@getpara/core-sdk 2.12.0 → 2.13.0

package/dist/esm/ParaCore.js

@@ -8,7 +8,7 @@ import {
   __spreadProps,
   __spreadValues
 } from "./chunk-7B52C2XE.js";
-var _authInfo, _ParaCore_instances, assertPartner_fn, guestWalletIds_get, guestWalletIdsArray_get, toAuthInfo_fn, setAuthInfo_fn, getPartner_fn, assertIsLinkingAccount_fn, assertIsLinkingAccountOrStart_fn, getOAuthUrl_fn, waitForLoginProcess_fn, createPregenWallet_fn, _isCreateGuestWalletsPending, prepareAuthState_fn, prepareDoneState_fn, prepareVerificationState_fn, prepareLoginState_fn, prepareSignUpState_fn;
+var _stateManager, _authService, _walletService, _externalWalletService, _pregenWalletService, _pollingService, _portalUrlService, _sessionManagementService, _debugLogsEnabled, _ParaCore_instances, assertPartner_fn, toAuthInfo_fn, assertIsLinkingAccount_fn, assertIsLinkingAccountOrStart_fn, waitForLoginProcess_fn, logout_fn;
 import { Buffer as NodeBuffer } from "buffer";
 if (typeof global !== "undefined") {
   global.Buffer = global.Buffer || NodeBuffer;
@@ -21,85 +21,62 @@ if (typeof global !== "undefined") {
 }
 import {
   AuthMethod,
-  AuthMethodStatus,
-  PublicKeyType,
   extractAuthInfo,
-  isEmail,
-  isPhone,
-  isFarcaster,
-  isTelegram,
-  toPregenTypeAndId,
-  toPregenIds,
-  isExternalWallet,
   WALLET_TYPES,
-  LINKED_ACCOUNT_TYPES,
-  isPregenAuth
+  LINKED_ACCOUNT_TYPES
 } from "@getpara/user-management-client";
 import forge from "node-forge";
 const { pki, jsbn } = forge;
-import { decryptWithPrivateKey, getAsymmetricKeyPair, getPublicKeyHex } from "./cryptography/utils.js";
-import { getBaseOAuthUrl, initClient } from "./external/userManagementClient.js";
+import { decryptWithPrivateKey, getAsymmetricKeyPair } from "./cryptography/utils.js";
+import { initClient } from "./external/userManagementClient.js";
 import * as mpcComputationClient from "./external/mpcComputationClient.js";
-import { distributeNewShare } from "./shares/shareDistribution.js";
 import {
   Environment,
   PopupType,
   ParaEvent,
   AccountLinkError
 } from "./types/index.js";
-import { sendRecoveryForShare } from "./shares/recovery.js";
 import {
   autoBind,
   formatPhoneNumber,
-  constructUrl,
   dispatchEvent,
-  entityToWallet,
-  getCosmosAddress,
-  getEquivalentTypes,
   getParaConnectBaseUrl,
-  getPortalBaseURL,
-  getSchemes,
-  isPregenIdentifierMatch,
-  isWalletSupported,
   jsonParse,
   migrateWallet,
-  newUuid,
   setupListeners,
-  supportedWalletTypesEq,
-  truncateAddress,
   WalletSchemeTypeMap,
-  shortenUrl,
-  isServerAuthState,
-  splitPhoneNumber,
-  currentWalletIdsEq,
   isPortal
 } from "./utils/index.js";
+import { waitForAuthStateChange } from "./utils/stateListener.js";
 import { TransactionReviewDenied, TransactionReviewTimeout } from "./errors.js";
 import * as constants from "./constants.js";
 import { EnclaveClient } from "./shares/enclave.js";
+import { AuthService } from "./services/AuthService.js";
+import { PollingService } from "./services/PollingService.js";
+import { CoreStateManager } from "./state/CoreStateManager.js";
+import { WalletService } from "./services/WalletService.js";
+import { PregenWalletService } from "./services/PregenWalletService.js";
+import { PortalUrlService } from "./services/PortalUrlService.js";
+import { SessionManagementService } from "./services/SessionManagementService.js";
+import { ExternalWalletService } from "./services/ExternalWalletService.js";
 const _ParaCore = class _ParaCore {
   constructor(envOrApiKey, apiKeyOrOpts, opts) {
     __privateAdd(this, _ParaCore_instances);
+    __privateAdd(this, _stateManager);
+    __privateAdd(this, _authService);
+    __privateAdd(this, _walletService);
+    __privateAdd(this, _externalWalletService);
+    __privateAdd(this, _pregenWalletService);
+    __privateAdd(this, _pollingService);
+    __privateAdd(this, _portalUrlService);
+    __privateAdd(this, _sessionManagementService);
+    __privateAdd(this, _debugLogsEnabled);
     this.popupWindow = null;
-    __privateAdd(this, _authInfo);
     this.isSwitchingWallets = false;
     this.isNativePasskey = false;
-    this.isReady = false;
+    this.isSetup = false;
     this.accountLinkInProgress = void 0;
-    this.isEnclaveUser = false;
-    this.isAwaitingAccountCreation = false;
-    this.isAwaitingLogin = false;
-    this.isAwaitingFarcaster = false;
-    this.isAwaitingOAuth = false;
     this.isWorkerInitialized = false;
-    /**
-     * The IDs of the currently active wallets, for each supported wallet type. Any signer integrations will default to the first viable wallet ID in this dictionary.
-     */
-    this.currentWalletIds = {};
-    /**
-     * Wallets associated with the `ParaCore` instance.
-     */
-    this.externalWallets = {};
     this.onRampPopup = void 0;
     this.nonPersistedStorageKeys = [];
     this.localStorageGetItem = (key) => {
@@ -133,7 +110,8 @@ const _ParaCore = class _ParaCore {
       return this.platformUtils.sessionStorage.removeItem(key);
     };
     this.retrieveSessionCookie = () => {
-      return this.sessionCookie;
+      var _a;
+      return (_a = __privateGet(this, _sessionManagementService)) == null ? void 0 : _a.sessionCookie;
     };
     this.retrieveEnclaveJwt = () => {
       return this.enclaveJwt;
@@ -160,6 +138,9 @@ const _ParaCore = class _ParaCore {
         yield this.platformUtils.secureStorage.clear(constants.PARA_PREFIX);
       }
     });
+    this.initExternalWalletProvider = (params) => __async(this, null, function* () {
+      yield __privateGet(this, _externalWalletService).initExternalWalletProvider(params);
+    });
     this.trackError = (methodName, err) => __async(this, null, function* () {
       try {
         yield this.ctx.client.trackError({
@@ -218,7 +199,7 @@ const _ParaCore = class _ParaCore {
         };
         authInfo = __privateMethod(this, _ParaCore_instances, toAuthInfo_fn).call(this, authParams);
       }
-      __privateSet(this, _authInfo, authInfo);
+      __privateGet(this, _authService).authInfo = authInfo;
     };
     this.updateEnclaveJwtFromStorage = () => {
       this.enclaveJwt = this.localStorageGetItem(constants.LOCAL_STORAGE_ENCLAVE_JWT) || this.sessionStorageGetItem(constants.LOCAL_STORAGE_ENCLAVE_JWT) || void 0;
@@ -231,7 +212,7 @@ const _ParaCore = class _ParaCore {
       }
     };
     this.updateUserIdFromStorage = () => {
-      this.userId = this.localStorageGetItem(constants.LOCAL_STORAGE_USER_ID) || void 0;
+      __privateGet(this, _authService).userId = this.localStorageGetItem(constants.LOCAL_STORAGE_USER_ID) || void 0;
     };
     this.updateWalletsFromStorage = () => __async(this, null, function* () {
       var _a;
@@ -272,12 +253,13 @@ const _ParaCore = class _ParaCore {
         }, {}) : fromJson;
       })();
       this.setCurrentWalletIds(currentWalletIds);
-      if (Object.values(this.wallets).filter((w) => this.isWalletOwned(w)).length > 0 && this.currentWalletIdsArray.length === 0) {
+      if (Object.values(this.wallets).filter((w) => __privateGet(this, _walletService).isWalletOwned(w)).length > 0 && this.currentWalletIdsArray.length === 0) {
         this.findWalletId(void 0, { forbidPregen: true });
       }
     };
     this.updateSessionCookieFromStorage = () => {
-      this.sessionCookie = this.localStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE) || this.sessionStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE) || void 0;
+      __privateGet(this, _sessionManagementService).sessionCookie = this.localStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE) || this.sessionStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE) || void 0;
+      __privateGet(this, _sessionManagementService).isImportedSession = this.localStorageGetItem(constants.LOCAL_STORAGE_IS_IMPORTED_SESSION) === "true" || false;
     };
     this.updateLoginEncryptionKeyPairFromStorage = () => {
       const loginEncryptionKey = this.sessionStorageGetItem(constants.SESSION_STORAGE_LOGIN_ENCRYPTION_KEY_PAIR);
@@ -300,6 +282,25 @@ const _ParaCore = class _ParaCore {
         }
       }
     });
+    this.setCurrentWalletIds = (...params) => __async(this, null, function* () {
+      const [currentWalletIds, { needsWallet = false, sessionLookupId, newDeviceSessionLookupId } = {}] = params;
+      return yield __privateGet(this, _walletService).setCurrentWalletIds(currentWalletIds, {
+        needsWallet,
+        sessionLookupId,
+        newDeviceSessionLookupId
+      });
+    });
+    /**
+     * Validates that a wallet ID is present on the instance, usable, and matches the desired filters.
+     * If no ID is passed, this will instead return the first valid, usable wallet ID that matches the filters.
+     * @param {string} [walletId] the wallet ID to validate.
+     * @param {WalletFilters} [filter={}] a `WalletFilters` object specifying allowed types, schemes, and whether to forbid unclaimed pregen wallets.
+     * @returns {string} the wallet ID originally passed, or the one found.
+     */
+    this.findWalletId = (...params) => {
+      const [walletId, filters = {}] = params;
+      return __privateGet(this, _walletService).findWalletId(walletId, filters);
+    };
     /**
      * Creates several new wallets with the desired types. If no types are provided, this method
      * will create one for each of the non-optional types specified in the instance's `supportedWalletTypes`
@@ -309,12 +310,8 @@ const _ParaCore = class _ParaCore {
      * @deprecated alias for `createWalletPerType`
      **/
     this.createWalletPerMissingType = this.createWalletPerType;
-    __privateAdd(this, _isCreateGuestWalletsPending, false);
-    this.getWalletBalance = (_0) => __async(this, [_0], function* ({
-      walletId,
-      rpcUrl
-    }) {
-      return (yield this.ctx.client.getWalletBalance({ walletId, rpcUrl })).balance;
+    this.addCredential = (params) => __async(this, null, function* () {
+      return yield __privateGet(this, _authService).addCredential(params);
     });
     let env, apiKey;
     const actualArgs = Array.from(arguments).filter((arg) => arg !== void 0);
@@ -345,6 +342,7 @@ const _ParaCore = class _ParaCore {
       apiKey = apiKeyOrOpts;
     }
     if (!opts) opts = {};
+    __privateSet(this, _debugLogsEnabled, !!opts.enableDebugLogs);
     let isE2E = false;
     if (env === "E2E") {
       isE2E = true;
@@ -379,7 +377,7 @@ const _ParaCore = class _ParaCore {
       this.localStorageSetItem = this.sessionStorageSetItem;
     }
     this.persistSessionCookie = (cookie) => {
-      this.sessionCookie = cookie;
+      __privateGet(this, _sessionManagementService).sessionCookie = cookie;
       (opts.useSessionStorage ? this.sessionStorageSetItem : this.localStorageSetItem)(
         constants.LOCAL_STORAGE_SESSION_COOKIE,
         cookie
@@ -434,6 +432,59 @@ const _ParaCore = class _ParaCore {
     if (!this.platformUtils.isSyncStorage || opts.useStorageOverrides) {
       return;
     }
+    __privateSet(this, _authService, new AuthService(this));
+    __privateSet(this, _walletService, new WalletService(this));
+    __privateSet(this, _externalWalletService, new ExternalWalletService(this));
+    __privateSet(this, _pregenWalletService, new PregenWalletService(this));
+    __privateSet(this, _pollingService, new PollingService(this));
+    __privateSet(this, _portalUrlService, new PortalUrlService(this));
+    __privateSet(this, _sessionManagementService, new SessionManagementService(this));
+    __privateSet(this, _stateManager, new CoreStateManager(this));
+    __privateGet(this, _authService).init({
+      stateManager: __privateGet(this, _stateManager),
+      portalUrlService: __privateGet(this, _portalUrlService),
+      externalWalletService: __privateGet(this, _externalWalletService),
+      sessionManagementService: __privateGet(this, _sessionManagementService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      walletService: __privateGet(this, _walletService)
+    });
+    __privateGet(this, _walletService).init({
+      authService: __privateGet(this, _authService),
+      pollingService: __privateGet(this, _pollingService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      externalWalletService: __privateGet(this, _externalWalletService)
+    });
+    __privateGet(this, _externalWalletService).init({
+      stateManager: __privateGet(this, _stateManager),
+      authService: __privateGet(this, _authService),
+      walletService: __privateGet(this, _walletService)
+    });
+    __privateGet(this, _pollingService).init({
+      authService: __privateGet(this, _authService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      walletService: __privateGet(this, _walletService),
+      portalUrlService: __privateGet(this, _portalUrlService),
+      sessionManagementService: __privateGet(this, _sessionManagementService)
+    });
+    __privateGet(this, _pregenWalletService).init({
+      stateManager: __privateGet(this, _stateManager),
+      authService: __privateGet(this, _authService),
+      walletService: __privateGet(this, _walletService),
+      pollingService: __privateGet(this, _pollingService)
+    });
+    __privateGet(this, _portalUrlService).init({
+      authService: __privateGet(this, _authService),
+      walletService: __privateGet(this, _walletService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      sessionManagementService: __privateGet(this, _sessionManagementService)
+    });
+    __privateGet(this, _sessionManagementService).init({
+      authService: __privateGet(this, _authService),
+      portalUrlService: __privateGet(this, _portalUrlService),
+      walletService: __privateGet(this, _walletService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      externalWalletService: __privateGet(this, _externalWalletService)
+    });
     this.initializeFromStorage();
     setupListeners.bind(this)();
     autoBind(this);
@@ -453,71 +504,183 @@ const _ParaCore = class _ParaCore {
         "signTransaction"
       ]);
     }
+    __privateGet(this, _stateManager).start();
   }
   setModalError(_error) {
     return;
   }
+  /**
+   * The current readiness state.
+   */
+  get isReady() {
+    return __privateGet(this, _stateManager).getSnapshot().isReady;
+  }
+  /**
+   * The current phase of the core flow.
+   */
+  get corePhase() {
+    return __privateGet(this, _stateManager).getSnapshot().phase;
+  }
+  /**
+   * The current phase of the authentication flow.
+   */
+  get authPhase() {
+    return __privateGet(this, _stateManager).getSnapshot().authStatePhase;
+  }
+  /**
+   * The current phase of the wallet flow.
+   */
+  get walletPhase() {
+    return __privateGet(this, _stateManager).getSnapshot().walletStatePhase;
+  }
+  /**
+   * Any error that has occurred in the core flow.
+   */
+  get error() {
+    return __privateGet(this, _stateManager).getSnapshot().error;
+  }
+  /**
+   * Get the current state of the core, auth, and wallet phases.
+   * @returns An object containing the current core, auth, and wallet state phases, along with any error.
+   */
+  getCurrentState() {
+    const state = __privateGet(this, _stateManager).getSnapshot();
+    return {
+      corePhase: state.phase,
+      authPhase: state.authStatePhase,
+      walletPhase: state.walletStatePhase,
+      authStateInfo: state.authStateInfo,
+      error: state.error,
+      isReady: state.isReady
+    };
+  }
+  /**
+   * Subscribe to changes in the core, auth, and wallet state phases.
+   *
+   * This method immediately calls the callback with the current state, then continues
+   * to call it whenever any phase changes. This ensures you never miss the initial state
+   * and can react to all subsequent changes.
+   *
+   * @param callback A function that will be called with the current state phases whenever they change.
+   * The callback receives an object containing `corePhase`, `authPhase`, `walletPhase`, and `error`.
+   *
+   * @returns A function that can be called to unsubscribe from the state changes.
+   * Always call this function when your component unmounts or when you no longer need updates
+   * to prevent memory leaks.
+   *
+   * @example
+   * ```typescript
+   * // React example
+   * useEffect(() => {
+   *   const unsubscribe = paraClient.onStatePhaseChange((snapshot) => {
+   *     console.log('Core phase:', snapshot.corePhase);
+   *     console.log('Auth phase:', snapshot.authPhase);
+   *     console.log('Wallet phase:', snapshot.walletPhase);
+   *
+   *     if (snapshot.error) {
+   *       console.error('Para error:', snapshot.error.message);
+   *     }
+   *   });
+   *
+   *   return unsubscribe; // Cleanup on unmount
+   * }, [paraClient]);
+   *
+   * // Vue example
+   * onMounted(() => {
+   *   const unsubscribe = paraClient.onStatePhaseChange((state) => {
+   *     phases.value = state;
+   *   });
+   *
+   *   onUnmounted(unsubscribe);
+   * });
+   * ```
+   */
+  onStatePhaseChange(callback) {
+    let lastSnapshot = null;
+    const fullListener = (state) => {
+      const currentSnapshot = {
+        corePhase: state.phase,
+        authPhase: state.authStatePhase,
+        walletPhase: state.walletStatePhase,
+        authStateInfo: state.authStateInfo,
+        error: state.error,
+        isReady: state.isReady
+      };
+      if (!lastSnapshot || lastSnapshot.corePhase !== currentSnapshot.corePhase || lastSnapshot.authPhase !== currentSnapshot.authPhase || lastSnapshot.walletPhase !== currentSnapshot.walletPhase || lastSnapshot.error !== currentSnapshot.error || lastSnapshot.isReady !== currentSnapshot.isReady) {
+        lastSnapshot = currentSnapshot;
+        callback(currentSnapshot);
+      }
+    };
+    return __privateGet(this, _stateManager).onStateChange(fullListener);
+  }
+  /**
+   * Subscribe to changes in the readiness state of the ParaCore instance.
+   * @param callback A function that will be called with the new readiness state.
+   * @returns A function that can be called to unsubscribe from the readiness state changes.
+   */
+  onReadyStateChange(callback) {
+    let lastIsReady = null;
+    const unsubscribe = __privateGet(this, _stateManager).onStateChange((state) => {
+      if (lastIsReady !== state.isReady) {
+        lastIsReady = state.isReady;
+        callback(state.isReady);
+      }
+    });
+    return () => unsubscribe();
+  }
   get authInfo() {
-    return __privateGet(this, _authInfo);
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.authInfo;
   }
   get email() {
     var _a;
-    return isEmail((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) ? __privateGet(this, _authInfo).auth.email : void 0;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.email;
   }
   get phone() {
     var _a;
-    return isPhone((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) ? __privateGet(this, _authInfo).auth.phone : void 0;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.phone;
   }
   get farcasterUsername() {
     var _a;
-    return isFarcaster((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) ? __privateGet(this, _authInfo).auth.farcasterUsername : void 0;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.farcasterUsername;
   }
   get telegramUserId() {
     var _a;
-    return isTelegram((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) ? __privateGet(this, _authInfo).auth.telegramUserId : void 0;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.telegramUserId;
   }
   get externalWalletWithParaAuth() {
-    const externalWallets = Object.values(this.externalWallets);
-    return externalWallets.find((w) => w.isExternalWithParaAuth);
+    return __privateGet(this, _externalWalletService).externalWalletWithParaAuth;
   }
   get externalWalletConnectionType() {
-    if (this.isExternalWalletAuth) {
-      return "AUTHENTICATED";
-    } else if (this.isExternalWalletWithVerification) {
-      return "VERIFICATION";
-    } else if (!!Object.keys(this.externalWallets).length) {
-      const hasEmbeddedWallets = Object.keys(this.wallets).some((id) => !this.wallets[id].isExternal);
-      if (hasEmbeddedWallets) {
-        return "NONE";
-      } else {
-        return "CONNECTION_ONLY";
-      }
-    }
-    return "NONE";
+    return __privateGet(this, _externalWalletService).externalWalletConnectionType;
   }
-  get isEmail() {
+  get userId() {
     var _a;
-    return isEmail((_a = this.authInfo) == null ? void 0 : _a.auth);
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.userId;
+  }
+  get isEnclaveUser() {
+    return __privateGet(this, _authService).isEnclaveUser;
+  }
+  set isEnclaveUser(value) {
+    __privateGet(this, _authService).isEnclaveUser = value;
+  }
+  get isEmail() {
+    return __privateGet(this, _authService).isEmail;
   }
   get isPhone() {
-    var _a;
-    return isPhone((_a = this.authInfo) == null ? void 0 : _a.auth);
+    return __privateGet(this, _authService).isPhone;
   }
   get isFarcaster() {
-    var _a;
-    return isFarcaster((_a = this.authInfo) == null ? void 0 : _a.auth);
+    return __privateGet(this, _authService).isFarcaster;
   }
   get isTelegram() {
-    var _a;
-    return isTelegram((_a = this.authInfo) == null ? void 0 : _a.auth);
+    return __privateGet(this, _authService).isTelegram;
   }
   get isExternalWalletAuth() {
-    var _a, _b, _c;
-    return isExternalWallet((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) && !!((_c = (_b = __privateGet(this, _authInfo)) == null ? void 0 : _b.externalWallet) == null ? void 0 : _c.withFullParaAuth);
+    return __privateGet(this, _authService).isExternalWalletAuth;
   }
   get isExternalWalletWithVerification() {
-    var _a, _b, _c;
-    return isExternalWallet((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) && !!((_c = (_b = __privateGet(this, _authInfo)) == null ? void 0 : _b.externalWallet) == null ? void 0 : _c.withVerification);
+    return __privateGet(this, _authService).isExternalWalletWithVerification;
   }
   get partnerId() {
     var _a;
@@ -531,45 +694,42 @@ const _ParaCore = class _ParaCore {
     var _a;
     return (_a = this.partner) == null ? void 0 : _a.logoUrl;
   }
+  get currentWalletIds() {
+    return __privateGet(this, _walletService).currentWalletIds;
+  }
   get currentWalletIdsArray() {
-    var _a, _b;
-    return ((_b = (_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) != null ? _b : Object.keys(this.currentWalletIds).map((type) => ({ type }))).reduce(
-      (acc, { type }) => {
-        var _a2;
-        return [
-          ...acc,
-          ...((_a2 = this.currentWalletIds[type]) != null ? _a2 : []).map((id) => {
-            return [id, type];
-          })
-        ];
-      },
-      []
-    );
+    return __privateGet(this, _walletService).currentWalletIdsArray;
   }
   get currentWalletIdsUnique() {
-    return [...new Set(Object.values(this.currentWalletIds).flat())];
+    return __privateGet(this, _walletService).currentWalletIdsUnique;
+  }
+  /**
+   * Wallets associated with the `ParaCore` instance. Retrieve a particular wallet using `para.wallets[walletId]`.
+   */
+  get wallets() {
+    var _a;
+    return (_a = __privateGet(this, _walletService)) == null ? void 0 : _a.wallets;
+  }
+  /**
+   * Wallets associated with the `ParaCore` instance.
+   */
+  get externalWallets() {
+    var _a;
+    return (_a = __privateGet(this, _externalWalletService)) == null ? void 0 : _a.externalWallets;
   }
   /**
    * A map of pre-generated wallet identifiers that can be claimed in the current instance.
    */
   get pregenIds() {
-    return __spreadValues({}, Object.values(this.wallets).filter((wallet) => !this.userId || this.isPregenWalletClaimable(wallet)).reduce((acc, wallet) => {
-      var _a, _b;
-      if (((_a = acc[wallet.pregenIdentifierType]) != null ? _a : []).includes(wallet.pregenIdentifier)) {
-        return acc;
-      }
-      return __spreadProps(__spreadValues({}, acc), {
-        [wallet.pregenIdentifierType]: [
-          .../* @__PURE__ */ new Set([...(_b = acc[wallet.pregenIdentifierType]) != null ? _b : [], wallet.pregenIdentifier])
-        ]
-      });
-    }, {}));
+    var _a;
+    return (_a = __privateGet(this, _pregenWalletService)) == null ? void 0 : _a.pregenIds;
   }
   /**
    * Whether the instance has multiple wallets connected.
    */
   get isMultiWallet() {
-    return this.currentWalletIdsArray.length > 1 || __privateGet(this, _ParaCore_instances, guestWalletIdsArray_get).length > 1;
+    var _a;
+    return this.currentWalletIdsArray.length > 1 || ((_a = __privateGet(this, _pregenWalletService)) == null ? void 0 : _a.guestWalletIdsArray.length) > 1;
   }
   get isNoWalletConfig() {
     var _a;
@@ -634,60 +794,6 @@ const _ParaCore = class _ParaCore {
       );
     }
   }
-  isWalletSupported(wallet) {
-    var _a, _b;
-    return !((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) || isWalletSupported((_b = this.partner.supportedWalletTypes.map(({ type }) => type)) != null ? _b : [], wallet);
-  }
-  isWalletOwned(wallet) {
-    return this.isWalletSupported(wallet) && !(wallet == null ? void 0 : wallet.pregenIdentifier) && !(wallet == null ? void 0 : wallet.pregenIdentifierType) && !!this.userId && (wallet == null ? void 0 : wallet.userId) === this.userId;
-  }
-  isPregenWalletUnclaimed(wallet) {
-    return this.isWalletSupported(wallet) && (!(wallet == null ? void 0 : wallet.userId) || (wallet == null ? void 0 : wallet.isPregen) && !!(wallet == null ? void 0 : wallet.pregenIdentifier) && !!(wallet == null ? void 0 : wallet.pregenIdentifierType));
-  }
-  isPregenWalletClaimable(wallet) {
-    return this.isWalletSupported(wallet) && this.isPregenWalletUnclaimed(wallet) && (!["EMAIL", "PHONE", "TELEGRAM"].includes(wallet == null ? void 0 : wallet.pregenIdentifierType) || isPregenIdentifierMatch(
-      (wallet == null ? void 0 : wallet.pregenIdentifierType) === "EMAIL" ? this.email : (wallet == null ? void 0 : wallet.pregenIdentifierType) === "TELEGRAM" ? this.telegramUserId : this.getPhoneNumber(),
-      wallet == null ? void 0 : wallet.pregenIdentifier,
-      wallet == null ? void 0 : wallet.pregenIdentifierType
-    ));
-  }
-  isWalletUsable(walletId, { type: types, scheme: schemes, forbidPregen = false } = {}, throwError = false) {
-    var _a, _b;
-    let error;
-    if ((_a = this.externalWallets) == null ? void 0 : _a[walletId]) {
-      return true;
-    }
-    if (!this.wallets[walletId]) {
-      error = `wallet with id ${walletId} does not exist`;
-    } else {
-      const wallet = this.wallets[walletId];
-      const [isUnclaimed, isOwned] = [this.isPregenWalletUnclaimed(wallet), this.isWalletOwned(wallet)];
-      if (forbidPregen && isUnclaimed && wallet.pregenIdentifierType !== "GUEST_ID") {
-        error = `pre-generated wallet with id ${wallet == null ? void 0 : wallet.id} cannot be selected`;
-      } else if (!isOwned && !isUnclaimed) {
-        error = `wallet with id ${wallet == null ? void 0 : wallet.id} is not owned by the current user`;
-      } else if (!this.isWalletSupported(wallet)) {
-        error = `wallet with id ${wallet.id} and type ${wallet.type} is not supported, supported types are: ${(((_b = this.partner) == null ? void 0 : _b.supportedWalletTypes) || []).map(({ type }) => type).join(", ")}`;
-      } else if (types && (!getEquivalentTypes(types).includes(wallet == null ? void 0 : wallet.type) || isOwned && !types.some((type) => {
-        var _a2, _b2;
-        return (_b2 = (_a2 = this.currentWalletIds) == null ? void 0 : _a2[type]) == null ? void 0 : _b2.includes(walletId);
-      }))) {
-        error = `wallet with id ${wallet == null ? void 0 : wallet.id} and type ${wallet == null ? void 0 : wallet.type} cannot be selected`;
-      } else if (schemes && !schemes.includes(wallet == null ? void 0 : wallet.scheme)) {
-        error = `wallet with id ${wallet == null ? void 0 : wallet.id} and scheme ${wallet == null ? void 0 : wallet.scheme} cannot be selected`;
-      }
-    }
-    if (error) {
-      if (throwError) {
-        throw new Error(error);
-      }
-      return false;
-    }
-    return true;
-  }
-  truncateAddress(...args) {
-    return truncateAddress(args[0], args[1], __spreadValues({ prefix: this.cosmosPrefix }, args[2] || {}));
-  }
   /**
    * Returns the formatted address for the desired wallet ID, depending on your app settings.
    * @param {string} walletId the ID of the wallet address to display.
@@ -696,32 +802,9 @@ const _ParaCore = class _ParaCore {
    * @param {TWalletType} options.addressType the type of address to display.
    * @returns the formatted address
    */
-  getDisplayAddress(walletId, options = {}) {
-    var _a, _b, _c, _d;
-    if (this.externalWallets[walletId]) {
-      const wallet2 = this.externalWallets[walletId];
-      return options.truncate ? truncateAddress(wallet2.address, wallet2.type, {
-        prefix: (_a = this.partner) == null ? void 0 : _a.cosmosPrefix,
-        targetLength: options.targetLength
-      }) : wallet2.address;
-    }
-    const wallet = this.findWallet(walletId, options.addressType);
-    if (!wallet) {
-      return void 0;
-    }
-    let str;
-    let prefix;
-    switch (wallet.type) {
-      case "COSMOS":
-        prefix = (_d = (_c = options.cosmosPrefix) != null ? _c : (_b = this.partner) == null ? void 0 : _b.cosmosPrefix) != null ? _d : "cosmos";
-        str = getCosmosAddress(wallet.publicKey, prefix);
-        break;
-      default:
-        prefix = this.cosmosPrefix;
-        str = wallet.address;
-        break;
-    }
-    return options.truncate ? truncateAddress(str, wallet.type, { prefix, targetLength: options.targetLength }) : str;
+  getDisplayAddress(...params) {
+    const [walletId, options = {}] = params;
+    return __privateGet(this, _walletService).getDisplayAddress(walletId, options);
   }
   /**
    * Returns a unique hash for a wallet suitable for use as an identicon seed.
@@ -729,13 +812,8 @@ const _ParaCore = class _ParaCore {
    * @param {boolean} options.addressType used to format the hash for another wallet type.
    * @returns the identicon hash string
    */
-  getIdenticonHash(walletId, overrideType) {
-    if (this.externalWallets[walletId]) {
-      const wallet2 = this.externalWallets[walletId];
-      return `${wallet2.id}-${wallet2.address}-${wallet2.type}`;
-    }
-    const wallet = this.findWallet(walletId, overrideType);
-    return wallet ? `${wallet.id}-${wallet.address}-${wallet.type}` : void 0;
+  getIdenticonHash(...params) {
+    return __privateGet(this, _walletService).getIdenticonHash(...params);
   }
   getWallets() {
     return this.wallets;
@@ -746,192 +824,7 @@ const _ParaCore = class _ParaCore {
   }
   constructPortalUrl(_0) {
     return __async(this, arguments, function* (type, opts = {}) {
-      var _a, _b, _c, _d, _e, _f, _g, _h, _i, _j, _k, _l, _m, _n;
-      const [
-        isCreate,
-        isLogin,
-        isOnRamp,
-        isOAuth,
-        isOAuthCallback,
-        isTelegramLogin,
-        isFarcasterLogin,
-        isAddNewCredential,
-        isSwitchWallets,
-        isExportPrivateKey,
-        isTxReview
-      ] = [
-        ["createAuth", "createPassword", "createPIN"].includes(type),
-        ["loginAuth", "loginPassword", "loginPIN", "loginOTP", "switchWallets", "loginExternalWallet"].includes(type),
-        type === "onRamp",
-        type === "oAuth",
-        type === "oAuthCallback",
-        ["telegramLogin", "telegramLoginVerify"].includes(type),
-        type === "loginFarcaster",
-        type === "addNewCredential",
-        type === "switchWallets",
-        type === "exportPrivateKey",
-        type === "txReview"
-      ];
-      if (isOAuth && !opts.oAuthMethod) {
-        throw new Error("oAuthMethod is required for oAuth portal URLs");
-      }
-      if (isCreate || isLogin) {
-        this.assertIsAuthSet();
-      }
-      let sessionId = opts.sessionId;
-      if ((isLogin || isOnRamp || isTelegramLogin || isFarcasterLogin || isExportPrivateKey || isTxReview) && !sessionId) {
-        let session = yield this.touchSession(false);
-        if (!session.sessionId) {
-          session = yield this.touchSession(true);
-        }
-        sessionId = session.sessionId;
-      }
-      if (!this.loginEncryptionKeyPair) {
-        yield this.setLoginEncryptionKeyPair();
-      }
-      const shouldUseLegacyPortalUrl = opts.useLegacyUrl || !!opts.addNewCredentialPasskeyId || type === "loginAuth";
-      const base = type === "onRamp" || isTelegramLogin ? this.ctx.portalUrlOverride || getPortalBaseURL(this.ctx, isTelegramLogin, false, shouldUseLegacyPortalUrl) : yield this.getPortalURL(shouldUseLegacyPortalUrl);
-      let path;
-      switch (type) {
-        case "createPassword": {
-          path = `/web/users/${this.userId}/passwords/${opts.pathId}`;
-          break;
-        }
-        case "createPIN": {
-          path = `/web/users/${this.userId}/pin/${opts.pathId}`;
-          break;
-        }
-        case "createAuth": {
-          path = `/web/users/${this.userId}/biometrics/${opts.pathId}`;
-          break;
-        }
-        case "loginPassword": {
-          path = "/web/passwords/login";
-          break;
-        }
-        case "loginAuth": {
-          path = "/web/biometrics/login";
-          break;
-        }
-        case "loginPIN": {
-          path = "/web/pin/login";
-          break;
-        }
-        case "txReview": {
-          path = `/web/users/${this.userId}/transaction-review/${opts.pathId}`;
-          break;
-        }
-        case "onRamp": {
-          path = `/web/users/${this.userId}/on-ramp-transaction/v2/${opts.pathId}`;
-          break;
-        }
-        case "telegramLoginVerify": {
-          path = `/auth/telegram/verify`;
-          break;
-        }
-        case "telegramLogin": {
-          path = `/auth/telegram`;
-          break;
-        }
-        case "oAuth": {
-          path = `/auth/${opts.oAuthMethod.toLowerCase()}`;
-          break;
-        }
-        case "oAuthCallback": {
-          path = `/auth/${opts.oAuthMethod.toLowerCase()}/callback`;
-          break;
-        }
-        case "loginOTP": {
-          path = "/auth/otp";
-          break;
-        }
-        case "loginFarcaster": {
-          path = "/auth/farcaster";
-          break;
-        }
-        case "switchWallets": {
-          path = `/auth/wallets`;
-          break;
-        }
-        case "addNewCredential": {
-          path = "/auth/add-new-credential";
-          break;
-        }
-        case "exportPrivateKey": {
-          path = `/web/users/${this.userId}/private-key/${opts.pathId}`;
-          break;
-        }
-        case "loginExternalWallet": {
-          path = "/auth/external-wallet";
-          break;
-        }
-        case "connectExternalWallet": {
-          path = "/auth/connect-external-wallet";
-          break;
-        }
-        default: {
-          throw new Error(`invalid URL type ${type}`);
-        }
-      }
-      let partner = void 0;
-      try {
-        partner = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      } catch (e) {
-        if (this.isPartnerOptional) {
-          partner = void 0;
-        } else {
-          throw e;
-        }
-      }
-      const thisDevice = (_a = opts.thisDevice) != null ? _a : {
-        encryptionKey: getPublicKeyHex(this.loginEncryptionKeyPair),
-        sessionId
-      };
-      const params = __spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadProps(__spreadValues({
-        apiKey: this.ctx.apiKey,
-        origin: typeof window !== "undefined" ? window.location.origin : void 0,
-        partnerId: partner == null ? void 0 : partner.id
-      }, typeof window !== "undefined" && ((_b = window.location) == null ? void 0 : _b.origin) ? { origin: window.location.origin } : {}), {
-        portalFont: ((_c = opts.portalTheme) == null ? void 0 : _c.font) || ((_d = this.portalTheme) == null ? void 0 : _d.font) || (partner == null ? void 0 : partner.font),
-        portalBorderRadius: ((_e = opts.portalTheme) == null ? void 0 : _e.borderRadius) || ((_f = this.portalTheme) == null ? void 0 : _f.borderRadius),
-        portalThemeMode: ((_g = opts.portalTheme) == null ? void 0 : _g.mode) || ((_h = this.portalTheme) == null ? void 0 : _h.mode) || (partner == null ? void 0 : partner.themeMode),
-        portalAccentColor: ((_i = opts.portalTheme) == null ? void 0 : _i.accentColor) || ((_j = this.portalTheme) == null ? void 0 : _j.accentColor) || (partner == null ? void 0 : partner.accentColor),
-        portalForegroundColor: ((_k = opts.portalTheme) == null ? void 0 : _k.foregroundColor) || ((_l = this.portalTheme) == null ? void 0 : _l.foregroundColor) || (partner == null ? void 0 : partner.foregroundColor),
-        portalBackgroundColor: ((_m = opts.portalTheme) == null ? void 0 : _m.backgroundColor) || ((_n = this.portalTheme) == null ? void 0 : _n.backgroundColor) || (partner == null ? void 0 : partner.backgroundColor) || this.portalBackgroundColor,
-        portalPrimaryButtonColor: this.portalPrimaryButtonColor,
-        portalTextColor: this.portalTextColor,
-        portalPrimaryButtonTextColor: this.portalPrimaryButtonTextColor,
-        isForNewDevice: opts.isForNewDevice ? opts.isForNewDevice.toString() : void 0
-      }), this.authInfo && (isCreate || isLogin || isAddNewCredential || isOAuthCallback || isSwitchWallets || isExportPrivateKey || isTxReview) ? __spreadProps(__spreadValues({
-        authInfo: JSON.stringify(this.authInfo)
-      }, isPhone(this.authInfo.auth) ? splitPhoneNumber(this.authInfo.auth.phone) : this.authInfo.auth), {
-        pfpUrl: this.authInfo.pfpUrl,
-        displayName: this.authInfo.displayName,
-        userId: this.userId
-      }) : {}), isOnRamp ? { email: this.email } : {}), isLogin || isOAuth || isOAuthCallback || isTelegramLogin || isFarcasterLogin || isAddNewCredential ? __spreadProps(__spreadValues({
-        sessionId: thisDevice.sessionId,
-        encryptionKey: thisDevice.encryptionKey
-      }, opts.newDevice ? {
-        newDeviceSessionLookupId: opts.newDevice.sessionId,
-        newDeviceEncryptionKey: opts.newDevice.encryptionKey
-      } : {}), {
-        pregenIds: JSON.stringify(this.pregenIds)
-      }) : {}), isOAuth || isOAuthCallback || isFarcasterLogin ? {
-        appScheme: opts.appScheme
-      } : {}), isTelegramLogin ? { isEmbed: "true" } : {}), isSwitchWallets ? __spreadValues(__spreadValues({}, this.currentWalletIds ? { currentWalletIds: JSON.stringify(this.currentWalletIds) } : {}), this.userId ? { userId: this.userId } : {}) : {}), opts.params || {}), isAddNewCredential ? __spreadProps(__spreadValues({}, opts.addNewCredentialType && { addNewCredentialType: opts.addNewCredentialType.toString() }), {
-        addNewCredentialPasskeyId: opts.addNewCredentialPasskeyId,
-        addNewCredentialPasswordId: opts.addNewCredentialPasswordId
-      }) : {}), isLogin && {
-        // Prior versions won't have this param which will skip the upgrade prompt
-        isBasicLoginUpgradeVersion: "true"
-      }), isExportPrivateKey || isTxReview ? {
-        sessionId: thisDevice.sessionId
-      } : {});
-      const url = constructUrl({ base, path, params });
-      if (opts.shorten) {
-        return yield shortenUrl(this.ctx, url, shouldUseLegacyPortalUrl);
-      }
-      return url;
+      return yield __privateGet(this, _portalUrlService).constructPortalUrl(type, opts);
     });
   }
   static resolveEnvironment(env, apiKey) {
@@ -953,58 +846,182 @@ const _ParaCore = class _ParaCore {
     }
     return env;
   }
-  touchSession(regenerate = false) {
-    return __async(this, null, function* () {
-      var _a, _b, _c, _d, _e;
-      if (!this.isWorkerInitialized) {
-        this.initializeWorker();
-      }
-      if (!this.isReady) {
-        yield this.ready();
+  // Create a dedicated interface for #authService
+  getAuthServiceInterface() {
+    const self2 = this;
+    return {
+      logout: __privateMethod(this, _ParaCore_instances, logout_fn).bind(this),
+      setLoginEncryptionKeyPair: this.setLoginEncryptionKeyPair.bind(this),
+      localStorageGetItem: this.localStorageGetItem.bind(this),
+      localStorageSetItem: this.localStorageSetItem.bind(this),
+      localStorageRemoveItem: this.localStorageRemoveItem.bind(this),
+      isPasskeySupported: this.isPasskeySupported.bind(this),
+      getVerificationEmailProps: this.getVerificationEmailProps.bind(this),
+      displayModalError: this.displayModalError.bind(this),
+      isPortal: this.isPortal.bind(this),
+      assertIsLinkingAccount: __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).bind(this),
+      requireApiKey: this.requireApiKey.bind(this),
+      get loginEncryptionKeyPair() {
+        return self2.loginEncryptionKeyPair;
+      },
+      get isNativePasskey() {
+        return self2.isNativePasskey;
+      },
+      ctx: this.ctx,
+      get accountLinkInProgress() {
+        return self2.accountLinkInProgress;
+      },
+      partnerId: this.partnerId,
+      platformUtils: this.platformUtils,
+      externalWalletConnectionOnly: !!this.externalWalletConnectionOnly
+    };
+  }
+  // Create a dedicated interface for WalletService
+  getWalletServiceInterface() {
+    const self2 = this;
+    return {
+      assertPartner: __privateMethod(this, _ParaCore_instances, assertPartner_fn).bind(this),
+      requireApiKey: this.requireApiKey.bind(this),
+      isPortal: this.isPortal.bind(this),
+      localStorageSetItem: this.localStorageSetItem.bind(this),
+      getBackupKitEmailProps: this.getBackupKitEmailProps.bind(this),
+      retrieveSessionCookie: this.retrieveSessionCookie.bind(this),
+      isParaConnect: this.isParaConnect.bind(this),
+      ctx: this.ctx,
+      get partner() {
+        return self2.partner;
+      },
+      platformUtils: this.platformUtils,
+      cosmosPrefix: this.cosmosPrefix
+    };
+  }
+  // Create a dedicated interface for PregenWalletService
+  getPregenWalletServiceInterface() {
+    var _a;
+    const self2 = this;
+    return {
+      fetchPregenWalletsOverride: (_a = this.fetchPregenWalletsOverride) == null ? void 0 : _a.bind(this),
+      assertPartner: __privateMethod(this, _ParaCore_instances, assertPartner_fn).bind(this),
+      requireApiKey: this.requireApiKey.bind(this),
+      getBackupKitEmailProps: this.getBackupKitEmailProps.bind(this),
+      isPortal: this.isPortal.bind(this),
+      retrieveSessionCookie: this.retrieveSessionCookie.bind(this),
+      ctx: this.ctx,
+      platformUtils: this.platformUtils,
+      get partner() {
+        return self2.partner;
       }
-      let session;
-      try {
-        session = yield this.ctx.client.touchSession(regenerate);
-      } catch (error) {
-        this.handleTouchSessionError(error);
-        throw error;
+    };
+  }
+  // Create a dedicated interface for PortalUrlService
+  getPortalUrlServiceInterface() {
+    const self2 = this;
+    return {
+      assertPartner: __privateMethod(this, _ParaCore_instances, assertPartner_fn).bind(this),
+      setLoginEncryptionKeyPair: this.setLoginEncryptionKeyPair.bind(this),
+      isPortal: this.isPortal.bind(this),
+      isPartnerOptional: this.isPartnerOptional,
+      ctx: this.ctx,
+      get loginEncryptionKeyPair() {
+        return self2.loginEncryptionKeyPair;
+      },
+      get portalTheme() {
+        return self2.portalTheme;
+      },
+      get portalPrimaryButtonColor() {
+        return self2.portalPrimaryButtonColor;
+      },
+      get portalTextColor() {
+        return self2.portalTextColor;
+      },
+      get portalPrimaryButtonTextColor() {
+        return self2.portalPrimaryButtonTextColor;
+      },
+      get portalBackgroundColor() {
+        return self2.portalBackgroundColor;
+      },
+      get accountLinkInProgress() {
+        return self2.accountLinkInProgress;
       }
-      if (!this.partner || ((_a = this.partner) == null ? void 0 : _a.id) !== session.partnerId || !supportedWalletTypesEq(((_b = this.partner) == null ? void 0 : _b.supportedWalletTypes) || [], session.supportedWalletTypes) || (((_c = this.partner) == null ? void 0 : _c.cosmosPrefix) || "cosmos") !== session.cosmosPrefix) {
-        if (!session.partnerId && !this.isPortal()) {
-          this.displayModalError(
-            `Invalid API Key. Please ensure you have a valid API key for the current environment: ${(_d = this.ctx.env) == null ? void 0 : _d.toUpperCase()}.`
-          );
-          console.error(`
-\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
-\u{1F6A8} PARA SDK CONFIGURATION ERROR \u{1F6A8}
-
-INVALID API KEY FOR CONFIGURED ENVIRONMENT
-
-Your API key does not match the configured environment. This usually means:
-
-1. You're using a production API key with a development environment
-2. You're using a development API key with a production environment  
-3. Your API key is invalid or has been regenerated
-
-SOLUTION:
-\u2022 Verify your API key at: https://developer.getpara.com
-\u2022 If your API key doesn't contain an environment prefix, ensure your API key is the correct key for your target environment
-
-Current Environment: ${this.ctx.env}
-API Key Prefix: ${((_e = this.ctx.apiKey) == null ? void 0 : _e.split("_")[0].toUpperCase()) || "None"}
-
-Need help? Visit: https://docs.getpara.com or contact support
-\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
-        `);
-          throw new Error("Invalid API Key.");
-        } else {
-          yield __privateMethod(this, _ParaCore_instances, getPartner_fn).call(this, session.partnerId);
-        }
+    };
+  }
+  // Create a dedicated interface for SessionManagementService
+  getSessionManagementServiceInterface() {
+    const self2 = this;
+    return {
+      displayModalError: this.displayModalError.bind(this),
+      setLoginEncryptionKeyPair: this.setLoginEncryptionKeyPair.bind(this),
+      initializeWorker: this.initializeWorker.bind(this),
+      isPortal: this.isPortal.bind(this),
+      getPartner: this.getPartner.bind(this),
+      assertPartner: __privateMethod(this, _ParaCore_instances, assertPartner_fn).bind(this),
+      platformUtils: this.platformUtils,
+      ctx: this.ctx,
+      get loginEncryptionKeyPair() {
+        return self2.loginEncryptionKeyPair;
+      },
+      get partner() {
+        return self2.partner;
+      },
+      get isWorkerInitialized() {
+        return self2.isWorkerInitialized;
+      },
+      get isReady() {
+        return self2.isReady;
+      },
+      isNoWalletConfig: this.isNoWalletConfig,
+      get isSwitchingWallets() {
+        return self2.isSwitchingWallets;
       }
-      if (session.currentWalletIds && !currentWalletIdsEq(session.currentWalletIds, this.currentWalletIds)) {
-        yield this.setCurrentWalletIds(session.currentWalletIds);
+    };
+  }
+  getStateMachineInterface() {
+    const self2 = this;
+    return {
+      setup: this.setup.bind(this),
+      logout: __privateMethod(this, _ParaCore_instances, logout_fn).bind(this),
+      isPortal: this.isPortal.bind(this),
+      setupAfterLogin: this.setupAfterLogin.bind(this),
+      devLog: this.devLog.bind(this),
+      authService: __privateGet(this, _authService),
+      walletService: __privateGet(this, _walletService),
+      pregenWalletService: __privateGet(this, _pregenWalletService),
+      pollingService: __privateGet(this, _pollingService),
+      externalWalletService: __privateGet(this, _externalWalletService),
+      sessionManagementService: __privateGet(this, _sessionManagementService),
+      portalUrlService: __privateGet(this, _portalUrlService),
+      get isNoWalletConfig() {
+        return self2.isNoWalletConfig;
       }
-      return session;
+    };
+  }
+  // Create a dedicated interface for ExternalWalletService
+  getExternalWalletServiceInterface() {
+    return {
+      assertPartner: __privateMethod(this, _ParaCore_instances, assertPartner_fn).bind(this),
+      localStorageSetItem: this.localStorageSetItem.bind(this),
+      logout: __privateMethod(this, _ParaCore_instances, logout_fn).bind(this)
+    };
+  }
+  // Create a dedicated interface for PollingService
+  getPollingServiceInterface() {
+    const self2 = this;
+    return {
+      isPortal: this.isPortal.bind(this),
+      devLog: this.devLog.bind(this),
+      get popupWindow() {
+        return self2.popupWindow;
+      },
+      set popupWindow(w) {
+        self2.popupWindow = w;
+      },
+      platformUtils: this.platformUtils,
+      ctx: this.ctx
+    };
+  }
+  touchSession(regenerate = false) {
+    return __async(this, null, function* () {
+      return __privateGet(this, _sessionManagementService).touchSession(regenerate);
     });
   }
   getVerificationEmailProps() {
@@ -1037,7 +1054,7 @@ Need help? Visit: https://docs.getpara.com or contact support
   init() {
     return __async(this, null, function* () {
       var _a, _b;
-      this.userId = (yield this.localStorageGetItem(constants.LOCAL_STORAGE_USER_ID)) || void 0;
+      __privateGet(this, _authService).userId = (yield this.localStorageGetItem(constants.LOCAL_STORAGE_USER_ID)) || void 0;
       const storageAuthInfo = (yield this.localStorageGetItem(constants.LOCAL_STORAGE_AUTH_INFO)) || void 0;
       const stringExternalWallets = yield this.localStorageGetItem(constants.LOCAL_STORAGE_EXTERNAL_WALLETS);
       const _externalWallets = JSON.parse(stringExternalWallets || "{}");
@@ -1055,7 +1072,7 @@ Need help? Visit: https://docs.getpara.com or contact support
         };
         authInfo = __privateMethod(this, _ParaCore_instances, toAuthInfo_fn).call(this, authParams);
       }
-      __privateSet(this, _authInfo, authInfo);
+      __privateGet(this, _authService).authInfo = authInfo;
       const stringWallets = this.platformUtils.secureStorage ? yield this.platformUtils.secureStorage.get(constants.LOCAL_STORAGE_WALLETS) : yield this.localStorageGetItem(constants.LOCAL_STORAGE_WALLETS);
       const _wallets = JSON.parse(stringWallets || "{}");
       const stringEd25519Wallets = this.platformUtils.secureStorage ? yield this.platformUtils.secureStorage.get(constants.LOCAL_STORAGE_ED25519_WALLETS) : yield this.localStorageGetItem(constants.LOCAL_STORAGE_ED25519_WALLETS);
@@ -1079,8 +1096,8 @@ Need help? Visit: https://docs.getpara.com or contact support
         }, {}) : fromJson;
       })();
       yield this.setCurrentWalletIds(currentWalletIds);
-      this.sessionCookie = (yield this.localStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE)) || (yield this.sessionStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE)) || void 0;
-      if (Object.values(this.wallets).filter((w) => this.isWalletOwned(w)).length > 0 && this.currentWalletIdsArray.length === 0) {
+      __privateGet(this, _sessionManagementService).sessionCookie = (yield this.localStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE)) || (yield this.sessionStorageGetItem(constants.LOCAL_STORAGE_SESSION_COOKIE)) || void 0;
+      if (Object.values(this.wallets).filter((w) => __privateGet(this, _walletService).isWalletOwned(w)).length > 0 && this.currentWalletIdsArray.length === 0) {
         this.findWalletId(void 0, { forbidPregen: true });
       }
       const loginEncryptionKey = yield this.sessionStorageGetItem(constants.SESSION_STORAGE_LOGIN_ENCRYPTION_KEY_PAIR);
@@ -1097,12 +1114,7 @@ Need help? Visit: https://docs.getpara.com or contact support
   }
   setAuth(_0) {
     return __async(this, arguments, function* (auth, { extras = {}, userId } = {}) {
-      const authInfo = __spreadValues(__spreadValues({}, extractAuthInfo(auth, { isRequired: true })), extras || {});
-      yield __privateMethod(this, _ParaCore_instances, setAuthInfo_fn).call(this, authInfo);
-      if (!!userId) {
-        yield this.setUserId(userId);
-      }
-      return __privateGet(this, _authInfo);
+      return yield __privateGet(this, _authService).setAuth(auth, { extras, userId });
     });
   }
   /**
@@ -1114,40 +1126,11 @@ Need help? Visit: https://docs.getpara.com or contact support
       this.setModalError(error);
     }
   }
-  /**
-   * Handle specific touchSession errors with user-friendly messages
-   * @private
-   */
-  handleTouchSessionError(error) {
-    const errorStr = String(error);
-    const errorMessage = error instanceof Error ? error.message : "";
-    if (errorStr.includes("blocked by CORS policy") && errorStr.includes("Access-Control-Allow-Origin")) {
-      const message = "Request rate limit reached. Please wait a couple of minutes and try again.";
-      console.error(`[Para] ${message}`);
-      this.displayModalError(message);
-      return;
-    }
-    if (error.status === 403 && errorMessage.includes("origin not authorized")) {
-      this.displayModalError(
-        "The current origin is not allowed. Update your allowed origins in the Para developer portal to allow the current origin."
-      );
-      return;
-    }
-  }
   assertUserId({ allowGuestMode = false } = {}) {
-    if (!this.userId || !allowGuestMode && this.isGuestMode) {
-      throw new Error("no userId is set");
-    }
-    return this.userId;
+    return __privateGet(this, _authService).assertUserId({ allowGuestMode });
   }
   assertIsAuthSet(allowed) {
-    if (!__privateGet(this, _authInfo)) {
-      throw new Error("auth is not set");
-    }
-    if (allowed && !allowed.includes(__privateGet(this, _authInfo).authType)) {
-      throw new Error(`invalid auth type, expected ${allowed.join(", ")}`);
-    }
-    return __privateGet(this, _authInfo);
+    return __privateGet(this, _authService).assertIsAuthSet(allowed);
   }
   /**
    * Sets the email associated with the `ParaCore` instance.
@@ -1155,7 +1138,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setEmail(email) {
     return __async(this, null, function* () {
-      yield this.setAuth({ email });
+      yield __privateGet(this, _authService).setAuth({ email });
     });
   }
   /**
@@ -1164,7 +1147,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setTelegramUserId(telegramUserId) {
     return __async(this, null, function* () {
-      yield this.setAuth({ telegramUserId });
+      yield __privateGet(this, _authService).setAuth({ telegramUserId });
     });
   }
   /**
@@ -1174,7 +1157,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setPhoneNumber(phone, countryCode) {
     return __async(this, null, function* () {
-      yield this.setAuth({ phone: formatPhoneNumber(phone, countryCode) });
+      yield __privateGet(this, _authService).setAuth({ phone: formatPhoneNumber(phone, countryCode) });
     });
   }
   /**
@@ -1183,7 +1166,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setFarcasterUsername(farcasterUsername) {
     return __async(this, null, function* () {
-      yield this.setAuth({ farcasterUsername });
+      yield __privateGet(this, _authService).setAuth({ farcasterUsername });
     });
   }
   /**
@@ -1193,75 +1176,12 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setExternalWallet(externalWallet) {
     return __async(this, null, function* () {
-      const { id: partnerId, supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      this.externalWallets = (Array.isArray(externalWallet) ? externalWallet : [externalWallet]).reduce(
-        (acc, {
-          partnerId: wPartnerId,
-          address,
-          type,
-          provider,
-          providerId,
-          addressBech32,
-          withFullParaAuth,
-          isConnectionOnly,
-          withVerification
-        }) => {
-          if (partnerId === wPartnerId && supportedWalletTypes.some(({ type: supportedType }) => supportedType === type)) {
-            return __spreadProps(__spreadValues({}, acc), {
-              [address]: {
-                id: address,
-                partnerId,
-                address: addressBech32 != null ? addressBech32 : address,
-                type,
-                name: provider,
-                isExternal: true,
-                isExternalWithParaAuth: withFullParaAuth,
-                externalProviderId: providerId,
-                signer: "",
-                isExternalConnectionOnly: isConnectionOnly,
-                isExternalWithVerification: withVerification
-              }
-            });
-          }
-          return acc;
-        },
-        {}
-      ), this.setExternalWallets(this.externalWallets);
-      dispatchEvent(ParaEvent.EXTERNAL_WALLET_CHANGE_EVENT, null);
+      return yield __privateGet(this, _externalWalletService).setExternalWallet({ externalWallet });
     });
   }
   addExternalWallets(externalWallets) {
     return __async(this, null, function* () {
-      const { id: partnerId, supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      this.externalWallets = __spreadValues(__spreadValues({}, Object.entries(this.externalWallets).reduce((acc, [address, wallet]) => {
-        if (partnerId === wallet.partnerId && supportedWalletTypes.some(({ type }) => type === wallet.type)) {
-          return __spreadProps(__spreadValues({}, acc), {
-            [address]: wallet
-          });
-        }
-        return acc;
-      }, {})), externalWallets.reduce(
-        (acc, { address, type, provider, providerId, addressBech32, withFullParaAuth, isConnectionOnly, withVerification }) => {
-          return __spreadProps(__spreadValues({}, acc), {
-            [address]: {
-              id: address,
-              partnerId,
-              address: addressBech32 != null ? addressBech32 : address,
-              type,
-              name: provider,
-              isExternal: true,
-              isExternalWithParaAuth: withFullParaAuth,
-              externalProviderId: providerId,
-              signer: "",
-              isExternalConnectionOnly: isConnectionOnly,
-              isExternalWithVerification: withVerification
-            }
-          });
-        },
-        {}
-      ));
-      this.setExternalWallets(this.externalWallets);
-      dispatchEvent(ParaEvent.EXTERNAL_WALLET_CHANGE_EVENT, null);
+      return yield __privateGet(this, _externalWalletService).addExternalWallets({ externalWallets });
     });
   }
   /**
@@ -1270,8 +1190,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setUserId(userId) {
     return __async(this, null, function* () {
-      this.userId = userId;
-      yield this.localStorageSetItem(constants.LOCAL_STORAGE_USER_ID, userId);
+      return yield __privateGet(this, _authService).setUserId(userId);
     });
   }
   /**
@@ -1280,12 +1199,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setWallets(wallets) {
     return __async(this, null, function* () {
-      this.wallets = wallets;
-      if (this.platformUtils.secureStorage) {
-        yield this.platformUtils.secureStorage.set(constants.LOCAL_STORAGE_WALLETS, JSON.stringify(wallets));
-        return;
-      }
-      yield this.localStorageSetItem(constants.LOCAL_STORAGE_WALLETS, JSON.stringify(wallets));
+      return yield __privateGet(this, _walletService).setWallets(wallets);
     });
   }
   /**
@@ -1294,12 +1208,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   setExternalWallets(externalWallets) {
     return __async(this, null, function* () {
-      if (typeof externalWallets === "function") {
-        this.externalWallets = externalWallets(this.externalWallets);
-      } else {
-        this.externalWallets = externalWallets;
-      }
-      yield this.localStorageSetItem(constants.LOCAL_STORAGE_EXTERNAL_WALLETS, JSON.stringify(this.externalWallets));
+      return yield __privateGet(this, _externalWalletService).setExternalWallets({ externalWallets });
     });
   }
   /**
@@ -1326,51 +1235,36 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns - userId associated with the `ParaCore` instance.
    */
   getUserId() {
-    return this.userId;
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.userId;
   }
   getAuthInfo() {
-    return this.authInfo;
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.authInfo;
   }
   /**
    * Gets the email associated with the `ParaCore` instance.
    * @returns - email associated with the `ParaCore` instance.
    */
   getEmail() {
-    return this.email;
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.email;
   }
   /**
    * Gets the formatted phone number associated with the `ParaCore` instance.
    * @returns - formatted phone number associated with the `ParaCore` instance.
    */
   getPhoneNumber() {
-    return this.phone;
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.phone;
   }
   /**
    * Gets the farcaster username associated with the `ParaCore` instance.
    * @returns - farcaster username associated with the `ParaCore` instance.
    */
   getFarcasterUsername() {
-    return this.farcasterUsername;
-  }
-  setCurrentWalletIds(_0) {
-    return __async(this, arguments, function* (currentWalletIds, {
-      needsWallet = false,
-      sessionLookupId,
-      newDeviceSessionLookupId
-    } = {}) {
-      this.currentWalletIds = currentWalletIds;
-      yield this.localStorageSetItem(constants.LOCAL_STORAGE_CURRENT_WALLET_IDS, JSON.stringify(this.currentWalletIds));
-      if (sessionLookupId) {
-        yield this.ctx.client.setCurrentWalletIds(
-          this.getUserId(),
-          this.currentWalletIds,
-          needsWallet,
-          sessionLookupId,
-          newDeviceSessionLookupId
-        );
-      }
-      dispatchEvent(ParaEvent.WALLETS_CHANGE_EVENT, null);
-    });
+    var _a;
+    return (_a = __privateGet(this, _authService)) == null ? void 0 : _a.farcasterUsername;
   }
   /**
    * Fetches the most recent OAuth account metadata for the signed-in user.
@@ -1388,29 +1282,6 @@ Need help? Visit: https://docs.getpara.com or contact support
       return accountMetadata;
     });
   }
-  /**
-   * Validates that a wallet ID is present on the instance, usable, and matches the desired filters.
-   * If no ID is passed, this will instead return the first valid, usable wallet ID that matches the filters.
-   * @param {string} [walletId] the wallet ID to validate.
-   * @param {WalletFilters} [filter={}] a `WalletFilters` object specifying allowed types, schemes, and whether to forbid unclaimed pregen wallets.
-   * @returns {string} the wallet ID originally passed, or the one found.
-   */
-  findWalletId(walletId, filter = {}) {
-    if (walletId) {
-      this.assertIsValidWalletId(walletId, filter);
-    } else {
-      for (const id of [...this.currentWalletIdsUnique, ...Object.keys(this.wallets)]) {
-        if (this.isWalletUsable(id, filter)) {
-          walletId = id;
-          break;
-        }
-      }
-      if (!walletId) {
-        throw new Error(`no valid wallet id found`);
-      }
-    }
-    return walletId;
-  }
   /**
    * Retrieves a wallet with the given address, if present.
    * If no ID is passed, this will instead return the first valid, usable wallet ID that matches the filters.
@@ -1418,78 +1289,15 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {WalletFilters} [filter={}] a `WalletFilters` object specifying allowed types, schemes, and whether to forbid unclaimed pregen wallets.
    * @returns {string} the wallet ID originally passed, or the one found.
    */
-  findWalletByAddress(address, filter) {
-    if (this.externalWallets[address]) {
-      return this.externalWallets[address];
-    }
-    let wallet;
-    Object.entries(this.currentWalletIds).forEach(([type, walletIds]) => {
-      const pregenWalletIds = Object.keys(this.wallets).filter(
-        (id) => this.wallets[id].type === type && this.isPregenWalletClaimable(this.wallets[id])
-      );
-      [...walletIds, ...pregenWalletIds].forEach((id) => {
-        if (address.toLowerCase() === this.getDisplayAddress(id, { addressType: type }).toLowerCase()) {
-          wallet = this.wallets[id];
-        }
-      });
-    });
-    if (!wallet) {
-      throw new Error(`wallet with address ${address} not found`);
-    }
-    this.assertIsValidWalletId(wallet.id, filter);
-    return wallet;
-  }
-  findWallet(idOrAddress, overrideType, filter = {}) {
-    var _a, _c, _d;
-    if (!this.isExternalWalletAuth) {
-      if (!idOrAddress && Object.keys(this.externalWallets).length > 0) {
-        return Object.values(this.externalWallets)[0];
-      }
-    }
-    if ((_a = this.externalWallets) == null ? void 0 : _a[idOrAddress]) {
-      return this.externalWallets[idOrAddress];
-    }
-    try {
-      const walletId = this.findWalletId(idOrAddress, filter);
-      if (walletId && !!this.wallets[walletId]) {
-        const _b = this.wallets[walletId], { signer: _signer } = _b, wallet = __objRest(_b, ["signer"]);
-        const type = (_d = overrideType != null ? overrideType : (_c = this.currentWalletIdsArray.find(([id]) => id === walletId)) == null ? void 0 : _c[1]) != null ? _d : wallet.type;
-        return __spreadProps(__spreadValues({}, wallet), {
-          type
-        });
-      }
-    } catch (e) {
-      return void 0;
-    }
+  findWalletByAddress(...params) {
+    return __privateGet(this, _walletService).findWalletByAddress(...params);
+  }
+  findWallet(...params) {
+    const [walletId, walletType, filters = {}] = params;
+    return __privateGet(this, _walletService).findWallet(walletId, walletType, filters);
   }
   get availableWallets() {
-    var _a;
-    return [
-      ...[...this.currentWalletIdsArray, ...__privateGet(this, _ParaCore_instances, guestWalletIdsArray_get)].map(([address, type]) => [address, type, false]).map(([id, type]) => {
-        const wallet = this.findWallet(id, type);
-        if (!wallet) return null;
-        const name = wallet.name;
-        const address = this.getDisplayAddress(id, { addressType: type });
-        const addressShort = this.getDisplayAddress(id, { addressType: type, truncate: true });
-        return {
-          id: wallet.id,
-          partner: wallet.partner,
-          type,
-          address,
-          name,
-          addressShort,
-          displayName: name != null ? name : addressShort,
-          ensName: wallet.ensName,
-          ensAvatar: wallet.ensAvatar
-        };
-      }).filter((obj) => obj !== null),
-      ...Object.values((_a = this.externalWallets) != null ? _a : {}).map((wallet) => {
-        return __spreadProps(__spreadValues({}, wallet), {
-          addressShort: truncateAddress(wallet.address, wallet.type, { prefix: this.cosmosPrefix }),
-          displayName: wallet.externalProviderId
-        });
-      })
-    ];
+    return __privateGet(this, _walletService).availableWallets;
   }
   /**
    * Retrieves all usable wallets with the provided type (`'EVM' | 'COSMOS' | 'SOLANA'`)
@@ -1497,52 +1305,16 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns {Wallet[]} an array of matching wallets.
    */
   getWalletsByType(type) {
-    return Object.values(this.wallets).filter((w) => this.isWalletUsable(w.id, { type: [type] }));
-  }
-  assertIsValidWalletId(walletId, condition = {}) {
-    this.isWalletUsable(walletId, condition, true);
-  }
-  assertIsValidWalletType(type, walletTypes) {
-    return __async(this, null, function* () {
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      if (!type || !WALLET_TYPES.includes(type) || !(walletTypes != null ? walletTypes : supportedWalletTypes.map(({ type: type2 }) => type2)).includes(type)) {
-        throw new Error(`wallet type ${type} is not supported`);
-      }
-      return type;
-    });
-  }
-  getMissingTypes() {
-    return __async(this, null, function* () {
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      return supportedWalletTypes.filter(
-        ({ type: t, optional }) => !optional && Object.values(this.wallets).every((w) => !this.isWalletOwned(w) || !WalletSchemeTypeMap[w.scheme][t])
-      ).map(({ type }) => type);
-    });
-  }
-  getTypesToCreate(types) {
-    return __async(this, null, function* () {
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      return getSchemes(types != null ? types : yield this.getMissingTypes()).map((scheme) => {
-        switch (scheme) {
-          case "ED25519":
-            return "SOLANA";
-          default:
-            return supportedWalletTypes.some(({ type, optional }) => type === "COSMOS" && !optional) ? "COSMOS" : "EVM";
-        }
-      });
-    });
+    return __privateGet(this, _walletService).getWalletsByType(type);
   }
-  getPartnerURL() {
+  getPartner(partnerId) {
     return __async(this, null, function* () {
-      try {
-        const { portalUrl } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-        return portalUrl;
-      } catch (e) {
-        if (this.isPartnerOptional) {
-          return void 0;
-        }
-        throw e;
+      if (this.isPartnerOptional && !partnerId) {
+        return void 0;
       }
+      const res = yield this.ctx.client.getPartner(partnerId);
+      this.partner = res.data.partner;
+      return this.partner;
     });
   }
   /**
@@ -1552,7 +1324,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   getPortalURL(isLegacy) {
     return __async(this, null, function* () {
-      return this.ctx.portalUrlOverride || (yield this.getPartnerURL()) || getPortalBaseURL(this.ctx, false, false, isLegacy);
+      return yield __privateGet(this, _portalUrlService).getPortalURL(isLegacy);
     });
   }
   /**
@@ -1585,33 +1357,12 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   fetchWallets() {
     return __async(this, null, function* () {
-      const res = yield this.isPortal() || this.isParaConnect() ? this.ctx.client.getAllWallets(this.userId) : this.ctx.client.getWallets(this.userId, true);
-      return res.data.wallets.filter(
-        (wallet) => !!wallet.address && wallet.sharesPersisted && (this.isParaConnect() || !this.isParaConnect() && this.isWalletSupported(entityToWallet(wallet)))
-      );
+      return yield __privateGet(this, _walletService).fetchWallets();
     });
   }
   populateWalletAddresses() {
     return __async(this, null, function* () {
-      const res = yield (this.isPortal() ? this.ctx.client.getAllWallets : this.ctx.client.getWallets)(this.userId, true);
-      const wallets = res.data.wallets;
-      wallets.forEach((entity) => {
-        if (this.wallets[entity.id]) {
-          this.wallets[entity.id] = __spreadValues(__spreadValues({}, entityToWallet(entity)), this.wallets[entity.id]);
-        }
-      });
-      yield this.setWallets(this.wallets);
-    });
-  }
-  populatePregenWalletAddresses() {
-    return __async(this, null, function* () {
-      const res = yield this.getPregenWallets();
-      res.forEach((entity) => {
-        if (this.wallets[entity.id]) {
-          this.wallets[entity.id] = __spreadValues(__spreadValues({}, entityToWallet(entity)), this.wallets[entity.id]);
-        }
-      });
-      yield this.setWallets(this.wallets);
+      return yield __privateGet(this, _walletService).populateWalletAddresses();
     });
   }
   /**
@@ -1621,86 +1372,34 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {TWalletType} opts.type type of external wallet to use for identification.
    * @param {string} opts.provider the name of the provider for the external wallet.
    */
-  loginExternalWallet(_a) {
+  loginExternalWallet(params) {
     return __async(this, null, function* () {
-      var _b = _a, {
-        externalWallet,
-        chainId,
-        uri
-      } = _b, urlOptions = __objRest(_b, [
-        "externalWallet",
-        "chainId",
-        "uri"
-      ]);
-      const externalWallets = Array.isArray(externalWallet) ? externalWallet : [externalWallet];
-      try {
-        yield this.ctx.client.trackExternalWalletConnections({
-          wallets: externalWallets.map((wallet) => ({
-            address: wallet.address,
-            type: wallet.type,
-            provider: wallet.provider
-          }))
-        });
-      } catch (err) {
-        console.error("Error tracking external wallet connections:", err);
-      }
-      if (this.externalWalletConnectionOnly || externalWallets.every((wallet) => wallet.isConnectionOnly)) {
-        yield this.addExternalWallets(
-          externalWallets.map((wallet) => __spreadProps(__spreadValues({}, wallet), {
-            withFullParaAuth: false
-          }))
-        );
-        return Promise.resolve({
-          userId: constants.EXTERNAL_WALLET_CONNECTION_ONLY_USER_ID
-        });
-      }
-      if (Array.isArray(externalWallet)) {
-        throw new Error(
-          "Cannot authenticate multiple external wallets at once. To connect multiple wallets at once, use CONNECTION_ONLY mode."
-        );
-      }
-      this.requireApiKey();
-      const serverAuthState = yield this.ctx.client.loginExternalWallet({ externalWallet, chainId, uri });
-      if (!externalWallet.withFullParaAuth && externalWallet.withVerification) {
-        yield this.touchSession(true);
-      }
-      if (externalWallet.withFullParaAuth) {
-        yield this.ctx.client.sessionAddPortalVerification();
-      }
-      return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
+      return yield __privateGet(this, _authService).loginExternalWallet(params);
+    });
+  }
+  /**
+   * Connects to an external wallet & logs in to Para (if applicable).
+   * @param {Object} params the params object
+   * @param {Function} params.connect the function called to connect to the external wallet.
+   */
+  connectExternalWallet(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).connectExternalWallet(params);
     });
   }
   verifyExternalWallet(params) {
     return __async(this, null, function* () {
-      var _c;
-      let serverAuthState;
-      let urlOptions;
-      if ("serverAuthState" in params && params.serverAuthState !== void 0) {
-        const _a = params, { serverAuthState: optsServerAuthState } = _a, rest = __objRest(_a, ["serverAuthState"]);
-        serverAuthState = optsServerAuthState;
-        urlOptions = rest;
-      } else if ("externalWallet" in params) {
-        const _b = params, { externalWallet, signedMessage, cosmosPublicKeyHex, cosmosSigner } = _b, rest = __objRest(_b, ["externalWallet", "signedMessage", "cosmosPublicKeyHex", "cosmosSigner"]);
-        const _serverAuthState = yield this.ctx.client.verifyExternalWallet(this.userId, {
-          externalWallet,
-          signedMessage,
-          cosmosPublicKeyHex,
-          cosmosSigner
-        });
-        serverAuthState = _serverAuthState;
-        urlOptions = rest;
-      }
-      if (serverAuthState.stage === "login" && ((_c = serverAuthState.loginAuthMethods) == null ? void 0 : _c.includes(AuthMethod.PIN))) {
-        const { sessionLookupId } = yield this.touchSession();
-        return yield __privateMethod(this, _ParaCore_instances, prepareLoginState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
-      }
-      let state;
-      try {
-        state = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
-      } catch (err) {
-        console.error("Error prepping state:", err);
-      }
-      return state;
+      return yield __privateGet(this, _authService).verifyExternalWallet(params);
+    });
+  }
+  retryVerifyExternalWallet() {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).retryVerifyExternalWallet();
+    });
+  }
+  signExternalWalletVerification(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).signExternalWalletVerification(params);
     });
   }
   verifyExternalWalletLink(opts) {
@@ -1723,13 +1422,13 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param authResponse - the response JSON object received from the Telegram widget.
    * @returns `{ isValid: boolean; telegramUserId?: string; userId?: string; isNewUser?: boolean; supportedAuthMethods?: AuthMethod[]; biometricHints?: BiometricLocationHint[] }`
    */
-  verifyTelegramProcess(_c) {
+  verifyTelegramProcess(_a) {
     return __async(this, null, function* () {
-      var _d = _c, {
+      var _b = _a, {
         serverAuthState: optsServerAuthState,
         telegramAuthResponse,
         isLinkAccount
-      } = _d, urlOptions = __objRest(_d, [
+      } = _b, urlOptions = __objRest(_b, [
         "serverAuthState",
         "telegramAuthResponse",
         "isLinkAccount"
@@ -1737,12 +1436,10 @@ Need help? Visit: https://docs.getpara.com or contact support
       try {
         switch (isLinkAccount) {
           case false: {
-            if (!optsServerAuthState && !telegramAuthResponse) {
-              throw new Error("one of serverAuthState or telegramAuthResponse are required for verifying telegram");
-            }
-            const serverAuthState = optsServerAuthState != null ? optsServerAuthState : yield this.ctx.client.verifyTelegram({ authObject: telegramAuthResponse });
-            const { sessionLookupId } = yield this.touchSession();
-            return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
+            return yield __privateGet(this, _authService).verifyTelegram(__spreadValues({
+              serverAuthState: optsServerAuthState,
+              telegramAuthResponse
+            }, urlOptions));
           }
           case true: {
             if (!telegramAuthResponse) {
@@ -1762,9 +1459,9 @@ Need help? Visit: https://docs.getpara.com or contact support
       }
     });
   }
-  verifyTelegram(opts) {
+  verifyTelegram(params) {
     return __async(this, null, function* () {
-      return yield this.verifyTelegramProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+      return yield this.verifyTelegramProcess(__spreadProps(__spreadValues({}, params), { isLinkAccount: false }));
     });
   }
   verifyTelegramLink(opts) {
@@ -1816,35 +1513,8 @@ Need help? Visit: https://docs.getpara.com or contact support
    * Resend a verification email for the current user.
    */
   resendVerificationCode(_0) {
-    return __async(this, arguments, function* ({
-      type: reason = "SIGNUP"
-    }) {
-      let type, linkedAccountId;
-      switch (reason) {
-        case "SIGNUP":
-        case "LOGIN":
-          {
-            const authInfo = this.assertIsAuthSet(["email", "phone"]);
-            type = authInfo.authType.toUpperCase();
-          }
-          break;
-        case "LINK_ACCOUNT":
-          {
-            const accountLinkInProgress = __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this, ["EMAIL", "PHONE"]);
-            linkedAccountId = accountLinkInProgress.id;
-            type = accountLinkInProgress.type;
-          }
-          break;
-      }
-      const userId = this.assertUserId({ allowGuestMode: true });
-      if (type !== "EMAIL" && type !== "PHONE") {
-        throw new Error("invalid auth type for verification code");
-      }
-      yield this.ctx.client.resendVerificationCode(__spreadValues({
-        userId,
-        type,
-        linkedAccountId
-      }, this.getVerificationEmailProps()));
+    return __async(this, arguments, function* ({ type: reason = "SIGNUP" }) {
+      return yield __privateGet(this, _authService).resendVerificationCode({ type: reason });
     });
   }
   /**
@@ -1853,18 +1523,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   isSessionActive() {
     return __async(this, null, function* () {
-      if (this.externalWalletConnectionType === "CONNECTION_ONLY") {
-        return true;
-      }
-      const { isAuthenticated, verifiedExternalWalletAddresses } = yield this.touchSession();
-      if (this.externalWalletConnectionType === "VERIFICATION") {
-        if (!verifiedExternalWalletAddresses) {
-          return false;
-        }
-        const externalAddresses = Object.values(this.externalWallets).map((w) => w.id);
-        return externalAddresses.every((address) => verifiedExternalWalletAddresses.includes(address));
-      }
-      return !!isAuthenticated;
+      return yield __privateGet(this, _sessionManagementService).isSessionActive();
     });
   }
   /**
@@ -1873,58 +1532,15 @@ Need help? Visit: https://docs.getpara.com or contact support
    **/
   isFullyLoggedIn() {
     return __async(this, null, function* () {
-      if (this.externalWalletConnectionType === "CONNECTION_ONLY") {
-        if (!this.isReady) {
-          yield this.ready();
-        }
-        return true;
-      }
-      if (this.isGuestMode) {
-        return true;
-      }
-      const isSessionActive = yield this.isSessionActive();
-      if (this.externalWalletConnectionType === "VERIFICATION") {
-        return isSessionActive;
-      }
-      if (this.isSwitchingWallets) {
-        return isSessionActive;
-      }
-      if (!isSessionActive) {
-        return false;
-      }
-      if (this.isNoWalletConfig) {
-        return true;
-      }
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      const requiredWalletTypes = supportedWalletTypes.filter(({ optional }) => !optional);
-      for (const { type } of requiredWalletTypes) {
-        const hasWalletForType = this.currentWalletIdsArray.some(([walletId, walletType]) => {
-          try {
-            const wallet = this.wallets[walletId];
-            return wallet && walletType === type && typeof wallet.address === "string";
-          } catch (e) {
-            return false;
-          }
-        });
-        if (!hasWalletForType) {
-          return false;
-        }
-      }
-      const allWalletsLoaded = this.currentWalletIdsArray.every(([walletId]) => {
-        const wallet = this.wallets[walletId];
-        return wallet && typeof wallet.address === "string";
-      });
-      if (!allWalletsLoaded) {
-        return false;
-      }
-      return true;
+      return yield __privateGet(this, _sessionManagementService).isFullyLoggedIn();
     });
   }
   get isGuestMode() {
-    return __privateGet(this, _ParaCore_instances, guestWalletIdsArray_get).length > 0 && Object.values(this.wallets).every(
+    var _a;
+    return ((_a = __privateGet(this, _pregenWalletService)) == null ? void 0 : _a.guestWalletIdsArray.length) > 0 && Object.values(this.wallets).every(
       ({ userId, partnerId }) => {
-        var _a;
-        return partnerId === ((_a = this.partner) == null ? void 0 : _a.id) && (!userId || userId !== this.userId);
+        var _a2;
+        return partnerId === ((_a2 = this.partner) == null ? void 0 : _a2.id) && (!userId || userId !== this.userId);
       }
     );
   }
@@ -1954,30 +1570,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   supportedUserAuthMethods() {
     return __async(this, null, function* () {
-      this.assertIsAuthSet();
-      const { supportedAuthMethods, hasPasswordWithoutPIN } = yield this.ctx.client.getSupportedAuthMethodsV2(
-        this.authInfo.auth
-      );
-      const authMethods = /* @__PURE__ */ new Set();
-      for (const type of supportedAuthMethods) {
-        switch (type) {
-          case "PASSWORD":
-            if (hasPasswordWithoutPIN) {
-              authMethods.add(AuthMethod.PASSWORD);
-            }
-            break;
-          case "PASSKEY":
-            authMethods.add(AuthMethod.PASSKEY);
-            break;
-          case "PIN":
-            authMethods.add(AuthMethod.PIN);
-            break;
-          case "BASIC_LOGIN":
-            authMethods.add(AuthMethod.BASIC_LOGIN);
-            break;
-        }
-      }
-      return authMethods;
+      return yield __privateGet(this, _authService).supportedUserAuthMethods();
     });
   }
   /**
@@ -1994,94 +1587,14 @@ Need help? Visit: https://docs.getpara.com or contact support
   /**
    * Waits for the session to be active.
    **/
-  waitForSignup(_0) {
-    return __async(this, arguments, function* ({
-      isCanceled = () => false,
-      onCancel,
-      onPoll
-    }) {
-      const startedAt = Date.now();
-      return new Promise((resolve, reject) => {
-        (() => __async(this, null, function* () {
-          yield this.touchSession();
-          if (!this.isExternalWalletAuth) {
-            this.externalWallets = {};
-          }
-          while (true) {
-            try {
-              if (isCanceled() || Date.now() - startedAt > constants.POLLING_TIMEOUT_MS) {
-                onCancel == null ? void 0 : onCancel();
-                dispatchEvent(ParaEvent.ACCOUNT_CREATION_EVENT, false, "failed to sign up user");
-                return reject("canceled");
-              }
-              yield new Promise((_resolve) => setTimeout(_resolve, constants.POLLING_INTERVAL_MS));
-              if (yield this.isSessionActive()) {
-                dispatchEvent(ParaEvent.ACCOUNT_CREATION_EVENT, true);
-                return resolve(true);
-              }
-              onPoll == null ? void 0 : onPoll();
-            } catch (err) {
-              console.error(err);
-              onPoll == null ? void 0 : onPoll();
-            }
-          }
-        }))();
-      });
+  waitForSignup(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).waitForSignup(params);
     });
   }
-  waitForWalletCreation() {
-    return __async(this, arguments, function* ({
-      isCanceled = () => false,
-      onCancel
-    } = {}) {
-      yield this.waitForSignup({ isCanceled, onCancel });
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      const pregenWallets = yield this.getPregenWallets();
-      let recoverySecret, walletIds = {};
-      if (pregenWallets.length > 0) {
-        let shares = [];
-        try {
-          shares = yield this.ctx.enclaveClient.getPregenShares({
-            userId: this.userId,
-            walletIds: pregenWallets.map((w) => w.id),
-            partnerId: pregenWallets[0].partnerId
-          });
-          for (const share of shares) {
-            const wallet = pregenWallets.find((w) => w.id === share.walletId);
-            if (wallet) {
-              this.wallets[wallet.id] = {
-                id: wallet.id,
-                address: wallet.address,
-                scheme: wallet.scheme,
-                type: wallet.type,
-                partnerId: wallet.partnerId,
-                isPregen: wallet.isPregen,
-                pregenIdentifier: wallet.pregenIdentifier,
-                pregenIdentifierType: wallet.pregenIdentifierType,
-                signer: share.signer,
-                createdAt: String(wallet.createdAt)
-              };
-            }
-          }
-        } catch (err) {
-          console.warn("[waitForWalletCreation] Failed to fetch pregen shares:", err);
-        }
-        if (shares.length > 0) {
-          recoverySecret = yield this.claimPregenWallets();
-          walletIds = supportedWalletTypes.reduce((acc, { type }) => {
-            var _a;
-            return __spreadProps(__spreadValues({}, acc), {
-              [type]: [(_a = pregenWallets.find((w) => !!WalletSchemeTypeMap[w.scheme][type])) == null ? void 0 : _a.id]
-            });
-          }, {});
-        }
-      }
-      const created = yield this.createWalletPerType();
-      recoverySecret = recoverySecret != null ? recoverySecret : created.recoverySecret;
-      walletIds = __spreadValues(__spreadValues({}, walletIds), created.walletIds);
-      const resp = { walletIds, recoverySecret };
-      dispatchEvent(ParaEvent.ACCOUNT_SETUP_EVENT, resp);
-      return resp;
+  waitForWalletCreation(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).waitForWalletCreation(params);
     });
   }
   /**
@@ -2101,35 +1614,34 @@ Need help? Visit: https://docs.getpara.com or contact support
    * If successful, this returns the user's Farcaster username and profile picture and indicates whether the user already exists.
    * @return {Object} `{userExists: boolean; username: string; pfpUrl?: string | null }` - the user's information and whether the user already exists.
    */
-  verifyFarcasterProcess(_e) {
+  verifyFarcasterProcess(_c) {
     return __async(this, null, function* () {
-      var _f = _e, {
+      var _d = _c, {
         isCanceled = () => false,
         onConnectUri,
         onCancel,
-        onPoll,
         isLinkAccount,
         serverAuthState: optsServerAuthState
-      } = _f, urlOptions = __objRest(_f, [
+      } = _d, urlOptions = __objRest(_d, [
         "isCanceled",
         "onConnectUri",
         "onCancel",
-        "onPoll",
         "isLinkAccount",
         "serverAuthState"
       ]);
-      if (optsServerAuthState) {
-        const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, optsServerAuthState, urlOptions);
-        return authState;
+      if (onConnectUri) {
+        const connectUri = yield this.getFarcasterConnectUri();
+        onConnectUri(connectUri);
+      }
+      if (!isLinkAccount) {
+        return yield __privateGet(this, _authService).verifyFarcaster(__spreadValues({
+          serverAuthState: optsServerAuthState
+        }, urlOptions));
       }
       let accountLinkInProgress;
       if (isLinkAccount) {
         accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, "FARCASTER");
       }
-      if (onConnectUri) {
-        const connectUri = yield this.getFarcasterConnectUri();
-        onConnectUri(connectUri);
-      }
       return new Promise((resolve, reject) => {
         (() => __async(this, null, function* () {
           const startedAt = Date.now();
@@ -2140,27 +1652,13 @@ Need help? Visit: https://docs.getpara.com or contact support
                 return reject("CANCELED");
               }
               yield new Promise((_resolve) => setTimeout(_resolve, constants.POLLING_INTERVAL_MS));
-              switch (isLinkAccount) {
-                case false:
-                  {
-                    const serverAuthState = yield this.ctx.client.getFarcasterAuthStatus();
-                    if (isServerAuthState(serverAuthState)) {
-                      const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
-                      return resolve(authState);
-                    }
-                  }
-                  break;
-                case true: {
-                  const result = yield this.verifyLink({
-                    accountLinkInProgress
-                  });
-                  if ("isConflict" in result) {
-                    throw new Error(AccountLinkError.Conflict);
-                  }
-                  return resolve(result);
-                }
+              const result = yield this.verifyLink({
+                accountLinkInProgress
+              });
+              if ("isConflict" in result) {
+                throw new Error(AccountLinkError.Conflict);
               }
-              onPoll == null ? void 0 : onPoll();
+              return resolve(result);
             } catch (e) {
               if (!isLinkAccount || e.message === AccountLinkError.Conflict) {
                 return reject(e.message);
@@ -2171,9 +1669,9 @@ Need help? Visit: https://docs.getpara.com or contact support
       });
     });
   }
-  verifyFarcaster(opts) {
+  verifyFarcaster(params) {
     return __async(this, null, function* () {
-      return yield this.verifyFarcasterProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+      return yield this.verifyFarcasterProcess(__spreadProps(__spreadValues({}, params), { isLinkAccount: false }));
     });
   }
   verifyFarcasterLink(opts) {
@@ -2181,11 +1679,17 @@ Need help? Visit: https://docs.getpara.com or contact support
       return yield this.verifyFarcasterProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: true }));
     });
   }
-  getOAuthUrl(opts) {
+  /**
+   * Generates a URL for the user to log in with OAuth using a desire method.
+   *
+   * @param {Object} opts the options object
+   * @param {TOAuthMethod} opts.method the third-party service to use for OAuth.
+   * @param {string} [opts.appScheme] the app scheme to redirect to after the OAuth flow. This is for mobile only.
+   * @returns {string} the URL for the user to log in with OAuth.
+   */
+  getOAuthUrl(params) {
     return __async(this, null, function* () {
-      var _a;
-      const sessionLookupId = (_a = opts.sessionLookupId) != null ? _a : yield this.prepareLogin();
-      return __privateMethod(this, _ParaCore_instances, getOAuthUrl_fn).call(this, __spreadProps(__spreadValues({}, opts), { sessionLookupId }));
+      return yield __privateGet(this, _portalUrlService).getOAuthUrl(params);
     });
   }
   /**
@@ -2196,27 +1700,12 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {Window} [opts.popupWindow] the popup window being used for login.
    * @return {Object} `{ email?: string; isError?: boolean; userExists: boolean; }` the result data
    */
-  verifyOAuthProcess(_g) {
+  verifyOAuthProcess(params) {
     return __async(this, null, function* () {
-      var _h = _g, {
-        method,
-        appScheme,
-        isCanceled = () => false,
-        onCancel,
-        onPoll,
-        onOAuthUrl,
-        onOAuthPopup,
-        isLinkAccount
-      } = _h, urlOptions = __objRest(_h, [
-        "method",
-        "appScheme",
-        "isCanceled",
-        "onCancel",
-        "onPoll",
-        "onOAuthUrl",
-        "onOAuthPopup",
-        "isLinkAccount"
-      ]);
+      if (!params.isLinkAccount) {
+        return yield __privateGet(this, _authService).verifyOAuthProcess(params);
+      }
+      const { method, appScheme, isCanceled = () => false, onCancel, onPoll, onOAuthUrl, onOAuthPopup } = params;
       if (onOAuthPopup) {
         try {
           this.popupWindow = yield this.platformUtils.openPopup("about:blank", { type: PopupType.OAUTH });
@@ -2226,13 +1715,14 @@ Need help? Visit: https://docs.getpara.com or contact support
       }
       let sessionLookupId, accountLinkInProgress;
       if (onOAuthUrl || onOAuthPopup) {
-        if (isLinkAccount) {
-          accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, method);
-          sessionLookupId = (yield this.touchSession()).sessionLookupId;
-        } else {
-          sessionLookupId = yield this.prepareLogin();
-        }
-        const oAuthUrl = yield __privateMethod(this, _ParaCore_instances, getOAuthUrl_fn).call(this, { method, appScheme, sessionLookupId, accountLinkInProgress });
+        accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, method);
+        sessionLookupId = (yield this.touchSession()).sessionLookupId;
+        const oAuthUrl = yield __privateGet(this, _portalUrlService).getOAuthUrl({
+          method,
+          appScheme,
+          sessionLookupId,
+          accountLinkInProgress
+        });
         switch (true) {
           case !!onOAuthUrl: {
             onOAuthUrl(oAuthUrl);
@@ -2257,24 +1747,10 @@ Need help? Visit: https://docs.getpara.com or contact support
                 return reject(AccountLinkError.Canceled);
               }
               yield new Promise((_resolve) => setTimeout(_resolve, constants.POLLING_INTERVAL_MS));
-              switch (isLinkAccount) {
-                case false:
-                  {
-                    const serverAuthState = yield this.ctx.client.verifyOAuth();
-                    if (isServerAuthState(serverAuthState)) {
-                      const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
-                      return resolve(authState);
-                    }
-                  }
-                  break;
-                case true: {
-                  const accounts = yield this.verifyLink({ accountLinkInProgress });
-                  return resolve(accounts);
-                }
-              }
-              onPoll == null ? void 0 : onPoll();
+              const accounts = yield this.verifyLink({ accountLinkInProgress });
+              return resolve(accounts);
             } catch (err) {
-              if (isLinkAccount && err.message === AccountLinkError.Conflict) {
+              if (err.message === AccountLinkError.Conflict) {
                 return reject(err.message);
               }
               onPoll == null ? void 0 : onPoll();
@@ -2284,9 +1760,9 @@ Need help? Visit: https://docs.getpara.com or contact support
       });
     });
   }
-  verifyOAuth(opts) {
+  verifyOAuth(params) {
     return __async(this, null, function* () {
-      return yield this.verifyOAuthProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+      return yield this.verifyOAuthProcess(__spreadProps(__spreadValues({}, params), { isLinkAccount: false }));
     });
   }
   verifyOAuthLink(opts) {
@@ -2302,9 +1778,9 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {boolean} [opts.skipSessionRefresh] whether to skip refreshing the session.
    * @returns {Object} `{ isComplete: boolean; isError: boolean; needsWallet: boolean; partnerId: string; }` the result data
    **/
-  waitForLogin(args) {
+  waitForLogin(params) {
     return __async(this, null, function* () {
-      return yield __privateMethod(this, _ParaCore_instances, waitForLoginProcess_fn).call(this, args);
+      return yield __privateGet(this, _authService).waitForLogin(params);
     });
   }
   waitForWalletSwitching(args) {
@@ -2336,32 +1812,20 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns a URL for the user to reauthenticate.
    **/
   refreshSession() {
-    return __async(this, arguments, function* ({
-      shouldOpenPopup = false
-    } = {}) {
-      const { sessionId } = yield this.touchSession(true);
-      if (!this.loginEncryptionKeyPair) {
-        yield this.setLoginEncryptionKeyPair();
-      }
-      const link = yield this.getLoginUrl({
-        sessionId
-      });
-      if (shouldOpenPopup) {
-        yield this.platformUtils.openPopup(link);
-      }
-      return link;
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _sessionManagementService).refreshSession(params);
     });
   }
   /**
    * Call this method after login to ensure that the user ID is set
    * internally.
    **/
-  userSetupAfterLogin() {
+  userSetupAfterLogin(existingSession) {
     return __async(this, null, function* () {
-      const session = yield this.touchSession();
-      yield this.setUserId(session.userId);
-      if (session.currentWalletIds && session.currentWalletIds !== this.currentWalletIds)
-        yield this.setCurrentWalletIds(session.currentWalletIds, {
+      const session = existingSession != null ? existingSession : yield this.touchSession();
+      yield __privateGet(this, _authService).setUserId(session.userId);
+      if (session.currentWalletIds && session.currentWalletIds !== __privateGet(this, _walletService).currentWalletIds)
+        yield __privateGet(this, _walletService).setCurrentWalletIds(session.currentWalletIds, {
           sessionLookupId: this.isPortal() ? session.sessionLookupId : void 0
         });
       return session;
@@ -2374,9 +1838,12 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns - transmission keyshares.
    **/
   getTransmissionKeyShares() {
-    return __async(this, arguments, function* ({ isForNewDevice = false } = {}) {
-      const session = yield this.touchSession();
-      const sessionLookupId = isForNewDevice ? `${session.sessionLookupId}-new-device` : session.sessionLookupId;
+    return __async(this, arguments, function* ({
+      isForNewDevice = false,
+      sessionLookupId: existingSessionLookupId
+    } = {}) {
+      const baseSessionLookupId = existingSessionLookupId != null ? existingSessionLookupId : (yield this.touchSession()).sessionLookupId;
+      const sessionLookupId = isForNewDevice ? `${baseSessionLookupId}-new-device` : baseSessionLookupId;
       return this.ctx.client.getTransmissionKeyshares(this.userId, sessionLookupId);
     });
   }
@@ -2390,111 +1857,34 @@ Need help? Visit: https://docs.getpara.com or contact support
     return __async(this, arguments, function* ({
       temporaryShares,
       skipSessionRefresh = false
-    } = {}) {
-      if (!temporaryShares) {
-        temporaryShares = (yield this.getTransmissionKeyShares()).data.temporaryShares;
-      }
-      temporaryShares.forEach((share) => {
-        const signer = decryptWithPrivateKey(this.loginEncryptionKeyPair.privateKey, share.encryptedShare, share.encryptedKey);
-        this.wallets[share.walletId] = {
-          id: share.walletId,
-          signer
-        };
-      });
-      yield this.deleteLoginEncryptionKeyPair();
-      yield this.populateWalletAddresses();
-      yield this.touchSession(!skipSessionRefresh);
-    });
-  }
-  /**
-   * Distributes a new wallet recovery share.
-   * @param {Object} opts the options object.
-   * @param {string} opts.walletId the wallet to distribute the recovery share for.
-   * @param {string} opts.userShare optional user share generate the recovery share from. Defaults to the signer from the passed in walletId
-   * @param {boolean} opts.skipBiometricShareCreation whether or not to skip biometric share creation. Used when regenerating recovery shares.
-   * @param {boolean} opts.forceRefreshRecovery whether or not to force recovery secret regeneration. Used when regenerating recovery shares.
-   * @returns {string} the recovery share.
-   **/
-  distributeNewWalletShare(_0) {
-    return __async(this, arguments, function* ({
-      walletId,
-      userShare,
-      skipBiometricShareCreation = false,
-      forceRefresh = false
-    }) {
-      let userSigner = userShare;
-      if (!userSigner) {
-        userSigner = this.wallets[walletId].signer;
-      }
-      const recoveryShare = skipBiometricShareCreation ? yield sendRecoveryForShare({
-        ctx: this.ctx,
-        userId: this.userId,
-        walletId,
-        userSigner,
-        emailProps: this.getBackupKitEmailProps(),
-        forceRefresh
-      }) : yield distributeNewShare({
-        ctx: this.ctx,
-        userId: this.userId,
-        walletId,
-        userShare: userSigner,
-        emailProps: this.getBackupKitEmailProps(),
-        isEnclaveUser: this.isEnclaveUser,
-        walletScheme: this.wallets[walletId].scheme
-      });
-      return recoveryShare;
-    });
-  }
-  waitForWalletAddress(walletId) {
-    return __async(this, null, function* () {
-      let maxPolls = 0;
-      while (true) {
-        try {
-          if (maxPolls === 10) {
-            break;
-          }
-          ++maxPolls;
-          const res = yield (this.isPortal() ? this.ctx.client.getAllWallets : this.ctx.client.getWallets)(this.userId);
-          const wallet = res.data.wallets.find((w) => w.id === walletId);
-          if (wallet && wallet.address) {
-            return;
-          }
-          yield new Promise((resolve) => setTimeout(resolve, constants.SHORT_POLLING_INTERVAL_MS));
-        } catch (err) {
-          console.error(err);
-        }
+    } = {}) {
+      if (!temporaryShares) {
+        temporaryShares = (yield this.getTransmissionKeyShares()).data.temporaryShares;
       }
-      throw new Error("timed out waiting for wallet address");
+      temporaryShares.forEach((share) => {
+        const signer = decryptWithPrivateKey(this.loginEncryptionKeyPair.privateKey, share.encryptedShare, share.encryptedKey);
+        this.wallets[share.walletId] = {
+          id: share.walletId,
+          signer
+        };
+      });
+      yield this.deleteLoginEncryptionKeyPair();
+      yield __privateGet(this, _walletService).populateWalletAddresses();
+      yield this.touchSession(!skipSessionRefresh);
     });
   }
   /**
-   * Waits for a pregen wallet address to be created.
-   *
-   * @param pregenIdentifier - the identifier of the user the pregen wallet is associated with.
-   * @param walletId - the wallet id
-   * @param pregenIdentifierType - the identifier type of the user the pregen wallet is associated with.
-   * @returns - recovery share.
+   * Distributes a new wallet recovery share.
+   * @param {Object} opts the options object.
+   * @param {string} opts.walletId the wallet to distribute the recovery share for.
+   * @param {string} opts.userShare optional user share generate the recovery share from. Defaults to the signer from the passed in walletId
+   * @param {boolean} opts.skipBiometricShareCreation whether or not to skip biometric share creation. Used when regenerating recovery shares.
+   * @param {boolean} opts.forceRefreshRecovery whether or not to force recovery secret regeneration. Used when regenerating recovery shares.
+   * @returns {string} the recovery share.
    **/
-  waitForPregenWalletAddress(walletId) {
+  distributeNewWalletShare(params) {
     return __async(this, null, function* () {
-      let maxPolls = 0;
-      while (true) {
-        try {
-          if (maxPolls === 10) {
-            break;
-          }
-          ++maxPolls;
-          const res = yield this.getPregenWallets();
-          const wallet = res.find((w) => w.id === walletId);
-          if (wallet && wallet.address) {
-            return;
-          }
-          yield new Promise((resolve) => setTimeout(resolve, constants.SHORT_POLLING_INTERVAL_MS));
-        } catch (err) {
-          console.error(err);
-        }
-      }
-      throw new Error("timed out waiting for wallet address");
+      return yield __privateGet(this, _walletService).distributeNewWalletShare(params);
     });
   }
   /**
@@ -2509,24 +1899,8 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns {Object} the wallets created, their ids, and the recovery secret.
    **/
   createWalletPerType() {
-    return __async(this, arguments, function* ({
-      skipDistribute = false,
-      types
-    } = {}) {
-      const wallets = [];
-      const walletIds = {};
-      let recoverySecret;
-      for (const type of yield this.getTypesToCreate(types)) {
-        const [wallet, recoveryShare] = yield this.createWallet({ type, skipDistribute });
-        wallets.push(wallet);
-        getEquivalentTypes(type).filter((t) => !!this.isWalletTypeEnabled[t]).forEach((t) => {
-          walletIds[t] = [wallet.id];
-        });
-        if (recoveryShare) {
-          recoverySecret = recoveryShare;
-        }
-      }
-      return { wallets, walletIds, recoverySecret };
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _walletService).createWalletPerType(params);
     });
   }
   /**
@@ -2541,38 +1915,9 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {boolean} [opts.redistributeBackupEncryptedShares] whether or not to redistribute backup encrypted shares.
    * @returns {Object} the new user share and recovery secret.
    **/
-  refreshShare(_0) {
-    return __async(this, arguments, function* ({
-      walletId,
-      share,
-      oldPartnerId,
-      newPartnerId,
-      keyShareProtocolId,
-      redistributeBackupEncryptedShares
-    }) {
-      const { signer, protocolId } = yield this.platformUtils.refresh(
-        this.ctx,
-        this.retrieveSessionCookie(),
-        this.userId,
-        walletId,
-        share,
-        oldPartnerId,
-        newPartnerId,
-        keyShareProtocolId
-      );
-      const recoverySecret = yield distributeNewShare({
-        ctx: this.ctx,
-        userId: this.userId,
-        walletId,
-        userShare: signer,
-        ignoreRedistributingBackupEncryptedShare: !redistributeBackupEncryptedShares,
-        emailProps: this.getBackupKitEmailProps(),
-        partnerId: newPartnerId,
-        protocolId,
-        isEnclaveUser: this.isEnclaveUser,
-        walletScheme: this.wallets[walletId].scheme
-      });
-      return { signer, recoverySecret, protocolId };
+  refreshShare(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _walletService).refreshShare(params);
     });
   }
   /**
@@ -2583,80 +1928,22 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns {[Wallet, string | null]} `[wallet, recoveryShare]` - the wallet object and the new recovery share.
    **/
   createWallet() {
-    return __async(this, arguments, function* ({
-      type: _type,
-      skipDistribute = false
-    } = {}) {
-      var _a, _b;
-      this.requireApiKey();
-      const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      const walletType = yield this.assertIsValidWalletType(
-        _type != null ? _type : (_a = supportedWalletTypes.find(({ optional }) => !optional)) == null ? void 0 : _a.type
-      );
-      let signer;
-      let wallet;
-      let keygenRes;
-      switch (walletType) {
-        case "SOLANA": {
-          keygenRes = yield this.platformUtils.ed25519Keygen(
-            this.ctx,
-            this.userId,
-            this.retrieveSessionCookie(),
-            this.getBackupKitEmailProps()
-          );
-          break;
-        }
-        default: {
-          keygenRes = yield this.platformUtils.keygen(
-            this.ctx,
-            this.userId,
-            walletType,
-            null,
-            this.retrieveSessionCookie(),
-            this.getBackupKitEmailProps()
-          );
-          break;
-        }
-      }
-      const walletId = keygenRes.walletId;
-      const walletScheme = walletType === "SOLANA" ? "ED25519" : "DKLS";
-      signer = keygenRes.signer;
-      yield this.waitForWalletAddress(walletId);
-      let recoveryShare = null;
-      if (!skipDistribute) {
-        recoveryShare = yield distributeNewShare({
-          ctx: this.ctx,
-          userId: this.userId,
-          walletId,
-          userShare: signer,
-          emailProps: this.getBackupKitEmailProps(),
-          isEnclaveUser: this.isEnclaveUser,
-          walletScheme
-        });
-      }
-      this.wallets[walletId] = {
-        id: walletId,
-        signer,
-        scheme: walletScheme,
-        type: walletType
-      };
-      wallet = this.wallets[walletId];
-      yield this.populateWalletAddresses();
-      yield this.setCurrentWalletIds(__spreadProps(__spreadValues({}, this.currentWalletIds), {
-        [walletType]: [.../* @__PURE__ */ new Set([...(_b = this.currentWalletIds[walletType]) != null ? _b : [], walletId])]
-      }));
-      const walletNoSigner = __spreadValues({}, wallet);
-      delete walletNoSigner.signer;
-      dispatchEvent(ParaEvent.WALLET_CREATED, {
-        wallet: walletNoSigner,
-        recoverySecret: recoveryShare
-      });
-      return [wallet, recoveryShare];
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _walletService).createWallet(params);
     });
   }
-  createPregenWallet(opts) {
+  /**
+   * Creates a new pregenerated wallet.
+   *
+   * @param {Object} opts the options object.
+   * @param {string} opts.pregenIdentifier the identifier associated with the new wallet.
+   * @param {TPregenIdentifierType} [opts.pregenIdentifierType] the identifier type. Defaults to `EMAIL`.
+   * @param {TWalletType} [opts.type] the type of wallet to create. Defaults to the first non-optional type in the instance's `supportedWalletTypes` array.
+   * @returns {Wallet} the created wallet.
+   **/
+  createPregenWallet(params) {
     return __async(this, null, function* () {
-      return yield __privateMethod(this, _ParaCore_instances, createPregenWallet_fn).call(this, opts);
+      return yield __privateGet(this, _pregenWalletService).createPregenWallet(params);
     });
   }
   /**
@@ -2669,17 +1956,9 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {TWalletType[]} [opts.types] the wallet types to create. Defaults to any types the instance supports that are not already present.
    * @returns {Wallet[]} an array containing the created wallets.
    **/
-  createPregenWalletPerType(_0) {
-    return __async(this, arguments, function* ({
-      types,
-      pregenId
-    }) {
-      const wallets = [];
-      for (const type of yield this.getTypesToCreate(types)) {
-        const wallet = yield this.createPregenWallet({ type, pregenId });
-        wallets.push(wallet);
-      }
-      return wallets;
+  createPregenWalletPerType(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _pregenWalletService).createPregenWalletPerType(params);
     });
   }
   /**
@@ -2690,70 +1969,8 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns {[Wallet, string | null]} `[wallet, recoveryShare]` - the wallet object and the new recovery share.
    **/
   claimPregenWallets() {
-    return __async(this, arguments, function* ({
-      pregenId
-    } = {}) {
-      var _a;
-      this.requireApiKey();
-      const pregenWallets = pregenId ? yield this.getPregenWallets({ pregenId }) : yield this.getPregenWallets();
-      if (pregenWallets.length === 0) {
-        return void 0;
-      }
-      const missingWallets = pregenWallets.filter((wallet) => !this.wallets[wallet.id]);
-      if (missingWallets.length > 0) {
-        throw new Error(
-          `Cannot claim pregen wallets because wallet data is missing. Please call setUserShare first to load the wallet data for the following wallet IDs: ${missingWallets.map((w) => w.id).join(", ")}`
-        );
-      }
-      let newRecoverySecret;
-      const { walletIds } = yield this.ctx.client.claimPregenWallets({
-        userId: this.userId,
-        walletIds: pregenWallets.map((w) => w.id)
-      });
-      for (const walletId of walletIds) {
-        const wallet = this.wallets[walletId];
-        let refreshedShare;
-        if (wallet.scheme === "ED25519") {
-          const distributeRes = yield distributeNewShare({
-            ctx: this.ctx,
-            userId: this.userId,
-            walletId: wallet.id,
-            userShare: this.wallets[wallet.id].signer,
-            emailProps: this.getBackupKitEmailProps(),
-            partnerId: wallet.partnerId,
-            isEnclaveUser: this.isEnclaveUser,
-            walletScheme: wallet.scheme
-          });
-          if (distributeRes.length > 0) {
-            newRecoverySecret = distributeRes;
-          }
-        } else {
-          refreshedShare = yield this.refreshShare({
-            walletId: wallet.id,
-            share: this.wallets[wallet.id].signer,
-            oldPartnerId: wallet.partnerId,
-            newPartnerId: wallet.partnerId,
-            redistributeBackupEncryptedShares: true
-          });
-          if (refreshedShare.recoverySecret) {
-            newRecoverySecret = refreshedShare.recoverySecret;
-          }
-        }
-        this.wallets[wallet.id] = __spreadProps(__spreadValues({}, this.wallets[wallet.id]), {
-          signer: (_a = refreshedShare == null ? void 0 : refreshedShare.signer) != null ? _a : wallet.signer,
-          userId: this.userId,
-          pregenIdentifier: void 0,
-          pregenIdentifierType: void 0
-        });
-        const walletNoSigner = __spreadValues({}, this.wallets[wallet.id]);
-        delete walletNoSigner.signer;
-        dispatchEvent(ParaEvent.PREGEN_WALLET_CLAIMED, {
-          wallet: walletNoSigner,
-          recoverySecret: newRecoverySecret
-        });
-      }
-      yield this.setWallets(this.wallets);
-      return newRecoverySecret;
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _pregenWalletService).claimPregenWallets(params);
     });
   }
   /**
@@ -2763,24 +1980,9 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {string} opts.newPregenIdentifier the new identtifier
    * @param {TPregenIdentifierType} opts.newPregenIdentifierType: the new identifier type
    **/
-  updatePregenWalletIdentifier(_0) {
-    return __async(this, arguments, function* ({
-      walletId,
-      newPregenId
-    }) {
-      this.requireApiKey();
-      const [newPregenIdentifierType, newPregenIdentifier] = toPregenTypeAndId(newPregenId);
-      yield this.ctx.client.updatePregenWallet(walletId, {
-        pregenIdentifier: newPregenIdentifier,
-        pregenIdentifierType: newPregenIdentifierType
-      });
-      if (!!this.wallets[walletId]) {
-        this.wallets[walletId] = __spreadProps(__spreadValues({}, this.wallets[walletId]), {
-          pregenIdentifier: newPregenIdentifier,
-          pregenIdentifierType: newPregenIdentifierType
-        });
-        yield this.setWallets(this.wallets);
-      }
+  updatePregenWalletIdentifier(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _pregenWalletService).updatePregenWalletIdentifier(params);
     });
   }
   /**
@@ -2790,18 +1992,9 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {TPregenIdentifierType} opts.pregenIdentifierType type of the string of the identifier of the user claiming the wallet
    * @returns {boolean} whether the pregen wallet exists
    **/
-  hasPregenWallet(_0) {
-    return __async(this, arguments, function* ({ pregenId }) {
-      this.requireApiKey();
-      const [pregenIdentifierType, pregenIdentifier] = toPregenTypeAndId(pregenId);
-      const wallets = yield this.getPregenWallets({ pregenId });
-      const wallet = wallets.find(
-        (w) => w.pregenIdentifier === pregenIdentifier && w.pregenIdentifierType === pregenIdentifierType
-      );
-      if (!wallet) {
-        return false;
-      }
-      return true;
+  hasPregenWallet(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _pregenWalletService).hasPregenWallet(params);
     });
   }
   /**
@@ -2812,64 +2005,21 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @returns {Promise<WalletEntity[]>} the array of found wallets
    **/
   getPregenWallets() {
-    return __async(this, arguments, function* ({ pregenId } = {}) {
-      this.requireApiKey();
-      const res = yield this.ctx.client.getPregenWallets(
-        pregenId ? toPregenIds(pregenId) : this.pregenIds,
-        this.isPortal(),
-        this.userId
-      );
-      return res.wallets.filter((w) => this.isWalletSupported(entityToWallet(w)));
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _pregenWalletService).getPregenWallets(params);
     });
   }
   createGuestWallets() {
     return __async(this, null, function* () {
-      let error;
-      if (__privateGet(this, _isCreateGuestWalletsPending)) {
-        error = new Error("Guest wallets creation already in progress");
-        dispatchEvent(ParaEvent.GUEST_WALLETS_CREATED, null, error.message);
-        throw error;
-      }
-      if (this.isGuestMode) {
-        error = new Error("Guest wallets already created");
-        dispatchEvent(ParaEvent.GUEST_WALLETS_CREATED, null, error.message);
-        throw error;
-      }
-      try {
-        __privateSet(this, _isCreateGuestWalletsPending, true);
-        const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-        const wallets = [];
-        const guestId = newUuid();
-        for (const type of yield this.getTypesToCreate(
-          supportedWalletTypes.filter(({ optional }) => !optional).map(({ type: type2 }) => type2)
-        )) {
-          const wallet = yield __privateMethod(this, _ParaCore_instances, createPregenWallet_fn).call(this, { type, pregenId: { guestId } });
-          wallets.push(wallet);
-        }
-        dispatchEvent(ParaEvent.GUEST_WALLETS_CREATED, wallets);
-        __privateSet(this, _isCreateGuestWalletsPending, false);
-        return wallets;
-      } catch (error2) {
-        dispatchEvent(ParaEvent.GUEST_WALLETS_CREATED, null, error2 == null ? void 0 : error2.message);
-        __privateSet(this, _isCreateGuestWalletsPending, false);
-        throw error2;
-      }
+      return yield __privateGet(this, _pregenWalletService).createGuestWallets();
     });
   }
-  encodeWalletBase64(wallet) {
-    const walletJson = JSON.stringify(wallet);
-    const base64Wallet = Buffer.from(walletJson).toString("base64");
-    return base64Wallet;
-  }
   /**
    * Encodes the current wallets encoded in Base 64.
    * @returns {string} the encoded wallet string
    **/
   getUserShare() {
-    if (Object.values(this.wallets).length === 0) {
-      return null;
-    }
-    return Object.values(this.wallets).map((wallet) => this.encodeWalletBase64(wallet)).join("-");
+    return __privateGet(this, _walletService).getUserShare();
   }
   /**
    * Sets the current wallets from a Base 64 string.
@@ -2877,16 +2027,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    **/
   setUserShare(base64Wallets) {
     return __async(this, null, function* () {
-      if (!base64Wallets) {
-        return;
-      }
-      const base64WalletsSplit = base64Wallets.split("-");
-      for (const base64Wallet of base64WalletsSplit) {
-        const walletJson = Buffer.from(base64Wallet, "base64").toString();
-        const wallet = migrateWallet(JSON.parse(walletJson));
-        this.wallets[wallet.id] = wallet;
-        yield this.setWallets(this.wallets);
-      }
+      return yield __privateGet(this, _walletService).setUserShare(base64Wallets);
     });
   }
   getTransactionReviewUrl(transactionId, timeoutMs) {
@@ -2910,6 +2051,11 @@ Need help? Visit: https://docs.getpara.com or contact support
       });
     });
   }
+  getWalletBalance(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _walletService).getWalletBalance(params);
+    });
+  }
   /**
    * Signs a message using one of the current wallets.
    *
@@ -2932,7 +2078,7 @@ Need help? Visit: https://docs.getpara.com or contact support
       onPoll
     }) {
       var _a;
-      this.assertIsValidWalletId(walletId);
+      __privateGet(this, _walletService).assertIsValidWalletId(walletId);
       const wallet = this.wallets[walletId];
       let signerId = this.userId;
       if (wallet.partnerId && !wallet.userId) {
@@ -3037,7 +2183,7 @@ Need help? Visit: https://docs.getpara.com or contact support
       onPoll
     }) {
       var _a;
-      this.assertIsValidWalletId(walletId);
+      __privateGet(this, _walletService).assertIsValidWalletId(walletId);
       const wallet = this.wallets[walletId];
       let signerId = this.userId;
       if (wallet.partnerId && !wallet.userId) {
@@ -3143,12 +2289,7 @@ Need help? Visit: https://docs.getpara.com or contact support
    **/
   keepSessionAlive() {
     return __async(this, null, function* () {
-      try {
-        yield this.ctx.client.keepSessionAlive(this.userId);
-        return true;
-      } catch (e) {
-        return false;
-      }
+      return yield __privateGet(this, _sessionManagementService).keepSessionAlive();
     });
   }
   /**
@@ -3158,10 +2299,10 @@ Need help? Visit: https://docs.getpara.com or contact support
    */
   exportSession({ excludeSigners = false } = {}) {
     const sessionInfo = {
-      authInfo: __privateGet(this, _authInfo),
+      authInfo: __privateGet(this, _authService).authInfo,
       userId: this.userId,
       wallets: structuredClone(this.wallets),
-      currentWalletIds: this.currentWalletIds,
+      currentWalletIds: __privateGet(this, _walletService).currentWalletIds,
       sessionCookie: this.retrieveSessionCookie(),
       externalWallets: this.externalWallets
     };
@@ -3179,10 +2320,25 @@ Need help? Visit: https://docs.getpara.com or contact support
   importSession(serializedInstanceBase64) {
     return __async(this, null, function* () {
       var _a, _b;
+      yield waitForAuthStateChange({
+        stateManager: __privateGet(this, _stateManager),
+        resolvePhases: [{ phase: "unauthenticated", onPhase: () => void 0 }],
+        rejectPhases: [
+          {
+            phase: "authenticated",
+            onPhase: () => new Error("Cannot import a session into a Para instance that already has an active session.")
+          },
+          {
+            phase: "guest_mode",
+            onPhase: () => new Error("Cannot import a session into a Para instance that is in guest mode.")
+          }
+        ],
+        waitForCoreAuthenticated: false
+      });
       const serializedInstance = Buffer.from(serializedInstanceBase64, "base64").toString("utf8");
       const sessionInfo = jsonParse(serializedInstance);
       const authInfo = (_a = sessionInfo.authInfo) != null ? _a : __privateMethod(this, _ParaCore_instances, toAuthInfo_fn).call(this, sessionInfo);
-      yield __privateMethod(this, _ParaCore_instances, setAuthInfo_fn).call(this, authInfo);
+      yield __privateGet(this, _authService).setAuthInfo(authInfo);
       yield this.setUserId(sessionInfo.userId);
       yield this.setWallets(sessionInfo.wallets);
       yield this.setExternalWallets(sessionInfo.externalWallets || {});
@@ -3203,7 +2359,10 @@ Need help? Visit: https://docs.getpara.com or contact support
         }
         yield this.setCurrentWalletIds(currentWalletIds);
       }
+      __privateGet(this, _sessionManagementService).isImportedSession = true;
+      yield this.localStorageSetItem(constants.LOCAL_STORAGE_IS_IMPORTED_SESSION, JSON.stringify(true));
       this.persistSessionCookie(sessionInfo.sessionCookie);
+      __privateGet(this, _stateManager).send({ type: "SESSION_IMPORTED" });
     });
   }
   /**
@@ -3212,22 +2371,12 @@ Need help? Visit: https://docs.getpara.com or contact support
    **/
   getVerificationToken() {
     return __async(this, null, function* () {
-      const { sessionLookupId } = yield this.touchSession();
-      return sessionLookupId;
+      return yield __privateGet(this, _sessionManagementService).getVerificationToken();
     });
   }
   issueJwt() {
-    return __async(this, arguments, function* ({ keyIndex = 0 } = {}) {
-      try {
-        return yield this.ctx.client.issueJwt({ keyIndex });
-      } catch (error) {
-        if (error.status === 403 || error.status === 401) {
-          const errorMessage = "The user needs to be logged in to issue a JWT. Please log in and try again.";
-          this.displayModalError(errorMessage);
-          console.warn(errorMessage);
-        }
-        throw error;
-      }
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _sessionManagementService).issueJwt(params);
     });
   }
   /**
@@ -3237,30 +2386,39 @@ Need help? Visit: https://docs.getpara.com or contact support
    **/
   logout() {
     return __async(this, arguments, function* ({ clearPregenWallets = false } = {}) {
-      const shouldDispatchLogoutEvent = yield this.isSessionActive();
-      yield this.ctx.client.logout();
-      yield this.clearStorage();
-      if (!clearPregenWallets) {
-        Object.entries(this.wallets).forEach(([id, wallet]) => {
-          if (!wallet.pregenIdentifier) {
-            delete this.wallets[id];
-          }
+      yield __privateMethod(this, _ParaCore_instances, logout_fn).call(this, { clearPregenWallets });
+      __privateGet(this, _pollingService).cancelAllPolling();
+      yield __privateGet(this, _externalWalletService).disconnectAllExternalWallets();
+      try {
+        yield waitForAuthStateChange({
+          stateManager: __privateGet(this, _stateManager),
+          resolvePhases: [{ phase: "unauthenticated", onPhase: () => void 0 }],
+          rejectInErrorPhaseOnly: true,
+          timeoutMs: 5e3
         });
-        yield this.setWallets(this.wallets);
-      } else {
-        this.wallets = {};
+      } catch (e) {
       }
-      this.currentWalletIds = {};
-      this.externalWallets = {};
-      this.loginEncryptionKeyPair = void 0;
-      __privateSet(this, _authInfo, void 0);
-      this.accountLinkInProgress = void 0;
-      this.userId = void 0;
-      this.sessionCookie = void 0;
-      this.isEnclaveUser = false;
-      if (shouldDispatchLogoutEvent) {
-        dispatchEvent(ParaEvent.LOGOUT_EVENT, null);
+    });
+  }
+  /**
+   * Cancels any in-progress authentication flow, returning the auth state machine
+   * to its initial unauthenticated state. Does not affect existing sessions or stored data.
+   *
+   * Resolves once the auth state machine has settled back to `unauthenticated`.
+   */
+  cancelAuthFlow() {
+    return __async(this, null, function* () {
+      if (this.authPhase === "unauthenticated" || this.authPhase === "error") {
+        return;
       }
+      const settled = waitForAuthStateChange({
+        stateManager: __privateGet(this, _stateManager),
+        resolvePhases: [{ phase: "unauthenticated", onPhase: () => true }],
+        rejectInErrorPhaseOnly: true,
+        timeoutMs: 5e3
+      });
+      __privateGet(this, _stateManager).send({ type: "CANCEL" });
+      yield settled;
     });
   }
   get toStringAdditions() {
@@ -3293,16 +2451,16 @@ Need help? Visit: https://docs.getpara.com or contact support
       partnerId: (_a = this.partner) == null ? void 0 : _a.id,
       supportedWalletTypes: (_b = this.partner) == null ? void 0 : _b.supportedWalletTypes,
       cosmosPrefix: (_c = this.partner) == null ? void 0 : _c.cosmosPrefix,
-      authInfo: __privateGet(this, _authInfo),
+      authInfo: __privateGet(this, _authService).authInfo,
       isGuestMode: this.isGuestMode,
       userId: this.userId,
       pregenIds: this.pregenIds,
-      currentWalletIds: this.currentWalletIds,
-      guestWalletIds: __privateGet(this, _ParaCore_instances, guestWalletIds_get),
+      currentWalletIds: __privateGet(this, _walletService).currentWalletIds,
+      guestWalletIds: __privateGet(this, _pregenWalletService).guestWalletIds,
       wallets: redactedWallets,
       externalWallets: redactedExternalWallets,
       loginEncryptionKeyPair: this.loginEncryptionKeyPair ? "[REDACTED]" : void 0,
-      isReady: this.isReady
+      isSetup: this.isSetup
     }, this.toStringAdditions), {
       ctx: {
         apiKey: this.ctx.apiKey,
@@ -3318,90 +2476,13 @@ Need help? Visit: https://docs.getpara.com or contact support
     return `Para ${JSON.stringify(obj, null, 2)}`;
   }
   devLog(...s) {
-    if (this.ctx.env === Environment.DEV || this.ctx.env === Environment.SANDBOX) {
+    if (this.ctx.env === Environment.DEV || this.ctx.env === Environment.SANDBOX || !!__privateGet(this, _debugLogsEnabled)) {
       console.log(...s);
     }
   }
   getNewCredentialAndUrl() {
-    return __async(this, arguments, function* ({
-      authMethod: optsAuthMethod,
-      isForNewDevice = false,
-      portalTheme,
-      shorten = false
-    } = {}) {
-      const userAuthMethods = yield this.supportedUserAuthMethods();
-      const isEnclaveUser = userAuthMethods.has(AuthMethod.BASIC_LOGIN);
-      const isAddingBasicLogin = optsAuthMethod === "BASIC_LOGIN";
-      if (isEnclaveUser && isAddingBasicLogin) {
-        throw new Error("That user is already using basic login");
-      }
-      if (isEnclaveUser || isAddingBasicLogin) {
-        isForNewDevice = true;
-      }
-      const authMethods = optsAuthMethod ? [optsAuthMethod] : isForNewDevice ? ["PASSKEY", "PIN", "PASSWORD"] : ["PASSKEY"];
-      this.assertIsAuthSet();
-      let passkeyId, passwordId, urlType, credentialId;
-      if (!isAddingBasicLogin) {
-        const canAddPasswordOrPIN = !userAuthMethods.has(AuthMethod.PASSWORD) && !userAuthMethods.has(AuthMethod.PIN);
-        if (authMethods.includes("PASSKEY") && (yield this.isPasskeySupported())) {
-          ({
-            data: { id: passkeyId }
-          } = yield this.ctx.client.addSessionPublicKey(this.userId, {
-            status: AuthMethodStatus.PENDING,
-            type: PublicKeyType.WEB
-          }));
-          urlType = "createAuth";
-        }
-        if (authMethods.includes("PASSWORD")) {
-          if (!canAddPasswordOrPIN) {
-            if (optsAuthMethod === "PASSWORD") throw new Error("A user cannot have more than one password or PIN.");
-          } else {
-            ({
-              data: { id: passwordId }
-            } = yield this.ctx.client.addSessionPasswordPublicKey(this.userId, {
-              status: AuthMethodStatus.PENDING
-            }));
-            urlType = "createPassword";
-          }
-        }
-        if (authMethods.includes("PIN")) {
-          if (!canAddPasswordOrPIN) {
-            if (optsAuthMethod === "PIN") throw new Error("A user cannot have more than one password or PIN.");
-          } else {
-            ({
-              data: { id: passwordId }
-            } = yield this.ctx.client.addSessionPasswordPublicKey(this.userId, {
-              status: AuthMethodStatus.PENDING
-            }));
-            urlType = "createPIN";
-          }
-        }
-        credentialId = passkeyId != null ? passkeyId : passwordId;
-        if (this.isNativePasskey && authMethods.includes("PASSKEY")) {
-          return { credentialId };
-        }
-      }
-      const { sessionId } = yield this.touchSession();
-      const url = (isForNewDevice || urlType) && (yield this.constructPortalUrl(isForNewDevice ? "addNewCredential" : urlType, {
-        isForNewDevice,
-        pathId: credentialId,
-        portalTheme,
-        shorten,
-        sessionId: isForNewDevice ? sessionId : void 0,
-        addNewCredentialType: optsAuthMethod,
-        addNewCredentialPasskeyId: passkeyId,
-        addNewCredentialPasswordId: passwordId
-      }));
-      return __spreadValues({ credentialId }, url ? { url } : {});
-    });
-  }
-  addCredential(_0) {
-    return __async(this, arguments, function* ({ authMethod }) {
-      if (authMethod === "PASSKEY" && !(yield this.isPasskeySupported())) {
-        throw new Error("Passkeys are not supported.");
-      }
-      const { url } = yield this.getNewCredentialAndUrl({ isForNewDevice: true, authMethod });
-      return url;
+    return __async(this, arguments, function* (params = {}) {
+      return yield __privateGet(this, _authService).getNewCredentialAndUrl(params);
     });
   }
   /**
@@ -3412,92 +2493,34 @@ Need help? Visit: https://docs.getpara.com or contact support
    * @param {Theme} opts.portalTheme the Para Portal theme to apply to the password creation URL, if other than the default theme
    * @returns {SignUpOrLogInResponse} an object in the form of either: `{ stage: 'verify' }` or `{ stage: 'login'; passkeyUrl?: string; passwordUrl?: string; biometricHints?: BiometricLocationHint[] }`
    */
-  getLoginUrl(_0) {
-    return __async(this, arguments, function* ({
-      authMethod = "PASSKEY",
-      shorten = false,
-      portalTheme,
-      sessionId
-    }) {
-      if (!sessionId) {
-        sessionId = (yield this.touchSession()).sessionLookupId;
-      }
-      this.assertIsAuthSet();
-      let urlType;
-      switch (authMethod) {
-        case "PASSKEY":
-          urlType = "loginAuth";
-          break;
-        case "PASSWORD":
-          urlType = "loginPassword";
-          break;
-        case "PIN":
-          urlType = "loginPIN";
-          break;
-        case "BASIC_LOGIN":
-          urlType = this.authInfo.authType === "externalWallet" ? "loginExternalWallet" : "loginOTP";
-          break;
-        default:
-          throw new Error(`invalid authentication method: '${authMethod}'`);
-      }
-      return this.constructPortalUrl(urlType, {
-        sessionId,
-        shorten,
-        portalTheme
-      });
+  getLoginUrl(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _portalUrlService).getLoginUrl(params);
     });
   }
   prepareLogin() {
     return __async(this, null, function* () {
-      yield this.logout();
-      const { sessionLookupId } = yield this.touchSession(true);
-      if (!this.loginEncryptionKeyPair) {
-        yield this.setLoginEncryptionKeyPair();
-      }
-      return sessionLookupId;
+      return __privateGet(this, _authService).prepareLogin();
     });
   }
-  signUpOrLogIn(_i) {
+  signUpOrLogIn(params) {
     return __async(this, null, function* () {
-      var _j = _i, { auth } = _j, urlOptions = __objRest(_j, ["auth"]);
-      let serverAuthState;
-      try {
-        serverAuthState = yield this.ctx.client.signUpOrLogIn(__spreadValues(__spreadValues({}, auth), this.getVerificationEmailProps()));
-      } catch (error) {
-        if (error.message.includes("max beta users reached")) {
-          this.displayModalError(
-            `50 user limit reached. [Go to Production.](https://docs.getpara.com/v2/general/checklist#go-live-checklist)`
-          );
-        }
-        throw error;
-      }
-      const authInfo = serverAuthState.auth;
-      if (this.fetchPregenWalletsOverride && isPregenAuth(authInfo)) {
-        const { userShare } = yield this.fetchPregenWalletsOverride({ pregenId: authInfo });
-        if (userShare) {
-          yield this.setUserShare(userShare);
-        }
-      }
-      return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, __spreadValues({}, urlOptions));
+      return yield __privateGet(this, _authService).signUpOrLogIn(params);
     });
   }
-  verifyNewAccount(_k) {
+  authenticateWithEmailOrPhone(params) {
     return __async(this, null, function* () {
-      var _l = _k, {
-        verificationCode
-      } = _l, urlOptions = __objRest(_l, [
-        "verificationCode"
-      ]);
-      this.assertIsAuthSet(["email", "phone"]);
-      const userId = this.assertUserId({ allowGuestMode: true });
-      const serverAuthState = yield this.ctx.client.verifyAccount(userId, {
-        verificationCode
-      });
-      if (serverAuthState.stage === "login" || serverAuthState.stage === "done") {
-        throw new Error("Account already exists.");
-      }
-      yield this.touchSession(true);
-      return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
+      return yield __privateGet(this, _authService).authenticateWithEmailOrPhone(params);
+    });
+  }
+  authenticateWithOAuth(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).authenticateWithOAuth(params);
+    });
+  }
+  verifyNewAccount(params) {
+    return __async(this, null, function* () {
+      return yield __privateGet(this, _authService).verifyNewAccount(params);
     });
   }
   getLinkedAccounts() {
@@ -3583,10 +2606,10 @@ Need help? Visit: https://docs.getpara.com or contact support
     });
   }
   verifyLink() {
-    return __async(this, arguments, function* (_m = {}) {
-      var _n = _m, {
+    return __async(this, arguments, function* (_e = {}) {
+      var _f = _e, {
         accountLinkInProgress = __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this)
-      } = _n, opts = __objRest(_n, [
+      } = _f, opts = __objRest(_f, [
         "accountLinkInProgress"
       ]);
       try {
@@ -3668,7 +2691,15 @@ Need help? Visit: https://docs.getpara.com or contact support
     });
   }
 };
-_authInfo = new WeakMap();
+_stateManager = new WeakMap();
+_authService = new WeakMap();
+_walletService = new WeakMap();
+_externalWalletService = new WeakMap();
+_pregenWalletService = new WeakMap();
+_pollingService = new WeakMap();
+_portalUrlService = new WeakMap();
+_sessionManagementService = new WeakMap();
+_debugLogsEnabled = new WeakMap();
 _ParaCore_instances = new WeakSet();
 assertPartner_fn = function() {
   return __async(this, null, function* () {
@@ -3682,27 +2713,6 @@ assertPartner_fn = function() {
     return this.partner;
   });
 };
-guestWalletIds_get = function() {
-  var _a, _b, _c;
-  if (!((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes)) {
-    return {};
-  }
-  const guestId = (_c = (_b = this.pregenIds) == null ? void 0 : _b.GUEST_ID) == null ? void 0 : _c[0];
-  return !!guestId ? Object.entries(this.wallets).reduce((acc, [id, wallet]) => {
-    if (wallet.isPregen && !wallet.userId && wallet.pregenIdentifierType === "GUEST_ID" && wallet.pregenIdentifier === guestId) {
-      return __spreadValues(__spreadValues({}, acc), getEquivalentTypes(wallet.type).filter((type) => this.partner.supportedWalletTypes.some((entry) => entry.type === type)).reduce((acc2, eqType) => {
-        var _a2;
-        return __spreadProps(__spreadValues({}, acc2), { [eqType]: [.../* @__PURE__ */ new Set([...(_a2 = acc2[eqType]) != null ? _a2 : [], id])] });
-      }, {}));
-    }
-    return acc;
-  }, {}) : {};
-};
-guestWalletIdsArray_get = function() {
-  return Object.entries(__privateGet(this, _ParaCore_instances, guestWalletIds_get)).reduce((acc, [type, ids]) => {
-    return [...acc, ...ids.map((id) => [id, type])];
-  }, []);
-};
 toAuthInfo_fn = function({
   email,
   phone,
@@ -3734,27 +2744,6 @@ toAuthInfo_fn = function({
   }
   return extractAuthInfo(auth);
 };
-setAuthInfo_fn = function(authInfo) {
-  return __async(this, null, function* () {
-    __privateSet(this, _authInfo, authInfo);
-    yield this.localStorageSetItem(constants.LOCAL_STORAGE_AUTH_INFO, JSON.stringify(authInfo));
-    yield this.localStorageRemoveItem(constants.LOCAL_STORAGE_EMAIL);
-    yield this.localStorageRemoveItem(constants.LOCAL_STORAGE_PHONE);
-    yield this.localStorageRemoveItem(constants.LOCAL_STORAGE_COUNTRY_CODE);
-    yield this.localStorageRemoveItem(constants.LOCAL_STORAGE_FARCASTER_USERNAME);
-    yield this.localStorageRemoveItem(constants.LOCAL_STORAGE_TELEGRAM_USER_ID);
-  });
-};
-getPartner_fn = function(partnerId) {
-  return __async(this, null, function* () {
-    if (this.isPartnerOptional && !partnerId) {
-      return void 0;
-    }
-    const res = yield this.ctx.client.getPartner(partnerId);
-    this.partner = res.data.partner;
-    return this.partner;
-  });
-};
 assertIsLinkingAccount_fn = function(types) {
   if (!this.accountLinkInProgress || this.accountLinkInProgress.isComplete) {
     throw new Error("no account linking in progress");
@@ -3774,49 +2763,6 @@ assertIsLinkingAccountOrStart_fn = function(type) {
     return yield this.linkAccount({ type });
   });
 };
-getOAuthUrl_fn = function(_0) {
-  return __async(this, arguments, function* ({
-    method,
-    appScheme,
-    accountLinkInProgress,
-    sessionLookupId,
-    encryptionKey,
-    portalCallbackParams
-  }) {
-    if (!accountLinkInProgress && !this.isPortal()) {
-      return yield this.constructPortalUrl("oAuth", { sessionId: sessionLookupId, oAuthMethod: method, appScheme });
-    }
-    const [portalSessionLookupId, callback] = yield Promise.all([
-      this.isPortal() ? this.touchSession(true).then((s) => s.sessionLookupId) : Promise.resolve(void 0),
-      !accountLinkInProgress ? this.constructPortalUrl("oAuthCallback", __spreadValues({
-        sessionId: sessionLookupId,
-        oAuthMethod: method,
-        appScheme,
-        thisDevice: {
-          sessionId: sessionLookupId,
-          encryptionKey
-        }
-      }, this.isPortal() && {
-        params: portalCallbackParams,
-        // Build callback for legacy portal if needed
-        useLegacyUrl: typeof window !== "undefined" ? window.location.host.includes("usecapsule") : false
-      })) : Promise.resolve(false)
-    ]);
-    return constructUrl({
-      base: getBaseOAuthUrl(this.ctx.env),
-      path: `/auth/${method.toLowerCase()}`,
-      params: __spreadValues(__spreadValues({
-        apiKey: this.ctx.apiKey,
-        origin: typeof window !== "undefined" ? window.location.origin : void 0,
-        sessionLookupId,
-        portalSessionLookupId,
-        appScheme
-      }, accountLinkInProgress ? {
-        linkedAccountId: this.accountLinkInProgress.id
-      } : {}), callback && { callback })
-    });
-  });
-};
 waitForLoginProcess_fn = function() {
   return __async(this, arguments, function* ({
     isCanceled = () => false,
@@ -3844,7 +2790,7 @@ waitForLoginProcess_fn = function() {
         var _a;
         if (!this.isExternalWalletAuth && !isSwitchingWallets) {
           this.devLog("[waitForLoginProcess] Clearing external wallets");
-          this.externalWallets = {};
+          __privateGet(this, _externalWalletService).externalWallets = {};
         }
         let pollCount = 0;
         while (true) {
@@ -3889,7 +2835,7 @@ waitForLoginProcess_fn = function() {
               continue;
             }
             this.devLog("[waitForLoginProcess] Authentication check passed, setting up user");
-            session = yield this.userSetupAfterLogin();
+            session = yield this.userSetupAfterLogin(session);
             const needsWallet = (_a = session.needsWallet) != null ? _a : false;
             this.devLog("[waitForLoginProcess] User setup complete", { needsWallet });
             if (isSwitchingWallets) {
@@ -3914,7 +2860,9 @@ waitForLoginProcess_fn = function() {
               }
             }
             this.devLog("[waitForLoginProcess] Getting transmission key shares");
-            const tempSharesRes = yield this.getTransmissionKeyShares();
+            const tempSharesRes = yield this.getTransmissionKeyShares({
+              sessionLookupId: session.sessionLookupId
+            });
             this.devLog("[waitForLoginProcess] Transmission shares received", {
               shareCount: tempSharesRes.data.temporaryShares.length,
               shares: tempSharesRes.data.temporaryShares.map((s) => ({
@@ -3981,224 +2929,41 @@ waitForLoginProcess_fn = function() {
     });
   });
 };
-createPregenWallet_fn = function(opts) {
-  return __async(this, null, function* () {
-    var _a, _b;
-    const { supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-    const { type: _type = (_a = supportedWalletTypes.find(({ optional }) => !optional)) == null ? void 0 : _a.type, pregenId } = opts;
-    this.requireApiKey();
-    const walletType = yield this.assertIsValidWalletType(
-      _type != null ? _type : (_b = supportedWalletTypes.find(({ optional }) => !optional)) == null ? void 0 : _b.type
-    );
-    const [pregenIdentifierType, pregenIdentifier] = toPregenTypeAndId(pregenId);
-    let keygenRes;
-    switch (walletType) {
-      case "SOLANA":
-        keygenRes = yield this.platformUtils.ed25519PreKeygen(
-          this.ctx,
-          pregenIdentifier,
-          pregenIdentifierType,
-          this.retrieveSessionCookie()
-        );
-        break;
-      default:
-        keygenRes = yield this.platformUtils.preKeygen(
-          this.ctx,
-          void 0,
-          pregenIdentifier,
-          pregenIdentifierType,
-          walletType,
-          null,
-          this.retrieveSessionCookie()
-        );
-        break;
-    }
-    const { signer, walletId } = keygenRes;
-    this.wallets[walletId] = {
-      id: walletId,
-      signer,
-      scheme: walletType === "SOLANA" ? "ED25519" : "DKLS",
-      type: walletType,
-      isPregen: true,
-      pregenIdentifier,
-      pregenIdentifierType
-    };
-    yield this.waitForPregenWalletAddress(walletId);
-    yield this.populatePregenWalletAddresses();
-    return this.wallets[walletId];
-  });
-};
-_isCreateGuestWalletsPending = new WeakMap();
-prepareAuthState_fn = function(_0) {
-  return __async(this, arguments, function* (serverAuthState, opts = {}) {
-    var _a, _b;
-    if (!opts.sessionLookupId && serverAuthState.stage === "login" && (!serverAuthState.externalWallet || !(((_a = serverAuthState.externalWallet) == null ? void 0 : _a.withFullParaAuth) && ((_b = serverAuthState.loginAuthMethods) == null ? void 0 : _b.includes(AuthMethod.PIN))))) {
-      opts.sessionLookupId = yield this.prepareLogin();
-    }
-    const { auth, externalWallet, userId, displayName, pfpUrl, username } = serverAuthState;
-    const authInfo = __spreadValues(__spreadValues({}, extractAuthInfo(auth, { isRequired: true })), Object.fromEntries(
-      Object.entries({
-        displayName,
-        pfpUrl,
-        username,
-        externalWallet
-      }).filter(([_, v]) => !!v)
-    ));
-    yield __privateMethod(this, _ParaCore_instances, setAuthInfo_fn).call(this, authInfo);
-    this.assertIsAuthSet();
-    if (!!externalWallet) {
-      yield this.setExternalWallet([externalWallet]);
-    }
-    if (!!userId) {
-      yield this.setUserId(userId);
+logout_fn = function() {
+  return __async(this, arguments, function* ({
+    clearPregenWallets = false,
+    skipStateReset = false
+  } = {}) {
+    const isSessionActive = yield this.isSessionActive();
+    if (!isSessionActive && !skipStateReset) {
+      __privateGet(this, _stateManager).send({ type: "LOGOUT" });
     }
-    let authState;
-    switch (serverAuthState.stage) {
-      case "done": {
-        authState = yield __privateMethod(this, _ParaCore_instances, prepareDoneState_fn).call(this, serverAuthState);
-        break;
-      }
-      case "verify":
-        authState = yield __privateMethod(this, _ParaCore_instances, prepareVerificationState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, opts), {
-          sessionLookupId: opts.sessionLookupId
-        }));
-        break;
-      case "login":
-        if (externalWallet && !(externalWallet == null ? void 0 : externalWallet.withFullParaAuth)) {
-          authState = serverAuthState;
-          break;
-        }
-        authState = yield __privateMethod(this, _ParaCore_instances, prepareLoginState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, opts), { sessionLookupId: opts.sessionLookupId }));
-        break;
-      case "signup":
-        if (externalWallet && !(externalWallet == null ? void 0 : externalWallet.withFullParaAuth)) {
-          authState = serverAuthState;
-          break;
+    yield this.ctx.client.logout();
+    yield this.clearStorage();
+    if (!clearPregenWallets) {
+      Object.entries(this.wallets).forEach(([id, wallet]) => {
+        if (!wallet.pregenIdentifier) {
+          delete this.wallets[id];
         }
-        authState = yield __privateMethod(this, _ParaCore_instances, prepareSignUpState_fn).call(this, serverAuthState, opts);
-        break;
-    }
-    return authState;
-  });
-};
-prepareDoneState_fn = function(doneState) {
-  return __async(this, null, function* () {
-    let isSLOPossible = doneState.authMethods.includes(AuthMethod.BASIC_LOGIN);
-    this.isEnclaveUser = isSLOPossible;
-    yield this.localStorageSetItem(constants.LOCAL_STORAGE_IS_ENCLAVE_USER, JSON.stringify(isSLOPossible));
-    return doneState;
-  });
-};
-prepareVerificationState_fn = function(_0, _1) {
-  return __async(this, arguments, function* (verifyState, {
-    useShortUrls: shorten = false,
-    portalTheme,
-    sessionLookupId
-  }) {
-    var _a;
-    let isSLOPossible = false;
-    if (verifyState.nextStage === "login") {
-      isSLOPossible = verifyState.loginAuthMethods.includes(AuthMethod.BASIC_LOGIN);
-    } else if (verifyState.nextStage === "signup") {
-      isSLOPossible = verifyState.signupAuthMethods.includes(AuthMethod.BASIC_LOGIN);
-    }
-    this.isEnclaveUser = isSLOPossible;
-    yield this.localStorageSetItem(constants.LOCAL_STORAGE_IS_ENCLAVE_USER, JSON.stringify(isSLOPossible));
-    const isExternalWalletFullAuth = (_a = verifyState.externalWallet) == null ? void 0 : _a.withFullParaAuth;
-    return __spreadValues(__spreadValues({}, verifyState), isSLOPossible || isExternalWalletFullAuth ? {
-      loginUrl: yield this.getLoginUrl({
-        authMethod: AuthMethod.BASIC_LOGIN,
-        sessionId: sessionLookupId,
-        shorten,
-        portalTheme
-      })
-    } : {});
-  });
-};
-prepareLoginState_fn = function(_0, _1) {
-  return __async(this, arguments, function* (loginState, {
-    useShortUrls: shorten = false,
-    portalTheme,
-    sessionLookupId
-  }) {
-    const _a = loginState, { loginAuthMethods = [], hasPasswordWithoutPIN } = _a, authState = __objRest(_a, ["loginAuthMethods", "hasPasswordWithoutPIN"]);
-    const isPasskeySupported = yield this.isPasskeySupported(), isPasskeyPossible = loginAuthMethods.includes(AuthMethod.PASSKEY) && !this.isNativePasskey, isPasswordPossible = loginAuthMethods.includes(AuthMethod.PASSWORD) && hasPasswordWithoutPIN, isPINPossible = loginAuthMethods.includes(AuthMethod.PIN);
-    return __spreadValues(__spreadValues(__spreadValues(__spreadProps(__spreadValues({}, authState), {
-      isPasskeySupported,
-      loginAuthMethods
-    }), isPasskeyPossible ? {
-      passkeyUrl: yield this.getLoginUrl({ sessionId: sessionLookupId, shorten, portalTheme }),
-      passkeyKnownDeviceUrl: yield this.constructPortalUrl("loginAuth", {
-        sessionId: sessionLookupId,
-        newDevice: {
-          sessionId: sessionLookupId,
-          encryptionKey: getPublicKeyHex(this.loginEncryptionKeyPair)
-        },
-        shorten,
-        portalTheme
-      })
-    } : {}), isPasswordPossible ? {
-      passwordUrl: yield this.constructPortalUrl("loginPassword", {
-        sessionId: sessionLookupId,
-        shorten,
-        portalTheme,
-        params: { isEmbedded: `${!loginState.isWalletSelectionNeeded}` }
-      })
-    } : {}), isPINPossible ? {
-      pinUrl: yield this.constructPortalUrl("loginPIN", {
-        sessionId: sessionLookupId,
-        shorten,
-        portalTheme,
-        params: { isEmbedded: `${!loginState.isWalletSelectionNeeded}` }
-      })
-    } : {});
-  });
-};
-prepareSignUpState_fn = function(_0, _1) {
-  return __async(this, arguments, function* (serverSignupState, { useShortUrls: shorten = false, portalTheme }) {
-    const _a = serverSignupState, { signupAuthMethods = [] } = _a, authState = __objRest(_a, ["signupAuthMethods"]);
-    const isPasskeySupported = yield this.isPasskeySupported();
-    const [isPasskey, isPassword, isPIN] = [
-      signupAuthMethods.includes(AuthMethod.PASSKEY),
-      signupAuthMethods.includes(AuthMethod.PASSWORD) || !isPasskeySupported,
-      signupAuthMethods.includes(AuthMethod.PIN)
-    ];
-    if (!isPasskey && !isPassword && !isPIN) {
-      throw new Error(
-        "No supported authentication methods found. Please ensure you have enabled either WebAuth passkeys, passwords or PINs in your Developer Portal settings."
-      );
-    }
-    const signupState = __spreadProps(__spreadValues({}, authState), {
-      isPasskeySupported,
-      signupAuthMethods
-    });
-    if (isPasskey) {
-      const { url: passkeyUrl, credentialId: passkeyId } = yield this.getNewCredentialAndUrl({
-        authMethod: "PASSKEY",
-        shorten
       });
-      if (passkeyUrl) signupState.passkeyUrl = passkeyUrl;
-      signupState.passkeyId = passkeyId;
-    }
-    if (isPassword) {
-      const { url: passwordUrl, credentialId: passwordId } = yield this.getNewCredentialAndUrl({
-        authMethod: "PASSWORD",
-        portalTheme,
-        shorten
-      });
-      signupState.passwordUrl = passwordUrl;
-      signupState.passwordId = passwordId;
+      yield this.setWallets(this.wallets);
+    } else {
+      __privateGet(this, _walletService).wallets = {};
     }
-    if (isPIN) {
-      const { url: pinUrl, credentialId: pinId } = yield this.getNewCredentialAndUrl({
-        authMethod: "PIN",
-        portalTheme,
-        shorten
-      });
-      signupState.pinUrl = pinUrl;
-      signupState.pinId = pinId;
+    __privateGet(this, _walletService).currentWalletIds = {};
+    __privateGet(this, _externalWalletService).externalWallets = {};
+    this.loginEncryptionKeyPair = void 0;
+    __privateGet(this, _authService).authInfo = void 0;
+    this.accountLinkInProgress = void 0;
+    __privateGet(this, _authService).userId = void 0;
+    __privateGet(this, _sessionManagementService).sessionCookie = void 0;
+    this.isEnclaveUser = false;
+    if (isSessionActive) {
+      dispatchEvent(ParaEvent.LOGOUT_EVENT, null);
+      if (!skipStateReset) {
+        __privateGet(this, _stateManager).send({ type: "LOGOUT" });
+      }
     }
-    return signupState;
   });
 };
 _ParaCore.version = constants.PARA_CORE_VERSION;