@forge-connect/react 1.0.1 → 1.0.3

package/dist/index.cjs

@@ -813,1680 +813,1692 @@ function EmailOtpForm() {
 // src/components/tabs/wallet-connect.tsx
 
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/bufferToBase64URLString.js
-function bufferToBase64URLString(buffer) {
-  const bytes = new Uint8Array(buffer);
-  let str = "";
-  for (const charCode of bytes) {
-    str += String.fromCharCode(charCode);
+var MOBILE_WALLETS = [
+  {
+    name: "Phantom",
+    icon: "data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTA4IiBoZWlnaHQ9IjEwOCIgdmlld0JveD0iMCAwIDEwOCAxMDgiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDgiIGhlaWdodD0iMTA4IiByeD0iMjYiIGZpbGw9IiNBQjlGRjIiLz4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik00Ni41MjY3IDY5LjkyMjlDNDIuMDA1NCA3Ni44NTA5IDM0LjQyOTIgODUuNjE4MiAyNC4zNDggODUuNjE4MkMxOS41ODI0IDg1LjYxODIgMTUgODMuNjU2MyAxNSA3NS4xMzQyQzE1IDUzLjQzMDUgNDQuNjMyNiAxOS44MzI3IDcyLjEyNjggMTkuODMyN0M4Ny43NjggMTkuODMyNyA5NCAzMC42ODQ2IDk0IDQzLjAwNzlDOTQgNTguODI1OCA4My43MzU1IDc2LjkxMjIgNzMuNTMyMSA3Ni45MTIyQzcwLjI5MzkgNzYuOTEyMiA2OC43MDUzIDc1LjEzNDIgNjguNzA1MyA3Mi4zMTRDNjguNzA1MyA3MS41NzgzIDY4LjgyNzUgNzAuNzgxMiA2OS4wNzE5IDY5LjkyMjlDNjUuNTg5MyA3NS44Njk5IDU4Ljg2ODUgODEuMzg3OCA1Mi41NzU0IDgxLjM4NzhDNDcuOTkzIDgxLjM4NzggNDUuNjcxMyA3OC41MDYzIDQ1LjY3MTMgNzQuNDU5OEM0NS42NzEzIDcyLjk4ODQgNDUuOTc2OCA3MS40NTU2IDQ2LjUyNjcgNjkuOTIyOVpNODMuNjc2MSA0Mi41Nzk0QzgzLjY3NjEgNDYuMTcwNCA4MS41NTc1IDQ3Ljk2NTggNzkuMTg3NSA0Ny45NjU4Qzc2Ljc4MTYgNDcuOTY1OCA3NC42OTg5IDQ2LjE3MDQgNzQuNjk4OSA0Mi41Nzk0Qzc0LjY5ODkgMzguOTg4NSA3Ni43ODE2IDM3LjE5MzEgNzkuMTg3NSAzNy4xOTMxQzgxLjU1NzUgMzcuMTkzMSA4My42NzYxIDM4Ljk4ODUgODMuNjc2MSA0Mi41Nzk0Wk03MC4yMTAzIDQyLjU3OTVDNzAuMjEwMyA0Ni4xNzA0IDY4LjA5MTYgNDcuOTY1OCA2NS43MjE2IDQ3Ljk2NThDNjMuMzE1NyA0Ny45NjU4IDYxLjIzMyA0Ni4xNzA0IDYxLjIzMyA0Mi41Nzk1QzYxLjIzMyAzOC45ODg1IDYzLjMxNTcgMzcuMTkzMSA2NS43MjE2IDM3LjE5MzFDNjguMDkxNiAzNy4xOTMxIDcwLjIxMDMgMzguOTg4NSA3MC4yMTAzIDQyLjU3OTVaIiBmaWxsPSIjRkZGREY4Ii8+Cjwvc3ZnPgo=",
+    buildUrl: (url) => `https://phantom.app/ul/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+  },
+  {
+    name: "Solflare",
+    icon: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJTIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA1MCA1MCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOiMwMjA1MGE7c3Ryb2tlOiNmZmVmNDY7c3Ryb2tlLW1pdGVybGltaXQ6MTA7c3Ryb2tlLXdpZHRoOi41cHg7fS5jbHMtMntmaWxsOiNmZmVmNDY7fTwvc3R5bGU+PC9kZWZzPjxyZWN0IGNsYXNzPSJjbHMtMiIgeD0iMCIgd2lkdGg9IjUwIiBoZWlnaHQ9IjUwIiByeD0iMTIiIHJ5PSIxMiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTI0LjIzLDI2LjQybDIuNDYtMi4zOCw0LjU5LDEuNWMzLjAxLDEsNC41MSwyLjg0LDQuNTEsNS40MywwLDEuOTYtLjc1LDMuMjYtMi4yNSw0LjkzbC0uNDYuNS4xNy0xLjE3Yy42Ny00LjI2LS41OC02LjA5LTQuNzItNy40M2wtNC4zLTEuMzhoMFpNMTguMDUsMTEuODVsMTIuNTIsNC4xNy0yLjcxLDIuNTktNi41MS0yLjE3Yy0yLjI1LS43NS0zLjAxLTEuOTYtMy4zLTQuNTF2LS4wOGgwWk0xNy4zLDMzLjA2bDIuODQtMi43MSw1LjM0LDEuNzVjMi44LjkyLDMuNzYsMi4xMywzLjQ2LDUuMThsLTExLjY1LTQuMjJoMFpNMTMuNzEsMjAuOTVjMC0uNzkuNDItMS41NCwxLjEzLTIuMTcuNzUsMS4wOSwyLjA1LDIuMDUsNC4wOSwyLjcxbDQuNDIsMS40Ni0yLjQ2LDIuMzgtNC4zNC0xLjQyYy0yLS42Ny0yLjg0LTEuNjctMi44NC0yLjk2TTI2LjgyLDQyLjg3YzkuMTgtNi4wOSwxNC4xMS0xMC4yMywxNC4xMS0xNS4zMiwwLTMuMzgtMi01LjI2LTYuNDMtNi43MmwtMy4zNC0xLjEzLDkuMTQtOC43Ny0xLjg0LTEuOTYtMi43MSwyLjM4LTEyLjgxLTQuMjJjLTMuOTcsMS4yOS04Ljk3LDUuMDktOC45Nyw4Ljg5LDAsLjQyLjA0LjgzLjE3LDEuMjktMy4zLDEuODgtNC42MywzLjYzLTQuNjMsNS44LDAsMi4wNSwxLjA5LDQuMDksNC41NSw1LjIybDIuNzUuOTItOS41Miw5LjE0LDEuODQsMS45NiwyLjk2LTIuNzEsMTQuNzMsNS4yMmgwWiIvPjwvc3ZnPg==",
+    buildUrl: (url) => `https://solflare.com/ul/v1/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+  },
+  {
+    name: "Backpack",
+    icon: "data:image/webp;base64,UklGRlgCAABXRUJQVlA4WAoAAAAQAAAAOwAAOwAAQUxQSC8AAAABL6CmbQOGP75e/cti0oiIOI0KBto2+a8ACZjAAQ7wL2gCSCL6PwER2t+KmZpFDwBWUDggAgIAAPALAJ0BKjwAPAA+SSCMRKKiIRYKrTQoBISyAGp7nL12mKuwHiZ/pX71XoA8m7rXfQA8q39lfhJ/cL0ZimIeNSGxOaSWtqEDDdJ++ARG5/LVm6OquItoAu4rpz8VksUr1NEDJ0CeZucwAP7+VdYX7J5e8V3cJZ9QoY9vj8KsNGOvZSm+khDZOvwCeiDFjGweq/8KIUmVQk3T/qW3ONyMcepN2uwyEXpZZiidST0x705r7ZnNuWX42r8oi+FEshvXGWm6DabjfrMbiaxJ15irl2Gj3nKWbZ2v3k/jd172plSBejBs7dNt90Re/m+nmv5kNjM/SPfa4EpzvOdu/8BR+hTnR4qe4eWhTsh/oecEfN31OExdi/6AYrsth4nlx/qGEP70b1/TNKmgaB/18+c9ntTfhku9wYpy17/wN3r+B/1geZPzth+AtNsMDXE99PaPLWdFP9MOIMD6ME+MpZu2H7WSfzY7MkWs/N/NNzAZ0P/9vMvxgcdzFHvs/doeUU9WyVv+Ll8QDJbn9NZl86ZZNYtfP4Ol1hiJHWosWyj/66vhMUeFIcDheXIOSRTzvKwj5ffEl7fn/QwflNU556SEjM8MriwSFJ/nrFBrr8O1/pqdrYGqPijG6tjsBVBHp+EDAbtNLL375I2jnG9i3Xb1ZphsFYNjdRaknYdFf4g5iJBoAAA=",
+    buildUrl: (url) => `https://backpack.app/ul/browse/${encodeURIComponent(url)}`
   }
-  const base64String = btoa(str);
-  return base64String.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+];
+function isMobile() {
+  if (typeof navigator === "undefined") return false;
+  return /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent);
 }
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/base64URLStringToBuffer.js
-function base64URLStringToBuffer(base64URLString) {
-  const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/");
-  const padLength = (4 - base64.length % 4) % 4;
-  const padded = base64.padEnd(base64.length + padLength, "=");
-  const binary = atob(padded);
-  const buffer = new ArrayBuffer(binary.length);
-  const bytes = new Uint8Array(buffer);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
+function WalletConnectForm() {
+  const { walletAdapter, setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  if (!walletAdapter && isMobile()) {
+    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, MobileWalletFlow, {});
   }
-  return buffer;
-}
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthn.js
-function browserSupportsWebAuthn() {
-  return _browserSupportsWebAuthnInternals.stubThis(_optionalChain([globalThis, 'optionalAccess', _13 => _13.PublicKeyCredential]) !== void 0 && typeof globalThis.PublicKeyCredential === "function");
+  if (walletAdapter) {
+    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletAdapterFlow, {});
+  }
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Connect wallet" }),
+    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-text", children: [
+      "No wallet adapter detected. Pass ",
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "code", { children: "walletAdapter" }),
+      " to",
+      " ",
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "code", { children: "<ForgeConnectProvider>" }),
+      " to enable wallet login."
+    ] }),
+    showBack && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
 }
-var _browserSupportsWebAuthnInternals = {
-  stubThis: (value) => value
-};
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toPublicKeyCredentialDescriptor.js
-function toPublicKeyCredentialDescriptor(descriptor) {
-  const { id } = descriptor;
-  return {
-    ...descriptor,
-    id: base64URLStringToBuffer(id),
-    /**
-     * `descriptor.transports` is an array of our `AuthenticatorTransportFuture` that includes newer
-     * transports that TypeScript's DOM lib is ignorant of. Convince TS that our list of transports
-     * are fine to pass to WebAuthn since browsers will recognize the new value.
-     */
-    transports: descriptor.transports
+function MobileWalletFlow() {
+  const { setModalStep, config } = useForgeConnect();
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  const walletConfig = config.walletConfig;
+  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _13 => _13.preferredWallets]), () => ( []));
+  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _14 => _14.onlyPreferred]), () => ( false));
+  const walletsToShow = _react.useMemo.call(void 0, () => {
+    if (preferred.length > 0) {
+      const prefList = preferred.map((name) => MOBILE_WALLETS.find((mw) => mw.name === name)).filter(Boolean);
+      if (onlyPreferred) return prefList;
+      const prefNames = new Set(preferred);
+      const others = MOBILE_WALLETS.filter((mw) => !prefNames.has(mw.name));
+      return [...prefList, ...others];
+    }
+    return MOBILE_WALLETS;
+  }, [preferred, onlyPreferred]);
+  const handleOpen = (mw) => {
+    const pageUrl = window.location.href;
+    window.location.href = mw.buildUrl(pageUrl);
   };
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-wallet-list", children: walletsToShow.map((mw) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+      "button",
+      {
+        type: "button",
+        className: "fc-btn fc-btn-wallet",
+        onClick: () => handleOpen(mw),
+        children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: mw.name }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Open app" })
+        ]
+      },
+      mw.name
+    )) }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", style: { textAlign: "center", fontSize: 12, opacity: 0.6 }, children: "You'll be redirected to the wallet app to sign in." }),
+    showBack && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
 }
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/isValidDomain.js
-function isValidDomain(hostname) {
-  return (
-    // Consider localhost valid as well since it's okay wrt Secure Contexts
-    hostname === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(hostname)
-  );
-}
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnError.js
-var WebAuthnError = class extends Error {
-  constructor({ message, code, cause, name }) {
-    super(message, { cause });
-    Object.defineProperty(this, "code", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-    this.name = _nullishCoalesce(name, () => ( cause.name));
-    this.code = code;
-  }
-};
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyRegistrationError.js
-function identifyRegistrationError({ error, options }) {
-  const { publicKey } = options;
-  if (!publicKey) {
-    throw Error("options was missing required publicKey property");
-  }
-  if (error.name === "AbortError") {
-    if (options.signal instanceof AbortSignal) {
-      return new WebAuthnError({
-        message: "Registration ceremony was sent an abort signal",
-        code: "ERROR_CEREMONY_ABORTED",
-        cause: error
-      });
+function WalletAdapterFlow() {
+  const { walletAdapter, loginWithWallet, setModalStep, config } = useForgeConnect();
+  const wallet = walletAdapter;
+  const walletConfig = config.walletConfig;
+  const methods = resolveLoginMethods(config);
+  const showBack = methods.length > 1;
+  const [error, setError] = _react.useState.call(void 0, "");
+  const [loading, setLoading] = _react.useState.call(void 0, false);
+  const [showOther, setShowOther] = _react.useState.call(void 0, false);
+  const [coldWallet, setColdWallet] = _react.useState.call(void 0, false);
+  const mobile = _react.useMemo.call(void 0, () => isMobile(), []);
+  const coldWalletRef = _react.useRef.call(void 0, coldWallet);
+  coldWalletRef.current = coldWallet;
+  const buildSignTxFnForAdapter = _react.useCallback.call(void 0, (adapter) => {
+    if (!adapter.signTransaction) return void 0;
+    const TxClass = _optionalChain([walletConfig, 'optionalAccess', _15 => _15.Transaction]);
+    if (!TxClass) return void 0;
+    return async (txBase64) => {
+      const bytes = Uint8Array.from(atob(txBase64), (c) => c.charCodeAt(0));
+      const tx = TxClass.from(bytes);
+      const signedTx = await adapter.signTransaction(tx);
+      return btoa(String.fromCharCode(...new Uint8Array(signedTx.serialize())));
+    };
+  }, [_optionalChain([walletConfig, 'optionalAccess', _16 => _16.Transaction])]);
+  const handleConnect = async (w) => {
+    if (w.readyState !== "Installed") {
+      if (mobile) {
+        const mw = MOBILE_WALLETS.find((m) => m.name === w.adapter.name);
+        if (mw) {
+          window.location.href = mw.buildUrl(window.location.href);
+          return;
+        }
+      }
+      const url = w.adapter.url;
+      if (url) window.open(url, "_blank");
+      return;
     }
-  } else if (error.name === "ConstraintError") {
-    if (_optionalChain([publicKey, 'access', _14 => _14.authenticatorSelection, 'optionalAccess', _15 => _15.requireResidentKey]) === true) {
-      return new WebAuthnError({
-        message: "Discoverable credentials were required but no available authenticator supported it",
-        code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
-        cause: error
-      });
-    } else if (
-      // @ts-ignore: `mediation` doesn't yet exist on CredentialCreationOptions but it's possible as of Sept 2024
-      options.mediation === "conditional" && _optionalChain([publicKey, 'access', _16 => _16.authenticatorSelection, 'optionalAccess', _17 => _17.userVerification]) === "required"
-    ) {
-      return new WebAuthnError({
-        message: "User verification was required during automatic registration but it could not be performed",
-        code: "ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",
-        cause: error
-      });
-    } else if (_optionalChain([publicKey, 'access', _18 => _18.authenticatorSelection, 'optionalAccess', _19 => _19.userVerification]) === "required") {
-      return new WebAuthnError({
-        message: "User verification was required but no available authenticator supported it",
-        code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
-        cause: error
-      });
+    setError("");
+    setLoading(true);
+    try {
+      if (!w.adapter.connected) {
+        await w.adapter.connect();
+      }
+      const pk = w.adapter.publicKey;
+      if (!pk) throw new Error("Wallet did not provide a public key.");
+      const address = pk.toBase58();
+      const useCold = coldWalletRef.current;
+      const adapterSignMessage = w.adapter.signMessage ? (msg) => w.adapter.signMessage(msg) : void 0;
+      await loginWithWallet(
+        address,
+        useCold ? void 0 : adapterSignMessage,
+        "solana",
+        useCold ? buildSignTxFnForAdapter(w.adapter) : void 0
+      );
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not verify your wallet. Please try again.");
+      setLoading(false);
     }
-  } else if (error.name === "InvalidStateError") {
-    return new WebAuthnError({
-      message: "The authenticator was previously registered",
-      code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
-      cause: error
-    });
-  } else if (error.name === "NotAllowedError") {
-    return new WebAuthnError({
-      message: error.message,
-      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
-      cause: error
-    });
-  } else if (error.name === "NotSupportedError") {
-    const validPubKeyCredParams = publicKey.pubKeyCredParams.filter((param) => param.type === "public-key");
-    if (validPubKeyCredParams.length === 0) {
-      return new WebAuthnError({
-        message: 'No entry in pubKeyCredParams was of type "public-key"',
-        code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
-        cause: error
-      });
+  };
+  const handleMobileOpen = (mw) => {
+    window.location.href = mw.buildUrl(window.location.href);
+  };
+  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _17 => _17.preferredWallets]), () => ( []));
+  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _18 => _18.onlyPreferred]), () => ( false));
+  const preferredSet = new Set(preferred);
+  const connectedWalletName = wallet.publicKey ? _nullishCoalesce(_optionalChain([wallet, 'access', _19 => _19.wallets, 'access', _20 => _20.find, 'call', _21 => _21((w) => w.adapter.connected), 'optionalAccess', _22 => _22.adapter, 'access', _23 => _23.name]), () => ( null)) : null;
+  const { preferredWallets, otherWallets } = _react.useMemo.call(void 0, () => {
+    const all = wallet.wallets;
+    const prefList = preferred.map((name) => all.find((w) => w.adapter.name === name)).filter(Boolean);
+    if (onlyPreferred && preferred.length > 0) {
+      return { preferredWallets: prefList, otherWallets: [] };
     }
-    return new WebAuthnError({
-      message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
-      code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
-      cause: error
-    });
-  } else if (error.name === "SecurityError") {
-    const effectiveDomain = globalThis.location.hostname;
-    if (!isValidDomain(effectiveDomain)) {
-      return new WebAuthnError({
-        message: `${globalThis.location.hostname} is an invalid domain`,
-        code: "ERROR_INVALID_DOMAIN",
-        cause: error
-      });
-    } else if (publicKey.rp.id !== effectiveDomain) {
-      return new WebAuthnError({
-        message: `The RP ID "${publicKey.rp.id}" is invalid for this domain`,
-        code: "ERROR_INVALID_RP_ID",
-        cause: error
-      });
-    }
-  } else if (error.name === "TypeError") {
-    if (publicKey.user.id.byteLength < 1 || publicKey.user.id.byteLength > 64) {
-      return new WebAuthnError({
-        message: "User ID was not between 1 and 64 characters",
-        code: "ERROR_INVALID_USER_ID_LENGTH",
-        cause: error
-      });
-    }
-  } else if (error.name === "UnknownError") {
-    return new WebAuthnError({
-      message: "The authenticator was unable to process the specified options, or could not create a new credential",
-      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
-      cause: error
-    });
-  }
-  return error;
+    const others = all.filter(
+      (w) => !preferredSet.has(w.adapter.name) && w.readyState === "Installed"
+    );
+    return { preferredWallets: prefList, otherWallets: others };
+  }, [wallet.wallets, walletConfig]);
+  const mobileExtraWallets = _react.useMemo.call(void 0, () => {
+    if (!mobile) return [];
+    const adapterNames = new Set(wallet.wallets.map((w) => w.adapter.name));
+    return MOBILE_WALLETS.filter((mw) => !adapterNames.has(mw.name));
+  }, [mobile, wallet.wallets]);
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+    loading ? /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { style: { textAlign: "center", padding: "24px 0" }, children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-tab-title", children: "Connecting..." }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: coldWallet ? "Confirm the transaction on your device" : "Approve the connection, then sign the verification request in your wallet" }),
+      error && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-secondary",
+            onClick: () => {
+              setLoading(false);
+              setError("");
+            },
+            style: { marginTop: 8 },
+            children: "Try again"
+          }
+        )
+      ] })
+    ] }) : /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-wallet-list", children: [
+        preferredWallets.map((w) => {
+          const installed = w.readyState === "Installed";
+          const isConnected = w.adapter.name === connectedWalletName;
+          return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+            "button",
+            {
+              type: "button",
+              className: "fc-btn fc-btn-wallet",
+              onClick: () => handleConnect(w),
+              children: [
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: installed ? "fc-installed-dot" : "", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: w.adapter.name }),
+                isConnected ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Last used" }) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Preferred" }),
+                !installed && mobile && MOBILE_WALLETS.some((mw) => mw.name === w.adapter.name) ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Open app" }) : !installed && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Install" })
+              ]
+            },
+            w.adapter.name
+          );
+        }),
+        mobileExtraWallets.map((mw) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-wallet",
+            onClick: () => handleMobileOpen(mw),
+            children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: mw.name }),
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Open app" })
+            ]
+          },
+          mw.name
+        )),
+        otherWallets.length > 0 && !showOther && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+          "button",
+          {
+            type: "button",
+            className: "fc-btn fc-btn-wallet",
+            onClick: () => setShowOther(true),
+            children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-other-wallets-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", children: [
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "3", width: "16", height: "14", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M2 7h16", stroke: "currentColor", strokeWidth: "1.5" }),
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "11", y: "10", width: "7", height: "4", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
+              ] }) }),
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: "Other wallets" })
+            ]
+          }
+        ),
+        showOther && otherWallets.map((w) => {
+          const isConnected = w.adapter.name === connectedWalletName;
+          return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+            "button",
+            {
+              type: "button",
+              className: "fc-btn fc-btn-wallet",
+              onClick: () => handleConnect(w),
+              children: [
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-installed-dot", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
+                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: w.adapter.name }),
+                isConnected && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Last used" })
+              ]
+            },
+            w.adapter.name
+          );
+        })
+      ] }),
+      preferredWallets.length === 0 && otherWallets.length === 0 && mobileExtraWallets.length === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "No wallet found. Please install a Solana wallet (like Phantom) to continue." }),
+      _optionalChain([walletConfig, 'optionalAccess', _24 => _24.Transaction]) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-cold-wallet-toggle", children: [
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+          "input",
+          {
+            type: "checkbox",
+            checked: coldWallet,
+            onChange: (e) => setColdWallet(e.target.checked)
+          }
+        ),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-toggle-track" }),
+        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-cold-wallet-label", children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Hardware wallet" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Ledger, Trezor, Keystone..." })
+        ] })
+      ] }),
+      error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error })
+    ] }),
+    showBack && !loading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+  ] });
 }
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnAbortService.js
-var BaseWebAuthnAbortService = class {
-  constructor() {
-    Object.defineProperty(this, "controller", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-  }
-  createNewAbortSignal() {
-    if (this.controller) {
-      const abortError = new Error("Cancelling existing WebAuthn API call for new one");
-      abortError.name = "AbortError";
-      this.controller.abort(abortError);
-    }
-    const newController = new AbortController();
-    this.controller = newController;
-    return newController.signal;
-  }
-  cancelCeremony() {
-    if (this.controller) {
-      const abortError = new Error("Manually cancelling existing WebAuthn API call");
-      abortError.name = "AbortError";
-      this.controller.abort(abortError);
-      this.controller = void 0;
-    }
-  }
-};
-var WebAuthnAbortService = new BaseWebAuthnAbortService();
+// src/components/tabs/forgot-password.tsx
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toAuthenticatorAttachment.js
-var attachments = ["cross-platform", "platform"];
-function toAuthenticatorAttachment(attachment) {
-  if (!attachment) {
-    return;
-  }
-  if (attachments.indexOf(attachment) < 0) {
-    return;
-  }
-  return attachment;
-}
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startRegistration.js
-async function startRegistration(options) {
-  if (!options.optionsJSON && options.challenge) {
-    console.warn("startRegistration() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
-    options = { optionsJSON: options };
-  }
-  const { optionsJSON, useAutoRegister = false } = options;
-  if (!browserSupportsWebAuthn()) {
-    throw new Error("WebAuthn is not supported in this browser");
-  }
-  const publicKey = {
-    ...optionsJSON,
-    challenge: base64URLStringToBuffer(optionsJSON.challenge),
-    user: {
-      ...optionsJSON.user,
-      id: base64URLStringToBuffer(optionsJSON.user.id)
-    },
-    excludeCredentials: _optionalChain([optionsJSON, 'access', _20 => _20.excludeCredentials, 'optionalAccess', _21 => _21.map, 'call', _22 => _22(toPublicKeyCredentialDescriptor)])
-  };
-  const createOptions = {};
-  if (useAutoRegister) {
-    createOptions.mediation = "conditional";
-  }
-  createOptions.publicKey = publicKey;
-  createOptions.signal = WebAuthnAbortService.createNewAbortSignal();
-  let credential;
-  try {
-    credential = await navigator.credentials.create(createOptions);
-  } catch (err) {
-    throw identifyRegistrationError({ error: err, options: createOptions });
-  }
-  if (!credential) {
-    throw new Error("Registration was not completed");
-  }
-  const { id, rawId, response, type } = credential;
-  let transports = void 0;
-  if (typeof response.getTransports === "function") {
-    transports = response.getTransports();
-  }
-  let responsePublicKeyAlgorithm = void 0;
-  if (typeof response.getPublicKeyAlgorithm === "function") {
-    try {
-      responsePublicKeyAlgorithm = response.getPublicKeyAlgorithm();
-    } catch (error) {
-      warnOnBrokenImplementation("getPublicKeyAlgorithm()", error);
-    }
-  }
-  let responsePublicKey = void 0;
-  if (typeof response.getPublicKey === "function") {
+function ForgotPasswordForm() {
+  const { forgotPassword, resetPassword, setModalStep } = useForgeConnect();
+  const [step, setStep] = _react.useState.call(void 0, "email");
+  const [email, setEmail] = _react.useState.call(void 0, "");
+  const [token, setToken] = _react.useState.call(void 0, "");
+  const [password, setPassword] = _react.useState.call(void 0, "");
+  const [error, setError] = _react.useState.call(void 0, "");
+  const [loading, setLoading] = _react.useState.call(void 0, false);
+  const handleSendCode = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
     try {
-      const _publicKey = response.getPublicKey();
-      if (_publicKey !== null) {
-        responsePublicKey = bufferToBase64URLString(_publicKey);
-      }
-    } catch (error) {
-      warnOnBrokenImplementation("getPublicKey()", error);
+      await forgotPassword(email);
+      setStep("reset");
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not send the reset code. Please try again.");
+    } finally {
+      setLoading(false);
     }
-  }
-  let responseAuthenticatorData;
-  if (typeof response.getAuthenticatorData === "function") {
+  };
+  const handleReset = async (e) => {
+    e.preventDefault();
+    setError("");
+    setLoading(true);
     try {
-      responseAuthenticatorData = bufferToBase64URLString(response.getAuthenticatorData());
-    } catch (error) {
-      warnOnBrokenImplementation("getAuthenticatorData()", error);
+      await resetPassword(token.trim(), password);
+      setStep("done");
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Could not reset your password. Please try again.");
+    } finally {
+      setLoading(false);
     }
-  }
-  return {
-    id,
-    rawId: bufferToBase64URLString(rawId),
-    response: {
-      attestationObject: bufferToBase64URLString(response.attestationObject),
-      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
-      transports,
-      publicKeyAlgorithm: responsePublicKeyAlgorithm,
-      publicKey: responsePublicKey,
-      authenticatorData: responseAuthenticatorData
-    },
-    type,
-    clientExtensionResults: credential.getClientExtensionResults(),
-    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
   };
-}
-function warnOnBrokenImplementation(methodName, cause) {
-  console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.
-`, cause);
-}
-
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthnAutofill.js
-function browserSupportsWebAuthnAutofill() {
-  if (!browserSupportsWebAuthn()) {
-    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  if (step === "done") {
+    return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Password updated" }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Your password has been reset. You can now sign in." }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-primary", onClick: () => setModalStep("email-login"), children: "Sign in" })
+    ] });
   }
-  const globalPublicKeyCredential = globalThis.PublicKeyCredential;
-  if (_optionalChain([globalPublicKeyCredential, 'optionalAccess', _23 => _23.isConditionalMediationAvailable]) === void 0) {
-    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  if (step === "reset") {
+    return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Set new password" }),
+      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-text", children: [
+        "We sent a reset code to ",
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "strong", { children: email }),
+        ". Paste it below with your new password."
+      ] }),
+      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleReset, className: "fc-form", children: [
+        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
+          "Reset code",
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+            "input",
+            {
+              type: "text",
+              className: "fc-input",
+              value: token,
+              onChange: (e) => setToken(e.target.value),
+              placeholder: "Paste the code from your email",
+              required: true,
+              autoComplete: "off"
+            }
+          )
+        ] }),
+        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
+          "New password",
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+            "input",
+            {
+              type: "password",
+              className: "fc-input",
+              value: password,
+              onChange: (e) => setPassword(e.target.value),
+              placeholder: "8+ characters",
+              required: true,
+              autoComplete: "new-password",
+              minLength: 8
+            }
+          )
+        ] }),
+        error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Resetting..." : "Reset password" })
+      ] }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setStep("email"), children: "Resend code" }) })
+    ] });
   }
-  return _browserSupportsWebAuthnAutofillInternals.stubThis(globalPublicKeyCredential.isConditionalMediationAvailable());
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Reset your password" }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Enter your email and we'll send you a reset code." }),
+    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleSendCode, className: "fc-form", children: [
+      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
+        "Email",
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+          "input",
+          {
+            type: "email",
+            className: "fc-input",
+            value: email,
+            onChange: (e) => setEmail(e.target.value),
+            placeholder: "you@example.com",
+            required: true,
+            autoComplete: "email"
+          }
+        )
+      ] }),
+      error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Sending..." : "Send reset code" })
+    ] }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("email-login"), children: "Back to sign in" }) })
+  ] });
 }
-var _browserSupportsWebAuthnAutofillInternals = {
-  stubThis: (value) => value
-};
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyAuthenticationError.js
-function identifyAuthenticationError({ error, options }) {
-  const { publicKey } = options;
-  if (!publicKey) {
-    throw Error("options was missing required publicKey property");
-  }
-  if (error.name === "AbortError") {
-    if (options.signal instanceof AbortSignal) {
-      return new WebAuthnError({
-        message: "Authentication ceremony was sent an abort signal",
-        code: "ERROR_CEREMONY_ABORTED",
-        cause: error
-      });
-    }
-  } else if (error.name === "NotAllowedError") {
-    return new WebAuthnError({
-      message: error.message,
-      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
-      cause: error
-    });
-  } else if (error.name === "SecurityError") {
-    const effectiveDomain = globalThis.location.hostname;
-    if (!isValidDomain(effectiveDomain)) {
-      return new WebAuthnError({
-        message: `${globalThis.location.hostname} is an invalid domain`,
-        code: "ERROR_INVALID_DOMAIN",
-        cause: error
-      });
-    } else if (publicKey.rpId !== effectiveDomain) {
-      return new WebAuthnError({
-        message: `The RP ID "${publicKey.rpId}" is invalid for this domain`,
-        code: "ERROR_INVALID_RP_ID",
-        cause: error
-      });
-    }
-  } else if (error.name === "UnknownError") {
-    return new WebAuthnError({
-      message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
-      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
-      cause: error
-    });
-  }
-  return error;
-}
+// src/components/tabs/verify-2fa.tsx
 
-// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startAuthentication.js
-async function startAuthentication(options) {
-  if (!options.optionsJSON && options.challenge) {
-    console.warn("startAuthentication() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
-    options = { optionsJSON: options };
-  }
-  const { optionsJSON, useBrowserAutofill = false, verifyBrowserAutofillInput = true } = options;
-  if (!browserSupportsWebAuthn()) {
-    throw new Error("WebAuthn is not supported in this browser");
-  }
-  let allowCredentials;
-  if (_optionalChain([optionsJSON, 'access', _24 => _24.allowCredentials, 'optionalAccess', _25 => _25.length]) !== 0) {
-    allowCredentials = _optionalChain([optionsJSON, 'access', _26 => _26.allowCredentials, 'optionalAccess', _27 => _27.map, 'call', _28 => _28(toPublicKeyCredentialDescriptor)]);
-  }
-  const publicKey = {
-    ...optionsJSON,
-    challenge: base64URLStringToBuffer(optionsJSON.challenge),
-    allowCredentials
-  };
-  const getOptions = {};
-  if (useBrowserAutofill) {
-    if (!await browserSupportsWebAuthnAutofill()) {
-      throw Error("Browser does not support WebAuthn autofill");
+
+function Verify2FAForm() {
+  const { verify2FA, verifyRecoveryCode, setModalStep } = useForgeConnect();
+  const [code, setCode] = _react.useState.call(void 0, "");
+  const [loading, setLoading] = _react.useState.call(void 0, false);
+  const [error, setError] = _react.useState.call(void 0, "");
+  const [useRecovery, setUseRecovery] = _react.useState.call(void 0, false);
+  const inputRef = _react.useRef.call(void 0, null);
+  const submittingRef = _react.useRef.call(void 0, false);
+  _react.useEffect.call(void 0, () => {
+    _optionalChain([inputRef, 'access', _25 => _25.current, 'optionalAccess', _26 => _26.focus, 'call', _27 => _27()]);
+  }, [useRecovery]);
+  const submitCode = _react.useCallback.call(void 0, async (codeValue, isRecovery) => {
+    if (submittingRef.current || !codeValue.trim()) return;
+    submittingRef.current = true;
+    setLoading(true);
+    setError("");
+    try {
+      if (isRecovery) {
+        await verifyRecoveryCode(codeValue.trim());
+      } else {
+        await verify2FA(codeValue.trim());
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Verification failed. Please try again.");
+    } finally {
+      setLoading(false);
+      submittingRef.current = false;
     }
-    const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
-    if (eligibleInputs.length < 1 && verifyBrowserAutofillInput) {
-      throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
+  }, [verify2FA, verifyRecoveryCode]);
+  const handleSubmit = async (e) => {
+    _optionalChain([e, 'optionalAccess', _28 => _28.preventDefault, 'call', _29 => _29()]);
+    await submitCode(code, useRecovery);
+  };
+  const handleCodeChange = (value) => {
+    setCode(value);
+    if (!useRecovery && value.length === 6 && /^\d{6}$/.test(value)) {
+      submitCode(value, false);
     }
-    getOptions.mediation = "conditional";
-    publicKey.allowCredentials = [];
-  }
-  getOptions.publicKey = publicKey;
-  getOptions.signal = WebAuthnAbortService.createNewAbortSignal();
-  let credential;
-  try {
-    credential = await navigator.credentials.get(getOptions);
-  } catch (err) {
-    throw identifyAuthenticationError({ error: err, options: getOptions });
-  }
-  if (!credential) {
-    throw new Error("Authentication was not completed");
-  }
-  const { id, rawId, response, type } = credential;
-  let userHandle = void 0;
-  if (response.userHandle) {
-    userHandle = bufferToBase64URLString(response.userHandle);
-  }
-  return {
-    id,
-    rawId: bufferToBase64URLString(rawId),
-    response: {
-      authenticatorData: bufferToBase64URLString(response.authenticatorData),
-      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
-      signature: bufferToBase64URLString(response.signature),
-      userHandle
-    },
-    type,
-    clientExtensionResults: credential.getClientExtensionResults(),
-    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
   };
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-back", onClick: () => setModalStep("method-select"), children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 12L6 8l4-4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }),
+      "Back"
+    ] }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { marginTop: 8 }, children: useRecovery ? "Enter one of your recovery codes." : "Enter the 6-digit code from your authenticator app." }),
+    error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
+    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleSubmit, className: "fc-form", children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+        "input",
+        {
+          ref: inputRef,
+          className: "fc-input fc-input-code",
+          type: "text",
+          inputMode: useRecovery ? "text" : "numeric",
+          autoComplete: "one-time-code",
+          placeholder: useRecovery ? "Recovery code" : "000000",
+          maxLength: useRecovery ? 20 : 6,
+          value: code,
+          onChange: (e) => handleCodeChange(e.target.value),
+          style: useRecovery ? {} : { textAlign: "center", letterSpacing: "0.3em", fontSize: "1.25rem" }
+        }
+      ),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading || !code.trim(), children: loading ? "Verifying..." : "Verify" })
+    ] }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+      "button",
+      {
+        type: "button",
+        className: "fc-link",
+        onClick: () => {
+          setUseRecovery(!useRecovery);
+          setCode("");
+          setError("");
+        },
+        style: { marginTop: 12 },
+        children: useRecovery ? "Use authenticator code instead" : "Use a recovery code"
+      }
+    )
+  ] });
 }
 
-// src/runtime-imports.ts
-var importSolanaWeb3 = () => new Function('return import("@solana/web3.js")')();
+// src/components/svg-icon.tsx
 
-// src/components/tabs/wallet-connect.tsx
 
-var MOBILE_WALLETS = [
-  {
-    name: "Phantom",
-    icon: "data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTA4IiBoZWlnaHQ9IjEwOCIgdmlld0JveD0iMCAwIDEwOCAxMDgiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDgiIGhlaWdodD0iMTA4IiByeD0iMjYiIGZpbGw9IiNBQjlGRjIiLz4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik00Ni41MjY3IDY5LjkyMjlDNDIuMDA1NCA3Ni44NTA5IDM0LjQyOTIgODUuNjE4MiAyNC4zNDggODUuNjE4MkMxOS41ODI0IDg1LjYxODIgMTUgODMuNjU2MyAxNSA3NS4xMzQyQzE1IDUzLjQzMDUgNDQuNjMyNiAxOS44MzI3IDcyLjEyNjggMTkuODMyN0M4Ny43NjggMTkuODMyNyA5NCAzMC42ODQ2IDk0IDQzLjAwNzlDOTQgNTguODI1OCA4My43MzU1IDc2LjkxMjIgNzMuNTMyMSA3Ni45MTIyQzcwLjI5MzkgNzYuOTEyMiA2OC43MDUzIDc1LjEzNDIgNjguNzA1MyA3Mi4zMTRDNjguNzA1MyA3MS41NzgzIDY4LjgyNzUgNzAuNzgxMiA2OS4wNzE5IDY5LjkyMjlDNjUuNTg5MyA3NS44Njk5IDU4Ljg2ODUgODEuMzg3OCA1Mi41NzU0IDgxLjM4NzhDNDcuOTkzIDgxLjM4NzggNDUuNjcxMyA3OC41MDYzIDQ1LjY3MTMgNzQuNDU5OEM0NS42NzEzIDcyLjk4ODQgNDUuOTc2OCA3MS40NTU2IDQ2LjUyNjcgNjkuOTIyOVpNODMuNjc2MSA0Mi41Nzk0QzgzLjY3NjEgNDYuMTcwNCA4MS41NTc1IDQ3Ljk2NTggNzkuMTg3NSA0Ny45NjU4Qzc2Ljc4MTYgNDcuOTY1OCA3NC42OTg5IDQ2LjE3MDQgNzQuNjk4OSA0Mi41Nzk0Qzc0LjY5ODkgMzguOTg4NSA3Ni43ODE2IDM3LjE5MzEgNzkuMTg3NSAzNy4xOTMxQzgxLjU1NzUgMzcuMTkzMSA4My42NzYxIDM4Ljk4ODUgODMuNjc2MSA0Mi41Nzk0Wk03MC4yMTAzIDQyLjU3OTVDNzAuMjEwMyA0Ni4xNzA0IDY4LjA5MTYgNDcuOTY1OCA2NS43MjE2IDQ3Ljk2NThDNjMuMzE1NyA0Ny45NjU4IDYxLjIzMyA0Ni4xNzA0IDYxLjIzMyA0Mi41Nzk1QzYxLjIzMyAzOC45ODg1IDYzLjMxNTcgMzcuMTkzMSA2NS43MjE2IDM3LjE5MzFDNjguMDkxNiAzNy4xOTMxIDcwLjIxMDMgMzguOTg4NSA3MC4yMTAzIDQyLjU3OTVaIiBmaWxsPSIjRkZGREY4Ii8+Cjwvc3ZnPgo=",
-    buildUrl: (url) => `https://phantom.app/ul/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+function SvgIcon({ svg, className }) {
+  const ref = _react.useRef.call(void 0, null);
+  _react.useEffect.call(void 0, () => {
+    if (!ref.current || !svg) return;
+    try {
+      const doc = new DOMParser().parseFromString(svg, "text/html");
+      const svgEl = doc.body.querySelector("svg");
+      if (!svgEl) {
+        ref.current.textContent = "";
+        return;
+      }
+      const dangerous = svgEl.querySelectorAll("script,iframe,object,embed,foreignObject");
+      dangerous.forEach((el) => el.remove());
+      const all = svgEl.querySelectorAll("*");
+      all.forEach((el) => {
+        for (const attr of Array.from(el.attributes)) {
+          if (attr.name.startsWith("on")) {
+            el.removeAttribute(attr.name);
+          }
+        }
+      });
+      ref.current.textContent = "";
+      ref.current.appendChild(svgEl);
+    } catch (e5) {
+      ref.current.textContent = "";
+    }
+  }, [svg]);
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { ref, className });
+}
+
+// src/components/tabs/oauth-buttons.tsx
+
+var PROVIDER_INFO = {
+  google: {
+    label: "Google",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 0 1-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/></svg>'
   },
-  {
-    name: "Solflare",
-    icon: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJTIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA1MCA1MCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOiMwMjA1MGE7c3Ryb2tlOiNmZmVmNDY7c3Ryb2tlLW1pdGVybGltaXQ6MTA7c3Ryb2tlLXdpZHRoOi41cHg7fS5jbHMtMntmaWxsOiNmZmVmNDY7fTwvc3R5bGU+PC9kZWZzPjxyZWN0IGNsYXNzPSJjbHMtMiIgeD0iMCIgd2lkdGg9IjUwIiBoZWlnaHQ9IjUwIiByeD0iMTIiIHJ5PSIxMiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTI0LjIzLDI2LjQybDIuNDYtMi4zOCw0LjU5LDEuNWMzLjAxLDEsNC41MSwyLjg0LDQuNTEsNS40MywwLDEuOTYtLjc1LDMuMjYtMi4yNSw0LjkzbC0uNDYuNS4xNy0xLjE3Yy42Ny00LjI2LS41OC02LjA5LTQuNzItNy40M2wtNC4zLTEuMzhoMFpNMTguMDUsMTEuODVsMTIuNTIsNC4xNy0yLjcxLDIuNTktNi41MS0yLjE3Yy0yLjI1LS43NS0zLjAxLTEuOTYtMy4zLTQuNTF2LS4wOGgwWk0xNy4zLDMzLjA2bDIuODQtMi43MSw1LjM0LDEuNzVjMi44LjkyLDMuNzYsMi4xMywzLjQ2LDUuMThsLTExLjY1LTQuMjJoMFpNMTMuNzEsMjAuOTVjMC0uNzkuNDItMS41NCwxLjEzLTIuMTcuNzUsMS4wOSwyLjA1LDIuMDUsNC4wOSwyLjcxbDQuNDIsMS40Ni0yLjQ2LDIuMzgtNC4zNC0xLjQyYy0yLS42Ny0yLjg0LTEuNjctMi44NC0yLjk2TTI2LjgyLDQyLjg3YzkuMTgtNi4wOSwxNC4xMS0xMC4yMywxNC4xMS0xNS4zMiwwLTMuMzgtMi01LjI2LTYuNDMtNi43MmwtMy4zNC0xLjEzLDkuMTQtOC43Ny0xLjg0LTEuOTYtMi43MSwyLjM4LTEyLjgxLTQuMjJjLTMuOTcsMS4yOS04Ljk3LDUuMDktOC45Nyw4Ljg5LDAsLjQyLjA0LjgzLjE3LDEuMjktMy4zLDEuODgtNC42MywzLjYzLTQuNjMsNS44LDAsMi4wNSwxLjA5LDQuMDksNC41NSw1LjIybDIuNzUuOTItOS41Miw5LjE0LDEuODQsMS45NiwyLjk2LTIuNzEsMTQuNzMsNS4yMmgwWiIvPjwvc3ZnPg==",
-    buildUrl: (url) => `https://solflare.com/ul/v1/browse/${encodeURIComponent(url)}?ref=${encodeURIComponent(url)}`
+  discord: {
+    label: "Discord",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028c.462-.63.874-1.295 1.226-1.994a.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128c.126-.094.252-.192.372-.292a.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03z" fill="#5865F2"/></svg>'
   },
-  {
-    name: "Backpack",
-    icon: "data:image/webp;base64,UklGRlgCAABXRUJQVlA4WAoAAAAQAAAAOwAAOwAAQUxQSC8AAAABL6CmbQOGP75e/cti0oiIOI0KBto2+a8ACZjAAQ7wL2gCSCL6PwER2t+KmZpFDwBWUDggAgIAAPALAJ0BKjwAPAA+SSCMRKKiIRYKrTQoBISyAGp7nL12mKuwHiZ/pX71XoA8m7rXfQA8q39lfhJ/cL0ZimIeNSGxOaSWtqEDDdJ++ARG5/LVm6OquItoAu4rpz8VksUr1NEDJ0CeZucwAP7+VdYX7J5e8V3cJZ9QoY9vj8KsNGOvZSm+khDZOvwCeiDFjGweq/8KIUmVQk3T/qW3ONyMcepN2uwyEXpZZiidST0x705r7ZnNuWX42r8oi+FEshvXGWm6DabjfrMbiaxJ15irl2Gj3nKWbZ2v3k/jd172plSBejBs7dNt90Re/m+nmv5kNjM/SPfa4EpzvOdu/8BR+hTnR4qe4eWhTsh/oecEfN31OExdi/6AYrsth4nlx/qGEP70b1/TNKmgaB/18+c9ntTfhku9wYpy17/wN3r+B/1geZPzth+AtNsMDXE99PaPLWdFP9MOIMD6ME+MpZu2H7WSfzY7MkWs/N/NNzAZ0P/9vMvxgcdzFHvs/doeUU9WyVv+Ll8QDJbn9NZl86ZZNYtfP4Ol1hiJHWosWyj/66vhMUeFIcDheXIOSRTzvKwj5ffEl7fn/QwflNU556SEjM8MriwSFJ/nrFBrr8O1/pqdrYGqPijG6tjsBVBHp+EDAbtNLL375I2jnG9i3Xb1ZphsFYNjdRaknYdFf4g5iJBoAAA=",
-    buildUrl: (url) => `https://backpack.app/ul/browse/${encodeURIComponent(url)}`
-  }
-];
-function isMobile() {
-  if (typeof navigator === "undefined") return false;
-  return /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent);
-}
-function WalletConnectForm() {
-  const { walletAdapter, setModalStep, config } = useForgeConnect();
-  const methods = resolveLoginMethods(config);
-  const showBack = methods.length > 1;
-  if (!walletAdapter && isMobile()) {
-    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, MobileWalletFlow, {});
-  }
-  if (walletAdapter) {
-    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletAdapterFlow, {});
+  twitter: {
+    label: "Twitter",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z" fill="currentColor"/></svg>'
+  },
+  apple: {
+    label: "Apple",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M17.05 20.28c-.98.95-2.05.88-3.08.4-1.09-.5-2.08-.52-3.23 0-1.44.64-2.2.45-3.06-.4C3.79 16.17 4.36 9.02 8.8 8.78c1.27.06 2.15.72 2.91.76.93-.19 1.82-.88 2.83-.8 1.21.1 2.12.58 2.72 1.49-2.46 1.48-1.88 4.73.52 5.64-.42 1.13-.98 2.24-1.73 3.41zM12.03 8.7c-.12-2.35 1.82-4.38 4.04-4.54.29 2.56-2.34 4.68-4.04 4.54z" fill="currentColor"/></svg>'
+  },
+  telegram: {
+    label: "Telegram",
+    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M11.944 0A12 12 0 0 0 0 12a12 12 0 0 0 12 12 12 12 0 0 0 12-12A12 12 0 0 0 12 0a12 12 0 0 0-.056 0zm4.962 7.224c.1-.002.321.023.465.14a.506.506 0 0 1 .171.325c.016.093.036.306.02.472-.18 1.898-.962 6.502-1.36 8.627-.168.9-.499 1.201-.82 1.23-.696.065-1.225-.46-1.9-.902-1.056-.693-1.653-1.124-2.678-1.8-1.185-.78-.417-1.21.258-1.91.177-.184 3.247-2.977 3.307-3.23.007-.032.014-.15-.056-.212s-.174-.041-.249-.024c-.106.024-1.793 1.14-5.061 3.345-.479.33-.913.49-1.302.48-.428-.008-1.252-.241-1.865-.44-.752-.245-1.349-.374-1.297-.789.027-.216.325-.437.893-.663 3.498-1.524 5.83-2.529 6.998-3.014 3.332-1.386 4.025-1.627 4.476-1.635z" fill="#2AABEE"/></svg>'
   }
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Connect wallet" }),
-    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-text", children: [
-      "No wallet adapter detected. Pass ",
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "code", { children: "walletAdapter" }),
-      " to",
-      " ",
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "code", { children: "<ForgeConnectProvider>" }),
-      " to enable wallet login."
-    ] }),
-    showBack && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
-  ] });
+};
+function OAuthButton({ provider }) {
+  const { loginWithOAuth } = useForgeConnect();
+  const info = PROVIDER_INFO[provider];
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+    "button",
+    {
+      type: "button",
+      className: "fc-btn fc-btn-oauth",
+      onClick: () => loginWithOAuth(provider),
+      children: [
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SvgIcon, { svg: info.icon, className: "fc-oauth-icon" }),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: info.label })
+      ]
+    }
+  );
 }
-function MobileWalletFlow() {
-  const { setModalStep, config } = useForgeConnect();
-  const methods = resolveLoginMethods(config);
-  const showBack = methods.length > 1;
-  const walletConfig = config.walletConfig;
-  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _29 => _29.preferredWallets]), () => ( []));
-  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _30 => _30.onlyPreferred]), () => ( false));
-  const walletsToShow = _react.useMemo.call(void 0, () => {
-    if (preferred.length > 0) {
-      const prefList = preferred.map((name) => MOBILE_WALLETS.find((mw) => mw.name === name)).filter(Boolean);
-      if (onlyPreferred) return prefList;
-      const prefNames = new Set(preferred);
-      const others = MOBILE_WALLETS.filter((mw) => !prefNames.has(mw.name));
-      return [...prefList, ...others];
+
+// src/components/login-modal.tsx
+
+function LoginModal() {
+  const { modal, closeModal, config } = useForgeConnect();
+  const renderStep = () => {
+    switch (modal.step) {
+      case "email-login":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailLoginForm, {});
+      case "email-register":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailRegisterForm, {});
+      case "email-otp":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailOtpForm, {});
+      case "wallet-connect":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletConnectForm, {});
+      case "forgot-password":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ForgotPasswordForm, {});
+      case "verify-2fa":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, Verify2FAForm, {});
+      case "oauth":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OAuthLoadingView, {});
+      case "success":
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SuccessView, {});
+      case "method-select":
+      default:
+        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, MethodSelect, {});
     }
-    return MOBILE_WALLETS;
-  }, [preferred, onlyPreferred]);
-  const handleOpen = (mw) => {
-    const pageUrl = window.location.href;
-    window.location.href = mw.buildUrl(pageUrl);
   };
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-wallet-list", children: walletsToShow.map((mw) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-      "button",
-      {
-        type: "button",
-        className: "fc-btn fc-btn-wallet",
-        onClick: () => handleOpen(mw),
-        children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: mw.name }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Open app" })
-        ]
+  const renderLogo = () => {
+    if (_optionalChain([config, 'access', _30 => _30.appearance, 'optionalAccess', _31 => _31.logoNode])) {
+      return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-logo", children: config.appearance.logoNode });
+    }
+    if (_optionalChain([config, 'access', _32 => _32.appearance, 'optionalAccess', _33 => _33.logo])) {
+      return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: config.appearance.logo, alt: "", className: "fc-logo" });
+    }
+    return null;
+  };
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ModalOverlay, { isOpen: modal.isOpen, onClose: closeModal, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    "div",
+    {
+      className: "fc-modal-content",
+      style: {
+        "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _34 => _34.appearance, 'optionalAccess', _35 => _35.accentColor]), () => ( "#8b5cf6"))
       },
-      mw.name
-    )) }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", style: { textAlign: "center", fontSize: 12, opacity: 0.6 }, children: "You'll be redirected to the wallet app to sign in." }),
-    showBack && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
-  ] });
+      "data-theme": _nullishCoalesce(_optionalChain([config, 'access', _36 => _36.appearance, 'optionalAccess', _37 => _37.theme]), () => ( "light")),
+      children: modal.step === "success" || modal.step === "oauth" ? renderStep() : /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+        renderLogo(),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: _nullishCoalesce(_optionalChain([config, 'access', _38 => _38.appearance, 'optionalAccess', _39 => _39.title]), () => ( "Log in or sign up")) }),
+        renderStep(),
+        (_optionalChain([config, 'access', _40 => _40.appearance, 'optionalAccess', _41 => _41.termsUrl]) || _optionalChain([config, 'access', _42 => _42.appearance, 'optionalAccess', _43 => _43.privacyUrl])) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-legal", children: [
+          "By continuing, you agree to our",
+          " ",
+          config.appearance.termsUrl && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: config.appearance.termsUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Terms" }),
+          config.appearance.termsUrl && config.appearance.privacyUrl && " and ",
+          config.appearance.privacyUrl && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: config.appearance.privacyUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Privacy Policy" })
+        ] })
+      ] })
+    }
+  ) });
 }
-function WalletAdapterFlow() {
-  const { walletAdapter, loginWithWallet, setModalStep, config } = useForgeConnect();
-  const wallet = walletAdapter;
-  const walletConfig = config.walletConfig;
+var EmailIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "4", width: "16", height: "12", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M2 6l8 5 8-5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+] }) });
+var OtpIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "3", y: "6", width: "14", height: "9", rx: "1.5", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "6.5", cy: "10.5", r: "1", fill: "currentColor" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "10", cy: "10.5", r: "1", fill: "currentColor" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "13.5", cy: "10.5", r: "1", fill: "currentColor" })
+] }) });
+var WalletIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "5", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "13", y: "9", width: "5", height: "3", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
+] }) });
+var PasskeyIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "8", cy: "7", r: "3", stroke: "currentColor", strokeWidth: "1.5" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M13 13.5a5 5 0 0 0-10 0", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M15 10v4m0 0l-1.5-1m1.5 1l1.5-1", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+] }) });
+var LoadingSpinner = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon fc-spin", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 2a8 8 0 0 1 8 8", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }) }) });
+function MethodSelect() {
+  const { setModalStep, loginWithPasskey, config } = useForgeConnect();
   const methods = resolveLoginMethods(config);
-  const showBack = methods.length > 1;
-  const [error, setError] = _react.useState.call(void 0, "");
-  const [loading, setLoading] = _react.useState.call(void 0, false);
-  const [showOther, setShowOther] = _react.useState.call(void 0, false);
-  const [coldWallet, setColdWallet] = _react.useState.call(void 0, false);
-  const mobile = _react.useMemo.call(void 0, () => isMobile(), []);
-  const coldWalletRef = _react.useRef.call(void 0, coldWallet);
-  coldWalletRef.current = coldWallet;
-  const buildSignTxFnForAdapter = _react.useCallback.call(void 0, (adapter) => {
-    if (!adapter.signTransaction) return void 0;
-    return async (txBase64) => {
-      const { Transaction } = await importSolanaWeb3();
-      const bytes = Uint8Array.from(atob(txBase64), (c) => c.charCodeAt(0));
-      const tx = Transaction.from(bytes);
-      const signedTx = await adapter.signTransaction(tx);
-      return btoa(String.fromCharCode(...new Uint8Array(signedTx.serialize())));
-    };
-  }, []);
-  const handleConnect = async (w) => {
-    if (w.readyState !== "Installed") {
-      if (mobile) {
-        const mw = MOBILE_WALLETS.find((m) => m.name === w.adapter.name);
-        if (mw) {
-          window.location.href = mw.buildUrl(window.location.href);
-          return;
-        }
-      }
-      const url = w.adapter.url;
-      if (url) window.open(url, "_blank");
-      return;
-    }
-    setError("");
-    setLoading(true);
+  const [passkeyLoading, setPasskeyLoading] = _react.useState.call(void 0, false);
+  const [passkeyError, setPasskeyError] = _react.useState.call(void 0, "");
+  const handlePasskey = async () => {
+    setPasskeyLoading(true);
+    setPasskeyError("");
     try {
-      if (!w.adapter.connected) {
-        await w.adapter.connect();
-      }
-      const pk = w.adapter.publicKey;
-      if (!pk) throw new Error("Wallet did not provide a public key.");
-      const address = pk.toBase58();
-      const useCold = coldWalletRef.current;
-      const adapterSignMessage = w.adapter.signMessage ? (msg) => w.adapter.signMessage(msg) : void 0;
-      await loginWithWallet(
-        address,
-        useCold ? void 0 : adapterSignMessage,
-        "solana",
-        useCold ? buildSignTxFnForAdapter(w.adapter) : void 0
-      );
+      await loginWithPasskey();
     } catch (err) {
-      setError(err instanceof Error ? err.message : "Could not verify your wallet. Please try again.");
-      setLoading(false);
+      setPasskeyError(err instanceof Error ? err.message : "Passkey authentication failed.");
+    } finally {
+      setPasskeyLoading(false);
     }
   };
-  const handleMobileOpen = (mw) => {
-    window.location.href = mw.buildUrl(window.location.href);
-  };
-  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _31 => _31.preferredWallets]), () => ( []));
-  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _32 => _32.onlyPreferred]), () => ( false));
-  const preferredSet = new Set(preferred);
-  const connectedWalletName = wallet.publicKey ? _nullishCoalesce(_optionalChain([wallet, 'access', _33 => _33.wallets, 'access', _34 => _34.find, 'call', _35 => _35((w) => w.adapter.connected), 'optionalAccess', _36 => _36.adapter, 'access', _37 => _37.name]), () => ( null)) : null;
-  const { preferredWallets, otherWallets } = _react.useMemo.call(void 0, () => {
-    const all = wallet.wallets;
-    const prefList = preferred.map((name) => all.find((w) => w.adapter.name === name)).filter(Boolean);
-    if (onlyPreferred && preferred.length > 0) {
-      return { preferredWallets: prefList, otherWallets: [] };
-    }
-    const others = all.filter(
-      (w) => !preferredSet.has(w.adapter.name) && w.readyState === "Installed"
-    );
-    return { preferredWallets: prefList, otherWallets: others };
-  }, [wallet.wallets, walletConfig]);
-  const mobileExtraWallets = _react.useMemo.call(void 0, () => {
-    if (!mobile) return [];
-    const adapterNames = new Set(wallet.wallets.map((w) => w.adapter.name));
-    return MOBILE_WALLETS.filter((mw) => !adapterNames.has(mw.name));
-  }, [mobile, wallet.wallets]);
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-    loading ? /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { style: { textAlign: "center", padding: "24px 0" }, children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-tab-title", children: "Connecting..." }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: coldWallet ? "Confirm the transaction on your device" : "Approve the connection, then sign the verification request in your wallet" }),
-      error && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-          "button",
-          {
-            type: "button",
-            className: "fc-btn fc-btn-secondary",
-            onClick: () => {
-              setLoading(false);
-              setError("");
-            },
-            style: { marginTop: 8 },
-            children: "Try again"
-          }
-        )
-      ] })
-    ] }) : /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-wallet-list", children: [
-        preferredWallets.map((w) => {
-          const installed = w.readyState === "Installed";
-          const isConnected = w.adapter.name === connectedWalletName;
-          return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-            "button",
-            {
-              type: "button",
-              className: "fc-btn fc-btn-wallet",
-              onClick: () => handleConnect(w),
-              children: [
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: installed ? "fc-installed-dot" : "", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: w.adapter.name }),
-                isConnected ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Last used" }) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Preferred" }),
-                !installed && mobile && MOBILE_WALLETS.some((mw) => mw.name === w.adapter.name) ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Open app" }) : !installed && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Install" })
-              ]
-            },
-            w.adapter.name
+  const elements = [];
+  let i = 0;
+  while (i < methods.length) {
+    const method = methods[i];
+    if (isOAuthMethod(method)) {
+      const oauthGroup = [];
+      while (i < methods.length && isOAuthMethod(methods[i])) {
+        oauthGroup.push(methods[i]);
+        i++;
+      }
+      if (elements.length > 0) {
+        elements.push(/* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-divider", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "or" }) }, `div-before-${oauthGroup[0]}`));
+      }
+      elements.push(
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-oauth-group", children: oauthGroup.map((p) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OAuthButton, { provider: p }, p)) }, `oauth-${oauthGroup.join("-")}`)
+      );
+    } else {
+      if (elements.length > 0) {
+        const prev = methods[i - 1];
+        if (prev && isOAuthMethod(prev)) {
+          elements.push(/* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-divider", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "or" }) }, `div-after-${prev}`));
+        }
+      }
+      switch (method) {
+        case "email":
+          elements.push(
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-login"), children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailIcon, {}),
+              " ",
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Password" })
+            ] }, "email")
           );
-        }),
-        mobileExtraWallets.map((mw) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-          "button",
-          {
-            type: "button",
-            className: "fc-btn fc-btn-wallet",
-            onClick: () => handleMobileOpen(mw),
-            children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: mw.icon, alt: "", className: "fc-wallet-icon" }) }),
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: mw.name }),
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-install", children: "Open app" })
-            ]
-          },
-          mw.name
-        )),
-        otherWallets.length > 0 && !showOther && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-          "button",
-          {
-            type: "button",
-            className: "fc-btn fc-btn-wallet",
-            onClick: () => setShowOther(true),
-            children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-other-wallets-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", children: [
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "3", width: "16", height: "14", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M2 7h16", stroke: "currentColor", strokeWidth: "1.5" }),
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "11", y: "10", width: "7", height: "4", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
-              ] }) }),
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: "Other wallets" })
-            ]
-          }
-        ),
-        showOther && otherWallets.map((w) => {
-          const isConnected = w.adapter.name === connectedWalletName;
-          return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-            "button",
-            {
-              type: "button",
-              className: "fc-btn fc-btn-wallet",
-              onClick: () => handleConnect(w),
-              children: [
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-installed-dot", style: { position: "relative", display: "inline-flex" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: w.adapter.icon, alt: "", className: "fc-wallet-icon" }) }),
-                /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-wallet-name", children: w.adapter.name }),
-                isConnected && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-preferred", children: "Last used" })
-              ]
-            },
-            w.adapter.name
+          break;
+        case "otp":
+          elements.push(
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-otp"), children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OtpIcon, {}),
+              " ",
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Magic code" })
+            ] }, "otp")
           );
-        })
-      ] }),
-      preferredWallets.length === 0 && otherWallets.length === 0 && mobileExtraWallets.length === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "No wallet found. Please install a Solana wallet (like Phantom) to continue." }),
-      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-cold-wallet-toggle", children: [
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-          "input",
-          {
-            type: "checkbox",
-            checked: coldWallet,
-            onChange: (e) => setColdWallet(e.target.checked)
-          }
-        ),
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-toggle-track" }),
-        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-cold-wallet-label", children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Hardware wallet" }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Ledger, Trezor, Keystone..." })
-        ] })
-      ] }),
-      error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error })
-    ] }),
-    showBack && !loading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("method-select"), children: "Back" }) })
+          break;
+        case "wallet":
+          elements.push(
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("wallet-connect"), children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletIcon, {}),
+              " ",
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Wallet" })
+            ] }, "wallet")
+          );
+          break;
+        case "passkey":
+          elements.push(
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: handlePasskey, disabled: passkeyLoading, children: [
+              passkeyLoading ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingSpinner, {}) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, PasskeyIcon, {}),
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: passkeyLoading ? "Waiting for passkey..." : "Passkey" })
+            ] }, "passkey")
+          );
+          break;
+      }
+      i++;
+    }
+  }
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-method-select", children: [
+    passkeyError && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: passkeyError }),
+    elements
+  ] });
+}
+function OAuthLoadingView() {
+  const { setModalStep } = useForgeConnect();
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-success", children: [
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-success-icon", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "52", height: "52", viewBox: "0 0 52 52", className: "fc-spin", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "26", cy: "26", r: "24", fill: "none", stroke: "var(--fc-accent, #8b5cf6)", strokeWidth: "3", strokeLinecap: "round", strokeDasharray: "100", strokeDashoffset: "30" }) }) }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-success-text", children: "Completing sign in..." }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-secondary", style: { marginTop: "16px" }, onClick: () => setModalStep("method-select"), children: "Cancel" })
+  ] });
+}
+function SuccessView() {
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-success", children: [
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-success-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
+    ] }) }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-success-text", children: "You're in" })
   ] });
 }
 
-// src/components/tabs/forgot-password.tsx
+// src/components/account-modal.tsx
 
 
-function ForgotPasswordForm() {
-  const { forgotPassword, resetPassword, setModalStep } = useForgeConnect();
-  const [step, setStep] = _react.useState.call(void 0, "email");
-  const [email, setEmail] = _react.useState.call(void 0, "");
-  const [token, setToken] = _react.useState.call(void 0, "");
-  const [password, setPassword] = _react.useState.call(void 0, "");
-  const [error, setError] = _react.useState.call(void 0, "");
+// src/hooks/use-user.ts
+
+function useUser() {
+  const { auth, api, config, getAccessToken } = useForgeConnect();
+  const [authMethods, setAuthMethods] = _react.useState.call(void 0, null);
   const [loading, setLoading] = _react.useState.call(void 0, false);
-  const handleSendCode = async (e) => {
-    e.preventDefault();
-    setError("");
+  const pendingRefreshRef = _react.useRef.call(void 0, false);
+  const updateProfile = _react.useCallback.call(void 0, 
+    async (data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      return api.updateMe(token, data);
+    },
+    [api, getAccessToken]
+  );
+  const fetchAuthMethods = _react.useCallback.call(void 0, async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
     setLoading(true);
     try {
-      await forgotPassword(email);
-      setStep("reset");
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "Could not send the reset code. Please try again.");
+      const methods = await api.getAuthMethods(token);
+      setAuthMethods(methods);
+      return methods;
     } finally {
       setLoading(false);
     }
+  }, [api, getAccessToken]);
+  const linkAuthMethod = _react.useCallback.call(void 0, 
+    async (data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkAuthMethod(token, data);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const linkOtpSend = _react.useCallback.call(void 0, 
+    async (email) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkOtpSend(token, email);
+    },
+    [api, getAccessToken]
+  );
+  const linkOtpVerify = _react.useCallback.call(void 0, 
+    async (email, code) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.linkOtpVerify(token, email, code);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const unlinkAuthMethod = _react.useCallback.call(void 0, 
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.unlinkAuthMethod(token, id);
+      await fetchAuthMethods();
+    },
+    [api, getAccessToken, fetchAuthMethods]
+  );
+  const linkOAuth = _react.useCallback.call(void 0, 
+    async (provider) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      const { intentToken } = await api.createLinkIntent(token);
+      const redirectUri = encodeURIComponent(window.location.origin + "/fc-oauth-callback");
+      const url = `${config.apiUrl}/auth/oauth/${provider}/link?intent=${encodeURIComponent(intentToken)}&redirect_uri=${redirectUri}`;
+      const width = 500;
+      const height = 600;
+      const left = window.screenX + (window.innerWidth - width) / 2;
+      const top = window.screenY + (window.innerHeight - height) / 2;
+      window.open(url, "fc_oauth_link", `width=${width},height=${height},left=${left},top=${top}`);
+      pendingRefreshRef.current = true;
+    },
+    [api, config.apiUrl, getAccessToken]
+  );
+  _react.useEffect.call(void 0, () => {
+    const handleMessage = (event) => {
+      if (event.origin !== window.location.origin) return;
+      if (_optionalChain([event, 'access', _44 => _44.data, 'optionalAccess', _45 => _45.type]) === "fc_oauth_link_success" && pendingRefreshRef.current) {
+        pendingRefreshRef.current = false;
+        fetchAuthMethods().catch(() => {
+        });
+      }
+    };
+    window.addEventListener("message", handleMessage);
+    return () => window.removeEventListener("message", handleMessage);
+  }, [fetchAuthMethods]);
+  return {
+    user: auth.user,
+    authMethods,
+    loading,
+    updateProfile,
+    fetchAuthMethods,
+    linkAuthMethod,
+    linkOtpSend,
+    linkOtpVerify,
+    unlinkAuthMethod,
+    linkOAuth
   };
-  const handleReset = async (e) => {
-    e.preventDefault();
-    setError("");
-    setLoading(true);
-    try {
-      await resetPassword(token.trim(), password);
-      setStep("done");
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "Could not reset your password. Please try again.");
-    } finally {
-      setLoading(false);
+}
+
+// src/hooks/use-wallets.ts
+
+
+// src/lib/utils.ts
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function uint8ArrayToBase58(bytes) {
+  const digits = [0];
+  for (const byte of bytes) {
+    let carry = byte;
+    for (let j = 0; j < digits.length; j++) {
+      carry += digits[j] << 8;
+      digits[j] = carry % 58;
+      carry = carry / 58 | 0;
     }
-  };
-  if (step === "done") {
-    return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Password updated" }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Your password has been reset. You can now sign in." }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-primary", onClick: () => setModalStep("email-login"), children: "Sign in" })
-    ] });
-  }
-  if (step === "reset") {
-    return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Set new password" }),
-      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-text", children: [
-        "We sent a reset code to ",
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "strong", { children: email }),
-        ". Paste it below with your new password."
-      ] }),
-      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleReset, className: "fc-form", children: [
-        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
-          "Reset code",
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-            "input",
-            {
-              type: "text",
-              className: "fc-input",
-              value: token,
-              onChange: (e) => setToken(e.target.value),
-              placeholder: "Paste the code from your email",
-              required: true,
-              autoComplete: "off"
-            }
-          )
-        ] }),
-        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
-          "New password",
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-            "input",
-            {
-              type: "password",
-              className: "fc-input",
-              value: password,
-              onChange: (e) => setPassword(e.target.value),
-              placeholder: "8+ characters",
-              required: true,
-              autoComplete: "new-password",
-              minLength: 8
-            }
-          )
-        ] }),
-        error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Resetting..." : "Reset password" })
-      ] }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setStep("email"), children: "Resend code" }) })
-    ] });
-  }
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h3", { className: "fc-tab-title", children: "Reset your password" }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Enter your email and we'll send you a reset code." }),
-    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleSendCode, className: "fc-form", children: [
-      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-label", children: [
-        "Email",
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-          "input",
-          {
-            type: "email",
-            className: "fc-input",
-            value: email,
-            onChange: (e) => setEmail(e.target.value),
-            placeholder: "you@example.com",
-            required: true,
-            autoComplete: "email"
-          }
-        )
-      ] }),
-      error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading, children: loading ? "Sending..." : "Send reset code" })
-    ] }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setModalStep("email-login"), children: "Back to sign in" }) })
-  ] });
+    while (carry > 0) {
+      digits.push(carry % 58);
+      carry = carry / 58 | 0;
+    }
+  }
+  let str = "";
+  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
+    str += "1";
+  }
+  for (let i = digits.length - 1; i >= 0; i--) {
+    str += BASE58_ALPHABET[digits[i]];
+  }
+  return str;
+}
+function timeAgo(dateStr) {
+  const now = Date.now();
+  const then = new Date(dateStr).getTime();
+  const diff = now - then;
+  const mins = Math.floor(diff / 6e4);
+  if (mins < 1) return "just now";
+  if (mins < 60) return `${mins}m ago`;
+  const hours = Math.floor(mins / 60);
+  if (hours < 24) return `${hours}h ago`;
+  const days = Math.floor(hours / 24);
+  if (days < 30) return `${days}d ago`;
+  return new Date(dateStr).toLocaleDateString();
 }
 
-// src/components/tabs/verify-2fa.tsx
-
-
-function Verify2FAForm() {
-  const { verify2FA, verifyRecoveryCode, setModalStep } = useForgeConnect();
-  const [code, setCode] = _react.useState.call(void 0, "");
+// src/hooks/use-wallets.ts
+function useWallets() {
+  const { api, getAccessToken } = useForgeConnect();
+  const [wallets, setWallets] = _react.useState.call(void 0, null);
   const [loading, setLoading] = _react.useState.call(void 0, false);
-  const [error, setError] = _react.useState.call(void 0, "");
-  const [useRecovery, setUseRecovery] = _react.useState.call(void 0, false);
-  const inputRef = _react.useRef.call(void 0, null);
-  const submittingRef = _react.useRef.call(void 0, false);
-  _react.useEffect.call(void 0, () => {
-    _optionalChain([inputRef, 'access', _38 => _38.current, 'optionalAccess', _39 => _39.focus, 'call', _40 => _40()]);
-  }, [useRecovery]);
-  const submitCode = _react.useCallback.call(void 0, async (codeValue, isRecovery) => {
-    if (submittingRef.current || !codeValue.trim()) return;
-    submittingRef.current = true;
+  const fetchWallets = _react.useCallback.call(void 0, async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
     setLoading(true);
-    setError("");
     try {
-      if (isRecovery) {
-        await verifyRecoveryCode(codeValue.trim());
-      } else {
-        await verify2FA(codeValue.trim());
-      }
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "Verification failed. Please try again.");
+      const data = await api.getWallets(token);
+      setWallets(data);
+      return data;
     } finally {
       setLoading(false);
-      submittingRef.current = false;
-    }
-  }, [verify2FA, verifyRecoveryCode]);
-  const handleSubmit = async (e) => {
-    _optionalChain([e, 'optionalAccess', _41 => _41.preventDefault, 'call', _42 => _42()]);
-    await submitCode(code, useRecovery);
-  };
-  const handleCodeChange = (value) => {
-    setCode(value);
-    if (!useRecovery && value.length === 6 && /^\d{6}$/.test(value)) {
-      submitCode(value, false);
     }
-  };
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-back", onClick: () => setModalStep("method-select"), children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "16", height: "16", viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 12L6 8l4-4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }),
-      "Back"
-    ] }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { marginTop: 8 }, children: useRecovery ? "Enter one of your recovery codes." : "Enter the 6-digit code from your authenticator app." }),
-    error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
-    /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "form", { onSubmit: handleSubmit, className: "fc-form", children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-        "input",
-        {
-          ref: inputRef,
-          className: "fc-input fc-input-code",
-          type: "text",
-          inputMode: useRecovery ? "text" : "numeric",
-          autoComplete: "one-time-code",
-          placeholder: useRecovery ? "Recovery code" : "000000",
-          maxLength: useRecovery ? 20 : 6,
-          value: code,
-          onChange: (e) => handleCodeChange(e.target.value),
-          style: useRecovery ? {} : { textAlign: "center", letterSpacing: "0.3em", fontSize: "1.25rem" }
+  }, [api, getAccessToken]);
+  const updateWallet = _react.useCallback.call(void 0, 
+    async (id, data) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.updateWallet(token, id, data);
+      await fetchWallets();
+    },
+    [api, getAccessToken, fetchWallets]
+  );
+  const linkWallet = _react.useCallback.call(void 0, 
+    async (walletAddress, signMessage, chain = "solana", signTransaction) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      if (signMessage) {
+        const { challengeId, message: challengeMessage } = await api.walletChallenge(walletAddress, chain);
+        const encoded = new TextEncoder().encode(challengeMessage);
+        const signatureBytes = await signMessage(encoded);
+        const signature = chain === "solana" ? uint8ArrayToBase58(signatureBytes) : Array.from(signatureBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+        await api.linkAuthMethod(token, {
+          provider: `${chain}_wallet`,
+          challengeId,
+          signature,
+          walletAddress
+        });
+      } else {
+        if (!signTransaction) {
+          throw new Error("Wallet does not support message signing or transaction signing.");
         }
-      ),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "submit", className: "fc-btn fc-btn-primary", disabled: loading || !code.trim(), children: loading ? "Verifying..." : "Verify" })
-    ] }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-      "button",
-      {
-        type: "button",
-        className: "fc-link",
-        onClick: () => {
-          setUseRecovery(!useRecovery);
-          setCode("");
-          setError("");
-        },
-        style: { marginTop: 12 },
-        children: useRecovery ? "Use authenticator code instead" : "Use a recovery code"
+        const { challengeId, transaction: txBase64 } = await api.walletChallengeTx(walletAddress, chain);
+        const signedTxBase64 = await signTransaction(txBase64);
+        await api.linkAuthMethod(token, {
+          provider: `${chain}_wallet_tx`,
+          challengeId,
+          signedTransaction: signedTxBase64,
+          walletAddress
+        });
       }
-    )
-  ] });
+      await fetchWallets();
+    },
+    [api, getAccessToken, fetchWallets]
+  );
+  return {
+    wallets,
+    loading,
+    fetchWallets,
+    updateWallet,
+    linkWallet
+  };
 }
 
-// src/components/svg-icon.tsx
-
+// src/hooks/use-sessions.ts
 
-function SvgIcon({ svg, className }) {
-  const ref = _react.useRef.call(void 0, null);
-  _react.useEffect.call(void 0, () => {
-    if (!ref.current || !svg) return;
+function useSessions() {
+  const { api, getAccessToken } = useForgeConnect();
+  const [sessions, setSessions] = _react.useState.call(void 0, null);
+  const [loading, setLoading] = _react.useState.call(void 0, false);
+  const fetchSessions = _react.useCallback.call(void 0, async () => {
+    const token = getAccessToken();
+    if (!token) throw new Error("Please sign in to continue.");
+    setLoading(true);
     try {
-      const doc = new DOMParser().parseFromString(svg, "text/html");
-      const svgEl = doc.body.querySelector("svg");
-      if (!svgEl) {
-        ref.current.textContent = "";
-        return;
-      }
-      const dangerous = svgEl.querySelectorAll("script,iframe,object,embed,foreignObject");
-      dangerous.forEach((el) => el.remove());
-      const all = svgEl.querySelectorAll("*");
-      all.forEach((el) => {
-        for (const attr of Array.from(el.attributes)) {
-          if (attr.name.startsWith("on")) {
-            el.removeAttribute(attr.name);
-          }
-        }
-      });
-      ref.current.textContent = "";
-      ref.current.appendChild(svgEl);
-    } catch (e5) {
-      ref.current.textContent = "";
+      const data = await api.getSessions(token);
+      setSessions(data);
+      return data;
+    } finally {
+      setLoading(false);
     }
-  }, [svg]);
-  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { ref, className });
+  }, [api, getAccessToken]);
+  const revokeSession = _react.useCallback.call(void 0, 
+    async (id) => {
+      const token = getAccessToken();
+      if (!token) throw new Error("Please sign in to continue.");
+      await api.revokeSession(token, id);
+      await fetchSessions();
+    },
+    [api, getAccessToken, fetchSessions]
+  );
+  return {
+    sessions,
+    loading,
+    fetchSessions,
+    revokeSession
+  };
 }
 
-// src/components/tabs/oauth-buttons.tsx
+// src/components/two-factor-modal.tsx
 
-var PROVIDER_INFO = {
-  google: {
-    label: "Google",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 0 1-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/></svg>'
-  },
-  discord: {
-    label: "Discord",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028c.462-.63.874-1.295 1.226-1.994a.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128c.126-.094.252-.192.372-.292a.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03z" fill="#5865F2"/></svg>'
-  },
-  twitter: {
-    label: "Twitter",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z" fill="currentColor"/></svg>'
-  },
-  apple: {
-    label: "Apple",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M17.05 20.28c-.98.95-2.05.88-3.08.4-1.09-.5-2.08-.52-3.23 0-1.44.64-2.2.45-3.06-.4C3.79 16.17 4.36 9.02 8.8 8.78c1.27.06 2.15.72 2.91.76.93-.19 1.82-.88 2.83-.8 1.21.1 2.12.58 2.72 1.49-2.46 1.48-1.88 4.73.52 5.64-.42 1.13-.98 2.24-1.73 3.41zM12.03 8.7c-.12-2.35 1.82-4.38 4.04-4.54.29 2.56-2.34 4.68-4.04 4.54z" fill="currentColor"/></svg>'
-  },
-  telegram: {
-    label: "Telegram",
-    icon: '<svg viewBox="0 0 24 24" width="20" height="20"><path d="M11.944 0A12 12 0 0 0 0 12a12 12 0 0 0 12 12 12 12 0 0 0 12-12A12 12 0 0 0 12 0a12 12 0 0 0-.056 0zm4.962 7.224c.1-.002.321.023.465.14a.506.506 0 0 1 .171.325c.016.093.036.306.02.472-.18 1.898-.962 6.502-1.36 8.627-.168.9-.499 1.201-.82 1.23-.696.065-1.225-.46-1.9-.902-1.056-.693-1.653-1.124-2.678-1.8-1.185-.78-.417-1.21.258-1.91.177-.184 3.247-2.977 3.307-3.23.007-.032.014-.15-.056-.212s-.174-.041-.249-.024c-.106.024-1.793 1.14-5.061 3.345-.479.33-.913.49-1.302.48-.428-.008-1.252-.241-1.865-.44-.752-.245-1.349-.374-1.297-.789.027-.216.325-.437.893-.663 3.498-1.524 5.83-2.529 6.998-3.014 3.332-1.386 4.025-1.627 4.476-1.635z" fill="#2AABEE"/></svg>'
-  }
-};
-function OAuthButton({ provider }) {
-  const { loginWithOAuth } = useForgeConnect();
-  const info = PROVIDER_INFO[provider];
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-    "button",
-    {
-      type: "button",
-      className: "fc-btn fc-btn-oauth",
-      onClick: () => loginWithOAuth(provider),
-      children: [
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SvgIcon, { svg: info.icon, className: "fc-oauth-icon" }),
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: info.label })
-      ]
+
+function TwoFactorModal({ isOpen, onClose, initialEnabled, onStatusChange }) {
+  const { api, getAccessToken, config } = useForgeConnect();
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _46 => _46.appearance, 'optionalAccess', _47 => _47.theme]), () => ( "light"));
+  const [step, setStep] = _react.useState.call(void 0, initialEnabled ? "manage" : "setup");
+  const [setupData, setSetupData] = _react.useState.call(void 0, null);
+  const [code, setCode] = _react.useState.call(void 0, "");
+  const [loading, setLoading] = _react.useState.call(void 0, false);
+  const [msg, setMsg] = _react.useState.call(void 0, null);
+  const [showSecret, setShowSecret] = _react.useState.call(void 0, false);
+  const [recoveryCodes, setRecoveryCodes] = _react.useState.call(void 0, []);
+  _react.useEffect.call(void 0, () => {
+    if (isOpen) {
+      setStep(initialEnabled ? "manage" : "setup");
+      setSetupData(null);
+      setCode("");
+      setMsg(null);
+      setLoading(false);
+      setShowSecret(false);
+      setRecoveryCodes([]);
+      if (!initialEnabled) {
+        const token = getAccessToken();
+        if (token) {
+          setLoading(true);
+          api.setup2FA(token).then((data) => {
+            setSetupData(data);
+            setRecoveryCodes(data.recoveryCodes);
+          }).catch((err) => {
+            setMsg({ text: err instanceof Error ? err.message : "Could not set up 2FA.", ok: false });
+          }).finally(() => setLoading(false));
+        }
+      }
     }
-  );
-}
-
-// src/components/login-modal.tsx
-
-function LoginModal() {
-  const { modal, closeModal, config } = useForgeConnect();
-  const renderStep = () => {
-    switch (modal.step) {
-      case "email-login":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailLoginForm, {});
-      case "email-register":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailRegisterForm, {});
-      case "email-otp":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailOtpForm, {});
-      case "wallet-connect":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletConnectForm, {});
-      case "forgot-password":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ForgotPasswordForm, {});
-      case "verify-2fa":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, Verify2FAForm, {});
-      case "oauth":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OAuthLoadingView, {});
-      case "success":
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SuccessView, {});
-      case "method-select":
-      default:
-        return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, MethodSelect, {});
+  }, [isOpen, initialEnabled, api, getAccessToken]);
+  const handleEnable = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      await api.enable2FA(token, code);
+      onStatusChange(true);
+      setStep("recovery-codes");
+      setCode("");
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
     }
   };
-  const renderLogo = () => {
-    if (_optionalChain([config, 'access', _43 => _43.appearance, 'optionalAccess', _44 => _44.logoNode])) {
-      return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-logo", children: config.appearance.logoNode });
+  const handleDisable = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      await api.disable2FA(token, code);
+      onStatusChange(false);
+      setCode("");
+      onClose();
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
     }
-    if (_optionalChain([config, 'access', _45 => _45.appearance, 'optionalAccess', _46 => _46.logo])) {
-      return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: config.appearance.logo, alt: "", className: "fc-logo" });
+  };
+  const handleRegenerate = async () => {
+    const token = getAccessToken();
+    if (!token || !code) return;
+    setLoading(true);
+    setMsg(null);
+    try {
+      const { recoveryCodes: codes } = await api.regenerateRecoveryCodes(token, code);
+      setRecoveryCodes(codes);
+      setStep("recovery-codes");
+      setCode("");
+    } catch (err) {
+      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
+    } finally {
+      setLoading(false);
     }
-    return null;
   };
-  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ModalOverlay, { isOpen: modal.isOpen, onClose: closeModal, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+  const handleCopyAll = () => {
+    navigator.clipboard.writeText(recoveryCodes.join("\n")).catch(() => {
+    });
+  };
+  const goBack = () => {
+    setCode("");
+    setMsg(null);
+    setStep("manage");
+  };
+  if (!isOpen) return null;
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ModalOverlay, { isOpen, onClose, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
     "div",
     {
       className: "fc-modal-content",
-      style: {
-        "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _47 => _47.appearance, 'optionalAccess', _48 => _48.accentColor]), () => ( "#8b5cf6"))
-      },
-      "data-theme": _nullishCoalesce(_optionalChain([config, 'access', _49 => _49.appearance, 'optionalAccess', _50 => _50.theme]), () => ( "light")),
-      children: modal.step === "success" || modal.step === "oauth" ? renderStep() : /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-        renderLogo(),
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: _nullishCoalesce(_optionalChain([config, 'access', _51 => _51.appearance, 'optionalAccess', _52 => _52.title]), () => ( "Log in or sign up")) }),
-        renderStep(),
-        (_optionalChain([config, 'access', _53 => _53.appearance, 'optionalAccess', _54 => _54.termsUrl]) || _optionalChain([config, 'access', _55 => _55.appearance, 'optionalAccess', _56 => _56.privacyUrl])) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "p", { className: "fc-legal", children: [
-          "By continuing, you agree to our",
-          " ",
-          config.appearance.termsUrl && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: config.appearance.termsUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Terms" }),
-          config.appearance.termsUrl && config.appearance.privacyUrl && " and ",
-          config.appearance.privacyUrl && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: config.appearance.privacyUrl, target: "_blank", rel: "noopener noreferrer", className: "fc-legal-link", children: "Privacy Policy" })
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _48 => _48.appearance, 'optionalAccess', _49 => _49.accentColor]), () => ( "#8b5cf6")) },
+      "data-theme": theme,
+      children: [
+        step === "setup" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Set up 2FA" }),
+          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          loading && !setupData && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Loading..." }),
+          setupData && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Scan this QR code with your authenticator app" }),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { display: "flex", justifyContent: "center", margin: "12px 0" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "img",
+              {
+                src: setupData.qrCodeDataUrl,
+                alt: "TOTP QR code",
+                style: { width: 180, height: 180, borderRadius: 12 }
+              }
+            ) }),
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { style: { textAlign: "center", marginBottom: 12 }, children: [
+              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setShowSecret(!showSecret), children: showSecret ? "Hide code" : "Can't scan? Enter manually" }),
+              showSecret && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { style: { margin: "8px 0 0", fontFamily: "monospace", fontSize: 12, opacity: 0.7, wordBreak: "break-all" }, children: setupData.secret })
+            ] }),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-primary",
+                onClick: handleEnable,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10 },
+                children: loading ? "Verifying..." : "Verify & Enable"
+              }
+            )
+          ] })
+        ] }),
+        step === "manage" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Two-factor authentication" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { textAlign: "center", marginBottom: 20 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-verified", style: { fontSize: 12, padding: "4px 12px" }, children: "Enabled" }) }),
+          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+              "button",
+              {
+                type: "button",
+                className: "fc-security-card",
+                onClick: () => {
+                  setCode("");
+                  setMsg(null);
+                  setStep("confirm-regenerate");
+                },
+                children: [
+                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 20 20", fill: "none", children: [
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M3 10a7 7 0 0 1 7-7m0 14a7 7 0 0 1-7-7m14 0a7 7 0 0 1-7 7m0-14a7 7 0 0 1 7 7", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M14 3l-1 3h3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
+                  ] }) }),
+                  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-security-card-info", children: [
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-label", children: "Regenerate recovery codes" }),
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-detail", children: "Get new backup codes" })
+                  ] }),
+                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
+                ]
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+              "button",
+              {
+                type: "button",
+                className: "fc-security-card",
+                onClick: () => {
+                  setCode("");
+                  setMsg(null);
+                  setStep("confirm-disable");
+                },
+                children: [
+                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-icon", style: { color: "#dc2626" }, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 20 20", fill: "none", children: [
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 2l6 3v4c0 4.42-2.56 8.22-6 9.5C6.56 17.22 4 13.42 4 9V5l6-3z", stroke: "currentColor", strokeWidth: "1.5", strokeLinejoin: "round" }),
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M7.5 7.5l5 5M12.5 7.5l-5 5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
+                  ] }) }),
+                  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-security-card-info", children: [
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-label", style: { color: "#dc2626" }, children: "Disable 2FA" }),
+                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-detail", children: "Remove two-factor authentication" })
+                  ] }),
+                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
+                ]
+              }
+            )
+          ] })
+        ] }),
+        step === "confirm-regenerate" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Regenerate recovery codes" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to generate new recovery codes. Your old codes will stop working." }),
+          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-primary",
+                onClick: handleRegenerate,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10 },
+                children: loading ? "Generating..." : "Regenerate codes"
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
+          ] })
+        ] }),
+        step === "confirm-disable" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Disable 2FA" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to disable two-factor authentication." }),
+          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
+          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "input",
+              {
+                className: "fc-input",
+                type: "text",
+                inputMode: "numeric",
+                placeholder: "Enter 6-digit code",
+                maxLength: 6,
+                value: code,
+                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
+                style: { textAlign: "center", letterSpacing: "0.2em" },
+                autoFocus: true
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "button",
+              {
+                type: "button",
+                className: "fc-btn fc-btn-secondary",
+                onClick: handleDisable,
+                disabled: loading || code.length !== 6,
+                style: { marginTop: 10, background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
+                children: loading ? "Disabling..." : "Disable 2FA"
+              }
+            ),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
+          ] })
+        ] }),
+        step === "recovery-codes" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Save your recovery codes" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Store these codes somewhere safe. Each code can only be used once." }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-recovery-grid", children: recoveryCodes.map((c, i) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-recovery-code", children: c }, i)) }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { textAlign: "center", margin: "8px 0 12px" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: handleCopyAll, children: "Copy all" }) }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-primary", onClick: onClose, children: "Done" })
         ] })
-      ] })
+      ]
     }
   ) });
 }
-var EmailIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "4", width: "16", height: "12", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M2 6l8 5 8-5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
-] }) });
-var OtpIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "3", y: "6", width: "14", height: "9", rx: "1.5", stroke: "currentColor", strokeWidth: "1.5" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "6.5", cy: "10.5", r: "1", fill: "currentColor" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "10", cy: "10.5", r: "1", fill: "currentColor" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "13.5", cy: "10.5", r: "1", fill: "currentColor" })
-] }) });
-var WalletIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "5", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "13", y: "9", width: "5", height: "3", rx: "1", stroke: "currentColor", strokeWidth: "1.5" })
-] }) });
-var PasskeyIcon = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon", children: [
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "8", cy: "7", r: "3", stroke: "currentColor", strokeWidth: "1.5" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M13 13.5a5 5 0 0 0-10 0", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
-  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M15 10v4m0 0l-1.5-1m1.5 1l1.5-1", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
-] }) });
-var LoadingSpinner = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-method-icon-wrap", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "20", height: "20", viewBox: "0 0 20 20", fill: "none", className: "fc-method-icon fc-spin", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 2a8 8 0 0 1 8 8", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }) }) });
-function MethodSelect() {
-  const { setModalStep, loginWithPasskey, config } = useForgeConnect();
-  const methods = resolveLoginMethods(config);
-  const [passkeyLoading, setPasskeyLoading] = _react.useState.call(void 0, false);
-  const [passkeyError, setPasskeyError] = _react.useState.call(void 0, "");
-  const handlePasskey = async () => {
-    setPasskeyLoading(true);
-    setPasskeyError("");
-    try {
-      await loginWithPasskey();
-    } catch (err) {
-      setPasskeyError(err instanceof Error ? err.message : "Passkey authentication failed.");
-    } finally {
-      setPasskeyLoading(false);
-    }
-  };
-  const elements = [];
-  let i = 0;
-  while (i < methods.length) {
-    const method = methods[i];
-    if (isOAuthMethod(method)) {
-      const oauthGroup = [];
-      while (i < methods.length && isOAuthMethod(methods[i])) {
-        oauthGroup.push(methods[i]);
-        i++;
-      }
-      if (elements.length > 0) {
-        elements.push(/* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-divider", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "or" }) }, `div-before-${oauthGroup[0]}`));
-      }
-      elements.push(
-        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-oauth-group", children: oauthGroup.map((p) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OAuthButton, { provider: p }, p)) }, `oauth-${oauthGroup.join("-")}`)
-      );
-    } else {
-      if (elements.length > 0) {
-        const prev = methods[i - 1];
-        if (prev && isOAuthMethod(prev)) {
-          elements.push(/* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-divider", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "or" }) }, `div-after-${prev}`));
-        }
-      }
-      switch (method) {
-        case "email":
-          elements.push(
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-login"), children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, EmailIcon, {}),
-              " ",
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Password" })
-            ] }, "email")
-          );
-          break;
-        case "otp":
-          elements.push(
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("email-otp"), children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, OtpIcon, {}),
-              " ",
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Magic code" })
-            ] }, "otp")
-          );
-          break;
-        case "wallet":
-          elements.push(
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: () => setModalStep("wallet-connect"), children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, WalletIcon, {}),
-              " ",
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: "Wallet" })
-            ] }, "wallet")
-          );
-          break;
-        case "passkey":
-          elements.push(
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-method", onClick: handlePasskey, disabled: passkeyLoading, children: [
-              passkeyLoading ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingSpinner, {}) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, PasskeyIcon, {}),
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-btn-name", children: passkeyLoading ? "Waiting for passkey..." : "Passkey" })
-            ] }, "passkey")
-          );
-          break;
-      }
-      i++;
-    }
-  }
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-method-select", children: [
-    passkeyError && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: passkeyError }),
-    elements
-  ] });
-}
-function OAuthLoadingView() {
-  const { setModalStep } = useForgeConnect();
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-success", children: [
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-success-icon", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { width: "52", height: "52", viewBox: "0 0 52 52", className: "fc-spin", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { cx: "26", cy: "26", r: "24", fill: "none", stroke: "var(--fc-accent, #8b5cf6)", strokeWidth: "3", strokeLinecap: "round", strokeDasharray: "100", strokeDashoffset: "30" }) }) }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-success-text", children: "Completing sign in..." }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-secondary", style: { marginTop: "16px" }, onClick: () => setModalStep("method-select"), children: "Cancel" })
-  ] });
-}
-function SuccessView() {
-  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-success", children: [
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-success-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 52 52", className: "fc-success-check", children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "circle", { className: "fc-success-circle", cx: "26", cy: "26", r: "24", fill: "none" }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { className: "fc-success-tick", fill: "none", d: "M15 26l7.5 7.5L37 19" })
-    ] }) }),
-    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-success-text", children: "You're in" })
-  ] });
-}
 
-// src/components/account-modal.tsx
+// src/components/passkeys-modal.tsx
 
 
-// src/hooks/use-user.ts
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/bufferToBase64URLString.js
+function bufferToBase64URLString(buffer) {
+  const bytes = new Uint8Array(buffer);
+  let str = "";
+  for (const charCode of bytes) {
+    str += String.fromCharCode(charCode);
+  }
+  const base64String = btoa(str);
+  return base64String.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
 
-function useUser() {
-  const { auth, api, config, getAccessToken } = useForgeConnect();
-  const [authMethods, setAuthMethods] = _react.useState.call(void 0, null);
-  const [loading, setLoading] = _react.useState.call(void 0, false);
-  const pendingRefreshRef = _react.useRef.call(void 0, false);
-  const updateProfile = _react.useCallback.call(void 0, 
-    async (data) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      return api.updateMe(token, data);
-    },
-    [api, getAccessToken]
-  );
-  const fetchAuthMethods = _react.useCallback.call(void 0, async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Please sign in to continue.");
-    setLoading(true);
-    try {
-      const methods = await api.getAuthMethods(token);
-      setAuthMethods(methods);
-      return methods;
-    } finally {
-      setLoading(false);
-    }
-  }, [api, getAccessToken]);
-  const linkAuthMethod = _react.useCallback.call(void 0, 
-    async (data) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.linkAuthMethod(token, data);
-      await fetchAuthMethods();
-    },
-    [api, getAccessToken, fetchAuthMethods]
-  );
-  const linkOtpSend = _react.useCallback.call(void 0, 
-    async (email) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.linkOtpSend(token, email);
-    },
-    [api, getAccessToken]
-  );
-  const linkOtpVerify = _react.useCallback.call(void 0, 
-    async (email, code) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.linkOtpVerify(token, email, code);
-      await fetchAuthMethods();
-    },
-    [api, getAccessToken, fetchAuthMethods]
-  );
-  const unlinkAuthMethod = _react.useCallback.call(void 0, 
-    async (id) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.unlinkAuthMethod(token, id);
-      await fetchAuthMethods();
-    },
-    [api, getAccessToken, fetchAuthMethods]
-  );
-  const linkOAuth = _react.useCallback.call(void 0, 
-    async (provider) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      const { intentToken } = await api.createLinkIntent(token);
-      const redirectUri = encodeURIComponent(window.location.origin + "/fc-oauth-callback");
-      const url = `${config.apiUrl}/auth/oauth/${provider}/link?intent=${encodeURIComponent(intentToken)}&redirect_uri=${redirectUri}`;
-      const width = 500;
-      const height = 600;
-      const left = window.screenX + (window.innerWidth - width) / 2;
-      const top = window.screenY + (window.innerHeight - height) / 2;
-      window.open(url, "fc_oauth_link", `width=${width},height=${height},left=${left},top=${top}`);
-      pendingRefreshRef.current = true;
-    },
-    [api, config.apiUrl, getAccessToken]
-  );
-  _react.useEffect.call(void 0, () => {
-    const handleMessage = (event) => {
-      if (event.origin !== window.location.origin) return;
-      if (_optionalChain([event, 'access', _57 => _57.data, 'optionalAccess', _58 => _58.type]) === "fc_oauth_link_success" && pendingRefreshRef.current) {
-        pendingRefreshRef.current = false;
-        fetchAuthMethods().catch(() => {
-        });
-      }
-    };
-    window.addEventListener("message", handleMessage);
-    return () => window.removeEventListener("message", handleMessage);
-  }, [fetchAuthMethods]);
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/base64URLStringToBuffer.js
+function base64URLStringToBuffer(base64URLString) {
+  const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/");
+  const padLength = (4 - base64.length % 4) % 4;
+  const padded = base64.padEnd(base64.length + padLength, "=");
+  const binary = atob(padded);
+  const buffer = new ArrayBuffer(binary.length);
+  const bytes = new Uint8Array(buffer);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
+  }
+  return buffer;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthn.js
+function browserSupportsWebAuthn() {
+  return _browserSupportsWebAuthnInternals.stubThis(_optionalChain([globalThis, 'optionalAccess', _50 => _50.PublicKeyCredential]) !== void 0 && typeof globalThis.PublicKeyCredential === "function");
+}
+var _browserSupportsWebAuthnInternals = {
+  stubThis: (value) => value
+};
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toPublicKeyCredentialDescriptor.js
+function toPublicKeyCredentialDescriptor(descriptor) {
+  const { id } = descriptor;
   return {
-    user: auth.user,
-    authMethods,
-    loading,
-    updateProfile,
-    fetchAuthMethods,
-    linkAuthMethod,
-    linkOtpSend,
-    linkOtpVerify,
-    unlinkAuthMethod,
-    linkOAuth
+    ...descriptor,
+    id: base64URLStringToBuffer(id),
+    /**
+     * `descriptor.transports` is an array of our `AuthenticatorTransportFuture` that includes newer
+     * transports that TypeScript's DOM lib is ignorant of. Convince TS that our list of transports
+     * are fine to pass to WebAuthn since browsers will recognize the new value.
+     */
+    transports: descriptor.transports
   };
 }
 
-// src/hooks/use-wallets.ts
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/isValidDomain.js
+function isValidDomain(hostname) {
+  return (
+    // Consider localhost valid as well since it's okay wrt Secure Contexts
+    hostname === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(hostname)
+  );
+}
 
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnError.js
+var WebAuthnError = class extends Error {
+  constructor({ message, code, cause, name }) {
+    super(message, { cause });
+    Object.defineProperty(this, "code", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    this.name = _nullishCoalesce(name, () => ( cause.name));
+    this.code = code;
+  }
+};
 
-// src/lib/utils.ts
-var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
-function uint8ArrayToBase58(bytes) {
-  const digits = [0];
-  for (const byte of bytes) {
-    let carry = byte;
-    for (let j = 0; j < digits.length; j++) {
-      carry += digits[j] << 8;
-      digits[j] = carry % 58;
-      carry = carry / 58 | 0;
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyRegistrationError.js
+function identifyRegistrationError({ error, options }) {
+  const { publicKey } = options;
+  if (!publicKey) {
+    throw Error("options was missing required publicKey property");
+  }
+  if (error.name === "AbortError") {
+    if (options.signal instanceof AbortSignal) {
+      return new WebAuthnError({
+        message: "Registration ceremony was sent an abort signal",
+        code: "ERROR_CEREMONY_ABORTED",
+        cause: error
+      });
     }
-    while (carry > 0) {
-      digits.push(carry % 58);
-      carry = carry / 58 | 0;
+  } else if (error.name === "ConstraintError") {
+    if (_optionalChain([publicKey, 'access', _51 => _51.authenticatorSelection, 'optionalAccess', _52 => _52.requireResidentKey]) === true) {
+      return new WebAuthnError({
+        message: "Discoverable credentials were required but no available authenticator supported it",
+        code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
+        cause: error
+      });
+    } else if (
+      // @ts-ignore: `mediation` doesn't yet exist on CredentialCreationOptions but it's possible as of Sept 2024
+      options.mediation === "conditional" && _optionalChain([publicKey, 'access', _53 => _53.authenticatorSelection, 'optionalAccess', _54 => _54.userVerification]) === "required"
+    ) {
+      return new WebAuthnError({
+        message: "User verification was required during automatic registration but it could not be performed",
+        code: "ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",
+        cause: error
+      });
+    } else if (_optionalChain([publicKey, 'access', _55 => _55.authenticatorSelection, 'optionalAccess', _56 => _56.userVerification]) === "required") {
+      return new WebAuthnError({
+        message: "User verification was required but no available authenticator supported it",
+        code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
+        cause: error
+      });
+    }
+  } else if (error.name === "InvalidStateError") {
+    return new WebAuthnError({
+      message: "The authenticator was previously registered",
+      code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
+      cause: error
+    });
+  } else if (error.name === "NotAllowedError") {
+    return new WebAuthnError({
+      message: error.message,
+      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
+      cause: error
+    });
+  } else if (error.name === "NotSupportedError") {
+    const validPubKeyCredParams = publicKey.pubKeyCredParams.filter((param) => param.type === "public-key");
+    if (validPubKeyCredParams.length === 0) {
+      return new WebAuthnError({
+        message: 'No entry in pubKeyCredParams was of type "public-key"',
+        code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
+        cause: error
+      });
+    }
+    return new WebAuthnError({
+      message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
+      code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
+      cause: error
+    });
+  } else if (error.name === "SecurityError") {
+    const effectiveDomain = globalThis.location.hostname;
+    if (!isValidDomain(effectiveDomain)) {
+      return new WebAuthnError({
+        message: `${globalThis.location.hostname} is an invalid domain`,
+        code: "ERROR_INVALID_DOMAIN",
+        cause: error
+      });
+    } else if (publicKey.rp.id !== effectiveDomain) {
+      return new WebAuthnError({
+        message: `The RP ID "${publicKey.rp.id}" is invalid for this domain`,
+        code: "ERROR_INVALID_RP_ID",
+        cause: error
+      });
+    }
+  } else if (error.name === "TypeError") {
+    if (publicKey.user.id.byteLength < 1 || publicKey.user.id.byteLength > 64) {
+      return new WebAuthnError({
+        message: "User ID was not between 1 and 64 characters",
+        code: "ERROR_INVALID_USER_ID_LENGTH",
+        cause: error
+      });
     }
+  } else if (error.name === "UnknownError") {
+    return new WebAuthnError({
+      message: "The authenticator was unable to process the specified options, or could not create a new credential",
+      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
+      cause: error
+    });
   }
-  let str = "";
-  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
-    str += "1";
+  return error;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/webAuthnAbortService.js
+var BaseWebAuthnAbortService = class {
+  constructor() {
+    Object.defineProperty(this, "controller", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
   }
-  for (let i = digits.length - 1; i >= 0; i--) {
-    str += BASE58_ALPHABET[digits[i]];
+  createNewAbortSignal() {
+    if (this.controller) {
+      const abortError = new Error("Cancelling existing WebAuthn API call for new one");
+      abortError.name = "AbortError";
+      this.controller.abort(abortError);
+    }
+    const newController = new AbortController();
+    this.controller = newController;
+    return newController.signal;
   }
-  return str;
-}
-function timeAgo(dateStr) {
-  const now = Date.now();
-  const then = new Date(dateStr).getTime();
-  const diff = now - then;
-  const mins = Math.floor(diff / 6e4);
-  if (mins < 1) return "just now";
-  if (mins < 60) return `${mins}m ago`;
-  const hours = Math.floor(mins / 60);
-  if (hours < 24) return `${hours}h ago`;
-  const days = Math.floor(hours / 24);
-  if (days < 30) return `${days}d ago`;
-  return new Date(dateStr).toLocaleDateString();
+  cancelCeremony() {
+    if (this.controller) {
+      const abortError = new Error("Manually cancelling existing WebAuthn API call");
+      abortError.name = "AbortError";
+      this.controller.abort(abortError);
+      this.controller = void 0;
+    }
+  }
+};
+var WebAuthnAbortService = new BaseWebAuthnAbortService();
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/toAuthenticatorAttachment.js
+var attachments = ["cross-platform", "platform"];
+function toAuthenticatorAttachment(attachment) {
+  if (!attachment) {
+    return;
+  }
+  if (attachments.indexOf(attachment) < 0) {
+    return;
+  }
+  return attachment;
 }
 
-// src/hooks/use-wallets.ts
-function useWallets() {
-  const { api, getAccessToken } = useForgeConnect();
-  const [wallets, setWallets] = _react.useState.call(void 0, null);
-  const [loading, setLoading] = _react.useState.call(void 0, false);
-  const fetchWallets = _react.useCallback.call(void 0, async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Please sign in to continue.");
-    setLoading(true);
-    try {
-      const data = await api.getWallets(token);
-      setWallets(data);
-      return data;
-    } finally {
-      setLoading(false);
-    }
-  }, [api, getAccessToken]);
-  const updateWallet = _react.useCallback.call(void 0, 
-    async (id, data) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.updateWallet(token, id, data);
-      await fetchWallets();
-    },
-    [api, getAccessToken, fetchWallets]
-  );
-  const linkWallet = _react.useCallback.call(void 0, 
-    async (walletAddress, signMessage, chain = "solana") => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      const { challengeId, message: challengeMessage } = await api.walletChallenge(walletAddress, chain);
-      const encoded = new TextEncoder().encode(challengeMessage);
-      const signatureBytes = await signMessage(encoded);
-      const signature = chain === "solana" ? uint8ArrayToBase58(signatureBytes) : Array.from(signatureBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
-      await api.linkAuthMethod(token, {
-        provider: `${chain}_wallet`,
-        challengeId,
-        signature,
-        walletAddress
-      });
-      await fetchWallets();
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startRegistration.js
+async function startRegistration(options) {
+  if (!options.optionsJSON && options.challenge) {
+    console.warn("startRegistration() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
+    options = { optionsJSON: options };
+  }
+  const { optionsJSON, useAutoRegister = false } = options;
+  if (!browserSupportsWebAuthn()) {
+    throw new Error("WebAuthn is not supported in this browser");
+  }
+  const publicKey = {
+    ...optionsJSON,
+    challenge: base64URLStringToBuffer(optionsJSON.challenge),
+    user: {
+      ...optionsJSON.user,
+      id: base64URLStringToBuffer(optionsJSON.user.id)
     },
-    [api, getAccessToken, fetchWallets]
-  );
-  return {
-    wallets,
-    loading,
-    fetchWallets,
-    updateWallet,
-    linkWallet
+    excludeCredentials: _optionalChain([optionsJSON, 'access', _57 => _57.excludeCredentials, 'optionalAccess', _58 => _58.map, 'call', _59 => _59(toPublicKeyCredentialDescriptor)])
   };
-}
-
-// src/hooks/use-sessions.ts
-
-function useSessions() {
-  const { api, getAccessToken } = useForgeConnect();
-  const [sessions, setSessions] = _react.useState.call(void 0, null);
-  const [loading, setLoading] = _react.useState.call(void 0, false);
-  const fetchSessions = _react.useCallback.call(void 0, async () => {
-    const token = getAccessToken();
-    if (!token) throw new Error("Please sign in to continue.");
-    setLoading(true);
+  const createOptions = {};
+  if (useAutoRegister) {
+    createOptions.mediation = "conditional";
+  }
+  createOptions.publicKey = publicKey;
+  createOptions.signal = WebAuthnAbortService.createNewAbortSignal();
+  let credential;
+  try {
+    credential = await navigator.credentials.create(createOptions);
+  } catch (err) {
+    throw identifyRegistrationError({ error: err, options: createOptions });
+  }
+  if (!credential) {
+    throw new Error("Registration was not completed");
+  }
+  const { id, rawId, response, type } = credential;
+  let transports = void 0;
+  if (typeof response.getTransports === "function") {
+    transports = response.getTransports();
+  }
+  let responsePublicKeyAlgorithm = void 0;
+  if (typeof response.getPublicKeyAlgorithm === "function") {
     try {
-      const data = await api.getSessions(token);
-      setSessions(data);
-      return data;
-    } finally {
-      setLoading(false);
+      responsePublicKeyAlgorithm = response.getPublicKeyAlgorithm();
+    } catch (error) {
+      warnOnBrokenImplementation("getPublicKeyAlgorithm()", error);
     }
-  }, [api, getAccessToken]);
-  const revokeSession = _react.useCallback.call(void 0, 
-    async (id) => {
-      const token = getAccessToken();
-      if (!token) throw new Error("Please sign in to continue.");
-      await api.revokeSession(token, id);
-      await fetchSessions();
-    },
-    [api, getAccessToken, fetchSessions]
-  );
-  return {
-    sessions,
-    loading,
-    fetchSessions,
-    revokeSession
-  };
-}
-
-// src/components/two-factor-modal.tsx
-
-
-function TwoFactorModal({ isOpen, onClose, initialEnabled, onStatusChange }) {
-  const { api, getAccessToken, config } = useForgeConnect();
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _59 => _59.appearance, 'optionalAccess', _60 => _60.theme]), () => ( "light"));
-  const [step, setStep] = _react.useState.call(void 0, initialEnabled ? "manage" : "setup");
-  const [setupData, setSetupData] = _react.useState.call(void 0, null);
-  const [code, setCode] = _react.useState.call(void 0, "");
-  const [loading, setLoading] = _react.useState.call(void 0, false);
-  const [msg, setMsg] = _react.useState.call(void 0, null);
-  const [showSecret, setShowSecret] = _react.useState.call(void 0, false);
-  const [recoveryCodes, setRecoveryCodes] = _react.useState.call(void 0, []);
-  _react.useEffect.call(void 0, () => {
-    if (isOpen) {
-      setStep(initialEnabled ? "manage" : "setup");
-      setSetupData(null);
-      setCode("");
-      setMsg(null);
-      setLoading(false);
-      setShowSecret(false);
-      setRecoveryCodes([]);
-      if (!initialEnabled) {
-        const token = getAccessToken();
-        if (token) {
-          setLoading(true);
-          api.setup2FA(token).then((data) => {
-            setSetupData(data);
-            setRecoveryCodes(data.recoveryCodes);
-          }).catch((err) => {
-            setMsg({ text: err instanceof Error ? err.message : "Could not set up 2FA.", ok: false });
-          }).finally(() => setLoading(false));
-        }
+  }
+  let responsePublicKey = void 0;
+  if (typeof response.getPublicKey === "function") {
+    try {
+      const _publicKey = response.getPublicKey();
+      if (_publicKey !== null) {
+        responsePublicKey = bufferToBase64URLString(_publicKey);
       }
+    } catch (error) {
+      warnOnBrokenImplementation("getPublicKey()", error);
     }
-  }, [isOpen, initialEnabled, api, getAccessToken]);
-  const handleEnable = async () => {
-    const token = getAccessToken();
-    if (!token || !code) return;
-    setLoading(true);
-    setMsg(null);
+  }
+  let responseAuthenticatorData;
+  if (typeof response.getAuthenticatorData === "function") {
     try {
-      await api.enable2FA(token, code);
-      onStatusChange(true);
-      setStep("recovery-codes");
-      setCode("");
-    } catch (err) {
-      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
-    } finally {
-      setLoading(false);
+      responseAuthenticatorData = bufferToBase64URLString(response.getAuthenticatorData());
+    } catch (error) {
+      warnOnBrokenImplementation("getAuthenticatorData()", error);
     }
+  }
+  return {
+    id,
+    rawId: bufferToBase64URLString(rawId),
+    response: {
+      attestationObject: bufferToBase64URLString(response.attestationObject),
+      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
+      transports,
+      publicKeyAlgorithm: responsePublicKeyAlgorithm,
+      publicKey: responsePublicKey,
+      authenticatorData: responseAuthenticatorData
+    },
+    type,
+    clientExtensionResults: credential.getClientExtensionResults(),
+    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
   };
-  const handleDisable = async () => {
-    const token = getAccessToken();
-    if (!token || !code) return;
-    setLoading(true);
-    setMsg(null);
-    try {
-      await api.disable2FA(token, code);
-      onStatusChange(false);
-      setCode("");
-      onClose();
-    } catch (err) {
-      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
-    } finally {
-      setLoading(false);
+}
+function warnOnBrokenImplementation(methodName, cause) {
+  console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.
+`, cause);
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/browserSupportsWebAuthnAutofill.js
+function browserSupportsWebAuthnAutofill() {
+  if (!browserSupportsWebAuthn()) {
+    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  }
+  const globalPublicKeyCredential = globalThis.PublicKeyCredential;
+  if (_optionalChain([globalPublicKeyCredential, 'optionalAccess', _60 => _60.isConditionalMediationAvailable]) === void 0) {
+    return _browserSupportsWebAuthnAutofillInternals.stubThis(new Promise((resolve) => resolve(false)));
+  }
+  return _browserSupportsWebAuthnAutofillInternals.stubThis(globalPublicKeyCredential.isConditionalMediationAvailable());
+}
+var _browserSupportsWebAuthnAutofillInternals = {
+  stubThis: (value) => value
+};
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/helpers/identifyAuthenticationError.js
+function identifyAuthenticationError({ error, options }) {
+  const { publicKey } = options;
+  if (!publicKey) {
+    throw Error("options was missing required publicKey property");
+  }
+  if (error.name === "AbortError") {
+    if (options.signal instanceof AbortSignal) {
+      return new WebAuthnError({
+        message: "Authentication ceremony was sent an abort signal",
+        code: "ERROR_CEREMONY_ABORTED",
+        cause: error
+      });
     }
-  };
-  const handleRegenerate = async () => {
-    const token = getAccessToken();
-    if (!token || !code) return;
-    setLoading(true);
-    setMsg(null);
-    try {
-      const { recoveryCodes: codes } = await api.regenerateRecoveryCodes(token, code);
-      setRecoveryCodes(codes);
-      setStep("recovery-codes");
-      setCode("");
-    } catch (err) {
-      setMsg({ text: err instanceof Error ? err.message : "Invalid code.", ok: false });
-    } finally {
-      setLoading(false);
+  } else if (error.name === "NotAllowedError") {
+    return new WebAuthnError({
+      message: error.message,
+      code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
+      cause: error
+    });
+  } else if (error.name === "SecurityError") {
+    const effectiveDomain = globalThis.location.hostname;
+    if (!isValidDomain(effectiveDomain)) {
+      return new WebAuthnError({
+        message: `${globalThis.location.hostname} is an invalid domain`,
+        code: "ERROR_INVALID_DOMAIN",
+        cause: error
+      });
+    } else if (publicKey.rpId !== effectiveDomain) {
+      return new WebAuthnError({
+        message: `The RP ID "${publicKey.rpId}" is invalid for this domain`,
+        code: "ERROR_INVALID_RP_ID",
+        cause: error
+      });
     }
-  };
-  const handleCopyAll = () => {
-    navigator.clipboard.writeText(recoveryCodes.join("\n")).catch(() => {
+  } else if (error.name === "UnknownError") {
+    return new WebAuthnError({
+      message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
+      code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
+      cause: error
     });
+  }
+  return error;
+}
+
+// ../../node_modules/.pnpm/@simplewebauthn+browser@13.2.2/node_modules/@simplewebauthn/browser/esm/methods/startAuthentication.js
+async function startAuthentication(options) {
+  if (!options.optionsJSON && options.challenge) {
+    console.warn("startAuthentication() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information.");
+    options = { optionsJSON: options };
+  }
+  const { optionsJSON, useBrowserAutofill = false, verifyBrowserAutofillInput = true } = options;
+  if (!browserSupportsWebAuthn()) {
+    throw new Error("WebAuthn is not supported in this browser");
+  }
+  let allowCredentials;
+  if (_optionalChain([optionsJSON, 'access', _61 => _61.allowCredentials, 'optionalAccess', _62 => _62.length]) !== 0) {
+    allowCredentials = _optionalChain([optionsJSON, 'access', _63 => _63.allowCredentials, 'optionalAccess', _64 => _64.map, 'call', _65 => _65(toPublicKeyCredentialDescriptor)]);
+  }
+  const publicKey = {
+    ...optionsJSON,
+    challenge: base64URLStringToBuffer(optionsJSON.challenge),
+    allowCredentials
   };
-  const goBack = () => {
-    setCode("");
-    setMsg(null);
-    setStep("manage");
-  };
-  if (!isOpen) return null;
-  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ModalOverlay, { isOpen, onClose, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-    "div",
-    {
-      className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _61 => _61.appearance, 'optionalAccess', _62 => _62.accentColor]), () => ( "#8b5cf6")) },
-      "data-theme": theme,
-      children: [
-        step === "setup" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Set up 2FA" }),
-          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
-          loading && !setupData && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Loading..." }),
-          setupData && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Scan this QR code with your authenticator app" }),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { display: "flex", justifyContent: "center", margin: "12px 0" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "img",
-              {
-                src: setupData.qrCodeDataUrl,
-                alt: "TOTP QR code",
-                style: { width: 180, height: 180, borderRadius: 12 }
-              }
-            ) }),
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { style: { textAlign: "center", marginBottom: 12 }, children: [
-              /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: () => setShowSecret(!showSecret), children: showSecret ? "Hide code" : "Can't scan? Enter manually" }),
-              showSecret && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { style: { margin: "8px 0 0", fontFamily: "monospace", fontSize: 12, opacity: 0.7, wordBreak: "break-all" }, children: setupData.secret })
-            ] }),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "input",
-              {
-                className: "fc-input",
-                type: "text",
-                inputMode: "numeric",
-                placeholder: "Enter 6-digit code",
-                maxLength: 6,
-                value: code,
-                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
-                style: { textAlign: "center", letterSpacing: "0.2em" },
-                autoFocus: true
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "button",
-              {
-                type: "button",
-                className: "fc-btn fc-btn-primary",
-                onClick: handleEnable,
-                disabled: loading || code.length !== 6,
-                style: { marginTop: 10 },
-                children: loading ? "Verifying..." : "Verify & Enable"
-              }
-            )
-          ] })
-        ] }),
-        step === "manage" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Two-factor authentication" }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { textAlign: "center", marginBottom: 20 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-badge-verified", style: { fontSize: 12, padding: "4px 12px" }, children: "Enabled" }) }),
-          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-              "button",
-              {
-                type: "button",
-                className: "fc-security-card",
-                onClick: () => {
-                  setCode("");
-                  setMsg(null);
-                  setStep("confirm-regenerate");
-                },
-                children: [
-                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 20 20", fill: "none", children: [
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M3 10a7 7 0 0 1 7-7m0 14a7 7 0 0 1-7-7m14 0a7 7 0 0 1-7 7m0-14a7 7 0 0 1 7 7", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" }),
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M14 3l-1 3h3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" })
-                  ] }) }),
-                  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-security-card-info", children: [
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-label", children: "Regenerate recovery codes" }),
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-detail", children: "Get new backup codes" })
-                  ] }),
-                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
-                ]
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
-              "button",
-              {
-                type: "button",
-                className: "fc-security-card",
-                onClick: () => {
-                  setCode("");
-                  setMsg(null);
-                  setStep("confirm-disable");
-                },
-                children: [
-                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-icon", style: { color: "#dc2626" }, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { viewBox: "0 0 20 20", fill: "none", children: [
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M10 2l6 3v4c0 4.42-2.56 8.22-6 9.5C6.56 17.22 4 13.42 4 9V5l6-3z", stroke: "currentColor", strokeWidth: "1.5", strokeLinejoin: "round" }),
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M7.5 7.5l5 5M12.5 7.5l-5 5", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
-                  ] }) }),
-                  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-security-card-info", children: [
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-label", style: { color: "#dc2626" }, children: "Disable 2FA" }),
-                    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-detail", children: "Remove two-factor authentication" })
-                  ] }),
-                  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-security-card-chevron", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "svg", { viewBox: "0 0 16 16", fill: "none", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M6 4l4 4-4 4", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round" }) }) })
-                ]
-              }
-            )
-          ] })
-        ] }),
-        step === "confirm-regenerate" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Regenerate recovery codes" }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to generate new recovery codes. Your old codes will stop working." }),
-          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
-          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "input",
-              {
-                className: "fc-input",
-                type: "text",
-                inputMode: "numeric",
-                placeholder: "Enter 6-digit code",
-                maxLength: 6,
-                value: code,
-                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
-                style: { textAlign: "center", letterSpacing: "0.2em" },
-                autoFocus: true
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "button",
-              {
-                type: "button",
-                className: "fc-btn fc-btn-primary",
-                onClick: handleRegenerate,
-                disabled: loading || code.length !== 6,
-                style: { marginTop: 10 },
-                children: loading ? "Generating..." : "Regenerate codes"
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
-          ] })
-        ] }),
-        step === "confirm-disable" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Disable 2FA" }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Enter your 2FA code to disable two-factor authentication." }),
-          msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: msg.ok ? "fc-text" : "fc-error", children: msg.text }),
-          /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "input",
-              {
-                className: "fc-input",
-                type: "text",
-                inputMode: "numeric",
-                placeholder: "Enter 6-digit code",
-                maxLength: 6,
-                value: code,
-                onChange: (e) => setCode(e.target.value.replace(/\D/g, "")),
-                style: { textAlign: "center", letterSpacing: "0.2em" },
-                autoFocus: true
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
-              "button",
-              {
-                type: "button",
-                className: "fc-btn fc-btn-secondary",
-                onClick: handleDisable,
-                disabled: loading || code.length !== 6,
-                style: { marginTop: 10, background: "rgba(220, 38, 38, 0.1)", color: "#dc2626", borderColor: "rgba(220, 38, 38, 0.2)" },
-                children: loading ? "Disabling..." : "Disable 2FA"
-              }
-            ),
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-switch", style: { marginTop: 12 }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: goBack, children: "Back" }) })
-          ] })
-        ] }),
-        step === "recovery-codes" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Save your recovery codes" }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", style: { textAlign: "center" }, children: "Store these codes somewhere safe. Each code can only be used once." }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-recovery-grid", children: recoveryCodes.map((c, i) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-recovery-code", children: c }, i)) }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { style: { textAlign: "center", margin: "8px 0 12px" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: handleCopyAll, children: "Copy all" }) }),
-          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-primary", onClick: onClose, children: "Done" })
-        ] })
-      ]
+  const getOptions = {};
+  if (useBrowserAutofill) {
+    if (!await browserSupportsWebAuthnAutofill()) {
+      throw Error("Browser does not support WebAuthn autofill");
     }
-  ) });
+    const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
+    if (eligibleInputs.length < 1 && verifyBrowserAutofillInput) {
+      throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
+    }
+    getOptions.mediation = "conditional";
+    publicKey.allowCredentials = [];
+  }
+  getOptions.publicKey = publicKey;
+  getOptions.signal = WebAuthnAbortService.createNewAbortSignal();
+  let credential;
+  try {
+    credential = await navigator.credentials.get(getOptions);
+  } catch (err) {
+    throw identifyAuthenticationError({ error: err, options: getOptions });
+  }
+  if (!credential) {
+    throw new Error("Authentication was not completed");
+  }
+  const { id, rawId, response, type } = credential;
+  let userHandle = void 0;
+  if (response.userHandle) {
+    userHandle = bufferToBase64URLString(response.userHandle);
+  }
+  return {
+    id,
+    rawId: bufferToBase64URLString(rawId),
+    response: {
+      authenticatorData: bufferToBase64URLString(response.authenticatorData),
+      clientDataJSON: bufferToBase64URLString(response.clientDataJSON),
+      signature: bufferToBase64URLString(response.signature),
+      userHandle
+    },
+    type,
+    clientExtensionResults: credential.getClientExtensionResults(),
+    authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment)
+  };
 }
 
 // src/components/passkeys-modal.tsx
 
-
 function PasskeysModal({ isOpen, onClose, onCountChange }) {
   const { api, getAccessToken, config } = useForgeConnect();
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _63 => _63.appearance, 'optionalAccess', _64 => _64.theme]), () => ( "light"));
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _66 => _66.appearance, 'optionalAccess', _67 => _67.theme]), () => ( "light"));
   const [passkeys, setPasskeys] = _react.useState.call(void 0, []);
   const [loading, setLoading] = _react.useState.call(void 0, false);
   const [addLoading, setAddLoading] = _react.useState.call(void 0, false);
@@ -2546,7 +2558,7 @@ function PasskeysModal({ isOpen, onClose, onCountChange }) {
     "div",
     {
       className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _65 => _65.appearance, 'optionalAccess', _66 => _66.accentColor]), () => ( "#8b5cf6")) },
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _68 => _68.appearance, 'optionalAccess', _69 => _69.accentColor]), () => ( "#8b5cf6")) },
       "data-theme": theme,
       children: [
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "h2", { className: "fc-modal-title", children: "Passkeys" }),
@@ -2620,7 +2632,7 @@ function ErrorView({
 
 function PasswordModal({ isOpen, onClose, hasPassword }) {
   const { api, getAccessToken, config } = useForgeConnect();
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _67 => _67.appearance, 'optionalAccess', _68 => _68.theme]), () => ( "light"));
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _70 => _70.appearance, 'optionalAccess', _71 => _71.theme]), () => ( "light"));
   const [step, setStep] = _react.useState.call(void 0, "form");
   const [currentPassword, setCurrentPassword] = _react.useState.call(void 0, "");
   const [newPassword, setNewPassword] = _react.useState.call(void 0, "");
@@ -2657,7 +2669,7 @@ function PasswordModal({ isOpen, onClose, hasPassword }) {
     "div",
     {
       className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _69 => _69.appearance, 'optionalAccess', _70 => _70.accentColor]), () => ( "#8b5cf6")) },
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _72 => _72.appearance, 'optionalAccess', _73 => _73.accentColor]), () => ( "#8b5cf6")) },
       "data-theme": theme,
       children: step === "done" ? /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", style: { textAlign: "center", padding: "24px 0" }, children: [
         /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-success", children: [
@@ -2726,7 +2738,7 @@ function PasswordModal({ isOpen, onClose, hasPassword }) {
 
 function DeleteAccountModal({ isOpen, onClose, onDeleted }) {
   const { api, getAccessToken, config, logout } = useForgeConnect();
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _71 => _71.appearance, 'optionalAccess', _72 => _72.theme]), () => ( "light"));
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _74 => _74.appearance, 'optionalAccess', _75 => _75.theme]), () => ( "light"));
   const [step, setStep] = _react.useState.call(void 0, "confirm");
   const [code, setCode] = _react.useState.call(void 0, "");
   const [loading, setLoading] = _react.useState.call(void 0, false);
@@ -2786,7 +2798,7 @@ function DeleteAccountModal({ isOpen, onClose, onDeleted }) {
     "div",
     {
       className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _73 => _73.appearance, 'optionalAccess', _74 => _74.accentColor]), () => ( "#8b5cf6")) },
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _76 => _76.appearance, 'optionalAccess', _77 => _77.accentColor]), () => ( "#8b5cf6")) },
       "data-theme": theme,
       children: [
         step === "confirm" && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
@@ -2913,20 +2925,20 @@ function AccountModal() {
     prevLinkOpen.current = linkModal.isOpen;
   }, [linkModal.isOpen]);
   if (!accountModal.isOpen) return null;
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _75 => _75.appearance, 'optionalAccess', _76 => _76.theme]), () => ( "light"));
-  const initial = (_nullishCoalesce(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _77 => _77.displayName]), () => ( _optionalChain([user, 'optionalAccess', _78 => _78.primaryEmail]))), () => ( "?"))).charAt(0).toUpperCase();
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _78 => _78.appearance, 'optionalAccess', _79 => _79.theme]), () => ( "light"));
+  const initial = (_nullishCoalesce(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _80 => _80.displayName]), () => ( _optionalChain([user, 'optionalAccess', _81 => _81.primaryEmail]))), () => ( "?"))).charAt(0).toUpperCase();
   return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ModalOverlay, { isOpen: accountModal.isOpen, onClose: closeAccountModal, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
     "div",
     {
       className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _79 => _79.appearance, 'optionalAccess', _80 => _80.accentColor]), () => ( "#8b5cf6")) },
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _82 => _82.appearance, 'optionalAccess', _83 => _83.accentColor]), () => ( "#8b5cf6")) },
       "data-theme": theme,
       children: [
         /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-hero", children: [
-          _optionalChain([user, 'optionalAccess', _81 => _81.avatarUrl]) ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: user.avatarUrl, alt: "", className: "fc-account-hero-avatar" }) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-avatar fc-account-hero-avatar-placeholder", children: initial }),
+          _optionalChain([user, 'optionalAccess', _84 => _84.avatarUrl]) ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "img", { src: user.avatarUrl, alt: "", className: "fc-account-hero-avatar" }) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-avatar fc-account-hero-avatar-placeholder", children: initial }),
           /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-hero-info", children: [
-            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-name", children: _nullishCoalesce(_optionalChain([user, 'optionalAccess', _82 => _82.displayName]), () => ( "Your account")) }),
-            _optionalChain([user, 'optionalAccess', _83 => _83.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-email", children: user.primaryEmail })
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-name", children: _nullishCoalesce(_optionalChain([user, 'optionalAccess', _85 => _85.displayName]), () => ( "Your account")) }),
+            _optionalChain([user, 'optionalAccess', _86 => _86.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-hero-email", children: user.primaryEmail })
           ] })
         ] }),
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-account-tabs", children: TABS.map((tab) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
@@ -2964,13 +2976,13 @@ function AccountModal() {
 }
 function ProfileTab() {
   const { user, updateProfile } = useUser();
-  const [displayName, setDisplayName] = _react.useState.call(void 0, _nullishCoalesce(_optionalChain([user, 'optionalAccess', _84 => _84.displayName]), () => ( "")));
-  const [avatarUrl, setAvatarUrl] = _react.useState.call(void 0, _nullishCoalesce(_optionalChain([user, 'optionalAccess', _85 => _85.avatarUrl]), () => ( "")));
+  const [displayName, setDisplayName] = _react.useState.call(void 0, _nullishCoalesce(_optionalChain([user, 'optionalAccess', _87 => _87.displayName]), () => ( "")));
+  const [avatarUrl, setAvatarUrl] = _react.useState.call(void 0, _nullishCoalesce(_optionalChain([user, 'optionalAccess', _88 => _88.avatarUrl]), () => ( "")));
   const [loading, setLoading] = _react.useState.call(void 0, false);
   const [msg, setMsg] = _react.useState.call(void 0, null);
   _react.useEffect.call(void 0, () => {
-    setDisplayName(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _86 => _86.displayName]), () => ( "")));
-    setAvatarUrl(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _87 => _87.avatarUrl]), () => ( "")));
+    setDisplayName(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _89 => _89.displayName]), () => ( "")));
+    setAvatarUrl(_nullishCoalesce(_optionalChain([user, 'optionalAccess', _90 => _90.avatarUrl]), () => ( "")));
   }, [user]);
   const handleSave = async () => {
     setLoading(true);
@@ -3035,7 +3047,7 @@ function LoginsTab({ onLink, refreshKey }) {
     msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: msg }),
     loading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Loading..." }),
     /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", children: "Ways you can sign in to your account." }),
-    _optionalChain([authMethods, 'optionalAccess', _88 => _88.map, 'call', _89 => _89((m) => {
+    _optionalChain([authMethods, 'optionalAccess', _91 => _91.map, 'call', _92 => _92((m) => {
       const display = getMethodDisplay(m.provider);
       const detail = m.provider === "email" ? m.providerId : m.provider.endsWith("_wallet") ? truncate(m.providerId) : m.providerId;
       return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item", children: [
@@ -3050,7 +3062,7 @@ function LoginsTab({ onLink, refreshKey }) {
         ] })
       ] }, m.id);
     })]),
-    _optionalChain([authMethods, 'optionalAccess', _90 => _90.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No login methods yet" }),
+    _optionalChain([authMethods, 'optionalAccess', _93 => _93.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No login methods yet" }),
     /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-secondary", onClick: onLink, style: { marginTop: 8 }, children: "+ Add login method" })
   ] });
 }
@@ -3073,8 +3085,8 @@ function WalletsTab({ onLink, refreshKey }) {
     msg && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: msg }),
     loading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Loading..." }),
     /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-section-desc", children: "Crypto wallets connected to your account." }),
-    _optionalChain([wallets, 'optionalAccess', _91 => _91.map, 'call', _92 => _92((w) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item", children: [
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SvgIcon, { svg: _nullishCoalesce(_optionalChain([METHOD_DISPLAY, 'access', _93 => _93[`${w.chain}_wallet`], 'optionalAccess', _94 => _94.iconHtml]), () => ( "")), className: "fc-account-item-icon" }),
+    _optionalChain([wallets, 'optionalAccess', _94 => _94.map, 'call', _95 => _95((w) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item", children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SvgIcon, { svg: _nullishCoalesce(_optionalChain([METHOD_DISPLAY, 'access', _96 => _96[`${w.chain}_wallet`], 'optionalAccess', _97 => _97.iconHtml]), () => ( "")), className: "fc-account-item-icon" }),
       /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item-info", children: [
         /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-account-item-label", children: [
           w.chain.charAt(0).toUpperCase() + w.chain.slice(1),
@@ -3084,7 +3096,7 @@ function WalletsTab({ onLink, refreshKey }) {
       ] }),
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-account-item-actions", children: !w.isPrimary && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn-primary-sm", onClick: () => handleSetPrimary(w.id), children: "Make primary" }) })
     ] }, w.id))]),
-    _optionalChain([wallets, 'optionalAccess', _95 => _95.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No wallets connected" }),
+    _optionalChain([wallets, 'optionalAccess', _98 => _98.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No wallets connected" }),
     /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn fc-btn-secondary", onClick: onLink, style: { marginTop: 8 }, children: "+ Connect wallet" })
   ] });
 }
@@ -3119,7 +3131,7 @@ function SecurityTab() {
     refreshStatus();
     refreshPasskeyCount();
   }, [fetchSessions, fetchAuthMethods, refreshStatus, refreshPasskeyCount]);
-  const hasPassword = _optionalChain([userAuthMethods, 'optionalAccess', _96 => _96.some, 'call', _97 => _97((m) => m.provider === "email")]);
+  const hasPassword = _optionalChain([userAuthMethods, 'optionalAccess', _99 => _99.some, 'call', _100 => _100((m) => m.provider === "email")]);
   const handleRevoke = async (id) => {
     setMsg("");
     try {
@@ -3153,7 +3165,7 @@ function SecurityTab() {
       ] }),
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ChevronRight, {})
     ] }),
-    _optionalChain([user, 'optionalAccess', _98 => _98.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+    _optionalChain([user, 'optionalAccess', _101 => _101.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
       "button",
       {
         type: "button",
@@ -3174,7 +3186,7 @@ function SecurityTab() {
     ),
     /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-divider", style: { margin: "16px 0" }, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "active sessions" }) }),
     loading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Loading..." }),
-    _optionalChain([sessions, 'optionalAccess', _99 => _99.map, 'call', _100 => _100((s) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item", children: [
+    _optionalChain([sessions, 'optionalAccess', _102 => _102.map, 'call', _103 => _103((s) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-account-item", children: [
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-account-item-icon", children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "svg", { width: "16", height: "16", viewBox: "0 0 20 20", fill: "none", children: [
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "rect", { x: "2", y: "3", width: "16", height: "11", rx: "2", stroke: "currentColor", strokeWidth: "1.5" }),
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M7 17h6M10 14v3", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round" })
@@ -3190,7 +3202,7 @@ function SecurityTab() {
       ] }),
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-account-item-actions", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-btn-danger-sm", onClick: () => handleRevoke(s.id), children: "Sign out" }) })
     ] }, s.id))]),
-    _optionalChain([sessions, 'optionalAccess', _101 => _101.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No active sessions" }),
+    _optionalChain([sessions, 'optionalAccess', _104 => _104.length]) === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-account-empty", children: "No active sessions" }),
     sessions && sessions.length > 1 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
       "button",
       {
@@ -3237,7 +3249,7 @@ function SecurityTab() {
         onCountChange: (count) => setPasskeyCount(count)
       }
     ),
-    _optionalChain([user, 'optionalAccess', _102 => _102.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    _optionalChain([user, 'optionalAccess', _105 => _105.primaryEmail]) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
       PasswordModal,
       {
         isOpen: showPasswordModal,
@@ -3282,7 +3294,7 @@ function LinkAuthModal() {
     if (!linkModal.isOpen) return;
     const handleMessage = (event) => {
       if (event.origin !== window.location.origin) return;
-      if (_optionalChain([event, 'access', _103 => _103.data, 'optionalAccess', _104 => _104.type]) === "fc_oauth_link_success") {
+      if (_optionalChain([event, 'access', _106 => _106.data, 'optionalAccess', _107 => _107.type]) === "fc_oauth_link_success") {
         setStep("success");
         setTimeout(() => {
           handleClose();
@@ -3293,7 +3305,7 @@ function LinkAuthModal() {
     return () => window.removeEventListener("message", handleMessage);
   }, [linkModal.isOpen]);
   if (!linkModal.isOpen) return null;
-  const theme = _nullishCoalesce(_optionalChain([config, 'access', _105 => _105.appearance, 'optionalAccess', _106 => _106.theme]), () => ( "light"));
+  const theme = _nullishCoalesce(_optionalChain([config, 'access', _108 => _108.appearance, 'optionalAccess', _109 => _109.theme]), () => ( "light"));
   const handleClose = () => {
     setStep("method-select");
     closeLinkModal();
@@ -3316,7 +3328,7 @@ function LinkAuthModal() {
     "div",
     {
       className: "fc-modal-content",
-      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _107 => _107.appearance, 'optionalAccess', _108 => _108.accentColor]), () => ( "#8b5cf6")) },
+      style: { "--fc-accent": _nullishCoalesce(_optionalChain([config, 'access', _110 => _110.appearance, 'optionalAccess', _111 => _111.accentColor]), () => ( "#8b5cf6")) },
       "data-theme": theme,
       children: step === "success" ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SuccessView2, {}) : step === "error" ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
         ErrorView,
@@ -3332,7 +3344,7 @@ function LinkAuthModal() {
           AuthMethodSelectStep,
           {
             config,
-            connectedProviders: _nullishCoalesce(_optionalChain([authMethods, 'optionalAccess', _109 => _109.map, 'call', _110 => _110((m) => m.provider)]), () => ( [])),
+            connectedProviders: _nullishCoalesce(_optionalChain([authMethods, 'optionalAccess', _112 => _112.map, 'call', _113 => _113((m) => m.provider)]), () => ( [])),
             onSelectEmail: () => setStep("email"),
             onSelectOtp: () => setStep("otp"),
             onOAuth: handleOAuthDirect
@@ -3548,10 +3560,24 @@ function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
   const [loading, setLoading] = _react.useState.call(void 0, false);
   const [error, setError] = _react.useState.call(void 0, "");
   const [showOther, setShowOther] = _react.useState.call(void 0, false);
+  const [coldWallet, setColdWallet] = _react.useState.call(void 0, false);
   const mobile = _react.useMemo.call(void 0, () => isMobile(), []);
   const walletConfig = config.walletConfig;
-  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _111 => _111.preferredWallets]), () => ( []));
-  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _112 => _112.onlyPreferred]), () => ( false));
+  const preferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _114 => _114.preferredWallets]), () => ( []));
+  const onlyPreferred = _nullishCoalesce(_optionalChain([walletConfig, 'optionalAccess', _115 => _115.onlyPreferred]), () => ( false));
+  const coldWalletRef = _react.useRef.call(void 0, coldWallet);
+  coldWalletRef.current = coldWallet;
+  const buildSignTxFnForAdapter = _react.useCallback.call(void 0, (adapter) => {
+    if (!adapter.signTransaction) return void 0;
+    const TxClass = _optionalChain([walletConfig, 'optionalAccess', _116 => _116.Transaction]);
+    if (!TxClass) return void 0;
+    return async (txBase64) => {
+      const bytes = Uint8Array.from(atob(txBase64), (c) => c.charCodeAt(0));
+      const tx = TxClass.from(bytes);
+      const signedTx = await adapter.signTransaction(tx);
+      return btoa(String.fromCharCode(...new Uint8Array(signedTx.serialize())));
+    };
+  }, [_optionalChain([walletConfig, 'optionalAccess', _117 => _117.Transaction])]);
   const handleConnect = async (w) => {
     if (w.readyState !== "Installed") {
       if (mobile) {
@@ -3571,9 +3597,14 @@ function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
       if (!w.adapter.connected) await w.adapter.connect();
       const pk = w.adapter.publicKey;
       if (!pk) throw new Error("Wallet did not provide a public key.");
+      const useCold = coldWalletRef.current;
       const adapterSignMessage = w.adapter.signMessage ? (msg) => w.adapter.signMessage(msg) : void 0;
-      if (!adapterSignMessage) throw new Error("This wallet does not support message signing.");
-      await linkWallet(pk.toBase58(), adapterSignMessage, "solana");
+      await linkWallet(
+        pk.toBase58(),
+        useCold ? void 0 : adapterSignMessage,
+        "solana",
+        useCold ? buildSignTxFnForAdapter(w.adapter) : void 0
+      );
       onSuccess();
     } catch (err) {
       onFatalError(err instanceof Error ? err.message : "Could not link this wallet. Please try again.");
@@ -3587,12 +3618,12 @@ function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
     const prefSet = new Set(preferred);
     const others = all.filter((w) => !prefSet.has(w.adapter.name) && w.readyState === "Installed");
     return { preferredWallets: prefList, otherWallets: others };
-  }, [_optionalChain([walletAdapter, 'optionalAccess', _113 => _113.wallets]), walletConfig]);
+  }, [_optionalChain([walletAdapter, 'optionalAccess', _118 => _118.wallets]), walletConfig]);
   const mobileExtraWallets = _react.useMemo.call(void 0, () => {
     if (!mobile || !walletAdapter) return [];
     const adapterNames = new Set(walletAdapter.wallets.map((w) => w.adapter.name));
     return MOBILE_WALLETS.filter((mw) => !adapterNames.has(mw.name));
-  }, [mobile, _optionalChain([walletAdapter, 'optionalAccess', _114 => _114.wallets])]);
+  }, [mobile, _optionalChain([walletAdapter, 'optionalAccess', _119 => _119.wallets])]);
   if (!walletAdapter && mobile) {
     return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-wallet-list", children: MOBILE_WALLETS.map((mw) => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
@@ -3630,7 +3661,7 @@ function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
   return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "fc-tab", children: [
     loading ? /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { style: { textAlign: "center", padding: "24px 0" }, children: [
       /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-tab-title", children: "Connecting..." }),
-      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "Approve the connection, then sign the verification request in your wallet" }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: coldWallet ? "Confirm the transaction on your device" : "Approve the connection, then sign the verification request in your wallet" }),
       error && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, _jsxruntime.Fragment, { children: [
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error }),
         /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
@@ -3688,6 +3719,21 @@ function WalletLinkStep({ onBack, onSuccess, onFatalError }) {
         ] }, w.adapter.name))
       ] }),
       preferredWallets.length === 0 && otherWallets.length === 0 && mobileExtraWallets.length === 0 && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-text", children: "No wallet found. Please install a Solana wallet (like Phantom) to continue." }),
+      _optionalChain([walletConfig, 'optionalAccess', _120 => _120.Transaction]) && /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "label", { className: "fc-cold-wallet-toggle", children: [
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+          "input",
+          {
+            type: "checkbox",
+            checked: coldWallet,
+            onChange: (e) => setColdWallet(e.target.checked)
+          }
+        ),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "fc-toggle-track" }),
+        /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "span", { className: "fc-cold-wallet-label", children: [
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Hardware wallet" }),
+          /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: "Ledger, Trezor, Keystone..." })
+        ] })
+      ] }),
       error && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "p", { className: "fc-error", children: error })
     ] }),
     !loading && onBack && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "fc-switch", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "button", { type: "button", className: "fc-link", onClick: onBack, children: "Back" }) })
@@ -3774,7 +3820,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapt
     }
     const handleMessage = async (event) => {
       if (event.origin !== window.location.origin) return;
-      if (_optionalChain([event, 'access', _115 => _115.data, 'optionalAccess', _116 => _116.type]) !== "fc_oauth_code") return;
+      if (_optionalChain([event, 'access', _121 => _121.data, 'optionalAccess', _122 => _122.type]) !== "fc_oauth_code") return;
       const code = event.data.code;
       if (!code) return;
       try {
@@ -3790,7 +3836,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapt
         const user = await api.getMe(token);
         setAuth({ status: "authenticated", user, accessToken: token });
         scheduleRefresh(token);
-        _optionalChain([onLogin, 'optionalCall', _117 => _117(user)]);
+        _optionalChain([onLogin, 'optionalCall', _123 => _123(user)]);
         setTimeout(() => {
           setModal({ isOpen: false, step: "method-select" });
         }, 1500);
@@ -3816,7 +3862,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapt
       setAuth({ status: "authenticated", user, accessToken: token });
       scheduleRefresh(token);
       setModal({ isOpen: true, step: "success" });
-      _optionalChain([onLogin, 'optionalCall', _118 => _118(user)]);
+      _optionalChain([onLogin, 'optionalCall', _124 => _124(user)]);
       setTimeout(() => {
         setModal({ isOpen: false, step: "method-select" });
       }, 1500);
@@ -3916,7 +3962,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapt
     const token = auth.accessToken;
     if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
     setAuth({ status: "unauthenticated", user: null, accessToken: null });
-    _optionalChain([onLogout, 'optionalCall', _119 => _119()]);
+    _optionalChain([onLogout, 'optionalCall', _125 => _125()]);
     if (token) {
       try {
         await api.logout(token);
@@ -3970,7 +4016,7 @@ function ForgeConnectProvider({ config, children, onLogin, onLogout, walletAdapt
     const token = auth.accessToken;
     if (refreshTimerRef.current) clearTimeout(refreshTimerRef.current);
     setAuth({ status: "unauthenticated", user: null, accessToken: null });
-    _optionalChain([onLogout, 'optionalCall', _120 => _120()]);
+    _optionalChain([onLogout, 'optionalCall', _126 => _126()]);
     if (token) {
       try {
         await api.logoutAll(token);
@@ -4155,11 +4201,11 @@ function useAdmin() {
       const token = getAccessToken();
       if (!token) throw new Error("Please sign in to continue.");
       await api.adminUpdateUserStatus(token, id, status);
-      if (_optionalChain([selectedUser, 'optionalAccess', _121 => _121.id]) === id) {
+      if (_optionalChain([selectedUser, 'optionalAccess', _127 => _127.id]) === id) {
         await getUser(id);
       }
     },
-    [api, getAccessToken, _optionalChain([selectedUser, 'optionalAccess', _122 => _122.id]), getUser]
+    [api, getAccessToken, _optionalChain([selectedUser, 'optionalAccess', _128 => _128.id]), getUser]
   );
   const getUserSessions = _react.useCallback.call(void 0, 
     async (id) => {
@@ -4275,9 +4321,9 @@ function useRoles() {
       const token = getAccessToken();
       if (!token) throw new Error("Please sign in to continue.");
       await api.adminDeleteRole(token, id);
-      if (_optionalChain([selectedRole, 'optionalAccess', _123 => _123.id]) === id) setSelectedRole(null);
+      if (_optionalChain([selectedRole, 'optionalAccess', _129 => _129.id]) === id) setSelectedRole(null);
     },
-    [api, getAccessToken, _optionalChain([selectedRole, 'optionalAccess', _124 => _124.id])]
+    [api, getAccessToken, _optionalChain([selectedRole, 'optionalAccess', _130 => _130.id])]
   );
   const getPermissions = _react.useCallback.call(void 0, 
     async () => {