@getpara/core-sdk 2.19.0 → 2.20.0

package/dist/cjs/ParaCore.js

@@ -2096,6 +2096,24 @@ const _ParaCore = class _ParaCore {
       return yield __privateGet(this, _walletService).setUserShare(base64Wallets);
     });
   }
+  /**
+   * Migrate a wallet share to the enclave. The share is ECIES-encrypted before
+   * being sent so the plaintext never leaves the caller's process.
+   */
+  migrateWalletShare(opts) {
+    return __async(this, null, function* () {
+      if (!this.ctx.enclaveClient) {
+        throw new Error("Enclave client not initialized");
+      }
+      const scheme = opts.walletScheme || "DKLS";
+      return this.ctx.enclaveClient.migrateShare({
+        walletId: opts.walletId,
+        userShare: opts.userShare,
+        walletScheme: scheme,
+        secretApiKey: opts.secretApiKey
+      });
+    });
+  }
   getTransactionReviewUrl(transactionId, timeoutMs) {
     return __async(this, null, function* () {
       const authMethods = yield this.supportedUserAuthMethods();

package/dist/cjs/constants.js

@@ -46,7 +46,7 @@ __export(constants_exports, {
   TRANSACTION_REVIEW_TIMEOUT_MS: () => TRANSACTION_REVIEW_TIMEOUT_MS
 });
 module.exports = __toCommonJS(constants_exports);
-const PARA_CORE_VERSION = "2.19.0";
+const PARA_CORE_VERSION = "2.20.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/cjs/services/PregenWalletService.js

@@ -268,12 +268,14 @@ class PregenWalletService {
       const [pregenIdentifierType, pregenIdentifier] = (0, import_user_management_client.toPregenTypeAndId)(pregenId);
       let keygenRes;
       switch (walletType) {
+        case "STELLAR":
         case "SOLANA":
           keygenRes = yield __privateGet(this, _paraCoreInterface).platformUtils.ed25519PreKeygen(
             __privateGet(this, _paraCoreInterface).ctx,
             pregenIdentifier,
             pregenIdentifierType,
-            __privateGet(this, _paraCoreInterface).retrieveSessionCookie()
+            __privateGet(this, _paraCoreInterface).retrieveSessionCookie(),
+            walletType
           );
           break;
         default:
@@ -292,7 +294,7 @@ class PregenWalletService {
       __privateGet(this, _walletService).wallets[walletId] = {
         id: walletId,
         signer,
-        scheme: walletType === "SOLANA" ? "ED25519" : "DKLS",
+        scheme: walletType === "SOLANA" || walletType === "STELLAR" ? "ED25519" : "DKLS",
         type: walletType,
         isPregen: true,
         pregenIdentifier,

package/dist/cjs/services/WalletService.js

@@ -158,7 +158,7 @@ class WalletService {
       return (0, import_wallet2.getSchemes)(types != null ? types : yield __privateGet(this, _getMissingTypes).call(this)).map((scheme) => {
         switch (scheme) {
           case "ED25519":
-            return "SOLANA";
+            return supportedWalletTypes.some(({ type, optional }) => type === "STELLAR" && !optional) ? "STELLAR" : "SOLANA";
           default:
             return supportedWalletTypes.some(({ type, optional }) => type === "COSMOS" && !optional) ? "COSMOS" : "EVM";
         }
@@ -210,12 +210,14 @@ class WalletService {
       let wallet;
       let keygenRes;
       switch (walletType) {
+        case "STELLAR":
         case "SOLANA": {
           keygenRes = yield __privateGet(this, _paraCoreInterface).platformUtils.ed25519Keygen(
             __privateGet(this, _paraCoreInterface).ctx,
             __privateGet(this, _authService).userId,
             __privateGet(this, _paraCoreInterface).retrieveSessionCookie(),
-            __privateGet(this, _paraCoreInterface).getBackupKitEmailProps()
+            __privateGet(this, _paraCoreInterface).getBackupKitEmailProps(),
+            walletType
           );
           break;
         }
@@ -232,7 +234,7 @@ class WalletService {
         }
       }
       const walletId = keygenRes.walletId;
-      const walletScheme = walletType === "SOLANA" ? "ED25519" : "DKLS";
+      const walletScheme = walletType === "SOLANA" || walletType === "STELLAR" ? "ED25519" : "DKLS";
       signer = keygenRes.signer;
       yield __privateGet(this, _pollingService).poll({
         checkCondition: __privateGet(this, _pollingService).waitForWalletAddress({ walletId }),
@@ -366,6 +368,9 @@ class WalletService {
           prefix = (_b = (_a = options.cosmosPrefix) != null ? _a : __privateGet(this, _paraCoreInterface).cosmosPrefix) != null ? _b : "cosmos";
           str = (0, import_utils.getCosmosAddress)(wallet.publicKey, prefix);
           break;
+        case "STELLAR":
+          str = wallet.publicKey ? (0, import_utils.getStellarAddress)(wallet.publicKey) : (0, import_utils.getStellarAddressFromSolana)(wallet.address);
+          break;
         default:
           prefix = __privateGet(this, _paraCoreInterface).cosmosPrefix;
           str = wallet.address;

package/dist/cjs/shares/enclave.js

@@ -300,6 +300,47 @@ ${exportedAsBase64}
       }
     });
   }
+  /**
+   * Migrate a wallet share by encrypting it with the enclave's public key and
+   * sending the encrypted payload to the backend. The plaintext share never
+   * leaves the caller's process.
+   */
+  migrateShare(opts) {
+    return __async(this, null, function* () {
+      const { walletId, userShare, walletScheme, secretApiKey } = opts;
+      try {
+        const signer = this.extractSignerFromUserShare(userShare, walletId);
+        const shareData = {
+          // The enclave requires a non-empty userId but pregen wallets may not have one.
+          // We use walletId as a placeholder — the signing flow never reads this field.
+          userId: walletId,
+          walletId,
+          walletScheme,
+          signer
+        };
+        const encryptedPayload = yield this.encryptForEnclave(JSON.stringify({ shares: [shareData] }));
+        return this.userManagementClient.migrateWalletShare(walletId, JSON.stringify(encryptedPayload), secretApiKey);
+      } catch (error) {
+        throw new Error(
+          `Failed to migrate share for wallet ${walletId}: ${error instanceof Error ? error.message : "Unknown error"}`
+        );
+      }
+    });
+  }
+  extractSignerFromUserShare(userShare, walletId) {
+    const walletSegments = userShare.split("-");
+    for (const segment of walletSegments) {
+      try {
+        const decoded = JSON.parse(Buffer.from(segment, "base64").toString("utf-8"));
+        if (decoded.id === walletId && decoded.signer) {
+          return decoded.signer;
+        }
+      } catch (e) {
+        continue;
+      }
+    }
+    throw new Error(`No wallet with id ${walletId} found in the provided userShare`);
+  }
   persistSharesWithRetry(shares) {
     return __async(this, null, function* () {
       return yield this.persistShares(shares);

package/dist/cjs/utils/formatting.js

@@ -30,6 +30,8 @@ __export(formatting_exports, {
   compressPubkey: () => compressPubkey,
   decimalToHex: () => decimalToHex,
   getCosmosAddress: () => getCosmosAddress,
+  getStellarAddress: () => getStellarAddress,
+  getStellarAddressFromSolana: () => getStellarAddressFromSolana,
   hexStringToBase64: () => hexStringToBase64,
   hexToDecimal: () => hexToDecimal,
   hexToSignature: () => hexToSignature,
@@ -87,6 +89,96 @@ function rawSecp256k1PubkeyToRawAddress(pubkeyData) {
   }
   return (0, import_ripemd160.ripemd160)((0, import_sha256.sha256)(pubkeyData));
 }
+const BASE32_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+const BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+const BASE58_MAP = {};
+for (let i = 0; i < BASE58_ALPHABET.length; i++) BASE58_MAP[BASE58_ALPHABET[i]] = i;
+const STELLAR_ED25519_VERSION_BYTE = 6 << 3;
+function crc16xmodem(data) {
+  let crc = 0;
+  for (const byte of data) {
+    crc ^= byte << 8;
+    for (let j = 0; j < 8; j++) {
+      crc = crc & 32768 ? crc << 1 ^ 4129 : crc << 1;
+      crc &= 65535;
+    }
+  }
+  return crc;
+}
+function base32Encode(data) {
+  let result = "";
+  let bits = 0;
+  let value = 0;
+  for (const byte of data) {
+    value = value << 8 | byte;
+    bits += 8;
+    while (bits >= 5) {
+      result += BASE32_ALPHABET[value >>> bits - 5 & 31];
+      bits -= 5;
+    }
+  }
+  if (bits > 0) {
+    result += BASE32_ALPHABET[value << 5 - bits & 31];
+  }
+  return result;
+}
+function base58Decode(str) {
+  const bytes = [0];
+  for (const char of str) {
+    let carry = BASE58_MAP[char];
+    if (carry === void 0) {
+      throw new Error(`Invalid base58 character: ${char}`);
+    }
+    for (let j = 0; j < bytes.length; j++) {
+      carry += bytes[j] * 58;
+      bytes[j] = carry & 255;
+      carry >>= 8;
+    }
+    while (carry > 0) {
+      bytes.push(carry & 255);
+      carry >>= 8;
+    }
+  }
+  let leadingZeros = 0;
+  for (const char of str) {
+    if (char !== "1") break;
+    leadingZeros++;
+  }
+  let sigBytes = bytes.length;
+  while (sigBytes > 0 && bytes[sigBytes - 1] === 0) sigBytes--;
+  const result = new Uint8Array(leadingZeros + sigBytes);
+  for (let i = 0; i < sigBytes; i++) {
+    result[leadingZeros + sigBytes - 1 - i] = bytes[i];
+  }
+  return result;
+}
+function encodeEd25519PublicKey(pubKeyBytes) {
+  if (pubKeyBytes.length !== 32) {
+    throw new Error(`Invalid Ed25519 public key length: expected 32 bytes, got ${pubKeyBytes.length}`);
+  }
+  const payload = new Uint8Array(1 + pubKeyBytes.length);
+  payload[0] = STELLAR_ED25519_VERSION_BYTE;
+  payload.set(pubKeyBytes, 1);
+  const checksum = crc16xmodem(payload);
+  const full = new Uint8Array(payload.length + 2);
+  full.set(payload);
+  full[payload.length] = checksum & 255;
+  full[payload.length + 1] = checksum >> 8 & 255;
+  return base32Encode(full);
+}
+function getStellarAddress(publicKey) {
+  if (!publicKey || publicKey.length === 0) {
+    return "";
+  }
+  const pubKeyBytes = Buffer.from(publicKey.startsWith("0x") ? publicKey.slice(2) : publicKey, "hex");
+  return encodeEd25519PublicKey(pubKeyBytes);
+}
+function getStellarAddressFromSolana(solanaAddress) {
+  if (!solanaAddress || solanaAddress.length === 0) {
+    return "";
+  }
+  return encodeEd25519PublicKey(base58Decode(solanaAddress));
+}
 function getCosmosAddress(publicKey, prefix) {
   if (!publicKey || publicKey.length === 0) {
     return "";
@@ -113,6 +205,8 @@ function truncateAddress(str, addressType, {
   compressPubkey,
   decimalToHex,
   getCosmosAddress,
+  getStellarAddress,
+  getStellarAddressFromSolana,
   hexStringToBase64,
   hexToDecimal,
   hexToSignature,

package/dist/cjs/utils/wallet.js

@@ -70,7 +70,8 @@ const WalletSchemeTypeMap = {
     COSMOS: true
   },
   ED25519: {
-    SOLANA: true
+    SOLANA: true,
+    STELLAR: true
   }
 };
 function isPregenIdentifierMatch(a, b, type) {

package/dist/esm/ParaCore.js

@@ -2038,6 +2038,24 @@ const _ParaCore = class _ParaCore {
       return yield __privateGet(this, _walletService).setUserShare(base64Wallets);
     });
   }
+  /**
+   * Migrate a wallet share to the enclave. The share is ECIES-encrypted before
+   * being sent so the plaintext never leaves the caller's process.
+   */
+  migrateWalletShare(opts) {
+    return __async(this, null, function* () {
+      if (!this.ctx.enclaveClient) {
+        throw new Error("Enclave client not initialized");
+      }
+      const scheme = opts.walletScheme || "DKLS";
+      return this.ctx.enclaveClient.migrateShare({
+        walletId: opts.walletId,
+        userShare: opts.userShare,
+        walletScheme: scheme,
+        secretApiKey: opts.secretApiKey
+      });
+    });
+  }
   getTransactionReviewUrl(transactionId, timeoutMs) {
     return __async(this, null, function* () {
       const authMethods = yield this.supportedUserAuthMethods();

package/dist/esm/constants.js

@@ -1,5 +1,5 @@
 import "./chunk-7B52C2XE.js";
-const PARA_CORE_VERSION = "2.19.0";
+const PARA_CORE_VERSION = "2.20.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/esm/services/PregenWalletService.js

@@ -220,12 +220,14 @@ class PregenWalletService {
       const [pregenIdentifierType, pregenIdentifier] = toPregenTypeAndId(pregenId);
       let keygenRes;
       switch (walletType) {
+        case "STELLAR":
         case "SOLANA":
           keygenRes = yield __privateGet(this, _paraCoreInterface).platformUtils.ed25519PreKeygen(
             __privateGet(this, _paraCoreInterface).ctx,
             pregenIdentifier,
             pregenIdentifierType,
-            __privateGet(this, _paraCoreInterface).retrieveSessionCookie()
+            __privateGet(this, _paraCoreInterface).retrieveSessionCookie(),
+            walletType
           );
           break;
         default:
@@ -244,7 +246,7 @@ class PregenWalletService {
       __privateGet(this, _walletService).wallets[walletId] = {
         id: walletId,
         signer,
-        scheme: walletType === "SOLANA" ? "ED25519" : "DKLS",
+        scheme: walletType === "SOLANA" || walletType === "STELLAR" ? "ED25519" : "DKLS",
         type: walletType,
         isPregen: true,
         pregenIdentifier,

package/dist/esm/services/WalletService.js

@@ -17,7 +17,13 @@ import {
   migrateWallet,
   WalletSchemeTypeMap
 } from "../utils/wallet.js";
-import { dispatchEvent, getCosmosAddress, truncateAddress } from "../utils/index.js";
+import {
+  dispatchEvent,
+  getCosmosAddress,
+  getStellarAddress,
+  getStellarAddressFromSolana,
+  truncateAddress
+} from "../utils/index.js";
 import { ParaEvent } from "../types/events.js";
 import { LOCAL_STORAGE_CURRENT_WALLET_IDS, LOCAL_STORAGE_WALLETS, SHORT_POLLING_INTERVAL_MS } from "../constants.js";
 import { distributeNewShare } from "../shares/shareDistribution.js";
@@ -96,7 +102,7 @@ class WalletService {
       return getSchemes(types != null ? types : yield __privateGet(this, _getMissingTypes).call(this)).map((scheme) => {
         switch (scheme) {
           case "ED25519":
-            return "SOLANA";
+            return supportedWalletTypes.some(({ type, optional }) => type === "STELLAR" && !optional) ? "STELLAR" : "SOLANA";
           default:
             return supportedWalletTypes.some(({ type, optional }) => type === "COSMOS" && !optional) ? "COSMOS" : "EVM";
         }
@@ -148,12 +154,14 @@ class WalletService {
       let wallet;
       let keygenRes;
       switch (walletType) {
+        case "STELLAR":
         case "SOLANA": {
           keygenRes = yield __privateGet(this, _paraCoreInterface).platformUtils.ed25519Keygen(
             __privateGet(this, _paraCoreInterface).ctx,
             __privateGet(this, _authService).userId,
             __privateGet(this, _paraCoreInterface).retrieveSessionCookie(),
-            __privateGet(this, _paraCoreInterface).getBackupKitEmailProps()
+            __privateGet(this, _paraCoreInterface).getBackupKitEmailProps(),
+            walletType
           );
           break;
         }
@@ -170,7 +178,7 @@ class WalletService {
         }
       }
       const walletId = keygenRes.walletId;
-      const walletScheme = walletType === "SOLANA" ? "ED25519" : "DKLS";
+      const walletScheme = walletType === "SOLANA" || walletType === "STELLAR" ? "ED25519" : "DKLS";
       signer = keygenRes.signer;
       yield __privateGet(this, _pollingService).poll({
         checkCondition: __privateGet(this, _pollingService).waitForWalletAddress({ walletId }),
@@ -304,6 +312,9 @@ class WalletService {
           prefix = (_b = (_a = options.cosmosPrefix) != null ? _a : __privateGet(this, _paraCoreInterface).cosmosPrefix) != null ? _b : "cosmos";
           str = getCosmosAddress(wallet.publicKey, prefix);
           break;
+        case "STELLAR":
+          str = wallet.publicKey ? getStellarAddress(wallet.publicKey) : getStellarAddressFromSolana(wallet.address);
+          break;
         default:
           prefix = __privateGet(this, _paraCoreInterface).cosmosPrefix;
           str = wallet.address;

package/dist/esm/shares/enclave.js

@@ -261,6 +261,47 @@ ${exportedAsBase64}
       }
     });
   }
+  /**
+   * Migrate a wallet share by encrypting it with the enclave's public key and
+   * sending the encrypted payload to the backend. The plaintext share never
+   * leaves the caller's process.
+   */
+  migrateShare(opts) {
+    return __async(this, null, function* () {
+      const { walletId, userShare, walletScheme, secretApiKey } = opts;
+      try {
+        const signer = this.extractSignerFromUserShare(userShare, walletId);
+        const shareData = {
+          // The enclave requires a non-empty userId but pregen wallets may not have one.
+          // We use walletId as a placeholder — the signing flow never reads this field.
+          userId: walletId,
+          walletId,
+          walletScheme,
+          signer
+        };
+        const encryptedPayload = yield this.encryptForEnclave(JSON.stringify({ shares: [shareData] }));
+        return this.userManagementClient.migrateWalletShare(walletId, JSON.stringify(encryptedPayload), secretApiKey);
+      } catch (error) {
+        throw new Error(
+          `Failed to migrate share for wallet ${walletId}: ${error instanceof Error ? error.message : "Unknown error"}`
+        );
+      }
+    });
+  }
+  extractSignerFromUserShare(userShare, walletId) {
+    const walletSegments = userShare.split("-");
+    for (const segment of walletSegments) {
+      try {
+        const decoded = JSON.parse(Buffer.from(segment, "base64").toString("utf-8"));
+        if (decoded.id === walletId && decoded.signer) {
+          return decoded.signer;
+        }
+      } catch (e) {
+        continue;
+      }
+    }
+    throw new Error(`No wallet with id ${walletId} found in the provided userShare`);
+  }
   persistSharesWithRetry(shares) {
     return __async(this, null, function* () {
       return yield this.persistShares(shares);

package/dist/esm/utils/formatting.js

@@ -48,6 +48,96 @@ function rawSecp256k1PubkeyToRawAddress(pubkeyData) {
   }
   return ripemd160(sha256(pubkeyData));
 }
+const BASE32_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+const BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+const BASE58_MAP = {};
+for (let i = 0; i < BASE58_ALPHABET.length; i++) BASE58_MAP[BASE58_ALPHABET[i]] = i;
+const STELLAR_ED25519_VERSION_BYTE = 6 << 3;
+function crc16xmodem(data) {
+  let crc = 0;
+  for (const byte of data) {
+    crc ^= byte << 8;
+    for (let j = 0; j < 8; j++) {
+      crc = crc & 32768 ? crc << 1 ^ 4129 : crc << 1;
+      crc &= 65535;
+    }
+  }
+  return crc;
+}
+function base32Encode(data) {
+  let result = "";
+  let bits = 0;
+  let value = 0;
+  for (const byte of data) {
+    value = value << 8 | byte;
+    bits += 8;
+    while (bits >= 5) {
+      result += BASE32_ALPHABET[value >>> bits - 5 & 31];
+      bits -= 5;
+    }
+  }
+  if (bits > 0) {
+    result += BASE32_ALPHABET[value << 5 - bits & 31];
+  }
+  return result;
+}
+function base58Decode(str) {
+  const bytes = [0];
+  for (const char of str) {
+    let carry = BASE58_MAP[char];
+    if (carry === void 0) {
+      throw new Error(`Invalid base58 character: ${char}`);
+    }
+    for (let j = 0; j < bytes.length; j++) {
+      carry += bytes[j] * 58;
+      bytes[j] = carry & 255;
+      carry >>= 8;
+    }
+    while (carry > 0) {
+      bytes.push(carry & 255);
+      carry >>= 8;
+    }
+  }
+  let leadingZeros = 0;
+  for (const char of str) {
+    if (char !== "1") break;
+    leadingZeros++;
+  }
+  let sigBytes = bytes.length;
+  while (sigBytes > 0 && bytes[sigBytes - 1] === 0) sigBytes--;
+  const result = new Uint8Array(leadingZeros + sigBytes);
+  for (let i = 0; i < sigBytes; i++) {
+    result[leadingZeros + sigBytes - 1 - i] = bytes[i];
+  }
+  return result;
+}
+function encodeEd25519PublicKey(pubKeyBytes) {
+  if (pubKeyBytes.length !== 32) {
+    throw new Error(`Invalid Ed25519 public key length: expected 32 bytes, got ${pubKeyBytes.length}`);
+  }
+  const payload = new Uint8Array(1 + pubKeyBytes.length);
+  payload[0] = STELLAR_ED25519_VERSION_BYTE;
+  payload.set(pubKeyBytes, 1);
+  const checksum = crc16xmodem(payload);
+  const full = new Uint8Array(payload.length + 2);
+  full.set(payload);
+  full[payload.length] = checksum & 255;
+  full[payload.length + 1] = checksum >> 8 & 255;
+  return base32Encode(full);
+}
+function getStellarAddress(publicKey) {
+  if (!publicKey || publicKey.length === 0) {
+    return "";
+  }
+  const pubKeyBytes = Buffer.from(publicKey.startsWith("0x") ? publicKey.slice(2) : publicKey, "hex");
+  return encodeEd25519PublicKey(pubKeyBytes);
+}
+function getStellarAddressFromSolana(solanaAddress) {
+  if (!solanaAddress || solanaAddress.length === 0) {
+    return "";
+  }
+  return encodeEd25519PublicKey(base58Decode(solanaAddress));
+}
 function getCosmosAddress(publicKey, prefix) {
   if (!publicKey || publicKey.length === 0) {
     return "";
@@ -73,6 +163,8 @@ export {
   compressPubkey,
   decimalToHex,
   getCosmosAddress,
+  getStellarAddress,
+  getStellarAddressFromSolana,
   hexStringToBase64,
   hexToDecimal,
   hexToSignature,

package/dist/esm/utils/wallet.js

@@ -14,7 +14,8 @@ const WalletSchemeTypeMap = {
     COSMOS: true
   },
   ED25519: {
-    SOLANA: true
+    SOLANA: true,
+    STELLAR: true
   }
 };
 function isPregenIdentifierMatch(a, b, type) {

package/dist/types/ParaCore.d.ts

@@ -1,4 +1,4 @@
-import { AuthMethod, AuthExtras, CurrentWalletIds, EmailTheme, PartnerEntity, TWalletType, PregenIds, BiometricLocationHint, Auth, SupportedWalletTypes, AuthIdentifier, AuthType, ExternalWalletInfo, PrimaryAuthInfo, SessionInfo, PrimaryAuth, PrimaryAuthType, AccountMetadata, LinkedAccounts, VerifyLinkParams, VerifyExternalWalletParams as VerifyExternalWalletParamsServer, SupportedAccountLinks, OnRampPurchase, BalancesConfig, Theme, IssueJwtParams } from '@getpara/user-management-client';
+import { AuthMethod, AuthExtras, CurrentWalletIds, EmailTheme, PartnerEntity, TWalletType, PregenIds, BiometricLocationHint, Auth, SupportedWalletTypes, AuthIdentifier, AuthType, ExternalWalletInfo, PrimaryAuthInfo, SessionInfo, PrimaryAuth, PrimaryAuthType, AccountMetadata, LinkedAccounts, VerifyLinkParams, VerifyExternalWalletParams as VerifyExternalWalletParamsServer, SupportedAccountLinks, OnRampPurchase, BalancesConfig, Theme, IssueJwtParams, TWalletScheme } from '@getpara/user-management-client';
 import type { pki as pkiType } from 'node-forge';
 import { Ctx, Environment, Wallet, ConstructorOpts, CoreAuthInfo, CoreMethodParams, CoreMethodResponse, CoreInterface, AccountLinkInProgress, InternalMethodParams, InternalMethodResponse, OAuthResponse, AvailableWallet } from './types/index.js';
 import { PlatformUtils } from './PlatformUtils.js';
@@ -721,6 +721,16 @@ export declare abstract class ParaCore implements CoreInterface {
      * @param {string} base64Wallet the encoded wallet string
      **/
     setUserShare(base64Wallets: string): Promise<void>;
+    /**
+     * Migrate a wallet share to the enclave. The share is ECIES-encrypted before
+     * being sent so the plaintext never leaves the caller's process.
+     */
+    migrateWalletShare(opts: {
+        walletId: string;
+        userShare: string;
+        secretApiKey: string;
+        walletScheme?: TWalletScheme;
+    }): Promise<any>;
     private getTransactionReviewUrl;
     private getOnRampTransactionUrl;
     getWalletBalance(params: GetWalletBalanceParams): Promise<string>;

package/dist/types/PlatformUtils.d.ts

@@ -32,12 +32,12 @@ export interface PlatformUtils {
         r: Buffer;
         s: Buffer;
     }>;
-    ed25519Keygen(ctx: Ctx, userId: string, sessionCookie: string, emailProps?: BackupKitEmailProps): Promise<{
+    ed25519Keygen(ctx: Ctx, userId: string, sessionCookie: string, emailProps?: BackupKitEmailProps, type?: TWalletType): Promise<{
         signer: string;
         walletId: string;
     }>;
     ed25519Sign(ctx: Ctx, userId: string, walletId: string, share: string, base64Bytes: string, sessionCookie: string): Promise<SignatureRes>;
-    ed25519PreKeygen(ctx: Ctx, pregenIdentifier: string, pregenIdentifierType: TPregenIdentifierType, sessionCookie: string): Promise<{
+    ed25519PreKeygen(ctx: Ctx, pregenIdentifier: string, pregenIdentifierType: TPregenIdentifierType, sessionCookie: string, type?: TWalletType): Promise<{
         signer: string;
         walletId: string;
     }>;

package/dist/types/shares/enclave.d.ts

@@ -88,6 +88,18 @@ export declare class EnclaveClient {
         walletIds: string[];
         partnerId: string;
     }): Promise<ShareData[]>;
+    /**
+     * Migrate a wallet share by encrypting it with the enclave's public key and
+     * sending the encrypted payload to the backend. The plaintext share never
+     * leaves the caller's process.
+     */
+    migrateShare(opts: {
+        walletId: string;
+        userShare: string;
+        walletScheme: string;
+        secretApiKey: string;
+    }): Promise<any>;
+    private extractSignerFromUserShare;
     persistSharesWithRetry(shares: ShareData[]): Promise<any>;
     deleteSharesWithRetry(): Promise<void>;
 }

package/dist/types/utils/formatting.d.ts

@@ -12,6 +12,8 @@ export declare function hexToDecimal(hex: string): string;
 export declare function decimalToHex(decimal: string): Hex;
 export declare function compressPubkey(pubkey: Uint8Array): Uint8Array;
 export declare function rawSecp256k1PubkeyToRawAddress(pubkeyData: Uint8Array): Uint8Array;
+export declare function getStellarAddress(publicKey: string): string;
+export declare function getStellarAddressFromSolana(solanaAddress: string): string;
 export declare function getCosmosAddress(publicKey: string, prefix: string): string;
 export declare function truncateAddress(str: string, addressType: TWalletType, { prefix, targetLength, }?: {
     prefix?: string;

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@getpara/core-sdk",
-  "version": "2.19.0",
+  "version": "2.20.0",
   "dependencies": {
     "@celo/utils": "^8.0.2",
     "@cosmjs/encoding": "^0.32.4",
     "@ethereumjs/util": "^9.1.0",
-    "@getpara/user-management-client": "2.19.0",
+    "@getpara/user-management-client": "2.20.0",
     "@noble/hashes": "^1.5.0",
     "axios": "^1.8.4",
     "base64url": "^3.0.1",
@@ -30,7 +30,7 @@
     "dist",
     "package.json"
   ],
-  "gitHead": "7dc9400777adb653c0cc28e0d9236424eb384467",
+  "gitHead": "a8443bcc4018864f5e582f238ade1bb3b4e121f4",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
   "scripts": {