,EAAE,CACpB,WAAW,EAAE,wBAAwB,KAClC,OAAO,CAAC,yBAAyB,CAAC,CAAA;IACvC,iBAAiB,EAAE,CACjB,qBAAqB,EAAE,yBAAyB,KAC7C,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACrC,mBAAmB,EAAE,CACnB,mBAAmB,EAAE,uBAAuB,KACzC,OAAO,CAAC,mBAAmB,CAAC,CAAA;IACjC,iBAAiB,EAAE,CACjB,WAAW,EAAE,wBAAwB,KAClC,OAAO,CAAC,mBAAmB,CAAC,CAAA;IACjC,gBAAgB,CACd,MAAM,EAAE,iBAAiB,EACzB,uBAAuB,CAAC,EAAE,OAAO,GAChC,OAAO,CAAC,iBAAiB,CAAC,CAAA;IAC7B,gBAAgB,CACd,MAAM,EAAE,mBAAmB,EAC3B,uBAAuB,CAAC,EAAE,OAAO,GAChC,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAChC,UAAU,EAAE,MAAM,OAAO,CAAA;IACzB,YAAY,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,SAAS,CAAC,CAAA;IAC1D,8BAA8B,EAAE,CAC9B,QAAQ,EAAE,OAAO,EAAE,KAChB,OAAO,CAAC,cAAc,CAAC,CAAA;IAC5B,6BAA6B,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;IACrE,8BAA8B,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;IACzE,SAAS,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC;QACnC,QAAQ,EAAE,OAAO,EAAE,CAAA;QACnB,SAAS,EAAE,MAAM,CAAA;KAClB,GAAG,IAAI,CAAC,CAAA;IACT,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IACnD,YAAY,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IAClD,mBAAmB,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;CAC9E;AAED;;;;;GAKG;AACH,iBAAe,uBAAuB,CACpC,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,iBAAiB,CAAC,CAoW5B;AAED,cAAM,aAAa;IACjB,OAAO,CAAC,YAAY,CAAc;IAClC,OAAO,CAAC,WAAW,CAAC,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,CAAgB;IACjC,OAAO,CAAC,OAAO,CAAC,CAAe;IAC/B,OAAO,CAAC,SAAS,CAAC,CAAiB;IACnC,OAAO,CAAC,eAAe,CAAC,CAAS;IACjC,OAAO,CAAC,OAAO,CAAC,CAAwB;gBAE5B,OAAO,EAAE,mBAAmB;IAUxC,aAAa,CAAC,MAAM,EAAE,uBAAuB;IAc7C,eAAe,CAAC,QAAQ,EAAE,MAAM;;;IAShC,YAAY,CAAC,KAAK,EAAE,iBAAiB;CAQtC;AAED,OAAO,EACL,aAAa,EACb,uBAAuB,EACvB,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EAEf,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAE9B,kBAAkB,EAClB,eAAe,EACf,gBAAgB,EAChB,8BAA8B,EAE9B,+BAA+B,IAAI,uBAAuB,EAE1D,yBAAyB,EACzB,iBAAiB,EAEjB,gBAAgB,EAChB,qBAAqB,GACtB,CAAA;AACD,YAAY,EACV,iBAAiB,EACjB,WAAW,EACX,uBAAuB,EACvB,qBAAqB,EACrB,cAAc,EACd,aAAa,EACb,eAAe,EACf,WAAW,EACX,WAAW,EACX,SAAS,EACT,IAAI,EACJ,YAAY,EACZ,QAAQ,EACR,sBAAsB,EACtB,uBAAuB,EACvB,0BAA0B,EAC1B,SAAS,EACT,kBAAkB,EAClB,OAAO,EACP,QAAQ,EACR,MAAM,EACN,kBAAkB,EAClB,mCAAmC,EACnC,uBAAuB,EACvB,qBAAqB,EACrB,iBAAiB,EACjB,yBAAyB,EACzB,uBAAuB,EACvB,mBAAmB,EACnB,cAAc,EACd,WAAW,EACX,QAAQ,EACR,cAAc,EACd,WAAW,EACX,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,EAEhB,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,GACnB,CAAA;AAID,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,gBAAgB,EAChB,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,gBAAgB,EAChB,YAAY,EACZ,sBAAsB,GACvB,MAAM,wCAAwC,CAAA;AAG/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA"}

package/dist/src/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getOrchestrator = exports.WEBAUTHN_VALIDATOR_ABI = exports.getCredentials = exports.getThreshold = exports.getCredentialInfo = exports.setThreshold = exports.removeCredential = exports.addCredential = exports.hasCredential = exports.hasCredentialById = exports.getCredentialIds = exports.generateCredentialId = exports.signPermit2Sequential = exports.signPermit2Batch = exports.getPermit2Address = exports.checkERC20AllowanceDirect = exports.deployStandaloneWithEoa = exports.getAllSupportedChainsAndTokens = exports.getTokenDecimals = exports.getTokenAddress = exports.getSupportedTokens = exports.SMART_SESSION_EMISSARY_ADDRESS = exports.MULTI_FACTOR_VALIDATOR_ADDRESS = exports.WEBAUTHN_VALIDATOR_ADDRESS = exports.OWNABLE_VALIDATOR_ADDRESS = exports.wrapParaAccount = exports.walletClientToAccount = exports.deployAccountsForOwners = exports.RhinestoneSDK = void 0;
+exports.getOrchestrator = exports.WEBAUTHN_VALIDATOR_ABI = exports.setThreshold = exports.removeCredential = exports.hasCredentialById = exports.hasCredential = exports.getThreshold = exports.getCredentials = exports.getCredentialInfo = exports.getCredentialIds = exports.generateCredentialId = exports.addCredential = exports.signPermit2Sequential = exports.signPermit2Batch = exports.getPermit2Address = exports.checkERC20AllowanceDirect = exports.deployStandaloneWithEoa = exports.getAllSupportedChainsAndTokens = exports.getTokenDecimals = exports.getTokenAddress = exports.getSupportedTokens = exports.SMART_SESSION_EMISSARY_ADDRESS = exports.MULTI_FACTOR_VALIDATOR_ADDRESS = exports.WEBAUTHN_VALIDATOR_ADDRESS = exports.OWNABLE_VALIDATOR_ADDRESS = exports.wrapParaAccount = exports.walletClientToAccount = exports.deployAccountsForOwners = exports.RhinestoneSDK = void 0;
 exports.createRhinestoneAccount = createRhinestoneAccount;
 const accounts_1 = require("./accounts");
 Object.defineProperty(exports, "deployStandaloneWithEoa", { enumerable: true, get: function () { return accounts_1.deployStandaloneWithEoa; } });
@@ -9,6 +9,7 @@ Object.defineProperty(exports, "walletClientToAccount", { enumerable: true, get:
 Object.defineProperty(exports, "wrapParaAccount", { enumerable: true, get: function () { return walletClient_1.wrapParaAccount; } });
 const deployment_1 = require("./actions/deployment");
 Object.defineProperty(exports, "deployAccountsForOwners", { enumerable: true, get: function () { return deployment_1.deployAccountsForOwners; } });
+const provider_1 = require("./auth/provider");
 const execution_1 = require("./execution");
 const permit2_1 = require("./execution/permit2");
 Object.defineProperty(exports, "checkERC20AllowanceDirect", { enumerable: true, get: function () { return permit2_1.checkERC20AllowanceDirect; } });
@@ -298,7 +299,7 @@ async function createRhinestoneAccount(config) {
     };
 }
 class RhinestoneSDK {
-    apiKey;
+    authProvider;
     endpointUrl;
     provider;
     bundler;
@@ -306,7 +307,7 @@ class RhinestoneSDK {
     useDevContracts;
     headers;
     constructor(options) {
-        this.apiKey = options.apiKey;
+        this.authProvider = (0, provider_1.createAuthProvider)(options);
         this.endpointUrl = options.endpointUrl;
         this.provider = options.provider;
         this.bundler = options.bundler;
@@ -317,7 +318,7 @@ class RhinestoneSDK {
     createAccount(config) {
         const rhinestoneConfig = {
             ...config,
-            apiKey: this.apiKey,
+            _authProvider: this.authProvider,
             endpointUrl: this.endpointUrl,
             provider: this.provider,
             bundler: this.bundler,
@@ -328,25 +329,26 @@ class RhinestoneSDK {
         return createRhinestoneAccount(rhinestoneConfig);
     }
     getIntentStatus(intentId) {
-        return (0, execution_1.getIntentStatus)(this.apiKey, this.endpointUrl, intentId, this.headers);
+        return (0, execution_1.getIntentStatus)(this.authProvider, this.endpointUrl, intentId, this.headers);
     }
     splitIntents(input) {
-        return (0, execution_1.splitIntents)(this.apiKey, this.endpointUrl, input, this.headers);
+        return (0, execution_1.splitIntents)(this.authProvider, this.endpointUrl, input, this.headers);
     }
 }
 exports.RhinestoneSDK = RhinestoneSDK;
 // WebAuthn Validator contract helpers (keep Charter API stable)
+// biome-ignore lint/performance/noBarrelFile: required to preserve Charter's public API surface
 var webauthn_contract_1 = require("./modules/validators/webauthn-contract");
+Object.defineProperty(exports, "addCredential", { enumerable: true, get: function () { return webauthn_contract_1.addCredential; } });
 Object.defineProperty(exports, "generateCredentialId", { enumerable: true, get: function () { return webauthn_contract_1.generateCredentialId; } });
 Object.defineProperty(exports, "getCredentialIds", { enumerable: true, get: function () { return webauthn_contract_1.getCredentialIds; } });
-Object.defineProperty(exports, "hasCredentialById", { enumerable: true, get: function () { return webauthn_contract_1.hasCredentialById; } });
+Object.defineProperty(exports, "getCredentialInfo", { enumerable: true, get: function () { return webauthn_contract_1.getCredentialInfo; } });
+Object.defineProperty(exports, "getCredentials", { enumerable: true, get: function () { return webauthn_contract_1.getCredentials; } });
+Object.defineProperty(exports, "getThreshold", { enumerable: true, get: function () { return webauthn_contract_1.getThreshold; } });
 Object.defineProperty(exports, "hasCredential", { enumerable: true, get: function () { return webauthn_contract_1.hasCredential; } });
-Object.defineProperty(exports, "addCredential", { enumerable: true, get: function () { return webauthn_contract_1.addCredential; } });
+Object.defineProperty(exports, "hasCredentialById", { enumerable: true, get: function () { return webauthn_contract_1.hasCredentialById; } });
 Object.defineProperty(exports, "removeCredential", { enumerable: true, get: function () { return webauthn_contract_1.removeCredential; } });
 Object.defineProperty(exports, "setThreshold", { enumerable: true, get: function () { return webauthn_contract_1.setThreshold; } });
-Object.defineProperty(exports, "getCredentialInfo", { enumerable: true, get: function () { return webauthn_contract_1.getCredentialInfo; } });
-Object.defineProperty(exports, "getThreshold", { enumerable: true, get: function () { return webauthn_contract_1.getThreshold; } });
-Object.defineProperty(exports, "getCredentials", { enumerable: true, get: function () { return webauthn_contract_1.getCredentials; } });
 Object.defineProperty(exports, "WEBAUTHN_VALIDATOR_ABI", { enumerable: true, get: function () { return webauthn_contract_1.WEBAUTHN_VALIDATOR_ABI; } });
 // Orchestrator helpers
 var orchestrator_2 = require("./orchestrator");

package/dist/src/jwt-server/digest.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Compute a deterministic hex-encoded SHA-256 digest of an intent input object.
+ *
+ * 1. JCS-canonicalise the intent input (RFC 8785)
+ * 2. SHA-256 hash the UTF-8 bytes
+ * 3. Return lowercase hex string
+ *
+ * Uses the Web Crypto API (available in Node.js ≥ 15 and all modern browsers).
+ */
+export declare function computeIntentInputDigest(intentInput: unknown): Promise<string>;
+//# sourceMappingURL=digest.d.ts.map

package/dist/src/jwt-server/digest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"digest.d.ts","sourceRoot":"","sources":["../../../jwt-server/digest.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AACH,wBAAsB,wBAAwB,CAC5C,WAAW,EAAE,OAAO,GACnB,OAAO,CAAC,MAAM,CAAC,CAQjB"}

package/dist/src/jwt-server/digest.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.computeIntentInputDigest = computeIntentInputDigest;
+const jcs_1 = require("./jcs");
+/**
+ * Compute a deterministic hex-encoded SHA-256 digest of an intent input object.
+ *
+ * 1. JCS-canonicalise the intent input (RFC 8785)
+ * 2. SHA-256 hash the UTF-8 bytes
+ * 3. Return lowercase hex string
+ *
+ * Uses the Web Crypto API (available in Node.js ≥ 15 and all modern browsers).
+ */
+async function computeIntentInputDigest(intentInput) {
+    const canonical = (0, jcs_1.jcsCanonicalise)(intentInput);
+    const encoded = new TextEncoder().encode(canonical);
+    const hashBuffer = await crypto.subtle.digest('SHA-256', encoded);
+    const hashArray = new Uint8Array(hashBuffer);
+    return Array.from(hashArray)
+        .map((b) => b.toString(16).padStart(2, '0'))
+        .join('');
+}

package/dist/src/jwt-server/express.d.ts

@@ -0,0 +1,16 @@
+import { type JwtHandlerConfig } from './handlers';
+interface ExpressRequest {
+    body?: unknown;
+}
+interface ExpressResponse {
+    status(code: number): ExpressResponse;
+    json(body: unknown): void;
+}
+type ExpressHandler = (req: ExpressRequest, res: ExpressResponse) => void;
+interface ExpressRouter {
+    get(path: string, handler: ExpressHandler): ExpressRouter;
+    post(path: string, handler: ExpressHandler): ExpressRouter;
+}
+export declare function createExpressRouter(config: JwtHandlerConfig): ExpressRouter;
+export {};
+//# sourceMappingURL=express.d.ts.map

package/dist/src/jwt-server/express.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.d.ts","sourceRoot":"","sources":["../../../jwt-server/express.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,gBAAgB,EACtB,MAAM,YAAY,CAAA;AAEnB,UAAU,cAAc;IACtB,IAAI,CAAC,EAAE,OAAO,CAAA;CACf;AAED,UAAU,eAAe;IACvB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAAA;IACrC,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,CAAA;CAC1B;AAED,KAAK,cAAc,GAAG,CAAC,GAAG,EAAE,cAAc,EAAE,GAAG,EAAE,eAAe,KAAK,IAAI,CAAA;AAEzE,UAAU,aAAa;IACrB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,GAAG,aAAa,CAAA;IACzD,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,GAAG,aAAa,CAAA;CAC3D;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,gBAAgB,GAAG,aAAa,CAyB3E"}

package/dist/src/jwt-server/express.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createExpressRouter = createExpressRouter;
+const handlers_1 = require("./handlers");
+function createExpressRouter(config) {
+    // Dynamic import avoidance: we type the router interface manually
+    // so express doesn't need to be installed unless this function is called.
+    // eslint-disable-next-line @typescript-eslint/no-require-imports
+    const { Router } = require('express');
+    const router = Router();
+    const handleAccessToken = (0, handlers_1.createCoreAccessTokenHandler)(config);
+    const handleExtensionToken = (0, handlers_1.createCoreExtensionTokenHandler)(config);
+    router.get('/access-token', async (_req, res) => {
+        const result = await handleAccessToken();
+        res.status(result.status).json(result.body);
+    });
+    router.post('/extension-token', async (req, res) => {
+        const body = req.body;
+        const intentInput = body?.intentInput;
+        const result = await handleExtensionToken(intentInput);
+        res.status(result.status).json(result.body);
+    });
+    return router;
+}

package/dist/src/jwt-server/handlers.d.ts

@@ -0,0 +1,10 @@
+import { type JwtSignerConfig } from './signer';
+export type JwtHandlerConfig = JwtSignerConfig;
+interface HandlerResult {
+    status: number;
+    body: Record<string, unknown>;
+}
+export declare function createCoreAccessTokenHandler(config: JwtHandlerConfig): () => Promise<HandlerResult>;
+export declare function createCoreExtensionTokenHandler(config: JwtHandlerConfig): (intentInput: unknown) => Promise<HandlerResult>;
+export {};
+//# sourceMappingURL=handlers.d.ts.map

package/dist/src/jwt-server/handlers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../../jwt-server/handlers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAmB,KAAK,eAAe,EAAE,MAAM,UAAU,CAAA;AAGhE,MAAM,MAAM,gBAAgB,GAAG,eAAe,CAAA;AAE9C,UAAU,aAAa;IACrB,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B;AAED,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,gBAAgB,GACvB,MAAM,OAAO,CAAC,aAAa,CAAC,CAa9B;AAED,wBAAgB,+BAA+B,CAC7C,MAAM,EAAE,gBAAgB,GACvB,CAAC,WAAW,EAAE,OAAO,KAAK,OAAO,CAAC,aAAa,CAAC,CAuBlD"}

package/dist/src/jwt-server/handlers.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createCoreAccessTokenHandler = createCoreAccessTokenHandler;
+exports.createCoreExtensionTokenHandler = createCoreExtensionTokenHandler;
+const signer_1 = require("./signer");
+const sponsorship_1 = require("./sponsorship");
+function createCoreAccessTokenHandler(config) {
+    const signer = (0, signer_1.createJwtSigner)(config);
+    return async () => {
+        try {
+            const token = await signer.accessToken();
+            return { status: 200, body: { token } };
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : 'Internal server error';
+            return { status: 500, body: { error: message } };
+        }
+    };
+}
+function createCoreExtensionTokenHandler(config) {
+    const signer = (0, signer_1.createJwtSigner)(config);
+    return async (intentInput) => {
+        if (intentInput === undefined || intentInput === null) {
+            return {
+                status: 400,
+                body: { error: 'Missing intentInput in request body' },
+            };
+        }
+        try {
+            const token = await signer.getIntentExtensionToken(intentInput);
+            return { status: 200, body: { token } };
+        }
+        catch (error) {
+            if (error instanceof sponsorship_1.SponsorshipDeniedError) {
+                return { status: 403, body: { error: error.message } };
+            }
+            const message = error instanceof Error ? error.message : 'Internal server error';
+            return { status: 500, body: { error: message } };
+        }
+    };
+}

package/dist/src/jwt-server/index.d.ts

@@ -0,0 +1,8 @@
+export { computeIntentInputDigest } from './digest';
+export { createExpressRouter } from './express';
+export type { JwtHandlerConfig } from './handlers';
+export { jcsCanonicalise } from './jcs';
+export { createJwtSigner, type JwtCredentials, type JwtSignerConfig, } from './signer';
+export { SponsorshipDeniedError, type SponsorshipFilter, shouldSponsor, } from './sponsorship';
+export { createAccessTokenHandler, createExtensionTokenHandler, } from './web';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/jwt-server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../jwt-server/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA;AAC/C,YAAY,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,OAAO,CAAA;AACvC,OAAO,EACL,eAAe,EACf,KAAK,cAAc,EACnB,KAAK,eAAe,GACrB,MAAM,UAAU,CAAA;AACjB,OAAO,EACL,sBAAsB,EACtB,KAAK,iBAAiB,EACtB,aAAa,GACd,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,OAAO,CAAA"}

package/dist/src/jwt-server/index.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createExtensionTokenHandler = exports.createAccessTokenHandler = exports.shouldSponsor = exports.SponsorshipDeniedError = exports.createJwtSigner = exports.jcsCanonicalise = exports.createExpressRouter = exports.computeIntentInputDigest = void 0;
+// biome-ignore lint/performance/noBarrelFile: subpath entry point for @rhinestone/sdk/jwt-server
+var digest_1 = require("./digest");
+Object.defineProperty(exports, "computeIntentInputDigest", { enumerable: true, get: function () { return digest_1.computeIntentInputDigest; } });
+var express_1 = require("./express");
+Object.defineProperty(exports, "createExpressRouter", { enumerable: true, get: function () { return express_1.createExpressRouter; } });
+var jcs_1 = require("./jcs");
+Object.defineProperty(exports, "jcsCanonicalise", { enumerable: true, get: function () { return jcs_1.jcsCanonicalise; } });
+var signer_1 = require("./signer");
+Object.defineProperty(exports, "createJwtSigner", { enumerable: true, get: function () { return signer_1.createJwtSigner; } });
+var sponsorship_1 = require("./sponsorship");
+Object.defineProperty(exports, "SponsorshipDeniedError", { enumerable: true, get: function () { return sponsorship_1.SponsorshipDeniedError; } });
+Object.defineProperty(exports, "shouldSponsor", { enumerable: true, get: function () { return sponsorship_1.shouldSponsor; } });
+var web_1 = require("./web");
+Object.defineProperty(exports, "createAccessTokenHandler", { enumerable: true, get: function () { return web_1.createAccessTokenHandler; } });
+Object.defineProperty(exports, "createExtensionTokenHandler", { enumerable: true, get: function () { return web_1.createExtensionTokenHandler; } });

package/dist/src/jwt-server/jcs.d.ts

@@ -0,0 +1,12 @@
+/**
+ * RFC 8785 JSON Canonicalization Scheme (JCS).
+ *
+ * Produces a deterministic JSON serialization by:
+ * 1. Sorting object keys lexicographically (Unicode code-point order)
+ * 2. Using ES2015+ `JSON.stringify` number serialization (IEEE 754 → shortest round-trip)
+ * 3. No whitespace
+ *
+ * Reference: https://www.rfc-editor.org/rfc/rfc8785
+ */
+export declare function jcsCanonicalise(value: unknown): string;
+//# sourceMappingURL=jcs.d.ts.map

package/dist/src/jwt-server/jcs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jcs.d.ts","sourceRoot":"","sources":["../../../jwt-server/jcs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,wBAAgB,eAAe,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAEtD"}

package/dist/src/jwt-server/jcs.js

@@ -0,0 +1,60 @@
+"use strict";
+/**
+ * RFC 8785 JSON Canonicalization Scheme (JCS).
+ *
+ * Produces a deterministic JSON serialization by:
+ * 1. Sorting object keys lexicographically (Unicode code-point order)
+ * 2. Using ES2015+ `JSON.stringify` number serialization (IEEE 754 → shortest round-trip)
+ * 3. No whitespace
+ *
+ * Reference: https://www.rfc-editor.org/rfc/rfc8785
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.jcsCanonicalise = jcsCanonicalise;
+function jcsCanonicalise(value) {
+    return serialize(value);
+}
+function serialize(value) {
+    if (value === null || value === undefined) {
+        return 'null';
+    }
+    switch (typeof value) {
+        case 'boolean':
+            return value ? 'true' : 'false';
+        case 'number':
+            if (!Number.isFinite(value)) {
+                throw new Error(`JCS: non-finite number: ${value}`);
+            }
+            // ES2015 Number-to-String satisfies RFC 8785 §3.2.2.3
+            return Object.is(value, -0) ? '0' : String(value);
+        case 'string':
+            return JSON.stringify(value);
+        case 'bigint':
+            // BigInt is not valid JSON; coerce to bare decimal string.
+            // Values above MAX_SAFE_INTEGER are rejected because downstream
+            // JSON parsers using IEEE 754 doubles would silently lose precision,
+            // producing a different digest.
+            if (value > BigInt(Number.MAX_SAFE_INTEGER) ||
+                value < BigInt(-Number.MAX_SAFE_INTEGER)) {
+                throw new Error(`JCS: BigInt ${value} exceeds safe integer range — convert to string before calling`);
+            }
+            return String(value);
+        default:
+            break;
+    }
+    if (Array.isArray(value)) {
+        const items = value.map((item) => serialize(item));
+        return `[${items.join(',')}]`;
+    }
+    // Object — sort keys by Unicode code-point order
+    const obj = value;
+    const keys = Object.keys(obj).sort();
+    const members = [];
+    for (const key of keys) {
+        const v = obj[key];
+        if (v === undefined)
+            continue; // skip undefined properties
+        members.push(`${JSON.stringify(key)}:${serialize(v)}`);
+    }
+    return `{${members.join(',')}}`;
+}

package/dist/src/jwt-server/signer.d.ts

@@ -0,0 +1,18 @@
+import { type SponsorshipFilter } from './sponsorship';
+export interface JwtCredentials {
+    privateKey: JsonWebKey;
+    integratorId: string;
+    projectId: string;
+    appId: string;
+    keyId: string;
+    audience?: string;
+}
+export interface JwtSignerConfig {
+    jwt: JwtCredentials;
+    shouldSponsor?: SponsorshipFilter;
+}
+export declare function createJwtSigner(config: JwtSignerConfig): {
+    accessToken: () => Promise<string>;
+    getIntentExtensionToken: (intentInput: unknown) => Promise<string>;
+};
+//# sourceMappingURL=signer.d.ts.map

package/dist/src/jwt-server/signer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../../jwt-server/signer.ts"],"names":[],"mappings":"AAEA,OAAO,EAGL,KAAK,iBAAiB,EACvB,MAAM,eAAe,CAAA;AAEtB,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,UAAU,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,cAAc,CAAA;IACnB,aAAa,CAAC,EAAE,iBAAiB,CAAA;CAClC;AAeD,wBAAgB,eAAe,CAAC,MAAM,EAAE,eAAe,GAAG;IACxD,WAAW,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAA;IAClC,uBAAuB,EAAE,CAAC,WAAW,EAAE,OAAO,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;CACnE,CAoEA"}

package/dist/src/jwt-server/signer.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createJwtSigner = createJwtSigner;
+const jose_1 = require("jose");
+const digest_1 = require("./digest");
+const sponsorship_1 = require("./sponsorship");
+function pickAlg(jwk) {
+    if (jwk.kty === 'EC') {
+        if (jwk.crv === 'P-256')
+            return 'ES256';
+        if (jwk.crv === 'P-384')
+            return 'ES384';
+        if (jwk.crv === 'P-521')
+            return 'ES512';
+        throw new Error(`Unsupported EC curve: ${jwk.crv}`);
+    }
+    if (jwk.kty === 'RSA')
+        return 'RS256';
+    throw new Error(`Unsupported JWK kty: ${jwk.kty}`);
+}
+function createJwtSigner(config) {
+    const { jwt: { privateKey, integratorId, projectId, appId, keyId, audience = 'rhinestone-api', }, shouldSponsor: filters, } = config;
+    const alg = pickAlg(privateKey);
+    let cachedKey = null;
+    async function getKey() {
+        if (!cachedKey) {
+            cachedKey = (await (0, jose_1.importJWK)(privateKey, alg));
+        }
+        return cachedKey;
+    }
+    async function accessToken() {
+        const key = await getKey();
+        return new jose_1.SignJWT({ typ: 'access', app_id: appId })
+            .setProtectedHeader({ alg, kid: keyId })
+            .setIssuer(integratorId)
+            .setSubject(projectId)
+            .setAudience(audience)
+            .setIssuedAt()
+            .setExpirationTime('1h')
+            .sign(key);
+    }
+    async function getIntentExtensionToken(intentInput) {
+        if (filters) {
+            const allowed = await (0, sponsorship_1.shouldSponsor)(intentInput, filters);
+            if (!allowed) {
+                throw new sponsorship_1.SponsorshipDeniedError();
+            }
+        }
+        const key = await getKey();
+        const digest = await (0, digest_1.computeIntentInputDigest)(intentInput);
+        return new jose_1.SignJWT({
+            typ: 'intent_extension',
+            app_id: appId,
+            jti: crypto.randomUUID(),
+            policy: {
+                sponsorship: {
+                    scope: 'intent',
+                    intent_input: { digest },
+                },
+            },
+        })
+            .setProtectedHeader({ alg, kid: keyId })
+            .setIssuer(integratorId)
+            .setSubject(projectId)
+            .setAudience(audience)
+            .setIssuedAt()
+            .setExpirationTime('5m')
+            .sign(key);
+    }
+    return { accessToken, getIntentExtensionToken };
+}

package/dist/src/jwt-server/sponsorship.d.ts

@@ -0,0 +1,19 @@
+import type { Address, Hex } from 'viem';
+export declare class SponsorshipDeniedError extends Error {
+    constructor();
+}
+type MaybeAsync<T> = T | Promise<T>;
+export interface SponsorshipFilter {
+    chain?: (chain: {
+        id: number;
+    }) => MaybeAsync<boolean>;
+    account?: (address: Address) => MaybeAsync<boolean>;
+    calls?: (calls: {
+        to: Address;
+        value: bigint;
+        data: Hex;
+    }[]) => MaybeAsync<boolean>;
+}
+export declare function shouldSponsor(intentInput: unknown, filters: SponsorshipFilter): Promise<boolean>;
+export {};
+//# sourceMappingURL=sponsorship.d.ts.map

package/dist/src/jwt-server/sponsorship.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sponsorship.d.ts","sourceRoot":"","sources":["../../../jwt-server/sponsorship.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAA;AAExC,qBAAa,sBAAuB,SAAQ,KAAK;;CAKhD;AAED,KAAK,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;AAEnC,MAAM,WAAW,iBAAiB;IAChC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,KAAK,UAAU,CAAC,OAAO,CAAC,CAAA;IACtD,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,UAAU,CAAC,OAAO,CAAC,CAAA;IACnD,KAAK,CAAC,EAAE,CACN,KAAK,EAAE;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE,EAAE,KAC/C,UAAU,CAAC,OAAO,CAAC,CAAA;CACzB;AAiDD,wBAAsB,aAAa,CACjC,WAAW,EAAE,OAAO,EACpB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,OAAO,CAAC,CAclB"}

package/dist/src/jwt-server/sponsorship.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SponsorshipDeniedError = void 0;
+exports.shouldSponsor = shouldSponsor;
+class SponsorshipDeniedError extends Error {
+    constructor() {
+        super('Sponsorship denied');
+        this.name = 'SponsorshipDeniedError';
+    }
+}
+exports.SponsorshipDeniedError = SponsorshipDeniedError;
+function parseIntentInput(intentInput) {
+    if (typeof intentInput !== 'object' || intentInput === null) {
+        throw new Error('intentInput must be a non-null object');
+    }
+    const input = intentInput;
+    const chainId = input.destinationChainId;
+    if (typeof chainId !== 'number') {
+        throw new Error('intentInput.destinationChainId must be a number');
+    }
+    const account = input.account;
+    if (typeof account !== 'object' || account === null) {
+        throw new Error('intentInput.account must be a non-null object');
+    }
+    const address = account.address;
+    if (typeof address !== 'string') {
+        throw new Error('intentInput.account.address must be a string');
+    }
+    const executions = input.destinationExecutions;
+    if (!Array.isArray(executions)) {
+        throw new Error('intentInput.destinationExecutions must be an array');
+    }
+    const calls = executions.map((exec) => ({
+        to: exec.to,
+        value: BigInt(exec.value),
+        data: exec.data,
+    }));
+    return {
+        chain: { id: chainId },
+        account: address,
+        calls,
+    };
+}
+async function shouldSponsor(intentInput, filters) {
+    const parsed = parseIntentInput(intentInput);
+    if (filters.chain && !(await filters.chain(parsed.chain))) {
+        return false;
+    }
+    if (filters.account && !(await filters.account(parsed.account))) {
+        return false;
+    }
+    if (filters.calls && !(await filters.calls(parsed.calls))) {
+        return false;
+    }
+    return true;
+}

package/dist/src/jwt-server/web.d.ts

@@ -0,0 +1,4 @@
+import { type JwtHandlerConfig } from './handlers';
+export declare function createAccessTokenHandler(config: JwtHandlerConfig): (req: Request) => Promise<Response>;
+export declare function createExtensionTokenHandler(config: JwtHandlerConfig): (req: Request) => Promise<Response>;
+//# sourceMappingURL=web.d.ts.map

package/dist/src/jwt-server/web.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"web.d.ts","sourceRoot":"","sources":["../../../jwt-server/web.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,gBAAgB,EACtB,MAAM,YAAY,CAAA;AAEnB,wBAAgB,wBAAwB,CACtC,MAAM,EAAE,gBAAgB,GACvB,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAOrC;AAED,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,gBAAgB,GACvB,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAerC"}

package/dist/src/jwt-server/web.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAccessTokenHandler = createAccessTokenHandler;
+exports.createExtensionTokenHandler = createExtensionTokenHandler;
+const handlers_1 = require("./handlers");
+function createAccessTokenHandler(config) {
+    const handle = (0, handlers_1.createCoreAccessTokenHandler)(config);
+    return async () => {
+        const result = await handle();
+        return Response.json(result.body, { status: result.status });
+    };
+}
+function createExtensionTokenHandler(config) {
+    const handle = (0, handlers_1.createCoreExtensionTokenHandler)(config);
+    return async (req) => {
+        let intentInput;
+        try {
+            const body = await req.json();
+            intentInput = body.intentInput;
+        }
+        catch {
+            return Response.json({ error: 'Invalid JSON body' }, { status: 400 });
+        }
+        const result = await handle(intentInput);
+        return Response.json(result.body, { status: result.status });
+    };
+}

package/dist/src/modules/validators/index.d.ts

@@ -1,4 +1,4 @@
 import { getMockSignature, getOwnerValidator, MULTI_FACTOR_VALIDATOR_ADDRESS, OWNABLE_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS } from './core';
-import { buildMockSignature, getEnableSessionCall, getPermissionId, getSmartSessionValidator } from './smart-sessions';
-export { OWNABLE_VALIDATOR_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS, MULTI_FACTOR_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, getOwnerValidator, getSmartSessionValidator, getEnableSessionCall, getPermissionId, getMockSignature, buildMockSignature, };
+import { buildMockSignature, DUMMY_PRECLAIMOP_SELECTOR, DUMMY_PRECLAIMOP_TARGET, getEnableSessionCall, getPermissionId, getSmartSessionValidator, isSessionEnabled, packSignature } from './smart-sessions';
+export { OWNABLE_VALIDATOR_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS, MULTI_FACTOR_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, DUMMY_PRECLAIMOP_TARGET, DUMMY_PRECLAIMOP_SELECTOR, getOwnerValidator, getSmartSessionValidator, getEnableSessionCall, getPermissionId, getMockSignature, buildMockSignature, isSessionEnabled, packSignature, };
 //# sourceMappingURL=index.d.ts.map

package/dist/src/modules/validators/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/validators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAC9B,0BAA0B,EAC3B,MAAM,QAAQ,CAAA;AACf,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACzB,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,iBAAiB,EACjB,wBAAwB,EACxB,oBAAoB,EACpB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,GACnB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/validators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAC9B,0BAA0B,EAC3B,MAAM,QAAQ,CAAA;AACf,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EAChB,aAAa,EACd,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,uBAAuB,EACvB,yBAAyB,EACzB,iBAAiB,EACjB,wBAAwB,EACxB,oBAAoB,EACpB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,GACd,CAAA"}