@getpara/core-sdk 2.16.0 → 2.18.0

package/dist/cjs/ParaCore.js

@@ -207,6 +207,7 @@ const _ParaCore = class _ParaCore {
           methodName,
           sdkType: this.platformUtils.sdkType,
           userId: this.userId,
+          sdkVersion: _ParaCore.version,
           error: {
             name: err.name,
             message: err.message
@@ -403,9 +404,8 @@ const _ParaCore = class _ParaCore {
     }
     if (!opts) opts = {};
     __privateSet(this, _debugLogsEnabled, !!opts.enableDebugLogs);
-    let isE2E = false;
-    if (env === "E2E") {
-      isE2E = true;
+    const isE2E = env === "E2E" || envOrApiKey === "E2E";
+    if (isE2E && env !== import_types.Environment.SANDBOX) {
       env = import_types.Environment.SANDBOX;
     }
     this.externalWalletConnectionOnly = opts.externalWalletConnectionOnly;
@@ -496,22 +496,20 @@ const _ParaCore = class _ParaCore {
     this.initializeFromStorage();
     import_utils2.setupListeners.bind(this)();
     (0, import_utils2.autoBind)(this);
-    if (env !== import_types.Environment.PROD) {
-      this.wrapMethodsWithErrorTracking([
-        "signUpOrLogIn",
-        "verifyNewAccount",
-        "waitForLogin",
-        "waitForSignup",
-        "waitForWalletCreation",
-        "verifyOAuth",
-        "verifyTelegram",
-        "verifyFarcaster",
-        "createPregenWallet",
-        "claimPregenWallets",
-        "signMessage",
-        "signTransaction"
-      ]);
-    }
+    this.wrapMethodsWithErrorTracking([
+      "signUpOrLogIn",
+      "verifyNewAccount",
+      "waitForLogin",
+      "waitForSignup",
+      "waitForWalletCreation",
+      "verifyOAuth",
+      "verifyTelegram",
+      "verifyFarcaster",
+      "createPregenWallet",
+      "claimPregenWallets",
+      "signMessage",
+      "signTransaction"
+    ]);
     __privateGet(this, _stateManager).start();
   }
   setModalError(_error) {
@@ -2143,7 +2141,8 @@ const _ParaCore = class _ParaCore {
       cosmosSignDocBase64,
       isCanceled = () => false,
       onCancel,
-      onPoll
+      onPoll,
+      onTransactionReviewUrl
     }) {
       var _a;
       __privateGet(this, _walletService).assertIsValidWalletId(walletId);
@@ -2156,10 +2155,17 @@ const _ParaCore = class _ParaCore {
       let timeStart = Date.now();
       const effectiveTimeoutMs = Math.max(timeoutMs, constants.TRANSACTION_REVIEW_TIMEOUT_MS);
       if (signRes.pendingTransactionId) {
-        yield this.platformUtils.openPopup(
-          yield this.getTransactionReviewUrl(signRes.pendingTransactionId, effectiveTimeoutMs),
-          { type: cosmosSignDocBase64 ? import_types.PopupType.SIGN_TRANSACTION_REVIEW : import_types.PopupType.SIGN_MESSAGE_REVIEW }
+        const reviewUrl = yield this.getTransactionReviewUrl(
+          signRes.pendingTransactionId,
+          effectiveTimeoutMs
         );
+        if (onTransactionReviewUrl) {
+          onTransactionReviewUrl(reviewUrl);
+        } else {
+          yield this.platformUtils.openPopup(reviewUrl, {
+            type: cosmosSignDocBase64 ? import_types.PopupType.SIGN_TRANSACTION_REVIEW : import_types.PopupType.SIGN_MESSAGE_REVIEW
+          });
+        }
       } else {
         (0, import_utils2.dispatchEvent)(import_types.ParaEvent.SIGN_MESSAGE_EVENT, signRes);
         return signRes;
@@ -2249,7 +2255,8 @@ const _ParaCore = class _ParaCore {
       timeoutMs = 3e4,
       isCanceled = () => false,
       onCancel,
-      onPoll
+      onPoll,
+      onTransactionReviewUrl
     }) {
       var _a;
       __privateGet(this, _walletService).assertIsValidWalletId(walletId);
@@ -2271,10 +2278,15 @@ const _ParaCore = class _ParaCore {
       let timeStart = Date.now();
       const effectiveTimeoutMs = Math.max(timeoutMs, constants.TRANSACTION_REVIEW_TIMEOUT_MS);
       if (signRes.pendingTransactionId) {
-        yield this.platformUtils.openPopup(
-          yield this.getTransactionReviewUrl(signRes.pendingTransactionId, effectiveTimeoutMs),
-          { type: import_types.PopupType.SIGN_TRANSACTION_REVIEW }
+        const reviewUrl = yield this.getTransactionReviewUrl(
+          signRes.pendingTransactionId,
+          effectiveTimeoutMs
         );
+        if (onTransactionReviewUrl) {
+          onTransactionReviewUrl(reviewUrl);
+        } else {
+          yield this.platformUtils.openPopup(reviewUrl, { type: import_types.PopupType.SIGN_TRANSACTION_REVIEW });
+        }
       } else {
         (0, import_utils2.dispatchEvent)(import_types.ParaEvent.SIGN_TRANSACTION_EVENT, signRes);
         return signRes;
@@ -2370,10 +2382,14 @@ const _ParaCore = class _ParaCore {
   }
   /**
    * Serialize the current session for import by another Para instance.
+   * @deprecated Use {@link waitAndExportSession} instead, which awaits auth settlement before exporting.
    * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
    * @returns {string} the serialized session
    */
   exportSession({ excludeSigners = false } = {}) {
+    if (__privateGet(this, _stateManager).getSnapshot().authStatePhase !== "authenticated") {
+      throw new Error("Cannot export session: user is not authenticated.");
+    }
     const sessionInfo = {
       authInfo: __privateGet(this, _authService).authInfo,
       userId: this.userId,
@@ -2389,6 +2405,32 @@ const _ParaCore = class _ParaCore {
     }
     return Buffer.from(JSON.stringify(sessionInfo)).toString("base64");
   }
+  /**
+   * Awaits auth settlement, then serializes the current session for import by another Para instance.
+   * Unlike {@link exportSession}, this method waits for the auth state machine to reach the
+   * `authenticated` phase before reading state, ensuring the exported data is up-to-date.
+   * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
+   * @returns {Promise<string>} the serialized session
+   */
+  waitAndExportSession() {
+    return __async(this, arguments, function* (params = {}) {
+      yield (0, import_stateListener.waitForAuthStateChange)({
+        stateManager: __privateGet(this, _stateManager),
+        resolvePhases: [{ phase: "authenticated", onPhase: () => void 0 }],
+        rejectPhases: [
+          {
+            phase: "unauthenticated",
+            onPhase: () => new Error("No active session to export.")
+          },
+          {
+            phase: "guest_mode",
+            onPhase: () => new Error("Cannot export session in guest mode.")
+          }
+        ]
+      });
+      return this.exportSession(params);
+    });
+  }
   /**
    * Imports a session serialized by another Para instance.
    * @param {string} serializedInstanceBase64 the serialized session

package/dist/cjs/constants.js

@@ -46,7 +46,7 @@ __export(constants_exports, {
   TRANSACTION_REVIEW_TIMEOUT_MS: () => TRANSACTION_REVIEW_TIMEOUT_MS
 });
 module.exports = __toCommonJS(constants_exports);
-const PARA_CORE_VERSION = "2.16.0";
+const PARA_CORE_VERSION = "2.18.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/cjs/cryptography/utils.js

@@ -116,7 +116,7 @@ function encryptPrivateKey(keyPair, key) {
     const ciphertext = yield window.crypto.subtle.encrypt(
       { name: "AES-GCM", iv: CONSTANT_IV_AES },
       cryptoKey,
-      encodedPlaintext
+      encodedPlaintext.buffer
     );
     return Buffer.from(ciphertext).toString("base64");
   });
@@ -299,7 +299,7 @@ function encryptPrivateKeyWithPassword(keyPair, hashedPassword) {
     const ciphertext = yield window.crypto.subtle.encrypt(
       { name: "AES-GCM", iv: CONSTANT_IV_AES },
       cryptoKey,
-      encodedPlaintext
+      encodedPlaintext.buffer
     );
     return Buffer.from(ciphertext).toString("base64");
   });

package/dist/cjs/services/ExternalWalletService.js

@@ -67,7 +67,7 @@ module.exports = __toCommonJS(ExternalWalletService_exports);
 var import_events = require("../types/events.js");
 var import_constants = require("../constants.js");
 var import_utils = require("../utils/index.js");
-var _stateManager, _authService, _walletService, _paraCoreInterface, _externalWallets, _watchedProviders, _onWalletDisconnected;
+var _stateManager, _authService, _walletService, _paraCoreInterface, _externalWallets, _watchedProviders, _validateConnectionDeferred, _onWalletDisconnected;
 class ExternalWalletService {
   constructor(paraCore) {
     __privateAdd(this, _stateManager);
@@ -95,30 +95,11 @@ class ExternalWalletService {
         return true;
       }
       for (let i = 0; i < 20; i++) {
-        const neededProviderInterfaces = Array.from(storedWalletTypes).map((type) => ({
-          type,
-          interface: this.externalWalletProviderInterfaces[type]
-        })).filter(({ interface: providerInterface }) => !!providerInterface);
-        if (neededProviderInterfaces.length !== storedWalletTypes.size) {
-          yield new Promise((resolve) => setTimeout(resolve, 100));
-          continue;
-        }
-        const loadingResults = yield Promise.all(
-          neededProviderInterfaces.map((_0) => __async(this, [_0], function* ({ type, interface: providerInterface }) {
-            try {
-              const providerAddresses = yield providerInterface.getAddress();
-              const storedAddressesForType = Object.values(this.externalWallets).filter((wallet) => wallet.type === type).map((wallet) => Object.keys(this.externalWallets).find((addr) => this.externalWallets[addr] === wallet)).filter(Boolean);
-              const allAddressesAvailable = storedAddressesForType.every((addr) => providerAddresses.includes(addr));
-              return allAddressesAvailable;
-            } catch (error) {
-              console.warn(`Error checking provider ${type}:`, error);
-              return false;
-            }
-          }))
-        );
-        if (loadingResults.every((result) => result === true)) {
-          neededProviderInterfaces.forEach(({ type, interface: providerInterface }) => {
-            if (!__privateGet(this, _watchedProviders).has(type)) {
+        const allRegistered = Array.from(storedWalletTypes).every((type) => !!this.externalWalletProviderInterfaces[type]);
+        if (allRegistered) {
+          Array.from(storedWalletTypes).forEach((type) => {
+            const providerInterface = this.externalWalletProviderInterfaces[type];
+            if (providerInterface && !__privateGet(this, _watchedProviders).has(type)) {
               __privateGet(this, _watchedProviders).add(type);
               providerInterface.watchDisconnection(() => __async(this, null, function* () {
                 yield __privateGet(this, _onWalletDisconnected).call(this);
@@ -128,6 +109,7 @@ class ExternalWalletService {
               }));
             }
           });
+          __privateGet(this, _validateConnectionDeferred).call(this);
           return true;
         }
         yield new Promise((resolve) => setTimeout(resolve, 100));
@@ -138,7 +120,8 @@ class ExternalWalletService {
       if (__privateGet(this, _stateManager).getSnapshot().authStatePhase === "switching_external_wallet") {
         return;
       }
-      if (this.externalWalletConnectionType === "NONE") {
+      const connectionType = this.externalWalletConnectionType;
+      if (connectionType === "NONE") {
         return;
       }
       const connectedAddresses = (yield Promise.all(
@@ -146,6 +129,9 @@ class ExternalWalletService {
           return yield providerInterface.getAddress();
         }))
       )).filter((a) => !!a);
+      if (connectedAddresses.length === 0) {
+        return;
+      }
       const storedExternalWalletAddresses = Object.keys(this.externalWallets);
       const someConnectedHaveStoredWallets = connectedAddresses.some(
         (connectedAddress) => connectedAddress && this.externalWallets[connectedAddress]
@@ -214,11 +200,53 @@ class ExternalWalletService {
       }
       __privateGet(this, _stateManager).send({ type: "SWITCH_EXTERNAL_WALLET", data: params });
     });
+    /**
+     * Poll until the wallet adapter connects, then validate the address matches a stored wallet.
+     * If the adapter doesn't connect within the timeout, or connects with the wrong address, log out.
+     */
+    __privateAdd(this, _validateConnectionDeferred, () => {
+      const POLL_INTERVAL_MS = 500;
+      const TIMEOUT_MS = 1e4;
+      const startedAt = Date.now();
+      const poll = () => __async(this, null, function* () {
+        if (this.externalWalletConnectionType === "NONE") {
+          return;
+        }
+        const connectedAddresses = (yield Promise.all(
+          Object.values(this.externalWalletProviderInterfaces).map((providerInterface) => __async(this, null, function* () {
+            return yield providerInterface.getAddress();
+          }))
+        )).filter((a) => !!a);
+        if (connectedAddresses.length === 0) {
+          if (Date.now() - startedAt >= TIMEOUT_MS) {
+            yield __privateGet(this, _paraCoreInterface).logout();
+            return;
+          }
+          setTimeout(() => void poll(), POLL_INTERVAL_MS);
+          return;
+        }
+        const someMatchesStored = connectedAddresses.some((addr) => addr && this.externalWallets[addr]);
+        if (!someMatchesStored) {
+          yield __privateGet(this, _paraCoreInterface).logout();
+        }
+      });
+      setTimeout(() => void poll(), POLL_INTERVAL_MS);
+    });
     __privateAdd(this, _onWalletDisconnected, () => __async(this, null, function* () {
-      if (this.externalWalletConnectionType === "NONE") {
+      const connectionType = this.externalWalletConnectionType;
+      if (connectionType === "NONE") {
         return;
       }
-      yield __privateGet(this, _paraCoreInterface).logout();
+      yield new Promise((resolve) => setTimeout(resolve, 500));
+      const connectedAddresses = (yield Promise.all(
+        Object.values(this.externalWalletProviderInterfaces).map((providerInterface) => __async(this, null, function* () {
+          return yield providerInterface.getAddress();
+        }))
+      )).filter((a) => !!a);
+      const someStillConnected = connectedAddresses.some((addr) => addr && this.externalWallets[addr]);
+      if (!someStillConnected) {
+        yield __privateGet(this, _paraCoreInterface).logout();
+      }
     }));
     /**
      * Function to perform connecting an external wallet
@@ -379,6 +407,7 @@ _walletService = new WeakMap();
 _paraCoreInterface = new WeakMap();
 _externalWallets = new WeakMap();
 _watchedProviders = new WeakMap();
+_validateConnectionDeferred = new WeakMap();
 _onWalletDisconnected = new WeakMap();
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/cjs/services/PortalUrlService.js

@@ -105,6 +105,9 @@ class PortalUrlService {
      * @returns - portal URL
      */
     this.getPortalURL = (isLegacy) => __async(this, null, function* () {
+      if (__privateGet(this, _paraCoreInterface).ctx.isE2E) {
+        return (0, import_url.getPortalBaseURL)(__privateGet(this, _paraCoreInterface).ctx, false, false, isLegacy);
+      }
       return __privateGet(this, _paraCoreInterface).ctx.portalUrlOverride || (yield this.getPartnerURL()) || (0, import_url.getPortalBaseURL)(__privateGet(this, _paraCoreInterface).ctx, false, false, isLegacy);
     });
     this.constructPortalUrl = (_0, ..._1) => __async(this, [_0, ..._1], function* (type, opts = {}) {

package/dist/cjs/state/actors/waitForExternalWalletProviders.js

@@ -42,11 +42,7 @@ __export(waitForExternalWalletProviders_exports, {
 module.exports = __toCommonJS(waitForExternalWalletProviders_exports);
 var import_xstate = require("xstate");
 const createWaitForExternalWalletProvidersActor = (stateMachineInterface) => (0, import_xstate.fromPromise)(() => __async(void 0, null, function* () {
-  const resp = yield stateMachineInterface.externalWalletService.waitForProvidersLoading();
-  if (!resp) {
-    yield stateMachineInterface.logout();
-  }
-  return resp;
+  return yield stateMachineInterface.externalWalletService.waitForProvidersLoading();
 }));
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/cjs/types/coreApi.js

@@ -46,6 +46,7 @@ const PARA_CORE_METHODS = [
   "refreshSession",
   "keepSessionAlive",
   "exportSession",
+  "waitAndExportSession",
   "importSession",
   "getVerificationToken",
   "getWallets",

package/dist/esm/ParaCore.js

@@ -149,6 +149,7 @@ const _ParaCore = class _ParaCore {
           methodName,
           sdkType: this.platformUtils.sdkType,
           userId: this.userId,
+          sdkVersion: _ParaCore.version,
           error: {
             name: err.name,
             message: err.message
@@ -345,9 +346,8 @@ const _ParaCore = class _ParaCore {
     }
     if (!opts) opts = {};
     __privateSet(this, _debugLogsEnabled, !!opts.enableDebugLogs);
-    let isE2E = false;
-    if (env === "E2E") {
-      isE2E = true;
+    const isE2E = env === "E2E" || envOrApiKey === "E2E";
+    if (isE2E && env !== Environment.SANDBOX) {
       env = Environment.SANDBOX;
     }
     this.externalWalletConnectionOnly = opts.externalWalletConnectionOnly;
@@ -438,22 +438,20 @@ const _ParaCore = class _ParaCore {
     this.initializeFromStorage();
     setupListeners.bind(this)();
     autoBind(this);
-    if (env !== Environment.PROD) {
-      this.wrapMethodsWithErrorTracking([
-        "signUpOrLogIn",
-        "verifyNewAccount",
-        "waitForLogin",
-        "waitForSignup",
-        "waitForWalletCreation",
-        "verifyOAuth",
-        "verifyTelegram",
-        "verifyFarcaster",
-        "createPregenWallet",
-        "claimPregenWallets",
-        "signMessage",
-        "signTransaction"
-      ]);
-    }
+    this.wrapMethodsWithErrorTracking([
+      "signUpOrLogIn",
+      "verifyNewAccount",
+      "waitForLogin",
+      "waitForSignup",
+      "waitForWalletCreation",
+      "verifyOAuth",
+      "verifyTelegram",
+      "verifyFarcaster",
+      "createPregenWallet",
+      "claimPregenWallets",
+      "signMessage",
+      "signTransaction"
+    ]);
     __privateGet(this, _stateManager).start();
   }
   setModalError(_error) {
@@ -2085,7 +2083,8 @@ const _ParaCore = class _ParaCore {
       cosmosSignDocBase64,
       isCanceled = () => false,
       onCancel,
-      onPoll
+      onPoll,
+      onTransactionReviewUrl
     }) {
       var _a;
       __privateGet(this, _walletService).assertIsValidWalletId(walletId);
@@ -2098,10 +2097,17 @@ const _ParaCore = class _ParaCore {
       let timeStart = Date.now();
       const effectiveTimeoutMs = Math.max(timeoutMs, constants.TRANSACTION_REVIEW_TIMEOUT_MS);
       if (signRes.pendingTransactionId) {
-        yield this.platformUtils.openPopup(
-          yield this.getTransactionReviewUrl(signRes.pendingTransactionId, effectiveTimeoutMs),
-          { type: cosmosSignDocBase64 ? PopupType.SIGN_TRANSACTION_REVIEW : PopupType.SIGN_MESSAGE_REVIEW }
+        const reviewUrl = yield this.getTransactionReviewUrl(
+          signRes.pendingTransactionId,
+          effectiveTimeoutMs
         );
+        if (onTransactionReviewUrl) {
+          onTransactionReviewUrl(reviewUrl);
+        } else {
+          yield this.platformUtils.openPopup(reviewUrl, {
+            type: cosmosSignDocBase64 ? PopupType.SIGN_TRANSACTION_REVIEW : PopupType.SIGN_MESSAGE_REVIEW
+          });
+        }
       } else {
         dispatchEvent(ParaEvent.SIGN_MESSAGE_EVENT, signRes);
         return signRes;
@@ -2191,7 +2197,8 @@ const _ParaCore = class _ParaCore {
       timeoutMs = 3e4,
       isCanceled = () => false,
       onCancel,
-      onPoll
+      onPoll,
+      onTransactionReviewUrl
     }) {
       var _a;
       __privateGet(this, _walletService).assertIsValidWalletId(walletId);
@@ -2213,10 +2220,15 @@ const _ParaCore = class _ParaCore {
       let timeStart = Date.now();
       const effectiveTimeoutMs = Math.max(timeoutMs, constants.TRANSACTION_REVIEW_TIMEOUT_MS);
       if (signRes.pendingTransactionId) {
-        yield this.platformUtils.openPopup(
-          yield this.getTransactionReviewUrl(signRes.pendingTransactionId, effectiveTimeoutMs),
-          { type: PopupType.SIGN_TRANSACTION_REVIEW }
+        const reviewUrl = yield this.getTransactionReviewUrl(
+          signRes.pendingTransactionId,
+          effectiveTimeoutMs
         );
+        if (onTransactionReviewUrl) {
+          onTransactionReviewUrl(reviewUrl);
+        } else {
+          yield this.platformUtils.openPopup(reviewUrl, { type: PopupType.SIGN_TRANSACTION_REVIEW });
+        }
       } else {
         dispatchEvent(ParaEvent.SIGN_TRANSACTION_EVENT, signRes);
         return signRes;
@@ -2312,10 +2324,14 @@ const _ParaCore = class _ParaCore {
   }
   /**
    * Serialize the current session for import by another Para instance.
+   * @deprecated Use {@link waitAndExportSession} instead, which awaits auth settlement before exporting.
    * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
    * @returns {string} the serialized session
    */
   exportSession({ excludeSigners = false } = {}) {
+    if (__privateGet(this, _stateManager).getSnapshot().authStatePhase !== "authenticated") {
+      throw new Error("Cannot export session: user is not authenticated.");
+    }
     const sessionInfo = {
       authInfo: __privateGet(this, _authService).authInfo,
       userId: this.userId,
@@ -2331,6 +2347,32 @@ const _ParaCore = class _ParaCore {
     }
     return Buffer.from(JSON.stringify(sessionInfo)).toString("base64");
   }
+  /**
+   * Awaits auth settlement, then serializes the current session for import by another Para instance.
+   * Unlike {@link exportSession}, this method waits for the auth state machine to reach the
+   * `authenticated` phase before reading state, ensuring the exported data is up-to-date.
+   * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
+   * @returns {Promise<string>} the serialized session
+   */
+  waitAndExportSession() {
+    return __async(this, arguments, function* (params = {}) {
+      yield waitForAuthStateChange({
+        stateManager: __privateGet(this, _stateManager),
+        resolvePhases: [{ phase: "authenticated", onPhase: () => void 0 }],
+        rejectPhases: [
+          {
+            phase: "unauthenticated",
+            onPhase: () => new Error("No active session to export.")
+          },
+          {
+            phase: "guest_mode",
+            onPhase: () => new Error("Cannot export session in guest mode.")
+          }
+        ]
+      });
+      return this.exportSession(params);
+    });
+  }
   /**
    * Imports a session serialized by another Para instance.
    * @param {string} serializedInstanceBase64 the serialized session

package/dist/esm/constants.js

@@ -1,5 +1,5 @@
 import "./chunk-7B52C2XE.js";
-const PARA_CORE_VERSION = "2.16.0";
+const PARA_CORE_VERSION = "2.18.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/esm/cryptography/utils.js

@@ -49,7 +49,7 @@ function encryptPrivateKey(keyPair, key) {
     const ciphertext = yield window.crypto.subtle.encrypt(
       { name: "AES-GCM", iv: CONSTANT_IV_AES },
       cryptoKey,
-      encodedPlaintext
+      encodedPlaintext.buffer
     );
     return Buffer.from(ciphertext).toString("base64");
   });
@@ -232,7 +232,7 @@ function encryptPrivateKeyWithPassword(keyPair, hashedPassword) {
     const ciphertext = yield window.crypto.subtle.encrypt(
       { name: "AES-GCM", iv: CONSTANT_IV_AES },
       cryptoKey,
-      encodedPlaintext
+      encodedPlaintext.buffer
     );
     return Buffer.from(ciphertext).toString("base64");
   });

package/dist/esm/services/ExternalWalletService.js

@@ -6,7 +6,7 @@ import {
   __spreadProps,
   __spreadValues
 } from "../chunk-7B52C2XE.js";
-var _stateManager, _authService, _walletService, _paraCoreInterface, _externalWallets, _watchedProviders, _onWalletDisconnected;
+var _stateManager, _authService, _walletService, _paraCoreInterface, _externalWallets, _watchedProviders, _validateConnectionDeferred, _onWalletDisconnected;
 import { ParaEvent } from "../types/events.js";
 import { LOCAL_STORAGE_EXTERNAL_WALLETS } from "../constants.js";
 import { dispatchEvent } from "../utils/index.js";
@@ -37,30 +37,11 @@ class ExternalWalletService {
         return true;
       }
       for (let i = 0; i < 20; i++) {
-        const neededProviderInterfaces = Array.from(storedWalletTypes).map((type) => ({
-          type,
-          interface: this.externalWalletProviderInterfaces[type]
-        })).filter(({ interface: providerInterface }) => !!providerInterface);
-        if (neededProviderInterfaces.length !== storedWalletTypes.size) {
-          yield new Promise((resolve) => setTimeout(resolve, 100));
-          continue;
-        }
-        const loadingResults = yield Promise.all(
-          neededProviderInterfaces.map((_0) => __async(this, [_0], function* ({ type, interface: providerInterface }) {
-            try {
-              const providerAddresses = yield providerInterface.getAddress();
-              const storedAddressesForType = Object.values(this.externalWallets).filter((wallet) => wallet.type === type).map((wallet) => Object.keys(this.externalWallets).find((addr) => this.externalWallets[addr] === wallet)).filter(Boolean);
-              const allAddressesAvailable = storedAddressesForType.every((addr) => providerAddresses.includes(addr));
-              return allAddressesAvailable;
-            } catch (error) {
-              console.warn(`Error checking provider ${type}:`, error);
-              return false;
-            }
-          }))
-        );
-        if (loadingResults.every((result) => result === true)) {
-          neededProviderInterfaces.forEach(({ type, interface: providerInterface }) => {
-            if (!__privateGet(this, _watchedProviders).has(type)) {
+        const allRegistered = Array.from(storedWalletTypes).every((type) => !!this.externalWalletProviderInterfaces[type]);
+        if (allRegistered) {
+          Array.from(storedWalletTypes).forEach((type) => {
+            const providerInterface = this.externalWalletProviderInterfaces[type];
+            if (providerInterface && !__privateGet(this, _watchedProviders).has(type)) {
               __privateGet(this, _watchedProviders).add(type);
               providerInterface.watchDisconnection(() => __async(this, null, function* () {
                 yield __privateGet(this, _onWalletDisconnected).call(this);
@@ -70,6 +51,7 @@ class ExternalWalletService {
               }));
             }
           });
+          __privateGet(this, _validateConnectionDeferred).call(this);
           return true;
         }
         yield new Promise((resolve) => setTimeout(resolve, 100));
@@ -80,7 +62,8 @@ class ExternalWalletService {
       if (__privateGet(this, _stateManager).getSnapshot().authStatePhase === "switching_external_wallet") {
         return;
       }
-      if (this.externalWalletConnectionType === "NONE") {
+      const connectionType = this.externalWalletConnectionType;
+      if (connectionType === "NONE") {
         return;
       }
       const connectedAddresses = (yield Promise.all(
@@ -88,6 +71,9 @@ class ExternalWalletService {
           return yield providerInterface.getAddress();
         }))
       )).filter((a) => !!a);
+      if (connectedAddresses.length === 0) {
+        return;
+      }
       const storedExternalWalletAddresses = Object.keys(this.externalWallets);
       const someConnectedHaveStoredWallets = connectedAddresses.some(
         (connectedAddress) => connectedAddress && this.externalWallets[connectedAddress]
@@ -156,11 +142,53 @@ class ExternalWalletService {
       }
       __privateGet(this, _stateManager).send({ type: "SWITCH_EXTERNAL_WALLET", data: params });
     });
+    /**
+     * Poll until the wallet adapter connects, then validate the address matches a stored wallet.
+     * If the adapter doesn't connect within the timeout, or connects with the wrong address, log out.
+     */
+    __privateAdd(this, _validateConnectionDeferred, () => {
+      const POLL_INTERVAL_MS = 500;
+      const TIMEOUT_MS = 1e4;
+      const startedAt = Date.now();
+      const poll = () => __async(this, null, function* () {
+        if (this.externalWalletConnectionType === "NONE") {
+          return;
+        }
+        const connectedAddresses = (yield Promise.all(
+          Object.values(this.externalWalletProviderInterfaces).map((providerInterface) => __async(this, null, function* () {
+            return yield providerInterface.getAddress();
+          }))
+        )).filter((a) => !!a);
+        if (connectedAddresses.length === 0) {
+          if (Date.now() - startedAt >= TIMEOUT_MS) {
+            yield __privateGet(this, _paraCoreInterface).logout();
+            return;
+          }
+          setTimeout(() => void poll(), POLL_INTERVAL_MS);
+          return;
+        }
+        const someMatchesStored = connectedAddresses.some((addr) => addr && this.externalWallets[addr]);
+        if (!someMatchesStored) {
+          yield __privateGet(this, _paraCoreInterface).logout();
+        }
+      });
+      setTimeout(() => void poll(), POLL_INTERVAL_MS);
+    });
     __privateAdd(this, _onWalletDisconnected, () => __async(this, null, function* () {
-      if (this.externalWalletConnectionType === "NONE") {
+      const connectionType = this.externalWalletConnectionType;
+      if (connectionType === "NONE") {
         return;
       }
-      yield __privateGet(this, _paraCoreInterface).logout();
+      yield new Promise((resolve) => setTimeout(resolve, 500));
+      const connectedAddresses = (yield Promise.all(
+        Object.values(this.externalWalletProviderInterfaces).map((providerInterface) => __async(this, null, function* () {
+          return yield providerInterface.getAddress();
+        }))
+      )).filter((a) => !!a);
+      const someStillConnected = connectedAddresses.some((addr) => addr && this.externalWallets[addr]);
+      if (!someStillConnected) {
+        yield __privateGet(this, _paraCoreInterface).logout();
+      }
     }));
     /**
      * Function to perform connecting an external wallet
@@ -321,6 +349,7 @@ _walletService = new WeakMap();
 _paraCoreInterface = new WeakMap();
 _externalWallets = new WeakMap();
 _watchedProviders = new WeakMap();
+_validateConnectionDeferred = new WeakMap();
 _onWalletDisconnected = new WeakMap();
 export {
   ExternalWalletService

package/dist/esm/services/PortalUrlService.js

@@ -47,6 +47,9 @@ class PortalUrlService {
      * @returns - portal URL
      */
     this.getPortalURL = (isLegacy) => __async(this, null, function* () {
+      if (__privateGet(this, _paraCoreInterface).ctx.isE2E) {
+        return getPortalBaseURL(__privateGet(this, _paraCoreInterface).ctx, false, false, isLegacy);
+      }
       return __privateGet(this, _paraCoreInterface).ctx.portalUrlOverride || (yield this.getPartnerURL()) || getPortalBaseURL(__privateGet(this, _paraCoreInterface).ctx, false, false, isLegacy);
     });
     this.constructPortalUrl = (_0, ..._1) => __async(this, [_0, ..._1], function* (type, opts = {}) {

package/dist/esm/state/actors/waitForExternalWalletProviders.js

@@ -3,11 +3,7 @@ import {
 } from "../../chunk-7B52C2XE.js";
 import { fromPromise } from "xstate";
 const createWaitForExternalWalletProvidersActor = (stateMachineInterface) => fromPromise(() => __async(void 0, null, function* () {
-  const resp = yield stateMachineInterface.externalWalletService.waitForProvidersLoading();
-  if (!resp) {
-    yield stateMachineInterface.logout();
-  }
-  return resp;
+  return yield stateMachineInterface.externalWalletService.waitForProvidersLoading();
 }));
 export {
   createWaitForExternalWalletProvidersActor

package/dist/esm/types/coreApi.js

@@ -24,6 +24,7 @@ const PARA_CORE_METHODS = [
   "refreshSession",
   "keepSessionAlive",
   "exportSession",
+  "waitAndExportSession",
   "importSession",
   "getVerificationToken",
   "getWallets",

package/dist/types/ParaCore.d.ts

@@ -735,7 +735,7 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param {number} [opts.timeout] optional timeout in milliseconds. If not present, defaults to 30 seconds. Extended to a minimum of 5 minutes when the transaction requires approval.
      * @param {string} [opts.cosmosSignDocBase64] the Cosmos `SignDoc` in base64, if applicable
      **/
-    signMessage({ walletId, messageBase64, timeoutMs, cosmosSignDocBase64, isCanceled, onCancel, onPoll, }: CoreMethodParams<'signMessage'>): CoreMethodResponse<'signMessage'>;
+    signMessage({ walletId, messageBase64, timeoutMs, cosmosSignDocBase64, isCanceled, onCancel, onPoll, onTransactionReviewUrl, }: CoreMethodParams<'signMessage'>): CoreMethodResponse<'signMessage'>;
     private signMessageInner;
     /**
      * Signs a transaction.
@@ -745,7 +745,7 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param {string} [opts.chainId] the EVM chain id of the chain the transaction is being sent on, if applicable
      * @param {number} [opts.timeoutMs] the amount of time to wait for the user to sign the transaction, in milliseconds. Extended to a minimum of 5 minutes when the transaction requires approval.
      **/
-    signTransaction({ walletId, rlpEncodedTxBase64, chainId, timeoutMs, isCanceled, onCancel, onPoll, }: CoreMethodParams<'signTransaction'>): CoreMethodResponse<'signTransaction'>;
+    signTransaction({ walletId, rlpEncodedTxBase64, chainId, timeoutMs, isCanceled, onCancel, onPoll, onTransactionReviewUrl, }: CoreMethodParams<'signTransaction'>): CoreMethodResponse<'signTransaction'>;
     protected isProviderModalDisabled(): boolean;
     /**
      * Starts a on-ramp or off-ramp transaction and returns the Para Portal link for the user to finalize and complete it.
@@ -762,10 +762,19 @@ export declare abstract class ParaCore implements CoreInterface {
     keepSessionAlive(): Promise<boolean>;
     /**
      * Serialize the current session for import by another Para instance.
+     * @deprecated Use {@link waitAndExportSession} instead, which awaits auth settlement before exporting.
      * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
      * @returns {string} the serialized session
      */
     exportSession({ excludeSigners }?: CoreMethodParams<'exportSession'>): CoreMethodResponse<'exportSession'>;
+    /**
+     * Awaits auth settlement, then serializes the current session for import by another Para instance.
+     * Unlike {@link exportSession}, this method waits for the auth state machine to reach the
+     * `authenticated` phase before reading state, ensuring the exported data is up-to-date.
+     * @param {boolean} excludeSigners - whether or not to exclude the signer from the exported wallets.
+     * @returns {Promise<string>} the serialized session
+     */
+    waitAndExportSession(params?: CoreMethodParams<'waitAndExportSession'>): CoreMethodResponse<'waitAndExportSession'>;
     /**
      * Imports a session serialized by another Para instance.
      * @param {string} serializedInstanceBase64 the serialized session

package/dist/types/index.d.ts

@@ -1,5 +1,5 @@
 import { ParaCore } from './ParaCore.js';
-export { type Auth, type AuthInfo, type PrimaryAuthInfo, type VerifiedAuthInfo, type VerifiedAuth, AuthMethod, type TAuthMethod, AuthMethodStatus, type AuthExtras, type CurrentWalletIds, EmailTheme, type PartnerEntity, type WalletEntity, Network, type TNetwork, WalletType, type TWalletType, WalletScheme, type TWalletScheme, OnRampAsset, type TOnRampAsset, OnRampPurchaseType, OnRampProvider, OnRampPurchaseStatus, type OnRampConfig, type OnRampAssets, type OnRampPurchase, type OnRampAssetInfo, type ProviderAssetInfo, OnRampMethod, type Theme, OAuthMethod, type TOAuthMethod, type TLinkedAccountType, type SupportedAccountLinks, type SupportedWalletTypes, type TPregenIdentifierType, type PregenIds, type LinkedAccount, type LinkedAccounts, type TExternalWallet, type ExternalWalletInfo, type PregenAuth, type Setup2faResponse, type TelegramAuthResponse, type VerifyExternalWalletParams, type AssetMetadata, type AssetMetadataIndexed, type AssetValue, type BalancesConfig, type WalletBalance, type ProfileBalance, type OfframpDepositRequest, type WalletWithMetadata, RecoveryStatus, ThemeMode, NON_ED25519, PREGEN_IDENTIFIER_TYPES, WALLET_TYPES, WALLET_SCHEMES, OAUTH_METHODS, LINKED_ACCOUNT_TYPES, EXTERNAL_WALLET_TYPES, EVM_WALLETS, SOLANA_WALLETS, COSMOS_WALLETS, formatAssetQuantity, formatCurrency, type EstimateTransactionOpts, type EstimateTransactionResult, type BroadcastTransactionOpts, type BroadcastTransactionResult, } from '@getpara/user-management-client';
+export { type Auth, type AuthInfo, type PrimaryAuthInfo, type VerifiedAuthInfo, type VerifiedAuth, AuthMethod, type TAuthMethod, AuthMethodStatus, type AuthExtras, type CurrentWalletIds, EmailTheme, type PartnerEntity, type WalletEntity, Network, type TNetwork, WalletType, type TWalletType, WalletScheme, type TWalletScheme, OnRampAsset, type TOnRampAsset, OnRampPurchaseType, OnRampProvider, OnRampPurchaseStatus, type OnRampConfig, type OnRampAssets, type OnRampPurchase, type OnRampAssetInfo, type ProviderAssetInfo, OnRampMethod, type Theme, OAuthMethod, type TOAuthMethod, type TLinkedAccountType, type SupportedAccountLinks, type SupportedWalletTypes, type TPregenIdentifierType, type PregenIds, type LinkedAccount, type LinkedAccounts, type TExternalWallet, type ExternalWalletInfo, type PregenAuth, type Setup2faResponse, type TelegramAuthResponse, type VerifyExternalWalletParams, type AssetMetadata, type AssetMetadataIndexed, type AssetValue, type BalancesConfig, type WalletBalance, type ProfileBalance, type OfframpDepositRequest, type WalletWithMetadata, RecoveryStatus, ThemeMode, NON_ED25519, PREGEN_IDENTIFIER_TYPES, WALLET_TYPES, WALLET_SCHEMES, OAUTH_METHODS, LINKED_ACCOUNT_TYPES, EXTERNAL_WALLET_TYPES, EVM_WALLETS, SOLANA_WALLETS, COSMOS_WALLETS, formatAssetQuantity, formatCurrency, type EstimateTransactionOpts, type EstimateTransactionResult, type BroadcastTransactionOpts, type BroadcastTransactionResult, type PendingTransactionEntity, type SerializedDecodedTx, type SerializedTxData, type GetPendingTransactionResponse, } from '@getpara/user-management-client';
 export { PopupType, PregenIdentifierType, type AuthStateSignup, type AuthStateVerify, type AuthStateLogin, type AuthState, type OAuthResponse, type CoreAuthInfo, type SignatureRes, type FullSignatureRes, type SuccessfulSignatureRes, type DeniedSignatureRes, type DeniedSignatureResWithUrl, type Wallet, type AvailableWallet, type AccountLinkInProgress, AccountLinkError, type InternalInterface, type Verify2faParams, type Verify2faResponse, type StorageType, type TelegramParams, } from './types/index.js';
 export * from './types/coreApi.js';
 export * from './types/events.js';

package/dist/types/services/types/PollingServiceTypes.d.ts

@@ -17,6 +17,15 @@ export type PollingCallbacks = {
      * Signal to cancel the polling.
      */
     isCanceled?: () => boolean;
+    /**
+     * Callback fired when a transaction requires user review. Receives the portal URL
+     * that must be opened for the user to approve or deny the transaction.
+     *
+     * On web this is handled automatically via a popup. On React Native, provide this
+     * callback to open the URL in an in-app browser (e.g. `expo-web-browser`).
+     * If not provided, the SDK falls back to `openPopup` (which throws on React Native).
+     */
+    onTransactionReviewUrl?: (url: string) => void;
 };
 export interface PollingConfig<T> extends PollingCallbacks {
     init?: () => Promise<void>;

package/dist/types/types/coreApi.d.ts

@@ -4,7 +4,7 @@ import { ParaCore } from '../ParaCore.js';
 import { FullSignatureRes, Wallet } from './wallet.js';
 import { AccountLinkInProgress } from './accountLinking.js';
 import type { WaitForLoginParams, WaitForLoginResponse, WaitForSignupParams, WaitForWalletCreationParams, WaitForWalletCreationResponse, GetOAuthUrlParams, AddCredentialParams, LoginExternalWalletParams, LoginExternalWalletResponse, ResendVerificationCodeParams, SignUpOrLogInParams, SignUpOrLogInResponse, VerifyOAuthProcessParams, VerifyExternalWalletParams, VerifyExternalWalletResponse, VerifyFarcasterParams, VerifyTelegramParams, ClaimPregenWalletsParams, ClaimPregenWalletsResponse, CreateGuestWalletsResponse, CreatePregenWalletParams, CreatePregenWalletPerTypeParams, CreatePregenWalletPerTypeResponse, CreatePregenWalletResponse, CreateWalletParams, CreateWalletPerTypeParams, CreateWalletPerTypeResponse, CreateWalletResponse, DistributeNewWalletShareParams, GetPregenWalletsParams, GetPregenWalletsResponse, GetWalletBalanceParams, HasPregenWalletParams, PollingCallbacks, RefreshShareParams, RefreshShareResponse, UpdatePregenWalletIdentifierParams, BaseVerifyExternalWalletParams, AuthenticateWithEmailOrPhoneParams, AuthenticateWithEmailOrPhoneResponse, AuthenticateWithOAuthParams, AuthenticateWithOAuthResponse } from '../services/types';
-export declare const PARA_CORE_METHODS: readonly ["getAuthInfo", "signUpOrLogIn", "verifyNewAccount", "waitForLogin", "waitForSignup", "waitForWalletCreation", "getOAuthUrl", "verifyOAuth", "getFarcasterConnectUri", "verifyFarcaster", "verifyTelegram", "resendVerificationCode", "loginExternalWallet", "verifyExternalWallet", "setup2fa", "enable2fa", "verify2fa", "logout", "clearStorage", "isSessionActive", "isFullyLoggedIn", "refreshSession", "keepSessionAlive", "exportSession", "importSession", "getVerificationToken", "getWallets", "getWalletsByType", "fetchWallets", "createWallet", "createWalletPerType", "getPregenWallets", "hasPregenWallet", "updatePregenWalletIdentifier", "createPregenWallet", "createPregenWalletPerType", "claimPregenWallets", "createGuestWallets", "distributeNewWalletShare", "getUserShare", "setUserShare", "refreshShare", "signMessage", "signTransaction", "initiateOnRampTransaction", "getWalletBalance", "issueJwt", "getLinkedAccounts", "accountLinkInProgress", "addCredential", "exportPrivateKey", "authenticateWithEmailOrPhone", "authenticateWithOAuth"];
+export declare const PARA_CORE_METHODS: readonly ["getAuthInfo", "signUpOrLogIn", "verifyNewAccount", "waitForLogin", "waitForSignup", "waitForWalletCreation", "getOAuthUrl", "verifyOAuth", "getFarcasterConnectUri", "verifyFarcaster", "verifyTelegram", "resendVerificationCode", "loginExternalWallet", "verifyExternalWallet", "setup2fa", "enable2fa", "verify2fa", "logout", "clearStorage", "isSessionActive", "isFullyLoggedIn", "refreshSession", "keepSessionAlive", "exportSession", "waitAndExportSession", "importSession", "getVerificationToken", "getWallets", "getWalletsByType", "fetchWallets", "createWallet", "createWalletPerType", "getPregenWallets", "hasPregenWallet", "updatePregenWalletIdentifier", "createPregenWallet", "createPregenWalletPerType", "claimPregenWallets", "createGuestWallets", "distributeNewWalletShare", "getUserShare", "setUserShare", "refreshShare", "signMessage", "signTransaction", "initiateOnRampTransaction", "getWalletBalance", "issueJwt", "getLinkedAccounts", "accountLinkInProgress", "addCredential", "exportPrivateKey", "authenticateWithEmailOrPhone", "authenticateWithOAuth"];
 export declare const PARA_INTERNAL_METHODS: readonly ["linkAccount", "unlinkAccount", "verifyEmailOrPhoneLink", "verifyOAuthLink", "verifyFarcasterLink", "verifyTelegramLink", "verifyExternalWalletLink", "accountLinkInProgress", "prepareLogin", "sendLoginCode", "supportedUserAuthMethods"];
 export type CoreMethodName = (typeof PARA_CORE_METHODS)[number];
 export type CoreMethodParams<method extends CoreMethodName & keyof CoreMethods> = CoreMethods[method] extends {
@@ -227,6 +227,15 @@ export type CoreMethods = Record<CoreMethodName, {
         response: string;
         sync: true;
     };
+    waitAndExportSession: {
+        params: {
+            /**
+             * Whether to exclude the wallet signers from the exported session.
+             */
+            excludeSigners?: boolean;
+        };
+        response: string;
+    };
     importSession: {
         params: string;
         response: void;

package/package.json

@@ -1,13 +1,15 @@
 {
   "name": "@getpara/core-sdk",
-  "version": "2.16.0",
+  "version": "2.18.0",
   "dependencies": {
     "@celo/utils": "^8.0.2",
     "@cosmjs/encoding": "^0.32.4",
     "@ethereumjs/util": "^9.1.0",
-    "@getpara/user-management-client": "2.16.0",
+    "@getpara/user-management-client": "2.18.0",
     "@noble/hashes": "^1.5.0",
+    "axios": "^1.8.4",
     "base64url": "^3.0.1",
+    "elliptic": "^6.6.1",
     "libphonenumber-js": "^1.11.7",
     "node-forge": "^1.3.1",
     "uuid": "^11.1.0",
@@ -28,7 +30,7 @@
     "dist",
     "package.json"
   ],
-  "gitHead": "fbe96a062b308d04105213378c12c38ee973c798",
+  "gitHead": "4481f6f4e108e682d14c74d4433696141c47fc58",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
   "scripts": {