@imtbl/wallet 2.12.7-alpha.1 → 2.12.7-alpha.10

package/src/sequence/sequenceProvider.ts

@@ -1,284 +0,0 @@
-import {
-  createPublicClient,
-  http,
-  toHex,
-  type PublicClient,
-} from 'viem';
-import { MultiRollupApiClients } from '@imtbl/generated-clients';
-import { TypedEventEmitter, User } from '@imtbl/auth';
-import { trackFlow, trackError, identify } from '@imtbl/metrics';
-import {
-  Provider,
-  ProviderEvent,
-  ProviderEventMap,
-  RequestArguments,
-  ChainConfig,
-  EvmChain,
-  GetUserFunction,
-} from '../types';
-import { JsonRpcError, ProviderErrorCode, RpcErrorCode } from '../zkEvm/JsonRpcError';
-import GuardianClient from '../guardian';
-import { SequenceSigner } from './signer';
-import { registerUser } from './user';
-import { getEvmChainFromChainId } from '../network/chainRegistry';
-
-export type SequenceProviderInput = {
-  getUser: GetUserFunction;
-  chainConfig: ChainConfig;
-  multiRollupApiClients: MultiRollupApiClients;
-  guardianClient: GuardianClient;
-  ethSigner: SequenceSigner;
-  passportEventEmitter: TypedEventEmitter<ProviderEventMap>;
-};
-
-/** Non-zkEVM chain type */
-type SequenceChain = Exclude<EvmChain, EvmChain.ZKEVM>;
-
-/**
- * Check if user is registered for a non-zkEVM chain.
- * The chain data is stored as user[chainName] (e.g., user.arbitrum_one).
- */
-function isUserRegisteredForChain(user: User, chain: SequenceChain): boolean {
-  return chain in user && !!(user as any)[chain]?.ethAddress;
-}
-
-/**
- * Get the user's eth address for a non-zkEVM chain.
- */
-function getUserChainAddress(user: User, chain: SequenceChain): string | undefined {
-  const chainData = (user as any)[chain];
-  return chainData?.ethAddress;
-}
-
-export class SequenceProvider implements Provider {
-  readonly #getUser: GetUserFunction;
-
-  readonly #chainConfig: ChainConfig;
-
-  readonly #multiRollupApiClients: MultiRollupApiClients;
-
-  readonly #rpcProvider: PublicClient;
-
-  readonly #providerEventEmitter: TypedEventEmitter<ProviderEventMap>;
-
-  readonly #guardianClient: GuardianClient;
-
-  readonly #ethSigner: SequenceSigner;
-
-  readonly #evmChain: SequenceChain;
-
-  public readonly isPassport: boolean = true;
-
-  constructor({
-    getUser,
-    chainConfig,
-    multiRollupApiClients,
-    guardianClient,
-    ethSigner,
-    passportEventEmitter,
-  }: SequenceProviderInput) {
-    // Validate this is not a zkEVM chain
-    const evmChain = getEvmChainFromChainId(chainConfig.chainId);
-    if (evmChain === EvmChain.ZKEVM) {
-      throw new Error('SequenceProvider cannot be used for zkEVM chains. Use ZkEvmProvider instead.');
-    }
-    this.#evmChain = evmChain;
-
-    this.#getUser = getUser;
-    this.#chainConfig = chainConfig;
-    this.#multiRollupApiClients = multiRollupApiClients;
-    this.#guardianClient = guardianClient;
-    this.#ethSigner = ethSigner;
-    this.#providerEventEmitter = passportEventEmitter;
-
-    // Create PublicClient for reading from the chain using viem
-    this.#rpcProvider = createPublicClient({
-      transport: http(this.#chainConfig.rpcUrl),
-    });
-  }
-
-  /**
-   * Get the user's address for this chain if already registered.
-   */
-  async #getChainAddress(): Promise<string | undefined> {
-    const user = await this.#getUser();
-    if (user && isUserRegisteredForChain(user, this.#evmChain)) {
-      return getUserChainAddress(user, this.#evmChain);
-    }
-    return undefined;
-  }
-
-  async #performRequest(request: RequestArguments): Promise<any> {
-    switch (request.method) {
-      case 'eth_requestAccounts': {
-        // Check if already registered
-        const existingAddress = await this.#getChainAddress();
-        if (existingAddress) return [existingAddress];
-
-        const flow = trackFlow('passport', 'ethRequestAccounts');
-
-        try {
-          const user = await this.#getUser();
-          flow.addEvent('endGetUser');
-
-          if (!user) {
-            throw new JsonRpcError(
-              RpcErrorCode.INTERNAL_ERROR,
-              'User not authenticated',
-            );
-          }
-
-          let userEthAddress: string | undefined;
-
-          if (!isUserRegisteredForChain(user, this.#evmChain)) {
-            flow.addEvent('startUserRegistration');
-
-            userEthAddress = await registerUser({
-              getUser: this.#getUser,
-              ethSigner: this.#ethSigner,
-              multiRollupApiClients: this.#multiRollupApiClients,
-              accessToken: user.accessToken,
-              rpcProvider: this.#rpcProvider,
-              flow,
-            });
-            flow.addEvent('endUserRegistration');
-          } else {
-            userEthAddress = getUserChainAddress(user, this.#evmChain);
-          }
-
-          if (!userEthAddress) {
-            throw new JsonRpcError(
-              RpcErrorCode.INTERNAL_ERROR,
-              'Failed to get user address after registration',
-            );
-          }
-
-          this.#providerEventEmitter.emit(ProviderEvent.ACCOUNTS_CHANGED, [
-            userEthAddress,
-          ]);
-          identify({
-            passportId: user.profile.sub,
-          });
-          return [userEthAddress];
-        } catch (error) {
-          if (error instanceof Error) {
-            trackError('passport', 'ethRequestAccounts', error, { flowId: flow.details.flowId });
-          } else {
-            flow.addEvent('errored');
-          }
-          throw error;
-        } finally {
-          flow.addEvent('End');
-        }
-      }
-
-      case 'eth_accounts': {
-        const address = await this.#getChainAddress();
-        return address ? [address] : [];
-      }
-
-      // TODO: Implement eth_sendTransaction
-      case 'eth_sendTransaction': {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNSUPPORTED_METHOD,
-          'eth_sendTransaction not yet implemented for this chain',
-        );
-      }
-
-      // TODO: Implement personal_sign
-      case 'personal_sign': {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNSUPPORTED_METHOD,
-          'personal_sign not yet implemented for this chain',
-        );
-      }
-
-      // TODO: Implement eth_signTypedData
-      case 'eth_signTypedData':
-      case 'eth_signTypedData_v4': {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNSUPPORTED_METHOD,
-          'eth_signTypedData not yet implemented for this chain',
-        );
-      }
-
-      case 'eth_chainId': {
-        const chainId = await this.#rpcProvider.getChainId();
-        return toHex(chainId);
-      }
-
-      // Pass through methods
-      case 'eth_getBalance':
-      case 'eth_getCode':
-      case 'eth_getTransactionCount': {
-        const [address, blockNumber] = request.params || [];
-        return this.#rpcProvider.request({
-          method: request.method as any,
-          params: [address, blockNumber || 'latest'],
-        });
-      }
-
-      case 'eth_getStorageAt': {
-        const [address, storageSlot, blockNumber] = request.params || [];
-        return this.#rpcProvider.request({
-          method: 'eth_getStorageAt',
-          params: [address, storageSlot, blockNumber || 'latest'],
-        });
-      }
-
-      case 'eth_call':
-      case 'eth_estimateGas': {
-        const [transaction, blockNumber] = request.params || [];
-        return this.#rpcProvider.request({
-          method: request.method as any,
-          params: [transaction, blockNumber || 'latest'],
-        });
-      }
-
-      case 'eth_gasPrice':
-      case 'eth_blockNumber':
-      case 'eth_getBlockByHash':
-      case 'eth_getBlockByNumber':
-      case 'eth_getTransactionByHash':
-      case 'eth_getTransactionReceipt': {
-        return this.#rpcProvider.request({
-          method: request.method as any,
-          params: (request.params || []) as any,
-        });
-      }
-
-      default: {
-        throw new JsonRpcError(
-          ProviderErrorCode.UNSUPPORTED_METHOD,
-          'Method not supported',
-        );
-      }
-    }
-  }
-
-  public async request(request: RequestArguments): Promise<any> {
-    try {
-      return this.#performRequest(request);
-    } catch (error: unknown) {
-      if (error instanceof JsonRpcError) {
-        throw error;
-      }
-      if (error instanceof Error) {
-        throw new JsonRpcError(RpcErrorCode.INTERNAL_ERROR, error.message);
-      }
-
-      throw new JsonRpcError(RpcErrorCode.INTERNAL_ERROR, 'Internal error');
-    }
-  }
-
-  public on(event: string, listener: (...args: any[]) => void): void {
-    this.#providerEventEmitter.on(event, listener);
-  }
-
-  public removeListener(
-    event: string,
-    listener: (...args: any[]) => void,
-  ): void {
-    this.#providerEventEmitter.removeListener(event, listener);
-  }
-}

package/src/sequence/signer/identityInstrumentSigner.ts

@@ -1,195 +0,0 @@
-import { hashMessage, toHex, concat } from 'viem';
-import { Identity } from '@0xsequence/wallet-wdk';
-import { IdentityInstrument, IdTokenChallenge } from '@0xsequence/identity-instrument';
-import { WalletError, WalletErrorType } from '../../errors';
-import { User, decodeJwtPayload } from '@imtbl/auth';
-import { Hex, Address } from 'ox';
-import {
-  Payload,
-  Signature as SequenceSignature,
-} from '@0xsequence/wallet-primitives';
-import { SequenceSigner } from './types';
-import { GetUserFunction } from '../../types';
-
-interface IdTokenPayload {
-  iss: string;
-  aud: string;
-  sub: string;
-}
-
-interface AuthKey {
-  address: string;
-  privateKey: CryptoKey;
-  identitySigner: string;
-  expiresAt: Date;
-}
-
-interface UserWallet {
-  userIdentifier: string;
-  signerAddress: string;
-  authKey: AuthKey;
-  identityInstrument: IdentityInstrument;
-}
-
-export interface IdentityInstrumentSignerConfig {
-  /** Sequence Identity Instrument endpoint URL */
-  identityInstrumentEndpoint: string;
-}
-
-export class IdentityInstrumentSigner implements SequenceSigner {
-  readonly #getUser: GetUserFunction;
-
-  readonly #config: IdentityInstrumentSignerConfig;
-
-  #userWallet: UserWallet | null = null;
-
-  #createWalletPromise: Promise<UserWallet> | null = null;
-
-  constructor(getUser: GetUserFunction, config: IdentityInstrumentSignerConfig) {
-    this.#getUser = getUser;
-    this.#config = config;
-  }
-
-  async #getUserOrThrow(): Promise<User> {
-    const user = await this.#getUser();
-    if (!user) {
-      throw new WalletError(
-        'User not authenticated',
-        WalletErrorType.NOT_LOGGED_IN_ERROR,
-      );
-    }
-    return user;
-  }
-
-  async #getUserWallet(): Promise<UserWallet> {
-    let userWallet = this.#userWallet;
-    if (!userWallet) {
-      userWallet = await this.#createWallet();
-    }
-
-    const user = await this.#getUserOrThrow();
-    if (user.profile.sub !== userWallet.userIdentifier) {
-      userWallet = await this.#createWallet(user);
-    }
-
-    return userWallet;
-  }
-
-  async #createWallet(user?: User): Promise<UserWallet> {
-    if (this.#createWalletPromise) return this.#createWalletPromise;
-
-    this.#createWalletPromise = (async () => {
-      try {
-        this.#userWallet = null;
-        // Force refresh to get latest user data including idToken
-        await this.#getUser(true);
-
-        const authenticatedUser = user || await this.#getUserOrThrow();
-
-        if (!authenticatedUser.idToken) {
-          throw new WalletError(
-            'User idToken not available',
-            WalletErrorType.NOT_LOGGED_IN_ERROR,
-          );
-        }
-
-        const { idToken } = authenticatedUser;
-        const decoded = decodeJwtPayload<IdTokenPayload>(idToken);
-        const issuer = decoded.iss;
-        const audience = decoded.aud;
-
-        const keyPair = await window.crypto.subtle.generateKey(
-          { name: 'ECDSA', namedCurve: 'P-256' },
-          false,
-          ['sign', 'verify'],
-        );
-
-        const publicKey = await window.crypto.subtle.exportKey('raw', keyPair.publicKey);
-        const authKey: AuthKey = {
-          address: Hex.fromBytes(new Uint8Array(publicKey)),
-          privateKey: keyPair.privateKey,
-          identitySigner: '',
-          expiresAt: new Date(Date.now() + 3600000),
-        };
-
-        const identityInstrument = new IdentityInstrument(
-          this.#config.identityInstrumentEndpoint,
-          '@14:test',
-        );
-        const challenge = new IdTokenChallenge(issuer, audience, idToken);
-
-        await identityInstrument.commitVerifier(
-          Identity.toIdentityAuthKey(authKey),
-          challenge,
-        );
-
-        const result = await identityInstrument.completeAuth(
-          Identity.toIdentityAuthKey(authKey),
-          challenge,
-        );
-
-        const signerAddress = result.signer.address;
-        authKey.identitySigner = signerAddress;
-
-        this.#userWallet = {
-          userIdentifier: authenticatedUser.profile.sub,
-          signerAddress,
-          authKey,
-          identityInstrument,
-        };
-
-        return this.#userWallet;
-      } catch (error) {
-        const errorMessage = `Identity Instrument: Failed to create signer: ${(error as Error).message}`;
-        throw new WalletError(errorMessage, WalletErrorType.WALLET_CONNECTION_ERROR);
-      } finally {
-        this.#createWalletPromise = null;
-      }
-    })();
-
-    return this.#createWalletPromise;
-  }
-
-  async getAddress(): Promise<string> {
-    const wallet = await this.#getUserWallet();
-    return wallet.signerAddress;
-  }
-
-  async signPayload(
-    walletAddress: Address.Address,
-    chainId: number,
-    payload: Payload.Parented,
-  ): Promise<SequenceSignature.SignatureOfSignerLeaf> {
-    const wallet = await this.#getUserWallet();
-
-    const signer = new Identity.IdentitySigner(
-      wallet.identityInstrument,
-      wallet.authKey,
-    );
-
-    return signer.sign(walletAddress, chainId, payload);
-  }
-
-  async signMessage(message: string | Uint8Array): Promise<string> {
-    const wallet = await this.#getUserWallet();
-
-    const signer = new Identity.IdentitySigner(
-      wallet.identityInstrument,
-      wallet.authKey,
-    );
-
-    const messageBytes = typeof message === 'string'
-      ? new TextEncoder().encode(message)
-      : message;
-    const digest = hashMessage({ raw: messageBytes });
-
-    const signature = await signer.signDigest(Hex.toBytes(digest));
-
-    // Format signature: r (32 bytes) + s (32 bytes) + v (1 byte)
-    const r = toHex(signature.r, { size: 32 });
-    const s = toHex(signature.s, { size: 32 });
-    const v = toHex(signature.yParity + 27, { size: 1 });
-
-    return concat([r, s, v]);
-  }
-}

package/src/sequence/signer/index.ts

@@ -1,41 +0,0 @@
-import { SequenceSigner } from './types';
-import { IdentityInstrumentSigner } from './identityInstrumentSigner';
-import { PrivateKeySigner } from './privateKeySigner';
-import { GetUserFunction } from '../../types';
-
-export type { SequenceSigner } from './types';
-export { IdentityInstrumentSigner } from './identityInstrumentSigner';
-export type { IdentityInstrumentSignerConfig } from './identityInstrumentSigner';
-export { PrivateKeySigner } from './privateKeySigner';
-
-export interface CreateSequenceSignerConfig {
-  /** Identity Instrument endpoint (required for prod/sandbox) */
-  identityInstrumentEndpoint?: string;
-  /** Whether this is a dev environment (uses PrivateKeySigner instead of IdentityInstrumentSigner) */
-  isDevEnvironment?: boolean;
-}
-
-/**
- * Create the appropriate signer based on environment.
- * - Dev environment (behind VPN): uses PrivateKeySigner
- * - Prod/Sandbox: uses IdentityInstrumentSigner
- *
- * @param getUser - Function to get the current user
- * @param config - Signer configuration
- */
-export function createSequenceSigner(
-  getUser: GetUserFunction,
-  config: CreateSequenceSignerConfig = {},
-): SequenceSigner {
-  if (config.isDevEnvironment) {
-    return new PrivateKeySigner(getUser);
-  }
-
-  if (!config.identityInstrumentEndpoint) {
-    throw new Error('identityInstrumentEndpoint is required for non-dev environments');
-  }
-
-  return new IdentityInstrumentSigner(getUser, {
-    identityInstrumentEndpoint: config.identityInstrumentEndpoint,
-  });
-}

package/src/sequence/signer/privateKeySigner.ts

@@ -1,112 +0,0 @@
-import { keccak256, toBytes } from 'viem';
-import { privateKeyToAccount } from 'viem/accounts';
-import { WalletError, WalletErrorType } from '../../errors';
-import { User } from '@imtbl/auth';
-import { Signers } from '@0xsequence/wallet-core';
-import {
-  Payload,
-  Signature as SequenceSignature,
-} from '@0xsequence/wallet-primitives';
-import { SequenceSigner } from './types';
-import { Address } from 'ox';
-import { GetUserFunction } from '../../types';
-
-interface PrivateKeyWallet {
-  userIdentifier: string;
-  signerAddress: string;
-  signer: Signers.Pk.Pk;
-  privateKey: `0x${string}`;
-}
-
-/**
- * Private key signer for dev environments (behind VPN).
- * Uses a deterministic private key derived from the user's sub.
- */
-export class PrivateKeySigner implements SequenceSigner {
-  readonly #getUser: GetUserFunction;
-
-  #privateKeyWallet: PrivateKeyWallet | null = null;
-
-  #createWalletPromise: Promise<PrivateKeyWallet> | null = null;
-
-  constructor(getUser: GetUserFunction) {
-    this.#getUser = getUser;
-  }
-
-  async #getUserOrThrow(): Promise<User> {
-    const user = await this.#getUser();
-    if (!user) {
-      throw new WalletError('User not authenticated', WalletErrorType.NOT_LOGGED_IN_ERROR);
-    }
-    return user;
-  }
-
-  async #getWalletInstance(): Promise<PrivateKeyWallet> {
-    let privateKeyWallet = this.#privateKeyWallet;
-    if (!privateKeyWallet) {
-      privateKeyWallet = await this.#createWallet();
-    }
-
-    const user = await this.#getUserOrThrow();
-    if (user.profile.sub !== privateKeyWallet.userIdentifier) {
-      privateKeyWallet = await this.#createWallet(user);
-    }
-
-    return privateKeyWallet;
-  }
-
-  async #createWallet(user?: User): Promise<PrivateKeyWallet> {
-    if (this.#createWalletPromise) return this.#createWalletPromise;
-
-    this.#createWalletPromise = (async () => {
-      try {
-        this.#privateKeyWallet = null;
-        const authenticatedUser = user || (await this.#getUserOrThrow());
-
-        const privateKeyHash = keccak256(toBytes(`${authenticatedUser.profile.sub}-sequence`));
-        const signer = new Signers.Pk.Pk(privateKeyHash);
-        const signerAddress = signer.address;
-
-        this.#privateKeyWallet = {
-          userIdentifier: authenticatedUser.profile.sub,
-          signerAddress,
-          signer,
-          privateKey: privateKeyHash,
-        };
-
-        return this.#privateKeyWallet;
-      } catch (error) {
-        const errorMessage = `Failed to create private key wallet: ${(error as Error).message}`;
-        throw new WalletError(errorMessage, WalletErrorType.WALLET_CONNECTION_ERROR);
-      } finally {
-        this.#createWalletPromise = null;
-      }
-    })();
-
-    return this.#createWalletPromise;
-  }
-
-  async getAddress(): Promise<string> {
-    const wallet = await this.#getWalletInstance();
-    return wallet.signerAddress;
-  }
-
-  async signPayload(
-    walletAddress: Address.Address,
-    chainId: number,
-    payload: Payload.Parented,
-  ): Promise<SequenceSignature.SignatureOfSignerLeaf> {
-    const pkWallet = await this.#getWalletInstance();
-    return pkWallet.signer.sign(walletAddress, chainId, payload);
-  }
-
-  async signMessage(message: string | Uint8Array): Promise<string> {
-    const pkWallet = await this.#getWalletInstance();
-
-    // Use viem's account to sign
-    const account = privateKeyToAccount(pkWallet.privateKey);
-    const messageToSign = typeof message === 'string' ? message : { raw: message };
-
-    return await account.signMessage({ message: messageToSign });
-  }
-}

package/src/sequence/signer/types.ts

@@ -1,24 +0,0 @@
-import { Address } from 'ox';
-import {
-  Payload,
-  Signature as SequenceSignature,
-} from '@0xsequence/wallet-primitives';
-
-/**
- * Signer interface for Sequence wallet operations.
- * Used by non-zkEVM chains (e.g., Arbitrum).
- */
-export interface SequenceSigner {
-  /** Get the signer's address */
-  getAddress(): Promise<string>;
-
-  /** Sign a Sequence payload (for transactions) */
-  signPayload(
-    walletAddress: Address.Address,
-    chainId: number,
-    payload: Payload.Parented,
-  ): Promise<SequenceSignature.SignatureOfSignerLeaf>;
-
-  /** Sign a message (EIP-191 personal_sign) */
-  signMessage(message: string | Uint8Array): Promise<string>;
-}

package/src/sequence/user/index.ts

@@ -1,2 +0,0 @@
-export { registerUser } from './registerUser';
-export type { RegisterUserInput } from './registerUser';