@dynamic-labs-sdk/client 1.7.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (118) hide show
  1. package/android/build.gradle +231 -0
  2. package/android/gradle/wrapper/gradle-wrapper.jar +0 -0
  3. package/android/gradle/wrapper/gradle-wrapper.properties +7 -0
  4. package/android/gradle.properties +8 -0
  5. package/android/gradlew +251 -0
  6. package/android/gradlew.bat +94 -0
  7. package/android/settings.gradle +30 -0
  8. package/android/src/main/java/xyz/dynamic/client/DynamicClientPackage.kt +52 -0
  9. package/android/src/main/java/xyz/dynamic/client/keychain/KeyStoreKeyManager.kt +147 -0
  10. package/android/src/main/java/xyz/dynamic/client/keychain/KeychainModule.kt +85 -0
  11. package/android/src/main/java/xyz/dynamic/client/manifest/ReactNativeManifestModule.kt +25 -0
  12. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewClient.kt +83 -0
  13. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewHost.kt +518 -0
  14. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewModule.kt +147 -0
  15. package/android/src/test/java/xyz/dynamic/client/keychain/KeyStoreKeyManagerTest.kt +288 -0
  16. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewClientTest.kt +196 -0
  17. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostOpenTest.kt +347 -0
  18. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostTest.kt +171 -0
  19. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewModuleTest.kt +191 -0
  20. package/dist/{InvalidParamError-Crwntjl7.native.esm.js → InvalidParamError-Bc6OZBog.native.esm.js} +3 -3
  21. package/dist/{InvalidParamError-Crwntjl7.native.esm.js.map → InvalidParamError-Bc6OZBog.native.esm.js.map} +1 -1
  22. package/dist/{InvalidParamError-fQLJaGBW.esm.js → InvalidParamError-IHYLdzFd.esm.js} +437 -5
  23. package/dist/InvalidParamError-IHYLdzFd.esm.js.map +1 -0
  24. package/dist/{InvalidParamError-CTssOe86.cjs → InvalidParamError-S56rFFDP.cjs} +550 -4
  25. package/dist/InvalidParamError-S56rFFDP.cjs.map +1 -0
  26. package/dist/{NotWaasWalletAccountError-BJLGGYmU.native.esm.js → NotWaasWalletAccountError-BP-bODbJ.native.esm.js} +3 -3
  27. package/dist/{NotWaasWalletAccountError-BJLGGYmU.native.esm.js.map → NotWaasWalletAccountError-BP-bODbJ.native.esm.js.map} +1 -1
  28. package/dist/{NotWaasWalletAccountError-DF_S7gqo.esm.js → NotWaasWalletAccountError-BYEL2l-W.esm.js} +3 -3
  29. package/dist/{NotWaasWalletAccountError-DF_S7gqo.esm.js.map → NotWaasWalletAccountError-BYEL2l-W.esm.js.map} +1 -1
  30. package/dist/{NotWaasWalletAccountError-2RaDipZu.cjs → NotWaasWalletAccountError-CbhIKUDM.cjs} +3 -3
  31. package/dist/{NotWaasWalletAccountError-2RaDipZu.cjs.map → NotWaasWalletAccountError-CbhIKUDM.cjs.map} +1 -1
  32. package/dist/core.cjs +23 -23
  33. package/dist/core.cjs.map +1 -1
  34. package/dist/core.esm.js +5 -5
  35. package/dist/core.native.esm.js +7 -7
  36. package/dist/core.native.esm.js.map +1 -1
  37. package/dist/errors/WebViewLoadFailedError.d.ts +1 -1
  38. package/dist/errors/WebViewLoadFailedError.d.ts.map +1 -1
  39. package/dist/exports/index.d.ts +2 -0
  40. package/dist/exports/index.d.ts.map +1 -1
  41. package/dist/{getNetworkProviderFromNetworkId-C1p9Rrg3.cjs → getNetworkProviderFromNetworkId-BDdcpGHH.cjs} +11 -317
  42. package/dist/getNetworkProviderFromNetworkId-BDdcpGHH.cjs.map +1 -0
  43. package/dist/{getNetworkProviderFromNetworkId-BWhaD23J.esm.js → getNetworkProviderFromNetworkId-D8rWYXlT.esm.js} +4 -242
  44. package/dist/getNetworkProviderFromNetworkId-D8rWYXlT.esm.js.map +1 -0
  45. package/dist/{getNetworkProviderFromNetworkId-BCSmILlH.native.esm.js → getNetworkProviderFromNetworkId-DVmF7pH2.native.esm.js} +6 -6
  46. package/dist/getNetworkProviderFromNetworkId-DVmF7pH2.native.esm.js.map +1 -0
  47. package/dist/{getSignedSessionId-CxxYNC_8.cjs → getSignedSessionId-BBaBCi9S.cjs} +3 -3
  48. package/dist/{getSignedSessionId-CxxYNC_8.cjs.map → getSignedSessionId-BBaBCi9S.cjs.map} +1 -1
  49. package/dist/{getSignedSessionId-c7dS4PQ9.esm.js → getSignedSessionId-CND07Eca.esm.js} +3 -3
  50. package/dist/{getSignedSessionId-c7dS4PQ9.esm.js.map → getSignedSessionId-CND07Eca.esm.js.map} +1 -1
  51. package/dist/{getSignedSessionId-DPOXdh6y.native.esm.js → getSignedSessionId-RwV7JPn8.native.esm.js} +3 -3
  52. package/dist/{getSignedSessionId-DPOXdh6y.native.esm.js.map → getSignedSessionId-RwV7JPn8.native.esm.js.map} +1 -1
  53. package/dist/{getVerifiedCredentialForWalletAccount-Cahp763h.esm.js → getVerifiedCredentialForWalletAccount-BVrGV8qf.native.esm.js} +2 -2
  54. package/dist/{getVerifiedCredentialForWalletAccount-DuNbORNW.native.esm.js.map → getVerifiedCredentialForWalletAccount-BVrGV8qf.native.esm.js.map} +1 -1
  55. package/dist/getVerifiedCredentialForWalletAccount-BiOS65Tk.esm.js +269 -0
  56. package/dist/getVerifiedCredentialForWalletAccount-BiOS65Tk.esm.js.map +1 -0
  57. package/dist/getVerifiedCredentialForWalletAccount-FrxYWSuD.cjs +347 -0
  58. package/dist/getVerifiedCredentialForWalletAccount-FrxYWSuD.cjs.map +1 -0
  59. package/dist/index.cjs +67 -67
  60. package/dist/index.cjs.map +1 -1
  61. package/dist/index.esm.js +5 -5
  62. package/dist/index.esm.js.map +1 -1
  63. package/dist/index.native.esm.js +5 -5
  64. package/dist/index.native.esm.js.map +1 -1
  65. package/dist/isMfaRequiredForAction-BPL_dgIM.esm.js +318 -0
  66. package/dist/isMfaRequiredForAction-BPL_dgIM.esm.js.map +1 -0
  67. package/dist/isMfaRequiredForAction-BolTrtCO.cjs +405 -0
  68. package/dist/isMfaRequiredForAction-BolTrtCO.cjs.map +1 -0
  69. package/dist/{isMfaRequiredForAction-D8G5PBAd.native.esm.js → isMfaRequiredForAction-DQDoPsi6.native.esm.js} +2 -2
  70. package/dist/{isMfaRequiredForAction-D8G5PBAd.native.esm.js.map → isMfaRequiredForAction-DQDoPsi6.native.esm.js.map} +1 -1
  71. package/dist/modules/waas/createWaasClient/createWaasClient.d.ts.map +1 -1
  72. package/dist/modules/waas/createWaasClient/translateNativeOpenError.d.ts.map +1 -1
  73. package/dist/modules/wallets/walletProvider/events/onWalletProviderEvent/onWalletProviderEvent.d.ts +1 -2
  74. package/dist/modules/wallets/walletProvider/events/onWalletProviderEvent/onWalletProviderEvent.d.ts.map +1 -1
  75. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  76. package/dist/waas.cjs +9 -9
  77. package/dist/waas.cjs.map +1 -1
  78. package/dist/waas.esm.js +3 -3
  79. package/dist/waas.native.esm.js +3 -3
  80. package/dist/waasCore.cjs +8 -5
  81. package/dist/waasCore.cjs.map +1 -1
  82. package/dist/waasCore.esm.js +8 -4
  83. package/dist/waasCore.esm.js.map +1 -1
  84. package/dist/waasCore.native.esm.js +8 -7
  85. package/dist/waasCore.native.esm.js.map +1 -1
  86. package/dynamic-labs-sdk-client.podspec +27 -0
  87. package/ios/DynamicClientKeychain.h +4 -0
  88. package/ios/DynamicClientKeychain.mm +101 -0
  89. package/ios/DynamicClientManifest.h +4 -0
  90. package/ios/DynamicClientManifest.mm +45 -0
  91. package/ios/DynamicClientWebView.h +5 -0
  92. package/ios/DynamicClientWebView.mm +143 -0
  93. package/ios/DynamicWebViewImpl.swift +603 -0
  94. package/ios/LiveSecKeyAPI.swift +86 -0
  95. package/ios/ReactNativeManifestImpl.swift +20 -0
  96. package/ios/SecKeyAPI.swift +57 -0
  97. package/ios/SecureEnclaveKeyManager.swift +191 -0
  98. package/package.json +14 -5
  99. package/react-native.config.cjs +14 -0
  100. package/src/turboModules/NativeDynamicWebView.native.spec.ts +61 -0
  101. package/src/turboModules/NativeDynamicWebView.ts +40 -0
  102. package/src/turboModules/NativeKeychain.native.spec.ts +47 -0
  103. package/src/turboModules/NativeKeychain.ts +19 -0
  104. package/src/turboModules/NativeReactNativeManifest.native.spec.ts +55 -0
  105. package/src/turboModules/NativeReactNativeManifest.ts +28 -0
  106. package/dist/InvalidParamError-CTssOe86.cjs.map +0 -1
  107. package/dist/InvalidParamError-fQLJaGBW.esm.js.map +0 -1
  108. package/dist/getNetworkProviderFromNetworkId-BCSmILlH.native.esm.js.map +0 -1
  109. package/dist/getNetworkProviderFromNetworkId-BWhaD23J.esm.js.map +0 -1
  110. package/dist/getNetworkProviderFromNetworkId-C1p9Rrg3.cjs.map +0 -1
  111. package/dist/getVerifiedCredentialForWalletAccount-Cahp763h.esm.js.map +0 -1
  112. package/dist/getVerifiedCredentialForWalletAccount-Di8dM5Wx.cjs +0 -887
  113. package/dist/getVerifiedCredentialForWalletAccount-Di8dM5Wx.cjs.map +0 -1
  114. package/dist/getVerifiedCredentialForWalletAccount-DuNbORNW.native.esm.js +0 -701
  115. package/dist/isMfaRequiredForAction-BjRvPrU6.esm.js +0 -79
  116. package/dist/isMfaRequiredForAction-BjRvPrU6.esm.js.map +0 -1
  117. package/dist/isMfaRequiredForAction-hlhj0qAC.cjs +0 -96
  118. package/dist/isMfaRequiredForAction-hlhj0qAC.cjs.map +0 -1
@@ -1 +1 @@
1
- {"version":3,"file":"waasCore.esm.js","names":["createWaasClient: CreateWaasClient","_waasClient: DynamicWalletClient | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","getElevatedAccessToken","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @not-instrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n });\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @not-instrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @not-instrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n if (!_waasClient) {\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;AAaA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAI,oBAAoB;EAC7B,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EACA,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,CAAC;;;;;;ACnCJ,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACazD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;AAC/D,MAAI,CAAC,aAAa;AAChB,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iCAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBN,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMO,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBT,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMU,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBV,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMW,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;ACjaH,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
1
+ {"version":3,"file":"waasCore.esm.js","names":["createWaasClient: CreateWaasClient","logoutWithReason","_waasClient: DynamicWalletClient | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","getElevatedAccessToken","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/modules/waas/createWaasClient/createWaasClient.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { logoutWithReason } from '../../auth/logoutWithReason';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\n\n/** @not-instrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n const baseClientKeysharesRelayApiUrl =\n client.projectSettings?.sdk.waas?.customKeyshareRelayBaseUrl;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n ...(baseClientKeysharesRelayApiUrl == undefined\n ? {}\n : { baseClientKeysharesRelayApiUrl }),\n },\n {\n // When the WaaS iframe's own backend call returns 401 (e.g. a forcibly\n // revoked token), the iframe notifies the host via the reverse channel\n // and this fires — log the user out. Mirrors the session-expiry\n // middleware that covers the SDK's own direct API 401s.\n onUnauthorized: () => {\n void logoutWithReason(\n { reason: 'session-refresh-unauthorized' },\n client\n ).catch((error) => {\n core.logger.error(\n 'Failed to log out after WaaS unauthorized response',\n error\n );\n });\n },\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @not-instrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @not-instrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n if (!_waasClient) {\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;AAcA,MAAaA,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAE5C,MAAM,iCACJ,OAAO,iBAAiB,IAAI,MAAM;AAEpC,QAAO,IAAI,oBACT;EACE,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EACA,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EAChC,GAAI,kCAAkC,SAClC,EAAE,GACF,EAAE,gCAAgC;EACvC,EACD,EAKE,sBAAsB;AACpB,EAAKC,2BACH,EAAE,QAAQ,gCAAgC,EAC1C,OACD,CAAC,OAAO,UAAU;AACjB,QAAK,OAAO,MACV,sDACA,MACD;IACD;IAEL,CACF;;;;;;ACvDH,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACazD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;AAC/D,MAAI,CAAC,aAAa;AAChB,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iCAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBN,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMO,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBT,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMU,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBV,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMW,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;ACjaH,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
@@ -1,6 +1,6 @@
1
- import { B as getCore, C as isCookieEnabled, E as __getElevatedAccessToken_wrapped, H as version, N as CLIENT_SDK_NAME, V as name, c as CHAINS_INFO_MAP, i as DYNAMIC_WAAS_METADATA, n as DEFAULT_WAAS_BASE_API_URL, r as DEFAULT_WAAS_BASE_MPC_RELAY_API_URL, s as getChainFromVerifiedCredentialChain, t as InvalidParamError, z as BaseError } from "./InvalidParamError-Crwntjl7.native.esm.js";
2
- import { i as NativeModuleNotLinkedError } from "./isMfaRequiredForAction-D8G5PBAd.native.esm.js";
3
- import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-DPOXdh6y.native.esm.js";
1
+ import { B as getCore, C as isCookieEnabled, E as __getElevatedAccessToken_wrapped, H as version, N as CLIENT_SDK_NAME, V as name, c as CHAINS_INFO_MAP, i as DYNAMIC_WAAS_METADATA, n as DEFAULT_WAAS_BASE_API_URL, r as DEFAULT_WAAS_BASE_MPC_RELAY_API_URL, s as getChainFromVerifiedCredentialChain, t as InvalidParamError, z as BaseError } from "./InvalidParamError-Bc6OZBog.native.esm.js";
2
+ import { i as NativeModuleNotLinkedError } from "./isMfaRequiredForAction-DQDoPsi6.native.esm.js";
3
+ import { n as consumeMfaTokenIfRequiredForAction, t as getSignedSessionId } from "./getSignedSessionId-RwV7JPn8.native.esm.js";
4
4
  import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
5
5
  import { MFAAction, TokenScope, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
6
6
  import { ACCESSIBLE, getGenericPassword, resetGenericPassword, setGenericPassword } from "react-native-keychain";
@@ -33,7 +33,7 @@ var CorruptedKeyShareError = class extends BaseError {
33
33
 
34
34
  //#endregion
35
35
  //#region src/turboModules/NativeDynamicWebView.ts
36
- var NativeDynamicWebView_default = TurboModuleRegistry.get("DynamicWebView");
36
+ var NativeDynamicWebView_default = TurboModuleRegistry.get("DynamicClientWebView");
37
37
 
38
38
  //#endregion
39
39
  //#region src/errors/WebViewLoadFailedError.ts
@@ -71,7 +71,8 @@ const REASON_BY_NATIVE_CODE = {
71
71
  webview_instance_busy: "instance_busy",
72
72
  webview_invalid_url: "invalid_url",
73
73
  webview_navigation_failed: "navigation_failed",
74
- webview_no_host_view: "no_host_view"
74
+ webview_no_host_view: "no_host_view",
75
+ webview_unsupported: "unsupported"
75
76
  };
76
77
  /**
77
78
  * Translates a native `DynamicWebView.open()` rejection into a typed
@@ -103,13 +104,13 @@ const translateNativeOpenError = (err) => {
103
104
 
104
105
  //#endregion
105
106
  //#region src/modules/waas/createWaasClient/createWaasSDKContainer.native.ts
106
- const NATIVE_MODULE_NAME = "DynamicWebView";
107
+ const NATIVE_MODULE_NAME = "DynamicClientWebView";
107
108
  const MESSAGE_EVENT_NAME = "dynamicBridgeMessage";
108
109
  const generateInstanceId = () => `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 10)}`;
109
110
  /**
110
111
  * Creates a React Native `WaasSDKContainer` backed by a native WebView
111
112
  * (WKWebView on iOS, `android.webkit.WebView` on Android) hosted by the
112
- * `DynamicWebView` TurboModule. Each invocation returns an isolated
113
+ * `DynamicClientWebView` TurboModule. Each invocation returns an isolated
113
114
  * container with its own instance ID, native WebView, and message routing.
114
115
  *
115
116
  * @not-instrumented
@@ -1 +1 @@
1
- {"version":3,"file":"waasCore.native.esm.js","names":["REASON_BY_NATIVE_CODE: Record<string, WebViewLoadFailureReason>","reason: WebViewLoadFailureReason","NativeDynamicWebView","messageHandlers: Array<(data: unknown) => void>","errorHandlers: Array<(error: unknown) => void>","subscription: { remove: () => void } | null","createWaasClient: CreateWaasClient","_waasClient: DynamicWalletClient | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","getElevatedAccessToken","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/errors/CorruptedKeyShareError.ts","../src/turboModules/NativeDynamicWebView.ts","../src/errors/WebViewLoadFailedError.ts","../src/modules/waas/createWaasClient/translateNativeOpenError.ts","../src/modules/waas/createWaasClient/createWaasSDKContainer.native.ts","../src/modules/waas/createWaasClient/createWaasClient.native.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype CorruptedKeyShareErrorParams = {\n cause?: Error | null;\n};\n\n/**\n * Thrown when a persisted client key share cannot be parsed back into its\n * structured form (e.g. a partially-written or corrupted keychain entry).\n *\n * Surfaced as a typed error rather than swallowed so callers can distinguish\n * \"no key share stored\" (empty result) from \"key share exists but is\n * unreadable\" — the latter must never be silently treated as the former,\n * which could trigger an unintended re-keygen that overwrites recoverable\n * material.\n */\nexport class CorruptedKeyShareError extends BaseError {\n constructor({ cause = null }: CorruptedKeyShareErrorParams = {}) {\n super({\n cause,\n code: 'corrupted_key_share_error',\n details:\n 'The stored client key share could not be parsed. The secure storage entry may be partially written or corrupted.',\n docsUrl: null,\n name: 'CorruptedKeyShareError',\n shortMessage: 'Stored client key share is corrupted and cannot be read.',\n });\n }\n}\n","// This file is a TurboModule spec consumed by React Native codegen.\n// The `interface`, `default export`, and the `react-native` import are hard\n// requirements of the codegen parser and intentionally deviate from the\n// project's conventions. Codegen discovers specs by the `Native*` filename\n// prefix, so this file cannot be renamed to `.native.ts`.\n\nimport { type TurboModule, TurboModuleRegistry } from 'react-native';\nimport type { UnsafeObject } from 'react-native/Libraries/Types/CodegenTypes';\n\nexport interface Spec extends TurboModule {\n addListener(eventName: string): void;\n close(instanceId: string): void;\n /**\n * Creates a WKWebView for the given instanceId and begins loading `url`.\n *\n * Resolves on `didCommit` — i.e. the first byte of a 2xx/3xx HTTP\n * response has been received and content parsing has started. Page-ready\n * (e.g. the hosted iframe's `iframe-ready-*` handshake) is a separate\n * concern and must be observed by the caller via the message bus; this\n * Promise does not wait for it.\n *\n * Rejects with a `code` of `webview_<reason>` where `<reason>` is one of:\n * - `invalid_url` — URL string was not parseable\n * - `no_host_view` — no foreground window to attach the WebView\n * - `http_error` — response status was >= 400 (userInfo contains `DynamicWebViewStatusCode`)\n * - `navigation_failed` — DNS, TLS, connection failure, or post-commit abort\n * - `cancelled` — `close(instanceId)` was called while this open was pending\n * - `instance_busy` — `open` was called for an instanceId that already has an active WebView\n * - `content_process_terminated` — the WKWebView WebContent process died during load\n *\n * rejection codes into typed `WebViewLoadFailedError` instances.\n */\n open(instanceId: string, url: string): Promise<void>;\n removeListeners(count: number): void;\n sendMessage(instanceId: string, data: UnsafeObject): void;\n}\n\n// eslint-disable-next-line import/no-default-export\nexport default TurboModuleRegistry.get<Spec>('DynamicWebView');\n","import { BaseError } from './base/BaseError';\n\n/**\n * Discriminator for `WebViewLoadFailedError`. Identifies the specific\n * failure mode so callers can branch on it (e.g. retry on transient\n * navigation failures, abort on invalid URL, treat HTTP errors distinct\n * from network errors).\n */\nexport type WebViewLoadFailureReason =\n | 'invalid_url'\n | 'no_host_view'\n | 'http_error'\n | 'navigation_failed'\n | 'cancelled'\n | 'instance_busy'\n | 'content_process_terminated';\n\ntype WebViewLoadFailedErrorParams = {\n cause?: Error | null;\n reason: WebViewLoadFailureReason;\n shortMessage: string;\n /** HTTP response status code. Populated only when `reason === 'http_error'`. */\n statusCode?: number;\n /** Underlying OS-level error description (e.g. `NSURLErrorDomain`\n * localizedDescription). Populated for `reason === 'navigation_failed'`. */\n underlyingError?: string;\n};\n\n/**\n * Thrown when `DynamicWebView.open()` (via the WaaS transport provider)\n * fails to establish a usable load. Inspect `reason` to distinguish the\n * failure mode; `statusCode` and `underlyingError` provide structured\n * metadata for the cases that have it.\n */\nexport class WebViewLoadFailedError extends BaseError {\n readonly reason: WebViewLoadFailureReason;\n readonly statusCode: number | undefined;\n readonly underlyingError: string | undefined;\n\n constructor({\n reason,\n shortMessage,\n cause = null,\n statusCode,\n underlyingError,\n }: WebViewLoadFailedErrorParams) {\n super({\n cause,\n code: 'webview_load_failed_error',\n details: underlyingError,\n docsUrl: null,\n name: 'WebViewLoadFailedError',\n shortMessage,\n });\n this.reason = reason;\n this.statusCode = statusCode;\n this.underlyingError = underlyingError;\n }\n}\n","import {\n WebViewLoadFailedError,\n type WebViewLoadFailureReason,\n} from '../../../errors/WebViewLoadFailedError';\n\n// Maps the native-side RCT reject codes (emitted by DynamicWebView.mm) to the\n// JS-level discriminator on `WebViewLoadFailedError`. Keys must stay in sync\n// with the `Reason.*` strings in DynamicWebViewImpl.swift.\nconst REASON_BY_NATIVE_CODE: Record<string, WebViewLoadFailureReason> = {\n webview_cancelled: 'cancelled',\n webview_content_process_terminated: 'content_process_terminated',\n webview_http_error: 'http_error',\n webview_instance_busy: 'instance_busy',\n webview_invalid_url: 'invalid_url',\n webview_navigation_failed: 'navigation_failed',\n webview_no_host_view: 'no_host_view',\n};\n\n// React Native serializes the native NSError's userInfo onto the JS Error as\n// `userInfo`. These keys must stay in sync with the `errorStatusCodeKey` /\n// `errorUnderlyingDescriptionKey` constants in DynamicWebViewImpl.swift.\ntype NativeRejection = {\n code?: string;\n message?: string;\n userInfo?: {\n DynamicWebViewStatusCode?: number;\n DynamicWebViewUnderlying?: string;\n };\n};\n\n/**\n * Translates a native `DynamicWebView.open()` rejection into a typed\n * `WebViewLoadFailedError`. Maps the native RCT reject code to the JS-level\n * `WebViewLoadFailureReason` discriminator (falling back to\n * `navigation_failed` for unrecognized codes) and carries through the\n * structured `statusCode` / `underlyingError` metadata.\n *\n * The `reason` it produces is the contract `createWaasSDKContainer` branches\n * on — notably `emitError` swallows `cancelled` because that code is only ever\n * produced by our own `close()` teardown (verified on both the iOS and Android\n * native sides). Keep `REASON_BY_NATIVE_CODE` in sync with the native reject\n * codes so that branching stays correct.\n *\n * @not-instrumented\n */\nexport const translateNativeOpenError = (\n err: unknown\n): WebViewLoadFailedError => {\n const rejection = (err ?? {}) as NativeRejection;\n\n // Must check the KEYS of REASON_BY_NATIVE_CODE (the `webview_*` native\n // codes), not its values (the JS-level reasons) — this is called with the\n // native code, so checking values made every code fall through to\n // `navigation_failed` and silently broke the `cancelled` swallow.\n const isNativeRejectionCode = (\n code: string | undefined\n ): code is keyof typeof REASON_BY_NATIVE_CODE =>\n code != undefined && code in REASON_BY_NATIVE_CODE;\n\n const reason: WebViewLoadFailureReason = isNativeRejectionCode(rejection.code)\n ? REASON_BY_NATIVE_CODE[rejection.code]\n : 'navigation_failed';\n return new WebViewLoadFailedError({\n cause: err instanceof Error ? err : null,\n reason,\n shortMessage:\n rejection.message ?? `DynamicWebView open failed (${reason}).`,\n statusCode: rejection.userInfo?.DynamicWebViewStatusCode,\n underlyingError: rejection.userInfo?.DynamicWebViewUnderlying,\n });\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nimport { NativeEventEmitter } from 'react-native';\n\nimport { NativeModuleNotLinkedError } from '../../../errors/NativeModuleNotLinkedError';\nimport NativeDynamicWebView from '../../../turboModules/NativeDynamicWebView';\nimport { translateNativeOpenError } from './translateNativeOpenError';\n\nconst NATIVE_MODULE_NAME = 'DynamicWebView';\nconst MESSAGE_EVENT_NAME = 'dynamicBridgeMessage';\n\ntype BridgeEventPayload = {\n data: unknown;\n instanceId: string;\n};\n\nconst generateInstanceId = (): string =>\n `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 10)}`;\n\n/**\n * Creates a React Native `WaasSDKContainer` backed by a native WebView\n * (WKWebView on iOS, `android.webkit.WebView` on Android) hosted by the\n * `DynamicWebView` TurboModule. Each invocation returns an isolated\n * container with its own instance ID, native WebView, and message routing.\n *\n * @not-instrumented\n */\nexport const createWaasSDKContainer = (): WaasSDKContainer => {\n if (!NativeDynamicWebView) {\n throw new NativeModuleNotLinkedError({ moduleName: NATIVE_MODULE_NAME });\n }\n\n const nativeModule = NativeDynamicWebView;\n const instanceId = generateInstanceId();\n // Construct the emitter against the TurboModule itself — on New Arch,\n // `NativeModules[name]` can be a different compatibility-shim object,\n // and binding `addListener`/`removeListeners` on the wrong instance\n // leaves `startObserving` in the native emitter never firing.\n const emitter = new NativeEventEmitter(\n nativeModule as unknown as ConstructorParameters<typeof NativeEventEmitter>[0]\n );\n\n // IframeManager on the WaaS SDK calls `container.onMessage(handler)` twice\n // on the same container — once to wait for the `iframe-ready-*` handshake,\n // and once later from `setupWaasSDKContainerBridge` to forward transport\n // messages. Both handlers need to receive every message, so the container\n // fans out to all registered handlers instead of enforcing single-register.\n const messageHandlers: Array<(data: unknown) => void> = [];\n const errorHandlers: Array<(error: unknown) => void> = [];\n let subscription: { remove: () => void } | null = null;\n let destroyed = false;\n\n const emitError = (err: unknown): void => {\n if (destroyed) return;\n const translated = translateNativeOpenError(err);\n // `cancelled` is only ever produced by our own `close()` teardown path on\n // the native side. Surfacing it via onError would make consumers like\n // IframeManager interpret their own destroy as a load failure and retry\n // against a provider that no longer exists.\n if (translated.reason === 'cancelled') return;\n for (const handler of errorHandlers) {\n handler(translated);\n }\n };\n\n return {\n destroy() {\n if (destroyed) return;\n destroyed = true;\n\n subscription?.remove();\n subscription = null;\n messageHandlers.length = 0;\n errorHandlers.length = 0;\n nativeModule.close(instanceId);\n },\n\n isAlive: () => !destroyed,\n\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n onError(handler: (error: unknown) => void) {\n errorHandlers.push(handler);\n return () => {\n const index = errorHandlers.indexOf(handler);\n if (index !== -1) errorHandlers.splice(index, 1);\n };\n },\n\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n onMessage(handler: (data: unknown) => void) {\n messageHandlers.push(handler);\n\n subscription ??= emitter.addListener(\n MESSAGE_EVENT_NAME,\n (payload: BridgeEventPayload) => {\n if (payload.instanceId !== instanceId) return;\n\n for (const fn of messageHandlers) {\n fn(payload.data);\n }\n }\n );\n\n // WaaS client expects onMessage to return an unsubscribe function —\n // used e.g. to tear down the one-shot handshake handler.\n return () => {\n const index = messageHandlers.indexOf(handler);\n if (index !== -1) messageHandlers.splice(index, 1);\n if (messageHandlers.length === 0) {\n subscription?.remove();\n subscription = null;\n }\n };\n },\n\n sendMessage(data: Record<string, unknown>) {\n nativeModule.sendMessage(instanceId, data);\n },\n /**\n * Hands the URL off to the native WebView and resolves immediately.\n *\n * Per the `WaasSDKContainer` contract (see `@dynamic-labs-wallet/core`\n * types), `setUrl` resolves once the URL has been handed off to the\n * container — NOT when the page has finished loading. Load completion is\n * signalled later via the `iframe-ready-*` message on `onMessage`, and\n * navigation failures surface via `onError`. This dispatch-and-forget\n * shape is load-bearing: the WaaS handshake sequencing expects `setUrl` to\n * resolve before the first message arrives, so `nativeModule.open` is\n * intentionally NOT awaited/returned — its rejection (HTTP errors,\n * navigation failures, preflight errors, etc.) is routed through\n * `emitError` instead. Do not change this to `return nativeModule.open(...)`.\n */\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n async setUrl(url: string) {\n nativeModule.open(instanceId, url).catch(emitError);\n },\n };\n};\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\nimport type { SecureStorageAdapter } from '@dynamic-labs-wallet/core';\nimport {\n ACCESSIBLE,\n getGenericPassword,\n resetGenericPassword,\n setGenericPassword,\n} from 'react-native-keychain';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CorruptedKeyShareError } from '../../../errors/CorruptedKeyShareError';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport { createWaasSDKContainer } from './createWaasSDKContainer.native';\n\n/**\n * Keychain security options for the client key share. The share is wallet\n * key material that cannot be re-derived locally, so the options are pinned\n * explicitly rather than inherited from `react-native-keychain` defaults\n * (which vary across versions and platforms).\n *\n * `WHEN_UNLOCKED_THIS_DEVICE_ONLY` keeps the share readable only while the\n * device is unlocked, excludes it from iCloud Keychain sync, and prevents it\n * migrating to a new device on encrypted-backup restore. It deliberately does\n * NOT set `accessControl` (e.g. biometry) — reads must not surface a Face ID /\n * passcode prompt, since the share is read on routine wallet operations.\n */\nconst KEY_SHARE_KEYCHAIN_OPTIONS = {\n accessible: ACCESSIBLE.WHEN_UNLOCKED_THIS_DEVICE_ONLY,\n} as const;\n\n/** @not-instrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n // Namespace the keychain service by environment so two environmentIds on the\n // same device (or two dApps that observe the same account) can't collide and\n // mix key shares. The account address alone is not unique across environments.\n const getKeyShareService = (accountAddress: string): string =>\n `${core.environmentId}:${accountAddress}`;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n },\n {\n createWaasSDKContainer,\n // Typed as the upstream SecureStorageAdapter so the key-share method\n // signatures (and the `shares` payload type) stay compiler-enforced\n // against the WaaS SDK contract rather than re-declared locally.\n secureStorage: {\n getClientKeyShare: async (accountAddress) => {\n const result = await getGenericPassword({\n service: getKeyShareService(accountAddress),\n });\n\n if (!result) {\n return [];\n }\n\n // A corrupted or partially-written keychain entry makes JSON.parse\n // throw mid key-share load. Surface a typed error instead of an\n // unhandled rejection so callers can distinguish \"no share stored\"\n // (empty result above) from \"share exists but is unreadable\".\n try {\n return JSON.parse(result.password);\n } catch (cause) {\n throw new CorruptedKeyShareError({\n cause: cause instanceof Error ? cause : null,\n });\n }\n },\n\n removeClientKeyShare: async (accountAddress) => {\n await resetGenericPassword({\n service: getKeyShareService(accountAddress),\n });\n },\n\n setClientKeyShare: async (accountAddress, shares) => {\n await setGenericPassword(accountAddress, JSON.stringify(shares), {\n ...KEY_SHARE_KEYCHAIN_OPTIONS,\n service: getKeyShareService(accountAddress),\n });\n },\n } satisfies SecureStorageAdapter,\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @not-instrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @not-instrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n if (!_waasClient) {\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAgBA,IAAa,yBAAb,cAA4C,UAAU;CACpD,YAAY,EAAE,QAAQ,SAAuC,EAAE,EAAE;AAC/D,QAAM;GACJ;GACA,MAAM;GACN,SACE;GACF,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;ACYN,mCAAe,oBAAoB,IAAU,iBAAiB;;;;;;;;;;ACJ9D,IAAa,yBAAb,cAA4C,UAAU;CACpD,AAAS;CACT,AAAS;CACT,AAAS;CAET,YAAY,EACV,QACA,cACA,QAAQ,MACR,YACA,mBAC+B;AAC/B,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,SAAS;GACT,MAAM;GACN;GACD,CAAC;AACF,OAAK,SAAS;AACd,OAAK,aAAa;AAClB,OAAK,kBAAkB;;;;;;AChD3B,MAAMA,wBAAkE;CACtE,mBAAmB;CACnB,oCAAoC;CACpC,oBAAoB;CACpB,uBAAuB;CACvB,qBAAqB;CACrB,2BAA2B;CAC3B,sBAAsB;CACvB;;;;;;;;;;;;;;;;AA6BD,MAAa,4BACX,QAC2B;CAC3B,MAAM,YAAa,OAAO,EAAE;CAM5B,MAAM,yBACJ,SAEA,QAAQ,UAAa,QAAQ;CAE/B,MAAMC,SAAmC,sBAAsB,UAAU,KAAK,GAC1E,sBAAsB,UAAU,QAChC;AACJ,QAAO,IAAI,uBAAuB;EAChC,OAAO,eAAe,QAAQ,MAAM;EACpC;EACA,cACE,UAAU,WAAW,+BAA+B,OAAO;EAC7D,YAAY,UAAU,UAAU;EAChC,iBAAiB,UAAU,UAAU;EACtC,CAAC;;;;;AC9DJ,MAAM,qBAAqB;AAC3B,MAAM,qBAAqB;AAO3B,MAAM,2BACJ,GAAG,KAAK,KAAK,CAAC,SAAS,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,SAAS,GAAG,CAAC,MAAM,GAAG,GAAG;;;;;;;;;AAUvE,MAAa,+BAAiD;AAC5D,KAAI,CAACC,6BACH,OAAM,IAAI,2BAA2B,EAAE,YAAY,oBAAoB,CAAC;CAG1E,MAAM,eAAeA;CACrB,MAAM,aAAa,oBAAoB;CAKvC,MAAM,UAAU,IAAI,mBAClB,aACD;CAOD,MAAMC,kBAAkD,EAAE;CAC1D,MAAMC,gBAAiD,EAAE;CACzD,IAAIC,eAA8C;CAClD,IAAI,YAAY;CAEhB,MAAM,aAAa,QAAuB;AACxC,MAAI,UAAW;EACf,MAAM,aAAa,yBAAyB,IAAI;AAKhD,MAAI,WAAW,WAAW,YAAa;AACvC,OAAK,MAAM,WAAW,cACpB,SAAQ,WAAW;;AAIvB,QAAO;EACL,UAAU;AACR,OAAI,UAAW;AACf,eAAY;AAEZ,iBAAc,QAAQ;AACtB,kBAAe;AACf,mBAAgB,SAAS;AACzB,iBAAc,SAAS;AACvB,gBAAa,MAAM,WAAW;;EAGhC,eAAe,CAAC;EAIhB,QAAQ,SAAmC;AACzC,iBAAc,KAAK,QAAQ;AAC3B,gBAAa;IACX,MAAM,QAAQ,cAAc,QAAQ,QAAQ;AAC5C,QAAI,UAAU,GAAI,eAAc,OAAO,OAAO,EAAE;;;EAMpD,UAAU,SAAkC;AAC1C,mBAAgB,KAAK,QAAQ;AAE7B,oBAAiB,QAAQ,YACvB,qBACC,YAAgC;AAC/B,QAAI,QAAQ,eAAe,WAAY;AAEvC,SAAK,MAAM,MAAM,gBACf,IAAG,QAAQ,KAAK;KAGrB;AAID,gBAAa;IACX,MAAM,QAAQ,gBAAgB,QAAQ,QAAQ;AAC9C,QAAI,UAAU,GAAI,iBAAgB,OAAO,OAAO,EAAE;AAClD,QAAI,gBAAgB,WAAW,GAAG;AAChC,mBAAc,QAAQ;AACtB,oBAAe;;;;EAKrB,YAAY,MAA+B;AACzC,gBAAa,YAAY,YAAY,KAAK;;EAkB5C,MAAM,OAAO,KAAa;AACxB,gBAAa,KAAK,YAAY,IAAI,CAAC,MAAM,UAAU;;EAEtD;;;;;;;;;;;;;;;;;ACzGH,MAAM,6BAA6B,EACjC,YAAY,WAAW,gCACxB;;AAGD,MAAaC,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAK5C,MAAM,sBAAsB,mBAC1B,GAAG,KAAK,cAAc,GAAG;AAE3B,QAAO,IAAI,oBACT;EACE,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EACA,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EACjC,EACD;EACE;EAIA,eAAe;GACb,mBAAmB,OAAO,mBAAmB;IAC3C,MAAM,SAAS,MAAM,mBAAmB,EACtC,SAAS,mBAAmB,eAAe,EAC5C,CAAC;AAEF,QAAI,CAAC,OACH,QAAO,EAAE;AAOX,QAAI;AACF,YAAO,KAAK,MAAM,OAAO,SAAS;aAC3B,OAAO;AACd,WAAM,IAAI,uBAAuB,EAC/B,OAAO,iBAAiB,QAAQ,QAAQ,MACzC,CAAC;;;GAIN,sBAAsB,OAAO,mBAAmB;AAC9C,UAAM,qBAAqB,EACzB,SAAS,mBAAmB,eAAe,EAC5C,CAAC;;GAGJ,mBAAmB,OAAO,gBAAgB,WAAW;AACnD,UAAM,mBAAmB,gBAAgB,KAAK,UAAU,OAAO,EAAE;KAC/D,GAAG;KACH,SAAS,mBAAmB,eAAe;KAC5C,CAAC;;GAEL;EACF,CACF;;;;;;ACxGH,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACazD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;AAC/D,MAAI,CAAC,aAAa;AAChB,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iCAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBN,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMO,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBT,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMU,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBV,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMW,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;ACjaH,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
1
+ {"version":3,"file":"waasCore.native.esm.js","names":["REASON_BY_NATIVE_CODE: Record<string, WebViewLoadFailureReason>","reason: WebViewLoadFailureReason","NativeDynamicWebView","messageHandlers: Array<(data: unknown) => void>","errorHandlers: Array<(error: unknown) => void>","subscription: { remove: () => void } | null","createWaasClient: CreateWaasClient","_waasClient: DynamicWalletClient | undefined","getWaasClient: WaasProvider['getWaasClient']","backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive']","createWalletAccount: WaasProvider['createWalletAccount']","delegateKeyShares: WaasProvider['delegateKeyShares']","exportClientKeyshares: WaasProvider['exportClientKeyshares']","exportPrivateKey: WaasProvider['exportPrivateKey']","getElevatedAccessToken","restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount']","importPrivateKey: WaasProvider['importPrivateKey']","refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares']","revokeDelegation: WaasProvider['revokeDelegation']","setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword']","signRawMessage: WaasProvider['signRawMessage']","destroy: WaasProvider['destroy']","updatePassword: WaasProvider['updatePassword']","signMessage: WaasProvider['signMessage']","signSerializedTransaction: WaasProvider['signSerializedTransaction']","getWalletRecoveryState: WaasProvider['getWalletRecoveryState']","unlockWallet: WaasProvider['unlockWallet']","packageName","packageVersion"],"sources":["../src/errors/CorruptedKeyShareError.ts","../src/turboModules/NativeDynamicWebView.ts","../src/errors/WebViewLoadFailedError.ts","../src/modules/waas/createWaasClient/translateNativeOpenError.ts","../src/modules/waas/createWaasClient/createWaasSDKContainer.native.ts","../src/modules/waas/createWaasClient/createWaasClient.native.ts","../src/modules/waas/getWaasChainNameFromChain/getWaasChainNameFromChain.ts","../src/modules/waas/createWaasProvider/createWaasProvider.ts","../src/modules/waas/getAllUserWaasAddressesForChain/getAllUserWaasAddressesForChain.ts","../src/exports/waasCore.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype CorruptedKeyShareErrorParams = {\n cause?: Error | null;\n};\n\n/**\n * Thrown when a persisted client key share cannot be parsed back into its\n * structured form (e.g. a partially-written or corrupted keychain entry).\n *\n * Surfaced as a typed error rather than swallowed so callers can distinguish\n * \"no key share stored\" (empty result) from \"key share exists but is\n * unreadable\" — the latter must never be silently treated as the former,\n * which could trigger an unintended re-keygen that overwrites recoverable\n * material.\n */\nexport class CorruptedKeyShareError extends BaseError {\n constructor({ cause = null }: CorruptedKeyShareErrorParams = {}) {\n super({\n cause,\n code: 'corrupted_key_share_error',\n details:\n 'The stored client key share could not be parsed. The secure storage entry may be partially written or corrupted.',\n docsUrl: null,\n name: 'CorruptedKeyShareError',\n shortMessage: 'Stored client key share is corrupted and cannot be read.',\n });\n }\n}\n","// This file is a TurboModule spec consumed by React Native codegen.\n// The `interface`, `default export`, and the `react-native` import are hard\n// requirements of the codegen parser and intentionally deviate from the\n// project's conventions. Codegen discovers specs by the `Native*` filename\n// prefix, so this file cannot be renamed to `.native.ts`.\n\nimport { type TurboModule, TurboModuleRegistry } from 'react-native';\nimport type { UnsafeObject } from 'react-native/Libraries/Types/CodegenTypes';\n\nexport interface Spec extends TurboModule {\n addListener(eventName: string): void;\n close(instanceId: string): void;\n /**\n * Creates a WKWebView for the given instanceId and begins loading `url`.\n *\n * Resolves on `didCommit` — i.e. the first byte of a 2xx/3xx HTTP\n * response has been received and content parsing has started. Page-ready\n * (e.g. the hosted iframe's `iframe-ready-*` handshake) is a separate\n * concern and must be observed by the caller via the message bus; this\n * Promise does not wait for it.\n *\n * Rejects with a `code` of `webview_<reason>` where `<reason>` is one of:\n * - `invalid_url` — URL string was not parseable\n * - `no_host_view` — no foreground window to attach the WebView\n * - `http_error` — response status was >= 400 (userInfo contains `DynamicWebViewStatusCode`)\n * - `navigation_failed` — DNS, TLS, connection failure, or post-commit abort\n * - `cancelled` — `close(instanceId)` was called while this open was pending\n * - `instance_busy` — `open` was called for an instanceId that already has an active WebView\n * - `content_process_terminated` — the WKWebView WebContent process died during load\n * - `unsupported` — the device's Android System WebView is too old to support the secure bridge (Android only)\n *\n * rejection codes into typed `WebViewLoadFailedError` instances.\n */\n open(instanceId: string, url: string): Promise<void>;\n removeListeners(count: number): void;\n sendMessage(instanceId: string, data: UnsafeObject): void;\n}\n\n// eslint-disable-next-line import/no-default-export\nexport default TurboModuleRegistry.get<Spec>('DynamicClientWebView');\n","import { BaseError } from './base/BaseError';\n\n/**\n * Discriminator for `WebViewLoadFailedError`. Identifies the specific\n * failure mode so callers can branch on it (e.g. retry on transient\n * navigation failures, abort on invalid URL, treat HTTP errors distinct\n * from network errors).\n */\nexport type WebViewLoadFailureReason =\n | 'invalid_url'\n | 'no_host_view'\n | 'http_error'\n | 'navigation_failed'\n | 'cancelled'\n | 'instance_busy'\n | 'content_process_terminated'\n | 'unsupported';\n\ntype WebViewLoadFailedErrorParams = {\n cause?: Error | null;\n reason: WebViewLoadFailureReason;\n shortMessage: string;\n /** HTTP response status code. Populated only when `reason === 'http_error'`. */\n statusCode?: number;\n /** Underlying OS-level error description (e.g. `NSURLErrorDomain`\n * localizedDescription). Populated for `reason === 'navigation_failed'`. */\n underlyingError?: string;\n};\n\n/**\n * Thrown when `DynamicWebView.open()` (via the WaaS transport provider)\n * fails to establish a usable load. Inspect `reason` to distinguish the\n * failure mode; `statusCode` and `underlyingError` provide structured\n * metadata for the cases that have it.\n */\nexport class WebViewLoadFailedError extends BaseError {\n readonly reason: WebViewLoadFailureReason;\n readonly statusCode: number | undefined;\n readonly underlyingError: string | undefined;\n\n constructor({\n reason,\n shortMessage,\n cause = null,\n statusCode,\n underlyingError,\n }: WebViewLoadFailedErrorParams) {\n super({\n cause,\n code: 'webview_load_failed_error',\n details: underlyingError,\n docsUrl: null,\n name: 'WebViewLoadFailedError',\n shortMessage,\n });\n this.reason = reason;\n this.statusCode = statusCode;\n this.underlyingError = underlyingError;\n }\n}\n","import {\n WebViewLoadFailedError,\n type WebViewLoadFailureReason,\n} from '../../../errors/WebViewLoadFailedError';\n\n// Maps the native-side RCT reject codes (emitted by DynamicWebView.mm) to the\n// JS-level discriminator on `WebViewLoadFailedError`. Keys must stay in sync\n// with the `Reason.*` strings in DynamicWebViewImpl.swift.\nconst REASON_BY_NATIVE_CODE: Record<string, WebViewLoadFailureReason> = {\n webview_cancelled: 'cancelled',\n webview_content_process_terminated: 'content_process_terminated',\n webview_http_error: 'http_error',\n webview_instance_busy: 'instance_busy',\n webview_invalid_url: 'invalid_url',\n webview_navigation_failed: 'navigation_failed',\n webview_no_host_view: 'no_host_view',\n webview_unsupported: 'unsupported',\n};\n\n// React Native serializes the native NSError's userInfo onto the JS Error as\n// `userInfo`. These keys must stay in sync with the `errorStatusCodeKey` /\n// `errorUnderlyingDescriptionKey` constants in DynamicWebViewImpl.swift.\ntype NativeRejection = {\n code?: string;\n message?: string;\n userInfo?: {\n DynamicWebViewStatusCode?: number;\n DynamicWebViewUnderlying?: string;\n };\n};\n\n/**\n * Translates a native `DynamicWebView.open()` rejection into a typed\n * `WebViewLoadFailedError`. Maps the native RCT reject code to the JS-level\n * `WebViewLoadFailureReason` discriminator (falling back to\n * `navigation_failed` for unrecognized codes) and carries through the\n * structured `statusCode` / `underlyingError` metadata.\n *\n * The `reason` it produces is the contract `createWaasSDKContainer` branches\n * on — notably `emitError` swallows `cancelled` because that code is only ever\n * produced by our own `close()` teardown (verified on both the iOS and Android\n * native sides). Keep `REASON_BY_NATIVE_CODE` in sync with the native reject\n * codes so that branching stays correct.\n *\n * @not-instrumented\n */\nexport const translateNativeOpenError = (\n err: unknown\n): WebViewLoadFailedError => {\n const rejection = (err ?? {}) as NativeRejection;\n\n // Must check the KEYS of REASON_BY_NATIVE_CODE (the `webview_*` native\n // codes), not its values (the JS-level reasons) — this is called with the\n // native code, so checking values made every code fall through to\n // `navigation_failed` and silently broke the `cancelled` swallow.\n const isNativeRejectionCode = (\n code: string | undefined\n ): code is keyof typeof REASON_BY_NATIVE_CODE =>\n code != undefined && code in REASON_BY_NATIVE_CODE;\n\n const reason: WebViewLoadFailureReason = isNativeRejectionCode(rejection.code)\n ? REASON_BY_NATIVE_CODE[rejection.code]\n : 'navigation_failed';\n return new WebViewLoadFailedError({\n cause: err instanceof Error ? err : null,\n reason,\n shortMessage:\n rejection.message ?? `DynamicWebView open failed (${reason}).`,\n statusCode: rejection.userInfo?.DynamicWebViewStatusCode,\n underlyingError: rejection.userInfo?.DynamicWebViewUnderlying,\n });\n};\n","import type { WaasSDKContainer } from '@dynamic-labs-wallet/core';\nimport { NativeEventEmitter } from 'react-native';\n\nimport { NativeModuleNotLinkedError } from '../../../errors/NativeModuleNotLinkedError';\nimport NativeDynamicWebView from '../../../turboModules/NativeDynamicWebView';\nimport { translateNativeOpenError } from './translateNativeOpenError';\n\nconst NATIVE_MODULE_NAME = 'DynamicClientWebView';\nconst MESSAGE_EVENT_NAME = 'dynamicBridgeMessage';\n\ntype BridgeEventPayload = {\n data: unknown;\n instanceId: string;\n};\n\nconst generateInstanceId = (): string =>\n `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 10)}`;\n\n/**\n * Creates a React Native `WaasSDKContainer` backed by a native WebView\n * (WKWebView on iOS, `android.webkit.WebView` on Android) hosted by the\n * `DynamicClientWebView` TurboModule. Each invocation returns an isolated\n * container with its own instance ID, native WebView, and message routing.\n *\n * @not-instrumented\n */\nexport const createWaasSDKContainer = (): WaasSDKContainer => {\n if (!NativeDynamicWebView) {\n throw new NativeModuleNotLinkedError({ moduleName: NATIVE_MODULE_NAME });\n }\n\n const nativeModule = NativeDynamicWebView;\n const instanceId = generateInstanceId();\n // Construct the emitter against the TurboModule itself — on New Arch,\n // `NativeModules[name]` can be a different compatibility-shim object,\n // and binding `addListener`/`removeListeners` on the wrong instance\n // leaves `startObserving` in the native emitter never firing.\n const emitter = new NativeEventEmitter(\n nativeModule as unknown as ConstructorParameters<typeof NativeEventEmitter>[0]\n );\n\n // IframeManager on the WaaS SDK calls `container.onMessage(handler)` twice\n // on the same container — once to wait for the `iframe-ready-*` handshake,\n // and once later from `setupWaasSDKContainerBridge` to forward transport\n // messages. Both handlers need to receive every message, so the container\n // fans out to all registered handlers instead of enforcing single-register.\n const messageHandlers: Array<(data: unknown) => void> = [];\n const errorHandlers: Array<(error: unknown) => void> = [];\n let subscription: { remove: () => void } | null = null;\n let destroyed = false;\n\n const emitError = (err: unknown): void => {\n if (destroyed) return;\n const translated = translateNativeOpenError(err);\n // `cancelled` is only ever produced by our own `close()` teardown path on\n // the native side. Surfacing it via onError would make consumers like\n // IframeManager interpret their own destroy as a load failure and retry\n // against a provider that no longer exists.\n if (translated.reason === 'cancelled') return;\n for (const handler of errorHandlers) {\n handler(translated);\n }\n };\n\n return {\n destroy() {\n if (destroyed) return;\n destroyed = true;\n\n subscription?.remove();\n subscription = null;\n messageHandlers.length = 0;\n errorHandlers.length = 0;\n nativeModule.close(instanceId);\n },\n\n isAlive: () => !destroyed,\n\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n onError(handler: (error: unknown) => void) {\n errorHandlers.push(handler);\n return () => {\n const index = errorHandlers.indexOf(handler);\n if (index !== -1) errorHandlers.splice(index, 1);\n };\n },\n\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n onMessage(handler: (data: unknown) => void) {\n messageHandlers.push(handler);\n\n subscription ??= emitter.addListener(\n MESSAGE_EVENT_NAME,\n (payload: BridgeEventPayload) => {\n if (payload.instanceId !== instanceId) return;\n\n for (const fn of messageHandlers) {\n fn(payload.data);\n }\n }\n );\n\n // WaaS client expects onMessage to return an unsubscribe function —\n // used e.g. to tear down the one-shot handshake handler.\n return () => {\n const index = messageHandlers.indexOf(handler);\n if (index !== -1) messageHandlers.splice(index, 1);\n if (messageHandlers.length === 0) {\n subscription?.remove();\n subscription = null;\n }\n };\n },\n\n sendMessage(data: Record<string, unknown>) {\n nativeModule.sendMessage(instanceId, data);\n },\n /**\n * Hands the URL off to the native WebView and resolves immediately.\n *\n * Per the `WaasSDKContainer` contract (see `@dynamic-labs-wallet/core`\n * types), `setUrl` resolves once the URL has been handed off to the\n * container — NOT when the page has finished loading. Load completion is\n * signalled later via the `iframe-ready-*` message on `onMessage`, and\n * navigation failures surface via `onError`. This dispatch-and-forget\n * shape is load-bearing: the WaaS handshake sequencing expects `setUrl` to\n * resolve before the first message arrives, so `nativeModule.open` is\n * intentionally NOT awaited/returned — its rejection (HTTP errors,\n * navigation failures, preflight errors, etc.) is routed through\n * `emitError` instead. Do not change this to `return nativeModule.open(...)`.\n */\n // Signature is dictated by the upstream WaasSDKContainer interface.\n // eslint-disable-next-line custom-rules/require-single-object-param\n async setUrl(url: string) {\n nativeModule.open(instanceId, url).catch(emitError);\n },\n };\n};\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { DynamicWalletClient } from '@dynamic-labs-wallet/browser-wallet-client';\nimport type { SecureStorageAdapter } from '@dynamic-labs-wallet/core';\nimport {\n ACCESSIBLE,\n getGenericPassword,\n resetGenericPassword,\n setGenericPassword,\n} from 'react-native-keychain';\n\nimport { getCore } from '../../../client/core/getCore';\nimport { CorruptedKeyShareError } from '../../../errors/CorruptedKeyShareError';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport {\n DEFAULT_WAAS_BASE_API_URL,\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n} from '../constants';\nimport type { CreateWaasClient } from './createWaasClient.types';\nimport { createWaasSDKContainer } from './createWaasSDKContainer.native';\n\n/**\n * Keychain security options for the client key share. The share is wallet\n * key material that cannot be re-derived locally, so the options are pinned\n * explicitly rather than inherited from `react-native-keychain` defaults\n * (which vary across versions and platforms).\n *\n * `WHEN_UNLOCKED_THIS_DEVICE_ONLY` keeps the share readable only while the\n * device is unlocked, excludes it from iCloud Keychain sync, and prevents it\n * migrating to a new device on encrypted-backup restore. It deliberately does\n * NOT set `accessControl` (e.g. biometry) — reads must not surface a Face ID /\n * passcode prompt, since the share is read on routine wallet operations.\n */\nconst KEY_SHARE_KEYCHAIN_OPTIONS = {\n accessible: ACCESSIBLE.WHEN_UNLOCKED_THIS_DEVICE_ONLY,\n} as const;\n\n/** @not-instrumented */\nexport const createWaasClient: CreateWaasClient = ({ chainName }, client) => {\n const core = getCore(client);\n\n const additionalTrustedOrigins = core.waas?.additionalTrustedOrigins;\n\n // Namespace the keychain service by environment so two environmentIds on the\n // same device (or two dApps that observe the same account) can't collide and\n // mix key shares. The account address alone is not unique across environments.\n const getKeyShareService = (accountAddress: string): string =>\n `${core.environmentId}:${accountAddress}`;\n\n return new DynamicWalletClient(\n {\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n authToken: client.token || '',\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n baseMPCRelayApiUrl:\n client.projectSettings?.sdk.waas?.relayUrl ||\n DEFAULT_WAAS_BASE_MPC_RELAY_API_URL,\n chainName,\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n ...(additionalTrustedOrigins == undefined\n ? {}\n : { additionalTrustedOrigins }),\n },\n {\n createWaasSDKContainer,\n // Typed as the upstream SecureStorageAdapter so the key-share method\n // signatures (and the `shares` payload type) stay compiler-enforced\n // against the WaaS SDK contract rather than re-declared locally.\n secureStorage: {\n getClientKeyShare: async (accountAddress) => {\n const result = await getGenericPassword({\n service: getKeyShareService(accountAddress),\n });\n\n if (!result) {\n return [];\n }\n\n // A corrupted or partially-written keychain entry makes JSON.parse\n // throw mid key-share load. Surface a typed error instead of an\n // unhandled rejection so callers can distinguish \"no share stored\"\n // (empty result above) from \"share exists but is unreadable\".\n try {\n return JSON.parse(result.password);\n } catch (cause) {\n throw new CorruptedKeyShareError({\n cause: cause instanceof Error ? cause : null,\n });\n }\n },\n\n removeClientKeyShare: async (accountAddress) => {\n await resetGenericPassword({\n service: getKeyShareService(accountAddress),\n });\n },\n\n setClientKeyShare: async (accountAddress, shares) => {\n await setGenericPassword(accountAddress, JSON.stringify(shares), {\n ...KEY_SHARE_KEYCHAIN_OPTIONS,\n service: getKeyShareService(accountAddress),\n });\n },\n } satisfies SecureStorageAdapter,\n }\n );\n};\n","import type { Chain } from '../../chain';\nimport { CHAINS_INFO_MAP } from '../../wallets/constants';\n\n/** @not-instrumented */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const getWaasChainNameFromChain = (chain: Chain): string => {\n return CHAINS_INFO_MAP[chain].waasChainNameOverride || chain;\n};\n","import {\n type BitcoinConfig,\n type DynamicWalletClient,\n ThresholdSignatureScheme,\n WalletOperation,\n} from '@dynamic-labs-wallet/browser-wallet-client';\nimport { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { InvalidParamError } from '../../../errors/InvalidParamError';\nimport { getElevatedAccessToken } from '../../auth/getElevatedAccessToken';\nimport type { Chain } from '../../chain';\nimport { consumeMfaTokenIfRequiredForAction } from '../../mfa/consumeMfaTokenIfRequiredForAction';\nimport { getSignedSessionId } from '../../sessionKeys/getSignedSessionId';\nimport { createWaasClient } from '../createWaasClient';\nimport { getWaasChainNameFromChain } from '../getWaasChainNameFromChain';\nimport type { WaasProvider } from '../waas.types';\n\nconst RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH = 64;\n\ntype CreateWaasProviderParams = {\n chain: Chain;\n sdkClient: DynamicClient;\n};\n\n/** @not-instrumented */\nexport const createWaasProvider = ({\n sdkClient,\n chain,\n}: CreateWaasProviderParams): WaasProvider => {\n const logger = getCore(sdkClient).logger;\n\n let _waasClient: DynamicWalletClient | undefined;\n\n // because the waas client needs the authToken to be set, we can only create it\n // the first time it's needed, which is after the user has logged in\n const getWaasClient: WaasProvider['getWaasClient'] = async () => {\n if (!_waasClient) {\n _waasClient = createWaasClient(\n { chainName: getWaasChainNameFromChain(chain) },\n sdkClient\n );\n await _waasClient.initialize();\n }\n return _waasClient;\n };\n\n const backupKeySharesToGoogleDrive: WaasProvider['backupKeySharesToGoogleDrive'] =\n async ({ googleDriveAccessToken, password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.backupKeySharesToGoogleDrive({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n googleDriveAccessToken,\n password,\n signedSessionId,\n });\n };\n\n const createWalletAccount: WaasProvider['createWalletAccount'] = async (\n args = {}\n ) => {\n logger.debug('[createWaasProvider] createWalletAccount', {\n bitcoinConfig: args.bitcoinConfig,\n thresholdSignatureScheme: args.thresholdSignatureScheme,\n });\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const waasWallet = await waasClient.createWalletAccount({\n authToken: sdkClient.token ?? undefined,\n bitcoinConfig: args.bitcoinConfig as BitcoinConfig | undefined,\n password: args.password,\n signedSessionId,\n thresholdSignatureScheme:\n args.thresholdSignatureScheme ?? ThresholdSignatureScheme.TWO_OF_TWO,\n });\n\n return waasWallet;\n };\n\n const delegateKeyShares: WaasProvider['delegateKeyShares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.delegateKeyShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportClientKeyshares: WaasProvider['exportClientKeyshares'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n await waasClient.exportClientKeyshares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const exportPrivateKey: WaasProvider['exportPrivateKey'] = async ({\n displayContainer,\n walletAccount,\n password,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasExport },\n sdkClient\n );\n\n // Forward any elevated access token previously obtained via step-up\n // (e.g. requestExternalAuthElevatedToken) so the backend authorizes\n // the export under the wallet:export scope.\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletexport },\n sdkClient\n );\n\n await waasClient.exportPrivateKey({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n displayContainer,\n elevatedAccessToken,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const restoreUserShareForWalletAccount: WaasProvider['restoreUserShareForWalletAccount'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n await waasClient.getWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n walletOperation: WalletOperation.SIGN_MESSAGE,\n });\n };\n\n const importPrivateKey: WaasProvider['importPrivateKey'] = async ({\n privateKey,\n thresholdSignatureScheme = ThresholdSignatureScheme.TWO_OF_TWO,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const walletClient = await getWaasClient();\n\n await walletClient.importPrivateKey({\n authToken: sdkClient.token ?? undefined,\n privateKey,\n signedSessionId,\n thresholdSignatureScheme,\n });\n };\n\n const refreshWalletAccountShares: WaasProvider['refreshWalletAccountShares'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasRefresh },\n sdkClient\n );\n\n return walletClient.refreshWalletAccountShares({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n mfaToken,\n password,\n signedSessionId,\n });\n };\n\n const revokeDelegation: WaasProvider['revokeDelegation'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.revokeDelegation({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n const setWaasWalletAccountPassword: WaasProvider['setWaasWalletAccountPassword'] =\n async ({ password, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.setPassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n newPassword: password,\n signedSessionId,\n });\n };\n\n const signRawMessage: WaasProvider['signRawMessage'] = async ({\n message,\n password,\n walletAccount,\n }) => {\n if (message.length !== RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH) {\n throw new InvalidParamError(\n `Message must be ${RAW_MESSAGE_MESSAGE_REQUIRED_LENGTH} characters long`\n );\n }\n\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const walletClient = await getWaasClient();\n\n const signature = await walletClient.signRawMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n password,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const destroy: WaasProvider['destroy'] = async (args) => {\n if (!_waasClient) {\n return;\n }\n\n const waasClient = await getWaasClient();\n // When a session token expires, we preserve key shares in storage instead\n // of clearing them. Customers with short-lived sessions (minutes) were\n // hitting excessive server-side share recovery on every re-login, which\n // also forced users to re-enter their wallet password since the unlocked\n // share only lives for the duration of the session.\n //\n // This is safe because the waas-sdk separately fingerprints the user\n // (sub + environment_id) and clears all storage if a different user logs\n // in. On explicit user-initiated logout, shares are always cleared for\n // security.\n if (args?.reason !== 'token-expired') {\n await waasClient.cleanup();\n }\n _waasClient = undefined;\n };\n\n const updatePassword: WaasProvider['updatePassword'] = async ({\n walletAccount,\n currentPassword,\n newPassword,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.updatePassword({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n existingPassword: currentPassword,\n newPassword,\n signedSessionId,\n });\n };\n\n const signMessage: WaasProvider['signMessage'] = async ({\n message,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signMessage({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n elevatedAccessToken,\n message,\n mfaToken,\n signedSessionId,\n });\n\n return { signature };\n };\n\n const signSerializedTransaction: WaasProvider['signSerializedTransaction'] =\n async ({ chainId, serializedTransaction, walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const mfaToken = await consumeMfaTokenIfRequiredForAction(\n { mfaAction: MFAAction.WalletWaasSign },\n sdkClient\n );\n\n const elevatedAccessToken = getElevatedAccessToken(\n { scope: TokenScope.Walletsign },\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n const signature = await waasClient.signTransaction({\n authToken: sdkClient.token ?? undefined,\n chainId,\n elevatedAccessToken,\n mfaToken,\n senderAddress: walletAccount.address,\n signedSessionId,\n transaction: serializedTransaction,\n });\n\n return { signature };\n };\n\n const getWalletRecoveryState: WaasProvider['getWalletRecoveryState'] =\n async ({ walletAccount }) => {\n const { signature: signedSessionId } = await getSignedSessionId(\n sdkClient\n );\n\n const waasClient = await getWaasClient();\n\n return waasClient.getWalletRecoveryState({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n signedSessionId,\n });\n };\n\n const unlockWallet: WaasProvider['unlockWallet'] = async ({\n password,\n walletAccount,\n }) => {\n const { signature: signedSessionId } = await getSignedSessionId(sdkClient);\n\n const waasClient = await getWaasClient();\n\n return waasClient.unlockWallet({\n accountAddress: walletAccount.address,\n authToken: sdkClient.token ?? undefined,\n password,\n signedSessionId,\n });\n };\n\n return {\n backupKeySharesToGoogleDrive,\n createWalletAccount,\n delegateKeyShares,\n destroy,\n exportClientKeyshares,\n exportPrivateKey,\n getWaasClient,\n getWalletRecoveryState,\n importPrivateKey,\n refreshWalletAccountShares,\n restoreUserShareForWalletAccount,\n revokeDelegation,\n setWaasWalletAccountPassword,\n signMessage,\n signRawMessage,\n signSerializedTransaction,\n unlockWallet,\n updatePassword,\n };\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types';\nimport { getChainFromVerifiedCredentialChain } from '../../../utils/getChainFromVerifiedCredentialChain';\nimport type { Chain } from '../../chain';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype GetAllUserWaasAddressesForChainParams = {\n chain: Chain;\n};\n\n/** @not-instrumented */\nexport const getAllUserWaasAddressesForChain = (\n { chain }: GetAllUserWaasAddressesForChainParams,\n client: DynamicClient\n): string[] => {\n if (!client.user) {\n return [];\n }\n\n const waasWalletCredentials =\n client.user.verifiedCredentials.filter(\n (credential) =>\n credential.walletProvider === WalletProviderEnum.EmbeddedWallet &&\n credential.walletName\n ?.toLowerCase()\n .startsWith(DYNAMIC_WAAS_METADATA.normalizedWalletName) &&\n credential.address &&\n credential.chain &&\n getChainFromVerifiedCredentialChain(credential.chain) === chain\n ) ?? [];\n\n const waasAddresses: string[] = waasWalletCredentials.map(\n // casting because we're already filtering out credentials without an address\n (credential) => credential.address as string\n );\n\n return waasAddresses;\n};\n","import { assertPackageVersion } from '@dynamic-labs-sdk/assert-package-version';\n\nimport {\n name as packageName,\n version as packageVersion,\n} from '../../package.json';\nassertPackageVersion(packageName, packageVersion);\n\nexport type {\n BitcoinNetwork,\n DynamicWalletClient,\n ThresholdSignatureScheme\n} from '@dynamic-labs-wallet/browser-wallet-client';\nexport { DYNAMIC_WAAS_METADATA } from '../modules/waas/constants';\nexport { createWaasClient } from '../modules/waas/createWaasClient';\nexport { createWaasProvider } from '../modules/waas/createWaasProvider';\nexport { getAllUserWaasAddressesForChain } from '../modules/waas/getAllUserWaasAddressesForChain';\nexport { getWaasChainNameFromChain } from '../modules/waas/getWaasChainNameFromChain';\nexport type {\n WaasProvider,\n WaasWalletProvider\n} from '../modules/waas/waas.types';\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAgBA,IAAa,yBAAb,cAA4C,UAAU;CACpD,YAAY,EAAE,QAAQ,SAAuC,EAAE,EAAE;AAC/D,QAAM;GACJ;GACA,MAAM;GACN,SACE;GACF,SAAS;GACT,MAAM;GACN,cAAc;GACf,CAAC;;;;;;ACaN,mCAAe,oBAAoB,IAAU,uBAAuB;;;;;;;;;;ACJpE,IAAa,yBAAb,cAA4C,UAAU;CACpD,AAAS;CACT,AAAS;CACT,AAAS;CAET,YAAY,EACV,QACA,cACA,QAAQ,MACR,YACA,mBAC+B;AAC/B,QAAM;GACJ;GACA,MAAM;GACN,SAAS;GACT,SAAS;GACT,MAAM;GACN;GACD,CAAC;AACF,OAAK,SAAS;AACd,OAAK,aAAa;AAClB,OAAK,kBAAkB;;;;;;ACjD3B,MAAMA,wBAAkE;CACtE,mBAAmB;CACnB,oCAAoC;CACpC,oBAAoB;CACpB,uBAAuB;CACvB,qBAAqB;CACrB,2BAA2B;CAC3B,sBAAsB;CACtB,qBAAqB;CACtB;;;;;;;;;;;;;;;;AA6BD,MAAa,4BACX,QAC2B;CAC3B,MAAM,YAAa,OAAO,EAAE;CAM5B,MAAM,yBACJ,SAEA,QAAQ,UAAa,QAAQ;CAE/B,MAAMC,SAAmC,sBAAsB,UAAU,KAAK,GAC1E,sBAAsB,UAAU,QAChC;AACJ,QAAO,IAAI,uBAAuB;EAChC,OAAO,eAAe,QAAQ,MAAM;EACpC;EACA,cACE,UAAU,WAAW,+BAA+B,OAAO;EAC7D,YAAY,UAAU,UAAU;EAChC,iBAAiB,UAAU,UAAU;EACtC,CAAC;;;;;AC/DJ,MAAM,qBAAqB;AAC3B,MAAM,qBAAqB;AAO3B,MAAM,2BACJ,GAAG,KAAK,KAAK,CAAC,SAAS,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,SAAS,GAAG,CAAC,MAAM,GAAG,GAAG;;;;;;;;;AAUvE,MAAa,+BAAiD;AAC5D,KAAI,CAACC,6BACH,OAAM,IAAI,2BAA2B,EAAE,YAAY,oBAAoB,CAAC;CAG1E,MAAM,eAAeA;CACrB,MAAM,aAAa,oBAAoB;CAKvC,MAAM,UAAU,IAAI,mBAClB,aACD;CAOD,MAAMC,kBAAkD,EAAE;CAC1D,MAAMC,gBAAiD,EAAE;CACzD,IAAIC,eAA8C;CAClD,IAAI,YAAY;CAEhB,MAAM,aAAa,QAAuB;AACxC,MAAI,UAAW;EACf,MAAM,aAAa,yBAAyB,IAAI;AAKhD,MAAI,WAAW,WAAW,YAAa;AACvC,OAAK,MAAM,WAAW,cACpB,SAAQ,WAAW;;AAIvB,QAAO;EACL,UAAU;AACR,OAAI,UAAW;AACf,eAAY;AAEZ,iBAAc,QAAQ;AACtB,kBAAe;AACf,mBAAgB,SAAS;AACzB,iBAAc,SAAS;AACvB,gBAAa,MAAM,WAAW;;EAGhC,eAAe,CAAC;EAIhB,QAAQ,SAAmC;AACzC,iBAAc,KAAK,QAAQ;AAC3B,gBAAa;IACX,MAAM,QAAQ,cAAc,QAAQ,QAAQ;AAC5C,QAAI,UAAU,GAAI,eAAc,OAAO,OAAO,EAAE;;;EAMpD,UAAU,SAAkC;AAC1C,mBAAgB,KAAK,QAAQ;AAE7B,oBAAiB,QAAQ,YACvB,qBACC,YAAgC;AAC/B,QAAI,QAAQ,eAAe,WAAY;AAEvC,SAAK,MAAM,MAAM,gBACf,IAAG,QAAQ,KAAK;KAGrB;AAID,gBAAa;IACX,MAAM,QAAQ,gBAAgB,QAAQ,QAAQ;AAC9C,QAAI,UAAU,GAAI,iBAAgB,OAAO,OAAO,EAAE;AAClD,QAAI,gBAAgB,WAAW,GAAG;AAChC,mBAAc,QAAQ;AACtB,oBAAe;;;;EAKrB,YAAY,MAA+B;AACzC,gBAAa,YAAY,YAAY,KAAK;;EAkB5C,MAAM,OAAO,KAAa;AACxB,gBAAa,KAAK,YAAY,IAAI,CAAC,MAAM,UAAU;;EAEtD;;;;;;;;;;;;;;;;;ACzGH,MAAM,6BAA6B,EACjC,YAAY,WAAW,gCACxB;;AAGD,MAAaC,oBAAsC,EAAE,aAAa,WAAW;CAC3E,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,2BAA2B,KAAK,MAAM;CAK5C,MAAM,sBAAsB,mBAC1B,GAAG,KAAK,cAAc,GAAG;AAE3B,QAAO,IAAI,oBACT;EACE,UAAW,gBAAgB,OAAO,GAAG,WAAW;EAChD,WAAW,OAAO,SAAS;EAC3B,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;EACD,oBACE,OAAO,iBAAiB,IAAI,MAAM,YAClC;EACF;EACA,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACvC,GAAI,4BAA4B,SAC5B,EAAE,GACF,EAAE,0BAA0B;EACjC,EACD;EACE;EAIA,eAAe;GACb,mBAAmB,OAAO,mBAAmB;IAC3C,MAAM,SAAS,MAAM,mBAAmB,EACtC,SAAS,mBAAmB,eAAe,EAC5C,CAAC;AAEF,QAAI,CAAC,OACH,QAAO,EAAE;AAOX,QAAI;AACF,YAAO,KAAK,MAAM,OAAO,SAAS;aAC3B,OAAO;AACd,WAAM,IAAI,uBAAuB,EAC/B,OAAO,iBAAiB,QAAQ,QAAQ,MACzC,CAAC;;;GAIN,sBAAsB,OAAO,mBAAmB;AAC9C,UAAM,qBAAqB,EACzB,SAAS,mBAAmB,eAAe,EAC5C,CAAC;;GAGJ,mBAAmB,OAAO,gBAAgB,WAAW;AACnD,UAAM,mBAAmB,gBAAgB,KAAK,UAAU,OAAO,EAAE;KAC/D,GAAG;KACH,SAAS,mBAAmB,eAAe;KAC5C,CAAC;;GAEL;EACF,CACF;;;;;;ACxGH,MAAa,6BAA6B,UAAyB;AACjE,QAAO,gBAAgB,OAAO,yBAAyB;;;;;ACazD,MAAM,sCAAsC;;AAQ5C,MAAa,sBAAsB,EACjC,WACA,YAC4C;CAC5C,MAAM,SAAS,QAAQ,UAAU,CAAC;CAElC,IAAIC;CAIJ,MAAMC,gBAA+C,YAAY;AAC/D,MAAI,CAAC,aAAa;AAChB,iBAAc,iBACZ,EAAE,WAAW,0BAA0B,MAAM,EAAE,EAC/C,UACD;AACD,SAAM,YAAY,YAAY;;AAEhC,SAAO;;CAGT,MAAMC,+BACJ,OAAO,EAAE,wBAAwB,UAAU,oBAAoB;EAC7D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,6BAA6B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,sBAA2D,OAC/D,OAAO,EAAE,KACN;AACH,SAAO,MAAM,4CAA4C;GACvD,eAAe,KAAK;GACpB,0BAA0B,KAAK;GAChC,CAAC;EAEF,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAa1E,SATmB,OAFA,MAAM,eAAe,EAEJ,oBAAoB;GACtD,WAAW,UAAU,SAAS;GAC9B,eAAe,KAAK;GACpB,UAAU,KAAK;GACf;GACA,0BACE,KAAK,4BAA4B,yBAAyB;GAC7D,CAAC;;CAKJ,MAAMC,oBAAuD,OAAO,EAClE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,kBAAkB;GAClC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,wBAA+D,OAAO,EAC1E,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFmB,MAAM,eAAe,EAEvB,sBAAsB;GACrC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,mBAAqD,OAAO,EAChE,kBACA,eACA,eACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,aAAa,MAAM,eAAe;EAExC,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,kBAAkB,EACzC,UACD;EAKD,MAAM,sBAAsBC,iCAC1B,EAAE,OAAO,WAAW,cAAc,EAClC,UACD;AAED,QAAM,WAAW,iBAAiB;GAChC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,mCACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,SAFmB,MAAM,eAAe,EAEvB,UAAU;GACzB,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA,iBAAiB,gBAAgB;GAClC,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,YACA,2BAA2B,yBAAyB,iBAChD;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,SAFqB,MAAM,eAAe,EAEvB,iBAAiB;GAClC,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGJ,MAAMC,6BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,eAAe,MAAM,eAAe;EAE1C,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,mBAAmB,EAC1C,UACD;AAED,SAAO,aAAa,2BAA2B;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACD,CAAC;;CAGN,MAAMC,mBAAqD,OAAO,EAChE,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,iBAAiB;GACjC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;CAGJ,MAAMC,+BACJ,OAAO,EAAE,UAAU,oBAAoB;EACrC,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,YAAY;GAC5B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,aAAa;GACb;GACD,CAAC;;CAGN,MAAMC,iBAAiD,OAAO,EAC5D,SACA,UACA,oBACI;AACJ,MAAI,QAAQ,WAAW,oCACrB,OAAM,IAAI,kBACR,mBAAmB,oCAAoC,kBACxD;EAGH,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBN,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFG,MAAM,eAAe,EAEL,eAAe;GAClD,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMO,UAAmC,OAAO,SAAS;AACvD,MAAI,CAAC,YACH;EAGF,MAAM,aAAa,MAAM,eAAe;AAWxC,MAAI,MAAM,WAAW,gBACnB,OAAM,WAAW,SAAS;AAE5B,gBAAc;;CAGhB,MAAMC,iBAAiD,OAAO,EAC5D,eACA,iBACA,kBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,eAAe;GAC/B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B,kBAAkB;GAClB;GACA;GACD,CAAC;;CAGJ,MAAMC,cAA2C,OAAO,EACtD,SACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;EAE1E,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBT,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAaD,SAAO,EAAE,WATS,OAFC,MAAM,eAAe,EAEL,YAAY;GAC7C,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA;GACD,CAAC,EAEkB;;CAGtB,MAAMU,4BACJ,OAAO,EAAE,SAAS,uBAAuB,oBAAoB;EAC3D,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;EAED,MAAM,WAAW,MAAM,mCACrB,EAAE,WAAW,UAAU,gBAAgB,EACvC,UACD;EAED,MAAM,sBAAsBV,iCAC1B,EAAE,OAAO,WAAW,YAAY,EAChC,UACD;AAcD,SAAO,EAAE,WAVS,OAFC,MAAM,eAAe,EAEL,gBAAgB;GACjD,WAAW,UAAU,SAAS;GAC9B;GACA;GACA;GACA,eAAe,cAAc;GAC7B;GACA,aAAa;GACd,CAAC,EAEkB;;CAGxB,MAAMW,yBACJ,OAAO,EAAE,oBAAoB;EAC3B,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAC3C,UACD;AAID,UAFmB,MAAM,eAAe,EAEtB,uBAAuB;GACvC,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACD,CAAC;;CAGN,MAAMC,eAA6C,OAAO,EACxD,UACA,oBACI;EACJ,MAAM,EAAE,WAAW,oBAAoB,MAAM,mBAAmB,UAAU;AAI1E,UAFmB,MAAM,eAAe,EAEtB,aAAa;GAC7B,gBAAgB,cAAc;GAC9B,WAAW,UAAU,SAAS;GAC9B;GACA;GACD,CAAC;;AAGJ,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;ACjaH,MAAa,mCACX,EAAE,SACF,WACa;AACb,KAAI,CAAC,OAAO,KACV,QAAO,EAAE;AAoBX,SAhBE,OAAO,KAAK,oBAAoB,QAC7B,eACC,WAAW,mBAAmB,mBAAmB,kBACjD,WAAW,YACP,aAAa,CACd,WAAW,sBAAsB,qBAAqB,IACzD,WAAW,WACX,WAAW,SACX,oCAAoC,WAAW,MAAM,KAAK,MAC7D,IAAI,EAAE,EAE6C,KAEnD,eAAe,WAAW,QAC5B;;;;;AC7BH,qBAAqBC,MAAaC,QAAe"}
@@ -0,0 +1,27 @@
1
+ require "json"
2
+
3
+ package = JSON.parse(File.read(File.join(__dir__, "package.json")))
4
+
5
+ Pod::Spec.new do |s|
6
+ s.name = "dynamic-labs-sdk-client"
7
+ s.version = package["version"]
8
+ s.summary = "Dynamic Labs SDK native manifest module"
9
+ s.homepage = "https://dynamic.xyz"
10
+ s.license = "MIT"
11
+ s.authors = "Dynamic Labs"
12
+
13
+ s.platforms = { :ios => "15.1" }
14
+ s.source = { :git => "https://github.com/dynamic-labs/dynamic-sdk.git", :tag => "v#{s.version}" }
15
+ s.swift_version = "5.4"
16
+
17
+ s.source_files = "ios/**/*.{h,m,mm,cpp,swift}"
18
+ s.private_header_files = "ios/**/*.h"
19
+
20
+ # Inject the SDK version as a preprocessor macro at compile time.
21
+ # The ObjC++ module forwards this to the Swift implementation via init.
22
+ s.pod_target_xcconfig = {
23
+ "GCC_PREPROCESSOR_DEFINITIONS" => "DYNAMIC_SDK_VERSION=@\\\"#{package['version']}\\\""
24
+ }
25
+
26
+ install_modules_dependencies(s)
27
+ end
@@ -0,0 +1,4 @@
1
+ #import <React/RCTBridgeModule.h>
2
+
3
+ @interface DynamicClientKeychain : NSObject <RCTBridgeModule>
4
+ @end
@@ -0,0 +1,101 @@
1
+ #import "DynamicClientKeychain.h"
2
+ #import <React/RCTBridgeModule.h>
3
+ #import <DynamicClientSpec/DynamicClientSpec.h>
4
+ #if __has_include(<dynamic_labs_sdk_client/dynamic_labs_sdk_client-Swift.h>)
5
+ #import <dynamic_labs_sdk_client/dynamic_labs_sdk_client-Swift.h>
6
+ #else
7
+ #import "dynamic_labs_sdk_client-Swift.h"
8
+ #endif
9
+
10
+ @interface DynamicClientKeychain () <NativeKeychainSpec> {
11
+ SecureEnclaveKeyManager *_keyManager;
12
+ }
13
+ @end
14
+
15
+ @implementation DynamicClientKeychain
16
+
17
+ RCT_EXPORT_MODULE()
18
+
19
+ - (instancetype)init {
20
+ self = [super init];
21
+ if (self) {
22
+ _keyManager = [[SecureEnclaveKeyManager alloc] init];
23
+ }
24
+ return self;
25
+ }
26
+
27
+ #pragma mark - NativeKeychainSpec
28
+
29
+ - (void)isAvailable:(RCTPromiseResolveBlock)resolve
30
+ reject:(RCTPromiseRejectBlock)reject {
31
+ resolve(@([_keyManager isAvailable]));
32
+ }
33
+
34
+ - (void)hasKey:(NSString *)key
35
+ resolve:(RCTPromiseResolveBlock)resolve
36
+ reject:(RCTPromiseRejectBlock)reject {
37
+ resolve(@([_keyManager hasKey:key]));
38
+ }
39
+
40
+ - (void)generateKeyPair:(NSString *)key
41
+ resolve:(RCTPromiseResolveBlock)resolve
42
+ reject:(RCTPromiseRejectBlock)reject {
43
+ NSError *error = nil;
44
+ NSString *publicKey = [_keyManager generateKeyPair:key error:&error];
45
+ if (error) {
46
+ reject(@"ERR_KEYCHAIN", error.localizedDescription, error);
47
+ return;
48
+ }
49
+ resolve(@{@"publicKey": publicKey});
50
+ }
51
+
52
+ - (void)getPublicKey:(NSString *)key
53
+ resolve:(RCTPromiseResolveBlock)resolve
54
+ reject:(RCTPromiseRejectBlock)reject {
55
+ NSError *error = nil;
56
+ NSString *publicKey = [_keyManager getPublicKey:key error:&error];
57
+ if (error) {
58
+ reject(@"ERR_KEYCHAIN", error.localizedDescription, error);
59
+ return;
60
+ }
61
+ // Empty string signals "key not found" from Swift (which can't return
62
+ // Optional from a throwing @objc method)
63
+ if (publicKey.length == 0) {
64
+ resolve([NSNull null]);
65
+ return;
66
+ }
67
+ resolve(@{@"publicKey": publicKey});
68
+ }
69
+
70
+ - (void)sign:(NSString *)key
71
+ payload:(NSString *)payload
72
+ resolve:(RCTPromiseResolveBlock)resolve
73
+ reject:(RCTPromiseRejectBlock)reject {
74
+ NSError *error = nil;
75
+ NSString *signature = [_keyManager sign:key payload:payload error:&error];
76
+ if (error) {
77
+ reject(@"ERR_KEYCHAIN", error.localizedDescription, error);
78
+ return;
79
+ }
80
+ resolve(@{@"signature": signature});
81
+ }
82
+
83
+ - (void)deleteKey:(NSString *)key
84
+ resolve:(RCTPromiseResolveBlock)resolve
85
+ reject:(RCTPromiseRejectBlock)reject {
86
+ [_keyManager deleteKey:key];
87
+ resolve([NSNull null]);
88
+ }
89
+
90
+ #pragma mark - TurboModule
91
+
92
+ - (std::shared_ptr<facebook::react::TurboModule>)getTurboModule:
93
+ (const facebook::react::ObjCTurboModule::InitParams &)params {
94
+ return std::make_shared<facebook::react::NativeKeychainSpecJSI>(params);
95
+ }
96
+
97
+ + (BOOL)requiresMainQueueSetup {
98
+ return NO;
99
+ }
100
+
101
+ @end
@@ -0,0 +1,4 @@
1
+ #import <React/RCTBridgeModule.h>
2
+
3
+ @interface DynamicClientManifest : NSObject <RCTBridgeModule>
4
+ @end
@@ -0,0 +1,45 @@
1
+ #import "DynamicClientManifest.h"
2
+ #import <React/RCTBridgeModule.h>
3
+ #import <DynamicClientSpec/DynamicClientSpec.h>
4
+ #if __has_include(<dynamic_labs_sdk_client/dynamic_labs_sdk_client-Swift.h>)
5
+ #import <dynamic_labs_sdk_client/dynamic_labs_sdk_client-Swift.h>
6
+ #else
7
+ #import "dynamic_labs_sdk_client-Swift.h"
8
+ #endif
9
+
10
+ #ifndef DYNAMIC_SDK_VERSION
11
+ #define DYNAMIC_SDK_VERSION @"unknown"
12
+ #endif
13
+
14
+ @interface DynamicClientManifest () <NativeReactNativeManifestSpec> {
15
+ ReactNativeManifestImpl *_impl;
16
+ }
17
+ @end
18
+
19
+ @implementation DynamicClientManifest
20
+
21
+ RCT_EXPORT_MODULE()
22
+
23
+ - (instancetype)init {
24
+ self = [super init];
25
+ if (self) {
26
+ _impl = [[ReactNativeManifestImpl alloc] initWithSdkVersion:DYNAMIC_SDK_VERSION];
27
+ }
28
+ return self;
29
+ }
30
+
31
+ - (NSDictionary *)getManifest {
32
+ return [_impl getManifest];
33
+ }
34
+
35
+ - (std::shared_ptr<facebook::react::TurboModule>)getTurboModule:
36
+ (const facebook::react::ObjCTurboModule::InitParams &)params {
37
+ return std::make_shared<facebook::react::NativeReactNativeManifestSpecJSI>(
38
+ params);
39
+ }
40
+
41
+ + (BOOL)requiresMainQueueSetup {
42
+ return NO;
43
+ }
44
+
45
+ @end
@@ -0,0 +1,5 @@
1
+ #import <React/RCTBridgeModule.h>
2
+ #import <React/RCTEventEmitter.h>
3
+
4
+ @interface DynamicClientWebView : RCTEventEmitter <RCTBridgeModule>
5
+ @end