@getpara/core-sdk 2.0.0-alpha.7 → 2.0.0-alpha.70

package/dist/esm/utils/wallet.js

@@ -59,7 +59,10 @@ function getEquivalentTypes(types) {
   return getWalletTypes(getSchemes(Array.isArray(types) ? types : [types]));
 }
 function entityToWallet(w) {
+  var _a;
   return __spreadProps(__spreadValues({}, w), {
+    createdAt: typeof w.createdAt === "string" ? w.createdAt : w.createdAt.toISOString(),
+    lastUsedAt: typeof w.lastUsedAt === "string" ? w.lastUsedAt : (_a = w.lastUsedAt) == null ? void 0 : _a.toISOString(),
     scheme: w.scheme,
     type: w.type,
     pregenIdentifierType: w.pregenIdentifierType
@@ -88,8 +91,22 @@ function mergeCurrentWalletIds(original, additional) {
 function newUuid() {
   return uuid.v4();
 }
+function currentWalletIdsEq(a, b) {
+  if (!a && !b) return true;
+  if (!a || !b) return false;
+  const aKeys = Object.keys(a);
+  const bKeys = Object.keys(b);
+  if (aKeys.length !== bKeys.length) return false;
+  return aKeys.every((key) => {
+    var _a, _b;
+    const aIds = ((_a = a[key]) == null ? void 0 : _a.sort()) || [];
+    const bIds = ((_b = b[key]) == null ? void 0 : _b.sort()) || [];
+    return aIds.length === bIds.length && aIds.every((id, index) => id === bIds[index]);
+  });
+}
 export {
   WalletSchemeTypeMap,
+  currentWalletIdsEq,
   entityToWallet,
   getEquivalentTypes,
   getSchemes,

package/dist/esm/utils/window.js

@@ -0,0 +1,16 @@
+import "../chunk-7B52C2XE.js";
+import { getPortalBaseURL } from "./url.js";
+function isPortal(ctx, env) {
+  var _a, _b;
+  if (typeof window === "undefined") return false;
+  const normalizedUrl = (_b = (_a = window.location) == null ? void 0 : _a.host) == null ? void 0 : _b.replace("getpara", "usecapsule");
+  const isOnPortalDomain = getPortalBaseURL(env ? { env } : ctx).includes(normalizedUrl);
+  if (!isOnPortalDomain) return false;
+  const isInIframe = window.parent !== window && !window.opener;
+  const isInPopup = window.opener && window.parent === window;
+  const isDirectAccess = window.parent === window && !window.opener;
+  return isInIframe || isInPopup || isDirectAccess;
+}
+export {
+  isPortal
+};

package/dist/types/ParaCore.d.ts

@@ -1,12 +1,17 @@
-import { AuthMethod, AuthExtras, CurrentWalletIds, EmailTheme, TWalletType, PregenIds, BiometricLocationHint, Auth, SupportedWalletTypes, AuthIdentifier, AuthType, ExternalWalletInfo, PrimaryAuthInfo, SessionInfo, PrimaryAuth, PrimaryAuthType, AccountMetadata } from '@getpara/user-management-client';
+import { AuthMethod, AuthExtras, CurrentWalletIds, EmailTheme, PartnerEntity, TWalletType, PregenIds, BiometricLocationHint, Auth, SupportedWalletTypes, AuthIdentifier, AuthType, ExternalWalletInfo, ServerAuthStateLogin, ServerAuthStateSignup, PrimaryAuthInfo, SessionInfo, PrimaryAuth, PrimaryAuthType, AccountMetadata, LinkedAccounts, VerifyLinkParams, VerifyExternalWalletParams, SupportedAccountLinks, OnRampPurchase, BalancesConfig, Theme, ServerAuthStateDone } from '@getpara/user-management-client';
 import type { pki as pkiType } from 'node-forge';
-import { Ctx, Environment, Theme, WalletFilters, Wallet, PortalUrlOptions, ConstructorOpts, CoreAuthInfo, PortalUrlType, CoreMethodParams, CoreMethodResponse, NewCredentialUrlParams, LoginUrlParams, CoreInterface, ExternalWalletConnectionType } from './types/index.js';
+import { Ctx, Environment, WalletFilters, Wallet, PortalUrlOptions, ConstructorOpts, CoreAuthInfo, PortalUrlType, CoreMethodParams, CoreMethodResponse, NewCredentialUrlParams, LoginUrlParams, CoreInterface, ExternalWalletConnectionType, AccountLinkInProgress, InternalMethodParams, InternalMethodResponse, AvailableWallet } from './types/index.js';
 import { PlatformUtils } from './PlatformUtils.js';
 export declare abstract class ParaCore implements CoreInterface {
     #private;
+    popupWindow: Window | null;
     static version?: string;
     ctx: Ctx;
+    protected isSwitchingWallets: boolean;
     protected isNativePasskey: boolean;
+    protected isPartnerOptional?: boolean;
+    protected setModalError(_error?: string): void;
+    isReady: boolean;
     get authInfo(): CoreAuthInfo | undefined;
     get email(): AuthIdentifier<'email'> | undefined;
     get phone(): AuthIdentifier<'phone'> | undefined;
@@ -14,18 +19,27 @@ export declare abstract class ParaCore implements CoreInterface {
     get telegramUserId(): AuthIdentifier<'telegram'> | undefined;
     get externalWalletWithParaAuth(): Wallet | undefined;
     get externalWalletConnectionType(): ExternalWalletConnectionType;
+    protected partner?: PartnerEntity;
     userId?: string;
+    accountLinkInProgress: AccountLinkInProgress | undefined;
     private sessionCookie?;
+    isEnclaveUser: boolean;
+    private enclaveJwt?;
+    private enclaveRefreshJwt?;
     private isAwaitingAccountCreation;
     private isAwaitingLogin;
     private isAwaitingFarcaster;
     private isAwaitingOAuth;
+    private isWorkerInitialized;
     get isEmail(): boolean;
     get isPhone(): boolean;
     get isFarcaster(): boolean;
     get isTelegram(): boolean;
     get isExternalWalletAuth(): boolean;
+    get isExternalWalletWithVerification(): boolean;
     get partnerId(): string | undefined;
+    protected get partnerName(): string | undefined;
+    protected get partnerLogo(): string | undefined;
     /**
      * The IDs of the currently active wallets, for each supported wallet type. Any signer integrations will default to the first viable wallet ID in this dictionary.
      */
@@ -111,7 +125,7 @@ export declare abstract class ParaCore implements CoreInterface {
     portalPrimaryButtonTextColor?: string;
     /**
      * Theme to use for the portal
-     * @deprecated configure theming through the developer portal
+     * WARNING: This theme will override portal options set within the developer portal.
      */
     portalTheme?: Theme;
     /**
@@ -119,11 +133,18 @@ export declare abstract class ParaCore implements CoreInterface {
      */
     externalWalletConnectionOnly?: boolean;
     private disableProviderModal?;
+    private fetchPregenWalletsOverride?;
     get isNoWalletConfig(): boolean;
     get supportedWalletTypes(): SupportedWalletTypes;
     get cosmosPrefix(): string | undefined;
+    get supportedAccountLinks(): SupportedAccountLinks;
     get isWalletTypeEnabled(): Partial<Record<TWalletType, boolean>>;
-    private platformUtils;
+    protected onRampPopup: {
+        window: Window;
+        onRampPurchase: OnRampPurchase;
+    } | undefined;
+    protected platformUtils: PlatformUtils;
+    protected nonPersistedStorageKeys: string[];
     private localStorageGetItem;
     private localStorageSetItem;
     private localStorageRemoveItem;
@@ -132,14 +153,18 @@ export declare abstract class ParaCore implements CoreInterface {
     private sessionStorageRemoveItem;
     retrieveSessionCookie: () => string | undefined;
     persistSessionCookie: (cookie: string) => void;
+    retrieveEnclaveJwt: () => string;
+    persistEnclaveJwt: (jwt: string) => void;
+    retrieveEnclaveRefreshJwt: () => string;
+    persistEnclaveRefreshJwt: (jwt: string) => void;
     /**
      * Remove all local storage and prefixed session storage.
      * @param {'local' | 'session' | 'secure' | 'all'} type - Type of storage to clear. Defaults to 'all'.
      */
-    clearStorage: (type?: CoreMethodParams<'clearStorage'>) => CoreMethodResponse<'clearStorage'>;
+    clearStorage: (type?: CoreMethodParams<"clearStorage">) => CoreMethodResponse<"clearStorage">;
     private convertBigInt;
     private convertEncryptionKeyPair;
-    private isPortal;
+    protected isPortal(envOverride?: Environment): boolean;
     private isParaConnect;
     private requireApiKey;
     private isWalletSupported;
@@ -147,6 +172,7 @@ export declare abstract class ParaCore implements CoreInterface {
     private isPregenWalletUnclaimed;
     private isPregenWalletClaimable;
     private isWalletUsable;
+    private truncateAddress;
     /**
      * Returns the formatted address for the desired wallet ID, depending on your app settings.
      * @param {string} walletId the ID of the wallet address to display.
@@ -171,25 +197,30 @@ export declare abstract class ParaCore implements CoreInterface {
     getWallets(): Record<string, Wallet>;
     getAddress(walletId?: string): string | undefined;
     protected abstract getPlatformUtils(): PlatformUtils;
+    abstract isPasskeySupported(): Promise<boolean>;
     protected constructPortalUrl(type: PortalUrlType, opts?: PortalUrlOptions): Promise<string>;
+    static resolveEnvironment(env: Environment | undefined, apiKey: string | undefined): Environment;
     /**
      * Constructs a new `ParaCore` instance.
-     * @param env - `Environment` to use.
+     * @param env - `Environment` to use. Optional if the apiKey contains an environment prefix (e.g., "prod_your_api_key"). Updated API keys can be found at https://developer.getpara.com.
      * @param apiKey - API key to use.
      * @param opts - Additional constructor options; see `ConstructorOpts`.
      * @returns - A new ParaCore instance.
      */
-    constructor(env: Environment, apiKey: string, opts?: ConstructorOpts);
+    constructor(env: Environment | undefined, apiKey: string, opts?: ConstructorOpts);
+    constructor(apiKey: string, opts?: ConstructorOpts);
     private trackError;
     private wrapMethodsWithErrorTracking;
     private initializeFromStorage;
     private updateAuthInfoFromStorage;
+    private updateEnclaveJwtFromStorage;
     private updateUserIdFromStorage;
     private updateWalletsFromStorage;
     private updateWalletIdsFromStorage;
     private updateSessionCookieFromStorage;
     private updateLoginEncryptionKeyPairFromStorage;
     private updateExternalWalletsFromStorage;
+    protected initializeWorker: () => Promise<void>;
     touchSession(regenerate?: boolean): Promise<SessionInfo>;
     private getVerificationEmailProps;
     private getBackupKitEmailProps;
@@ -199,11 +230,29 @@ export declare abstract class ParaCore implements CoreInterface {
      * Init only needs to be called for storage that is async.
      */
     init(): Promise<void>;
+    /**
+     * Call this method to perform initial setup for the `ParaCore` instance.
+     *
+     * This method will be called automatically if you use the React `ParaProvider` or when you call any methods that request an updated session.
+     */
+    abstract ready(): Promise<void>;
     protected setAuth(auth: PrimaryAuth, { extras, userId }?: {
         extras?: AuthExtras;
         userId?: string;
     }): Promise<typeof this.authInfo>;
-    protected assertUserId(): string;
+    /**
+     * Display an error message in the modal (if available)
+     * @internal
+     */
+    protected displayModalError(error?: string): void;
+    /**
+     * Handle specific touchSession errors with user-friendly messages
+     * @private
+     */
+    private handleTouchSessionError;
+    protected assertUserId({ allowGuestMode }?: {
+        allowGuestMode?: boolean;
+    }): string;
     protected assertIsAuthSet(allowed?: AuthType[]): PrimaryAuthInfo;
     /**
      * Sets the email associated with the `ParaCore` instance.
@@ -231,7 +280,8 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param externalAddress - External wallet address to set.
      * @param externalType - Type of external wallet to set.
      */
-    setExternalWallet({ address, type, provider, addressBech32, withFullParaAuth }: ExternalWalletInfo): Promise<void>;
+    setExternalWallet(externalWallet: ExternalWalletInfo[] | ExternalWalletInfo): Promise<void>;
+    protected addExternalWallets(externalWallets: ExternalWalletInfo[]): Promise<void>;
     /**
      * Sets the user id associated with the `ParaCore` instance.
      * @param userId - User id to set.
@@ -244,9 +294,9 @@ export declare abstract class ParaCore implements CoreInterface {
     setWallets(wallets: Record<string, Wallet>): Promise<void>;
     /**
      * Sets the external wallets associated with the `ParaCore` instance.
-     * @param externalWallets - External wallets to set.
+     * @param externalWallets - External wallets to set, or a function that modifies the current wallets.
      */
-    setExternalWallets(externalWallets: Record<string, Wallet>): Promise<void>;
+    setExternalWallets(externalWallets: Record<string, Wallet> | ((current: Record<string, Wallet>) => Record<string, Wallet>)): Promise<void>;
     /**
      * Sets the login encryption key pair associated with the `ParaCore` instance.
      * @param keyPair - Encryption key pair generated from loginEncryptionKey.
@@ -282,6 +332,7 @@ export declare abstract class ParaCore implements CoreInterface {
     /**
      * Fetches the most recent OAuth account metadata for the signed-in user.
      * If applicable, this will include the user's most recent metadata from their Google, Apple, Facebook, X, Discord, Farcaster, or Telegram account, the last time they signed in to your app.
+     * @deprecated use `para.getLinkedAccounts({ withMetadata: true })` instead.
      * @returns {Promise<AccountMetadata>} the user's account metadata.
      */
     getAccountMetadata(): Promise<AccountMetadata>;
@@ -302,7 +353,7 @@ export declare abstract class ParaCore implements CoreInterface {
      */
     findWalletByAddress(address: string, filter?: WalletFilters | undefined): any;
     findWallet(idOrAddress?: string, overrideType?: TWalletType, filter?: WalletFilters): Omit<Wallet, 'signer'> | undefined;
-    get availableWallets(): Pick<Wallet, 'id' | 'type' | 'name' | 'address' | 'isExternal'>[];
+    get availableWallets(): AvailableWallet[];
     /**
      * Retrieves all usable wallets with the provided type (`'EVM' | 'COSMOS' | 'SOLANA'`)
      * @param {string} type the wallet type to filter by.
@@ -331,7 +382,7 @@ export declare abstract class ParaCore implements CoreInterface {
      * @returns {WalletEntity[]} wallets that were fetched.
      */
     fetchWallets(): CoreMethodResponse<'fetchWallets'>;
-    private populateWalletAddresses;
+    protected populateWalletAddresses(): Promise<void>;
     private populatePregenWalletAddresses;
     /**
      * Logs in or creates a new user using an external wallet address.
@@ -340,15 +391,22 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param {TWalletType} opts.type type of external wallet to use for identification.
      * @param {string} opts.provider the name of the provider for the external wallet.
      */
-    loginExternalWallet({ externalWallet, ...urlOptions }: CoreMethodParams<'loginExternalWallet'>): CoreMethodResponse<'loginExternalWallet'>;
-    verifyExternalWallet({ externalWallet, signedMessage, cosmosPublicKeyHex, cosmosSigner, ...urlOptions }: CoreMethodParams<'verifyExternalWallet'>): CoreMethodResponse<'verifyExternalWallet'>;
-    /**
-     * Validates the response received from an attempted Telegram login for authenticity, then
-     * creates or retrieves the corresponding Para user and prepares the Para instance to sign in with that user.
-     * @param authResponse - the response JSON object received from the Telegram widget.
-     * @returns `{ isValid: boolean; telegramUserId?: string; userId?: string; isNewUser?: boolean; supportedAuthMethods?: AuthMethod[]; biometricHints?: BiometricLocationHint[] }`
-     */
-    verifyTelegram({ telegramAuthResponse, ...urlOptions }: CoreMethodParams<'verifyTelegram'>): CoreMethodResponse<'verifyTelegram'>;
+    loginExternalWallet({ externalWallet, chainId, uri, ...urlOptions }: CoreMethodParams<'loginExternalWallet'>): CoreMethodResponse<'loginExternalWallet'>;
+    verifyExternalWallet(params: {
+        serverAuthState: ServerAuthStateSignup | ServerAuthStateLogin | ServerAuthStateDone;
+    } & Omit<CoreMethodParams<'verifyExternalWallet'>, keyof VerifyExternalWalletParams>): CoreMethodResponse<'verifyExternalWallet'>;
+    verifyExternalWallet(params: VerifyExternalWalletParams & {
+        serverAuthState?: undefined;
+    } & Omit<CoreMethodParams<'verifyExternalWallet'>, 'serverAuthState'>): CoreMethodResponse<'verifyExternalWallet'>;
+    protected verifyExternalWalletLink(opts: InternalMethodParams<'verifyExternalWalletLink'>): InternalMethodResponse<'verifyExternalWalletLink'>;
+    protected verifyTelegramProcess(opts: CoreMethodParams<'verifyTelegram'> & {
+        isLinkAccount: false;
+    }): CoreMethodResponse<'verifyTelegram'>;
+    protected verifyTelegramProcess(opts: InternalMethodParams<'verifyTelegramLink'> & {
+        isLinkAccount: true;
+    }): InternalMethodResponse<'verifyTelegramLink'>;
+    verifyTelegram(opts: CoreMethodParams<'verifyTelegram'>): CoreMethodResponse<'verifyTelegram'>;
+    protected verifyTelegramLink(opts: InternalMethodParams<'verifyTelegramLink'>): InternalMethodResponse<'verifyTelegramLink'>;
     /**
      * Performs 2FA verification.
      * @param {Object} opts the options object
@@ -371,7 +429,7 @@ export declare abstract class ParaCore implements CoreInterface {
     /**
      * Resend a verification email for the current user.
      */
-    resendVerificationCode(): CoreMethodResponse<'resendVerificationCode'>;
+    resendVerificationCode({ type: reason, }: CoreMethodParams<'resendVerificationCode'>): CoreMethodResponse<'resendVerificationCode'>;
     /**
      * Checks if the current session is active.
      * @returns `true` if active, `false` otherwise
@@ -383,7 +441,15 @@ export declare abstract class ParaCore implements CoreInterface {
      **/
     isFullyLoggedIn(): CoreMethodResponse<'isFullyLoggedIn'>;
     get isGuestMode(): boolean;
+    /**
+     * Get the auth methods available to an existing user
+     * @deprecated Use supportedUserAuthMethods instead
+     */
     protected supportedAuthMethods(auth: Auth<PrimaryAuthType | 'userId'>): Promise<Set<AuthMethod>>;
+    /**
+     * Get the auth methods available to an existing user
+     */
+    protected supportedUserAuthMethods(): Promise<Set<AuthMethod>>;
     /**
      * Get hints associated with the users stored biometrics.
      * @deprecated
@@ -396,35 +462,30 @@ export declare abstract class ParaCore implements CoreInterface {
     waitForSignup({ isCanceled, onCancel, onPoll, }: CoreMethodParams<'waitForSignup'>): CoreMethodResponse<'waitForSignup'>;
     waitForWalletCreation({ isCanceled, onCancel, }?: CoreMethodParams<'waitForWalletCreation'>): CoreMethodResponse<'waitForWalletCreation'>;
     /**
-     * Initiates a Farcaster login attempt and return the URI for the user to connect.
+     * Initiates a Farcaster login attempt and returns the URL for the user to connect.
      * You can create a QR code with this URI that works with Farcaster's mobile app.
      * @return {string} the Farcaster connect URI
      */
-    getFarcasterConnectUri(): CoreMethodResponse<'getFarcasterConnectUri'>;
-    /**
-     * Awaits the response from a user's attempt to log in with Farcaster.
-     * If successful, this returns the user's Farcaster username and profile picture and indicates whether the user already exists.
-     * @return {Object} `{userExists: boolean; username: string; pfpUrl?: string | null }` - the user's information and whether the user already exists.
-     */
-    verifyFarcaster({ isCanceled, onConnectUri, onCancel, onPoll, ...urlOptions }: CoreMethodParams<'verifyFarcaster'>): CoreMethodResponse<'verifyFarcaster'>;
-    /**
-     * Generates a URL for the user to log in with OAuth using a desire method.
-     *
-     * @param {Object} opts the options object
-     * @param {TOAuthMethod} opts.method the third-party service to use for OAuth.
-     * @param {string} [opts.deeplinkUrl] the deeplink to redirect to after the OAuth flow. This is for mobile only.
-     * @returns {string} the URL for the user to log in with OAuth.
-     */
-    getOAuthUrl({ method, deeplinkUrl, ...params }: CoreMethodParams<'getOAuthUrl'>): CoreMethodResponse<'getOAuthUrl'>;
-    /**
-     * Awaits the response from a user's attempt to log in with OAuth.
-     * If successful, this returns the user's email address and indicates whether the user already exists.
-     *
-     * @param {Object} opts the options object.
-     * @param {Window} [opts.popupWindow] the popup window being used for login.
-     * @return {Object} `{ email?: string; isError?: boolean; userExists: boolean; }` the result data
-     */
-    verifyOAuth({ method, deeplinkUrl, isCanceled, onCancel, onPoll, onOAuthUrl, ...urlOptions }: CoreMethodParams<'verifyOAuth'>): CoreMethodResponse<'verifyOAuth'>;
+    getFarcasterConnectUri({ appScheme }?: {
+        appScheme?: string;
+    }): CoreMethodResponse<'getFarcasterConnectUri'>;
+    protected verifyFarcasterProcess(opts: CoreMethodParams<'verifyFarcaster'> & {
+        isLinkAccount: false;
+    }): CoreMethodResponse<'verifyFarcaster'>;
+    protected verifyFarcasterProcess(opts: InternalMethodParams<'verifyFarcasterLink'> & {
+        isLinkAccount: true;
+    }): InternalMethodResponse<'verifyFarcasterLink'>;
+    verifyFarcaster(opts: CoreMethodParams<'verifyFarcaster'>): CoreMethodResponse<'verifyFarcaster'>;
+    protected verifyFarcasterLink(opts: InternalMethodParams<'verifyFarcasterLink'>): InternalMethodResponse<'verifyFarcasterLink'>;
+    getOAuthUrl(opts: CoreMethodParams<'getOAuthUrl'>): CoreMethodResponse<'getOAuthUrl'>;
+    protected verifyOAuthProcess(_: InternalMethodParams<'verifyOAuthLink'> & {
+        isLinkAccount: true;
+    }): InternalMethodResponse<'verifyOAuthLink'>;
+    protected verifyOAuthProcess(_: CoreMethodParams<'verifyOAuth'> & {
+        isLinkAccount: false;
+    }): CoreMethodResponse<'verifyOAuth'>;
+    verifyOAuth(opts: CoreMethodParams<'verifyOAuth'>): CoreMethodResponse<'verifyOAuth'>;
+    protected verifyOAuthLink(opts: InternalMethodParams<'verifyOAuthLink'>): InternalMethodResponse<'verifyOAuthLink'>;
     /**
      * Waits for the session to be active and sets up the user.
      *
@@ -433,7 +494,15 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param {boolean} [opts.skipSessionRefresh] whether to skip refreshing the session.
      * @returns {Object} `{ isComplete: boolean; isError: boolean; needsWallet: boolean; partnerId: string; }` the result data
      **/
-    waitForLogin({ isCanceled, onCancel, onPoll, skipSessionRefresh, }?: CoreMethodParams<'waitForLogin'>): CoreMethodResponse<'waitForLogin'>;
+    waitForLogin(args: CoreMethodParams<'waitForLogin'>): CoreMethodResponse<'waitForLogin'>;
+    protected waitForWalletSwitching(args: CoreMethodParams<'waitForLogin'>): CoreMethodResponse<'waitForLogin'>;
+    /**
+     * Gets the switch wallets URL for wallet selection.
+     * The authMethod is automatically included in the URL if available.
+     *
+     * @returns {Promise<{ url: string; authMethod: TAuthMethod }>} The switch wallets URL and authMethod
+     */
+    protected getSwitchWalletsUrl(): Promise<string>;
     /**
      * Updates the session with the user management server, possibly
      * opening a popup to refresh the session.
@@ -495,7 +564,7 @@ export declare abstract class ParaCore implements CoreInterface {
      *
      * @deprecated alias for `createWalletPerType`
      **/
-    createWalletPerMissingType: ({ skipDistribute, types, }?: CoreMethodParams<'createWalletPerType'>) => CoreMethodResponse<'createWalletPerType'>;
+    createWalletPerMissingType: ({ skipDistribute, types, }?: CoreMethodParams<"createWalletPerType">) => CoreMethodResponse<"createWalletPerType">;
     /**
      * Creates several new wallets with the desired types. If no types are provided, this method
      * will create one for each of the non-optional types specified in the instance's `supportedWalletTypes`
@@ -587,7 +656,7 @@ export declare abstract class ParaCore implements CoreInterface {
     setUserShare(base64Wallets: CoreMethodParams<'setUserShare'>): CoreMethodResponse<'setUserShare'>;
     private getTransactionReviewUrl;
     private getOnRampTransactionUrl;
-    getWalletBalance: ({ walletId, rpcUrl, }: CoreMethodParams<'getWalletBalance'>) => CoreMethodResponse<'getWalletBalance'>;
+    getWalletBalance: ({ walletId, rpcUrl, }: CoreMethodParams<"getWalletBalance">) => CoreMethodResponse<"getWalletBalance">;
     /**
      * Signs a message using one of the current wallets.
      *
@@ -640,6 +709,7 @@ export declare abstract class ParaCore implements CoreInterface {
      * @returns {Promise<string>} the ID
      **/
     getVerificationToken(): CoreMethodResponse<'getVerificationToken'>;
+    issueJwt({ keyIndex }?: CoreMethodParams<'issueJwt'>): CoreMethodResponse<'issueJwt'>;
     /**
      * Logs the user out.
      * @param {Object} opts the options object.
@@ -648,20 +718,21 @@ export declare abstract class ParaCore implements CoreInterface {
     logout({ clearPregenWallets }?: {
         clearPregenWallets?: boolean;
     }): Promise<void>;
-    /** @deprecated */
-    protected getSupportedCreateAuthMethods(): Promise<Set<AuthMethod>>;
+    protected get toStringAdditions(): Record<string, unknown>;
     /**
      * Converts to a string, removing sensitive data when logging this class.
      *
      * Doesn't work for all types of logging.
      **/
     toString(): string;
-    protected getNewCredentialAndUrl({ authMethod, isForNewDevice, portalTheme, shorten, }?: NewCredentialUrlParams): Promise<{
+    protected devLog(...s: any[]): void;
+    protected getNewCredentialAndUrl({ authMethod: optsAuthMethod, isForNewDevice, portalTheme, shorten, }?: NewCredentialUrlParams): Promise<{
         credentialId: string;
         url?: string;
     }>;
+    addCredential({ authMethod }: Pick<NewCredentialUrlParams, 'authMethod'>): Promise<string>;
     /**
-     * Returns a Para Portal URL for logging in with a WebAuth passkey or a password.
+     * Returns a Para Portal URL for logging in with a WebAuth passkey, password, PIN or OTP.
      * @param {Object} opts the options object
      * @param {String} opts.auth - the user auth to sign up or log in with, in the form ` { email: string } | { phone: `+${number}` } `
      * @param {boolean} opts.useShortUrls - whether to shorten the generated portal URLs
@@ -669,6 +740,20 @@ export declare abstract class ParaCore implements CoreInterface {
      * @returns {SignUpOrLogInResponse} an object in the form of either: `{ stage: 'verify' }` or `{ stage: 'login'; passkeyUrl?: string; passwordUrl?: string; biometricHints?: BiometricLocationHint[] }`
      */
     protected getLoginUrl({ authMethod, shorten, portalTheme, sessionId, }: LoginUrlParams): Promise<string>;
+    protected prepareLogin(): InternalMethodResponse<'prepareLogin'>;
     signUpOrLogIn({ auth, ...urlOptions }: CoreMethodParams<'signUpOrLogIn'>): CoreMethodResponse<'signUpOrLogIn'>;
     verifyNewAccount({ verificationCode, ...urlOptions }: CoreMethodParams<'verifyNewAccount'>): CoreMethodResponse<'verifyNewAccount'>;
+    getLinkedAccounts({ withMetadata, }?: CoreMethodParams<'getLinkedAccounts'>): CoreMethodResponse<'getLinkedAccounts'>;
+    protected linkAccount(opts: InternalMethodParams<'linkAccount'>): InternalMethodResponse<'linkAccount'>;
+    protected unlinkAccount({ linkedAccountId, }: InternalMethodParams<'unlinkAccount'>): InternalMethodResponse<'unlinkAccount'>;
+    protected verifyLink({ accountLinkInProgress, ...opts }?: {
+        accountLinkInProgress?: AccountLinkInProgress;
+    } & Partial<Pick<VerifyLinkParams, 'verificationCode' | 'telegramAuthResponse'> & VerifyExternalWalletParams>): Promise<LinkedAccounts>;
+    protected verifyEmailOrPhoneLink({ verificationCode, }: InternalMethodParams<'verifyEmailOrPhoneLink'>): InternalMethodResponse<'verifyEmailOrPhoneLink'>;
+    protected getProfileBalance({ config, refetch }?: {
+        config?: BalancesConfig;
+        refetch?: boolean;
+    }): Promise<import("@getpara/user-management-client").ProfileBalance>;
+    protected sendLoginCode(): Promise<void>;
+    exportPrivateKey(args?: CoreMethodParams<'exportPrivateKey'>): CoreMethodResponse<'exportPrivateKey'>;
 }

package/dist/types/PlatformUtils.d.ts

@@ -1,5 +1,3 @@
-/// <reference types="node" />
-/// <reference types="node" />
 import { BackupKitEmailProps, TPregenIdentifierType, TWalletType, SDKType } from '@getpara/user-management-client';
 import { Ctx, PopupType, SignatureRes } from './types/index.js';
 import { StorageUtils } from './StorageUtils.js';
@@ -44,5 +42,6 @@ export interface PlatformUtils {
     disableProviderModal?: boolean;
     openPopup(popupUrl: string, opts?: {
         type: PopupType;
-    }): Window;
+    }): Promise<Window>;
+    initializeWorker(ctx: Ctx): Promise<void>;
 }

package/dist/types/constants.d.ts

@@ -1,20 +1,24 @@
 export declare const PARA_CORE_VERSION: string;
 export declare const PREFIX = "@CAPSULE/";
-export declare const LOCAL_STORAGE_AUTH_INFO: string;
-export declare const LOCAL_STORAGE_EMAIL: string;
-export declare const LOCAL_STORAGE_PHONE: string;
-export declare const LOCAL_STORAGE_COUNTRY_CODE: string;
-export declare const LOCAL_STORAGE_FARCASTER_USERNAME: string;
-export declare const LOCAL_STORAGE_TELEGRAM_USER_ID: string;
-export declare const LOCAL_STORAGE_EXTERNAL_WALLET_USER_ID: string;
-export declare const LOCAL_STORAGE_USER_ID: string;
-export declare const LOCAL_STORAGE_ED25519_WALLETS: string;
-export declare const LOCAL_STORAGE_WALLETS: string;
-export declare const LOCAL_STORAGE_EXTERNAL_WALLETS: string;
-export declare const LOCAL_STORAGE_CURRENT_WALLET_IDS: string;
-export declare const LOCAL_STORAGE_SESSION_COOKIE: string;
-export declare const SESSION_STORAGE_LOGIN_ENCRYPTION_KEY_PAIR: string;
+export declare const PARA_PREFIX = "@PARA/";
+export declare const LOCAL_STORAGE_AUTH_INFO = "@CAPSULE/authInfo";
+export declare const LOCAL_STORAGE_EMAIL = "@CAPSULE/e-mail";
+export declare const LOCAL_STORAGE_PHONE = "@CAPSULE/phone";
+export declare const LOCAL_STORAGE_COUNTRY_CODE = "@CAPSULE/countryCode";
+export declare const LOCAL_STORAGE_FARCASTER_USERNAME = "@CAPSULE/farcasterUsername";
+export declare const LOCAL_STORAGE_TELEGRAM_USER_ID = "@CAPSULE/telegramUserId";
+export declare const LOCAL_STORAGE_EXTERNAL_WALLET_USER_ID = "@CAPSULE/externalWalletUserId";
+export declare const LOCAL_STORAGE_USER_ID = "@CAPSULE/userId";
+export declare const LOCAL_STORAGE_ED25519_WALLETS = "@CAPSULE/ed25519Wallets";
+export declare const LOCAL_STORAGE_WALLETS = "@CAPSULE/wallets";
+export declare const LOCAL_STORAGE_EXTERNAL_WALLETS = "@CAPSULE/externalWallets";
+export declare const LOCAL_STORAGE_CURRENT_WALLET_IDS = "@CAPSULE/currentWalletIds";
+export declare const LOCAL_STORAGE_SESSION_COOKIE = "@CAPSULE/sessionCookie";
+export declare const LOCAL_STORAGE_ENCLAVE_JWT = "@CAPSULE/enclaveJwt";
+export declare const LOCAL_STORAGE_ENCLAVE_REFRESH_JWT = "@CAPSULE/enclaveRefreshJwt";
+export declare const SESSION_STORAGE_LOGIN_ENCRYPTION_KEY_PAIR = "@CAPSULE/loginEncryptionKeyPair";
 export declare const POLLING_INTERVAL_MS = 2000;
 export declare const SHORT_POLLING_INTERVAL_MS = 1000;
 export declare const POLLING_TIMEOUT_MS = 300000;
 export declare const EXTERNAL_WALLET_CONNECTION_ONLY_USER_ID = "EXTERNAL_WALLET_CONNECTION_ONLY";
+export declare const ACCOUNT_LINK_CONFLICT = "Account already linked";

package/dist/types/index.d.ts

@@ -1,11 +1,11 @@
 import { ParaCore } from './ParaCore.js';
-export { type AuthInfo, type PrimaryAuthInfo, type VerifiedAuthInfo, AuthMethod, type AuthExtras, type CurrentWalletIds, EmailTheme, type PartnerEntity, type WalletEntity, Network, WalletType, type TWalletType, WalletScheme, type TWalletScheme, OnRampAsset, OnRampPurchaseType, OnRampProvider, OnRampPurchaseStatus, type OnRampConfig, type OnRampAllowedAssets, type OnRampPurchase, OAuthMethod, type TOAuthMethod, type SupportedWalletTypes, type TPregenIdentifierType, type PregenIds, NON_ED25519, PREGEN_IDENTIFIER_TYPES, WALLET_TYPES, WALLET_SCHEMES, OAUTH_METHODS, } from '@getpara/user-management-client';
-export { OnRampMethod, PopupType, PregenIdentifierType, RecoveryStatus, type AuthStateSignup, type AuthStateVerify, type AuthStateLogin, type AuthState, type OAuthResponse, type CoreAuthInfo, type ProviderAssetInfo, type SignatureRes, type FullSignatureRes, type SuccessfulSignatureRes, type DeniedSignatureRes, type DeniedSignatureResWithUrl, type OnRampAssetInfo, type Theme, type Wallet, type GetWalletBalanceParams, } from './types/index.js';
+export { type Auth, type AuthInfo, type PrimaryAuthInfo, type VerifiedAuthInfo, type VerifiedAuth, AuthMethod, type TAuthMethod, AuthMethodStatus, type AuthExtras, type CurrentWalletIds, EmailTheme, type PartnerEntity, type WalletEntity, Network, type TNetwork, WalletType, type TWalletType, WalletScheme, type TWalletScheme, OnRampAsset, type TOnRampAsset, OnRampPurchaseType, OnRampProvider, OnRampPurchaseStatus, type OnRampConfig, type OnRampAssets, type OnRampPurchase, type OnRampAssetInfo, type ProviderAssetInfo, OnRampMethod, type Theme, OAuthMethod, type TOAuthMethod, type TLinkedAccountType, type SupportedAccountLinks, type SupportedWalletTypes, type TPregenIdentifierType, type PregenIds, type LinkedAccount, type LinkedAccounts, type TExternalWallet, type ExternalWalletInfo, type PregenAuth, type Setup2faResponse, type TelegramAuthResponse, type VerifyExternalWalletParams, type AssetMetadata, type AssetMetadataIndexed, type AssetValue, type BalancesConfig, type WalletBalance, type ProfileBalance, type OfframpDepositRequest, type WalletWithMetadata, RecoveryStatus, ThemeMode, NON_ED25519, PREGEN_IDENTIFIER_TYPES, WALLET_TYPES, WALLET_SCHEMES, OAUTH_METHODS, LINKED_ACCOUNT_TYPES, EXTERNAL_WALLET_TYPES, EVM_WALLETS, SOLANA_WALLETS, COSMOS_WALLETS, formatAssetQuantity, formatCurrency, } from '@getpara/user-management-client';
+export { PopupType, PregenIdentifierType, type AuthStateSignup, type AuthStateVerify, type AuthStateLogin, type AuthState, type OAuthResponse, type CoreAuthInfo, type SignatureRes, type FullSignatureRes, type SuccessfulSignatureRes, type DeniedSignatureRes, type DeniedSignatureResWithUrl, type Wallet, type AvailableWallet, type GetWalletBalanceParams, type AccountLinkInProgress, AccountLinkError, type InternalInterface, } from './types/index.js';
 export * from './types/coreApi.js';
 export * from './types/events.js';
 export * from './types/config.js';
-export { getPortalDomain, entityToWallet, constructUrl, shortenUrl } from './utils/index.js';
-export { PREFIX as STORAGE_PREFIX } from './constants.js';
+export { getPortalDomain, dispatchEvent, entityToWallet, constructUrl, shortenUrl, isPortal } from './utils/index.js';
+export { PREFIX as STORAGE_PREFIX, PARA_PREFIX as PARA_STORAGE_PREFIX, LOCAL_STORAGE_CURRENT_WALLET_IDS, LOCAL_STORAGE_WALLETS, } from './constants.js';
 export { distributeNewShare } from './shares/shareDistribution.js';
 export { KeyContainer } from './shares/KeyContainer.js';
 export type { PlatformUtils } from './PlatformUtils.js';
@@ -18,9 +18,11 @@ export * from './errors.js';
 export * from './utils/formatting.js';
 export * from './utils/polling.js';
 export * from './utils/phone.js';
+export * from './utils/config.js';
 export { isWalletSupported } from './utils/wallet.js';
 export { getNetworkPrefix, getOnRampAssets, getOnRampNetworks, toAssetInfoArray } from './utils/onRamps.js';
 export { getPortalBaseURL } from './utils/url.js';
 export { retrieve as transmissionUtilsRetrieve } from './transmission/transmissionUtils.js';
+export type { ShareData } from './shares/enclave.js';
 export declare const paraVersion: string;
 export default ParaCore;

package/dist/types/shares/KeyContainer.d.ts

@@ -1,5 +1,3 @@
-/// <reference types="node" />
-/// <reference types="node" />
 export declare class KeyContainer {
     walletId: string;
     keyshare: string;

package/dist/types/shares/enclave.d.ts

@@ -0,0 +1,81 @@
+import UserManagementClient from '@getpara/user-management-client';
+export interface ShareData {
+    userId: string;
+    walletId: string;
+    walletScheme: string;
+    partnerId?: string;
+    protocolId?: string;
+    signer: string;
+    createdAt?: string;
+    updatedAt?: string;
+}
+export interface ShareQuery {
+    userId: string;
+    walletId?: string;
+    partnerId?: string;
+}
+export interface EncryptedPayload {
+    encryptedData: string;
+    keyId: string;
+    algorithm: string;
+    ephemeral: string;
+}
+/**
+ * Enclave client for secure key share operations
+ * Handles encryption/decryption and communication with the enclave service
+ */
+export declare class EnclaveClient {
+    private userManagementClient;
+    private enclavePublicKey;
+    private frontendKeyPair;
+    private retrieveJwt;
+    private persistJwt;
+    private retrieveRefreshJwt;
+    private persistRefreshJwt;
+    constructor({ userManagementClient, retrieveJwt, persistJwt, retrieveRefreshJwt, persistRefreshJwt, }: {
+        userManagementClient: UserManagementClient;
+        retrieveJwt: () => string;
+        persistJwt: (jwt: string) => void;
+        retrieveRefreshJwt: () => string;
+        persistRefreshJwt: (refreshJwt: string) => void;
+    });
+    private refreshJwt;
+    private withJwtRefreshRetry;
+    issueEnclaveJwt(): Promise<void>;
+    /**
+     * Generate a P-256 keypair for the frontend to receive encrypted responses
+     */
+    private generateFrontendKeyPair;
+    /**
+     * Get the enclave's public key from the user-management service
+     */
+    private getEnclavePublicKey;
+    /**
+     * Import a PEM-formatted public key for use with Web Crypto API
+     */
+    private importPublicKeyFromPEM;
+    /**
+     * Export a public key to PEM format
+     */
+    private exportPublicKeyToPEM;
+    /**
+     * Encrypt data using P-256 ECIES for the enclave
+     */
+    private encryptForEnclave;
+    /**
+     * Decrypt response encrypted for the frontend
+     */
+    private decryptForFrontend;
+    /**
+     * Persist key shares to the enclave
+     * @param shares Array of share data to persist
+     */
+    private persistShares;
+    /**
+     * Retrieve key shares from the enclave
+     * @param query Query parameters for finding shares (single query or array of queries)
+     */
+    private retrieveShares;
+    retrieveSharesWithRetry(query: ShareQuery[]): Promise<ShareData[]>;
+    persistSharesWithRetry(shares: ShareData[]): Promise<any>;
+}