@lit-protocol/vincent-app-sdk 1.0.3-beta.6 → 2.0.0

package/CHANGELOG.md

@@ -1,3 +1,189 @@
+# 2.0.0 (2025-08-05)
+
+### 🚀 Features
+
+- Bug fix in app-sdk that kept a policy's allow result from being returned ([11325427](https://github.com/LIT-Protocol/Vincent/commit/11325427))
+- ### Implement supported Vincent Ability API range ([14f0ece1](https://github.com/LIT-Protocol/Vincent/commit/14f0ece1))
+
+  Added basic Ability API handling to ensure abilities & policies are only used by compatible abilities and policies, and with the correct version of the vincentAbilityClient / app-sdk
+
+  - Added a new jsParam when VincentAbilityClient calls an ability, `vincentAbilityApiVersion`
+  - LIT action wrappers for abilities + policies compare `vincentAbilityApiVersion` to match the major semver range the handler was built with from the ability-sdk
+  - vincentAbilityHandler() is responsible for passing along the value when it evaluates supported policies
+
+### 🩹 Fixes
+
+- ### Fix ability failure response cases ([e2be50d9](https://github.com/LIT-Protocol/Vincent/commit/e2be50d9))
+
+  - Ensures that policy denial disables checking the ability result against its fail schema in the abilityClient, because it will always be undefined :)
+  - Ensures that `context` is returned in the response from the abilityClient.execute() method in cases where the ability response was a runtime or schemaValidationError
+
+### ⚠️ Breaking Changes
+
+- Add support for CBOR2 encoded policy parameters using the new vincent-contracts-sdk ([868c6c2a](https://github.com/LIT-Protocol/Vincent/commit/868c6c2a))
+- ### Add support for explicit `schemaValidationError` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, a failure to validate either input or results of lifecycle method would result in `result: { zodError }` being returned
+  - Now, `result` will be `undefined` and there will be an explicit `schemaValidationError` in the result of the ability / policy
+
+  ```typescript
+  export interface SchemaValidationError {
+    zodError: ZodError<unknown>; // The result of `zod.safeParse().error`
+    phase: string; // Policies: `precheck`|`evaluate`|`commit` - Abilities: `precheck` | `execute`
+    stage: string; // `input` | `output`
+  }
+  ```
+
+- ### `error` is now `runtimeError` and can only be set by `throw ...` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, if you had not defined a `deny` or `fail` schema, you could call `deny()` or `fail()` with a string
+  - That string would end up in the ability/policy response as the `error` property instead of `result`
+  - This was problematic because there was no consistent way to identify _un-handled_ error vs. _explicitly returned fail/deny results_
+  - If you don't define a deny or fail schema, you can no longer call those methods with a string.
+  - `error` is now `runtimeError`, and is _only_ set if a lifecycle method `throw`s an Error - in that case it will be the `message` property of the error
+  - If you want to be able to return simple errors in your _result_, you can define a simple deny or fail schema like `z.object({ error: z.string() }`
+
+- ### Create vincentAbilityClient namespace ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  Previously, `getVincentAbilityClient()` and `disconnectVincentAbilityClients()` were exported from the root of the `vincent-app-sdk` package.
+  These methods, along with several other methods are now exported from the `@lit-protocol/app-sdk/abilityClient` namespace
+
+  ```typescript
+  import {
+    getVincentAbilityClient,
+    disconnectVincentAbilityClients,
+    isAbilityResponseFailure,
+    isAbilityResponseRuntimeFailure,
+    isAbilityResponseSchemaValidationFailure,
+    isAbilityResponseSuccess,
+  } from '@lit-protocol/app-sdk/abilityClient';
+  ```
+
+- #### Standardized `app` property on on JWT payload to be a number instead of a string. ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Renamed `consent page` to `delegation auth page` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Move utils exports to `@lit-protocol/vincent-app-sdk/utils` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Moved jwt exports to `@lit-protocol/vincent-app-sdk/jwt` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Enhanced typedocs for all methods and removed type aliases for core functions
+
+- #### Move `VincentWebAppClient` exports to `@lit-protocol/vincent-app-sdk/webAppClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Renamed `VincentWebAppClient` to `WebAuthClient`
+  - Renamed `VincentAppClientConfig` to `WebAuthClientConfig`
+  - Renamed `RedirectToVincentConsentPageParams` to `RedirectToVincentDelegationPageParams`
+  - Renamed `redirectToConsentPage()` to `redirectToDelegationAuthPage()`
+  - Renamed `getVincentWebAppClient()` to `getWebAuthClient()`
+
+- #### Move express-authentication-middleware exports to `@lit-protocol/vincent-app-sdk/expressMiddleware` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Removed `ExpressAuthHelpers` interface - its types are now directly exported from the `expressMiddleware` package sub-path
+
+- #### Moved abilityClient exports to `@lit-protocol/vincent-app-sdk/abilityClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- ### Update express middleware to support non-app-specific JWTs ([9dd1cd26](https://github.com/LIT-Protocol/Vincent/commit/9dd1cd26))
+
+  - Replaced individual function exports of `authenticatedRequestHandler()` and `getAuthenticateUserExpressHandler()` with a single `createVincentUserMiddleware()` function
+
+  #### createVincentUserMiddleware({ allowedAudience, userKey, requiredAppId? }) -> { middleware(), handler() }
+
+  - You can now configure the property on `req` where the vincent user JWT data will be placed using `userKey`
+  - You can now configure the authentication middleware to throw if `requiredAppId` does not match a specific appId you provide
+  - `allowedAudience` behaviour remains unchanged
+  - See example usage on the API docs for the package @ http://docs.heyvincent.ai
+
+  ```
+
+  ```
+
+- ### Support JWTs that are not app-specific ([0553a934](https://github.com/LIT-Protocol/Vincent/commit/0553a934))
+
+  This release adds support for general authentication JWTs that are not tied to a specific app. This is a breaking change that requires updates to code that uses the JWT validation functions.
+
+  #### API Changes
+
+  - `verify` and `decode` functions now accept object parameters instead of separate parameters
+    - Their return values are strongly typed based on whether `requiredAppId` is provided.
+    - They throw if `requiredAppId` is provided but the jwt is either not app-specific or the app id on the token doesn't match the `requiredAppId`
+  - `appId` type changed from `string` to `number` in WebAuthClient configuration
+  - WebAuthClient now throws an error if the `appId` it was configured with isn't in the JWT it decodes
+
+  #### New Functions
+
+  - `isGeneralJWT`: Type guard to check if a JWT is Vincent JWT that has no app associated
+  - `isAppSpecificJWT`: Type guard to check if a JWT is a vincent JWT that is app-specific
+  - `assertIsVincentJWT`: Assertion function to validate if a decoded JWT is a valid Vincent JWT
+  - `getAppInfo`: Convenience method that returns the app ID and version from an app-specific JWT's payload
+  - `getPKPInfo`: Convenience method that returns PKP information from any Vincent JWT's payload
+
+  #### New Types
+
+  - `VincentJWT`: Interface for a decoded Vincent JWT without app-specific details (general authentication)
+  - `VincentJWTAppSpecific`: Interface for a decoded app-specific Vincent JWT
+  - `BaseVincentJWTPayload`: Payload that contains always-present properties on all Vincent JWTs
+  - `VincentAppSpecificJWTPayload`: Extends VincentJWTPayload with app-specific information
+
+- ## JWT Refactor ([c21bc3c3](https://github.com/LIT-Protocol/Vincent/commit/c21bc3c3))
+
+  #### Refactored our JWT structure, composition, and verification logic.
+
+  - Removed dependency on `did-jwt`; since we are signing using EIP-191 compliant signatures, the presence of `did:ethr` was misleading.
+  - Added support for Delegatee JWTs
+
+  #### We now support 3 types of JWT:
+
+  - `VincentJWTAppUser`
+    - `role` claim in the JWT payload is `app-user`
+    - Contains PKP info
+    - Is app-specific
+    - Is provided to app end-users, so that they can authenticate with services that are provided by individual Vincent Apps
+  - `VincentJWTPlatformUser`
+    - `role` claim in the JWT payload is `platform-user`
+    - Contains PKP info
+    - Used to authenticate with Vincent platform services (e.g. the registry backend)
+    - Is not app-specific
+    - The Vincent dashboard uses these for App owners and Ability & Policy authors
+  - `VincentJWTDelegatee`
+    - `role` claim in the JWT payload is `app-delegatee`
+    - Does not contain PKP info; delegatees are not PKP-backed
+    - Is not app-specific
+    - Used to authenticate with services that require proof that they are being used by a specific delegatee who has permissions to act on behalf of a delegator (app user) account.
+
+  ### API Changes
+
+  - Many classes and interfaces were renamed to clearly indicate which type of JWT that they apply to.
+  - Added `publicKey` to the `payload` of all JWTs for signature verification convenience
+  - `iss` and `sub` are now raw hex-formatted ethers addresses, without `did:ethr` prefixes
+  - JWT verification has been converted to be an async process, and explicit verify methods have been defined for each type of JWT
+    - `verifyVincentAppUserJWT()`
+    - `verifyVincentPlatformJWT()`
+    - `verifyVincentDelegateeJWT()`
+  - Type-guard functions have also been added to help identify the kind of JWT you are using and provide type-safe references to those JWTs, but for most use-cases you will probably just use the type-specific `verify` methods.
+    - `isVincentJWTAppSpecific()`
+    - `isVincentPlatformJWT()`
+    - `isVincentJWTDelegatee()`
+    - `isAnyVincentJWT()`
+  - Added accessor helper functions to facilitate easy, type-safe access to properties on supported JWTs
+    - `getRole()` - All Vincent JWTs
+    - `getPublicKey()` - All Vincent JWTs
+    - `getIssuerAddress()` - All Vincent JWTs
+    - `getAudience()` - All Vincent JWTs
+    - `getSubjectAddress()` - Only for `VincentJWTDelegatee`
+    - `getAppInfo()` - Only for `VincentJWTAppUser`
+    - `getPKPInfo()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+    - `getAuthentication()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+  - `decode` has been renamed to `decodeVincentJWT()`;
+    - You probably want to use the type-specific `verify` methods instead of calling decode directly, unless you're absolutely sure that you've already verified the JWT and are positive it hasn't expired!
+    - This function returns an `AnyVincentJWT` type which you must narrow using type-guard functions.
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.0
+- Updated contracts-sdk to 2.0.0
+
+### ❤️ Thank You
+
+- Daryl Collins
+- Wyatt Barnes @spacesailor24
+
 ## 1.0.2 (2025-07-08)
 
 ### 🩹 Fixes

package/dist/CHANGELOG.md

@@ -0,0 +1,260 @@
+# 2.0.0 (2025-08-05)
+
+### 🚀 Features
+
+- Bug fix in app-sdk that kept a policy's allow result from being returned ([11325427](https://github.com/LIT-Protocol/Vincent/commit/11325427))
+- ### Implement supported Vincent Ability API range ([14f0ece1](https://github.com/LIT-Protocol/Vincent/commit/14f0ece1))
+
+  Added basic Ability API handling to ensure abilities & policies are only used by compatible abilities and policies, and with the correct version of the vincentAbilityClient / app-sdk
+
+  - Added a new jsParam when VincentAbilityClient calls an ability, `vincentAbilityApiVersion`
+  - LIT action wrappers for abilities + policies compare `vincentAbilityApiVersion` to match the major semver range the handler was built with from the ability-sdk
+  - vincentAbilityHandler() is responsible for passing along the value when it evaluates supported policies
+
+### 🩹 Fixes
+
+- ### Fix ability failure response cases ([e2be50d9](https://github.com/LIT-Protocol/Vincent/commit/e2be50d9))
+
+  - Ensures that policy denial disables checking the ability result against its fail schema in the abilityClient, because it will always be undefined :)
+  - Ensures that `context` is returned in the response from the abilityClient.execute() method in cases where the ability response was a runtime or schemaValidationError
+
+### ⚠️ Breaking Changes
+
+- Add support for CBOR2 encoded policy parameters using the new vincent-contracts-sdk ([868c6c2a](https://github.com/LIT-Protocol/Vincent/commit/868c6c2a))
+- ### Add support for explicit `schemaValidationError` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, a failure to validate either input or results of lifecycle method would result in `result: { zodError }` being returned
+  - Now, `result` will be `undefined` and there will be an explicit `schemaValidationError` in the result of the ability / policy
+
+  ```typescript
+  export interface SchemaValidationError {
+    zodError: ZodError<unknown>; // The result of `zod.safeParse().error`
+    phase: string; // Policies: `precheck`|`evaluate`|`commit` - Abilities: `precheck` | `execute`
+    stage: string; // `input` | `output`
+  }
+  ```
+
+- ### `error` is now `runtimeError` and can only be set by `throw ...` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, if you had not defined a `deny` or `fail` schema, you could call `deny()` or `fail()` with a string
+  - That string would end up in the ability/policy response as the `error` property instead of `result`
+  - This was problematic because there was no consistent way to identify _un-handled_ error vs. _explicitly returned fail/deny results_
+  - If you don't define a deny or fail schema, you can no longer call those methods with a string.
+  - `error` is now `runtimeError`, and is _only_ set if a lifecycle method `throw`s an Error - in that case it will be the `message` property of the error
+  - If you want to be able to return simple errors in your _result_, you can define a simple deny or fail schema like `z.object({ error: z.string() }`
+
+- ### Create vincentAbilityClient namespace ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  Previously, `getVincentAbilityClient()` and `disconnectVincentAbilityClients()` were exported from the root of the `vincent-app-sdk` package.
+  These methods, along with several other methods are now exported from the `@lit-protocol/app-sdk/abilityClient` namespace
+
+  ```typescript
+  import {
+    getVincentAbilityClient,
+    disconnectVincentAbilityClients,
+    isAbilityResponseFailure,
+    isAbilityResponseRuntimeFailure,
+    isAbilityResponseSchemaValidationFailure,
+    isAbilityResponseSuccess,
+  } from '@lit-protocol/app-sdk/abilityClient';
+  ```
+
+- #### Standardized `app` property on on JWT payload to be a number instead of a string. ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Renamed `consent page` to `delegation auth page` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Move utils exports to `@lit-protocol/vincent-app-sdk/utils` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Moved jwt exports to `@lit-protocol/vincent-app-sdk/jwt` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Enhanced typedocs for all methods and removed type aliases for core functions
+
+- #### Move `VincentWebAppClient` exports to `@lit-protocol/vincent-app-sdk/webAppClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Renamed `VincentWebAppClient` to `WebAuthClient`
+  - Renamed `VincentAppClientConfig` to `WebAuthClientConfig`
+  - Renamed `RedirectToVincentConsentPageParams` to `RedirectToVincentDelegationPageParams`
+  - Renamed `redirectToConsentPage()` to `redirectToDelegationAuthPage()`
+  - Renamed `getVincentWebAppClient()` to `getWebAuthClient()`
+
+- #### Move express-authentication-middleware exports to `@lit-protocol/vincent-app-sdk/expressMiddleware` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Removed `ExpressAuthHelpers` interface - its types are now directly exported from the `expressMiddleware` package sub-path
+
+- #### Moved abilityClient exports to `@lit-protocol/vincent-app-sdk/abilityClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- ### Update express middleware to support non-app-specific JWTs ([9dd1cd26](https://github.com/LIT-Protocol/Vincent/commit/9dd1cd26))
+
+  - Replaced individual function exports of `authenticatedRequestHandler()` and `getAuthenticateUserExpressHandler()` with a single `createVincentUserMiddleware()` function
+
+  #### createVincentUserMiddleware({ allowedAudience, userKey, requiredAppId? }) -> { middleware(), handler() }
+
+  - You can now configure the property on `req` where the vincent user JWT data will be placed using `userKey`
+  - You can now configure the authentication middleware to throw if `requiredAppId` does not match a specific appId you provide
+  - `allowedAudience` behaviour remains unchanged
+  - See example usage on the API docs for the package @ http://docs.heyvincent.ai
+
+  ```
+
+  ```
+
+- ### Support JWTs that are not app-specific ([0553a934](https://github.com/LIT-Protocol/Vincent/commit/0553a934))
+
+  This release adds support for general authentication JWTs that are not tied to a specific app. This is a breaking change that requires updates to code that uses the JWT validation functions.
+
+  #### API Changes
+
+  - `verify` and `decode` functions now accept object parameters instead of separate parameters
+    - Their return values are strongly typed based on whether `requiredAppId` is provided.
+    - They throw if `requiredAppId` is provided but the jwt is either not app-specific or the app id on the token doesn't match the `requiredAppId`
+  - `appId` type changed from `string` to `number` in WebAuthClient configuration
+  - WebAuthClient now throws an error if the `appId` it was configured with isn't in the JWT it decodes
+
+  #### New Functions
+
+  - `isGeneralJWT`: Type guard to check if a JWT is Vincent JWT that has no app associated
+  - `isAppSpecificJWT`: Type guard to check if a JWT is a vincent JWT that is app-specific
+  - `assertIsVincentJWT`: Assertion function to validate if a decoded JWT is a valid Vincent JWT
+  - `getAppInfo`: Convenience method that returns the app ID and version from an app-specific JWT's payload
+  - `getPKPInfo`: Convenience method that returns PKP information from any Vincent JWT's payload
+
+  #### New Types
+
+  - `VincentJWT`: Interface for a decoded Vincent JWT without app-specific details (general authentication)
+  - `VincentJWTAppSpecific`: Interface for a decoded app-specific Vincent JWT
+  - `BaseVincentJWTPayload`: Payload that contains always-present properties on all Vincent JWTs
+  - `VincentAppSpecificJWTPayload`: Extends VincentJWTPayload with app-specific information
+
+- ## JWT Refactor ([c21bc3c3](https://github.com/LIT-Protocol/Vincent/commit/c21bc3c3))
+
+  #### Refactored our JWT structure, composition, and verification logic.
+
+  - Removed dependency on `did-jwt`; since we are signing using EIP-191 compliant signatures, the presence of `did:ethr` was misleading.
+  - Added support for Delegatee JWTs
+
+  #### We now support 3 types of JWT:
+
+  - `VincentJWTAppUser`
+    - `role` claim in the JWT payload is `app-user`
+    - Contains PKP info
+    - Is app-specific
+    - Is provided to app end-users, so that they can authenticate with services that are provided by individual Vincent Apps
+  - `VincentJWTPlatformUser`
+    - `role` claim in the JWT payload is `platform-user`
+    - Contains PKP info
+    - Used to authenticate with Vincent platform services (e.g. the registry backend)
+    - Is not app-specific
+    - The Vincent dashboard uses these for App owners and Ability & Policy authors
+  - `VincentJWTDelegatee`
+    - `role` claim in the JWT payload is `app-delegatee`
+    - Does not contain PKP info; delegatees are not PKP-backed
+    - Is not app-specific
+    - Used to authenticate with services that require proof that they are being used by a specific delegatee who has permissions to act on behalf of a delegator (app user) account.
+
+  ### API Changes
+
+  - Many classes and interfaces were renamed to clearly indicate which type of JWT that they apply to.
+  - Added `publicKey` to the `payload` of all JWTs for signature verification convenience
+  - `iss` and `sub` are now raw hex-formatted ethers addresses, without `did:ethr` prefixes
+  - JWT verification has been converted to be an async process, and explicit verify methods have been defined for each type of JWT
+    - `verifyVincentAppUserJWT()`
+    - `verifyVincentPlatformJWT()`
+    - `verifyVincentDelegateeJWT()`
+  - Type-guard functions have also been added to help identify the kind of JWT you are using and provide type-safe references to those JWTs, but for most use-cases you will probably just use the type-specific `verify` methods.
+    - `isVincentJWTAppSpecific()`
+    - `isVincentPlatformJWT()`
+    - `isVincentJWTDelegatee()`
+    - `isAnyVincentJWT()`
+  - Added accessor helper functions to facilitate easy, type-safe access to properties on supported JWTs
+    - `getRole()` - All Vincent JWTs
+    - `getPublicKey()` - All Vincent JWTs
+    - `getIssuerAddress()` - All Vincent JWTs
+    - `getAudience()` - All Vincent JWTs
+    - `getSubjectAddress()` - Only for `VincentJWTDelegatee`
+    - `getAppInfo()` - Only for `VincentJWTAppUser`
+    - `getPKPInfo()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+    - `getAuthentication()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+  - `decode` has been renamed to `decodeVincentJWT()`;
+    - You probably want to use the type-specific `verify` methods instead of calling decode directly, unless you're absolutely sure that you've already verified the JWT and are positive it hasn't expired!
+    - This function returns an `AnyVincentJWT` type which you must narrow using type-guard functions.
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.0
+- Updated contracts-sdk to 2.0.0
+
+### ❤️ Thank You
+
+- Daryl Collins
+- Wyatt Barnes @spacesailor24
+
+## 1.0.2 (2025-07-08)
+
+### 🩹 Fixes
+
+- #### VincentAbilityClient Precheck fixes ([8da32df2](https://github.com/LIT-Protocol/Vincent/commit/8da32df2))
+
+  - Fix a case where deny results from `precheck()` were not correctly bubbled to the caller
+  - Fixed incorrect return type shape - `error` is a sibling of `result` in the policiesContext- Ensured `error` is bubbled up to the caller when provided
+
+- - VincentAbilityClient - Expose correct policiesContext type when calling `precheck()` ([812d4fe9](https://github.com/LIT-Protocol/Vincent/commit/812d4fe9))
+- - `VincentAbilityClient` - Fixed case where an ability without its own `precheck()` function would return `success` result even if a policy returned an `deny` result from its `precheck()` ([71380b89](https://github.com/LIT-Protocol/Vincent/commit/71380b89))
+- - `VincentAbilityClient` - Fixed case where a fail response did not return the `error` or `result` response to the caller correctly ([30e32f1e](https://github.com/LIT-Protocol/Vincent/commit/30e32f1e))
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 1.0.2
+
+### ❤️ Thank You
+
+- Daryl Collins
+
+## 0.0.7 (2025-05-26)
+
+### 🚀 Features
+
+- improved mcp api doc ([0389014](https://github.com/LIT-Protocol/Vincent/commit/0389014))
+- updated Vincent MCP documentation with its own section ([3457891](https://github.com/LIT-Protocol/Vincent/commit/3457891))
+- add documentation ([f539eb5](https://github.com/LIT-Protocol/Vincent/commit/f539eb5))
+- implementation of the vincent mcp server stdio and http runners using the app to mcp transformer in the sdk ([aa58c17](https://github.com/LIT-Protocol/Vincent/commit/aa58c17))
+- implementation of the vincent app mcp wrapper ([02dd8ca](https://github.com/LIT-Protocol/Vincent/commit/02dd8ca))
+- add release script to release SDK and its doc to npm and vercel ([eaccd5f](https://github.com/LIT-Protocol/Vincent/commit/eaccd5f))
+- **docs:** change title, downgrade for plugin extras ([cdd62c0](https://github.com/LIT-Protocol/Vincent/commit/cdd62c0))
+- use standard syntax for jwt validation errors and move validation to decoding step ([fefbbc6](https://github.com/LIT-Protocol/Vincent/commit/fefbbc6))
+- deduplicate vincent data in decoded jwt and revert building config changes ([481d131](https://github.com/LIT-Protocol/Vincent/commit/481d131))
+- change ts compiler config to increase compatibility surface and fix usage in DCA FE vite app ([027582d](https://github.com/LIT-Protocol/Vincent/commit/027582d))
+- add authorized app and user info to jwt ([237f70d](https://github.com/LIT-Protocol/Vincent/commit/237f70d))
+- **vincent-app-sdk:** add Express authentication helpers and update docs ([14a04b3](https://github.com/LIT-Protocol/Vincent/commit/14a04b3))
+- **vincent-app-sdk:** Update README.md ([d052e18](https://github.com/LIT-Protocol/Vincent/commit/d052e18))
+- **vincent-app-sdk:** Add sdk-docs TypeDocs to root of repo ([fb15599](https://github.com/LIT-Protocol/Vincent/commit/fb15599))
+- **vincent-app-sdk:** Return both the original JWT string and the decoded JWT object from `decodeVincentLoginJWT()` - Also fixed inverted logic check for `isLoginUri()`, and converted to object params for `isLoginUri()` ([c2f3a19](https://github.com/LIT-Protocol/Vincent/commit/c2f3a19))
+- **vincent-app-sdk:** Add `removeLoginJWTFromURI()` method to `VincentWebAppClient` ([17072f4](https://github.com/LIT-Protocol/Vincent/commit/17072f4))
+- **vincent-app-sdk:** Replace `pkp/delegatee-sigs` with a `VincentAbilityClient` - Exposes a single method, `getVincentAbilityClient()`, which Vincent app developers will use to interact with Vincent Ability LIT actions - Fixes existing code that created new instances of LitNodeClient and connecting to them every time the ability is interacted with, using newly minted singleton module - Initial TSDoc configurations for exposing the ability client construction and usage under a 'Vincent Abilities' category. ([2052ebe](https://github.com/LIT-Protocol/Vincent/commit/2052ebe))
+- **vincent-app-sdk:** Define an internal module for managing a singleton instance of a LitNodeClient ([d297b0c](https://github.com/LIT-Protocol/Vincent/commit/d297b0c))
+- update vincent sdk readme ([090614d](https://github.com/LIT-Protocol/Vincent/commit/090614d))
+- added contracts class ([ef1851e](https://github.com/LIT-Protocol/Vincent/commit/ef1851e))
+
+### 🩹 Fixes
+
+- ZodSchemmaMap typo ([095f38e](https://github.com/LIT-Protocol/Vincent/commit/095f38e))
+- doc reference ([b1450f8](https://github.com/LIT-Protocol/Vincent/commit/b1450f8))
+- remove unnecessary type annotation ([c71eeac](https://github.com/LIT-Protocol/Vincent/commit/c71eeac))
+- sdk nx project linting ability ([82dd819](https://github.com/LIT-Protocol/Vincent/commit/82dd819))
+- **docs:** rename (remove API) ([a4b8e83](https://github.com/LIT-Protocol/Vincent/commit/a4b8e83))
+- **docs:** formatting fixes, custom css for :::info ([6f2fcef](https://github.com/LIT-Protocol/Vincent/commit/6f2fcef))
+- **vincent-app-sdk:** Fix import of `JWT_ERROR` to import from root of `did-jwt` package ([dd96111](https://github.com/LIT-Protocol/Vincent/commit/dd96111))
+- do not export simple jwt manipulating functions. Consumers should use the sdk directly ([6e46eee](https://github.com/LIT-Protocol/Vincent/commit/6e46eee))
+- **publish:** need to include 'dist' ([ecf38c3](https://github.com/LIT-Protocol/Vincent/commit/ecf38c3))
+- **sdk:** package.json exports ([dd35563](https://github.com/LIT-Protocol/Vincent/commit/dd35563))
+- no need types node ([af98c0e](https://github.com/LIT-Protocol/Vincent/commit/af98c0e))
+- **build:** add missing tsconfig.lib.json ([ce47c23](https://github.com/LIT-Protocol/Vincent/commit/ce47c23))
+- **jest:** enable `passWithNoTests` ([0f4ac57](https://github.com/LIT-Protocol/Vincent/commit/0f4ac57))
+- lint and any ([c4fc2ab](https://github.com/LIT-Protocol/Vincent/commit/c4fc2ab))
+- **deps:** correctly scope dependencies between global & individual packages ([b3fdb8c](https://github.com/LIT-Protocol/Vincent/commit/b3fdb8c))
+- **build:** remove rollup and use default nx settings ([b3769df](https://github.com/LIT-Protocol/Vincent/commit/b3769df))
+- minor changes ([0a70d4a](https://github.com/LIT-Protocol/Vincent/commit/0a70d4a))
+- removed umd build ([6e532fa](https://github.com/LIT-Protocol/Vincent/commit/6e532fa))
+
+### ❤️ Thank You
+
+- Ansh Saxena @anshss
+- Anson
+- awisniew207 @awisniew207
+- Daryl Collins
+- FedericoAmura @FedericoAmura

package/dist/CONTRIBUTING.md

@@ -0,0 +1,114 @@
+# Contributing to Vincent SDK
+
+This document provides guidelines for contributing to the Vincent SDK project.
+
+## Overview
+
+The Vincent SDK is a TypeScript SDK that exposes useful abilities to interact with Vincent systems in web or Node.js environments. It provides client libraries for both frontend applications and backend services.
+
+## Setup
+
+1. Follow the global setup instructions in the repository root [CONTRIBUTING.md](../../CONTRIBUTING.md).
+2. Install dependencies:
+   ```bash
+   pnpm install
+   ```
+
+## Development Workflow
+
+### Building
+
+Build the SDK:
+
+```bash
+pnpm build
+```
+
+### Documentation
+
+Generate TypeDoc documentation:
+
+```bash
+pnpm typedoc
+```
+
+## Project Structure
+
+- `src/`: Source code
+  - `index.ts`: Main entry point
+  - `app/`: Web utilities to authenticate against Vincent Apps in clients
+  - `express-authentication-middleware/`: Express middleware wrapper to properly validate clients JWT server side
+  - `jwt/`: Utility functions to work with Vincent JWT between Vincent Apps client and server
+
+## SDK Components
+
+### WebAuthClient
+
+The Vincent Web Auth Client provides methods for managing user authentication, JWT tokens, and connect flows in Vincent applications.
+
+### VincentAbilityClient
+
+The Vincent Ability Client uses an ethers signer for your delegatee account to run Vincent Abilities on behalf of your app users.
+
+## Coding Standards
+
+1. Use TypeScript for all new code
+2. Follow the project's existing coding style
+3. Write clear, descriptive comments and JSDoc for public APIs
+4. Include appropriate error handling
+5. Write unit tests for new functionality
+6. Maintain backward compatibility when possible
+
+## Type Safety
+
+- Use proper TypeScript types for all functions and variables
+- Avoid using `any` type; prefer `unknown` when the type is truly unknown
+- Use generics where appropriate to maintain type safety
+- Ensure exported APIs have proper type definitions
+
+## Testing
+
+Write unit tests for new functionality:
+
+```bash
+pnpm test
+```
+
+## Documentation
+
+- Document all public APIs with JSDoc comments
+- Update README.md when adding new features
+- Generate and review TypeDoc documentation
+
+## Pull Request Process
+
+1. Ensure your code follows the coding standards
+2. Update documentation if necessary
+3. Include tests for new features or bug fixes
+4. Link any related issues in your pull request description
+5. Add an nx version plan documenting your changes
+6. Request a review from a maintainer
+
+## For AI Editors and IDEs
+
+When working with AI-powered editors like Cursor, GitHub Copilot, or other AI assistants in this project directory, please note:
+
+### Context Priority
+
+1. **Primary Context**: When working within the SDK project directory, AI editors should prioritize this CONTRIBUTING.md file and the project's README.md for specific guidance on the SDK project.
+
+2. **Secondary Context**: The root-level CONTRIBUTING.md and README.md files provide important context about how this project fits into the broader Vincent ecosystem.
+
+### Key Files for SDK Context
+
+- `/packages/libs/app-sdk/README.md`: Overview of the SDK project
+- `/packages/libs/app-sdk/CONTRIBUTING.md`: This file, with SDK-specific contribution guidelines
+- `/packages/libs/app-sdk/src/`: Source code for the SDK
+
+When working on SDK code, consider these dependencies and consumers for context.
+
+## Additional Resources
+
+- [Vincent Documentation](https://docs.heyvincent.ai/)
+- [SDK Documentation](https://sdk-docs.heyvincent.ai/)
+- [TypeScript Documentation](https://www.typescriptlang.org/docs/)

package/dist/README.md

@@ -0,0 +1,216 @@
+# Vincent SDK
+
+## Installation
+
+```
+npm install @lit-protocol/vincent-app-sdk
+```
+
+## Usage
+
+# Client (Web)
+
+## WebAuthClient
+
+The Vincent Web Auth Client provides methods for managing user authentication, JWT tokens, and connect flows in Vincent applications.
+
+### Methods
+
+#### redirectToConnectPage()
+
+Redirects the user to the Vincent connect page to obtain authorization. Once the user has completed the vincent connect flow
+they will be redirected back to your app with a signed JWT that you can use to authenticate requests against your backend APIs
+
+- When a JWT is expired, you need to use this method to get a new JWT
+
+#### uriContainsVincentJWT()
+
+Checks if the current window location contains a Vincent connect JWT. You can use this method to know that you should update connect state with the newly provided JWT
+
+- Returns: Boolean indicating if the URI contains a connect JWT
+
+#### decodeVincentJWT(expectedAudience)
+
+Decodes a Vincent connect JWT. Performs basic sanity check but does not perform full verify() logic. You will want to run `verify()` from the jwt abilities to verify the JWT is fully valid and not expired etc.
+
+- The expected audience is typically your app's domain -- it should be one of your valid redirectUri values from your Vincent app configuration
+
+- Returns: An object containing both the original JWT string and the decoded JWT object
+
+#### removeVincentJWTFromURI()
+
+Removes the connect JWT parameter from the current URI. Call this after you have verified and stored the JWT for later usage.
+
+### Basic Usage
+
+```typescript
+import { getWebAuthClient } from '@lit-protocol/vincent-app-sdk/webaAthClient';
+import { isExpired } from '@lit-protocol/vincent-app-sdk/jwt';
+
+const vincentAppClient = getWebAuthClient({ appId: MY_APP_ID });
+// ... In your app logic:
+if (vincentAppClient.uriContainsVincentJWT()) {
+  // Handle app logic for the user has just logged in
+  const { decoded, jwt } = vincentAppClient.decodeVincentJWTFromUri(window.location.origin);
+  // Store `jwt` for later usage; the user is now logged in.
+} else {
+  // Handle app logic for the user is _already logged in_ (check for stored & unexpired JWT)
+
+  const jwt = localStorage.getItem('VINCENT_AUTH_JWT');
+  if (jwt && isExpired(jwt)) {
+    // User must re-log in
+    vincentAppClient.redirectToConnectPage({ redirectUri: window.location.href });
+  }
+
+  if (!jwt) {
+    // Handle app logic for the user is not yet logged in
+    vincentAppClient.redirectToConnectPage({ redirectUri: window.location.href });
+  }
+}
+```
+
+# Backend
+
+In your backend, you will have to verify the JWT to make sure the user has granted you the required permissions to act on their behalf.
+
+## VincentAbilityClient
+
+The Vincent Ability Client uses an ethers signer for your delegatee account to run Vincent Abilities on behalf of your app users.
+
+This client will typically be used by an AI agent or your app backend service, as it requires a signer that conforms to the ethers v5 signer API, and with access to your delegatee account's private key to authenticate with the LIT network when executing the Vincent Ability.
+
+### Configuration
+
+```typescript
+interface VincentAbilityClientConfig {
+  ethersSigner: ethers.Signer; // An ethers v5 compatible signer
+  vincentAbilityCid: string; // The CID of the Vincent Ability to execute
+}
+```
+
+### Methods
+
+#### execute(params: VincentAbilityParams): Promise<ExecuteJsResponse>
+
+Executes a Vincent Ability with the provided parameters.
+
+- `params`: Record<string, unknown> - Parameters to pass to the Vincent Ability
+- Returns: Promise resolving to an ExecuteJsResponse from the LIT network
+
+### Ability execution
+
+```typescript
+import { getVincentAbilityClient } from '@lit-protocol/vincent-app-sdk/abilityClient';
+// Import the ability you want to execute
+import { bundledVincentAbility as erc20BundledAbility } from '@lit-protocol/vincent-ability-erc20-approval';
+
+// One of delegatee signers from your app's Vincent Dashboard
+const delegateeSigner = new ethers.Wallet('YOUR_DELEGATEE_PRIVATE_KEY');
+
+// Initialize the Vincent Ability Client
+const abilityClient = getVincentAbilityClient({
+  ethersSigner: delegateeSigner,
+  bundledVincentAbility: erc20BundledAbility,
+});
+const delegatorPkpEthAddress = '0x09182301238';
+
+const abilityParams = {
+  // Fill with the params your ability needs
+};
+
+// Run precheck to see if ability should be executed
+const precheckResult = await client.precheck(abilityParams, {
+  delegatorPkpEthAddress,
+});
+
+if (precheckResult.success === true) {
+  // Execute the Vincent Ability
+  const executeResult = await client.execute(abilityParams, {
+    delegatorPkpEthAddress,
+  });
+
+  // ...ability has executed, you can check `executeResult` for details
+}
+```
+
+### Usage
+
+### Authentication
+
+A basic Express authentication middleware factory function is provided with the SDK.
+
+- Create an express middleware using `getAuthenticateUserExpressHandler()`
+- Once you have added the middleware to your route, use `authenticatedRequestHandler()` to provide
+  type-safe access to `req.user` in your downstream RequestHandler functions.
+- When defining your authenticated routes, use the `ExpressAuthHelpers` type to type your functions and function arguments.
+
+See getAuthenticateUserExpressHandler() documentation to see the source for the express authentication route handler
+
+```typescript
+import {
+  authenticatedRequestHandler,
+  getAuthenticateUserExpressHandler,
+} from '@lit-protocol/vincent-app-sdk/expressMiddleware';
+
+import type { AuthenticatedRequest } from '@lit-protocol/vincent-app-sdk/expressMiddleware';
+
+const { ALLOWED_AUDIENCE } = process.env;
+
+const authenticateUserMiddleware = getAuthenticateUserExpressHandler(ALLOWED_AUDIENCE);
+
+// Define an authenticated route handler
+const getUserProfile = async (req: AuthenticatedRequest, res: Response) => {
+  // Access authenticated user information
+  const { pkpAddress } = req.user;
+
+  // Fetch and return user data
+  const userData = await userRepository.findByAddress(pkpAddress);
+  res.json(userData);
+};
+
+// Use in Express route with authentication
+app.get('/profile', authenticateUser, authenticatedRequestHandler(getUserProfile));
+```
+
+## JWT Authentication
+
+### Overview
+
+The JWT authentication system in Vincent SDK allows for secure communication between user applications and Vincent Abilities. JWTs are used to verify user connect and authorize ability executions.
+
+### Authentication Flow
+
+1. User initiates an action requiring Vincent Ability access
+2. Application redirects to the Vincent connect page using `VincentWebAppClient.redirectToConnectPage()`
+3. User provides login for the requested abilities/policies
+4. User is redirected back to the application with a JWT in the URL
+5. Application validates and stores the JWT using `VincentWebAppClient` methods
+6. JWT is used to authenticate with the app backend
+
+### JWT Structure
+
+Vincent JWTs contain:
+
+- User account identity information (pkpAddress and pkpPublicKey)
+- Expiration timestamp
+- Signature from the Vincent authorization service
+
+### Error Handling
+
+When JWT validation fails, descriptive error messages are thrown to help with troubleshooting.
+
+### Usage Notes
+
+- JWTs have an expiration time after which they are no longer valid
+- When a JWT expires, redirect the user to the connect page to obtain a new one using the `VincentWebAppClient`
+
+## Release
+
+Pre-requisites:
+
+- You will need a valid npm account with access to the `@lit-protocol` organization.
+- Run `pnpm vercel login` at sdk root to get a authentication token for vercel
+- Also you will need to fill the `.env` file with the vercel project and org ids for the [vincent-docs](https://vercel.com/lit-protocol/vincent-docs) project.
+
+Then run `pnpm release` on the repository root. It will prompt you to update the Vincent SDK version and then ask you to confirm the release.
+This process will also generate a `CHANGELOG.md` record with the changes for the release and update typedoc in vercel after publishing the SDK.

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lit-protocol/vincent-app-sdk",
-  "version": "1.0.3-beta.6",
+  "version": "2.0.0",
   "description": "Vincent SDK for browser and backend",
   "author": "Lit Protocol",
   "license": "ISC",
@@ -55,7 +55,7 @@
     "@lit-protocol/auth-helpers": "^7.0.9",
     "@lit-protocol/constants": "^7.0.8",
     "@lit-protocol/lit-node-client": "^7.0.8",
-    "@lit-protocol/vincent-ability-sdk": "0.0.7-mma",
+    "@lit-protocol/vincent-ability-sdk": "workspace:*",
     "@lit-protocol/vincent-contracts-sdk": "workspace:*",
     "@noble/secp256k1": "^2.2.3",
     "ethers": "5.8.0",
@@ -79,7 +79,7 @@
     "typedoc-plugin-zod": "^1.4.1",
     "vercel": "^41.6.2"
   },
-  "types": "./packages/libs/app-sdk/src/index.d.ts",
-  "main": "./packages/libs/app-sdk/src/index.js",
+  "types": "./src/index.d.ts",
+  "main": "./src/index.js",
   "type": "commonjs"
 }

package/dist/src/jwt/core/create.d.ts

@@ -11,8 +11,7 @@ export declare function createAppUserJWT(config: CreateAppUserJWTParams): Promis
 /**
  * Creates a JWT for an app delegatee (Ethereum account that may act on behalf of a user).
  *
- * If your use-case is to authenticate with a service on behalf of a specific delegator, you must provide a valid `subjectAddress`
- * which should be a valid delegator for your Delegatee address.
+ * You must provide a valid `subjectAddress`, which must be a valid delegator for your Delegatee address.
  *
  * @category API > Create
  */

package/dist/src/jwt/core/create.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,sBAAsB,EACtB,wBAAwB,EACxB,2BAA2B,EAG5B,MAAM,UAAU,CAAC;AAgDlB;;;KAGK;AACL,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAYhG;AAED;;KAEK;AACL,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBtF;AAED;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ1F"}
+{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,sBAAsB,EACtB,wBAAwB,EACxB,2BAA2B,EAI5B,MAAM,UAAU,CAAC;AAuDlB;;;KAGK;AACL,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAYhG;AAED;;KAEK;AACL,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBtF;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ1F"}

package/dist/src/jwt/core/create.js

@@ -6,6 +6,7 @@ exports.createDelegateeJWT = createDelegateeJWT;
 const utils_1 = require("ethers/lib/utils");
 const constants_1 = require("../constants");
 const base64_1 = require("./utils/base64");
+const ensureHex = (s) => (0, utils_1.hexlify)(s, { allowMissingPrefix: true });
 function createES256KSigner(wallet) {
     return async (data) => {
         const messageBytes = typeof data === 'string' ? (0, utils_1.toUtf8Bytes)(data) : data;
@@ -22,12 +23,14 @@ async function createJWS({ payload, wallet, config }) {
     const iat = Math.floor(Date.now() / 1000);
     const exp = (payload.nbf || Math.floor(Date.now() / 1000) + expiresInMinutes * 60);
     const header = { alg: 'ES256K', typ: 'JWT' };
+    const iss = ensureHex(await wallet.getAddress());
+    const publicKey = ensureHex(wallet.publicKey);
     const _payload = {
         ...payload,
         iat,
         exp,
-        iss: await wallet.getAddress(),
-        publicKey: wallet.publicKey,
+        iss,
+        publicKey,
         aud: audience,
         role,
         ...(subjectAddress ? { sub: subjectAddress } : {}),
@@ -77,8 +80,7 @@ async function createAppUserJWT(config) {
 /**
  * Creates a JWT for an app delegatee (Ethereum account that may act on behalf of a user).
  *
- * If your use-case is to authenticate with a service on behalf of a specific delegator, you must provide a valid `subjectAddress`
- * which should be a valid delegator for your Delegatee address.
+ * You must provide a valid `subjectAddress`, which must be a valid delegator for your Delegatee address.
  *
  * @category API > Create
  */

package/dist/src/jwt/core/create.js.map

@@ -1 +1 @@
-{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AA4DA,sDAYC;AAKD,4CAqBC;AAUD,gDAQC;AApHD,4CAAyE;AAUzE,4CAAuD;AACvD,2CAA6C;AAE7C,SAAS,kBAAkB,CAAC,MAAuB;IACjD,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,YAAY,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,sBAAc,EAAC,GAAG,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAmB;IACnE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAEpE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAW,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,gBAAgB,GAAG,EAAE,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG;QACf,GAAG,OAAO;QACV,GAAG;QACH,GAAG;QACH,GAAG,EAAE,MAAM,MAAM,CAAC,UAAU,EAAE;QAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,GAAG,EAAE,QAAQ;QACb,IAAI;QACJ,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAElD,sBAAsB,EAAE,mCAAuB;KAChD,CAAC;IAEF,MAAM,YAAY,GAAG;QACnB,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KACnD,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAEjE,4BAA4B;IAC5B,qDAAqD;IACrD,OAAO,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED;;;KAGK;AACE,KAAK,UAAU,qBAAqB,CAAC,MAAmC;IAC7E,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAEhG,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9D,CAAC,CAAC;AACL,CAAC;AAED;;KAEK;AACE,KAAK,UAAU,gBAAgB,CAAC,MAA8B;IACnE,MAAM,EACJ,GAAG,EACH,SAAS,EACT,OAAO,EACP,cAAc,EACd,QAAQ,EACR,gBAAgB,EAChB,OAAO,GAAG,EAAE,GACb,GAAG,MAAM,CAAC;IAEX,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,GAAG;YACH,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;KACzD,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,kBAAkB,CAAC,MAAgC;IACvE,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAE1F,OAAO,SAAS,CAAC;QACf,OAAO;QACP,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9E,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AAoEA,sDAYC;AAKD,4CAqBC;AASD,gDAQC;AA3HD,4CAAkF;AAWlF,4CAAuD;AACvD,2CAA6C;AAE7C,MAAM,SAAS,GAAG,CAAC,CAAS,EAAiB,EAAE,CAC7C,IAAA,eAAO,EAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAkB,CAAC;AAE5D,SAAS,kBAAkB,CAAC,MAAuB;IACjD,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,YAAY,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,sBAAc,EAAC,GAAG,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAmB;IACnE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAEpE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAW,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,gBAAgB,GAAG,EAAE,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;IAE7C,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAE9C,MAAM,QAAQ,GAAe;QAC3B,GAAG,OAAO;QACV,GAAG;QACH,GAAG;QACH,GAAG;QACH,SAAS;QACT,GAAG,EAAE,QAAQ;QACb,IAAI;QACJ,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAElD,sBAAsB,EAAE,mCAAuB;KAChD,CAAC;IAEF,MAAM,YAAY,GAAG;QACnB,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KACnD,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAEjE,4BAA4B;IAC5B,qDAAqD;IACrD,OAAO,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED;;;KAGK;AACE,KAAK,UAAU,qBAAqB,CAAC,MAAmC;IAC7E,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAEhG,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9D,CAAC,CAAC;AACL,CAAC;AAED;;KAEK;AACE,KAAK,UAAU,gBAAgB,CAAC,MAA8B;IACnE,MAAM,EACJ,GAAG,EACH,SAAS,EACT,OAAO,EACP,cAAc,EACd,QAAQ,EACR,gBAAgB,EAChB,OAAO,GAAG,EAAE,GACb,GAAG,MAAM,CAAC;IAEX,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,GAAG;YACH,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;KACzD,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,MAAgC;IACvE,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAE1F,OAAO,SAAS,CAAC;QACf,OAAO;QACP,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9E,CAAC,CAAC;AACL,CAAC"}

package/dist/src/jwt/core/utils/verifyES256KSignature.js

@@ -15,7 +15,7 @@ async function verifyES256KSignature({ decoded }) {
         // Extract r and s values from the signature
         const r = signatureBytes.slice(0, 32);
         const s = signatureBytes.slice(32, 64);
-        const publicKeyBytes = (0, utils_1.arrayify)(decoded.payload.publicKey);
+        const publicKeyBytes = (0, utils_1.arrayify)(decoded.payload.publicKey, { allowMissingPrefix: true });
         // PKPEthersWallet.signMessage() adds Ethereum prefix, so we need to add it here too
         const ethPrefixedMessage = '\x19Ethereum Signed Message:\n' + data.length + data;
         const messageHashBytes = (0, utils_1.arrayify)(ethers_1.ethers.utils.keccak256((0, utils_1.toUtf8Bytes)(ethPrefixedMessage)));

package/dist/src/jwt/core/utils/verifyES256KSignature.js.map

@@ -1 +1 @@
-{"version":3,"file":"verifyES256KSignature.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":";;AASA,sDA8BC;;AAvCD,oEAA8C;AAC9C,mCAAgC;AAChC,4CAAyD;AAIzD,+CAA4C;AAC5C,qCAAsC;AAE/B,KAAK,UAAU,qBAAqB,CAAC,EAAE,OAAO,EAA8B;IACjF,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAEpC,6CAA6C;QAC7C,MAAM,cAAc,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;QAE7C,4CAA4C;QAC5C,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvC,MAAM,cAAc,GAAG,IAAA,gBAAQ,EAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE3D,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,gCAAgC,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACjF,MAAM,gBAAgB,GAAG,IAAA,gBAAQ,EAAC,eAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAA,mBAAW,EAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAE3F,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEtD,8CAA8C;QAC9C,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAExF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,GAAG,qBAAS,CAAC,iBAAiB,wBAAyB,KAAe,CAAC,OAAO,EAAE,CACjF,CAAC;IACJ,CAAC;AACH,CAAC"}
+{"version":3,"file":"verifyES256KSignature.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":";;AASA,sDA8BC;;AAvCD,oEAA8C;AAC9C,mCAAgC;AAChC,4CAAyD;AAIzD,+CAA4C;AAC5C,qCAAsC;AAE/B,KAAK,UAAU,qBAAqB,CAAC,EAAE,OAAO,EAA8B;IACjF,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAEpC,6CAA6C;QAC7C,MAAM,cAAc,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;QAE7C,4CAA4C;QAC5C,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvC,MAAM,cAAc,GAAG,IAAA,gBAAQ,EAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzF,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,gCAAgC,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACjF,MAAM,gBAAgB,GAAG,IAAA,gBAAQ,EAAC,eAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAA,mBAAW,EAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAE3F,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEtD,8CAA8C;QAC9C,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAExF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,GAAG,qBAAS,CAAC,iBAAiB,wBAAyB,KAAe,CAAC,OAAO,EAAE,CACjF,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/src/jwt/types.d.ts

@@ -28,7 +28,7 @@ export interface CreateJWSConfig {
     config: {
         audience: string | string[];
         expiresInMinutes: number;
-        subjectAddress?: string;
+        subjectAddress?: `0x${string}`;
         role: VincentJWTRole;
     };
 }

package/dist/src/jwt/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAErC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,WAAW,CAAC,CAAC;AAExE;;;GAGG;AACH,MAAM,MAAM,wBAAwB,GAChC,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,WAAW,GACX,MAAM,GACN,wBAAwB,CAAC;AAE7B,KAAK,YAAY,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,GAAG,IAAI;KACzC,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CACjC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK;CACjB,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnB,wBAAwB,CACzB,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,+BAA+B,CAAC;IACzC,MAAM,EAAE,eAAe,CAAC;IACxB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,cAAc,CAAC;KACtB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;IACnB,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IAEzB,sBAAsB,EAAE,MAAM,CAAC;IAG/B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE;QACN,GAAG,EAAE,KAAK,CAAC;QACX,GAAG,EAAE,QAAQ,CAAC;QAGd,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,UAAU,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;KAGK;AACL,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,UAAU,GAAG,eAAe,CAAC;AAE5E;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,UAAU;IACxD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,eAAe,CAAC;KACvB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,UAAU,CAAC;QACjB,GAAG,EAAE;YACH,EAAE,EAAE,MAAM,CAAC;YACX,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC;KACH,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,OAAO,EAAE,UAAU,GAAG;QACpB,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,sBAAsB,GAAG,iBAAiB,GAAG,mBAAmB,CAAC;AAE7F,UAAU,aAAa;IACrB,OAAO,CAAC,EAAE,+BAA+B,CAAC;IAC1C,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,UAAU,mBAAoB,SAAQ,aAAa;IACjD,SAAS,EAAE,eAAe,CAAC;IAC3B,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,MAAM,2BAA2B,GAAG,mBAAmB,CAAC;AAE9D;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,aAAa;IAC7D,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;CAC/B"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAErC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,WAAW,CAAC,CAAC;AAExE;;;GAGG;AACH,MAAM,MAAM,wBAAwB,GAChC,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,WAAW,GACX,MAAM,GACN,wBAAwB,CAAC;AAE7B,KAAK,YAAY,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,GAAG,IAAI;KACzC,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CACjC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK;CACjB,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnB,wBAAwB,CACzB,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,+BAA+B,CAAC;IACzC,MAAM,EAAE,eAAe,CAAC;IACxB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;QAC/B,IAAI,EAAE,cAAc,CAAC;KACtB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;IACnB,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IAEzB,sBAAsB,EAAE,MAAM,CAAC;IAG/B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE;QACN,GAAG,EAAE,KAAK,CAAC;QACX,GAAG,EAAE,QAAQ,CAAC;QAGd,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,UAAU,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;KAGK;AACL,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,UAAU,GAAG,eAAe,CAAC;AAE5E;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,UAAU;IACxD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,eAAe,CAAC;KACvB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,UAAU,CAAC;QACjB,GAAG,EAAE;YACH,EAAE,EAAE,MAAM,CAAC;YACX,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC;KACH,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,OAAO,EAAE,UAAU,GAAG;QACpB,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,sBAAsB,GAAG,iBAAiB,GAAG,mBAAmB,CAAC;AAE7F,UAAU,aAAa;IACrB,OAAO,CAAC,EAAE,+BAA+B,CAAC;IAC1C,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,UAAU,mBAAoB,SAAQ,aAAa;IACjD,SAAS,EAAE,eAAe,CAAC;IAC3B,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,MAAM,2BAA2B,GAAG,mBAAmB,CAAC;AAE9D;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,aAAa;IAC7D,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;CAC/B"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lit-protocol/vincent-app-sdk",
-  "version": "1.0.3-beta.6",
+  "version": "2.0.0",
   "description": "Vincent SDK for browser and backend",
   "author": "Lit Protocol",
   "license": "ISC",
@@ -49,12 +49,12 @@
     "@lit-protocol/auth-helpers": "^7.0.9",
     "@lit-protocol/constants": "^7.0.8",
     "@lit-protocol/lit-node-client": "^7.0.8",
-    "@lit-protocol/vincent-ability-sdk": "0.0.7-mma",
     "@noble/secp256k1": "^2.2.3",
     "ethers": "5.8.0",
     "tslib": "^2.8.1",
     "zod": "3.25.64",
-    "@lit-protocol/vincent-contracts-sdk": "1.0.0-beta.3"
+    "@lit-protocol/vincent-ability-sdk": "2.0.0",
+    "@lit-protocol/vincent-contracts-sdk": "1.0.1"
   },
   "sideEffects": false,
   "files": [