@getpara/react-native-wallet 2.26.0 → 2.28.0

package/dist/react-native/ParaMobile.d.ts

@@ -7,6 +7,7 @@ import { AuthStateSignup, ConstructorOpts, ParaCore, Environment, PlatformUtils,
  * const para = new ParaMobile(Environment.BETA, "api_key");
  */
 export declare class ParaMobile extends ParaCore {
+    #private;
     isNativePasskey: boolean;
     private relyingPartyId;
     /**

package/dist/react-native/ParaMobile.js

@@ -7,6 +7,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _ParaMobile_instances, _ParaMobile_runLoginWithPasskey;
 import { ParaCore, Environment, decryptPrivateKeyAndDecryptShare, encryptPrivateKey, getAsymmetricKeyPair, getDerivedPrivateKeyAndDecrypt, getPublicKeyHex, getSHA256HashHex, parseCredentialCreationRes, } from '@getpara/web-sdk';
 import { ReactNativeUtils } from './ReactNativeUtils.js';
 import { Passkey, } from 'react-native-passkey';
@@ -78,6 +84,7 @@ export class ParaMobile extends ParaCore {
         }
         env = ParaCore.resolveEnvironment(env, apiKey); // Ensure the environment is resolved before calling super
         super(env, apiKey, opts);
+        _ParaMobile_instances.add(this);
         this.isNativePasskey = true;
         setEnv(env);
         if (relyingPartyId) {
@@ -195,81 +202,31 @@ export class ParaMobile extends ParaCore {
      */
     loginWithPasskey() {
         return __awaiter(this, void 0, void 0, function* () {
-            this.assertIsAuthSet();
-            const userId = this.assertUserId();
-            const { challenge, allowedPublicKeys } = yield this.ctx.client.getWebChallenge({ userId });
-            const requestJson = {
-                challenge,
-                timeout: 60000,
-                rpId: this.relyingPartyId,
-                allowCredentials: (allowedPublicKeys === null || allowedPublicKeys === void 0 ? void 0 : allowedPublicKeys[0]) ? [{ type: 'public-key', id: allowedPublicKeys[0] }] : [],
-            };
-            let result;
             try {
-                result = yield Passkey.get(requestJson);
+                yield __classPrivateFieldGet(this, _ParaMobile_instances, "m", _ParaMobile_runLoginWithPasskey).call(this);
             }
             catch (error) {
-                const enriched = mapPasskeyError(error);
-                logPasskeyDiagnostic(enriched, 'login', this.relyingPartyId);
-                throw enriched;
-            }
-            let resultJson;
-            if (typeof result === 'string') {
-                resultJson = JSON.parse(result);
-            }
-            else {
-                resultJson = result;
-            }
-            const { partnerId, sessionLookupId } = yield this.ctx.client.touchSession();
-            const publicKey = resultJson.id;
-            const verifyWebChallengeResult = yield this.ctx.client.verifyWebChallenge(partnerId, {
-                publicKey,
-                signature: {
-                    clientDataJSON: resultJson.response.clientDataJSON,
-                    authenticatorData: resultJson.response.authenticatorData,
-                    signature: resultJson.response.signature,
-                },
-            });
-            if (userId !== verifyWebChallengeResult.data.userId) {
-                throw new Error('User ID mismatch');
-            }
-            const encryptedSharesResult = yield this.ctx.client.getBiometricKeyshares(userId, resultJson.id);
-            const encryptionKeyHash = getSHA256HashHex(resultJson.response.userHandle);
-            const { encryptedPrivateKeys } = yield this.ctx.client.getEncryptedWalletPrivateKeys(userId, encryptionKeyHash);
-            let decryptedShares;
-            if (encryptedPrivateKeys.length === 0) {
-                decryptedShares = yield getDerivedPrivateKeyAndDecrypt(this.ctx, resultJson.response.userHandle, encryptedSharesResult.data.keyShares);
-                const keyPair = yield getAsymmetricKeyPair(this.ctx, resultJson.response.userHandle);
-                const encryptedPrivateKeyHex = yield encryptPrivateKey(keyPair, resultJson.response.userHandle);
-                yield this.ctx.client.uploadEncryptedWalletPrivateKey(userId, encryptedPrivateKeyHex, encryptionKeyHash, resultJson.id);
-            }
-            else {
-                decryptedShares = yield decryptPrivateKeyAndDecryptShare(resultJson.response.userHandle, encryptedSharesResult.data.keyShares, encryptedPrivateKeys[0].encryptedPrivateKey);
+                // The native passkey ceremony runs on a different async chain from
+                // `authenticateWithOAuth` / `authenticateWithEmailOrPhone`, which put the
+                // auth state machine into `waiting_for_session` and poll until the session
+                // flips to authenticated. If the passkey ceremony or any subsequent step
+                // throws (no credential available, user cancelled, misconfigured RP,
+                // user-id mismatch, network error, etc.), nothing else cancels that
+                // polling — the caller awaiting `authenticateWithOAuth` would otherwise
+                // hang forever.
+                //
+                // Cancel the auth state machine here so the parent flow rejects with a
+                // clear "Authentication canceled" error instead of hanging. `cancelAuthFlow`
+                // no-ops when the state machine is already unauthenticated/error, so this
+                // is safe when `loginWithPasskey` is called outside of an auth flow.
+                try {
+                    yield this.cancelAuthFlow();
+                }
+                catch (_a) {
+                    // Best-effort. Surface the original passkey error regardless.
+                }
+                throw error;
             }
-            const walletsRes = yield this.ctx.client.getWallets(userId);
-            const desiredWallets = walletsRes.data.wallets;
-            const walletsToInsert = {};
-            for (let desiredWallet of desiredWallets) {
-                const decryptedShare = decryptedShares.find(share => share.walletId === desiredWallet.id);
-                walletsToInsert[decryptedShare.walletId] = {
-                    id: decryptedShare.walletId,
-                    signer: decryptedShare.signer,
-                    address: desiredWallet.address || undefined,
-                    publicKey: desiredWallet.publicKey || undefined,
-                    scheme: desiredWallet.scheme,
-                    type: desiredWallet.type || undefined,
-                };
-            }
-            const currentWalletIds = {};
-            for (const wallet of Object.values(walletsToInsert)) {
-                const { id, type } = wallet;
-                const currentIdsForType = currentWalletIds[type || 'EVM'] || [];
-                currentWalletIds[type || 'EVM'] = [...currentIdsForType, id];
-            }
-            yield this.setWallets(walletsToInsert);
-            yield this.setCurrentWalletIds(currentWalletIds, {
-                sessionLookupId,
-            });
         });
     }
     /**
@@ -307,3 +264,82 @@ export class ParaMobile extends ParaCore {
         (_b = (_a = this.platformUtils).postMessage) === null || _b === void 0 ? void 0 : _b.call(_a, { data });
     }
 }
+_ParaMobile_instances = new WeakSet(), _ParaMobile_runLoginWithPasskey = function _ParaMobile_runLoginWithPasskey() {
+    return __awaiter(this, void 0, void 0, function* () {
+        this.assertIsAuthSet();
+        const userId = this.assertUserId();
+        const { challenge, allowedPublicKeys } = yield this.ctx.client.getWebChallenge({ userId });
+        const requestJson = {
+            challenge,
+            timeout: 60000,
+            rpId: this.relyingPartyId,
+            allowCredentials: (allowedPublicKeys === null || allowedPublicKeys === void 0 ? void 0 : allowedPublicKeys[0]) ? [{ type: 'public-key', id: allowedPublicKeys[0] }] : [],
+        };
+        let result;
+        try {
+            result = yield Passkey.get(requestJson);
+        }
+        catch (error) {
+            const enriched = mapPasskeyError(error);
+            logPasskeyDiagnostic(enriched, 'login', this.relyingPartyId);
+            throw enriched;
+        }
+        let resultJson;
+        if (typeof result === 'string') {
+            resultJson = JSON.parse(result);
+        }
+        else {
+            resultJson = result;
+        }
+        const { partnerId, sessionLookupId } = yield this.ctx.client.touchSession();
+        const publicKey = resultJson.id;
+        const verifyWebChallengeResult = yield this.ctx.client.verifyWebChallenge(partnerId, {
+            publicKey,
+            signature: {
+                clientDataJSON: resultJson.response.clientDataJSON,
+                authenticatorData: resultJson.response.authenticatorData,
+                signature: resultJson.response.signature,
+            },
+        });
+        if (userId !== verifyWebChallengeResult.data.userId) {
+            throw new Error('User ID mismatch');
+        }
+        const encryptedSharesResult = yield this.ctx.client.getBiometricKeyshares(userId, resultJson.id);
+        const encryptionKeyHash = getSHA256HashHex(resultJson.response.userHandle);
+        const { encryptedPrivateKeys } = yield this.ctx.client.getEncryptedWalletPrivateKeys(userId, encryptionKeyHash);
+        let decryptedShares;
+        if (encryptedPrivateKeys.length === 0) {
+            decryptedShares = yield getDerivedPrivateKeyAndDecrypt(this.ctx, resultJson.response.userHandle, encryptedSharesResult.data.keyShares);
+            const keyPair = yield getAsymmetricKeyPair(this.ctx, resultJson.response.userHandle);
+            const encryptedPrivateKeyHex = yield encryptPrivateKey(keyPair, resultJson.response.userHandle);
+            yield this.ctx.client.uploadEncryptedWalletPrivateKey(userId, encryptedPrivateKeyHex, encryptionKeyHash, resultJson.id);
+        }
+        else {
+            decryptedShares = yield decryptPrivateKeyAndDecryptShare(resultJson.response.userHandle, encryptedSharesResult.data.keyShares, encryptedPrivateKeys[0].encryptedPrivateKey);
+        }
+        const walletsRes = yield this.ctx.client.getWallets(userId);
+        const desiredWallets = walletsRes.data.wallets;
+        const walletsToInsert = {};
+        for (let desiredWallet of desiredWallets) {
+            const decryptedShare = decryptedShares.find(share => share.walletId === desiredWallet.id);
+            walletsToInsert[decryptedShare.walletId] = {
+                id: decryptedShare.walletId,
+                signer: decryptedShare.signer,
+                address: desiredWallet.address || undefined,
+                publicKey: desiredWallet.publicKey || undefined,
+                scheme: desiredWallet.scheme,
+                type: desiredWallet.type || undefined,
+            };
+        }
+        const currentWalletIds = {};
+        for (const wallet of Object.values(walletsToInsert)) {
+            const { id, type } = wallet;
+            const currentIdsForType = currentWalletIds[type || 'EVM'] || [];
+            currentWalletIds[type || 'EVM'] = [...currentIdsForType, id];
+        }
+        yield this.setWallets(walletsToInsert);
+        yield this.setCurrentWalletIds(currentWalletIds, {
+            sessionLookupId,
+        });
+    });
+};

package/dist/react-native/ReactNativeUtils.d.ts

@@ -44,6 +44,7 @@ export declare class ReactNativeUtils implements PlatformUtils {
         walletId: string;
     }>;
     getPrivateKey(_ctx: Ctx, _userId: string, _walletId: string, _share: string, _sessionCookie: string): Promise<string>;
+    getED25519PrivateKey(_ctx: Ctx, _userId: string, _walletId: string, _share: string, _sessionCookie: string): Promise<string>;
     openPopup(popupUrl: string): any;
     private baseSignTransaction;
     sendTransaction(ctx: Ctx, userId: string, walletId: string, share: string, rlpEncodedTxBase64: string, chainId: string, _sessionCookie: string, isDKLS?: boolean): Promise<SignatureRes>;

package/dist/react-native/ReactNativeUtils.js

@@ -118,6 +118,9 @@ export class ReactNativeUtils {
     getPrivateKey(_ctx, _userId, _walletId, _share, _sessionCookie) {
         throw new Error('Method not implemented.');
     }
+    getED25519PrivateKey(_ctx, _userId, _walletId, _share, _sessionCookie) {
+        throw new Error('Method not implemented.');
+    }
     openPopup(popupUrl) {
         if (this.transactionReviewHandler) {
             this.transactionReviewHandler(popupUrl);

package/package.json

@@ -1,14 +1,14 @@
 {
   "name": "@getpara/react-native-wallet",
   "description": "Para Wallet for React Native",
-  "version": "2.26.0",
+  "version": "2.28.0",
   "author": "Para Team <hello@getpara.com> (https://getpara.com)",
   "dependencies": {
-    "@getpara/core-sdk": "2.26.0",
-    "@getpara/react-core": "2.26.0",
-    "@getpara/user-management-client": "2.26.0",
-    "@getpara/viem-v2-integration": "2.26.0",
-    "@getpara/web-sdk": "2.26.0",
+    "@getpara/core-sdk": "2.28.0",
+    "@getpara/react-core": "2.28.0",
+    "@getpara/user-management-client": "2.28.0",
+    "@getpara/viem-v2-integration": "2.28.0",
+    "@getpara/web-sdk": "2.28.0",
     "@peculiar/webcrypto": "^1.5.0",
     "@ungap/structured-clone": "1.3.0",
     "react-native-url-polyfill": "2.0.0",
@@ -222,5 +222,5 @@
       ]
     }
   },
-  "gitHead": "02eb43f55b1c5f8bed6685940b6344551610f42a"
+  "gitHead": "cb74d2b02aed6a8a5373249418b315d686b83b66"
 }

package/src/react-native/ParaMobile.ts

@@ -239,6 +239,32 @@ export class ParaMobile extends ParaCore {
    * @returns {Promise<void>}
    */
   async loginWithPasskey(): Promise<void> {
+    try {
+      await this.#runLoginWithPasskey();
+    } catch (error) {
+      // The native passkey ceremony runs on a different async chain from
+      // `authenticateWithOAuth` / `authenticateWithEmailOrPhone`, which put the
+      // auth state machine into `waiting_for_session` and poll until the session
+      // flips to authenticated. If the passkey ceremony or any subsequent step
+      // throws (no credential available, user cancelled, misconfigured RP,
+      // user-id mismatch, network error, etc.), nothing else cancels that
+      // polling — the caller awaiting `authenticateWithOAuth` would otherwise
+      // hang forever.
+      //
+      // Cancel the auth state machine here so the parent flow rejects with a
+      // clear "Authentication canceled" error instead of hanging. `cancelAuthFlow`
+      // no-ops when the state machine is already unauthenticated/error, so this
+      // is safe when `loginWithPasskey` is called outside of an auth flow.
+      try {
+        await this.cancelAuthFlow();
+      } catch {
+        // Best-effort. Surface the original passkey error regardless.
+      }
+      throw error;
+    }
+  }
+
+  async #runLoginWithPasskey(): Promise<void> {
     this.assertIsAuthSet();
     const userId = this.assertUserId();
 

package/src/react-native/ReactNativeUtils.ts

@@ -158,6 +158,16 @@ export class ReactNativeUtils implements PlatformUtils {
     throw new Error('Method not implemented.');
   }
 
+  getED25519PrivateKey(
+    _ctx: Ctx,
+    _userId: string,
+    _walletId: string,
+    _share: string,
+    _sessionCookie: string,
+  ): Promise<string> {
+    throw new Error('Method not implemented.');
+  }
+
   openPopup(popupUrl: string): any {
     if (this.transactionReviewHandler) {
       this.transactionReviewHandler(popupUrl);