@dynamic-labs/stellar 4.69.0 → 4.71.0

package/CHANGELOG.md

@@ -1,4 +1,38 @@
 
+## [4.71.0](https://github.com/dynamic-labs/dynamic-auth/compare/v4.70.0...v4.71.0) (2026-03-24)
+
+
+### Features
+
+* add Tempo chain connector and core type definitions ([#10672](https://github.com/dynamic-labs/dynamic-auth/issues/10672)) ([0439c15](https://github.com/dynamic-labs/dynamic-auth/commit/0439c153238359083b9f226dcd2ebf6d83e26519))
+* add verifySocial method to demo site step-up auth methods ([#10721](https://github.com/dynamic-labs/dynamic-auth/issues/10721)) ([b9ef517](https://github.com/dynamic-labs/dynamic-auth/commit/b9ef5173df3e3ed08f718de49b036ea899dc1832))
+* **demo:** add Tempo chain support to demo app ([#10674](https://github.com/dynamic-labs/dynamic-auth/issues/10674)) ([a5918fc](https://github.com/dynamic-labs/dynamic-auth/commit/a5918fc2ab0821e7f025aa470573129f71de33cc))
+* repurpose verifyWithExternalJwt for elevated access token requests ([#10743](https://github.com/dynamic-labs/dynamic-auth/issues/10743)) ([d1abda0](https://github.com/dynamic-labs/dynamic-auth/commit/d1abda0111d68c78226d30bd0630e6e341dedad9))
+* **sdk:** add Tempo chain support to UI components ([#10673](https://github.com/dynamic-labs/dynamic-auth/issues/10673)) ([aec9fbb](https://github.com/dynamic-labs/dynamic-auth/commit/aec9fbb20754a2935bffe106e7e8715f46be3de7))
+* support multi-chain wallet creation in createWallet ([#10694](https://github.com/dynamic-labs/dynamic-auth/issues/10694)) ([0b6b57f](https://github.com/dynamic-labs/dynamic-auth/commit/0b6b57f4179c35d1f86d1c8c9c40f52cb307c849))
+* wire up elevatedAccessToken for sign, reshare, and refresh operations ([#10737](https://github.com/dynamic-labs/dynamic-auth/issues/10737)) ([f9d5c76](https://github.com/dynamic-labs/dynamic-auth/commit/f9d5c768037aff4f5d7994b6bc6c338621a6ee6b))
+
+## [4.70.0](https://github.com/dynamic-labs/dynamic-auth/compare/v4.69.0...v4.70.0) (2026-03-23)
+
+
+### Features
+
+* add step-up auth for passkey and TOTP device deletion ([#10688](https://github.com/dynamic-labs/dynamic-auth/issues/10688)) ([aeae325](https://github.com/dynamic-labs/dynamic-auth/commit/aeae32551d3e29c59a1d183984f1d9f00f1df2cb))
+* add stepup authMode to useSocialAuth for OAuth step-up authentication ([#10701](https://github.com/dynamic-labs/dynamic-auth/issues/10701)) ([f8ac0e4](https://github.com/dynamic-labs/dynamic-auth/commit/f8ac0e4a6a039e61d1c83e434e2f678981ff3911))
+* add StepUpReauthSocialView and wire social option in step-up reauth UI ([#10703](https://github.com/dynamic-labs/dynamic-auth/issues/10703)) ([a49393f](https://github.com/dynamic-labs/dynamic-auth/commit/a49393f54a8f210f9cbca892339c3012d38cc5c2))
+* add useStepUpSocial and extend step-up auth for OAuth reauthentication ([#10702](https://github.com/dynamic-labs/dynamic-auth/issues/10702)) ([fb7e21d](https://github.com/dynamic-labs/dynamic-auth/commit/fb7e21d47b3e40659ae3b8ca9321efe1d4401e60))
+
+
+### Bug Fixes
+
+* aleo defaulting to testnet when connecting ([#10726](https://github.com/dynamic-labs/dynamic-auth/issues/10726)) ([24b0378](https://github.com/dynamic-labs/dynamic-auth/commit/24b0378a25902f5a134940aeeadc9846058d6fb1))
+* override basic-ftp to >=5.2.0 (CVE-2026-27699) ([#10715](https://github.com/dynamic-labs/dynamic-auth/issues/10715)) ([b68a405](https://github.com/dynamic-labs/dynamic-auth/commit/b68a405453f0ea7e04c14492c195b46fbf25b47e))
+* override minimatch to patched versions (CVE-2026-26996) ([#10718](https://github.com/dynamic-labs/dynamic-auth/issues/10718)) ([a69aaee](https://github.com/dynamic-labs/dynamic-auth/commit/a69aaee0859b7e1292a244abde7084f7c4cfdb72))
+* override simple-git to >=3.32.3 (CVE-2026-28292) ([#10717](https://github.com/dynamic-labs/dynamic-auth/issues/10717)) ([8b86545](https://github.com/dynamic-labs/dynamic-auth/commit/8b865453737e4ff0ef9e8d0fbb99ea5f0359af3b))
+* revert session chaining PR to fix IndexedDB webview crash ([#10710](https://github.com/dynamic-labs/dynamic-auth/issues/10710)) ([c4dfe66](https://github.com/dynamic-labs/dynamic-auth/commit/c4dfe66f73e6b9b7115260b06fd90fc0a167e139)), closes [#10706](https://github.com/dynamic-labs/dynamic-auth/issues/10706) [#10423](https://github.com/dynamic-labs/dynamic-auth/issues/10423) [#10423](https://github.com/dynamic-labs/dynamic-auth/issues/10423) [#10706](https://github.com/dynamic-labs/dynamic-auth/issues/10706) [#10423](https://github.com/dynamic-labs/dynamic-auth/issues/10423)
+* update tar, serialize-javascript, svgo overrides ([#10727](https://github.com/dynamic-labs/dynamic-auth/issues/10727)) ([3c764f7](https://github.com/dynamic-labs/dynamic-auth/commit/3c764f71ce2870075eaa800389719a46d8dac233))
+* upgrade rollup to patched versions (CVE-2026-27606) ([#10724](https://github.com/dynamic-labs/dynamic-auth/issues/10724)) ([735133e](https://github.com/dynamic-labs/dynamic-auth/commit/735133e6d4129cad20ae82b86f9507ab9227b36e))
+
 ## [4.69.0](https://github.com/dynamic-labs/dynamic-auth/compare/v4.68.0...v4.69.0) (2026-03-19)
 
 

package/package.cjs

@@ -3,6 +3,6 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var version = "4.69.0";
+var version = "4.71.0";
 
 exports.version = version;

package/package.js

@@ -1,4 +1,4 @@
 'use client'
-var version = "4.69.0";
+var version = "4.71.0";
 
 export { version };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dynamic-labs/stellar",
-  "version": "4.69.0",
+  "version": "4.71.0",
   "description": "A React SDK for implementing Stellar wallet web3 authentication and authorization to your website.",
   "author": "Dynamic Labs, Inc.",
   "license": "MIT",
@@ -18,17 +18,17 @@
   },
   "homepage": "https://www.dynamic.xyz/",
   "dependencies": {
-    "@dynamic-labs/sdk-api-core": "0.0.907",
+    "@dynamic-labs/sdk-api-core": "0.0.909",
     "@stellar/stellar-sdk": "14.4.3",
-    "@dynamic-labs/wallet-connector-core": "4.69.0",
-    "@dynamic-labs/assert-package-version": "4.69.0",
+    "@dynamic-labs/wallet-connector-core": "4.71.0",
+    "@dynamic-labs/assert-package-version": "4.71.0",
     "@lobstrco/signer-extension-api": "2.0.0",
     "@stellar/freighter-api": "6.0.1",
-    "@dynamic-labs/logger": "4.69.0",
-    "@dynamic-labs/types": "4.69.0",
-    "@dynamic-labs/utils": "4.69.0",
-    "@dynamic-labs/waas": "4.69.0",
-    "@dynamic-labs/wallet-book": "4.69.0",
+    "@dynamic-labs/logger": "4.71.0",
+    "@dynamic-labs/types": "4.71.0",
+    "@dynamic-labs/utils": "4.71.0",
+    "@dynamic-labs/waas": "4.71.0",
+    "@dynamic-labs/wallet-book": "4.71.0",
     "eventemitter3": "5.0.1"
   },
   "peerDependencies": {}

package/src/connectors/DynamicWaasStellarConnector/DynamicWaasStellarConnector.cjs

@@ -185,7 +185,7 @@ class DynamicWaasStellarConnector extends waas.withDynamicWaas(StellarWalletConn
      */
     internalSignMessage(message) {
         return _tslib.__awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
+            var _a, _b, _c;
             this.ensureActiveAccountFromVerifiedCredentials();
             const walletClient = yield this.getWaasWalletClient();
             if (!this.activeAccountAddress) {
@@ -195,12 +195,16 @@ class DynamicWaasStellarConnector extends waas.withDynamicWaas(StellarWalletConn
             const mfaToken = yield ((_a = this.getMfaToken) === null || _a === void 0 ? void 0 : _a.call(this, {
                 mfaAction: sdkApiCore.MFAAction.WalletWaasSign,
             }));
+            const elevatedAccessToken = yield ((_b = this.getElevatedAccessToken) === null || _b === void 0 ? void 0 : _b.call(this, {
+                scope: sdkApiCore.TokenScope.Walletsign,
+            }));
             const password = yield this.getPasswordIfNeeded({
                 accountAddress: this.activeAccountAddress,
             });
             const signedMessage = yield walletClient.signMessage({
                 accountAddress: this.activeAccountAddress,
-                authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
+                authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
+                elevatedAccessToken,
                 message,
                 mfaToken,
                 password,
@@ -242,7 +246,7 @@ class DynamicWaasStellarConnector extends waas.withDynamicWaas(StellarWalletConn
      */
     signTransaction(transactionXdr) {
         return _tslib.__awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
+            var _a, _b, _c;
             if (!this.activeAccountAddress) {
                 throw new utils.DynamicError('Active account address is required');
             }
@@ -251,6 +255,9 @@ class DynamicWaasStellarConnector extends waas.withDynamicWaas(StellarWalletConn
             const mfaToken = yield ((_a = this.getMfaToken) === null || _a === void 0 ? void 0 : _a.call(this, {
                 mfaAction: sdkApiCore.MFAAction.WalletWaasSign,
             }));
+            const elevatedAccessToken = yield ((_b = this.getElevatedAccessToken) === null || _b === void 0 ? void 0 : _b.call(this, {
+                scope: sdkApiCore.TokenScope.Walletsign,
+            }));
             const password = yield this.getPasswordIfNeeded({
                 accountAddress: this.activeAccountAddress,
             });
@@ -260,8 +267,9 @@ class DynamicWaasStellarConnector extends waas.withDynamicWaas(StellarWalletConn
             // Sign the transaction XDR using MPC
             // The SDK will compute the hash internally and build the context for policy validation
             const signature = yield walletClient.signTransaction({
-                authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
+                authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
                 chainId,
+                elevatedAccessToken,
                 mfaToken,
                 password,
                 senderAddress: this.activeAccountAddress,

package/src/connectors/DynamicWaasStellarConnector/DynamicWaasStellarConnector.d.ts

@@ -1,4 +1,4 @@
-import { JwtVerifiedCredential, MFAAction, SignMessageContext } from '@dynamic-labs/sdk-api-core';
+import { JwtVerifiedCredential, MFAAction, SignMessageContext, TokenScope } from '@dynamic-labs/sdk-api-core';
 import { IUITransaction, WalletUiUtils } from '@dynamic-labs/types';
 import { IDynamicWaasConnector, InternalWalletConnector } from '@dynamic-labs/wallet-connector-core';
 import { Logger } from '@dynamic-labs/logger';
@@ -20,7 +20,7 @@ declare const DynamicWaasStellarConnector_base: (abstract new (...args: any[]) =
     getWalletPassword?: import("@dynamic-labs/wallet-connector-core").GetWalletPasswordFn | undefined;
     getAuthToken?: (() => string) | undefined;
     getElevatedAccessToken?: ((props: {
-        scope: import("@dynamic-labs/sdk-api-core").TokenScope;
+        scope: TokenScope;
     }) => Promise<string | undefined>) | undefined;
     environmentId?: string | undefined;
     baseApiUrl?: string | undefined;
@@ -38,7 +38,7 @@ declare const DynamicWaasStellarConnector_base: (abstract new (...args: any[]) =
         mfaAction?: MFAAction | undefined;
     } | undefined) => Promise<string | undefined>): void;
     setGetElevatedAccessTokenFunction(getElevatedAccessToken: (params: {
-        scope: import("@dynamic-labs/sdk-api-core").TokenScope;
+        scope: TokenScope;
     }) => Promise<string | undefined>): void;
     setGetWalletPasswordFunction(getWalletPassword: import("@dynamic-labs/wallet-connector-core").GetWalletPasswordFn): void;
     getPasswordIfNeeded({ accountAddress, }: {
@@ -87,7 +87,11 @@ declare const DynamicWaasStellarConnector_base: (abstract new (...args: any[]) =
     }): Promise<void>;
     backupKeySharesToGoogleDrive({ accountAddress, password, }: {
         accountAddress: string;
-        password?: string | undefined;
+        password?: string | undefined; /**
+         * Requires and returns the signed session ID
+         * @returns The signed session ID
+         * @throws {DynamicError} If signed session ID is not available
+         */
     }): Promise<void>;
     exportClientKeysharesFromGoogleDrive({ accountAddress, password, }: {
         accountAddress: string;

package/src/connectors/DynamicWaasStellarConnector/DynamicWaasStellarConnector.js

@@ -1,7 +1,7 @@
 'use client'
 import { __awaiter } from '../../../_virtual/_tslib.js';
 import { TransactionBuilder } from '@stellar/stellar-sdk';
-import { MFAAction } from '@dynamic-labs/sdk-api-core';
+import { MFAAction, TokenScope } from '@dynamic-labs/sdk-api-core';
 import { DynamicError } from '@dynamic-labs/utils';
 import { withDynamicWaas } from '@dynamic-labs/waas';
 import { isSameAddress } from '@dynamic-labs/wallet-connector-core';
@@ -181,7 +181,7 @@ class DynamicWaasStellarConnector extends withDynamicWaas(StellarWalletConnector
      */
     internalSignMessage(message) {
         return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
+            var _a, _b, _c;
             this.ensureActiveAccountFromVerifiedCredentials();
             const walletClient = yield this.getWaasWalletClient();
             if (!this.activeAccountAddress) {
@@ -191,12 +191,16 @@ class DynamicWaasStellarConnector extends withDynamicWaas(StellarWalletConnector
             const mfaToken = yield ((_a = this.getMfaToken) === null || _a === void 0 ? void 0 : _a.call(this, {
                 mfaAction: MFAAction.WalletWaasSign,
             }));
+            const elevatedAccessToken = yield ((_b = this.getElevatedAccessToken) === null || _b === void 0 ? void 0 : _b.call(this, {
+                scope: TokenScope.Walletsign,
+            }));
             const password = yield this.getPasswordIfNeeded({
                 accountAddress: this.activeAccountAddress,
             });
             const signedMessage = yield walletClient.signMessage({
                 accountAddress: this.activeAccountAddress,
-                authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
+                authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
+                elevatedAccessToken,
                 message,
                 mfaToken,
                 password,
@@ -238,7 +242,7 @@ class DynamicWaasStellarConnector extends withDynamicWaas(StellarWalletConnector
      */
     signTransaction(transactionXdr) {
         return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
+            var _a, _b, _c;
             if (!this.activeAccountAddress) {
                 throw new DynamicError('Active account address is required');
             }
@@ -247,6 +251,9 @@ class DynamicWaasStellarConnector extends withDynamicWaas(StellarWalletConnector
             const mfaToken = yield ((_a = this.getMfaToken) === null || _a === void 0 ? void 0 : _a.call(this, {
                 mfaAction: MFAAction.WalletWaasSign,
             }));
+            const elevatedAccessToken = yield ((_b = this.getElevatedAccessToken) === null || _b === void 0 ? void 0 : _b.call(this, {
+                scope: TokenScope.Walletsign,
+            }));
             const password = yield this.getPasswordIfNeeded({
                 accountAddress: this.activeAccountAddress,
             });
@@ -256,8 +263,9 @@ class DynamicWaasStellarConnector extends withDynamicWaas(StellarWalletConnector
             // Sign the transaction XDR using MPC
             // The SDK will compute the hash internally and build the context for policy validation
             const signature = yield walletClient.signTransaction({
-                authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
+                authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
                 chainId,
+                elevatedAccessToken,
                 mfaToken,
                 password,
                 senderAddress: this.activeAccountAddress,