@dynamic-labs-sdk/client 0.1.0-alpha.9 → 0.1.1

package/index.esm.js

@@ -1,18 +1,20 @@
 import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';
-import { g as getCore, l as logout, e as emitEvent, d as dependencies, c as createStorageKeySchema, B as BaseError, a as getDefaultClient, f as fetchProjectSettings, b as generateSessionKeys, i as isCookieEnabled, v as version, s as setDefaultClient, h as createApiClient, _ as _extends, j as assertDefined, r as randomString, k as getWalletProviderFromWalletAccount, m as getWalletAccounts, n as createWalletAccountId, C as CHAINS_INFO_MAP, o as normalizeAddress, p as name } from './logout.esm.js';
-export { I as InvalidExternalAuthError, M as MfaInvalidOtpError, q as MfaRateLimitedError, S as SandboxMaximumThresholdReachedError, t as isSignedIn, u as offEvent, x as onEvent, w as onceEvent } from './logout.esm.js';
-import { ProviderEnum, MfaBackupCodeAcknowledgement, AuthModeEnum } from '@dynamic-labs/sdk-api-core';
+import { B as BaseError, g as getDefaultClient, a as getCore, c as createApiClient, C as CLIENT_SDK_NAME, b as getBuffer, i as isCookieEnabled, S as SDK_API_CORE_VERSION, d as assertDefined, v as version, s as setDefaultClient, _ as _extends, r as randomString, V as ValueMustBeDefinedError, e as CHAINS_INFO_MAP, n as name } from './constants.esm.js';
+export { I as InvalidExternalAuthError, M as MfaInvalidOtpError, f as MfaRateLimitedError, h as SandboxMaximumThresholdReachedError } from './constants.esm.js';
+import { JwtVerifiedCredentialFormatEnum, ProviderEnum, MfaBackupCodeAcknowledgement, AuthModeEnum } from '@dynamic-labs/sdk-api-core';
 export { MFAAction } from '@dynamic-labs/sdk-api-core';
-import { s as subscribeWithSelector, i as isEqualShallow, C as CannotTrackError, c as createLogger, a as createStorage, b as createLocalStorageAdapter, d as consumeCaptchaToken, f as formatSignInMessage, g as getNetworksData, e as getNetworkProviderFromNetworkId } from './getNetworkProviderFromNetworkId.esm.js';
-export { N as NoNetworkProvidersError, k as hasExtension, h as isCaptchaRequired, j as setCaptchaToken } from './getNetworkProviderFromNetworkId.esm.js';
+import { c as createStorageKeySchema, s as subscribeWithSelector, i as isEqualShallow, I as INITIALIZE_STORAGE_SYNC_TRACKER_KEY, F as FETCH_PROJECT_SETTINGS_TRACKER_KEY, G as GENERATE_SESSION_KEYS_TRACKER_KEY, R as REFRESH_USER_STATE_FROM_COOKIE_TRACKER_KEY, C as CannotTrackError, a as createLogger, b as createStorage, d as createLocalStorageAdapter, e as consumeCaptchaToken, f as setUnverifiedWalletAccounts, g as createVisit, h as createSignInMessageStatement, j as formatSignInMessage, v as verifySignInMessage, u as updateWalletProviderKeysForVerifiedCredentials, k as getNetworksData, l as getNetworkProviderFromNetworkId } from './getNetworkProviderFromNetworkId.esm.js';
+export { N as NoNetworkProvidersError, W as WalletAlreadyLinkedToAnotherUserError, o as hasExtension, m as isCaptchaRequired, n as setCaptchaToken } from './getNetworkProviderFromNetworkId.esm.js';
+import { g as getWalletAccounts, a as getWalletProviderFromWalletAccount, s as setCookie, e as emitEvent, D as DYNAMIC_AUTH_COOKIE_NAME, c as checkAndRaiseWalletAccountsChangedEvent, u as updateAuthFromVerifyResponse, b as getWalletProviderByKey, f as formatWalletAccountId, d as emitWalletAccountsChangedEvent, n as normalizeAddress, h as getWalletProviders, i as getVerifiedCredentialForWalletAccount, N as NoWalletProviderFoundError } from './getVerifiedCredentialForWalletAccount.esm.js';
+export { o as offEvent, k as onEvent, j as onceEvent } from './getVerifiedCredentialForWalletAccount.esm.js';
 import * as z from 'zod/mini';
+import { b as bufferToHex } from './isMfaRequiredForAction.esm.js';
+export { c as consumeMfaToken, g as getMfaMethods, i as isMfaRequiredForAction } from './isMfaRequiredForAction.esm.js';
 import { r as refreshUser } from './NotWaasWalletAccountError.esm.js';
 export { N as NotWaasWalletAccountError } from './NotWaasWalletAccountError.esm.js';
 import EventEmitter$1, { EventEmitter } from 'eventemitter3';
 import { startRegistration, browserSupportsWebAuthn, startAuthentication } from '@simplewebauthn/browser';
-export { I as InvalidParamError } from './InvalidParamError.esm.js';
-import { u as updateAuthFromVerifyResponse, g as getWalletProviderByKey, e as emitWalletAccountsChangedEvent, a as getWalletProviders } from './getWalletProviderByKey.esm.js';
-export { c as consumeMfaToken, g as getMfaMethods, i as isMfaRequiredForAction } from './isMfaRequiredForAction.esm.js';
+import { I as InvalidParamError } from './InvalidParamError.esm.js';
 import 'buffer';
 
 /**
@@ -29,6 +31,163 @@ import 'buffer';
     user: 'userChanged'
 };
 
+/**
+ * This error is thrown when the `retryOnFail` function is called with an invalid
+ * number of retries (i.e. less than 0).
+ */ class InvalidRetryOnFailCallError extends BaseError {
+    constructor(maxRetries){
+        super({
+            cause: null,
+            code: 'invalid_retry_on_fail_call_error',
+            docsUrl: null,
+            name: 'InvalidRetryOnFailCallError',
+            shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`
+        });
+    }
+}
+
+const retryOnFail = async ({ delay = 0, fn, maxRetries })=>{
+    for(let retry = 0; retry <= maxRetries; retry++){
+        try {
+            return await fn();
+        } catch (error) {
+            if (retry >= maxRetries) {
+                throw error;
+            }
+            if (delay > 0) {
+                await new Promise((resolve)=>setTimeout(resolve, delay));
+            }
+        }
+    }
+    /**
+   * Reaching this point should never happen and this
+   * error is thrown to help us debug the issue.
+   */ throw new InvalidRetryOnFailCallError(maxRetries);
+};
+
+/**
+ * Checks if the user is currently signed in to the Dynamic client.
+ *
+ * The client is considered to be in a signed in state if a user has
+ * authenticated or if the client has at least one wallet connected.
+ *
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns True if the user is signed in, false otherwise.
+ */ const isSignedIn = (client = getDefaultClient())=>Boolean(client.user || getWalletAccounts(client).length > 0);
+
+/**
+ * The schema to track the expiration time of the project settings.
+ */ const projectSettingsExpirationStorageKeySchema = createStorageKeySchema({
+    key: 'projectSettingsExpiration',
+    schema: z.number()
+});
+
+/**
+ * Expiration time of the project settings in milliseconds.
+ */ const PROJECT_SETTINGS_EXPIRATION_TIME = 1000 * 60 * 5; // 5 minutes
+/**
+ * Fetches and updates the project settings from the API.
+ *
+ * This function retrieves the latest project configuration settings
+ * from Dynamic's servers, including authentication options, enabled chains,
+ * and security configurations. The settings are cached for performance.
+ *
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves to the updated project settings.
+ */ const fetchProjectSettings = async (client = getDefaultClient())=>{
+    const core = getCore(client);
+    const currentExpiration = await core.storage.getItem(projectSettingsExpirationStorageKeySchema);
+    const hasProjectSettings = Boolean(client.projectSettings);
+    const isExpired = currentExpiration && currentExpiration < Date.now();
+    // We want to cache the project settings if its valid and user is connected.
+    // This avoids unnecessary API calls and speeds up the initial load.
+    if (hasProjectSettings && !isExpired && isSignedIn(client)) {
+        return client.projectSettings;
+    }
+    const apiClient = createApiClient({}, client);
+    core.logger.debug('[fetchProjectSettings] Fetching project settings...');
+    const doFetch = async ()=>apiClient.getEnvironmentSettings({
+            environmentId: core.environmentId,
+            sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`
+        }, {
+            credentials: 'omit'
+        });
+    const projectSettings = await retryOnFail({
+        fn: doFetch,
+        maxRetries: 2
+    });
+    core.state.set({
+        projectSettings: projectSettings != null ? projectSettings : null
+    });
+    await core.storage.setItem(projectSettingsExpirationStorageKeySchema, Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME);
+    return projectSettings;
+};
+
+/**
+ * Takes a base64url-encoded string (e.g. "nMueRPiAm51YXEjRtka8S_8Ura3HaqbmqDqMJCZmvkM")
+ * and return the corresponding bytes, as an array buffer.
+ */ const base64UrlDecode = (s)=>{
+    // Go from base64url encoding to base64 encoding
+    s = (s == null ? void 0 : s.replace(/-/g, '+').replace(/_/g, '/')) || '';
+    // use `atob` to decode base64
+    return Uint8Array.from(atob(s), (c)=>c.charCodeAt(0));
+};
+
+/**
+ * Accepts a public key array buffer, and returns a buffer with the compressed version of the public key
+ */ const compressRawPublicKey = (rawPublicKey)=>{
+    const rawPublicKeyBytes = new Uint8Array(rawPublicKey);
+    const len = rawPublicKeyBytes.byteLength;
+    // Drop the y coordinate
+    const compressedBytes = rawPublicKeyBytes.slice(0, 1 + len >>> 1);
+    // Encode the parity of `y` in first bit
+    compressedBytes[0] = 0x2 | rawPublicKeyBytes[len - 1] & 0x01;
+    return compressedBytes.buffer;
+};
+
+const p256Keygen = async ()=>{
+    // Create a new P-256 keypair
+    const p256Keypair = await crypto.subtle.generateKey({
+        name: 'ECDSA',
+        namedCurve: 'P-256'
+    }, true, [
+        'sign',
+        'verify'
+    ]);
+    // Export the raw public key. By default this will export in uncompressed format
+    const rawPublicKey = await crypto.subtle.exportKey('raw', p256Keypair.publicKey);
+    // We need to export with JWK format because exporting EC private keys with "raw" isn't supported
+    const privateKeyJwk = await crypto.subtle.exportKey('jwk', p256Keypair.privateKey);
+    const compressedPublicKeyBuffer = compressRawPublicKey(rawPublicKey);
+    const privateKeyBuffer = base64UrlDecode(privateKeyJwk.d);
+    return {
+        private: bufferToHex(privateKeyBuffer),
+        privateJwk: privateKeyJwk,
+        public: bufferToHex(compressedPublicKeyBuffer)
+    };
+};
+
+const generateSessionKeys = async (client)=>{
+    const { private: privateKey, public: publicKey, privateJwk: privateKeyJwk } = await p256Keygen();
+    const core = getCore(client);
+    // stringify and encode the session keys to store in storage
+    const stringifiedSessionKeys = JSON.stringify({
+        privateKey,
+        privateKeyJwk,
+        publicKey,
+        registered: false
+    });
+    const encodedSessionKeys = getBuffer().from(stringifiedSessionKeys).toString('base64');
+    core.state.set({
+        sessionKeys: encodedSessionKeys
+    });
+    return {
+        privateKey,
+        privateKeyJwk,
+        publicKey
+    };
+};
+
 /**
  * Creates a new runtime services instance that manages service registration and retrieval.
  *
@@ -42,6 +201,92 @@ import 'buffer';
     };
 };
 
+const getAvailableWalletProvidersFromWalletAccounts = (client)=>{
+    const core = getCore(client);
+    const walletProvidersMap = new Map();
+    const walletAccounts = getWalletAccounts(client);
+    walletAccounts.forEach((walletAccount)=>{
+        if (walletProvidersMap.has(walletAccount.walletProviderKey)) {
+            return;
+        }
+        try {
+            const walletProvider = getWalletProviderFromWalletAccount({
+                walletAccount
+            }, client);
+            walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);
+        } catch (error) {
+            core.logger.debug('Wallet provider not found for wallet account', {
+                error,
+                walletAccount: walletAccount.address
+            });
+        }
+    });
+    return Array.from(walletProvidersMap.values());
+};
+
+/**
+ * Disconnect and terminate each wallet provider, if available.
+ */ const disconnectAndTerminateWalletProviders = async (client)=>{
+    const core = getCore(client);
+    const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);
+    await Promise.all(walletProviders.map(async (walletProvider)=>{
+        if (walletProvider.terminate) {
+            await walletProvider.terminate();
+        }
+        if (walletProvider.disconnect) {
+            try {
+                await walletProvider.disconnect();
+            } catch (err) {
+                core.logger.error(`Error disconnecting from wallet ${walletProvider.key}`, err);
+            }
+        }
+    }));
+};
+
+/**
+ * Logs out the current user and clears all authentication data.
+ *
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves when the logout process is complete.
+ */ const logout = async (client = getDefaultClient())=>{
+    const core = getCore(client);
+    core.logger.debug('[logout] Logging out...');
+    await disconnectAndTerminateWalletProviders(client);
+    if (client.user !== null) {
+        const apiClient = createApiClient({}, client);
+        try {
+            await apiClient.revokeSession({
+                environmentId: core.environmentId
+            });
+        } catch (error) {
+            core.logger.error('Failed to revoke session', error);
+        }
+        /**
+     * This deletes the auth cookie if it exists.
+     * If the cookie doesn't exist, this sets a new cookie that expires immediately.
+     */ if (isCookieEnabled(client)) {
+            setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`);
+        }
+    }
+    core.state.set({
+        captchaToken: null,
+        legacyToken: null,
+        mfaToken: null,
+        sessionExpiresAt: null,
+        sessionKeys: null,
+        token: null,
+        unverifiedWalletAccounts: [],
+        user: null
+    });
+    emitEvent({
+        event: 'logout'
+    }, client);
+    // Refetch project settings
+    void fetchProjectSettings(client);
+    // Regenerate session keys
+    void generateSessionKeys(client);
+};
+
 /**
  * A replacement for setTimeout that supports delays longer than 2147483647ms (~24.8 days).
  */ const setLongTimeout = (callback, delay)=>{
@@ -109,17 +354,32 @@ const raiseStateEvents = (client)=>{
     });
 };
 
-const SDK_API_CORE_VERSION = dependencies['@dynamic-labs/sdk-api-core'];
+const unverifiedWalletAccountSchema = z.object({
+    address: z.string(),
+    addressesWithTypes: z.optional(z.array(z.object({
+        address: z.string(),
+        publicKey: z.optional(z.string()),
+        type: z.custom((val)=>typeof val === 'string')
+    }))),
+    chain: z.custom((val)=>typeof val === 'string'),
+    id: z.string(),
+    lastSelectedAt: z.nullable(z.date()),
+    walletProviderKey: z.string()
+});
+
+const walletProviderKeyMapSchema = z.record(z.string(), z.string());
 
 const stateStorageKeySchema = createStorageKeySchema({
     key: 'state',
     schema: z.object({
         apiVersion: z.string(),
         projectSettings: z.custom(),
-        user: z.custom()
+        unverifiedWalletAccounts: z.array(unverifiedWalletAccountSchema),
+        user: z.custom(),
+        walletProviderKeyMap: walletProviderKeyMapSchema
     })
 });
-const sessionKeySchema = createStorageKeySchema({
+const sessionStorageKeySchema = createStorageKeySchema({
     key: 'session',
     schema: z.object({
         /**
@@ -147,9 +407,10 @@ const sessionKeySchema = createStorageKeySchema({
 
 const hydrateStateWithStorage = async (client)=>{
     const core = getCore(client);
+    const previousState = core.state.get();
     const stateChanges = {};
     // ================ TOKEN =================
-    const session = await core.storage.getItem(sessionKeySchema);
+    const session = await core.storage.getItem(sessionStorageKeySchema);
     const isSessionValid = (session == null ? void 0 : session.sessionExpiration) && session.sessionExpiration > Date.now();
     if (isSessionValid) {
         stateChanges.token = session.token;
@@ -163,24 +424,34 @@ const hydrateStateWithStorage = async (client)=>{
     const storedState = await core.storage.getItem(stateStorageKeySchema);
     // Only hydrate state if it came from an API with the same version as the current SDK
     if ((storedState == null ? void 0 : storedState.apiVersion) === SDK_API_CORE_VERSION) {
+        stateChanges.unverifiedWalletAccounts = storedState.unverifiedWalletAccounts;
+        stateChanges.walletProviderKeyMap = storedState.walletProviderKeyMap;
         // Variables that should only be hydrated if the session is valid
         if (isSessionValid) {
             stateChanges.user = storedState.user;
+        }
+        var _storedState_unverifiedWalletAccounts;
+        // if there's a session/user or connected unverified wallets, we should hydrate project settings
+        // so we don't refetch it on initial load
+        if (isSessionValid || ((_storedState_unverifiedWalletAccounts = storedState.unverifiedWalletAccounts) != null ? _storedState_unverifiedWalletAccounts : []).length > 0) {
             stateChanges.projectSettings = storedState.projectSettings;
         }
     }
     if (Object.keys(stateChanges).length > 0) {
         core.state.set(stateChanges);
     }
+    checkAndRaiseWalletAccountsChangedEvent({
+        previousState
+    }, client);
 };
 
 const syncStateWithStorage = (client)=>{
     const core = getCore(client);
     core.state.subscribe((state)=>{
         if (state.sessionExpiresAt === null) {
-            void core.storage.removeItem(sessionKeySchema);
+            void core.storage.removeItem(sessionStorageKeySchema);
         } else {
-            void core.storage.setItem(sessionKeySchema, {
+            void core.storage.setItem(sessionStorageKeySchema, {
                 captchaToken: state.captchaToken,
                 legacyToken: state.legacyToken,
                 mfaToken: state.mfaToken,
@@ -192,7 +463,9 @@ const syncStateWithStorage = (client)=>{
         void core.storage.setItem(stateStorageKeySchema, {
             apiVersion: SDK_API_CORE_VERSION,
             projectSettings: state.projectSettings,
-            user: state.user
+            unverifiedWalletAccounts: state.unverifiedWalletAccounts,
+            user: state.user,
+            walletProviderKeyMap: state.walletProviderKeyMap
         });
     });
 };
@@ -230,6 +503,7 @@ class ClientAlreadyInitializedError extends BaseError {
  * @throws ClientAlreadyInitializedError If the client is already initialized.
  */ const initializeClient = async (client = getDefaultClient())=>{
     const core = getCore(client);
+    core.logger.debug('[initializeClient] Initializing client. Current init status', core.state.get().initStatus);
     if (core.state.get().initStatus !== 'uninitialized') {
         throw new ClientAlreadyInitializedError();
     }
@@ -263,24 +537,38 @@ class ClientAlreadyInitializedError extends BaseError {
    * sub2.example.com that had the original logged-in user. We need to fetch the user to refresh
    * the user state with the correct logged-in user.
    */ const refreshUserStateFromCookiePromise = fetchProjectSettingsPromise.then(async ()=>{
-        if (isCookieEnabled(client)) {
-            await refreshUser(client);
+        /**
+       * When cookies are enabled, we need to refresh the user as part of the initialization process
+       * to ensure the user is logged in and sync the auth state with the server.
+       *
+       * This call can fail with a 401 error if the user is not logged in and the SDK should finish its initialization process
+       * without throwing an error because that is an expected behavior.
+       */ if (isCookieEnabled(client)) {
+            await refreshUser(client).catch(async (error)=>{
+                if (error.status === 401) {
+                    if (client.user) {
+                        await logout(client);
+                    }
+                } else {
+                    throw error;
+                }
+            });
         }
     });
     core.initTrack.track({
-        name: 'initialize-storage-sync',
+        name: INITIALIZE_STORAGE_SYNC_TRACKER_KEY,
         promise: initializeStorageSyncPromise
     });
     core.initTrack.track({
-        name: 'fetch-project-settings',
+        name: FETCH_PROJECT_SETTINGS_TRACKER_KEY,
         promise: fetchProjectSettingsPromise
     });
     core.initTrack.track({
-        name: 'generate-session-keys',
+        name: GENERATE_SESSION_KEYS_TRACKER_KEY,
         promise: generateSessionKeysPromise
     });
     core.initTrack.track({
-        name: 'refresh-user-state-from-cookie',
+        name: REFRESH_USER_STATE_FROM_COOKIE_TRACKER_KEY,
         promise: refreshUserStateFromCookiePromise
     });
     try {
@@ -330,7 +618,7 @@ const createDeferredPromise = ()=>{
     /**
    * Checks if all processes are initialized and resolves the main promise if they are.
    */ const checkIfAllSettled = ()=>{
-        const allSettled = Array.from(tracker.values()).every((status)=>status === 'resolved');
+        const allSettled = Array.from(tracker.values()).every(({ status })=>status === 'resolved');
         if (!allSettled) return;
         allSettledPromise.resolve();
     };
@@ -340,19 +628,28 @@ const createDeferredPromise = ()=>{
         }
         // Disable tracking in the next node tick
         void Promise.resolve().then(()=>isTrackEnabled = false);
-        tracker.set(name, 'pending');
+        tracker.set(name, {
+            promise,
+            status: 'pending'
+        });
         promise.then(()=>{
-            tracker.set(name, 'resolved');
+            tracker.set(name, {
+                promise,
+                status: 'resolved'
+            });
             eventEmitter.emit('resolved', name);
             checkIfAllSettled();
         }).catch((error)=>{
-            tracker.set(name, 'failed');
+            tracker.set(name, {
+                promise,
+                status: 'failed'
+            });
             eventEmitter.emit('failed', name, error);
             allSettledPromise.reject(error);
         });
     };
     const waitForAll = ()=>allSettledPromise.promise;
-    const getTracker = ()=>tracker;
+    const getTracker = (trackerKey)=>tracker.get(trackerKey);
     return {
         getTracker,
         off: eventEmitter.off.bind(eventEmitter),
@@ -418,6 +715,63 @@ class UnavailableInServerSideError extends BaseError {
         register: (options)=>startRegistration(options)
     });
 
+const createDebouncedMutex = ()=>{
+    const mutexState = new Map();
+    return async ({ lockKey, callback, debounceTime = 0 })=>{
+        const resolutionPromise = createDeferredPromise();
+        // Prefill the state for this key if it doesn't exist to avoid needing to check for existence later.
+        if (!mutexState.has(lockKey)) {
+            mutexState.set(lockKey, {
+                nextCallback: null,
+                queuePromise: Promise.resolve(),
+                resolutionPromises: [],
+                timer: null
+            });
+        }
+        const currentState = mutexState.get(lockKey);
+        // This should never happen, but we'll assert it for TS safety.
+        assertDefined(currentState, `Mutex state for key ${lockKey} not found`);
+        currentState.resolutionPromises.push(resolutionPromise);
+        if (currentState.timer) {
+            clearTimeout(currentState.timer);
+        }
+        // The last invocation wins. Always.
+        currentState.nextCallback = callback;
+        const addCallbackToQueue = async ()=>{
+            currentState.queuePromise = currentState.queuePromise.then(async ()=>{
+                if (!currentState.nextCallback) {
+                    return;
+                }
+                // We can't just use the callback param directly because later invocations
+                // should override previous ones.
+                // Scenario to illustrate this (none of these will use the timer param for simplicity):
+                // 1. Very long running promise callback A runs
+                // 2. While it's running, we invoke callback B, which queues itself with "then" and overrides nextCallback with B.
+                // 3. While A is still running, we invoke callback C, same thing happens, now nextCallback is C.
+                // 4. A resolves, nextCallback is invoked with C.
+                // 5. After C resolves, nextCallback is invoked with null, so it doesn't run.
+                // Conclusion: B was never executed and only the last invocation runs.
+                const { nextCallback } = currentState;
+                currentState.nextCallback = null;
+                const promisesToResolve = currentState.resolutionPromises;
+                currentState.resolutionPromises = [];
+                try {
+                    await nextCallback();
+                    promisesToResolve.forEach((resolutionPromise)=>resolutionPromise.resolve());
+                } catch (error) {
+                    promisesToResolve.forEach((resolutionPromise)=>resolutionPromise.reject(error));
+                }
+            });
+        };
+        if (debounceTime > 0) {
+            currentState.timer = setTimeout(addCallbackToQueue, debounceTime);
+        } else {
+            await addCallbackToQueue();
+        }
+        return resolutionPromise.promise;
+    };
+};
+
 class InvalidStorageValue extends BaseError {
     constructor(key, value){
         super({
@@ -517,7 +871,8 @@ class InvalidStorageValue extends BaseError {
         sessionKeys: null,
         token: null,
         unverifiedWalletAccounts: [],
-        user: null
+        user: null,
+        walletProviderKeyMap: {}
     });
 
 /**
@@ -527,7 +882,9 @@ class InvalidStorageValue extends BaseError {
     var _config_coreConfig_apiBaseUrl;
     const apiBaseUrl = (_config_coreConfig_apiBaseUrl = (_config_coreConfig = config.coreConfig) == null ? void 0 : _config_coreConfig.apiBaseUrl) != null ? _config_coreConfig_apiBaseUrl : DEFAULT_API_BASE_URL;
     var _config_coreConfig_logger;
-    const logger = (_config_coreConfig_logger = (_config_coreConfig1 = config.coreConfig) == null ? void 0 : _config_coreConfig1.logger) != null ? _config_coreConfig_logger : createLogger();
+    const logger = (_config_coreConfig_logger = (_config_coreConfig1 = config.coreConfig) == null ? void 0 : _config_coreConfig1.logger) != null ? _config_coreConfig_logger : createLogger({
+        level: config.logLevel
+    });
     var _config_coreConfig_storageAdapter;
     const storage = createStorage({
         prefix: `dynamic_${config.environmentId}`,
@@ -540,6 +897,7 @@ class InvalidStorageValue extends BaseError {
     var _config_coreConfig_navigate;
     const navigate = (_config_coreConfig_navigate = (_config_coreConfig5 = config.coreConfig) == null ? void 0 : _config_coreConfig5.navigate) != null ? _config_coreConfig_navigate : createNavigationHandler();
     const state = createObservableState(getInitialState);
+    const debouncedMutex = createDebouncedMutex();
     const eventEmitter = createEventEmitter();
     const initTrack = createAsyncTrack();
     const runtimeServices = createRuntimeServices();
@@ -548,6 +906,7 @@ class InvalidStorageValue extends BaseError {
     var _config_coreConfig_getApiHeaders;
     return {
         apiBaseUrl,
+        debouncedMutex,
         environmentId: config.environmentId,
         eventEmitter,
         extensions: new Set(),
@@ -605,8 +964,13 @@ class InvalidStorageValue extends BaseError {
         }
     };
     var _config_autoInitialize;
-    const shouldAutoInitialize = (_config_autoInitialize = config.autoInitialize) != null ? _config_autoInitialize : !isServerSideRendering();
+    // Define if SDK should auto initialize, default to true
+    const autoInitialize = (_config_autoInitialize = config.autoInitialize) != null ? _config_autoInitialize : true;
+    // Prevent the auto initialization in SSR
+    const shouldAutoInitialize = isServerSideRendering() ? false : autoInitialize;
+    core.logger.debug('[createDynamicClient] Creating client...');
     if (shouldAutoInitialize) {
+        core.logger.debug('[createDynamicClient] Initializing client...');
         void initializeClient(client);
     }
     setDefaultClient(client);
@@ -649,6 +1013,19 @@ class MissingSocialUrlParamError extends BaseError {
     }
 }
 
+class MissingUserVerificationError extends BaseError {
+    constructor({ informationToVerify, message }){
+        super({
+            cause: null,
+            code: 'missing_user_verification_error',
+            docsUrl: null,
+            name: 'MissingUserVerificationError',
+            shortMessage: message != null ? message : `The user is missing verification for ${informationToVerify}. Please verify the user's ${informationToVerify}`
+        });
+        this.informationToVerify = informationToVerify;
+    }
+}
+
 class NetworkSwitchingUnavailableError extends BaseError {
     constructor({ walletProviderKey, originalError, extraMessages }){
         const cause = originalError instanceof Error ? originalError : null;
@@ -690,6 +1067,18 @@ class NoPasskeyCredentialsFoundError extends BaseError {
     }
 }
 
+class NoSmartWalletAccountSignerFoundError extends BaseError {
+    constructor(smartWalletAddress){
+        super({
+            cause: null,
+            code: 'no_smart_wallet_account_signer_found_error',
+            docsUrl: null,
+            name: 'NoSmartWalletAccountSignerFoundError',
+            shortMessage: `No signer wallet account found for smart wallet account ${smartWalletAddress}`
+        });
+    }
+}
+
 class NoWebAuthNSupportError extends BaseError {
     constructor(){
         super({
@@ -756,30 +1145,19 @@ class WalletAccountAlreadyVerifiedError extends BaseError {
 
 class WalletAccountNotSelectedError extends BaseError {
     constructor(params){
+        const currentAccountInfo = params.selectedAddress ? ` (currently ${params.selectedAddress})` : '';
         super({
             cause: null,
             code: 'wallet_account_not_selected_error',
             docsUrl: null,
             name: 'WalletAccountNotSelected',
-            shortMessage: `This wallet only supports signing with its selected account (currently ${params.selectedAddress}). Please select account ${params.expectedAddress} in your wallet app and try again`
+            shortMessage: `This wallet only supports signing with its selected account${currentAccountInfo}. Please select account ${params.expectedAddress} in your wallet app and try again`
         });
         this.expectedAddress = params.expectedAddress;
         this.selectedAddress = params.selectedAddress;
     }
 }
 
-class WalletAlreadyLinkedToAnotherUserError extends BaseError {
-    constructor({ cause }){
-        super({
-            cause,
-            code: 'wallet_already_linked_to_another_user_error',
-            docsUrl: null,
-            name: 'WalletAlreadyLinkedToAnotherUserError',
-            shortMessage: 'This wallet is already linked to another user'
-        });
-    }
-}
-
 class WalletProviderMethodUnavailableError extends BaseError {
     constructor({ methodName, walletProviderKey }){
         super({
@@ -862,12 +1240,13 @@ const getPasskeyRegistrationOptions = async (client)=>{
     return options;
 };
 
-const serverRegisterPasskey = async ({ registration }, client)=>{
+const serverRegisterPasskey = async ({ registration, createMfaToken }, client)=>{
     const core = getCore(client);
     const apiClient = createApiClient({}, client);
     const response = await apiClient.registerPasskey({
         environmentId: core.environmentId,
         passkeyRegisterRequest: _extends({}, registration, {
+            createMfaToken,
             response: _extends({}, registration.response, {
                 clientDataJson: registration.response.clientDataJSON
             })
@@ -883,10 +1262,11 @@ const serverRegisterPasskey = async ({ registration }, client)=>{
  * passwordless authentication. The user will be prompted to create a passkey
  * using their device's biometric authentication or security key.
  *
+ * @param [params.createMfaToken] - Optional configuration for MFA token creation.
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
  * @returns A promise that resolves to the registration response.
  * @throws NoWebAuthNSupportError If WebAuthn is not supported by the browser.
- */ const registerPasskey = async (client = getDefaultClient())=>{
+ */ const registerPasskey = async ({ createMfaToken } = {}, client = getDefaultClient())=>{
     const core = getCore(client);
     if (!core.passkey.isSupported()) {
         throw new NoWebAuthNSupportError();
@@ -896,6 +1276,7 @@ const serverRegisterPasskey = async ({ registration }, client)=>{
         optionsJSON: options
     });
     const response = await serverRegisterPasskey({
+        createMfaToken,
         registration
     }, client);
     updateAuthFromVerifyResponse({
@@ -904,11 +1285,12 @@ const serverRegisterPasskey = async ({ registration }, client)=>{
     return response;
 };
 
-const getPasskeyAuthenticationSignInOptions = async (client)=>{
+const getPasskeyAuthenticationSignInOptions = async ({ relatedOriginRpId } = {}, client)=>{
     const core = getCore(client);
     const apiClient = createApiClient({}, client);
     const options = await apiClient.getPasskeyAuthenticationSigninOptions({
-        environmentId: core.environmentId
+        environmentId: core.environmentId,
+        relatedOriginRpId: relatedOriginRpId
     });
     return options;
 };
@@ -938,12 +1320,14 @@ const serverSigninPasskey = async ({ authentication, createMfaToken }, client)=>
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
  * @returns A promise that resolves to the authentication response.
  * @throws NoWebAuthNSupportError If WebAuthn is not supported by the browser.
- */ const signInWithPasskey = async (client = getDefaultClient())=>{
+ */ const signInWithPasskey = async ({ relatedOriginRpId } = {}, client = getDefaultClient())=>{
     const core = getCore(client);
     if (!core.passkey.isSupported()) {
         throw new NoWebAuthNSupportError();
     }
-    const options = await getPasskeyAuthenticationSignInOptions(client);
+    const options = await getPasskeyAuthenticationSignInOptions({
+        relatedOriginRpId
+    }, client);
     const formattedOptions = _extends({}, options);
     const authentication = await core.passkey.authenticate({
         optionsJSON: formattedOptions
@@ -957,88 +1341,46 @@ const serverSigninPasskey = async ({ authentication, createMfaToken }, client)=>
     return response;
 };
 
-/** The schema to track the state of the OAuth flow. */ const redirectStateStorageSchema = createStorageKeySchema({
-    key: 'redirectState',
-    schema: z.object({
-        codeVerifier: z.optional(z.string()),
-        provider: z.enum(ProviderEnum),
-        state: z.string()
-    })
-});
-
 /**
- * Completes the social authentication flow after OAuth redirect.
+ * Retrieves all social accounts associated with the current user.
  *
- * This function processes the OAuth callback URL with authorization codes
- * and completes the user authentication with the social provider.
- *
- * @param params.url - The callback URL containing OAuth response parameters.
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
- * @returns A promise that resolves to the authenticated user or null.
- * @throws MissingSocialUrlParamError If required OAuth parameters are missing.
- * @throws InvalidRedirectStorageStateError If the stored state doesn't match.
- */ const completeSocialRedirectSignIn = async ({ url }, client = getDefaultClient())=>{
-    const core = getCore(client);
-    const apiClient = createApiClient({}, client);
-    await core.initTrack.waitForAll();
-    const dynamicOauthState = url.searchParams.get('dynamicOauthState');
-    const dynamicOauthCode = url.searchParams.get('dynamicOauthCode');
-    if (!dynamicOauthState) {
-        throw new MissingSocialUrlParamError('dynamicOauthState');
-    }
-    if (!dynamicOauthCode) {
-        throw new MissingSocialUrlParamError('dynamicOauthCode');
-    }
-    const storedSocialRedirectState = await core.storage.getItem(redirectStateStorageSchema);
-    if (!storedSocialRedirectState) {
-        throw new MissingRedirectStorageStateError();
-    }
-    if (storedSocialRedirectState.state !== dynamicOauthState) {
-        throw new InvalidRedirectStorageStateError();
-    }
-    const { provider, codeVerifier } = storedSocialRedirectState;
-    await core.storage.removeItem(redirectStateStorageSchema);
-    const response = await apiClient.oauthSignIn({
-        environmentId: core.environmentId,
-        oauthRequest: {
-            captchaToken: consumeCaptchaToken(client),
-            code: dynamicOauthCode,
-            codeVerifier,
-            state: dynamicOauthState
-        },
-        providerType: provider
+ * @returns An array of `SocialAccount` objects associated with the user.
+ */ const getUserSocialAccounts = (client = getDefaultClient())=>{
+    const { user } = client;
+    assertDefined(user, 'User is not authenticated');
+    var _user_verifiedCredentials_filter;
+    const socialCredentials = (_user_verifiedCredentials_filter = user.verifiedCredentials.filter((credential)=>credential.format === JwtVerifiedCredentialFormatEnum.Oauth)) != null ? _user_verifiedCredentials_filter : [];
+    return socialCredentials.map((credential)=>{
+        var _credential_oauthAccountId, _credential_oauthDisplayName, _credential_oauthEmails, _credential_oauthAccountPhotos, _credential_oauthUsername;
+        return {
+            accountId: (_credential_oauthAccountId = credential.oauthAccountId) != null ? _credential_oauthAccountId : undefined,
+            displayName: (_credential_oauthDisplayName = credential.oauthDisplayName) != null ? _credential_oauthDisplayName : undefined,
+            emails: (_credential_oauthEmails = credential.oauthEmails) != null ? _credential_oauthEmails : [],
+            photos: (_credential_oauthAccountPhotos = credential.oauthAccountPhotos) != null ? _credential_oauthAccountPhotos : [],
+            provider: credential.oauthProvider,
+            username: (_credential_oauthUsername = credential.oauthUsername) != null ? _credential_oauthUsername : undefined,
+            verifiedCredentialId: credential.id
+        };
     });
-    updateAuthFromVerifyResponse({
-        response
-    }, client);
-    return response.user;
 };
 
-/**
- * Detects if the current URL is an OAuth redirect from a social provider.
- *
- * This function examines the URL parameters to determine if it contains
- * OAuth callback data from a social authentication flow.
- *
- * @param params.url - The URL to check for OAuth redirect parameters.
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
- * @returns A promise that resolves to true if the URL is an OAuth redirect, false otherwise.
- */ const detectOAuthRedirect = async ({ url }, client = getDefaultClient())=>{
-    const core = getCore(client);
-    const dynamicOauthState = url.searchParams.get('dynamicOauthState');
-    const dynamicOauthCode = url.searchParams.get('dynamicOauthCode');
-    if (!dynamicOauthState || !dynamicOauthCode) {
-        return false;
-    }
-    // Wait for SDK to load
-    await core.initTrack.waitForAll();
-    const storedSocialRedirectState = await core.storage.getItem(redirectStateStorageSchema);
-    if (!storedSocialRedirectState || storedSocialRedirectState.state !== dynamicOauthState) {
-        return false;
-    }
-    return true;
+const removeDynamicOauthParamsFromUrl = (url)=>{
+    const urlObject = new URL(url);
+    urlObject.searchParams.delete('dynamicOauthState');
+    urlObject.searchParams.delete('dynamicOauthCode');
+    return urlObject.toString();
 };
 
+/** The schema to track the state of the OAuth flow. */ const redirectStateStorageKeySchema = createStorageKeySchema({
+    key: 'redirectState',
+    schema: z.object({
+        codeVerifier: z.optional(z.string()),
+        provider: z.enum(ProviderEnum),
+        state: z.string()
+    })
+});
+
 const digestSHA256 = (str)=>{
     const encoder = new TextEncoder();
     const data = encoder.encode(str);
@@ -1126,43 +1468,175 @@ const providersRequiringPkce = [
         socialProviderUrl.searchParams.set('code_challenge', encodeBase64Url(digest));
         socialProviderUrl.searchParams.set('code_challenge_method', 'S256');
     }
-    return {
-        codeVerifier: usingPkce ? codeVerifier : undefined,
-        state,
-        url: socialProviderUrl
-    };
+    return {
+        codeVerifier: usingPkce ? codeVerifier : undefined,
+        state,
+        url: socialProviderUrl
+    };
+};
+
+/**
+ * Initiates social authentication by redirecting to the OAuth provider.
+ *
+ * This function redirects the user to the specified social provider's
+ * authorization page to complete OAuth authentication flow.
+ * After the oauth flow is complete, the user will be redirected back to your app.
+ * You can then call `detectOAuthRedirect` to check if the user got redirected back to your app due to the oauth flow,
+ * and finally call `completeSocialAuthentication` to complete the social authentication flow.
+ *
+ * @param params.provider - The social provider to authenticate with (e.g., 'google', 'github').
+ * @param params.redirectUrl - The URL to redirect back to after authentication.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ */ const authenticateWithSocial = async ({ provider, redirectUrl }, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({}, client);
+    await core.initTrack.waitForAll();
+    const providerType = provider;
+    const { url, state, codeVerifier } = await buildOAuthUrl(core, providerType);
+    await apiClient.initAuth({
+        environmentId: core.environmentId,
+        oauthInitAuthRequest: {
+            redirectUrl: removeDynamicOauthParamsFromUrl(redirectUrl),
+            state
+        },
+        providerType
+    });
+    await core.storage.setItem(redirectStateStorageKeySchema, {
+        codeVerifier,
+        provider: providerType,
+        state
+    });
+    await core.navigate(url.toString());
+};
+
+/**
+ * Completes the social authentication flow after OAuth redirect.
+ *
+ * This function processes the OAuth callback URL with authorization codes
+ * and completes the user authentication with the social provider.
+ *
+ * @param params.url - The callback URL containing OAuth response parameters.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves to the authenticated user or null.
+ * @throws MissingSocialUrlParamError If required OAuth parameters are missing.
+ * @throws InvalidRedirectStorageStateError If the stored state doesn't match.
+ */ const completeSocialAuthentication = async ({ url }, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({}, client);
+    await core.initTrack.waitForAll();
+    const dynamicOauthState = url.searchParams.get('dynamicOauthState');
+    const dynamicOauthCode = url.searchParams.get('dynamicOauthCode');
+    if (!dynamicOauthState) {
+        throw new MissingSocialUrlParamError('dynamicOauthState');
+    }
+    if (!dynamicOauthCode) {
+        throw new MissingSocialUrlParamError('dynamicOauthCode');
+    }
+    const storedSocialRedirectState = await core.storage.getItem(redirectStateStorageKeySchema);
+    if (!storedSocialRedirectState) {
+        throw new MissingRedirectStorageStateError();
+    }
+    if (storedSocialRedirectState.state !== dynamicOauthState) {
+        throw new InvalidRedirectStorageStateError();
+    }
+    const { provider, codeVerifier } = storedSocialRedirectState;
+    await core.storage.removeItem(redirectStateStorageKeySchema);
+    let response;
+    // if user is alreadyauthenticated, we're verifying the social auth to link it to the user
+    if (client.user) {
+        response = await apiClient.oauthVerify({
+            environmentId: core.environmentId,
+            oauthRequest: {
+                code: dynamicOauthCode,
+                codeVerifier,
+                state: dynamicOauthState
+            },
+            providerType: provider
+        });
+    } else {
+        // if user is not authenticated, we're signing in with the social auth
+        response = await apiClient.oauthSignIn({
+            environmentId: core.environmentId,
+            oauthRequest: {
+                captchaToken: consumeCaptchaToken(client),
+                code: dynamicOauthCode,
+                codeVerifier,
+                state: dynamicOauthState
+            },
+            providerType: provider
+        });
+    }
+    updateAuthFromVerifyResponse({
+        response
+    }, client);
+    return response.user;
+};
+
+/**
+ * Detects if the current URL is an OAuth redirect from a social provider.
+ *
+ * This function examines the URL parameters to determine if it contains
+ * OAuth callback data from a social authentication flow.
+ *
+ * @param params.url - The URL to check for OAuth redirect parameters.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves to true if the URL is an OAuth redirect, false otherwise.
+ */ const detectOAuthRedirect = async ({ url }, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const dynamicOauthState = url.searchParams.get('dynamicOauthState');
+    const dynamicOauthCode = url.searchParams.get('dynamicOauthCode');
+    if (!dynamicOauthState || !dynamicOauthCode) {
+        return false;
+    }
+    // Wait for SDK to load
+    await core.initTrack.waitForAll();
+    const storedSocialRedirectState = await core.storage.getItem(redirectStateStorageKeySchema);
+    if (!storedSocialRedirectState || storedSocialRedirectState.state !== dynamicOauthState) {
+        return false;
+    }
+    return true;
+};
+
+/**
+ * Get the primary wallet account.
+ * The primary wallet account is the one that was last selected by the user.
+ * This information is stored in both unverified and verified wallet accounts.
+ * This function consolidates this information to determine which wallet was most recently selected.
+ */ const getPrimaryWalletAccount = (client = getDefaultClient())=>{
+    const walletAccounts = getWalletAccounts(client);
+    const sortedLastSelectedWalletAccounts = walletAccounts.filter((walletAccount)=>Boolean(walletAccount.lastSelectedAt)).sort((a, b)=>b.lastSelectedAt.getTime() - a.lastSelectedAt.getTime());
+    if (sortedLastSelectedWalletAccounts.length === 0) {
+        return null;
+    }
+    const [primaryWalletAccount] = sortedLastSelectedWalletAccounts;
+    return primaryWalletAccount;
 };
 
 /**
- * Initiates social authentication by redirecting to the OAuth provider.
- *
- * This function redirects the user to the specified social provider's
- * authorization page to complete OAuth authentication flow.
- * After the oauth flow is complete, the user will be redirected back to your app.
+ * Unlinks a social account from the user's account.
  *
- * @param params.provider - The social provider to authenticate with (e.g., 'google', 'github').
- * @param params.redirectUrl - The URL to redirect back to after authentication.
+ * @param params.verifiedCredentialId - The verified credential ID of the social account to unlink.
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
- */ const signInWithSocialRedirect = async ({ provider, redirectUrl }, client = getDefaultClient())=>{
+ * @returns A promise that resolves to the verify response.
+ */ const unlinkSocialAccount = async ({ verifiedCredentialId }, client = getDefaultClient())=>{
+    var _primaryWalletAccount_verifiedCredentialId;
     const core = getCore(client);
     const apiClient = createApiClient({}, client);
-    await core.initTrack.waitForAll();
-    const providerType = provider;
-    const { url, state, codeVerifier } = await buildOAuthUrl(core, providerType);
-    await apiClient.initAuth({
+    // the api seems to require us to pass the primary wallet id when
+    // unlinking a social account if the user has wallets
+    const primaryWalletAccount = getPrimaryWalletAccount(client);
+    const walletId = primaryWalletAccount == null ? void 0 : (_primaryWalletAccount_verifiedCredentialId = primaryWalletAccount.verifiedCredentialId) == null ? void 0 : _primaryWalletAccount_verifiedCredentialId.replace('-zerodev', '');
+    const response = await apiClient.verifyUnlink({
         environmentId: core.environmentId,
-        oauthInitAuthRequest: {
-            redirectUrl,
-            state
-        },
-        providerType
-    });
-    await core.storage.setItem(redirectStateStorageSchema, {
-        codeVerifier,
-        provider: providerType,
-        state
+        verifyUnlinkRequest: {
+            verifiedCredentialId,
+            walletId: walletId != null ? walletId : undefined
+        }
     });
-    await core.navigate(url.toString());
+    updateAuthFromVerifyResponse({
+        response
+    }, client);
+    return response;
 };
 
 /**
@@ -1184,6 +1658,232 @@ const providersRequiringPkce = [
     return response.chainBalances;
 };
 
+/**
+ * Adds a listener for Coinbase onramp order events.
+ *
+ * @param params.listener - The listener function to call when an event is received.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A function to remove the listener.
+ * @throws {ValueMustBeDefinedError} If the window is not available.
+ * @docs https://docs.cdp.coinbase.com/onramp-&-offramp/onramp-apis/apple-pay-onramp-api#events-names
+ */ const addCoinbaseOnrampOrderEventListener = ({ listener }, client = getDefaultClient())=>{
+    const core = getCore(client);
+    if (typeof window === 'undefined') {
+        throw new ValueMustBeDefinedError('Window is not available to listen for Coinbase onramp order events');
+    }
+    const handleMessageEvent = (event)=>{
+        if (event.origin !== 'https://pay.coinbase.com') {
+            return;
+        }
+        core.logger.debug('[addCoinbaseOnrampOrderEventListener] pay.coinbase.com event received', {
+            event
+        });
+        try {
+            var _coinbaseOnrampOrderEventData_eventName;
+            const coinbaseOnrampOrderEventData = JSON.parse(event.data);
+            if (!((_coinbaseOnrampOrderEventData_eventName = coinbaseOnrampOrderEventData.eventName) == null ? void 0 : _coinbaseOnrampOrderEventData_eventName.startsWith('onramp_api.'))) {
+                return;
+            }
+            listener({
+                data: coinbaseOnrampOrderEventData.data,
+                eventName: coinbaseOnrampOrderEventData.eventName
+            });
+        } catch (error) {
+            core.logger.debug('[addCoinbaseOnrampOrderEventListener] Failed to parse Coinbase onramp order event data', {
+                error
+            });
+        }
+    };
+    window.addEventListener('message', handleMessageEvent);
+    return ()=>{
+        window.removeEventListener('message', handleMessageEvent);
+    };
+};
+
+function _object_without_properties_loose(source, excluded) {
+    if (source == null) return {};
+    var target = {};
+    var sourceKeys = Object.keys(source);
+    var key, i;
+    for(i = 0; i < sourceKeys.length; i++){
+        key = sourceKeys[i];
+        if (excluded.indexOf(key) >= 0) continue;
+        target[key] = source[key];
+    }
+    return target;
+}
+
+/**
+ * This function is used to get a list of fields that are missing verification for a Coinbase onramp order
+ *
+ * - If the user is missing information for an email or phone number, the field will be returned with the error code MISSING_INFORMATION
+ * - If the user is missing verification for an email or phone number, the field will be returned with the error code MISSING_VERIFICATION
+ *   and the existing unverified email or phone number will be included in the data field.
+ * - If the user's phone number has not been verified in the last 60 days, the field will be returned with the error code VERIFICATION_EXPIRED
+ *   and the existing phone number will be included in the data field.
+ *
+ * @param params.paymentMethod - The payment method that will be used to create the onramp order
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns FieldMissingVerificationForCoinbaseOnramp[] - An array of fields that are missing verification for a Coinbase onramp order
+ * @throws {InvalidParamError} - If the payment method is not valid
+ * @throws {ValueMustBeDefinedError} - If the user is not authenticated
+ */ const getMissingVerificationForCoinbaseOnrampOrder = ({ paymentMethod }, client = getDefaultClient())=>{
+    // adding the payment method as a param for now just so a user has to pass an object as the first param
+    // that way, when we add more payment methods, we can easily add them to the param object
+    // and not have to change the function signature
+    if (paymentMethod !== 'GUEST_CHECKOUT_APPLE_PAY') {
+        throw new InvalidParamError(`Invalid payment method: ${paymentMethod}`);
+    }
+    const { user } = client;
+    assertDefined(user, 'User is not authenticated');
+    const fieldsMissingVerification = [];
+    const emailVerifiedCredential = user.verifiedCredentials.find((credential)=>credential.format === JwtVerifiedCredentialFormatEnum.Email);
+    if (!user.email) {
+        // when user has no email at all (verified or not)
+        fieldsMissingVerification.push({
+            errorCode: 'MISSING_INFORMATION',
+            field: 'email'
+        });
+    } else if (!emailVerifiedCredential) {
+        // when user has an email but it is not verified
+        fieldsMissingVerification.push({
+            data: user.email,
+            errorCode: 'MISSING_VERIFICATION',
+            field: 'email'
+        });
+    }
+    const phoneVerifiedCredential = user.verifiedCredentials.find((credential)=>credential.format === JwtVerifiedCredentialFormatEnum.PhoneNumber);
+    const phoneNumberVerifiedInPast60Days = (phoneVerifiedCredential == null ? void 0 : phoneVerifiedCredential.verifiedAt) && phoneVerifiedCredential.verifiedAt >= new Date(Date.now() - 60 * 24 * 60 * 60 * 1000);
+    if (!user.phoneNumber) {
+        // when user has no phone number at all (verified or not)
+        fieldsMissingVerification.push({
+            errorCode: 'MISSING_INFORMATION',
+            field: 'phoneNumber'
+        });
+    } else if (!phoneVerifiedCredential) {
+        // when user has a phone number but it is not verified
+        fieldsMissingVerification.push({
+            data: user.phoneNumber,
+            errorCode: 'MISSING_VERIFICATION',
+            field: 'phoneNumber'
+        });
+    } else if (!phoneNumberVerifiedInPast60Days) {
+        // when user has a verified phone number but it is not verified in the last 60 days
+        fieldsMissingVerification.push({
+            data: user.phoneNumber,
+            errorCode: 'VERIFICATION_EXPIRED',
+            field: 'phoneNumber'
+        });
+    }
+    return fieldsMissingVerification;
+};
+
+const validateUserCredentialsForCoinbaseOnrampOrder = (client)=>{
+    const { user } = client;
+    assertDefined(user, 'User is not authenticated');
+    const fieldsMissingVerification = getMissingVerificationForCoinbaseOnrampOrder({
+        paymentMethod: 'GUEST_CHECKOUT_APPLE_PAY'
+    }, client);
+    const missingEmailVerification = fieldsMissingVerification.find((field)=>field.field === 'email');
+    if (missingEmailVerification) {
+        throw new MissingUserVerificationError({
+            informationToVerify: 'email',
+            message: 'User must have a verified email to create a Coinbase onramp order'
+        });
+    }
+    const missingPhoneNumberVerification = fieldsMissingVerification.find((field)=>field.field === 'phoneNumber');
+    if (missingPhoneNumberVerification && missingPhoneNumberVerification.errorCode !== 'VERIFICATION_EXPIRED') {
+        throw new MissingUserVerificationError({
+            informationToVerify: 'phoneNumber',
+            message: 'User must have a verified phone number to create a Coinbase onramp order'
+        });
+    }
+    // this is a requirement for Coinbase Onramp
+    // https://docs.cdp.coinbase.com/api-reference/v2/rest-api/onramp/create-an-onramp-order#body-phone-number-verified-at
+    if (missingPhoneNumberVerification && missingPhoneNumberVerification.errorCode === 'VERIFICATION_EXPIRED') {
+        throw new MissingUserVerificationError({
+            informationToVerify: 'phoneNumber',
+            message: "The user's phone number has not been verified in the last 60 days. Please re-verify the user's phone number"
+        });
+    }
+    return user;
+};
+
+/**
+ * Creates a Coinbase onramp order
+ *
+ * @param orderParams CoinbaseCreateOnrampOrderRequest - The parameters for the onramp order.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns The created order
+ * @throws {MissingUserVerificationError} If the user is missing verification for email or phone
+ */ const createCoinbaseOnrampOrder = async (orderParams, client = getDefaultClient())=>{
+    const user = validateUserCredentialsForCoinbaseOnrampOrder(client);
+    const core = getCore(client);
+    const apiClient = createApiClient({
+        includeMfaToken: true
+    }, client);
+    const { isSandbox } = orderParams, restOrderParams = _object_without_properties_loose(orderParams, [
+        "isSandbox"
+    ]);
+    var _orderParams_partnerUserRef;
+    const orderResponse = await apiClient.createCoinbaseOnrampOrder({
+        coinbaseOnrampOrderCreateRequest: _extends({}, restOrderParams, {
+            // to create a sandbox order, we need to prefix the partner user ref with 'sandbox-'
+            // https://docs.cdp.coinbase.com/onramp-&-offramp/onramp-apis/apple-pay-onramp-api#testing
+            partnerUserRef: (_orderParams_partnerUserRef = orderParams.partnerUserRef) != null ? _orderParams_partnerUserRef : isSandbox ? `sandbox-${user.id}` : user.id,
+            paymentMethod: orderParams.paymentMethod
+        }),
+        environmentId: core.environmentId
+    });
+    if (!isSandbox || !orderResponse.paymentLink) {
+        return orderResponse;
+    }
+    return _extends({}, orderResponse, {
+        paymentLink: _extends({}, orderResponse.paymentLink, {
+            url: `${orderResponse.paymentLink.url}&useApplePaySandbox=true`
+        })
+    });
+};
+
+/**
+ * Gets a Coinbase buy URL
+ *
+ * @param buyUrlParams CoinbaseOnrampGetBuyUrlRequest - The parameters for the buy URL.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns an object containing the buy URL
+ */ const getCoinbaseBuyUrl = async (buyUrlParams, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({
+        includeMfaToken: true
+    }, client);
+    const response = await apiClient.generateCoinbaseOnrampBuyUrl({
+        coinbaseOnrampGetBuyUrlRequest: buyUrlParams,
+        environmentId: core.environmentId
+    });
+    return response;
+};
+
+/**
+ * Creates a crypto.com payment
+ *
+ * @param paymentParams CryptoDotComPaymentCreateRequest - The parameters for the payment.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns The created payment
+ */ const createCryptoDotComPayment = async (paymentParams, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({
+        includeMfaToken: true
+    }, client);
+    const response = await apiClient.createCryptoDotComPayment({
+        cryptoDotComPaymentCreateRequest: _extends({}, paymentParams, {
+            // eslint-disable-next-line custom-rules/ban-chain-enum
+            chain: paymentParams.chain
+        }),
+        environmentId: core.environmentId
+    });
+    return response;
+};
+
 /**
  * Allows waiting until all modules of the client have been properly initialized
  * and are ready for use.
@@ -1290,11 +1990,12 @@ const providersRequiringPkce = [
     }
 };
 
-const getPasskeyAuthenticationOptions = async (client)=>{
+const getPasskeyAuthenticationOptions = async ({ relatedOriginRpId } = {}, client)=>{
     const core = getCore(client);
     const apiClient = createApiClient({}, client);
     const options = await apiClient.getPasskeyAuthenticationOptions({
-        environmentId: core.environmentId
+        environmentId: core.environmentId,
+        relatedOriginRpId
     });
     return options;
 };
@@ -1325,14 +2026,16 @@ const serverAuthenticatePasskey = async ({ authentication, createMfaToken }, cli
  * @returns A promise that resolves to the MFA authentication response.
  * @throws NoWebAuthNSupportError If WebAuthn is not supported by the browser.
  * @throws NoPasskeyCredentialsFoundError If no passkey credentials are found.
- */ const authenticatePasskeyMFA = async ({ createMfaToken } = {}, client = getDefaultClient())=>{
+ */ const authenticatePasskeyMFA = async ({ createMfaToken, relatedOriginRpId } = {}, client = getDefaultClient())=>{
     const core = getCore(client);
     try {
         var _options_allowCredentials;
         if (!core.passkey.isSupported()) {
             throw new NoWebAuthNSupportError();
         }
-        const options = await getPasskeyAuthenticationOptions(client);
+        const options = await getPasskeyAuthenticationOptions({
+            relatedOriginRpId
+        }, client);
         const allowCredentials = (_options_allowCredentials = options.allowCredentials) == null ? void 0 : _options_allowCredentials.map((credential)=>_extends({}, credential, {
                 type: 'public-key'
             }));
@@ -2579,7 +3282,7 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
  * @param params.otpVerification - The OTP verification object containing verification details.
  * @param params.verificationToken - The token received from the OTP verification process.
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
- * @returns A promise that resolves to the user object upon successful verification.
+ * @returns A promise that resolves to the verify response object upon successful verification.
  */ const verifyOTP = async ({ otpVerification, verificationToken }, client = getDefaultClient())=>{
     const verifyOTPFunction = client.user ? verifyOTPForUserUpdate : verifyOTPForUserSignIn;
     const response = await verifyOTPFunction({
@@ -2589,7 +3292,26 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
     updateAuthFromVerifyResponse({
         response
     }, client);
-    return response.user;
+    return response;
+};
+
+/**
+ * Deletes the current user's account permanently.
+ *
+ * This function performs a hard delete of the user account. Upon successful deletion,
+ * the user will be automatically logged out and all authentication data will be cleared.
+ *
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves when the user account is successfully deleted.
+ */ const deleteUser = async (client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({
+        includeMfaToken: true
+    }, client);
+    await apiClient.hardDeleteUser({
+        environmentId: core.environmentId
+    });
+    await logout(client);
 };
 
 /**
@@ -2618,50 +3340,6 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
     }
 };
 
-/*  
-  In older SDK versions we used to have the concept of "connect-only" vs "connect-and-sign". 
-  The only difference in backend is it stores some extra data for connect-only, 
-  so we can just default to using it.
-*/ const createVisit = async ({ walletAccount, authMode = AuthModeEnum.Only }, client)=>{
-    const core = getCore(client);
-    const apiClient = createApiClient({}, client);
-    const walletProvider = getWalletProviderFromWalletAccount({
-        walletAccount
-    }, client);
-    try {
-        const connectRequest = {
-            address: walletAccount.address,
-            authMode,
-            // eslint-disable-next-line custom-rules/ban-chain-enum
-            chain: walletProvider.chain,
-            provider: walletProvider.getWalletProviderType(),
-            walletName: walletAccount.walletProviderKey
-        };
-        await apiClient.createVisit({
-            connectRequest,
-            environmentId: core.environmentId
-        });
-    } catch (error) {
-        core.logger.error('Error creating visit', {
-            error
-        });
-    }
-};
-
-/**
- * Updates the unverified wallet account in the client state.
- */ const setUnverifiedWalletAccounts = ({ unverifiedWalletAccountsToUpdate }, client)=>{
-    const core = getCore(client);
-    const unverifiedWalletAccountsToUpdateIds = unverifiedWalletAccountsToUpdate.map(({ id })=>id);
-    const filteredUnverifiedWalletAccounts = core.state.get().unverifiedWalletAccounts.filter((unverifiedWalletAccount)=>!unverifiedWalletAccountsToUpdateIds.includes(unverifiedWalletAccount.id));
-    core.state.set({
-        unverifiedWalletAccounts: [
-            ...filteredUnverifiedWalletAccounts,
-            ...unverifiedWalletAccountsToUpdate
-        ]
-    });
-};
-
 /**
  * Asserts that a specific wallet provider method is defined, throwing an error if it's not.
  * This function acts as a type guard, narrowing the type to ensure the method exists.
@@ -2686,6 +3364,10 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
     }
 }
 
+const getAddressesWithTypesFromConnectionResult = (connectionResult)=>{
+    return connectionResult.addresses.filter((address)=>!!address.address && !!address.type);
+};
+
 /**
  * Connects to a wallet provider and returns the connected wallet account.
  *
@@ -2695,36 +3377,44 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
  * @see connectAndVerifyWithWalletProvider
  *
  * @param params.walletProviderKey - The unique key identifying the wallet provider to connect to (e.g. 'metamaskevm', 'phantomsol').
- * @param [params.addToUserWalletAccounts] - Whether to add the connected wallet account to the user's wallet accounts. Defaults to true.
+ * @param [params.addToDynamicWalletAccounts] - Whether to add the connected wallet account to the user's wallet accounts. Defaults to true.
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
  * @returns A promise that resolves to the connected wallet account.
  * @throws NoAddressFoundError If the request to connect was successful but no address is connected to your app.
- */ const connectWithWalletProvider = async ({ walletProviderKey, addToUserWalletAccounts = true }, client = getDefaultClient())=>{
+ */ const connectWithWalletProvider = async ({ walletProviderKey, addToDynamicWalletAccounts = true }, client = getDefaultClient())=>{
     const walletProvider = getWalletProviderByKey({
         walletProviderKey
     }, client);
     assertWalletProviderMethodDefined(walletProvider, 'connect');
-    const { addresses: [selectedAddress] } = await walletProvider.connect();
+    const { addresses } = await walletProvider.connect();
     const currentAddresses = getWalletAccounts(client).map(({ address })=>address);
+    const mainAddress = (addresses == null ? void 0 : addresses.length) ? addresses[0].address : null;
     /**
    * This error is thrown in case the wallet has no addresses connected
    * to the dapp. Then the error is thrown so the consumer can instruct the
    * user on the next steps.
-   */ if (!selectedAddress) {
+   */ if (!mainAddress) {
         throw new NoAddressFoundError();
     }
     const walletAccount = {
-        address: selectedAddress,
+        address: mainAddress,
+        addressesWithTypes: getAddressesWithTypesFromConnectionResult({
+            addresses
+        }),
         chain: walletProvider.chain,
-        id: createWalletAccountId(walletProvider.chain, selectedAddress),
+        id: formatWalletAccountId({
+            address: mainAddress,
+            chain: walletProvider.chain,
+            walletProviderKey
+        }),
         lastSelectedAt: null,
         verifiedCredentialId: null,
-        walletProviderKey: walletProvider.key
+        walletProviderKey
     };
-    if (currentAddresses.includes(selectedAddress)) {
+    if (currentAddresses.includes(mainAddress)) {
         return walletAccount;
     }
-    if (addToUserWalletAccounts) {
+    if (addToDynamicWalletAccounts) {
         setUnverifiedWalletAccounts({
             unverifiedWalletAccountsToUpdate: [
                 walletAccount
@@ -2741,24 +3431,15 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken }, cl
     return walletAccount;
 };
 
-/**
- * Check if the given value is an Error object
- */ const isError = (error)=>error instanceof Error;
-
-/**
- * Check if the given value is an Error object with a specific code
- */ const isErrorWithCode = (error, code)=>{
-    if (!isError(error)) return false;
-    return 'code' in error && error.code === code;
-};
-
 const getChainIdForAccountVerification = async ({ walletProvider })=>{
-    // If it's a Solana wallet, we should not specify a chainId
-    // since it breaks the message signature in some wallets (e.g. Trust Wallet)
-    if (walletProvider.chain === 'SOL') {
-        return undefined;
-    }
-    if (walletProvider.chain === 'SUI') {
+    // for some chains, we don't need to specify a chain id for account verification because it's
+    // not required and it might break the message signature in some wallets (e.g. Trust Wallet SOL)
+    const chainsThatDontNeedChainId = [
+        'BTC',
+        'SOL',
+        'SUI'
+    ];
+    if (chainsThatDontNeedChainId.includes(walletProvider.chain)) {
         return undefined;
     }
     const { networkId } = await walletProvider.getActiveNetworkId();
@@ -2786,6 +3467,7 @@ const getSignInMessage = async ({ walletAccount }, client)=>{
     const walletProvider = getWalletProviderFromWalletAccount({
         walletAccount
     }, client);
+    const statement = createSignInMessageStatement(client);
     const messageToSign = await formatSignInMessage({
         address: walletAccount.address,
         blockchainName: CHAINS_INFO_MAP[walletProvider.chain].blockchainName,
@@ -2796,6 +3478,7 @@ const getSignInMessage = async ({ walletAccount }, client)=>{
         issuedAt: new Date().toISOString(),
         nonce,
         requestId: core.environmentId,
+        statement,
         uri: url.toString()
     });
     return messageToSign;
@@ -2824,7 +3507,7 @@ const getSignInMessage = async ({ walletAccount }, client)=>{
     });
     return {
         messageToSign,
-        signedMessage: signature
+        signature
     };
 };
 
@@ -2832,11 +3515,18 @@ const getSignInMessage = async ({ walletAccount }, client)=>{
  * Removes an unverified wallet account from the client's state.
  */ const removeUnverifiedWalletAccount = ({ unverifiedWalletAccount }, client)=>{
     const core = getCore(client);
+    const previousState = core.state.get();
     const { unverifiedWalletAccounts } = core.state.get();
     const filteredUnverifiedWalletAccounts = unverifiedWalletAccounts.filter((account)=>account.id !== unverifiedWalletAccount.id);
     core.state.set({
         unverifiedWalletAccounts: filteredUnverifiedWalletAccounts
     });
+    /**
+   * We check before raising because the wallet account we are removing might still
+   * be present in wallet accounts due to having been moved to verified credentials.
+   */ checkAndRaiseWalletAccountsChangedEvent({
+        previousState
+    }, client);
 };
 
 const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === normalizeAddress(right, chain);
@@ -2853,53 +3543,48 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
  * @throws WalletAccountAlreadyVerifiedError If the wallet is already verified.
  * @throws WalletAlreadyLinkedToAnotherUserError If the wallet is linked to another user.
  */ const verifyWalletAccount = async ({ walletAccount }, client = getDefaultClient())=>{
+    var _response_user;
     if (walletAccount.verifiedCredentialId) {
         throw new WalletAccountAlreadyVerifiedError(walletAccount.address);
     }
-    const core = getCore(client);
-    const apiClient = createApiClient({}, client);
     const walletProvider = getWalletProviderFromWalletAccount({
         walletAccount
     }, client);
-    const { signedMessage, messageToSign } = await proveWalletAccountOwnership({
+    const { messageToSign, signature } = await proveWalletAccountOwnership({
         walletAccount
     }, client);
-    const verifyApiFunction = client.user ? apiClient.verifyLink.bind(apiClient) : apiClient.verify.bind(apiClient);
-    try {
-        const response = await verifyApiFunction({
-            environmentId: core.environmentId,
-            verifyRequest: {
-                captchaToken: consumeCaptchaToken(client),
-                // eslint-disable-next-line custom-rules/ban-chain-enum
-                chain: walletAccount.chain,
-                messageToSign,
-                publicWalletAddress: walletAccount.address,
-                signedMessage,
-                walletName: walletProvider.key,
-                walletProvider: walletProvider.getWalletProviderType()
-            }
-        });
-        /**
-     * Remove the now verified wallet account from the unverified wallet accounts
-     */ removeUnverifiedWalletAccount({
-            unverifiedWalletAccount: walletAccount
-        }, client);
-        /**
-     * Adds the user with the new wallet verified credential
-     * This will add the new verified wallet account to the client`s state
-     */ updateAuthFromVerifyResponse({
-            response
-        }, client);
-    } catch (error) {
-        if (isErrorWithCode(error, 'reassign_wallet_confirm') || isErrorWithCode(error, 'merge_accounts_confirmation')) {
-            throw new WalletAlreadyLinkedToAnotherUserError({
-                cause: error
-            });
+    const response = await verifySignInMessage({
+        addressesWithTypes: walletAccount.addressesWithTypes,
+        chain: walletAccount.chain,
+        messageToSign,
+        signature,
+        walletAddress: walletAccount.address,
+        walletDisplayName: walletProvider.metadata.displayName,
+        walletProviderType: walletProvider.walletProviderType
+    }, client);
+    const walletVerifiedCredential = (_response_user = response.user) == null ? void 0 : _response_user.verifiedCredentials.find((verifiedCredential)=>{
+        var _verifiedCredential_address;
+        return isSameAddress((_verifiedCredential_address = verifiedCredential.address) != null ? _verifiedCredential_address : '', walletAccount.address, walletAccount.chain);
+    });
+    assertDefined(walletVerifiedCredential, `After verifying, still unable to find verified wallet credential for wallet account ${walletAccount.address} on chain ${walletAccount.chain}`);
+    updateWalletProviderKeysForVerifiedCredentials({
+        keysToUpdate: {
+            [walletVerifiedCredential.id]: walletProvider.key
         }
-        throw error;
-    }
+    }, client);
+    /**
+   * Adds the user with the new wallet verified credential
+   * This will add the new verified wallet account to the client`s state
+   */ updateAuthFromVerifyResponse({
+        response
+    }, client);
+    /**
+   * Remove the now verified wallet account from the unverified wallet accounts
+   */ removeUnverifiedWalletAccount({
+        unverifiedWalletAccount: walletAccount
+    }, client);
     const verifiedWalletAccount = getWalletAccounts(client).find(({ address })=>isSameAddress(address, walletAccount.address, walletAccount.chain));
-    assertDefined(verifiedWalletAccount, 'Verified wallet account not found');
+    assertDefined(verifiedWalletAccount, `Unable to find wallet account ${walletAccount.address} on chain ${walletAccount.chain} for verified credential ${walletVerifiedCredential.id}`);
     return verifiedWalletAccount;
 };
 
@@ -2915,7 +3600,7 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
  * @returns A promise that resolves to the connected and verified wallet account.
  */ const connectAndVerifyWithWalletProvider = async ({ walletProviderKey }, client = getDefaultClient())=>{
     const walletAccount = await connectWithWalletProvider({
-        addToUserWalletAccounts: false,
+        addToDynamicWalletAccounts: false,
         walletProviderKey
     }, client);
     await verifyWalletAccount({
@@ -2948,7 +3633,8 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
             chain: walletProvider.chain,
             groupKey: walletProvider.groupKey,
             key: walletProvider.key,
-            metadata: walletProvider.metadata
+            metadata: walletProvider.metadata,
+            walletProviderType: walletProvider.walletProviderType
         }));
 };
 
@@ -2968,6 +3654,47 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
     return walletProvider.getConnectedAddresses();
 };
 
+const getOwnerWalletAccountForSmartWalletAccount = ({ smartWalletAccount }, client = getDefaultClient())=>{
+    const smartWalletVerifiedCredential = getVerifiedCredentialForWalletAccount({
+        walletAccount: smartWalletAccount
+    }, client);
+    assertDefined(smartWalletVerifiedCredential == null ? void 0 : smartWalletVerifiedCredential.signerRefId, 'Invalid smart wallet account');
+    return getWalletAccounts(client).find((walletAccount)=>walletAccount.verifiedCredentialId === smartWalletVerifiedCredential.signerRefId);
+};
+
+const getWalletAccountAddressByType = ({ type, walletAccount })=>{
+    var _walletAccount_addressesWithTypes_find, _walletAccount_addressesWithTypes;
+    return (_walletAccount_addressesWithTypes = walletAccount.addressesWithTypes) == null ? void 0 : (_walletAccount_addressesWithTypes_find = _walletAccount_addressesWithTypes.find((address)=>address.type === type)) == null ? void 0 : _walletAccount_addressesWithTypes_find.address;
+};
+
+/**
+ * Retrieves data for a specific wallet provider that can be used for display or connection.
+ *
+ * @param params.walletProviderKey - The key of the wallet provider to retrieve data for.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns The data for the wallet provider.
+ */ const getWalletProviderDataByKey = ({ walletProviderKey }, client = getDefaultClient())=>{
+    const { chain, groupKey, key, metadata, walletProviderType } = getWalletProviderByKey({
+        walletProviderKey
+    }, client);
+    return {
+        chain,
+        groupKey,
+        key,
+        metadata,
+        walletProviderType
+    };
+};
+
+/**
+ * Checks if a wallet account has been verified by a user.
+ *
+ * @param walletAccount - The wallet account to check.
+ * @returns True if the wallet account has been verified, false otherwise.
+ */ const isWalletAccountVerified = ({ walletAccount })=>{
+    return walletAccount.verifiedCredentialId !== null;
+};
+
 /**
  * Retrieves the network configuration data for the currently active network.
  *
@@ -3048,6 +3775,32 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
     });
 };
 
+/**
+ * Retrieves the transaction history for a given wallet address, chain and network.
+ *
+ * This function fetches the transaction history for a specified wallet address and chain,
+ * returning a list of transactions associated with that address along with nextOffset for pagination.
+ *
+ * @param params.address - The wallet address to query transactions for.
+ * @param params.chain - The chain to query transactions for.
+ * @param [params.limit] - The maximum number of transactions to return.
+ * @param params.networkId - The network ID to query transactions for.
+ * @param [params.offset] - The offset to use for pagination.
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
+ * @returns A promise that resolves to the transaction history along with nextOffset for the given wallet address and chain.
+ */ const getTransactionHistory = async (params, client = getDefaultClient())=>{
+    const core = getCore(client);
+    const apiClient = createApiClient({}, client);
+    const response = await apiClient.getWalletTransactions({
+        address: params.address,
+        // eslint-disable-next-line custom-rules/ban-chain-enum
+        chainName: params.chain,
+        environmentId: core.environmentId,
+        networkId: params.networkId
+    });
+    return response;
+};
+
 /**
  * Checks if programmatic network switching is available for a wallet account.
  *
@@ -3093,21 +3846,6 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
     });
 };
 
-/**
- * Get the primary wallet account.
- * The primary wallet account is the one that was last selected by the user.
- * This information is stored in both unverified and verified wallet accounts.
- * This function consolidates this information to determine which wallet was most recently selected.
- */ const getPrimaryWalletAccount = (client = getDefaultClient())=>{
-    const walletAccounts = getWalletAccounts(client);
-    const sortedLastSelectedWalletAccounts = walletAccounts.filter((walletAccount)=>Boolean(walletAccount.lastSelectedAt)).sort((a, b)=>b.lastSelectedAt.getTime() - a.lastSelectedAt.getTime());
-    if (sortedLastSelectedWalletAccounts.length === 0) {
-        return null;
-    }
-    const [primaryWalletAccount] = sortedLastSelectedWalletAccounts;
-    return primaryWalletAccount;
-};
-
 /**
  * Make the wallet account provided as the primary wallet account.
  */ const selectPrimaryWalletAccount = async ({ walletAccount }, client = getDefaultClient())=>{
@@ -3152,6 +3890,19 @@ const isSameAddress = (left, right, chain)=>normalizeAddress(left, chain) === no
  */ const removeWalletAccount = async ({ walletAccount }, client = getDefaultClient())=>{
     const core = getCore(client);
     const apiClient = createApiClient({}, client);
+    try {
+        const walletProvider = getWalletProviderFromWalletAccount({
+            walletAccount
+        }, client);
+        await (walletProvider.disconnectWalletAccount == null ? void 0 : walletProvider.disconnectWalletAccount.call(walletProvider, {
+            walletAccount
+        }));
+    } catch (error) {
+        if (error instanceof NoWalletProviderFoundError) {
+            return;
+        }
+        throw error;
+    }
     if (!walletAccount.verifiedCredentialId) {
         removeUnverifiedWalletAccount({
             unverifiedWalletAccount: walletAccount
@@ -3275,4 +4026,4 @@ const isIPhone = ()=>typeof window === 'undefined' || typeof navigator === 'unde
 
 assertPackageVersion(name, version);
 
-export { BaseError, ClientAlreadyInitializedError, InvalidRedirectStorageStateError, MissingRedirectStorageStateError, MissingSocialUrlParamError, NetworkSwitchingUnavailableError, NoAddressFoundError, NoPasskeyCredentialsFoundError, NoWebAuthNSupportError, UnavailableInServerSideError, UnrecognizedNetworkError, UserNotAuthenticatedError, UserRejectedError, WalletAccountAlreadyVerifiedError, WalletAccountNotSelectedError, WalletAlreadyLinkedToAnotherUserError, WalletProviderMethodUnavailableError, acknowledgeRecoveryCodes, assertWalletAccountSigningAvailability, assertWalletProviderMethodDefined, authenticateMfaRecoveryCode, authenticatePasskeyMFA, authenticateTotpMfaDevice, completeSocialRedirectSignIn, connectAndVerifyWithWalletProvider, connectWithWalletProvider, createDynamicClient, createNewMfaRecoveryCodes, deleteMfaDevice, deletePasskey, detectOAuthRedirect, fetchProjectSettings, getActiveNetworkData, getActiveNetworkId, getAvailableWalletProvidersData, getBalance, getBalanceForAddress, getConnectedAddresses, getDefaultClient, getMfaDevices, getMfaRecoveryCodes, getMultichainBalances, getNetworksData, getPasskeys, getPrimaryWalletAccount, getWalletAccountFromAddress, getWalletAccounts, initializeClient, isMobile, isPendingRecoveryCodesAcknowledgment, isProgrammaticNetworkSwitchAvailable, isUserMissingMfaAuth, logout, offWalletProviderEvent, onWalletProviderEvent, proveWalletAccountOwnership, refreshUser, registerPasskey, registerTotpMfaDevice, removeWalletAccount, selectPrimaryWalletAccount, sendEmailOTP, sendSmsOTP, setDefaultMfaDevice, signInWithExternalJwt, signInWithPasskey, signInWithSocialRedirect, signMessage, switchActiveNetwork, updateUser, verifyOTP, verifyWalletAccount, waitForClientInitialized };
+export { BaseError, ClientAlreadyInitializedError, InvalidParamError, InvalidRedirectStorageStateError, MissingRedirectStorageStateError, MissingSocialUrlParamError, MissingUserVerificationError, NetworkSwitchingUnavailableError, NoAddressFoundError, NoPasskeyCredentialsFoundError, NoSmartWalletAccountSignerFoundError, NoWebAuthNSupportError, UnavailableInServerSideError, UnrecognizedNetworkError, UserNotAuthenticatedError, UserRejectedError, WalletAccountAlreadyVerifiedError, WalletAccountNotSelectedError, WalletProviderMethodUnavailableError, acknowledgeRecoveryCodes, addCoinbaseOnrampOrderEventListener, assertWalletAccountSigningAvailability, assertWalletProviderMethodDefined, authenticateMfaRecoveryCode, authenticatePasskeyMFA, authenticateTotpMfaDevice, authenticateWithSocial, completeSocialAuthentication, connectAndVerifyWithWalletProvider, connectWithWalletProvider, createCoinbaseOnrampOrder, createCryptoDotComPayment, createDynamicClient, createNewMfaRecoveryCodes, deleteMfaDevice, deletePasskey, deleteUser, detectOAuthRedirect, fetchProjectSettings, getActiveNetworkData, getActiveNetworkId, getAvailableWalletProvidersData, getBalance, getBalanceForAddress, getCoinbaseBuyUrl, getConnectedAddresses, getDefaultClient, getMfaDevices, getMfaRecoveryCodes, getMissingVerificationForCoinbaseOnrampOrder, getMultichainBalances, getNetworksData, getOwnerWalletAccountForSmartWalletAccount, getPasskeys, getPrimaryWalletAccount, getTransactionHistory, getUserSocialAccounts, getWalletAccountAddressByType, getWalletAccountFromAddress, getWalletAccounts, getWalletProviderDataByKey, initializeClient, isMobile, isPendingRecoveryCodesAcknowledgment, isProgrammaticNetworkSwitchAvailable, isSignedIn, isUserMissingMfaAuth, isWalletAccountVerified, logout, offWalletProviderEvent, onWalletProviderEvent, proveWalletAccountOwnership, refreshUser, registerPasskey, registerTotpMfaDevice, removeWalletAccount, selectPrimaryWalletAccount, sendEmailOTP, sendSmsOTP, setDefaultMfaDevice, signInWithExternalJwt, signInWithPasskey, signMessage, switchActiveNetwork, unlinkSocialAccount, updateUser, verifyOTP, verifyWalletAccount, waitForClientInitialized };