@dynamic-labs-sdk/client 1.13.0 → 1.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{InvalidParamError-CGiSxym5.native.esm.js → InvalidParamError-BKr8fFc1.native.esm.js} +1059 -1069
- package/dist/InvalidParamError-BKr8fFc1.native.esm.js.map +1 -0
- package/dist/{InvalidParamError-C7c-OLz1.cjs → InvalidParamError-Cs4ZMEj4.cjs} +842 -852
- package/dist/InvalidParamError-Cs4ZMEj4.cjs.map +1 -0
- package/dist/{InvalidParamError-BeCPhfVz.esm.js → InvalidParamError-DZjc7Tjc.esm.js} +1236 -1246
- package/dist/InvalidParamError-DZjc7Tjc.esm.js.map +1 -0
- package/dist/core.cjs +6 -6
- package/dist/core.esm.js +8 -8
- package/dist/core.esm.js.map +1 -1
- package/dist/core.native.esm.js +7 -7
- package/dist/{getNetworkProviderFromNetworkId-D8cpx0xz.cjs → getNetworkProviderFromNetworkId-CdCEFEgT.cjs} +4 -4
- package/dist/{getNetworkProviderFromNetworkId-D8cpx0xz.cjs.map → getNetworkProviderFromNetworkId-CdCEFEgT.cjs.map} +1 -1
- package/dist/{getNetworkProviderFromNetworkId-CP9gl1B1.esm.js → getNetworkProviderFromNetworkId-ChFA088e.esm.js} +7 -7
- package/dist/getNetworkProviderFromNetworkId-ChFA088e.esm.js.map +1 -0
- package/dist/{getNetworkProviderFromNetworkId-Be_UK4_7.native.esm.js → getNetworkProviderFromNetworkId-DZkq74O7.native.esm.js} +5 -5
- package/dist/{getNetworkProviderFromNetworkId-Be_UK4_7.native.esm.js.map → getNetworkProviderFromNetworkId-DZkq74O7.native.esm.js.map} +1 -1
- package/dist/{getSignedSessionId-BeK0vWep.cjs → getSignedSessionId-DceZVits.cjs} +3 -3
- package/dist/{getSignedSessionId-BeK0vWep.cjs.map → getSignedSessionId-DceZVits.cjs.map} +1 -1
- package/dist/{getSignedSessionId-D9w3Wbhk.native.esm.js → getSignedSessionId-DmDcWkqB.native.esm.js} +3 -3
- package/dist/{getSignedSessionId-D9w3Wbhk.native.esm.js.map → getSignedSessionId-DmDcWkqB.native.esm.js.map} +1 -1
- package/dist/{getSignedSessionId-Bq7xBsA3.esm.js → getSignedSessionId-DrrvGNcG.esm.js} +3 -3
- package/dist/{getSignedSessionId-Bq7xBsA3.esm.js.map → getSignedSessionId-DrrvGNcG.esm.js.map} +1 -1
- package/dist/{getWaasWalletProviderFromWalletAccount-BKHO68FO.esm.js → getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js} +3 -3
- package/dist/{getWaasWalletProviderFromWalletAccount-BKHO68FO.esm.js.map → getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js.map} +1 -1
- package/dist/{getWaasWalletProviderFromWalletAccount-BzpLoZTm.native.esm.js → getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js} +3 -3
- package/dist/{getWaasWalletProviderFromWalletAccount-BzpLoZTm.native.esm.js.map → getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js.map} +1 -1
- package/dist/{getWaasWalletProviderFromWalletAccount-CfqTF_82.cjs → getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs} +3 -3
- package/dist/{getWaasWalletProviderFromWalletAccount-CfqTF_82.cjs.map → getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs.map} +1 -1
- package/dist/{getWalletProviderByKey-DDDxBsdv.native.esm.js → getWalletProviderByKey-BhisAyZg.native.esm.js} +2 -2
- package/dist/{getWalletProviderByKey-DDDxBsdv.native.esm.js.map → getWalletProviderByKey-BhisAyZg.native.esm.js.map} +1 -1
- package/dist/{getWalletProviderByKey-BMzoL_69.esm.js → getWalletProviderByKey-DWYF9IxH.esm.js} +2 -2
- package/dist/{getWalletProviderByKey-BMzoL_69.esm.js.map → getWalletProviderByKey-DWYF9IxH.esm.js.map} +1 -1
- package/dist/{getWalletProviderByKey-DCKYAida.cjs → getWalletProviderByKey-OD65GUWG.cjs} +3 -3
- package/dist/{getWalletProviderByKey-DCKYAida.cjs.map → getWalletProviderByKey-OD65GUWG.cjs.map} +1 -1
- package/dist/index.cjs +26 -13
- package/dist/index.cjs.map +1 -1
- package/dist/index.esm.js +29 -16
- package/dist/index.esm.js.map +1 -1
- package/dist/index.native.esm.js +26 -13
- package/dist/index.native.esm.js.map +1 -1
- package/dist/{isDynamicWaasEnabled-BtbzDbdz.cjs → isDynamicWaasEnabled-C90E53x1.cjs} +3 -3
- package/dist/{isDynamicWaasEnabled-BtbzDbdz.cjs.map → isDynamicWaasEnabled-C90E53x1.cjs.map} +1 -1
- package/dist/{isDynamicWaasEnabled-BMQq5uNX.esm.js → isDynamicWaasEnabled-C9gQ9M80.esm.js} +2 -2
- package/dist/{isDynamicWaasEnabled-BMQq5uNX.esm.js.map → isDynamicWaasEnabled-C9gQ9M80.esm.js.map} +1 -1
- package/dist/{isDynamicWaasEnabled-ChdeBFbN.native.esm.js → isDynamicWaasEnabled-rRFvljev.native.esm.js} +2 -2
- package/dist/{isDynamicWaasEnabled-ChdeBFbN.native.esm.js.map → isDynamicWaasEnabled-rRFvljev.native.esm.js.map} +1 -1
- package/dist/{isMfaRequiredForAction-dAtK8Pl6.native.esm.js → isMfaRequiredForAction-C1KaU-XS.native.esm.js} +2 -2
- package/dist/{isMfaRequiredForAction-dAtK8Pl6.native.esm.js.map → isMfaRequiredForAction-C1KaU-XS.native.esm.js.map} +1 -1
- package/dist/{isMfaRequiredForAction-Diwsf9GB.esm.js → isMfaRequiredForAction-CTQzzCMt.esm.js} +2 -2
- package/dist/{isMfaRequiredForAction-Diwsf9GB.esm.js.map → isMfaRequiredForAction-CTQzzCMt.esm.js.map} +1 -1
- package/dist/{isMfaRequiredForAction-CgWBU6kM.cjs → isMfaRequiredForAction-DFowphoV.cjs} +2 -2
- package/dist/{isMfaRequiredForAction-CgWBU6kM.cjs.map → isMfaRequiredForAction-DFowphoV.cjs.map} +1 -1
- package/dist/{isUserOnboardingComplete-OP4uyUlE.cjs → isUserOnboardingComplete-77jTT2BB.cjs} +4 -4
- package/dist/{isUserOnboardingComplete-OP4uyUlE.cjs.map → isUserOnboardingComplete-77jTT2BB.cjs.map} +1 -1
- package/dist/{isUserOnboardingComplete-D4Y3sdr3.esm.js → isUserOnboardingComplete-D1gGc77y.esm.js} +3 -3
- package/dist/{isUserOnboardingComplete-D4Y3sdr3.esm.js.map → isUserOnboardingComplete-D1gGc77y.esm.js.map} +1 -1
- package/dist/{isUserOnboardingComplete-DO2_gSAp.native.esm.js → isUserOnboardingComplete-DfDNapVu.native.esm.js} +3 -3
- package/dist/{isUserOnboardingComplete-DO2_gSAp.native.esm.js.map → isUserOnboardingComplete-DfDNapVu.native.esm.js.map} +1 -1
- package/dist/modules/auth/getElevatedAccessToken/getElevatedAccessToken.d.ts +1 -2
- package/dist/modules/auth/getElevatedAccessToken/getElevatedAccessToken.d.ts.map +1 -1
- package/dist/modules/flow/attachFlowSource/attachFlowSource.d.ts +12 -1
- package/dist/modules/flow/attachFlowSource/attachFlowSource.d.ts.map +1 -1
- package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts +4 -0
- package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts.map +1 -1
- package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts +4 -1
- package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts.map +1 -1
- package/dist/{refreshAuth-ByIVzawo.cjs → refreshAuth-B3XSU6GT.cjs} +3 -3
- package/dist/{refreshAuth-ByIVzawo.cjs.map → refreshAuth-B3XSU6GT.cjs.map} +1 -1
- package/dist/{refreshAuth-BTPctQtq.esm.js → refreshAuth-CAPTC0sg.esm.js} +3 -3
- package/dist/{refreshAuth-BTPctQtq.esm.js.map → refreshAuth-CAPTC0sg.esm.js.map} +1 -1
- package/dist/{refreshAuth-C3issn5b.native.esm.js → refreshAuth-aTqsU1uq.native.esm.js} +3 -3
- package/dist/{refreshAuth-C3issn5b.native.esm.js.map → refreshAuth-aTqsU1uq.native.esm.js.map} +1 -1
- package/dist/services/instrumentation/constants.d.ts.map +1 -1
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/dist/waas.cjs +6 -6
- package/dist/waas.esm.js +5 -5
- package/dist/waas.native.esm.js +5 -5
- package/dist/waasCore.cjs +10 -10
- package/dist/waasCore.cjs.map +1 -1
- package/dist/waasCore.esm.js +10 -10
- package/dist/waasCore.esm.js.map +1 -1
- package/dist/waasCore.native.esm.js +11 -11
- package/dist/waasCore.native.esm.js.map +1 -1
- package/package.json +2 -2
- package/dist/InvalidParamError-BeCPhfVz.esm.js.map +0 -1
- package/dist/InvalidParamError-C7c-OLz1.cjs.map +0 -1
- package/dist/InvalidParamError-CGiSxym5.native.esm.js.map +0 -1
- package/dist/getNetworkProviderFromNetworkId-CP9gl1B1.esm.js.map +0 -1
package/dist/waas.cjs
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-
|
|
2
|
-
const require_InvalidParamError = require('./InvalidParamError-
|
|
3
|
-
const require_getWalletProviderByKey = require('./getWalletProviderByKey-
|
|
4
|
-
const require_refreshAuth = require('./refreshAuth-
|
|
5
|
-
const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-
|
|
6
|
-
const require_getWaasWalletProviderFromWalletAccount = require('./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DFowphoV.cjs');
|
|
2
|
+
const require_InvalidParamError = require('./InvalidParamError-Cs4ZMEj4.cjs');
|
|
3
|
+
const require_getWalletProviderByKey = require('./getWalletProviderByKey-OD65GUWG.cjs');
|
|
4
|
+
const require_refreshAuth = require('./refreshAuth-B3XSU6GT.cjs');
|
|
5
|
+
const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-C90E53x1.cjs');
|
|
6
|
+
const require_getWaasWalletProviderFromWalletAccount = require('./getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs');
|
|
7
7
|
let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
|
|
8
8
|
let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
|
|
9
9
|
|
package/dist/waas.esm.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { c as findWaasWalletProviderByChain, n as getVerifiedCredentialForWalletAccount, s as isWaasWalletAccount, t as getWalletProviderByKey } from "./getWalletProviderByKey-
|
|
3
|
-
import { t as __refreshAuth_wrapped } from "./refreshAuth-
|
|
4
|
-
import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-
|
|
5
|
-
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
import { E as getChainFromVerifiedCredentialChain, Q as assertDefined, a as DYNAMIC_WAAS_METADATA, at as getDefaultClient, ct as BaseError, dt as version, n as isWaasWalletProvider, ut as name, w as formatWalletProviderKey, x as NoWalletProviderFoundError } from "./InvalidParamError-DZjc7Tjc.esm.js";
|
|
2
|
+
import { c as findWaasWalletProviderByChain, n as getVerifiedCredentialForWalletAccount, s as isWaasWalletAccount, t as getWalletProviderByKey } from "./getWalletProviderByKey-DWYF9IxH.esm.js";
|
|
3
|
+
import { t as __refreshAuth_wrapped } from "./refreshAuth-CAPTC0sg.esm.js";
|
|
4
|
+
import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-C9gQ9M80.esm.js";
|
|
5
|
+
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js";
|
|
6
6
|
import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
|
|
7
7
|
import { JwtVerifiedCredentialFormatEnum, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
|
|
8
8
|
|
package/dist/waas.native.esm.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { c as findWaasWalletProviderByChain, m as formatWalletProviderKey, n as getVerifiedCredentialForWalletAccount, s as isWaasWalletAccount, t as getWalletProviderByKey } from "./getWalletProviderByKey-
|
|
3
|
-
import { t as __refreshAuth_wrapped } from "./refreshAuth-
|
|
4
|
-
import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-
|
|
5
|
-
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
import { H as assertDefined, Q as BaseError, Y as getDefaultClient, a as DYNAMIC_WAAS_METADATA, b as NoWalletProviderFoundError, et as name, n as isWaasWalletProvider, tt as version, x as getChainFromVerifiedCredentialChain } from "./InvalidParamError-BKr8fFc1.native.esm.js";
|
|
2
|
+
import { c as findWaasWalletProviderByChain, m as formatWalletProviderKey, n as getVerifiedCredentialForWalletAccount, s as isWaasWalletAccount, t as getWalletProviderByKey } from "./getWalletProviderByKey-BhisAyZg.native.esm.js";
|
|
3
|
+
import { t as __refreshAuth_wrapped } from "./refreshAuth-aTqsU1uq.native.esm.js";
|
|
4
|
+
import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-rRFvljev.native.esm.js";
|
|
5
|
+
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js";
|
|
6
6
|
import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
|
|
7
7
|
import { JwtVerifiedCredentialFormatEnum, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
|
|
8
8
|
|
package/dist/waasCore.cjs
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-
|
|
2
|
-
const require_InvalidParamError = require('./InvalidParamError-
|
|
3
|
-
require('./isDynamicWaasEnabled-
|
|
4
|
-
const require_isUserOnboardingComplete = require('./isUserOnboardingComplete-
|
|
5
|
-
const require_getSignedSessionId = require('./getSignedSessionId-
|
|
6
|
-
const require_getWaasWalletProviderFromWalletAccount = require('./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DFowphoV.cjs');
|
|
2
|
+
const require_InvalidParamError = require('./InvalidParamError-Cs4ZMEj4.cjs');
|
|
3
|
+
require('./isDynamicWaasEnabled-C90E53x1.cjs');
|
|
4
|
+
const require_isUserOnboardingComplete = require('./isUserOnboardingComplete-77jTT2BB.cjs');
|
|
5
|
+
const require_getSignedSessionId = require('./getSignedSessionId-DceZVits.cjs');
|
|
6
|
+
const require_getWaasWalletProviderFromWalletAccount = require('./getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs');
|
|
7
7
|
let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
|
|
8
8
|
let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
|
|
9
9
|
let _dynamic_labs_wallet_browser_wallet_client = require("@dynamic-labs-wallet/browser-wallet-client");
|
|
@@ -107,7 +107,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
107
107
|
const { signature: signedSessionId } = await require_getSignedSessionId.getSignedSessionId(sdkClient);
|
|
108
108
|
const waasClient = await getWaasClient();
|
|
109
109
|
const mfaToken = await require_getSignedSessionId.consumeMfaTokenIfRequiredForAction({ mfaAction: _dynamic_labs_sdk_api_core.MFAAction.WalletWaasExport }, sdkClient);
|
|
110
|
-
const elevatedAccessToken = require_InvalidParamError.
|
|
110
|
+
const elevatedAccessToken = require_InvalidParamError.getElevatedAccessToken({ scope: _dynamic_labs_sdk_api_core.TokenScope.Walletexport }, sdkClient);
|
|
111
111
|
await waasClient.exportPrivateKey({
|
|
112
112
|
accountAddress: walletAccount.address,
|
|
113
113
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -171,7 +171,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
171
171
|
if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) throw new require_InvalidParamError.InvalidParamError(`Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`);
|
|
172
172
|
const { signature: signedSessionId } = await require_getSignedSessionId.getSignedSessionId(sdkClient);
|
|
173
173
|
const mfaToken = await require_getSignedSessionId.consumeMfaTokenIfRequiredForAction({ mfaAction: _dynamic_labs_sdk_api_core.MFAAction.WalletWaasSign }, sdkClient);
|
|
174
|
-
const elevatedAccessToken = require_InvalidParamError.
|
|
174
|
+
const elevatedAccessToken = require_InvalidParamError.getElevatedAccessToken({ scope: _dynamic_labs_sdk_api_core.TokenScope.Walletsign }, sdkClient);
|
|
175
175
|
return { signature: await (await getWaasClient()).signRawMessage({
|
|
176
176
|
accountAddress: walletAccount.address,
|
|
177
177
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -201,7 +201,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
201
201
|
const signMessage = async ({ message, walletAccount }) => {
|
|
202
202
|
const { signature: signedSessionId } = await require_getSignedSessionId.getSignedSessionId(sdkClient);
|
|
203
203
|
const mfaToken = await require_getSignedSessionId.consumeMfaTokenIfRequiredForAction({ mfaAction: _dynamic_labs_sdk_api_core.MFAAction.WalletWaasSign }, sdkClient);
|
|
204
|
-
const elevatedAccessToken = require_InvalidParamError.
|
|
204
|
+
const elevatedAccessToken = require_InvalidParamError.getElevatedAccessToken({ scope: _dynamic_labs_sdk_api_core.TokenScope.Walletsign }, sdkClient);
|
|
205
205
|
return { signature: await (await getWaasClient()).signMessage({
|
|
206
206
|
accountAddress: walletAccount.address,
|
|
207
207
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -214,7 +214,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
214
214
|
const signSerializedTransaction = async ({ chainId, serializedTransaction, walletAccount }) => {
|
|
215
215
|
const { signature: signedSessionId } = await require_getSignedSessionId.getSignedSessionId(sdkClient);
|
|
216
216
|
const mfaToken = await require_getSignedSessionId.consumeMfaTokenIfRequiredForAction({ mfaAction: _dynamic_labs_sdk_api_core.MFAAction.WalletWaasSign }, sdkClient);
|
|
217
|
-
const elevatedAccessToken = require_InvalidParamError.
|
|
217
|
+
const elevatedAccessToken = require_InvalidParamError.getElevatedAccessToken({ scope: _dynamic_labs_sdk_api_core.TokenScope.Walletsign }, sdkClient);
|
|
218
218
|
return { signature: await (await getWaasClient()).signTransaction({
|
|
219
219
|
authToken: sdkClient.token ?? void 0,
|
|
220
220
|
chainId,
|
package/dist/waasCore.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"waasCore.cjs","names":["createWaasClient: CreateWaasClient","getCore","DynamicWalletClient","isCookieEnabled","DEFAULT_WAAS_BASE_API_URL","DEFAULT_WAAS_BASE_MPC_RELAY_API_URL","CLIENT_SDK_NAME","getSignedSessionId","logoutWithReason","CHAINS_INFO_MAP","getCore","_waasClient: DynamicWalletClient | undefined","_waasClientSessionId: string | undefined","getWaasClient: WaasProvider['getWaasClient']","isUserOnboardingComplete","WaasOnboardingIncompleteError","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","getSignedSessionId","createWalletAccount: WaasProvider['createWalletAccount']","ThresholdSignatureScheme","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","consumeMfaTokenIfRequiredForAction","MFAAction","getElevatedAccessToken","TokenScope","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","WalletOperation","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","InvalidParamError","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","getWaasWalletProviderFromWalletAccount","WalletProviderEnum","DYNAMIC_WAAS_METADATA","getChainFromVerifiedCredentialChain","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { logoutWithReason } from '../../auth/logoutWithReason';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @notInstrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n // Opt into the SDK self-driving eager key-share recovery on auth-token\n // arrival, so the client no longer restores shares itself on login.\n eagerlyRecoverKeyShares: true,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n },\n {\n // Lets the iframe mint a fresh signed session id over the reverse channel,\n // which the SDK's eager key-share recovery needs.\n getSignedSessionId: () =>\n getSignedSessionId(client).then(({ signature }) => signature),\n // When the WaaS iframe's own backend call returns 401 (e.g. a forcibly\n // revoked token), the iframe notifies the host via the reverse channel\n // and this fires — log the user out. Mirrors the session-expiry\n // middleware that covers the SDK's own direct API 401s.\n onUnauthorized: () => {\n void logoutWithReason(\n { reason: 'session-refresh-unauthorized' },\n client\n ).catch((error) => {\n core.logger.error(\n 'Failed to log out after WaaS unauthorized response',\n error\n );\n });\n },\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { WaasOnboardingIncompleteError } from '../../../errors/WaasOnboardingIncompleteError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { isUserOnboardingComplete } from '../../user/isUserOnboardingComplete';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @notInstrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n // The session the cached client was built against. A step-up reauth mints a\n // NEW session (new sessionId + token); see the rebuild guard below.\n let _waasClientSessionId: string | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n // After a step-up reauthentication a new session is minted. In header auth\n // mode (native webview) the iframe has no cookie jar to fall back on, so a\n // client cached against the previous session keeps presenting the stale\n // token — its next backend call (createRooms/users) 401s and trips the\n // iframe's onUnauthorized → forced logout. Drop the cached client when the\n // session changes so it rebuilds + re-initializes with the fresh token and\n // signed session id. Key shares stay in storage (only client auth resets);\n // routine token refresh keeps the same sessionId, so it does not rebuild.\n const currentSessionId = getCore(sdkClient).state.get().user?.sessionId;\n if (_waasClient && currentSessionId !== _waasClientSessionId) {\n _waasClient = undefined;\n }\n\n if (!_waasClient) {\n // Chokepoint: don't build + initialize the iframe client until onboarding\n // is complete. The iframe's init-time room-cache pre-warm fires\n // `createRooms` using the token captured at construction — before any\n // per-operation token resync exists to correct it. Built while the token\n // is still pre-`user:basic` (MFA / KYC / recovery codes / device\n // registration pending), that pre-warm 401s and trips the iframe's\n // onUnauthorized → forced-logout. This is the single gateway to\n // createWaasClient (web and native), so it covers every WaaS caller.\n if (!isUserOnboardingComplete(sdkClient)) {\n throw new WaasOnboardingIncompleteError();\n }\n\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n _waasClientSessionId = currentSessionId;\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n container,\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n // Exactly one display surface is forwarded: `container` (a\n // WaasSDKContainer, e.g. a React Native visible WebView) or\n // `displayContainer` (a DOM element, web). The upstream client enforces\n // the \"exactly one\" invariant and renders the key inside the surface's\n // own sandboxed document — it never crosses back to the host.\n container,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { getWaasWalletProviderFromWalletAccount } from '../getWaasWalletProviderFromWalletAccount';\n\ntype ExportWaasPrivateKeyToContainerParams = {\n container: WaasSDKContainer;\n password?: string;\n walletAccount: WalletAccount;\n};\n\n/**\n * Exports the private key for a WaaS wallet account into a caller-provided\n * {@link WaasSDKContainer} (e.g. a visible React Native WebView) instead of a\n * DOM element.\n *\n * This is the container-based counterpart to `exportWaasPrivateKey` (which\n * injects an iframe into a DOM `displayContainer` on web). The export ceremony\n * runs — and the private key is rendered — entirely inside the container's own\n * sandboxed document; the key is never exposed to the host JS layer. The caller\n * owns the container's lifecycle and must call `container.destroy()` when the\n * display is dismissed.\n *\n * @param params.walletAccount - The WaaS wallet account to export the private key from.\n * @param params.container - The container that hosts the secure key display.\n * @param [params.password] - Optional password to decrypt the private key.\n * @param client - The Dynamic client instance. This is an internal API (exposed\n * only via `@dynamic-labs-sdk/client/waas/core`), so the client is passed\n * explicitly rather than defaulted — callers resolve it (e.g. via\n * `getDefaultClient()`) and thread it in.\n * @returns A promise that resolves when the private key export is complete.\n * @notInstrumented\n */\nexport const exportWaasPrivateKeyToContainer = async (\n { container, password, walletAccount }: ExportWaasPrivateKeyToContainerParams,\n client: DynamicClient\n) => {\n const provider = getWaasWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n return provider.exportPrivateKey({\n container,\n password,\n walletAccount,\n });\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { exportWaasPrivateKeyToContainer } from '../modules/waas/exportWaasPrivateKeyToContainer';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport { preconnectWaasIframe } from '../modules/waas/preconnectWaasIframe';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;AAeA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAIC,+DACT;EACE,UAAWC,0CAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAcC,qDAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClCC;EACF;EAGA,yBAAyB;EACzB,eAAe,KAAK;EACpB,YAAY,GAAGC,0CAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,EACD;EAGE,0BACEC,8CAAmB,OAAO,CAAC,MAAM,EAAE,gBAAgB,UAAU;EAK/D,sBAAsB;AACpB,GAAKC,0DACH,EAAE,QAAQ,gCAAgC,EAC1C,OACD,CAAC,OAAO,UAAU;AACjB,SAAK,OAAO,MACV,sDACA,MACD;KACD;;EAEL,CACF;;;;;;AC/DH,MAAa,6BAA6B,UAAyB;AACjE,QAAOC,0CAAgB,OAAO,yBAAyB;;;;;ACezD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAASC,kCAAQ,UAAU,CAAC;CAElC,IAAIC;CAGJ,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;EAS/D,MAAM,mBAAmBH,kCAAQ,UAAU,CAAC,MAAM,KAAK,CAAC,MAAM;AAC9D,MAAI,eAAe,qBAAqB,qBACtC,eAAc;AAGhB,MAAI,CAAC,aAAa;AAShB,OAAI,CAACI,0DAAyB,UAAU,CACtC,OAAM,IAAIC,gEAA+B;AAG3C,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,0BAAuB;AACvB,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAMC,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAMD,8CAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4BE,oEAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMH,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMI,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMJ,8CAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMK,mBAAqD,OAAO,EAChE,WACA,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAML,8CAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,2DAC1B,EAAE,OAAOC,sCAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAM9B;GACA;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAMV,8CAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiBW,2DAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2BV,oEAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMF,8CAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMa,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAMb,8CAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMO,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMd,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMe,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAMf,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMgB,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAIC,4CACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAMjB,8CAAmB,UAAU;EAE1E,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,2DAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMS,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMnB,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMoB,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMpB,8CAAmB,UAAU;EAE1E,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,2DAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMY,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAMrB,8CAC3C,UACD;EAED,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,2DAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMa,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAMtB,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMuB,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMvB,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjbH,MAAa,kCAAkC,OAC7C,EAAE,WAAW,UAAU,iBACvB,WACG;AAMH,QALiBwB,sFACf,EAAE,eAAe,EACjB,OACD,CAEe,iBAAiB;EAC/B;EACA;EACA;EACD,CAAC;;;;;;ACnCJ,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmBC,8CAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAWC,gDAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACXC,8DAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;mEC7BkBC,gCAAaC,kCAAe"}
|
|
1
|
+
{"version":3,"file":"waasCore.cjs","names":["createWaasClient: CreateWaasClient","getCore","DynamicWalletClient","isCookieEnabled","DEFAULT_WAAS_BASE_API_URL","DEFAULT_WAAS_BASE_MPC_RELAY_API_URL","CLIENT_SDK_NAME","getSignedSessionId","logoutWithReason","CHAINS_INFO_MAP","getCore","_waasClient: DynamicWalletClient | undefined","_waasClientSessionId: string | undefined","getWaasClient: WaasProvider['getWaasClient']","isUserOnboardingComplete","WaasOnboardingIncompleteError","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","getSignedSessionId","createWalletAccount: WaasProvider['createWalletAccount']","ThresholdSignatureScheme","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","consumeMfaTokenIfRequiredForAction","MFAAction","getElevatedAccessToken","TokenScope","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","WalletOperation","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","InvalidParamError","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","getWaasWalletProviderFromWalletAccount","WalletProviderEnum","DYNAMIC_WAAS_METADATA","getChainFromVerifiedCredentialChain","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { logoutWithReason } from '../../auth/logoutWithReason';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @notInstrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n // Opt into the SDK self-driving eager key-share recovery on auth-token\n // arrival, so the client no longer restores shares itself on login.\n eagerlyRecoverKeyShares: true,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n },\n {\n // Lets the iframe mint a fresh signed session id over the reverse channel,\n // which the SDK's eager key-share recovery needs.\n getSignedSessionId: () =>\n getSignedSessionId(client).then(({ signature }) => signature),\n // When the WaaS iframe's own backend call returns 401 (e.g. a forcibly\n // revoked token), the iframe notifies the host via the reverse channel\n // and this fires — log the user out. Mirrors the session-expiry\n // middleware that covers the SDK's own direct API 401s.\n onUnauthorized: () => {\n void logoutWithReason(\n { reason: 'session-refresh-unauthorized' },\n client\n ).catch((error) => {\n core.logger.error(\n 'Failed to log out after WaaS unauthorized response',\n error\n );\n });\n },\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { WaasOnboardingIncompleteError } from '../../../errors/WaasOnboardingIncompleteError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { isUserOnboardingComplete } from '../../user/isUserOnboardingComplete';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @notInstrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n // The session the cached client was built against. A step-up reauth mints a\n // NEW session (new sessionId + token); see the rebuild guard below.\n let _waasClientSessionId: string | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n // After a step-up reauthentication a new session is minted. In header auth\n // mode (native webview) the iframe has no cookie jar to fall back on, so a\n // client cached against the previous session keeps presenting the stale\n // token — its next backend call (createRooms/users) 401s and trips the\n // iframe's onUnauthorized → forced logout. Drop the cached client when the\n // session changes so it rebuilds + re-initializes with the fresh token and\n // signed session id. Key shares stay in storage (only client auth resets);\n // routine token refresh keeps the same sessionId, so it does not rebuild.\n const currentSessionId = getCore(sdkClient).state.get().user?.sessionId;\n if (_waasClient && currentSessionId !== _waasClientSessionId) {\n _waasClient = undefined;\n }\n\n if (!_waasClient) {\n // Chokepoint: don't build + initialize the iframe client until onboarding\n // is complete. The iframe's init-time room-cache pre-warm fires\n // `createRooms` using the token captured at construction — before any\n // per-operation token resync exists to correct it. Built while the token\n // is still pre-`user:basic` (MFA / KYC / recovery codes / device\n // registration pending), that pre-warm 401s and trips the iframe's\n // onUnauthorized → forced-logout. This is the single gateway to\n // createWaasClient (web and native), so it covers every WaaS caller.\n if (!isUserOnboardingComplete(sdkClient)) {\n throw new WaasOnboardingIncompleteError();\n }\n\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n _waasClientSessionId = currentSessionId;\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n container,\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n // Exactly one display surface is forwarded: `container` (a\n // WaasSDKContainer, e.g. a React Native visible WebView) or\n // `displayContainer` (a DOM element, web). The upstream client enforces\n // the \"exactly one\" invariant and renders the key inside the surface's\n // own sandboxed document — it never crosses back to the host.\n container,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { getWaasWalletProviderFromWalletAccount } from '../getWaasWalletProviderFromWalletAccount';\n\ntype ExportWaasPrivateKeyToContainerParams = {\n container: WaasSDKContainer;\n password?: string;\n walletAccount: WalletAccount;\n};\n\n/**\n * Exports the private key for a WaaS wallet account into a caller-provided\n * {@link WaasSDKContainer} (e.g. a visible React Native WebView) instead of a\n * DOM element.\n *\n * This is the container-based counterpart to `exportWaasPrivateKey` (which\n * injects an iframe into a DOM `displayContainer` on web). The export ceremony\n * runs — and the private key is rendered — entirely inside the container's own\n * sandboxed document; the key is never exposed to the host JS layer. The caller\n * owns the container's lifecycle and must call `container.destroy()` when the\n * display is dismissed.\n *\n * @param params.walletAccount - The WaaS wallet account to export the private key from.\n * @param params.container - The container that hosts the secure key display.\n * @param [params.password] - Optional password to decrypt the private key.\n * @param client - The Dynamic client instance. This is an internal API (exposed\n * only via `@dynamic-labs-sdk/client/waas/core`), so the client is passed\n * explicitly rather than defaulted — callers resolve it (e.g. via\n * `getDefaultClient()`) and thread it in.\n * @returns A promise that resolves when the private key export is complete.\n * @notInstrumented\n */\nexport const exportWaasPrivateKeyToContainer = async (\n { container, password, walletAccount }: ExportWaasPrivateKeyToContainerParams,\n client: DynamicClient\n) => {\n const provider = getWaasWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n return provider.exportPrivateKey({\n container,\n password,\n walletAccount,\n });\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { exportWaasPrivateKeyToContainer } from '../modules/waas/exportWaasPrivateKeyToContainer';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport { preconnectWaasIframe } from '../modules/waas/preconnectWaasIframe';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;AAeA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAIC,+DACT;EACE,UAAWC,0CAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAcC,qDAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClCC;EACF;EAGA,yBAAyB;EACzB,eAAe,KAAK;EACpB,YAAY,GAAGC,0CAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,EACD;EAGE,0BACEC,8CAAmB,OAAO,CAAC,MAAM,EAAE,gBAAgB,UAAU;EAK/D,sBAAsB;AACpB,GAAKC,0DACH,EAAE,QAAQ,gCAAgC,EAC1C,OACD,CAAC,OAAO,UAAU;AACjB,SAAK,OAAO,MACV,sDACA,MACD;KACD;;EAEL,CACF;;;;;;AC/DH,MAAa,6BAA6B,UAAyB;AACjE,QAAOC,0CAAgB,OAAO,yBAAyB;;;;;ACezD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAASC,kCAAQ,UAAU,CAAC;CAElC,IAAIC;CAGJ,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;EAS/D,MAAM,mBAAmBH,kCAAQ,UAAU,CAAC,MAAM,KAAK,CAAC,MAAM;AAC9D,MAAI,eAAe,qBAAqB,qBACtC,eAAc;AAGhB,MAAI,CAAC,aAAa;AAShB,OAAI,CAACI,0DAAyB,UAAU,CACtC,OAAM,IAAIC,gEAA+B;AAG3C,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,0BAAuB;AACvB,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAMC,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAMD,8CAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4BE,oEAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMH,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMI,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMJ,8CAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMK,mBAAqD,OAAO,EAChE,WACA,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAML,8CAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iDAC1B,EAAE,OAAOC,sCAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAM9B;GACA;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAMV,8CAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiBW,2DAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2BV,oEAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMF,8CAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMa,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAMb,8CAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMO,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMd,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMe,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAMf,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMgB,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAIC,4CACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAMjB,8CAAmB,UAAU;EAE1E,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,iDAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMS,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMnB,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMoB,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMpB,8CAAmB,UAAU;EAE1E,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,iDAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMY,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAMrB,8CAC3C,UACD;EAED,MAAM,WAAW,MAAMM,8DACrB,EAAE,WAAWC,qCAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBC,iDAC1B,EAAE,OAAOC,sCAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMa,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAMtB,8CAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMuB,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAMvB,8CAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjbH,MAAa,kCAAkC,OAC7C,EAAE,WAAW,UAAU,iBACvB,WACG;AAMH,QALiBwB,sFACf,EAAE,eAAe,EACjB,OACD,CAEe,iBAAiB;EAC/B;EACA;EACA;EACD,CAAC;;;;;;ACnCJ,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmBC,8CAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAWC,gDAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACXC,8DAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;mEC7BkBC,gCAAaC,kCAAe"}
|
package/dist/waasCore.esm.js
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { i as __logoutWithReason_wrapped } from "./isMfaRequiredForAction-
|
|
3
|
-
import "./isDynamicWaasEnabled-
|
|
4
|
-
import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-
|
|
5
|
-
import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-
|
|
6
|
-
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
import { D as CHAINS_INFO_MAP, E as getChainFromVerifiedCredentialChain, Z as isCookieEnabled, a as DYNAMIC_WAAS_METADATA, dt as version, et as getElevatedAccessToken, i as DEFAULT_WAAS_BASE_MPC_RELAY_API_URL, lt as getCore, nt as CLIENT_SDK_NAME, r as DEFAULT_WAAS_BASE_API_URL, t as InvalidParamError, ut as name } from "./InvalidParamError-DZjc7Tjc.esm.js";
|
|
2
|
+
import { i as __logoutWithReason_wrapped } from "./isMfaRequiredForAction-CTQzzCMt.esm.js";
|
|
3
|
+
import "./isDynamicWaasEnabled-C9gQ9M80.esm.js";
|
|
4
|
+
import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-D1gGc77y.esm.js";
|
|
5
|
+
import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-DrrvGNcG.esm.js";
|
|
6
|
+
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js";
|
|
7
7
|
import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
|
|
8
8
|
import { MFAAction, TokenScope, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
|
|
9
9
|
import { DynamicWalletClient, ThresholdSignatureScheme, WalletOperation } from "@dynamic-labs-wallet/browser-wallet-client";
|
|
@@ -107,7 +107,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
107
107
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
108
108
|
const waasClient = await getWaasClient();
|
|
109
109
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasExport }, sdkClient);
|
|
110
|
-
const elevatedAccessToken =
|
|
110
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletexport }, sdkClient);
|
|
111
111
|
await waasClient.exportPrivateKey({
|
|
112
112
|
accountAddress: walletAccount.address,
|
|
113
113
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -171,7 +171,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
171
171
|
if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) throw new InvalidParamError(`Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`);
|
|
172
172
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
173
173
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
174
|
-
const elevatedAccessToken =
|
|
174
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
175
175
|
return { signature: await (await getWaasClient()).signRawMessage({
|
|
176
176
|
accountAddress: walletAccount.address,
|
|
177
177
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -201,7 +201,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
201
201
|
const signMessage = async ({ message, walletAccount }) => {
|
|
202
202
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
203
203
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
204
|
-
const elevatedAccessToken =
|
|
204
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
205
205
|
return { signature: await (await getWaasClient()).signMessage({
|
|
206
206
|
accountAddress: walletAccount.address,
|
|
207
207
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -214,7 +214,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
214
214
|
const signSerializedTransaction = async ({ chainId, serializedTransaction, walletAccount }) => {
|
|
215
215
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
216
216
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
217
|
-
const elevatedAccessToken =
|
|
217
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
218
218
|
return { signature: await (await getWaasClient()).signTransaction({
|
|
219
219
|
authToken: sdkClient.token ?? void 0,
|
|
220
220
|
chainId,
|
package/dist/waasCore.esm.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"waasCore.esm.js","names":["createWaasClient: CreateWaasClient","logoutWithReason","_waasClient: DynamicWalletClient | undefined","_waasClientSessionId: string | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","getElevatedAccessToken","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { logoutWithReason } from '../../auth/logoutWithReason';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @notInstrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n // Opt into the SDK self-driving eager key-share recovery on auth-token\n // arrival, so the client no longer restores shares itself on login.\n eagerlyRecoverKeyShares: true,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n },\n {\n // Lets the iframe mint a fresh signed session id over the reverse channel,\n // which the SDK's eager key-share recovery needs.\n getSignedSessionId: () =>\n getSignedSessionId(client).then(({ signature }) => signature),\n // When the WaaS iframe's own backend call returns 401 (e.g. a forcibly\n // revoked token), the iframe notifies the host via the reverse channel\n // and this fires — log the user out. Mirrors the session-expiry\n // middleware that covers the SDK's own direct API 401s.\n onUnauthorized: () => {\n void logoutWithReason(\n { reason: 'session-refresh-unauthorized' },\n client\n ).catch((error) => {\n core.logger.error(\n 'Failed to log out after WaaS unauthorized response',\n error\n );\n });\n },\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { WaasOnboardingIncompleteError } from '../../../errors/WaasOnboardingIncompleteError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { isUserOnboardingComplete } from '../../user/isUserOnboardingComplete';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @notInstrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n // The session the cached client was built against. A step-up reauth mints a\n // NEW session (new sessionId + token); see the rebuild guard below.\n let _waasClientSessionId: string | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n // After a step-up reauthentication a new session is minted. In header auth\n // mode (native webview) the iframe has no cookie jar to fall back on, so a\n // client cached against the previous session keeps presenting the stale\n // token — its next backend call (createRooms/users) 401s and trips the\n // iframe's onUnauthorized → forced logout. Drop the cached client when the\n // session changes so it rebuilds + re-initializes with the fresh token and\n // signed session id. Key shares stay in storage (only client auth resets);\n // routine token refresh keeps the same sessionId, so it does not rebuild.\n const currentSessionId = getCore(sdkClient).state.get().user?.sessionId;\n if (_waasClient && currentSessionId !== _waasClientSessionId) {\n _waasClient = undefined;\n }\n\n if (!_waasClient) {\n // Chokepoint: don't build + initialize the iframe client until onboarding\n // is complete. The iframe's init-time room-cache pre-warm fires\n // `createRooms` using the token captured at construction — before any\n // per-operation token resync exists to correct it. Built while the token\n // is still pre-`user:basic` (MFA / KYC / recovery codes / device\n // registration pending), that pre-warm 401s and trips the iframe's\n // onUnauthorized → forced-logout. This is the single gateway to\n // createWaasClient (web and native), so it covers every WaaS caller.\n if (!isUserOnboardingComplete(sdkClient)) {\n throw new WaasOnboardingIncompleteError();\n }\n\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n _waasClientSessionId = currentSessionId;\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n container,\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n // Exactly one display surface is forwarded: `container` (a\n // WaasSDKContainer, e.g. a React Native visible WebView) or\n // `displayContainer` (a DOM element, web). The upstream client enforces\n // the \"exactly one\" invariant and renders the key inside the surface's\n // own sandboxed document — it never crosses back to the host.\n container,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { getWaasWalletProviderFromWalletAccount } from '../getWaasWalletProviderFromWalletAccount';\n\ntype ExportWaasPrivateKeyToContainerParams = {\n container: WaasSDKContainer;\n password?: string;\n walletAccount: WalletAccount;\n};\n\n/**\n * Exports the private key for a WaaS wallet account into a caller-provided\n * {@link WaasSDKContainer} (e.g. a visible React Native WebView) instead of a\n * DOM element.\n *\n * This is the container-based counterpart to `exportWaasPrivateKey` (which\n * injects an iframe into a DOM `displayContainer` on web). The export ceremony\n * runs — and the private key is rendered — entirely inside the container's own\n * sandboxed document; the key is never exposed to the host JS layer. The caller\n * owns the container's lifecycle and must call `container.destroy()` when the\n * display is dismissed.\n *\n * @param params.walletAccount - The WaaS wallet account to export the private key from.\n * @param params.container - The container that hosts the secure key display.\n * @param [params.password] - Optional password to decrypt the private key.\n * @param client - The Dynamic client instance. This is an internal API (exposed\n * only via `@dynamic-labs-sdk/client/waas/core`), so the client is passed\n * explicitly rather than defaulted — callers resolve it (e.g. via\n * `getDefaultClient()`) and thread it in.\n * @returns A promise that resolves when the private key export is complete.\n * @notInstrumented\n */\nexport const exportWaasPrivateKeyToContainer = async (\n { container, password, walletAccount }: ExportWaasPrivateKeyToContainerParams,\n client: DynamicClient\n) => {\n const provider = getWaasWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n return provider.exportPrivateKey({\n container,\n password,\n walletAccount,\n });\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { exportWaasPrivateKeyToContainer } from '../modules/waas/exportWaasPrivateKeyToContainer';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport { preconnectWaasIframe } from '../modules/waas/preconnectWaasIframe';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;AAeA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAI,oBACT;EACE,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EAGA,yBAAyB;EACzB,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,EACD;EAGE,0BACE,mBAAmB,OAAO,CAAC,MAAM,EAAE,gBAAgB,UAAU;EAK/D,sBAAsB;AACpB,GAAKC,2BACH,EAAE,QAAQ,gCAAgC,EAC1C,OACD,CAAC,OAAO,UAAU;AACjB,SAAK,OAAO,MACV,sDACA,MACD;KACD;;EAEL,CACF;;;;;;AC/DH,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACezD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAGJ,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;EAS/D,MAAM,mBAAmB,QAAQ,UAAU,CAAC,MAAM,KAAK,CAAC,MAAM;AAC9D,MAAI,eAAe,qBAAqB,qBACtC,eAAc;AAGhB,MAAI,CAAC,aAAa;AAShB,OAAI,CAAC,yBAAyB,UAAU,CACtC,OAAM,IAAI,+BAA+B;AAG3C,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,0BAAuB;AACvB,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,WACA,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iCAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAM9B;GACA;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBN,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMO,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBT,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMU,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBV,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMW,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjbH,MAAa,kCAAkC,OAC7C,EAAE,WAAW,UAAU,iBACvB,WACG;AAMH,QALiB,uCACf,EAAE,eAAe,EACjB,OACD,CAEe,iBAAiB;EAC/B;EACA;EACA;EACD,CAAC;;;;;;ACnCJ,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
|
|
1
|
+
{"version":3,"file":"waasCore.esm.js","names":["createWaasClient: CreateWaasClient","logoutWithReason","_waasClient: DynamicWalletClient | undefined","_waasClientSessionId: string | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { logoutWithReason } from '../../auth/logoutWithReason';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @notInstrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n // Opt into the SDK self-driving eager key-share recovery on auth-token\n // arrival, so the client no longer restores shares itself on login.\n eagerlyRecoverKeyShares: true,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n },\n {\n // Lets the iframe mint a fresh signed session id over the reverse channel,\n // which the SDK's eager key-share recovery needs.\n getSignedSessionId: () =>\n getSignedSessionId(client).then(({ signature }) => signature),\n // When the WaaS iframe's own backend call returns 401 (e.g. a forcibly\n // revoked token), the iframe notifies the host via the reverse channel\n // and this fires — log the user out. Mirrors the session-expiry\n // middleware that covers the SDK's own direct API 401s.\n onUnauthorized: () => {\n void logoutWithReason(\n { reason: 'session-refresh-unauthorized' },\n client\n ).catch((error) => {\n core.logger.error(\n 'Failed to log out after WaaS unauthorized response',\n error\n );\n });\n },\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { WaasOnboardingIncompleteError } from '../../../errors/WaasOnboardingIncompleteError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { isUserOnboardingComplete } from '../../user/isUserOnboardingComplete';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @notInstrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n // The session the cached client was built against. A step-up reauth mints a\n // NEW session (new sessionId + token); see the rebuild guard below.\n let _waasClientSessionId: string | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n // After a step-up reauthentication a new session is minted. In header auth\n // mode (native webview) the iframe has no cookie jar to fall back on, so a\n // client cached against the previous session keeps presenting the stale\n // token — its next backend call (createRooms/users) 401s and trips the\n // iframe's onUnauthorized → forced logout. Drop the cached client when the\n // session changes so it rebuilds + re-initializes with the fresh token and\n // signed session id. Key shares stay in storage (only client auth resets);\n // routine token refresh keeps the same sessionId, so it does not rebuild.\n const currentSessionId = getCore(sdkClient).state.get().user?.sessionId;\n if (_waasClient && currentSessionId !== _waasClientSessionId) {\n _waasClient = undefined;\n }\n\n if (!_waasClient) {\n // Chokepoint: don't build + initialize the iframe client until onboarding\n // is complete. The iframe's init-time room-cache pre-warm fires\n // `createRooms` using the token captured at construction — before any\n // per-operation token resync exists to correct it. Built while the token\n // is still pre-`user:basic` (MFA / KYC / recovery codes / device\n // registration pending), that pre-warm 401s and trips the iframe's\n // onUnauthorized → forced-logout. This is the single gateway to\n // createWaasClient (web and native), so it covers every WaaS caller.\n if (!isUserOnboardingComplete(sdkClient)) {\n throw new WaasOnboardingIncompleteError();\n }\n\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n _waasClientSessionId = currentSessionId;\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n container,\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n // Exactly one display surface is forwarded: `container` (a\n // WaasSDKContainer, e.g. a React Native visible WebView) or\n // `displayContainer` (a DOM element, web). The upstream client enforces\n // the \"exactly one\" invariant and renders the key inside the surface's\n // own sandboxed document — it never crosses back to the host.\n container,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { getWaasWalletProviderFromWalletAccount } from '../getWaasWalletProviderFromWalletAccount';\n\ntype ExportWaasPrivateKeyToContainerParams = {\n container: WaasSDKContainer;\n password?: string;\n walletAccount: WalletAccount;\n};\n\n/**\n * Exports the private key for a WaaS wallet account into a caller-provided\n * {@link WaasSDKContainer} (e.g. a visible React Native WebView) instead of a\n * DOM element.\n *\n * This is the container-based counterpart to `exportWaasPrivateKey` (which\n * injects an iframe into a DOM `displayContainer` on web). The export ceremony\n * runs — and the private key is rendered — entirely inside the container's own\n * sandboxed document; the key is never exposed to the host JS layer. The caller\n * owns the container's lifecycle and must call `container.destroy()` when the\n * display is dismissed.\n *\n * @param params.walletAccount - The WaaS wallet account to export the private key from.\n * @param params.container - The container that hosts the secure key display.\n * @param [params.password] - Optional password to decrypt the private key.\n * @param client - The Dynamic client instance. This is an internal API (exposed\n * only via `@dynamic-labs-sdk/client/waas/core`), so the client is passed\n * explicitly rather than defaulted — callers resolve it (e.g. via\n * `getDefaultClient()`) and thread it in.\n * @returns A promise that resolves when the private key export is complete.\n * @notInstrumented\n */\nexport const exportWaasPrivateKeyToContainer = async (\n { container, password, walletAccount }: ExportWaasPrivateKeyToContainerParams,\n client: DynamicClient\n) => {\n const provider = getWaasWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n return provider.exportPrivateKey({\n container,\n password,\n walletAccount,\n });\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { exportWaasPrivateKeyToContainer } from '../modules/waas/exportWaasPrivateKeyToContainer';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport { preconnectWaasIframe } from '../modules/waas/preconnectWaasIframe';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;AAeA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAI,oBACT;EACE,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EAGA,yBAAyB;EACzB,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,EACD;EAGE,0BACE,mBAAmB,OAAO,CAAC,MAAM,EAAE,gBAAgB,UAAU;EAK/D,sBAAsB;AACpB,GAAKC,2BACH,EAAE,QAAQ,gCAAgC,EAC1C,OACD,CAAC,OAAO,UAAU;AACjB,SAAK,OAAO,MACV,sDACA,MACD;KACD;;EAEL,CACF;;;;;;AC/DH,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACezD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAGJ,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;EAS/D,MAAM,mBAAmB,QAAQ,UAAU,CAAC,MAAM,KAAK,CAAC,MAAM;AAC9D,MAAI,eAAe,qBAAqB,qBACtC,eAAc;AAGhB,MAAI,CAAC,aAAa;AAShB,OAAI,CAAC,yBAAyB,UAAU,CACtC,OAAM,IAAI,+BAA+B;AAG3C,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,0BAAuB;AACvB,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,WACA,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsB,uBAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAM9B;GACA;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsB,uBAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMC,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsB,uBAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMC,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsB,uBAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMC,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjbH,MAAa,kCAAkC,OAC7C,EAAE,WAAW,UAAU,iBACvB,WACG;AAMH,QALiB,uCACf,EAAE,eAAe,EACjB,OACD,CAEe,iBAAiB;EAC/B;EACA;EACA;EACD,CAAC;;;;;;ACnCJ,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
import { $ as getCore, K as CLIENT_SDK_NAME,
|
|
2
|
-
import { i as NativeModuleNotLinkedError } from "./isMfaRequiredForAction-
|
|
3
|
-
import "./isDynamicWaasEnabled-
|
|
4
|
-
import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-
|
|
5
|
-
import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-
|
|
6
|
-
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-
|
|
1
|
+
import { $ as getCore, K as CLIENT_SDK_NAME, Q as BaseError, S as CHAINS_INFO_MAP, V as isCookieEnabled, W as getElevatedAccessToken, a as DYNAMIC_WAAS_METADATA, et as name, i as DEFAULT_WAAS_BASE_MPC_RELAY_API_URL, r as DEFAULT_WAAS_BASE_API_URL, t as InvalidParamError, tt as version, x as getChainFromVerifiedCredentialChain } from "./InvalidParamError-BKr8fFc1.native.esm.js";
|
|
2
|
+
import { i as NativeModuleNotLinkedError } from "./isMfaRequiredForAction-C1KaU-XS.native.esm.js";
|
|
3
|
+
import "./isDynamicWaasEnabled-rRFvljev.native.esm.js";
|
|
4
|
+
import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-DfDNapVu.native.esm.js";
|
|
5
|
+
import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-DmDcWkqB.native.esm.js";
|
|
6
|
+
import { t as getWaasWalletProviderFromWalletAccount } from "./getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js";
|
|
7
7
|
import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
|
|
8
8
|
import { MFAAction, TokenScope, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
|
|
9
|
-
import { NativeEventEmitter, TurboModuleRegistry } from "react-native";
|
|
10
9
|
import { ACCESSIBLE, getGenericPassword, resetGenericPassword, setGenericPassword } from "react-native-keychain";
|
|
10
|
+
import { NativeEventEmitter, TurboModuleRegistry } from "react-native";
|
|
11
11
|
import { DynamicWalletClient, ThresholdSignatureScheme, WalletOperation } from "@dynamic-labs-wallet/browser-wallet-client";
|
|
12
12
|
|
|
13
13
|
//#region src/errors/CorruptedKeyShareError.ts
|
|
@@ -325,7 +325,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
325
325
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
326
326
|
const waasClient = await getWaasClient();
|
|
327
327
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasExport }, sdkClient);
|
|
328
|
-
const elevatedAccessToken =
|
|
328
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletexport }, sdkClient);
|
|
329
329
|
await waasClient.exportPrivateKey({
|
|
330
330
|
accountAddress: walletAccount.address,
|
|
331
331
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -389,7 +389,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
389
389
|
if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) throw new InvalidParamError(`Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`);
|
|
390
390
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
391
391
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
392
|
-
const elevatedAccessToken =
|
|
392
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
393
393
|
return { signature: await (await getWaasClient()).signRawMessage({
|
|
394
394
|
accountAddress: walletAccount.address,
|
|
395
395
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -419,7 +419,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
419
419
|
const signMessage = async ({ message, walletAccount }) => {
|
|
420
420
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
421
421
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
422
|
-
const elevatedAccessToken =
|
|
422
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
423
423
|
return { signature: await (await getWaasClient()).signMessage({
|
|
424
424
|
accountAddress: walletAccount.address,
|
|
425
425
|
authToken: sdkClient.token ?? void 0,
|
|
@@ -432,7 +432,7 @@ const createWaasProvider = ({ sdkClient, chain }) => {
|
|
|
432
432
|
const signSerializedTransaction = async ({ chainId, serializedTransaction, walletAccount }) => {
|
|
433
433
|
const { signature: signedSessionId } = await getSignedSessionId(sdkClient);
|
|
434
434
|
const mfaToken = await consumeMfaTokenIfRequiredForAction({ mfaAction: MFAAction.WalletWaasSign }, sdkClient);
|
|
435
|
-
const elevatedAccessToken =
|
|
435
|
+
const elevatedAccessToken = getElevatedAccessToken({ scope: TokenScope.Walletsign }, sdkClient);
|
|
436
436
|
return { signature: await (await getWaasClient()).signTransaction({
|
|
437
437
|
authToken: sdkClient.token ?? void 0,
|
|
438
438
|
chainId,
|