@dynamic-labs-sdk/client 1.17.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. package/dist/core.cjs +7 -5
  2. package/dist/core.cjs.map +1 -1
  3. package/dist/core.esm.js +8 -8
  4. package/dist/core.esm.js.map +1 -1
  5. package/dist/core.native.esm.js +8 -8
  6. package/dist/core.native.esm.js.map +1 -1
  7. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts +5 -0
  8. package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts.map +1 -0
  9. package/dist/errors/UnsafeDeeplinkUrlError.d.ts +17 -0
  10. package/dist/errors/UnsafeDeeplinkUrlError.d.ts.map +1 -0
  11. package/dist/errors/UnsafeNavigationUrlError.d.ts +16 -0
  12. package/dist/errors/UnsafeNavigationUrlError.d.ts.map +1 -0
  13. package/dist/errors/WalletScreeningBlockedError.d.ts +14 -0
  14. package/dist/errors/WalletScreeningBlockedError.d.ts.map +1 -0
  15. package/dist/exports/core.d.ts +4 -0
  16. package/dist/exports/core.d.ts.map +1 -1
  17. package/dist/exports/index.d.ts +7 -2
  18. package/dist/exports/index.d.ts.map +1 -1
  19. package/dist/{getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js → getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js} +96 -13
  20. package/dist/getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js.map +1 -0
  21. package/dist/{getNetworkProviderFromNetworkId-BVVs3arj.esm.js → getNetworkProviderFromNetworkId-CEs4SGW4.esm.js} +105 -22
  22. package/dist/getNetworkProviderFromNetworkId-CEs4SGW4.esm.js.map +1 -0
  23. package/dist/{getNetworkProviderFromNetworkId-DzzocxRc.cjs → getNetworkProviderFromNetworkId-CMIgKqEH.cjs} +119 -18
  24. package/dist/getNetworkProviderFromNetworkId-CMIgKqEH.cjs.map +1 -0
  25. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js → getSignedSessionId-CUqILBh8.esm.js} +3 -3
  26. package/dist/{getSignedSessionId-Bnuz2Aqc.esm.js.map → getSignedSessionId-CUqILBh8.esm.js.map} +1 -1
  27. package/dist/{getSignedSessionId-Dx0qQLMP.cjs → getSignedSessionId-De_N_Ofg.cjs} +3 -3
  28. package/dist/{getSignedSessionId-Dx0qQLMP.cjs.map → getSignedSessionId-De_N_Ofg.cjs.map} +1 -1
  29. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js → getSignedSessionId-Hp1nSbaW.native.esm.js} +3 -3
  30. package/dist/{getSignedSessionId-Pc_5wscD.native.esm.js.map → getSignedSessionId-Hp1nSbaW.native.esm.js.map} +1 -1
  31. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js → getWalletProviderByKey-CKORCA8l.esm.js} +2 -2
  32. package/dist/{getWalletProviderByKey-BL3u0e-d.esm.js.map → getWalletProviderByKey-CKORCA8l.esm.js.map} +1 -1
  33. package/dist/{getWalletProviderByKey-BLWcueTR.cjs → getWalletProviderByKey-D3e0XMjs.cjs} +2 -2
  34. package/dist/{getWalletProviderByKey-BLWcueTR.cjs.map → getWalletProviderByKey-D3e0XMjs.cjs.map} +1 -1
  35. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js → getWalletProviderByKey-D5M801xH.native.esm.js} +2 -2
  36. package/dist/{getWalletProviderByKey-DhqKzh7g.native.esm.js.map → getWalletProviderByKey-D5M801xH.native.esm.js.map} +1 -1
  37. package/dist/index.cjs +253 -72
  38. package/dist/index.cjs.map +1 -1
  39. package/dist/index.esm.js +248 -94
  40. package/dist/index.esm.js.map +1 -1
  41. package/dist/index.native.esm.js +248 -94
  42. package/dist/index.native.esm.js.map +1 -1
  43. package/dist/{isDynamicWaasEnabled-BEn7FcD9.cjs → isDynamicWaasEnabled-BQuXZne_.cjs} +4 -6
  44. package/dist/isDynamicWaasEnabled-BQuXZne_.cjs.map +1 -0
  45. package/dist/{isDynamicWaasEnabled-DYy0TvLy.esm.js → isDynamicWaasEnabled-BaY09iv6.native.esm.js} +3 -5
  46. package/dist/isDynamicWaasEnabled-BaY09iv6.native.esm.js.map +1 -0
  47. package/dist/{isDynamicWaasEnabled-CvBaMGlR.native.esm.js → isDynamicWaasEnabled-BlVIlXMZ.esm.js} +3 -5
  48. package/dist/isDynamicWaasEnabled-BlVIlXMZ.esm.js.map +1 -0
  49. package/dist/{isMfaRequiredForAction-CJ9qbBUz.native.esm.js → isMfaRequiredForAction-CwOGwiDz.native.esm.js} +3 -5
  50. package/dist/isMfaRequiredForAction-CwOGwiDz.native.esm.js.map +1 -0
  51. package/dist/{isMfaRequiredForAction-CaNdGc-m.cjs → isMfaRequiredForAction-Dghiguch.cjs} +13 -6
  52. package/dist/isMfaRequiredForAction-Dghiguch.cjs.map +1 -0
  53. package/dist/{isMfaRequiredForAction-B7wNkqQf.esm.js → isMfaRequiredForAction-r9aDdmK5.esm.js} +13 -6
  54. package/dist/isMfaRequiredForAction-r9aDdmK5.esm.js.map +1 -0
  55. package/dist/{isUserOnboardingComplete-FRAIuxdi.native.esm.js → isUserOnboardingComplete-BMNAbXk1.esm.js} +6 -3
  56. package/dist/isUserOnboardingComplete-BMNAbXk1.esm.js.map +1 -0
  57. package/dist/{isUserOnboardingComplete-CGz-9Iyw.esm.js → isUserOnboardingComplete-C-ioFLRR.native.esm.js} +6 -3
  58. package/dist/isUserOnboardingComplete-C-ioFLRR.native.esm.js.map +1 -0
  59. package/dist/{isUserOnboardingComplete-w1IkCC_p.cjs → isUserOnboardingComplete-j4b_q9Pf.cjs} +7 -4
  60. package/dist/isUserOnboardingComplete-j4b_q9Pf.cjs.map +1 -0
  61. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js → migrateFromFireblocks-D--uqWp5.esm.js} +3 -3
  62. package/dist/{migrateFromFireblocks-DXs3odF_.esm.js.map → migrateFromFireblocks-D--uqWp5.esm.js.map} +1 -1
  63. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js → migrateFromFireblocks-D8Y5h0hz.native.esm.js} +3 -3
  64. package/dist/{migrateFromFireblocks-C-IqJz3q.native.esm.js.map → migrateFromFireblocks-D8Y5h0hz.native.esm.js.map} +1 -1
  65. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs → migrateFromFireblocks-D9pJIgt5.cjs} +3 -3
  66. package/dist/{migrateFromFireblocks-CjQWJPZW.cjs.map → migrateFromFireblocks-D9pJIgt5.cjs.map} +1 -1
  67. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts +0 -1
  68. package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts.map +1 -1
  69. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts +0 -1
  70. package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts.map +1 -1
  71. package/dist/modules/auth/logoutWithReason/logoutWithReason.d.ts.map +1 -1
  72. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts +0 -1
  73. package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts.map +1 -1
  74. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts +0 -1
  75. package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts.map +1 -1
  76. package/dist/modules/auth/social/oauth/signInWithSocialRedirect/buildOAuthUrl/getOAuthBaseUrl/getOAuthBaseUrl.d.ts.map +1 -1
  77. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts +0 -1
  78. package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts.map +1 -1
  79. package/dist/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.d.ts.map +1 -1
  80. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts +14 -0
  81. package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts.map +1 -0
  82. package/dist/modules/captcha/getCaptchaSettings/index.d.ts +3 -0
  83. package/dist/modules/captcha/getCaptchaSettings/index.d.ts.map +1 -0
  84. package/dist/modules/captcha/isCaptchaRequired/isCaptchaRequired.d.ts.map +1 -1
  85. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts +0 -1
  86. package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts.map +1 -1
  87. package/dist/modules/deviceRegistration/completeDeviceRegistration/completeDeviceRegistration.d.ts.map +1 -1
  88. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts +1 -0
  89. package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts.map +1 -1
  90. package/dist/modules/flow/attachFlowSource/attachFlowSource.d.ts.map +1 -1
  91. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts +9 -0
  92. package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts.map +1 -0
  93. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts +9 -0
  94. package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts.map +1 -0
  95. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts +8 -0
  96. package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts.map +1 -0
  97. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts +9 -0
  98. package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts.map +1 -0
  99. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts +9 -0
  100. package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts.map +1 -0
  101. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts +0 -4
  102. package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts.map +1 -1
  103. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts +0 -1
  104. package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts.map +1 -1
  105. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts +0 -1
  106. package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts.map +1 -1
  107. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts +1 -0
  108. package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts.map +1 -1
  109. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts +1 -0
  110. package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts.map +1 -1
  111. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts +0 -3
  112. package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts.map +1 -1
  113. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts +0 -1
  114. package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts.map +1 -1
  115. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts +0 -1
  116. package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts.map +1 -1
  117. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts +0 -1
  118. package/dist/modules/otp/verifyOTP/verifyOTP.d.ts.map +1 -1
  119. package/dist/modules/sessionKeys/generateSessionKeys/generateSessionKeys.d.ts.map +1 -1
  120. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts +1 -0
  121. package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts.map +1 -1
  122. package/dist/modules/user/refreshAuth/refreshAuth.d.ts +0 -1
  123. package/dist/modules/user/refreshAuth/refreshAuth.d.ts.map +1 -1
  124. package/dist/modules/user/updateUser/updateUser.d.ts +0 -1
  125. package/dist/modules/user/updateUser/updateUser.d.ts.map +1 -1
  126. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts +2 -1
  127. package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts.map +1 -1
  128. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts +1 -1
  129. package/dist/modules/wallets/networks/getTransactionHistory/getTransactionHistory.d.ts.map +1 -1
  130. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts +2 -0
  131. package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts.map +1 -1
  132. package/dist/modules/wallets/walletProviderRegistry/events.d.ts +2 -1
  133. package/dist/modules/wallets/walletProviderRegistry/events.d.ts.map +1 -1
  134. package/dist/services/instrumentation/createInstrumentation/createInstrumentation.d.ts.map +1 -1
  135. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts +40 -34
  136. package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts.map +1 -1
  137. package/dist/services/instrumentation/instrumentation.types.d.ts +50 -19
  138. package/dist/services/instrumentation/instrumentation.types.d.ts.map +1 -1
  139. package/dist/services/keychain/createKeychainService/createKeychainService.d.ts.map +1 -1
  140. package/dist/services/navigate/createNavigationHandler/createNavigationHandler.d.ts.map +1 -1
  141. package/dist/services/openDeeplink/createWebDeeplinkOpener/createWebDeeplinkOpener.d.ts.map +1 -1
  142. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  143. package/dist/{updateAuthFromVerifyResponse-BdokPJ21.esm.js → updateAuthFromVerifyResponse-BQes11vz.esm.js} +145 -145
  144. package/dist/updateAuthFromVerifyResponse-BQes11vz.esm.js.map +1 -0
  145. package/dist/{updateAuthFromVerifyResponse-CUnvs5Af.cjs → updateAuthFromVerifyResponse-Deg9em9o.cjs} +151 -145
  146. package/dist/updateAuthFromVerifyResponse-Deg9em9o.cjs.map +1 -0
  147. package/dist/{updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js → updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js} +145 -145
  148. package/dist/updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js.map +1 -0
  149. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts +12 -0
  150. package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts.map +1 -0
  151. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts +2 -0
  152. package/dist/utils/assertSafeDeeplinkUrl/index.d.ts.map +1 -0
  153. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts +12 -0
  154. package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts.map +1 -0
  155. package/dist/utils/assertSafeNavigationUrl/index.d.ts +2 -0
  156. package/dist/utils/assertSafeNavigationUrl/index.d.ts.map +1 -0
  157. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts +18 -0
  158. package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts.map +1 -0
  159. package/dist/utils/getSecureCookieAttribute/index.d.ts +2 -0
  160. package/dist/utils/getSecureCookieAttribute/index.d.ts.map +1 -0
  161. package/dist/waas.cjs +5 -5
  162. package/dist/waas.esm.js +4 -4
  163. package/dist/waas.native.esm.js +4 -4
  164. package/dist/waasCore.cjs +6 -6
  165. package/dist/waasCore.esm.js +6 -6
  166. package/dist/waasCore.native.esm.js +6 -6
  167. package/package.json +3 -3
  168. package/dist/getNetworkProviderFromNetworkId-BVVs3arj.esm.js.map +0 -1
  169. package/dist/getNetworkProviderFromNetworkId-DC1bhMuB.native.esm.js.map +0 -1
  170. package/dist/getNetworkProviderFromNetworkId-DzzocxRc.cjs.map +0 -1
  171. package/dist/isDynamicWaasEnabled-BEn7FcD9.cjs.map +0 -1
  172. package/dist/isDynamicWaasEnabled-CvBaMGlR.native.esm.js.map +0 -1
  173. package/dist/isDynamicWaasEnabled-DYy0TvLy.esm.js.map +0 -1
  174. package/dist/isMfaRequiredForAction-B7wNkqQf.esm.js.map +0 -1
  175. package/dist/isMfaRequiredForAction-CJ9qbBUz.native.esm.js.map +0 -1
  176. package/dist/isMfaRequiredForAction-CaNdGc-m.cjs.map +0 -1
  177. package/dist/isUserOnboardingComplete-CGz-9Iyw.esm.js.map +0 -1
  178. package/dist/isUserOnboardingComplete-FRAIuxdi.native.esm.js.map +0 -1
  179. package/dist/isUserOnboardingComplete-w1IkCC_p.cjs.map +0 -1
  180. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts +0 -28
  181. package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts.map +0 -1
  182. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts +0 -15
  183. package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts.map +0 -1
  184. package/dist/updateAuthFromVerifyResponse-BdokPJ21.esm.js.map +0 -1
  185. package/dist/updateAuthFromVerifyResponse-CUnvs5Af.cjs.map +0 -1
  186. package/dist/updateAuthFromVerifyResponse-DW-tPgdV.native.esm.js.map +0 -1
package/dist/index.cjs CHANGED
@@ -1,9 +1,9 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-CaNdGc-m.cjs');
2
- const require_updateAuthFromVerifyResponse = require('./updateAuthFromVerifyResponse-CUnvs5Af.cjs');
3
- const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-DzzocxRc.cjs');
4
- const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-BEn7FcD9.cjs');
5
- const require_isUserOnboardingComplete = require('./isUserOnboardingComplete-w1IkCC_p.cjs');
6
- const require_getWalletProviderByKey = require('./getWalletProviderByKey-BLWcueTR.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-Dghiguch.cjs');
2
+ const require_updateAuthFromVerifyResponse = require('./updateAuthFromVerifyResponse-Deg9em9o.cjs');
3
+ const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-CMIgKqEH.cjs');
4
+ const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-BQuXZne_.cjs');
5
+ const require_isUserOnboardingComplete = require('./isUserOnboardingComplete-j4b_q9Pf.cjs');
6
+ const require_getWalletProviderByKey = require('./getWalletProviderByKey-D3e0XMjs.cjs');
7
7
  let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
8
8
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
9
9
  let zod_mini = require("zod/mini");
@@ -751,10 +751,67 @@ const createDynamicTransport = (params) => {
751
751
  const createNavigationHandler = () => {
752
752
  if (require_getNetworkProviderFromNetworkId.isServerSideRendering()) return () => Promise.reject(new UnavailableInServerSideError("createNavigationHandler"));
753
753
  return async (url) => {
754
+ require_getNetworkProviderFromNetworkId.assertSafeNavigationUrl(url);
754
755
  window.location.href = url;
755
756
  };
756
757
  };
757
758
 
759
+ //#endregion
760
+ //#region src/errors/UnsafeDeeplinkUrlError.ts
761
+ /**
762
+ * Thrown when a deeplink is opened with a URL whose scheme can execute script
763
+ * in the current origin (`javascript:`, `data:`, `vbscript:`). Unlike
764
+ * navigation, deeplinks legitimately use custom app schemes (e.g. `phantom:`,
765
+ * `metamask:`), so this guards via a denylist of dangerous schemes rather than
766
+ * an `http(s)` allowlist, preventing DOM XSS through the `window.location.assign`
767
+ * sink while leaving valid wallet deeplinks untouched.
768
+ */
769
+ var UnsafeDeeplinkUrlError = class extends require_updateAuthFromVerifyResponse.BaseError {
770
+ constructor({ scheme }) {
771
+ super({
772
+ cause: null,
773
+ code: "unsafe_deeplink_url_error",
774
+ docsUrl: null,
775
+ name: "UnsafeDeeplinkUrlError",
776
+ shortMessage: `Refusing to open a deeplink with an unsafe scheme "${scheme}". Script-executing schemes (javascript:, data:, vbscript:) are not allowed. This may indicate a compromised or misconfigured deeplink URL.`
777
+ });
778
+ }
779
+ };
780
+
781
+ //#endregion
782
+ //#region src/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.ts
783
+ /**
784
+ * Schemes that can execute script in the current origin and must never reach a
785
+ * deeplink navigation sink. Deeplinks legitimately use arbitrary custom app
786
+ * schemes (e.g. `phantom:`, `metamask:`), so a denylist of dangerous schemes is
787
+ * used here instead of the `http(s)` allowlist applied to standard navigation.
788
+ */
789
+ const DANGEROUS_DEEPLINK_SCHEMES = new Set([
790
+ "javascript:",
791
+ "data:",
792
+ "vbscript:",
793
+ "blob:"
794
+ ]);
795
+ /**
796
+ * Asserts that the given deeplink URL is safe to open, i.e. its scheme is not
797
+ * one that can execute script (`javascript:`, `data:`, `vbscript:`, `blob:`). Used as a
798
+ * defense-in-depth guard on the `window.location.assign` deeplink sink to
799
+ * prevent DOM XSS, while still permitting custom wallet app schemes.
800
+ *
801
+ * @param url - The deeplink URL string to validate.
802
+ * @throws {UnsafeDeeplinkUrlError} If the URL cannot be parsed or its scheme can execute script.
803
+ * @notInstrumented
804
+ */
805
+ const assertSafeDeeplinkUrl = (url) => {
806
+ let parsed;
807
+ try {
808
+ parsed = new URL(url);
809
+ } catch {
810
+ throw new UnsafeDeeplinkUrlError({ scheme: "unknown" });
811
+ }
812
+ if (DANGEROUS_DEEPLINK_SCHEMES.has(parsed.protocol)) throw new UnsafeDeeplinkUrlError({ scheme: parsed.protocol });
813
+ };
814
+
758
815
  //#endregion
759
816
  //#region src/services/openDeeplink/createWebDeeplinkOpener/createWebDeeplinkOpener.ts
760
817
  /**
@@ -774,6 +831,7 @@ const createNavigationHandler = () => {
774
831
  const createWebDeeplinkOpener = () => {
775
832
  if (require_getNetworkProviderFromNetworkId.isServerSideRendering()) return () => Promise.reject(new UnavailableInServerSideError("createWebDeeplinkOpener"));
776
833
  return async (url) => {
834
+ assertSafeDeeplinkUrl(url);
777
835
  window.location.assign(url);
778
836
  };
779
837
  };
@@ -1130,6 +1188,21 @@ var DeeplinkConnectAndVerifyUnsupportedError = class extends require_updateAuthF
1130
1188
  }
1131
1189
  };
1132
1190
 
1191
+ //#endregion
1192
+ //#region src/errors/DeviceRegistrationIdentityMismatchError.ts
1193
+ var DeviceRegistrationIdentityMismatchError = class extends require_updateAuthFromVerifyResponse.BaseError {
1194
+ constructor() {
1195
+ super({
1196
+ cause: null,
1197
+ code: "device_registration_identity_mismatch_error",
1198
+ docsUrl: null,
1199
+ metaMessages: ["The device registration token resolved to a different user than the one currently authenticated.", "This can indicate a login-CSRF / session-fixation attempt, so the returned session was rejected and the current session was left untouched."],
1200
+ name: "DeviceRegistrationIdentityMismatchError",
1201
+ shortMessage: "Device registration completion was rejected because it would have replaced the current session with a different identity."
1202
+ });
1203
+ }
1204
+ };
1205
+
1133
1206
  //#endregion
1134
1207
  //#region src/errors/FeeEstimationFailedError.ts
1135
1208
  var FeeEstimationFailedError = class extends require_updateAuthFromVerifyResponse.BaseError {
@@ -1577,7 +1650,6 @@ const __checkStepUpAuth_wrapped = require_updateAuthFromVerifyResponse.instrumen
1577
1650
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1578
1651
  * @returns A promise that resolves to the assertion response containing the elevated access token.
1579
1652
  * @instrumented
1580
- * @redact-params
1581
1653
  */
1582
1654
  const requestExternalAuthElevatedToken = async ({ externalJwt }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
1583
1655
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -1605,8 +1677,7 @@ const __requestExternalAuthElevatedToken_wrapped = require_updateAuthFromVerifyR
1605
1677
  } catch {
1606
1678
  return;
1607
1679
  }
1608
- },
1609
- redactAll: true
1680
+ }
1610
1681
  });
1611
1682
 
1612
1683
  //#endregion
@@ -1621,7 +1692,6 @@ const __requestExternalAuthElevatedToken_wrapped = require_updateAuthFromVerifyR
1621
1692
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1622
1693
  * @returns A promise that resolves to the authentication response from the server.
1623
1694
  * @instrumented
1624
- * @redact-params
1625
1695
  */
1626
1696
  const signInWithExternalJwt = async ({ externalJwt, sessionPublicKey } = {}, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
1627
1697
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -1645,8 +1715,7 @@ const __signInWithExternalJwt_wrapped = require_updateAuthFromVerifyResponse.ins
1645
1715
  } catch {
1646
1716
  return;
1647
1717
  }
1648
- },
1649
- redactAll: true
1718
+ }
1650
1719
  });
1651
1720
 
1652
1721
  //#endregion
@@ -1758,7 +1827,6 @@ const serverRegisterPasskey = async ({ registration, createMfaToken }, client) =
1758
1827
  * @returns A promise that resolves to the registration response.
1759
1828
  * @throws NoWebAuthNSupportError If WebAuthn is not supported by the browser.
1760
1829
  * @instrumented
1761
- * @redact-params
1762
1830
  */
1763
1831
  const registerPasskey = async ({ createMfaToken } = {}, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
1764
1832
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -1781,8 +1849,7 @@ const __registerPasskey_wrapped = require_updateAuthFromVerifyResponse.instrumen
1781
1849
  } catch {
1782
1850
  return;
1783
1851
  }
1784
- },
1785
- redactAll: true
1852
+ }
1786
1853
  });
1787
1854
 
1788
1855
  //#endregion
@@ -1827,7 +1894,6 @@ const serverSigninPasskey = async ({ authentication, createMfaToken }, client) =
1827
1894
  * @returns A promise that resolves to the authentication response.
1828
1895
  * @throws NoWebAuthNSupportError If WebAuthn is not supported by the browser.
1829
1896
  * @instrumented
1830
- * @redact-params
1831
1897
  */
1832
1898
  const signInWithPasskey = async ({ relatedOriginRpId } = {}, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
1833
1899
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -1847,8 +1913,7 @@ const __signInWithPasskey_wrapped = require_updateAuthFromVerifyResponse.instrum
1847
1913
  } catch {
1848
1914
  return;
1849
1915
  }
1850
- },
1851
- redactAll: true
1916
+ }
1852
1917
  });
1853
1918
 
1854
1919
  //#endregion
@@ -1952,22 +2017,29 @@ const addOAuthUrlParams = ({ baseUrl, isGoogleDriveBackupEnabled, provider }) =>
1952
2017
 
1953
2018
  //#endregion
1954
2019
  //#region src/modules/auth/social/oauth/signInWithSocialRedirect/buildOAuthUrl/getOAuthBaseUrl/getOAuthBaseUrl.ts
1955
- /** Helper function to build the OAuth base URL for a given provider. * @notInstrumented
2020
+ /**
2021
+ * Resolves the raw base URL string for a provider before parsing/validation.
1956
2022
  */
1957
- const getOAuthBaseUrl = (provider) => {
2023
+ const resolveBaseUrl = (provider) => {
1958
2024
  require_updateAuthFromVerifyResponse.assertDefined(provider.provider, "Provider type not found");
1959
2025
  const providerType = provider.provider;
1960
2026
  if (providerType === _dynamic_labs_sdk_api_core.ProviderEnum.Telegram) {
1961
2027
  require_updateAuthFromVerifyResponse.assertDefined(provider.authorizationUrl, "Telegram authorization URL not found");
1962
- return new URL(provider.authorizationUrl);
2028
+ return provider.authorizationUrl;
1963
2029
  }
1964
2030
  require_updateAuthFromVerifyResponse.assertDefined(provider.baseAuthUrl, "Base auth URL not found");
1965
2031
  if (providerType === _dynamic_labs_sdk_api_core.ProviderEnum.Shopify) {
1966
2032
  require_updateAuthFromVerifyResponse.assertDefined(provider.shopifyStore, "Shopify store value not found in provider");
1967
- const loginBaseUrl = provider.baseAuthUrl.replace("{{shopifyStore}}", provider.shopifyStore);
1968
- return new URL(loginBaseUrl);
2033
+ return provider.baseAuthUrl.replace("{{shopifyStore}}", provider.shopifyStore);
1969
2034
  }
1970
- return new URL(provider.baseAuthUrl);
2035
+ return provider.baseAuthUrl;
2036
+ };
2037
+ /** Helper function to build the OAuth base URL for a given provider. * @notInstrumented
2038
+ */
2039
+ const getOAuthBaseUrl = (provider) => {
2040
+ const urlString = resolveBaseUrl(provider);
2041
+ require_getNetworkProviderFromNetworkId.assertSafeNavigationUrl(urlString);
2042
+ return new URL(urlString);
1971
2043
  };
1972
2044
 
1973
2045
  //#endregion
@@ -2302,7 +2374,6 @@ const getPrimaryWalletAccount = (client = require_updateAuthFromVerifyResponse.g
2302
2374
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
2303
2375
  * @returns A promise that resolves to the verify response.
2304
2376
  * @instrumented
2305
- * @redact-params
2306
2377
  */
2307
2378
  const unlinkSocialAccount = async ({ verifiedCredentialId }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
2308
2379
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -2330,8 +2401,7 @@ const __unlinkSocialAccount_wrapped = require_updateAuthFromVerifyResponse.instr
2330
2401
  } catch {
2331
2402
  return;
2332
2403
  }
2333
- },
2334
- redactAll: true
2404
+ }
2335
2405
  });
2336
2406
 
2337
2407
  //#endregion
@@ -2423,6 +2493,32 @@ const getMultichainTokenBalances = async ({ balanceRequest }, client = require_u
2423
2493
  */
2424
2494
  const getMultichainBalances = (params, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => getMultichainTokenBalances(params, client);
2425
2495
 
2496
+ //#endregion
2497
+ //#region src/modules/captcha/getCaptchaSettings/getCaptchaSettings.ts
2498
+ /**
2499
+ * Returns the active captcha provider and site key, or undefined if captcha is not enabled.
2500
+ * Use this to determine which captcha widget to render and which site key to pass it.
2501
+ *
2502
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
2503
+ * @notInstrumented
2504
+ */
2505
+ const getCaptchaSettings = (client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
2506
+ const projectSettings = client.projectSettings;
2507
+ if (!projectSettings) return void 0;
2508
+ const { security } = projectSettings;
2509
+ if (security.captcha) {
2510
+ if (security.captcha.enabled) return {
2511
+ provider: security.captcha.provider ?? _dynamic_labs_sdk_api_core.CaptchaProviderEnum.Hcaptcha,
2512
+ siteKey: security.captcha.siteKey
2513
+ };
2514
+ return;
2515
+ }
2516
+ if (security.hCaptcha?.enabled) return {
2517
+ provider: _dynamic_labs_sdk_api_core.CaptchaProviderEnum.Hcaptcha,
2518
+ siteKey: security.hCaptcha.siteKey
2519
+ };
2520
+ };
2521
+
2426
2522
  //#endregion
2427
2523
  //#region src/modules/checkout/utils/createCheckoutSessionTokenStorageKey/createCheckoutSessionTokenStorageKey.ts
2428
2524
  /** @notInstrumented */
@@ -2989,7 +3085,9 @@ const DEVICE_REGISTRATION_TOKEN_HEADER = "x-dynamic-device-registration-token";
2989
3085
  const completeDeviceRegistration = async ({ deviceToken }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
2990
3086
  require_updateAuthFromVerifyResponse.assertDefined(deviceToken, "deviceToken is required");
2991
3087
  const core = require_updateAuthFromVerifyResponse.getCore(client);
3088
+ const currentUser = core.state.get().user;
2992
3089
  const response = await require_updateAuthFromVerifyResponse.createApiClient({ headers: { [DEVICE_REGISTRATION_TOKEN_HEADER]: deviceToken } }, client).deviceRegistration({ environmentId: core.environmentId });
3090
+ if (currentUser && response.user?.id !== currentUser.id) throw new DeviceRegistrationIdentityMismatchError();
2993
3091
  require_updateAuthFromVerifyResponse.updateAuthFromVerifyResponse({ response }, client);
2994
3092
  require_updateAuthFromVerifyResponse.emitEvent({ event: "deviceRegistrationCompleted" }, client);
2995
3093
  return response;
@@ -3170,6 +3268,22 @@ const withFlowSessionTokenCleanupOn401 = async ({ call, flowId }, client) => {
3170
3268
  }
3171
3269
  };
3172
3270
 
3271
+ //#endregion
3272
+ //#region src/modules/flow/attachFlowSource/attachFlowSource.instrumentation.ts
3273
+ /**
3274
+ * Explicit instrumentation payload for attachFlowSource. Reads the nested
3275
+ * `flow` and logs non-sensitive volume and routing dimensions only — never the
3276
+ * wallet address, and never the response's session token.
3277
+ */
3278
+ const attachFlowSourceInstrumentation = { resolved: ({ flow }) => ({
3279
+ amount: flow.amount ?? null,
3280
+ currency: flow.currency ?? null,
3281
+ fromChainId: flow.fromChainId ?? null,
3282
+ fromChainName: flow.fromChainName ?? null,
3283
+ mode: flow.mode ?? null,
3284
+ sourceType: flow.sourceType ?? null
3285
+ }) };
3286
+
3173
3287
  //#endregion
3174
3288
  //#region src/modules/flow/attachFlowSource/attachFlowSource.ts
3175
3289
  /**
@@ -3199,11 +3313,13 @@ const attachFlowSource = async (params, client = require_updateAuthFromVerifyRes
3199
3313
  flowAttachSourceRequest.fromChainId = params.fromChainId;
3200
3314
  flowAttachSourceRequest.fromChainName = params.fromChainName;
3201
3315
  }
3316
+ const existingToken = await core.storage.getItem(createFlowSessionTokenStorageKey(flowId));
3202
3317
  const result = await withFlowSessionTokenCleanupOn401({
3203
3318
  call: () => apiClient.attachFlowSource({
3204
3319
  environmentId: core.environmentId,
3205
3320
  flowAttachSourceRequest,
3206
- flowId
3321
+ flowId,
3322
+ xDynamicFlowSessionToken: existingToken ?? void 0
3207
3323
  }),
3208
3324
  flowId
3209
3325
  }, client);
@@ -3220,7 +3336,8 @@ const __attachFlowSource_wrapped = require_updateAuthFromVerifyResponse.instrume
3220
3336
  } catch {
3221
3337
  return;
3222
3338
  }
3223
- }
3339
+ },
3340
+ selectors: attachFlowSourceInstrumentation
3224
3341
  });
3225
3342
 
3226
3343
  //#endregion
@@ -3238,6 +3355,22 @@ const createFlowApiClient = async ({ flowId }, client) => {
3238
3355
  };
3239
3356
  };
3240
3357
 
3358
+ //#endregion
3359
+ //#region src/modules/flow/broadcastFlow/broadcastFlow.instrumentation.ts
3360
+ /**
3361
+ * Explicit instrumentation payload for broadcastFlow. Logs non-sensitive
3362
+ * volume and routing dimensions only — never the wallet address or any
3363
+ * session token — so we can understand volume moved through the flow product.
3364
+ */
3365
+ const broadcastFlowInstrumentation = { resolved: (flow) => ({
3366
+ amount: flow.amount ?? null,
3367
+ currency: flow.currency ?? null,
3368
+ fromChainId: flow.fromChainId ?? null,
3369
+ fromChainName: flow.fromChainName ?? null,
3370
+ mode: flow.mode ?? null,
3371
+ sourceType: flow.sourceType ?? null
3372
+ }) };
3373
+
3241
3374
  //#endregion
3242
3375
  //#region src/modules/flow/broadcastFlow/broadcastFlow.ts
3243
3376
  /**
@@ -3274,9 +3407,25 @@ const __broadcastFlow_wrapped = require_updateAuthFromVerifyResponse.instrumentF
3274
3407
  } catch {
3275
3408
  return;
3276
3409
  }
3277
- }
3410
+ },
3411
+ selectors: broadcastFlowInstrumentation
3278
3412
  });
3279
3413
 
3414
+ //#endregion
3415
+ //#region src/modules/flow/cancelFlow/cancelFlow.instrumentation.ts
3416
+ /**
3417
+ * Explicit instrumentation payload for cancelFlow. Logs non-sensitive volume
3418
+ * and routing dimensions only — never the wallet address or any session token.
3419
+ */
3420
+ const cancelFlowInstrumentation = { resolved: (flow) => ({
3421
+ amount: flow.amount ?? null,
3422
+ currency: flow.currency ?? null,
3423
+ fromChainId: flow.fromChainId ?? null,
3424
+ fromChainName: flow.fromChainName ?? null,
3425
+ mode: flow.mode ?? null,
3426
+ sourceType: flow.sourceType ?? null
3427
+ }) };
3428
+
3280
3429
  //#endregion
3281
3430
  //#region src/modules/flow/cancelFlow/cancelFlow.ts
3282
3431
  /**
@@ -3310,7 +3459,8 @@ const __cancelFlow_wrapped = require_updateAuthFromVerifyResponse.instrumentFunc
3310
3459
  } catch {
3311
3460
  return;
3312
3461
  }
3313
- }
3462
+ },
3463
+ selectors: cancelFlowInstrumentation
3314
3464
  });
3315
3465
 
3316
3466
  //#endregion
@@ -3358,6 +3508,22 @@ const getFlowQuote = async ({ flowId, fromChainId, fromTokenAddress, slippage },
3358
3508
  }, client);
3359
3509
  };
3360
3510
 
3511
+ //#endregion
3512
+ //#region src/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.ts
3513
+ /**
3514
+ * Explicit instrumentation payload for prepareFlowSigning. Logs non-sensitive
3515
+ * volume and routing dimensions only — never the wallet address or any
3516
+ * session token.
3517
+ */
3518
+ const prepareFlowSigningInstrumentation = { resolved: (flow) => ({
3519
+ amount: flow.amount ?? null,
3520
+ currency: flow.currency ?? null,
3521
+ fromChainId: flow.fromChainId ?? null,
3522
+ fromChainName: flow.fromChainName ?? null,
3523
+ mode: flow.mode ?? null,
3524
+ sourceType: flow.sourceType ?? null
3525
+ }) };
3526
+
3361
3527
  //#endregion
3362
3528
  //#region src/modules/flow/prepareFlowSigning/prepareFlowSigning.ts
3363
3529
  /**
@@ -3395,9 +3561,26 @@ const __prepareFlowSigning_wrapped = require_updateAuthFromVerifyResponse.instru
3395
3561
  } catch {
3396
3562
  return;
3397
3563
  }
3398
- }
3564
+ },
3565
+ selectors: prepareFlowSigningInstrumentation
3399
3566
  });
3400
3567
 
3568
+ //#endregion
3569
+ //#region src/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.ts
3570
+ /**
3571
+ * Explicit instrumentation payload for submitFlowTransaction. Logs
3572
+ * non-sensitive volume and routing dimensions only — never the wallet address
3573
+ * or any session token — so executed flow volume is measurable.
3574
+ */
3575
+ const submitFlowTransactionInstrumentation = { resolved: (flow) => ({
3576
+ amount: flow.amount ?? null,
3577
+ currency: flow.currency ?? null,
3578
+ fromChainId: flow.fromChainId ?? null,
3579
+ fromChainName: flow.fromChainName ?? null,
3580
+ mode: flow.mode ?? null,
3581
+ sourceType: flow.sourceType ?? null
3582
+ }) };
3583
+
3401
3584
  //#endregion
3402
3585
  //#region src/modules/flow/submitFlowTransaction/submitFlowTransaction.ts
3403
3586
  /**
@@ -3441,7 +3624,8 @@ const __submitFlowTransaction_wrapped = require_updateAuthFromVerifyResponse.ins
3441
3624
  } catch {
3442
3625
  return;
3443
3626
  }
3444
- }
3627
+ },
3628
+ selectors: submitFlowTransactionInstrumentation
3445
3629
  });
3446
3630
 
3447
3631
  //#endregion
@@ -3673,18 +3857,6 @@ const createKrakenExchangeTransfer = async (transferParams, client = require_upd
3673
3857
  exchangeKey: _dynamic_labs_sdk_api_core.ExchangeKeyEnum.Kraken
3674
3858
  });
3675
3859
  };
3676
- const __createKrakenExchangeTransfer_impl = createKrakenExchangeTransfer;
3677
- const __createKrakenExchangeTransfer_wrapped = require_updateAuthFromVerifyResponse.instrumentFunction({
3678
- fn: __createKrakenExchangeTransfer_impl,
3679
- functionName: "createKrakenExchangeTransfer",
3680
- getCore: () => {
3681
- try {
3682
- return require_updateAuthFromVerifyResponse.getCore(require_updateAuthFromVerifyResponse.getDefaultClient());
3683
- } catch {
3684
- return;
3685
- }
3686
- }
3687
- });
3688
3860
 
3689
3861
  //#endregion
3690
3862
  //#region src/modules/funding/kraken/getKrakenAccounts/getKrakenAccounts.ts
@@ -3796,10 +3968,6 @@ var MoonPayProviderNotAvailableError = class extends require_updateAuthFromVerif
3796
3968
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
3797
3969
  * @returns The signed MoonPay URL.
3798
3970
  * @instrumented
3799
- * @redact-params - the return is a bare signed onramp URL whose query string
3800
- * carries the provider signature plus the user's wallet address; a bare-string
3801
- * return is logged under the synthetic `result` key, which no key-based rule
3802
- * covers, so redact the whole event.
3803
3971
  */
3804
3972
  const getMoonPayUrl = async (params, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
3805
3973
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -3833,8 +4001,7 @@ const __getMoonPayUrl_wrapped = require_updateAuthFromVerifyResponse.instrumentF
3833
4001
  } catch {
3834
4002
  return;
3835
4003
  }
3836
- },
3837
- redactAll: true
4004
+ }
3838
4005
  });
3839
4006
 
3840
4007
  //#endregion
@@ -4418,7 +4585,6 @@ const getWalletConnectCatalogWalletByWalletProviderKey = async ({ walletProvider
4418
4585
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
4419
4586
  * @returns A promise that resolves to OTP verification details if verification is required, or undefined.
4420
4587
  * @instrumented
4421
- * @redact-params
4422
4588
  */
4423
4589
  const updateUser = async ({ userFields }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
4424
4590
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -4448,8 +4614,7 @@ const __updateUser_wrapped = require_updateAuthFromVerifyResponse.instrumentFunc
4448
4614
  } catch {
4449
4615
  return;
4450
4616
  }
4451
- },
4452
- redactAll: true
4617
+ }
4453
4618
  });
4454
4619
 
4455
4620
  //#endregion
@@ -4663,7 +4828,6 @@ const authenticateTotpMfaDevice = async ({ deviceId, code, createMfaTokenOptions
4663
4828
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
4664
4829
  * @returns A promise that resolves to the newly generated recovery codes.
4665
4830
  * @instrumented
4666
- * @redact-params
4667
4831
  */
4668
4832
  const createNewMfaRecoveryCodes = async (client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
4669
4833
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -4679,8 +4843,7 @@ const __createNewMfaRecoveryCodes_wrapped = require_updateAuthFromVerifyResponse
4679
4843
  } catch {
4680
4844
  return;
4681
4845
  }
4682
- },
4683
- redactAll: true
4846
+ }
4684
4847
  });
4685
4848
 
4686
4849
  //#endregion
@@ -4774,9 +4937,6 @@ const getMfaRecoveryCodes = async (client = require_updateAuthFromVerifyResponse
4774
4937
  * @returns A promise that resolves to the TOTP registration response containing setup information,
4775
4938
  * like the secret key and the OTP Auth URI.
4776
4939
  * @instrumented
4777
- * @redact-params - the response embeds the TOTP shared secret in both `secret`
4778
- * and the `uri` (`otpauth://...?secret=...`); redact the whole event so the
4779
- * seed never reaches logs via the un-keyed `uri` field.
4780
4940
  */
4781
4941
  const registerTotpMfaDevice = async (client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
4782
4942
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -4792,8 +4952,7 @@ const __registerTotpMfaDevice_wrapped = require_updateAuthFromVerifyResponse.ins
4792
4952
  } catch {
4793
4953
  return;
4794
4954
  }
4795
- },
4796
- redactAll: true
4955
+ }
4797
4956
  });
4798
4957
 
4799
4958
  //#endregion
@@ -4842,7 +5001,6 @@ const __setDefaultMfaDevice_wrapped = require_updateAuthFromVerifyResponse.instr
4842
5001
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
4843
5002
  * @returns A promise that resolves to an OTPVerification object containing the email and verification UUID.
4844
5003
  * @instrumented
4845
- * @redact-params
4846
5004
  */
4847
5005
  const sendEmailOTP = async ({ email }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
4848
5006
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -4870,8 +5028,7 @@ const __sendEmailOTP_wrapped = require_updateAuthFromVerifyResponse.instrumentFu
4870
5028
  } catch {
4871
5029
  return;
4872
5030
  }
4873
- },
4874
- redactAll: true
5031
+ }
4875
5032
  });
4876
5033
 
4877
5034
  //#endregion
@@ -5805,7 +5962,6 @@ const supportedCountries = {
5805
5962
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
5806
5963
  * @returns A promise that resolves to an OTPVerification object containing the phone details and verification UUID.
5807
5964
  * @instrumented
5808
- * @redact-params
5809
5965
  */
5810
5966
  const sendSmsOTP = async ({ isoCountryCode, phoneNumber }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
5811
5967
  const core = require_updateAuthFromVerifyResponse.getCore(client);
@@ -5838,8 +5994,7 @@ const __sendSmsOTP_wrapped = require_updateAuthFromVerifyResponse.instrumentFunc
5838
5994
  } catch {
5839
5995
  return;
5840
5996
  }
5841
- },
5842
- redactAll: true
5997
+ }
5843
5998
  });
5844
5999
 
5845
6000
  //#endregion
@@ -5896,7 +6051,6 @@ const verifyOTPForUserUpdate = async ({ otpVerification, verificationToken, requ
5896
6051
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
5897
6052
  * @returns A promise that resolves to the verify response object upon successful verification.
5898
6053
  * @instrumented
5899
- * @redact-params
5900
6054
  */
5901
6055
  const verifyOTP = async ({ otpVerification, verificationToken, requestedScopes }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
5902
6056
  require_isUserOnboardingComplete.preconnectWaasIframe(client);
@@ -5923,8 +6077,7 @@ const __verifyOTP_wrapped = require_updateAuthFromVerifyResponse.instrumentFunct
5923
6077
  } catch {
5924
6078
  return;
5925
6079
  }
5926
- },
5927
- redactAll: true
6080
+ }
5928
6081
  });
5929
6082
 
5930
6083
  //#endregion
@@ -7754,6 +7907,7 @@ const getWalletAccountAddressByType = ({ type, walletAccount }) => {
7754
7907
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
7755
7908
  * @returns The data for the wallet provider.
7756
7909
  * @notInstrumented
7910
+ * @hook Exposed as a hook so consumers get reactive wallet provider data, updated when the wallet provider registry changes.
7757
7911
  */
7758
7912
  const getWalletProviderDataByKey = ({ walletProviderKey }, client = require_updateAuthFromVerifyResponse.getDefaultClient()) => {
7759
7913
  const { chain, groupKey, key, metadata, walletProviderType } = require_getWalletProviderByKey.getWalletProviderByKey({ walletProviderKey }, client);
@@ -8413,9 +8567,16 @@ const parseUserAgent = ({ userAgent }) => {
8413
8567
 
8414
8568
  //#endregion
8415
8569
  exports.BaseError = require_updateAuthFromVerifyResponse.BaseError;
8570
+ Object.defineProperty(exports, 'CaptchaProviderEnum', {
8571
+ enumerable: true,
8572
+ get: function () {
8573
+ return _dynamic_labs_sdk_api_core.CaptchaProviderEnum;
8574
+ }
8575
+ });
8416
8576
  exports.CheckoutSessionTokenMissingError = CheckoutSessionTokenMissingError;
8417
8577
  exports.ClientAlreadyInitializedError = ClientAlreadyInitializedError;
8418
8578
  exports.DeeplinkConnectAndVerifyUnsupportedError = DeeplinkConnectAndVerifyUnsupportedError;
8579
+ exports.DeviceRegistrationIdentityMismatchError = DeviceRegistrationIdentityMismatchError;
8419
8580
  exports.FeeEstimationFailedError = FeeEstimationFailedError;
8420
8581
  exports.FlowSessionTokenMissingError = FlowSessionTokenMissingError;
8421
8582
  exports.GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES = GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES;
@@ -8424,6 +8585,12 @@ exports.InvalidExternalAuthError = require_updateAuthFromVerifyResponse.InvalidE
8424
8585
  exports.InvalidParamError = require_updateAuthFromVerifyResponse.InvalidParamError;
8425
8586
  exports.InvalidRedirectStorageStateError = InvalidRedirectStorageStateError;
8426
8587
  exports.InvalidSocialCallbackOriginError = InvalidSocialCallbackOriginError;
8588
+ Object.defineProperty(exports, 'JwtVerifiedCredentialFormatEnum', {
8589
+ enumerable: true,
8590
+ get: function () {
8591
+ return _dynamic_labs_sdk_api_core.JwtVerifiedCredentialFormatEnum;
8592
+ }
8593
+ });
8427
8594
  exports.LinkCredentialError = require_updateAuthFromVerifyResponse.LinkCredentialError;
8428
8595
  Object.defineProperty(exports, 'MFAAction', {
8429
8596
  enumerable: true,
@@ -8445,8 +8612,20 @@ exports.NoPasskeyCredentialsFoundError = NoPasskeyCredentialsFoundError;
8445
8612
  exports.NoSmartWalletAccountSignerFoundError = NoSmartWalletAccountSignerFoundError;
8446
8613
  exports.NoWebAuthNSupportError = NoWebAuthNSupportError;
8447
8614
  exports.NotWaasWalletAccountError = require_isDynamicWaasEnabled.NotWaasWalletAccountError;
8615
+ Object.defineProperty(exports, 'ProviderEnum', {
8616
+ enumerable: true,
8617
+ get: function () {
8618
+ return _dynamic_labs_sdk_api_core.ProviderEnum;
8619
+ }
8620
+ });
8448
8621
  exports.SandboxMaximumThresholdReachedError = require_updateAuthFromVerifyResponse.SandboxMaximumThresholdReachedError;
8449
8622
  exports.SimulationFailedError = SimulationFailedError;
8623
+ Object.defineProperty(exports, 'TokenScope', {
8624
+ enumerable: true,
8625
+ get: function () {
8626
+ return _dynamic_labs_sdk_api_core.TokenScope;
8627
+ }
8628
+ });
8450
8629
  exports.TokenSwapError = TokenSwapError;
8451
8630
  exports.UnauthorizedError = require_updateAuthFromVerifyResponse.UnauthorizedError;
8452
8631
  exports.UnavailableInServerSideError = UnavailableInServerSideError;
@@ -8459,6 +8638,7 @@ exports.WalletAccountAlreadyVerifiedError = WalletAccountAlreadyVerifiedError;
8459
8638
  exports.WalletAccountNotSelectedError = WalletAccountNotSelectedError;
8460
8639
  exports.WalletAlreadyLinkedToAnotherUserError = require_getNetworkProviderFromNetworkId.WalletAlreadyLinkedToAnotherUserError;
8461
8640
  exports.WalletProviderMethodUnavailableError = WalletProviderMethodUnavailableError;
8641
+ exports.WalletScreeningBlockedError = require_getNetworkProviderFromNetworkId.WalletScreeningBlockedError;
8462
8642
  exports.acknowledgeRecoveryCodes = __acknowledgeRecoveryCodes_wrapped;
8463
8643
  exports.addCoinbaseOnrampOrderEventListener = addCoinbaseOnrampOrderEventListener;
8464
8644
  exports.addNetwork = __addNetwork_wrapped;
@@ -8488,7 +8668,7 @@ exports.createCheckoutTransaction = __createCheckoutTransaction_wrapped;
8488
8668
  exports.createCoinbaseOnrampOrder = __createCoinbaseOnrampOrder_wrapped;
8489
8669
  exports.createCryptoDotComPayment = __createCryptoDotComPayment_wrapped;
8490
8670
  exports.createDynamicClient = __createDynamicClient_wrapped;
8491
- exports.createKrakenExchangeTransfer = __createKrakenExchangeTransfer_wrapped;
8671
+ exports.createKrakenExchangeTransfer = createKrakenExchangeTransfer;
8492
8672
  exports.createNewMfaRecoveryCodes = __createNewMfaRecoveryCodes_wrapped;
8493
8673
  exports.deleteMfaDevice = __deleteMfaDevice_wrapped;
8494
8674
  exports.deletePasskey = __deletePasskey_wrapped;
@@ -8506,6 +8686,7 @@ exports.getAvailableWalletProvidersData = getAvailableWalletProvidersData;
8506
8686
  exports.getBalance = getBalance;
8507
8687
  exports.getBalanceForAddress = getBalanceForAddress;
8508
8688
  exports.getBalances = getBalances;
8689
+ exports.getCaptchaSettings = getCaptchaSettings;
8509
8690
  exports.getCheckoutTransaction = getCheckoutTransaction;
8510
8691
  exports.getCheckoutTransactionQuote = getCheckoutTransactionQuote;
8511
8692
  exports.getCoinbaseBuyUrl = getCoinbaseBuyUrl;