@diviswap/sdk 1.9.1 → 2.0.0

package/dist/cli/index.js

@@ -886,34 +886,82 @@ Validating partner credentials with ${environment} API...`
       features,
       projectRoot: process.cwd()
     });
-    if (!options.skipEnv && keyId && secretKey) {
-      const envFile = framework.includes("nextjs") ? ".env.local" : ".env";
-      const envPath = path.join(process.cwd(), envFile);
-      let envContent = "";
-      if (fs.existsSync(envPath)) {
-        envContent = fs.readFileSync(envPath, "utf-8");
+    if (!options.skipEnv) {
+      const envExampleFile = ".env.example";
+      const envExamplePath = path.join(process.cwd(), envExampleFile);
+      const gitignorePath = path.join(process.cwd(), ".gitignore");
+      const envExampleContent = `# Diviswap SDK Configuration (Partner Authentication)
+# IMPORTANT: These are EXAMPLE values only. Replace with your actual credentials.
+# NEVER commit your actual .env or .env.local files to version control!
+
+# Partner Key ID (starts with pk_)
+DIVISWAP_PARTNER_KEY_ID=pk_your_key_id_here
+
+# Partner Secret Key (starts with sk_)
+# WARNING: Keep this secret! Never share or commit to git.
+# Store securely using environment variables or a secrets manager.
+DIVISWAP_PARTNER_SECRET_KEY=sk_your_secret_key_here
+
+# Environment: 'production' or 'sandbox'
+NEXT_PUBLIC_DIVISWAP_ENV=${environment}
+`;
+      if (!fs.existsSync(envExamplePath)) {
+        fs.appendFileSync(envExamplePath, envExampleContent);
+        console.log(
+          kleur__default.default.green(`\u2705 Created ${envExampleFile} template`)
+        );
       }
-      const envVars = [
-        `DIVISWAP_PARTNER_KEY_ID=${keyId}`,
-        `DIVISWAP_PARTNER_SECRET_KEY=${secretKey}`,
-        `NEXT_PUBLIC_DIVISWAP_ENV=${environment}`
-      ];
-      const newEnvVars = envVars.filter((envVar) => {
-        const key = envVar.split("=")[0];
-        return !envContent.includes(key);
-      });
-      if (newEnvVars.length > 0) {
-        const separator = envContent && !envContent.endsWith("\n") ? "\n" : "";
+      let gitignoreContent = "";
+      if (fs.existsSync(gitignorePath)) {
+        gitignoreContent = fs.readFileSync(gitignorePath, "utf-8");
+      }
+      const gitignoreEntries = [".env", ".env.local", ".env.*.local"];
+      const missingEntries = gitignoreEntries.filter(
+        (entry) => !gitignoreContent.includes(entry)
+      );
+      if (missingEntries.length > 0) {
+        const separator = gitignoreContent && !gitignoreContent.endsWith("\n") ? "\n" : "";
         fs.appendFileSync(
-          envPath,
-          separator + "# Diviswap SDK Configuration (Partner Authentication)\n" + newEnvVars.join("\n") + "\n"
+          gitignorePath,
+          separator + "# Environment variables (secrets)\n" + missingEntries.join("\n") + "\n"
         );
         console.log(
           kleur__default.default.green(
-            `\u2705 Updated ${envFile} with partner authentication credentials`
+            `\u2705 Updated .gitignore to protect environment files`
           )
         );
       }
+      console.log(
+        kleur__default.default.yellow(
+          "\n\u26A0\uFE0F  IMPORTANT SECURITY NOTICE:\n"
+        )
+      );
+      console.log(
+        "  Your partner credentials were validated but NOT written to files."
+      );
+      console.log(
+        "  For security, you must manually add them to your environment:\n"
+      );
+      console.log(
+        kleur__default.default.cyan(
+          `  1. Create a ${framework.includes("nextjs") ? ".env.local" : ".env"} file (already in .gitignore)`
+        )
+      );
+      console.log(
+        kleur__default.default.cyan(
+          `  2. Add your credentials (use .env.example as a template)`
+        )
+      );
+      console.log(
+        kleur__default.default.cyan(
+          "  3. NEVER commit this file to version control"
+        )
+      );
+      console.log(
+        kleur__default.default.cyan(
+          "  4. In production, use environment variables or a secrets manager\n"
+        )
+      );
     }
     if (framework.includes("nextjs")) {
       console.log("\nUpdating Next.js configuration...");
@@ -2185,7 +2233,7 @@ async function uninstall(options = {}) {
 }
 
 // package.json
-var version = "1.9.1";
+var version = "2.0.0";
 
 // src/cli/index.ts
 var program = new commander.Command();

package/dist/index.d.mts

@@ -1,4 +1,4 @@
-export { d as Address, x as ApiResponse, A as AuthCredentials, m as AuthMode, u as AuthResponse, h as CHAIN_IDS, g as ChainName, C as ComplianceStatus, e as CreateAddressRequest, v as CreatePayeeRequest, f as DeleteAddressRequest, D as Diviswap, a as DiviswapConfig, E as Environment, k as EthereumWallet, I as IndividualData, z as KybMetadata, b as KybStatus, F as KycDocumentRequest, y as KycMetadata, G as KycPersonalInfo, c as KycSessionResponse, K as KycStatus, r as LegacyDiviswapConfig, D as LiberEx, L as LiberExConfig, w as OfframpRequest, O as OnrampRequest, B as OrganizationInfo, o as PartnerDiviswapConfig, q as PartnerLiberExConfig, P as Payee, R as RegisterRequest, S as SetDefaultAddressRequest, T as Transaction, U as User, n as UserDiviswapConfig, p as UserLiberExConfig, W as WalletConnection, i as WalletTracker, l as WalletTrackingConfig, j as connectWallet, s as setupWalletTracking, t as trackCurrentWallet } from './wallet-yDJlJqCw.mjs';
+export { d as Address, x as ApiResponse, A as AuthCredentials, m as AuthMode, u as AuthResponse, h as CHAIN_IDS, g as ChainName, C as ComplianceStatus, e as CreateAddressRequest, v as CreatePayeeRequest, f as DeleteAddressRequest, D as Diviswap, a as DiviswapConfig, E as Environment, k as EthereumWallet, I as IndividualData, z as KybMetadata, b as KybStatus, F as KycDocumentRequest, y as KycMetadata, G as KycPersonalInfo, c as KycSessionResponse, K as KycStatus, r as LegacyDiviswapConfig, D as LiberEx, L as LiberExConfig, w as OfframpRequest, O as OnrampRequest, B as OrganizationInfo, o as PartnerDiviswapConfig, q as PartnerLiberExConfig, P as Payee, R as RegisterRequest, S as SetDefaultAddressRequest, T as Transaction, U as User, n as UserDiviswapConfig, p as UserLiberExConfig, W as WalletConnection, i as WalletTracker, l as WalletTrackingConfig, j as connectWallet, s as setupWalletTracking, t as trackCurrentWallet } from './wallet-DO1Nbsfk.mjs';
 
 /**
  * Custom error classes for Diviswap SDK
@@ -25,36 +25,18 @@ declare class ConfigurationError extends DiviswapError {
 declare const LiberExError: typeof DiviswapError;
 
 /**
- * Web3 utilities for handling transaction results
+ * Wallet transaction result types (supports various wallet libraries)
  */
-/**
- * Type representing the various formats that sendTransaction can return
- * - Direct hash string: '0x...'
- * - Object with hash property: {hash: '0x...'}
- * - Template literal type from viem: `0x${string}`
- */
-type SendTransactionResult = string | {
+type SendTransactionResult = {
     hash: string;
-} | `0x${string}`;
+} | {
+    transactionHash: string;
+} | string;
 /**
- * Safely extract transaction hash from various sendTransaction result formats
- *
- * Different Web3 libraries and wallet connectors return transaction hashes in different formats:
- * - wagmi's sendTransactionAsync: typically returns the hash directly as a string
- * - Some wallets: return an object with a hash property
- * - viem: uses template literal types `0x${string}`
- *
- * This utility handles all these cases and extracts the hash string reliably.
- *
- * @param result - The result from sendTransaction/sendTransactionAsync
- * @returns The transaction hash as a string
- *
- * @example
- * ```typescript
- * const result = await sendTransactionAsync({...});
- * const hash = extractTransactionHash(result);
- * // hash is now guaranteed to be a string like '0x...'
- * ```
+ * Extract transaction hash from various wallet return types
+ * Handles different wallet libraries (wagmi, ethers, web3.js, etc.)
+ * @param result Transaction result from wallet
+ * @returns Transaction hash
  */
 declare function extractTransactionHash(result: SendTransactionResult): string;
 

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export { d as Address, x as ApiResponse, A as AuthCredentials, m as AuthMode, u as AuthResponse, h as CHAIN_IDS, g as ChainName, C as ComplianceStatus, e as CreateAddressRequest, v as CreatePayeeRequest, f as DeleteAddressRequest, D as Diviswap, a as DiviswapConfig, E as Environment, k as EthereumWallet, I as IndividualData, z as KybMetadata, b as KybStatus, F as KycDocumentRequest, y as KycMetadata, G as KycPersonalInfo, c as KycSessionResponse, K as KycStatus, r as LegacyDiviswapConfig, D as LiberEx, L as LiberExConfig, w as OfframpRequest, O as OnrampRequest, B as OrganizationInfo, o as PartnerDiviswapConfig, q as PartnerLiberExConfig, P as Payee, R as RegisterRequest, S as SetDefaultAddressRequest, T as Transaction, U as User, n as UserDiviswapConfig, p as UserLiberExConfig, W as WalletConnection, i as WalletTracker, l as WalletTrackingConfig, j as connectWallet, s as setupWalletTracking, t as trackCurrentWallet } from './wallet-yDJlJqCw.js';
+export { d as Address, x as ApiResponse, A as AuthCredentials, m as AuthMode, u as AuthResponse, h as CHAIN_IDS, g as ChainName, C as ComplianceStatus, e as CreateAddressRequest, v as CreatePayeeRequest, f as DeleteAddressRequest, D as Diviswap, a as DiviswapConfig, E as Environment, k as EthereumWallet, I as IndividualData, z as KybMetadata, b as KybStatus, F as KycDocumentRequest, y as KycMetadata, G as KycPersonalInfo, c as KycSessionResponse, K as KycStatus, r as LegacyDiviswapConfig, D as LiberEx, L as LiberExConfig, w as OfframpRequest, O as OnrampRequest, B as OrganizationInfo, o as PartnerDiviswapConfig, q as PartnerLiberExConfig, P as Payee, R as RegisterRequest, S as SetDefaultAddressRequest, T as Transaction, U as User, n as UserDiviswapConfig, p as UserLiberExConfig, W as WalletConnection, i as WalletTracker, l as WalletTrackingConfig, j as connectWallet, s as setupWalletTracking, t as trackCurrentWallet } from './wallet-DO1Nbsfk.js';
 
 /**
  * Custom error classes for Diviswap SDK
@@ -25,36 +25,18 @@ declare class ConfigurationError extends DiviswapError {
 declare const LiberExError: typeof DiviswapError;
 
 /**
- * Web3 utilities for handling transaction results
+ * Wallet transaction result types (supports various wallet libraries)
  */
-/**
- * Type representing the various formats that sendTransaction can return
- * - Direct hash string: '0x...'
- * - Object with hash property: {hash: '0x...'}
- * - Template literal type from viem: `0x${string}`
- */
-type SendTransactionResult = string | {
+type SendTransactionResult = {
     hash: string;
-} | `0x${string}`;
+} | {
+    transactionHash: string;
+} | string;
 /**
- * Safely extract transaction hash from various sendTransaction result formats
- *
- * Different Web3 libraries and wallet connectors return transaction hashes in different formats:
- * - wagmi's sendTransactionAsync: typically returns the hash directly as a string
- * - Some wallets: return an object with a hash property
- * - viem: uses template literal types `0x${string}`
- *
- * This utility handles all these cases and extracts the hash string reliably.
- *
- * @param result - The result from sendTransaction/sendTransactionAsync
- * @returns The transaction hash as a string
- *
- * @example
- * ```typescript
- * const result = await sendTransactionAsync({...});
- * const hash = extractTransactionHash(result);
- * // hash is now guaranteed to be a string like '0x...'
- * ```
+ * Extract transaction hash from various wallet return types
+ * Handles different wallet libraries (wagmi, ethers, web3.js, etc.)
+ * @param result Transaction result from wallet
+ * @returns Transaction hash
  */
 declare function extractTransactionHash(result: SendTransactionResult): string;
 

package/dist/index.js

@@ -1,5 +1,6 @@
 'use strict';
 
+var sha3 = require('@noble/hashes/sha3');
 var crypto = require('crypto');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
@@ -70,31 +71,43 @@ var AuthModule = class {
    * ```
    */
   async register(data) {
+    if (!data.email || !data.password) {
+      throw new ValidationError("Email and password are required");
+    }
+    if (!data.firstName || !data.lastName) {
+      throw new ValidationError("First name and last name are required for KYC compliance");
+    }
+    if (!data.individual) {
+      throw new ValidationError(
+        "Complete individual KYC information is required for registration. Please provide residential address, date of birth, and government ID information."
+      );
+    }
+    const individual = data.individual;
+    const requiredIndividualFields = [
+      "residential_country_code",
+      "residential_address_line_one",
+      "residential_city",
+      "residential_state",
+      "residential_postal_code",
+      "id_country_code",
+      "dob",
+      "id_number"
+    ];
+    for (const field of requiredIndividualFields) {
+      const value = individual[field];
+      if (value === void 0 || value === null || value === "") {
+        throw new ValidationError(
+          `Missing required KYC field: ${field}. All identity information must be provided for compliance.`
+        );
+      }
+    }
     const requestData = {
       email: data.email,
       password: data.password,
-      first_name: data.firstName || "Test",
-      last_name: data.lastName || "User",
-      // Individual object is REQUIRED by the backend
-      individual: {
-        // Use 'USA' (3-letter code) as seen in working lbx-landing implementation
-        residential_country_code: "USA",
-        residential_address_line_one: "123 Main Street",
-        residential_address_line_two: "",
-        residential_city: "Anytown",
-        residential_state: "CA",
-        residential_postal_code: "12345",
-        id_type: "ssn",
-        // Add id_type field as seen in lbx-landing
-        id_country_code: "USA",
-        dob: "1990-01-01",
-        id_number: "123456789"
-        // Remove dashes from SSN like lbx-landing does
-      }
+      first_name: data.firstName,
+      last_name: data.lastName,
+      individual: data.individual
     };
-    if (data.individual) {
-      requestData.individual = data.individual;
-    }
     if (data.phone) requestData.phone = data.phone;
     if (data.referralCode) requestData.referral_code = data.referralCode;
     const response = await this.client.post(
@@ -525,19 +538,116 @@ var STABLECOIN_ADDRESSES = {
     // Wrapped SOL
   }
 };
+function isValidEthereumAddress(address) {
+  if (!/^0x[0-9a-fA-F]{40}$/.test(address)) {
+    return false;
+  }
+  if (address === address.toLowerCase() || address === address.toUpperCase()) {
+    return true;
+  }
+  return address === toChecksumAddress(address);
+}
+function toChecksumAddress(address) {
+  if (!address.startsWith("0x")) {
+    throw new Error("Invalid Ethereum address: must start with 0x");
+  }
+  const lowerAddress = address.toLowerCase().replace("0x", "");
+  const hash = keccak256(lowerAddress);
+  let checksumAddress = "0x";
+  for (let i = 0; i < lowerAddress.length; i++) {
+    const hashByte = parseInt(hash[i], 16);
+    checksumAddress += hashByte >= 8 ? lowerAddress[i].toUpperCase() : lowerAddress[i];
+  }
+  return checksumAddress;
+}
+function keccak256(input) {
+  const bytes = new TextEncoder().encode(input);
+  const hash = sha3.keccak_256(bytes);
+  return Array.from(hash).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function isValidSolanaAddress(address) {
+  const base58Regex = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
+  if (!base58Regex.test(address)) {
+    return false;
+  }
+  if (/[0OIl]/.test(address)) {
+    return false;
+  }
+  return true;
+}
+function isValidBitcoinAddress(address) {
+  const legacyRegex = /^1[1-9A-HJ-NP-Za-km-z]{25,34}$/;
+  const segwitRegex = /^3[1-9A-HJ-NP-Za-km-z]{25,34}$/;
+  const bech32Regex = /^bc1[a-z0-9]{39,87}$/i;
+  return legacyRegex.test(address) || segwitRegex.test(address) || bech32Regex.test(address);
+}
+function isValidTronAddress(address) {
+  if (!address.startsWith("T") || address.length !== 34) {
+    return false;
+  }
+  const base58Regex = /^T[1-9A-HJ-NP-Za-km-z]{33}$/;
+  return base58Regex.test(address);
+}
+function isValidCryptoAddress(address, chain) {
+  const chainLower = chain.toLowerCase();
+  switch (chainLower) {
+    case "ethereum":
+    case "eth":
+    case "polygon":
+    case "matic":
+    case "arbitrum":
+    case "optimism":
+    case "base":
+    case "avalanche":
+    case "bsc":
+    case "binance":
+      return isValidEthereumAddress(address);
+    case "solana":
+    case "sol":
+      return isValidSolanaAddress(address);
+    case "bitcoin":
+    case "btc":
+      return isValidBitcoinAddress(address);
+    case "tron":
+    case "trx":
+      return isValidTronAddress(address);
+    default:
+      throw new Error(`Unsupported chain: ${chain}`);
+  }
+}
+function extractTransactionHash(result) {
+  if (typeof result === "string") {
+    return result;
+  }
+  if ("hash" in result && result.hash) {
+    return result.hash;
+  }
+  if ("transactionHash" in result && result.transactionHash) {
+    return result.transactionHash;
+  }
+  throw new Error(
+    'Unable to extract transaction hash from result. Expected string or object with "hash" or "transactionHash" property.'
+  );
+}
 
 // src/modules/transactions.ts
-var TransactionsModule = class {
+var _TransactionsModule = class _TransactionsModule {
   constructor(client, environment = "sandbox") {
     this.client = client;
     this.depositAddresses = getDepositAddresses(environment);
   }
   /**
-   * Map chain name to chain ID
+   * Map chain name to chain ID with validation
    * @private
    */
   getChainId(chain) {
-    const chainId = CHAIN_NAME_TO_ID[chain.toLowerCase()];
+    const chainLower = chain.toLowerCase();
+    if (!_TransactionsModule.SUPPORTED_CHAINS.includes(chainLower)) {
+      throw new ValidationError(
+        `Unsupported chain: ${chain}. Supported chains: ${_TransactionsModule.SUPPORTED_CHAINS.filter((c, i, arr) => arr.indexOf(c) === i).join(", ")}`
+      );
+    }
+    const chainId = CHAIN_NAME_TO_ID[chainLower];
     return chainId ? chainId.toString() : chain;
   }
   /**
@@ -626,17 +736,30 @@ var TransactionsModule = class {
    */
   async offramp(data) {
     if (!data.txHash || data.txHash.trim() === "") {
-      throw new Error("txHash is required for offramp transactions.");
+      throw new ValidationError("txHash is required for offramp transactions.");
+    }
+    const chain = data.chain || "ethereum";
+    const chainId = this.getChainId(chain);
+    if (!isValidCryptoAddress(data.fromAddress, chain)) {
+      throw new ValidationError(
+        `Invalid ${chain} address: ${data.fromAddress}. Please check the address format.`
+      );
+    }
+    const toAddress = data.toAddress || this.getDepositAddress(chain);
+    if (!isValidCryptoAddress(toAddress, chain)) {
+      throw new ValidationError(
+        `Invalid ${chain} deposit address: ${toAddress}. Please contact support.`
+      );
     }
     const payload = {
       payee_id: data.payeeId,
       tx_hash: data.txHash,
       // Required: must send crypto first
       from_address: data.fromAddress,
-      to_address: data.toAddress || this.getDepositAddress(data.chain || "ethereum"),
+      to_address: toAddress,
       amount: data.amount,
       currency: data.currency,
-      chain_id: this.getChainId(data.chain || "ethereum")
+      chain_id: chainId
     };
     if (data.memo) {
       payload.memo = data.memo;
@@ -824,6 +947,26 @@ var TransactionsModule = class {
     return STABLECOIN_ADDRESSES[chainName] || {};
   }
 };
+// Supported chains for validation
+_TransactionsModule.SUPPORTED_CHAINS = [
+  "ethereum",
+  "eth",
+  "polygon",
+  "matic",
+  "arbitrum",
+  "optimism",
+  "base",
+  "avalanche",
+  "bsc",
+  "binance",
+  "solana",
+  "sol",
+  "bitcoin",
+  "btc",
+  "tron",
+  "trx"
+];
+var TransactionsModule = _TransactionsModule;
 
 // src/modules/kyc.ts
 var KycModule = class {
@@ -1539,8 +1682,8 @@ var MemoryTokenStorage = class {
   }
 };
 var LocalStorageTokenStorage = class {
-  constructor() {
-    this.key = "liberex_tokens";
+  constructor(userId) {
+    this.key = userId ? `liberex_tokens_${userId}` : "liberex_tokens";
   }
   get() {
     if (typeof globalThis.window === "undefined") return null;
@@ -1562,9 +1705,14 @@ var LocalStorageTokenStorage = class {
   }
 };
 var TokenManager = class {
-  constructor(useLocalStorage = false) {
+  /**
+   * Create a new TokenManager
+   * @param useLocalStorage Whether to use localStorage (default: memory storage for security)
+   * @param userId Optional user ID for multi-user session isolation
+   */
+  constructor(useLocalStorage = false, userId) {
     this.refreshPromise = null;
-    this.storage = useLocalStorage && typeof globalThis.window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage();
+    this.storage = useLocalStorage && typeof globalThis.window !== "undefined" ? new LocalStorageTokenStorage(userId) : new MemoryTokenStorage();
   }
   /**
    * Parse JWT token to extract expiration
@@ -1665,6 +1813,18 @@ var PartnerAuth = class {
   constructor(credentials) {
     this.credentials = credentials;
   }
+  /**
+   * Override toJSON to prevent accidental serialization of secret key
+   */
+  toJSON() {
+    return {
+      keyId: this.credentials.keyId,
+      customerId: this.credentials.customerId,
+      customerEmail: this.credentials.customerEmail,
+      secretKey: "***REDACTED***"
+      // Never expose secret key
+    };
+  }
   /**
    * Generate HMAC authentication headers for a request
    */
@@ -1756,17 +1916,54 @@ var PartnerAuth = class {
 // src/api/unified-client.ts
 var UnifiedApiClient = class _UnifiedApiClient {
   constructor(config, useLocalStorage = true) {
-    this.config = config;
+    Object.defineProperty(this, "_secureApiKey", {
+      value: config.apiKey,
+      writable: false,
+      enumerable: false,
+      configurable: false
+    });
+    Object.defineProperty(this, "_secureSecretKey", {
+      value: config.secretKey,
+      writable: false,
+      enumerable: false,
+      configurable: false
+    });
+    const { apiKey, secretKey, ...safeConfig } = config;
+    this.config = safeConfig;
     this.tokenManager = new TokenManager(useLocalStorage);
-    if (config.mode === "partner" && config.keyId && config.secretKey) {
+    const secureSecretKey = this._secureSecretKey;
+    if (config.mode === "partner" && config.keyId && secureSecretKey) {
       this.partnerAuth = new PartnerAuth({
         keyId: config.keyId,
-        secretKey: config.secretKey,
+        secretKey: secureSecretKey,
         customerId: config.customerId,
         customerEmail: config.customerEmail
       });
     }
   }
+  /**
+   * Override toJSON to prevent accidental serialization of sensitive data
+   */
+  toJSON() {
+    return {
+      mode: this.config.mode,
+      baseUrl: this.config.baseUrl,
+      timeout: this.config.timeout,
+      debug: this.config.debug,
+      // Never expose credentials
+      apiKey: this.config.apiKey ? "***REDACTED***" : void 0,
+      secretKey: this.config.secretKey ? "***REDACTED***" : void 0,
+      keyId: this.config.keyId,
+      clientId: this.config.clientId
+    };
+  }
+  /**
+   * Get the actual API key (for internal use only)
+   * @internal
+   */
+  getApiKey() {
+    return this._secureApiKey;
+  }
   /**
    * Create client from legacy user config (backward compatibility)
    */
@@ -1914,7 +2111,15 @@ var UnifiedApiClient = class _UnifiedApiClient {
         this.config.timeout
       );
       if (this.config.debug) {
-        console.log(`[Diviswap SDK] ${method} ${url}`);
+        const safeHeaders = { ...requestHeaders };
+        if (safeHeaders["X-API-Key"]) safeHeaders["X-API-Key"] = "***REDACTED***";
+        if (safeHeaders["Authorization"]?.startsWith("Bearer ")) {
+          safeHeaders["Authorization"] = "Bearer ***REDACTED***";
+        }
+        if (safeHeaders["Authorization"]?.startsWith("HMAC ")) {
+          safeHeaders["Authorization"] = "HMAC ***REDACTED***";
+        }
+        console.log(`[Diviswap SDK] ${method} ${url}`, { headers: safeHeaders });
       }
       const response = await fetch(url, {
         method,
@@ -1982,12 +2187,13 @@ var UnifiedApiClient = class _UnifiedApiClient {
    * Add user authentication headers (legacy)
    */
   async addUserAuth(useApiKey, headers) {
-    if (!this.config.apiKey || !this.config.clientId) {
+    const apiKey = this.getApiKey();
+    if (!apiKey || !this.config.clientId) {
       throw new AuthenticationError("User authentication not configured");
     }
     headers["X-CLIENT-ID"] = this.config.clientId;
     headers["X-TIMESTAMP"] = Math.floor(Date.now() / 1e3).toString();
-    headers["X-API-Key"] = this.config.apiKey;
+    headers["X-API-Key"] = apiKey;
     if (!useApiKey) {
       const accessToken = await this.tokenManager.getValidAccessToken(
         this.refreshCallback
@@ -2423,17 +2629,6 @@ function setupWalletTracking(diviswap, wallet, config) {
   return tracker;
 }
 
-// src/utils/web3.ts
-function extractTransactionHash(result) {
-  if (typeof result === "string") {
-    return result;
-  }
-  if (typeof result === "object" && result !== null && "hash" in result) {
-    return result.hash;
-  }
-  return result;
-}
-
 exports.AuthenticationError = AuthenticationError;
 exports.CHAIN_IDS = CHAIN_IDS;
 exports.CHAIN_ID_TO_NAME = CHAIN_ID_TO_NAME;