@getpara/core-sdk 3.0.0 → 3.2.0

package/dist/cjs/ParaCore.js

@@ -265,10 +265,11 @@ const _ParaCore = class _ParaCore {
         if (typeof original === "function") {
           this[methodName] = (...args) => {
             var _a;
-            const attrs = __spreadValues({
-              "para.platform": this.platformUtils.sdkType,
+            const attrs = __spreadValues(__spreadProps(__spreadValues({
+              "para.platform": this.platformUtils.sdkType
+            }, this.clientType ? { "para.client_type": this.clientType } : {}), {
               "para.sdk_version": _ParaCore.version
-            }, ((_a = this.partner) == null ? void 0 : _a.id) ? { "para.partner_id": this.partner.id } : {});
+            }), ((_a = this.partner) == null ? void 0 : _a.id) ? { "para.partner_id": this.partner.id } : {});
             return (0, import_tracer.wrapWithSpan)(
               methodName,
               (span) => __async(this, null, function* () {
@@ -430,6 +431,7 @@ const _ParaCore = class _ParaCore {
     this.addCredential = (params) => __async(this, null, function* () {
       return yield __privateGet(this, _authService).addCredential(params);
     });
+    var _a;
     let env, apiKey;
     const actualArgs = Array.from(arguments).filter((arg) => arg !== void 0);
     const actualArgumentCount = actualArgs.length;
@@ -514,11 +516,16 @@ const _ParaCore = class _ParaCore {
         refreshJwt
       );
     };
+    const rawPlatform = (_a = opts.hostPlatform) != null ? _a : this.platformUtils.sdkType;
+    this.clientType = (0, import_userManagementClient.normalizePlatform)(rawPlatform);
     const client = (0, import_userManagementClient.initClient)({
       env,
       version: _ParaCore.version,
       apiKey,
       partnerId: this.isPortal(env) ? opts.portalPartnerId : void 0,
+      // Native shells (Swift/Flutter) set opts.hostPlatform via bridge-v2; web and
+      // React Native fall back to the in-process sdkType. Normalized in initClient.
+      platform: rawPlatform,
       useFetchAdapter: !!opts.disableWorkers,
       retrieveSessionCookie: this.retrieveSessionCookie,
       persistSessionCookie: this.persistSessionCookie
@@ -1570,6 +1577,7 @@ const _ParaCore = class _ParaCore {
           tunnelUrl: `${(0, import_userManagementClient.getBaseUrl)(this.ctx.env)}telemetry`,
           sampleRate: telemetry.sample_rate,
           sdkType: this.platformUtils.sdkType,
+          clientType: this.clientType,
           sdkVersion: _ParaCore.version,
           partnerId: this.partner.id,
           // Only true in DEV — adds localhost to the trace-propagation allow-list

package/dist/cjs/constants.js

@@ -46,7 +46,7 @@ __export(constants_exports, {
   TRANSACTION_REVIEW_TIMEOUT_MS: () => TRANSACTION_REVIEW_TIMEOUT_MS
 });
 module.exports = __toCommonJS(constants_exports);
-const PARA_CORE_VERSION = "3.0.0";
+const PARA_CORE_VERSION = "3.2.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/cjs/external/userManagementClient.js

@@ -30,7 +30,8 @@ __export(userManagementClient_exports, {
   getBaseMPCNetworkUrl: () => getBaseMPCNetworkUrl,
   getBaseOAuthUrl: () => getBaseOAuthUrl,
   getBaseUrl: () => getBaseUrl,
-  initClient: () => initClient
+  initClient: () => initClient,
+  normalizePlatform: () => normalizePlatform
 });
 module.exports = __toCommonJS(userManagementClient_exports);
 var import_user_management_client = __toESM(require("@getpara/user-management-client"));
@@ -93,11 +94,33 @@ function getBaseMPCNetworkUrl(env, useWebsocket) {
       throw new Error(`unsupported env: ${env}`);
   }
 }
+function normalizePlatform(platform) {
+  switch (platform) {
+    case "iOS":
+    case "ios":
+    case "swift":
+      return "swift";
+    case "flutter":
+      return "flutter";
+    case "REACT_NATIVE":
+    case "react-native":
+      return "react-native";
+    case "WEB":
+    case "web":
+      return "web";
+    case "SERVER":
+    case "server":
+      return "server";
+    default:
+      return void 0;
+  }
+}
 function initClient({
   env,
   version,
   apiKey,
   partnerId,
+  platform,
   useFetchAdapter = false,
   retrieveSessionCookie,
   persistSessionCookie,
@@ -108,6 +131,7 @@ function initClient({
     version: [import_types.Environment.DEV, import_types.Environment.SANDBOX].includes(env) ? "dev" : version,
     apiKey,
     partnerId,
+    clientType: normalizePlatform(platform),
     opts: { useFetchAdapter },
     retrieveSessionCookie,
     persistSessionCookie,
@@ -119,5 +143,6 @@ function initClient({
   getBaseMPCNetworkUrl,
   getBaseOAuthUrl,
   getBaseUrl,
-  initClient
+  initClient,
+  normalizePlatform
 });

package/dist/cjs/services/PollingService.js

@@ -412,6 +412,8 @@ class PollingService {
         if (__privateGet(this, _walletService).currentWalletIdsArray.length === 0) {
           return { finished: false };
         }
+      } else if (__privateGet(this, _walletService).currentWalletIdsArray.length === 0) {
+        return { finished: true };
       }
       const sessionLookupId = session.sessionLookupId;
       const temporaryShares = (yield __privateGet(this, _paraCoreInterface).ctx.client.getTransmissionKeyshares(__privateGet(this, _authService).userId, sessionLookupId)).data.temporaryShares;

package/dist/cjs/services/SessionManagementService.js

@@ -1,10 +1,24 @@
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getOwnPropSymbols = Object.getOwnPropertySymbols;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __propIsEnum = Object.prototype.propertyIsEnumerable;
 var __typeError = (msg) => {
   throw TypeError(msg);
 };
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __spreadValues = (a, b) => {
+  for (var prop in b || (b = {}))
+    if (__hasOwnProp.call(b, prop))
+      __defNormalProp(a, prop, b[prop]);
+  if (__getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(b)) {
+      if (__propIsEnum.call(b, prop))
+        __defNormalProp(a, prop, b[prop]);
+    }
+  return a;
+};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -49,8 +63,8 @@ __export(SessionManagementService_exports, {
 module.exports = __toCommonJS(SessionManagementService_exports);
 var import_wallet = require("../utils/wallet.js");
 var import_tracer = require("../telemetry/tracer.js");
-var _authService, _portalUrlService, _walletService, _pregenWalletService, _externalWalletService, _paraCoreInterface, _isImportedSession, _regeneratePromise, _handleTouchSessionError, _doTouchSession;
-class SessionManagementService {
+var _authService, _portalUrlService, _walletService, _pregenWalletService, _externalWalletService, _paraCoreInterface, _isImportedSession, _regeneratePromise, _touchPromise, _touchCachedAt, _touchCached, _TOUCH_TTL_MS, _handleTouchSessionError, _shouldDedupeTouch, _doTouchSession;
+const _SessionManagementService = class _SessionManagementService {
   constructor(paraCore) {
     __privateAdd(this, _authService);
     __privateAdd(this, _portalUrlService);
@@ -60,6 +74,21 @@ class SessionManagementService {
     __privateAdd(this, _paraCoreInterface);
     __privateAdd(this, _isImportedSession);
     __privateAdd(this, _regeneratePromise);
+    // In-flight + short TTL dedupe for touchSession(regenerate=false). Prevents
+    // the post-login storm where useIsFullyLoggedIn → isFullyLoggedIn →
+    // isSessionActive → touchSession() fires once per render across many
+    // consumers (we observed 68 /touch round-trips in a 663ms window during
+    // AccountReady). The result is still authoritative — just shared across
+    // concurrent and immediately-following callers instead of refetched per call.
+    //
+    // IMPORTANT: this is disabled in the portal (see #shouldDedupeTouch). The
+    // portal reuses this same service and depends on touchSession() running its
+    // side-effects (currentWalletIds / partner sync) and returning fresh state on
+    // every sequential poll; a previous unconditional version of this cache
+    // (eb8e5f843, reverted in 58c8dadd6) broke that portal flow.
+    __privateAdd(this, _touchPromise);
+    __privateAdd(this, _touchCachedAt);
+    __privateAdd(this, _touchCached);
     this.init = ({
       authService,
       portalUrlService,
@@ -97,6 +126,15 @@ class SessionManagementService {
       if (regenerate && __privateGet(this, _regeneratePromise) !== void 0) {
         return __privateGet(this, _regeneratePromise);
       }
+      const dedupe = __privateGet(this, _shouldDedupeTouch).call(this, regenerate);
+      if (dedupe) {
+        if (__privateGet(this, _touchPromise) !== void 0) {
+          return __privateGet(this, _touchPromise);
+        }
+        if (__privateGet(this, _touchCached) !== void 0 && __privateGet(this, _touchCachedAt) !== void 0 && Date.now() - __privateGet(this, _touchCachedAt) < __privateGet(_SessionManagementService, _TOUCH_TTL_MS)) {
+          return __spreadValues({}, __privateGet(this, _touchCached));
+        }
+      }
       return (0, import_tracer.wrapWithSpan)(
         "session.touch",
         () => __async(this, null, function* () {
@@ -105,13 +143,32 @@ class SessionManagementService {
             __privateSet(this, _regeneratePromise, promise);
             yield promise.finally(() => {
               __privateSet(this, _regeneratePromise, void 0);
+              __privateSet(this, _touchCached, void 0);
+              __privateSet(this, _touchCachedAt, void 0);
             });
+          } else if (dedupe) {
+            __privateSet(this, _touchPromise, promise);
+            try {
+              const result = yield promise;
+              if (result.userId) {
+                __privateSet(this, _touchCached, result);
+                __privateSet(this, _touchCachedAt, Date.now());
+              }
+            } finally {
+              __privateSet(this, _touchPromise, void 0);
+            }
           }
           return promise;
         }),
         { "session.regenerate": regenerate }
       );
     });
+    // Whether the non-regenerate dedupe/cache should apply. Disabled in the portal,
+    // which depends on every touchSession() call running its side-effects and
+    // returning fresh session state (see #touchCached docs).
+    __privateAdd(this, _shouldDedupeTouch, (regenerate) => {
+      return !regenerate && !__privateGet(this, _paraCoreInterface).isPortal();
+    });
     __privateAdd(this, _doTouchSession, (regenerate) => __async(this, null, function* () {
       var _a, _b;
       if (!__privateGet(this, _paraCoreInterface).isWorkerInitialized) {
@@ -270,7 +327,7 @@ class SessionManagementService {
   set isImportedSession(value) {
     __privateSet(this, _isImportedSession, value);
   }
-}
+};
 _authService = new WeakMap();
 _portalUrlService = new WeakMap();
 _walletService = new WeakMap();
@@ -279,8 +336,15 @@ _externalWalletService = new WeakMap();
 _paraCoreInterface = new WeakMap();
 _isImportedSession = new WeakMap();
 _regeneratePromise = new WeakMap();
+_touchPromise = new WeakMap();
+_touchCachedAt = new WeakMap();
+_touchCached = new WeakMap();
+_TOUCH_TTL_MS = new WeakMap();
 _handleTouchSessionError = new WeakMap();
+_shouldDedupeTouch = new WeakMap();
 _doTouchSession = new WeakMap();
+__privateAdd(_SessionManagementService, _TOUCH_TTL_MS, 1e3);
+let SessionManagementService = _SessionManagementService;
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   SessionManagementService

package/dist/cjs/telemetry/BeaconSpanProcessor.js

@@ -0,0 +1,99 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
+var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
+var __privateAdd = (obj, member, value) => member.has(obj) ? __typeError("Cannot add the same private member more than once") : member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
+var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
+var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
+var BeaconSpanProcessor_exports = {};
+__export(BeaconSpanProcessor_exports, {
+  BeaconSpanProcessor: () => BeaconSpanProcessor
+});
+module.exports = __toCommonJS(BeaconSpanProcessor_exports);
+var import_otlp_transformer = require("@opentelemetry/otlp-transformer");
+var _spans, _pagehideListener, _visibilityListener, _url, _BeaconSpanProcessor_instances, flushViaBeacon_fn;
+const MAX_BUFFER_SIZE = 200;
+class BeaconSpanProcessor {
+  constructor(url) {
+    __privateAdd(this, _BeaconSpanProcessor_instances);
+    __privateAdd(this, _spans, []);
+    __privateAdd(this, _pagehideListener);
+    __privateAdd(this, _visibilityListener);
+    __privateAdd(this, _url);
+    __privateSet(this, _url, url);
+    if (typeof window !== "undefined") {
+      __privateSet(this, _pagehideListener, () => __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this));
+      __privateSet(this, _visibilityListener, () => {
+        if (typeof document !== "undefined" && document.visibilityState === "hidden") {
+          __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this);
+        }
+      });
+      window.addEventListener("pagehide", __privateGet(this, _pagehideListener));
+      if (typeof document !== "undefined") {
+        document.addEventListener("visibilitychange", __privateGet(this, _visibilityListener));
+      }
+    }
+  }
+  onStart(_span, _parentContext) {
+  }
+  onEnd(span) {
+    __privateGet(this, _spans).push(span);
+    if (__privateGet(this, _spans).length > MAX_BUFFER_SIZE) {
+      __privateGet(this, _spans).shift();
+    }
+  }
+  forceFlush() {
+    return Promise.resolve();
+  }
+  shutdown() {
+    __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this);
+    if (__privateGet(this, _pagehideListener) && typeof window !== "undefined") {
+      window.removeEventListener("pagehide", __privateGet(this, _pagehideListener));
+      __privateSet(this, _pagehideListener, void 0);
+    }
+    if (__privateGet(this, _visibilityListener) && typeof document !== "undefined") {
+      document.removeEventListener("visibilitychange", __privateGet(this, _visibilityListener));
+      __privateSet(this, _visibilityListener, void 0);
+    }
+    __privateSet(this, _spans, []);
+    return Promise.resolve();
+  }
+}
+_spans = new WeakMap();
+_pagehideListener = new WeakMap();
+_visibilityListener = new WeakMap();
+_url = new WeakMap();
+_BeaconSpanProcessor_instances = new WeakSet();
+flushViaBeacon_fn = function() {
+  if (__privateGet(this, _spans).length === 0) return;
+  if (typeof navigator === "undefined" || typeof navigator.sendBeacon !== "function") return;
+  try {
+    const body = import_otlp_transformer.JsonTraceSerializer.serializeRequest(__privateGet(this, _spans));
+    const blob = new Blob([body], { type: "application/json" });
+    navigator.sendBeacon(__privateGet(this, _url), blob);
+    __privateSet(this, _spans, []);
+  } catch (e) {
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BeaconSpanProcessor
+});

package/dist/cjs/telemetry/init.js

@@ -99,21 +99,29 @@ function initTelemetry(opts) {
       } catch (e) {
       }
     }
-    const resource = (0, import_resources.resourceFromAttributes)(__spreadValues(__spreadValues({
+    const resource = (0, import_resources.resourceFromAttributes)(__spreadValues(__spreadValues(__spreadValues({
       [import_semantic_conventions.ATTR_SERVICE_NAME]: opts.isPortal ? "para-portal" : "para-sdk",
       [import_semantic_conventions.ATTR_SERVICE_VERSION]: opts.sdkVersion,
       "para.platform": opts.sdkType
-    }, opts.partnerId ? { "para.partner_id": opts.partnerId } : {}), opts.resourceAttributes));
+    }, opts.clientType ? { "para.client_type": opts.clientType } : {}), opts.partnerId ? { "para.partner_id": opts.partnerId } : {}), opts.resourceAttributes));
     const exporter = new import_exporter_trace_otlp_http.OTLPTraceExporter({
       url: opts.tunnelUrl
       // No auth header — the tunnel is a dumb proxy. Per-IP rate limit + body cap on the
       // BE side keep abuse contained.
     });
     const sampler = new import_sdk_trace_base.TraceIdRatioBasedSampler(Math.max(0, Math.min(1, opts.sampleRate)));
+    const spanProcessors = [new import_uxStateSpanProcessor.UxStateSpanProcessor(), new import_sdk_trace_base.BatchSpanProcessor(exporter)];
+    if (isWeb && opts.isPortal) {
+      try {
+        const { BeaconSpanProcessor } = yield import("./BeaconSpanProcessor.js");
+        spanProcessors.push(new BeaconSpanProcessor(opts.tunnelUrl));
+      } catch (e) {
+      }
+    }
     tracerProvider = new import_sdk_trace_base.BasicTracerProvider({
       resource,
       sampler,
-      spanProcessors: [new import_uxStateSpanProcessor.UxStateSpanProcessor(), new import_sdk_trace_base.BatchSpanProcessor(exporter)]
+      spanProcessors
     });
     import_api.trace.setGlobalTracerProvider(tracerProvider);
     import_api.propagation.setGlobalPropagator(

package/dist/esm/ParaCore.js

@@ -29,7 +29,7 @@ import {
 import forge from "node-forge";
 const { pki, jsbn } = forge;
 import { decryptWithPrivateKey, getAsymmetricKeyPair } from "./cryptography/utils.js";
-import { getBaseUrl, initClient } from "./external/userManagementClient.js";
+import { getBaseUrl, initClient, normalizePlatform } from "./external/userManagementClient.js";
 import * as mpcComputationClient from "./external/mpcComputationClient.js";
 import {
   Environment,
@@ -210,10 +210,11 @@ const _ParaCore = class _ParaCore {
         if (typeof original === "function") {
           this[methodName] = (...args) => {
             var _a;
-            const attrs = __spreadValues({
-              "para.platform": this.platformUtils.sdkType,
+            const attrs = __spreadValues(__spreadProps(__spreadValues({
+              "para.platform": this.platformUtils.sdkType
+            }, this.clientType ? { "para.client_type": this.clientType } : {}), {
               "para.sdk_version": _ParaCore.version
-            }, ((_a = this.partner) == null ? void 0 : _a.id) ? { "para.partner_id": this.partner.id } : {});
+            }), ((_a = this.partner) == null ? void 0 : _a.id) ? { "para.partner_id": this.partner.id } : {});
             return wrapWithSpan(
               methodName,
               (span) => __async(this, null, function* () {
@@ -375,6 +376,7 @@ const _ParaCore = class _ParaCore {
     this.addCredential = (params) => __async(this, null, function* () {
       return yield __privateGet(this, _authService).addCredential(params);
     });
+    var _a;
     let env, apiKey;
     const actualArgs = Array.from(arguments).filter((arg) => arg !== void 0);
     const actualArgumentCount = actualArgs.length;
@@ -459,11 +461,16 @@ const _ParaCore = class _ParaCore {
         refreshJwt
       );
     };
+    const rawPlatform = (_a = opts.hostPlatform) != null ? _a : this.platformUtils.sdkType;
+    this.clientType = normalizePlatform(rawPlatform);
     const client = initClient({
       env,
       version: _ParaCore.version,
       apiKey,
       partnerId: this.isPortal(env) ? opts.portalPartnerId : void 0,
+      // Native shells (Swift/Flutter) set opts.hostPlatform via bridge-v2; web and
+      // React Native fall back to the in-process sdkType. Normalized in initClient.
+      platform: rawPlatform,
       useFetchAdapter: !!opts.disableWorkers,
       retrieveSessionCookie: this.retrieveSessionCookie,
       persistSessionCookie: this.persistSessionCookie
@@ -1515,6 +1522,7 @@ const _ParaCore = class _ParaCore {
           tunnelUrl: `${getBaseUrl(this.ctx.env)}telemetry`,
           sampleRate: telemetry.sample_rate,
           sdkType: this.platformUtils.sdkType,
+          clientType: this.clientType,
           sdkVersion: _ParaCore.version,
           partnerId: this.partner.id,
           // Only true in DEV — adds localhost to the trace-propagation allow-list

package/dist/esm/constants.js

@@ -1,5 +1,5 @@
 import "./chunk-7B52C2XE.js";
-const PARA_CORE_VERSION = "3.0.0";
+const PARA_CORE_VERSION = "3.2.0";
 const PREFIX = "@CAPSULE/";
 const PARA_PREFIX = "@PARA/";
 const LOCAL_STORAGE_AUTH_INFO = `${PREFIX}authInfo`;

package/dist/esm/external/userManagementClient.js

@@ -59,11 +59,33 @@ function getBaseMPCNetworkUrl(env, useWebsocket) {
       throw new Error(`unsupported env: ${env}`);
   }
 }
+function normalizePlatform(platform) {
+  switch (platform) {
+    case "iOS":
+    case "ios":
+    case "swift":
+      return "swift";
+    case "flutter":
+      return "flutter";
+    case "REACT_NATIVE":
+    case "react-native":
+      return "react-native";
+    case "WEB":
+    case "web":
+      return "web";
+    case "SERVER":
+    case "server":
+      return "server";
+    default:
+      return void 0;
+  }
+}
 function initClient({
   env,
   version,
   apiKey,
   partnerId,
+  platform,
   useFetchAdapter = false,
   retrieveSessionCookie,
   persistSessionCookie,
@@ -74,6 +96,7 @@ function initClient({
     version: [Environment.DEV, Environment.SANDBOX].includes(env) ? "dev" : version,
     apiKey,
     partnerId,
+    clientType: normalizePlatform(platform),
     opts: { useFetchAdapter },
     retrieveSessionCookie,
     persistSessionCookie,
@@ -84,5 +107,6 @@ export {
   getBaseMPCNetworkUrl,
   getBaseOAuthUrl,
   getBaseUrl,
-  initClient
+  initClient,
+  normalizePlatform
 };

package/dist/esm/services/PollingService.js

@@ -354,6 +354,8 @@ class PollingService {
         if (__privateGet(this, _walletService).currentWalletIdsArray.length === 0) {
           return { finished: false };
         }
+      } else if (__privateGet(this, _walletService).currentWalletIdsArray.length === 0) {
+        return { finished: true };
       }
       const sessionLookupId = session.sessionLookupId;
       const temporaryShares = (yield __privateGet(this, _paraCoreInterface).ctx.client.getTransmissionKeyshares(__privateGet(this, _authService).userId, sessionLookupId)).data.temporaryShares;

package/dist/esm/services/SessionManagementService.js

@@ -2,12 +2,13 @@ import {
   __async,
   __privateAdd,
   __privateGet,
-  __privateSet
+  __privateSet,
+  __spreadValues
 } from "../chunk-7B52C2XE.js";
-var _authService, _portalUrlService, _walletService, _pregenWalletService, _externalWalletService, _paraCoreInterface, _isImportedSession, _regeneratePromise, _handleTouchSessionError, _doTouchSession;
+var _authService, _portalUrlService, _walletService, _pregenWalletService, _externalWalletService, _paraCoreInterface, _isImportedSession, _regeneratePromise, _touchPromise, _touchCachedAt, _touchCached, _TOUCH_TTL_MS, _handleTouchSessionError, _shouldDedupeTouch, _doTouchSession;
 import { currentWalletIdsEq, supportedWalletTypesEq } from "../utils/wallet.js";
 import { wrapWithSpan } from "../telemetry/tracer.js";
-class SessionManagementService {
+const _SessionManagementService = class _SessionManagementService {
   constructor(paraCore) {
     __privateAdd(this, _authService);
     __privateAdd(this, _portalUrlService);
@@ -17,6 +18,21 @@ class SessionManagementService {
     __privateAdd(this, _paraCoreInterface);
     __privateAdd(this, _isImportedSession);
     __privateAdd(this, _regeneratePromise);
+    // In-flight + short TTL dedupe for touchSession(regenerate=false). Prevents
+    // the post-login storm where useIsFullyLoggedIn → isFullyLoggedIn →
+    // isSessionActive → touchSession() fires once per render across many
+    // consumers (we observed 68 /touch round-trips in a 663ms window during
+    // AccountReady). The result is still authoritative — just shared across
+    // concurrent and immediately-following callers instead of refetched per call.
+    //
+    // IMPORTANT: this is disabled in the portal (see #shouldDedupeTouch). The
+    // portal reuses this same service and depends on touchSession() running its
+    // side-effects (currentWalletIds / partner sync) and returning fresh state on
+    // every sequential poll; a previous unconditional version of this cache
+    // (eb8e5f843, reverted in 58c8dadd6) broke that portal flow.
+    __privateAdd(this, _touchPromise);
+    __privateAdd(this, _touchCachedAt);
+    __privateAdd(this, _touchCached);
     this.init = ({
       authService,
       portalUrlService,
@@ -54,6 +70,15 @@ class SessionManagementService {
       if (regenerate && __privateGet(this, _regeneratePromise) !== void 0) {
         return __privateGet(this, _regeneratePromise);
       }
+      const dedupe = __privateGet(this, _shouldDedupeTouch).call(this, regenerate);
+      if (dedupe) {
+        if (__privateGet(this, _touchPromise) !== void 0) {
+          return __privateGet(this, _touchPromise);
+        }
+        if (__privateGet(this, _touchCached) !== void 0 && __privateGet(this, _touchCachedAt) !== void 0 && Date.now() - __privateGet(this, _touchCachedAt) < __privateGet(_SessionManagementService, _TOUCH_TTL_MS)) {
+          return __spreadValues({}, __privateGet(this, _touchCached));
+        }
+      }
       return wrapWithSpan(
         "session.touch",
         () => __async(this, null, function* () {
@@ -62,13 +87,32 @@ class SessionManagementService {
             __privateSet(this, _regeneratePromise, promise);
             yield promise.finally(() => {
               __privateSet(this, _regeneratePromise, void 0);
+              __privateSet(this, _touchCached, void 0);
+              __privateSet(this, _touchCachedAt, void 0);
             });
+          } else if (dedupe) {
+            __privateSet(this, _touchPromise, promise);
+            try {
+              const result = yield promise;
+              if (result.userId) {
+                __privateSet(this, _touchCached, result);
+                __privateSet(this, _touchCachedAt, Date.now());
+              }
+            } finally {
+              __privateSet(this, _touchPromise, void 0);
+            }
           }
           return promise;
         }),
         { "session.regenerate": regenerate }
       );
     });
+    // Whether the non-regenerate dedupe/cache should apply. Disabled in the portal,
+    // which depends on every touchSession() call running its side-effects and
+    // returning fresh session state (see #touchCached docs).
+    __privateAdd(this, _shouldDedupeTouch, (regenerate) => {
+      return !regenerate && !__privateGet(this, _paraCoreInterface).isPortal();
+    });
     __privateAdd(this, _doTouchSession, (regenerate) => __async(this, null, function* () {
       var _a, _b;
       if (!__privateGet(this, _paraCoreInterface).isWorkerInitialized) {
@@ -227,7 +271,7 @@ class SessionManagementService {
   set isImportedSession(value) {
     __privateSet(this, _isImportedSession, value);
   }
-}
+};
 _authService = new WeakMap();
 _portalUrlService = new WeakMap();
 _walletService = new WeakMap();
@@ -236,8 +280,15 @@ _externalWalletService = new WeakMap();
 _paraCoreInterface = new WeakMap();
 _isImportedSession = new WeakMap();
 _regeneratePromise = new WeakMap();
+_touchPromise = new WeakMap();
+_touchCachedAt = new WeakMap();
+_touchCached = new WeakMap();
+_TOUCH_TTL_MS = new WeakMap();
 _handleTouchSessionError = new WeakMap();
+_shouldDedupeTouch = new WeakMap();
 _doTouchSession = new WeakMap();
+__privateAdd(_SessionManagementService, _TOUCH_TTL_MS, 1e3);
+let SessionManagementService = _SessionManagementService;
 export {
   SessionManagementService
 };

package/dist/esm/telemetry/BeaconSpanProcessor.js

@@ -0,0 +1,74 @@
+import {
+  __privateAdd,
+  __privateGet,
+  __privateMethod,
+  __privateSet
+} from "../chunk-7B52C2XE.js";
+var _spans, _pagehideListener, _visibilityListener, _url, _BeaconSpanProcessor_instances, flushViaBeacon_fn;
+import { JsonTraceSerializer } from "@opentelemetry/otlp-transformer";
+const MAX_BUFFER_SIZE = 200;
+class BeaconSpanProcessor {
+  constructor(url) {
+    __privateAdd(this, _BeaconSpanProcessor_instances);
+    __privateAdd(this, _spans, []);
+    __privateAdd(this, _pagehideListener);
+    __privateAdd(this, _visibilityListener);
+    __privateAdd(this, _url);
+    __privateSet(this, _url, url);
+    if (typeof window !== "undefined") {
+      __privateSet(this, _pagehideListener, () => __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this));
+      __privateSet(this, _visibilityListener, () => {
+        if (typeof document !== "undefined" && document.visibilityState === "hidden") {
+          __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this);
+        }
+      });
+      window.addEventListener("pagehide", __privateGet(this, _pagehideListener));
+      if (typeof document !== "undefined") {
+        document.addEventListener("visibilitychange", __privateGet(this, _visibilityListener));
+      }
+    }
+  }
+  onStart(_span, _parentContext) {
+  }
+  onEnd(span) {
+    __privateGet(this, _spans).push(span);
+    if (__privateGet(this, _spans).length > MAX_BUFFER_SIZE) {
+      __privateGet(this, _spans).shift();
+    }
+  }
+  forceFlush() {
+    return Promise.resolve();
+  }
+  shutdown() {
+    __privateMethod(this, _BeaconSpanProcessor_instances, flushViaBeacon_fn).call(this);
+    if (__privateGet(this, _pagehideListener) && typeof window !== "undefined") {
+      window.removeEventListener("pagehide", __privateGet(this, _pagehideListener));
+      __privateSet(this, _pagehideListener, void 0);
+    }
+    if (__privateGet(this, _visibilityListener) && typeof document !== "undefined") {
+      document.removeEventListener("visibilitychange", __privateGet(this, _visibilityListener));
+      __privateSet(this, _visibilityListener, void 0);
+    }
+    __privateSet(this, _spans, []);
+    return Promise.resolve();
+  }
+}
+_spans = new WeakMap();
+_pagehideListener = new WeakMap();
+_visibilityListener = new WeakMap();
+_url = new WeakMap();
+_BeaconSpanProcessor_instances = new WeakSet();
+flushViaBeacon_fn = function() {
+  if (__privateGet(this, _spans).length === 0) return;
+  if (typeof navigator === "undefined" || typeof navigator.sendBeacon !== "function") return;
+  try {
+    const body = JsonTraceSerializer.serializeRequest(__privateGet(this, _spans));
+    const blob = new Blob([body], { type: "application/json" });
+    navigator.sendBeacon(__privateGet(this, _url), blob);
+    __privateSet(this, _spans, []);
+  } catch (e) {
+  }
+};
+export {
+  BeaconSpanProcessor
+};

package/dist/esm/telemetry/init.js

@@ -2,7 +2,11 @@ import {
   __async,
   __spreadValues
 } from "../chunk-7B52C2XE.js";
-import { BatchSpanProcessor, BasicTracerProvider, TraceIdRatioBasedSampler } from "@opentelemetry/sdk-trace-base";
+import {
+  BatchSpanProcessor,
+  BasicTracerProvider,
+  TraceIdRatioBasedSampler
+} from "@opentelemetry/sdk-trace-base";
 import { OTLPTraceExporter } from "@opentelemetry/exporter-trace-otlp-http";
 import { resourceFromAttributes } from "@opentelemetry/resources";
 import { ATTR_SERVICE_NAME, ATTR_SERVICE_VERSION } from "@opentelemetry/semantic-conventions";
@@ -33,21 +37,29 @@ function initTelemetry(opts) {
       } catch (e) {
       }
     }
-    const resource = resourceFromAttributes(__spreadValues(__spreadValues({
+    const resource = resourceFromAttributes(__spreadValues(__spreadValues(__spreadValues({
       [ATTR_SERVICE_NAME]: opts.isPortal ? "para-portal" : "para-sdk",
       [ATTR_SERVICE_VERSION]: opts.sdkVersion,
       "para.platform": opts.sdkType
-    }, opts.partnerId ? { "para.partner_id": opts.partnerId } : {}), opts.resourceAttributes));
+    }, opts.clientType ? { "para.client_type": opts.clientType } : {}), opts.partnerId ? { "para.partner_id": opts.partnerId } : {}), opts.resourceAttributes));
     const exporter = new OTLPTraceExporter({
       url: opts.tunnelUrl
       // No auth header — the tunnel is a dumb proxy. Per-IP rate limit + body cap on the
       // BE side keep abuse contained.
     });
     const sampler = new TraceIdRatioBasedSampler(Math.max(0, Math.min(1, opts.sampleRate)));
+    const spanProcessors = [new UxStateSpanProcessor(), new BatchSpanProcessor(exporter)];
+    if (isWeb && opts.isPortal) {
+      try {
+        const { BeaconSpanProcessor } = yield import("./BeaconSpanProcessor.js");
+        spanProcessors.push(new BeaconSpanProcessor(opts.tunnelUrl));
+      } catch (e) {
+      }
+    }
     tracerProvider = new BasicTracerProvider({
       resource,
       sampler,
-      spanProcessors: [new UxStateSpanProcessor(), new BatchSpanProcessor(exporter)]
+      spanProcessors
     });
     trace.setGlobalTracerProvider(tracerProvider);
     propagation.setGlobalPropagator(

package/dist/types/ParaCore.d.ts

@@ -295,6 +295,7 @@ export declare abstract class ParaCore implements CoreInterface {
         onRampPurchase: OnRampPurchase;
     } | undefined;
     protected platformUtils: PlatformUtils;
+    private clientType?;
     protected nonPersistedStorageKeys: string[];
     private localStorageGetItem;
     private localStorageSetItem;

package/dist/types/external/userManagementClient.d.ts

@@ -3,11 +3,21 @@ import { Environment } from '../types/index.js';
 export declare function getBaseOAuthUrl(env: Environment): string;
 export declare function getBaseUrl(env: Environment, scheme?: 'http' | 'ws'): string;
 export declare function getBaseMPCNetworkUrl(env: Environment, useWebsocket?: boolean): string;
-export declare function initClient({ env, version, apiKey, partnerId, useFetchAdapter, retrieveSessionCookie, persistSessionCookie, staticTraceContext, }: {
+/**
+ * Maps a raw host-platform / sdkType value onto the normalized `client_type`
+ * dimension used by backend analytics + Sentry. Unknown values (e.g. BRIDGE
+ * without a resolved host) return undefined so the backend omits the property
+ * rather than emitting a meaningless bucket. CLI sets `client_type` directly
+ * outside this core SDK path.
+ */
+export declare function normalizePlatform(platform?: string): string | undefined;
+export declare function initClient({ env, version, apiKey, partnerId, platform, useFetchAdapter, retrieveSessionCookie, persistSessionCookie, staticTraceContext, }: {
     env: Environment;
     version?: string;
     apiKey: string;
     partnerId?: string;
+    /** Raw host platform (e.g. 'iOS', 'flutter') or sdkType; normalized to client_type. */
+    platform?: string;
     useFetchAdapter?: boolean;
     retrieveSessionCookie?: () => string;
     persistSessionCookie?: (cookie: string) => void;

package/dist/types/telemetry/BeaconSpanProcessor.d.ts

@@ -0,0 +1,10 @@
+import type { ReadableSpan, Span, SpanProcessor } from '@opentelemetry/sdk-trace-base';
+import type { Context } from '@opentelemetry/api';
+export declare class BeaconSpanProcessor implements SpanProcessor {
+    #private;
+    constructor(url: string);
+    onStart(_span: Span, _parentContext: Context): void;
+    onEnd(span: ReadableSpan): void;
+    forceFlush(): Promise<void>;
+    shutdown(): Promise<void>;
+}

package/dist/types/telemetry/init.d.ts

@@ -4,6 +4,7 @@ export type InitTelemetryOpts = {
     tunnelUrl: string;
     sampleRate: number;
     sdkType: SDKType;
+    clientType?: string;
     sdkVersion: string;
     partnerId?: string;
     resourceAttributes?: Attributes;

package/dist/types/types/config.d.ts

@@ -59,6 +59,14 @@ export type SupportedWalletTypeConfig = {
     optional?: boolean;
 };
 export interface ConstructorOpts {
+    /**
+     * Host platform of the native shell hosting this SDK instance (e.g. 'iOS',
+     * 'flutter'). Set by bridge-v2 from the native Para#init metadata so the
+     * backend can attribute analytics/errors to the originating SDK. Normalized
+     * to client_type (swift | flutter | react-native | web). React Native and
+     * web derive their platform from platformUtils.sdkType and leave this unset.
+     */
+    hostPlatform?: string;
     externalWalletConnectionOnly?: boolean;
     useStorageOverrides?: boolean;
     disableWorkers?: boolean;

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@getpara/core-sdk",
-  "version": "3.0.0",
+  "version": "3.2.0",
   "dependencies": {
     "@celo/utils": "^8.0.2",
     "@cosmjs/encoding": "^0.32.4",
     "@ethereumjs/util": "^9.1.0",
-    "@getpara/user-management-client": "3.0.0",
+    "@getpara/user-management-client": "3.2.0",
     "@noble/hashes": "^1.5.0",
     "@opentelemetry/api": "^1.9.1",
     "@opentelemetry/context-zone": "^2.7.1",
@@ -14,6 +14,7 @@
     "@opentelemetry/instrumentation": "^0.215.0",
     "@opentelemetry/instrumentation-fetch": "^0.215.0",
     "@opentelemetry/instrumentation-xml-http-request": "^0.216.0",
+    "@opentelemetry/otlp-transformer": "^0.215.0",
     "@opentelemetry/resources": "^2.7.0",
     "@opentelemetry/sdk-trace-base": "^2.7.0",
     "@opentelemetry/semantic-conventions": "^1.40.0",
@@ -40,7 +41,7 @@
     "dist",
     "package.json"
   ],
-  "gitHead": "e6c42e42adfcfadb0114b1ac65ba5203e6274712",
+  "gitHead": "096152f48e9d9a64fdb192588315c64d33d15a1b",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
   "scripts": {