@dynamic-labs-sdk/client 1.17.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. package/dist/core.cjs +7 -5
  2. package/dist/core.cjs.map +1 -1
  3. package/dist/core.esm.js +8 -8
  4. package/dist/core.esm.js.map +1 -1
  5. package/dist/core.native.esm.js +8 -8
  6. package/dist/core.native.esm.js.map +1 -1
  7. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts +5 -0
  8. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts.map +1 -0
  9. package/dist/errors/UnsafeDeeplinkUrlError.d.ts +17 -0
  10. package/dist/errors/UnsafeDeeplinkUrlError.d.ts.map +1 -0
  11. package/dist/errors/UnsafeNavigationUrlError.d.ts +16 -0
  12. package/dist/errors/UnsafeNavigationUrlError.d.ts.map +1 -0
  13. package/dist/errors/WalletScreeningBlockedError.d.ts +14 -0
  14. package/dist/errors/WalletScreeningBlockedError.d.ts.map +1 -0
  15. package/dist/exports/core.d.ts +4 -0
  16. package/dist/exports/core.d.ts.map +1 -1
  17. package/dist/exports/index.d.ts +7 -2
  18. package/dist/exports/index.d.ts.map +1 -1
  19. package/dist/{getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js → getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js} +96 -13
  20. package/dist/getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js.map +1 -0
  21. package/dist/{getNetworkProviderFromNetworkId-BVVs3arj.esm.js → getNetworkProviderFromNetworkId-CEs4SGW4.esm.js} +105 -22
  22. package/dist/getNetworkProviderFromNetworkId-CEs4SGW4.esm.js.map +1 -0
  23. package/dist/{getNetworkProviderFromNetworkId-DzzocxRc.cjs → getNetworkProviderFromNetworkId-CMIgKqEH.cjs} +119 -18
  24. package/dist/getNetworkProviderFromNetworkId-CMIgKqEH.cjs.map +1 -0
  25. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js → getSignedSessionId-CUqILBh8.esm.js} +3 -3
  26. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js.map → getSignedSessionId-CUqILBh8.esm.js.map} +1 -1
  27. package/dist/{getSignedSessionId-Dx0qQLMP.cjs → getSignedSessionId-De_N_Ofg.cjs} +3 -3
  28. package/dist/{getSignedSessionId-Dx0qQLMP.cjs.map → getSignedSessionId-De_N_Ofg.cjs.map} +1 -1
  29. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js → getSignedSessionId-Hp1nSbaW.native.esm.js} +3 -3
  30. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js.map → getSignedSessionId-Hp1nSbaW.native.esm.js.map} +1 -1
  31. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js → getWalletProviderByKey-CKORCA8l.esm.js} +2 -2
  32. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js.map → getWalletProviderByKey-CKORCA8l.esm.js.map} +1 -1
  33. package/dist/{getWalletProviderByKey-BLWcueTR.cjs → getWalletProviderByKey-D3e0XMjs.cjs} +2 -2
  34. package/dist/{getWalletProviderByKey-BLWcueTR.cjs.map → getWalletProviderByKey-D3e0XMjs.cjs.map} +1 -1
  35. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js → getWalletProviderByKey-D5M801xH.native.esm.js} +2 -2
  36. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js.map → getWalletProviderByKey-D5M801xH.native.esm.js.map} +1 -1
  37. package/dist/index.cjs +253 -72
  38. package/dist/index.cjs.map +1 -1
  39. package/dist/index.esm.js +248 -94
  40. package/dist/index.esm.js.map +1 -1
  41. package/dist/index.native.esm.js +248 -94
  42. package/dist/index.native.esm.js.map +1 -1
  43. package/dist/{isDynamicWaasEnabled-BEn7FcD9.cjs → isDynamicWaasEnabled-BQuXZne_.cjs} +4 -6
  44. package/dist/isDynamicWaasEnabled-BQuXZne_.cjs.map +1 -0
  45. package/dist/{isDynamicWaasEnabled-DYy0TvLy.esm.js → isDynamicWaasEnabled-BaY09iv6.native.esm.js} +3 -5
  46. package/dist/isDynamicWaasEnabled-BaY09iv6.native.esm.js.map +1 -0
  47. package/dist/{isDynamicWaasEnabled-CvBaMGlR.native.esm.js → isDynamicWaasEnabled-BlVIlXMZ.esm.js} +3 -5
  48. package/dist/isDynamicWaasEnabled-BlVIlXMZ.esm.js.map +1 -0
  49. package/dist/{isMfaRequiredForAction-CJ9qbBUz.native.esm.js → isMfaRequiredForAction-CwOGwiDz.native.esm.js} +3 -5
  50. package/dist/isMfaRequiredForAction-CwOGwiDz.native.esm.js.map +1 -0
  51. package/dist/{isMfaRequiredForAction-CaNdGc-m.cjs → isMfaRequiredForAction-Dghiguch.cjs} +13 -6
  52. package/dist/isMfaRequiredForAction-Dghiguch.cjs.map +1 -0
  53. package/dist/{isMfaRequiredForAction-B7wNkqQf.esm.js → isMfaRequiredForAction-r9aDdmK5.esm.js} +13 -6
  54. package/dist/isMfaRequiredForAction-r9aDdmK5.esm.js.map +1 -0
  55. package/dist/{isUserOnboardingComplete-FRAIuxdi.native.esm.js → isUserOnboardingComplete-BMNAbXk1.esm.js} +6 -3
  56. package/dist/isUserOnboardingComplete-BMNAbXk1.esm.js.map +1 -0
  57. package/dist/{isUserOnboardingComplete-CGz-9Iyw.esm.js → isUserOnboardingComplete-C-ioFLRR.native.esm.js} +6 -3
  58. package/dist/isUserOnboardingComplete-C-ioFLRR.native.esm.js.map +1 -0
  59. package/dist/{isUserOnboardingComplete-w1IkCC_p.cjs → isUserOnboardingComplete-j4b_q9Pf.cjs} +7 -4
  60. package/dist/isUserOnboardingComplete-j4b_q9Pf.cjs.map +1 -0
  61. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js → migrateFromFireblocks-D--uqWp5.esm.js} +3 -3
  62. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js.map → migrateFromFireblocks-D--uqWp5.esm.js.map} +1 -1
  63. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js → migrateFromFireblocks-D8Y5h0hz.native.esm.js} +3 -3
  64. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js.map → migrateFromFireblocks-D8Y5h0hz.native.esm.js.map} +1 -1
  65. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs → migrateFromFireblocks-D9pJIgt5.cjs} +3 -3
  66. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs.map → migrateFromFireblocks-D9pJIgt5.cjs.map} +1 -1
  67. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts +0 -1
  68. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts.map +1 -1
  69. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts +0 -1
  70. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts.map +1 -1
  71. package/dist/modules/auth/logoutWithReason/logoutWithReason.d.ts.map +1 -1
  72. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts +0 -1
  73. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts.map +1 -1
  74. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts +0 -1
  75. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts.map +1 -1
  76. package/dist/modules/auth/social/oauth/signInWithSocialRedirect/buildOAuthUrl/getOAuthBaseUrl/getOAuthBaseUrl.d.ts.map +1 -1
  77. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts +0 -1
  78. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts.map +1 -1
  79. package/dist/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.d.ts.map +1 -1
  80. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts +14 -0
  81. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts.map +1 -0
  82. package/dist/modules/captcha/getCaptchaSettings/index.d.ts +3 -0
  83. package/dist/modules/captcha/getCaptchaSettings/index.d.ts.map +1 -0
  84. package/dist/modules/captcha/isCaptchaRequired/isCaptchaRequired.d.ts.map +1 -1
  85. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts +0 -1
  86. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts.map +1 -1
  87. package/dist/modules/deviceRegistration/completeDeviceRegistration/completeDeviceRegistration.d.ts.map +1 -1
  88. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts +1 -0
  89. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts.map +1 -1
  90. package/dist/modules/flow/attachFlowSource/attachFlowSource.d.ts.map +1 -1
  91. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts +9 -0
  92. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts.map +1 -0
  93. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts +9 -0
  94. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts.map +1 -0
  95. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts +8 -0
  96. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts.map +1 -0
  97. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts +9 -0
  98. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts.map +1 -0
  99. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts +9 -0
  100. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts.map +1 -0
  101. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts +0 -4
  102. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts.map +1 -1
  103. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts +0 -1
  104. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts.map +1 -1
  105. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts +0 -1
  106. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts.map +1 -1
  107. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts +1 -0
  108. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts.map +1 -1
  109. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts +1 -0
  110. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts.map +1 -1
  111. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts +0 -3
  112. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts.map +1 -1
  113. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts +0 -1
  114. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts.map +1 -1
  115. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts +0 -1
  116. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts.map +1 -1
  117. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts +0 -1
  118. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts.map +1 -1
  119. package/dist/modules/sessionKeys/generateSessionKeys/generateSessionKeys.d.ts.map +1 -1
  120. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts +1 -0
  121. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts.map +1 -1
  122. package/dist/modules/user/refreshAuth/refreshAuth.d.ts +0 -1
  123. package/dist/modules/user/refreshAuth/refreshAuth.d.ts.map +1 -1
  124. package/dist/modules/user/updateUser/updateUser.d.ts +0 -1
  125. package/dist/modules/user/updateUser/updateUser.d.ts.map +1 -1
  126. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts +2 -1
  127. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts.map +1 -1
  128. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts +1 -1
  129. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts.map +1 -1
  130. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts +2 -0
  131. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts.map +1 -1
  132. package/dist/modules/wallets/walletProviderRegistry/events.d.ts +2 -1
  133. package/dist/modules/wallets/walletProviderRegistry/events.d.ts.map +1 -1
  134. package/dist/services/instrumentation/createInstrumentation/createInstrumentation.d.ts.map +1 -1
  135. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts +40 -34
  136. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts.map +1 -1
  137. package/dist/services/instrumentation/instrumentation.types.d.ts +50 -19
  138. package/dist/services/instrumentation/instrumentation.types.d.ts.map +1 -1
  139. package/dist/services/keychain/createKeychainService/createKeychainService.d.ts.map +1 -1
  140. package/dist/services/navigate/createNavigationHandler/createNavigationHandler.d.ts.map +1 -1
  141. package/dist/services/openDeeplink/createWebDeeplinkOpener/createWebDeeplinkOpener.d.ts.map +1 -1
  142. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  143. package/dist/{updateAuthFromVerifyResponse-BdokPJ21.esm.js → updateAuthFromVerifyResponse-BQes11vz.esm.js} +145 -145
  144. package/dist/updateAuthFromVerifyResponse-BQes11vz.esm.js.map +1 -0
  145. package/dist/{updateAuthFromVerifyResponse-CUnvs5Af.cjs → updateAuthFromVerifyResponse-Deg9em9o.cjs} +151 -145
  146. package/dist/updateAuthFromVerifyResponse-Deg9em9o.cjs.map +1 -0
  147. package/dist/{updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js → updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js} +145 -145
  148. package/dist/updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js.map +1 -0
  149. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts +12 -0
  150. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts.map +1 -0
  151. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts +2 -0
  152. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts.map +1 -0
  153. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts +12 -0
  154. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts.map +1 -0
  155. package/dist/utils/assertSafeNavigationUrl/index.d.ts +2 -0
  156. package/dist/utils/assertSafeNavigationUrl/index.d.ts.map +1 -0
  157. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts +18 -0
  158. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts.map +1 -0
  159. package/dist/utils/getSecureCookieAttribute/index.d.ts +2 -0
  160. package/dist/utils/getSecureCookieAttribute/index.d.ts.map +1 -0
  161. package/dist/waas.cjs +5 -5
  162. package/dist/waas.esm.js +4 -4
  163. package/dist/waas.native.esm.js +4 -4
  164. package/dist/waasCore.cjs +6 -6
  165. package/dist/waasCore.esm.js +6 -6
  166. package/dist/waasCore.native.esm.js +6 -6
  167. package/package.json +3 -3
  168. package/dist/getNetworkProviderFromNetworkId-BVVs3arj.esm.js.map +0 -1
  169. package/dist/getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js.map +0 -1
  170. package/dist/getNetworkProviderFromNetworkId-DzzocxRc.cjs.map +0 -1
  171. package/dist/isDynamicWaasEnabled-BEn7FcD9.cjs.map +0 -1
  172. package/dist/isDynamicWaasEnabled-CvBaMGlR.native.esm.js.map +0 -1
  173. package/dist/isDynamicWaasEnabled-DYy0TvLy.esm.js.map +0 -1
  174. package/dist/isMfaRequiredForAction-B7wNkqQf.esm.js.map +0 -1
  175. package/dist/isMfaRequiredForAction-CJ9qbBUz.native.esm.js.map +0 -1
  176. package/dist/isMfaRequiredForAction-CaNdGc-m.cjs.map +0 -1
  177. package/dist/isUserOnboardingComplete-CGz-9Iyw.esm.js.map +0 -1
  178. package/dist/isUserOnboardingComplete-FRAIuxdi.native.esm.js.map +0 -1
  179. package/dist/isUserOnboardingComplete-w1IkCC_p.cjs.map +0 -1
  180. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts +0 -28
  181. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts.map +0 -1
  182. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts +0 -15
  183. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts.map +0 -1
  184. package/dist/updateAuthFromVerifyResponse-BdokPJ21.esm.js.map +0 -1
  185. package/dist/updateAuthFromVerifyResponse-CUnvs5Af.cjs.map +0 -1
  186. package/dist/updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js.map +0 -1
@@ -3,7 +3,7 @@ import { Platform } from "react-native";
3
3
 
4
4
  //#region package.json
5
5
  var name = "@dynamic-labs-sdk/client";
6
- var version = "1.17.0";
6
+ var version = "1.18.0";
7
7
  var dependencies = {
8
8
  "@dynamic-labs-sdk/assert-package-version": "workspace:*",
9
9
  "@dynamic-labs-wallet/browser-wallet-client": "1.0.46",
@@ -617,6 +617,28 @@ const fetchAndStoreNonces = async (client) => {
617
617
  return fetchPromise;
618
618
  };
619
619
 
620
+ //#endregion
621
+ //#region src/utils/getSecureCookieAttribute/getSecureCookieAttribute.ts
622
+ /**
623
+ * Returns the cookie `Secure` attribute suffix (`'; Secure'`) when the current
624
+ * document is running in a secure context, or an empty string otherwise.
625
+ *
626
+ * The `Secure` attribute prevents the browser from ever transmitting the cookie
627
+ * over an unencrypted `http://` connection, which mitigates cleartext token
628
+ * capture (CWE-614). It is intentionally omitted on insecure/localhost dev,
629
+ * because browsers reject `Secure` cookies set over `http://` and that would
630
+ * silently break local testing.
631
+ *
632
+ * Used when building the Dynamic auth JWT cookie string so the attribute is
633
+ * applied consistently on both the write (sign-in/refresh) and clear (logout)
634
+ * paths.
635
+ *
636
+ * @notInstrumented
637
+ */
638
+ const getSecureCookieAttribute = () => {
639
+ return Boolean(globalThis.window?.isSecureContext) || globalThis.location?.protocol === "https:" ? "; Secure" : "";
640
+ };
641
+
620
642
  //#endregion
621
643
  //#region src/utils/setCookie/setCookie.ts
622
644
  /**
@@ -1411,193 +1433,170 @@ const scrubParameters = ({ piiFields, redactAll, value }) => {
1411
1433
  });
1412
1434
  };
1413
1435
 
1414
- //#endregion
1415
- //#region src/services/instrumentation/instrumentFunction/extractParams/extractParams.ts
1416
- /**
1417
- * Normalises the raw positional arguments of an instrumented function call
1418
- * into a flat `Record<string, unknown>` suitable for structured logging.
1419
- *
1420
- * ## Why this is needed
1421
- *
1422
- * Instrumented functions are wrapped with `(...args: unknown[])`, so their
1423
- * parameters arrive as an array. Logging a raw array loses the semantic names
1424
- * of each argument. This function recovers a named representation:
1425
- *
1426
- * - **No arguments** → `{}`
1427
- * - **Single plain-object argument** → that object is returned as-is, because
1428
- * SDK functions follow the single-object-parameter convention, so the object
1429
- * already carries named keys (`{ amount, to }`, etc.).
1430
- * - **Everything else** (multiple args, a single primitive, a single array) →
1431
- * each value is indexed as `arg0`, `arg1`, …
1432
- *
1433
- * ## Why arrays are NOT treated as plain objects
1434
- *
1435
- * `typeof [] === 'object'` and `[] !== null`, so without the `Array.isArray`
1436
- * guard a single-array argument would be returned as-is. That would produce
1437
- * an object with numeric string keys (`{ '0': ..., '1': ... }`), which is
1438
- * misleading and inconsistent with how multi-arg calls are handled. Instead,
1439
- * arrays fall through to the indexed `arg0` path.
1440
- * @notInstrumented
1441
- */
1442
- const extractParams = (args) => {
1443
- if (args.length === 0) return {};
1444
- if (args.length === 1 && typeof args[0] === "object" && args[0] !== null && !Array.isArray(args[0])) return args[0];
1445
- const result = {};
1446
- for (let i = 0; i < args.length; i++) result[`arg${i}`] = args[i];
1447
- return result;
1448
- };
1449
-
1450
- //#endregion
1451
- //#region src/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.ts
1452
- /**
1453
- * Scrubs a resolved return value of any type before logging it.
1454
- * Routes through `scrubParameters` by wrapping the value so that strings,
1455
- * arrays, Dates, Errors, and all other types are handled identically to
1456
- * nested object fields.
1457
- * @notInstrumented
1458
- */
1459
- const scrubResolvedValue = ({ piiFields, redactAll, value }) => scrubParameters({
1460
- piiFields,
1461
- redactAll,
1462
- value: { result: value }
1463
- }).result;
1464
-
1465
1436
  //#endregion
1466
1437
  //#region src/services/instrumentation/instrumentFunction/instrumentFunction.ts
1467
- const serializeError = (error) => {
1468
- if (error instanceof Error) return {
1469
- message: error.message,
1470
- name: error.name,
1471
- stack: error.stack
1438
+ const toErrorFields = (error) => {
1439
+ if (error instanceof BaseError) return {
1440
+ errorCode: error.code,
1441
+ errorName: error.name
1472
1442
  };
1443
+ if (error instanceof Error) return { errorName: error.name };
1444
+ return { errorName: "UnknownError" };
1445
+ };
1446
+ const buildContext = (core) => {
1447
+ const state = core.state.get();
1473
1448
  return {
1474
- message: String(error),
1475
- name: "UnknownError"
1449
+ environmentId: core.environmentId,
1450
+ operatingSystem: getOperatingSystem(),
1451
+ platform: getPlatform(),
1452
+ registeredExtensionKeys: Array.from(core.extensions),
1453
+ sdkSessionId: core.sdkSessionId,
1454
+ sdkVersion: core.version,
1455
+ tokenSessionId: state.token ? extractSessionId(state.token) : null,
1456
+ userAgent: getUserAgent(),
1457
+ userId: state.user?.id ?? null
1476
1458
  };
1477
1459
  };
1478
1460
  /**
1461
+ * Runs an explicit payload selector and scrubs its output. Returns `undefined`
1462
+ * when there is no selector. Selector (and scrub) errors are swallowed so a
1463
+ * faulty selector can never break the wrapped function or fabricate a
1464
+ * 'rejected' event — instrumentation stays purely observational. The swallowed
1465
+ * error is surfaced on the `debug` logger so internal devs can still spot a
1466
+ * broken selector without it ever reaching a transport.
1467
+ */
1468
+ const safeSelect = ({ functionName, logger, piiFields, selector, value }) => {
1469
+ if (!selector) return;
1470
+ try {
1471
+ return scrubParameters({
1472
+ piiFields,
1473
+ value: selector(value)
1474
+ });
1475
+ } catch (error) {
1476
+ logger.debug(`[instrumentFunction] payload selector for "${functionName}" threw; emitting event without payload`, error);
1477
+ return;
1478
+ }
1479
+ };
1480
+ /**
1479
1481
  * Wraps a function so that each invocation emits a structured
1480
1482
  * `FunctionInstrumentationEvent` at three lifecycle points:
1481
1483
  *
1482
- * - **started** — immediately before the function body executes, with the
1483
- * PII-scrubbed call parameters.
1484
+ * - **started** — immediately before the function body executes.
1484
1485
  * - **resolved** — after the function (or its returned Promise) settles
1485
- * successfully, with the PII-scrubbed return value.
1486
+ * successfully, with the call duration.
1486
1487
  * - **rejected** — if the function throws synchronously or its returned
1487
- * Promise rejects.
1488
+ * Promise rejects, with the duration and the error's class name/code.
1489
+ *
1490
+ * Events carry only the safe envelope (function name, phase, timing, error
1491
+ * class, SDK/runtime metadata, identifiers). **Raw arguments and return values
1492
+ * are never captured.** A function that needs additional fields supplies
1493
+ * `selectors` that build an explicit, primitive-only {@link SafePayload} — the
1494
+ * only path from arguments/return value into a log.
1488
1495
  *
1489
1496
  * The original return value (or thrown error) is always forwarded to the
1490
- * caller unchanged — instrumentation is purely observational.
1497
+ * caller unchanged — instrumentation is purely observational, and a throwing
1498
+ * selector cannot change that.
1491
1499
  *
1492
- * ## Usage
1500
+ * ## Providing selectors
1501
+ *
1502
+ * A function opts into a payload by supplying selectors that map its arguments
1503
+ * (`started`) and/or its awaited return value (`resolved`) to a primitive-only
1504
+ * {@link SafePayload}. Pick individual known-safe fields — never spread a whole
1505
+ * object, which is exactly what the model prevents.
1493
1506
  *
1494
1507
  * ```ts
1495
1508
  * const transfer = instrumentFunction({
1496
1509
  * fn: rawTransfer,
1497
1510
  * functionName: 'transfer',
1498
1511
  * getCore: () => core,
1512
+ * selectors: {
1513
+ * // `args` is the argument tuple the wrapped function was called with.
1514
+ * started: ([{ chainId, amount }]) => ({ amount, chainId }),
1515
+ * // `result` is the awaited return value (never the Promise).
1516
+ * resolved: ({ txHash }) => ({ txHash }),
1517
+ * },
1499
1518
  * });
1500
- *
1501
- * // When called, three events are emitted automatically:
1502
- * await transfer({ amount: 1, to: '0xabc' });
1503
1519
  * ```
1504
1520
  *
1521
+ * A selector that throws (or whose output fails scrubbing) is swallowed: the
1522
+ * event is still emitted without a payload, and the error is logged at `debug`.
1523
+ *
1505
1524
  * ## How functions are wrapped
1506
1525
  *
1507
- * `instrumentFunction` is not called manually in application code. Instead,
1508
- * the esbuild instrumentation plugin (`tools/instrumentation-plugin`) injects
1509
- * it at build time: any exported function annotated with `@instrumented` in its
1510
- * JSDoc is automatically wrapped by the plugin during the build step.
1511
- * The plugin strips the original `export`, renames the function, and re-exports
1512
- * it under the original name via `instrumentFunction(...)` — so the public API
1513
- * is unchanged and no call sites need to be updated.
1526
+ * `instrumentFunction` is not called manually in application code. The esbuild
1527
+ * instrumentation plugin (`tools/instrumentation-plugin`) injects it at build
1528
+ * time for any exported function annotated with `@instrumented` in its JSDoc.
1514
1529
  *
1515
1530
  * ## Opting out
1516
1531
  *
1517
- * Instrumentation is skipped entirely when:
1518
- * - `getCore()` returns `undefined` (SDK not initialised), or
1519
- * - `core.instrumentation.config.enabled` is `false`.
1520
- *
1521
- * In both cases the original function is called directly with no overhead.
1522
- *
1523
- * ## PII scrubbing
1524
- *
1525
- * All string values whose key appears in `piiFields` are replaced with
1526
- * `"[redacted]"` before events are emitted. Pass `redactAll: true` to redact
1527
- * every field, regardless of key name.
1532
+ * Instrumentation is skipped entirely when `getCore()` returns `undefined`
1533
+ * (SDK not initialised) or when `core.instrumentation.config.enabled` is
1534
+ * `false`; in both cases the original function is called directly.
1528
1535
  * @notInstrumented
1529
1536
  */
1530
- const instrumentFunction = ({ fn, functionName, getCore: getCore$1, redactAll }) => {
1537
+ const instrumentFunction = ({ fn, functionName, getCore: getCore$1, selectors }) => {
1531
1538
  const wrapped = (...args) => {
1532
1539
  const core = getCore$1();
1533
- if (!core) return fn(...args);
1534
- if (!core.instrumentation.config.enabled) return fn(...args);
1535
- const instrumentation = core.instrumentation;
1536
- const state = core.state.get();
1537
- const baseEvent = {
1538
- environmentId: core.environmentId,
1539
- functionName,
1540
- operatingSystem: getOperatingSystem(),
1541
- parameters: scrubParameters({
1542
- piiFields: instrumentation.config.piiFields,
1543
- redactAll,
1544
- value: extractParams(args)
1545
- }),
1546
- platform: getPlatform(),
1547
- registeredExtensionKeys: Array.from(core.extensions),
1548
- sdkSessionId: core.sdkSessionId,
1549
- sdkVersion: core.version,
1550
- status: "info",
1551
- tokenSessionId: state.token ? extractSessionId(state.token) : null,
1552
- userAgent: getUserAgent(),
1553
- userId: state.user?.id ?? null
1540
+ if (!core?.instrumentation.config.enabled) return fn(...args);
1541
+ const { instrumentation, logger } = core;
1542
+ const { piiFields } = instrumentation.config;
1543
+ const base = {
1544
+ ...buildContext(core),
1545
+ functionName
1554
1546
  };
1547
+ const startedAt = Date.now();
1555
1548
  instrumentation.logFunction({
1556
- ...baseEvent,
1549
+ ...base,
1550
+ payload: safeSelect({
1551
+ functionName,
1552
+ logger,
1553
+ piiFields,
1554
+ selector: selectors?.started,
1555
+ value: args
1556
+ }),
1557
1557
  phase: "started",
1558
+ status: "info",
1558
1559
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1559
1560
  });
1560
- try {
1561
- const result = fn(...args);
1562
- if (result instanceof Promise) return result.then((value) => {
1563
- instrumentation.logFunction({
1564
- ...baseEvent,
1565
- phase: "resolved",
1566
- resolvedValue: scrubResolvedValue({
1567
- piiFields: instrumentation.config.piiFields,
1568
- redactAll,
1569
- value
1570
- }),
1571
- timestamp: (/* @__PURE__ */ new Date()).toISOString()
1572
- });
1573
- return value;
1574
- }).catch((error) => {
1575
- instrumentation.logFunction({
1576
- ...baseEvent,
1577
- phase: "rejected",
1578
- rejectedError: serializeError(error),
1579
- timestamp: (/* @__PURE__ */ new Date()).toISOString()
1580
- });
1581
- throw error;
1582
- });
1561
+ const emitResolved = (value) => {
1583
1562
  instrumentation.logFunction({
1584
- ...baseEvent,
1585
- phase: "resolved",
1586
- resolvedValue: scrubResolvedValue({
1587
- piiFields: instrumentation.config.piiFields,
1588
- redactAll,
1589
- value: result
1563
+ ...base,
1564
+ durationMs: Date.now() - startedAt,
1565
+ payload: safeSelect({
1566
+ functionName,
1567
+ logger,
1568
+ piiFields,
1569
+ selector: selectors?.resolved,
1570
+ value
1590
1571
  }),
1572
+ phase: "resolved",
1573
+ status: "info",
1591
1574
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1592
1575
  });
1593
- return result;
1594
- } catch (error) {
1576
+ };
1577
+ const emitRejected = (error) => {
1595
1578
  instrumentation.logFunction({
1596
- ...baseEvent,
1579
+ ...base,
1580
+ ...toErrorFields(error),
1581
+ durationMs: Date.now() - startedAt,
1597
1582
  phase: "rejected",
1598
- rejectedError: serializeError(error),
1583
+ status: "error",
1599
1584
  timestamp: (/* @__PURE__ */ new Date()).toISOString()
1600
1585
  });
1586
+ };
1587
+ try {
1588
+ const result = fn(...args);
1589
+ if (result instanceof Promise) return result.then((value) => {
1590
+ emitResolved(value);
1591
+ return value;
1592
+ }, (error) => {
1593
+ emitRejected(error);
1594
+ throw error;
1595
+ });
1596
+ emitResolved(result);
1597
+ return result;
1598
+ } catch (error) {
1599
+ emitRejected(error);
1601
1600
  throw error;
1602
1601
  }
1603
1602
  };
@@ -1642,6 +1641,7 @@ const getWalletAccountsHash = (state, client) => getWalletAccountsFromState(stat
1642
1641
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1643
1642
  * @returns True if the user needs additional MFA authentication, false otherwise.
1644
1643
  * @notInstrumented
1644
+ * @hook Exposed as a hook so consumers reactively know when MFA is still required, updated when the user changes.
1645
1645
  */
1646
1646
  const isUserMissingMfaAuth = (client = getDefaultClient()) => {
1647
1647
  const user = client.user;
@@ -1887,11 +1887,11 @@ const updateAuthFromVerifyResponse = ({ response }, client) => {
1887
1887
  * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically
1888
1888
  * so customers can access the cookie from document.cookie consistently between sandbox and live environments.
1889
1889
  */
1890
- if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax`);
1890
+ if (minifiedJwt && isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${sessionExpiresAt.toUTCString()}; path=/; SameSite=Lax${getSecureCookieAttribute()}`);
1891
1891
  checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);
1892
1892
  if (!previousState.user && Boolean(newState.user)) initializeWaasClientsForEagerRecovery(client);
1893
1893
  };
1894
1894
 
1895
1895
  //#endregion
1896
- export { MfaRateLimitedError as $, NoWalletProviderFoundError as A, emitEvent as B, getOperatingSystem as C, WalletProviderPriority as D, getWalletProviderFromWalletAccount as E, CHAINS_INFO_MAP as F, fetchAndStoreNonces as G, onEvent as H, formatWalletAccountId as I, createDeviceSignatureHeadersMiddleware as J, createApiClient as K, normalizeAddress as L, formatWalletProviderKey as M, normalizeWalletNameWithChain as N, getWalletProviderRegistry as O, getChainFromVerifiedCredentialChain as P, SandboxMaximumThresholdReachedError as Q, splitWalletProviderKey as R, getPlatform as S, DYNAMIC_AUTH_COOKIE_NAME as T, onceEvent as U, offEvent as V, setCookie as W, getDeviceSigner as X, getHeadersForNonceSignedByDeviceSigners as Y, getNonce as Z, SDK_API_CORE_VERSION as _, getCore as _t, initializeWaasClientsForEagerRecovery as a, isCookieEnabled as at, DEFAULT_PII_FIELDS as b, isWaasWalletProvider as c, getElevatedAccessToken as ct, DYNAMIC_WAAS_METADATA as d, DYNAMIC_SDK_API_VERSION as dt, MfaInvalidOtpError as et, getWalletProviders as f, NONCE_POOL_SIZE as ft, DYNAMIC_ICONIC_SPRITE_URL as g, BaseError as gt, emitWalletAccountsChangedEvent as h, ClientNotFoundError as ht, InvalidParamError as i, getSessionKeys as it, getWalletAccounts as j, createRuntimeServiceAccessKey as k, DEFAULT_WAAS_BASE_API_URL as l, randomString as lt, checkAndRaiseWalletAccountsChangedEvent as m, setDefaultClient as mt, upsertElevatedAccessToken as n, InvalidExternalAuthError as nt, isWaasWalletAccount as o, assertDefined as ot, isUserMissingMfaAuth as p, getDefaultClient as pt, UnauthorizedError as q, parseElevatedAccessToken as r, APIError as rt, findWaasWalletProviderByChain as s, ValueMustBeDefinedError as st, updateAuthFromVerifyResponse as t, LinkCredentialError as tt, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as u, CLIENT_SDK_NAME as ut, instrumentFunction as v, name as vt, extractSessionId as w, getUserAgent as x, scrubParameters as y, version as yt, InvalidWalletProviderKeyError as z };
1897
- //# sourceMappingURL=updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js.map
1896
+ export { SandboxMaximumThresholdReachedError as $, NoWalletProviderFoundError as A, emitEvent as B, getOperatingSystem as C, WalletProviderPriority as D, getWalletProviderFromWalletAccount as E, CHAINS_INFO_MAP as F, getSecureCookieAttribute as G, onEvent as H, formatWalletAccountId as I, UnauthorizedError as J, fetchAndStoreNonces as K, normalizeAddress as L, formatWalletProviderKey as M, normalizeWalletNameWithChain as N, getWalletProviderRegistry as O, getChainFromVerifiedCredentialChain as P, getNonce as Q, splitWalletProviderKey as R, getPlatform as S, DYNAMIC_AUTH_COOKIE_NAME as T, onceEvent as U, offEvent as V, setCookie as W, getHeadersForNonceSignedByDeviceSigners as X, createDeviceSignatureHeadersMiddleware as Y, getDeviceSigner as Z, SDK_API_CORE_VERSION as _, BaseError as _t, initializeWaasClientsForEagerRecovery as a, getSessionKeys as at, DEFAULT_PII_FIELDS as b, version as bt, isWaasWalletProvider as c, ValueMustBeDefinedError as ct, DYNAMIC_WAAS_METADATA as d, CLIENT_SDK_NAME as dt, MfaRateLimitedError as et, getWalletProviders as f, DYNAMIC_SDK_API_VERSION as ft, DYNAMIC_ICONIC_SPRITE_URL as g, ClientNotFoundError as gt, emitWalletAccountsChangedEvent as h, setDefaultClient as ht, InvalidParamError as i, APIError as it, getWalletAccounts as j, createRuntimeServiceAccessKey as k, DEFAULT_WAAS_BASE_API_URL as l, getElevatedAccessToken as lt, checkAndRaiseWalletAccountsChangedEvent as m, getDefaultClient as mt, upsertElevatedAccessToken as n, LinkCredentialError as nt, isWaasWalletAccount as o, isCookieEnabled as ot, isUserMissingMfaAuth as p, NONCE_POOL_SIZE as pt, createApiClient as q, parseElevatedAccessToken as r, InvalidExternalAuthError as rt, findWaasWalletProviderByChain as s, assertDefined as st, updateAuthFromVerifyResponse as t, MfaInvalidOtpError as tt, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as u, randomString as ut, instrumentFunction as v, getCore as vt, extractSessionId as w, getUserAgent as x, scrubParameters as y, name as yt, InvalidWalletProviderKeyError as z };
1897
+ //# sourceMappingURL=updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js.map