npm - @dynamic-labs-sdk/solana - Versions diffs - 0.13.0 → 0.14.0 - Mend

@dynamic-labs-sdk/solana 0.13.0 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/dist/index.cjs.js CHANGED Viewed

@@ -1,12 +1,17 @@
-const require_addSolanaWalletStandardExtension = require('./addSolanaWalletStandardExtension-D5uAzwwi.cjs.js');
-const require_isVersionedTransaction = require('./isVersionedTransaction-CSkcEh-G.cjs.js');
-const require_addWaasSolanaExtension = require('./addWaasSolanaExtension-DBfiocjd.cjs.js');
+const require_addSolanaWalletStandardExtension = require('./addSolanaWalletStandardExtension-Bv39eDZc.cjs.js');
+const require_isVersionedTransaction = require('./isVersionedTransaction-DW-V1tUS.cjs.js');
+const require_addWaasSolanaExtension = require('./addWaasSolanaExtension-BaxzWnYL.cjs.js');
 let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
 let _dynamic_labs_sdk_client_core = require("@dynamic-labs-sdk/client/core");
 let _solana_web3_js = require("@solana/web3.js");
 let _dynamic_labs_sdk_client = require("@dynamic-labs-sdk/client");
+let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
 let bs58 = require("bs58");
 bs58 = require_addSolanaWalletStandardExtension.__toESM(bs58);
+let zod_mini = require("zod/mini");
+zod_mini = require_addSolanaWalletStandardExtension.__toESM(zod_mini);
+let tweetnacl = require("tweetnacl");
+tweetnacl = require_addSolanaWalletStandardExtension.__toESM(tweetnacl);
 //#region src/addSolanaExtension/addSolanaExtension.ts
 /**
@@ -223,6 +228,975 @@ const simulateSolanaTransaction = async ({ walletAccount, transaction, includeFe
 	}
 };
+//#endregion
+//#region src/phantomRedirect/errors/NoPendingPhantomRequestError.ts
+var NoPendingPhantomRequestError = class extends _dynamic_labs_sdk_client.BaseError {
+	constructor() {
+		super({
+			cause: null,
+			code: "no_pending_phantom_request_error",
+			docsUrl: null,
+			name: "NoPendingPhantomRequestError",
+			shortMessage: "No pending Phantom request found. The request may have already been processed or expired."
+		});
+	}
+};
+//#endregion
+//#region src/phantomRedirect/errors/NoPhantomSessionError.ts
+var NoPhantomSessionError = class extends _dynamic_labs_sdk_client.BaseError {
+	constructor() {
+		super({
+			cause: null,
+			code: "no_phantom_session_error",
+			docsUrl: null,
+			name: "NoPhantomSessionError",
+			shortMessage: "No Phantom session found. Please connect first."
+		});
+	}
+};
+//#endregion
+//#region src/phantomRedirect/errors/PhantomMissingEncryptionParamsError.ts
+var PhantomMissingEncryptionParamsError = class extends _dynamic_labs_sdk_client.BaseError {
+	constructor() {
+		super({
+			cause: null,
+			code: "phantom_missing_encryption_params_error",
+			docsUrl: null,
+			name: "PhantomMissingEncryptionParamsError",
+			shortMessage: "Phantom redirect response is missing required encryption parameters (phantomPublicKey, data, or nonce)."
+		});
+	}
+};
+//#endregion
+//#region src/phantomRedirect/errors/PhantomRedirectRejectedError.ts
+var PhantomRedirectRejectedError = class extends _dynamic_labs_sdk_client.BaseError {
+	constructor({ errorCode, errorMessage }) {
+		super({
+			cause: null,
+			code: "phantom_redirect_rejected_error",
+			details: errorMessage,
+			docsUrl: null,
+			metaMessages: [`Error Code: ${errorCode}`],
+			name: "PhantomRedirectRejectedError",
+			shortMessage: "User rejected the request in Phantom wallet."
+		});
+	}
+};
+//#endregion
+//#region src/phantomRedirect/phantomRedirect.constants.ts
+const PHANTOM_DEEPLINK_BASE_URL = "https://phantom.app/ul/v1";
+const PHANTOM_SESSION_STORAGE_KEY = "phantom_session";
+const PHANTOM_PENDING_REQUEST_STORAGE_KEY = "phantom_pending_request";
+//#endregion
+//#region src/phantomRedirect/storage/pendingRequestStorageSchema/pendingRequestStorageSchema.ts
+/**
+* Storage schema for tracking pending Phantom wallet requests.
+* This temporary data is used to match redirect responses with their
+* originating requests and includes the encryption keys needed for decryption.
+*/
+const pendingRequestStorageKeySchema = (0, _dynamic_labs_sdk_client_core.createStorageKeySchema)({
+	key: PHANTOM_PENDING_REQUEST_STORAGE_KEY,
+	schema: zod_mini.object({
+		dappPublicKey: zod_mini.string(),
+		dappSecretKey: zod_mini.string(),
+		message: zod_mini.optional(zod_mini.string()),
+		method: zod_mini.string(),
+		requestId: zod_mini.string(),
+		timestamp: zod_mini.number(),
+		walletAddress: zod_mini.optional(zod_mini.string())
+	})
+});
+//#endregion
+//#region src/phantomRedirect/storage/phantomSessionStorageSchema/phantomSessionStorageSchema.ts
+/**
+* Storage schema for persisting Phantom wallet session data.
+* This includes the encryption keys and session information needed
+* for subsequent operations after the initial connection.
+*/
+const phantomSessionStorageKeySchema = (0, _dynamic_labs_sdk_client_core.createStorageKeySchema)({
+	key: PHANTOM_SESSION_STORAGE_KEY,
+	schema: zod_mini.object({
+		dappPublicKey: zod_mini.string(),
+		dappSecretKey: zod_mini.string(),
+		phantomPublicKey: zod_mini.string(),
+		sessionToken: zod_mini.string(),
+		sharedSecret: zod_mini.string(),
+		walletAddress: zod_mini.string()
+	})
+});
+//#endregion
+//#region src/phantomRedirect/utils/broadcastPhantomEvent/broadcastPhantomEvent.ts
+/**
+* Broadcasts a Phantom redirect event to other tabs via the crossTabBroadcast
+* service.
+*
+* Used by the redirect-completion tab to notify the originating tab that
+* an operation has finished, since onceEvent listeners are in-memory and
+* do not cross tab boundaries.
+*
+* @param params.event - The DynamicEvents event name to broadcast
+* @param params.args - The event arguments to include in the message
+* @param client - The Dynamic client instance
+*/
+const broadcastPhantomEvent = ({ args, event }, client) => {
+	(0, _dynamic_labs_sdk_client_core.getCore)(client).crossTabBroadcast.send({
+		args,
+		event
+	});
+};
+//#endregion
+//#region src/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.ts
+/**
+* Creates a shared secret for NaCl box encryption using our secret key and their public key.
+*
+* @param params.ourSecretKey - Our base58-encoded secret key
+* @param params.theirPublicKey - Their base58-encoded public key
+* @returns The base58-encoded shared secret
+*/
+const createNaClSharedSecret = ({ ourSecretKey, theirPublicKey }) => {
+	const sharedSecret = tweetnacl.default.box.before(bs58.default.decode(theirPublicKey), bs58.default.decode(ourSecretKey));
+	return bs58.default.encode(sharedSecret);
+};
+//#endregion
+//#region src/phantomRedirect/errors/PhantomRedirectDecryptionError.ts
+var PhantomRedirectDecryptionError = class extends _dynamic_labs_sdk_client.BaseError {
+	constructor() {
+		super({
+			cause: null,
+			code: "phantom_redirect_decryption_error",
+			docsUrl: null,
+			name: "PhantomRedirectDecryptionError",
+			shortMessage: "Failed to decrypt Phantom redirect response. The encryption keys may be invalid."
+		});
+	}
+};
+//#endregion
+//#region src/phantomRedirect/utils/crypto/decryptPayload/decryptPayload.ts
+/**
+* Decrypts a payload using NaCl box encryption with a shared secret.
+*
+* @param params.data - The base58-encoded encrypted data
+* @param params.nonce - The base58-encoded nonce
+* @param params.sharedSecret - The base58-encoded shared secret
+* @returns The decrypted payload object
+* @throws {PhantomRedirectDecryptionError} If decryption fails
+*/
+const decryptPayload = ({ data, nonce, sharedSecret }) => {
+	let decrypted;
+	try {
+		decrypted = tweetnacl.default.box.open.after(bs58.default.decode(data), bs58.default.decode(nonce), bs58.default.decode(sharedSecret));
+	} catch {
+		throw new PhantomRedirectDecryptionError();
+	}
+	if (!decrypted) throw new PhantomRedirectDecryptionError();
+	const decryptedString = (0, _dynamic_labs_sdk_client_core.getBuffer)().from(decrypted).toString("utf-8");
+	try {
+		return JSON.parse(decryptedString);
+	} catch {
+		throw new PhantomRedirectDecryptionError();
+	}
+};
+//#endregion
+//#region src/phantomRedirect/utils/getPhantomOriginTab/getPhantomOriginTab.ts
+/**
+* Per-client service that tracks whether this JavaScript context is the
+* **originating tab** that initiated a Phantom redirect request.
+*
+* Calling `getPhantomOriginTab(client)` for the first time lazily creates the
+* service with `isOriginTab: false`. `setupPhantomListeners` sets it to `true`
+* immediately when a request is initiated, so `completePhantomRedirect` can
+* detect clone tabs by checking this flag.
+*
+* Because the service is stored in the client's `runtimeServices` Map (one
+* entry per client instance), it is naturally scoped to the current JavaScript
+* context — no browser globals (`sessionStorage`, `window`) are needed, making
+* this approach compatible with SSR and React Native.
+*/
+const getPhantomOriginTab = (0, _dynamic_labs_sdk_client_core.createRuntimeServiceAccessKey)("phantomOriginTab", () => ({ isOriginTab: false }));
+//#endregion
+//#region src/phantomRedirect/utils/parsePhantomRedirectParams/parsePhantomRedirectParams.ts
+/**
+* Parses Phantom wallet redirect parameters from a URL.
+*
+* Extracts both success and error parameters from the redirect URL,
+* including encrypted response data or error information.
+*
+* @param params.url - The redirect URL containing Phantom parameters
+* @returns Object containing the parsed redirect parameters
+*/
+const parsePhantomRedirectParams = ({ url }) => {
+	const searchParams = url.searchParams;
+	return {
+		data: searchParams.get("data") ?? void 0,
+		errorCode: searchParams.get("errorCode") ?? void 0,
+		errorMessage: searchParams.get("errorMessage") ?? void 0,
+		nonce: searchParams.get("nonce") ?? void 0,
+		phantomPublicKey: searchParams.get("phantom_encryption_public_key") ?? void 0,
+		requestId: searchParams.get("request_id") ?? void 0
+	};
+};
+//#endregion
+//#region src/phantomRedirect/completePhantomRedirect/completePhantomRedirect.ts
+const methodErrorEventMap = {
+	connect: "phantomRedirectConnectionError",
+	disconnect: "phantomRedirectDisconnectError",
+	signAllTransactions: "phantomRedirectSignAllTransactionsError",
+	signAndSendTransaction: "phantomRedirectSignAndSendTransactionError",
+	signMessage: "phantomRedirectSignMessageError",
+	signTransaction: "phantomRedirectSignTransactionError"
+};
+/**
+* Returns true when the current JavaScript context is a **clone tab** —
+* a new browser tab that Phantom opened to deliver the redirect callback on
+* mobile browsers.
+*
+* ## Detection mechanism
+*
+* When a wallet operation is initiated (`connect`, `signMessage`, etc.)
+* `setupPhantomListeners` sets `isOriginTab = true` on the per-client
+* `phantomOriginTabService`. Because each browser tab (and each native mobile
+* context) has its own JavaScript heap, the clone tab's client starts with
+* `isOriginTab = false` and will never have it set to `true`.
+*
+* - `isOriginTab === false` → clone tab (mobile browser redirect) → should close
+* - `isOriginTab === true` → originating tab or native mobile context → should stay open
+*/
+const isCloneTab = (client) => !getPhantomOriginTab(client).isOriginTab;
+/**
+* Removes the pending request from storage, emits a Phantom redirect event to
+* the local client, broadcasts it to the originating tab via `BroadcastChannel`,
+* and — when running in a clone tab — emits `phantomRedirectCloseTab` so that
+* the customer's `onCloseTab` callback can close the tab.
+*
+* This is the single point of truth for all cleanup and event delivery in the
+* redirect flow. Every code path calls this exactly once, ensuring a consistent
+* ordering: remove pending request → emit → broadcast → (maybe) close tab.
+*/
+const completeAndEmitPhantomRedirectEvent = async ({ args, event }, client) => {
+	const core = (0, _dynamic_labs_sdk_client_core.getCore)(client);
+	const cloneTab = isCloneTab(client);
+	core.logger.debug("[PHANTOM] completeAndEmitPhantomRedirectEvent: start", {
+		event,
+		isCloneTab: cloneTab
+	});
+	await core.storage.removeItem(pendingRequestStorageKeySchema);
+	core.logger.debug("[PHANTOM] completeAndEmitPhantomRedirectEvent: emitting event locally", { event });
+	(0, _dynamic_labs_sdk_client_core.emitEvent)({
+		args,
+		event
+	}, client);
+	core.logger.debug("[PHANTOM] completeAndEmitPhantomRedirectEvent: broadcasting", { event });
+	broadcastPhantomEvent({
+		args,
+		event
+	}, client);
+	if (cloneTab) {
+		core.logger.debug("[PHANTOM] completeAndEmitPhantomRedirectEvent: emitting closeTab (clone tab)");
+		(0, _dynamic_labs_sdk_client_core.emitEvent)({
+			args: {},
+			event: "phantomRedirectCloseTab"
+		}, client);
+	}
+};
+/**
+* Completes the Phantom wallet redirect flow after the deep link callback.
+*
+* This function is called on the page that Phantom redirects back to after the
+* user approves or rejects a wallet operation. It processes the redirect URL,
+* decrypts the response, updates session storage, and emits the appropriate
+* events so that waiting callers (in this tab or the originating tab) can
+* resolve or reject their pending promises.
+*
+* ## Cross-tab delivery
+*
+* On mobile browsers, Phantom opens the redirect URL in a **new tab** (the
+* clone tab). Events are delivered to the originating tab via the
+* `BroadcastChannel` API. Once delivery is complete this function emits
+* `phantomRedirectCloseTab` so that the clone tab can be closed and the user
+* is returned to the originating tab. See the `phantomRedirectCloseTab` event
+* JSDoc for details on how to handle tab closing.
+*
+* @param params.url - The callback URL received from Phantom
+* @param client - The Dynamic client instance
+* @throws {NoPendingPhantomRequestError} If no pending request is found in storage
+* @throws {PhantomMissingEncryptionParamsError} If the URL is missing the
+*   required encryption parameters (`phantom_encryption_public_key`, `data`,
+*   `nonce`) and does not carry an error code either
+* @throws {PhantomRedirectRejectedError} If the user rejected the request in Phantom
+*/
+const completePhantomRedirect = async ({ url }, client = (0, _dynamic_labs_sdk_client_core.getDefaultClient)()) => {
+	const core = (0, _dynamic_labs_sdk_client_core.getCore)(client);
+	core.logger.debug("[PHANTOM] completePhantomRedirect: start", { search: url.search });
+	const params = parsePhantomRedirectParams({ url });
+	const pendingRequest = await core.storage.getItem(pendingRequestStorageKeySchema);
+	core.logger.debug("[PHANTOM] completePhantomRedirect: pendingRequest", {
+		found: !!pendingRequest,
+		method: pendingRequest?.method
+	});
+	if (!pendingRequest) throw new NoPendingPhantomRequestError();
+	if (params.errorCode) {
+		const error = new PhantomRedirectRejectedError({
+			errorCode: params.errorCode,
+			errorMessage: params.errorMessage
+		});
+		const event = methodErrorEventMap[pendingRequest.method];
+		await completeAndEmitPhantomRedirectEvent({
+			args: { error },
+			event
+		}, client);
+		return;
+	}
+	if (pendingRequest.method === "disconnect") {
+		await completeAndEmitPhantomRedirectEvent({
+			args: {},
+			event: "phantomRedirectDisconnectComplete"
+		}, client);
+		return;
+	}
+	if (!params.data || !params.nonce) {
+		await core.storage.removeItem(pendingRequestStorageKeySchema);
+		throw new PhantomMissingEncryptionParamsError();
+	}
+	let sharedSecret;
+	if (pendingRequest.method === "connect") {
+		if (!params.phantomPublicKey) throw new PhantomMissingEncryptionParamsError();
+		sharedSecret = createNaClSharedSecret({
+			ourSecretKey: pendingRequest.dappSecretKey,
+			theirPublicKey: params.phantomPublicKey
+		});
+	} else {
+		const session = await core.storage.getItem(phantomSessionStorageKeySchema);
+		if (!session) throw new NoPhantomSessionError();
+		sharedSecret = session.sharedSecret;
+	}
+	const decryptedData = decryptPayload({
+		data: params.data,
+		nonce: params.nonce,
+		sharedSecret
+	});
+	if (pendingRequest.method === "connect") {
+		const connectData = decryptedData;
+		await core.storage.setItem(phantomSessionStorageKeySchema, {
+			dappPublicKey: pendingRequest.dappPublicKey,
+			dappSecretKey: pendingRequest.dappSecretKey,
+			phantomPublicKey: params.phantomPublicKey,
+			sessionToken: connectData.session,
+			sharedSecret,
+			walletAddress: connectData.public_key
+		});
+		await completeAndEmitPhantomRedirectEvent({
+			args: {
+				address: connectData.public_key,
+				publicKey: connectData.public_key
+			},
+			event: "phantomRedirectConnectionComplete"
+		}, client);
+	} else if (pendingRequest.method === "signMessage") {
+		const signData = decryptedData;
+		await completeAndEmitPhantomRedirectEvent({
+			args: {
+				message: pendingRequest.message,
+				signature: signData.signature
+			},
+			event: "phantomRedirectSignMessageComplete"
+		}, client);
+	} else if (pendingRequest.method === "signTransaction") await completeAndEmitPhantomRedirectEvent({
+		args: { transaction: decryptedData.transaction },
+		event: "phantomRedirectSignTransactionComplete"
+	}, client);
+	else if (pendingRequest.method === "signAllTransactions") await completeAndEmitPhantomRedirectEvent({
+		args: { transactions: decryptedData.transactions },
+		event: "phantomRedirectSignAllTransactionsComplete"
+	}, client);
+	else await completeAndEmitPhantomRedirectEvent({
+		args: { signature: decryptedData.signature },
+		event: "phantomRedirectSignAndSendTransactionComplete"
+	}, client);
+};
+//#endregion
+//#region src/phantomRedirect/utils/buildPhantomDeepLink/buildPhantomDeepLink.ts
+/**
+* Builds a Phantom wallet deep link URL for wallet operations.
+*
+* @param params.method - The operation method (connect, signMessage, signTransaction, etc.)
+* @param params.appUrl - Optional dApp URL shown in Phantom's UI
+* @param params.dappPublicKey - The dApp's base58-encoded public encryption key
+* @param params.redirectUrl - The URL to redirect back to after the operation
+* @param params.cluster - Optional Solana cluster (mainnet-beta, devnet, testnet)
+* @param params.payload - Optional encrypted payload for signing operations
+* @param params.nonce - Optional nonce for encrypted payload
+* @returns The complete Phantom deep link URL
+*/
+const buildPhantomDeepLink = ({ appUrl, cluster, dappPublicKey, method, nonce, payload, redirectUrl }) => {
+	const url = new URL(`${PHANTOM_DEEPLINK_BASE_URL}/${method}`);
+	url.searchParams.set("dapp_encryption_public_key", dappPublicKey);
+	url.searchParams.set("redirect_link", redirectUrl);
+	if (appUrl) url.searchParams.set("app_url", appUrl);
+	if (cluster) url.searchParams.set("cluster", cluster);
+	if (payload) url.searchParams.set("payload", payload);
+	if (nonce) url.searchParams.set("nonce", nonce);
+	return url;
+};
+//#endregion
+//#region src/phantomRedirect/utils/crypto/encryptPayload/encryptPayload.ts
+/**
+* Encrypts a payload using NaCl box encryption with a shared secret.
+*
+* @param params.payload - The payload object to encrypt
+* @param params.sharedSecret - The base58-encoded shared secret
+* @returns The encrypted data and nonce, both base58-encoded
+*/
+const encryptPayload = ({ payload, sharedSecret }) => {
+	const nonce = tweetnacl.default.randomBytes(tweetnacl.default.box.nonceLength);
+	const payloadString = JSON.stringify(payload);
+	const payloadBytes = new Uint8Array((0, _dynamic_labs_sdk_client_core.getBuffer)().from(payloadString, "utf8"));
+	const encrypted = tweetnacl.default.box.after(payloadBytes, nonce, bs58.default.decode(sharedSecret));
+	return {
+		data: bs58.default.encode(encrypted),
+		nonce: bs58.default.encode(nonce)
+	};
+};
+//#endregion
+//#region src/phantomRedirect/utils/crypto/generateNaClKeyPair/generateNaClKeyPair.ts
+/**
+* Generates a new NaCl key pair for encryption.
+*
+* @returns A key pair with base58-encoded public and secret keys
+*/
+const generateNaClKeyPair = () => {
+	const keyPair = tweetnacl.default.box.keyPair();
+	return {
+		publicKey: bs58.default.encode(keyPair.publicKey),
+		secretKey: bs58.default.encode(keyPair.secretKey)
+	};
+};
+//#endregion
+//#region src/phantomRedirect/utils/getPhantomCluster/getPhantomCluster.ts
+/**
+* Returns the Solana cluster name expected by Phantom's deep link protocol
+* (e.g. "mainnet-beta", "devnet", "testnet").
+*
+* - When a `walletAccount` is provided, reads the cluster from the active network
+*   data for that account.
+* - When no `walletAccount` is provided (e.g. during `connect` before an account
+*   exists), falls back to the first registered SOL network provider's cluster.
+*
+* Returns `undefined` if no cluster can be determined; Phantom will use the
+* wallet's default in that case.
+*/
+const getPhantomCluster = async ({ dynamicClient, walletAccount }) => {
+	if (walletAccount) {
+		const { networkData } = await (0, _dynamic_labs_sdk_client.getActiveNetworkData)({ walletAccount }, dynamicClient);
+		return networkData?.cluster ?? void 0;
+	}
+	return (0, _dynamic_labs_sdk_client_core.getNetworkProviders)(dynamicClient).find((p) => p.chain === "SOL")?.cluster ?? void 0;
+};
+//#endregion
+//#region src/phantomRedirect/utils/listenForPhantomBroadcast/listenForPhantomBroadcast.ts
+/**
+* Registers listeners for Phantom redirect events broadcast from other tabs
+* (e.g. the redirect-completion tab), using the crossTabBroadcast service.
+*
+* Returns a cleanup function that unregisters all listeners — call it when the
+* operation is no longer pending (e.g. in a promise `.finally()`).
+*
+* @param listeners - Map of event names to handler functions
+* @param client - The Dynamic client instance
+* @returns Cleanup function that removes all registered listeners
+*/
+const listenForPhantomBroadcast = (listeners, client) => {
+	const { crossTabBroadcast } = (0, _dynamic_labs_sdk_client_core.getCore)(client);
+	const wrappedListeners = Object.entries(listeners).map(([event, listener]) => {
+		const wrapped = (args) => {
+			listener(args);
+		};
+		crossTabBroadcast.on(event, wrapped);
+		return {
+			event,
+			wrapped
+		};
+	});
+	return () => {
+		wrappedListeners.forEach(({ event, wrapped }) => {
+			crossTabBroadcast.off(event, wrapped);
+		});
+	};
+};
+//#endregion
+//#region src/phantomRedirect/createPhantomRedirectWalletProvider/createPhantomRedirectWalletProvider.ts
+/**
+* Generates a random alphanumeric string of specified length.
+*/
+const randomString = (length) => {
+	const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+	const bytes = crypto.getRandomValues(new Uint8Array(length));
+	return Array.from(bytes, (byte) => chars[byte % 62]).join("");
+};
+/**
+* Extracts the dApp URL from a redirect URL.
+*/
+const extractDappUrl = (redirectUrl) => {
+	const url = new URL(redirectUrl);
+	return `${url.protocol}//${url.host}`;
+};
+/**
+* Creates a Phantom redirect-based Solana wallet provider.
+*
+* This wallet provider uses Phantom's deep link protocol for mobile wallet
+* interactions with end-to-end encryption using NaCl.
+*
+* @param params.dynamicClient - The Dynamic client instance
+* @returns A Phantom redirect wallet provider
+*/
+const createPhantomRedirectWalletProvider = ({ baseRedirectUrl, dynamicClient }) => {
+	const core = (0, _dynamic_labs_sdk_client_core.getCore)(dynamicClient);
+	const walletProviderType = _dynamic_labs_sdk_api_core.WalletProviderEnum.DeepLink;
+	const key = (0, _dynamic_labs_sdk_client_core.formatWalletProviderKey)({
+		chain: "SOL",
+		displayName: "Phantom",
+		walletProviderType
+	});
+	const groupKey = (0, _dynamic_labs_sdk_client_core.formatWalletProviderGroupKey)("Phantom");
+	const metadata = {
+		displayName: "Phantom",
+		icon: "https://phantom.app/img/phantom-logo.svg"
+	};
+	const getSession = async () => {
+		const session = await core.storage.getItem(phantomSessionStorageKeySchema);
+		if (!session) throw new NoPhantomSessionError();
+		return session;
+	};
+	const setPendingRequest = async (request) => {
+		await core.storage.setItem(pendingRequestStorageKeySchema, request);
+	};
+	/**
+	* Registers listeners for both delivery paths Phantom uses depending on platform:
+	* - In mobile native, we get redirected back to the same context, so onceEvent suffices.
+	* - In mobile browsers, we get redirected back to a new tab, so a BroadcastChannel listener
+	*   is also needed to receive the completion event from that tab.
+	*
+	* The broadcast channel is closed once the deferred promise settles.
+	*/
+	const setupPhantomListeners = ({ completeEvent, deferredPromise, errorEvent, onComplete, onError }) => {
+		getPhantomOriginTab(dynamicClient).isOriginTab = true;
+		core.logger.debug("[PHANTOM] setupPhantomListeners: isOriginTab=true, registering listeners", {
+			completeEvent,
+			errorEvent
+		});
+		(0, _dynamic_labs_sdk_client.onceEvent)({
+			event: completeEvent,
+			listener: onComplete
+		}, dynamicClient);
+		(0, _dynamic_labs_sdk_client.onceEvent)({
+			event: errorEvent,
+			listener: onError
+		}, dynamicClient);
+		const closeChannel = listenForPhantomBroadcast({
+			[completeEvent]: onComplete,
+			[errorEvent]: onError
+		}, dynamicClient);
+		deferredPromise.promise.finally(() => {
+			core.logger.debug("[PHANTOM] setupPhantomListeners: deferred promise settled, closing channel");
+			closeChannel();
+		}).catch(() => {});
+	};
+	const connect = async () => {
+		core.logger.debug("[PHANTOM] connect: start");
+		const redirectUrl = baseRedirectUrl;
+		const { publicKey: dappPublicKey, secretKey: dappSecretKey } = generateNaClKeyPair();
+		await setPendingRequest({
+			dappPublicKey,
+			dappSecretKey,
+			method: "connect",
+			requestId: randomString(32),
+			timestamp: Date.now()
+		});
+		core.logger.debug("[PHANTOM] connect: pending request stored, setting up listeners");
+		const deferredPromise = (0, _dynamic_labs_sdk_client_core.createDeferredPromise)();
+		setupPhantomListeners({
+			completeEvent: "phantomRedirectConnectionComplete",
+			deferredPromise,
+			errorEvent: "phantomRedirectConnectionError",
+			onComplete: ({ address, publicKey }) => {
+				core.logger.debug("[PHANTOM] connect: onComplete called", { address });
+				deferredPromise.resolve({ addresses: [{
+					address,
+					publicKey
+				}] });
+			},
+			onError: ({ error }) => {
+				core.logger.debug("[PHANTOM] connect: onError called", { error });
+				deferredPromise.reject(error);
+			}
+		});
+		const cluster = await getPhantomCluster({ dynamicClient });
+		const deepLinkUrl = buildPhantomDeepLink({
+			appUrl: extractDappUrl(redirectUrl),
+			cluster,
+			dappPublicKey,
+			method: "connect",
+			redirectUrl
+		});
+		core.logger.debug("[PHANTOM] connect: opening deeplink", { redirectUrl });
+		await core.openDeeplink(deepLinkUrl.toString());
+		core.logger.debug("[PHANTOM] connect: deeplink opened, awaiting deferred promise");
+		return deferredPromise.promise;
+	};
+	const disconnect = async () => {
+		const session = await getSession();
+		const redirectUrl = baseRedirectUrl;
+		const { data, nonce } = encryptPayload({
+			payload: { session: session.sessionToken },
+			sharedSecret: session.sharedSecret
+		});
+		const requestId = randomString(32);
+		await setPendingRequest({
+			dappPublicKey: session.dappPublicKey,
+			dappSecretKey: session.dappSecretKey,
+			method: "disconnect",
+			requestId,
+			timestamp: Date.now()
+		});
+		const deferredPromise = (0, _dynamic_labs_sdk_client_core.createDeferredPromise)();
+		setupPhantomListeners({
+			completeEvent: "phantomRedirectDisconnectComplete",
+			deferredPromise,
+			errorEvent: "phantomRedirectDisconnectError",
+			onComplete: async () => {
+				await core.storage.removeItem(phantomSessionStorageKeySchema);
+				deferredPromise.resolve();
+			},
+			onError: ({ error }) => {
+				deferredPromise.reject(error);
+			}
+		});
+		const deepLinkUrl = buildPhantomDeepLink({
+			appUrl: extractDappUrl(redirectUrl),
+			dappPublicKey: session.dappPublicKey,
+			method: "disconnect",
+			nonce,
+			payload: data,
+			redirectUrl
+		});
+		await core.openDeeplink(deepLinkUrl.toString());
+		return deferredPromise.promise;
+	};
+	const getActiveNetworkId = async () => (0, _dynamic_labs_sdk_client_core.getActiveNetworkIdFromLastKnownRegistry)({
+		client: dynamicClient,
+		walletProviderKey: key
+	});
+	const getConnectedAddresses = async () => {
+		return { addresses: [(await getSession()).walletAddress] };
+	};
+	const signMessage = async ({ message, walletAccount }) => {
+		(0, _dynamic_labs_sdk_client_core.assertDefined)(walletAccount, "Wallet account is required for Phantom redirect");
+		const redirectUrl = baseRedirectUrl;
+		const session = await getSession();
+		const { data, nonce } = encryptPayload({
+			payload: {
+				message: bs58.default.encode(new Uint8Array((0, _dynamic_labs_sdk_client_core.getBuffer)().from(message))),
+				session: session.sessionToken
+			},
+			sharedSecret: session.sharedSecret
+		});
+		const requestId = randomString(32);
+		await setPendingRequest({
+			dappPublicKey: session.dappPublicKey,
+			dappSecretKey: session.dappSecretKey,
+			message,
+			method: "signMessage",
+			requestId,
+			timestamp: Date.now(),
+			walletAddress: walletAccount.address
+		});
+		const deferredPromise = (0, _dynamic_labs_sdk_client_core.createDeferredPromise)();
+		setupPhantomListeners({
+			completeEvent: "phantomRedirectSignMessageComplete",
+			deferredPromise,
+			errorEvent: "phantomRedirectSignMessageError",
+			onComplete: ({ signature }) => {
+				deferredPromise.resolve({ signature });
+			},
+			onError: ({ error }) => {
+				deferredPromise.reject(error);
+			}
+		});
+		const cluster = await getPhantomCluster({
+			dynamicClient,
+			walletAccount
+		});
+		const deepLinkUrl = buildPhantomDeepLink({
+			appUrl: extractDappUrl(redirectUrl),
+			cluster,
+			dappPublicKey: session.dappPublicKey,
+			method: "signMessage",
+			nonce,
+			payload: data,
+			redirectUrl
+		});
+		await core.openDeeplink(deepLinkUrl.toString());
+		return deferredPromise.promise;
+	};
+	const signTransaction$1 = async ({ transaction, walletAccount }) => {
+		(0, _dynamic_labs_sdk_client_core.assertDefined)(walletAccount, "Wallet account is required for Phantom redirect");
+		const redirectUrl = baseRedirectUrl;
+		const session = await getSession();
+		const serialized = transaction instanceof _solana_web3_js.VersionedTransaction ? transaction.serialize() : transaction.serialize({
+			requireAllSignatures: false,
+			verifySignatures: false
+		});
+		const transactionBase58 = bs58.default.encode(new Uint8Array(serialized));
+		const { data, nonce } = encryptPayload({
+			payload: {
+				session: session.sessionToken,
+				transaction: transactionBase58
+			},
+			sharedSecret: session.sharedSecret
+		});
+		const requestId = randomString(32);
+		await setPendingRequest({
+			dappPublicKey: session.dappPublicKey,
+			dappSecretKey: session.dappSecretKey,
+			method: "signTransaction",
+			requestId,
+			timestamp: Date.now(),
+			walletAddress: walletAccount.address
+		});
+		const deferredPromise = (0, _dynamic_labs_sdk_client_core.createDeferredPromise)();
+		const deserializeTransaction = ({ transaction: signedTransactionBase58 }) => {
+			const decoded = bs58.default.decode(signedTransactionBase58);
+			const signedTransaction = transaction instanceof _solana_web3_js.VersionedTransaction ? _solana_web3_js.VersionedTransaction.deserialize(decoded) : _solana_web3_js.Transaction.from(decoded);
+			deferredPromise.resolve({ signedTransaction });
+		};
+		setupPhantomListeners({
+			completeEvent: "phantomRedirectSignTransactionComplete",
+			deferredPromise,
+			errorEvent: "phantomRedirectSignTransactionError",
+			onComplete: deserializeTransaction,
+			onError: ({ error }) => {
+				deferredPromise.reject(error);
+			}
+		});
+		const cluster = await getPhantomCluster({
+			dynamicClient,
+			walletAccount
+		});
+		const deepLinkUrl = buildPhantomDeepLink({
+			appUrl: extractDappUrl(redirectUrl),
+			cluster,
+			dappPublicKey: session.dappPublicKey,
+			method: "signTransaction",
+			nonce,
+			payload: data,
+			redirectUrl
+		});
+		await core.openDeeplink(deepLinkUrl.toString());
+		return deferredPromise.promise;
+	};
+	const signAllTransactions$1 = async ({ transactions, walletAccount }) => {
+		(0, _dynamic_labs_sdk_client_core.assertDefined)(walletAccount, "Wallet account is required for Phantom redirect");
+		const redirectUrl = baseRedirectUrl;
+		const session = await getSession();
+		const transactionsBase58 = transactions.map((tx) => tx instanceof _solana_web3_js.VersionedTransaction ? tx.serialize() : tx.serialize({
+			requireAllSignatures: false,
+			verifySignatures: false
+		})).map((s) => bs58.default.encode(new Uint8Array(s)));
+		const { data, nonce } = encryptPayload({
+			payload: {
+				session: session.sessionToken,
+				transactions: transactionsBase58
+			},
+			sharedSecret: session.sharedSecret
+		});
+		const requestId = randomString(32);
+		await setPendingRequest({
+			dappPublicKey: session.dappPublicKey,
+			dappSecretKey: session.dappSecretKey,
+			method: "signAllTransactions",
+			requestId,
+			timestamp: Date.now(),
+			walletAddress: walletAccount.address
+		});
+		const deferredPromise = (0, _dynamic_labs_sdk_client_core.createDeferredPromise)();
+		const deserializeTransactions = ({ transactions: signedTransactionsBase58 }) => {
+			const signedTransactions = signedTransactionsBase58.map((txBase58, i) => {
+				const decoded = bs58.default.decode(txBase58);
+				return transactions[i] instanceof _solana_web3_js.VersionedTransaction ? _solana_web3_js.VersionedTransaction.deserialize(decoded) : _solana_web3_js.Transaction.from(decoded);
+			});
+			deferredPromise.resolve({ signedTransactions });
+		};
+		setupPhantomListeners({
+			completeEvent: "phantomRedirectSignAllTransactionsComplete",
+			deferredPromise,
+			errorEvent: "phantomRedirectSignAllTransactionsError",
+			onComplete: deserializeTransactions,
+			onError: ({ error }) => {
+				deferredPromise.reject(error);
+			}
+		});
+		const cluster = await getPhantomCluster({
+			dynamicClient,
+			walletAccount
+		});
+		const deepLinkUrl = buildPhantomDeepLink({
+			appUrl: extractDappUrl(redirectUrl),
+			cluster,
+			dappPublicKey: session.dappPublicKey,
+			method: "signAllTransactions",
+			nonce,
+			payload: data,
+			redirectUrl
+		});
+		await core.openDeeplink(deepLinkUrl.toString());
+		return deferredPromise.promise;
+	};
+	const signAndSendTransaction$1 = async ({ options, transaction, walletAccount }) => {
+		const { signedTransaction } = await signTransaction$1({
+			transaction,
+			walletAccount
+		});
+		const { networkData } = await (0, _dynamic_labs_sdk_client.getActiveNetworkData)({ walletAccount }, dynamicClient);
+		(0, _dynamic_labs_sdk_client_core.assertDefined)(networkData, "Network data is required to broadcast transaction");
+		const connection = require_addWaasSolanaExtension.getSolanaConnection({ networkData });
+		const rawTransaction = signedTransaction.serialize();
+		return { signature: await connection.sendRawTransaction(rawTransaction, options) };
+	};
+	return {
+		chain: "SOL",
+		connect,
+		disconnect,
+		getActiveNetworkId,
+		getConnectedAddresses,
+		groupKey,
+		key,
+		metadata,
+		signAllTransactions: signAllTransactions$1,
+		signAndSendTransaction: signAndSendTransaction$1,
+		signMessage,
+		signTransaction: signTransaction$1,
+		walletProviderType
+	};
+};
+//#endregion
+//#region src/phantomRedirect/detectPhantomRedirect/detectPhantomRedirect.ts
+/**
+* Detects if the current URL is a Phantom wallet redirect.
+*
+* This function examines the URL parameters to determine if it contains
+* redirect data from a Phantom wallet deep link operation, and validates
+* that there is a corresponding pending request in storage.
+*
+* @param params.url - The URL to check for Phantom redirect parameters
+* @param client - The Dynamic client instance
+* @returns A promise that resolves to true if the URL is a valid Phantom redirect, false otherwise
+*/
+const detectPhantomRedirect = async ({ url }, client = (0, _dynamic_labs_sdk_client_core.getDefaultClient)()) => {
+	const core = (0, _dynamic_labs_sdk_client_core.getCore)(client);
+	if (!(url.searchParams.has("phantom_encryption_public_key") || url.searchParams.has("errorCode"))) return false;
+	await core.initTrack.waitForAll();
+	const pendingRequest = await core.storage.getItem(pendingRequestStorageKeySchema);
+	return Boolean(pendingRequest);
+};
+//#endregion
+//#region src/phantomRedirect/addPhantomRedirectSolanaExtension/addPhantomRedirectSolanaExtension.ts
+const PHANTOM_REDIRECT_SOLANA_EXTENSION_KEY = "phantomRedirectSolana";
+/**
+* Adds the Phantom redirect Solana extension to the Dynamic client.
+*
+* ### What this extension does
+*
+* This extension enables Phantom wallet integration via deep link redirects,
+* designed for mobile environments where a browser extension is not available.
+*
+* On initialization it:
+* 1. Registers the internal Dynamic extension logic handlers.
+* 2. Detects whether the current URL is a Phantom redirect callback and, if
+*    so, completes the pending operation (decrypt response, emit events,
+*    broadcast to originating tab).
+* 3. Sets up the `onCloseTab` listener so that the clone tab is closed after completion.
+*
+* ### Mobile browser redirect flow
+*
+* ```
+* [Tab 1 — your app]              [Phantom app / PWA]      [Tab 2 — clone]
+*   connect()
+*   openDeeplink(phantomUrl) ─────────────►
+*                                  user approves
+*                                  redirect to app ───────────────►
+*                                                           completePhantomRedirect()
+*                                                           broadcastPhantomEvent()
+*                                                           emits phantomRedirectCloseTab
+*                                                           onCloseTab() → window.close()
+*   BroadcastChannel receives ◄──────────────────────────────────────────────
+*   deferredPromise.resolve()
+* ```
+*
+* ### Mobile native flow (React Native / Capacitor)
+*
+* The deep link is delivered to the same JavaScript context, so `Tab 2` never
+* exists. `completePhantomRedirect` detects this via a `sessionStorage`
+* marker written during request initiation and does **not** emit
+* `phantomRedirectCloseTab`.
+*
+* @param params.url - The current page URL
+* @param params.onCloseTab - Callback invoked when the clone tab should close
+* @param params.disableAutoRedirectCompletion - Skip auto detection/completion
+* @param [client] - The Dynamic client. Only required for multiple clients.
+*/
+const addPhantomRedirectSolanaExtension = async ({ disableAutoRedirectCompletion, onCloseTab, url }, client = (0, _dynamic_labs_sdk_client_core.getDefaultClient)()) => {
+	if ((0, _dynamic_labs_sdk_client_core.hasExtension)({ extensionKey: PHANTOM_REDIRECT_SOLANA_EXTENSION_KEY }, client)) return;
+	(0, _dynamic_labs_sdk_client_core.registerExtension)({ extensionKey: PHANTOM_REDIRECT_SOLANA_EXTENSION_KEY }, client);
+	require_isVersionedTransaction.registerSolanaNetworkProviderBuilder(client);
+	const core = (0, _dynamic_labs_sdk_client_core.getCore)(client);
+	if (!disableAutoRedirectCompletion) {
+		core.logger.debug("[PHANTOM] addPhantomRedirectSolanaExtension: detecting redirect", { search: url.search });
+		const isRedirect = await detectPhantomRedirect({ url }, client);
+		core.logger.debug("[PHANTOM] addPhantomRedirectSolanaExtension: isRedirect", { isRedirect });
+		if (isRedirect) {
+			(0, _dynamic_labs_sdk_client.onceEvent)({
+				event: "phantomRedirectCloseTab",
+				listener: onCloseTab
+			}, client);
+			core.initTrack.track({
+				name: "phantomRedirectCompletion",
+				promise: completePhantomRedirect({ url }, client).catch((error) => {
+					core.logger.debug("[PHANTOM] addPhantomRedirectSolanaExtension: completion failed", { error });
+					core.logger.error("Phantom redirect completion failed:", error);
+				})
+			});
+		}
+	}
+	const walletProvider = createPhantomRedirectWalletProvider({
+		baseRedirectUrl: `${url.protocol}//${url.host}${url.pathname}`,
+		dynamicClient: client
+	});
+	(0, _dynamic_labs_sdk_client_core.getWalletProviderRegistry)(client).register({
+		priority: _dynamic_labs_sdk_client_core.WalletProviderPriority.WINDOW_INJECT,
+		walletProvider
+	});
+};
 //#endregion
 //#region src/isSolanaWalletProvider/isSolanaWalletProvider.ts
 const isSolanaWalletProvider = (provider) => {
@@ -315,8 +1289,11 @@ const signTransaction = async ({ walletAccount, transaction }, client = (0, _dyn
 //#endregion
 exports.NotSolanaProviderError = NotSolanaProviderError;
 exports.SponsorTransactionError = require_addWaasSolanaExtension.SponsorTransactionError;
+exports.addPhantomRedirectSolanaExtension = addPhantomRedirectSolanaExtension;
 exports.addSolanaExtension = addSolanaExtension;
 exports.calculateSolanaTransactionFee = calculateSolanaTransactionFee;
+exports.completePhantomRedirect = completePhantomRedirect;
+exports.detectPhantomRedirect = detectPhantomRedirect;
 exports.getSolanaConnection = require_addWaasSolanaExtension.getSolanaConnection;
 exports.isSolanaNetworkProvider = isSolanaNetworkProvider;
 exports.isSolanaWalletAccount = isSolanaWalletAccount;