@coinbase/cdp-core 0.0.32 → 0.0.33

package/dist/native/index.native7.js

@@ -1,121 +1,219 @@
-import { Provider as h } from "ox";
-import { http as m } from "viem";
-import { create as p } from "zustand";
-import { subscribeWithSelector as g, persist as f } from "./index.native24.js";
-import { validateRequest as I, EIP1193ProviderError as S, STANDARD_ERROR_CODES as w } from "./index.native8.js";
-import { EventEmitter as C } from "./index.native25.js";
-import { getPlatformStorage as b } from "./index.native4.js";
-import "@coinbase/cdp-api-client";
-import { handleGetCapabilities as _, handleGetCallsStatus as A, handleSendCalls as v, handleChainId as D, handleSignTypedData as P, handleEthSign as E, handleSwitchEthereumChain as R, handleDisconnect as y, handleSendTransaction as T, handlePersonalSign as q, handleRequestAccounts as G, handleAccounts as L } from "./index.native26.js";
-import { onAuthStateChange as M } from "./index.native5.js";
-import { baseSepolia as l } from "./index.native27.js";
-function N(r, n, s) {
-  n.subscribe(
-    (e) => e.chainId,
-    (e, t) => {
-      e !== t && r.emit("chainChanged", e);
+import { logOutEndUser as l, refreshAccessToken as c, registerTemporaryWalletSecret as o } from "@coinbase/cdp-api-client";
+import { SignJWT as u } from "./index.native21.js";
+import "viem";
+import { toAuthState as f } from "./index.native14.js";
+import { getPlatformCrypto as n } from "./index.native5.js";
+import { sortKeys as S } from "./index.native18.js";
+const i = 60 * 1e3;
+class p {
+  projectId;
+  authState = null;
+  walletSecret = null;
+  authStateChangeCallbacks = [];
+  initPromise = null;
+  refreshTimeout = null;
+  /**
+   * Initializes the token manager.
+   *
+   * @param projectId - The project ID.
+   */
+  constructor(e) {
+    this.projectId = e, this.initPromise = this._doInitialize();
+  }
+  /**
+   * Gets the current user, or null if there is no user signed in.
+   *
+   * @returns The current user.
+   */
+  async getUser() {
+    return this.authState?.user ?? null;
+  }
+  /**
+   * Returns whether the user is signed in - i.e., whether there is an unexpired
+   * access token and user. Attempts to refresh the token if it's expired.
+   *
+   * @returns True if the user is signed in, false otherwise.
+   */
+  async isSignedIn() {
+    if (!this.authState)
+      return !1;
+    if (this.authState.expiresAt > Date.now() + i)
+      return !0;
+    try {
+      return await this.getToken() !== null;
+    } catch {
+      return !1;
     }
-  ), n.subscribe(
-    (e) => e.user,
-    (e, t) => {
-      if (!(e?.userId === t?.userId && e?.evmAccounts?.length === t?.evmAccounts?.length)) {
-        if (!e && t) {
-          r.emit("disconnect", new h.DisconnectedError());
-          return;
-        }
-        if (e && e.evmAccounts?.length && (!t || t.evmAccounts?.length === 0)) {
-          const a = n.getState().chainId;
-          r.emit("connect", { chainId: a });
-          return;
-        }
-      }
+  }
+  /**
+   * Signs out the user, clearing all authentication state.
+   */
+  async signOut() {
+    try {
+      await l(this.projectId);
+    } catch {
+    } finally {
+      await this.clearAuthState();
     }
-  );
-  const { chainId: i, setChainId: o } = n.getState(), d = i || s.chains[0].id;
-  return i || o(d), h.from({
-    request: async (e) => {
-      I(e, s);
-      const t = e;
-      switch (t.method) {
-        case "eth_accounts":
-          return L();
-        case "eth_requestAccounts":
-          return G(r, n);
-        case "personal_sign":
-          return q(t.params);
-        case "eth_sendTransaction":
-          return T(t.params, n, s.transports);
-        case "wallet_disconnect":
-          return y();
-        case "wallet_switchEthereumChain":
-          return R(t.params, n);
-        case "eth_sign":
-          return E(t.params);
-        case "eth_signTypedData_v4":
-          return P(t.params);
-        case "eth_chainId":
-          return D(n);
-        case "wallet_sendCalls":
-          return v(t.params, n);
-        case "wallet_getCallsStatus":
-          return A(t.params, n);
-        case "wallet_getCapabilities":
-          return _();
-        // Catch-all for any unknown method
-        default:
-          throw new S(
-            w.provider.unsupportedMethod,
-            `Method ${t.method} not supported`
-          );
-      }
-    },
-    // Event emitter methods - only the ones required by the interface
-    on: r.on.bind(r),
-    removeListener: r.removeListener.bind(r)
-  });
-}
-const u = {
-  chains: [l],
-  transports: {
-    [l.id]: m()
   }
-};
-function K(r) {
-  if (r?.chains.length === 0)
-    throw new Error("At least one chain must be configured");
-  const n = r?.chains ?? u.chains, s = r?.transports ?? u.transports;
-  if (n.length === 0)
-    throw new Error("No chains found in configuration");
-  const i = new C(), o = b(), d = {
-    getItem: (t) => o.getItem(t),
-    setItem: (t, a) => o.setItem(t, a),
-    removeItem: (t) => o.removeItem(t)
-  }, c = p()(
-    g(
-      f(
-        (t) => ({
-          chainId: n[0].id,
-          setChainId: (a) => t({ chainId: a }),
-          chains: n,
-          user: null,
-          setUser: (a) => t({ user: a })
-        }),
-        {
-          name: "cdp-provider-store",
-          storage: d
-        }
-      )
-    )
-  );
-  return c.persist.rehydrate(), M((t) => {
-    c.getState().setUser(t);
-  }), {
-    provider: N(i, c, {
-      chains: n,
-      transports: s
-    })
-  };
+  /**
+   * Adds a callback to be called when the auth state changes.
+   *
+   * @param callback - The function to call when the auth state changes.
+   */
+  addAuthStateChangeCallback(e) {
+    this.authStateChangeCallbacks.push(e), e(this.authState?.user ?? null);
+  }
+  /**
+   * Gets the access token, refreshing it if it is expired. Returns null if the user is not
+   * signed in.
+   *
+   * @returns The access token.
+   */
+  async getToken() {
+    return this.shouldRefreshToken() && await this.refreshAccessToken(), this.authState?.accessToken ?? null;
+  }
+  /**
+   * Gets the currently registered wallet secret ID. Rejects if the user is not signed in.
+   *
+   * @returns The wallet secret ID.
+   */
+  async getWalletSecretId() {
+    if (!await this.isSignedIn())
+      throw new Error("Cannot get wallet secret ID if the user is not signed in");
+    return this.shouldRefreshWalletSecret() && await this.refreshWalletSecret(), this.walletSecret.walletSecretId;
+  }
+  /**
+   * Gets the X-Wallet-Auth header. Rejects if the user is not signed in.
+   *
+   * @param options - The options for the request.
+   * @param options.requestMethod - The HTTP method of the request.
+   * @param options.requestHost - The host of the request.
+   * @param options.requestPath - The path of the request.
+   * @param options.requestData - The data of the request.
+   * @returns The X-Wallet-Auth header.
+   */
+  async getXWalletAuth(e) {
+    if (!await this.isSignedIn())
+      throw new Error("Cannot get X-Wallet-Auth header if the user is not signed in");
+    this.shouldRefreshWalletSecret() && await this.refreshWalletSecret();
+    const t = `${e.requestMethod} ${e.requestHost}${e.requestPath}`, r = Math.floor(Date.now() / 1e3), s = n(), a = {
+      uris: [t]
+    };
+    if (e.requestData && Object.keys(e.requestData).length > 0) {
+      const h = S(e.requestData);
+      a.reqHash = await s.hash(new TextEncoder().encode(JSON.stringify(h)));
+    }
+    return await new u(a).setProtectedHeader({ alg: "ES256", typ: "JWT" }).setIssuedAt(r).setNotBefore(r).setJti(s.generateRandomId()).sign(this.walletSecret.keyPair.privateKey);
+  }
+  /**
+   * Sets the authentication state.
+   *
+   * @param authState - The authentication state.
+   */
+  async setAuthState(e) {
+    this.authState = e, this.authStateChangeCallbacks.forEach((t) => t(this.authState?.user ?? null)), this.scheduleTokenRefresh();
+  }
+  /**
+   * Clears the authentication state.
+   */
+  async clearAuthState() {
+    this.authState = null, this.walletSecret = null, this.cancelTokenRefresh(), this.authStateChangeCallbacks.forEach((e) => e(null));
+  }
+  /**
+   * Ensures the AuthManager is initialized before proceeding.
+   * If initialization is already in progress, waits for it to complete.
+   */
+  async ensureInitialized() {
+    if (this.initPromise) {
+      await this.initPromise;
+      return;
+    }
+    throw new Error("AuthManager not initialized");
+  }
+  /**
+   * Internal async initialization logic.
+   */
+  async _doInitialize() {
+    try {
+      await this.refreshAccessToken();
+    } catch (e) {
+      console.warn("Failed to refresh access token during initialization:", e);
+    }
+  }
+  /**
+   * Returns whether the token should be refreshed.
+   *
+   * @returns True if the token should be refreshed, false otherwise.
+   */
+  shouldRefreshToken() {
+    return !(this.authState && this.authState.expiresAt > Date.now() + i);
+  }
+  /**
+   * Refreshes the access token and transitions the auth state accordingly.
+   * If a refresh is already in progress, it will wait for that refresh to complete.
+   *
+   * @returns The new access token.
+   */
+  async refreshAccessToken() {
+    try {
+      const e = await c(this.projectId, {
+        grantType: "refresh_token"
+      }), t = f(
+        e.accessToken,
+        e.validUntil,
+        e.endUser
+      );
+      await this.setAuthState(t);
+    } catch {
+      await this.signOut();
+    }
+  }
+  /**
+   * Returns whether the wallet secret should be refreshed.
+   *
+   * @returns True if the wallet secret should be refreshed, false otherwise.
+   */
+  shouldRefreshWalletSecret() {
+    return !(this.walletSecret && this.walletSecret.expiresAt > Date.now() + i);
+  }
+  /**
+   * Refreshes the wallet secret. Assumes the user is signed in.
+   *
+   * @returns The wallet secret.
+   */
+  async refreshWalletSecret() {
+    const e = n(), t = this.walletSecret?.walletSecretId ?? e.generateRandomId(), r = this.walletSecret?.keyPair ?? await e.createKeyPair(), s = this.authState.expiresAt, a = new Date(s).toISOString();
+    this.walletSecret = { walletSecretId: t, keyPair: r, expiresAt: s };
+    try {
+      await o(this.projectId, this.authState.user.userId, {
+        walletSecretId: t,
+        publicKey: r.publicKeyBase64,
+        validUntil: a
+      });
+    } catch (h) {
+      throw this.walletSecret = null, h;
+    }
+  }
+  /**
+   * Schedules a token refresh to occur exactly when shouldRefreshToken() would return true.
+   * Uses the same REFRESH_CREDENTIALS_BUFFER_MS timing as the rest of the auth system.
+   */
+  scheduleTokenRefresh() {
+    if (this.cancelTokenRefresh(), !this.authState)
+      return;
+    const t = this.authState.expiresAt - i - Date.now();
+    t <= 0 || (this.refreshTimeout = setTimeout(async () => {
+      await this.refreshAccessToken(), this.scheduleTokenRefresh();
+    }, t));
+  }
+  /**
+   * Cancels any scheduled token refresh.
+   */
+  cancelTokenRefresh() {
+    this.refreshTimeout && (clearTimeout(this.refreshTimeout), this.refreshTimeout = null);
+  }
 }
 export {
-  K as createCDPEmbeddedWallet
+  p as AuthManager
 };

package/dist/native/index.native70.js

@@ -1,14 +1,13 @@
-import { commitmentToVersionedHash as i } from "./index.native87.js";
-function r(o) {
-  const { commitments: t, version: n } = o, e = o.to ?? (typeof t[0] == "string" ? "hex" : "bytes"), s = [];
-  for (const m of t)
-    s.push(i({
-      commitment: m,
-      to: e,
-      version: n
-    }));
-  return s;
+import { hexToBytes as b } from "./index.native36.js";
+import { bytesToHex as y } from "./index.native34.js";
+function h(t) {
+  const { kzg: m } = t, c = t.to ?? (typeof t.blobs[0] == "string" ? "hex" : "bytes"), s = typeof t.blobs[0] == "string" ? t.blobs.map((o) => b(o)) : t.blobs, i = typeof t.commitments[0] == "string" ? t.commitments.map((o) => b(o)) : t.commitments, n = [];
+  for (let o = 0; o < s.length; o++) {
+    const f = s[o], l = i[o];
+    n.push(Uint8Array.from(m.computeBlobKzgProof(f, l)));
+  }
+  return c === "bytes" ? n : n.map((o) => y(o));
 }
 export {
-  r as commitmentsToVersionedHashes
+  h as blobsToProofs
 };

package/dist/native/index.native71.js

@@ -1,16 +1,14 @@
-import { blobsToCommitments as f } from "./index.native68.js";
-import { blobsToProofs as l } from "./index.native69.js";
-import { toBlobs as p } from "./index.native86.js";
-function k(t) {
-  const { data: i, kzg: n, to: m } = t, s = t.blobs ?? p({ data: i, to: m }), b = t.commitments ?? f({ blobs: s, kzg: n, to: m }), r = t.proofs ?? l({ blobs: s, commitments: b, kzg: n, to: m }), c = [];
-  for (let o = 0; o < s.length; o++)
-    c.push({
-      blob: s[o],
-      commitment: b[o],
-      proof: r[o]
-    });
-  return c;
+import { commitmentToVersionedHash as i } from "./index.native88.js";
+function r(o) {
+  const { commitments: t, version: n } = o, e = o.to ?? (typeof t[0] == "string" ? "hex" : "bytes"), s = [];
+  for (const m of t)
+    s.push(i({
+      commitment: m,
+      to: e,
+      version: n
+    }));
+  return s;
 }
 export {
-  k as toBlobSidecars
+  r as commitmentsToVersionedHashes
 };

package/dist/native/index.native72.js

@@ -1,21 +1,16 @@
-import { InvalidAddressError as s } from "./index.native64.js";
-import { InvalidStorageKeySizeError as l } from "./index.native60.js";
-import { isAddress as f } from "./index.native38.js";
-function a(r) {
-  if (!r || r.length === 0)
-    return [];
-  const n = [];
-  for (let o = 0; o < r.length; o++) {
-    const { address: i, storageKeys: e } = r[o];
-    for (let t = 0; t < e.length; t++)
-      if (e[t].length - 2 !== 64)
-        throw new l({ storageKey: e[t] });
-    if (!f(i, { strict: !1 }))
-      throw new s({ address: i });
-    n.push([i, e]);
-  }
-  return n;
+import { blobsToCommitments as f } from "./index.native69.js";
+import { blobsToProofs as l } from "./index.native70.js";
+import { toBlobs as p } from "./index.native87.js";
+function k(t) {
+  const { data: i, kzg: n, to: m } = t, s = t.blobs ?? p({ data: i, to: m }), b = t.commitments ?? f({ blobs: s, kzg: n, to: m }), r = t.proofs ?? l({ blobs: s, commitments: b, kzg: n, to: m }), c = [];
+  for (let o = 0; o < s.length; o++)
+    c.push({
+      blob: s[o],
+      commitment: b[o],
+      proof: r[o]
+    });
+  return c;
 }
 export {
-  a as serializeAccessList
+  k as toBlobSidecars
 };

package/dist/native/index.native73.js

@@ -1,8 +1,21 @@
-import { gweiUnits as i } from "./index.native74.js";
-import { formatUnits as o } from "./index.native75.js";
-function f(r, t = "wei") {
-  return o(r, i[t]);
+import { InvalidAddressError as s } from "./index.native65.js";
+import { InvalidStorageKeySizeError as l } from "./index.native61.js";
+import { isAddress as f } from "./index.native39.js";
+function a(r) {
+  if (!r || r.length === 0)
+    return [];
+  const n = [];
+  for (let o = 0; o < r.length; o++) {
+    const { address: i, storageKeys: e } = r[o];
+    for (let t = 0; t < e.length; t++)
+      if (e[t].length - 2 !== 64)
+        throw new l({ storageKey: e[t] });
+    if (!f(i, { strict: !1 }))
+      throw new s({ address: i });
+    n.push([i, e]);
+  }
+  return n;
 }
 export {
-  f as formatGwei
+  a as serializeAccessList
 };

package/dist/native/index.native74.js

@@ -1,7 +1,8 @@
-const e = {
-  ether: -9,
-  wei: 9
-};
+import { gweiUnits as i } from "./index.native75.js";
+import { formatUnits as o } from "./index.native76.js";
+function f(r, t = "wei") {
+  return o(r, i[t]);
+}
 export {
-  e as gweiUnits
+  f as formatGwei
 };

package/dist/native/index.native75.js

@@ -1,13 +1,7 @@
-function a(r, n) {
-  let t = r.toString();
-  const i = t.startsWith("-");
-  i && (t = t.slice(1)), t = t.padStart(n, "0");
-  let [l, e] = [
-    t.slice(0, t.length - n),
-    t.slice(t.length - n)
-  ];
-  return e = e.replace(/(0+)$/, ""), `${i ? "-" : ""}${l || "0"}${e ? `.${e}` : ""}`;
-}
+const e = {
+  ether: -9,
+  wei: 9
+};
 export {
-  a as formatUnits
+  e as gweiUnits
 };

package/dist/native/index.native76.js

@@ -1,57 +1,13 @@
-import { encode as d } from "./index.native89.js";
-import y from "./index.native90.js";
-import b from "./index.native91.js";
-import { JWSInvalid as r } from "./index.native29.js";
-import { encoder as s, concat as u, decoder as h } from "./index.native77.js";
-import g from "./index.native92.js";
-import H from "./index.native93.js";
-import P from "./index.native94.js";
-class x {
-  #r;
-  #e;
-  #t;
-  constructor(e) {
-    if (!(e instanceof Uint8Array))
-      throw new TypeError("payload must be an instance of Uint8Array");
-    this.#r = e;
-  }
-  setProtectedHeader(e) {
-    if (this.#e)
-      throw new TypeError("setProtectedHeader can only be called once");
-    return this.#e = e, this;
-  }
-  setUnprotectedHeader(e) {
-    if (this.#t)
-      throw new TypeError("setUnprotectedHeader can only be called once");
-    return this.#t = e, this;
-  }
-  async sign(e, l) {
-    if (!this.#e && !this.#t)
-      throw new r("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
-    if (!b(this.#e, this.#t))
-      throw new r("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
-    const c = {
-      ...this.#e,
-      ...this.#t
-    }, p = H(r, /* @__PURE__ */ new Map([["b64", !0]]), l?.crit, this.#e, c);
-    let o = !0;
-    if (p.has("b64") && (o = this.#e.b64, typeof o != "boolean"))
-      throw new r('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
-    const { alg: t } = c;
-    if (typeof t != "string" || !t)
-      throw new r('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-    g(t, e, "sign");
-    let i = this.#r;
-    o && (i = s.encode(d(i)));
-    let n;
-    this.#e ? n = s.encode(d(JSON.stringify(this.#e))) : n = s.encode("");
-    const f = u(n, s.encode("."), i), m = await P(e, t), w = await y(t, m, f), a = {
-      signature: d(w),
-      payload: ""
-    };
-    return o && (a.payload = h.decode(i)), this.#t && (a.header = this.#t), this.#e && (a.protected = h.decode(n)), a;
-  }
+function a(r, n) {
+  let t = r.toString();
+  const i = t.startsWith("-");
+  i && (t = t.slice(1)), t = t.padStart(n, "0");
+  let [l, e] = [
+    t.slice(0, t.length - n),
+    t.slice(t.length - n)
+  ];
+  return e = e.replace(/(0+)$/, ""), `${i ? "-" : ""}${l || "0"}${e ? `.${e}` : ""}`;
 }
 export {
-  x as FlattenedSign
+  a as formatUnits
 };

package/dist/native/index.native77.js

@@ -1,13 +1,57 @@
-const d = new TextEncoder(), s = new TextDecoder();
-function f(...n) {
-  const c = n.reduce((e, { length: r }) => e + r, 0), t = new Uint8Array(c);
-  let o = 0;
-  for (const e of n)
-    t.set(e, o), o += e.length;
-  return t;
+import { encode as d } from "./index.native89.js";
+import y from "./index.native90.js";
+import b from "./index.native91.js";
+import { JWSInvalid as r } from "./index.native30.js";
+import { encoder as s, concat as u, decoder as h } from "./index.native78.js";
+import g from "./index.native92.js";
+import H from "./index.native93.js";
+import P from "./index.native94.js";
+class x {
+  #r;
+  #e;
+  #t;
+  constructor(e) {
+    if (!(e instanceof Uint8Array))
+      throw new TypeError("payload must be an instance of Uint8Array");
+    this.#r = e;
+  }
+  setProtectedHeader(e) {
+    if (this.#e)
+      throw new TypeError("setProtectedHeader can only be called once");
+    return this.#e = e, this;
+  }
+  setUnprotectedHeader(e) {
+    if (this.#t)
+      throw new TypeError("setUnprotectedHeader can only be called once");
+    return this.#t = e, this;
+  }
+  async sign(e, l) {
+    if (!this.#e && !this.#t)
+      throw new r("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
+    if (!b(this.#e, this.#t))
+      throw new r("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+    const c = {
+      ...this.#e,
+      ...this.#t
+    }, p = H(r, /* @__PURE__ */ new Map([["b64", !0]]), l?.crit, this.#e, c);
+    let o = !0;
+    if (p.has("b64") && (o = this.#e.b64, typeof o != "boolean"))
+      throw new r('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+    const { alg: t } = c;
+    if (typeof t != "string" || !t)
+      throw new r('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+    g(t, e, "sign");
+    let i = this.#r;
+    o && (i = s.encode(d(i)));
+    let n;
+    this.#e ? n = s.encode(d(JSON.stringify(this.#e))) : n = s.encode("");
+    const f = u(n, s.encode("."), i), m = await P(e, t), w = await y(t, m, f), a = {
+      signature: d(w),
+      payload: ""
+    };
+    return o && (a.payload = h.decode(i)), this.#t && (a.header = this.#t), this.#e && (a.protected = h.decode(n)), a;
+  }
 }
 export {
-  f as concat,
-  s as decoder,
-  d as encoder
+  x as FlattenedSign
 };

package/dist/native/index.native78.js

@@ -1,4 +1,13 @@
-const o = (e) => Math.floor(e.getTime() / 1e3);
+const d = new TextEncoder(), s = new TextDecoder();
+function f(...n) {
+  const c = n.reduce((e, { length: r }) => e + r, 0), t = new Uint8Array(c);
+  let o = 0;
+  for (const e of n)
+    t.set(e, o), o += e.length;
+  return t;
+}
 export {
-  o as default
+  f as concat,
+  s as decoder,
+  d as encoder
 };