@dynamic-labs-sdk/client 1.17.1 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core.cjs +7 -5
- package/dist/core.cjs.map +1 -1
- package/dist/core.esm.js +8 -8
- package/dist/core.esm.js.map +1 -1
- package/dist/core.native.esm.js +8 -8
- package/dist/core.native.esm.js.map +1 -1
- package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts +5 -0
- package/dist/errors/DeviceRegistrationIdentityMismatchError.d.ts.map +1 -0
- package/dist/errors/UnsafeDeeplinkUrlError.d.ts +17 -0
- package/dist/errors/UnsafeDeeplinkUrlError.d.ts.map +1 -0
- package/dist/errors/UnsafeNavigationUrlError.d.ts +16 -0
- package/dist/errors/UnsafeNavigationUrlError.d.ts.map +1 -0
- package/dist/errors/WalletScreeningBlockedError.d.ts +14 -0
- package/dist/errors/WalletScreeningBlockedError.d.ts.map +1 -0
- package/dist/exports/core.d.ts +4 -0
- package/dist/exports/core.d.ts.map +1 -1
- package/dist/exports/index.d.ts +5 -0
- package/dist/exports/index.d.ts.map +1 -1
- package/dist/{getNetworkProviderFromNetworkId-Bfg-NkNJ.native.esm.js → getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js} +87 -13
- package/dist/getNetworkProviderFromNetworkId-C6DBO0OX.native.esm.js.map +1 -0
- package/dist/{getNetworkProviderFromNetworkId-pknqqhk1.esm.js → getNetworkProviderFromNetworkId-CEs4SGW4.esm.js} +105 -22
- package/dist/getNetworkProviderFromNetworkId-CEs4SGW4.esm.js.map +1 -0
- package/dist/{getNetworkProviderFromNetworkId-CS4r9hi7.cjs → getNetworkProviderFromNetworkId-CMIgKqEH.cjs} +119 -18
- package/dist/getNetworkProviderFromNetworkId-CMIgKqEH.cjs.map +1 -0
- package/dist/{getSignedSessionId-CUw7LJ35.esm.js → getSignedSessionId-CUqILBh8.esm.js} +3 -3
- package/dist/{getSignedSessionId-CUw7LJ35.esm.js.map → getSignedSessionId-CUqILBh8.esm.js.map} +1 -1
- package/dist/{getSignedSessionId-cMGkmojJ.cjs → getSignedSessionId-De_N_Ofg.cjs} +3 -3
- package/dist/{getSignedSessionId-cMGkmojJ.cjs.map → getSignedSessionId-De_N_Ofg.cjs.map} +1 -1
- package/dist/{getSignedSessionId-Cl3PEqa8.native.esm.js → getSignedSessionId-Hp1nSbaW.native.esm.js} +3 -3
- package/dist/{getSignedSessionId-Cl3PEqa8.native.esm.js.map → getSignedSessionId-Hp1nSbaW.native.esm.js.map} +1 -1
- package/dist/{getWalletProviderByKey-lQVfIGFi.esm.js → getWalletProviderByKey-CKORCA8l.esm.js} +2 -2
- package/dist/{getWalletProviderByKey-lQVfIGFi.esm.js.map → getWalletProviderByKey-CKORCA8l.esm.js.map} +1 -1
- package/dist/{getWalletProviderByKey-CP9Te5Sz.cjs → getWalletProviderByKey-D3e0XMjs.cjs} +2 -2
- package/dist/{getWalletProviderByKey-CP9Te5Sz.cjs.map → getWalletProviderByKey-D3e0XMjs.cjs.map} +1 -1
- package/dist/{getWalletProviderByKey-24co0tBE.native.esm.js → getWalletProviderByKey-D5M801xH.native.esm.js} +2 -2
- package/dist/{getWalletProviderByKey-24co0tBE.native.esm.js.map → getWalletProviderByKey-D5M801xH.native.esm.js.map} +1 -1
- package/dist/index.cjs +232 -71
- package/dist/index.cjs.map +1 -1
- package/dist/index.esm.js +227 -75
- package/dist/index.esm.js.map +1 -1
- package/dist/index.native.esm.js +227 -75
- package/dist/index.native.esm.js.map +1 -1
- package/dist/{isDynamicWaasEnabled-BwP1oowd.cjs → isDynamicWaasEnabled-BQuXZne_.cjs} +4 -6
- package/dist/isDynamicWaasEnabled-BQuXZne_.cjs.map +1 -0
- package/dist/{isDynamicWaasEnabled-BYaqAOml.esm.js → isDynamicWaasEnabled-BaY09iv6.native.esm.js} +3 -5
- package/dist/isDynamicWaasEnabled-BaY09iv6.native.esm.js.map +1 -0
- package/dist/{isDynamicWaasEnabled-BXe0VyI4.native.esm.js → isDynamicWaasEnabled-BlVIlXMZ.esm.js} +3 -5
- package/dist/isDynamicWaasEnabled-BlVIlXMZ.esm.js.map +1 -0
- package/dist/{isMfaRequiredForAction-Demz9zlH.native.esm.js → isMfaRequiredForAction-CwOGwiDz.native.esm.js} +3 -5
- package/dist/isMfaRequiredForAction-CwOGwiDz.native.esm.js.map +1 -0
- package/dist/{isMfaRequiredForAction-Btejc5g3.cjs → isMfaRequiredForAction-Dghiguch.cjs} +4 -6
- package/dist/{isMfaRequiredForAction-Btejc5g3.cjs.map → isMfaRequiredForAction-Dghiguch.cjs.map} +1 -1
- package/dist/{isMfaRequiredForAction-CqEcCTIe.esm.js → isMfaRequiredForAction-r9aDdmK5.esm.js} +4 -6
- package/dist/{isMfaRequiredForAction-CqEcCTIe.esm.js.map → isMfaRequiredForAction-r9aDdmK5.esm.js.map} +1 -1
- package/dist/{isUserOnboardingComplete-Cr-YTpcU.native.esm.js → isUserOnboardingComplete-BMNAbXk1.esm.js} +6 -3
- package/dist/isUserOnboardingComplete-BMNAbXk1.esm.js.map +1 -0
- package/dist/{isUserOnboardingComplete-CBrAH0ZF.esm.js → isUserOnboardingComplete-C-ioFLRR.native.esm.js} +6 -3
- package/dist/isUserOnboardingComplete-C-ioFLRR.native.esm.js.map +1 -0
- package/dist/{isUserOnboardingComplete-C86NDY7I.cjs → isUserOnboardingComplete-j4b_q9Pf.cjs} +7 -4
- package/dist/isUserOnboardingComplete-j4b_q9Pf.cjs.map +1 -0
- package/dist/{migrateFromFireblocks-Bbx2wHZD.esm.js → migrateFromFireblocks-D--uqWp5.esm.js} +3 -3
- package/dist/{migrateFromFireblocks-Bbx2wHZD.esm.js.map → migrateFromFireblocks-D--uqWp5.esm.js.map} +1 -1
- package/dist/{migrateFromFireblocks-D-J6-gRo.native.esm.js → migrateFromFireblocks-D8Y5h0hz.native.esm.js} +3 -3
- package/dist/{migrateFromFireblocks-D-J6-gRo.native.esm.js.map → migrateFromFireblocks-D8Y5h0hz.native.esm.js.map} +1 -1
- package/dist/{migrateFromFireblocks-B_q8Oawb.cjs → migrateFromFireblocks-D9pJIgt5.cjs} +3 -3
- package/dist/{migrateFromFireblocks-B_q8Oawb.cjs.map → migrateFromFireblocks-D9pJIgt5.cjs.map} +1 -1
- package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts +0 -1
- package/dist/modules/auth/externalAuth/requestExternalAuthElevatedToken/requestExternalAuthElevatedToken.d.ts.map +1 -1
- package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts +0 -1
- package/dist/modules/auth/externalAuth/signInWithExternalJwt/signInWithExternalJwt.d.ts.map +1 -1
- package/dist/modules/auth/logoutWithReason/logoutWithReason.d.ts.map +1 -1
- package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts +0 -1
- package/dist/modules/auth/passkeys/registerPasskey/registerPasskey.d.ts.map +1 -1
- package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts +0 -1
- package/dist/modules/auth/passkeys/signInWithPasskey/signInWithPasskey.d.ts.map +1 -1
- package/dist/modules/auth/social/oauth/signInWithSocialRedirect/buildOAuthUrl/getOAuthBaseUrl/getOAuthBaseUrl.d.ts.map +1 -1
- package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts +0 -1
- package/dist/modules/auth/social/oauth/unlinkSocialAccount/unlinkSocialAccount.d.ts.map +1 -1
- package/dist/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.d.ts.map +1 -1
- package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts +14 -0
- package/dist/modules/captcha/getCaptchaSettings/getCaptchaSettings.d.ts.map +1 -0
- package/dist/modules/captcha/getCaptchaSettings/index.d.ts +3 -0
- package/dist/modules/captcha/getCaptchaSettings/index.d.ts.map +1 -0
- package/dist/modules/captcha/isCaptchaRequired/isCaptchaRequired.d.ts.map +1 -1
- package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts +0 -1
- package/dist/modules/captcha/setCaptchaToken/setCaptchaToken.d.ts.map +1 -1
- package/dist/modules/deviceRegistration/completeDeviceRegistration/completeDeviceRegistration.d.ts.map +1 -1
- package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts +1 -0
- package/dist/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.d.ts.map +1 -1
- package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts +9 -0
- package/dist/modules/flow/attachFlowSource/attachFlowSource.instrumentation.d.ts.map +1 -0
- package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts +9 -0
- package/dist/modules/flow/broadcastFlow/broadcastFlow.instrumentation.d.ts.map +1 -0
- package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts +8 -0
- package/dist/modules/flow/cancelFlow/cancelFlow.instrumentation.d.ts.map +1 -0
- package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts +9 -0
- package/dist/modules/flow/prepareFlowSigning/prepareFlowSigning.instrumentation.d.ts.map +1 -0
- package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts +9 -0
- package/dist/modules/flow/submitFlowTransaction/submitFlowTransaction.instrumentation.d.ts.map +1 -0
- package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts +0 -4
- package/dist/modules/funding/moonpay/getMoonPayUrl/getMoonPayUrl.d.ts.map +1 -1
- package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts +0 -1
- package/dist/modules/mfa/consumeMfaToken/consumeMfaToken.d.ts.map +1 -1
- package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts +0 -1
- package/dist/modules/mfa/createNewMfaRecoveryCodes/createNewMfaRecoveryCodes.d.ts.map +1 -1
- package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts +1 -0
- package/dist/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.d.ts.map +1 -1
- package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts +1 -0
- package/dist/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.d.ts.map +1 -1
- package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts +0 -3
- package/dist/modules/mfa/registerTotpMfaDevice/registerTotpMfaDevice.d.ts.map +1 -1
- package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts +0 -1
- package/dist/modules/otp/sendEmailOTP/sendEmailOTP.d.ts.map +1 -1
- package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts +0 -1
- package/dist/modules/otp/sendSmsOTP/sendSmsOTP.d.ts.map +1 -1
- package/dist/modules/otp/verifyOTP/verifyOTP.d.ts +0 -1
- package/dist/modules/otp/verifyOTP/verifyOTP.d.ts.map +1 -1
- package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts +1 -0
- package/dist/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.d.ts.map +1 -1
- package/dist/modules/user/refreshAuth/refreshAuth.d.ts +0 -1
- package/dist/modules/user/refreshAuth/refreshAuth.d.ts.map +1 -1
- package/dist/modules/user/updateUser/updateUser.d.ts +0 -1
- package/dist/modules/user/updateUser/updateUser.d.ts.map +1 -1
- package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts +2 -1
- package/dist/modules/wallets/getWalletProviderDataByKey/getWalletProviderDataByKey.d.ts.map +1 -1
- package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts +2 -0
- package/dist/modules/wallets/verifyMessageSignatureOwnership/verifyMessageSignatureOwnership.d.ts.map +1 -1
- package/dist/services/instrumentation/createInstrumentation/createInstrumentation.d.ts.map +1 -1
- package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts +40 -34
- package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts.map +1 -1
- package/dist/services/instrumentation/instrumentation.types.d.ts +50 -19
- package/dist/services/instrumentation/instrumentation.types.d.ts.map +1 -1
- package/dist/services/keychain/createKeychainService/createKeychainService.d.ts.map +1 -1
- package/dist/services/navigate/createNavigationHandler/createNavigationHandler.d.ts.map +1 -1
- package/dist/services/openDeeplink/createWebDeeplinkOpener/createWebDeeplinkOpener.d.ts.map +1 -1
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/dist/{updateAuthFromVerifyResponse-azIi_3FB.esm.js → updateAuthFromVerifyResponse-BQes11vz.esm.js} +145 -145
- package/dist/updateAuthFromVerifyResponse-BQes11vz.esm.js.map +1 -0
- package/dist/{updateAuthFromVerifyResponse-CElYpi97.cjs → updateAuthFromVerifyResponse-Deg9em9o.cjs} +151 -145
- package/dist/updateAuthFromVerifyResponse-Deg9em9o.cjs.map +1 -0
- package/dist/{updateAuthFromVerifyResponse-D1w-Aw9P.native.esm.js → updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js} +145 -145
- package/dist/updateAuthFromVerifyResponse-wVY_DoiL.native.esm.js.map +1 -0
- package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts +12 -0
- package/dist/utils/assertSafeDeeplinkUrl/assertSafeDeeplinkUrl.d.ts.map +1 -0
- package/dist/utils/assertSafeDeeplinkUrl/index.d.ts +2 -0
- package/dist/utils/assertSafeDeeplinkUrl/index.d.ts.map +1 -0
- package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts +12 -0
- package/dist/utils/assertSafeNavigationUrl/assertSafeNavigationUrl.d.ts.map +1 -0
- package/dist/utils/assertSafeNavigationUrl/index.d.ts +2 -0
- package/dist/utils/assertSafeNavigationUrl/index.d.ts.map +1 -0
- package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts +18 -0
- package/dist/utils/getSecureCookieAttribute/getSecureCookieAttribute.d.ts.map +1 -0
- package/dist/utils/getSecureCookieAttribute/index.d.ts +2 -0
- package/dist/utils/getSecureCookieAttribute/index.d.ts.map +1 -0
- package/dist/waas.cjs +5 -5
- package/dist/waas.esm.js +4 -4
- package/dist/waas.native.esm.js +4 -4
- package/dist/waasCore.cjs +6 -6
- package/dist/waasCore.esm.js +6 -6
- package/dist/waasCore.native.esm.js +6 -6
- package/package.json +3 -3
- package/dist/getNetworkProviderFromNetworkId-Bfg-NkNJ.native.esm.js.map +0 -1
- package/dist/getNetworkProviderFromNetworkId-CS4r9hi7.cjs.map +0 -1
- package/dist/getNetworkProviderFromNetworkId-pknqqhk1.esm.js.map +0 -1
- package/dist/isDynamicWaasEnabled-BXe0VyI4.native.esm.js.map +0 -1
- package/dist/isDynamicWaasEnabled-BYaqAOml.esm.js.map +0 -1
- package/dist/isDynamicWaasEnabled-BwP1oowd.cjs.map +0 -1
- package/dist/isMfaRequiredForAction-Demz9zlH.native.esm.js.map +0 -1
- package/dist/isUserOnboardingComplete-C86NDY7I.cjs.map +0 -1
- package/dist/isUserOnboardingComplete-CBrAH0ZF.esm.js.map +0 -1
- package/dist/isUserOnboardingComplete-Cr-YTpcU.native.esm.js.map +0 -1
- package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts +0 -28
- package/dist/services/instrumentation/instrumentFunction/extractParams/extractParams.d.ts.map +0 -1
- package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts +0 -15
- package/dist/services/instrumentation/instrumentFunction/scrubResolvedValue/scrubResolvedValue.d.ts.map +0 -1
- package/dist/updateAuthFromVerifyResponse-CElYpi97.cjs.map +0 -1
- package/dist/updateAuthFromVerifyResponse-D1w-Aw9P.native.esm.js.map +0 -1
- package/dist/updateAuthFromVerifyResponse-azIi_3FB.esm.js.map +0 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"updateAuthFromVerifyResponse-BQes11vz.esm.js","names":["defaultClient: DynamicClient | null","token","clientErrorMapper: ErrorMapper","errorToThrow: Error","cause: Error | null","settings: ISettings","CHAINS_INFO_MAP: Record<Chain, ChainInfo>","chain","walletAccountsMap: Map<string, WalletAccount>","getCore","newState: Partial<DynamicCoreState>"],"sources":["../package.json","../src/client/core/getCore/getCore.ts","../src/errors/base/BaseError.ts","../src/errors/ClientNotFoundError.ts","../src/client/defaultClient/defaultClient.ts","../src/utils/getNonce/constants.ts","../src/modules/apiClient/constants.ts","../src/utils/randomString/randomString.ts","../src/modules/auth/getElevatedAccessToken/getElevatedAccessToken.ts","../src/errors/ValueMustBeDefinedError.ts","../src/utils/assertDefined/assertDefined.ts","../src/modules/projectSettings/isCookieEnabled/isCookieEnabled.ts","../src/modules/sessionKeys/getSessionKeys/getSessionKeys.ts","../src/errors/APIError/APIError.ts","../src/errors/InvalidExternalAuthError.ts","../src/errors/LinkCredentialError.ts","../src/errors/MfaInvalidOtpError.ts","../src/errors/MfaRateLimitedError.ts","../src/errors/SandboxMaximumThresholdReachedError.ts","../src/modules/apiClient/utils/clientErrorMapper/clientErrorMapper.ts","../src/modules/apiClient/utils/convertToApiErrorMiddleware/convertToApiErrorMiddleware.ts","../src/utils/getNonce/getNonce.ts","../src/modules/deviceRegistration/getDeviceSigner/getDeviceSigner.ts","../src/modules/deviceRegistration/getHeadersForNonceSignedByDeviceSigners/getHeadersForNonceSignedByDeviceSigners.ts","../src/modules/apiClient/utils/deviceSignatureHeadersMiddleware/createDeviceSignatureHeadersMiddleware.ts","../src/errors/UnauthorizedError.ts","../src/modules/apiClient/utils/unauthorizedMiddleware/createUnauthorizedMiddleware.ts","../src/modules/apiClient/createApiClient.ts","../src/utils/getNonce/fetchAndStoreNonces/fetchAndStoreNonces.ts","../src/utils/getSecureCookieAttribute/getSecureCookieAttribute.ts","../src/utils/setCookie/setCookie.ts","../src/modules/clientEvents/clientEvents.ts","../src/errors/InvalidWalletProviderKeyError.ts","../src/modules/wallets/walletProvider/splitWalletProviderKey/splitWalletProviderKey.ts","../src/modules/wallets/utils/normalizeAddress/normalizeAddress.ts","../src/modules/wallets/utils/formatWalletAccountId/formatWalletAccountId.ts","../src/modules/wallets/utils/convertUnverifiedWalletAccountToWalletAccount/convertUnverifiedWalletAccountToWalletAccount.ts","../src/modules/wallets/constants.ts","../src/utils/getChainFromVerifiedCredentialChain/getChainFromVerifiedCredentialChain.ts","../src/modules/wallets/utils/normalizeWalletNameWithChain/normalizeWalletNameWithChain.ts","../src/modules/wallets/utils/formatWalletProviderKey/formatWalletProviderKey.ts","../src/modules/wallets/walletProvider/walletProviderKeyMap/getWalletProviderKeyFromVerifiedCredential/getWalletProviderKeyFromVerifiedCredential.ts","../src/modules/wallets/utils/convertVerifiedCredentialToWalletAccount/convertVerifiedCredentialToWalletAccount.ts","../src/modules/wallets/getWalletAccounts/getWalletAccountsFromState/getWalletAccountsFromState.ts","../src/modules/wallets/getWalletAccounts/getWalletAccounts.ts","../src/errors/NoWalletProviderFoundError.ts","../src/services/runtimeServices/createRuntimeServiceAccessKey/createRuntimeServiceAccessKey.ts","../src/modules/wallets/walletProviderRegistry/createWalletProviderRegistry/createWalletProviderRegistry.ts","../src/modules/wallets/walletProviderRegistry/getWalletProviderRegistry/getWalletProviderRegistry.ts","../src/modules/wallets/walletProviderRegistry/walletProviderRegistry.types.ts","../src/modules/wallets/utils/getWalletProviderFromWalletAccount/getWalletProviderFromWalletAccount.ts","../src/modules/auth/consts.ts","../src/modules/auth/extractSessionId/extractSessionId.ts","../src/utils/getOperatingSystem/getOperatingSystem.ts","../src/utils/getPlatform/getPlatform.ts","../src/utils/getUserAgent/getUserAgent.ts","../src/services/instrumentation/constants.ts","../src/services/instrumentation/scrubParameters/scrubParameters.ts","../src/services/instrumentation/instrumentFunction/instrumentFunction.ts","../src/constants.ts","../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/mfa/isUserMissingMfaAuth/isUserMissingMfaAuth.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/constants.ts","../src/modules/waas/isWaasWalletProvider/isWaasWalletProvider.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/errors/InvalidParamError.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts"],"sourcesContent":["","import type { DynamicClient } from '../../types';\nimport type { DynamicCore } from '../types';\n\n/** @notInstrumented */\nexport const getCore = (client: DynamicClient): DynamicCore => {\n // @ts-expect-error - this was hidden from the public API\n return client.__core;\n};\n","/* eslint-disable custom-rules/function-name-matches-filename */\nimport { version } from '../../../package.json';\n\nexport type BaseErrorParameters = {\n /** The underlying error that caused this error, if any */\n cause: Error | null;\n /** The error unique code */\n code: string;\n /** Additional detailed information about the error */\n details?: string;\n /** URL to relevant documentation for this error */\n docsUrl: string | null;\n /** Array of additional contextual messages to be displayed */\n metaMessages?: string[];\n /** Custom name for the error. Defaults to 'BaseError' if not provided */\n name: string;\n /** A brief, human-readable description of the error */\n shortMessage: string;\n};\n\nconst getDetails = ({ details, cause }: BaseErrorParameters) => {\n if (cause instanceof BaseError) {\n return cause.details;\n }\n\n if (cause?.message) {\n return cause.message;\n }\n\n return details;\n};\n\n/**\n * Formats the error message with all available information\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst formatMessage = ({\n shortMessage,\n details,\n docsUrl,\n metaMessages,\n}: BaseErrorParameters) => {\n return [\n '[Dynamic JS SDK]',\n shortMessage,\n '',\n ...(metaMessages ? [...metaMessages, ''] : []),\n ...(docsUrl ? [`Docs: ${docsUrl}`] : []),\n ...(details ? [`Details: ${details}`] : []),\n `Version: ${version}`,\n `Timestamp: ${new Date().toISOString()}`,\n ].join('\\n');\n};\n\n/**\n * Base error class that provides structured error handling with detailed information\n */\nexport abstract class BaseError extends Error {\n /** The error unique code */\n code: string;\n details: string | undefined;\n private readonly formattedMessage: string | undefined;\n override name = 'BaseError';\n override cause: BaseError | Error | undefined;\n\n constructor(args: BaseErrorParameters) {\n const details = getDetails(args);\n const formattedMessage = formatMessage({ ...args, details });\n super(\n args.shortMessage ?? formattedMessage,\n args.cause ? { cause: args.cause } : undefined\n );\n\n // Defined as non-enumerable so it is excluded from structural error\n // comparisons (e.g. `expect(...).toThrow(new SomeError(...))`); the\n // embedded timestamp would otherwise make every such assertion\n // time-dependent.\n Object.defineProperty(this, 'formattedMessage', {\n configurable: true,\n enumerable: false,\n value: formattedMessage,\n writable: true,\n });\n this.details = details;\n this.name = args.name ?? this.name;\n this.cause = args.cause ?? this.cause;\n this.code = args.code;\n }\n\n /**\n * Walks the cause chain of the error and returns the root error\n */\n walk(): Error | undefined {\n const cause = this.cause;\n\n if (cause instanceof BaseError) {\n return cause.walk();\n }\n\n return cause;\n }\n\n override toString() {\n return this.formattedMessage;\n }\n}\n","import { BaseError } from './base';\n\nexport class ClientNotFoundError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'client_not_found_error',\n docsUrl: null,\n name: 'ClientNotFoundError',\n shortMessage:\n 'No Dynamic client has been created yet. Make sure you have called createDynamicClient() first.',\n });\n }\n}\n","/* eslint-disable custom-rules/function-name-matches-filename */\nimport { ClientNotFoundError } from '../../errors/ClientNotFoundError';\nimport { getCore } from '../core/getCore';\nimport type { DynamicClient } from '../types';\n\nlet defaultClient: DynamicClient | null = null;\nlet numOfInitializedClients = 0;\n\n/**\n * Returns the DynamicClient instance that was initialized with createDynamicClient.\n *\n * If more than one instance of DynamicClient was initialized, you should not use this function.\n * Instead, you should pass the client instance you stored to the function that needs it.\n * @notInstrumented\n */\nexport const getDefaultClient = (): DynamicClient => {\n if (!defaultClient) {\n throw new ClientNotFoundError();\n }\n\n if (numOfInitializedClients > 1) {\n const core = getCore(defaultClient);\n core.logger.debug(\n 'Multiple instances of DynamicClient found. If you are only using one client (recommended), make sure you are not calling ' +\n '\"createDynamicClient\" multiple times. If you are using multiple clients, make sure you are passing which client to use as ' +\n 'the last param of all Dynamic functions.'\n );\n }\n\n return defaultClient;\n};\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const setDefaultClient = (client: DynamicClient) => {\n defaultClient = client;\n numOfInitializedClients++;\n};\n","export const NONCE_POOL_EXPIRATION_TIME = 60000 * 60 * 24;\n\nexport const NONCE_POOL_SIZE = 5;\n","import { dependencies } from '../../../package.json';\n\nexport const DYNAMIC_API_VERSION_HEADER = 'x-dyn-api-version';\n\nexport const DYNAMIC_REQUEST_ID_HEADER = 'x-dyn-request-id';\n\nexport const DYNAMIC_SDK_VERSION_HEADER = 'x-dyn-version';\n\nexport const ELEVATED_ACCESS_TOKEN_HEADER = 'x-dyn-elevated-access-token';\n\nexport const MFA_TOKEN_HEADER = 'x-mfa-auth-token';\n\nexport const SESSION_PUBLIC_KEY_HEADER = 'x-dyn-session-public-key';\n\nexport const DYNAMIC_SDK_API_VERSION =\n dependencies['@dynamic-labs/sdk-api-core'];\n\nexport const DYNAMIC_SDK_SESSION_ID_HEADER = 'x-dyn-session-id';\n\nexport const CLIENT_SDK_NAME = 'ClientSDK';\n","const DEFAULT_CHARS =\n 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n\ntype RandomStringParams = {\n chars?: string;\n length: number;\n};\n\n/** @notInstrumented */\nexport const randomString = ({\n chars = DEFAULT_CHARS,\n length,\n}: RandomStringParams) => {\n const bytes = new Uint8Array(length);\n crypto.getRandomValues(bytes);\n\n let result = '';\n for (let i = 0; i < length; i++) {\n result += chars[bytes[i] % chars.length];\n }\n return result;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\n\ntype GetElevatedAccessTokenParams = {\n /**\n * Whether to consume single-use tokens after retrieval.\n * Set to `false` to check for token existence without side-effects.\n * @default true\n */\n consume?: boolean;\n scope: string;\n};\n\n/**\n * Gets an elevated access token by scope.\n *\n * This function retrieves an elevated access token that contains the specified scope.\n * Expired tokens are automatically filtered out.\n *\n * By default, if the token has `singleUse: true`, it will be automatically\n * consumed (removed from state) after retrieval. Pass `consume: false` to\n * check for token existence without consuming it.\n *\n * @param params - The parameters object.\n * @param params.scope - The scope to match (e.g., 'wallet:export').\n * @param params.consume - Whether to consume single-use tokens (default: true).\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The elevated access token if found and not expired, or undefined if not found or expired.\n *\n * @example\n * ```typescript\n * // Retrieve and consume (default)\n * const token = getElevatedAccessToken({ scope: 'wallet:export' });\n *\n * // Check existence without consuming\n * const token = getElevatedAccessToken({ scope: 'credential:unlink', consume: false });\n * ```\n * @notInstrumented\n */\nexport const getElevatedAccessToken = (\n { consume = true, scope }: GetElevatedAccessTokenParams,\n client = getDefaultClient()\n): string | undefined => {\n const core = getCore(client);\n\n const now = new Date();\n const elevatedAccessTokens = core.state.get().elevatedAccessTokens || [];\n\n // Filter out expired tokens\n const validTokens = elevatedAccessTokens.filter(\n (token) => !token.expiresAt || token.expiresAt > now\n );\n\n // Remove expired tokens from state if any were found\n if (validTokens.length !== elevatedAccessTokens.length) {\n core.state.set({\n elevatedAccessTokens: validTokens,\n });\n }\n\n const token = validTokens.find((token) => token.scopes.includes(scope));\n\n if (!token) {\n return undefined;\n }\n\n // Check if token should be consumed based on singleUse property\n if (consume && token.singleUse) {\n const updatedTokens = validTokens.filter((t) => t !== token);\n core.state.set({\n elevatedAccessTokens: updatedTokens,\n });\n }\n\n return token.token;\n};\n","import { BaseError } from './base';\n\nexport class ValueMustBeDefinedError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(message: string) {\n super({\n cause: null,\n code: 'value_must_be_defined_error',\n docsUrl: null,\n name: 'ValueMustBeDefined',\n shortMessage: message,\n });\n }\n}\n","/* eslint-disable func-style -- javascript requires this to be a function */\n\nimport { ValueMustBeDefinedError } from './../../errors/ValueMustBeDefinedError';\n\n/**\n * Asserts that a value is not null or undefined, throwing an error if it is.\n * This function acts as a type guard, narrowing the type to exclude null and undefined.\n *\n * @template T - The type of the value being checked\n * @param value - The value to check for null or undefined\n * @param message - The error message to throw if the value is null or undefined\n * @throws Throws an error with the provided message if value is null or undefined\n * @example\n * ```typescript\n * const maybeString: string | null = getValue();\n * assertDefined(maybeString, 'String value is required');\n * // maybeString is now typed as string (null is excluded)\n * ```\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport function assertDefined<T>(\n value: T,\n message: string\n): asserts value is Exclude<NonNullable<T>, void> {\n if (value === null || value === undefined) {\n throw new ValueMustBeDefinedError(message);\n }\n}\n","import { AuthStorageEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Returns true if the client is using Dynamic cookies or a BYO JWT cookie.\n * @notInstrumented\n */\nexport const isCookieEnabled = (client: DynamicClient): boolean => {\n assertDefined(client.projectSettings, 'Project settings are not defined');\n\n const securitySettings = client.projectSettings.security;\n\n if (!securitySettings) return false;\n\n // client uses Dynamic cookies\n const dynamicCookiesEnabled = (securitySettings.auth?.storage || []).includes(\n AuthStorageEnum.Cookie\n );\n\n // BYO JWT client puts their non-Dynamic JWT in a cookie\n const byoJwtCookieEnabled = Boolean(\n securitySettings.externalAuth?.cookieName\n );\n\n // should return true for both of these scenarios\n // because we also need to do `credentials: true` in api.ts when\n // a byo jwt client sets their named cookie for their jwt and\n // needs to send it to our backend\n return dynamicCookiesEnabled || byoJwtCookieEnabled;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport type { SessionKeys } from '../sessionKeys.types';\n\n/** @notInstrumented */\nexport const getSessionKeys = (client: DynamicClient): SessionKeys | undefined => {\n const core = getCore(client);\n\n const publicKey = core.state.get().sessionKeys;\n\n if (!publicKey) {\n return undefined;\n }\n\n return { publicKey };\n};\n","import { BaseError } from '../base';\n\nexport class APIError extends BaseError {\n status: number;\n\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(message: string, code: string, status: number) {\n super({\n cause: null,\n code,\n docsUrl: null,\n name: 'APIError',\n shortMessage: message,\n });\n\n this.status = status;\n }\n\n static async fromResponse(response: Response) {\n try {\n const errorBody = await response.clone().json();\n\n if (\n errorBody &&\n 'error' in errorBody &&\n typeof errorBody.error === 'string'\n ) {\n const errorCode =\n 'code' in errorBody && typeof errorBody.code === 'string'\n ? errorBody.code\n : 'unknown_error';\n\n return new APIError(errorBody.error, errorCode, response.status);\n }\n\n return null;\n } catch {\n return null;\n }\n }\n}\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class InvalidExternalAuthError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'invalid_external_auth_error',\n docsUrl:\n 'https://www.dynamic.xyz/docs/external-auth/third-party-auth-overview',\n name: 'InvalidExternalAuthError',\n shortMessage: 'Error authenticating with external JWT',\n });\n }\n}\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class LinkCredentialError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'link_credential_error',\n docsUrl: null,\n name: 'LinkCredentialError',\n shortMessage:\n 'The credential you are trying to link is associated with another account and cannot be reassigned.',\n });\n }\n}\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class MfaInvalidOtpError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'mfa_invalid_otp_error',\n docsUrl: null,\n name: 'MfaInvalidOtpError',\n shortMessage: 'Invalid OTP',\n });\n }\n}\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class MfaRateLimitedError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'mfa_rate_limited_error',\n docsUrl: null,\n name: 'MfaRateLimitedError',\n shortMessage: 'Rate limited',\n });\n }\n}\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class SandboxMaximumThresholdReachedError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'sandbox_maximum_threshold_reached_error',\n docsUrl:\n 'https://www.dynamic.xyz/docs/developer-dashboard/sandbox-vs-live#sandbox-vs-live',\n name: 'SandboxMaximumThresholdReachedError',\n shortMessage:\n 'Your sandbox environment has reached the maximum MAU. Please use a live environment for production traffic.',\n });\n }\n}\n","import { APIError } from '../../../../errors/APIError';\nimport { InvalidExternalAuthError } from '../../../../errors/InvalidExternalAuthError';\nimport { LinkCredentialError } from '../../../../errors/LinkCredentialError';\nimport { MfaInvalidOtpError } from '../../../../errors/MfaInvalidOtpError';\nimport { MfaRateLimitedError } from '../../../../errors/MfaRateLimitedError';\nimport { SandboxMaximumThresholdReachedError } from '../../../../errors/SandboxMaximumThresholdReachedError';\nimport type { ErrorMapper } from '../../apiClient.types';\n\n/**\n * Default error mapper for the client that handles common API error codes.\n *\n * This mapper transforms specific API error codes into more specific error types:\n * - `mfa_invalid_code` → `MfaInvalidOtpError`\n * - `mfa_rate_limited` → `MfaRateLimitedError`\n *\n * @param error - The error to be mapped\n * @returns A transformed error if the error code matches a known pattern, or null if no transformation is needed\n *\n * @example\n * ```typescript\n * // This will be automatically applied to all API errors\n * const apiClient = createApiClient({}, client);\n *\n * // The clientErrorMapper will automatically convert mfa_invalid_code errors\n * // to MfaInvalidOtpError instances\n * ```\n * @notInstrumented\n */\nexport const clientErrorMapper: ErrorMapper = (error) => {\n if (error instanceof APIError) {\n if (error.code === 'mfa_invalid_code') {\n return new MfaInvalidOtpError({ cause: error });\n }\n\n if (error.code === 'mfa_rate_limited') {\n return new MfaRateLimitedError({ cause: error });\n }\n\n if (error.code === 'invalid_external_auth') {\n return new InvalidExternalAuthError({ cause: error });\n }\n\n if (error.code === 'sandbox_maximum_threshold_reached') {\n return new SandboxMaximumThresholdReachedError({ cause: error });\n }\n\n if (\n error.code === 'merge_accounts_invalid' ||\n error.code === 'reassign_wallet_error'\n ) {\n return new LinkCredentialError({ cause: error });\n }\n }\n\n return null;\n};\n","/* eslint-disable custom-rules/function-name-matches-filename */\nimport type { Middleware, ResponseContext } from '@dynamic-labs/sdk-api-core';\n\nimport { APIError } from '../../../../errors/APIError';\nimport type { ErrorMapper } from '../../apiClient.types';\n\ntype CreateConvertToApiErrorMiddlewareOptions = {\n errorMappers?: ErrorMapper[];\n};\n\n/**\n * Creates middleware that converts HTTP error responses to APIError instances\n * and optionally applies custom error mappers to transform them into specific error types.\n *\n * @param options.errorMappers - Array of error mappers to apply to API errors\n * @returns A middleware function that handles error conversion and mapping\n * @notInstrumented\n */\nexport const createConvertToApiErrorMiddleware = ({\n errorMappers = [],\n}: CreateConvertToApiErrorMiddlewareOptions): Middleware => ({\n post: async (context: ResponseContext) => {\n if (context.response.status >= 400) {\n const apiError = await APIError.fromResponse(context.response);\n\n if (apiError) {\n let errorToThrow: Error = apiError;\n\n for (const mapper of errorMappers) {\n const newError = mapper(apiError);\n\n if (newError) {\n errorToThrow = newError;\n break;\n }\n }\n\n throw errorToThrow;\n }\n }\n\n return context.response;\n },\n});\n","import { getCore } from '../../client/core/getCore';\nimport type { DynamicClient } from '../../client/types';\nimport { fetchAndStoreNonces } from './fetchAndStoreNonces/fetchAndStoreNonces';\n\n/**\n * Returns a nonce for wallet ownership verification.\n *\n * Pops the first nonce from the prefetched pool. When the pool is running low\n * (≤1 remaining after pop) a background refetch is triggered. If the pool is\n * empty, nonces are fetched on-demand before returning.\n * @notInstrumented\n */\nexport const getNonce = async (\n client: DynamicClient\n): Promise<string> => {\n const core = getCore(client);\n const pool = core.state.get().prefetchedNonces;\n\n if (pool.length > 0) {\n const [nonce, ...remaining] = pool;\n\n core.state.set({ prefetchedNonces: remaining });\n\n if (remaining.length <= 1) {\n void fetchAndStoreNonces(client);\n }\n\n return nonce;\n }\n\n await fetchAndStoreNonces(client);\n\n return getNonce(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport type { DeviceSigner } from '../../../services/deviceSigner';\n\n/** @notInstrumented */\nexport const getDeviceSigner = async (\n client: DynamicClient\n): Promise<DeviceSigner> => {\n const { deviceSigner, keychain } = getCore(client);\n\n /**\n * If the device signer is available, it should handle the device signing.\n * This is used for mobile devices with secure enclave.\n */\n if (deviceSigner) {\n return deviceSigner;\n }\n\n const keyName = 'device';\n\n const existingPublicKey = await keychain.getPublicKey(keyName);\n\n if (!existingPublicKey) {\n await keychain.generateKey(keyName);\n }\n\n return {\n getPublicKey: () => keychain.getPublicKey(keyName) as Promise<string>,\n sign: (payload: string) => keychain.sign(keyName, payload),\n };\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { getNonce } from '../../../utils/getNonce';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { getDeviceSigner } from '../getDeviceSigner';\n\n/** @notInstrumented */\nexport const getHeadersForNonceSignedByDeviceSigners = async (\n client: DynamicClient\n): Promise<Record<string, string>> => {\n const { projectSettings } = client;\n\n assertDefined(projectSettings, 'Project settings not found');\n\n /**\n * For cookie based environments, the device registration is handled\n * by settings the cookie in the browser.\n * Then we dont need to provide the headers\n */\n if (isCookieEnabled(client)) {\n return {};\n }\n\n const deviceSigner = await getDeviceSigner(client);\n\n const nonce = await getNonce(client);\n\n const signedNonce = await deviceSigner.sign(nonce);\n const publicKey = await deviceSigner.getPublicKey();\n\n return {\n 'x-dynamic-device-nonce': nonce,\n 'x-dynamic-device-publickey': publicKey,\n 'x-dynamic-device-signed-nonce': signedNonce,\n };\n};\n","import type { Middleware } from '@dynamic-labs/sdk-api-core';\nimport { isDeviceNonceSignatureRequiredForUrl } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../../client/types';\nimport { getHeadersForNonceSignedByDeviceSigners } from '../../../deviceRegistration/getHeadersForNonceSignedByDeviceSigners';\nimport { isCookieEnabled } from '../../../projectSettings/isCookieEnabled';\n\n/** @notInstrumented */\nexport const createDeviceSignatureHeadersMiddleware = (\n client: DynamicClient\n): Middleware => {\n return {\n pre: async (context) => {\n /**\n * The signed nonce is not required for cookie based environments.\n */\n if (\n isDeviceNonceSignatureRequiredForUrl(context.url) &&\n !isCookieEnabled(client)\n ) {\n const deviceSignerHeaders = await getHeadersForNonceSignedByDeviceSigners(\n client\n );\n\n return {\n init: {\n ...context.init,\n headers: {\n ...context.init.headers,\n ...deviceSignerHeaders,\n },\n },\n url: context.url,\n };\n }\n\n return;\n },\n };\n};\n","import { BaseError, type BaseErrorParameters } from './base';\n\nexport class UnauthorizedError extends BaseError {\n constructor({ cause }: Pick<BaseErrorParameters, 'cause'>) {\n super({\n cause,\n code: 'unauthorized_error',\n docsUrl: null,\n name: 'UnauthorizedError',\n shortMessage: 'Unauthorized',\n });\n }\n}\n","import type { Middleware, ResponseContext } from '@dynamic-labs/sdk-api-core';\n\nimport { UnauthorizedError } from '../../../../errors/UnauthorizedError';\n\n/** @notInstrumented */\nexport const createUnauthorizedMiddleware = (): Middleware => ({\n post: async (context: ResponseContext) => {\n if (context.response.status === 401) {\n let cause: Error | null = null;\n\n try {\n const errorBody = await context.response.clone().json();\n\n if (\n errorBody &&\n 'error' in errorBody &&\n typeof errorBody.error === 'string'\n ) {\n // eslint-disable-next-line no-restricted-syntax\n cause = new Error(errorBody.error);\n }\n } catch {\n // Response body isn't valid JSON — proceed without a cause\n }\n\n throw new UnauthorizedError({ cause });\n }\n\n return context.response;\n },\n});\n","import { Configuration, SDKApi } from '@dynamic-labs/sdk-api-core';\n\nimport { version } from '../../../package.json';\nimport { getCore } from '../../client/core/getCore';\nimport type { DynamicClient } from '../../client/types';\nimport { randomString } from '../../utils/randomString';\nimport { getElevatedAccessToken } from '../auth/getElevatedAccessToken';\nimport { isCookieEnabled } from '../projectSettings/isCookieEnabled';\nimport { getSessionKeys } from '../sessionKeys/getSessionKeys';\nimport type { CreateApiClientOptions } from './apiClient.types';\nimport {\n CLIENT_SDK_NAME,\n DYNAMIC_API_VERSION_HEADER,\n DYNAMIC_REQUEST_ID_HEADER,\n DYNAMIC_SDK_API_VERSION,\n DYNAMIC_SDK_SESSION_ID_HEADER,\n DYNAMIC_SDK_VERSION_HEADER,\n ELEVATED_ACCESS_TOKEN_HEADER,\n MFA_TOKEN_HEADER,\n SESSION_PUBLIC_KEY_HEADER,\n} from './constants';\nimport { clientErrorMapper } from './utils/clientErrorMapper';\nimport { createConvertToApiErrorMiddleware } from './utils/convertToApiErrorMiddleware/convertToApiErrorMiddleware';\nimport { createDeviceSignatureHeadersMiddleware } from './utils/deviceSignatureHeadersMiddleware';\nimport { createUnauthorizedMiddleware } from './utils/unauthorizedMiddleware/createUnauthorizedMiddleware';\n\ntype ISettings = {\n basePath: string;\n credentials?: 'include';\n headers: {\n Authorization?: string;\n 'Content-Type': string;\n [DYNAMIC_API_VERSION_HEADER]: string;\n [DYNAMIC_REQUEST_ID_HEADER]: string;\n [DYNAMIC_SDK_SESSION_ID_HEADER]: string;\n [DYNAMIC_SDK_VERSION_HEADER]: string;\n [ELEVATED_ACCESS_TOKEN_HEADER]?: string;\n [MFA_TOKEN_HEADER]?: string;\n [SESSION_PUBLIC_KEY_HEADER]?: string;\n };\n};\n\n/**\n * Returns a new instance of the SDK API client.\n *\n * This is not meant for storing, as it is very light we can create it whenever needed.\n * @notInstrumented\n */\nexport const createApiClient = (\n options: CreateApiClientOptions = {},\n client: DynamicClient\n) => {\n const core = getCore(client);\n const coreState = core.state.get();\n\n const settings: ISettings = {\n basePath: core.apiBaseUrl,\n headers: {\n 'Content-Type': 'application/json',\n [DYNAMIC_API_VERSION_HEADER]: `API/${DYNAMIC_SDK_API_VERSION}`,\n [DYNAMIC_REQUEST_ID_HEADER]: randomString({ length: 50 }),\n [DYNAMIC_SDK_SESSION_ID_HEADER]: core.sdkSessionId,\n [DYNAMIC_SDK_VERSION_HEADER]: `${CLIENT_SDK_NAME}/${version}`,\n ...core.getApiHeaders(),\n ...options.headers,\n },\n };\n\n if (core.metadata?.universalLink) {\n (settings.headers as Record<string, string>)['Origin'] =\n core.metadata.universalLink;\n }\n\n if (client.token) {\n settings.headers.Authorization = `Bearer ${client.token}`;\n }\n\n if (client.projectSettings && isCookieEnabled(client)) {\n settings.credentials = 'include';\n }\n\n if (options.includeMfaToken && coreState.mfaToken) {\n settings.headers[MFA_TOKEN_HEADER] = coreState.mfaToken;\n }\n\n if (options.elevatedAccessTokenScope) {\n const elevatedToken = getElevatedAccessToken(\n { scope: options.elevatedAccessTokenScope },\n client\n );\n if (elevatedToken) {\n settings.headers[ELEVATED_ACCESS_TOKEN_HEADER] = elevatedToken;\n }\n }\n\n const sessionPublicKey = getSessionKeys(client)?.publicKey;\n\n // This check is required to avoid overriding the session public key header\n // that is set by any of our other SDKs using the Dynamic Client SDK.\n const isSessionPublicKeyHeaderPresent =\n settings.headers[SESSION_PUBLIC_KEY_HEADER] !== undefined;\n\n if (sessionPublicKey && !isSessionPublicKeyHeaderPresent) {\n settings.headers[SESSION_PUBLIC_KEY_HEADER] = sessionPublicKey;\n }\n\n return new SDKApi(\n new Configuration({\n ...settings,\n fetchApi: core.fetch,\n middleware: [\n createDeviceSignatureHeadersMiddleware(client),\n createConvertToApiErrorMiddleware({\n errorMappers: [...(options.errorMappers || []), clientErrorMapper],\n }),\n createUnauthorizedMiddleware(),\n ],\n })\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { createApiClient } from '../../../modules/apiClient';\nimport { NONCE_POOL_EXPIRATION_TIME, NONCE_POOL_SIZE } from '../constants';\n\n/**\n * Fetches a batch of nonces from the API.\n *\n * Prefetching is critical for iOS deep link wallet providers (e.g. Phantom\n * redirect). On iOS, a network request (like fetching a nonce) between a user\n * action and a deeplink call will break the gesture chain, causing iOS to\n * silently ignore the deeplink. By prefetching nonces ahead of time,\n * `getNonce` can return synchronously from cache and the deeplink fires\n * without an interrupting network round-trip.\n *\n * New nonces are **appended** to the existing pool so that unconsumed entries\n * are not discarded by a background refetch.\n *\n * Concurrent refills are coalesced behind a single in-flight promise so that\n * simultaneous callers share one `GET /nonces` round-trip instead of each\n * issuing their own (which would inflate the pool and hammer the backend).\n * @notInstrumented\n */\nexport const fetchAndStoreNonces = async (\n client: DynamicClient\n): Promise<void> => {\n const core = getCore(client);\n\n // Join an already-running refill rather than starting a second request.\n const inFlight = core.state.get().nonceFetchInFlight;\n if (inFlight) {\n return inFlight;\n }\n\n const { environmentId } = core;\n\n const apiClient = createApiClient({}, client);\n\n const fetchPromise = (async () => {\n const { nonces } = await apiClient.getNonces({\n count: NONCE_POOL_SIZE,\n environmentId,\n });\n\n const existing = core.state.get().prefetchedNonces;\n\n core.state.set({\n prefetchedNonces: [...existing, ...nonces],\n prefetchedNoncesExpiration: Date.now() + NONCE_POOL_EXPIRATION_TIME,\n });\n })().finally(() => {\n // Release the guard once settled (including on rejection) so the next\n // low-pool refill can proceed.\n core.state.set({ nonceFetchInFlight: null });\n });\n\n core.state.set({ nonceFetchInFlight: fetchPromise });\n\n return fetchPromise;\n};\n","/**\n * Returns the cookie `Secure` attribute suffix (`'; Secure'`) when the current\n * document is running in a secure context, or an empty string otherwise.\n *\n * The `Secure` attribute prevents the browser from ever transmitting the cookie\n * over an unencrypted `http://` connection, which mitigates cleartext token\n * capture (CWE-614). It is intentionally omitted on insecure/localhost dev,\n * because browsers reject `Secure` cookies set over `http://` and that would\n * silently break local testing.\n *\n * Used when building the Dynamic auth JWT cookie string so the attribute is\n * applied consistently on both the write (sign-in/refresh) and clear (logout)\n * paths.\n *\n * @notInstrumented\n */\nexport const getSecureCookieAttribute = (): string => {\n const isSecure =\n Boolean(globalThis.window?.isSecureContext) ||\n globalThis.location?.protocol === 'https:';\n\n return isSecure ? '; Secure' : '';\n};\n","/**\n * Sefelly sets the cookie in the browser.\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const setCookie = (cookie: string) => {\n // eslint-disable-next-line no-restricted-globals\n document.cookie = cookie;\n};\n","/* eslint-disable custom-rules/function-name-matches-filename */\nimport { getCore } from '../../client/core/getCore';\nimport { getDefaultClient } from '../../client/defaultClient';\nimport type { DynamicClient } from '../../client/types';\nimport type {\n DynamicEvents,\n EmitEventParams,\n OffEventParams,\n OnEventParams,\n OnceEventParams,\n} from './clientEvents.types';\n\n/**\n * Adds an event listener for Dynamic client events.\n *\n * This function allows you to listen for various events emitted by the Dynamic client,\n * such as authentication state changes, wallet connections, and more.\n *\n * @param params.event - The event name to listen for.\n * @param params.listener - The callback function to execute when the event is fired.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A function that can be called to remove the listener.\n * @notInstrumented\n * @hook Event listeners are error-prone to wire up by hand with useEffect.\n */\nexport const onEvent = <E extends keyof DynamicEvents>(\n { event, listener }: OnEventParams<E>,\n client = getDefaultClient()\n) => {\n const { eventEmitter } = getCore(client);\n\n eventEmitter.on(event, listener);\n\n return () => {\n eventEmitter.off(event, listener);\n };\n};\n\n/**\n * Removes an event listener from Dynamic client events.\n *\n * This function unsubscribes a previously registered event listener\n * from the specified Dynamic client event.\n *\n * @param params.event - The event name to remove the listener from.\n * @param params.listener - The callback function to remove.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const offEvent = <E extends keyof DynamicEvents>(\n { event, listener }: OffEventParams<E>,\n client = getDefaultClient()\n) => {\n const { eventEmitter } = getCore(client);\n\n eventEmitter.off(event, listener);\n};\n\n/**\n * Adds a one-time event listener for Dynamic client events.\n *\n * This function listens for an event that will automatically remove itself\n * after being triggered once.\n *\n * @param params.event - The event name to listen for.\n * @param params.listener - The callback function to execute when the event is fired.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A function that can be called to remove the listener before it fires.\n * @notInstrumented\n * @hook Event listeners are error-prone to wire up by hand with useEffect.\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const onceEvent = <E extends keyof DynamicEvents>(\n { event, listener }: OnceEventParams<E>,\n client = getDefaultClient()\n) => {\n const { eventEmitter } = getCore(client);\n\n eventEmitter.once(event, listener);\n\n return () => {\n eventEmitter.off(event, listener);\n };\n};\n\n/**\n * Emits a Dynamic client event.\n *\n * This function triggers an event that will be received by all registered\n * listeners for the specified event type.\n *\n * @param params.event - The event name to emit.\n * @param params.args - The arguments to pass to event listeners.\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const emitEvent = <E extends keyof DynamicEvents>(\n { event, args }: EmitEventParams<E>,\n client: DynamicClient\n) => {\n const { eventEmitter } = getCore(client);\n\n eventEmitter.emit(event, args);\n};\n","import { BaseError } from './base';\n\nexport class InvalidWalletProviderKeyError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(value: string) {\n super({\n cause: null,\n code: 'invalid_wallet_provider_key',\n docsUrl: null,\n name: 'InvalidWalletProviderKeyError',\n shortMessage: `Invalid wallet provider key: ${value}. Key must be in the format of <normalizedWalletNameWithChain>:<walletProviderType>[:<suffix>]`,\n });\n }\n}\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { InvalidWalletProviderKeyError } from '../../../../errors/InvalidWalletProviderKeyError';\n\ntype SplitWalletProviderKeyResult = {\n normalizedWalletNameWithChain: string;\n suffix: string | undefined;\n walletProviderType: WalletProviderEnum;\n};\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const splitWalletProviderKey = (\n walletProviderKey: string\n): SplitWalletProviderKeyResult => {\n const [normalizedWalletNameWithChain, walletProviderType, suffix, ...rest] =\n walletProviderKey.split(':');\n\n if (\n !normalizedWalletNameWithChain ||\n !Object.values(WalletProviderEnum).includes(\n walletProviderType as WalletProviderEnum\n ) ||\n rest.length > 0\n ) {\n throw new InvalidWalletProviderKeyError(walletProviderKey);\n }\n\n return {\n normalizedWalletNameWithChain,\n suffix,\n walletProviderType: walletProviderType as WalletProviderEnum,\n };\n};\n","import type { Chain } from '../../../chain';\n\nexport type NormalizeAddressOptions = {\n /** The raw address to normalize. */\n address: string;\n\n /** The chain the address belongs to. */\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const normalizeAddress = ({ address, chain }: NormalizeAddressOptions) => {\n let normalizedAddress = address;\n\n if (normalizedAddress?.startsWith('0x')) {\n normalizedAddress = normalizedAddress.slice(2);\n }\n\n /**\n * These are standard from CAIP-2: https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-2.md\n * see also: https://github.com/ChainAgnostic/namespaces\n * note: no standard namespace currently exists for flow\n */\n const chainsThatRequireLowercaseAddress: Chain[] = ['EVM', 'FLOW'];\n\n normalizedAddress = chainsThatRequireLowercaseAddress.includes(chain)\n ? normalizedAddress?.toLowerCase()\n : normalizedAddress;\n\n return normalizedAddress;\n};\n","import type { Chain } from '../../../chain';\nimport { splitWalletProviderKey } from '../../walletProvider/splitWalletProviderKey';\nimport { normalizeAddress } from '../normalizeAddress';\n\ntype CreateWalletAccountIdParams = {\n address: string;\n chain: Chain;\n walletProviderKey: string;\n};\n\n/** @notInstrumented */\nexport const formatWalletAccountId = ({\n address,\n chain,\n walletProviderKey,\n}: CreateWalletAccountIdParams): string => {\n const { normalizedWalletNameWithChain } =\n splitWalletProviderKey(walletProviderKey);\n\n const normalizedAddress = normalizeAddress({ address, chain });\n\n return `${normalizedWalletNameWithChain}:${normalizedAddress}`;\n};\n","import type { UnverifiedWalletAccount } from '../../unverifiedWalletAccounts';\nimport type { WalletAccount } from '../../walletAccount';\nimport { formatWalletAccountId } from '../formatWalletAccountId';\n\ntype ConvertUnverifiedWalletAccountToWalletAccountParams = {\n unverifiedWalletAccount: UnverifiedWalletAccount;\n};\n\n/** @notInstrumented */\nexport const convertUnverifiedWalletAccountToWalletAccount = ({\n unverifiedWalletAccount,\n}: ConvertUnverifiedWalletAccountToWalletAccountParams): WalletAccount => ({\n address: unverifiedWalletAccount.address,\n addressesWithTypes: unverifiedWalletAccount.addressesWithTypes,\n chain: unverifiedWalletAccount.chain,\n id: formatWalletAccountId({\n address: unverifiedWalletAccount.address,\n chain: unverifiedWalletAccount.chain,\n walletProviderKey: unverifiedWalletAccount.walletProviderKey,\n }),\n lastSelectedAt: unverifiedWalletAccount.lastSelectedAt,\n verifiedCredentialId: null,\n walletProviderKey: unverifiedWalletAccount.walletProviderKey,\n});\n","import type { Chain } from '../chain';\n\ntype ChainInfo = {\n apiChainName: string;\n blockchainName: string;\n /**\n * Extra identifiers the wallet book may use to refer to this chain in\n * `injectedConfig[].chain` or embedded in a wallet key, in addition to\n * `apiChainName`. e.g. `bitcoin` uses apiChainName but `btc` is also\n * accepted in wallet book entries.\n */\n legacyWalletBookAliases?: string[];\n verifiedCredentialChainName: string;\n waasChainNameOverride?: string;\n};\n\nexport const CHAINS_INFO_MAP: Record<Chain, ChainInfo> = {\n ALEO: {\n apiChainName: 'aleo',\n blockchainName: 'Aleo',\n verifiedCredentialChainName: 'aleo',\n },\n ALGO: {\n apiChainName: 'algo',\n blockchainName: 'Algorand',\n verifiedCredentialChainName: 'algorand',\n },\n APTOS: {\n apiChainName: 'aptos',\n blockchainName: 'Aptos',\n verifiedCredentialChainName: 'aptos',\n },\n BTC: {\n apiChainName: 'bitcoin',\n blockchainName: 'Bitcoin',\n legacyWalletBookAliases: ['btc'],\n verifiedCredentialChainName: 'bip122',\n },\n COSMOS: {\n apiChainName: 'cosmos',\n blockchainName: 'Cosmos',\n verifiedCredentialChainName: 'cosmos',\n },\n ECLIPSE: {\n apiChainName: 'eclipse',\n blockchainName: 'Eclipse',\n verifiedCredentialChainName: 'eclipse',\n },\n EVM: {\n apiChainName: 'evm',\n // eslint-disable-next-line custom-rules/ban-ethereum-eth-terms\n blockchainName: 'Ethereum',\n verifiedCredentialChainName: 'eip155',\n },\n FLOW: {\n apiChainName: 'flow',\n blockchainName: 'Flow',\n verifiedCredentialChainName: 'flow',\n },\n MIDNIGHT: {\n apiChainName: 'midnight',\n blockchainName: 'Midnight',\n verifiedCredentialChainName: 'midnight',\n },\n SOL: {\n apiChainName: 'solana',\n blockchainName: 'Solana',\n legacyWalletBookAliases: ['sol'],\n verifiedCredentialChainName: 'solana',\n waasChainNameOverride: 'SVM',\n },\n SPARK: {\n apiChainName: 'spark',\n blockchainName: 'Spark',\n verifiedCredentialChainName: 'spark',\n },\n STARK: {\n apiChainName: 'starknet',\n blockchainName: 'Starknet',\n legacyWalletBookAliases: ['stark'],\n verifiedCredentialChainName: 'starknet',\n },\n STELLAR: {\n apiChainName: 'stellar',\n blockchainName: 'Stellar',\n verifiedCredentialChainName: 'stellar',\n },\n SUI: {\n apiChainName: 'sui',\n blockchainName: 'Sui',\n verifiedCredentialChainName: 'sui',\n },\n TEMPO: {\n apiChainName: 'tempo',\n blockchainName: 'Tempo',\n verifiedCredentialChainName: 'tempo',\n },\n TON: {\n apiChainName: 'ton',\n blockchainName: 'TON',\n verifiedCredentialChainName: 'ton',\n },\n TRON: {\n apiChainName: 'tron',\n blockchainName: 'Tron',\n verifiedCredentialChainName: 'tron',\n },\n};\n","import type { Chain } from '../../modules/chain';\nimport { CHAINS_INFO_MAP } from '../../modules/wallets/constants';\nimport { assertDefined } from '../assertDefined';\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getChainFromVerifiedCredentialChain = (\n verifiedCredentialChain: string\n): Chain => {\n const chains = Object.keys(CHAINS_INFO_MAP) as Chain[];\n\n const chain = chains.find(\n (chain) =>\n CHAINS_INFO_MAP[chain].verifiedCredentialChainName ===\n verifiedCredentialChain\n );\n\n assertDefined(chain, `Unknown chain: ${verifiedCredentialChain}`);\n\n return chain;\n};\n","import type { Chain } from '../../../chain';\n\ntype NormalizeWalletNameWithChainParams = {\n chain: Chain;\n displayName: string;\n};\n\n/**\n * Format the raw wallet name and chain to get the value we can use for\n * verified credentials' `walletName` field.\n * @notInstrumented\n */\nexport const normalizeWalletNameWithChain = ({\n displayName,\n chain,\n}: NormalizeWalletNameWithChainParams): string => {\n const sanitizedWalletName = displayName\n .replace(/[^a-zA-Z0-9]/g, '')\n .toLowerCase();\n\n const chainLowered = chain.toLocaleLowerCase();\n\n if (sanitizedWalletName.endsWith(chainLowered)) {\n return sanitizedWalletName;\n }\n\n return `${sanitizedWalletName}${chainLowered}`;\n};\n","import type { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { Chain } from '../../../chain';\nimport { normalizeWalletNameWithChain } from '../normalizeWalletNameWithChain';\n\ntype FormatWalletProviderKeyParams = {\n chain: Chain;\n displayName: string;\n suffix?: string;\n walletProviderType: WalletProviderEnum;\n};\n\n/**\n * Assembles the wallet provider key from the wallet name, chain, and wallet provider type.\n *\n * The suffix is optional and can be used to add a uniquely identifying string to the key, which\n * might be necessary for some wallet providers (like Wallet Connect).\n *\n * IMPORTANT: Do NOT add a suffix unless absolutely necessary, as it will cause the wallet account\n * to not be able to find its wallet provider when connecting to a new device (it won't be possible\n * to determine the full key just from the Verified Credential data).\n * @notInstrumented\n */\nexport const formatWalletProviderKey = ({\n suffix,\n chain,\n displayName,\n walletProviderType,\n}: FormatWalletProviderKeyParams) => {\n const normalizedNameWithChain = normalizeWalletNameWithChain({\n chain,\n displayName,\n });\n\n return `${normalizedNameWithChain}:${walletProviderType}${\n suffix ? `:${suffix}` : ''\n }`;\n};\n","import type { JwtVerifiedCredential } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../../client/types';\nimport { assertDefined } from '../../../../../utils/assertDefined';\nimport { getChainFromVerifiedCredentialChain } from '../../../../../utils/getChainFromVerifiedCredentialChain';\nimport { formatWalletProviderKey } from '../../../utils/formatWalletProviderKey';\n\ntype GetWalletProviderKeyFromVerifiedCredentialParams = {\n verifiedCredential: JwtVerifiedCredential;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderKeyFromVerifiedCredential = (\n { verifiedCredential }: GetWalletProviderKeyFromVerifiedCredentialParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const { walletProviderKeyMap } = core.state.get();\n\n const storedWalletProviderKey = walletProviderKeyMap[verifiedCredential.id];\n\n if (storedWalletProviderKey) {\n return { walletProviderKey: storedWalletProviderKey };\n }\n\n /**\n * We fallback to comprising the wallet provider key from walletName and walletProvider.\n *\n * Some wallet provider types (like Wallet Connect) also use a special suffix for their wallet provider\n * keys, so this won't be enough for them.\n * Therefore, for those specific wallet providers, the wallet account will remain without a wallet provider\n * and will require reconnection.\n * Read walletProvider.types.ts for more info.\n */\n assertDefined(\n verifiedCredential.walletName,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing walletName`\n );\n\n assertDefined(\n verifiedCredential.walletProvider,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing walletProvider`\n );\n\n assertDefined(\n verifiedCredential.chain,\n `Failed to get wallet provider for verified credential with ID ${verifiedCredential.id}: missing chain`\n );\n\n /**\n * Historically, walletNames did not include the chain name as a suffix.\n * This piece of logic simply ensures we normalize any legacy walletNames to conform.\n */\n const chain = getChainFromVerifiedCredentialChain(verifiedCredential.chain);\n\n const walletProviderKey = formatWalletProviderKey({\n chain,\n displayName: verifiedCredential.walletName,\n walletProviderType: verifiedCredential.walletProvider,\n });\n\n return { walletProviderKey };\n};\n","import type { JwtVerifiedCredential } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../../client/types';\nimport { assertDefined } from '../../../../utils/assertDefined';\nimport { getChainFromVerifiedCredentialChain } from '../../../../utils/getChainFromVerifiedCredentialChain';\nimport type { HardwareWalletVendor } from '../../hardwareWallet/hardwareWallet.types';\nimport type { WalletAccount } from '../../walletAccount';\nimport { getWalletProviderKeyFromVerifiedCredential } from '../../walletProvider/walletProviderKeyMap/getWalletProviderKeyFromVerifiedCredential';\nimport { formatWalletAccountId } from '../formatWalletAccountId';\n\ntype ConvertVerifiedCredentialToWalletAccountParams = {\n verifiedCredential: JwtVerifiedCredential;\n};\n\n/** @notInstrumented */\nexport const convertVerifiedCredentialToWalletAccount = (\n { verifiedCredential }: ConvertVerifiedCredentialToWalletAccountParams,\n client: DynamicClient\n): WalletAccount => {\n assertDefined(\n verifiedCredential.address,\n 'Missing address in verified credential'\n );\n assertDefined(\n verifiedCredential.chain,\n 'Missing chain in verified credential'\n );\n\n const chain = getChainFromVerifiedCredentialChain(verifiedCredential.chain);\n\n const { walletProviderKey } = getWalletProviderKeyFromVerifiedCredential(\n {\n verifiedCredential,\n },\n client\n );\n\n const walletAccountId = formatWalletAccountId({\n address: verifiedCredential.address,\n chain,\n walletProviderKey,\n });\n\n return {\n address: verifiedCredential.address,\n addressesWithTypes: verifiedCredential.walletAdditionalAddresses,\n chain,\n hardwareWalletVendor: verifiedCredential.walletProperties?.hardwareWallet as\n | HardwareWalletVendor\n | undefined,\n id: walletAccountId,\n lastSelectedAt: verifiedCredential.lastSelectedAt ?? null,\n verifiedCredentialId: verifiedCredential.id,\n walletProviderKey,\n };\n};\n","import type { SdkUser } from '@dynamic-labs/sdk-api-core';\nimport { JwtVerifiedCredentialFormatEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport type { UnverifiedWalletAccount } from '../../unverifiedWalletAccounts';\nimport { convertUnverifiedWalletAccountToWalletAccount } from '../../utils/convertUnverifiedWalletAccountToWalletAccount';\nimport { convertVerifiedCredentialToWalletAccount } from '../../utils/convertVerifiedCredentialToWalletAccount';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetWalletAccountsFromStateParams = {\n unverifiedWalletAccounts: UnverifiedWalletAccount[];\n user: SdkUser | null;\n};\n\n/** @notInstrumented */\nexport const getWalletAccountsFromState = (\n { unverifiedWalletAccounts, user }: GetWalletAccountsFromStateParams,\n client: DynamicClient\n): WalletAccount[] => {\n const walletAccountsMap: Map<string, WalletAccount> = new Map();\n\n /**\n * Handle the unverified wallet accounts before the user verified credentials\n * so the later verified wallet accounts can override the unverified wallet accounts\n */\n unverifiedWalletAccounts.forEach((unverifiedWalletAccount) => {\n const walletAccount = convertUnverifiedWalletAccountToWalletAccount({\n unverifiedWalletAccount,\n });\n\n walletAccountsMap.set(walletAccount.id, walletAccount);\n });\n\n /**\n * Handle user verified credentials\n */\n const verifiedCredentials = user?.verifiedCredentials ?? [];\n\n verifiedCredentials\n .filter(\n (verified) =>\n verified.format === JwtVerifiedCredentialFormatEnum.Blockchain\n )\n .forEach((verifiedWalletAccount) => {\n try {\n const walletAccount = convertVerifiedCredentialToWalletAccount(\n {\n verifiedCredential: verifiedWalletAccount,\n },\n client\n );\n\n walletAccountsMap.set(walletAccount.id, walletAccount);\n } catch (error) {\n /**\n * A verified credential can be missing the data required to resolve its\n * wallet provider (e.g. a legacy credential without a walletName). Skip\n * it instead of throwing so a single unconvertible credential does not\n * abort the whole mapping — which, during client initialization, would\n * otherwise fail init and leave the app stuck loading. The wallet stays\n * absent until the user reconnects it.\n */\n getCore(client).logger.debug(\n `Skipping verified credential ${verifiedWalletAccount.id}: unable to convert to wallet account`,\n error\n );\n }\n });\n\n return Array.from(walletAccountsMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport type { WalletAccount } from '../walletAccount';\nimport { getWalletAccountsFromState } from './getWalletAccountsFromState';\n\n/**\n * Retrieves all wallet accounts associated with the current session.\n *\n * This function returns both verified and unverified wallet accounts,\n * combining data from user credentials and local unverified accounts.\n * You can differentiate between verified and unverified wallet accounts by\n * checking the `verifiedCredentialId` property.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns An array of wallet accounts associated with the session.\n * @notInstrumented\n * @hook Exposed as a hook so consumers get the reactive list of wallet accounts.\n */\nexport const getWalletAccounts = (\n client = getDefaultClient()\n): WalletAccount[] => {\n const core = getCore(client);\n const { unverifiedWalletAccounts, user } = core.state.get();\n\n return getWalletAccountsFromState({ unverifiedWalletAccounts, user }, client);\n};\n","import { BaseError } from './base';\n\ntype NoWalletProviderFoundErrorParams = {\n walletProviderKey: string;\n};\n\nexport class NoWalletProviderFoundError extends BaseError {\n constructor({ walletProviderKey }: NoWalletProviderFoundErrorParams) {\n super({\n cause: null,\n code: 'no_wallet_provider_found_error',\n docsUrl: null,\n name: 'NoWalletProviderFoundError',\n shortMessage: `No wallet provider found with key: ${walletProviderKey}`,\n });\n }\n}\n","import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { getCore } from '../../../client/core/getCore';\n\n/**\n * Creates a service accessor function that manages service instantiation and caching.\n * The returned function will either retrieve an existing service from the registry or\n * create a new one using the provided builder function.\n *\n * @template - The type of service to be created/accessed\n * @param key - Unique identifier for the service in the registry\n * @param builder - Function that creates the service instance when called with a DynamicClient\n * @notInstrumented\n */\nexport const createRuntimeServiceAccessKey =\n // eslint-disable-next-line custom-rules/require-single-object-param\n <T>(key: string, builder: (client: DynamicClient) => T) =>\n (client: DynamicClient): T => {\n const { runtimeServices } = getCore(client);\n\n const currentService = runtimeServices.getByKey<T>(key);\n\n if (currentService) {\n return currentService;\n }\n\n const service = builder(client);\n\n runtimeServices.register(key, service);\n\n return service;\n };\n","import type { DynamicClient } from '../../../../client/types';\nimport { emitEvent } from '../../../clientEvents';\nimport type { WalletProvider } from '../../walletProvider/walletProvider.types';\nimport type { WalletProviderRegistry } from '../walletProviderRegistry.types';\n\n/**\n * Creates a new wallet provider registry that manages wallet providers with priority-based registration.\n *\n * @returns The wallet provider registry instance\n *\n * @example\n * ```typescript\n * const registry = createWalletProviderRegistry();\n *\n * registry.register({\n * priority: WalletProviderPriority.WALLET_SDK,\n * walletProvider: myWalletProvider\n * });\n *\n * const provider = registry.getByKey('my-wallet-key');\n * const providers = registry.listProviders();\n * ```\n * @notInstrumented\n */\nexport const createWalletProviderRegistry = (\n client: DynamicClient\n): WalletProviderRegistry => {\n const registry = new Map<\n string,\n { priority: number; walletProvider: WalletProvider }\n >();\n\n return {\n getByKey: (key) => registry.get(key)?.walletProvider,\n listProviderEntries: () => Array.from(registry.values()),\n listProviders: () =>\n Array.from(registry.values()).map((v) => v.walletProvider),\n register: (args) => {\n const existingEntry = registry.get(args.walletProvider.key);\n\n if (existingEntry) {\n if (existingEntry.priority < args.priority) {\n registry.set(args.walletProvider.key, args);\n\n emitEvent(\n {\n args: { walletProviderKey: args.walletProvider.key },\n event: 'walletProviderChanged',\n },\n client\n );\n }\n } else {\n registry.set(args.walletProvider.key, args);\n\n emitEvent(\n {\n args: { walletProvider: args.walletProvider },\n event: 'walletProviderRegistered',\n },\n client\n );\n\n emitEvent(\n {\n args: { walletProviderKey: args.walletProvider.key },\n event: 'walletProviderChanged',\n },\n client\n );\n }\n },\n unregister: (key) => {\n registry.delete(key);\n\n emitEvent(\n {\n args: { walletProviderKey: key },\n event: 'walletProviderUnregistered',\n },\n client\n );\n },\n };\n};\n","import { createRuntimeServiceAccessKey } from '../../../../services/runtimeServices';\nimport { createWalletProviderRegistry } from '../createWalletProviderRegistry';\n\n/**\n * This function provides access to a shared instance of the wallet provider registry.\n *\n * It ensures that the same registry instance is used throughout the client to maintaining\n * consistency of registered wallet providers across different parts of the codebase.\n *\n * @returns The wallet provider registry instance\n *\n * @example\n * ```typescript\n * // Get the registry instance\n * const registry = getWalletProviderRegistry();\n *\n * // Register a wallet provider\n * registry.register({\n * priority: WalletProviderPriority.WALLET_SDK,\n * walletProvider: myWalletProvider\n * });\n *\n * // Retrieve a specific provider\n * const provider = registry.getByKey('metamaskevm');\n * ```\n */\nexport const getWalletProviderRegistry = createRuntimeServiceAccessKey(\n 'walletProviderRegistry',\n (client) => createWalletProviderRegistry(client)\n);\n","import type { WalletProvider } from '../walletProvider/walletProvider.types';\n\n/**\n * A single entry in the wallet provider registry — the registered\n * `WalletProvider` together with the priority it was registered at. Returned\n * by `WalletProviderRegistry.listProviderEntries` for callers that need to\n * reason about *how* a provider was registered (e.g. classifying the source\n * of an injected provider).\n */\nexport type WalletProviderRegistryEntry = {\n priority: number;\n walletProvider: WalletProvider;\n};\n\n// eslint-disable-next-line custom-rules/no-enums\nexport enum WalletProviderPriority {\n /**\n * Highest priority should be used by wallet providers that implement\n * the most reliable wallet integration.\n * example: The SDK provided by the wallet provider.\n */\n WALLET_SDK = 100,\n /**\n * Medium priority should be used by wallet providers that implement\n * a wallet integration via some reliable standard.\n * example: A wallet provider that uses EIP6963 announcement.\n */\n WALLET_SELF_ANNOUNCEMENT_STANDARD = 50,\n /**\n * Low priority should be used by wallet providers that implement\n * a wallet integration on a less reliable standard.\n * example: A wallet provider that uses window.ethereum, where the\n * window key can be overridden by other extensions.\n */\n WINDOW_INJECT = 20,\n}\n\nexport type WalletProviderRegistry = {\n /**\n * Retrieves a wallet provider by its key.\n * @param key - The key of the wallet provider.\n * @returns The wallet provider.\n */\n getByKey: (key: string) => WalletProvider | undefined;\n /**\n * Retrieves all registry entries — each entry pairs a wallet provider with\n * the priority it was registered at. Useful for callers that need to know\n * *how* a provider was registered (e.g. classifying the source of an\n * injected provider for the wallet options catalogue).\n * @returns The registry entries.\n */\n listProviderEntries: () => WalletProviderRegistryEntry[];\n /**\n * Retrieves all wallet providers.\n * @returns The wallet providers.\n */\n listProviders: () => WalletProvider[];\n /**\n * Registers a wallet provider.\n * @param args - The arguments for the wallet provider.\n */\n register: (args: {\n priority: WalletProviderPriority;\n walletProvider: WalletProvider;\n }) => void;\n /**\n * Unregisters a wallet provider.\n * @param key - The key of the wallet provider.\n */\n unregister: (key: string) => void;\n};\n","import type { DynamicClient } from '../../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../../errors/NoWalletProviderFoundError';\nimport type { WalletAccount } from '../../walletAccount';\nimport { getWalletProviderRegistry } from '../../walletProviderRegistry';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n const walletProvider = walletProviderRegistry.getByKey(\n walletAccount.walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({\n walletProviderKey: walletAccount.walletProviderKey,\n });\n }\n\n return walletProvider;\n};\n","export const DYNAMIC_AUTH_COOKIE_NAME = 'DYNAMIC_JWT_TOKEN';\n","/**\n * Extracts the session ID (`sid` claim) from a JWT token string.\n *\n * Decodes the base64url-encoded payload segment of the token and reads the\n * `sid` field. This is used to correlate instrumentation events with the\n * authenticated session, without ever forwarding the full token.\n *\n * Returns `null` when no token is present, when the token is malformed, or\n * when the payload does not contain a `sid` claim.\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const extractSessionId = (token: string): string | null => {\n try {\n const payload = token.split('.')[1];\n const decoded = JSON.parse(atob(payload));\n\n return decoded.sid ?? null;\n } catch {\n return null;\n }\n};\n","import type { SdkOperatingSystem } from './getOperatingSystem.types';\n\n/**\n * Detects the operating system from `navigator.userAgent` for web environments.\n *\n * The React Native bundler (Metro) resolves `getOperatingSystem.native.ts`\n * instead when building for React Native, which uses `Platform.OS` directly.\n *\n * Falls back to `'unknown'` when `navigator` is unavailable (SSR, service\n * workers) or when the user-agent string doesn't match a known OS pattern.\n * @notInstrumented\n */\nexport const getOperatingSystem = (): SdkOperatingSystem => {\n try {\n // eslint-disable-next-line no-restricted-globals\n const ua = navigator.userAgent;\n\n if (/iPhone|iPad|iPod/.test(ua)) return 'ios';\n if (/Android/.test(ua)) return 'android';\n if (/Windows/.test(ua)) return 'windows';\n if (/Macintosh|Mac OS X/.test(ua)) return 'macos';\n if (/Linux/.test(ua)) return 'linux';\n\n return 'unknown';\n } catch {\n return 'unknown';\n }\n};\n","import type { SdkPlatform } from './getPlatform.types';\n\n/**\n * Returns the platform the SDK is running on.\n *\n * This is the web implementation — the React Native bundler resolves\n * `getPlatform.native.ts` instead when building for React Native, which\n * returns `'react-native'`.\n * @notInstrumented\n */\nexport const getPlatform = (): SdkPlatform => 'web';\n","/**\n * Returns the browser's `navigator.userAgent` string for inclusion in\n * instrumentation events.\n *\n * Falls back to an empty string in environments where `navigator` is not\n * available (e.g., Node.js SSR, service workers) so that callers never need\n * to guard against undefined.\n * @notInstrumented\n */\nexport const getUserAgent = (): string => {\n try {\n // eslint-disable-next-line no-restricted-globals\n return navigator.userAgent;\n } catch {\n return '';\n }\n};\n","/**\n * Default key-based PII scrubber list, lowercased and matched against the\n * lowercased object key.\n *\n * Two complementary mechanisms cover credential leakage:\n *\n * 1. Explicit keys listed here — matched exactly (case-insensitive). Use this\n * for keys that don't end in a generic credential suffix (e.g. `mnemonic`,\n * `seed`, `verificationCode`, `keyShare`).\n * 2. Suffix matching in {@link scrubParameters} for the credential suffixes\n * enumerated by {@link PII_KEY_SUFFIXES} — catches any field whose name\n * ends in `token` or `jwt` (e.g. `mfaToken`, `minifiedJwt`, `accessToken`,\n * `idToken`, `captchaToken`, …) without needing to enumerate them here.\n */\nexport const DEFAULT_PII_FIELDS = [\n 'password',\n 'token',\n 'secret',\n 'privateKey',\n 'privateJwk',\n 'mnemonic',\n 'seed',\n 'keyShare',\n 'keyShares',\n 'email',\n 'phone',\n 'ssn',\n 'address',\n 'authorization',\n 'verificationCode',\n 'recoveryCodes',\n 'codeVerifier',\n 'pkce',\n 'bearer',\n 'apiKey',\n // Credential identifier fields: for email/phone credentials these hold the\n // raw email or phone number (e.g. `verifiedCredentials[].publicIdentifier`,\n // `checkStepUpAuth` `credentials[].alias`), so the `email`/`phone` keys alone\n // do not cover them.\n 'alias',\n 'publicIdentifier',\n];\n\n/**\n * Lowercased suffixes used by {@link scrubParameters} to match credential-like\n * keys without enumerating every variant (e.g. `mfaToken`, `accessToken`,\n * `refreshToken`, `legacyToken`, `minifiedJwt`). Only suffixes that are\n * unambiguously credentials belong here — `key` (matches `publicKey`) and\n * `code` (matches `countryCode`) are too broad and must not be added.\n */\nexport const PII_KEY_SUFFIXES = ['token', 'jwt'];\n\nexport const REDACTED_VALUE = '[REDACTED]';\n\nexport const MAX_STRING_LENGTH = 500;\n\nexport const TRUNCATED_SUFFIX = '...[truncated]';\n\n/**\n * Label prefix for binary data placeholders. The full placeholder includes the\n * byte length, e.g. `[Binary:16 bytes]`, so consumers can gauge data size\n * without the actual bytes appearing in logs.\n */\nexport const BINARY_LABEL = 'Binary';\n\n/**\n * Placeholder emitted when a circular reference is detected in the value tree.\n * Using a named constant makes it easy to search for or filter in downstream\n * log tooling.\n */\nexport const CIRCULAR_VALUE = '[Circular]';\n","import {\n BINARY_LABEL,\n CIRCULAR_VALUE,\n MAX_STRING_LENGTH,\n PII_KEY_SUFFIXES,\n REDACTED_VALUE,\n TRUNCATED_SUFFIX,\n} from '../constants';\n\ntype ScrubContext = {\n piiFieldsLower: string[];\n redactAll?: boolean;\n visited: WeakSet<object>;\n};\n\ntype KeyMatchesPiiFieldParams = {\n keyLower: string;\n piiFieldsLower: string[];\n};\n\n/**\n * Returns true when `key` should be redacted based on the configured PII\n * field list. A key matches when its lowercased form either equals one of\n * `piiFieldsLower` exactly, or ends in one of the curated credential\n * suffixes in {@link PII_KEY_SUFFIXES} (currently `token` and `jwt`). The\n * suffix check is what catches `mfaToken`, `minifiedJwt`, `accessToken`,\n * etc. without needing every variant enumerated explicitly.\n */\nconst keyMatchesPiiField = ({\n keyLower,\n piiFieldsLower,\n}: KeyMatchesPiiFieldParams): boolean => {\n if (piiFieldsLower.includes(keyLower)) {\n return true;\n }\n\n return PII_KEY_SUFFIXES.some((suffix) => keyLower.endsWith(suffix));\n};\n\ntype ScrubParametersParams = {\n piiFields: string[];\n redactAll?: boolean;\n value: Record<string, unknown>;\n};\n\ntype ScrubStringParams = {\n key: string;\n piiFieldsLower: string[];\n redactAll?: boolean;\n value: string;\n};\n\ntype ScrubArrayParams = {\n context: ScrubContext;\n value: unknown[];\n};\n\ntype ScrubObjectParams = {\n context: ScrubContext;\n value: Record<string, unknown>;\n};\n\ntype ScrubValueParams = {\n context: ScrubContext;\n key: string;\n value: unknown;\n};\n\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst scrubString = ({\n key,\n piiFieldsLower,\n redactAll,\n value,\n}: ScrubStringParams): string => {\n if (keyMatchesPiiField({ keyLower: key.toLowerCase(), piiFieldsLower })) {\n return REDACTED_VALUE;\n }\n\n if (redactAll) {\n return REDACTED_VALUE;\n }\n\n if (value.length > MAX_STRING_LENGTH) {\n return value.slice(0, MAX_STRING_LENGTH) + TRUNCATED_SUFFIX;\n }\n\n return value;\n};\n\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst scrubArray = ({ context, value }: ScrubArrayParams): unknown[] => {\n if (context.visited.has(value)) {\n return [CIRCULAR_VALUE];\n }\n\n context.visited.add(value);\n\n const result = value.map((item, index) =>\n scrubValue({ context, key: String(index), value: item })\n );\n\n context.visited.delete(value);\n\n return result;\n};\n\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst scrubObject = ({\n context,\n value,\n}: ScrubObjectParams): Record<string, unknown> => {\n if (context.visited.has(value)) {\n return { [CIRCULAR_VALUE]: true };\n }\n\n context.visited.add(value);\n\n // Object.create(null) prevents prototype pollution when keys like '__proto__'\n // are present (e.g. from a Map converted to a plain object).\n const result = Object.create(null) as Record<string, unknown>;\n\n for (const key of Object.keys(value)) {\n result[key] = scrubValue({ context, key, value: value[key] });\n }\n\n context.visited.delete(value);\n\n return result;\n};\n\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst scrubValue = ({ context, key, value }: ScrubValueParams): unknown => {\n if (value === null || value === undefined) {\n return value;\n }\n\n if (value instanceof Uint8Array) {\n return `[${BINARY_LABEL}:${value.byteLength} bytes]`;\n }\n\n if (\n keyMatchesPiiField({\n keyLower: key.toLowerCase(),\n piiFieldsLower: context.piiFieldsLower,\n })\n ) {\n return REDACTED_VALUE;\n }\n\n if (typeof value === 'string') {\n return scrubString({\n key,\n piiFieldsLower: context.piiFieldsLower,\n redactAll: context.redactAll,\n value,\n });\n }\n\n if (Array.isArray(value)) {\n return scrubArray({ context, value });\n }\n\n if (value instanceof Set) {\n if (context.visited.has(value)) {\n return [CIRCULAR_VALUE];\n }\n\n context.visited.add(value);\n const setResult = scrubArray({ context, value: [...value] });\n context.visited.delete(value);\n\n return setResult;\n }\n\n if (value instanceof Map) {\n if (context.visited.has(value)) {\n return { [CIRCULAR_VALUE]: true };\n }\n\n context.visited.add(value);\n // Object.create(null) avoids prototype pollution when Map keys include\n // '__proto__', 'constructor', or 'prototype'\n const asObject = Object.create(null) as Record<string, unknown>;\n\n for (const [k, v] of value.entries()) {\n asObject[String(k)] = v;\n }\n\n const mapResult = scrubObject({ context, value: asObject });\n context.visited.delete(value);\n\n return mapResult;\n }\n\n // WeakMap and WeakSet are not iterable and expose no `.size` or enumeration\n // methods by design — their entries are held weakly and are not accessible\n // programmatically. We emit a tagged placeholder that identifies the type so\n // the log record remains self-describing without attempting enumeration.\n if (value instanceof WeakMap) {\n return '[WeakMap]';\n }\n\n if (value instanceof WeakSet) {\n return '[WeakSet]';\n }\n\n if (value instanceof Date) {\n return value.toISOString();\n }\n\n if (value instanceof Error) {\n return `[Error: ${value.message}]`;\n }\n\n if (typeof value === 'object') {\n return scrubObject({ context, value: value as Record<string, unknown> });\n }\n\n return value;\n};\n\n/** @notInstrumented */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const scrubParameters = ({\n piiFields,\n redactAll,\n value,\n}: ScrubParametersParams): Record<string, unknown> => {\n const context: ScrubContext = {\n piiFieldsLower: piiFields.map((field) => field.toLowerCase()),\n redactAll,\n visited: new WeakSet<object>(),\n };\n\n return scrubObject({ context, value });\n};\n","import type { DynamicCore } from '../../../client/core/types/DynamicCore';\nimport { BaseError } from '../../../errors/base/BaseError';\nimport { extractSessionId } from '../../../modules/auth/extractSessionId/extractSessionId';\nimport { getOperatingSystem } from '../../../utils/getOperatingSystem/getOperatingSystem';\nimport { getPlatform } from '../../../utils/getPlatform/getPlatform';\nimport { getUserAgent } from '../../../utils/getUserAgent/getUserAgent';\nimport type { Logger } from '../../logger/logger.types';\nimport type {\n FunctionInstrumentationEvent,\n InstrumentationContext,\n InstrumentationPayloadSelectors,\n SafePayload,\n} from '../instrumentation.types';\nimport { scrubParameters } from '../scrubParameters';\n\n// Only the error's class name and (for BaseError) its stable code are logged.\n// The message and stack are deliberately omitted: thrown messages routinely\n// interpolate argument values, identifiers, and filesystem paths, and in V8\n// the stack string embeds that same message as its first line — so forwarding\n// the stack would re-introduce the exact leak this model exists to prevent.\nconst toErrorFields = (\n error: unknown\n): Pick<FunctionInstrumentationEvent, 'errorCode' | 'errorName'> => {\n if (error instanceof BaseError) {\n return { errorCode: error.code, errorName: error.name };\n }\n\n if (error instanceof Error) {\n return { errorName: error.name };\n }\n\n return { errorName: 'UnknownError' };\n};\n\n// Stable envelope fields for a single invocation. None derive from the call's\n// arguments or return value, so the context is always safe to forward.\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst buildContext = (\n core: DynamicCore\n): Omit<InstrumentationContext, 'status' | 'timestamp'> => {\n const state = core.state.get();\n\n return {\n environmentId: core.environmentId,\n operatingSystem: getOperatingSystem(),\n platform: getPlatform(),\n registeredExtensionKeys: Array.from(core.extensions),\n sdkSessionId: core.sdkSessionId,\n sdkVersion: core.version,\n tokenSessionId: state.token ? extractSessionId(state.token) : null,\n userAgent: getUserAgent(),\n userId: state.user?.id ?? null,\n };\n};\n\n/**\n * Runs an explicit payload selector and scrubs its output. Returns `undefined`\n * when there is no selector. Selector (and scrub) errors are swallowed so a\n * faulty selector can never break the wrapped function or fabricate a\n * 'rejected' event — instrumentation stays purely observational. The swallowed\n * error is surfaced on the `debug` logger so internal devs can still spot a\n * broken selector without it ever reaching a transport.\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nconst safeSelect = <T>({\n functionName,\n logger,\n piiFields,\n selector,\n value,\n}: {\n functionName: string;\n logger: Logger;\n piiFields: string[];\n selector: ((value: T) => SafePayload) | undefined;\n value: T;\n}): SafePayload | undefined => {\n if (!selector) {\n return undefined;\n }\n\n try {\n return scrubParameters({ piiFields, value: selector(value) }) as SafePayload;\n } catch (error) {\n logger.debug(\n `[instrumentFunction] payload selector for \"${functionName}\" threw; emitting event without payload`,\n error\n );\n\n return undefined;\n }\n};\n\ntype InstrumentFunctionParams<Args extends unknown[], Result> = {\n /** The original function to wrap. */\n fn: (...args: Args) => Result;\n /** Human-readable name recorded in every emitted event. */\n functionName: string;\n /**\n * Returns the current `DynamicCore` instance, or `undefined` when the SDK\n * has not yet been initialised. Instrumentation is skipped when this returns\n * `undefined` or when `core.instrumentation.config.enabled` is `false`.\n */\n getCore: () => DynamicCore | undefined;\n /**\n * Optional explicit payload selectors. When provided, their returned\n * {@link SafePayload} is attached to the corresponding event. When omitted,\n * events carry only the safe envelope.\n */\n selectors?: InstrumentationPayloadSelectors<Args, Result>;\n};\n\n/**\n * Wraps a function so that each invocation emits a structured\n * `FunctionInstrumentationEvent` at three lifecycle points:\n *\n * - **started** — immediately before the function body executes.\n * - **resolved** — after the function (or its returned Promise) settles\n * successfully, with the call duration.\n * - **rejected** — if the function throws synchronously or its returned\n * Promise rejects, with the duration and the error's class name/code.\n *\n * Events carry only the safe envelope (function name, phase, timing, error\n * class, SDK/runtime metadata, identifiers). **Raw arguments and return values\n * are never captured.** A function that needs additional fields supplies\n * `selectors` that build an explicit, primitive-only {@link SafePayload} — the\n * only path from arguments/return value into a log.\n *\n * The original return value (or thrown error) is always forwarded to the\n * caller unchanged — instrumentation is purely observational, and a throwing\n * selector cannot change that.\n *\n * ## Providing selectors\n *\n * A function opts into a payload by supplying selectors that map its arguments\n * (`started`) and/or its awaited return value (`resolved`) to a primitive-only\n * {@link SafePayload}. Pick individual known-safe fields — never spread a whole\n * object, which is exactly what the model prevents.\n *\n * ```ts\n * const transfer = instrumentFunction({\n * fn: rawTransfer,\n * functionName: 'transfer',\n * getCore: () => core,\n * selectors: {\n * // `args` is the argument tuple the wrapped function was called with.\n * started: ([{ chainId, amount }]) => ({ amount, chainId }),\n * // `result` is the awaited return value (never the Promise).\n * resolved: ({ txHash }) => ({ txHash }),\n * },\n * });\n * ```\n *\n * A selector that throws (or whose output fails scrubbing) is swallowed: the\n * event is still emitted without a payload, and the error is logged at `debug`.\n *\n * ## How functions are wrapped\n *\n * `instrumentFunction` is not called manually in application code. The esbuild\n * instrumentation plugin (`tools/instrumentation-plugin`) injects it at build\n * time for any exported function annotated with `@instrumented` in its JSDoc.\n *\n * ## Opting out\n *\n * Instrumentation is skipped entirely when `getCore()` returns `undefined`\n * (SDK not initialised) or when `core.instrumentation.config.enabled` is\n * `false`; in both cases the original function is called directly.\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/one-function-per-file\nexport const instrumentFunction = <Args extends unknown[], Result>({\n fn,\n functionName,\n getCore,\n selectors,\n}: InstrumentFunctionParams<Args, Result>): ((...args: Args) => Result) => {\n const wrapped = (...args: Args): Result => {\n const core = getCore();\n\n if (!core?.instrumentation.config.enabled) {\n return fn(...args);\n }\n\n const { instrumentation, logger } = core;\n const { piiFields } = instrumentation.config;\n const base = { ...buildContext(core), functionName };\n const startedAt = Date.now();\n\n instrumentation.logFunction({\n ...base,\n payload: safeSelect({\n functionName,\n logger,\n piiFields,\n selector: selectors?.started,\n value: args,\n }),\n phase: 'started',\n status: 'info',\n timestamp: new Date().toISOString(),\n });\n\n const emitResolved = (value: Awaited<Result>): void => {\n instrumentation.logFunction({\n ...base,\n durationMs: Date.now() - startedAt,\n payload: safeSelect({\n functionName,\n logger,\n piiFields,\n selector: selectors?.resolved,\n value,\n }),\n phase: 'resolved',\n status: 'info',\n timestamp: new Date().toISOString(),\n });\n };\n\n const emitRejected = (error: unknown): void => {\n instrumentation.logFunction({\n ...base,\n ...toErrorFields(error),\n durationMs: Date.now() - startedAt,\n phase: 'rejected',\n status: 'error',\n timestamp: new Date().toISOString(),\n });\n };\n\n try {\n const result = fn(...args);\n\n if (result instanceof Promise) {\n return result.then(\n (value) => {\n emitResolved(value);\n return value;\n },\n (error: unknown) => {\n emitRejected(error);\n throw error;\n }\n ) as Result;\n }\n\n emitResolved(result as Awaited<Result>);\n return result;\n } catch (error) {\n emitRejected(error);\n throw error;\n }\n };\n\n return wrapped;\n};\n","import { dependencies } from '../package.json';\n\nexport const SDK_API_CORE_VERSION = dependencies['@dynamic-labs/sdk-api-core'];\n\nexport const DYNAMIC_ICONIC_SPRITE_URL =\n 'https://iconic.dynamic-static-assets.com/icons/sprite.svg';\n","import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @notInstrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @notInstrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user requires additional MFA authentication.\n *\n * This function determines if the current user session requires\n * additional multi-factor authentication to access certain features.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if the user needs additional MFA authentication, false otherwise.\n * @notInstrumented\n * @hook Exposed as a hook so consumers reactively know when MFA is still required, updated when the user changes.\n */\nexport const isUserMissingMfaAuth = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return Boolean(user.scope?.includes('requiresAdditionalAuth'));\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @notInstrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { DYNAMIC_ICONIC_SPRITE_URL } from '../../constants';\n\nexport const DEFAULT_WAAS_BASE_API_URL = 'https://app.dynamicauth.com';\nexport const DEFAULT_WAAS_BASE_MPC_RELAY_API_URL =\n 'https://relay.dynamicauth.com';\n\nexport const DYNAMIC_WAAS_METADATA = {\n displayName: 'Dynamic WaaS',\n icon: `${DYNAMIC_ICONIC_SPRITE_URL}#dynamicwaas`,\n normalizedWalletName: 'dynamicwaas',\n};\n","import type { WalletProvider } from '../../wallets/walletProvider';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport type { WaasWalletProvider } from '../waas.types';\n\n/** @notInstrumented */\nexport const isWaasWalletProvider = (\n walletProvider: WalletProvider\n): walletProvider is WaasWalletProvider => {\n return walletProvider.key.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @notInstrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @notInstrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { BaseError } from './base';\n\nexport class InvalidParamError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(message: string) {\n super({\n cause: null,\n code: 'invalid_param_error',\n docsUrl: null,\n name: 'InvalidParamError',\n shortMessage: message,\n });\n }\n}\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @notInstrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @notInstrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { getSecureCookieAttribute } from '../../../utils/getSecureCookieAttribute';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @notInstrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n // Only mark the cookie Secure in a secure context; browsers reject Secure\n // cookies set over http:// which would break localhost dev testing.\n const secureAttribute = getSecureCookieAttribute();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax${secureAttribute}`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;ACIA,MAAa,WAAW,WAAuC;AAE7D,QAAO,OAAO;;;;;ACchB,MAAM,cAAc,EAAE,SAAS,YAAiC;AAC9D,KAAI,iBAAiB,UACnB,QAAO,MAAM;AAGf,KAAI,OAAO,QACT,QAAO,MAAM;AAGf,QAAO;;;;;AAOT,MAAM,iBAAiB,EACrB,cACA,SACA,SACA,mBACyB;AACzB,QAAO;EACL;EACA;EACA;EACA,GAAI,eAAe,CAAC,GAAG,cAAc,GAAG,GAAG,EAAE;EAC7C,GAAI,UAAU,CAAC,SAAS,UAAU,GAAG,EAAE;EACvC,GAAI,UAAU,CAAC,YAAY,UAAU,GAAG,EAAE;EAC1C,YAAY;EACZ,+BAAc,IAAI,MAAM,EAAC,aAAa;EACvC,CAAC,KAAK,KAAK;;;;;AAMd,IAAsB,YAAtB,MAAsB,kBAAkB,MAAM;;CAE5C;CACA;CACA,AAAiB;CACjB,AAAS,OAAO;CAChB,AAAS;CAET,YAAY,MAA2B;EACrC,MAAM,UAAU,WAAW,KAAK;EAChC,MAAM,mBAAmB,cAAc;GAAE,GAAG;GAAM;GAAS,CAAC;AAC5D,QACE,KAAK,gBAAgB,kBACrB,KAAK,QAAQ,EAAE,OAAO,KAAK,OAAO,GAAG,OACtC;AAMD,SAAO,eAAe,MAAM,oBAAoB;GAC9C,cAAc;GACd,YAAY;GACZ,OAAO;GACP,UAAU;GACX,CAAC;AACF,OAAK,UAAU;AACf,OAAK,OAAO,KAAK,QAAQ,KAAK;AAC9B,OAAK,QAAQ,KAAK,SAAS,KAAK;AAChC,OAAK,OAAO,KAAK;;;;;CAMnB,OAA0B;EACxB,MAAM,QAAQ,KAAK;AAEnB,MAAI,iBAAiB,UACnB,QAAO,MAAM,MAAM;AAGrB,SAAO;;CAGT,AAAS,WAAW;AAClB,SAAO,KAAK;;;;;;ACrGhB,IAAa,sBAAb,cAAyC,UAAU;CACjD,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;ACNN,IAAIA,gBAAsC;AAC1C,IAAI,0BAA0B;;;;;;;;AAS9B,MAAa,yBAAwC;AACnD,KAAI,CAAC,cACH,OAAM,IAAI,qBAAqB;AAGjC,KAAI,0BAA0B,EAE5B,CADa,QAAQ,cAAc,CAC9B,OAAO,MACV,gSAGD;AAGH,QAAO;;;AAKT,MAAa,oBAAoB,WAA0B;AACzD,iBAAgB;AAChB;;;;;ACpCF,MAAa,6BAA6B,MAAQ,KAAK;AAEvD,MAAa,kBAAkB;;;;ACA/B,MAAa,6BAA6B;AAE1C,MAAa,4BAA4B;AAEzC,MAAa,6BAA6B;AAE1C,MAAa,+BAA+B;AAE5C,MAAa,mBAAmB;AAEhC,MAAa,4BAA4B;AAEzC,MAAa,0BACX,aAAa;AAEf,MAAa,gCAAgC;AAE7C,MAAa,kBAAkB;;;;ACnB/B,MAAM,gBACJ;;AAQF,MAAa,gBAAgB,EAC3B,QAAQ,eACR,aACwB;CACxB,MAAM,QAAQ,IAAI,WAAW,OAAO;AACpC,QAAO,gBAAgB,MAAM;CAE7B,IAAI,SAAS;AACb,MAAK,IAAI,IAAI,GAAG,IAAI,QAAQ,IAC1B,WAAU,MAAM,MAAM,KAAK,MAAM;AAEnC,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACmBT,MAAa,0BACX,EAAE,UAAU,MAAM,SAClB,SAAS,kBAAkB,KACJ;CACvB,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,sBAAM,IAAI,MAAM;CACtB,MAAM,uBAAuB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;CAGxE,MAAM,cAAc,qBAAqB,QACtC,YAAU,CAACC,QAAM,aAAaA,QAAM,YAAY,IAClD;AAGD,KAAI,YAAY,WAAW,qBAAqB,OAC9C,MAAK,MAAM,IAAI,EACb,sBAAsB,aACvB,CAAC;CAGJ,MAAM,QAAQ,YAAY,MAAM,YAAUA,QAAM,OAAO,SAAS,MAAM,CAAC;AAEvE,KAAI,CAAC,MACH;AAIF,KAAI,WAAW,MAAM,WAAW;EAC9B,MAAM,gBAAgB,YAAY,QAAQ,MAAM,MAAM,MAAM;AAC5D,OAAK,MAAM,IAAI,EACb,sBAAsB,eACvB,CAAC;;AAGJ,QAAO,MAAM;;;;;ACxEf,IAAa,0BAAb,cAA6C,UAAU;CAErD,YAAY,SAAiB;AAC3B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;;;;;;;;;;;;;;;;ACSN,SAAgB,cACd,OACA,SACgD;AAChD,KAAI,UAAU,QAAQ,UAAU,OAC9B,OAAM,IAAI,wBAAwB,QAAQ;;;;;;;;;AChB9C,MAAa,mBAAmB,WAAmC;AACjE,eAAc,OAAO,iBAAiB,mCAAmC;CAEzE,MAAM,mBAAmB,OAAO,gBAAgB;AAEhD,KAAI,CAAC,iBAAkB,QAAO;CAG9B,MAAM,yBAAyB,iBAAiB,MAAM,WAAW,EAAE,EAAE,SACnE,gBAAgB,OACjB;CAGD,MAAM,sBAAsB,QAC1B,iBAAiB,cAAc,WAChC;AAMD,QAAO,yBAAyB;;;;;;ACzBlC,MAAa,kBAAkB,WAAmD;CAGhF,MAAM,YAFO,QAAQ,OAAO,CAEL,MAAM,KAAK,CAAC;AAEnC,KAAI,CAAC,UACH;AAGF,QAAO,EAAE,WAAW;;;;;ACZtB,IAAa,WAAb,MAAa,iBAAiB,UAAU;CACtC;CAGA,YAAY,SAAiB,MAAc,QAAgB;AACzD,QAAM;GACJ,OAAO;GACP;GACA,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;AAEF,OAAK,SAAS;;CAGhB,aAAa,aAAa,UAAoB;AAC5C,MAAI;GACF,MAAM,YAAY,MAAM,SAAS,OAAO,CAAC,MAAM;AAE/C,OACE,aACA,WAAW,aACX,OAAO,UAAU,UAAU,UAC3B;IACA,MAAM,YACJ,UAAU,aAAa,OAAO,UAAU,SAAS,WAC7C,UAAU,OACV;AAEN,WAAO,IAAI,SAAS,UAAU,OAAO,WAAW,SAAS,OAAO;;AAGlE,UAAO;UACD;AACN,UAAO;;;;;;;ACnCb,IAAa,2BAAb,cAA8C,UAAU;CACtD,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SACE;GACF,MAAM;GACN,cAAc;GACf,CAAC;;;;;;ACTN,IAAa,sBAAb,cAAyC,UAAU;CACjD,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;ACTN,IAAa,qBAAb,cAAwC,UAAU;CAChD,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;ACRN,IAAa,sBAAb,cAAyC,UAAU;CACjD,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;ACRN,IAAa,sCAAb,cAAyD,UAAU;CACjE,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SACE;GACF,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;ACgBN,MAAaC,qBAAkC,UAAU;AACvD,KAAI,iBAAiB,UAAU;AAC7B,MAAI,MAAM,SAAS,mBACjB,QAAO,IAAI,mBAAmB,EAAE,OAAO,OAAO,CAAC;AAGjD,MAAI,MAAM,SAAS,mBACjB,QAAO,IAAI,oBAAoB,EAAE,OAAO,OAAO,CAAC;AAGlD,MAAI,MAAM,SAAS,wBACjB,QAAO,IAAI,yBAAyB,EAAE,OAAO,OAAO,CAAC;AAGvD,MAAI,MAAM,SAAS,oCACjB,QAAO,IAAI,oCAAoC,EAAE,OAAO,OAAO,CAAC;AAGlE,MACE,MAAM,SAAS,4BACf,MAAM,SAAS,wBAEf,QAAO,IAAI,oBAAoB,EAAE,OAAO,OAAO,CAAC;;AAIpD,QAAO;;;;;;;;;;;;;ACpCT,MAAa,qCAAqC,EAChD,eAAe,EAAE,QAC0C,EAC3D,MAAM,OAAO,YAA6B;AACxC,KAAI,QAAQ,SAAS,UAAU,KAAK;EAClC,MAAM,WAAW,MAAM,SAAS,aAAa,QAAQ,SAAS;AAE9D,MAAI,UAAU;GACZ,IAAIC,eAAsB;AAE1B,QAAK,MAAM,UAAU,cAAc;IACjC,MAAM,WAAW,OAAO,SAAS;AAEjC,QAAI,UAAU;AACZ,oBAAe;AACf;;;AAIJ,SAAM;;;AAIV,QAAO,QAAQ;GAElB;;;;;;;;;;;;AC/BD,MAAa,WAAW,OACtB,WACoB;CACpB,MAAM,OAAO,QAAQ,OAAO;CAC5B,MAAM,OAAO,KAAK,MAAM,KAAK,CAAC;AAE9B,KAAI,KAAK,SAAS,GAAG;EACnB,MAAM,CAAC,OAAO,GAAG,aAAa;AAE9B,OAAK,MAAM,IAAI,EAAE,kBAAkB,WAAW,CAAC;AAE/C,MAAI,UAAU,UAAU,EACtB,CAAK,oBAAoB,OAAO;AAGlC,SAAO;;AAGT,OAAM,oBAAoB,OAAO;AAEjC,QAAO,SAAS,OAAO;;;;;;AC3BzB,MAAa,kBAAkB,OAC7B,WAC0B;CAC1B,MAAM,EAAE,cAAc,aAAa,QAAQ,OAAO;;;;;AAMlD,KAAI,aACF,QAAO;CAGT,MAAM,UAAU;AAIhB,KAAI,CAFsB,MAAM,SAAS,aAAa,QAAQ,CAG5D,OAAM,SAAS,YAAY,QAAQ;AAGrC,QAAO;EACL,oBAAoB,SAAS,aAAa,QAAQ;EAClD,OAAO,YAAoB,SAAS,KAAK,SAAS,QAAQ;EAC3D;;;;;;ACtBH,MAAa,0CAA0C,OACrD,WACoC;CACpC,MAAM,EAAE,oBAAoB;AAE5B,eAAc,iBAAiB,6BAA6B;;;;;;AAO5D,KAAI,gBAAgB,OAAO,CACzB,QAAO,EAAE;CAGX,MAAM,eAAe,MAAM,gBAAgB,OAAO;CAElD,MAAM,QAAQ,MAAM,SAAS,OAAO;CAEpC,MAAM,cAAc,MAAM,aAAa,KAAK,MAAM;CAClD,MAAM,YAAY,MAAM,aAAa,cAAc;AAEnD,QAAO;EACL,0BAA0B;EAC1B,8BAA8B;EAC9B,iCAAiC;EAClC;;;;;;AC1BH,MAAa,0CACX,WACe;AACf,QAAO,EACL,KAAK,OAAO,YAAY;;;;AAItB,MACE,qCAAqC,QAAQ,IAAI,IACjD,CAAC,gBAAgB,OAAO,EACxB;GACA,MAAM,sBAAsB,MAAM,wCAChC,OACD;AAED,UAAO;IACL,MAAM;KACJ,GAAG,QAAQ;KACX,SAAS;MACP,GAAG,QAAQ,KAAK;MAChB,GAAG;MACJ;KACF;IACD,KAAK,QAAQ;IACd;;IAKN;;;;;ACpCH,IAAa,oBAAb,cAAuC,UAAU;CAC/C,YAAY,EAAE,SAA6C;AACzD,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;;ACLN,MAAa,sCAAkD,EAC7D,MAAM,OAAO,YAA6B;AACxC,KAAI,QAAQ,SAAS,WAAW,KAAK;EACnC,IAAIC,QAAsB;AAE1B,MAAI;GACF,MAAM,YAAY,MAAM,QAAQ,SAAS,OAAO,CAAC,MAAM;AAEvD,OACE,aACA,WAAW,aACX,OAAO,UAAU,UAAU,SAG3B,SAAQ,IAAI,MAAM,UAAU,MAAM;UAE9B;AAIR,QAAM,IAAI,kBAAkB,EAAE,OAAO,CAAC;;AAGxC,QAAO,QAAQ;GAElB;;;;;;;;;;ACkBD,MAAa,mBACX,UAAkC,EAAE,EACpC,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAC5B,MAAM,YAAY,KAAK,MAAM,KAAK;CAElC,MAAMC,WAAsB;EAC1B,UAAU,KAAK;EACf,SAAS;GACP,gBAAgB;IACf,6BAA6B,OAAO;IACpC,4BAA4B,aAAa,EAAE,QAAQ,IAAI,CAAC;IACxD,gCAAgC,KAAK;IACrC,6BAA6B,GAAG,gBAAgB,GAAG;GACpD,GAAG,KAAK,eAAe;GACvB,GAAG,QAAQ;GACZ;EACF;AAED,KAAI,KAAK,UAAU,cACjB,CAAC,SAAS,QAAmC,YAC3C,KAAK,SAAS;AAGlB,KAAI,OAAO,MACT,UAAS,QAAQ,gBAAgB,UAAU,OAAO;AAGpD,KAAI,OAAO,mBAAmB,gBAAgB,OAAO,CACnD,UAAS,cAAc;AAGzB,KAAI,QAAQ,mBAAmB,UAAU,SACvC,UAAS,QAAQ,oBAAoB,UAAU;AAGjD,KAAI,QAAQ,0BAA0B;EACpC,MAAM,gBAAgB,uBACpB,EAAE,OAAO,QAAQ,0BAA0B,EAC3C,OACD;AACD,MAAI,cACF,UAAS,QAAQ,gCAAgC;;CAIrD,MAAM,mBAAmB,eAAe,OAAO,EAAE;CAIjD,MAAM,kCACJ,SAAS,QAAQ,+BAA+B;AAElD,KAAI,oBAAoB,CAAC,gCACvB,UAAS,QAAQ,6BAA6B;AAGhD,QAAO,IAAI,OACT,IAAI,cAAc;EAChB,GAAG;EACH,UAAU,KAAK;EACf,YAAY;GACV,uCAAuC,OAAO;GAC9C,kCAAkC,EAChC,cAAc,CAAC,GAAI,QAAQ,gBAAgB,EAAE,EAAG,kBAAkB,EACnE,CAAC;GACF,8BAA8B;GAC/B;EACF,CAAC,CACH;;;;;;;;;;;;;;;;;;;;;;;AC/FH,MAAa,sBAAsB,OACjC,WACkB;CAClB,MAAM,OAAO,QAAQ,OAAO;CAG5B,MAAM,WAAW,KAAK,MAAM,KAAK,CAAC;AAClC,KAAI,SACF,QAAO;CAGT,MAAM,EAAE,kBAAkB;CAE1B,MAAM,YAAY,gBAAgB,EAAE,EAAE,OAAO;CAE7C,MAAM,gBAAgB,YAAY;EAChC,MAAM,EAAE,WAAW,MAAM,UAAU,UAAU;GAC3C,OAAO;GACP;GACD,CAAC;EAEF,MAAM,WAAW,KAAK,MAAM,KAAK,CAAC;AAElC,OAAK,MAAM,IAAI;GACb,kBAAkB,CAAC,GAAG,UAAU,GAAG,OAAO;GAC1C,4BAA4B,KAAK,KAAK,GAAG;GAC1C,CAAC;KACA,CAAC,cAAc;AAGjB,OAAK,MAAM,IAAI,EAAE,oBAAoB,MAAM,CAAC;GAC5C;AAEF,MAAK,MAAM,IAAI,EAAE,oBAAoB,cAAc,CAAC;AAEpD,QAAO;;;;;;;;;;;;;;;;;;;;;AC1CT,MAAa,iCAAyC;AAKpD,QAHE,QAAQ,WAAW,QAAQ,gBAAgB,IAC3C,WAAW,UAAU,aAAa,WAElB,aAAa;;;;;;;;;AChBjC,MAAa,aAAa,WAAmB;AAE3C,UAAS,SAAS;;;;;;;;;;;;;;;;;;ACkBpB,MAAa,WACX,EAAE,OAAO,YACT,SAAS,kBAAkB,KACxB;CACH,MAAM,EAAE,iBAAiB,QAAQ,OAAO;AAExC,cAAa,GAAG,OAAO,SAAS;AAEhC,cAAa;AACX,eAAa,IAAI,OAAO,SAAS;;;;;;;;;;;;;;AAgBrC,MAAa,YACX,EAAE,OAAO,YACT,SAAS,kBAAkB,KACxB;CACH,MAAM,EAAE,iBAAiB,QAAQ,OAAO;AAExC,cAAa,IAAI,OAAO,SAAS;;;;;;;;;;;;;;;AAiBnC,MAAa,aACX,EAAE,OAAO,YACT,SAAS,kBAAkB,KACxB;CACH,MAAM,EAAE,iBAAiB,QAAQ,OAAO;AAExC,cAAa,KAAK,OAAO,SAAS;AAElC,cAAa;AACX,eAAa,IAAI,OAAO,SAAS;;;;;;;;;;;;;;AAgBrC,MAAa,aACX,EAAE,OAAO,QACT,WACG;CACH,MAAM,EAAE,iBAAiB,QAAQ,OAAO;AAExC,cAAa,KAAK,OAAO,KAAK;;;;;ACtGhC,IAAa,gCAAb,cAAmD,UAAU;CAE3D,YAAY,OAAe;AACzB,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,gCAAgC,MAAM;GACrD,CAAC;;;;;;;ACCN,MAAa,0BACX,sBACiC;CACjC,MAAM,CAAC,+BAA+B,oBAAoB,QAAQ,GAAG,QACnE,kBAAkB,MAAM,IAAI;AAE9B,KACE,CAAC,iCACD,CAAC,OAAO,OAAO,mBAAmB,CAAC,SACjC,mBACD,IACD,KAAK,SAAS,EAEd,OAAM,IAAI,8BAA8B,kBAAkB;AAG5D,QAAO;EACL;EACA;EACoB;EACrB;;;;;;ACrBH,MAAa,oBAAoB,EAAE,SAAS,YAAqC;CAC/E,IAAI,oBAAoB;AAExB,KAAI,mBAAmB,WAAW,KAAK,CACrC,qBAAoB,kBAAkB,MAAM,EAAE;AAUhD,qBAFmD,CAAC,OAAO,OAAO,CAEZ,SAAS,MAAM,GACjE,mBAAmB,aAAa,GAChC;AAEJ,QAAO;;;;;;AClBT,MAAa,yBAAyB,EACpC,SACA,OACA,wBACyC;CACzC,MAAM,EAAE,kCACN,uBAAuB,kBAAkB;AAI3C,QAAO,GAAG,8BAA8B,GAFd,iBAAiB;EAAE;EAAS;EAAO,CAAC;;;;;;ACVhE,MAAa,iDAAiD,EAC5D,+BACyE;CACzE,SAAS,wBAAwB;CACjC,oBAAoB,wBAAwB;CAC5C,OAAO,wBAAwB;CAC/B,IAAI,sBAAsB;EACxB,SAAS,wBAAwB;EACjC,OAAO,wBAAwB;EAC/B,mBAAmB,wBAAwB;EAC5C,CAAC;CACF,gBAAgB,wBAAwB;CACxC,sBAAsB;CACtB,mBAAmB,wBAAwB;CAC5C;;;;ACPD,MAAaC,kBAA4C;CACvD,MAAM;EACJ,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,MAAM;EACJ,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,OAAO;EACL,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,KAAK;EACH,cAAc;EACd,gBAAgB;EAChB,yBAAyB,CAAC,MAAM;EAChC,6BAA6B;EAC9B;CACD,QAAQ;EACN,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,SAAS;EACP,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,KAAK;EACH,cAAc;EAEd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,MAAM;EACJ,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,UAAU;EACR,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,KAAK;EACH,cAAc;EACd,gBAAgB;EAChB,yBAAyB,CAAC,MAAM;EAChC,6BAA6B;EAC7B,uBAAuB;EACxB;CACD,OAAO;EACL,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,OAAO;EACL,cAAc;EACd,gBAAgB;EAChB,yBAAyB,CAAC,QAAQ;EAClC,6BAA6B;EAC9B;CACD,SAAS;EACP,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,KAAK;EACH,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,OAAO;EACL,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,KAAK;EACH,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACD,MAAM;EACJ,cAAc;EACd,gBAAgB;EAChB,6BAA6B;EAC9B;CACF;;;;;ACrGD,MAAa,uCACX,4BACU;CAGV,MAAM,QAFS,OAAO,KAAK,gBAAgB,CAEtB,MAClB,YACC,gBAAgBC,SAAO,gCACvB,wBACH;AAED,eAAc,OAAO,kBAAkB,0BAA0B;AAEjE,QAAO;;;;;;;;;;ACPT,MAAa,gCAAgC,EAC3C,aACA,YACgD;CAChD,MAAM,sBAAsB,YACzB,QAAQ,iBAAiB,GAAG,CAC5B,aAAa;CAEhB,MAAM,eAAe,MAAM,mBAAmB;AAE9C,KAAI,oBAAoB,SAAS,aAAa,CAC5C,QAAO;AAGT,QAAO,GAAG,sBAAsB;;;;;;;;;;;;;;;;ACHlC,MAAa,2BAA2B,EACtC,QACA,OACA,aACA,yBACmC;AAMnC,QAAO,GALyB,6BAA6B;EAC3D;EACA;EACD,CAAC,CAEgC,GAAG,qBACnC,SAAS,IAAI,WAAW;;;;;;ACtB5B,MAAa,8CACX,EAAE,sBACF,WACG;CAGH,MAAM,EAAE,yBAFK,QAAQ,OAAO,CAEU,MAAM,KAAK;CAEjD,MAAM,0BAA0B,qBAAqB,mBAAmB;AAExE,KAAI,wBACF,QAAO,EAAE,mBAAmB,yBAAyB;;;;;;;;;;AAYvD,eACE,mBAAmB,YACnB,iEAAiE,mBAAmB,GAAG,sBACxF;AAED,eACE,mBAAmB,gBACnB,iEAAiE,mBAAmB,GAAG,0BACxF;AAED,eACE,mBAAmB,OACnB,iEAAiE,mBAAmB,GAAG,iBACxF;AAcD,QAAO,EAAE,mBANiB,wBAAwB;EAChD,OAHY,oCAAoC,mBAAmB,MAAM;EAIzE,aAAa,mBAAmB;EAChC,oBAAoB,mBAAmB;EACxC,CAAC,EAE0B;;;;;;AChD9B,MAAa,4CACX,EAAE,sBACF,WACkB;AAClB,eACE,mBAAmB,SACnB,yCACD;AACD,eACE,mBAAmB,OACnB,uCACD;CAED,MAAM,QAAQ,oCAAoC,mBAAmB,MAAM;CAE3E,MAAM,EAAE,sBAAsB,2CAC5B,EACE,oBACD,EACD,OACD;CAED,MAAM,kBAAkB,sBAAsB;EAC5C,SAAS,mBAAmB;EAC5B;EACA;EACD,CAAC;AAEF,QAAO;EACL,SAAS,mBAAmB;EAC5B,oBAAoB,mBAAmB;EACvC;EACA,sBAAsB,mBAAmB,kBAAkB;EAG3D,IAAI;EACJ,gBAAgB,mBAAmB,kBAAkB;EACrD,sBAAsB,mBAAmB;EACzC;EACD;;;;;;ACtCH,MAAa,8BACX,EAAE,0BAA0B,QAC5B,WACoB;CACpB,MAAMC,oCAAgD,IAAI,KAAK;;;;;AAM/D,0BAAyB,SAAS,4BAA4B;EAC5D,MAAM,gBAAgB,8CAA8C,EAClE,yBACD,CAAC;AAEF,oBAAkB,IAAI,cAAc,IAAI,cAAc;GACtD;AAOF,EAF4B,MAAM,uBAAuB,EAAE,EAGxD,QACE,aACC,SAAS,WAAW,gCAAgC,WACvD,CACA,SAAS,0BAA0B;AAClC,MAAI;GACF,MAAM,gBAAgB,yCACpB,EACE,oBAAoB,uBACrB,EACD,OACD;AAED,qBAAkB,IAAI,cAAc,IAAI,cAAc;WAC/C,OAAO;;;;;;;;;AASd,WAAQ,OAAO,CAAC,OAAO,MACrB,gCAAgC,sBAAsB,GAAG,wCACzD,MACD;;GAEH;AAEJ,QAAO,MAAM,KAAK,kBAAkB,QAAQ,CAAC;;;;;;;;;;;;;;;;;;ACpD/C,MAAa,qBACX,SAAS,kBAAkB,KACP;CAEpB,MAAM,EAAE,0BAA0B,SADrB,QAAQ,OAAO,CACoB,MAAM,KAAK;AAE3D,QAAO,2BAA2B;EAAE;EAA0B;EAAM,EAAE,OAAO;;;;;AClB/E,IAAa,6BAAb,cAAgD,UAAU;CACxD,YAAY,EAAE,qBAAuD;AACnE,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,sCAAsC;GACrD,CAAC;;;;;;;;;;;;;;;;ACDN,MAAa,iCAEP,KAAa,aAChB,WAA6B;CAC5B,MAAM,EAAE,oBAAoB,QAAQ,OAAO;CAE3C,MAAM,iBAAiB,gBAAgB,SAAY,IAAI;AAEvD,KAAI,eACF,QAAO;CAGT,MAAM,UAAU,QAAQ,OAAO;AAE/B,iBAAgB,SAAS,KAAK,QAAQ;AAEtC,QAAO;;;;;;;;;;;;;;;;;;;;;;;;ACLX,MAAa,gCACX,WAC2B;CAC3B,MAAM,2BAAW,IAAI,KAGlB;AAEH,QAAO;EACL,WAAW,QAAQ,SAAS,IAAI,IAAI,EAAE;EACtC,2BAA2B,MAAM,KAAK,SAAS,QAAQ,CAAC;EACxD,qBACE,MAAM,KAAK,SAAS,QAAQ,CAAC,CAAC,KAAK,MAAM,EAAE,eAAe;EAC5D,WAAW,SAAS;GAClB,MAAM,gBAAgB,SAAS,IAAI,KAAK,eAAe,IAAI;AAE3D,OAAI,eACF;QAAI,cAAc,WAAW,KAAK,UAAU;AAC1C,cAAS,IAAI,KAAK,eAAe,KAAK,KAAK;AAE3C,eACE;MACE,MAAM,EAAE,mBAAmB,KAAK,eAAe,KAAK;MACpD,OAAO;MACR,EACD,OACD;;UAEE;AACL,aAAS,IAAI,KAAK,eAAe,KAAK,KAAK;AAE3C,cACE;KACE,MAAM,EAAE,gBAAgB,KAAK,gBAAgB;KAC7C,OAAO;KACR,EACD,OACD;AAED,cACE;KACE,MAAM,EAAE,mBAAmB,KAAK,eAAe,KAAK;KACpD,OAAO;KACR,EACD,OACD;;;EAGL,aAAa,QAAQ;AACnB,YAAS,OAAO,IAAI;AAEpB,aACE;IACE,MAAM,EAAE,mBAAmB,KAAK;IAChC,OAAO;IACR,EACD,OACD;;EAEJ;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzDH,MAAa,4BAA4B,8BACvC,2BACC,WAAW,6BAA6B,OAAO,CACjD;;;;ACdD,IAAY,4EAAL;;;;;;AAML;;;;;;AAMA;;;;;;;AAOA;;;;;;;ACxBF,MAAa,sCACX,EAAE,iBACF,WACG;CAGH,MAAM,iBAFyB,0BAA0B,OAAO,CAElB,SAC5C,cAAc,kBACf;AAED,KAAI,CAAC,eACH,OAAM,IAAI,2BAA2B,EACnC,mBAAmB,cAAc,mBAClC,CAAC;AAGJ,QAAO;;;;;AC1BT,MAAa,2BAA2B;;;;;;;;;;;;;;;ACYxC,MAAa,oBAAoB,UAAiC;AAChE,KAAI;EACF,MAAM,UAAU,MAAM,MAAM,IAAI,CAAC;AAGjC,SAFgB,KAAK,MAAM,KAAK,QAAQ,CAAC,CAE1B,OAAO;SAChB;AACN,SAAO;;;;;;;;;;;;;;;;ACPX,MAAa,2BAA+C;AAC1D,KAAI;EAEF,MAAM,KAAK,UAAU;AAErB,MAAI,mBAAmB,KAAK,GAAG,CAAE,QAAO;AACxC,MAAI,UAAU,KAAK,GAAG,CAAE,QAAO;AAC/B,MAAI,UAAU,KAAK,GAAG,CAAE,QAAO;AAC/B,MAAI,qBAAqB,KAAK,GAAG,CAAE,QAAO;AAC1C,MAAI,QAAQ,KAAK,GAAG,CAAE,QAAO;AAE7B,SAAO;SACD;AACN,SAAO;;;;;;;;;;;;;;ACfX,MAAa,oBAAiC;;;;;;;;;;;;;ACD9C,MAAa,qBAA6B;AACxC,KAAI;AAEF,SAAO,UAAU;SACX;AACN,SAAO;;;;;;;;;;;;;;;;;;;;ACAX,MAAa,qBAAqB;CAChC;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAKA;CACA;CACD;;;;;;;;AASD,MAAa,mBAAmB,CAAC,SAAS,MAAM;AAEhD,MAAa,iBAAiB;AAE9B,MAAa,oBAAoB;AAEjC,MAAa,mBAAmB;;;;;;AAOhC,MAAa,eAAe;;;;;;AAO5B,MAAa,iBAAiB;;;;;;;;;;;;AC1C9B,MAAM,sBAAsB,EAC1B,UACA,qBACuC;AACvC,KAAI,eAAe,SAAS,SAAS,CACnC,QAAO;AAGT,QAAO,iBAAiB,MAAM,WAAW,SAAS,SAAS,OAAO,CAAC;;AAiCrE,MAAM,eAAe,EACnB,KACA,gBACA,WACA,YAC+B;AAC/B,KAAI,mBAAmB;EAAE,UAAU,IAAI,aAAa;EAAE;EAAgB,CAAC,CACrE,QAAO;AAGT,KAAI,UACF,QAAO;AAGT,KAAI,MAAM,SAAS,kBACjB,QAAO,MAAM,MAAM,GAAG,kBAAkB,GAAG;AAG7C,QAAO;;AAIT,MAAM,cAAc,EAAE,SAAS,YAAyC;AACtE,KAAI,QAAQ,QAAQ,IAAI,MAAM,CAC5B,QAAO,CAAC,eAAe;AAGzB,SAAQ,QAAQ,IAAI,MAAM;CAE1B,MAAM,SAAS,MAAM,KAAK,MAAM,UAC9B,WAAW;EAAE;EAAS,KAAK,OAAO,MAAM;EAAE,OAAO;EAAM,CAAC,CACzD;AAED,SAAQ,QAAQ,OAAO,MAAM;AAE7B,QAAO;;AAIT,MAAM,eAAe,EACnB,SACA,YACgD;AAChD,KAAI,QAAQ,QAAQ,IAAI,MAAM,CAC5B,QAAO,GAAG,iBAAiB,MAAM;AAGnC,SAAQ,QAAQ,IAAI,MAAM;CAI1B,MAAM,SAAS,OAAO,OAAO,KAAK;AAElC,MAAK,MAAM,OAAO,OAAO,KAAK,MAAM,CAClC,QAAO,OAAO,WAAW;EAAE;EAAS;EAAK,OAAO,MAAM;EAAM,CAAC;AAG/D,SAAQ,QAAQ,OAAO,MAAM;AAE7B,QAAO;;AAIT,MAAM,cAAc,EAAE,SAAS,KAAK,YAAuC;AACzE,KAAI,UAAU,QAAQ,UAAU,OAC9B,QAAO;AAGT,KAAI,iBAAiB,WACnB,QAAO,IAAI,aAAa,GAAG,MAAM,WAAW;AAG9C,KACE,mBAAmB;EACjB,UAAU,IAAI,aAAa;EAC3B,gBAAgB,QAAQ;EACzB,CAAC,CAEF,QAAO;AAGT,KAAI,OAAO,UAAU,SACnB,QAAO,YAAY;EACjB;EACA,gBAAgB,QAAQ;EACxB,WAAW,QAAQ;EACnB;EACD,CAAC;AAGJ,KAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,WAAW;EAAE;EAAS;EAAO,CAAC;AAGvC,KAAI,iBAAiB,KAAK;AACxB,MAAI,QAAQ,QAAQ,IAAI,MAAM,CAC5B,QAAO,CAAC,eAAe;AAGzB,UAAQ,QAAQ,IAAI,MAAM;EAC1B,MAAM,YAAY,WAAW;GAAE;GAAS,OAAO,CAAC,GAAG,MAAM;GAAE,CAAC;AAC5D,UAAQ,QAAQ,OAAO,MAAM;AAE7B,SAAO;;AAGT,KAAI,iBAAiB,KAAK;AACxB,MAAI,QAAQ,QAAQ,IAAI,MAAM,CAC5B,QAAO,GAAG,iBAAiB,MAAM;AAGnC,UAAQ,QAAQ,IAAI,MAAM;EAG1B,MAAM,WAAW,OAAO,OAAO,KAAK;AAEpC,OAAK,MAAM,CAAC,GAAG,MAAM,MAAM,SAAS,CAClC,UAAS,OAAO,EAAE,IAAI;EAGxB,MAAM,YAAY,YAAY;GAAE;GAAS,OAAO;GAAU,CAAC;AAC3D,UAAQ,QAAQ,OAAO,MAAM;AAE7B,SAAO;;AAOT,KAAI,iBAAiB,QACnB,QAAO;AAGT,KAAI,iBAAiB,QACnB,QAAO;AAGT,KAAI,iBAAiB,KACnB,QAAO,MAAM,aAAa;AAG5B,KAAI,iBAAiB,MACnB,QAAO,WAAW,MAAM,QAAQ;AAGlC,KAAI,OAAO,UAAU,SACnB,QAAO,YAAY;EAAE;EAAgB;EAAkC,CAAC;AAG1E,QAAO;;;AAKT,MAAa,mBAAmB,EAC9B,WACA,WACA,YACoD;AAOpD,QAAO,YAAY;EAAE,SANS;GAC5B,gBAAgB,UAAU,KAAK,UAAU,MAAM,aAAa,CAAC;GAC7D;GACA,yBAAS,IAAI,SAAiB;GAC/B;EAE6B;EAAO,CAAC;;;;;ACvNxC,MAAM,iBACJ,UACkE;AAClE,KAAI,iBAAiB,UACnB,QAAO;EAAE,WAAW,MAAM;EAAM,WAAW,MAAM;EAAM;AAGzD,KAAI,iBAAiB,MACnB,QAAO,EAAE,WAAW,MAAM,MAAM;AAGlC,QAAO,EAAE,WAAW,gBAAgB;;AAMtC,MAAM,gBACJ,SACyD;CACzD,MAAM,QAAQ,KAAK,MAAM,KAAK;AAE9B,QAAO;EACL,eAAe,KAAK;EACpB,iBAAiB,oBAAoB;EACrC,UAAU,aAAa;EACvB,yBAAyB,MAAM,KAAK,KAAK,WAAW;EACpD,cAAc,KAAK;EACnB,YAAY,KAAK;EACjB,gBAAgB,MAAM,QAAQ,iBAAiB,MAAM,MAAM,GAAG;EAC9D,WAAW,cAAc;EACzB,QAAQ,MAAM,MAAM,MAAM;EAC3B;;;;;;;;;;AAYH,MAAM,cAAiB,EACrB,cACA,QACA,WACA,UACA,YAO6B;AAC7B,KAAI,CAAC,SACH;AAGF,KAAI;AACF,SAAO,gBAAgB;GAAE;GAAW,OAAO,SAAS,MAAM;GAAE,CAAC;UACtD,OAAO;AACd,SAAO,MACL,8CAA8C,aAAa,0CAC3D,MACD;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiFJ,MAAa,sBAAsD,EACjE,IACA,cACA,oBACA,gBACyE;CACzE,MAAM,WAAW,GAAG,SAAuB;EACzC,MAAM,OAAOC,WAAS;AAEtB,MAAI,CAAC,MAAM,gBAAgB,OAAO,QAChC,QAAO,GAAG,GAAG,KAAK;EAGpB,MAAM,EAAE,iBAAiB,WAAW;EACpC,MAAM,EAAE,cAAc,gBAAgB;EACtC,MAAM,OAAO;GAAE,GAAG,aAAa,KAAK;GAAE;GAAc;EACpD,MAAM,YAAY,KAAK,KAAK;AAE5B,kBAAgB,YAAY;GAC1B,GAAG;GACH,SAAS,WAAW;IAClB;IACA;IACA;IACA,UAAU,WAAW;IACrB,OAAO;IACR,CAAC;GACF,OAAO;GACP,QAAQ;GACR,4BAAW,IAAI,MAAM,EAAC,aAAa;GACpC,CAAC;EAEF,MAAM,gBAAgB,UAAiC;AACrD,mBAAgB,YAAY;IAC1B,GAAG;IACH,YAAY,KAAK,KAAK,GAAG;IACzB,SAAS,WAAW;KAClB;KACA;KACA;KACA,UAAU,WAAW;KACrB;KACD,CAAC;IACF,OAAO;IACP,QAAQ;IACR,4BAAW,IAAI,MAAM,EAAC,aAAa;IACpC,CAAC;;EAGJ,MAAM,gBAAgB,UAAyB;AAC7C,mBAAgB,YAAY;IAC1B,GAAG;IACH,GAAG,cAAc,MAAM;IACvB,YAAY,KAAK,KAAK,GAAG;IACzB,OAAO;IACP,QAAQ;IACR,4BAAW,IAAI,MAAM,EAAC,aAAa;IACpC,CAAC;;AAGJ,MAAI;GACF,MAAM,SAAS,GAAG,GAAG,KAAK;AAE1B,OAAI,kBAAkB,QACpB,QAAO,OAAO,MACX,UAAU;AACT,iBAAa,MAAM;AACnB,WAAO;OAER,UAAmB;AAClB,iBAAa,MAAM;AACnB,UAAM;KAET;AAGH,gBAAa,OAA0B;AACvC,UAAO;WACA,OAAO;AACd,gBAAa,MAAM;AACnB,SAAM;;;AAIV,QAAO;;;;;AC5PT,MAAa,uBAAuB,aAAa;AAEjD,MAAa,4BACX;;;;;;;;ACGF,MAAa,kCAAkC,WAAgC;AAG7E,WACE;EACE,MAAM,EAAE,gBAJW,kBAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEA,2BAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;;;;;;;;ACvBd,MAAa,wBAAwB,SAAS,kBAAkB,KAAK;CACnE,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;AAEzC,QAAO,QAAQ,KAAK,OAAO,SAAS,yBAAyB,CAAC;;;;;;;;;ACZhE,MAAa,sBAAsB,WAA0B;AAG3D,QAF+B,0BAA0B,OAAO,CAElC,eAAe;;;;;ACR/C,MAAa,4BAA4B;AACzC,MAAa,sCACX;AAEF,MAAa,wBAAwB;CACnC,aAAa;CACb,MAAM,GAAG,0BAA0B;CACnC,sBAAsB;CACvB;;;;;ACLD,MAAa,wBACX,mBACyC;AACzC,QAAO,eAAe,IAAI,SACxB,sBAAsB,qBACvB;;;;;;ACKH,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkB,wBAAwB;EAC9C;EACA,aAAa,sBAAsB;EACnC,oBAAoB,mBAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAAC,qBAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrC,sBAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAI,qBAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrB,kBAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,WAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;AClDH,IAAa,oBAAb,cAAuC,UAAU;CAE/C,YAAY,SAAiB;AAC3B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;;;;;;;;;;;;;;;;;;ACkBN,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAI,kBAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiB,kBACnB,OAAM;AAER,QAAM,IAAI,kBACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACvBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMC,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAe,gBAAgB,OAAO,CAOxC,WACE,GAAG,yBAAyB,GAAG,YAAY,YAP1B,iBAAiB,aAAa,CAOmB,wBAH5C,0BAA0B,GAIjD;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO"}
|