@kasflow/passkey-wallet 0.1.0

package/dist/index.d.ts

@@ -0,0 +1,893 @@
+import { RpcClient, UtxoEntryReference, ISubmitTransactionRequest, IPaymentOutput, PendingTransaction, IGeneratorSettingsObject, Generator, PrivateKey } from '@onekeyfe/kaspa-wasm';
+export { Address, Generator, IGeneratorSettingsObject, IPaymentOutput, ISubmitTransactionRequest, ISubmitTransactionResponse, IUtxoEntry, NetworkType, PendingTransaction, PrivateKey, PublicKey, Resolver, RpcClient, Transaction, UtxoContext, UtxoEntryReference, UtxoProcessor } from '@onekeyfe/kaspa-wasm';
+import { KaspaPrefix, KaspaAddressVersion } from '@kluster/kaspa-address';
+
+/** Kaspa network identifiers */
+declare const NETWORK_ID: {
+    readonly MAINNET: "mainnet";
+    readonly TESTNET_10: "testnet-10";
+    readonly TESTNET_11: "testnet-11";
+};
+type NetworkId = (typeof NETWORK_ID)[keyof typeof NETWORK_ID];
+/** Default network for development */
+declare const DEFAULT_NETWORK: NetworkId;
+/** Default priority fee in sompi (0.001 KAS) */
+declare const DEFAULT_PRIORITY_FEE_SOMPI = 100000n;
+/** Number of sompi (smallest unit) per KAS */
+declare const SOMPI_PER_KAS = 100000000n;
+/** Minimum transaction fee in sompi */
+declare const MIN_FEE_SOMPI = 1000n;
+declare const ERROR_MESSAGES: {
+    readonly WALLET_NOT_FOUND: "No wallet found. Please create a wallet first.";
+    readonly WALLET_ALREADY_EXISTS: "A wallet already exists. Delete it before creating a new one.";
+    readonly PASSKEY_REGISTRATION_FAILED: "Failed to register passkey. Please try again.";
+    readonly PASSKEY_AUTHENTICATION_FAILED: "Failed to authenticate with passkey. Please try again.";
+    readonly INVALID_ADDRESS: "Invalid Kaspa address format.";
+    readonly INSUFFICIENT_BALANCE: "Insufficient balance for this transaction.";
+    readonly WEBAUTHN_NOT_SUPPORTED: "WebAuthn is not supported in this browser.";
+    readonly USER_CANCELLED: "Operation was cancelled by the user.";
+    readonly WASM_NOT_INITIALIZED: "Kaspa WASM module not initialized. Call initKaspa() first.";
+    readonly RPC_NOT_CONNECTED: "Not connected to Kaspa network. Call connect() first.";
+    readonly RPC_CONNECTION_FAILED: "Failed to connect to Kaspa network.";
+    readonly TRANSACTION_FAILED: "Transaction failed to submit.";
+    readonly INVALID_AMOUNT: "Invalid transaction amount.";
+};
+type ErrorMessage = (typeof ERROR_MESSAGES)[keyof typeof ERROR_MESSAGES];
+
+/**
+ * TypeScript types for @kasflow/passkey-wallet
+ */
+
+/** Configuration options for creating a new wallet */
+interface CreateWalletOptions {
+    /** Display name for the wallet (shown during passkey registration) */
+    name?: string;
+    /** Network to use (defaults to testnet) */
+    network?: NetworkId;
+}
+/** Configuration options for unlocking an existing wallet */
+interface UnlockWalletOptions {
+    /** Network to use (should match the network used during creation) */
+    network?: NetworkId;
+}
+/** Wallet metadata stored in IndexedDB (no sensitive data) */
+interface WalletMetadata {
+    /** Passkey public key (for deterministic key derivation) */
+    passkeyPublicKey: string;
+    /** Addresses for all networks (enables seamless network switching) */
+    addresses: {
+        [key in NetworkId]: string;
+    };
+    /** Primary/default network */
+    primaryNetwork: NetworkId;
+    /** Creation timestamp */
+    createdAt: number;
+    /** @deprecated Use addresses map instead */
+    address?: string;
+    /** @deprecated Use primaryNetwork instead */
+    network?: NetworkId;
+}
+/** Input for a transaction */
+interface TransactionInput {
+    /** Previous transaction ID */
+    previousOutpoint: {
+        transactionId: string;
+        index: number;
+    };
+    /** Signature script (populated after signing) */
+    signatureScript?: string;
+    /** Sequence number */
+    sequence: bigint;
+}
+/** Output for a transaction */
+interface TransactionOutput {
+    /** Amount in sompi */
+    amount: bigint;
+    /** Script public key (address) */
+    scriptPublicKey: string;
+}
+/** Unsigned transaction ready to be signed */
+interface UnsignedTransaction {
+    /** Transaction inputs */
+    inputs: TransactionInput[];
+    /** Transaction outputs */
+    outputs: TransactionOutput[];
+    /** Lock time */
+    lockTime: bigint;
+    /** Subnetwork ID */
+    subnetworkId: string;
+    /** Transaction version */
+    version: number;
+}
+/** Signed transaction ready to be broadcast */
+interface SignedTransaction extends UnsignedTransaction {
+    /** Transaction ID (hash) */
+    id: string;
+}
+/** WebAuthn credential stored after registration */
+interface StoredCredential {
+    /** Credential ID as base64url */
+    id: string;
+    /** Raw credential ID as Uint8Array */
+    rawId: Uint8Array;
+    /** Public key as base64url (for verification) */
+    publicKey: string;
+    /** Counter for replay protection */
+    counter: number;
+    /** Transports supported by the authenticator */
+    transports?: AuthenticatorTransport[];
+}
+/** Result of WebAuthn registration */
+interface RegistrationResult {
+    /** Whether registration was successful */
+    success: boolean;
+    /** Stored credential (if successful) */
+    credential?: StoredCredential;
+    /** User ID used for registration (for key derivation) */
+    userId?: Uint8Array;
+    /** Passkey's public key extracted from attestation (for deterministic key derivation) */
+    passkeyPublicKey?: Uint8Array;
+    /** Error message (if failed) */
+    error?: string;
+}
+/** Result of WebAuthn authentication */
+interface AuthenticationResult {
+    /** Whether authentication was successful */
+    success: boolean;
+    /** Signature from the authenticator */
+    signature?: Uint8Array;
+    /** Client data JSON for key derivation */
+    clientDataJSON?: Uint8Array;
+    /** Authenticator data */
+    authenticatorData?: Uint8Array;
+    /** Error message (if failed) */
+    error?: string;
+}
+/** Generic result type for SDK operations */
+interface Result<T> {
+    /** Whether the operation was successful */
+    success: boolean;
+    /** Data returned on success */
+    data?: T;
+    /** Error message on failure */
+    error?: string;
+}
+/** Balance information */
+interface BalanceInfo {
+    /** Available balance in sompi */
+    available: bigint;
+    /** Pending balance in sompi */
+    pending: bigint;
+    /** Total balance in sompi */
+    total: bigint;
+}
+/** Events emitted by the wallet */
+type WalletEvent = {
+    type: 'connected';
+    address: string;
+} | {
+    type: 'disconnected';
+} | {
+    type: 'balance_updated';
+    balance: BalanceInfo;
+} | {
+    type: 'transaction_sent';
+    txId: string;
+} | {
+    type: 'transaction_confirmed';
+    txId: string;
+};
+/** Event handler function */
+type WalletEventHandler = (event: WalletEvent) => void;
+
+/**
+ * RPC client for Kaspa network operations
+ * Wraps @onekeyfe/kaspa-wasm RpcClient with a simpler API
+ */
+
+interface RpcConnectionOptions {
+    /** Network to connect to */
+    network: NetworkId;
+    /** Optional custom RPC URL (defaults to public resolver) */
+    url?: string;
+    /** Connection timeout in ms (defaults to RPC_TIMEOUT_MS) */
+    timeout?: number;
+}
+interface RpcEventHandlers {
+    onConnect?: (url: string) => void;
+    onDisconnect?: () => void;
+    onError?: (error: string) => void;
+}
+/**
+ * RPC client for Kaspa network operations
+ *
+ * @example
+ * ```typescript
+ * const rpc = new KaspaRpc();
+ *
+ * await rpc.connect({ network: 'testnet-11' });
+ *
+ * const balance = await rpc.getBalance('kaspatest:...');
+ * console.log('Balance:', balance.available);
+ *
+ * await rpc.disconnect();
+ * ```
+ */
+declare class KaspaRpc {
+    private rpc;
+    private network;
+    private eventHandlers;
+    /**
+     * Check if connected to the network
+     */
+    get isConnected(): boolean;
+    /**
+     * Get the current network
+     */
+    get currentNetwork(): NetworkId | null;
+    /**
+     * Get the underlying RpcClient instance
+     * Only use for advanced operations
+     */
+    get client(): RpcClient | null;
+    /**
+     * Set event handlers for connection events
+     */
+    setEventHandlers(handlers: RpcEventHandlers): void;
+    /**
+     * Connect to the Kaspa network
+     *
+     * @param options - Connection options
+     * @throws Error if connection fails
+     */
+    connect(options: RpcConnectionOptions): Promise<void>;
+    /**
+     * Disconnect from the network
+     */
+    disconnect(): Promise<void>;
+    /**
+     * Ensure RPC is connected, throw if not
+     */
+    private ensureConnected;
+    /**
+     * Get balance for an address
+     *
+     * @param address - Kaspa address
+     * @returns Balance info with available, pending, and total amounts
+     */
+    getBalance(address: string): Promise<BalanceInfo>;
+    /**
+     * Get UTXOs for an address
+     *
+     * @param address - Kaspa address
+     * @returns Array of UTXO entries
+     */
+    getUtxos(address: string): Promise<UtxoEntryReference[]>;
+    /**
+     * Get UTXOs for multiple addresses
+     *
+     * @param addresses - Array of Kaspa addresses
+     * @returns Array of UTXO entries
+     */
+    getUtxosForAddresses(addresses: string[]): Promise<UtxoEntryReference[]>;
+    /**
+     * Submit a signed transaction to the network
+     *
+     * @param transaction - Signed transaction object
+     * @param allowOrphan - Allow orphan transactions (default: false)
+     * @returns Transaction ID
+     */
+    submitTransaction(transaction: ISubmitTransactionRequest['transaction'], allowOrphan?: boolean): Promise<string>;
+    /**
+     * Get the current block count
+     */
+    getBlockCount(): Promise<bigint>;
+    /**
+     * Get network info (DAG info)
+     */
+    getNetworkInfo(): Promise<{
+        network: string;
+        blockCount: bigint;
+        headerCount: bigint;
+        tipHashes: string[];
+        difficulty: number;
+        pastMedianTime: bigint;
+        virtualParentHashes: string[];
+        pruningPointHash: string;
+        virtualDaaScore: bigint;
+        sink: string;
+    }>;
+    /**
+     * Get the current server info
+     */
+    getServerInfo(): Promise<{
+        serverVersion: string;
+        rpcApiVersion: number[];
+        isSynced: boolean;
+        hasUtxoIndex: boolean;
+    }>;
+}
+/**
+ * Get or create the default RPC instance
+ */
+declare const getDefaultRpc: () => KaspaRpc;
+/**
+ * Reset the default RPC instance
+ */
+declare const resetDefaultRpc: () => Promise<void>;
+
+/**
+ * Transaction building and signing utilities for @kasflow/passkey-wallet
+ * Uses @onekeyfe/kaspa-wasm Generator and createTransactions
+ */
+
+interface SendOptions {
+    /** Destination address */
+    to: string;
+    /** Amount to send in sompi */
+    amount: bigint;
+    /** Priority fee in sompi (defaults to DEFAULT_PRIORITY_FEE_SOMPI) */
+    priorityFee?: bigint;
+}
+interface SendResult {
+    /** Transaction ID (hash) */
+    transactionId: string;
+    /** Amount sent in sompi */
+    amount: bigint;
+    /** Fee paid in sompi */
+    fee: bigint;
+}
+interface TransactionEstimate {
+    /** Total number of transactions needed (1 for simple sends) */
+    transactionCount: number;
+    /** Total fees in sompi */
+    fees: bigint;
+    /** Number of UTXOs being consumed */
+    utxoCount: number;
+    /** Final amount including fees */
+    finalAmount: bigint;
+}
+/**
+ * Build transactions for sending KAS
+ * Returns pending transactions ready for signing
+ *
+ * @param utxos - Array of UTXO entries from the wallet
+ * @param outputs - Payment outputs (destination and amount)
+ * @param changeAddress - Address to receive change
+ * @param priorityFee - Priority fee in sompi
+ * @param network - Network identifier
+ */
+declare const buildTransactions: (utxos: UtxoEntryReference[], outputs: IPaymentOutput[], changeAddress: string, priorityFee: bigint | undefined, network: NetworkId) => Promise<{
+    transactions: PendingTransaction[];
+    summary: {
+        transactionCount: number;
+        fees: bigint;
+        utxoCount: number;
+        finalAmount: bigint | undefined;
+    };
+}>;
+/**
+ * Estimate fees for a transaction without building it
+ *
+ * @param utxos - Array of UTXO entries from the wallet
+ * @param outputs - Payment outputs (destination and amount)
+ * @param changeAddress - Address to receive change
+ * @param priorityFee - Priority fee in sompi
+ * @param network - Network identifier
+ */
+declare const estimateFee: (utxos: UtxoEntryReference[], outputs: IPaymentOutput[], changeAddress: string, priorityFee: bigint | undefined, network: NetworkId) => Promise<TransactionEstimate>;
+/**
+ * Sign pending transactions with a private key
+ * Uses PendingTransaction.sign() method for proper signature handling
+ *
+ * @param transactions - Array of pending transactions
+ * @param privateKeyHex - Private key as hex string
+ * @returns Array of signed transactions (same array, mutated)
+ */
+declare const signTransactions: (transactions: PendingTransaction[], privateKeyHex: string) => Promise<PendingTransaction[]>;
+/**
+ * Submit signed transactions to the network
+ *
+ * @param transactions - Array of signed pending transactions
+ * @param rpc - RPC client instance
+ * @returns Array of transaction IDs
+ */
+declare const submitTransactions: (transactions: PendingTransaction[], rpc: KaspaRpc) => Promise<string[]>;
+/**
+ * Complete send flow: build, sign, and submit a transaction
+ *
+ * @param options - Send options (to, amount, priorityFee)
+ * @param utxos - UTXOs to spend from
+ * @param changeAddress - Address to receive change
+ * @param privateKeyHex - Private key for signing
+ * @param rpc - Connected RPC client
+ * @param network - Network identifier
+ * @returns Send result with transaction ID and details
+ */
+declare const sendTransaction: (options: SendOptions, utxos: UtxoEntryReference[], changeAddress: string, privateKeyHex: string, rpc: KaspaRpc, network: NetworkId) => Promise<SendResult>;
+/**
+ * Create a transaction generator for streaming transaction generation
+ * Useful for complex transactions that may need multiple passes
+ *
+ * @param settings - Generator settings
+ * @returns Generator instance
+ */
+declare const createGenerator: (settings: IGeneratorSettingsObject) => Promise<Generator>;
+
+/**
+ * PasskeyWallet - Main wallet class for @kasflow/passkey-wallet
+ * Provides a simple API for creating and managing passkey-protected Kaspa wallets
+ */
+
+/**
+ * PasskeyWallet provides a simple interface for passkey-protected Kaspa wallets
+ *
+ * @example
+ * ```typescript
+ * // Create a new wallet
+ * const result = await PasskeyWallet.create({ name: 'My Wallet' });
+ * if (result.success) {
+ *   const wallet = result.data;
+ *   console.log('Address:', wallet.getAddress());
+ *
+ *   // Connect to network
+ *   await wallet.connect();
+ *
+ *   // Get balance
+ *   const balance = await wallet.getBalance();
+ *   console.log('Balance:', balance.available);
+ *
+ *   // Send KAS
+ *   const tx = await wallet.send({
+ *     to: 'kaspatest:...',
+ *     amount: 100000000n, // 1 KAS in sompi
+ *   });
+ *   console.log('Transaction ID:', tx.transactionId);
+ * }
+ *
+ * // Unlock existing wallet
+ * const result = await PasskeyWallet.unlock();
+ * ```
+ */
+declare class PasskeyWallet {
+    private privateKeyHex;
+    private publicKeyHex;
+    private address;
+    private network;
+    private eventHandlers;
+    private rpc;
+    private credentialId;
+    private passkeyPublicKey;
+    private constructor();
+    /**
+     * Check if WebAuthn/passkeys are supported in the current browser
+     */
+    static isSupported(): boolean;
+    /**
+     * Check if a wallet already exists in storage
+     */
+    static exists(): Promise<boolean>;
+    /**
+     * Create a new passkey-protected wallet
+     *
+     * @param options - Configuration options
+     * @returns Result containing the wallet instance or error
+     */
+    static create(options?: CreateWalletOptions): Promise<Result<PasskeyWallet>>;
+    /**
+     * Unlock an existing wallet using passkey authentication
+     *
+     * @param options - Configuration options
+     * @returns Result containing the wallet instance or error
+     */
+    static unlock(options?: UnlockWalletOptions): Promise<Result<PasskeyWallet>>;
+    /**
+     * Delete the wallet from storage
+     * This is irreversible - make sure user has backed up their keys!
+     */
+    static delete(): Promise<Result<void>>;
+    /**
+     * Get the wallet's Kaspa address
+     */
+    getAddress(): string;
+    /**
+     * Get the wallet's public key as hex string
+     */
+    getPublicKey(): string;
+    /**
+     * Get the current network
+     */
+    getNetwork(): NetworkId;
+    /**
+     * Sign a message with the wallet's private key
+     * Uses Kaspa's message signing scheme
+     *
+     * @param message - Message to sign
+     * @returns Signature as hex string
+     */
+    signMessage(message: string): Promise<string>;
+    /**
+     * Get the private key hex (for advanced usage like transaction signing)
+     * WARNING: Handle with care - this is sensitive data
+     */
+    getPrivateKeyHex(): string;
+    /**
+     * Check if connected to the network
+     */
+    get isConnected(): boolean;
+    /**
+     * Get the underlying RPC client for advanced usage
+     */
+    getRpcClient(): KaspaRpc;
+    /**
+     * Connect to the Kaspa network
+     *
+     * @param options - Optional connection options (defaults to current network with public resolver)
+     */
+    connect(options?: Partial<RpcConnectionOptions>): Promise<void>;
+    /**
+     * Disconnect from the Kaspa network
+     */
+    disconnectNetwork(): Promise<void>;
+    /**
+     * Switch to a different network without re-authentication
+     * Uses pre-computed addresses from wallet creation
+     *
+     * @param network - Target network to switch to
+     * @returns Result with success status
+     */
+    switchNetwork(network: NetworkId): Promise<Result<void>>;
+    /**
+     * Get the wallet's balance
+     *
+     * @returns Balance info with available, pending, and total amounts
+     * @throws Error if not connected to network
+     */
+    getBalance(): Promise<BalanceInfo>;
+    /**
+     * Send KAS to an address
+     *
+     * @param options - Send options (to, amount, priorityFee)
+     * @returns Send result with transaction ID and details
+     * @throws Error if not connected or insufficient balance
+     *
+     * @example
+     * ```typescript
+     * const result = await wallet.send({
+     *   to: 'kaspatest:qz...',
+     *   amount: 100000000n, // 1 KAS
+     * });
+     * console.log('Transaction ID:', result.transactionId);
+     * ```
+     */
+    send(options: SendOptions): Promise<SendResult>;
+    /**
+     * Send transaction with per-transaction passkey authentication
+     *
+     * **RECOMMENDED:** Use this method instead of `send()` for better security.
+     *
+     * This method prompts for passkey authentication for EACH transaction, using the
+     * transaction hash as the WebAuthn challenge. This provides cryptographic proof
+     * that the user approved THIS specific transaction.
+     *
+     * Benefits over `send()`:
+     * - Per-transaction authentication (user approves each transaction)
+     * - Transaction hash cryptographically bound to WebAuthn signature
+     * - Keys derived only when needed, not stored in memory
+     * - Matches standard wallet UX (MetaMask, hardware wallets)
+     *
+     * @param options - Send options (to, amount, priorityFee)
+     * @returns Transaction result with ID and fees
+     * @throws Error if authentication fails, insufficient balance, or network error
+     *
+     * @example
+     * ```typescript
+     * const result = await wallet.sendWithAuth({
+     *   to: 'kaspatest:qz...',
+     *   amount: 100000000n, // 1 KAS
+     * });
+     * console.log('Transaction ID:', result.transactionId);
+     * ```
+     */
+    sendWithAuth(options: SendOptions): Promise<SendResult>;
+    /**
+     * Estimate the fee for a transaction
+     *
+     * @param options - Send options (to, amount, priorityFee)
+     * @returns Transaction estimate with fees and UTXO count
+     * @throws Error if not connected
+     */
+    estimateFee(options: SendOptions): Promise<TransactionEstimate>;
+    /**
+     * Subscribe to wallet events
+     *
+     * @param handler - Event handler function
+     * @returns Unsubscribe function
+     */
+    on(handler: WalletEventHandler): () => void;
+    /**
+     * Emit an event to all subscribers
+     */
+    private emit;
+    /**
+     * Verify that WebAuthn authentication result is for specific transaction
+     *
+     * This method ensures the WebAuthn signature was created for THIS specific
+     * transaction by verifying that the challenge in clientDataJSON matches the
+     * transaction hash.
+     *
+     * This prevents replay attacks where an attacker could try to reuse a signature
+     * from a different transaction.
+     *
+     * @param authResult - Authentication result from passkey
+     * @param txHash - Transaction hash that should be in the challenge
+     * @returns true if verified, false otherwise
+     */
+    private verifyAuthenticationForTransaction;
+    /**
+     * Disconnect the wallet (clears in-memory keys and network connection)
+     */
+    disconnect(): Promise<void>;
+}
+
+/**
+ * Convert Uint8Array to hex string
+ */
+declare const uint8ArrayToHex: (bytes: Uint8Array) => string;
+/**
+ * Convert hex string to Uint8Array
+ */
+declare const hexToUint8Array: (hex: string) => Uint8Array;
+
+/**
+ * Kaspa utilities for @kasflow/passkey-wallet
+ * Uses @onekeyfe/kaspa-wasm for all Kaspa operations
+ */
+
+/**
+ * Get the network type string for WASM SDK
+ * The WASM SDK accepts: 'mainnet', 'testnet-10', 'testnet-11', etc.
+ */
+declare const getNetworkType: (network: NetworkId) => string;
+/**
+ * Get the network ID string (same as getNetworkType, for API consistency)
+ */
+declare const getNetworkIdString: (network: NetworkId) => string;
+/**
+ * Generate a new random private key hex string
+ */
+declare const generatePrivateKey: () => string;
+/**
+ * Create a PrivateKey instance from hex string
+ */
+declare const createPrivateKey: (privateKeyHex: string) => Promise<PrivateKey>;
+/**
+ * Get public key hex from private key hex
+ */
+declare const getPublicKeyHex: (privateKeyHex: string) => Promise<string>;
+/**
+ * Get Kaspa address from private key
+ */
+declare const getAddressFromPrivateKey: (privateKeyHex: string, network: NetworkId) => Promise<string>;
+/**
+ * Validate a private key hex string
+ */
+declare const isValidPrivateKey: (privateKeyHex: string) => Promise<boolean>;
+/**
+ * Create a Kaspa address from a public key
+ */
+declare const publicKeyToAddress: (publicKeyHex: string, network: NetworkId) => Promise<string>;
+/**
+ * Validate a Kaspa address using @kluster/kaspa-address
+ */
+declare const isValidAddress: (address: string) => boolean;
+/**
+ * Parse a Kaspa address and extract components
+ */
+declare const parseAddress: (address: string) => {
+    prefix: KaspaPrefix;
+    version: KaspaAddressVersion;
+    payload: Uint8Array;
+};
+/**
+ * Get the network from an address
+ */
+declare const getNetworkFromAddress: (address: string) => NetworkId;
+/**
+ * Sign a message with a private key
+ * Uses Kaspa's message signing scheme
+ *
+ * @param message - The message to sign
+ * @param privateKeyHex - Private key as hex string
+ * @returns Signature as hex string
+ */
+declare const signMessageWithKey: (message: string, privateKeyHex: string) => Promise<string>;
+/**
+ * Sign a transaction with private keys
+ * Returns the signed transaction
+ *
+ * @param transaction - The transaction to sign
+ * @param privateKeys - Array of private key hex strings or PrivateKey instances
+ * @param verifySig - Whether to verify signatures after signing
+ */
+declare const signTransaction: (transaction: any, privateKeys: (string | PrivateKey)[], verifySig?: boolean) => Promise<any>;
+/**
+ * Convert a KAS string to sompi (bigint)
+ * This function provides correct precision handling
+ */
+declare const kasStringToSompi: (kasString: string) => bigint;
+/**
+ * Convert sompi to a KAS string representation
+ */
+declare const sompiToKasString: (sompi: bigint | number) => string;
+/**
+ * Convert sompi to KAS string with network suffix (KAS, TKAS, etc.)
+ */
+declare const sompiToKasStringWithSuffix: (sompi: bigint | number, network: NetworkId) => string;
+/**
+ * Convert sompi to KAS as a number
+ */
+declare const sompiToKas: (sompi: bigint) => number;
+/**
+ * Convert KAS to sompi
+ */
+declare const kasToSompi: (kas: number) => bigint;
+/**
+ * Format KAS amount for display
+ */
+declare const formatKas: (sompi: bigint, decimals?: number) => string;
+/**
+ * Parse KAS string to sompi (alias for kasStringToSompi)
+ */
+declare const parseKas: (kasString: string) => bigint;
+/**
+ * Compute transaction hash for use as WebAuthn challenge
+ *
+ * This function extracts the transaction ID (hash) from a PendingTransaction
+ * and converts it to a Uint8Array suitable for use as a WebAuthn challenge.
+ *
+ * The transaction ID is the BLAKE2b-256 hash of the transaction data, which
+ * uniquely identifies the transaction and can be used to cryptographically
+ * bind a WebAuthn signature to a specific transaction.
+ *
+ * @param tx - PendingTransaction from WASM SDK
+ * @returns 32-byte transaction hash as Uint8Array
+ *
+ * @example
+ * ```typescript
+ * const tx = await buildTransaction(options);
+ * const txHash = computeTransactionHash(tx);
+ * const authResult = await authenticateWithChallenge(credentialId, txHash);
+ * ```
+ */
+declare const computeTransactionHash: (tx: any) => Uint8Array;
+
+/**
+ * WebAuthn utilities for @kasflow/passkey-wallet
+ * Handles passkey registration and authentication
+ */
+
+/**
+ * Check if WebAuthn is supported in the current browser
+ */
+declare const isWebAuthnSupported: () => boolean;
+/**
+ * Authenticate with passkey using custom challenge (e.g., transaction hash)
+ *
+ * This function enables per-transaction authentication by using transaction-specific
+ * data as the WebAuthn challenge. The authenticator signs the challenge, creating
+ * cryptographic proof that the user approved THIS specific transaction.
+ *
+ * @param credentialId - Stored credential ID from wallet creation
+ * @param challenge - Custom challenge bytes (e.g., transaction hash)
+ * @returns Authentication result with signature
+ *
+ * @example
+ * ```typescript
+ * const txHash = await computeTransactionHash(transaction);
+ * const authResult = await authenticateWithChallenge(credentialId, txHash);
+ * // authResult.signature proves user approved this specific transaction
+ * ```
+ */
+declare const authenticateWithChallenge: (credentialId: string, challenge: Uint8Array) => Promise<AuthenticationResult>;
+
+/**
+ * COSE (CBOR Object Signing and Encryption) Parser
+ * Extracts public keys from WebAuthn attestation objects
+ */
+/**
+ * Extract public key from WebAuthn attestation object
+ *
+ * @param attestationObjectBase64 - Base64url-encoded attestation object from WebAuthn
+ * @returns Uncompressed secp256k1 public key (65 bytes: 0x04 + x + y)
+ * @throws Error if attestation object is invalid or public key cannot be extracted
+ */
+declare function extractPublicKeyFromAttestation(attestationObjectBase64: string): Uint8Array;
+
+/**
+ * Deterministic Key Derivation
+ * Derives Kaspa wallet keys from passkey public keys
+ */
+/**
+ * Derive deterministic Kaspa private key from passkey public key
+ *
+ * How it works:
+ * 1. Hash the passkey public key with SHA-256
+ * 2. Use the hash as the Kaspa private key seed
+ * 3. Same passkey public key → same hash → same Kaspa wallet
+ *
+ * This enables multi-device wallet access:
+ * - Create wallet on Device A with fingerprint
+ * - Passkey syncs via iCloud/Google
+ * - Unlock on Device B with same fingerprint → same wallet!
+ *
+ * @param passkeyPublicKey - Uncompressed passkey public key (65 bytes: 0x04 + x + y)
+ * @returns Private key hex and seed for Kaspa wallet
+ */
+declare function deriveKaspaKeysFromPasskey(passkeyPublicKey: Uint8Array): {
+    privateKeyHex: string;
+    seed: Uint8Array;
+};
+/**
+ * Verify that same passkey public key produces same Kaspa keys (determinism check)
+ *
+ * @param passkeyPublicKey - Passkey public key to test
+ * @param expectedPrivateKeyHex - Expected private key hex
+ * @returns True if derivation is deterministic
+ */
+declare function verifyDeterminism(passkeyPublicKey: Uint8Array, expectedPrivateKeyHex: string): boolean;
+
+/**
+ * Logger utility for @kasflow/passkey-wallet
+ * Centralized logging with module prefixes
+ */
+declare class Logger {
+    private module;
+    constructor(module: string);
+    private formatMessage;
+    /**
+     * Log info message
+     */
+    info(...args: unknown[]): void;
+    /**
+     * Log warning message
+     */
+    warn(...args: unknown[]): void;
+    /**
+     * Log error message
+     */
+    error(...args: unknown[]): void;
+    /**
+     * Log debug message (only in development)
+     */
+    debug(...args: unknown[]): void;
+}
+/**
+ * Create a logger instance for a module
+ *
+ * @param module - Module name (e.g., 'WebAuthn', 'Wallet', 'RPC')
+ * @returns Logger instance
+ *
+ * @example
+ * ```typescript
+ * import { createLogger } from './logger';
+ *
+ * const logger = createLogger('WebAuthn');
+ * logger.info('Starting registration...');
+ * logger.error('Registration failed:', error);
+ * ```
+ */
+declare function createLogger(module: string): Logger;
+
+/**
+ * WASM SDK re-exports for @kasflow/passkey-wallet
+ * Re-exports commonly used types and functions from @onekeyfe/kaspa-wasm
+ */
+
+/**
+ * Initialize console panic hook for better debugging
+ * Call this in development to see WASM panic messages
+ */
+declare const initDebugMode: () => Promise<void>;
+
+export { type AuthenticationResult, type BalanceInfo, type CreateWalletOptions, DEFAULT_NETWORK, DEFAULT_PRIORITY_FEE_SOMPI, ERROR_MESSAGES, type ErrorMessage, KaspaRpc, MIN_FEE_SOMPI, NETWORK_ID, type NetworkId, PasskeyWallet, type RegistrationResult, type Result, type RpcConnectionOptions, type RpcEventHandlers, SOMPI_PER_KAS, type SendOptions, type SendResult, type SignedTransaction, type StoredCredential, type TransactionEstimate, type TransactionInput, type TransactionOutput, type UnlockWalletOptions, type UnsignedTransaction, type WalletEvent, type WalletEventHandler, type WalletMetadata, authenticateWithChallenge, buildTransactions, computeTransactionHash, createGenerator, createLogger, createPrivateKey, deriveKaspaKeysFromPasskey, estimateFee, extractPublicKeyFromAttestation, formatKas, generatePrivateKey, getAddressFromPrivateKey, getDefaultRpc, getNetworkFromAddress, getNetworkIdString, getNetworkType, getPublicKeyHex, hexToUint8Array, initDebugMode, isValidAddress, isValidPrivateKey, isWebAuthnSupported, kasStringToSompi, kasToSompi, parseAddress, parseKas, publicKeyToAddress, resetDefaultRpc, sendTransaction, signMessageWithKey, signTransaction, signTransactions, sompiToKas, sompiToKasString, sompiToKasStringWithSuffix, submitTransactions, uint8ArrayToHex, verifyDeterminism };