@enbox/auth 0.6.0 → 0.6.1

package/dist/esm/connect/wallet.js

@@ -15,62 +15,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
-import { Convert } from '@enbox/common';
+import { DEFAULT_DWN_ENDPOINTS } from '../types.js';
 import { registerWithDwnEndpoints } from '../registration.js';
 import { WalletConnect } from '../wallet-connect-client.js';
-import { DEFAULT_DWN_ENDPOINTS, STORAGE_KEYS } from '../types.js';
-import { DwnInterface, DwnPermissionGrant } from '@enbox/agent';
-import { ensureVaultReady, finalizeSession, resolvePassword, startSyncIfEnabled } from './lifecycle.js';
-/**
- * Process connected grants by storing them in the local DWN as the owner.
- *
- * This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
- * It stores each grant, signed as owner, and returns the deduplicated
- * list of protocol URIs represented by the grants.
- *
- * @internal
- */
-export function processConnectedGrants(params) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { agent, delegateDid, grants } = params;
-        const connectedProtocols = new Set();
-        for (const grantMessage of grants) {
-            const grant = DwnPermissionGrant.parse(grantMessage);
-            // Store the grant as the owner of the DWN so the delegateDid
-            // can use it when impersonating the connectedDid.
-            const { encodedData } = grantMessage, rawMessage = __rest(grantMessage, ["encodedData"]);
-            const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
-            const { reply } = yield agent.processDwnRequest({
-                store: true,
-                author: delegateDid,
-                target: delegateDid,
-                messageType: DwnInterface.RecordsWrite,
-                signAsOwner: true,
-                rawMessage,
-                dataStream,
-            });
-            if (reply.status.code !== 202) {
-                throw new Error(`[@enbox/auth] Failed to process connected grant: ${reply.status.detail}`);
-            }
-            const protocol = grant.scope.protocol;
-            if (protocol) {
-                connectedProtocols.add(protocol);
-            }
-        }
-        return [...connectedProtocols];
-    });
-}
+import { ensureVaultReady, finalizeDelegateSession, importDelegateAndSetupSync, resolvePassword } from './lifecycle.js';
+// Re-export for backward compatibility — processConnectedGrants moved to lifecycle.ts.
+export { processConnectedGrants } from './lifecycle.js';
 /**
  * Execute the wallet connect flow.
  *
@@ -90,14 +40,8 @@ export function walletConnect(ctx, options) {
         // Ensure the agent is initialized and started before the relay flow.
         const isFirstLaunch = yield userAgent.firstLaunch();
         const password = yield resolvePassword(ctx, undefined, isFirstLaunch);
-        yield ensureVaultReady({
-            userAgent,
-            emitter,
-            password,
-            isFirstLaunch,
-        });
+        yield ensureVaultReady({ userAgent, emitter, password, isFirstLaunch });
         // Run the Enbox Connect relay flow.
-        // permissionRequests are already agent-level ConnectPermissionRequest objects.
         const result = yield WalletConnect.initClient({
             displayName: options.displayName,
             connectServerUrl: options.connectServerUrl,
@@ -109,84 +53,27 @@ export function walletConnect(ctx, options) {
         if (!result) {
             throw new Error('[@enbox/auth] Wallet connect flow was cancelled or returned no result.');
         }
+        // Import delegate DID, process grants, and set up sync.
         const { delegatePortableDid, connectedDid, delegateGrants } = result;
-        // Import the delegated DID as an Identity.
-        let identity;
-        try {
-            identity = yield userAgent.identity.import({
-                portableIdentity: {
-                    portableDid: delegatePortableDid,
-                    metadata: {
-                        connectedDid,
-                        name: 'Default',
-                        uri: delegatePortableDid.uri,
-                        tenant: userAgent.agentDid.uri,
-                    },
-                },
-            });
-            // Process the connected grants using agent primitives.
-            const connectedProtocols = yield processConnectedGrants({
-                agent: userAgent,
-                delegateDid: delegatePortableDid.uri,
-                grants: delegateGrants,
-            });
-            // Register with DWN endpoints (if registration options are provided).
-            if (ctx.registration) {
-                const dwnEndpoints = (_c = ctx.defaultDwnEndpoints) !== null && _c !== void 0 ? _c : DEFAULT_DWN_ENDPOINTS;
-                yield registerWithDwnEndpoints({
-                    userAgent: userAgent,
-                    dwnEndpoints,
-                    agentDid: userAgent.agentDid.uri,
-                    connectedDid,
-                    storage: storage,
-                }, ctx.registration);
-            }
-            // Register sync for the connected identity.
-            yield userAgent.sync.registerIdentity({
-                did: connectedDid,
-                options: {
-                    delegateDid: delegatePortableDid.uri,
-                    protocols: connectedProtocols,
-                },
-            });
-            // Pull down existing messages from the connected DID's DWN.
-            yield userAgent.sync.sync('pull');
-        }
-        catch (error) {
-            // Clean up on failure.
-            if (identity) {
-                try {
-                    yield userAgent.did.delete({
-                        didUri: identity.did.uri,
-                        tenant: identity.metadata.tenant,
-                        deleteKey: true,
-                    });
-                }
-                catch ( /* best effort */_d) { /* best effort */ }
-                try {
-                    yield userAgent.identity.delete({ didUri: identity.did.uri });
-                }
-                catch ( /* best effort */_e) { /* best effort */ }
-            }
-            const message = error instanceof Error ? error.message : String(error);
-            throw new Error(`[@enbox/auth] Wallet connect failed: ${message}`);
+        const identity = yield importDelegateAndSetupSync({
+            userAgent, delegatePortableDid, connectedDid, delegateGrants,
+            flowName: 'Wallet connect',
+        });
+        // Register with DWN endpoints (if registration options are provided).
+        if (ctx.registration) {
+            const dwnEndpoints = (_c = ctx.defaultDwnEndpoints) !== null && _c !== void 0 ? _c : DEFAULT_DWN_ENDPOINTS;
+            yield registerWithDwnEndpoints({
+                userAgent,
+                dwnEndpoints,
+                agentDid: userAgent.agentDid.uri,
+                connectedDid,
+                storage,
+            }, ctx.registration);
         }
-        const delegateDid = delegatePortableDid.uri;
-        // Start sync.
-        startSyncIfEnabled(userAgent, sync);
-        // Persist session info, build AuthSession, and emit lifecycle events.
-        return finalizeSession({
-            userAgent,
-            emitter,
-            storage,
-            connectedDid,
-            delegateDid,
-            identityName: identity.metadata.name,
-            identityConnectedDid: identity.metadata.connectedDid,
-            extraStorageKeys: {
-                [STORAGE_KEYS.DELEGATE_DID]: delegateDid,
-                [STORAGE_KEYS.CONNECTED_DID]: connectedDid,
-            },
+        // Finalize session.
+        return finalizeDelegateSession({
+            userAgent, emitter, storage, identity,
+            connectedDid, delegateDid: delegatePortableDid.uri, sync,
         });
     });
 }

package/dist/esm/connect/wallet.js.map

@@ -1 +1 @@
-{"version":3,"file":"wallet.js","sourceRoot":"","sources":["../../../src/connect/wallet.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;AAQH,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,qBAAqB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAExG;;;;;;;;GAQG;AACH,MAAM,UAAgB,sBAAsB,CAAC,MAI5C;;QACC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;QAC9C,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE7C,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAErD,6DAA6D;YAC7D,kDAAkD;YAClD,MAAM,EAAE,WAAW,KAAoB,YAAY,EAA3B,UAAU,UAAK,YAAY,EAA7C,eAA8B,CAAe,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,YAAY,EAAc,CAAC,CAAC,CAAC;YAEzF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;gBAC9C,KAAK,EAAS,IAAI;gBAClB,MAAM,EAAQ,WAAW;gBACzB,MAAM,EAAQ,WAAW;gBACzB,WAAW,EAAG,YAAY,CAAC,YAAY;gBACvC,WAAW,EAAG,IAAI;gBAClB,UAAU;gBACV,UAAU;aACX,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,oDAAoD,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAI,KAAK,CAAC,KAAgE,CAAC,QAAQ,CAAC;YAClG,IAAI,QAAQ,EAAE,CAAC;gBACb,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,kBAAkB,CAAC,CAAC;IACjC,CAAC;CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAgB,EAChB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,qEAAqE;QACrE,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QAEtE,MAAM,gBAAgB,CAAC;YACrB,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;SACd,CAAC,CAAC;QAEH,oCAAoC;QACpC,+EAA+E;QAC/E,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC;YAC5C,WAAW,EAAU,OAAO,CAAC,WAAW;YACxC,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,SAAS,EAAY,MAAA,OAAO,CAAC,SAAS,mCAAI,iBAAiB;YAC3D,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;YAC/C,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,WAAW,EAAU,OAAO,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC5F,CAAC;QAED,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QAErE,2CAA2C;QAC3C,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,gBAAgB,EAAE;oBAChB,WAAW,EAAG,mBAAmB;oBACjC,QAAQ,EAAM;wBACZ,YAAY;wBACZ,IAAI,EAAK,SAAS;wBAClB,GAAG,EAAM,mBAAmB,CAAC,GAAG;wBAChC,MAAM,EAAG,SAAS,CAAC,QAAQ,CAAC,GAAG;qBAChC;iBACF;aACF,CAAC,CAAC;YAEH,uDAAuD;YACvD,MAAM,kBAAkB,GAAG,MAAM,sBAAsB,CAAC;gBACtD,KAAK,EAAS,SAAS;gBACvB,WAAW,EAAG,mBAAmB,CAAC,GAAG;gBACrC,MAAM,EAAQ,cAAc;aAC7B,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;gBACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,qBAAqB,CAAC;gBACtE,MAAM,wBAAwB,CAC5B;oBACE,SAAS,EAAG,SAAS;oBACrB,YAAY;oBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;oBAClC,YAAY;oBACZ,OAAO,EAAK,OAAO;iBACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;YACJ,CAAC;YAED,4CAA4C;YAC5C,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG;oBACR,WAAW,EAAG,mBAAmB,CAAC,GAAG;oBACrC,SAAS,EAAK,kBAAkB;iBACjC;aACF,CAAC,CAAC;YAEH,4DAA4D;YAC5D,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,uBAAuB;YACvB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;wBACzB,MAAM,EAAM,QAAQ,CAAC,GAAG,CAAC,GAAG;wBAC5B,MAAM,EAAM,QAAQ,CAAC,QAAQ,CAAC,MAAM;wBACpC,SAAS,EAAG,IAAI;qBACjB,CAAC,CAAC;gBACL,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;gBAE7B,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBAChE,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC/B,CAAC;YAED,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC;QAE5C,cAAc;QACd,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAEpC,sEAAsE;QACtE,OAAO,eAAe,CAAC;YACrB,SAAS;YACT,OAAO;YACP,OAAO;YACP,YAAY;YACZ,WAAW;YACX,YAAY,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YAC7C,oBAAoB,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;YACrD,gBAAgB,EAAO;gBACrB,CAAC,YAAY,CAAC,YAAY,CAAC,EAAI,WAAW;gBAC1C,CAAC,YAAY,CAAC,aAAa,CAAC,EAAG,YAAY;aAC5C;SACF,CAAC,CAAC;IACL,CAAC;CAAA"}
+{"version":3,"file":"wallet.js","sourceRoot":"","sources":["../../../src/connect/wallet.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;AAMH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,0BAA0B,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAExH,uFAAuF;AACvF,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAExD;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAgB,EAChB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,qEAAqE;QACrE,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QACtE,MAAM,gBAAgB,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,CAAC;QAExE,oCAAoC;QACpC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC;YAC5C,WAAW,EAAU,OAAO,CAAC,WAAW;YACxC,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,SAAS,EAAY,MAAA,OAAO,CAAC,SAAS,mCAAI,iBAAiB;YAC3D,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;YAC/C,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,WAAW,EAAU,OAAO,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC5F,CAAC;QAED,wDAAwD;QACxD,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QACrE,MAAM,QAAQ,GAAG,MAAM,0BAA0B,CAAC;YAChD,SAAS,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc;YAC5D,QAAQ,EAAE,gBAAgB;SAC3B,CAAC,CAAC;QAEH,sEAAsE;QACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,qBAAqB,CAAC;YACtE,MAAM,wBAAwB,CAC5B;gBACE,SAAS;gBACT,YAAY;gBACZ,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,GAAG;gBAChC,YAAY;gBACZ,OAAO;aACR,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;QACJ,CAAC;QAED,oBAAoB;QACpB,OAAO,uBAAuB,CAAC;YAC7B,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ;YACrC,YAAY,EAAE,WAAW,EAAE,mBAAmB,CAAC,GAAG,EAAE,IAAI;SACzD,CAAC,CAAC;IACL,CAAC;CAAA"}

package/dist/esm/index.js

@@ -5,30 +5,23 @@
  * in both browser and CLI environments. Depends only on `@enbox/agent`
  * and can be used standalone or consumed by `@enbox/api`.
  *
- * @example Standalone auth
+ * @example Standalone auth (wallet app)
  * ```ts
  * import { AuthManager } from '@enbox/auth';
  *
  * const auth = await AuthManager.create({ sync: '15s' });
- * const session = await auth.restoreSession() ?? await auth.connect();
- *
- * // session.agent — the authenticated Enbox agent
- * // session.did   — the connected DID URI
+ * const session = await auth.connectLocal({ password: userPin });
  * ```
  *
- * @example With @enbox/api
+ * @example Dapp with browser connect handler
  * ```ts
  * import { AuthManager } from '@enbox/auth';
- * import { Enbox } from '@enbox/api';
- *
- * const auth = await AuthManager.create({ sync: '15s' });
- * const session = await auth.connect();
+ * import { BrowserConnectHandler } from '@enbox/browser';
  *
- * const enbox = Enbox.connect({
- *   agent: session.agent,
- *   connectedDid: session.did,
- *   delegateDid: session.delegateDid,
+ * const auth = await AuthManager.create({
+ *   connectHandler: BrowserConnectHandler(),
  * });
+ * const session = await auth.connect({ protocols: [NotesProtocol] });
  * ```
  *
  * @packageDocumentation
@@ -42,8 +35,9 @@ export { PasswordProvider } from './password-provider.js';
 // Re-export agent classes so consumers can construct custom agents/vaults
 // without a direct @enbox/agent dependency.
 export { EnboxUserAgent, HdIdentityVault } from '@enbox/agent';
-// Wallet-connect helpers
+// Connect helpers
 export { processConnectedGrants } from './connect/wallet.js';
+export { normalizeProtocolRequests } from './permissions.js';
 export { WalletConnect } from './wallet-connect-client.js';
 // Registration token storage helpers
 export { loadTokensFromStorage, saveTokensToStorage } from './registration.js';

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,eAAe;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,qBAAqB;AACrB,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG1D,0EAA0E;AAC1E,4CAA4C;AAC5C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,yBAAyB;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAG3D,qCAAqC;AACrC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAE/E,4DAA4D;AAC5D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,gBAAgB,EAChB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,gBAAgB,CAAC;AAExB,mBAAmB;AACnB,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,eAAe;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,qBAAqB;AACrB,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG1D,0EAA0E;AAC1E,4CAA4C;AAC5C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,kBAAkB;AAClB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAG3D,qCAAqC;AACrC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAE/E,4DAA4D;AAC5D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,gBAAgB,EAChB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,gBAAgB,CAAC;AAExB,mBAAmB;AACnB,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/esm/permissions.js

@@ -0,0 +1,41 @@
+/**
+ * Permission request normalization utilities.
+ *
+ * Converts simplified `ProtocolRequest` entries (just a protocol definition
+ * or `{ definition, permissions }`) into agent-level `ConnectPermissionRequest`
+ * objects used by connect handlers.
+ *
+ * @module
+ * @internal
+ */
+import { DEFAULT_PERMISSIONS } from './types.js';
+import { WalletConnect } from './wallet-connect-client.js';
+/**
+ * Normalize simplified `ProtocolRequest[]` into agent-level
+ * `ConnectPermissionRequest[]`.
+ */
+export function normalizeProtocolRequests(protocols) {
+    if (!protocols || protocols.length === 0) {
+        return [];
+    }
+    return protocols.map((entry) => {
+        let definition;
+        let permissions;
+        if ('protocol' in entry && 'types' in entry && 'structure' in entry) {
+            // Bare protocol definition — use default permissions.
+            definition = entry;
+            permissions = [...DEFAULT_PERMISSIONS];
+        }
+        else {
+            // Object with explicit permissions.
+            const explicit = entry;
+            definition = explicit.definition;
+            permissions = explicit.permissions;
+        }
+        return WalletConnect.createPermissionRequestForProtocol({
+            definition,
+            permissions: permissions,
+        });
+    });
+}
+//# sourceMappingURL=permissions.js.map

package/dist/esm/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE3D;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CACvC,SAAwC;IAExC,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,EAAE,CAAC;IAAC,CAAC;IAExD,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QAC7B,IAAI,UAAiC,CAAC;QACtC,IAAI,WAAqB,CAAC;QAE1B,IAAI,UAAU,IAAI,KAAK,IAAI,OAAO,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,EAAE,CAAC;YACpE,sDAAsD;YACtD,UAAU,GAAG,KAA8B,CAAC;YAC5C,WAAW,GAAG,CAAC,GAAG,mBAAmB,CAAC,CAAC;QACzC,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,QAAQ,GAAG,KAAqE,CAAC;YACvF,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC;YACjC,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;QACrC,CAAC;QAED,OAAO,aAAa,CAAC,kCAAkC,CAAC;YACtD,UAAU;YACV,WAAW,EAAE,WAAoG;SAClH,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/esm/types.js

@@ -2,6 +2,8 @@
  * @module @enbox/auth
  * Public types for the authentication and identity management SDK.
  */
+/** Default permissions granted when only a protocol definition is provided. */
+export const DEFAULT_PERMISSIONS = ['read', 'write', 'query', 'subscribe'];
 // ─── Internal helpers ────────────────────────────────────────────
 /** The insecure default password used when none is provided. */
 export const INSECURE_DEFAULT_PASSWORD = 'insecure-static-phrase';

package/dist/esm/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AA2cH,oEAAoE;AAEpE,gEAAgE;AAChE,MAAM,CAAC,MAAM,yBAAyB,GAAG,wBAAwB,CAAC;AAElE,yEAAyE;AACzE,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,2BAA2B,CAAC,CAAC;AAEnE;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,oDAAoD;IACpD,oBAAoB,EAAE,gCAAgC;IAEtD,+CAA+C;IAC/C,eAAe,EAAE,2BAA2B;IAE5C,4DAA4D;IAC5D,YAAY,EAAE,wBAAwB;IAEtC,yDAAyD;IACzD,aAAa,EAAE,yBAAyB;IAExC;;;;;;OAMG;IACH,kBAAkB,EAAE,6BAA6B;IAEjD;;;;;;OAMG;IACH,mBAAmB,EAAE,+BAA+B;CAC5C,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAqaH,+EAA+E;AAC/E,MAAM,CAAC,MAAM,mBAAmB,GAAiB,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AAwMzF,oEAAoE;AAEpE,gEAAgE;AAChE,MAAM,CAAC,MAAM,yBAAyB,GAAG,wBAAwB,CAAC;AAElE,yEAAyE;AACzE,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,2BAA2B,CAAC,CAAC;AAEnE;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,oDAAoD;IACpD,oBAAoB,EAAE,gCAAgC;IAEtD,+CAA+C;IAC/C,eAAe,EAAE,2BAA2B;IAE5C,4DAA4D;IAC5D,YAAY,EAAE,wBAAwB;IAEtC,yDAAyD;IACzD,aAAa,EAAE,yBAAyB;IAExC;;;;;;OAMG;IACH,kBAAkB,EAAE,6BAA6B;IAEjD;;;;;;OAMG;IACH,mBAAmB,EAAE,+BAA+B;CAC5C,CAAC"}

package/dist/esm/wallet-connect-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"wallet-connect-client.js","sourceRoot":"","sources":["../../src/wallet-connect-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;;;;;;;;;;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AA+DjE;;;GAGG;AACH,SAAe,UAAU;yDAAC,EACxB,WAAW,EACX,gBAAgB,EAChB,SAAS,EACT,kBAAkB,EAClB,gBAAgB,EAChB,WAAW,GACgB;QAK3B,uDAAuD;QACvD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QAExC,kGAAkG;QAClG,+CAA+C;QAC/C,uDAAuD;QACvD,yDAAyD;QACzD,wCAAwC;QACxC,MAAM,aAAa,GAAG,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAElD,8CAA8C;QAC9C,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,eAAe,CAAC;YAC5D,OAAO,EAAI,gBAAgB;YAC3B,QAAQ,EAAG,UAAU;SACtB,CAAC,CAAC;QAEH,6BAA6B;QAC7B,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC;YAC9D,SAAS,EAAY,SAAS,CAAC,GAAG;YAClC,WAAW,EAAU,gBAAgB;YACrC,kBAAkB,EAAG,kBAAkB;YACvC,OAAO,EAAc,WAAW;SACjC,CAAC,CAAC;QAEH,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC;YACpD,GAAG,EAAI,SAAS;YAChB,IAAI,EAAG,OAA6C;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,kDAAkD;QAClD,MAAM,gBAAgB,GAAG,MAAM,oBAAoB,CAAC,cAAc,CAAC;YACjE,GAAG,EAAE,UAAU;YACf,aAAa;SACd,CAAC,CAAC;QAEH,MAAM,kCAAkC,GAAG,oBAAoB,CAAC,eAAe,CAAC;YAC9E,OAAO,EAAI,gBAAgB;YAC3B,QAAQ,EAAG,4BAA4B;SACxC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,kCAAkC,EAAE;YAClE,IAAI,EAAM,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC;YACvD,MAAM,EAAI,MAAM;YAChB,OAAO,EAAG;gBACR,cAAc,EAAE,kBAAkB;aACnC;YACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAM,CAAC;SACpC,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,KAAK,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,OAAO,GAA0B,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;QAEhE,qFAAqF;QACrF,0FAA0F;QAC1F,MAAM,CAAC,GAAG,CAAC,eAAe,SAAS,EAAE,CAAC,CAAC;QACvC,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9C,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QACxE,kBAAkB,CAAC,YAAY,CAAC,GAAG,CACjC,gBAAgB,EAChB,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAChD,CAAC;QAEF,8EAA8E;QAC9E,gBAAgB,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,eAAe,CAAC;YACpD,OAAO,EAAM,gBAAgB;YAC7B,QAAQ,EAAK,OAAO;YACpB,UAAU,EAAG,OAAO,CAAC,KAAK;SAC3B,CAAC,CAAC;QAEH,yHAAyH;QACzH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvG,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,GAAG,GAAG,MAAM,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI,EAAE,CAAA,CAAC;YAEvC,0DAA0D;YAC1D,MAAM,GAAG,GAAG,MAAM,WAAW,EAAE,CAAC;YAChC,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,eAAe,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC5E,MAAM,gBAAgB,GAAG,CAAC,MAAM,oBAAoB,CAAC,SAAS,CAAC;gBAC7D,GAAG;aACJ,CAAC,CAAoC,CAAC;YAEvC,OAAO;gBACL,cAAc,EAAQ,gBAAgB,CAAC,cAAc;gBACrD,mBAAmB,EAAG,gBAAgB,CAAC,mBAAmB;gBAC1D,YAAY,EAAU,gBAAgB,CAAC,WAAW;aACnD,CAAC;QACJ,CAAC;IACH,CAAC;CAAA;AAED;;;;;GAKG;AACH,SAAS,kCAAkC,CAAC,EAAE,UAAU,EAAE,WAAW,EAA6B;IAChG,MAAM,QAAQ,GAAyB,EAAE,CAAC;IAE1C,qDAAqD;IACrD,QAAQ,CAAC,IAAI,CAAC;QACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;QAC/B,SAAS,EAAG,gBAAgB,CAAC,SAAS;QACtC,MAAM,EAAM,aAAa,CAAC,KAAK;KAChC,CAAC,CAAC;IAEH,0GAA0G;IAC1G,+EAA+E;IAC/E,QAAQ,CAAC,IAAI,CAAC;QACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;QAC/B,SAAS,EAAG,gBAAgB,CAAC,QAAQ;QACrC,MAAM,EAAM,aAAa,CAAC,IAAI;KAC/B,CAAC,CAAC;IAEH,sFAAsF;IACtF,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,OAAO;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,KAAK;iBAChC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,MAAM;gBACT,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,IAAI;iBAC/B,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,QAAQ;gBACX,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,MAAM;iBACjC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,OAAO;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,KAAK;iBAChC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,WAAW;gBACd,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,SAAS;iBACpC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,WAAW;gBACd,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,SAAS;oBACtC,MAAM,EAAM,aAAa,CAAC,SAAS;iBACpC,CAAC,CAAC;gBACH,MAAM;QACV,CAAC;IACH,CAAC;IAED,OAAO;QACL,kBAAkB,EAAG,UAAU;QAC/B,gBAAgB,EAAK,QAAQ;KAC9B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,EAAE,UAAU,EAAE,kCAAkC,EAAE,CAAC"}
+{"version":3,"file":"wallet-connect-client.js","sourceRoot":"","sources":["../../src/wallet-connect-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;;;;;;;;;;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AA4DjE;;;GAGG;AACH,SAAe,UAAU;yDAAC,EACxB,WAAW,EACX,gBAAgB,EAChB,SAAS,EACT,kBAAkB,EAClB,gBAAgB,EAChB,WAAW,GACgB;QAK3B,uDAAuD;QACvD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QAExC,kGAAkG;QAClG,+CAA+C;QAC/C,uDAAuD;QACvD,yDAAyD;QACzD,wCAAwC;QACxC,MAAM,aAAa,GAAG,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAElD,8CAA8C;QAC9C,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,eAAe,CAAC;YAC5D,OAAO,EAAI,gBAAgB;YAC3B,QAAQ,EAAG,UAAU;SACtB,CAAC,CAAC;QAEH,6BAA6B;QAC7B,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC;YAC9D,SAAS,EAAY,SAAS,CAAC,GAAG;YAClC,WAAW,EAAU,gBAAgB;YACrC,kBAAkB,EAAG,kBAAkB;YACvC,OAAO,EAAc,WAAW;SACjC,CAAC,CAAC;QAEH,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC;YACpD,GAAG,EAAI,SAAS;YAChB,IAAI,EAAG,OAA6C;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,kDAAkD;QAClD,MAAM,gBAAgB,GAAG,MAAM,oBAAoB,CAAC,cAAc,CAAC;YACjE,GAAG,EAAE,UAAU;YACf,aAAa;SACd,CAAC,CAAC;QAEH,MAAM,kCAAkC,GAAG,oBAAoB,CAAC,eAAe,CAAC;YAC9E,OAAO,EAAI,gBAAgB;YAC3B,QAAQ,EAAG,4BAA4B;SACxC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,kCAAkC,EAAE;YAClE,IAAI,EAAM,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC;YACvD,MAAM,EAAI,MAAM;YAChB,OAAO,EAAG;gBACR,cAAc,EAAE,kBAAkB;aACnC;YACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAM,CAAC;SACpC,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,KAAK,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,OAAO,GAA0B,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;QAEhE,qFAAqF;QACrF,0FAA0F;QAC1F,MAAM,CAAC,GAAG,CAAC,eAAe,SAAS,EAAE,CAAC,CAAC;QACvC,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9C,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QACxE,kBAAkB,CAAC,YAAY,CAAC,GAAG,CACjC,gBAAgB,EAChB,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAChD,CAAC;QAEF,8EAA8E;QAC9E,gBAAgB,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,eAAe,CAAC;YACpD,OAAO,EAAM,gBAAgB;YAC7B,QAAQ,EAAK,OAAO;YACpB,UAAU,EAAG,OAAO,CAAC,KAAK;SAC3B,CAAC,CAAC;QAEH,yHAAyH;QACzH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvG,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,GAAG,GAAG,MAAM,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI,EAAE,CAAA,CAAC;YAEvC,0DAA0D;YAC1D,MAAM,GAAG,GAAG,MAAM,WAAW,EAAE,CAAC;YAChC,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,eAAe,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAC5E,MAAM,gBAAgB,GAAG,CAAC,MAAM,oBAAoB,CAAC,SAAS,CAAC;gBAC7D,GAAG;aACJ,CAAC,CAAoC,CAAC;YAEvC,OAAO;gBACL,cAAc,EAAQ,gBAAgB,CAAC,cAAc;gBACrD,mBAAmB,EAAG,gBAAgB,CAAC,mBAAmB;gBAC1D,YAAY,EAAU,gBAAgB,CAAC,WAAW;aACnD,CAAC;QACJ,CAAC;IACH,CAAC;CAAA;AAED;;;;;GAKG;AACH,SAAS,kCAAkC,CAAC,EAAE,UAAU,EAAE,WAAW,EAA6B;IAChG,MAAM,QAAQ,GAAyB,EAAE,CAAC;IAE1C,qDAAqD;IACrD,QAAQ,CAAC,IAAI,CAAC;QACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;QAC/B,SAAS,EAAG,gBAAgB,CAAC,SAAS;QACtC,MAAM,EAAM,aAAa,CAAC,KAAK;KAChC,CAAC,CAAC;IAEH,0GAA0G;IAC1G,+EAA+E;IAC/E,QAAQ,CAAC,IAAI,CAAC;QACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;QAC/B,SAAS,EAAG,gBAAgB,CAAC,QAAQ;QACrC,MAAM,EAAM,aAAa,CAAC,IAAI;KAC/B,CAAC,CAAC;IAEH,sFAAsF;IACtF,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,OAAO;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,KAAK;iBAChC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,MAAM;gBACT,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,IAAI;iBAC/B,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,QAAQ;gBACX,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,MAAM;iBACjC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,OAAO;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,KAAK;iBAChC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,WAAW;gBACd,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,OAAO;oBACpC,MAAM,EAAM,aAAa,CAAC,SAAS;iBACpC,CAAC,CAAC;gBACH,MAAM;YACR,KAAK,WAAW;gBACd,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAI,UAAU,CAAC,QAAQ;oBAC/B,SAAS,EAAG,gBAAgB,CAAC,SAAS;oBACtC,MAAM,EAAM,aAAa,CAAC,SAAS;iBACpC,CAAC,CAAC;gBACH,MAAM;QACV,CAAC;IACH,CAAC;IAED,OAAO;QACL,kBAAkB,EAAG,UAAU;QAC/B,gBAAgB,EAAK,QAAQ;KAC9B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,EAAE,UAAU,EAAE,kCAAkC,EAAE,CAAC"}

package/dist/types/auth-manager.d.ts

@@ -6,7 +6,7 @@
  * @module
  */
 import type { HdIdentityVault, PortableIdentity } from '@enbox/agent';
-import type { AuthEvent, AuthEventHandler, AuthManagerOptions, AuthState, DisconnectOptions, HeadlessConnectOptions, IdentityInfo, ImportFromPhraseOptions, ImportFromPortableOptions, LocalConnectOptions, RestoreSessionOptions, ShutdownOptions, WalletConnectOptions } from './types.js';
+import type { AuthEvent, AuthEventHandler, AuthManagerOptions, AuthState, ConnectOptions, DisconnectOptions, HeadlessConnectOptions, IdentityInfo, ImportFromPhraseOptions, ImportFromPortableOptions, LocalConnectOptions, RestoreSessionOptions, ShutdownOptions, WalletConnectOptions } from './types.js';
 import { EnboxUserAgent } from '@enbox/agent';
 import { AuthSession } from './identity-session.js';
 /**
@@ -55,6 +55,7 @@ export declare class AuthManager {
     private _defaultSync?;
     private _defaultDwnEndpoints?;
     private _registration?;
+    private _connectHandler?;
     /**
      * The local DWN server endpoint discovered during `create()`, if any.
      * `undefined` means no local server was found. This is set before any
@@ -75,16 +76,60 @@ export declare class AuthManager {
      */
     static create(options?: AuthManagerOptions): Promise<AuthManager>;
     /**
-     * Create or reconnect a local identity.
+     * Connect to a wallet or create a local session.
      *
-     * On first use, this creates a new vault, agent DID, and user identity.
-     * On subsequent uses, it unlocks the vault and reconnects.
+     * This is the primary entry point for dapps. It routes to the
+     * appropriate flow based on the options:
      *
-     * @param options - Optional overrides for password, sync, DWN endpoints.
+     * **Handler-based connect** (dapps): Delegates credential acquisition
+     * to a {@link ConnectHandler}. Triggered when `protocols` or
+     * `connectHandler` is provided.
+     *
+     * **Local connect** (wallets / CLI): Creates or unlocks a local vault.
+     * Triggered when `password`, `createIdentity`, or `recoveryPhrase`
+     * is provided.
+     *
+     * In both cases, `connect()` first attempts to restore a previous
+     * session. If a valid session exists, it is returned immediately
+     * without any user interaction.
+     *
+     * @example Dapp (browser)
+     * ```ts
+     * import { BrowserConnectHandler } from '@enbox/browser';
+     *
+     * const auth = await AuthManager.create({
+     *   connectHandler: BrowserConnectHandler(),
+     * });
+     * const session = await auth.connect({
+     *   protocols: [NotesProtocol],
+     * });
+     * ```
+     *
+     * @example Wallet / CLI
+     * ```ts
+     * const session = await auth.connect({
+     *   password: userPin,
+     *   createIdentity: true,
+     * });
+     * ```
+     *
+     * @param options - Connection options. The shape determines the flow.
+     * @returns An active AuthSession.
+     * @throws If a connection attempt is already in progress.
+     * @throws If handler-based connect is attempted without a handler.
+     */
+    connect(options?: ConnectOptions): Promise<AuthSession>;
+    /**
+     * Create or reconnect a local identity (explicit local connect).
+     *
+     * Use this when you explicitly want the local vault flow, bypassing
+     * auto-detection. This is the preferred method for wallet apps.
+     *
+     * @param options - Local connect options.
      * @returns An active AuthSession.
      * @throws If a connection attempt is already in progress.
      */
-    connect(options?: LocalConnectOptions): Promise<AuthSession>;
+    connectLocal(options?: LocalConnectOptions): Promise<AuthSession>;
     /**
      * Connect to an external wallet via the Enbox Connect relay protocol.
      *
@@ -249,6 +294,25 @@ export declare class AuthManager {
      * before any event listeners are attached.
      */
     get localDwnEndpoint(): string | undefined;
+    /**
+     * Determine whether the given options indicate a local connect flow.
+     *
+     * Local connect is indicated by the presence of `password`,
+     * `createIdentity`, or `recoveryPhrase` — signals that the caller
+     * is managing its own vault/identity lifecycle. In non-browser
+     * environments, local connect is the fallback.
+     */
+    private _isLocalConnect;
+    /**
+     * Run a handler-based (delegated) connect flow.
+     *
+     * 1. Initialize the vault (agent-only, no identity).
+     * 2. Normalize protocol permission requests.
+     * 3. Delegate to the connect handler for credential acquisition.
+     * 4. Import the delegate DID, process grants, set up sync.
+     * 5. Finalize and return the AuthSession.
+     */
+    private _handlerConnect;
     /**
      * Build a `FlowContext` from the manager's current state.
      *

package/dist/types/auth-manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../src/auth-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAkB,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAItF,OAAO,KAAK,EACV,SAAS,EACT,gBAAgB,EAChB,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,sBAAsB,EACtB,YAAY,EACZ,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,EAEnB,qBAAqB,EACrB,eAAe,EAGf,oBAAoB,EACrB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAG9C,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAUpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAiB;IACnC,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,QAAQ,CAA0B;IAC1C,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,WAAW,CAAS;IAG5B,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,iBAAiB,CAAC,CAAmB;IAC7C,OAAO,CAAC,YAAY,CAAC,CAAa;IAClC,OAAO,CAAC,oBAAoB,CAAC,CAAW;IACxC,OAAO,CAAC,aAAa,CAAC,CAAsB;IAE5C;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB,CAAC,CAAS;IAEnC,OAAO;IAsBP;;;;;;;;;OASG;WACU,MAAM,CAAC,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAmD3E;;;;;;;;;OASG;IACG,OAAO,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIlE;;;;;;;;;;OAUG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIxE;;;;;OAKG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9E;;;;OAIG;IACG,kBAAkB,CAAC,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIlF;;;;;OAKG;IACG,cAAc,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAiBvF;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,eAAe,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,CAAC;IA8D7E,mEAAmE;IACnE,IAAI,OAAO,IAAI,WAAW,GAAG,SAAS,CAErC;IAED;;;;;;;;;;;;OAYG;IACG,IAAI,CAAC,OAAO,GAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAuB7D;;;;;;;OAOG;IACG,UAAU,CAAC,OAAO,GAAE,iBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IA8ChE;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,QAAQ,CAAC,OAAO,GAAE,eAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAsD5D;;;;;OAKG;IACG,cAAc,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;IAS/C;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAuD1D;;;;;;OAMG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4BnD;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM/D,8EAA8E;IAC9E,IAAI,KAAK,IAAI,eAAe,CAE3B;IAID;;;;;;OAMG;IACH,EAAE,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI;IAM3E,8BAA8B;IAC9B,IAAI,KAAK,IAAI,SAAS,CAErB;IAED,wCAAwC;IACxC,IAAI,WAAW,IAAI,OAAO,CAEzB;IAED,6CAA6C;IAC7C,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,mDAAmD;IACnD,IAAI,YAAY,IAAI,OAAO,CAE1B;IAED,0DAA0D;IAC1D,IAAI,KAAK,IAAI,cAAc,CAE1B;IAED;;;;;;OAMG;IACH,IAAI,gBAAgB,IAAI,MAAM,GAAG,SAAS,CAEzC;IAID;;;;;;OAMG;IACH,OAAO,CAAC,YAAY;IAapB;;;;;;OAMG;YACW,YAAY;IAc1B,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,iBAAiB;CAQ1B"}
+{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../src/auth-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAkB,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAItF,OAAO,KAAK,EACV,SAAS,EACT,gBAAgB,EAChB,kBAAkB,EAClB,SAAS,EAET,cAAc,EACd,iBAAiB,EAEjB,sBAAsB,EACtB,YAAY,EACZ,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,EAEnB,qBAAqB,EACrB,eAAe,EAGf,oBAAoB,EACrB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAG9C,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAWpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAiB;IACnC,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,QAAQ,CAA0B;IAC1C,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,WAAW,CAAS;IAG5B,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,iBAAiB,CAAC,CAAmB;IAC7C,OAAO,CAAC,YAAY,CAAC,CAAa;IAClC,OAAO,CAAC,oBAAoB,CAAC,CAAW;IACxC,OAAO,CAAC,aAAa,CAAC,CAAsB;IAC5C,OAAO,CAAC,eAAe,CAAC,CAAiB;IAEzC;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB,CAAC,CAAS;IAEnC,OAAO;IAwBP;;;;;;;;;OASG;WACU,MAAM,CAAC,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAoD3E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA0CG;IACG,OAAO,CAAC,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,WAAW,CAAC;IAe7D;;;;;;;;;OASG;IACG,YAAY,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIvE;;;;;;;;;;OAUG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIxE;;;;;OAKG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9E;;;;OAIG;IACG,kBAAkB,CAAC,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,WAAW,CAAC;IAIlF;;;;;OAKG;IACG,cAAc,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAiBvF;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,eAAe,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,CAAC;IA8D7E,mEAAmE;IACnE,IAAI,OAAO,IAAI,WAAW,GAAG,SAAS,CAErC;IAED;;;;;;;;;;;;OAYG;IACG,IAAI,CAAC,OAAO,GAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAuB7D;;;;;;;OAOG;IACG,UAAU,CAAC,OAAO,GAAE,iBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IA8ChE;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,QAAQ,CAAC,OAAO,GAAE,eAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAsD5D;;;;;OAKG;IACG,cAAc,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;IAS/C;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAuD1D;;;;;;OAMG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4BnD;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM/D,8EAA8E;IAC9E,IAAI,KAAK,IAAI,eAAe,CAE3B;IAID;;;;;;OAMG;IACH,EAAE,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI;IAM3E,8BAA8B;IAC9B,IAAI,KAAK,IAAI,SAAS,CAErB;IAED,wCAAwC;IACxC,IAAI,WAAW,IAAI,OAAO,CAEzB;IAED,6CAA6C;IAC7C,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,mDAAmD;IACnD,IAAI,YAAY,IAAI,OAAO,CAE1B;IAED,0DAA0D;IAC1D,IAAI,KAAK,IAAI,cAAc,CAE1B;IAED;;;;;;OAMG;IACH,IAAI,gBAAgB,IAAI,MAAM,GAAG,SAAS,CAEzC;IAID;;;;;;;OAOG;IACH,OAAO,CAAC,eAAe;IA0BvB;;;;;;;;OAQG;YACW,eAAe;IAoD7B;;;;;;OAMG;IACH,OAAO,CAAC,YAAY;IAapB;;;;;;OAMG;YACW,YAAY;IAc1B,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,iBAAiB;CAQ1B"}

package/dist/types/connect/lifecycle.d.ts

@@ -13,7 +13,8 @@
  * @module
  * @internal
  */
-import type { BearerIdentity, EnboxUserAgent } from '@enbox/agent';
+import type { PortableDid } from '@enbox/dids';
+import type { BearerIdentity, DwnDataEncodedRecordsWriteMessage, EnboxUserAgent } from '@enbox/agent';
 import type { AuthEventEmitter } from '../events.js';
 import type { PasswordProvider } from '../password-provider.js';
 import type { RegistrationOptions, StorageAdapter, SyncOption } from '../types.js';
@@ -118,6 +119,52 @@ export declare function resolveIdentityDids(identity: BearerIdentity, storedDele
     connectedDid: string;
     delegateDid: string | undefined;
 };
+/**
+ * Process connected grants by storing them in the local DWN as the owner.
+ *
+ * This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
+ * It stores each grant, signed as owner, and returns the deduplicated
+ * list of protocol URIs represented by the grants.
+ *
+ * @internal
+ */
+export declare function processConnectedGrants(params: {
+    agent: EnboxUserAgent;
+    delegateDid: string;
+    grants: DwnDataEncodedRecordsWriteMessage[];
+}): Promise<string[]>;
+/**
+ * Import a delegated DID, process its grants, register sync, and pull.
+ *
+ * This is the shared post-connect lifecycle used by both the DWeb Connect
+ * and relay WalletConnect flows. On failure, the imported identity is
+ * cleaned up before re-throwing.
+ *
+ * @internal
+ */
+export declare function importDelegateAndSetupSync(params: {
+    userAgent: EnboxUserAgent;
+    delegatePortableDid: PortableDid;
+    connectedDid: string;
+    delegateGrants: DwnDataEncodedRecordsWriteMessage[];
+    flowName: string;
+}): Promise<BearerIdentity>;
+/**
+ * Build an `AuthSession` for a delegated connect flow (DWeb Connect or
+ * relay WalletConnect). Starts sync and persists delegate/connected DID
+ * markers.
+ *
+ * @internal
+ */
+export declare function finalizeDelegateSession(params: {
+    userAgent: EnboxUserAgent;
+    emitter: AuthEventEmitter;
+    storage: StorageAdapter;
+    identity: BearerIdentity;
+    connectedDid: string;
+    delegateDid: string;
+    sync: SyncOption | undefined;
+}): Promise<AuthSession>;
 /**
  * Persist session markers, build an `AuthSession`, and emit lifecycle events.
  *
@@ -144,7 +191,7 @@ export declare function finalizeSession(params: {
     connectedDid: string;
     delegateDid?: string;
     recoveryPhrase?: string;
-    identityName: string;
+    identityName?: string;
     identityConnectedDid?: string;
     emitIdentityAdded?: boolean;
     extraStorageKeys?: Record<string, string>;

package/dist/types/connect/lifecycle.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lifecycle.d.ts","sourceRoot":"","sources":["../../../src/connect/lifecycle.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,KAAK,EAAgB,mBAAmB,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEjG,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAKrD;;;;;;;;;GASG;AACH,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,CAAC,EAAE,mBAAmB,CAAC;CACpC;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,IAAI,CAAC,WAAW,EAAE,iBAAiB,GAAG,kBAAkB,CAAC,EAC9D,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,aAAa,EAAE,OAAO,GACrB,OAAO,CAAC,MAAM,CAAC,CAwBjB;AAID;;;;;;;;;;;;;GAaG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAgB9B;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,cAAc,EACzB,IAAI,EAAE,UAAU,GAAG,SAAS,GAC3B,IAAI,CAYN;AAID;;;;;;;;GAQG;AACH,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,cAAc,EACzB,YAAY,GAAE,MAAM,EAA0B,EAC9C,IAAI,SAAY,GACf,OAAO,CAAC,cAAc,CAAC,CA0BzB;AAID;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,cAAc,EACxB,iBAAiB,CAAC,EAAE,MAAM,GACzB;IACD,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,SAAS,CAAC;CACjC,CAMA;AAID;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,eAAe,CAAC,MAAM,EAAE;IAC5C,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C,GAAG,OAAO,CAAC,WAAW,CAAC,CA+CvB"}
+{"version":3,"file":"lifecycle.d.ts","sourceRoot":"","sources":["../../../src/connect/lifecycle.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,iCAAiC,EAAyD,cAAc,EAAE,MAAM,cAAc,CAAC;AAE7J,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,KAAK,EAAgB,mBAAmB,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAKjG,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAKrD;;;;;;;;;GASG;AACH,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,CAAC,EAAE,mBAAmB,CAAC;CACpC;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,IAAI,CAAC,WAAW,EAAE,iBAAiB,GAAG,kBAAkB,CAAC,EAC9D,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,aAAa,EAAE,OAAO,GACrB,OAAO,CAAC,MAAM,CAAC,CAwBjB;AAID;;;;;;;;;;;;;GAaG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAgB9B;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,cAAc,EACzB,IAAI,EAAE,UAAU,GAAG,SAAS,GAC3B,IAAI,CAYN;AAID;;;;;;;;GAQG;AACH,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,cAAc,EACzB,YAAY,GAAE,MAAM,EAA0B,EAC9C,IAAI,SAAY,GACf,OAAO,CAAC,cAAc,CAAC,CA0BzB;AAID;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,cAAc,EACxB,iBAAiB,CAAC,EAAE,MAAM,GACzB;IACD,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,SAAS,CAAC;CACjC,CAMA;AAID;;;;;;;;GAQG;AACH,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,KAAK,EAAE,cAAc,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,iCAAiC,EAAE,CAAC;CAC7C,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAmCpB;AAID;;;;;;;;GAQG;AACH,wBAAsB,0BAA0B,CAAC,MAAM,EAAE;IACvD,SAAS,EAAE,cAAc,CAAC;IAC1B,mBAAmB,EAAE,WAAW,CAAC;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,iCAAiC,EAAE,CAAC;IACpD,QAAQ,EAAE,MAAM,CAAC;CAClB,GAAG,OAAO,CAAC,cAAc,CAAC,CAoD1B;AAID;;;;;;GAMG;AACH,wBAAsB,uBAAuB,CAAC,MAAM,EAAE;IACpD,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,QAAQ,EAAE,cAAc,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,UAAU,GAAG,SAAS,CAAC;CAC9B,GAAG,OAAO,CAAC,WAAW,CAAC,CAkBvB;AAID;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,eAAe,CAAC,MAAM,EAAE;IAC5C,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C,GAAG,OAAO,CAAC,WAAW,CAAC,CAiDvB"}

package/dist/types/connect/local.d.ts

@@ -11,8 +11,13 @@ import type { LocalConnectOptions } from '../types.js';
 /**
  * Execute the local connect flow.
  *
- * - On first launch: initializes the vault, creates a new DID, returns recovery phrase.
+ * - On first launch: initializes the vault. Identity creation is opt-in via
+ *   `options.createIdentity: true`.
  * - On subsequent launches: unlocks the vault and reconnects to the existing identity.
+ *
+ * When no identities exist and `createIdentity` is not `true`, the session
+ * is returned with the **agent DID** as the connected DID. This allows apps to
+ * manage identity creation separately from vault setup.
  */
 export declare function localConnect(ctx: FlowContext, options?: LocalConnectOptions): Promise<AuthSession>;
 //# sourceMappingURL=local.d.ts.map

package/dist/types/connect/local.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"local.d.ts","sourceRoot":"","sources":["../../../src/connect/local.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAOvD;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,WAAW,EAChB,OAAO,GAAE,mBAAwB,GAChC,OAAO,CAAC,WAAW,CAAC,CA0EtB"}
+{"version":3,"file":"local.d.ts","sourceRoot":"","sources":["../../../src/connect/local.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAOvD;;;;;;;;;;GAUG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,WAAW,EAChB,OAAO,GAAE,mBAAwB,GAChC,OAAO,CAAC,WAAW,CAAC,CAoFtB"}

package/dist/types/connect/restore.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"restore.d.ts","sourceRoot":"","sources":["../../../src/connect/restore.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAMzD;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,GAAG,EAAE,WAAW,EAChB,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,CA2FlC"}
+{"version":3,"file":"restore.d.ts","sourceRoot":"","sources":["../../../src/connect/restore.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAMzD;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,GAAG,EAAE,WAAW,EAChB,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,CA2GlC"}

package/dist/types/connect/wallet.d.ts

@@ -6,24 +6,10 @@
  * This replaces the "Mode B/C" paths in Enbox.connect().
  * @module
  */
-import type { DwnDataEncodedRecordsWriteMessage, EnboxUserAgent } from '@enbox/agent';
 import type { AuthSession } from '../identity-session.js';
 import type { FlowContext } from './lifecycle.js';
 import type { WalletConnectOptions } from '../types.js';
-/**
- * Process connected grants by storing them in the local DWN as the owner.
- *
- * This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
- * It stores each grant, signed as owner, and returns the deduplicated
- * list of protocol URIs represented by the grants.
- *
- * @internal
- */
-export declare function processConnectedGrants(params: {
-    agent: EnboxUserAgent;
-    delegateDid: string;
-    grants: DwnDataEncodedRecordsWriteMessage[];
-}): Promise<string[]>;
+export { processConnectedGrants } from './lifecycle.js';
 /**
  * Execute the wallet connect flow.
  *

package/dist/types/connect/wallet.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"wallet.d.ts","sourceRoot":"","sources":["../../../src/connect/wallet.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,iCAAiC,EAAyD,cAAc,EAAE,MAAM,cAAc,CAAC;AAE7I,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AASxD;;;;;;;;GAQG;AACH,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,KAAK,EAAE,cAAc,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,iCAAiC,EAAE,CAAC;CAC7C,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAmCpB;AAED;;;;;;GAMG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,WAAW,EAChB,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC,WAAW,CAAC,CA8HtB"}
+{"version":3,"file":"wallet.d.ts","sourceRoot":"","sources":["../../../src/connect/wallet.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAQxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAExD;;;;;;GAMG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,WAAW,EAChB,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC,WAAW,CAAC,CAyDtB"}