@dynamic-labs/sdk-react-core 4.25.4 → 4.25.5

package/src/lib/utils/hooks/useEmbeddedWalletSessionKeys/useEmbeddedWalletSessionKeys.cjs

@@ -38,27 +38,32 @@ var getPrimaryTurnkeyWalletId = require('../../functions/getPrimaryTurnkeyWallet
 const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
     const user = useOnboardingCompleteUser.useOnboardingCompleteUserProfile();
     // scenario 1: first time session register on first transaction.
-    // Keys will have been previously generated at this point in local storage but marked as not registered
-    // scenario 2: 2nd time register after expiration (key refresh)
-    // scenario 3: refresh/rerender page - session still active
-    // scenario 4: refresh/rerender page - session no longer active
+    // scenario 2: refresh/rerender page - session still active and registered (keys were previously generated
+    //             but never registered with the backend)
+    // scenario 3: session expired and needs to be refreshed
+    // Helper to get decoded session keys from storage
     const registerEmbeddedWalletSessionKey = (...args_1) => _tslib.__awaiter(void 0, [...args_1], void 0, function* ({ ignoreRestore = false, } = {}) {
+        if (!user) {
+            throw new Error('User not found');
+        }
         // check if session keys are already stored in session storage
-        const sessionKeysSS = utils.StorageService.getItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        let decodedSessionKeys = getDecodedSessionKeys();
         utils.tracing.logEvent('session-key', 'registerEmbeddedWalletSessionKey', utils.tracing.formatObject({
             hasDecodedSessionKeys: Boolean(decodedSessionKeys),
             publicKey: decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.publicKey,
         }));
         if (!decodedSessionKeys) {
-            walletConnectorCore.logger.warn('Could not find session keys. Re-authentication is required to create new session keys.');
-            dynamicEvents.dynamicEvents.emit('triggerLogout');
-            throw new Error('Could not find session keys. Re-authentication is required to create new session keys.');
-        }
-        if (!user) {
-            throw new Error('User not found');
+            // We should never be in a situation where we don't have session keys in storage.
+            // But right now we are in a situation where we don't have session keys in storage,
+            // in many situations.
+            // but this is a fallback to ensure that we always have session keys
+            // To note that this would only work if chaining is disabled in the backend
+            // since the original key was registered for chaining, and now we don't have it
+            // it will fail when interacting with the backend if chaining is enabled.
+            // This logic will be removed and reverted back to logging out once we find
+            // the culprit that cause many of these to happen.
+            walletConnectorCore.logger.error('Session keys not found in storage. Generating new session keys.', { userId: user === null || user === void 0 ? void 0 : user.userId });
+            decodedSessionKeys = yield generateSessionKey();
         }
         const isSessionKeyValid = decodedSessionKeys.expirationDate &&
             new Date() <= new Date(decodedSessionKeys.expirationDate) &&
@@ -67,7 +72,7 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
             isSessionKeyValid: Boolean(isSessionKeyValid),
         }));
         if (isSessionKeyValid) {
-            // scenario 3
+            // scenario 1 - session is valid and registered
             return decodedSessionKeys;
         }
         utils.tracing.logEvent('session-key', 'decodedSessionKeys', utils.tracing.formatObject({
@@ -79,48 +84,23 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         let privateKeyJwk;
         let prevSessionKeySignature = undefined;
         if (!decodedSessionKeys.registered) {
-            // scenario 1
+            // scenario 2 - session needs to be registered
             ({ publicKey, privateKey, privateKeyJwk } = decodedSessionKeys);
         }
         else {
-            // scenario 2 and 4
-            const { publicKey: nextPublicKey, privateKey: nextPrivateKey, privateKeyJwk: nextPrivateKeyJwk, } = yield generateSessionKey();
-            publicKey = nextPublicKey;
-            privateKey = nextPrivateKey;
-            privateKeyJwk = nextPrivateKeyJwk;
+            // scenario 3 - session expired singing with the old key and generating a new one
             prevSessionKeySignature = yield keyService.p256Sign(decodedSessionKeys.privateKeyJwk, user.sessionId);
-            utils.tracing.logEvent('session-key', 'Loaded prevSessionKeySignature', utils.tracing.formatObject({ nextPublicKey, prevSessionKeySignature }));
-        }
-        let resp;
-        const primaryWalletId$1 = primaryWalletId.getPrimaryWalletId();
-        if (!primaryWalletId$1) {
-            throw new Error('Primary wallet ID not found');
-        }
-        const turnkeyWalletId = getPrimaryTurnkeyWalletId.getPrimaryTurnkeyWalletId(primaryWalletId$1, user.verifiedCredentials);
-        try {
-            resp = yield embeddedWallets.registerSessionKey({
-                environmentId,
-                prevSessionKeySignature,
-                publicKey,
-                walletId: turnkeyWalletId,
-            });
-        }
-        catch (error) {
-            if (error instanceof utils.InvalidEmbeddedWalletSessionKeyError) {
-                // this can happen if the public key passed during initial registration
-                // does not match the root session public key that the backend expects
-                walletConnectorCore.logger.warn('Invalid embedded wallet session key. Re-authentication is required to create new session keys.');
-                dynamicEvents.dynamicEvents.emit('triggerLogout');
-            }
-            throw error;
+            ({ publicKey, privateKey, privateKeyJwk } = yield generateSessionKey());
+            utils.tracing.logEvent('session-key', 'Loaded prevSessionKeySignature', utils.tracing.formatObject({ prevSessionKeySignature, publicKey }));
         }
-        const expirationDate = new Date(resp.expiresAt * 1000);
-        utils.tracing.logEvent('session-key', 'Created new session key', utils.tracing.formatObject({
-            expirationDate,
+        return registerHelper({
+            environmentId,
+            prevSessionKeySignature,
+            privateKey,
+            privateKeyJwk,
             publicKey,
-        }));
-        utils.StorageService.setItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, keyService.toEncodedFormat(publicKey, privateKey, privateKeyJwk, true, expirationDate), localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        return { expirationDate, privateKey, publicKey };
+            user,
+        });
     });
     const generateSessionKey = () => _tslib.__awaiter(void 0, void 0, void 0, function* () {
         const { private: privateKey, public: publicKey, privateJwk, } = yield keyService.p256Keygen();
@@ -129,13 +109,15 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
             publicKey,
         }));
         utils.StorageService.setItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, keyService.toEncodedFormat(publicKey, privateKey, privateJwk, false), localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        return { privateKey, privateKeyJwk: privateJwk, publicKey };
+        return {
+            privateKey,
+            privateKeyJwk: privateJwk,
+            publicKey,
+            registered: false,
+        };
     });
     const getSessionPublicKey = () => {
-        const sessionKeysSS = utils.StorageService.getItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        const decodedSessionKeys = getDecodedSessionKeys();
         if (!(decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.publicKey)) {
             utils.tracing.logEvent('session-key', 'getSessionPublicKey', 'Could not find session keys.');
             throw new Error('Could not find session keys.');
@@ -154,10 +136,7 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         if (!sessionId) {
             throw new Error('Session ID not found');
         }
-        const sessionKeysSS = utils.StorageService.getItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        const decodedSessionKeys = getDecodedSessionKeys();
         if (!(decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.privateKeyJwk)) {
             throw new Error('Private key JWK not found');
         }
@@ -168,6 +147,47 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         utils.tracing.logEvent('session-key', 'removeSessionKey');
         utils.StorageService.removeItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
     }, []);
+    /////////////////////
+    // Helper Methods ///
+    /////////////////////
+    const registerHelper = (_a) => _tslib.__awaiter(void 0, [_a], void 0, function* ({ environmentId, prevSessionKeySignature, publicKey, privateKey, privateKeyJwk, user, }) {
+        let resp;
+        const primaryWalletId$1 = primaryWalletId.getPrimaryWalletId();
+        if (!primaryWalletId$1) {
+            throw new Error('Primary wallet ID not found');
+        }
+        const turnkeyWalletId = getPrimaryTurnkeyWalletId.getPrimaryTurnkeyWalletId(primaryWalletId$1, user.verifiedCredentials);
+        try {
+            resp = yield embeddedWallets.registerSessionKey({
+                environmentId,
+                prevSessionKeySignature,
+                publicKey,
+                walletId: turnkeyWalletId,
+            });
+        }
+        catch (error) {
+            if (error instanceof utils.InvalidEmbeddedWalletSessionKeyError) {
+                // this can happen if the public key passed during initial registration
+                // does not match the root session public key that the backend expects
+                walletConnectorCore.logger.warn('Invalid embedded wallet session key. Re-authentication is required to create new session keys.');
+                dynamicEvents.dynamicEvents.emit('triggerLogout');
+            }
+            throw error;
+        }
+        const expirationDate = new Date(resp.expiresAt * 1000);
+        utils.tracing.logEvent('session-key', 'Created new session key', utils.tracing.formatObject({
+            expirationDate,
+            publicKey,
+        }));
+        utils.StorageService.setItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, keyService.toEncodedFormat(publicKey, privateKey, privateKeyJwk, true, expirationDate), localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
+        return { expirationDate, privateKey, publicKey };
+    });
+    const getDecodedSessionKeys = () => {
+        const sessionKeysSS = utils.StorageService.getItem(localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS, localStorage.SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
+        return sessionKeysSS
+            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
+            : undefined;
+    };
     return {
         generateSessionKey,
         getSessionPublicKey,

package/src/lib/utils/hooks/useEmbeddedWalletSessionKeys/useEmbeddedWalletSessionKeys.d.ts

@@ -10,11 +10,7 @@ export declare const useEmbeddedWalletSessionKeys: ({ environmentId, projectSett
     environmentId: string;
     projectSettings?: ProjectSettings;
 }) => {
-    generateSessionKey: () => Promise<{
-        privateKey: string;
-        privateKeyJwk: JsonWebKey;
-        publicKey: string;
-    }>;
+    generateSessionKey: () => Promise<SessionKey>;
     getSessionPublicKey: () => string;
     getSignedSessionId: () => Promise<string>;
     registerEmbeddedWalletSessionKey: ({ ignoreRestore, }?: {

package/src/lib/utils/hooks/useEmbeddedWalletSessionKeys/useEmbeddedWalletSessionKeys.js

@@ -26,7 +26,7 @@ import '../../../locale/locale.js';
 import '../../../store/state/dynamicContextProps/dynamicContextProps.js';
 import { getPrimaryWalletId } from '../../../store/state/primaryWalletId/primaryWalletId.js';
 import '../../../store/state/connectedWalletsInfo/connectedWalletsInfo.js';
-import { p256Sign, toEncodedFormat, p256Keygen } from '../../functions/keyService/keyService.js';
+import { p256Sign, p256Keygen, toEncodedFormat } from '../../functions/keyService/keyService.js';
 import { dynamicEvents } from '../../../events/dynamicEvents.js';
 import { useOnboardingCompleteUserProfile } from '../../../client/extension/user/useOnboardingCompleteUser/useOnboardingCompleteUser.js';
 import { getPrimaryTurnkeyWalletId } from '../../functions/getPrimaryTurnkeyWalletId/getPrimaryTurnkeyWalletId.js';
@@ -34,27 +34,32 @@ import { getPrimaryTurnkeyWalletId } from '../../functions/getPrimaryTurnkeyWall
 const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
     const user = useOnboardingCompleteUserProfile();
     // scenario 1: first time session register on first transaction.
-    // Keys will have been previously generated at this point in local storage but marked as not registered
-    // scenario 2: 2nd time register after expiration (key refresh)
-    // scenario 3: refresh/rerender page - session still active
-    // scenario 4: refresh/rerender page - session no longer active
+    // scenario 2: refresh/rerender page - session still active and registered (keys were previously generated
+    //             but never registered with the backend)
+    // scenario 3: session expired and needs to be refreshed
+    // Helper to get decoded session keys from storage
     const registerEmbeddedWalletSessionKey = (...args_1) => __awaiter(void 0, [...args_1], void 0, function* ({ ignoreRestore = false, } = {}) {
+        if (!user) {
+            throw new Error('User not found');
+        }
         // check if session keys are already stored in session storage
-        const sessionKeysSS = StorageService.getItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        let decodedSessionKeys = getDecodedSessionKeys();
         tracing.logEvent('session-key', 'registerEmbeddedWalletSessionKey', tracing.formatObject({
             hasDecodedSessionKeys: Boolean(decodedSessionKeys),
             publicKey: decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.publicKey,
         }));
         if (!decodedSessionKeys) {
-            logger.warn('Could not find session keys. Re-authentication is required to create new session keys.');
-            dynamicEvents.emit('triggerLogout');
-            throw new Error('Could not find session keys. Re-authentication is required to create new session keys.');
-        }
-        if (!user) {
-            throw new Error('User not found');
+            // We should never be in a situation where we don't have session keys in storage.
+            // But right now we are in a situation where we don't have session keys in storage,
+            // in many situations.
+            // but this is a fallback to ensure that we always have session keys
+            // To note that this would only work if chaining is disabled in the backend
+            // since the original key was registered for chaining, and now we don't have it
+            // it will fail when interacting with the backend if chaining is enabled.
+            // This logic will be removed and reverted back to logging out once we find
+            // the culprit that cause many of these to happen.
+            logger.error('Session keys not found in storage. Generating new session keys.', { userId: user === null || user === void 0 ? void 0 : user.userId });
+            decodedSessionKeys = yield generateSessionKey();
         }
         const isSessionKeyValid = decodedSessionKeys.expirationDate &&
             new Date() <= new Date(decodedSessionKeys.expirationDate) &&
@@ -63,7 +68,7 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
             isSessionKeyValid: Boolean(isSessionKeyValid),
         }));
         if (isSessionKeyValid) {
-            // scenario 3
+            // scenario 1 - session is valid and registered
             return decodedSessionKeys;
         }
         tracing.logEvent('session-key', 'decodedSessionKeys', tracing.formatObject({
@@ -75,48 +80,23 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         let privateKeyJwk;
         let prevSessionKeySignature = undefined;
         if (!decodedSessionKeys.registered) {
-            // scenario 1
+            // scenario 2 - session needs to be registered
             ({ publicKey, privateKey, privateKeyJwk } = decodedSessionKeys);
         }
         else {
-            // scenario 2 and 4
-            const { publicKey: nextPublicKey, privateKey: nextPrivateKey, privateKeyJwk: nextPrivateKeyJwk, } = yield generateSessionKey();
-            publicKey = nextPublicKey;
-            privateKey = nextPrivateKey;
-            privateKeyJwk = nextPrivateKeyJwk;
+            // scenario 3 - session expired singing with the old key and generating a new one
             prevSessionKeySignature = yield p256Sign(decodedSessionKeys.privateKeyJwk, user.sessionId);
-            tracing.logEvent('session-key', 'Loaded prevSessionKeySignature', tracing.formatObject({ nextPublicKey, prevSessionKeySignature }));
-        }
-        let resp;
-        const primaryWalletId = getPrimaryWalletId();
-        if (!primaryWalletId) {
-            throw new Error('Primary wallet ID not found');
-        }
-        const turnkeyWalletId = getPrimaryTurnkeyWalletId(primaryWalletId, user.verifiedCredentials);
-        try {
-            resp = yield registerSessionKey({
-                environmentId,
-                prevSessionKeySignature,
-                publicKey,
-                walletId: turnkeyWalletId,
-            });
-        }
-        catch (error) {
-            if (error instanceof InvalidEmbeddedWalletSessionKeyError) {
-                // this can happen if the public key passed during initial registration
-                // does not match the root session public key that the backend expects
-                logger.warn('Invalid embedded wallet session key. Re-authentication is required to create new session keys.');
-                dynamicEvents.emit('triggerLogout');
-            }
-            throw error;
+            ({ publicKey, privateKey, privateKeyJwk } = yield generateSessionKey());
+            tracing.logEvent('session-key', 'Loaded prevSessionKeySignature', tracing.formatObject({ prevSessionKeySignature, publicKey }));
         }
-        const expirationDate = new Date(resp.expiresAt * 1000);
-        tracing.logEvent('session-key', 'Created new session key', tracing.formatObject({
-            expirationDate,
+        return registerHelper({
+            environmentId,
+            prevSessionKeySignature,
+            privateKey,
+            privateKeyJwk,
             publicKey,
-        }));
-        StorageService.setItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, toEncodedFormat(publicKey, privateKey, privateKeyJwk, true, expirationDate), SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        return { expirationDate, privateKey, publicKey };
+            user,
+        });
     });
     const generateSessionKey = () => __awaiter(void 0, void 0, void 0, function* () {
         const { private: privateKey, public: publicKey, privateJwk, } = yield p256Keygen();
@@ -125,13 +105,15 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
             publicKey,
         }));
         StorageService.setItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, toEncodedFormat(publicKey, privateKey, privateJwk, false), SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        return { privateKey, privateKeyJwk: privateJwk, publicKey };
+        return {
+            privateKey,
+            privateKeyJwk: privateJwk,
+            publicKey,
+            registered: false,
+        };
     });
     const getSessionPublicKey = () => {
-        const sessionKeysSS = StorageService.getItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        const decodedSessionKeys = getDecodedSessionKeys();
         if (!(decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.publicKey)) {
             tracing.logEvent('session-key', 'getSessionPublicKey', 'Could not find session keys.');
             throw new Error('Could not find session keys.');
@@ -150,10 +132,7 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         if (!sessionId) {
             throw new Error('Session ID not found');
         }
-        const sessionKeysSS = StorageService.getItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
-        const decodedSessionKeys = sessionKeysSS
-            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
-            : undefined;
+        const decodedSessionKeys = getDecodedSessionKeys();
         if (!(decodedSessionKeys === null || decodedSessionKeys === void 0 ? void 0 : decodedSessionKeys.privateKeyJwk)) {
             throw new Error('Private key JWK not found');
         }
@@ -164,6 +143,47 @@ const useEmbeddedWalletSessionKeys = ({ environmentId, projectSettings, }) => {
         tracing.logEvent('session-key', 'removeSessionKey');
         StorageService.removeItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
     }, []);
+    /////////////////////
+    // Helper Methods ///
+    /////////////////////
+    const registerHelper = (_a) => __awaiter(void 0, [_a], void 0, function* ({ environmentId, prevSessionKeySignature, publicKey, privateKey, privateKeyJwk, user, }) {
+        let resp;
+        const primaryWalletId = getPrimaryWalletId();
+        if (!primaryWalletId) {
+            throw new Error('Primary wallet ID not found');
+        }
+        const turnkeyWalletId = getPrimaryTurnkeyWalletId(primaryWalletId, user.verifiedCredentials);
+        try {
+            resp = yield registerSessionKey({
+                environmentId,
+                prevSessionKeySignature,
+                publicKey,
+                walletId: turnkeyWalletId,
+            });
+        }
+        catch (error) {
+            if (error instanceof InvalidEmbeddedWalletSessionKeyError) {
+                // this can happen if the public key passed during initial registration
+                // does not match the root session public key that the backend expects
+                logger.warn('Invalid embedded wallet session key. Re-authentication is required to create new session keys.');
+                dynamicEvents.emit('triggerLogout');
+            }
+            throw error;
+        }
+        const expirationDate = new Date(resp.expiresAt * 1000);
+        tracing.logEvent('session-key', 'Created new session key', tracing.formatObject({
+            expirationDate,
+            publicKey,
+        }));
+        StorageService.setItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, toEncodedFormat(publicKey, privateKey, privateKeyJwk, true, expirationDate), SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
+        return { expirationDate, privateKey, publicKey };
+    });
+    const getDecodedSessionKeys = () => {
+        const sessionKeysSS = StorageService.getItem(SECURE_ENCLAVE_WALLET_SESSION_KEYS, SECURE_ENCLAVE_WALLET_SESSION_KEYS_STORAGE_OPTIONS);
+        return sessionKeysSS
+            ? JSON.parse(Buffer.from(sessionKeysSS, 'base64').toString())
+            : undefined;
+    };
     return {
         generateSessionKey,
         getSessionPublicKey,

package/src/lib/utils/hooks/useGetMfaToken/index.d.ts

@@ -0,0 +1 @@
+export { useGetMfaToken } from './useGetMfaToken';

package/src/lib/utils/hooks/useGetMfaToken/useGetMfaToken.d.ts

@@ -0,0 +1,26 @@
+import { MFAAction } from '@dynamic-labs/sdk-api-core';
+type UseGetMfaTokenProps = {
+    mfaAction?: MFAAction;
+};
+type UseGetMfaToken = (props?: UseGetMfaTokenProps) => Promise<string | undefined>;
+/**
+ * Get MFA token
+ *
+ * @returns Function to get MFA token
+ *
+ * @example
+ * ```tsx
+ * const App = () => {
+ *   const getMfaToken = useGetMfaToken();
+ *
+ *   return (
+ *     <button
+ *       onClick={() => getMfaToken({ mfaAction: MFAAction.UpdateUser })}
+ *     >
+ *       Get MFA token
+ *     </button>
+ *  );
+ * }
+ */
+export declare const useGetMfaToken: () => UseGetMfaToken;
+export {};

package/src/lib/utils/hooks/usePromptMfaAuth/index.d.ts

@@ -0,0 +1 @@
+export { usePromptMfaAuth } from './usePromptMfaAuth';

package/src/lib/utils/hooks/usePromptMfaAuth/usePromptMfaAuth.cjs

@@ -0,0 +1,144 @@
+'use client'
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var _tslib = require('../../../../../_virtual/_tslib.cjs');
+var React = require('react');
+var sdkApiCore = require('@dynamic-labs/sdk-api-core');
+var useGetUserMfaMethods = require('../useGetUserMfaMethods/useGetUserMfaMethods.cjs');
+var ViewContext = require('../../../context/ViewContext/ViewContext.cjs');
+require('../../../context/DynamicContext/DynamicContext.cjs');
+require('../../../store/state/loadingAndLifecycle/loadingAndLifecycle.cjs');
+require('../../../shared/logger.cjs');
+require('@dynamic-labs/iconic');
+require('@dynamic-labs/wallet-connector-core');
+require('react/jsx-runtime');
+require('@dynamic-labs/wallet-book');
+require('@dynamic-labs/utils');
+require('../../constants/colors.cjs');
+require('../../constants/values.cjs');
+require('../../../shared/consts/index.cjs');
+require('../../../events/dynamicEvents.cjs');
+require('../../../context/CaptchaContext/CaptchaContext.cjs');
+require('../../../context/ErrorContext/ErrorContext.cjs');
+require('@dynamic-labs/multi-wallet');
+require('react-international-phone');
+require('../../../store/state/nonce/nonce.cjs');
+require('@dynamic-labs-sdk/client/core');
+require('@dynamic-labs-sdk/client');
+require('../../../client/client.cjs');
+require('../../../store/state/projectSettings/projectSettings.cjs');
+require('../../../config/ApiEndpoint.cjs');
+require('../../../locale/locale.cjs');
+require('../../../store/state/dynamicContextProps/dynamicContextProps.cjs');
+require('../../../store/state/primaryWalletId/primaryWalletId.cjs');
+require('../../../store/state/connectedWalletsInfo/connectedWalletsInfo.cjs');
+require('../../../context/AccessDeniedContext/AccessDeniedContext.cjs');
+require('../../../context/AccountExistsContext/AccountExistsContext.cjs');
+require('../../../context/UserWalletsContext/UserWalletsContext.cjs');
+require('../../../store/state/authMode/authMode.cjs');
+require('../../../context/VerificationContext/VerificationContext.cjs');
+require('react-dom');
+require('../../functions/compareChains/compareChains.cjs');
+require('../../../views/Passkey/utils/findPrimaryEmbeddedChain/findPrimaryEmbeddedChain.cjs');
+require('../../../context/ThemeContext/ThemeContext.cjs');
+require('../useUserUpdateRequest/useUpdateUser/userFieldsSchema.cjs');
+require('bs58');
+require('@dynamic-labs/types');
+require('../../../context/SocialRedirectContext/SocialRedirectContext.cjs');
+require('../../../context/LoadingContext/LoadingContext.cjs');
+require('../../../context/WalletContext/WalletContext.cjs');
+require('../useEmbeddedWallet/useSecureEnclaveEmbeddedWallet/constants.cjs');
+require('yup');
+require('../../../context/MockContext/MockContext.cjs');
+require('../../../views/CollectUserDataView/useFields.cjs');
+require('../../../context/FieldsStateContext/FieldsStateContext.cjs');
+require('../../../context/UserFieldEditorContext/UserFieldEditorContext.cjs');
+require('@dynamic-labs/rpc-providers');
+require('../../../store/state/walletOptions/walletOptions.cjs');
+require('react-i18next');
+require('../../../components/Accordion/components/AccordionItem/AccordionItem.cjs');
+require('../../../components/Alert/Alert.cjs');
+require('../../../components/ShadowDOM/ShadowDOM.cjs');
+require('../../../components/IconButton/IconButton.cjs');
+require('../../../components/InlineWidget/InlineWidget.cjs');
+require('../../../components/Input/Input.cjs');
+require('../../../components/IsBrowser/IsBrowser.cjs');
+require('../../../components/MenuList/Dropdown/Dropdown.cjs');
+require('../../../components/OverlayCard/OverlayCard.cjs');
+require('../../../components/Transition/ZoomTransition/ZoomTransition.cjs');
+require('../../../components/Transition/SlideInUpTransition/SlideInUpTransition.cjs');
+require('../../../components/Transition/OpacityTransition/OpacityTransition.cjs');
+require('../../../components/PasskeyCreatedSuccessBanner/PasskeyCreatedSuccessBanner.cjs');
+require('../../../components/Popper/Popper/Popper.cjs');
+require('../../../components/Popper/PopperContext/PopperContext.cjs');
+require('react-focus-lock');
+require('qrcode');
+require('formik');
+require('../useSubdomainCheck/useSubdomainCheck.cjs');
+require('../../../context/WalletGroupContext/WalletGroupContext.cjs');
+require('../../../context/IpConfigurationContext/IpConfigurationContext.cjs');
+require('../../../context/ConnectWithOtpContext/ConnectWithOtpContext.cjs');
+require('../../../widgets/DynamicBridgeWidget/views/WalletsView/components/SecondaryWallets/SecondaryWallets.cjs');
+require('@hcaptcha/react-hcaptcha');
+require('../../../widgets/DynamicWidget/context/DynamicWidgetContext.cjs');
+require('../../../widgets/DynamicWidget/helpers/convertExchangeKeyAndProviderEnum.cjs');
+require('../../../views/ExchangeWhitelistWarning/ExchangeWhitelistWarning.cjs');
+require('../../../context/ErrorContext/hooks/useErrorText/useErrorText.cjs');
+require('../../../context/FooterAnimationContext/index.cjs');
+require('../../../views/MfaChooseDeviceView/getMfaOptions/getMfaOptions.cjs');
+require('../../../context/PasskeyContext/PasskeyContext.cjs');
+require('../../../store/state/sendBalances.cjs');
+require('../../../store/state/connectorsInitializing/connectorsInitializing.cjs');
+require('../../../components/OverlayCardBase/OverlayCardTarget/OverlayCardTarget.cjs');
+require('../../../widgets/DynamicWidget/components/DynamicWidgetHeader/DynamicWidgetHeader.cjs');
+require('../../../views/TransactionConfirmationView/TransactionConfirmationView.cjs');
+require('../../../widgets/DynamicWidget/components/PasskeyCard/PasskeyCard.cjs');
+require('../../../context/OnrampContext/OnrampContext.cjs');
+require('../../../widgets/DynamicWidget/views/ReceiveWalletFunds/ReceiveWalletFunds.cjs');
+require('../../../../index.cjs');
+require('../../../store/state/tokenBalances.cjs');
+require('../../../store/state/multichainBalances.cjs');
+require('../../../shared/utils/functions/getInitialUrl/getInitialUrl.cjs');
+var useInternalDynamicContext = require('../../../context/DynamicContext/useDynamicContext/useInternalDynamicContext/useInternalDynamicContext.cjs');
+
+const usePromptMfaAuth = () => {
+    const { setShowAuthFlow } = useInternalDynamicContext.useInternalDynamicContext();
+    const { pushView } = ViewContext.useViewContext();
+    const getUserMfaMethods = useGetUserMfaMethods.useGetUserMfaMethods();
+    const promptMfaAuth = React.useCallback(() => _tslib.__awaiter(void 0, void 0, void 0, function* () {
+        const methods = yield getUserMfaMethods();
+        const allMethods = [
+            ...methods.passkeys.map((passkey) => (Object.assign(Object.assign({}, passkey), { type: sdkApiCore.MFADeviceType.Passkey }))),
+            ...methods.devices.map((device) => (Object.assign(Object.assign({}, device), { type: sdkApiCore.MFADeviceType.Totp }))),
+        ];
+        setShowAuthFlow(true);
+        if (!methods.userHasVerifiedMfaMethods || allMethods.length === 0) {
+            pushView('mfa-choose-device');
+            return;
+        }
+        const lastCreatedMethod = allMethods.reduce((a, b) => {
+            if (a.createdAt && b.createdAt) {
+                return a.createdAt >= b.createdAt ? a : b;
+            }
+            if (b.createdAt) {
+                return b;
+            }
+            return a;
+        });
+        switch (lastCreatedMethod.type) {
+            case sdkApiCore.MFADeviceType.Passkey:
+                pushView('passkey-confirm');
+                break;
+            case sdkApiCore.MFADeviceType.Totp:
+                pushView('mfa-verification');
+                break;
+            default:
+                throw new Error('Error determining MFA method to use');
+        }
+    }), [getUserMfaMethods, pushView, setShowAuthFlow]);
+    return promptMfaAuth;
+};
+
+exports.usePromptMfaAuth = usePromptMfaAuth;

package/src/lib/utils/hooks/usePromptMfaAuth/usePromptMfaAuth.d.ts

@@ -0,0 +1 @@
+export declare const usePromptMfaAuth: () => () => Promise<void>;