@dynamic-labs-sdk/client 1.17.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. package/dist/core.cjs +7 -5
  2. package/dist/core.cjs.map +1 -1
  3. package/dist/core.esm.js +8 -8
  4. package/dist/core.esm.js.map +1 -1
  5. package/dist/core.native.esm.js +8 -8
  6. package/dist/core.native.esm.js.map +1 -1
  7. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts +5 -0
  8. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts.map +1 -0
  9. package/dist/errors/UnsafeDeeplinkUrlError.d.ts +17 -0
  10. package/dist/errors/UnsafeDeeplinkUrlError.d.ts.map +1 -0
  11. package/dist/errors/UnsafeNavigationUrlError.d.ts +16 -0
  12. package/dist/errors/UnsafeNavigationUrlError.d.ts.map +1 -0
  13. package/dist/errors/WalletScreeningBlockedError.d.ts +14 -0
  14. package/dist/errors/WalletScreeningBlockedError.d.ts.map +1 -0
  15. package/dist/exports/core.d.ts +4 -0
  16. package/dist/exports/core.d.ts.map +1 -1
  17. package/dist/exports/index.d.ts +7 -2
  18. package/dist/exports/index.d.ts.map +1 -1
  19. package/dist/{getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js → getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js} +96 -13
  20. package/dist/getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js.map +1 -0
  21. package/dist/{getNetworkProviderFromNetworkId-BVVs3arj.esm.js → getNetworkProviderFromNetworkId-CEs4SGW4.esm.js} +105 -22
  22. package/dist/getNetworkProviderFromNetworkId-CEs4SGW4.esm.js.map +1 -0
  23. package/dist/{getNetworkProviderFromNetworkId-DzzocxRc.cjs → getNetworkProviderFromNetworkId-CMIgKqEH.cjs} +119 -18
  24. package/dist/getNetworkProviderFromNetworkId-CMIgKqEH.cjs.map +1 -0
  25. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js → getSignedSessionId-CUqILBh8.esm.js} +3 -3
  26. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js.map → getSignedSessionId-CUqILBh8.esm.js.map} +1 -1
  27. package/dist/{getSignedSessionId-Dx0qQLMP.cjs → getSignedSessionId-De_N_Ofg.cjs} +3 -3
  28. package/dist/{getSignedSessionId-Dx0qQLMP.cjs.map → getSignedSessionId-De_N_Ofg.cjs.map} +1 -1
  29. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js → getSignedSessionId-Hp1nSbaW.native.esm.js} +3 -3
  30. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js.map → getSignedSessionId-Hp1nSbaW.native.esm.js.map} +1 -1
  31. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js → getWalletProviderByKey-CKORCA8l.esm.js} +2 -2
  32. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js.map → getWalletProviderByKey-CKORCA8l.esm.js.map} +1 -1
  33. package/dist/{getWalletProviderByKey-BLWcueTR.cjs → getWalletProviderByKey-D3e0XMjs.cjs} +2 -2
  34. package/dist/{getWalletProviderByKey-BLWcueTR.cjs.map → getWalletProviderByKey-D3e0XMjs.cjs.map} +1 -1
  35. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js → getWalletProviderByKey-D5M801xH.native.esm.js} +2 -2
  36. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js.map → getWalletProviderByKey-D5M801xH.native.esm.js.map} +1 -1
  37. package/dist/index.cjs +253 -72
  38. package/dist/index.cjs.map +1 -1
  39. package/dist/index.esm.js +248 -94
  40. package/dist/index.esm.js.map +1 -1
  41. package/dist/index.native.esm.js +248 -94
  42. package/dist/index.native.esm.js.map +1 -1
  43. package/dist/{isDynamicWaasEnabled-BEn7FcD9.cjs → isDynamicWaasEnabled-BQuXZne_.cjs} +4 -6
  44. package/dist/isDynamicWaasEnabled-BQuXZne_.cjs.map +1 -0
  45. package/dist/{isDynamicWaasEnabled-DYy0TvLy.esm.js → isDynamicWaasEnabled-BaY09iv6.native.esm.js} +3 -5
  46. package/dist/isDynamicWaasEnabled-BaY09iv6.native.esm.js.map +1 -0
  47. package/dist/{isDynamicWaasEnabled-CvBaMGlR.native.esm.js → isDynamicWaasEnabled-BlVIlXMZ.esm.js} +3 -5
  48. package/dist/isDynamicWaasEnabled-BlVIlXMZ.esm.js.map +1 -0
  49. package/dist/{isMfaRequiredForAction-CJ9qbBUz.native.esm.js → isMfaRequiredForAction-CwOGwiDz.native.esm.js} +3 -5
  50. package/dist/isMfaRequiredForAction-CwOGwiDz.native.esm.js.map +1 -0
  51. package/dist/{isMfaRequiredForAction-CaNdGc-m.cjs → isMfaRequiredForAction-Dghiguch.cjs} +13 -6
  52. package/dist/isMfaRequiredForAction-Dghiguch.cjs.map +1 -0
  53. package/dist/{isMfaRequiredForAction-B7wNkqQf.esm.js → isMfaRequiredForAction-r9aDdmK5.esm.js} +13 -6
  54. package/dist/isMfaRequiredForAction-r9aDdmK5.esm.js.map +1 -0
  55. package/dist/{isUserOnboardingComplete-FRAIuxdi.native.esm.js → isUserOnboardingComplete-BMNAbXk1.esm.js} +6 -3
  56. package/dist/isUserOnboardingComplete-BMNAbXk1.esm.js.map +1 -0
  57. package/dist/{isUserOnboardingComplete-CGz-9Iyw.esm.js → isUserOnboardingComplete-C-ioFLRR.native.esm.js} +6 -3
  58. package/dist/isUserOnboardingComplete-C-ioFLRR.native.esm.js.map +1 -0
  59. package/dist/{isUserOnboardingComplete-w1IkCC_p.cjs → isUserOnboardingComplete-j4b_q9Pf.cjs} +7 -4
  60. package/dist/isUserOnboardingComplete-j4b_q9Pf.cjs.map +1 -0
  61. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js → migrateFromFireblocks-D--uqWp5.esm.js} +3 -3
  62. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js.map → migrateFromFireblocks-D--uqWp5.esm.js.map} +1 -1
  63. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js → migrateFromFireblocks-D8Y5h0hz.native.esm.js} +3 -3
  64. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js.map → migrateFromFireblocks-D8Y5h0hz.native.esm.js.map} +1 -1
  65. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs → migrateFromFireblocks-D9pJIgt5.cjs} +3 -3
  66. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs.map → migrateFromFireblocks-D9pJIgt5.cjs.map} +1 -1
  67. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts +0 -1
  68. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts.map +1 -1
  69. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts +0 -1
  70. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts.map +1 -1
  71. package/dist/modules/auth/logoutWithReason/logoutWithReason.d.ts.map +1 -1
  72. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts +0 -1
  73. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts.map +1 -1
  74. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts +0 -1
  75. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts.map +1 -1
  76. package/dist/modules/auth/social/oauth/signInWithSocialRedirect/buildOAuthUrl/getOAuthBaseUrl/getOAuthBaseUrl.d.ts.map +1 -1
  77. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts +0 -1
  78. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts.map +1 -1
  79. package/dist/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.d.ts.map +1 -1
  80. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts +14 -0
  81. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts.map +1 -0
  82. package/dist/modules/captcha/getCaptchaSettings/index.d.ts +3 -0
  83. package/dist/modules/captcha/getCaptchaSettings/index.d.ts.map +1 -0
  84. package/dist/modules/captcha/isCaptchaRequired/isCaptchaRequired.d.ts.map +1 -1
  85. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts +0 -1
  86. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts.map +1 -1
  87. package/dist/modules/deviceRegistration/completeDeviceRegistration/completeDeviceRegistration.d.ts.map +1 -1
  88. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts +1 -0
  89. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts.map +1 -1
  90. package/dist/modules/flow/attachFlowSource/attachFlowSource.d.ts.map +1 -1
  91. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts +9 -0
  92. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts.map +1 -0
  93. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts +9 -0
  94. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts.map +1 -0
  95. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts +8 -0
  96. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts.map +1 -0
  97. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts +9 -0
  98. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts.map +1 -0
  99. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts +9 -0
  100. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts.map +1 -0
  101. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts +0 -4
  102. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts.map +1 -1
  103. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts +0 -1
  104. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts.map +1 -1
  105. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts +0 -1
  106. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts.map +1 -1
  107. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts +1 -0
  108. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts.map +1 -1
  109. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts +1 -0
  110. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts.map +1 -1
  111. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts +0 -3
  112. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts.map +1 -1
  113. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts +0 -1
  114. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts.map +1 -1
  115. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts +0 -1
  116. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts.map +1 -1
  117. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts +0 -1
  118. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts.map +1 -1
  119. package/dist/modules/sessionKeys/generateSessionKeys/generateSessionKeys.d.ts.map +1 -1
  120. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts +1 -0
  121. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts.map +1 -1
  122. package/dist/modules/user/refreshAuth/refreshAuth.d.ts +0 -1
  123. package/dist/modules/user/refreshAuth/refreshAuth.d.ts.map +1 -1
  124. package/dist/modules/user/updateUser/updateUser.d.ts +0 -1
  125. package/dist/modules/user/updateUser/updateUser.d.ts.map +1 -1
  126. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts +2 -1
  127. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts.map +1 -1
  128. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts +1 -1
  129. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts.map +1 -1
  130. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts +2 -0
  131. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts.map +1 -1
  132. package/dist/modules/wallets/walletProviderRegistry/events.d.ts +2 -1
  133. package/dist/modules/wallets/walletProviderRegistry/events.d.ts.map +1 -1
  134. package/dist/services/instrumentation/createInstrumentation/createInstrumentation.d.ts.map +1 -1
  135. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts +40 -34
  136. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts.map +1 -1
  137. package/dist/services/instrumentation/instrumentation.types.d.ts +50 -19
  138. package/dist/services/instrumentation/instrumentation.types.d.ts.map +1 -1
  139. package/dist/services/keychain/createKeychainService/createKeychainService.d.ts.map +1 -1
  140. package/dist/services/navigate/createNavigationHandler/createNavigationHandler.d.ts.map +1 -1
  141. package/dist/services/openDeeplink/createWebDeeplinkOpener/createWebDeeplinkOpener.d.ts.map +1 -1
  142. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  143. package/dist/{updateAuthFromVerifyResponse-BdokPJ21.esm.js → updateAuthFromVerifyResponse-BQes11vz.esm.js} +145 -145
  144. package/dist/updateAuthFromVerifyResponse-BQes11vz.esm.js.map +1 -0
  145. package/dist/{updateAuthFromVerifyResponse-CUnvs5Af.cjs → updateAuthFromVerifyResponse-Deg9em9o.cjs} +151 -145
  146. package/dist/updateAuthFromVerifyResponse-Deg9em9o.cjs.map +1 -0
  147. package/dist/{updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js → updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js} +145 -145
  148. package/dist/updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js.map +1 -0
  149. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts +12 -0
  150. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts.map +1 -0
  151. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts +2 -0
  152. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts.map +1 -0
  153. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts +12 -0
  154. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts.map +1 -0
  155. package/dist/utils/assertSafeNavigationUrl/index.d.ts +2 -0
  156. package/dist/utils/assertSafeNavigationUrl/index.d.ts.map +1 -0
  157. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts +18 -0
  158. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts.map +1 -0
  159. package/dist/utils/getSecureCookieAttribute/index.d.ts +2 -0
  160. package/dist/utils/getSecureCookieAttribute/index.d.ts.map +1 -0
  161. package/dist/waas.cjs +5 -5
  162. package/dist/waas.esm.js +4 -4
  163. package/dist/waas.native.esm.js +4 -4
  164. package/dist/waasCore.cjs +6 -6
  165. package/dist/waasCore.esm.js +6 -6
  166. package/dist/waasCore.native.esm.js +6 -6
  167. package/package.json +3 -3
  168. package/dist/getNetworkProviderFromNetworkId-BVVs3arj.esm.js.map +0 -1
  169. package/dist/getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js.map +0 -1
  170. package/dist/getNetworkProviderFromNetworkId-DzzocxRc.cjs.map +0 -1
  171. package/dist/isDynamicWaasEnabled-BEn7FcD9.cjs.map +0 -1
  172. package/dist/isDynamicWaasEnabled-CvBaMGlR.native.esm.js.map +0 -1
  173. package/dist/isDynamicWaasEnabled-DYy0TvLy.esm.js.map +0 -1
  174. package/dist/isMfaRequiredForAction-B7wNkqQf.esm.js.map +0 -1
  175. package/dist/isMfaRequiredForAction-CJ9qbBUz.native.esm.js.map +0 -1
  176. package/dist/isMfaRequiredForAction-CaNdGc-m.cjs.map +0 -1
  177. package/dist/isUserOnboardingComplete-CGz-9Iyw.esm.js.map +0 -1
  178. package/dist/isUserOnboardingComplete-FRAIuxdi.native.esm.js.map +0 -1
  179. package/dist/isUserOnboardingComplete-w1IkCC_p.cjs.map +0 -1
  180. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts +0 -28
  181. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts.map +0 -1
  182. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts +0 -15
  183. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts.map +0 -1
  184. package/dist/updateAuthFromVerifyResponse-BdokPJ21.esm.js.map +0 -1
  185. package/dist/updateAuthFromVerifyResponse-CUnvs5Af.cjs.map +0 -1
  186. package/dist/updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js.map +0 -1
@@ -2,7 +2,7 @@ import { AuthStorageEnum, Configuration, JwtVerifiedCredentialFormatEnum, SDKApi
2
2
 
3
3
  //#region package.json
4
4
  var name = "@dynamic-labs-sdk/client";
5
- var version = "1.17.0";
5
+ var version = "1.18.0";
6
6
  var dependencies = {
7
7
  "@dynamic-labs-sdk/assert-package-version": "workspace:*",
8
8
  "@dynamic-labs-wallet/browser-wallet-client": "1.0.46",
@@ -616,6 +616,28 @@ const fetchAndStoreNonces = async (client) => {
616
616
  return fetchPromise;
617
617
  };
618
618
 
619
+ //#endregion
620
+ //#region src/utils/getSecureCookieAttribute/getSecureCookieAttribute.ts
621
+ /**
622
+ * Returns the cookie `Secure` attribute suffix (`'; Secure'`) when the current
623
+ * document is running in a secure context, or an empty string otherwise.
624
+ *
625
+ * The `Secure` attribute prevents the browser from ever transmitting the cookie
626
+ * over an unencrypted `http://` connection, which mitigates cleartext token
627
+ * capture (CWE-614). It is intentionally omitted on insecure/localhost dev,
628
+ * because browsers reject `Secure` cookies set over `http://` and that would
629
+ * silently break local testing.
630
+ *
631
+ * Used when building the Dynamic auth JWT cookie string so the attribute is
632
+ * applied consistently on both the write (sign-in/refresh) and clear (logout)
633
+ * paths.
634
+ *
635
+ * @notInstrumented
636
+ */
637
+ const getSecureCookieAttribute = () => {
638
+ return Boolean(globalThis.window?.isSecureContext) || globalThis.location?.protocol === "https:" ? "; Secure" : "";
639
+ };
640
+
619
641
  //#endregion
620
642
  //#region src/utils/setCookie/setCookie.ts
621
643
  /**
@@ -1416,193 +1438,170 @@ const scrubParameters = ({ piiFields, redactAll, value }) => {
1416
1438
  });
1417
1439
  };
1418
1440
 
1419
- //#endregion
1420
- //#region src/services/instrumentation/instrumentFunction/extractParams/extractParams.ts
1421
- /**
1422
- * Normalises the raw positional arguments of an instrumented function call
1423
- * into a flat `Record<string, unknown>` suitable for structured logging.
1424
- *
1425
- * ## Why this is needed
1426
- *
1427
- * Instrumented functions are wrapped with `(...args: unknown[])`, so their
1428
- * parameters arrive as an array. Logging a raw array loses the semantic names
1429
- * of each argument. This function recovers a named representation:
1430
- *
1431
- * - **No arguments** → `{}`
1432
- * - **Single plain-object argument** → that object is returned as-is, because
1433
- * SDK functions follow the single-object-parameter convention, so the object
1434
- * already carries named keys (`{ amount, to }`, etc.).
1435
- * - **Everything else** (multiple args, a single primitive, a single array) →
1436
- * each value is indexed as `arg0`, `arg1`, …
1437
- *
1438
- * ## Why arrays are NOT treated as plain objects
1439
- *
1440
- * `typeof [] === 'object'` and `[] !== null`, so without the `Array.isArray`
1441
- * guard a single-array argument would be returned as-is. That would produce
1442
- * an object with numeric string keys (`{ '0': ..., '1': ... }`), which is
1443
- * misleading and inconsistent with how multi-arg calls are handled. Instead,
1444
- * arrays fall through to the indexed `arg0` path.
1445
- * @notInstrumented
1446
- */
1447
- const extractParams = (args) => {
1448
- if (args.length === 0) return {};
1449
- if (args.length === 1 && typeof args[0] === "object" && args[0] !== null && !Array.isArray(args[0])) return args[0];
1450
- const result = {};
1451
- for (let i = 0; i < args.length; i++) result[`arg${i}`] = args[i];
1452
- return result;
1453
- };
1454
-
1455
- //#endregion
1456
- //#region src/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.ts
1457
- /**
1458
- * Scrubs a resolved return value of any type before logging it.
1459
- * Routes through `scrubParameters` by wrapping the value so that strings,
1460
- * arrays, Dates, Errors, and all other types are handled identically to
1461
- * nested object fields.
1462
- * @notInstrumented
1463
- */
1464
- const scrubResolvedValue = ({ piiFields, redactAll, value }) => scrubParameters({
1465
- piiFields,
1466
- redactAll,
1467
- value: { result: value }
1468
- }).result;
1469
-
1470
1441
  //#endregion
1471
1442
  //#region src/services/instrumentation/instrumentFunction/instrumentFunction.ts
1472
- const serializeError = (error) => {
1473
- if (error instanceof Error) return {
1474
- message: error.message,
1475
- name: error.name,
1476
- stack: error.stack
1443
+ const toErrorFields = (error) => {
1444
+ if (error instanceof BaseError) return {
1445
+ errorCode: error.code,
1446
+ errorName: error.name
1477
1447
  };
1448
+ if (error instanceof Error) return { errorName: error.name };
1449
+ return { errorName: "UnknownError" };
1450
+ };
1451
+ const buildContext = (core) => {
1452
+ const state = core.state.get();
1478
1453
  return {
1479
- message: String(error),
1480
- name: "UnknownError"
1454
+ environmentId: core.environmentId,
1455
+ operatingSystem: getOperatingSystem(),
1456
+ platform: getPlatform(),
1457
+ registeredExtensionKeys: Array.from(core.extensions),
1458
+ sdkSessionId: core.sdkSessionId,
1459
+ sdkVersion: core.version,
1460
+ tokenSessionId: state.token ? extractSessionId(state.token) : null,
1461
+ userAgent: getUserAgent(),
1462
+ userId: state.user?.id ?? null
1481
1463
  };
1482
1464
  };
1483
1465
  /**
1466
+ * Runs an explicit payload selector and scrubs its output. Returns `undefined`
1467
+ * when there is no selector. Selector (and scrub) errors are swallowed so a
1468
+ * faulty selector can never break the wrapped function or fabricate a
1469
+ * 'rejected' event — instrumentation stays purely observational. The swallowed
1470
+ * error is surfaced on the `debug` logger so internal devs can still spot a
1471
+ * broken selector without it ever reaching a transport.
1472
+ */
1473
+ const safeSelect = ({ functionName, logger, piiFields, selector, value }) => {
1474
+ if (!selector) return;
1475
+ try {
1476
+ return scrubParameters({
1477
+ piiFields,
1478
+ value: selector(value)
1479
+ });
1480
+ } catch (error) {
1481
+ logger.debug(`[instrumentFunction] payload selector for "${functionName}" threw; emitting event without payload`, error);
1482
+ return;
1483
+ }
1484
+ };
1485
+ /**
1484
1486
  * Wraps a function so that each invocation emits a structured
1485
1487
  * `FunctionInstrumentationEvent` at three lifecycle points:
1486
1488
  *
1487
- * - **started** — immediately before the function body executes, with the
1488
- * PII-scrubbed call parameters.
1489
+ * - **started** — immediately before the function body executes.
1489
1490
  * - **resolved** — after the function (or its returned Promise) settles
1490
- * successfully, with the PII-scrubbed return value.
1491
+ * successfully, with the call duration.
1491
1492
  * - **rejected** — if the function throws synchronously or its returned
1492
- * Promise rejects.
1493
+ * Promise rejects, with the duration and the error's class name/code.
1494
+ *
1495
+ * Events carry only the safe envelope (function name, phase, timing, error
1496
+ * class, SDK/runtime metadata, identifiers). **Raw arguments and return values
1497
+ * are never captured.** A function that needs additional fields supplies
1498
+ * `selectors` that build an explicit, primitive-only {@link SafePayload} — the
1499
+ * only path from arguments/return value into a log.
1493
1500
  *
1494
1501
  * The original return value (or thrown error) is always forwarded to the
1495
- * caller unchanged — instrumentation is purely observational.
1502
+ * caller unchanged — instrumentation is purely observational, and a throwing
1503
+ * selector cannot change that.
1496
1504
  *
1497
- * ## Usage
1505
+ * ## Providing selectors
1506
+ *
1507
+ * A function opts into a payload by supplying selectors that map its arguments
1508
+ * (`started`) and/or its awaited return value (`resolved`) to a primitive-only
1509
+ * {@link SafePayload}. Pick individual known-safe fields — never spread a whole
1510
+ * object, which is exactly what the model prevents.
1498
1511
  *
1499
1512
  * ```ts
1500
1513
  * const transfer = instrumentFunction({
1501
1514
  * fn: rawTransfer,
1502
1515
  * functionName: 'transfer',
1503
1516
  * getCore: () => core,
1517
+ * selectors: {
1518
+ * // `args` is the argument tuple the wrapped function was called with.
1519
+ * started: ([{ chainId, amount }]) => ({ amount, chainId }),
1520
+ * // `result` is the awaited return value (never the Promise).
1521
+ * resolved: ({ txHash }) => ({ txHash }),
1522
+ * },
1504
1523
  * });
1505
- *
1506
- * // When called, three events are emitted automatically:
1507
- * await transfer({ amount: 1, to: '0xabc' });
1508
1524
  * ```
1509
1525
  *
1526
+ * A selector that throws (or whose output fails scrubbing) is swallowed: the
1527
+ * event is still emitted without a payload, and the error is logged at `debug`.
1528
+ *
1510
1529
  * ## How functions are wrapped
1511
1530
  *
1512
- * `instrumentFunction` is not called manually in application code. Instead,
1513
- * the esbuild instrumentation plugin (`tools/instrumentation-plugin`) injects
1514
- * it at build time: any exported function annotated with `@instrumented` in its
1515
- * JSDoc is automatically wrapped by the plugin during the build step.
1516
- * The plugin strips the original `export`, renames the function, and re-exports
1517
- * it under the original name via `instrumentFunction(...)` — so the public API
1518
- * is unchanged and no call sites need to be updated.
1531
+ * `instrumentFunction` is not called manually in application code. The esbuild
1532
+ * instrumentation plugin (`tools/instrumentation-plugin`) injects it at build
1533
+ * time for any exported function annotated with `@instrumented` in its JSDoc.
1519
1534
  *
1520
1535
  * ## Opting out
1521
1536
  *
1522
- * Instrumentation is skipped entirely when:
1523
- * - `getCore()` returns `undefined` (SDK not initialised), or
1524
- * - `core.instrumentation.config.enabled` is `false`.
1525
- *
1526
- * In both cases the original function is called directly with no overhead.
1527
- *
1528
- * ## PII scrubbing
1529
- *
1530
- * All string values whose key appears in `piiFields` are replaced with
1531
- * `"[redacted]"` before events are emitted. Pass `redactAll: true` to redact
1532
- * every field, regardless of key name.
1537
+ * Instrumentation is skipped entirely when `getCore()` returns `undefined`
1538
+ * (SDK not initialised) or when `core.instrumentation.config.enabled` is
1539
+ * `false`; in both cases the original function is called directly.
1533
1540
  * @notInstrumented
1534
1541
  */
1535
- const instrumentFunction = ({ fn, functionName, getCore: getCore$1, redactAll }) => {
1542
+ const instrumentFunction = ({ fn, functionName, getCore: getCore$1, selectors }) => {
1536
1543
  const wrapped = (...args) => {
1537
1544
  const core = getCore$1();
1538
- if (!core) return fn(...args);
1539
- if (!core.instrumentation.config.enabled) return fn(...args);
1540
- const instrumentation = core.instrumentation;
1541
- const state = core.state.get();
1542
- const baseEvent = {
1543
- environmentId: core.environmentId,
1544
- functionName,
1545
- operatingSystem: getOperatingSystem(),
1546
- parameters: scrubParameters({
1547
- piiFields: instrumentation.config.piiFields,
1548
- redactAll,
1549
- value: extractParams(args)
1550
- }),
1551
- platform: getPlatform(),
1552
- registeredExtensionKeys: Array.from(core.extensions),
1553
- sdkSessionId: core.sdkSessionId,
1554
- sdkVersion: core.version,
1555
- status: "info",
1556
- tokenSessionId: state.token ? extractSessionId(state.token) : null,
1557
- userAgent: getUserAgent(),
1558
- userId: state.user?.id ?? null
1545
+ if (!core?.instrumentation.config.enabled) return fn(...args);
1546
+ const { instrumentation, logger } = core;
1547
+ const { piiFields } = instrumentation.config;
1548
+ const base = {
1549
+ ...buildContext(core),
1550
+ functionName
1559
1551
  };
1552
+ const startedAt = Date.now();
1560
1553
  instrumentation.logFunction({
1561
- ...baseEvent,
1554
+ ...base,
1555
+ payload: safeSelect({
1556
+ functionName,
1557
+ logger,
1558
+ piiFields,
1559
+ selector: selectors?.started,
1560
+ value: args
1561
+ }),
1562
1562
  phase: "started",
1563
+ status: "info",
1563
1564
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1564
1565
  });
1565
- try {
1566
- const result = fn(...args);
1567
- if (result instanceof Promise) return result.then((value) => {
1568
- instrumentation.logFunction({
1569
- ...baseEvent,
1570
- phase: "resolved",
1571
- resolvedValue: scrubResolvedValue({
1572
- piiFields: instrumentation.config.piiFields,
1573
- redactAll,
1574
- value
1575
- }),
1576
- timestamp: (/* @__PURE__ */ new Date()).toISOString()
1577
- });
1578
- return value;
1579
- }).catch((error) => {
1580
- instrumentation.logFunction({
1581
- ...baseEvent,
1582
- phase: "rejected",
1583
- rejectedError: serializeError(error),
1584
- timestamp: (/* @__PURE__ */ new Date()).toISOString()
1585
- });
1586
- throw error;
1587
- });
1566
+ const emitResolved = (value) => {
1588
1567
  instrumentation.logFunction({
1589
- ...baseEvent,
1590
- phase: "resolved",
1591
- resolvedValue: scrubResolvedValue({
1592
- piiFields: instrumentation.config.piiFields,
1593
- redactAll,
1594
- value: result
1568
+ ...base,
1569
+ durationMs: Date.now() - startedAt,
1570
+ payload: safeSelect({
1571
+ functionName,
1572
+ logger,
1573
+ piiFields,
1574
+ selector: selectors?.resolved,
1575
+ value
1595
1576
  }),
1577
+ phase: "resolved",
1578
+ status: "info",
1596
1579
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1597
1580
  });
1598
- return result;
1599
- } catch (error) {
1581
+ };
1582
+ const emitRejected = (error) => {
1600
1583
  instrumentation.logFunction({
1601
- ...baseEvent,
1584
+ ...base,
1585
+ ...toErrorFields(error),
1586
+ durationMs: Date.now() - startedAt,
1602
1587
  phase: "rejected",
1603
- rejectedError: serializeError(error),
1588
+ status: "error",
1604
1589
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1605
1590
  });
1591
+ };
1592
+ try {
1593
+ const result = fn(...args);
1594
+ if (result instanceof Promise) return result.then((value) => {
1595
+ emitResolved(value);
1596
+ return value;
1597
+ }, (error) => {
1598
+ emitRejected(error);
1599
+ throw error;
1600
+ });
1601
+ emitResolved(result);
1602
+ return result;
1603
+ } catch (error) {
1604
+ emitRejected(error);
1606
1605
  throw error;
1607
1606
  }
1608
1607
  };
@@ -1647,6 +1646,7 @@ const getWalletAccountsHash = (state, client) => getWalletAccountsFromState(stat
1647
1646
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1648
1647
  * @returns True if the user needs additional MFA authentication, false otherwise.
1649
1648
  * @notInstrumented
1649
+ * @hook Exposed as a hook so consumers reactively know when MFA is still required, updated when the user changes.
1650
1650
  */
1651
1651
  const isUserMissingMfaAuth = (client = getDefaultClient()) => {
1652
1652
  const user = client.user;
@@ -1892,11 +1892,11 @@ const updateAuthFromVerifyResponse = ({ response }, client) => {
1892
1892
  * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically
1893
1893
  * so customers can access the cookie from document.cookie consistently between sandbox and live environments.
1894
1894
  */
1895
- if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax`);
1895
+ if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax${getSecureCookieAttribute()}`);
1896
1896
  checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);
1897
1897
  if (!previousState.user && Boolean(newState.user)) initializeWaasClientsForEagerRecovery(client);
1898
1898
  };
1899
1899
 
1900
1900
  //#endregion
1901
- export { MfaRateLimitedError as $, NoWalletProviderFoundError as A, emitEvent as B, getOperatingSystem as C, WalletProviderPriority as D, getWalletProviderFromWalletAccount as E, CHAINS_INFO_MAP as F, fetchAndStoreNonces as G, onEvent as H, formatWalletAccountId as I, createDeviceSignatureHeadersMiddleware as J, createApiClient as K, normalizeAddress as L, formatWalletProviderKey as M, normalizeWalletNameWithChain as N, getWalletProviderRegistry as O, getChainFromVerifiedCredentialChain as P, SandboxMaximumThresholdReachedError as Q, splitWalletProviderKey as R, getPlatform as S, DYNAMIC_AUTH_COOKIE_NAME as T, onceEvent as U, offEvent as V, setCookie as W, getDeviceSigner as X, getHeadersForNonceSignedByDeviceSigners as Y, getNonce as Z, SDK_API_CORE_VERSION as _, getCore as _t, initializeWaasClientsForEagerRecovery as a, isCookieEnabled as at, DEFAULT_PII_FIELDS as b, isWaasWalletProvider as c, getElevatedAccessToken as ct, DYNAMIC_WAAS_METADATA as d, DYNAMIC_SDK_API_VERSION as dt, MfaInvalidOtpError as et, getWalletProviders as f, NONCE_POOL_SIZE as ft, DYNAMIC_ICONIC_SPRITE_URL as g, BaseError as gt, emitWalletAccountsChangedEvent as h, ClientNotFoundError as ht, InvalidParamError as i, getSessionKeys as it, getWalletAccounts as j, createRuntimeServiceAccessKey as k, DEFAULT_WAAS_BASE_API_URL as l, randomString as lt, checkAndRaiseWalletAccountsChangedEvent as m, setDefaultClient as mt, upsertElevatedAccessToken as n, InvalidExternalAuthError as nt, isWaasWalletAccount as o, assertDefined as ot, isUserMissingMfaAuth as p, getDefaultClient as pt, UnauthorizedError as q, parseElevatedAccessToken as r, APIError as rt, findWaasWalletProviderByChain as s, ValueMustBeDefinedError as st, updateAuthFromVerifyResponse as t, LinkCredentialError as tt, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as u, CLIENT_SDK_NAME as ut, instrumentFunction as v, name as vt, extractSessionId as w, getUserAgent as x, scrubParameters as y, version as yt, InvalidWalletProviderKeyError as z };
1902
- //# sourceMappingURL=updateAuthFromVerifyResponse-BdokPJ21.esm.js.map
1901
+ export { SandboxMaximumThresholdReachedError as $, NoWalletProviderFoundError as A, emitEvent as B, getOperatingSystem as C, WalletProviderPriority as D, getWalletProviderFromWalletAccount as E, CHAINS_INFO_MAP as F, getSecureCookieAttribute as G, onEvent as H, formatWalletAccountId as I, UnauthorizedError as J, fetchAndStoreNonces as K, normalizeAddress as L, formatWalletProviderKey as M, normalizeWalletNameWithChain as N, getWalletProviderRegistry as O, getChainFromVerifiedCredentialChain as P, getNonce as Q, splitWalletProviderKey as R, getPlatform as S, DYNAMIC_AUTH_COOKIE_NAME as T, onceEvent as U, offEvent as V, setCookie as W, getHeadersForNonceSignedByDeviceSigners as X, createDeviceSignatureHeadersMiddleware as Y, getDeviceSigner as Z, SDK_API_CORE_VERSION as _, BaseError as _t, initializeWaasClientsForEagerRecovery as a, getSessionKeys as at, DEFAULT_PII_FIELDS as b, version as bt, isWaasWalletProvider as c, ValueMustBeDefinedError as ct, DYNAMIC_WAAS_METADATA as d, CLIENT_SDK_NAME as dt, MfaRateLimitedError as et, getWalletProviders as f, DYNAMIC_SDK_API_VERSION as ft, DYNAMIC_ICONIC_SPRITE_URL as g, ClientNotFoundError as gt, emitWalletAccountsChangedEvent as h, setDefaultClient as ht, InvalidParamError as i, APIError as it, getWalletAccounts as j, createRuntimeServiceAccessKey as k, DEFAULT_WAAS_BASE_API_URL as l, getElevatedAccessToken as lt, checkAndRaiseWalletAccountsChangedEvent as m, getDefaultClient as mt, upsertElevatedAccessToken as n, LinkCredentialError as nt, isWaasWalletAccount as o, isCookieEnabled as ot, isUserMissingMfaAuth as p, NONCE_POOL_SIZE as pt, createApiClient as q, parseElevatedAccessToken as r, InvalidExternalAuthError as rt, findWaasWalletProviderByChain as s, assertDefined as st, updateAuthFromVerifyResponse as t, MfaInvalidOtpError as tt, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as u, randomString as ut, instrumentFunction as v, getCore as vt, extractSessionId as w, getUserAgent as x, scrubParameters as y, name as yt, InvalidWalletProviderKeyError as z };
1902
+ //# sourceMappingURL=updateAuthFromVerifyResponse-BQes11vz.esm.js.map