@dynamic-labs/waas 4.91.3 → 4.91.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,4 +1,21 @@
1
1
 
2
+ ### [4.91.5](https://github.com/dynamic-labs/dynamic-auth/compare/v4.91.4...v4.91.5) (2026-07-02)
3
+
4
+
5
+ ### Bug Fixes
6
+
7
+ * revoke WaaS signed-session callback on client rebuild to stop iOS nonce race ([#11766](https://github.com/dynamic-labs/dynamic-auth/issues/11766)) ([c895b5d](https://github.com/dynamic-labs/dynamic-auth/commit/c895b5d0987d62a9f5597741dbeae0ec7fedfe5b))
8
+ * **sdk-react-core:** allow sendOneTimeCode to target non-primary chain wallets ([#11777](https://github.com/dynamic-labs/dynamic-auth/issues/11777)) ([63f82af](https://github.com/dynamic-labs/dynamic-auth/commit/63f82af7c52be595bc2948ec88ee9c919ac9275a))
9
+ * **webview-controller:** resolve post-login wallet race in Viem and ZeroDev controllers ([#11774](https://github.com/dynamic-labs/dynamic-auth/issues/11774)) ([95ed26e](https://github.com/dynamic-labs/dynamic-auth/commit/95ed26eee09d9aff5a5af6517ab7e1360ef5f337))
10
+
11
+ ### [4.91.4](https://github.com/dynamic-labs/dynamic-auth/compare/v4.91.3...v4.91.4) (2026-07-01)
12
+
13
+
14
+ ### Bug Fixes
15
+
16
+ * conditionally use /op/ route for AA transactions based on block explorer support ([#11628](https://github.com/dynamic-labs/dynamic-auth/issues/11628)) ([95822dc](https://github.com/dynamic-labs/dynamic-auth/commit/95822dc0edbcd739afe870f0b3881555fdb17eb6))
17
+ * require error codes in all SDK error classes ([#11761](https://github.com/dynamic-labs/dynamic-auth/issues/11761)) ([5744811](https://github.com/dynamic-labs/dynamic-auth/commit/5744811efdd1e415aaf51eec5b3300b323ec1347))
18
+
2
19
  ### [4.91.3](https://github.com/dynamic-labs/dynamic-auth/compare/v4.91.2...v4.91.3) (2026-06-30)
3
20
 
4
21
 
package/package.cjs CHANGED
@@ -3,6 +3,6 @@
3
3
 
4
4
  Object.defineProperty(exports, '__esModule', { value: true });
5
5
 
6
- var version = "4.91.3";
6
+ var version = "4.91.5";
7
7
 
8
8
  exports.version = version;
package/package.js CHANGED
@@ -1,4 +1,4 @@
1
1
  'use client'
2
- var version = "4.91.3";
2
+ var version = "4.91.5";
3
3
 
4
4
  export { version };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dynamic-labs/waas",
3
- "version": "4.91.3",
3
+ "version": "4.91.5",
4
4
  "type": "module",
5
5
  "author": "Dynamic Labs, Inc.",
6
6
  "license": "MIT",
@@ -17,17 +17,17 @@
17
17
  },
18
18
  "dependencies": {
19
19
  "@dynamic-labs-sdk/client": "1.12.1",
20
- "@dynamic-labs/assert-package-version": "4.91.3",
20
+ "@dynamic-labs/assert-package-version": "4.91.5",
21
21
  "@dynamic-labs/sdk-api-core": "0.0.1046",
22
22
  "@dynamic-labs-wallet/browser-wallet-client": "1.0.48",
23
23
  "@dynamic-labs-wallet/forward-mpc-client": "0.12.0",
24
- "@dynamic-labs/ethereum-core": "4.91.3",
25
- "@dynamic-labs/logger": "4.91.3",
26
- "@dynamic-labs/solana-core": "4.91.3",
27
- "@dynamic-labs/sui-core": "4.91.3",
28
- "@dynamic-labs/utils": "4.91.3",
29
- "@dynamic-labs/wallet-book": "4.91.3",
30
- "@dynamic-labs/wallet-connector-core": "4.91.3"
24
+ "@dynamic-labs/ethereum-core": "4.91.5",
25
+ "@dynamic-labs/logger": "4.91.5",
26
+ "@dynamic-labs/solana-core": "4.91.5",
27
+ "@dynamic-labs/sui-core": "4.91.5",
28
+ "@dynamic-labs/utils": "4.91.5",
29
+ "@dynamic-labs/wallet-book": "4.91.5",
30
+ "@dynamic-labs/wallet-connector-core": "4.91.5"
31
31
  },
32
32
  "peerDependencies": {}
33
33
  }
@@ -70,7 +70,7 @@ const withDynamicWaas = (BaseClass) => {
70
70
  }
71
71
  // Wallet is password-encrypted and needs to be unlocked
72
72
  if (!this.getWalletPassword) {
73
- throw new utils.DynamicError('Wallet is locked but no password provider is configured');
73
+ throw new utils.DynamicError('Wallet is locked but no password provider is configured', 'wallet_is_locked_but_no_password');
74
74
  }
75
75
  const password = yield this.getWalletPassword({
76
76
  accountAddress,
@@ -179,19 +179,37 @@ const withDynamicWaas = (BaseClass) => {
179
179
  };
180
180
  const chainName = chainNameMap[connectedChain];
181
181
  if (!chainName) {
182
- throw new utils.DynamicError(`Unsupported chain: ${connectedChain}`);
182
+ throw new utils.DynamicError(`Unsupported chain: ${connectedChain}`, 'unsupported_chain');
183
183
  }
184
184
  this.chainName = chainName;
185
185
  }
186
+ createRevocableSignedSessionCallback() {
187
+ if (!this.getSignedSessionId) {
188
+ throw new Error('[DynamicWaasMixin] getSignedSessionId must be set before creating a revocable callback');
189
+ }
190
+ const original = this.getSignedSessionId;
191
+ let revoked = false;
192
+ this.revokeSignedSession = () => {
193
+ revoked = true;
194
+ };
195
+ return {
196
+ getSignedSessionId: () => _tslib.__awaiter(this, void 0, void 0, function* () {
197
+ if (revoked) {
198
+ throw new Error('[DynamicWaasMixin] WaaS client replaced — signed session callback revoked');
199
+ }
200
+ return original();
201
+ }),
202
+ };
203
+ }
186
204
  createDynamicWaasClient(traceContext) {
187
205
  return _tslib.__awaiter(this, void 0, void 0, function* () {
188
206
  var _a;
189
207
  const authToken = (_a = this.getAuthToken) === null || _a === void 0 ? void 0 : _a.call(this);
190
208
  if (!authToken && this.authMode === 'header') {
191
- throw new utils.DynamicError('Auth token is required in non-cookie auth mode');
209
+ throw new utils.DynamicError('Auth token is required in non-cookie auth mode', 'auth_token_is_required_in_noncookie');
192
210
  }
193
211
  if (!this.environmentId) {
194
- throw new utils.DynamicError('Environment ID is required');
212
+ throw new utils.DynamicError('Environment ID is required', 'environment_id_is_required');
195
213
  }
196
214
  const client = new browserWalletClient.DynamicWalletClient({
197
215
  authMode: (this.authMode || 'header'),
@@ -208,7 +226,7 @@ const withDynamicWaas = (BaseClass) => {
208
226
  }, Object.assign(Object.assign(Object.assign(Object.assign({}, (utils.PlatformService.isWaasSecureStorageSupported
209
227
  ? { secureStorage: createWaasClientSecureStorage.createWaasClientSecureStorage() }
210
228
  : {})), (this.getSignedSessionId
211
- ? { getSignedSessionId: this.getSignedSessionId }
229
+ ? this.createRevocableSignedSessionCallback()
212
230
  : {})), (this.getSessionPublicKey
213
231
  ? { getSessionPublicKey: this.getSessionPublicKey }
214
232
  : {})), (this.onUnauthorized
@@ -225,13 +243,19 @@ const withDynamicWaas = (BaseClass) => {
225
243
  }
226
244
  getWaasWalletClient(traceContext_1) {
227
245
  return _tslib.__awaiter(this, arguments, void 0, function* (traceContext, { forceRebuild = false } = {}) {
228
- var _a;
246
+ var _a, _b;
229
247
  // forceRebuild drops the cached client so the iframe re-auths with the
230
248
  // fresh session (e.g. after a step-up reauth) instead of 401-ing on the
231
249
  // stale cached token. Callers must only force a rebuild when a token is
232
250
  // available (see getWaasWalletConnector's live-token guard); otherwise
233
251
  // createDynamicWaasClient would throw "Auth token is required".
234
252
  if (forceRebuild) {
253
+ // Revoke the previous client's nonce callback before dropping it.
254
+ // The old DynamicWalletClient is not destroyed — it has no cancellation
255
+ // API — but revoking its reverse-channel callback prevents it from
256
+ // fetching fresh nonces and competing with the new client's recovery.
257
+ (_a = this.revokeSignedSession) === null || _a === void 0 ? void 0 : _a.call(this);
258
+ this.revokeSignedSession = undefined;
235
259
  this.dynamicWaasClient = undefined;
236
260
  }
237
261
  if (!this.dynamicWaasClient) {
@@ -243,7 +267,7 @@ const withDynamicWaas = (BaseClass) => {
243
267
  // 401s and trips the iframe's unauthorized → forced-logout path. Every
244
268
  // WaaS caller funnels through here, so this single guard covers auto
245
269
  // wallet creation, ZeroDev smart-wallet init, getWallet, etc.
246
- if (tokenHasPendingAuthScope.tokenHasPendingAuthScope((_a = this.getAuthToken) === null || _a === void 0 ? void 0 : _a.call(this))) {
270
+ if (tokenHasPendingAuthScope.tokenHasPendingAuthScope((_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this))) {
247
271
  throw new utils.WaasAuthScopePendingError();
248
272
  }
249
273
  this.dynamicWaasClient = yield this.createDynamicWaasClient(traceContext);
@@ -258,7 +282,7 @@ const withDynamicWaas = (BaseClass) => {
258
282
  const walletClient = yield this.getWaasWalletClient();
259
283
  const signedSessionId = yield ((_a = this.getSignedSessionId) === null || _a === void 0 ? void 0 : _a.call(this));
260
284
  if (!signedSessionId) {
261
- throw new utils.DynamicError('Signed session ID is required');
285
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
262
286
  }
263
287
  const createdWallet = yield walletClient.createWalletAccount({
264
288
  authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
@@ -276,7 +300,7 @@ const withDynamicWaas = (BaseClass) => {
276
300
  const walletClient = yield this.getWaasWalletClient();
277
301
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
278
302
  if (!signedSessionId) {
279
- throw new utils.DynamicError('Signed session ID is required');
303
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
280
304
  }
281
305
  yield walletClient.importPrivateKey({
282
306
  addressType,
@@ -296,7 +320,7 @@ const withDynamicWaas = (BaseClass) => {
296
320
  const walletClient = yield this.getWaasWalletClient();
297
321
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
298
322
  if (!signedSessionId) {
299
- throw new utils.DynamicError('Signed session ID is required');
323
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
300
324
  }
301
325
  return walletClient.migrateFromFireblocks({
302
326
  authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
@@ -316,17 +340,17 @@ const withDynamicWaas = (BaseClass) => {
316
340
  const walletClient = yield this.getWaasWalletClient();
317
341
  const targetAccountAddress = accountAddress || (yield this.getActiveAccountAddress());
318
342
  if (!targetAccountAddress) {
319
- throw new utils.DynamicError('Account address is required');
343
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
320
344
  }
321
345
  if (!displayContainer) {
322
- throw new utils.DynamicError('Missing display container for export private key');
346
+ throw new utils.DynamicError('Missing display container for export private key', 'missing_display_container_for_export_private');
323
347
  }
324
348
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({
325
349
  accountAddress: targetAccountAddress,
326
350
  }));
327
351
  const signedSessionId = yield ((_a = this.getSignedSessionId) === null || _a === void 0 ? void 0 : _a.call(this));
328
352
  if (!signedSessionId) {
329
- throw new utils.DynamicError('Signed session ID is required');
353
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
330
354
  }
331
355
  this.__exportHandler.setIframeStamper(displayContainer);
332
356
  const mfaToken = yield ((_b = this.getMfaToken) === null || _b === void 0 ? void 0 : _b.call(this, {
@@ -353,12 +377,12 @@ const withDynamicWaas = (BaseClass) => {
353
377
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
354
378
  var _b, _c;
355
379
  if (!accountAddress) {
356
- throw new utils.DynamicError('Account address is required');
380
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
357
381
  }
358
382
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
359
383
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
360
384
  if (!signedSessionId) {
361
- throw new utils.DynamicError('Signed session ID is required');
385
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
362
386
  }
363
387
  const walletClient = yield this.getWaasWalletClient();
364
388
  yield walletClient.exportClientKeyshares({
@@ -373,13 +397,13 @@ const withDynamicWaas = (BaseClass) => {
373
397
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, googleDriveAccessToken, }) {
374
398
  var _b, _c, _d;
375
399
  if (!accountAddress) {
376
- throw new utils.DynamicError('Account address is required');
400
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
377
401
  }
378
402
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
379
403
  const walletClient = yield this.getWaasWalletClient();
380
404
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
381
405
  if (!signedSessionId) {
382
- throw new utils.DynamicError('Signed session ID is required');
406
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
383
407
  }
384
408
  return walletClient.backupKeySharesToGoogleDrive({
385
409
  accountAddress,
@@ -395,13 +419,13 @@ const withDynamicWaas = (BaseClass) => {
395
419
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
396
420
  var _b, _c;
397
421
  if (!accountAddress) {
398
- throw new utils.DynamicError('Account address is required');
422
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
399
423
  }
400
424
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
401
425
  const walletClient = yield this.getWaasWalletClient();
402
426
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
403
427
  if (!signedSessionId) {
404
- throw new utils.DynamicError('Signed session ID is required');
428
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
405
429
  }
406
430
  return walletClient.exportClientKeysharesFromGoogleDrive({
407
431
  accountAddress,
@@ -415,13 +439,13 @@ const withDynamicWaas = (BaseClass) => {
415
439
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
416
440
  var _b, _c, _d;
417
441
  if (!accountAddress) {
418
- throw new utils.DynamicError('Account address is required');
442
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
419
443
  }
420
444
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
421
445
  const walletClient = yield this.getWaasWalletClient();
422
446
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
423
447
  if (!signedSessionId) {
424
- throw new utils.DynamicError('Signed session ID is required');
448
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
425
449
  }
426
450
  return walletClient.backupKeySharesToICloud({
427
451
  accountAddress,
@@ -456,14 +480,14 @@ const withDynamicWaas = (BaseClass) => {
456
480
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
457
481
  var _b, _c, _d, _e, _f, _g, _h;
458
482
  if (!accountAddress) {
459
- throw new utils.DynamicError('Account address is required');
483
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
460
484
  }
461
485
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
462
486
  const walletClient = yield this.getWaasWalletClient();
463
487
  const recoverySignedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
464
488
  const backupSignedSessionId = yield ((_c = this.getSignedSessionId) === null || _c === void 0 ? void 0 : _c.call(this));
465
489
  if (!recoverySignedSessionId || !backupSignedSessionId) {
466
- throw new utils.DynamicError('Signed session ID is required');
490
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
467
491
  }
468
492
  yield walletClient.getWallet({
469
493
  accountAddress,
@@ -491,18 +515,18 @@ const withDynamicWaas = (BaseClass) => {
491
515
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, thresholdSignatureScheme, password, }) {
492
516
  var _b, _c, _d, _e, _f;
493
517
  if (!accountAddress) {
494
- throw new utils.DynamicError('Account address is required');
518
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
495
519
  }
496
520
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
497
521
  const walletClient = yield this.getWaasWalletClient();
498
522
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
499
523
  if (!signedSessionId) {
500
- throw new utils.DynamicError('Signed session ID is required');
524
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
501
525
  }
502
526
  const wallets = yield walletClient.getWallets();
503
527
  const wallet = wallets.find((w) => w.accountAddress === accountAddress);
504
528
  if (!wallet) {
505
- throw new utils.DynamicError('Wallet not found');
529
+ throw new utils.DynamicError('Wallet not found', 'wallet_not_found');
506
530
  }
507
531
  const oldThresholdSignatureScheme = wallet.thresholdSignatureScheme;
508
532
  const mfaToken = yield ((_c = this.getMfaToken) === null || _c === void 0 ? void 0 : _c.call(this, {
@@ -528,13 +552,13 @@ const withDynamicWaas = (BaseClass) => {
528
552
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
529
553
  var _b, _c, _d;
530
554
  if (!accountAddress) {
531
- throw new utils.DynamicError('Account address is required');
555
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
532
556
  }
533
557
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
534
558
  const walletClient = yield this.getWaasWalletClient();
535
559
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
536
560
  if (!signedSessionId) {
537
- throw new utils.DynamicError('Signed session ID is required');
561
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
538
562
  }
539
563
  return walletClient.revokeDelegation({
540
564
  accountAddress,
@@ -548,15 +572,15 @@ const withDynamicWaas = (BaseClass) => {
548
572
  updatePassword(_a) {
549
573
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, existingPassword, newPassword, }) {
550
574
  if (!accountAddress) {
551
- throw new utils.DynamicError('Account address is required');
575
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
552
576
  }
553
577
  const resolvedExistingPassword = existingPassword !== null && existingPassword !== void 0 ? existingPassword : (yield this.getPasswordIfNeeded({ accountAddress }));
554
578
  if (!resolvedExistingPassword) {
555
- throw new utils.DynamicError('Existing password is required to update password');
579
+ throw new utils.DynamicError('Existing password is required to update password', 'existing_password_is_required_to_update');
556
580
  }
557
581
  const walletClient = yield this.getWaasWalletClient();
558
582
  if (!this.getSignedSessionId) {
559
- throw new utils.DynamicError('Signed session ID is required');
583
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
560
584
  }
561
585
  const wallets = yield walletClient.getAllWallets();
562
586
  const encryptedWallets = wallets.filter((w) => { var _a; return (_a = w.clientKeySharesBackupInfo) === null || _a === void 0 ? void 0 : _a.passwordEncrypted; });
@@ -579,11 +603,11 @@ const withDynamicWaas = (BaseClass) => {
579
603
  setPassword(_a) {
580
604
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, newPassword, }) {
581
605
  if (!accountAddress) {
582
- throw new utils.DynamicError('Account address is required');
606
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
583
607
  }
584
608
  const walletClient = yield this.getWaasWalletClient();
585
609
  if (!this.getSignedSessionId) {
586
- throw new utils.DynamicError('Signed session ID is required');
610
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
587
611
  }
588
612
  const wallets = yield walletClient.getAllWallets();
589
613
  const passwordUpdateBatchId = crypto.randomUUID();
@@ -605,16 +629,16 @@ const withDynamicWaas = (BaseClass) => {
605
629
  return _tslib.__awaiter(this, arguments, void 0, function* ({ accountAddress, message, password, }) {
606
630
  var _b, _c, _d, _e;
607
631
  if (!accountAddress) {
608
- throw new utils.DynamicError('Account address is required');
632
+ throw new utils.DynamicError('Account address is required', 'account_address_is_required');
609
633
  }
610
634
  if (message.length !== 64) {
611
- throw new utils.DynamicError('Message must be 64 characters long');
635
+ throw new utils.DynamicError('Message must be 64 characters long', 'message_must_be_64_characters_long');
612
636
  }
613
637
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
614
638
  const walletClient = yield this.getWaasWalletClient();
615
639
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
616
640
  if (!signedSessionId) {
617
- throw new utils.DynamicError('Signed session ID is required');
641
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
618
642
  }
619
643
  const mfaToken = yield ((_c = this.getMfaToken) === null || _c === void 0 ? void 0 : _c.call(this, {
620
644
  mfaAction: sdkApiCore.MFAAction.WalletWaasSign,
@@ -638,12 +662,12 @@ const withDynamicWaas = (BaseClass) => {
638
662
  var _b, _c;
639
663
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
640
664
  if (!resolvedPassword) {
641
- throw new utils.DynamicError('Password is required to unlock this wallet');
665
+ throw new utils.DynamicError('Password is required to unlock this wallet', 'password_is_required_to_unlock_this');
642
666
  }
643
667
  const walletClient = yield this.getWaasWalletClient();
644
668
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
645
669
  if (!signedSessionId) {
646
- throw new utils.DynamicError('Signed session ID is required');
670
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
647
671
  }
648
672
  return walletClient.unlockWallet({
649
673
  accountAddress,
@@ -659,7 +683,7 @@ const withDynamicWaas = (BaseClass) => {
659
683
  const walletClient = yield this.getWaasWalletClient();
660
684
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
661
685
  if (!signedSessionId) {
662
- throw new utils.DynamicError('Signed session ID is required');
686
+ throw new utils.DynamicError('Signed session ID is required', 'signed_session_id_is_required');
663
687
  }
664
688
  return walletClient.getWalletRecoveryState({
665
689
  accountAddress,
@@ -670,6 +694,7 @@ const withDynamicWaas = (BaseClass) => {
670
694
  }
671
695
  endSession(reason) {
672
696
  return _tslib.__awaiter(this, void 0, void 0, function* () {
697
+ var _a;
673
698
  // Building the wallet client requires an auth token (createDynamicWaasClient
674
699
  // throws in header auth mode when none is present); the new scope guard in
675
700
  // getWaasWalletClient also throws during pending-auth (MFA/KYC/device). On
@@ -721,6 +746,8 @@ const withDynamicWaas = (BaseClass) => {
721
746
  });
722
747
  }
723
748
  }
749
+ (_a = this.revokeSignedSession) === null || _a === void 0 ? void 0 : _a.call(this);
750
+ this.revokeSignedSession = undefined;
724
751
  this.dynamicWaasClient = undefined;
725
752
  });
726
753
  }
@@ -828,7 +855,7 @@ const withDynamicWaas = (BaseClass) => {
828
855
  }
829
856
  getPrivateBalance() {
830
857
  return _tslib.__awaiter(this, void 0, void 0, function* () {
831
- throw new utils.DynamicError(`getPrivateBalance is not supported for ${this.chainName} wallets`);
858
+ throw new utils.DynamicError(`getPrivateBalance is not supported for ${this.chainName} wallets`, 'getprivatebalance_is_not_supported_for_wallets');
832
859
  });
833
860
  }
834
861
  }
@@ -30,6 +30,7 @@ export declare const withDynamicWaas: <T extends abstract new (...args: any[]) =
30
30
  relayUrl?: string | undefined;
31
31
  baseClientKeysharesRelayApiUrl?: string | undefined;
32
32
  dynamicWaasClient: DynamicWalletClient | undefined;
33
+ revokeSignedSession: (() => void) | undefined;
33
34
  chainName: string;
34
35
  authMode: 'cookie' | 'header';
35
36
  logger: Logger;
@@ -77,6 +78,9 @@ export declare const withDynamicWaas: <T extends abstract new (...args: any[]) =
77
78
  accountAddress: string;
78
79
  password?: string;
79
80
  }): Promise<void>;
81
+ createRevocableSignedSessionCallback(): {
82
+ getSignedSessionId: () => Promise<string>;
83
+ };
80
84
  createDynamicWaasClient(traceContext?: TraceContext): Promise<DynamicWalletClient>;
81
85
  getWaasWalletClient(traceContext?: TraceContext, { forceRebuild }?: {
82
86
  forceRebuild?: boolean;
@@ -66,7 +66,7 @@ const withDynamicWaas = (BaseClass) => {
66
66
  }
67
67
  // Wallet is password-encrypted and needs to be unlocked
68
68
  if (!this.getWalletPassword) {
69
- throw new DynamicError('Wallet is locked but no password provider is configured');
69
+ throw new DynamicError('Wallet is locked but no password provider is configured', 'wallet_is_locked_but_no_password');
70
70
  }
71
71
  const password = yield this.getWalletPassword({
72
72
  accountAddress,
@@ -175,19 +175,37 @@ const withDynamicWaas = (BaseClass) => {
175
175
  };
176
176
  const chainName = chainNameMap[connectedChain];
177
177
  if (!chainName) {
178
- throw new DynamicError(`Unsupported chain: ${connectedChain}`);
178
+ throw new DynamicError(`Unsupported chain: ${connectedChain}`, 'unsupported_chain');
179
179
  }
180
180
  this.chainName = chainName;
181
181
  }
182
+ createRevocableSignedSessionCallback() {
183
+ if (!this.getSignedSessionId) {
184
+ throw new Error('[DynamicWaasMixin] getSignedSessionId must be set before creating a revocable callback');
185
+ }
186
+ const original = this.getSignedSessionId;
187
+ let revoked = false;
188
+ this.revokeSignedSession = () => {
189
+ revoked = true;
190
+ };
191
+ return {
192
+ getSignedSessionId: () => __awaiter(this, void 0, void 0, function* () {
193
+ if (revoked) {
194
+ throw new Error('[DynamicWaasMixin] WaaS client replaced — signed session callback revoked');
195
+ }
196
+ return original();
197
+ }),
198
+ };
199
+ }
182
200
  createDynamicWaasClient(traceContext) {
183
201
  return __awaiter(this, void 0, void 0, function* () {
184
202
  var _a;
185
203
  const authToken = (_a = this.getAuthToken) === null || _a === void 0 ? void 0 : _a.call(this);
186
204
  if (!authToken && this.authMode === 'header') {
187
- throw new DynamicError('Auth token is required in non-cookie auth mode');
205
+ throw new DynamicError('Auth token is required in non-cookie auth mode', 'auth_token_is_required_in_noncookie');
188
206
  }
189
207
  if (!this.environmentId) {
190
- throw new DynamicError('Environment ID is required');
208
+ throw new DynamicError('Environment ID is required', 'environment_id_is_required');
191
209
  }
192
210
  const client = new DynamicWalletClient({
193
211
  authMode: (this.authMode || 'header'),
@@ -204,7 +222,7 @@ const withDynamicWaas = (BaseClass) => {
204
222
  }, Object.assign(Object.assign(Object.assign(Object.assign({}, (PlatformService.isWaasSecureStorageSupported
205
223
  ? { secureStorage: createWaasClientSecureStorage() }
206
224
  : {})), (this.getSignedSessionId
207
- ? { getSignedSessionId: this.getSignedSessionId }
225
+ ? this.createRevocableSignedSessionCallback()
208
226
  : {})), (this.getSessionPublicKey
209
227
  ? { getSessionPublicKey: this.getSessionPublicKey }
210
228
  : {})), (this.onUnauthorized
@@ -221,13 +239,19 @@ const withDynamicWaas = (BaseClass) => {
221
239
  }
222
240
  getWaasWalletClient(traceContext_1) {
223
241
  return __awaiter(this, arguments, void 0, function* (traceContext, { forceRebuild = false } = {}) {
224
- var _a;
242
+ var _a, _b;
225
243
  // forceRebuild drops the cached client so the iframe re-auths with the
226
244
  // fresh session (e.g. after a step-up reauth) instead of 401-ing on the
227
245
  // stale cached token. Callers must only force a rebuild when a token is
228
246
  // available (see getWaasWalletConnector's live-token guard); otherwise
229
247
  // createDynamicWaasClient would throw "Auth token is required".
230
248
  if (forceRebuild) {
249
+ // Revoke the previous client's nonce callback before dropping it.
250
+ // The old DynamicWalletClient is not destroyed — it has no cancellation
251
+ // API — but revoking its reverse-channel callback prevents it from
252
+ // fetching fresh nonces and competing with the new client's recovery.
253
+ (_a = this.revokeSignedSession) === null || _a === void 0 ? void 0 : _a.call(this);
254
+ this.revokeSignedSession = undefined;
231
255
  this.dynamicWaasClient = undefined;
232
256
  }
233
257
  if (!this.dynamicWaasClient) {
@@ -239,7 +263,7 @@ const withDynamicWaas = (BaseClass) => {
239
263
  // 401s and trips the iframe's unauthorized → forced-logout path. Every
240
264
  // WaaS caller funnels through here, so this single guard covers auto
241
265
  // wallet creation, ZeroDev smart-wallet init, getWallet, etc.
242
- if (tokenHasPendingAuthScope((_a = this.getAuthToken) === null || _a === void 0 ? void 0 : _a.call(this))) {
266
+ if (tokenHasPendingAuthScope((_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this))) {
243
267
  throw new WaasAuthScopePendingError();
244
268
  }
245
269
  this.dynamicWaasClient = yield this.createDynamicWaasClient(traceContext);
@@ -254,7 +278,7 @@ const withDynamicWaas = (BaseClass) => {
254
278
  const walletClient = yield this.getWaasWalletClient();
255
279
  const signedSessionId = yield ((_a = this.getSignedSessionId) === null || _a === void 0 ? void 0 : _a.call(this));
256
280
  if (!signedSessionId) {
257
- throw new DynamicError('Signed session ID is required');
281
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
258
282
  }
259
283
  const createdWallet = yield walletClient.createWalletAccount({
260
284
  authToken: (_b = this.getAuthToken) === null || _b === void 0 ? void 0 : _b.call(this),
@@ -272,7 +296,7 @@ const withDynamicWaas = (BaseClass) => {
272
296
  const walletClient = yield this.getWaasWalletClient();
273
297
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
274
298
  if (!signedSessionId) {
275
- throw new DynamicError('Signed session ID is required');
299
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
276
300
  }
277
301
  yield walletClient.importPrivateKey({
278
302
  addressType,
@@ -292,7 +316,7 @@ const withDynamicWaas = (BaseClass) => {
292
316
  const walletClient = yield this.getWaasWalletClient();
293
317
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
294
318
  if (!signedSessionId) {
295
- throw new DynamicError('Signed session ID is required');
319
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
296
320
  }
297
321
  return walletClient.migrateFromFireblocks({
298
322
  authToken: (_c = this.getAuthToken) === null || _c === void 0 ? void 0 : _c.call(this),
@@ -312,17 +336,17 @@ const withDynamicWaas = (BaseClass) => {
312
336
  const walletClient = yield this.getWaasWalletClient();
313
337
  const targetAccountAddress = accountAddress || (yield this.getActiveAccountAddress());
314
338
  if (!targetAccountAddress) {
315
- throw new DynamicError('Account address is required');
339
+ throw new DynamicError('Account address is required', 'account_address_is_required');
316
340
  }
317
341
  if (!displayContainer) {
318
- throw new DynamicError('Missing display container for export private key');
342
+ throw new DynamicError('Missing display container for export private key', 'missing_display_container_for_export_private');
319
343
  }
320
344
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({
321
345
  accountAddress: targetAccountAddress,
322
346
  }));
323
347
  const signedSessionId = yield ((_a = this.getSignedSessionId) === null || _a === void 0 ? void 0 : _a.call(this));
324
348
  if (!signedSessionId) {
325
- throw new DynamicError('Signed session ID is required');
349
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
326
350
  }
327
351
  this.__exportHandler.setIframeStamper(displayContainer);
328
352
  const mfaToken = yield ((_b = this.getMfaToken) === null || _b === void 0 ? void 0 : _b.call(this, {
@@ -349,12 +373,12 @@ const withDynamicWaas = (BaseClass) => {
349
373
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
350
374
  var _b, _c;
351
375
  if (!accountAddress) {
352
- throw new DynamicError('Account address is required');
376
+ throw new DynamicError('Account address is required', 'account_address_is_required');
353
377
  }
354
378
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
355
379
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
356
380
  if (!signedSessionId) {
357
- throw new DynamicError('Signed session ID is required');
381
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
358
382
  }
359
383
  const walletClient = yield this.getWaasWalletClient();
360
384
  yield walletClient.exportClientKeyshares({
@@ -369,13 +393,13 @@ const withDynamicWaas = (BaseClass) => {
369
393
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, googleDriveAccessToken, }) {
370
394
  var _b, _c, _d;
371
395
  if (!accountAddress) {
372
- throw new DynamicError('Account address is required');
396
+ throw new DynamicError('Account address is required', 'account_address_is_required');
373
397
  }
374
398
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
375
399
  const walletClient = yield this.getWaasWalletClient();
376
400
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
377
401
  if (!signedSessionId) {
378
- throw new DynamicError('Signed session ID is required');
402
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
379
403
  }
380
404
  return walletClient.backupKeySharesToGoogleDrive({
381
405
  accountAddress,
@@ -391,13 +415,13 @@ const withDynamicWaas = (BaseClass) => {
391
415
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
392
416
  var _b, _c;
393
417
  if (!accountAddress) {
394
- throw new DynamicError('Account address is required');
418
+ throw new DynamicError('Account address is required', 'account_address_is_required');
395
419
  }
396
420
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
397
421
  const walletClient = yield this.getWaasWalletClient();
398
422
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
399
423
  if (!signedSessionId) {
400
- throw new DynamicError('Signed session ID is required');
424
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
401
425
  }
402
426
  return walletClient.exportClientKeysharesFromGoogleDrive({
403
427
  accountAddress,
@@ -411,13 +435,13 @@ const withDynamicWaas = (BaseClass) => {
411
435
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
412
436
  var _b, _c, _d;
413
437
  if (!accountAddress) {
414
- throw new DynamicError('Account address is required');
438
+ throw new DynamicError('Account address is required', 'account_address_is_required');
415
439
  }
416
440
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPassword({ accountAddress }));
417
441
  const walletClient = yield this.getWaasWalletClient();
418
442
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
419
443
  if (!signedSessionId) {
420
- throw new DynamicError('Signed session ID is required');
444
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
421
445
  }
422
446
  return walletClient.backupKeySharesToICloud({
423
447
  accountAddress,
@@ -452,14 +476,14 @@ const withDynamicWaas = (BaseClass) => {
452
476
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
453
477
  var _b, _c, _d, _e, _f, _g, _h;
454
478
  if (!accountAddress) {
455
- throw new DynamicError('Account address is required');
479
+ throw new DynamicError('Account address is required', 'account_address_is_required');
456
480
  }
457
481
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
458
482
  const walletClient = yield this.getWaasWalletClient();
459
483
  const recoverySignedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
460
484
  const backupSignedSessionId = yield ((_c = this.getSignedSessionId) === null || _c === void 0 ? void 0 : _c.call(this));
461
485
  if (!recoverySignedSessionId || !backupSignedSessionId) {
462
- throw new DynamicError('Signed session ID is required');
486
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
463
487
  }
464
488
  yield walletClient.getWallet({
465
489
  accountAddress,
@@ -487,18 +511,18 @@ const withDynamicWaas = (BaseClass) => {
487
511
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, thresholdSignatureScheme, password, }) {
488
512
  var _b, _c, _d, _e, _f;
489
513
  if (!accountAddress) {
490
- throw new DynamicError('Account address is required');
514
+ throw new DynamicError('Account address is required', 'account_address_is_required');
491
515
  }
492
516
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
493
517
  const walletClient = yield this.getWaasWalletClient();
494
518
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
495
519
  if (!signedSessionId) {
496
- throw new DynamicError('Signed session ID is required');
520
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
497
521
  }
498
522
  const wallets = yield walletClient.getWallets();
499
523
  const wallet = wallets.find((w) => w.accountAddress === accountAddress);
500
524
  if (!wallet) {
501
- throw new DynamicError('Wallet not found');
525
+ throw new DynamicError('Wallet not found', 'wallet_not_found');
502
526
  }
503
527
  const oldThresholdSignatureScheme = wallet.thresholdSignatureScheme;
504
528
  const mfaToken = yield ((_c = this.getMfaToken) === null || _c === void 0 ? void 0 : _c.call(this, {
@@ -524,13 +548,13 @@ const withDynamicWaas = (BaseClass) => {
524
548
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, password, }) {
525
549
  var _b, _c, _d;
526
550
  if (!accountAddress) {
527
- throw new DynamicError('Account address is required');
551
+ throw new DynamicError('Account address is required', 'account_address_is_required');
528
552
  }
529
553
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
530
554
  const walletClient = yield this.getWaasWalletClient();
531
555
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
532
556
  if (!signedSessionId) {
533
- throw new DynamicError('Signed session ID is required');
557
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
534
558
  }
535
559
  return walletClient.revokeDelegation({
536
560
  accountAddress,
@@ -544,15 +568,15 @@ const withDynamicWaas = (BaseClass) => {
544
568
  updatePassword(_a) {
545
569
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, existingPassword, newPassword, }) {
546
570
  if (!accountAddress) {
547
- throw new DynamicError('Account address is required');
571
+ throw new DynamicError('Account address is required', 'account_address_is_required');
548
572
  }
549
573
  const resolvedExistingPassword = existingPassword !== null && existingPassword !== void 0 ? existingPassword : (yield this.getPasswordIfNeeded({ accountAddress }));
550
574
  if (!resolvedExistingPassword) {
551
- throw new DynamicError('Existing password is required to update password');
575
+ throw new DynamicError('Existing password is required to update password', 'existing_password_is_required_to_update');
552
576
  }
553
577
  const walletClient = yield this.getWaasWalletClient();
554
578
  if (!this.getSignedSessionId) {
555
- throw new DynamicError('Signed session ID is required');
579
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
556
580
  }
557
581
  const wallets = yield walletClient.getAllWallets();
558
582
  const encryptedWallets = wallets.filter((w) => { var _a; return (_a = w.clientKeySharesBackupInfo) === null || _a === void 0 ? void 0 : _a.passwordEncrypted; });
@@ -575,11 +599,11 @@ const withDynamicWaas = (BaseClass) => {
575
599
  setPassword(_a) {
576
600
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, newPassword, }) {
577
601
  if (!accountAddress) {
578
- throw new DynamicError('Account address is required');
602
+ throw new DynamicError('Account address is required', 'account_address_is_required');
579
603
  }
580
604
  const walletClient = yield this.getWaasWalletClient();
581
605
  if (!this.getSignedSessionId) {
582
- throw new DynamicError('Signed session ID is required');
606
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
583
607
  }
584
608
  const wallets = yield walletClient.getAllWallets();
585
609
  const passwordUpdateBatchId = crypto.randomUUID();
@@ -601,16 +625,16 @@ const withDynamicWaas = (BaseClass) => {
601
625
  return __awaiter(this, arguments, void 0, function* ({ accountAddress, message, password, }) {
602
626
  var _b, _c, _d, _e;
603
627
  if (!accountAddress) {
604
- throw new DynamicError('Account address is required');
628
+ throw new DynamicError('Account address is required', 'account_address_is_required');
605
629
  }
606
630
  if (message.length !== 64) {
607
- throw new DynamicError('Message must be 64 characters long');
631
+ throw new DynamicError('Message must be 64 characters long', 'message_must_be_64_characters_long');
608
632
  }
609
633
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
610
634
  const walletClient = yield this.getWaasWalletClient();
611
635
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
612
636
  if (!signedSessionId) {
613
- throw new DynamicError('Signed session ID is required');
637
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
614
638
  }
615
639
  const mfaToken = yield ((_c = this.getMfaToken) === null || _c === void 0 ? void 0 : _c.call(this, {
616
640
  mfaAction: MFAAction.WalletWaasSign,
@@ -634,12 +658,12 @@ const withDynamicWaas = (BaseClass) => {
634
658
  var _b, _c;
635
659
  const resolvedPassword = password !== null && password !== void 0 ? password : (yield this.getPasswordIfNeeded({ accountAddress }));
636
660
  if (!resolvedPassword) {
637
- throw new DynamicError('Password is required to unlock this wallet');
661
+ throw new DynamicError('Password is required to unlock this wallet', 'password_is_required_to_unlock_this');
638
662
  }
639
663
  const walletClient = yield this.getWaasWalletClient();
640
664
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
641
665
  if (!signedSessionId) {
642
- throw new DynamicError('Signed session ID is required');
666
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
643
667
  }
644
668
  return walletClient.unlockWallet({
645
669
  accountAddress,
@@ -655,7 +679,7 @@ const withDynamicWaas = (BaseClass) => {
655
679
  const walletClient = yield this.getWaasWalletClient();
656
680
  const signedSessionId = yield ((_b = this.getSignedSessionId) === null || _b === void 0 ? void 0 : _b.call(this));
657
681
  if (!signedSessionId) {
658
- throw new DynamicError('Signed session ID is required');
682
+ throw new DynamicError('Signed session ID is required', 'signed_session_id_is_required');
659
683
  }
660
684
  return walletClient.getWalletRecoveryState({
661
685
  accountAddress,
@@ -666,6 +690,7 @@ const withDynamicWaas = (BaseClass) => {
666
690
  }
667
691
  endSession(reason) {
668
692
  return __awaiter(this, void 0, void 0, function* () {
693
+ var _a;
669
694
  // Building the wallet client requires an auth token (createDynamicWaasClient
670
695
  // throws in header auth mode when none is present); the new scope guard in
671
696
  // getWaasWalletClient also throws during pending-auth (MFA/KYC/device). On
@@ -717,6 +742,8 @@ const withDynamicWaas = (BaseClass) => {
717
742
  });
718
743
  }
719
744
  }
745
+ (_a = this.revokeSignedSession) === null || _a === void 0 ? void 0 : _a.call(this);
746
+ this.revokeSignedSession = undefined;
720
747
  this.dynamicWaasClient = undefined;
721
748
  });
722
749
  }
@@ -824,7 +851,7 @@ const withDynamicWaas = (BaseClass) => {
824
851
  }
825
852
  getPrivateBalance() {
826
853
  return __awaiter(this, void 0, void 0, function* () {
827
- throw new DynamicError(`getPrivateBalance is not supported for ${this.chainName} wallets`);
854
+ throw new DynamicError(`getPrivateBalance is not supported for ${this.chainName} wallets`, 'getprivatebalance_is_not_supported_for_wallets');
828
855
  });
829
856
  }
830
857
  }