npm - @eos3/connect - Versions diffs - 0.1.0 - Mend

@eos3/connect 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,1386 @@
+import { ABI, PrivateKey, Serializer, Transaction } from '@wharfkit/antelope';
+export class EosConnectError extends Error {
+    code;
+    rawMessage;
+    retryable;
+    constructor(code, message, options = {}) {
+        super(message);
+        this.name = 'EosConnectError';
+        this.code = code;
+        this.rawMessage = options.rawMessage ?? message;
+        this.retryable = options.retryable ?? false;
+        if (options.cause !== undefined) {
+            this.cause = options.cause;
+        }
+    }
+}
+export function isEosConnectError(error) {
+    return error instanceof EosConnectError;
+}
+const defaultWalletSetupEnv = {
+    hasTelegramSession: true,
+    canStorePayKey: true
+};
+export const EOS_CONNECT_PRIVATE_KEY_STORAGE = 'tg_eos_wallet_pay_key_v1';
+export const EOS_CONNECT_DEFAULT_API_BASE_URL = 'https://eospasskey.aiexsat.com';
+export const EOS_CONNECT_NETWORKS = {
+    testnet: {
+        id: 'testnet',
+        name: 'Jungle4 Testnet',
+        apiBaseUrl: 'https://eospasskey.aiexsat.com',
+        chainId: '73e4385a2708e6d7048834fbc1079f2fabb17b3c125b146af438971e90716c4d',
+        rpcUrls: [
+            'https://jungle4.cryptolions.io:443',
+            'http://jungle4.cryptolions.io:80',
+            'https://15.204.22.80:443',
+            'https://jungle4.eosphere.io:443',
+            'https://jungle4.api.eosnation.io:443',
+            'https://104.37.219.148:443'
+        ],
+        balanceAsset: {
+            tokenContract: 'core.vaulta',
+            symbol: 'A',
+            precision: 4
+        }
+    },
+    mainnet: {
+        id: 'mainnet',
+        name: 'EOS Mainnet',
+        apiBaseUrl: 'https://eospasskey.aiexsat.com',
+        chainId: 'aca376f206b8fc25a6ed44dbdc66547c36c6c33e3a119ffbeaef943642f0e906',
+        rpcUrls: [
+            'https://eos.eoseyes.com',
+            'https://api.eossupport.io',
+            'https://vaulta-hyperion.eosphere.io',
+            'https://eos.eosusa.io',
+            'https://eos.greymass.com'
+        ],
+        balanceAsset: {
+            tokenContract: 'core.vaulta',
+            symbol: 'A',
+            precision: 4
+        }
+    }
+};
+const SECURE_KEY_VERSION = 1;
+const TELEGRAM_MOBILE_REQUIRED = 'Open this wallet in the Telegram mobile app to use secure biometric key storage.';
+const providers = [
+    {
+        id: 'telegram',
+        name: 'Telegram secure binding',
+        state: 'available',
+        description: 'Create or connect an EOS wallet through Telegram SecureStorage and passkeys.'
+    },
+    {
+        id: 'tokenpocket',
+        name: 'TokenPocket',
+        state: 'available',
+        description: 'Open TokenPocket and bind an existing EOS wallet to Telegram payments.'
+    },
+    {
+        id: 'anchor',
+        name: 'Anchor',
+        state: 'coming_soon',
+        description: 'Anchor connection is reserved for a later wallet adapter.'
+    }
+];
+const idleState = {
+    status: 'idle',
+    provider: null,
+    account: null,
+    balance: null,
+    bindId: null,
+    bindUrl: null,
+    error: null
+};
+function normalizeBaseUrl(apiBaseUrl) {
+    return apiBaseUrl.replace(/\/+$/, '');
+}
+function providerDisplayName(provider) {
+    return providers.find((item) => item.id === provider)?.name ?? provider;
+}
+function titleCase(value) {
+    if (!value)
+        return value;
+    return value.slice(0, 1).toUpperCase() + value.slice(1);
+}
+function telegramDeviceLabel(app) {
+    const platform = app?.platform ? titleCase(app.platform) : '';
+    const version = app?.version ?? '';
+    return ['Telegram', platform, version].filter(Boolean).join(' ') || 'Telegram device';
+}
+export function eosConnectTelegramPayStorageDiagnostics(app) {
+    const hasInitData = Boolean(app.initData);
+    const hasSecureStorage = Boolean(app.SecureStorage);
+    const hasSecureSet = typeof app.SecureStorage?.setItem === 'function';
+    const hasSecureGet = typeof app.SecureStorage?.getItem === 'function';
+    const hasBiometricAuth = typeof app.BiometricManager?.authenticate === 'function';
+    const hasBiometricAccess = Boolean(app.BiometricManager?.isAccessGranted) ||
+        typeof app.BiometricManager?.requestAccess === 'function';
+    const hasAvailableBiometrics = app.BiometricManager?.isBiometricAvailable !== false;
+    const biometricAvailableDetail = app.BiometricManager?.isBiometricAvailable === true
+        ? 'true'
+        : app.BiometricManager?.isBiometricAvailable === false
+            ? 'false'
+            : '未返回';
+    const hasBiometricToken = typeof app.BiometricManager?.updateBiometricToken === 'function';
+    const hasBiometricSettings = typeof app.BiometricManager?.openSettings === 'function';
+    return [
+        {
+            label: 'Telegram 平台',
+            ok: true,
+            detail: `${app.platform ?? '未知平台'} · ${app.version ?? '未知版本'}`
+        },
+        {
+            label: 'Telegram 会话',
+            ok: hasInitData,
+            detail: hasInitData ? 'initData 已存在' : '缺少 initData'
+        },
+        {
+            label: 'SecureStorage',
+            ok: hasSecureStorage,
+            detail: hasSecureStorage ? '有' : '没有'
+        },
+        {
+            label: 'SecureStorage.setItem',
+            ok: hasSecureSet,
+            detail: hasSecureSet ? '有' : '没有'
+        },
+        {
+            label: 'SecureStorage.getItem',
+            ok: hasSecureGet,
+            detail: hasSecureGet ? '有' : '没有'
+        },
+        {
+            label: '生物识别解锁',
+            ok: hasBiometricAuth,
+            detail: hasBiometricAuth ? 'authenticate 可用' : '缺少 BiometricManager.authenticate'
+        },
+        {
+            label: 'isBiometricAvailable',
+            ok: hasAvailableBiometrics,
+            detail: biometricAvailableDetail
+        },
+        {
+            label: '生物识别授权',
+            ok: hasBiometricAccess,
+            detail: hasBiometricAccess ? '已授权或可请求授权' : '缺少 BiometricManager.requestAccess'
+        },
+        {
+            label: '生物识别令牌保存',
+            ok: hasBiometricToken,
+            detail: hasBiometricToken
+                ? 'updateBiometricToken 可用'
+                : '缺少 BiometricManager.updateBiometricToken'
+        },
+        {
+            label: 'BiometricManager.openSettings',
+            ok: true,
+            detail: hasBiometricSettings ? '有' : '没有'
+        }
+    ];
+}
+export function supportsEosConnectTelegramPayStorage(app) {
+    return eosConnectTelegramPayStorageDiagnostics(app).every((item) => item.ok);
+}
+export async function initEosConnectTelegramBiometricManager(app, timeoutMs = 5000) {
+    const biometric = app.BiometricManager;
+    if (typeof biometric?.init !== 'function') {
+        return false;
+    }
+    if (biometric.isInited) {
+        return true;
+    }
+    await new Promise((resolve) => {
+        let settled = false;
+        const finish = () => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timer);
+            resolve();
+        };
+        const timer = setTimeout(finish, timeoutMs);
+        biometric.init(finish);
+    });
+    return Boolean(biometric.isInited);
+}
+export async function openEosConnectTelegramBiometricSettings(app) {
+    const biometric = app.BiometricManager;
+    if (typeof biometric?.openSettings !== 'function') {
+        return {
+            opened: false,
+            message: '当前 Telegram 不支持打开生物识别设置。请确认 Telegram 已更新到支持 BiometricManager.openSettings 的版本。'
+        };
+    }
+    try {
+        await initEosConnectTelegramBiometricManager(app);
+        if (biometric.isBiometricAvailable === false) {
+            return {
+                opened: false,
+                message: 'Telegram 返回 isBiometricAvailable=false，无法打开生物识别授权设置。请先在 Android 系统和 Telegram 中开启指纹、密码锁或本机锁屏。'
+            };
+        }
+        biometric.openSettings();
+        return {
+            opened: true,
+            message: '已请求打开 Telegram 生物识别设置。返回后请重新点击“刷新”。'
+        };
+    }
+    catch (error) {
+        return {
+            opened: false,
+            message: `打开 Telegram 生物识别设置失败：${error instanceof Error ? error.message : '操作失败'}`
+        };
+    }
+}
+export function eosConnectWalletSetupState(wallet, env = defaultWalletSetupEnv) {
+    const setupEnv = {
+        ...defaultWalletSetupEnv,
+        ...env
+    };
+    if (!setupEnv.hasTelegramSession) {
+        return {
+            status: 'missing_telegram_session',
+            action: 'none',
+            account: null,
+            hasWallet: false,
+            bindId: null,
+            bindUrl: null,
+            isRecoverable: false,
+            showAction: false,
+            reason: 'Telegram initData is missing'
+        };
+    }
+    if (!setupEnv.canStorePayKey) {
+        return {
+            status: 'secure_storage_unavailable',
+            action: 'none',
+            account: null,
+            hasWallet: Boolean(wallet.hasWallet),
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            isRecoverable: false,
+            showAction: false,
+            reason: TELEGRAM_MOBILE_REQUIRED
+        };
+    }
+    if (wallet.status === 'account_created_waiting_tgpay' && wallet.pendingAccount) {
+        return {
+            status: 'pending_tgpay',
+            action: 'continue',
+            account: wallet.pendingAccount,
+            hasWallet: Boolean(wallet.hasWallet),
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            isRecoverable: true,
+            showAction: true,
+            reason: null
+        };
+    }
+    if (wallet.status === 'pay_binding_invalid' && wallet.eosAccount) {
+        return {
+            status: 'pay_binding_invalid',
+            action: 'rebind',
+            account: wallet.eosAccount,
+            hasWallet: true,
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            isRecoverable: false,
+            showAction: true,
+            reason: wallet.bindingError ?? null
+        };
+    }
+    if (wallet.hasWallet && wallet.eosAccount) {
+        return {
+            status: 'ready',
+            action: 'transfer',
+            account: wallet.eosAccount,
+            hasWallet: true,
+            bindId: null,
+            bindUrl: null,
+            isRecoverable: false,
+            showAction: false,
+            reason: null
+        };
+    }
+    return {
+        status: 'not_connected',
+        action: 'create',
+        account: null,
+        hasWallet: false,
+        bindId: wallet.bindId ?? null,
+        bindUrl: wallet.bindUrl ?? null,
+        isRecoverable: false,
+        showAction: true,
+        reason: wallet.bindingError ?? null
+    };
+}
+function openExternalUrl(url, options) {
+    if (options.openExternal) {
+        options.openExternal(url);
+        return;
+    }
+    if (!url.startsWith('tpdapp://') && options.telegramWebApp?.openLink) {
+        options.telegramWebApp.openLink(url);
+        return;
+    }
+    globalThis.location?.assign(url);
+}
+function escapeConfirmHtml(value) {
+    return String(value ?? '')
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;');
+}
+function paymentFromSummary(summary) {
+    return {
+        to: summary.to,
+        tokenContract: summary.tokenContract,
+        quantity: summary.quantity,
+        memo: summary.memo
+    };
+}
+function paymentsFromTransaction(transaction) {
+    const actions = Array.isArray(transaction.actions) ? transaction.actions : [];
+    for (const action of actions) {
+        if (!action || typeof action !== 'object')
+            continue;
+        const data = action.data;
+        if (!data || typeof data !== 'object')
+            continue;
+        const rawPayments = data.payments;
+        if (!Array.isArray(rawPayments))
+            continue;
+        return rawPayments
+            .map((payment) => {
+            if (!payment || typeof payment !== 'object')
+                return null;
+            const item = payment;
+            return {
+                to: String(item.to ?? ''),
+                tokenContract: String(item.tokenContract ?? item.token_contract ?? ''),
+                quantity: String(item.quantity ?? ''),
+                memo: String(item.memo ?? '')
+            };
+        })
+            .filter((payment) => Boolean(payment?.to && payment.quantity));
+    }
+    return [];
+}
+function paymentDetailsFromBuiltTransfer(built) {
+    const transactionPayments = paymentsFromTransaction(built.transaction);
+    const payments = built.payments?.length
+        ? built.payments
+        : transactionPayments.length
+            ? transactionPayments
+            : [paymentFromSummary(built.summary)];
+    const primary = payments[0] ?? paymentFromSummary(built.summary);
+    return {
+        intentId: built.intentId,
+        chainId: built.chainId,
+        from: built.summary.from,
+        to: primary.to,
+        tokenContract: primary.tokenContract,
+        quantity: primary.quantity,
+        memo: primary.memo,
+        payments
+    };
+}
+export function normalizeEosConnectError(error) {
+    if (isEosConnectError(error)) {
+        return error;
+    }
+    const rawMessage = rawErrorMessage(error);
+    const normalized = rawMessage.toLowerCase();
+    if (normalized.includes('daily limit exceeded')) {
+        return new EosConnectError('DAILY_LIMIT_EXCEEDED', '今日支付额度已用完，请明天再试或提高每日额度。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('per-transfer limit exceeded') ||
+        normalized.includes('per transfer limit exceeded') ||
+        normalized.includes('per_tx_limit') ||
+        normalized.includes('single transfer limit')) {
+        return new EosConnectError('PER_TX_LIMIT_EXCEEDED', '本次支付超过单笔额度，请降低金额或提高单笔额度。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('total budget exceeded')) {
+        return new EosConnectError('TOTAL_BUDGET_EXCEEDED', '该权限的总预算已用完，请调整总预算后再试。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('overdrawn balance') ||
+        normalized.includes('insufficient balance') ||
+        normalized.includes('balance is insufficient')) {
+        return new EosConnectError('INSUFFICIENT_BALANCE', '余额不足，请充值后再试。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('ram usage') ||
+        normalized.includes('billed ram') ||
+        normalized.includes('insufficient ram') ||
+        normalized.includes('current ram usage limit')) {
+        return new EosConnectError('RAM_INSUFFICIENT', '账号 RAM 不足，请补充 RAM 后再试。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('bot permission is inactive') ||
+        normalized.includes('permission does not match bot authorization') ||
+        normalized.includes('paylimit code authority is missing') ||
+        normalized.includes('missing from transfer permission') ||
+        normalized.includes('transaction declares authority') ||
+        normalized.includes('missing authority')) {
+        return new EosConnectError('PAYMENT_PERMISSION_MISSING', '快捷支付权限未绑定或已失效，请重新绑定后再试。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('not signed in') ||
+        normalized.includes('invalid session') ||
+        normalized.includes('session user not found') ||
+        normalized.includes('telegram initdata is missing') ||
+        normalized.includes('telegram session not found')) {
+        return new EosConnectError('SESSION_EXPIRED', '登录状态已失效，请重新打开小程序或重新登录。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('notallowederror') ||
+        normalized.includes('aborterror') ||
+        normalized.includes('payment confirmation was cancelled') ||
+        normalized.includes('biometric authentication failed') ||
+        normalized.includes('user cancelled')) {
+        return new EosConnectError('SIGNATURE_REJECTED', '已取消签名确认，支付未提交。', {
+            rawMessage,
+            cause: error
+        });
+    }
+    if (normalized.includes('failed to fetch') ||
+        normalized.includes('network') ||
+        normalized.includes('all eos rpc nodes failed') ||
+        normalized.includes('eos rpc') ||
+        normalized.includes('timeout')) {
+        return new EosConnectError('NETWORK_ERROR', '网络连接失败，请稍后重试。', {
+            rawMessage,
+            retryable: true,
+            cause: error
+        });
+    }
+    return new EosConnectError('UNKNOWN_CHAIN_ERROR', '支付失败，请稍后重试或联系服务方。', {
+        rawMessage,
+        cause: error
+    });
+}
+function rawErrorMessage(error) {
+    if (error instanceof Error) {
+        return error.message;
+    }
+    if (typeof error === 'string') {
+        return error;
+    }
+    if (error && typeof error === 'object') {
+        const maybeError = error;
+        if (typeof maybeError.error === 'string') {
+            return maybeError.error;
+        }
+        if (typeof maybeError.message === 'string') {
+            return maybeError.message;
+        }
+    }
+    return 'EOS Connect request failed';
+}
+function ensurePaymentConfirmStyle(documentRef) {
+    if (documentRef.querySelector('[data-eos-connect-payment-confirm-style]'))
+        return;
+    const style = documentRef.createElement('style');
+    style.dataset.eosConnectPaymentConfirmStyle = 'true';
+    style.textContent = `
+    .eos-connect-payment-confirm-backdrop {
+      position: fixed;
+      inset: 0;
+      z-index: 2147483647;
+      display: flex;
+      align-items: flex-end;
+      justify-content: center;
+      background: rgba(17, 24, 39, 0.42);
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
+      animation: eosConnectPaymentBackdropIn 180ms ease-out both;
+    }
+    .eos-connect-payment-confirm-sheet {
+      width: min(100%, 520px);
+      max-height: calc(100vh - 32px);
+      overflow: auto;
+      box-sizing: border-box;
+      border-radius: 24px 24px 0 0;
+      background: #fff;
+      padding: 28px 24px max(24px, env(safe-area-inset-bottom));
+      color: #1f2937;
+      box-shadow: 0 -18px 50px rgba(15, 23, 42, 0.16);
+      animation: eosConnectPaymentSheetIn 220ms cubic-bezier(0.2, 0.8, 0.2, 1) both;
+    }
+    .eos-connect-payment-confirm-header {
+      display: grid;
+      grid-template-columns: 44px 1fr 44px;
+      align-items: center;
+      margin-bottom: 24px;
+    }
+    .eos-connect-payment-confirm-header h2 {
+      margin: 0;
+      text-align: center;
+      font-size: 22px;
+      line-height: 1.2;
+      font-weight: 700;
+    }
+    .eos-connect-payment-confirm-close {
+      width: 44px;
+      height: 44px;
+      border: 0;
+      border-radius: 50%;
+      background: #f3f4f6;
+      color: #111827;
+      font-size: 30px;
+      line-height: 1;
+    }
+    .eos-connect-payment-confirm-amount {
+      margin: 0 0 24px;
+      border-radius: 12px;
+      background: #f5f6fa;
+      padding: 24px 12px;
+      text-align: center;
+      font-size: 24px;
+      line-height: 1.2;
+      font-weight: 700;
+    }
+    .eos-connect-payment-confirm-row {
+      display: grid;
+      grid-template-columns: minmax(72px, 0.42fr) minmax(0, 1fr);
+      gap: 18px;
+      padding: 18px 0;
+      border-bottom: 1px solid #eef0f4;
+      font-size: 17px;
+      line-height: 1.35;
+    }
+    .eos-connect-payment-confirm-row span {
+      color: #9ca3af;
+    }
+    .eos-connect-payment-confirm-row strong {
+      min-width: 0;
+      overflow-wrap: anywhere;
+      font-weight: 650;
+      color: #1f2937;
+    }
+    .eos-connect-payment-confirm-action {
+      width: 100%;
+      min-height: 56px;
+      margin-top: 34px;
+      border: 0;
+      border-radius: 14px;
+      background: #2f80ed;
+      color: #fff;
+      font-size: 19px;
+      font-weight: 700;
+    }
+    @keyframes eosConnectPaymentBackdropIn {
+      from {
+        opacity: 0;
+      }
+      to {
+        opacity: 1;
+      }
+    }
+    @keyframes eosConnectPaymentSheetIn {
+      from {
+        opacity: 0;
+        transform: translateY(28px);
+      }
+      to {
+        opacity: 1;
+        transform: translateY(0);
+      }
+    }
+  `;
+    documentRef.head.appendChild(style);
+}
+function defaultConfirmPayment(details) {
+    const documentRef = globalThis.document;
+    if (!documentRef?.body)
+        return Promise.resolve(true);
+    ensurePaymentConfirmStyle(documentRef);
+    const backdrop = documentRef.createElement('div');
+    backdrop.className = 'eos-connect-payment-confirm-backdrop';
+    backdrop.setAttribute('role', 'presentation');
+    const serviceRows = details.payments
+        .slice(1)
+        .map((payment) => `
+        <div class="eos-connect-payment-confirm-row">
+          <span>Gas</span>
+          <strong>${escapeConfirmHtml(payment.quantity)}</strong>
+        </div>
+      `)
+        .join('');
+    backdrop.innerHTML = `
+    <section class="eos-connect-payment-confirm-sheet" role="dialog" aria-modal="true" aria-labelledby="eos-connect-payment-confirm-title">
+      <header class="eos-connect-payment-confirm-header">
+        <span></span>
+        <h2 id="eos-connect-payment-confirm-title">交易详情</h2>
+        <button type="button" class="eos-connect-payment-confirm-close" aria-label="关闭">×</button>
+      </header>
+      <div class="eos-connect-payment-confirm-amount">-${escapeConfirmHtml(details.quantity)}</div>
+      <div class="eos-connect-payment-confirm-row">
+        <span>收款地址</span>
+        <strong>${escapeConfirmHtml(details.to)}</strong>
+      </div>
+      <div class="eos-connect-payment-confirm-row">
+        <span>备注</span>
+        <strong>${escapeConfirmHtml(details.memo || '-')}</strong>
+      </div>
+      ${serviceRows}
+      <button type="button" class="eos-connect-payment-confirm-action">确定</button>
+    </section>
+  `;
+    return new Promise((resolve) => {
+        let settled = false;
+        const finish = (confirmed) => {
+            if (settled)
+                return;
+            settled = true;
+            backdrop.remove();
+            resolve(confirmed);
+        };
+        backdrop.querySelector('.eos-connect-payment-confirm-action')?.addEventListener('click', () => finish(true));
+        backdrop.querySelector('.eos-connect-payment-confirm-close')?.addEventListener('click', () => finish(false));
+        backdrop.addEventListener('click', (event) => {
+            if (event.target === backdrop)
+                finish(false);
+        });
+        documentRef.body.appendChild(backdrop);
+    });
+}
+function balanceQuery(asset) {
+    if (!asset)
+        return '';
+    const params = new URLSearchParams({
+        balanceTokenContract: asset.tokenContract,
+        balanceSymbol: asset.symbol
+    });
+    if (typeof asset.precision === 'number') {
+        params.set('balancePrecision', String(asset.precision));
+    }
+    return `?${params.toString()}`;
+}
+function parseRpcUrls(raw) {
+    const values = typeof raw === 'string' ? raw.split(',') : raw ?? [];
+    const seen = new Set();
+    const urls = [];
+    for (const item of values) {
+        const value = item.trim().replace(/\/+$/, '');
+        if (value && !seen.has(value)) {
+            seen.add(value);
+            urls.push(value);
+        }
+    }
+    return urls;
+}
+export function tokenPocketDappUrl(url) {
+    return `tpdapp://open?params=${encodeURIComponent(JSON.stringify({
+        url,
+        chain: 'EOS',
+        source: 'eospasskey'
+    }))}`;
+}
+export async function generateEosConnectPaymentKey() {
+    const privateKey = PrivateKey.generate('K1');
+    return {
+        privateKey: privateKey.toString(),
+        publicKey: privateKey.toPublic().toString()
+    };
+}
+export async function publicKeyFromEosPrivateKey(privateKey) {
+    return PrivateKey.fromString(privateKey).toPublic().toString();
+}
+function base64UrlEncode(bytes) {
+    const binary = String.fromCharCode(...bytes);
+    return btoa(binary).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
+}
+function base64UrlDecode(value) {
+    const base64 = value.replace(/-/g, '+').replace(/_/g, '/');
+    const padded = base64.padEnd(Math.ceil(base64.length / 4) * 4, '=');
+    return Uint8Array.from(atob(padded), (char) => char.charCodeAt(0));
+}
+function arrayBuffer(bytes) {
+    const copy = new Uint8Array(bytes.byteLength);
+    copy.set(bytes);
+    return copy.buffer;
+}
+function randomBase64Url(byteLength) {
+    const bytes = new Uint8Array(byteLength);
+    crypto.getRandomValues(bytes);
+    return base64UrlEncode(bytes);
+}
+function requireSecureTelegramStorage(app) {
+    if (!app?.SecureStorage || !app.BiometricManager?.updateBiometricToken) {
+        throw new Error(TELEGRAM_MOBILE_REQUIRED);
+    }
+    return app;
+}
+async function importUnlockKey(unlockKey) {
+    return crypto.subtle.importKey('raw', arrayBuffer(base64UrlDecode(unlockKey)), { name: 'AES-GCM' }, false, ['encrypt', 'decrypt']);
+}
+async function encryptPrivateKey(privateKey, unlockKey) {
+    const iv = new Uint8Array(12);
+    crypto.getRandomValues(iv);
+    const key = await importUnlockKey(unlockKey);
+    const ciphertext = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, new TextEncoder().encode(privateKey));
+    return {
+        version: SECURE_KEY_VERSION,
+        alg: 'AES-GCM',
+        iv: base64UrlEncode(iv),
+        ciphertext: base64UrlEncode(new Uint8Array(ciphertext))
+    };
+}
+async function decryptPrivateKey(envelope, unlockKey) {
+    if (envelope.version !== SECURE_KEY_VERSION || envelope.alg !== 'AES-GCM') {
+        throw new Error('Unsupported encrypted signing key format');
+    }
+    const key = await importUnlockKey(unlockKey);
+    const plaintext = await crypto.subtle.decrypt({ name: 'AES-GCM', iv: arrayBuffer(base64UrlDecode(envelope.iv)) }, key, arrayBuffer(base64UrlDecode(envelope.ciphertext)));
+    return new TextDecoder().decode(plaintext);
+}
+async function ensureBiometricAccess(app) {
+    const biometric = app.BiometricManager;
+    if (!biometric?.updateBiometricToken) {
+        throw new Error(TELEGRAM_MOBILE_REQUIRED);
+    }
+    if (!biometric.isInited) {
+        await new Promise((resolve) => biometric.init(resolve));
+    }
+    if (!biometric.isBiometricAvailable) {
+        throw new Error(TELEGRAM_MOBILE_REQUIRED);
+    }
+    if (!biometric.isAccessGranted) {
+        if (!biometric.requestAccess) {
+            throw new Error(TELEGRAM_MOBILE_REQUIRED);
+        }
+        const granted = await new Promise((resolve) => {
+            biometric.requestAccess?.({ reason: 'Protect EOS signing key' }, resolve);
+        });
+        if (!granted) {
+            throw new Error('Telegram biometric access was not granted');
+        }
+    }
+}
+function secureStorageSet(app, key, value) {
+    return new Promise((resolve, reject) => {
+        app.SecureStorage?.setItem(key, value, (error, isStored) => {
+            if (error) {
+                reject(new Error(error));
+                return;
+            }
+            if (!isStored) {
+                reject(new Error('Telegram SecureStorage did not save the signing key'));
+                return;
+            }
+            resolve();
+        });
+    });
+}
+function secureStorageGet(app, key) {
+    return new Promise((resolve, reject) => {
+        app.SecureStorage?.getItem(key, (error, value) => {
+            if (error) {
+                reject(new Error(error));
+                return;
+            }
+            resolve(value ?? null);
+        });
+    });
+}
+function updateBiometricToken(app, token) {
+    return new Promise((resolve, reject) => {
+        app.BiometricManager?.updateBiometricToken(token, (isUpdated) => {
+            if (isUpdated) {
+                resolve();
+            }
+            else {
+                reject(new Error('Telegram did not save the biometric unlock key'));
+            }
+        });
+    });
+}
+function authenticateForUnlock(app) {
+    return new Promise((resolve, reject) => {
+        app.BiometricManager?.authenticate({ reason: 'Unlock EOS signing key' }, (isAuthenticated, biometricToken) => {
+            if (!isAuthenticated) {
+                reject(new Error('Biometric authentication failed'));
+                return;
+            }
+            if (!biometricToken) {
+                reject(new Error('Biometric unlock key is missing on this device'));
+                return;
+            }
+            resolve(biometricToken);
+        });
+    });
+}
+function secureStorageRemove(app, key) {
+    return new Promise((resolve, reject) => {
+        if (app.SecureStorage?.removeItem) {
+            app.SecureStorage.removeItem(key, (error, isRemoved) => {
+                if (error) {
+                    reject(new Error(error));
+                    return;
+                }
+                if (isRemoved === false) {
+                    reject(new Error('Telegram SecureStorage did not remove the signing key'));
+                    return;
+                }
+                resolve();
+            });
+            return;
+        }
+        app.SecureStorage?.setItem(key, '', (error, isStored) => {
+            if (error) {
+                reject(new Error(error));
+                return;
+            }
+            if (!isStored) {
+                reject(new Error('Telegram SecureStorage did not clear the signing key'));
+                return;
+            }
+            resolve();
+        });
+    });
+}
+export async function saveEosConnectPaymentKey(privateKey, app) {
+    const telegram = requireSecureTelegramStorage(app);
+    await ensureBiometricAccess(telegram);
+    const unlockKey = randomBase64Url(32);
+    const envelope = await encryptPrivateKey(privateKey, unlockKey);
+    envelope.publicKey = await publicKeyFromEosPrivateKey(privateKey);
+    envelope.createdAt = new Date().toISOString();
+    await secureStorageSet(telegram, EOS_CONNECT_PRIVATE_KEY_STORAGE, JSON.stringify(envelope));
+    await updateBiometricToken(telegram, unlockKey);
+}
+export async function loadEosConnectStoredPublicKey(app) {
+    if (!app?.SecureStorage) {
+        return null;
+    }
+    const encrypted = await secureStorageGet(app, EOS_CONNECT_PRIVATE_KEY_STORAGE);
+    if (!encrypted) {
+        return null;
+    }
+    try {
+        const envelope = JSON.parse(encrypted);
+        return envelope.publicKey ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+export async function loadEosConnectPaymentSigningKey(app) {
+    const telegram = requireSecureTelegramStorage(app);
+    await ensureBiometricAccess(telegram);
+    const encrypted = await secureStorageGet(telegram, EOS_CONNECT_PRIVATE_KEY_STORAGE);
+    if (!encrypted) {
+        throw new Error('Quick key is missing on this device');
+    }
+    const envelope = JSON.parse(encrypted);
+    const unlockKey = await authenticateForUnlock(telegram);
+    const privateKey = await decryptPrivateKey(envelope, unlockKey);
+    if (!privateKey) {
+        throw new Error('Quick key is missing on this device');
+    }
+    const publicKey = await publicKeyFromEosPrivateKey(privateKey);
+    if (envelope.publicKey && envelope.publicKey !== publicKey) {
+        throw new Error(`Local payment key is inconsistent. Stored: ${envelope.publicKey}, derived: ${publicKey}. Rebind payment key before paying.`);
+    }
+    return {
+        privateKey,
+        publicKey,
+        storedPublicKey: envelope.publicKey ?? null
+    };
+}
+export async function removeEosConnectPaymentKey(app) {
+    const telegram = requireSecureTelegramStorage(app);
+    await Promise.all([
+        secureStorageRemove(telegram, EOS_CONNECT_PRIVATE_KEY_STORAGE),
+        updateBiometricToken(telegram, '')
+    ]);
+}
+export async function signEosConnectTransaction(transaction, context) {
+    const { privateKey } = await loadEosConnectPaymentSigningKey(context.telegramWebApp);
+    return signTransactionWithPrivateKey(transaction, privateKey, context.rpcUrls, context.fetch ?? fetch);
+}
+async function signTransactionWithPrivateKey(transaction, privateKey, rpcUrls, fetchImpl) {
+    if (rpcUrls.length === 0) {
+        throw new Error('Missing EOS RPC URL for EOS Connect signing');
+    }
+    const failures = [];
+    for (const rpcUrl of rpcUrls) {
+        try {
+            const prepared = await prepareEosConnectTransaction(rpcUrl, transaction, fetchImpl);
+            const signature = PrivateKey.fromString(privateKey)
+                .signDigest(prepared.transaction.signingDigest(prepared.chainId))
+                .toString();
+            if (!signature) {
+                throw new Error('EOS transaction signing failed');
+            }
+            return {
+                signatures: [signature],
+                serializedTransaction: Array.from(prepared.serializedTransaction),
+                transaction
+            };
+        }
+        catch (error) {
+            failures.push(`${rpcUrl}: ${error instanceof Error ? error.message : String(error)}`);
+        }
+    }
+    throw new Error(`All EOS RPC nodes failed: ${failures.join('; ')}`);
+}
+async function prepareEosConnectTransaction(rpcUrl, transaction, fetchImpl) {
+    const [info, abis] = await Promise.all([
+        postChain(rpcUrl, 'get_info', {}, fetchImpl),
+        loadTransactionAbis(rpcUrl, transaction, fetchImpl)
+    ]);
+    if (!info.chain_id) {
+        throw new Error('EOS RPC did not return a chain id');
+    }
+    const parsedTransaction = Transaction.from(transaction, abis);
+    const serializedTransaction = Serializer.encode({ object: parsedTransaction }).array;
+    if (!serializedTransaction.length) {
+        throw new Error('EOS transaction serialization failed');
+    }
+    return {
+        chainId: info.chain_id,
+        transaction: parsedTransaction,
+        serializedTransaction
+    };
+}
+async function postChain(rpcUrl, method, body, fetchImpl) {
+    const response = await fetchImpl(`${rpcUrl}/v1/chain/${method}`, {
+        method: 'POST',
+        headers: {
+            'content-type': 'application/json'
+        },
+        body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+        throw new Error(`EOS RPC ${method} failed with ${response.status}`);
+    }
+    return response.json();
+}
+async function loadTransactionAbis(rpcUrl, transaction, fetchImpl) {
+    const contracts = transactionActionContracts(transaction);
+    return Promise.all(contracts.map(async (contract) => {
+        const response = await postChain(rpcUrl, 'get_abi', { account_name: contract }, fetchImpl);
+        if (!response.abi) {
+            throw new Error(`EOS RPC did not return an ABI for ${contract}`);
+        }
+        return { contract, abi: ABI.from(response.abi) };
+    }));
+}
+function transactionActionContracts(transaction) {
+    const seen = new Set();
+    for (const action of [
+        ...actionList(transaction.context_free_actions),
+        ...actionList(transaction.actions)
+    ]) {
+        const account = typeof action.account === 'string' ? action.account : '';
+        if (account) {
+            seen.add(account);
+        }
+    }
+    return Array.from(seen);
+}
+function actionList(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.filter((item) => Boolean(item && typeof item === 'object'));
+}
+function walletCapability(wallet, localPublicKey) {
+    if (wallet.status === 'account_created_waiting_tgpay') {
+        return {
+            status: 'pending',
+            hasWallet: Boolean(wallet.hasWallet),
+            canUse: false,
+            needsLocalKey: false,
+            account: wallet.pendingAccount ?? wallet.eosAccount,
+            balance: wallet.balance,
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            expectedPublicKey: wallet.quickPublicKey ?? null,
+            localPublicKey,
+            reason: null,
+            wallet
+        };
+    }
+    if (!wallet.hasWallet || !wallet.eosAccount) {
+        return {
+            status: 'not_connected',
+            hasWallet: false,
+            canUse: false,
+            needsLocalKey: false,
+            account: null,
+            balance: wallet.balance,
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            expectedPublicKey: wallet.quickPublicKey ?? null,
+            localPublicKey,
+            reason: wallet.bindingError ?? null,
+            wallet
+        };
+    }
+    const expectedPublicKey = wallet.quickPublicKey ?? null;
+    if (!expectedPublicKey || localPublicKey !== expectedPublicKey) {
+        return {
+            status: 'needs_local_key',
+            hasWallet: true,
+            canUse: false,
+            needsLocalKey: true,
+            account: wallet.eosAccount,
+            balance: wallet.balance,
+            bindId: null,
+            bindUrl: null,
+            expectedPublicKey,
+            localPublicKey,
+            reason: 'Local quick payment key is missing or does not match this wallet',
+            wallet
+        };
+    }
+    return {
+        status: 'ready',
+        hasWallet: true,
+        canUse: true,
+        needsLocalKey: false,
+        account: wallet.eosAccount,
+        balance: wallet.balance,
+        bindId: null,
+        bindUrl: null,
+        expectedPublicKey,
+        localPublicKey,
+        reason: null,
+        wallet
+    };
+}
+function walletToState(wallet) {
+    if (wallet.status === 'account_created_waiting_tgpay') {
+        return {
+            status: 'pending',
+            provider: 'telegram',
+            account: wallet.pendingAccount ?? wallet.eosAccount,
+            balance: wallet.balance,
+            bindId: wallet.bindId ?? null,
+            bindUrl: wallet.bindUrl ?? null,
+            error: null
+        };
+    }
+    if (wallet.hasWallet && wallet.eosAccount) {
+        return {
+            status: 'connected',
+            provider: 'telegram',
+            account: wallet.eosAccount,
+            balance: wallet.balance,
+            bindId: null,
+            bindUrl: null,
+            error: null
+        };
+    }
+    return {
+        status: 'not_connected',
+        provider: null,
+        account: null,
+        balance: wallet.balance,
+        bindId: null,
+        bindUrl: null,
+        error: wallet.bindingError ?? null
+    };
+}
+function walletCapabilityToState(capability) {
+    const base = capability.status === 'unsupported'
+        ? {
+            ...idleState,
+            status: 'unsupported',
+            error: capability.reason
+        }
+        : capability.status === 'pending'
+            ? {
+                status: 'pending',
+                provider: 'telegram',
+                account: capability.account,
+                balance: capability.balance,
+                bindId: capability.bindId,
+                bindUrl: capability.bindUrl,
+                error: null
+            }
+            : capability.hasWallet
+                ? {
+                    status: 'connected',
+                    provider: 'telegram',
+                    account: capability.account,
+                    balance: capability.balance,
+                    bindId: null,
+                    bindUrl: null,
+                    error: null
+                }
+                : {
+                    status: 'not_connected',
+                    provider: null,
+                    account: null,
+                    balance: capability.balance,
+                    bindId: capability.bindId,
+                    bindUrl: capability.bindUrl,
+                    error: capability.reason
+                };
+    return {
+        ...base,
+        hasWallet: capability.hasWallet,
+        canUse: capability.canUse,
+        needsLocalKey: capability.needsLocalKey,
+        expectedPublicKey: capability.expectedPublicKey,
+        localPublicKey: capability.localPublicKey
+    };
+}
+export function createEosConnect(options) {
+    const fetchImpl = options.fetch ?? fetch;
+    const networkConfig = options.network ? EOS_CONNECT_NETWORKS[options.network] : null;
+    const apiBaseUrl = normalizeBaseUrl(options.apiBaseUrl ?? networkConfig?.apiBaseUrl ?? EOS_CONNECT_DEFAULT_API_BASE_URL);
+    const balanceAsset = options.balanceAsset ?? networkConfig?.balanceAsset;
+    const rpcUrls = parseRpcUrls(options.rpcUrls ?? networkConfig?.rpcUrls);
+    const listeners = new Set();
+    let state = { ...idleState };
+    function publish(next) {
+        state = next;
+        listeners.forEach((listener) => listener(state));
+        return state;
+    }
+    function initData() {
+        return options.telegramWebApp?.initData ?? '';
+    }
+    async function request(path, requestOptions) {
+        let response;
+        try {
+            response = await fetchImpl(`${apiBaseUrl}${path}`, {
+                ...requestOptions,
+                headers: {
+                    'content-type': 'application/json',
+                    ...(requestOptions?.headers ?? {})
+                }
+            });
+        }
+        catch (error) {
+            throw normalizeEosConnectError(error);
+        }
+        const body = (await response.json());
+        if (!response.ok) {
+            throw normalizeEosConnectError(body);
+        }
+        return body;
+    }
+    return {
+        getProviders() {
+            return providers.map((provider) => ({ ...provider }));
+        },
+        getSnapshot() {
+            return { ...state };
+        },
+        subscribe(listener) {
+            listeners.add(listener);
+            return () => listeners.delete(listener);
+        },
+        async restore() {
+            if (!initData()) {
+                return publish({
+                    ...idleState,
+                    status: 'unsupported',
+                    error: 'Telegram initData is missing'
+                });
+            }
+            const wallet = await request(`/api/tg-wallet/me${balanceQuery(balanceAsset)}`, {
+                headers: {
+                    'x-telegram-init-data': initData()
+                }
+            });
+            return publish(walletToState(wallet));
+        },
+        async checkWallet() {
+            if (!initData()) {
+                const capability = {
+                    status: 'unsupported',
+                    hasWallet: false,
+                    canUse: false,
+                    needsLocalKey: false,
+                    account: null,
+                    balance: null,
+                    bindId: null,
+                    bindUrl: null,
+                    expectedPublicKey: null,
+                    localPublicKey: null,
+                    reason: 'Telegram initData is missing',
+                    wallet: null
+                };
+                publish(walletCapabilityToState(capability));
+                return capability;
+            }
+            const wallet = await request(`/api/tg-wallet/me${balanceQuery(balanceAsset)}`, {
+                headers: {
+                    'x-telegram-init-data': initData()
+                }
+            });
+            const localPublicKey = wallet.quickPublicKey
+                ? await loadEosConnectStoredPublicKey(options.telegramWebApp)
+                : null;
+            const capability = walletCapability(wallet, localPublicKey);
+            publish(walletCapabilityToState(capability));
+            return capability;
+        },
+        async connect(connectOptions) {
+            if (connectOptions.provider !== 'telegram' && connectOptions.provider !== 'tokenpocket') {
+                throw new Error(`${providerDisplayName(connectOptions.provider)} is not supported yet`);
+            }
+            if (!initData()) {
+                return publish({
+                    ...idleState,
+                    status: 'unsupported',
+                    provider: connectOptions.provider,
+                    error: 'Telegram initData is missing'
+                });
+            }
+            if (!connectOptions.publicKey) {
+                throw new Error(`${providerDisplayName(connectOptions.provider)} provider requires a publicKey`);
+            }
+            const path = connectOptions.provider === 'tokenpocket'
+                ? '/api/tg-wallet/tp-bind/start'
+                : '/api/tg-wallet/bind/start';
+            const bind = await request(path, {
+                method: 'POST',
+                body: JSON.stringify({
+                    initData: initData(),
+                    botPublicKey: connectOptions.provider === 'telegram' ? connectOptions.publicKey : undefined,
+                    tgpayPublicKey: connectOptions.provider === 'tokenpocket' ? connectOptions.publicKey : undefined,
+                    botUsername: options.botUsername || undefined,
+                    deviceLabel: options.deviceLabel || telegramDeviceLabel(options.telegramWebApp),
+                    assetLimits: connectOptions.assetLimits,
+                    replaceWallet: connectOptions.provider === 'telegram' ? connectOptions.replaceWallet || undefined : undefined
+                })
+            });
+            if (bind.hasWallet) {
+                return publish({
+                    status: 'connected',
+                    provider: connectOptions.provider,
+                    account: bind.eosAccount ?? null,
+                    balance: null,
+                    bindId: null,
+                    bindUrl: null,
+                    hasWallet: true,
+                    reused: bind.reused,
+                    error: null
+                });
+            }
+            const next = publish({
+                status: 'pending',
+                provider: connectOptions.provider,
+                account: bind.accountName ?? bind.eosAccount ?? null,
+                balance: null,
+                bindId: bind.bindId,
+                bindUrl: bind.bindUrl,
+                hasWallet: false,
+                reused: bind.reused,
+                error: null
+            });
+            if (connectOptions.openLink !== false) {
+                openExternalUrl(connectOptions.provider === 'tokenpocket' ? tokenPocketDappUrl(bind.bindUrl) : bind.bindUrl, options);
+            }
+            return next;
+        },
+        async connectTelegram(telegramOptions = {}) {
+            const paymentKey = await generateEosConnectPaymentKey();
+            const next = await this.connect({
+                provider: 'telegram',
+                publicKey: paymentKey.publicKey,
+                assetLimits: telegramOptions.assetLimits,
+                replaceWallet: telegramOptions.replaceWallet,
+                openLink: false
+            });
+            if (next.hasWallet) {
+                return next;
+            }
+            if (!next.bindUrl || !next.bindId || !next.account) {
+                throw new Error('EOS Connect did not return a binding request');
+            }
+            if (!next.reused) {
+                await saveEosConnectPaymentKey(paymentKey.privateKey, options.telegramWebApp);
+            }
+            if (telegramOptions.openLink !== false) {
+                openExternalUrl(next.bindUrl, options);
+            }
+            return next;
+        },
+        async connectTokenPocket(tokenPocketOptions = {}) {
+            const paymentKey = await generateEosConnectPaymentKey();
+            const next = await this.connect({
+                provider: 'tokenpocket',
+                publicKey: paymentKey.publicKey,
+                assetLimits: tokenPocketOptions.assetLimits,
+                openLink: false
+            });
+            if (!next.bindUrl || !next.bindId) {
+                throw new Error('EOS Connect did not return a TokenPocket binding request');
+            }
+            await saveEosConnectPaymentKey(paymentKey.privateKey, options.telegramWebApp);
+            if (tokenPocketOptions.openLink !== false) {
+                openExternalUrl(tokenPocketDappUrl(next.bindUrl), options);
+            }
+            return next;
+        },
+        async pay(payOptions) {
+            if (!initData()) {
+                throw new Error('Telegram initData is missing');
+            }
+            const built = await request('/api/tg-wallet/transfer/build', {
+                method: 'POST',
+                body: JSON.stringify({
+                    initData: initData(),
+                    to: payOptions.to,
+                    amount: payOptions.amount,
+                    memo: payOptions.memo ?? '',
+                    tokenContract: payOptions.tokenContract,
+                    symbol: payOptions.symbol
+                })
+            });
+            const confirmPayment = options.confirmPayment === false ? null : options.confirmPayment ?? defaultConfirmPayment;
+            if (confirmPayment) {
+                const confirmed = await confirmPayment(paymentDetailsFromBuiltTransfer(built));
+                if (!confirmed) {
+                    throw new Error('Payment confirmation was cancelled');
+                }
+            }
+            const signer = options.signTransaction ?? signEosConnectTransaction;
+            const signedTransaction = await signer(built.transaction, {
+                telegramWebApp: options.telegramWebApp,
+                rpcUrls,
+                fetch: fetchImpl
+            });
+            return request('/api/tg-wallet/transfer/push', {
+                method: 'POST',
+                body: JSON.stringify({
+                    initData: initData(),
+                    intentId: built.intentId,
+                    signedTransaction,
+                    summary: built.summary
+                })
+            });
+        },
+        disconnectLocal() {
+            return publish({ ...idleState });
+        }
+    };
+}