@imtbl/wallet 2.12.6 → 2.12.7-alpha.1

package/dist/types/connectWallet.d.ts

@@ -5,30 +5,24 @@ import { ConnectWalletOptions, Provider } from './types';
  * @param config - Wallet configuration
  * @returns EIP-1193 compliant provider with multi-chain support
  *
- * If no Auth instance is provided, a default Immutable-hosted client id will be used.
+ * If getUser is not provided, a default implementation using @imtbl/auth will be created.
  *
- * @example
+ * @example Using external auth (e.g., NextAuth)
  * ```typescript
- * import { Auth } from '@imtbl/auth';
- * import { connectWallet, IMMUTABLE_ZKEVM_MAINNET_CHAIN } from '@imtbl/wallet';
+ * import { connectWallet } from '@imtbl/wallet';
+ * import { useImmutableSession } from '@imtbl/auth-next-client';
  *
- * // Create auth
- * const auth = new Auth({
- *   authenticationDomain: 'https://auth.immutable.com',
- *   passportDomain: 'https://passport.immutable.com',
- *   clientId: 'your-client-id',
- *   redirectUri: 'https://your-app.com/callback',
- *   scope: 'openid profile email offline_access transact',
- * });
+ * const { getUser } = useImmutableSession();
+ * const provider = await connectWallet({ getUser });
+ * ```
  *
- * // Connect wallet (defaults to testnet + mainnet, starts on testnet)
- * const provider = await connectWallet({ auth });
+ * @example Using default auth (simplest setup)
+ * ```typescript
+ * import { connectWallet } from '@imtbl/wallet';
  *
- * // Or specify a single chain
- * const provider = await connectWallet({
- *   auth,
- *   chains: [IMMUTABLE_ZKEVM_MAINNET_CHAIN],
- * });
+ * // Uses default Immutable-hosted authentication
+ * const provider = await connectWallet();
+ * const accounts = await provider.request({ method: 'eth_requestAccounts' });
  * ```
  */
 export declare function connectWallet(config?: ConnectWalletOptions): Promise<Provider>;

package/dist/types/guardian/index.d.ts

@@ -1,12 +1,13 @@
 import * as GeneratedClients from '@imtbl/generated-clients';
-import { Auth, IAuthConfiguration } from '@imtbl/auth';
 import { MetaTransaction, TypedDataPayload } from '../zkEvm/types';
 import { WalletConfiguration } from '../config';
+import type { GetUserFunction } from '../types';
 export type GuardianClientParams = {
     config: WalletConfiguration;
-    auth: Auth;
+    getUser: GetUserFunction;
     guardianApi: GeneratedClients.mr.GuardianApi;
-    authConfig: IAuthConfiguration;
+    passportDomain: string;
+    clientId: string;
 };
 type GuardianEVMTxnEvaluationParams = {
     chainId: string;
@@ -27,8 +28,12 @@ export default class GuardianClient {
     private readonly guardianApi;
     private readonly confirmationScreen;
     private readonly crossSdkBridgeEnabled;
-    private readonly auth;
-    constructor({ config, auth, guardianApi, authConfig, }: GuardianClientParams);
+    private readonly getUser;
+    constructor({ config, getUser, guardianApi, passportDomain, clientId, }: GuardianClientParams);
+    /**
+     * Get zkEvm user using getUser function.
+     */
+    private getUserZkEvm;
     /**
      * Open confirmation screen and close it automatically if the
      * underlying task fails.

package/dist/types/magic/magicTEESigner.d.ts

@@ -1,16 +1,15 @@
 import { MagicTeeApiClients } from '@imtbl/generated-clients';
-import { Auth } from '@imtbl/auth';
-import { WalletSigner } from '../types';
+import { WalletSigner, GetUserFunction } from '../types';
 /**
  * MagicTEESigner implements the WalletSigner interface for Magic TEE-based signing.
  * This signer delegates cryptographic operations to the Magic TEE service.
  */
 export default class MagicTEESigner implements WalletSigner {
-    private readonly auth;
+    private readonly getUser;
     private readonly magicTeeApiClient;
     private userWallet;
     private createWalletPromise;
-    constructor(auth: Auth, magicTeeApiClient: MagicTeeApiClients);
+    constructor(getUser: GetUserFunction, magicTeeApiClient: MagicTeeApiClients);
     private getUserWallet;
     /**
      * This method calls the createWallet endpoint. The user's wallet must be created before it can be used to sign messages.

package/dist/types/sequence/sequenceProvider.d.ts

@@ -1,10 +1,10 @@
 import { MultiRollupApiClients } from '@imtbl/generated-clients';
-import { Auth, TypedEventEmitter } from '@imtbl/auth';
-import { Provider, ProviderEventMap, RequestArguments, ChainConfig } from '../types';
+import { TypedEventEmitter } from '@imtbl/auth';
+import { Provider, ProviderEventMap, RequestArguments, ChainConfig, GetUserFunction } from '../types';
 import GuardianClient from '../guardian';
 import { SequenceSigner } from './signer';
 export type SequenceProviderInput = {
-    auth: Auth;
+    getUser: GetUserFunction;
     chainConfig: ChainConfig;
     multiRollupApiClients: MultiRollupApiClients;
     guardianClient: GuardianClient;
@@ -14,7 +14,7 @@ export type SequenceProviderInput = {
 export declare class SequenceProvider implements Provider {
     #private;
     readonly isPassport: boolean;
-    constructor({ auth, chainConfig, multiRollupApiClients, guardianClient, ethSigner, passportEventEmitter, }: SequenceProviderInput);
+    constructor({ getUser, chainConfig, multiRollupApiClients, guardianClient, ethSigner, passportEventEmitter, }: SequenceProviderInput);
     request(request: RequestArguments): Promise<any>;
     on(event: string, listener: (...args: any[]) => void): void;
     removeListener(event: string, listener: (...args: any[]) => void): void;

package/dist/types/sequence/signer/identityInstrumentSigner.d.ts

@@ -1,14 +1,14 @@
-import { Auth } from '@imtbl/auth';
 import { Address } from 'ox';
 import { Payload, Signature as SequenceSignature } from '@0xsequence/wallet-primitives';
 import { SequenceSigner } from './types';
+import { GetUserFunction } from '../../types';
 export interface IdentityInstrumentSignerConfig {
     /** Sequence Identity Instrument endpoint URL */
     identityInstrumentEndpoint: string;
 }
 export declare class IdentityInstrumentSigner implements SequenceSigner {
     #private;
-    constructor(auth: Auth, config: IdentityInstrumentSignerConfig);
+    constructor(getUser: GetUserFunction, config: IdentityInstrumentSignerConfig);
     getAddress(): Promise<string>;
     signPayload(walletAddress: Address.Address, chainId: number, payload: Payload.Parented): Promise<SequenceSignature.SignatureOfSignerLeaf>;
     signMessage(message: string | Uint8Array): Promise<string>;

package/dist/types/sequence/signer/index.d.ts

@@ -1,5 +1,5 @@
-import { Auth, IAuthConfiguration } from '@imtbl/auth';
 import { SequenceSigner } from './types';
+import { GetUserFunction } from '../../types';
 export type { SequenceSigner } from './types';
 export { IdentityInstrumentSigner } from './identityInstrumentSigner';
 export type { IdentityInstrumentSignerConfig } from './identityInstrumentSigner';
@@ -7,14 +7,15 @@ export { PrivateKeySigner } from './privateKeySigner';
 export interface CreateSequenceSignerConfig {
     /** Identity Instrument endpoint (required for prod/sandbox) */
     identityInstrumentEndpoint?: string;
+    /** Whether this is a dev environment (uses PrivateKeySigner instead of IdentityInstrumentSigner) */
+    isDevEnvironment?: boolean;
 }
 /**
  * Create the appropriate signer based on environment.
  * - Dev environment (behind VPN): uses PrivateKeySigner
  * - Prod/Sandbox: uses IdentityInstrumentSigner
  *
- * @param auth - Auth instance
- * @param authConfig - Auth configuration (to determine environment)
+ * @param getUser - Function to get the current user
  * @param config - Signer configuration
  */
-export declare function createSequenceSigner(auth: Auth, authConfig: IAuthConfiguration, config?: CreateSequenceSignerConfig): SequenceSigner;
+export declare function createSequenceSigner(getUser: GetUserFunction, config?: CreateSequenceSignerConfig): SequenceSigner;

package/dist/types/sequence/signer/privateKeySigner.d.ts

@@ -1,14 +1,14 @@
-import { Auth } from '@imtbl/auth';
 import { Payload, Signature as SequenceSignature } from '@0xsequence/wallet-primitives';
 import { SequenceSigner } from './types';
 import { Address } from 'ox';
+import { GetUserFunction } from '../../types';
 /**
  * Private key signer for dev environments (behind VPN).
  * Uses a deterministic private key derived from the user's sub.
  */
 export declare class PrivateKeySigner implements SequenceSigner {
     #private;
-    constructor(auth: Auth);
+    constructor(getUser: GetUserFunction);
     getAddress(): Promise<string>;
     signPayload(walletAddress: Address.Address, chainId: number, payload: Payload.Parented): Promise<SequenceSignature.SignatureOfSignerLeaf>;
     signMessage(message: string | Uint8Array): Promise<string>;

package/dist/types/sequence/user/registerUser.d.ts

@@ -1,10 +1,10 @@
 import { MultiRollupApiClients } from '@imtbl/generated-clients';
 import { Flow } from '@imtbl/metrics';
 import type { PublicClient } from 'viem';
-import { Auth } from '@imtbl/auth';
 import { SequenceSigner } from '../signer';
+import { GetUserFunction } from '../../types';
 export type RegisterUserInput = {
-    auth: Auth;
+    getUser: GetUserFunction;
     ethSigner: SequenceSigner;
     multiRollupApiClients: MultiRollupApiClients;
     accessToken: string;
@@ -15,4 +15,4 @@ export type RegisterUserInput = {
  * Register a user for a non-zkEVM chain (e.g., Arbitrum).
  * Creates a counterfactual address for the user on the specified chain.
  */
-export declare function registerUser({ auth, ethSigner, multiRollupApiClients, accessToken, rpcProvider, flow, }: RegisterUserInput): Promise<string>;
+export declare function registerUser({ getUser, ethSigner, multiRollupApiClients, accessToken, rpcProvider, flow, }: RegisterUserInput): Promise<string>;

package/dist/types/types.d.ts

@@ -1,5 +1,5 @@
 import { Flow } from '@imtbl/metrics';
-import { Auth, TypedEventEmitter, type AuthEventMap } from '@imtbl/auth';
+import { TypedEventEmitter, User } from '@imtbl/auth';
 import { JsonRpcError } from './zkEvm/JsonRpcError';
 export declare enum EvmChain {
     ZKEVM = "zkevm",
@@ -15,12 +15,12 @@ export interface WalletSigner {
     /** Sign a message (EIP-191 personal_sign) */
     signMessage(message: string | Uint8Array): Promise<`0x${string}`>;
 }
-export type { User, UserProfile, UserZkEvm, DirectLoginMethod, AuthEventMap, } from '@imtbl/auth';
+export type { User, UserProfile, UserZkEvm, DirectLoginMethod, } from '@imtbl/auth';
 export { isUserZkEvm } from '@imtbl/auth';
 export type { RollupType } from '@imtbl/auth';
-export { AuthEvents } from '@imtbl/auth';
 export declare enum WalletEvents {
-    ACCOUNTS_REQUESTED = "accountsRequested"
+    ACCOUNTS_REQUESTED = "accountsRequested",
+    LOGGED_OUT = "loggedOut"
 }
 export type AccountsRequestedEvent = {
     sessionActivityApiUrl: string;
@@ -29,9 +29,11 @@ export type AccountsRequestedEvent = {
     passportClient: string;
     flow?: Flow;
 };
-export interface PassportEventMap extends AuthEventMap {
+export interface WalletEventMap extends Record<string, any> {
     [WalletEvents.ACCOUNTS_REQUESTED]: [AccountsRequestedEvent];
+    [WalletEvents.LOGGED_OUT]: [];
 }
+export type PassportEventMap = WalletEventMap;
 /**
  * EIP-1193 Provider Interface
  * Standard Ethereum provider interface for all chain types
@@ -182,16 +184,44 @@ export interface PopupOverlayOptions {
     /** Disable the blocked popup overlay */
     disableBlockedPopupOverlay?: boolean;
 }
+/**
+ * Function type for getting the current user.
+ * Used as an alternative to passing an Auth instance.
+ * This function should return fresh tokens from the session manager.
+ *
+ * @param forceRefresh - When true, the auth layer should trigger a server-side
+ *   token refresh to get updated claims (e.g., after zkEVM registration).
+ *   This ensures the returned user has the latest data from the identity provider.
+ */
+export type GetUserFunction = (forceRefresh?: boolean) => Promise<User | null>;
 /**
  * Options for connecting a wallet via connectWallet()
  * High-level configuration that gets transformed into internal WalletConfiguration
  */
 export interface ConnectWalletOptions {
     /**
-     * Auth instance. Optional – if omitted, a default Auth instance
-     * configured with Immutable hosted defaults will be created.
+     * Function that returns the current user with fresh tokens.
+     * This is the primary way to provide authentication to the wallet.
+     *
+     * For NextAuth integration:
+     * @example
+     * ```typescript
+     * import { connectWallet } from '@imtbl/wallet';
+     * import { useImmutableSession } from '@imtbl/auth-next-client';
+     *
+     * const { getUser } = useImmutableSession();
+     * const provider = await connectWallet({ getUser });
+     * ```
+     *
+     * If not provided, a default implementation using @imtbl/auth will be created.
+     */
+    getUser?: GetUserFunction;
+    /**
+     * Client ID for Immutable authentication.
+     * Required when getUser is not provided (for default auth).
+     * Also used for session activity tracking.
      */
-    auth?: Auth;
+    clientId?: string;
     /**
      * Chain configurations (supports multi-chain)
      * Defaults to [IMMUTABLE_ZKEVM_TESTNET_CHAIN, IMMUTABLE_ZKEVM_MAINNET_CHAIN] if not provided
@@ -217,5 +247,5 @@ export interface ConnectWalletOptions {
     /**
      * @internal - Only used by Passport for internal event communication
      */
-    passportEventEmitter?: TypedEventEmitter<PassportEventMap>;
+    passportEventEmitter?: TypedEventEmitter<WalletEventMap>;
 }

package/dist/types/zkEvm/relayerClient.d.ts

@@ -1,11 +1,11 @@
 import type { PublicClient, Hex } from 'viem';
-import { Auth } from '@imtbl/auth';
 import { WalletConfiguration } from '../config';
 import { FeeOption, RelayerTransaction, TypedDataPayload } from './types';
+import type { GetUserFunction } from '../types';
 export type RelayerClientInput = {
     config: WalletConfiguration;
     rpcProvider: PublicClient;
-    auth: Auth;
+    getUser: GetUserFunction;
 };
 type EthSendTransactionRequest = {
     method: 'eth_sendTransaction';
@@ -47,9 +47,13 @@ export type RelayerTransactionRequest = EthSendTransactionRequest | ImGetTransac
 export declare class RelayerClient {
     private readonly config;
     private readonly rpcProvider;
-    private readonly auth;
-    constructor({ config, rpcProvider, auth }: RelayerClientInput);
+    private readonly getUser;
+    constructor({ config, rpcProvider, getUser, }: RelayerClientInput);
     private static getResponsePreview;
+    /**
+     * Get zkEvm user using getUser function.
+     */
+    private getUserZkEvm;
     private postToRelayer;
     getPreferredFeeTokenSymbol(): string;
     ethSendTransaction(to: string, data: Hex | string): Promise<string>;

package/dist/types/zkEvm/user/registerZkEvmUser.d.ts

@@ -1,14 +1,17 @@
 import { MultiRollupApiClients } from '@imtbl/generated-clients';
 import { Flow } from '@imtbl/metrics';
 import type { PublicClient } from 'viem';
-import { Auth } from '@imtbl/auth';
-import type { WalletSigner } from '../../types';
+import type { WalletSigner, GetUserFunction } from '../../types';
 export type RegisterZkEvmUserInput = {
-    auth: Auth;
+    /**
+     * Function to get fresh user tokens. Used for triggering background refresh after registration.
+     * If not provided, no background refresh is performed.
+     */
+    getUser?: GetUserFunction;
     ethSigner: WalletSigner;
     multiRollupApiClients: MultiRollupApiClients;
     accessToken: string;
     rpcProvider: PublicClient;
     flow: Flow;
 };
-export declare function registerZkEvmUser({ auth, ethSigner, multiRollupApiClients, accessToken, rpcProvider, flow, }: RegisterZkEvmUserInput): Promise<string>;
+export declare function registerZkEvmUser({ getUser, ethSigner, multiRollupApiClients, accessToken, rpcProvider, flow, }: RegisterZkEvmUserInput): Promise<string>;

package/dist/types/zkEvm/zkEvmProvider.d.ts

@@ -1,14 +1,22 @@
 import { MultiRollupApiClients } from '@imtbl/generated-clients';
 import { Provider, RequestArguments } from './types';
-import { Auth, TypedEventEmitter } from '@imtbl/auth';
+import { TypedEventEmitter } from '@imtbl/auth';
 import { WalletConfiguration } from '../config';
-import { PassportEventMap, User, WalletSigner } from '../types';
+import { WalletEventMap, User, WalletSigner, GetUserFunction } from '../types';
 import GuardianClient from '../guardian';
 export type ZkEvmProviderInput = {
-    auth: Auth;
+    /**
+     * Function that returns the current user with fresh tokens.
+     * This is the primary way to provide authentication to the wallet.
+     */
+    getUser: GetUserFunction;
+    /**
+     * Client ID for session activity tracking.
+     */
+    clientId: string;
     config: WalletConfiguration;
     multiRollupApiClients: MultiRollupApiClients;
-    passportEventEmitter: TypedEventEmitter<PassportEventMap>;
+    walletEventEmitter: TypedEventEmitter<WalletEventMap>;
     guardianClient: GuardianClient;
     ethSigner: WalletSigner;
     user: User | null;
@@ -17,7 +25,7 @@ export type ZkEvmProviderInput = {
 export declare class ZkEvmProvider implements Provider {
     #private;
     readonly isPassport: boolean;
-    constructor({ auth, config, multiRollupApiClients, passportEventEmitter, guardianClient, ethSigner, user, sessionActivityApiUrl, }: ZkEvmProviderInput);
+    constructor({ getUser, clientId, config, multiRollupApiClients, walletEventEmitter, guardianClient, ethSigner, user, sessionActivityApiUrl, }: ZkEvmProviderInput);
     request(request: RequestArguments): Promise<any>;
     on(event: string, listener: (...args: any[]) => void): void;
     removeListener(event: string, listener: (...args: any[]) => void): void;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@imtbl/wallet",
-  "version": "2.12.6",
+  "version": "2.12.7-alpha.1",
   "description": "Wallet SDK for Immutable",
   "author": "Immutable",
   "bugs": "https://github.com/immutable/ts-immutable-sdk/issues",
@@ -25,9 +25,9 @@
     }
   },
   "dependencies": {
-    "@imtbl/auth": "2.12.6",
-    "@imtbl/generated-clients": "2.12.6",
-    "@imtbl/metrics": "2.12.6",
+    "@imtbl/auth": "2.12.7-alpha.1",
+    "@imtbl/generated-clients": "2.12.7-alpha.1",
+    "@imtbl/metrics": "2.12.7-alpha.1",
     "viem": "~2.18.0"
   },
   "devDependencies": {
@@ -35,12 +35,12 @@
     "@0xsequence/wallet-wdk": "3.0.0-beta.10",
     "@0xsequence/wallet-core": "3.0.0-beta.10",
     "@0xsequence/wallet-primitives": "3.0.0-beta.10",
-    "@swc/core": "^1.3.36",
+    "@swc/core": "^1.4.2",
     "@swc/jest": "^0.2.37",
     "@types/jest": "^29.5.12",
-    "@types/node": "^18.14.2",
+    "@types/node": "^22.10.7",
     "@jest/test-sequencer": "^29.7.0",
-    "jest": "^29.4.3",
+    "jest": "^29.7.0",
     "jest-environment-jsdom": "^29.4.3",
     "ox": "^0.9.17",
     "ts-node": "^10.9.1",

package/src/connectWallet.test.ts

@@ -9,6 +9,7 @@ jest.mock('@imtbl/auth', () => {
       },
     }),
     getUser: jest.fn().mockResolvedValue({ profile: { sub: 'user' } }),
+    getUserOrLogin: jest.fn().mockResolvedValue({ profile: { sub: 'user' }, accessToken: 'token' }),
   }));
 
   const TypedEventEmitter = jest.fn().mockImplementation(() => ({
@@ -79,20 +80,13 @@ const arbitrumChain = {
   relayerUrl: 'https://next-arbitrum-one-relayer.sequence.app',
   apiUrl: 'https://api.immutable.com',
   name: 'Arbitrum One',
+  sequenceIdentityInstrumentEndpoint: 'https://sequence.immutable.com',
 };
 
-const createAuthStub = () => ({
-  getConfig: jest.fn().mockReturnValue({
-    authenticationDomain: 'https://auth.immutable.com',
-    passportDomain: 'https://passport.immutable.com',
-    oidcConfiguration: {
-      clientId: 'client',
-      redirectUri: 'https://redirect',
-    },
-  }),
-  getUser: jest.fn().mockResolvedValue({ profile: { sub: 'user' } }),
-  loginCallback: jest.fn(),
-  eventEmitter: { emit: jest.fn(), on: jest.fn() },
+// Create a mock getUser function for tests
+const createGetUserMock = () => jest.fn().mockResolvedValue({
+  profile: { sub: 'user' },
+  accessToken: 'token',
 });
 
 describe('connectWallet', () => {
@@ -101,9 +95,9 @@ describe('connectWallet', () => {
   });
 
   it('announces provider by default', async () => {
-    const auth = createAuthStub();
+    const getUser = createGetUserMock();
 
-    const provider = await connectWallet({ auth, chains: [zkEvmChain] });
+    const provider = await connectWallet({ getUser, chains: [zkEvmChain] });
 
     expect(ZkEvmProvider).toHaveBeenCalled();
     expect(announceProvider).toHaveBeenCalledWith({
@@ -113,25 +107,25 @@ describe('connectWallet', () => {
   });
 
   it('does not announce provider when disabled', async () => {
-    const auth = createAuthStub();
+    const getUser = createGetUserMock();
 
-    await connectWallet({ auth, chains: [zkEvmChain], announceProvider: false });
+    await connectWallet({ getUser, chains: [zkEvmChain], announceProvider: false });
 
     expect(announceProvider).not.toHaveBeenCalled();
   });
 
   describe('provider selection', () => {
     it('uses ZkEvmProvider for zkEVM chain (by chainId)', async () => {
-      const auth = createAuthStub();
+      const getUser = createGetUserMock();
 
-      await connectWallet({ auth, chains: [zkEvmChain] });
+      await connectWallet({ getUser, chains: [zkEvmChain] });
 
       expect(ZkEvmProvider).toHaveBeenCalled();
       expect(SequenceProvider).not.toHaveBeenCalled();
     });
 
     it('uses ZkEvmProvider for zkEVM devnet chain', async () => {
-      const auth = createAuthStub();
+      const getUser = createGetUserMock();
       const devChain = {
         chainId: 15003, // zkEVM devnet chainId
         rpcUrl: 'https://rpc.dev.immutable.com',
@@ -142,16 +136,16 @@ describe('connectWallet', () => {
         magicProviderId: 'provider-123',
       };
 
-      await connectWallet({ auth, chains: [devChain] });
+      await connectWallet({ getUser, chains: [devChain] });
 
       expect(ZkEvmProvider).toHaveBeenCalled();
       expect(SequenceProvider).not.toHaveBeenCalled();
     });
 
     it('uses SequenceProvider for non-zkEVM chain (Arbitrum)', async () => {
-      const auth = createAuthStub();
+      const getUser = createGetUserMock();
 
-      await connectWallet({ auth, chains: [arbitrumChain] });
+      await connectWallet({ getUser, chains: [arbitrumChain] });
 
       expect(SequenceProvider).toHaveBeenCalled();
       expect(ZkEvmProvider).not.toHaveBeenCalled();