@dynamic-labs-sdk/client 1.12.0 → 1.12.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (128) hide show
  1. package/dist/{InvalidParamError-6N66SLG8.esm.js → InvalidParamError-B0nAZ6Ei.esm.js} +36 -6
  2. package/dist/InvalidParamError-B0nAZ6Ei.esm.js.map +1 -0
  3. package/dist/{InvalidParamError-Bgg4SDfm.cjs → InvalidParamError-DDdAeFXE.cjs} +42 -6
  4. package/dist/InvalidParamError-DDdAeFXE.cjs.map +1 -0
  5. package/dist/{InvalidParamError-CjC1BFSC.native.esm.js → InvalidParamError-DbUJgYDE.native.esm.js} +22 -4
  6. package/dist/InvalidParamError-DbUJgYDE.native.esm.js.map +1 -0
  7. package/dist/core.cjs +5 -5
  8. package/dist/core.esm.js +5 -5
  9. package/dist/core.native.esm.js +5 -5
  10. package/dist/errors/WaasOnboardingIncompleteError.d.ts +18 -0
  11. package/dist/errors/WaasOnboardingIncompleteError.d.ts.map +1 -0
  12. package/dist/exports/index.d.ts +1 -0
  13. package/dist/exports/index.d.ts.map +1 -1
  14. package/dist/{getNetworkProviderFromNetworkId-Afx6InoJ.cjs → getNetworkProviderFromNetworkId-1j3BPA22.cjs} +4 -4
  15. package/dist/{getNetworkProviderFromNetworkId-Afx6InoJ.cjs.map → getNetworkProviderFromNetworkId-1j3BPA22.cjs.map} +1 -1
  16. package/dist/{getNetworkProviderFromNetworkId-BXBlKNF9.native.esm.js → getNetworkProviderFromNetworkId-CMBk4NzR.native.esm.js} +4 -4
  17. package/dist/{getNetworkProviderFromNetworkId-BXBlKNF9.native.esm.js.map → getNetworkProviderFromNetworkId-CMBk4NzR.native.esm.js.map} +1 -1
  18. package/dist/{getNetworkProviderFromNetworkId--egxmnKm.esm.js → getNetworkProviderFromNetworkId-DaMxnWPo.esm.js} +3 -3
  19. package/dist/{getNetworkProviderFromNetworkId--egxmnKm.esm.js.map → getNetworkProviderFromNetworkId-DaMxnWPo.esm.js.map} +1 -1
  20. package/dist/{getSignedSessionId-CsawYVfU.esm.js → getSignedSessionId-BRklPjP0.esm.js} +3 -3
  21. package/dist/{getSignedSessionId-CsawYVfU.esm.js.map → getSignedSessionId-BRklPjP0.esm.js.map} +1 -1
  22. package/dist/{getSignedSessionId-Kf9jJ8g0.cjs → getSignedSessionId-BU81jCyQ.cjs} +3 -3
  23. package/dist/{getSignedSessionId-Kf9jJ8g0.cjs.map → getSignedSessionId-BU81jCyQ.cjs.map} +1 -1
  24. package/dist/{getSignedSessionId-DWb6By0V.native.esm.js → getSignedSessionId-DPj38qtY.native.esm.js} +3 -3
  25. package/dist/{getSignedSessionId-DWb6By0V.native.esm.js.map → getSignedSessionId-DPj38qtY.native.esm.js.map} +1 -1
  26. package/dist/{getWaasWalletProviderFromWalletAccount-D1U_Vmr3.esm.js → getWaasWalletProviderFromWalletAccount-BhgXIVZM.native.esm.js} +3 -3
  27. package/dist/{getWaasWalletProviderFromWalletAccount-ChxW7xBR.native.esm.js.map → getWaasWalletProviderFromWalletAccount-BhgXIVZM.native.esm.js.map} +1 -1
  28. package/dist/{getWaasWalletProviderFromWalletAccount-ChxW7xBR.native.esm.js → getWaasWalletProviderFromWalletAccount-JN5ZC71J.esm.js} +3 -3
  29. package/dist/{getWaasWalletProviderFromWalletAccount-D1U_Vmr3.esm.js.map → getWaasWalletProviderFromWalletAccount-JN5ZC71J.esm.js.map} +1 -1
  30. package/dist/{getWaasWalletProviderFromWalletAccount-BZuQj_tI.cjs → getWaasWalletProviderFromWalletAccount-aRoo7mw8.cjs} +3 -3
  31. package/dist/{getWaasWalletProviderFromWalletAccount-BZuQj_tI.cjs.map → getWaasWalletProviderFromWalletAccount-aRoo7mw8.cjs.map} +1 -1
  32. package/dist/{getWalletProviderByKey-Bq0kRpuN.native.esm.js → getWalletProviderByKey-BKRul8sp.native.esm.js} +40 -35
  33. package/dist/getWalletProviderByKey-BKRul8sp.native.esm.js.map +1 -0
  34. package/dist/{getWalletProviderByKey-OC_h7kSB.esm.js → getWalletProviderByKey-C-HHI7L8.esm.js} +26 -33
  35. package/dist/getWalletProviderByKey-C-HHI7L8.esm.js.map +1 -0
  36. package/dist/{getWalletProviderByKey-DRex9vzR.cjs → getWalletProviderByKey-z1nf15R8.cjs} +29 -42
  37. package/dist/getWalletProviderByKey-z1nf15R8.cjs.map +1 -0
  38. package/dist/index.cjs +30 -70
  39. package/dist/index.cjs.map +1 -1
  40. package/dist/index.esm.js +22 -63
  41. package/dist/index.esm.js.map +1 -1
  42. package/dist/index.native.esm.js +21 -63
  43. package/dist/index.native.esm.js.map +1 -1
  44. package/dist/{isDynamicWaasEnabled-DDM_LAa0.native.esm.js → isDynamicWaasEnabled-9I4iE0Ko.native.esm.js} +2 -2
  45. package/dist/{isDynamicWaasEnabled-DDM_LAa0.native.esm.js.map → isDynamicWaasEnabled-9I4iE0Ko.native.esm.js.map} +1 -1
  46. package/dist/{isDynamicWaasEnabled-CEVTY3gQ.cjs → isDynamicWaasEnabled-DDbRfcN3.cjs} +3 -3
  47. package/dist/{isDynamicWaasEnabled-CEVTY3gQ.cjs.map → isDynamicWaasEnabled-DDbRfcN3.cjs.map} +1 -1
  48. package/dist/{isDynamicWaasEnabled-Di2FwljM.esm.js → isDynamicWaasEnabled-DvC45F05.esm.js} +2 -2
  49. package/dist/{isDynamicWaasEnabled-Di2FwljM.esm.js.map → isDynamicWaasEnabled-DvC45F05.esm.js.map} +1 -1
  50. package/dist/{isMfaRequiredForAction-CPhNpJQE.native.esm.js → isMfaRequiredForAction-B8d2MBRx.native.esm.js} +2 -2
  51. package/dist/{isMfaRequiredForAction-CPhNpJQE.native.esm.js.map → isMfaRequiredForAction-B8d2MBRx.native.esm.js.map} +1 -1
  52. package/dist/{isMfaRequiredForAction-BnAV59o-.esm.js → isMfaRequiredForAction-BAqo9eBq.esm.js} +2 -2
  53. package/dist/{isMfaRequiredForAction-BnAV59o-.esm.js.map → isMfaRequiredForAction-BAqo9eBq.esm.js.map} +1 -1
  54. package/dist/{isMfaRequiredForAction-DSo1ysdD.cjs → isMfaRequiredForAction-YGaK8XRO.cjs} +2 -2
  55. package/dist/{isMfaRequiredForAction-DSo1ysdD.cjs.map → isMfaRequiredForAction-YGaK8XRO.cjs.map} +1 -1
  56. package/dist/isUserOnboardingComplete-BT_SR4m_.esm.js +121 -0
  57. package/dist/isUserOnboardingComplete-BT_SR4m_.esm.js.map +1 -0
  58. package/dist/isUserOnboardingComplete-Bo9grSze.cjs +151 -0
  59. package/dist/isUserOnboardingComplete-Bo9grSze.cjs.map +1 -0
  60. package/dist/isUserOnboardingComplete-CVHzzTtG.native.esm.js +121 -0
  61. package/dist/isUserOnboardingComplete-CVHzzTtG.native.esm.js.map +1 -0
  62. package/dist/modules/auth/social/oauth/authenticateWithSocial/authenticateWithSocial.d.ts +1 -0
  63. package/dist/modules/auth/social/oauth/authenticateWithSocial/authenticateWithSocial.d.ts.map +1 -1
  64. package/dist/modules/auth/social/oauth/detectSocialRedirectUrl/detectSocialRedirectUrl.d.ts +1 -0
  65. package/dist/modules/auth/social/oauth/detectSocialRedirectUrl/detectSocialRedirectUrl.d.ts.map +1 -1
  66. package/dist/modules/checkout/attachCheckoutTransactionSource/attachCheckoutTransactionSource.d.ts +1 -0
  67. package/dist/modules/checkout/attachCheckoutTransactionSource/attachCheckoutTransactionSource.d.ts.map +1 -1
  68. package/dist/modules/checkout/broadcastCheckoutTransaction/broadcastCheckoutTransaction.d.ts +1 -0
  69. package/dist/modules/checkout/broadcastCheckoutTransaction/broadcastCheckoutTransaction.d.ts.map +1 -1
  70. package/dist/modules/checkout/cancelCheckoutTransaction/cancelCheckoutTransaction.d.ts +1 -0
  71. package/dist/modules/checkout/cancelCheckoutTransaction/cancelCheckoutTransaction.d.ts.map +1 -1
  72. package/dist/modules/checkout/createCheckoutTransaction/createCheckoutTransaction.d.ts +1 -0
  73. package/dist/modules/checkout/createCheckoutTransaction/createCheckoutTransaction.d.ts.map +1 -1
  74. package/dist/modules/checkout/getCheckoutTransaction/getCheckoutTransaction.d.ts +1 -0
  75. package/dist/modules/checkout/getCheckoutTransaction/getCheckoutTransaction.d.ts.map +1 -1
  76. package/dist/modules/checkout/getCheckoutTransactionQuote/getCheckoutTransactionQuote.d.ts +1 -0
  77. package/dist/modules/checkout/getCheckoutTransactionQuote/getCheckoutTransactionQuote.d.ts.map +1 -1
  78. package/dist/modules/checkout/prepareCheckoutTransaction/prepareCheckoutTransaction.d.ts +1 -0
  79. package/dist/modules/checkout/prepareCheckoutTransaction/prepareCheckoutTransaction.d.ts.map +1 -1
  80. package/dist/modules/checkout/submitCheckoutTransaction/submitCheckoutTransaction.d.ts +1 -0
  81. package/dist/modules/checkout/submitCheckoutTransaction/submitCheckoutTransaction.d.ts.map +1 -1
  82. package/dist/modules/checkout/trackCheckoutTransaction/trackCheckoutTransaction.d.ts +1 -0
  83. package/dist/modules/checkout/trackCheckoutTransaction/trackCheckoutTransaction.d.ts.map +1 -1
  84. package/dist/modules/checkout/utils/requiresConversion/requiresConversion.d.ts +1 -0
  85. package/dist/modules/checkout/utils/requiresConversion/requiresConversion.d.ts.map +1 -1
  86. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts +9 -2
  87. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts.map +1 -1
  88. package/dist/modules/waas/createWaasClient/createWaasClient.d.ts.map +1 -1
  89. package/dist/modules/waas/createWaasProvider/createWaasProvider.d.ts.map +1 -1
  90. package/dist/modules/waas/initializeWaasClientsForEagerRecovery/index.d.ts +2 -0
  91. package/dist/modules/waas/{restoreUserSharesForAllWalletAccounts → initializeWaasClientsForEagerRecovery}/index.d.ts.map +1 -1
  92. package/dist/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.d.ts +11 -0
  93. package/dist/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.d.ts.map +1 -0
  94. package/dist/modules/wallets/getAvailableWalletProvidersData/getAvailableWalletProvidersData.d.ts +1 -0
  95. package/dist/modules/wallets/getAvailableWalletProvidersData/getAvailableWalletProvidersData.d.ts.map +1 -1
  96. package/dist/modules/wallets/getWalletAccounts/getWalletAccountsFromState/getWalletAccountsFromState.d.ts.map +1 -1
  97. package/dist/{refreshAuth-Ca_JABru.cjs → refreshAuth-C0kN3RBN.cjs} +3 -3
  98. package/dist/{refreshAuth-Ca_JABru.cjs.map → refreshAuth-C0kN3RBN.cjs.map} +1 -1
  99. package/dist/{refreshAuth-DwYi8x0J.esm.js → refreshAuth-CfpOd4qg.esm.js} +3 -3
  100. package/dist/{refreshAuth-DwYi8x0J.esm.js.map → refreshAuth-CfpOd4qg.esm.js.map} +1 -1
  101. package/dist/{refreshAuth-C5bVvAAl.native.esm.js → refreshAuth-Ck5OyzzC.native.esm.js} +3 -3
  102. package/dist/{refreshAuth-C5bVvAAl.native.esm.js.map → refreshAuth-Ck5OyzzC.native.esm.js.map} +1 -1
  103. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  104. package/dist/waas.cjs +6 -6
  105. package/dist/waas.esm.js +5 -5
  106. package/dist/waas.native.esm.js +5 -5
  107. package/dist/waasCore.cjs +17 -12
  108. package/dist/waasCore.cjs.map +1 -1
  109. package/dist/waasCore.esm.js +16 -11
  110. package/dist/waasCore.esm.js.map +1 -1
  111. package/dist/waasCore.native.esm.js +7 -6
  112. package/dist/waasCore.native.esm.js.map +1 -1
  113. package/package.json +3 -3
  114. package/dist/InvalidParamError-6N66SLG8.esm.js.map +0 -1
  115. package/dist/InvalidParamError-Bgg4SDfm.cjs.map +0 -1
  116. package/dist/InvalidParamError-CjC1BFSC.native.esm.js.map +0 -1
  117. package/dist/getWalletProviderByKey-Bq0kRpuN.native.esm.js.map +0 -1
  118. package/dist/getWalletProviderByKey-DRex9vzR.cjs.map +0 -1
  119. package/dist/getWalletProviderByKey-OC_h7kSB.esm.js.map +0 -1
  120. package/dist/modules/waas/restoreUserSharesForAllWalletAccounts/index.d.ts +0 -2
  121. package/dist/modules/waas/restoreUserSharesForAllWalletAccounts/restoreUserSharesForAllWalletAccounts.d.ts +0 -4
  122. package/dist/modules/waas/restoreUserSharesForAllWalletAccounts/restoreUserSharesForAllWalletAccounts.d.ts.map +0 -1
  123. package/dist/preconnectWaasIframe-1BSQ7tHo.native.esm.js +0 -31
  124. package/dist/preconnectWaasIframe-1BSQ7tHo.native.esm.js.map +0 -1
  125. package/dist/preconnectWaasIframe-Cb9xM6kI.cjs +0 -37
  126. package/dist/preconnectWaasIframe-Cb9xM6kI.cjs.map +0 -1
  127. package/dist/preconnectWaasIframe-D2S_A0QT.esm.js +0 -31
  128. package/dist/preconnectWaasIframe-D2S_A0QT.esm.js.map +0 -1
@@ -1 +1 @@
1
- {"version":3,"file":"getWaasWalletProviderFromWalletAccount-D1U_Vmr3.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
1
+ {"version":3,"file":"getWaasWalletProviderFromWalletAccount-JN5ZC71J.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
@@ -1,5 +1,5 @@
1
- const require_InvalidParamError = require('./InvalidParamError-Bgg4SDfm.cjs');
2
- const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-CEVTY3gQ.cjs');
1
+ const require_InvalidParamError = require('./InvalidParamError-DDdAeFXE.cjs');
2
+ const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-DDbRfcN3.cjs');
3
3
 
4
4
  //#region src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts
5
5
  /** @not-instrumented */
@@ -16,4 +16,4 @@ Object.defineProperty(exports, 'getWaasWalletProviderFromWalletAccount', {
16
16
  return getWaasWalletProviderFromWalletAccount;
17
17
  }
18
18
  });
19
- //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-BZuQj_tI.cjs.map
19
+ //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-aRoo7mw8.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWaasWalletProviderFromWalletAccount-BZuQj_tI.cjs","names":["getWalletProviderFromWalletAccount","isWaasWalletProvider","NotWaasWalletAccountError"],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiBA,6DACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAACC,+CAAqB,eAAe,CACvC,OAAM,IAAIC,uDAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
1
+ {"version":3,"file":"getWaasWalletProviderFromWalletAccount-aRoo7mw8.cjs","names":["getWalletProviderFromWalletAccount","isWaasWalletProvider","NotWaasWalletAccountError"],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiBA,6DACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAACC,+CAAqB,eAAe,CACvC,OAAM,IAAIC,uDAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
@@ -1,4 +1,4 @@
1
- import { J as getDefaultClient, N as isCookieEnabled, P as assertDefined, Q as getCore, Z as BaseError, a as DYNAMIC_WAAS_METADATA, f as NoWalletProviderFoundError, h as emitEvent, n as isWaasWalletProvider, p as getChainFromVerifiedCredentialChain, t as InvalidParamError, u as getWalletProviderRegistry } from "./InvalidParamError-CjC1BFSC.native.esm.js";
1
+ import { $ as getCore, F as assertDefined, P as isCookieEnabled, Q as BaseError, Y as getDefaultClient, a as DYNAMIC_WAAS_METADATA, d as getWalletProviderRegistry, g as emitEvent, m as getChainFromVerifiedCredentialChain, n as isWaasWalletProvider, o as isUserMissingMfaAuth, p as NoWalletProviderFoundError, t as InvalidParamError } from "./InvalidParamError-DbUJgYDE.native.esm.js";
2
2
  import { JwtVerifiedCredentialFormatEnum, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/utils/setCookie/setCookie.ts
@@ -174,8 +174,20 @@ const getWalletAccountsFromState = ({ unverifiedWalletAccounts, user }, client)
174
174
  walletAccountsMap.set(walletAccount.id, walletAccount);
175
175
  });
176
176
  (user?.verifiedCredentials ?? []).filter((verified) => verified.format === JwtVerifiedCredentialFormatEnum.Blockchain).forEach((verifiedWalletAccount) => {
177
- const walletAccount = convertVerifiedCredentialToWalletAccount({ verifiedCredential: verifiedWalletAccount }, client);
178
- walletAccountsMap.set(walletAccount.id, walletAccount);
177
+ try {
178
+ const walletAccount = convertVerifiedCredentialToWalletAccount({ verifiedCredential: verifiedWalletAccount }, client);
179
+ walletAccountsMap.set(walletAccount.id, walletAccount);
180
+ } catch (error) {
181
+ /**
182
+ * A verified credential can be missing the data required to resolve its
183
+ * wallet provider (e.g. a legacy credential without a walletName). Skip
184
+ * it instead of throwing so a single unconvertible credential does not
185
+ * abort the whole mapping — which, during client initialization, would
186
+ * otherwise fail init and leave the app stuck loading. The wallet stays
187
+ * absent until the user reconnects it.
188
+ */
189
+ getCore(client).logger.debug(`Skipping verified credential ${verifiedWalletAccount.id}: unable to convert to wallet account`, error);
190
+ }
179
191
  });
180
192
  return Array.from(walletAccountsMap.values());
181
193
  };
@@ -229,24 +241,6 @@ const checkAndRaiseWalletAccountsChangedEvent = ({ previousState }, client) => {
229
241
  };
230
242
  const getWalletAccountsHash = (state, client) => getWalletAccountsFromState(state, client).map((walletAccount) => JSON.stringify(walletAccount)).sort().join("-");
231
243
 
232
- //#endregion
233
- //#region src/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.ts
234
- /**
235
- * Checks if the user requires additional MFA authentication.
236
- *
237
- * This function determines if the current user session requires
238
- * additional multi-factor authentication to access certain features.
239
- *
240
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
241
- * @returns True if the user needs additional MFA authentication, false otherwise.
242
- * @not-instrumented
243
- */
244
- const isUserMissingMfaAuth = (client = getDefaultClient()) => {
245
- const user = client.user;
246
- assertDefined(user, "User not logged in");
247
- return Boolean(user.scope?.includes("requiresAdditionalAuth"));
248
- };
249
-
250
244
  //#endregion
251
245
  //#region src/modules/wallets/getWalletProviders/getWalletProviders.ts
252
246
  /**
@@ -287,24 +281,35 @@ const isWaasWalletAccount = ({ walletAccount }) => {
287
281
  };
288
282
 
289
283
  //#endregion
290
- //#region src/modules/waas/restoreUserSharesForAllWalletAccounts/restoreUserSharesForAllWalletAccounts.ts
291
- /** @not-instrumented */
292
- const restoreUserSharesForAllWalletAccounts = async (client) => {
284
+ //#region src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts
285
+ /**
286
+ * On login, boots the WaaS client once per chain so the SDK eagerly recovers
287
+ * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the
288
+ * host looping per wallet. Booting calls `initialize()`, which sends the auth
289
+ * token the iframe needs to self-recover.
290
+ *
291
+ * @not-instrumented
292
+ */
293
+ const initializeWaasClientsForEagerRecovery = async (client) => {
293
294
  /**
294
- * Restoring the user shares will fails if the user is missing the MFA auth.
295
- * This early return prevents the attempt to restore the user shares to fail
296
- * when we know it will fails and just add noise to the logs.
295
+ * Booting triggers recovery, which fails if the user is missing the MFA auth.
296
+ * This early return avoids attempting a call we know will fail and just adds
297
+ * noise to the logs.
297
298
  */
298
299
  if (isUserMissingMfaAuth(client)) return;
299
- const waasWalletAccounts = getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount }));
300
- await Promise.all(waasWalletAccounts.map(async (walletAccount) => {
301
- const provider = findWaasWalletProviderByChain({ chain: walletAccount.chain }, client);
300
+ const waasChains = new Set(getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount })).map((walletAccount) => walletAccount.chain));
301
+ await Promise.all([...waasChains].map(async (chain) => {
302
+ const provider = findWaasWalletProviderByChain({ chain }, client);
302
303
  /**
303
304
  * The environment might not have the embedded wallet extensions installed.
304
- * In that case there is no provider for the chain and we can skip restoring the user share.
305
+ * In that case there is no provider for the chain and nothing to boot.
305
306
  */
306
307
  if (!provider) return;
307
- return provider.restoreUserShareForWalletAccount({ walletAccount });
308
+ try {
309
+ await provider.getWaasClient();
310
+ } catch (error) {
311
+ getCore(client).logger.warn("[initializeWaasClientsForEagerRecovery] failed to boot waas client", error);
312
+ }
308
313
  }));
309
314
  };
310
315
 
@@ -445,7 +450,7 @@ const updateAuthFromVerifyResponse = ({ response }, client) => {
445
450
  */
446
451
  if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax`);
447
452
  checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);
448
- if (!previousState.user && Boolean(newState.user)) restoreUserSharesForAllWalletAccounts(client);
453
+ if (!previousState.user && Boolean(newState.user)) initializeWaasClientsForEagerRecovery(client);
449
454
  };
450
455
 
451
456
  //#endregion
@@ -465,5 +470,5 @@ const getWalletProviderByKey = ({ walletProviderKey }, client) => {
465
470
  };
466
471
 
467
472
  //#endregion
468
- export { formatWalletAccountId as _, parseElevatedAccessToken as a, InvalidWalletProviderKeyError as b, findWaasWalletProviderByChain as c, checkAndRaiseWalletAccountsChangedEvent as d, emitWalletAccountsChangedEvent as f, normalizeWalletNameWithChain as g, formatWalletProviderKey as h, upsertElevatedAccessToken as i, getWalletProviders as l, getWalletAccounts as m, getVerifiedCredentialForWalletAccount as n, restoreUserSharesForAllWalletAccounts as o, DYNAMIC_AUTH_COOKIE_NAME as p, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, isUserMissingMfaAuth as u, normalizeAddress as v, setCookie as x, splitWalletProviderKey as y };
469
- //# sourceMappingURL=getWalletProviderByKey-Bq0kRpuN.native.esm.js.map
473
+ export { normalizeAddress as _, parseElevatedAccessToken as a, setCookie as b, findWaasWalletProviderByChain as c, emitWalletAccountsChangedEvent as d, DYNAMIC_AUTH_COOKIE_NAME as f, formatWalletAccountId as g, normalizeWalletNameWithChain as h, upsertElevatedAccessToken as i, getWalletProviders as l, formatWalletProviderKey as m, getVerifiedCredentialForWalletAccount as n, initializeWaasClientsForEagerRecovery as o, getWalletAccounts as p, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, checkAndRaiseWalletAccountsChangedEvent as u, splitWalletProviderKey as v, InvalidWalletProviderKeyError as y };
474
+ //# sourceMappingURL=getWalletProviderByKey-BKRul8sp.native.esm.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"getWalletProviderByKey-BKRul8sp.native.esm.js","names":["walletAccountsMap: Map<string, WalletAccount>","newState: Partial<DynamicCoreState>","walletProvider"],"sources":["../src/utils/setCookie/setCookie.ts","../src/errors/InvalidWalletProviderKeyError.ts","../src/modules/wallets/walletProvider/splitWalletProviderKey/splitWalletProviderKey.ts","../src/modules/wallets/utils/normalizeAddress/normalizeAddress.ts","../src/modules/wallets/utils/formatWalletAccountId/formatWalletAccountId.ts","../src/modules/wallets/utils/convertUnverifiedWalletAccountToWalletAccount/convertUnverifiedWalletAccountToWalletAccount.ts","../src/modules/wallets/utils/normalizeWalletNameWithChain/normalizeWalletNameWithChain.ts","../src/modules/wallets/utils/formatWalletProviderKey/formatWalletProviderKey.ts","../src/modules/wallets/walletProvider/walletProviderKeyMap/getWalletProviderKeyFromVerifiedCredential/getWalletProviderKeyFromVerifiedCredential.ts","../src/modules/wallets/utils/convertVerifiedCredentialToWalletAccount/convertVerifiedCredentialToWalletAccount.ts","../src/modules/wallets/getWalletAccounts/getWalletAccountsFromState/getWalletAccountsFromState.ts","../src/modules/wallets/getWalletAccounts/getWalletAccounts.ts","../src/modules/auth/consts.ts","../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["/**\n * Sefelly sets the cookie in the browser.\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const setCookie = (cookie: string) => {\n // eslint-disable-next-line no-restricted-globals\n document.cookie = cookie;\n};\n","import { BaseError } from './base';\n\nexport class InvalidWalletProviderKeyError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(value: string) {\n super({\n cause: null,\n code: 'invalid_wallet_provider_key',\n docsUrl: null,\n name: 'InvalidWalletProviderKeyError',\n shortMessage: `Invalid wallet provider key: ${value}. Key must be in the format of <normalizedWalletNameWithChain>:<walletProviderType>[:<suffix>]`,\n });\n }\n}\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { InvalidWalletProviderKeyError } from '../../../../errors/InvalidWalletProviderKeyError';\n\ntype SplitWalletProviderKeyResult = {\n normalizedWalletNameWithChain: string;\n suffix: string | undefined;\n walletProviderType: WalletProviderEnum;\n};\n\n/** @not-instrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const splitWalletProviderKey = (\n walletProviderKey: string\n): SplitWalletProviderKeyResult => {\n const [normalizedWalletNameWithChain, walletProviderType, suffix, ...rest] =\n walletProviderKey.split(':');\n\n if (\n !normalizedWalletNameWithChain ||\n !Object.values(WalletProviderEnum).includes(\n walletProviderType as WalletProviderEnum\n ) ||\n rest.length > 0\n ) {\n throw new InvalidWalletProviderKeyError(walletProviderKey);\n }\n\n return {\n normalizedWalletNameWithChain,\n suffix,\n walletProviderType: walletProviderType as WalletProviderEnum,\n };\n};\n","import type { Chain } from '../../../chain';\n\nexport type NormalizeAddressOptions = {\n /** The raw address to normalize. */\n address: string;\n\n /** The chain the address belongs to. */\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const normalizeAddress = ({ address, chain }: NormalizeAddressOptions) => {\n let normalizedAddress = address;\n\n if (normalizedAddress?.startsWith('0x')) {\n normalizedAddress = normalizedAddress.slice(2);\n }\n\n /**\n * These are standard from CAIP-2: https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-2.md\n * see also: https://github.com/ChainAgnostic/namespaces\n * note: no standard namespace currently exists for flow\n */\n const chainsThatRequireLowercaseAddress: Chain[] = ['EVM', 'FLOW'];\n\n normalizedAddress = chainsThatRequireLowercaseAddress.includes(chain)\n ? normalizedAddress?.toLowerCase()\n : normalizedAddress;\n\n return normalizedAddress;\n};\n","import type { Chain } from '../../../chain';\nimport { splitWalletProviderKey } from '../../walletProvider/splitWalletProviderKey';\nimport { normalizeAddress } from '../normalizeAddress';\n\ntype CreateWalletAccountIdParams = {\n address: string;\n chain: Chain;\n walletProviderKey: string;\n};\n\n/** @not-instrumented */\nexport const formatWalletAccountId = ({\n address,\n chain,\n walletProviderKey,\n}: CreateWalletAccountIdParams): string => {\n const { normalizedWalletNameWithChain } =\n splitWalletProviderKey(walletProviderKey);\n\n const normalizedAddress = normalizeAddress({ address, chain });\n\n return `${normalizedWalletNameWithChain}:${normalizedAddress}`;\n};\n","import type { UnverifiedWalletAccount } from '../../unverifiedWalletAccounts';\nimport type { WalletAccount } from '../../walletAccount';\nimport { formatWalletAccountId } from '../formatWalletAccountId';\n\ntype ConvertUnverifiedWalletAccountToWalletAccountParams = {\n unverifiedWalletAccount: UnverifiedWalletAccount;\n};\n\n/** @not-instrumented */\nexport const convertUnverifiedWalletAccountToWalletAccount = ({\n unverifiedWalletAccount,\n}: ConvertUnverifiedWalletAccountToWalletAccountParams): WalletAccount => ({\n address: unverifiedWalletAccount.address,\n addressesWithTypes: unverifiedWalletAccount.addressesWithTypes,\n chain: unverifiedWalletAccount.chain,\n id: formatWalletAccountId({\n address: unverifiedWalletAccount.address,\n chain: unverifiedWalletAccount.chain,\n walletProviderKey: unverifiedWalletAccount.walletProviderKey,\n }),\n lastSelectedAt: unverifiedWalletAccount.lastSelectedAt,\n verifiedCredentialId: null,\n walletProviderKey: unverifiedWalletAccount.walletProviderKey,\n});\n","import type { Chain } from '../../../chain';\n\ntype NormalizeWalletNameWithChainParams = {\n chain: Chain;\n displayName: string;\n};\n\n/**\n * Format the raw wallet name and chain to get the value we can use for\n * verified credentials' `walletName` field.\n * @not-instrumented\n */\nexport const normalizeWalletNameWithChain = ({\n displayName,\n chain,\n}: NormalizeWalletNameWithChainParams): string => {\n const sanitizedWalletName = displayName\n .replace(/[^a-zA-Z0-9]/g, '')\n .toLowerCase();\n\n const chainLowered = chain.toLocaleLowerCase();\n\n if (sanitizedWalletName.endsWith(chainLowered)) {\n return sanitizedWalletName;\n }\n\n return `${sanitizedWalletName}${chainLowered}`;\n};\n","import type { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { Chain } from '../../../chain';\nimport { normalizeWalletNameWithChain } from '../normalizeWalletNameWithChain';\n\ntype FormatWalletProviderKeyParams = {\n chain: Chain;\n displayName: string;\n suffix?: string;\n walletProviderType: WalletProviderEnum;\n};\n\n/**\n * Assembles the wallet provider key from the wallet name, chain, and wallet provider type.\n *\n * The suffix is optional and can be used to add a uniquely identifying string to the key, which\n * might be necessary for some wallet providers (like Wallet Connect).\n *\n * IMPORTANT: Do NOT add a suffix unless absolutely necessary, as it will cause the wallet account\n * to not be able to find its wallet provider when connecting to a new device (it won't be possible\n * to determine the full key just from the Verified Credential data).\n * @not-instrumented\n */\nexport const formatWalletProviderKey = ({\n suffix,\n chain,\n displayName,\n walletProviderType,\n}: FormatWalletProviderKeyParams) => {\n const normalizedNameWithChain = normalizeWalletNameWithChain({\n chain,\n displayName,\n });\n\n return `${normalizedNameWithChain}:${walletProviderType}${\n suffix ? `:${suffix}` : ''\n }`;\n};\n","import type { JwtVerifiedCredential } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../../client/types';\nimport { assertDefined } from '../../../../../utils/assertDefined';\nimport { getChainFromVerifiedCredentialChain } from '../../../../../utils/getChainFromVerifiedCredentialChain';\nimport { formatWalletProviderKey } from '../../../utils/formatWalletProviderKey';\n\ntype GetWalletProviderKeyFromVerifiedCredentialParams = {\n verifiedCredential: JwtVerifiedCredential;\n};\n\n/** @not-instrumented */\nexport const getWalletProviderKeyFromVerifiedCredential = (\n { verifiedCredential }: GetWalletProviderKeyFromVerifiedCredentialParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const { walletProviderKeyMap } = core.state.get();\n\n const storedWalletProviderKey = walletProviderKeyMap[verifiedCredential.id];\n\n if (storedWalletProviderKey) {\n return { walletProviderKey: storedWalletProviderKey };\n }\n\n /**\n * We fallback to comprising the wallet provider key from walletName and walletProvider.\n *\n * Some wallet provider types (like Wallet Connect) also use a special suffix for their wallet provider\n * keys, so this won't be enough for them.\n * Therefore, for those specific wallet providers, the wallet account will remain without a wallet provider\n * and will require reconnection.\n * Read walletProvider.types.ts for more info.\n */\n assertDefined(\n verifiedCredential.walletName,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing walletName`\n );\n\n assertDefined(\n verifiedCredential.walletProvider,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing walletProvider`\n );\n\n assertDefined(\n verifiedCredential.chain,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing chain`\n );\n\n /**\n * Historically, walletNames did not include the chain name as a suffix.\n * This piece of logic simply ensures we normalize any legacy walletNames to conform.\n */\n const chain = getChainFromVerifiedCredentialChain(verifiedCredential.chain);\n\n const walletProviderKey = formatWalletProviderKey({\n chain,\n displayName: verifiedCredential.walletName,\n walletProviderType: verifiedCredential.walletProvider,\n });\n\n return { walletProviderKey };\n};\n","import type { JwtVerifiedCredential } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../../client/types';\nimport { assertDefined } from '../../../../utils/assertDefined';\nimport { getChainFromVerifiedCredentialChain } from '../../../../utils/getChainFromVerifiedCredentialChain';\nimport type { HardwareWalletVendor } from '../../hardwareWallet/hardwareWallet.types';\nimport type { WalletAccount } from '../../walletAccount';\nimport { getWalletProviderKeyFromVerifiedCredential } from '../../walletProvider/walletProviderKeyMap/getWalletProviderKeyFromVerifiedCredential';\nimport { formatWalletAccountId } from '../formatWalletAccountId';\n\ntype ConvertVerifiedCredentialToWalletAccountParams = {\n verifiedCredential: JwtVerifiedCredential;\n};\n\n/** @not-instrumented */\nexport const convertVerifiedCredentialToWalletAccount = (\n { verifiedCredential }: ConvertVerifiedCredentialToWalletAccountParams,\n client: DynamicClient\n): WalletAccount => {\n assertDefined(\n verifiedCredential.address,\n 'Missing address in verified credential'\n );\n assertDefined(\n verifiedCredential.chain,\n 'Missing chain in verified credential'\n );\n\n const chain = getChainFromVerifiedCredentialChain(verifiedCredential.chain);\n\n const { walletProviderKey } = getWalletProviderKeyFromVerifiedCredential(\n {\n verifiedCredential,\n },\n client\n );\n\n const walletAccountId = formatWalletAccountId({\n address: verifiedCredential.address,\n chain,\n walletProviderKey,\n });\n\n return {\n address: verifiedCredential.address,\n addressesWithTypes: verifiedCredential.walletAdditionalAddresses,\n chain,\n hardwareWalletVendor: verifiedCredential.walletProperties?.hardwareWallet as\n | HardwareWalletVendor\n | undefined,\n id: walletAccountId,\n lastSelectedAt: verifiedCredential.lastSelectedAt ?? null,\n verifiedCredentialId: verifiedCredential.id,\n walletProviderKey,\n };\n};\n","import type { SdkUser } from '@dynamic-labs/sdk-api-core';\nimport { JwtVerifiedCredentialFormatEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport type { UnverifiedWalletAccount } from '../../unverifiedWalletAccounts';\nimport { convertUnverifiedWalletAccountToWalletAccount } from '../../utils/convertUnverifiedWalletAccountToWalletAccount';\nimport { convertVerifiedCredentialToWalletAccount } from '../../utils/convertVerifiedCredentialToWalletAccount';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetWalletAccountsFromStateParams = {\n unverifiedWalletAccounts: UnverifiedWalletAccount[];\n user: SdkUser | null;\n};\n\n/** @not-instrumented */\nexport const getWalletAccountsFromState = (\n { unverifiedWalletAccounts, user }: GetWalletAccountsFromStateParams,\n client: DynamicClient\n): WalletAccount[] => {\n const walletAccountsMap: Map<string, WalletAccount> = new Map();\n\n /**\n * Handle the unverified wallet accounts before the user verified credentials\n * so the later verified wallet accounts can override the unverified wallet accounts\n */\n unverifiedWalletAccounts.forEach((unverifiedWalletAccount) => {\n const walletAccount = convertUnverifiedWalletAccountToWalletAccount({\n unverifiedWalletAccount,\n });\n\n walletAccountsMap.set(walletAccount.id, walletAccount);\n });\n\n /**\n * Handle user verified credentials\n */\n const verifiedCredentials = user?.verifiedCredentials ?? [];\n\n verifiedCredentials\n .filter(\n (verified) =>\n verified.format === JwtVerifiedCredentialFormatEnum.Blockchain\n )\n .forEach((verifiedWalletAccount) => {\n try {\n const walletAccount = convertVerifiedCredentialToWalletAccount(\n {\n verifiedCredential: verifiedWalletAccount,\n },\n client\n );\n\n walletAccountsMap.set(walletAccount.id, walletAccount);\n } catch (error) {\n /**\n * A verified credential can be missing the data required to resolve its\n * wallet provider (e.g. a legacy credential without a walletName). Skip\n * it instead of throwing so a single unconvertible credential does not\n * abort the whole mapping — which, during client initialization, would\n * otherwise fail init and leave the app stuck loading. The wallet stays\n * absent until the user reconnects it.\n */\n getCore(client).logger.debug(\n `Skipping verified credential ${verifiedWalletAccount.id}: unable to convert to wallet account`,\n error\n );\n }\n });\n\n return Array.from(walletAccountsMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport type { WalletAccount } from '../walletAccount';\nimport { getWalletAccountsFromState } from './getWalletAccountsFromState';\n\n/**\n * Retrieves all wallet accounts associated with the current session.\n *\n * This function returns both verified and unverified wallet accounts,\n * combining data from user credentials and local unverified accounts.\n * You can differentiate between verified and unverified wallet accounts by\n * checking the `verifiedCredentialId` property.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns An array of wallet accounts associated with the session.\n * @not-instrumented\n * @hook Exposed as a hook so consumers get the reactive list of wallet accounts.\n */\nexport const getWalletAccounts = (\n client = getDefaultClient()\n): WalletAccount[] => {\n const core = getCore(client);\n const { unverifiedWalletAccounts, user } = core.state.get();\n\n return getWalletAccountsFromState({ unverifiedWalletAccounts, user }, client);\n};\n","export const DYNAMIC_AUTH_COOKIE_NAME = 'DYNAMIC_JWT_TOKEN';\n","import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @not-instrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @not-instrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @not-instrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @not-instrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @not-instrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @not-instrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @not-instrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @not-instrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @not-instrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;AAKA,MAAa,aAAa,WAAmB;AAE3C,UAAS,SAAS;;;;;ACLpB,IAAa,gCAAb,cAAmD,UAAU;CAE3D,YAAY,OAAe;AACzB,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,gCAAgC,MAAM;GACrD,CAAC;;;;;;;ACCN,MAAa,0BACX,sBACiC;CACjC,MAAM,CAAC,+BAA+B,oBAAoB,QAAQ,GAAG,QACnE,kBAAkB,MAAM,IAAI;AAE9B,KACE,CAAC,iCACD,CAAC,OAAO,OAAO,mBAAmB,CAAC,SACjC,mBACD,IACD,KAAK,SAAS,EAEd,OAAM,IAAI,8BAA8B,kBAAkB;AAG5D,QAAO;EACL;EACA;EACoB;EACrB;;;;;;ACrBH,MAAa,oBAAoB,EAAE,SAAS,YAAqC;CAC/E,IAAI,oBAAoB;AAExB,KAAI,mBAAmB,WAAW,KAAK,CACrC,qBAAoB,kBAAkB,MAAM,EAAE;AAUhD,qBAFmD,CAAC,OAAO,OAAO,CAEZ,SAAS,MAAM,GACjE,mBAAmB,aAAa,GAChC;AAEJ,QAAO;;;;;;AClBT,MAAa,yBAAyB,EACpC,SACA,OACA,wBACyC;CACzC,MAAM,EAAE,kCACN,uBAAuB,kBAAkB;AAI3C,QAAO,GAAG,8BAA8B,GAFd,iBAAiB;EAAE;EAAS;EAAO,CAAC;;;;;;ACVhE,MAAa,iDAAiD,EAC5D,+BACyE;CACzE,SAAS,wBAAwB;CACjC,oBAAoB,wBAAwB;CAC5C,OAAO,wBAAwB;CAC/B,IAAI,sBAAsB;EACxB,SAAS,wBAAwB;EACjC,OAAO,wBAAwB;EAC/B,mBAAmB,wBAAwB;EAC5C,CAAC;CACF,gBAAgB,wBAAwB;CACxC,sBAAsB;CACtB,mBAAmB,wBAAwB;CAC5C;;;;;;;;;ACXD,MAAa,gCAAgC,EAC3C,aACA,YACgD;CAChD,MAAM,sBAAsB,YACzB,QAAQ,iBAAiB,GAAG,CAC5B,aAAa;CAEhB,MAAM,eAAe,MAAM,mBAAmB;AAE9C,KAAI,oBAAoB,SAAS,aAAa,CAC5C,QAAO;AAGT,QAAO,GAAG,sBAAsB;;;;;;;;;;;;;;;;ACHlC,MAAa,2BAA2B,EACtC,QACA,OACA,aACA,yBACmC;AAMnC,QAAO,GALyB,6BAA6B;EAC3D;EACA;EACD,CAAC,CAEgC,GAAG,qBACnC,SAAS,IAAI,WAAW;;;;;;ACtB5B,MAAa,8CACX,EAAE,sBACF,WACG;CAGH,MAAM,EAAE,yBAFK,QAAQ,OAAO,CAEU,MAAM,KAAK;CAEjD,MAAM,0BAA0B,qBAAqB,mBAAmB;AAExE,KAAI,wBACF,QAAO,EAAE,mBAAmB,yBAAyB;;;;;;;;;;AAYvD,eACE,mBAAmB,YACnB,iEAAiE,mBAAmB,GAAG,sBACxF;AAED,eACE,mBAAmB,gBACnB,iEAAiE,mBAAmB,GAAG,0BACxF;AAED,eACE,mBAAmB,OACnB,iEAAiE,mBAAmB,GAAG,iBACxF;AAcD,QAAO,EAAE,mBANiB,wBAAwB;EAChD,OAHY,oCAAoC,mBAAmB,MAAM;EAIzE,aAAa,mBAAmB;EAChC,oBAAoB,mBAAmB;EACxC,CAAC,EAE0B;;;;;;AChD9B,MAAa,4CACX,EAAE,sBACF,WACkB;AAClB,eACE,mBAAmB,SACnB,yCACD;AACD,eACE,mBAAmB,OACnB,uCACD;CAED,MAAM,QAAQ,oCAAoC,mBAAmB,MAAM;CAE3E,MAAM,EAAE,sBAAsB,2CAC5B,EACE,oBACD,EACD,OACD;CAED,MAAM,kBAAkB,sBAAsB;EAC5C,SAAS,mBAAmB;EAC5B;EACA;EACD,CAAC;AAEF,QAAO;EACL,SAAS,mBAAmB;EAC5B,oBAAoB,mBAAmB;EACvC;EACA,sBAAsB,mBAAmB,kBAAkB;EAG3D,IAAI;EACJ,gBAAgB,mBAAmB,kBAAkB;EACrD,sBAAsB,mBAAmB;EACzC;EACD;;;;;;ACtCH,MAAa,8BACX,EAAE,0BAA0B,QAC5B,WACoB;CACpB,MAAMA,oCAAgD,IAAI,KAAK;;;;;AAM/D,0BAAyB,SAAS,4BAA4B;EAC5D,MAAM,gBAAgB,8CAA8C,EAClE,yBACD,CAAC;AAEF,oBAAkB,IAAI,cAAc,IAAI,cAAc;GACtD;AAOF,EAF4B,MAAM,uBAAuB,EAAE,EAGxD,QACE,aACC,SAAS,WAAW,gCAAgC,WACvD,CACA,SAAS,0BAA0B;AAClC,MAAI;GACF,MAAM,gBAAgB,yCACpB,EACE,oBAAoB,uBACrB,EACD,OACD;AAED,qBAAkB,IAAI,cAAc,IAAI,cAAc;WAC/C,OAAO;;;;;;;;;AASd,WAAQ,OAAO,CAAC,OAAO,MACrB,gCAAgC,sBAAsB,GAAG,wCACzD,MACD;;GAEH;AAEJ,QAAO,MAAM,KAAK,kBAAkB,QAAQ,CAAC;;;;;;;;;;;;;;;;;;ACpD/C,MAAa,qBACX,SAAS,kBAAkB,KACP;CAEpB,MAAM,EAAE,0BAA0B,SADrB,QAAQ,OAAO,CACoB,MAAM,KAAK;AAE3D,QAAO,2BAA2B;EAAE;EAA0B;EAAM,EAAE,OAAO;;;;;ACxB/E,MAAa,2BAA2B;;;;;;;;ACQxC,MAAa,kCAAkC,WAAgC;AAG7E,WACE;EACE,MAAM,EAAE,gBAJW,kBAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEA,2BAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+B,0BAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkB,wBAAwB;EAC9C;EACA,aAAa,sBAAsB;EACnC,oBAAoB,mBAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAAC,qBAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrC,sBAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAI,qBAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrB,kBAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,WAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAI,kBAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiB,kBACnB,OAAM;AAER,QAAM,IAAI,kBACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMC,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAe,gBAAgB,OAAO,CAGxC,WACE,GAAG,yBAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAI,2BAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
@@ -1,4 +1,4 @@
1
- import { O as setCookie, U as isCookieEnabled, W as assertDefined, a as DYNAMIC_WAAS_METADATA, c as DYNAMIC_AUTH_COOKIE_NAME, ct as getCore, d as getWalletProviderRegistry, g as formatWalletProviderKey, h as getWalletAccountsFromState, it as getDefaultClient, m as getWalletAccounts, n as isWaasWalletProvider, p as NoWalletProviderFoundError, t as InvalidParamError, w as emitEvent } from "./InvalidParamError-6N66SLG8.esm.js";
1
+ import { T as emitEvent, W as isCookieEnabled, _ as formatWalletProviderKey, a as DYNAMIC_WAAS_METADATA, f as getWalletProviderRegistry, g as getWalletAccountsFromState, h as getWalletAccounts, k as setCookie, l as DYNAMIC_AUTH_COOKIE_NAME, lt as getCore, m as NoWalletProviderFoundError, n as isWaasWalletProvider, o as isUserMissingMfaAuth, t as InvalidParamError } from "./InvalidParamError-B0nAZ6Ei.esm.js";
2
2
  import { WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts
@@ -22,24 +22,6 @@ const checkAndRaiseWalletAccountsChangedEvent = ({ previousState }, client) => {
22
22
  };
23
23
  const getWalletAccountsHash = (state, client) => getWalletAccountsFromState(state, client).map((walletAccount) => JSON.stringify(walletAccount)).sort().join("-");
24
24
 
25
- //#endregion
26
- //#region src/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.ts
27
- /**
28
- * Checks if the user requires additional MFA authentication.
29
- *
30
- * This function determines if the current user session requires
31
- * additional multi-factor authentication to access certain features.
32
- *
33
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
34
- * @returns True if the user needs additional MFA authentication, false otherwise.
35
- * @not-instrumented
36
- */
37
- const isUserMissingMfaAuth = (client = getDefaultClient()) => {
38
- const user = client.user;
39
- assertDefined(user, "User not logged in");
40
- return Boolean(user.scope?.includes("requiresAdditionalAuth"));
41
- };
42
-
43
25
  //#endregion
44
26
  //#region src/modules/wallets/getWalletProviders/getWalletProviders.ts
45
27
  /**
@@ -80,24 +62,35 @@ const isWaasWalletAccount = ({ walletAccount }) => {
80
62
  };
81
63
 
82
64
  //#endregion
83
- //#region src/modules/waas/restoreUserSharesForAllWalletAccounts/restoreUserSharesForAllWalletAccounts.ts
84
- /** @not-instrumented */
85
- const restoreUserSharesForAllWalletAccounts = async (client) => {
65
+ //#region src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts
66
+ /**
67
+ * On login, boots the WaaS client once per chain so the SDK eagerly recovers
68
+ * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the
69
+ * host looping per wallet. Booting calls `initialize()`, which sends the auth
70
+ * token the iframe needs to self-recover.
71
+ *
72
+ * @not-instrumented
73
+ */
74
+ const initializeWaasClientsForEagerRecovery = async (client) => {
86
75
  /**
87
- * Restoring the user shares will fails if the user is missing the MFA auth.
88
- * This early return prevents the attempt to restore the user shares to fail
89
- * when we know it will fails and just add noise to the logs.
76
+ * Booting triggers recovery, which fails if the user is missing the MFA auth.
77
+ * This early return avoids attempting a call we know will fail and just adds
78
+ * noise to the logs.
90
79
  */
91
80
  if (isUserMissingMfaAuth(client)) return;
92
- const waasWalletAccounts = getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount }));
93
- await Promise.all(waasWalletAccounts.map(async (walletAccount) => {
94
- const provider = findWaasWalletProviderByChain({ chain: walletAccount.chain }, client);
81
+ const waasChains = new Set(getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount })).map((walletAccount) => walletAccount.chain));
82
+ await Promise.all([...waasChains].map(async (chain) => {
83
+ const provider = findWaasWalletProviderByChain({ chain }, client);
95
84
  /**
96
85
  * The environment might not have the embedded wallet extensions installed.
97
- * In that case there is no provider for the chain and we can skip restoring the user share.
86
+ * In that case there is no provider for the chain and nothing to boot.
98
87
  */
99
88
  if (!provider) return;
100
- return provider.restoreUserShareForWalletAccount({ walletAccount });
89
+ try {
90
+ await provider.getWaasClient();
91
+ } catch (error) {
92
+ getCore(client).logger.warn("[initializeWaasClientsForEagerRecovery] failed to boot waas client", error);
93
+ }
101
94
  }));
102
95
  };
103
96
 
@@ -238,7 +231,7 @@ const updateAuthFromVerifyResponse = ({ response }, client) => {
238
231
  */
239
232
  if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax`);
240
233
  checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);
241
- if (!previousState.user && Boolean(newState.user)) restoreUserSharesForAllWalletAccounts(client);
234
+ if (!previousState.user && Boolean(newState.user)) initializeWaasClientsForEagerRecovery(client);
242
235
  };
243
236
 
244
237
  //#endregion
@@ -258,5 +251,5 @@ const getWalletProviderByKey = ({ walletProviderKey }, client) => {
258
251
  };
259
252
 
260
253
  //#endregion
261
- export { parseElevatedAccessToken as a, findWaasWalletProviderByChain as c, checkAndRaiseWalletAccountsChangedEvent as d, emitWalletAccountsChangedEvent as f, upsertElevatedAccessToken as i, getWalletProviders as l, getVerifiedCredentialForWalletAccount as n, restoreUserSharesForAllWalletAccounts as o, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, isUserMissingMfaAuth as u };
262
- //# sourceMappingURL=getWalletProviderByKey-OC_h7kSB.esm.js.map
254
+ export { parseElevatedAccessToken as a, findWaasWalletProviderByChain as c, emitWalletAccountsChangedEvent as d, upsertElevatedAccessToken as i, getWalletProviders as l, getVerifiedCredentialForWalletAccount as n, initializeWaasClientsForEagerRecovery as o, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, checkAndRaiseWalletAccountsChangedEvent as u };
255
+ //# sourceMappingURL=getWalletProviderByKey-C-HHI7L8.esm.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"getWalletProviderByKey-C-HHI7L8.esm.js","names":["newState: Partial<DynamicCoreState>","walletProvider"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @not-instrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @not-instrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @not-instrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @not-instrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @not-instrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @not-instrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @not-instrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @not-instrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @not-instrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,WACE;EACE,MAAM,EAAE,gBAJW,kBAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEA,2BAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+B,0BAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkB,wBAAwB;EAC9C;EACA,aAAa,sBAAsB;EACnC,oBAAoB,mBAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAAC,qBAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrC,sBAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAI,qBAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrB,kBAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,WAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAI,kBAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiB,kBACnB,OAAM;AAER,QAAM,IAAI,kBACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMA,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAe,gBAAgB,OAAO,CAGxC,WACE,GAAG,yBAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAI,2BAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
@@ -1,5 +1,5 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DSo1ysdD.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-Bgg4SDfm.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-YGaK8XRO.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-DDdAeFXE.cjs');
3
3
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
4
4
 
5
5
  //#region src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts
@@ -23,24 +23,6 @@ const checkAndRaiseWalletAccountsChangedEvent = ({ previousState }, client) => {
23
23
  };
24
24
  const getWalletAccountsHash = (state, client) => require_InvalidParamError.getWalletAccountsFromState(state, client).map((walletAccount) => JSON.stringify(walletAccount)).sort().join("-");
25
25
 
26
- //#endregion
27
- //#region src/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.ts
28
- /**
29
- * Checks if the user requires additional MFA authentication.
30
- *
31
- * This function determines if the current user session requires
32
- * additional multi-factor authentication to access certain features.
33
- *
34
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
35
- * @returns True if the user needs additional MFA authentication, false otherwise.
36
- * @not-instrumented
37
- */
38
- const isUserMissingMfaAuth = (client = require_InvalidParamError.getDefaultClient()) => {
39
- const user = client.user;
40
- require_InvalidParamError.assertDefined(user, "User not logged in");
41
- return Boolean(user.scope?.includes("requiresAdditionalAuth"));
42
- };
43
-
44
26
  //#endregion
45
27
  //#region src/modules/wallets/getWalletProviders/getWalletProviders.ts
46
28
  /**
@@ -81,24 +63,35 @@ const isWaasWalletAccount = ({ walletAccount }) => {
81
63
  };
82
64
 
83
65
  //#endregion
84
- //#region src/modules/waas/restoreUserSharesForAllWalletAccounts/restoreUserSharesForAllWalletAccounts.ts
85
- /** @not-instrumented */
86
- const restoreUserSharesForAllWalletAccounts = async (client) => {
66
+ //#region src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts
67
+ /**
68
+ * On login, boots the WaaS client once per chain so the SDK eagerly recovers
69
+ * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the
70
+ * host looping per wallet. Booting calls `initialize()`, which sends the auth
71
+ * token the iframe needs to self-recover.
72
+ *
73
+ * @not-instrumented
74
+ */
75
+ const initializeWaasClientsForEagerRecovery = async (client) => {
87
76
  /**
88
- * Restoring the user shares will fails if the user is missing the MFA auth.
89
- * This early return prevents the attempt to restore the user shares to fail
90
- * when we know it will fails and just add noise to the logs.
77
+ * Booting triggers recovery, which fails if the user is missing the MFA auth.
78
+ * This early return avoids attempting a call we know will fail and just adds
79
+ * noise to the logs.
91
80
  */
92
- if (isUserMissingMfaAuth(client)) return;
93
- const waasWalletAccounts = require_InvalidParamError.getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount }));
94
- await Promise.all(waasWalletAccounts.map(async (walletAccount) => {
95
- const provider = findWaasWalletProviderByChain({ chain: walletAccount.chain }, client);
81
+ if (require_InvalidParamError.isUserMissingMfaAuth(client)) return;
82
+ const waasChains = new Set(require_InvalidParamError.getWalletAccounts(client).filter((walletAccount) => isWaasWalletAccount({ walletAccount })).map((walletAccount) => walletAccount.chain));
83
+ await Promise.all([...waasChains].map(async (chain) => {
84
+ const provider = findWaasWalletProviderByChain({ chain }, client);
96
85
  /**
97
86
  * The environment might not have the embedded wallet extensions installed.
98
- * In that case there is no provider for the chain and we can skip restoring the user share.
87
+ * In that case there is no provider for the chain and nothing to boot.
99
88
  */
100
89
  if (!provider) return;
101
- return provider.restoreUserShareForWalletAccount({ walletAccount });
90
+ try {
91
+ await provider.getWaasClient();
92
+ } catch (error) {
93
+ require_InvalidParamError.getCore(client).logger.warn("[initializeWaasClientsForEagerRecovery] failed to boot waas client", error);
94
+ }
102
95
  }));
103
96
  };
104
97
 
@@ -239,7 +232,7 @@ const updateAuthFromVerifyResponse = ({ response }, client) => {
239
232
  */
240
233
  if (minifiedJwt && require_InvalidParamError.isCookieEnabled(client)) require_InvalidParamError.setCookie(`${require_InvalidParamError.DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax`);
241
234
  checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);
242
- if (!previousState.user && Boolean(newState.user)) restoreUserSharesForAllWalletAccounts(client);
235
+ if (!previousState.user && Boolean(newState.user)) initializeWaasClientsForEagerRecovery(client);
243
236
  };
244
237
 
245
238
  //#endregion
@@ -295,10 +288,10 @@ Object.defineProperty(exports, 'getWalletProviders', {
295
288
  return getWalletProviders;
296
289
  }
297
290
  });
298
- Object.defineProperty(exports, 'isUserMissingMfaAuth', {
291
+ Object.defineProperty(exports, 'initializeWaasClientsForEagerRecovery', {
299
292
  enumerable: true,
300
293
  get: function () {
301
- return isUserMissingMfaAuth;
294
+ return initializeWaasClientsForEagerRecovery;
302
295
  }
303
296
  });
304
297
  Object.defineProperty(exports, 'isWaasWalletAccount', {
@@ -313,12 +306,6 @@ Object.defineProperty(exports, 'parseElevatedAccessToken', {
313
306
  return parseElevatedAccessToken;
314
307
  }
315
308
  });
316
- Object.defineProperty(exports, 'restoreUserSharesForAllWalletAccounts', {
317
- enumerable: true,
318
- get: function () {
319
- return restoreUserSharesForAllWalletAccounts;
320
- }
321
- });
322
309
  Object.defineProperty(exports, 'updateAuthFromVerifyResponse', {
323
310
  enumerable: true,
324
311
  get: function () {
@@ -331,4 +318,4 @@ Object.defineProperty(exports, 'upsertElevatedAccessToken', {
331
318
  return upsertElevatedAccessToken;
332
319
  }
333
320
  });
334
- //# sourceMappingURL=getWalletProviderByKey-DRex9vzR.cjs.map
321
+ //# sourceMappingURL=getWalletProviderByKey-z1nf15R8.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"getWalletProviderByKey-z1nf15R8.cjs","names":["getWalletAccounts","getCore","getWalletAccountsFromState","getWalletProviderRegistry","formatWalletProviderKey","DYNAMIC_WAAS_METADATA","WalletProviderEnum","isWaasWalletProvider","DYNAMIC_WAAS_METADATA","isUserMissingMfaAuth","getWalletAccounts","InvalidParamError","getCore","newState: Partial<DynamicCoreState>","isCookieEnabled","DYNAMIC_AUTH_COOKIE_NAME","walletProvider","NoWalletProviderFoundError"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @not-instrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @not-instrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @not-instrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @not-instrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @not-instrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @not-instrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @not-instrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @not-instrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @not-instrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @not-instrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @not-instrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,qCACE;EACE,MAAM,EAAE,gBAJWA,4CAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEAC,qDAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+BC,oDAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkBC,kDAAwB;EAC9C;EACA,aAAaC,gDAAsB;EACnC,oBAAoBC,8CAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAACC,+CAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrCC,gDAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAIC,+CAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrBC,4CAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,qCAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAIC,4CAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiBA,4CACnB,OAAM;AAER,QAAM,IAAIA,4CACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMC,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAeC,0CAAgB,OAAO,CAGxC,qCACE,GAAGC,mDAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAIC,qDAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}