@dexterai/connect 0.3.0 → 0.4.0

package/dist/{chunk-HFG2GUFX.js → chunk-2V6EGIHV.js}

@@ -276,7 +276,7 @@ function getActiveHandle() {
     return null;
   }
 }
-function setActiveHandle(handle, label) {
+function setActiveHandle(handle, label, credentialId) {
   if (!hasStorage() || !handle) return;
   try {
     window.localStorage.setItem(ACTIVE_HANDLE_KEY, handle);
@@ -289,12 +289,16 @@ function setActiveHandle(handle, label) {
   if (existing) {
     existing.lastUsedAt = now;
     if (label !== void 0) existing.label = label;
+    if (credentialId !== void 0) existing.credentialId = credentialId;
   } else {
-    roster.push({ handle, label, lastUsedAt: now });
+    roster.push({ handle, label, credentialId, lastUsedAt: now });
   }
   writeRoster(roster);
   emit();
 }
+function getCredentialId(handle) {
+  return readRoster().find((w) => w.handle === handle)?.credentialId;
+}
 function ejectActiveWallet(opts) {
   if (!hasStorage()) return;
   const current = getActiveHandle();
@@ -340,6 +344,66 @@ function onStorageEvent(e) {
 }
 var ACTIVE_WALLET_STORAGE_KEY = ACTIVE_HANDLE_KEY;
 
+// src/signals.ts
+function pkc() {
+  if (typeof window === "undefined") return null;
+  const g = globalThis.PublicKeyCredential;
+  return g ?? null;
+}
+function defaultRpId() {
+  return typeof window !== "undefined" ? window.location.hostname : "";
+}
+function passkeySignalSupport() {
+  const p = pkc();
+  return {
+    rename: typeof p?.signalCurrentUserDetails === "function",
+    prune: typeof p?.signalUnknownCredential === "function",
+    syncAccepted: typeof p?.signalAllAcceptedCredentials === "function"
+  };
+}
+async function renamePasskey(args) {
+  const p = pkc();
+  if (typeof p?.signalCurrentUserDetails !== "function") return false;
+  try {
+    await p.signalCurrentUserDetails({
+      rpId: args.rpId ?? defaultRpId(),
+      userId: args.userId,
+      name: args.name,
+      displayName: args.displayName ?? args.name
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function prunePasskey(args) {
+  const p = pkc();
+  if (typeof p?.signalUnknownCredential !== "function") return false;
+  try {
+    await p.signalUnknownCredential({
+      rpId: args.rpId ?? defaultRpId(),
+      credentialId: args.credentialId
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function syncAcceptedPasskeys(args) {
+  const p = pkc();
+  if (typeof p?.signalAllAcceptedCredentials !== "function") return false;
+  try {
+    await p.signalAllAcceptedCredentials({
+      rpId: args.rpId ?? defaultRpId(),
+      userId: args.userId,
+      allAcceptedCredentialIds: args.acceptedCredentialIds
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
 export {
   ConnectError,
   passkeyLogin,
@@ -347,10 +411,15 @@ export {
   createPasskeySigner,
   getActiveHandle,
   setActiveHandle,
+  getCredentialId,
   ejectActiveWallet,
   listWallets,
   switchWallet,
   forgetWallet,
   subscribe,
-  ACTIVE_WALLET_STORAGE_KEY
+  ACTIVE_WALLET_STORAGE_KEY,
+  passkeySignalSupport,
+  renamePasskey,
+  prunePasskey,
+  syncAcceptedPasskeys
 };

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-import { D as DexterConnectConfig, S as SignInResult, C as ConnectVault } from './walletStore-CWXhXuzK.js';
-export { A as ACTIVE_WALLET_STORAGE_KEY, a as ConnectError, P as PasskeyLoginTokens, b as StoredWallet, e as ejectActiveWallet, f as forgetWallet, g as getActiveHandle, l as listWallets, s as setActiveHandle, c as subscribeWallet, d as switchWallet } from './walletStore-CWXhXuzK.js';
+import { D as DexterConnectConfig, S as SignInResult, C as ConnectVault } from './signals-CkBFwCNw.js';
+export { A as ACTIVE_WALLET_STORAGE_KEY, a as ConnectError, P as PasskeyLoginTokens, b as PasskeySignalSupport, c as StoredWallet, e as ejectActiveWallet, f as forgetWallet, g as getActiveHandle, d as getCredentialId, l as listWallets, p as passkeySignalSupport, h as prunePasskey, r as renamePasskey, s as setActiveHandle, i as subscribeWallet, j as switchWallet, k as syncAcceptedPasskeys } from './signals-CkBFwCNw.js';
 import { DexterApiBrowserPasskeySigner } from '@dexterai/vault/signers/browser';
 
 /**

package/dist/index.js

@@ -6,12 +6,17 @@ import {
   ejectActiveWallet,
   forgetWallet,
   getActiveHandle,
+  getCredentialId,
   listWallets,
   passkeyLogin,
+  passkeySignalSupport,
+  prunePasskey,
+  renamePasskey,
   setActiveHandle,
   subscribe,
-  switchWallet
-} from "./chunk-HFG2GUFX.js";
+  switchWallet,
+  syncAcceptedPasskeys
+} from "./chunk-2V6EGIHV.js";
 export {
   ACTIVE_WALLET_STORAGE_KEY,
   ConnectError,
@@ -20,9 +25,14 @@ export {
   ejectActiveWallet,
   forgetWallet,
   getActiveHandle,
+  getCredentialId,
   listWallets,
   passkeyLogin,
+  passkeySignalSupport,
+  prunePasskey,
+  renamePasskey,
   setActiveHandle,
   subscribe as subscribeWallet,
-  switchWallet
+  switchWallet,
+  syncAcceptedPasskeys
 };

package/dist/react.d.ts

@@ -1,5 +1,5 @@
 import { DexterApiBrowserPasskeySigner } from '@dexterai/vault/signers/browser';
-import { S as SignInResult, P as PasskeyLoginTokens, C as ConnectVault, a as ConnectError, b as StoredWallet } from './walletStore-CWXhXuzK.js';
+import { S as SignInResult, P as PasskeyLoginTokens, C as ConnectVault, a as ConnectError, c as StoredWallet, b as PasskeySignalSupport } from './signals-CkBFwCNw.js';
 import { ReactElement } from 'react';
 
 type ConnectStatus = 'idle' | 'pending' | 'done' | 'error';
@@ -69,19 +69,28 @@ interface UseDexterWallet {
     activeHandle: string | null;
     /** Known wallets on this browser, most-recently-used first. */
     wallets: StoredWallet[];
+    /** What the WebAuthn Signal API supports in THIS browser (rename / prune). */
+    support: PasskeySignalSupport;
     /**
-     * Eject the active wallet — "switch / start fresh / sign out of this wallet".
-     * The browser is no longer bound to it; the next enroll/recover starts clean.
-     * Pass `{ forget: true }` to also drop it from the roster.
+     * Eject the active wallet — "switch / start fresh". Clears the local binding
+     * and, where supported, prunes the old passkey from the OS manager so it
+     * disappears from the user's list. `{ forget: true }` also drops it from the
+     * roster.
      */
     eject: (opts?: {
         forget?: boolean;
     }) => void;
     /** Switch the active wallet to a known handle. No-op if unknown. */
     switchTo: (handle: string) => boolean;
-    /** Record/activate a handle (after enroll or recover). Prefer this over
-     *  hand-writing localStorage so the roster + subscribers stay correct. */
-    setActive: (handle: string, label?: string) => void;
+    /** Record/activate a handle (after enroll or recover). Prefer over writing
+     *  localStorage by hand so the roster + subscribers stay correct. */
+    setActive: (handle: string, label?: string, credentialId?: string) => void;
+    /**
+     * Rename the ACTIVE passkey in the OS keychain (post-creation). Returns true
+     * if the browser supported it and the signal fired; false otherwise (the
+     * keychain entry is then just left as-is).
+     */
+    rename: (name: string, displayName?: string) => Promise<boolean>;
 }
 declare function useDexterWallet(): UseDexterWallet;
 

package/dist/react.js

@@ -3,12 +3,16 @@ import {
   createPasskeySigner,
   ejectActiveWallet,
   getActiveHandle,
+  getCredentialId,
   listWallets,
   passkeyLogin,
+  passkeySignalSupport,
+  prunePasskey,
+  renamePasskey,
   setActiveHandle,
   subscribe,
   switchWallet
-} from "./chunk-HFG2GUFX.js";
+} from "./chunk-2V6EGIHV.js";
 
 // src/useSignInWithDexter.ts
 import { useCallback, useEffect, useMemo, useState } from "react";
@@ -207,23 +211,44 @@ var DISCONNECT = {
 
 // src/useDexterWallet.ts
 import { useCallback as useCallback2, useEffect as useEffect2, useState as useState2 } from "react";
+var NO_SUPPORT = { rename: false, prune: false, syncAccepted: false };
 function useDexterWallet() {
   const [activeHandle, setHandle] = useState2(() => getActiveHandle());
   const [wallets, setWallets] = useState2(() => listWallets());
+  const [support, setSupport] = useState2(NO_SUPPORT);
   useEffect2(() => {
     const sync = () => {
       setHandle(getActiveHandle());
       setWallets(listWallets());
     };
+    setSupport(passkeySignalSupport());
     sync();
     return subscribe(sync);
   }, []);
+  const eject = useCallback2((opts) => {
+    const handle = getActiveHandle();
+    const credentialId = handle ? getCredentialId(handle) : void 0;
+    ejectActiveWallet(opts);
+    if (credentialId) void prunePasskey({ credentialId });
+  }, []);
+  const rename = useCallback2(async (name, displayName) => {
+    const handle = getActiveHandle();
+    if (!handle) return false;
+    const ok = await renamePasskey({ userId: handle, name, displayName });
+    if (ok) setActiveHandle(handle, name);
+    return ok;
+  }, []);
   return {
     activeHandle,
     wallets,
-    eject: useCallback2((opts) => ejectActiveWallet(opts), []),
+    support,
+    eject,
     switchTo: useCallback2((handle) => switchWallet(handle), []),
-    setActive: useCallback2((handle, label) => setActiveHandle(handle, label), [])
+    setActive: useCallback2(
+      (handle, label, credentialId) => setActiveHandle(handle, label, credentialId),
+      []
+    ),
+    rename
   };
 }
 export {

package/dist/{walletStore-CWXhXuzK.d.ts → signals-CkBFwCNw.d.ts}

@@ -48,6 +48,9 @@ interface StoredWallet {
     handle: string;
     /** Human label for switch UIs (e.g. an email, or "Dexter Wallet"). */
     label?: string;
+    /** base64url credential id — enables the WebAuthn Signal API to prune this
+     *  passkey from the OS manager on eject (see ./signals). */
+    credentialId?: string;
     /** Epoch ms of last activation — for ordering the switcher. */
     lastUsedAt?: number;
 }
@@ -58,7 +61,9 @@ declare function getActiveHandle(): string | null;
  * Set the active wallet handle (e.g. after enroll or recover), upserting it into
  * the roster with a fresh `lastUsedAt`. Idempotent. Fires subscribers.
  */
-declare function setActiveHandle(handle: string, label?: string): void;
+declare function setActiveHandle(handle: string, label?: string, credentialId?: string): void;
+/** Look up a known wallet's stored credentialId (for Signal-API prune on eject). */
+declare function getCredentialId(handle: string): string | undefined;
 /**
  * EJECT — clear the active wallet so the browser is no longer bound to it. This
  * is "switch / start fresh / sign out of this wallet". The wallet stays in the
@@ -89,4 +94,49 @@ declare function subscribe(listener: Listener): () => void;
  *  tests). Prefer the accessors above — do NOT read localStorage by hand. */
 declare const ACTIVE_WALLET_STORAGE_KEY = "dexter:passkey:userHandle";
 
-export { ACTIVE_WALLET_STORAGE_KEY as A, type ConnectVault as C, type DexterConnectConfig as D, type PasskeyLoginTokens as P, type SignInResult as S, ConnectError as a, type StoredWallet as b, subscribe as c, switchWallet as d, ejectActiveWallet as e, forgetWallet as f, getActiveHandle as g, listWallets as l, setActiveHandle as s };
+interface PasskeySignalSupport {
+    /** signalCurrentUserDetails — rename a passkey post-creation. */
+    rename: boolean;
+    /** signalUnknownCredential — remove one stale passkey from the manager. */
+    prune: boolean;
+    /** signalAllAcceptedCredentials — reconcile the full valid set. */
+    syncAccepted: boolean;
+}
+/**
+ * What the CURRENT browser supports, by direct feature-detection. Instant, no
+ * network, no UA sniffing — tells you exactly what will light up on THIS device
+ * (e.g. call once on Branch's iPhone to learn its Safari's status).
+ */
+declare function passkeySignalSupport(): PasskeySignalSupport;
+/**
+ * Rename a passkey in the OS keychain AFTER creation. `userId` is the base64url
+ * user handle; `rpId` defaults to the current host. Returns true if the signal
+ * fired, false if unsupported/failed (caller treats false as "left as-is").
+ */
+declare function renamePasskey(args: {
+    userId: string;
+    name: string;
+    displayName?: string;
+    rpId?: string;
+}): Promise<boolean>;
+/**
+ * Tell the OS manager a credential is gone so it removes that passkey from the
+ * user's list — the welded-old-wallet auto-cleanup. `credentialId` is base64url.
+ * Returns true if fired, false if unsupported/failed.
+ */
+declare function prunePasskey(args: {
+    credentialId: string;
+    rpId?: string;
+}): Promise<boolean>;
+/**
+ * Declare the FULL set of still-valid credential IDs for a user; the manager
+ * prunes anything not listed. Use after sign-in or eject to reconcile in one
+ * shot (pass `[]` to clear all of a user's passkeys). Returns true if fired.
+ */
+declare function syncAcceptedPasskeys(args: {
+    userId: string;
+    acceptedCredentialIds: string[];
+    rpId?: string;
+}): Promise<boolean>;
+
+export { ACTIVE_WALLET_STORAGE_KEY as A, type ConnectVault as C, type DexterConnectConfig as D, type PasskeyLoginTokens as P, type SignInResult as S, ConnectError as a, type PasskeySignalSupport as b, type StoredWallet as c, getCredentialId as d, ejectActiveWallet as e, forgetWallet as f, getActiveHandle as g, prunePasskey as h, subscribe as i, switchWallet as j, syncAcceptedPasskeys as k, listWallets as l, passkeySignalSupport as p, renamePasskey as r, setActiveHandle as s };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dexterai/connect",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "Sign in with Dexter — passkey connector. Composes @dexterai/vault.",
   "type": "module",
   "exports": {