@imtbl/wallet 2.12.6 → 2.12.7-alpha.1

package/src/connectWallet.ts

@@ -1,6 +1,5 @@
 import {
   Auth,
-  IAuthConfiguration,
   TypedEventEmitter,
 } from '@imtbl/auth';
 import {
@@ -12,7 +11,7 @@ import {
 import { ZkEvmProvider } from './zkEvm/zkEvmProvider';
 import { SequenceProvider } from './sequence/sequenceProvider';
 import {
-  ConnectWalletOptions, PassportEventMap, ChainConfig, Provider,
+  ConnectWalletOptions, PassportEventMap, ChainConfig, Provider, GetUserFunction,
 } from './types';
 import { WalletConfiguration } from './config';
 import GuardianClient from './guardian';
@@ -121,13 +120,22 @@ function getDefaultClientId(chain: ChainConfig): string {
   return isSandboxChain(chain) ? DEFAULT_SANDBOX_CLIENT_ID : DEFAULT_PRODUCTION_CLIENT_ID;
 }
 
-function createDefaultAuth(initialChain: ChainConfig, options: ConnectWalletOptions): Auth {
+/**
+ * Create a default getUser function using internal Auth instance.
+ * This is used when no external getUser is provided.
+ * @internal
+ */
+function createDefaultGetUser(initialChain: ChainConfig, options: ConnectWalletOptions): {
+  getUser: GetUserFunction;
+  clientId: string;
+} {
   const passportDomain = derivePassportDomain(initialChain);
   const authenticationDomain = deriveAuthenticationDomain();
   const redirectUri = deriveRedirectUri();
+  const clientId = options.clientId || getDefaultClientId(initialChain);
 
-  return new Auth({
-    clientId: getDefaultClientId(initialChain),
+  const auth = new Auth({
+    clientId,
     redirectUri,
     popupRedirectUri: redirectUri,
     logoutRedirectUri: redirectUri,
@@ -138,6 +146,29 @@ function createDefaultAuth(initialChain: ChainConfig, options: ConnectWalletOpti
     popupOverlayOptions: options.popupOverlayOptions,
     crossSdkBridgeEnabled: options.crossSdkBridgeEnabled,
   });
+
+  // Set up message listener for popup login callback
+  if (typeof window !== 'undefined') {
+    window.addEventListener('message', async (event) => {
+      if (event.data.code && event.data.state) {
+        const currentQueryString = window.location.search;
+        const newQueryString = new URLSearchParams(currentQueryString);
+        newQueryString.set('code', event.data.code);
+        newQueryString.set('state', event.data.state);
+        window.history.replaceState(null, '', `?${newQueryString.toString()}`);
+        await auth.loginCallback();
+        newQueryString.delete('code');
+        newQueryString.delete('state');
+        window.history.replaceState(null, '', `?${newQueryString.toString()}`);
+      }
+    });
+  }
+
+  // Return getUser function that wraps Auth.getUserOrLogin
+  return {
+    getUser: async () => auth.getUserOrLogin(),
+    clientId,
+  };
 }
 
 /**
@@ -146,30 +177,24 @@ function createDefaultAuth(initialChain: ChainConfig, options: ConnectWalletOpti
  * @param config - Wallet configuration
  * @returns EIP-1193 compliant provider with multi-chain support
  *
- * If no Auth instance is provided, a default Immutable-hosted client id will be used.
+ * If getUser is not provided, a default implementation using @imtbl/auth will be created.
  *
- * @example
+ * @example Using external auth (e.g., NextAuth)
  * ```typescript
- * import { Auth } from '@imtbl/auth';
- * import { connectWallet, IMMUTABLE_ZKEVM_MAINNET_CHAIN } from '@imtbl/wallet';
+ * import { connectWallet } from '@imtbl/wallet';
+ * import { useImmutableSession } from '@imtbl/auth-next-client';
  *
- * // Create auth
- * const auth = new Auth({
- *   authenticationDomain: 'https://auth.immutable.com',
- *   passportDomain: 'https://passport.immutable.com',
- *   clientId: 'your-client-id',
- *   redirectUri: 'https://your-app.com/callback',
- *   scope: 'openid profile email offline_access transact',
- * });
+ * const { getUser } = useImmutableSession();
+ * const provider = await connectWallet({ getUser });
+ * ```
  *
- * // Connect wallet (defaults to testnet + mainnet, starts on testnet)
- * const provider = await connectWallet({ auth });
+ * @example Using default auth (simplest setup)
+ * ```typescript
+ * import { connectWallet } from '@imtbl/wallet';
  *
- * // Or specify a single chain
- * const provider = await connectWallet({
- *   auth,
- *   chains: [IMMUTABLE_ZKEVM_MAINNET_CHAIN],
- * });
+ * // Uses default Immutable-hosted authentication
+ * const provider = await connectWallet();
+ * const accounts = await provider.request({ method: 'eth_requestAccounts' });
  * ```
  */
 export async function connectWallet(
@@ -198,33 +223,28 @@ export async function connectWallet(
     passport: apiConfig,
   });
 
-  // 3. Resolve Auth (use provided instance or create a default)
-  const auth = config.auth ?? createDefaultAuth(initialChain, config);
-  if (!config.auth && typeof window !== 'undefined') {
-    window.addEventListener('message', async (event) => {
-      if (event.data.code && event.data.state) {
-        // append to the current querystring making sure both cases of no existing and having existing params are handled
-        const currentQueryString = window.location.search;
-        const newQueryString = new URLSearchParams(currentQueryString);
-        newQueryString.set('code', event.data.code);
-        newQueryString.set('state', event.data.state);
-        window.history.replaceState(null, '', `?${newQueryString.toString()}`);
-        await auth.loginCallback();
-        // remove the code and state from the querystring
-        newQueryString.delete('code');
-        newQueryString.delete('state');
-        window.history.replaceState(null, '', `?${newQueryString.toString()}`);
-      }
-    });
+  // 3. Resolve getUser function
+  // If not provided, create a default implementation using internal Auth
+  let getUser: GetUserFunction;
+  let clientId: string;
+
+  if (config.getUser) {
+    getUser = config.getUser;
+    clientId = config.clientId || getDefaultClientId(initialChain);
+  } else {
+    // Create default getUser using internal Auth
+    const defaultAuth = createDefaultGetUser(initialChain, config);
+    getUser = defaultAuth.getUser;
+    clientId = defaultAuth.clientId;
   }
 
-  // 4. Extract Auth configuration and current user
-  const authConfig: IAuthConfiguration = auth.getConfig();
-  const user = await auth.getUser();
+  // 4. Get current user (may be null if not logged in)
+  const user = await getUser().catch(() => null);
 
   // 5. Create wallet configuration with concrete URLs
+  const passportDomain = initialChain.passportDomain || initialChain.apiUrl.replace('api.', 'passport.');
   const walletConfig = new WalletConfiguration({
-    passportDomain: initialChain.passportDomain || initialChain.apiUrl.replace('api.', 'passport.'),
+    passportDomain,
     zkEvmRpcUrl: initialChain.rpcUrl,
     relayerUrl: initialChain.relayerUrl,
     indexerMrBasePath: initialChain.apiUrl,
@@ -242,9 +262,10 @@ export async function connectWallet(
 
   const guardianClient = new GuardianClient({
     config: walletConfig,
-    auth,
+    getUser,
     guardianApi,
-    authConfig,
+    passportDomain,
+    clientId,
   });
 
   // 8. Create provider based on chain type
@@ -262,7 +283,7 @@ export async function connectWallet(
       magicPublishableApiKey: magicConfig.magicPublishableApiKey,
       magicProviderId: magicConfig.magicProviderId,
     });
-    const ethSigner = new MagicTEESigner(auth, magicTeeApiClients);
+    const ethSigner = new MagicTEESigner(getUser, magicTeeApiClients);
 
     // 11. Determine session activity API URL (only for mainnet, testnet, devnet)
     let sessionActivityApiUrl: string | null = null;
@@ -280,24 +301,29 @@ export async function connectWallet(
 
     // 12. Create ZkEvmProvider
     provider = new ZkEvmProvider({
-      auth,
+      getUser,
+      clientId,
       config: walletConfig,
       multiRollupApiClients,
-      passportEventEmitter,
+      walletEventEmitter: passportEventEmitter,
       guardianClient,
       ethSigner,
       user,
       sessionActivityApiUrl,
     });
   } else {
+    // Determine if this is a dev environment based on domain
+    const isDevEnvironment = passportDomain.includes('.dev.') || initialChain.apiUrl.includes('.dev.');
+
     // Create Sequence signer based on environment
-    const sequenceSigner = createSequenceSigner(auth, authConfig, {
+    const sequenceSigner = createSequenceSigner(getUser, {
       identityInstrumentEndpoint: initialChain.sequenceIdentityInstrumentEndpoint,
+      isDevEnvironment,
     });
 
     // Non-zkEVM chain - use SequenceProvider
     provider = new SequenceProvider({
-      auth,
+      getUser,
       chainConfig: initialChain,
       multiRollupApiClients,
       guardianClient,

package/src/guardian/index.ts

@@ -1,6 +1,6 @@
 import * as GeneratedClients from '@imtbl/generated-clients';
 import { zeroAddress } from 'viem';
-import { Auth, IAuthConfiguration } from '@imtbl/auth';
+import { isUserZkEvm, type UserZkEvm } from '@imtbl/auth';
 import ConfirmationScreen from '../confirmation/confirmation';
 import { JsonRpcError, ProviderErrorCode, RpcErrorCode } from '../zkEvm/JsonRpcError';
 import { MetaTransaction, TypedDataPayload } from '../zkEvm/types';
@@ -8,12 +8,14 @@ import { WalletConfiguration } from '../config';
 import { getEip155ChainId } from '../zkEvm/walletHelpers';
 import { WalletError, WalletErrorType } from '../errors';
 import { isAxiosError } from '../utils/http';
+import type { GetUserFunction } from '../types';
 
 export type GuardianClientParams = {
   config: WalletConfiguration;
-  auth: Auth;
+  getUser: GetUserFunction;
   guardianApi: GeneratedClients.mr.GuardianApi;
-  authConfig: IAuthConfiguration;
+  passportDomain: string;
+  clientId: string;
 };
 
 type GuardianEVMTxnEvaluationParams = {
@@ -68,15 +70,40 @@ export default class GuardianClient {
 
   private readonly crossSdkBridgeEnabled: boolean;
 
-  private readonly auth: Auth;
+  private readonly getUser: GetUserFunction;
 
   constructor({
-    config, auth, guardianApi, authConfig,
+    config, getUser, guardianApi, passportDomain, clientId,
   }: GuardianClientParams) {
-    this.confirmationScreen = new ConfirmationScreen(authConfig);
+    // Create a minimal auth config for ConfirmationScreen
+    this.confirmationScreen = new ConfirmationScreen({
+      authenticationDomain: 'https://auth.immutable.com',
+      passportDomain,
+      oidcConfiguration: {
+        clientId,
+        redirectUri: 'https://auth.immutable.com/im-logged-in',
+      },
+      crossSdkBridgeEnabled: config.crossSdkBridgeEnabled,
+    });
     this.crossSdkBridgeEnabled = config.crossSdkBridgeEnabled;
     this.guardianApi = guardianApi;
-    this.auth = auth;
+    this.getUser = getUser;
+  }
+
+  /**
+   * Get zkEvm user using getUser function.
+   */
+  private async getUserZkEvm(): Promise<UserZkEvm> {
+    const user = await this.getUser();
+
+    if (!user || !isUserZkEvm(user)) {
+      throw new JsonRpcError(
+        ProviderErrorCode.UNAUTHORIZED,
+        'User not authenticated or missing zkEvm data',
+      );
+    }
+
+    return user;
   }
 
   /**
@@ -120,7 +147,7 @@ export default class GuardianClient {
     nonce,
     metaTransactions,
   }: GuardianEVMTxnEvaluationParams): Promise<GeneratedClients.mr.TransactionEvaluationResponse> {
-    const user = await this.auth.getUserZkEvm();
+    const user = await this.getUserZkEvm();
     const headers = { Authorization: `Bearer ${user.accessToken}` };
     const guardianTransactions = transformGuardianTransactions(metaTransactions);
     try {
@@ -175,7 +202,7 @@ export default class GuardianClient {
     }
 
     if (confirmationRequired && !!transactionId) {
-      const user = await this.auth.getUserZkEvm();
+      const user = await this.getUserZkEvm();
       const confirmationResult = await this.confirmationScreen.requestConfirmation(
         transactionId,
         user.zkEvm.ethAddress,
@@ -200,13 +227,7 @@ export default class GuardianClient {
     { chainID, payload }: GuardianEIP712MessageEvaluationParams,
   ): Promise<GeneratedClients.mr.MessageEvaluationResponse> {
     try {
-      const user = await this.auth.getUserZkEvm();
-      if (user === null) {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNAUTHORIZED,
-          'User not logged in. Please log in first.',
-        );
-      }
+      const user = await this.getUserZkEvm();
       const messageEvalResponse = await this.guardianApi.evaluateMessage(
         { messageEvaluationRequest: { chainID, payload } },
         { headers: { Authorization: `Bearer ${user.accessToken}` } },
@@ -227,7 +248,7 @@ export default class GuardianClient {
       throw new JsonRpcError(RpcErrorCode.TRANSACTION_REJECTED, transactionRejectedCrossSdkBridgeError);
     }
     if (confirmationRequired && !!messageId) {
-      const user = await this.auth.getUserZkEvm();
+      const user = await this.getUserZkEvm();
       const confirmationResult = await this.confirmationScreen.requestMessageConfirmation(
         messageId,
         user.zkEvm.ethAddress,
@@ -250,13 +271,7 @@ export default class GuardianClient {
     { chainID, payload }: GuardianERC191MessageEvaluationParams,
   ): Promise<GeneratedClients.mr.MessageEvaluationResponse> {
     try {
-      const user = await this.auth.getUserZkEvm();
-      if (user === null) {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNAUTHORIZED,
-          'User not logged in. Please log in first.',
-        );
-      }
+      const user = await this.getUserZkEvm();
       const messageEvalResponse = await this.guardianApi.evaluateErc191Message(
         {
           eRC191MessageEvaluationRequest: {
@@ -282,7 +297,7 @@ export default class GuardianClient {
       throw new JsonRpcError(RpcErrorCode.TRANSACTION_REJECTED, transactionRejectedCrossSdkBridgeError);
     }
     if (confirmationRequired && !!messageId) {
-      const user = await this.auth.getUserZkEvm();
+      const user = await this.getUserZkEvm();
       const confirmationResult = await this.confirmationScreen.requestMessageConfirmation(
         messageId,
         user.zkEvm.ethAddress,

package/src/magic/magicTEESigner.ts

@@ -2,9 +2,10 @@
 import { MagicTeeApiClients } from '@imtbl/generated-clients';
 import { Flow, trackDuration } from '@imtbl/metrics';
 import { WalletError, WalletErrorType } from '../errors';
-import { Auth } from '@imtbl/auth';
 import { withMetricsAsync } from '../utils/metrics';
-import { isUserZkEvm, User, WalletSigner } from '../types';
+import {
+  isUserZkEvm, User, WalletSigner, GetUserFunction,
+} from '../types';
 import { isAxiosError } from '../utils/http';
 
 const CHAIN_IDENTIFIER = 'ETH';
@@ -62,7 +63,7 @@ const toBase64 = (value: string): string => {
  * This signer delegates cryptographic operations to the Magic TEE service.
  */
 export default class MagicTEESigner implements WalletSigner {
-  private readonly auth: Auth;
+  private readonly getUser: GetUserFunction;
 
   private readonly magicTeeApiClient: MagicTeeApiClients;
 
@@ -70,8 +71,8 @@ export default class MagicTEESigner implements WalletSigner {
 
   private createWalletPromise: Promise<UserWallet> | null = null;
 
-  constructor(auth: Auth, magicTeeApiClient: MagicTeeApiClients) {
-    this.auth = auth;
+  constructor(getUser: GetUserFunction, magicTeeApiClient: MagicTeeApiClients) {
+    this.getUser = getUser;
     this.magicTeeApiClient = magicTeeApiClient;
   }
 
@@ -164,7 +165,8 @@ export default class MagicTEESigner implements WalletSigner {
   }
 
   private async getUserOrThrow(): Promise<User> {
-    const user = await this.auth.getUser();
+    const user = await this.getUser();
+
     if (!user) {
       throw new WalletError(
         'User has been logged out',

package/src/sequence/sequenceProvider.ts

@@ -5,7 +5,7 @@ import {
   type PublicClient,
 } from 'viem';
 import { MultiRollupApiClients } from '@imtbl/generated-clients';
-import { Auth, TypedEventEmitter, User } from '@imtbl/auth';
+import { TypedEventEmitter, User } from '@imtbl/auth';
 import { trackFlow, trackError, identify } from '@imtbl/metrics';
 import {
   Provider,
@@ -14,6 +14,7 @@ import {
   RequestArguments,
   ChainConfig,
   EvmChain,
+  GetUserFunction,
 } from '../types';
 import { JsonRpcError, ProviderErrorCode, RpcErrorCode } from '../zkEvm/JsonRpcError';
 import GuardianClient from '../guardian';
@@ -22,7 +23,7 @@ import { registerUser } from './user';
 import { getEvmChainFromChainId } from '../network/chainRegistry';
 
 export type SequenceProviderInput = {
-  auth: Auth;
+  getUser: GetUserFunction;
   chainConfig: ChainConfig;
   multiRollupApiClients: MultiRollupApiClients;
   guardianClient: GuardianClient;
@@ -50,7 +51,7 @@ function getUserChainAddress(user: User, chain: SequenceChain): string | undefin
 }
 
 export class SequenceProvider implements Provider {
-  readonly #auth: Auth;
+  readonly #getUser: GetUserFunction;
 
   readonly #chainConfig: ChainConfig;
 
@@ -69,7 +70,7 @@ export class SequenceProvider implements Provider {
   public readonly isPassport: boolean = true;
 
   constructor({
-    auth,
+    getUser,
     chainConfig,
     multiRollupApiClients,
     guardianClient,
@@ -83,7 +84,7 @@ export class SequenceProvider implements Provider {
     }
     this.#evmChain = evmChain;
 
-    this.#auth = auth;
+    this.#getUser = getUser;
     this.#chainConfig = chainConfig;
     this.#multiRollupApiClients = multiRollupApiClients;
     this.#guardianClient = guardianClient;
@@ -100,7 +101,7 @@ export class SequenceProvider implements Provider {
    * Get the user's address for this chain if already registered.
    */
   async #getChainAddress(): Promise<string | undefined> {
-    const user = await this.#auth.getUser();
+    const user = await this.#getUser();
     if (user && isUserRegisteredForChain(user, this.#evmChain)) {
       return getUserChainAddress(user, this.#evmChain);
     }
@@ -117,8 +118,15 @@ export class SequenceProvider implements Provider {
         const flow = trackFlow('passport', 'ethRequestAccounts');
 
         try {
-          const user = await this.#auth.getUserOrLogin();
-          flow.addEvent('endGetUserOrLogin');
+          const user = await this.#getUser();
+          flow.addEvent('endGetUser');
+
+          if (!user) {
+            throw new JsonRpcError(
+              RpcErrorCode.INTERNAL_ERROR,
+              'User not authenticated',
+            );
+          }
 
           let userEthAddress: string | undefined;
 
@@ -126,7 +134,7 @@ export class SequenceProvider implements Provider {
             flow.addEvent('startUserRegistration');
 
             userEthAddress = await registerUser({
-              auth: this.#auth,
+              getUser: this.#getUser,
               ethSigner: this.#ethSigner,
               multiRollupApiClients: this.#multiRollupApiClients,
               accessToken: user.accessToken,

package/src/sequence/signer/identityInstrumentSigner.ts

@@ -2,13 +2,14 @@ import { hashMessage, toHex, concat } from 'viem';
 import { Identity } from '@0xsequence/wallet-wdk';
 import { IdentityInstrument, IdTokenChallenge } from '@0xsequence/identity-instrument';
 import { WalletError, WalletErrorType } from '../../errors';
-import { Auth, User, decodeJwtPayload } from '@imtbl/auth';
+import { User, decodeJwtPayload } from '@imtbl/auth';
 import { Hex, Address } from 'ox';
 import {
   Payload,
   Signature as SequenceSignature,
 } from '@0xsequence/wallet-primitives';
 import { SequenceSigner } from './types';
+import { GetUserFunction } from '../../types';
 
 interface IdTokenPayload {
   iss: string;
@@ -36,7 +37,7 @@ export interface IdentityInstrumentSignerConfig {
 }
 
 export class IdentityInstrumentSigner implements SequenceSigner {
-  readonly #auth: Auth;
+  readonly #getUser: GetUserFunction;
 
   readonly #config: IdentityInstrumentSignerConfig;
 
@@ -44,13 +45,13 @@ export class IdentityInstrumentSigner implements SequenceSigner {
 
   #createWalletPromise: Promise<UserWallet> | null = null;
 
-  constructor(auth: Auth, config: IdentityInstrumentSignerConfig) {
-    this.#auth = auth;
+  constructor(getUser: GetUserFunction, config: IdentityInstrumentSignerConfig) {
+    this.#getUser = getUser;
     this.#config = config;
   }
 
   async #getUserOrThrow(): Promise<User> {
-    const user = await this.#auth.getUser();
+    const user = await this.#getUser();
     if (!user) {
       throw new WalletError(
         'User not authenticated',
@@ -80,7 +81,8 @@ export class IdentityInstrumentSigner implements SequenceSigner {
     this.#createWalletPromise = (async () => {
       try {
         this.#userWallet = null;
-        await this.#auth.forceUserRefresh(); // TODO shouldn't have to refresh all the time
+        // Force refresh to get latest user data including idToken
+        await this.#getUser(true);
 
         const authenticatedUser = user || await this.#getUserOrThrow();
 

package/src/sequence/signer/index.ts

@@ -1,18 +1,18 @@
-import { Auth, IAuthConfiguration } from '@imtbl/auth';
 import { SequenceSigner } from './types';
 import { IdentityInstrumentSigner } from './identityInstrumentSigner';
 import { PrivateKeySigner } from './privateKeySigner';
+import { GetUserFunction } from '../../types';
 
 export type { SequenceSigner } from './types';
 export { IdentityInstrumentSigner } from './identityInstrumentSigner';
 export type { IdentityInstrumentSignerConfig } from './identityInstrumentSigner';
 export { PrivateKeySigner } from './privateKeySigner';
 
-const DEV_AUTH_DOMAIN = 'https://auth.dev.immutable.com';
-
 export interface CreateSequenceSignerConfig {
   /** Identity Instrument endpoint (required for prod/sandbox) */
   identityInstrumentEndpoint?: string;
+  /** Whether this is a dev environment (uses PrivateKeySigner instead of IdentityInstrumentSigner) */
+  isDevEnvironment?: boolean;
 }
 
 /**
@@ -20,26 +20,22 @@ export interface CreateSequenceSignerConfig {
  * - Dev environment (behind VPN): uses PrivateKeySigner
  * - Prod/Sandbox: uses IdentityInstrumentSigner
  *
- * @param auth - Auth instance
- * @param authConfig - Auth configuration (to determine environment)
+ * @param getUser - Function to get the current user
  * @param config - Signer configuration
  */
 export function createSequenceSigner(
-  auth: Auth,
-  authConfig: IAuthConfiguration,
+  getUser: GetUserFunction,
   config: CreateSequenceSignerConfig = {},
 ): SequenceSigner {
-  const isDevEnvironment = authConfig.authenticationDomain === DEV_AUTH_DOMAIN;
-
-  if (isDevEnvironment) {
-    return new PrivateKeySigner(auth);
+  if (config.isDevEnvironment) {
+    return new PrivateKeySigner(getUser);
   }
 
   if (!config.identityInstrumentEndpoint) {
     throw new Error('identityInstrumentEndpoint is required for non-dev environments');
   }
 
-  return new IdentityInstrumentSigner(auth, {
+  return new IdentityInstrumentSigner(getUser, {
     identityInstrumentEndpoint: config.identityInstrumentEndpoint,
   });
 }

package/src/sequence/signer/privateKeySigner.ts

@@ -1,7 +1,7 @@
 import { keccak256, toBytes } from 'viem';
 import { privateKeyToAccount } from 'viem/accounts';
 import { WalletError, WalletErrorType } from '../../errors';
-import { Auth, User } from '@imtbl/auth';
+import { User } from '@imtbl/auth';
 import { Signers } from '@0xsequence/wallet-core';
 import {
   Payload,
@@ -9,6 +9,7 @@ import {
 } from '@0xsequence/wallet-primitives';
 import { SequenceSigner } from './types';
 import { Address } from 'ox';
+import { GetUserFunction } from '../../types';
 
 interface PrivateKeyWallet {
   userIdentifier: string;
@@ -22,18 +23,18 @@ interface PrivateKeyWallet {
  * Uses a deterministic private key derived from the user's sub.
  */
 export class PrivateKeySigner implements SequenceSigner {
-  readonly #auth: Auth;
+  readonly #getUser: GetUserFunction;
 
   #privateKeyWallet: PrivateKeyWallet | null = null;
 
   #createWalletPromise: Promise<PrivateKeyWallet> | null = null;
 
-  constructor(auth: Auth) {
-    this.#auth = auth;
+  constructor(getUser: GetUserFunction) {
+    this.#getUser = getUser;
   }
 
   async #getUserOrThrow(): Promise<User> {
-    const user = await this.#auth.getUser();
+    const user = await this.#getUser();
     if (!user) {
       throw new WalletError('User not authenticated', WalletErrorType.NOT_LOGGED_IN_ERROR);
     }

package/src/sequence/user/registerUser.ts

@@ -2,12 +2,12 @@ import { MultiRollupApiClients } from '@imtbl/generated-clients';
 import { Flow } from '@imtbl/metrics';
 import type { PublicClient } from 'viem';
 import { getEip155ChainId } from '../../zkEvm/walletHelpers';
-import { Auth } from '@imtbl/auth';
 import { JsonRpcError, RpcErrorCode } from '../../zkEvm/JsonRpcError';
 import { SequenceSigner } from '../signer';
+import { GetUserFunction } from '../../types';
 
 export type RegisterUserInput = {
-  auth: Auth;
+  getUser: GetUserFunction;
   ethSigner: SequenceSigner;
   multiRollupApiClients: MultiRollupApiClients;
   accessToken: string;
@@ -39,7 +39,7 @@ function formatSignature(signature: string): string {
  * Creates a counterfactual address for the user on the specified chain.
  */
 export async function registerUser({
-  auth,
+  getUser,
   ethSigner,
   multiRollupApiClients,
   accessToken,
@@ -87,7 +87,8 @@ export async function registerUser({
     });
     flow.addEvent('endCreateCounterfactualAddress');
 
-    auth.forceUserRefreshInBackground();
+    // Trigger background refresh to get updated user data with the new chain registration
+    getUser(true).catch(() => {});
 
     return registrationResponse.data.counterfactual_address;
   } catch (error) {