@lit-protocol/vincent-app-sdk 1.0.3-beta.7 → 2.0.1

package/CHANGELOG.md

@@ -1,3 +1,196 @@
+## 2.0.1 (2025-09-03)
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.1
+- Updated contracts-sdk to 1.1.0
+
+# 2.0.0 (2025-08-05)
+
+### 🚀 Features
+
+- Bug fix in app-sdk that kept a policy's allow result from being returned ([11325427](https://github.com/LIT-Protocol/Vincent/commit/11325427))
+- ### Implement supported Vincent Ability API range ([14f0ece1](https://github.com/LIT-Protocol/Vincent/commit/14f0ece1))
+
+  Added basic Ability API handling to ensure abilities & policies are only used by compatible abilities and policies, and with the correct version of the vincentAbilityClient / app-sdk
+
+  - Added a new jsParam when VincentAbilityClient calls an ability, `vincentAbilityApiVersion`
+  - LIT action wrappers for abilities + policies compare `vincentAbilityApiVersion` to match the major semver range the handler was built with from the ability-sdk
+  - vincentAbilityHandler() is responsible for passing along the value when it evaluates supported policies
+
+### 🩹 Fixes
+
+- ### Fix ability failure response cases ([e2be50d9](https://github.com/LIT-Protocol/Vincent/commit/e2be50d9))
+
+  - Ensures that policy denial disables checking the ability result against its fail schema in the abilityClient, because it will always be undefined :)
+  - Ensures that `context` is returned in the response from the abilityClient.execute() method in cases where the ability response was a runtime or schemaValidationError
+
+### ⚠️ Breaking Changes
+
+- Add support for CBOR2 encoded policy parameters using the new vincent-contracts-sdk ([868c6c2a](https://github.com/LIT-Protocol/Vincent/commit/868c6c2a))
+- ### Add support for explicit `schemaValidationError` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, a failure to validate either input or results of lifecycle method would result in `result: { zodError }` being returned
+  - Now, `result` will be `undefined` and there will be an explicit `schemaValidationError` in the result of the ability / policy
+
+  ```typescript
+  export interface SchemaValidationError {
+    zodError: ZodError<unknown>; // The result of `zod.safeParse().error`
+    phase: string; // Policies: `precheck`|`evaluate`|`commit` - Abilities: `precheck` | `execute`
+    stage: string; // `input` | `output`
+  }
+  ```
+
+- ### `error` is now `runtimeError` and can only be set by `throw ...` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, if you had not defined a `deny` or `fail` schema, you could call `deny()` or `fail()` with a string
+  - That string would end up in the ability/policy response as the `error` property instead of `result`
+  - This was problematic because there was no consistent way to identify _un-handled_ error vs. _explicitly returned fail/deny results_
+  - If you don't define a deny or fail schema, you can no longer call those methods with a string.
+  - `error` is now `runtimeError`, and is _only_ set if a lifecycle method `throw`s an Error - in that case it will be the `message` property of the error
+  - If you want to be able to return simple errors in your _result_, you can define a simple deny or fail schema like `z.object({ error: z.string() }`
+
+- ### Create vincentAbilityClient namespace ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  Previously, `getVincentAbilityClient()` and `disconnectVincentAbilityClients()` were exported from the root of the `vincent-app-sdk` package.
+  These methods, along with several other methods are now exported from the `@lit-protocol/app-sdk/abilityClient` namespace
+
+  ```typescript
+  import {
+    getVincentAbilityClient,
+    disconnectVincentAbilityClients,
+    isAbilityResponseFailure,
+    isAbilityResponseRuntimeFailure,
+    isAbilityResponseSchemaValidationFailure,
+    isAbilityResponseSuccess,
+  } from '@lit-protocol/app-sdk/abilityClient';
+  ```
+
+- #### Standardized `app` property on on JWT payload to be a number instead of a string. ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Renamed `consent page` to `delegation auth page` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Move utils exports to `@lit-protocol/vincent-app-sdk/utils` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Moved jwt exports to `@lit-protocol/vincent-app-sdk/jwt` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Enhanced typedocs for all methods and removed type aliases for core functions
+
+- #### Move `VincentWebAppClient` exports to `@lit-protocol/vincent-app-sdk/webAppClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Renamed `VincentWebAppClient` to `WebAuthClient`
+  - Renamed `VincentAppClientConfig` to `WebAuthClientConfig`
+  - Renamed `RedirectToVincentConsentPageParams` to `RedirectToVincentDelegationPageParams`
+  - Renamed `redirectToConsentPage()` to `redirectToDelegationAuthPage()`
+  - Renamed `getVincentWebAppClient()` to `getWebAuthClient()`
+
+- #### Move express-authentication-middleware exports to `@lit-protocol/vincent-app-sdk/expressMiddleware` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Removed `ExpressAuthHelpers` interface - its types are now directly exported from the `expressMiddleware` package sub-path
+
+- #### Moved abilityClient exports to `@lit-protocol/vincent-app-sdk/abilityClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- ### Update express middleware to support non-app-specific JWTs ([9dd1cd26](https://github.com/LIT-Protocol/Vincent/commit/9dd1cd26))
+
+  - Replaced individual function exports of `authenticatedRequestHandler()` and `getAuthenticateUserExpressHandler()` with a single `createVincentUserMiddleware()` function
+
+  #### createVincentUserMiddleware({ allowedAudience, userKey, requiredAppId? }) -> { middleware(), handler() }
+
+  - You can now configure the property on `req` where the vincent user JWT data will be placed using `userKey`
+  - You can now configure the authentication middleware to throw if `requiredAppId` does not match a specific appId you provide
+  - `allowedAudience` behaviour remains unchanged
+  - See example usage on the API docs for the package @ http://docs.heyvincent.ai
+
+  ```
+
+  ```
+
+- ### Support JWTs that are not app-specific ([0553a934](https://github.com/LIT-Protocol/Vincent/commit/0553a934))
+
+  This release adds support for general authentication JWTs that are not tied to a specific app. This is a breaking change that requires updates to code that uses the JWT validation functions.
+
+  #### API Changes
+
+  - `verify` and `decode` functions now accept object parameters instead of separate parameters
+    - Their return values are strongly typed based on whether `requiredAppId` is provided.
+    - They throw if `requiredAppId` is provided but the jwt is either not app-specific or the app id on the token doesn't match the `requiredAppId`
+  - `appId` type changed from `string` to `number` in WebAuthClient configuration
+  - WebAuthClient now throws an error if the `appId` it was configured with isn't in the JWT it decodes
+
+  #### New Functions
+
+  - `isGeneralJWT`: Type guard to check if a JWT is Vincent JWT that has no app associated
+  - `isAppSpecificJWT`: Type guard to check if a JWT is a vincent JWT that is app-specific
+  - `assertIsVincentJWT`: Assertion function to validate if a decoded JWT is a valid Vincent JWT
+  - `getAppInfo`: Convenience method that returns the app ID and version from an app-specific JWT's payload
+  - `getPKPInfo`: Convenience method that returns PKP information from any Vincent JWT's payload
+
+  #### New Types
+
+  - `VincentJWT`: Interface for a decoded Vincent JWT without app-specific details (general authentication)
+  - `VincentJWTAppSpecific`: Interface for a decoded app-specific Vincent JWT
+  - `BaseVincentJWTPayload`: Payload that contains always-present properties on all Vincent JWTs
+  - `VincentAppSpecificJWTPayload`: Extends VincentJWTPayload with app-specific information
+
+- ## JWT Refactor ([c21bc3c3](https://github.com/LIT-Protocol/Vincent/commit/c21bc3c3))
+
+  #### Refactored our JWT structure, composition, and verification logic.
+
+  - Removed dependency on `did-jwt`; since we are signing using EIP-191 compliant signatures, the presence of `did:ethr` was misleading.
+  - Added support for Delegatee JWTs
+
+  #### We now support 3 types of JWT:
+
+  - `VincentJWTAppUser`
+    - `role` claim in the JWT payload is `app-user`
+    - Contains PKP info
+    - Is app-specific
+    - Is provided to app end-users, so that they can authenticate with services that are provided by individual Vincent Apps
+  - `VincentJWTPlatformUser`
+    - `role` claim in the JWT payload is `platform-user`
+    - Contains PKP info
+    - Used to authenticate with Vincent platform services (e.g. the registry backend)
+    - Is not app-specific
+    - The Vincent dashboard uses these for App owners and Ability & Policy authors
+  - `VincentJWTDelegatee`
+    - `role` claim in the JWT payload is `app-delegatee`
+    - Does not contain PKP info; delegatees are not PKP-backed
+    - Is not app-specific
+    - Used to authenticate with services that require proof that they are being used by a specific delegatee who has permissions to act on behalf of a delegator (app user) account.
+
+  ### API Changes
+
+  - Many classes and interfaces were renamed to clearly indicate which type of JWT that they apply to.
+  - Added `publicKey` to the `payload` of all JWTs for signature verification convenience
+  - `iss` and `sub` are now raw hex-formatted ethers addresses, without `did:ethr` prefixes
+  - JWT verification has been converted to be an async process, and explicit verify methods have been defined for each type of JWT
+    - `verifyVincentAppUserJWT()`
+    - `verifyVincentPlatformJWT()`
+    - `verifyVincentDelegateeJWT()`
+  - Type-guard functions have also been added to help identify the kind of JWT you are using and provide type-safe references to those JWTs, but for most use-cases you will probably just use the type-specific `verify` methods.
+    - `isVincentJWTAppSpecific()`
+    - `isVincentPlatformJWT()`
+    - `isVincentJWTDelegatee()`
+    - `isAnyVincentJWT()`
+  - Added accessor helper functions to facilitate easy, type-safe access to properties on supported JWTs
+    - `getRole()` - All Vincent JWTs
+    - `getPublicKey()` - All Vincent JWTs
+    - `getIssuerAddress()` - All Vincent JWTs
+    - `getAudience()` - All Vincent JWTs
+    - `getSubjectAddress()` - Only for `VincentJWTDelegatee`
+    - `getAppInfo()` - Only for `VincentJWTAppUser`
+    - `getPKPInfo()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+    - `getAuthentication()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+  - `decode` has been renamed to `decodeVincentJWT()`;
+    - You probably want to use the type-specific `verify` methods instead of calling decode directly, unless you're absolutely sure that you've already verified the JWT and are positive it hasn't expired!
+    - This function returns an `AnyVincentJWT` type which you must narrow using type-guard functions.
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.0
+- Updated contracts-sdk to 2.0.0
+
+### ❤️ Thank You
+
+- Daryl Collins
+- Wyatt Barnes @spacesailor24
+
 ## 1.0.2 (2025-07-08)
 
 ### 🩹 Fixes

package/dist/CHANGELOG.md

@@ -1,3 +1,196 @@
+## 2.0.1 (2025-09-03)
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.1
+- Updated contracts-sdk to 1.1.0
+
+# 2.0.0 (2025-08-05)
+
+### 🚀 Features
+
+- Bug fix in app-sdk that kept a policy's allow result from being returned ([11325427](https://github.com/LIT-Protocol/Vincent/commit/11325427))
+- ### Implement supported Vincent Ability API range ([14f0ece1](https://github.com/LIT-Protocol/Vincent/commit/14f0ece1))
+
+  Added basic Ability API handling to ensure abilities & policies are only used by compatible abilities and policies, and with the correct version of the vincentAbilityClient / app-sdk
+
+  - Added a new jsParam when VincentAbilityClient calls an ability, `vincentAbilityApiVersion`
+  - LIT action wrappers for abilities + policies compare `vincentAbilityApiVersion` to match the major semver range the handler was built with from the ability-sdk
+  - vincentAbilityHandler() is responsible for passing along the value when it evaluates supported policies
+
+### 🩹 Fixes
+
+- ### Fix ability failure response cases ([e2be50d9](https://github.com/LIT-Protocol/Vincent/commit/e2be50d9))
+
+  - Ensures that policy denial disables checking the ability result against its fail schema in the abilityClient, because it will always be undefined :)
+  - Ensures that `context` is returned in the response from the abilityClient.execute() method in cases where the ability response was a runtime or schemaValidationError
+
+### ⚠️ Breaking Changes
+
+- Add support for CBOR2 encoded policy parameters using the new vincent-contracts-sdk ([868c6c2a](https://github.com/LIT-Protocol/Vincent/commit/868c6c2a))
+- ### Add support for explicit `schemaValidationError` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, a failure to validate either input or results of lifecycle method would result in `result: { zodError }` being returned
+  - Now, `result` will be `undefined` and there will be an explicit `schemaValidationError` in the result of the ability / policy
+
+  ```typescript
+  export interface SchemaValidationError {
+    zodError: ZodError<unknown>; // The result of `zod.safeParse().error`
+    phase: string; // Policies: `precheck`|`evaluate`|`commit` - Abilities: `precheck` | `execute`
+    stage: string; // `input` | `output`
+  }
+  ```
+
+- ### `error` is now `runtimeError` and can only be set by `throw ...` ([337a4bde](https://github.com/LIT-Protocol/Vincent/commit/337a4bde))
+
+  - Previously, if you had not defined a `deny` or `fail` schema, you could call `deny()` or `fail()` with a string
+  - That string would end up in the ability/policy response as the `error` property instead of `result`
+  - This was problematic because there was no consistent way to identify _un-handled_ error vs. _explicitly returned fail/deny results_
+  - If you don't define a deny or fail schema, you can no longer call those methods with a string.
+  - `error` is now `runtimeError`, and is _only_ set if a lifecycle method `throw`s an Error - in that case it will be the `message` property of the error
+  - If you want to be able to return simple errors in your _result_, you can define a simple deny or fail schema like `z.object({ error: z.string() }`
+
+- ### Create vincentAbilityClient namespace ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  Previously, `getVincentAbilityClient()` and `disconnectVincentAbilityClients()` were exported from the root of the `vincent-app-sdk` package.
+  These methods, along with several other methods are now exported from the `@lit-protocol/app-sdk/abilityClient` namespace
+
+  ```typescript
+  import {
+    getVincentAbilityClient,
+    disconnectVincentAbilityClients,
+    isAbilityResponseFailure,
+    isAbilityResponseRuntimeFailure,
+    isAbilityResponseSchemaValidationFailure,
+    isAbilityResponseSuccess,
+  } from '@lit-protocol/app-sdk/abilityClient';
+  ```
+
+- #### Standardized `app` property on on JWT payload to be a number instead of a string. ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Renamed `consent page` to `delegation auth page` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Move utils exports to `@lit-protocol/vincent-app-sdk/utils` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- #### Moved jwt exports to `@lit-protocol/vincent-app-sdk/jwt` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Enhanced typedocs for all methods and removed type aliases for core functions
+
+- #### Move `VincentWebAppClient` exports to `@lit-protocol/vincent-app-sdk/webAppClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Renamed `VincentWebAppClient` to `WebAuthClient`
+  - Renamed `VincentAppClientConfig` to `WebAuthClientConfig`
+  - Renamed `RedirectToVincentConsentPageParams` to `RedirectToVincentDelegationPageParams`
+  - Renamed `redirectToConsentPage()` to `redirectToDelegationAuthPage()`
+  - Renamed `getVincentWebAppClient()` to `getWebAuthClient()`
+
+- #### Move express-authentication-middleware exports to `@lit-protocol/vincent-app-sdk/expressMiddleware` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+
+  - Removed `ExpressAuthHelpers` interface - its types are now directly exported from the `expressMiddleware` package sub-path
+
+- #### Moved abilityClient exports to `@lit-protocol/vincent-app-sdk/abilityClient` ([b94ca569](https://github.com/LIT-Protocol/Vincent/commit/b94ca569))
+- ### Update express middleware to support non-app-specific JWTs ([9dd1cd26](https://github.com/LIT-Protocol/Vincent/commit/9dd1cd26))
+
+  - Replaced individual function exports of `authenticatedRequestHandler()` and `getAuthenticateUserExpressHandler()` with a single `createVincentUserMiddleware()` function
+
+  #### createVincentUserMiddleware({ allowedAudience, userKey, requiredAppId? }) -> { middleware(), handler() }
+
+  - You can now configure the property on `req` where the vincent user JWT data will be placed using `userKey`
+  - You can now configure the authentication middleware to throw if `requiredAppId` does not match a specific appId you provide
+  - `allowedAudience` behaviour remains unchanged
+  - See example usage on the API docs for the package @ http://docs.heyvincent.ai
+
+  ```
+
+  ```
+
+- ### Support JWTs that are not app-specific ([0553a934](https://github.com/LIT-Protocol/Vincent/commit/0553a934))
+
+  This release adds support for general authentication JWTs that are not tied to a specific app. This is a breaking change that requires updates to code that uses the JWT validation functions.
+
+  #### API Changes
+
+  - `verify` and `decode` functions now accept object parameters instead of separate parameters
+    - Their return values are strongly typed based on whether `requiredAppId` is provided.
+    - They throw if `requiredAppId` is provided but the jwt is either not app-specific or the app id on the token doesn't match the `requiredAppId`
+  - `appId` type changed from `string` to `number` in WebAuthClient configuration
+  - WebAuthClient now throws an error if the `appId` it was configured with isn't in the JWT it decodes
+
+  #### New Functions
+
+  - `isGeneralJWT`: Type guard to check if a JWT is Vincent JWT that has no app associated
+  - `isAppSpecificJWT`: Type guard to check if a JWT is a vincent JWT that is app-specific
+  - `assertIsVincentJWT`: Assertion function to validate if a decoded JWT is a valid Vincent JWT
+  - `getAppInfo`: Convenience method that returns the app ID and version from an app-specific JWT's payload
+  - `getPKPInfo`: Convenience method that returns PKP information from any Vincent JWT's payload
+
+  #### New Types
+
+  - `VincentJWT`: Interface for a decoded Vincent JWT without app-specific details (general authentication)
+  - `VincentJWTAppSpecific`: Interface for a decoded app-specific Vincent JWT
+  - `BaseVincentJWTPayload`: Payload that contains always-present properties on all Vincent JWTs
+  - `VincentAppSpecificJWTPayload`: Extends VincentJWTPayload with app-specific information
+
+- ## JWT Refactor ([c21bc3c3](https://github.com/LIT-Protocol/Vincent/commit/c21bc3c3))
+
+  #### Refactored our JWT structure, composition, and verification logic.
+
+  - Removed dependency on `did-jwt`; since we are signing using EIP-191 compliant signatures, the presence of `did:ethr` was misleading.
+  - Added support for Delegatee JWTs
+
+  #### We now support 3 types of JWT:
+
+  - `VincentJWTAppUser`
+    - `role` claim in the JWT payload is `app-user`
+    - Contains PKP info
+    - Is app-specific
+    - Is provided to app end-users, so that they can authenticate with services that are provided by individual Vincent Apps
+  - `VincentJWTPlatformUser`
+    - `role` claim in the JWT payload is `platform-user`
+    - Contains PKP info
+    - Used to authenticate with Vincent platform services (e.g. the registry backend)
+    - Is not app-specific
+    - The Vincent dashboard uses these for App owners and Ability & Policy authors
+  - `VincentJWTDelegatee`
+    - `role` claim in the JWT payload is `app-delegatee`
+    - Does not contain PKP info; delegatees are not PKP-backed
+    - Is not app-specific
+    - Used to authenticate with services that require proof that they are being used by a specific delegatee who has permissions to act on behalf of a delegator (app user) account.
+
+  ### API Changes
+
+  - Many classes and interfaces were renamed to clearly indicate which type of JWT that they apply to.
+  - Added `publicKey` to the `payload` of all JWTs for signature verification convenience
+  - `iss` and `sub` are now raw hex-formatted ethers addresses, without `did:ethr` prefixes
+  - JWT verification has been converted to be an async process, and explicit verify methods have been defined for each type of JWT
+    - `verifyVincentAppUserJWT()`
+    - `verifyVincentPlatformJWT()`
+    - `verifyVincentDelegateeJWT()`
+  - Type-guard functions have also been added to help identify the kind of JWT you are using and provide type-safe references to those JWTs, but for most use-cases you will probably just use the type-specific `verify` methods.
+    - `isVincentJWTAppSpecific()`
+    - `isVincentPlatformJWT()`
+    - `isVincentJWTDelegatee()`
+    - `isAnyVincentJWT()`
+  - Added accessor helper functions to facilitate easy, type-safe access to properties on supported JWTs
+    - `getRole()` - All Vincent JWTs
+    - `getPublicKey()` - All Vincent JWTs
+    - `getIssuerAddress()` - All Vincent JWTs
+    - `getAudience()` - All Vincent JWTs
+    - `getSubjectAddress()` - Only for `VincentJWTDelegatee`
+    - `getAppInfo()` - Only for `VincentJWTAppUser`
+    - `getPKPInfo()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+    - `getAuthentication()` - Only for `VincentJWTAppUser` or `VincentJWTPlatformUser`
+  - `decode` has been renamed to `decodeVincentJWT()`;
+    - You probably want to use the type-specific `verify` methods instead of calling decode directly, unless you're absolutely sure that you've already verified the JWT and are positive it hasn't expired!
+    - This function returns an `AnyVincentJWT` type which you must narrow using type-guard functions.
+
+### 🧱 Updated Dependencies
+
+- Updated ability-sdk to 2.0.0
+- Updated contracts-sdk to 2.0.0
+
+### ❤️ Thank You
+
+- Daryl Collins
+- Wyatt Barnes @spacesailor24
+
 ## 1.0.2 (2025-07-08)
 
 ### 🩹 Fixes

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lit-protocol/vincent-app-sdk",
-  "version": "1.0.3-beta.6",
+  "version": "2.0.1",
   "description": "Vincent SDK for browser and backend",
   "author": "Lit Protocol",
   "license": "ISC",
@@ -52,10 +52,10 @@
     "typecheck": "./scripts/precommit-check.sh"
   },
   "dependencies": {
-    "@lit-protocol/auth-helpers": "^7.0.9",
-    "@lit-protocol/constants": "^7.0.8",
-    "@lit-protocol/lit-node-client": "^7.0.8",
-    "@lit-protocol/vincent-ability-sdk": "0.0.7-mma",
+    "@lit-protocol/auth-helpers": "^7.2.3",
+    "@lit-protocol/constants": "^7.2.3",
+    "@lit-protocol/lit-node-client": "^7.2.3",
+    "@lit-protocol/vincent-ability-sdk": "workspace:*",
     "@lit-protocol/vincent-contracts-sdk": "workspace:*",
     "@noble/secp256k1": "^2.2.3",
     "ethers": "5.8.0",
@@ -68,8 +68,8 @@
     "*.md"
   ],
   "devDependencies": {
-    "@lit-protocol/pkp-ethers": "^7.2.0",
-    "@lit-protocol/types": "^7.0.8",
+    "@lit-protocol/pkp-ethers": "^7.2.3",
+    "@lit-protocol/types": "^7.2.3",
     "@types/express": "^5.0.1",
     "chokidar-cli": "^3.0.0",
     "live-server": "^1.2.2",

package/dist/src/jwt/core/create.d.ts

@@ -11,8 +11,7 @@ export declare function createAppUserJWT(config: CreateAppUserJWTParams): Promis
 /**
  * Creates a JWT for an app delegatee (Ethereum account that may act on behalf of a user).
  *
- * If your use-case is to authenticate with a service on behalf of a specific delegator, you must provide a valid `subjectAddress`
- * which should be a valid delegator for your Delegatee address.
+ * You must provide a valid `subjectAddress`, which must be a valid delegator for your Delegatee address.
  *
  * @category API > Create
  */

package/dist/src/jwt/core/create.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,sBAAsB,EACtB,wBAAwB,EACxB,2BAA2B,EAG5B,MAAM,UAAU,CAAC;AAgDlB;;;KAGK;AACL,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAYhG;AAED;;KAEK;AACL,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBtF;AAED;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ1F"}
+{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,sBAAsB,EACtB,wBAAwB,EACxB,2BAA2B,EAI5B,MAAM,UAAU,CAAC;AAuDlB;;;KAGK;AACL,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAYhG;AAED;;KAEK;AACL,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBtF;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ1F"}

package/dist/src/jwt/core/create.js

@@ -6,6 +6,7 @@ exports.createDelegateeJWT = createDelegateeJWT;
 const utils_1 = require("ethers/lib/utils");
 const constants_1 = require("../constants");
 const base64_1 = require("./utils/base64");
+const ensureHex = (s) => (0, utils_1.hexlify)(s, { allowMissingPrefix: true });
 function createES256KSigner(wallet) {
     return async (data) => {
         const messageBytes = typeof data === 'string' ? (0, utils_1.toUtf8Bytes)(data) : data;
@@ -22,12 +23,14 @@ async function createJWS({ payload, wallet, config }) {
     const iat = Math.floor(Date.now() / 1000);
     const exp = (payload.nbf || Math.floor(Date.now() / 1000) + expiresInMinutes * 60);
     const header = { alg: 'ES256K', typ: 'JWT' };
+    const iss = ensureHex(await wallet.getAddress());
+    const publicKey = ensureHex(wallet.publicKey);
     const _payload = {
         ...payload,
         iat,
         exp,
-        iss: await wallet.getAddress(),
-        publicKey: wallet.publicKey,
+        iss,
+        publicKey,
         aud: audience,
         role,
         ...(subjectAddress ? { sub: subjectAddress } : {}),
@@ -77,8 +80,7 @@ async function createAppUserJWT(config) {
 /**
  * Creates a JWT for an app delegatee (Ethereum account that may act on behalf of a user).
  *
- * If your use-case is to authenticate with a service on behalf of a specific delegator, you must provide a valid `subjectAddress`
- * which should be a valid delegator for your Delegatee address.
+ * You must provide a valid `subjectAddress`, which must be a valid delegator for your Delegatee address.
  *
  * @category API > Create
  */

package/dist/src/jwt/core/create.js.map

@@ -1 +1 @@
-{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AA4DA,sDAYC;AAKD,4CAqBC;AAUD,gDAQC;AApHD,4CAAyE;AAUzE,4CAAuD;AACvD,2CAA6C;AAE7C,SAAS,kBAAkB,CAAC,MAAuB;IACjD,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,YAAY,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,sBAAc,EAAC,GAAG,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAmB;IACnE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAEpE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAW,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,gBAAgB,GAAG,EAAE,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG;QACf,GAAG,OAAO;QACV,GAAG;QACH,GAAG;QACH,GAAG,EAAE,MAAM,MAAM,CAAC,UAAU,EAAE;QAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,GAAG,EAAE,QAAQ;QACb,IAAI;QACJ,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAElD,sBAAsB,EAAE,mCAAuB;KAChD,CAAC;IAEF,MAAM,YAAY,GAAG;QACnB,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KACnD,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAEjE,4BAA4B;IAC5B,qDAAqD;IACrD,OAAO,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED;;;KAGK;AACE,KAAK,UAAU,qBAAqB,CAAC,MAAmC;IAC7E,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAEhG,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9D,CAAC,CAAC;AACL,CAAC;AAED;;KAEK;AACE,KAAK,UAAU,gBAAgB,CAAC,MAA8B;IACnE,MAAM,EACJ,GAAG,EACH,SAAS,EACT,OAAO,EACP,cAAc,EACd,QAAQ,EACR,gBAAgB,EAChB,OAAO,GAAG,EAAE,GACb,GAAG,MAAM,CAAC;IAEX,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,GAAG;YACH,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;KACzD,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,kBAAkB,CAAC,MAAgC;IACvE,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAE1F,OAAO,SAAS,CAAC;QACf,OAAO;QACP,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9E,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AAoEA,sDAYC;AAKD,4CAqBC;AASD,gDAQC;AA3HD,4CAAkF;AAWlF,4CAAuD;AACvD,2CAA6C;AAE7C,MAAM,SAAS,GAAG,CAAC,CAAS,EAAiB,EAAE,CAC7C,IAAA,eAAO,EAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAkB,CAAC;AAE5D,SAAS,kBAAkB,CAAC,MAAuB;IACjD,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,YAAY,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAA,sBAAc,EAAC,GAAG,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7B,QAAQ,CAAC,GAAG,CAAC,IAAA,gBAAQ,EAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAmB;IACnE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAEpE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAW,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,gBAAgB,GAAG,EAAE,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;IAE7C,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAE9C,MAAM,QAAQ,GAAe;QAC3B,GAAG,OAAO;QACV,GAAG;QACH,GAAG;QACH,GAAG;QACH,SAAS;QACT,GAAG,EAAE,QAAQ;QACb,IAAI;QACJ,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAElD,sBAAsB,EAAE,mCAAuB;KAChD,CAAC;IAEF,MAAM,YAAY,GAAG;QACnB,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,IAAA,oBAAW,EAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KACnD,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAEjE,4BAA4B;IAC5B,qDAAqD;IACrD,OAAO,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED;;;KAGK;AACE,KAAK,UAAU,qBAAqB,CAAC,MAAmC;IAC7E,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAEhG,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9D,CAAC,CAAC;AACL,CAAC;AAED;;KAEK;AACE,KAAK,UAAU,gBAAgB,CAAC,MAA8B;IACnE,MAAM,EACJ,GAAG,EACH,SAAS,EACT,OAAO,EACP,cAAc,EACd,QAAQ,EACR,gBAAgB,EAChB,OAAO,GAAG,EAAE,GACb,GAAG,MAAM,CAAC;IAEX,OAAO,SAAS,CAAC;QACf,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;YACP,GAAG;YACH,cAAc;SACf;QACD,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;KACzD,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,MAAgC;IACvE,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC;IAE1F,OAAO,SAAS,CAAC;QACf,OAAO;QACP,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,IAAI,EAAE,eAAe,EAAE;KAC9E,CAAC,CAAC;AACL,CAAC"}

package/dist/src/jwt/core/utils/verifyES256KSignature.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verifyES256KSignature.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAKjD,wBAAsB,qBAAqB,CAAC,EAAE,OAAO,EAAE,EAAE;IAAE,OAAO,EAAE,aAAa,CAAA;CAAE,iBAiClF"}
+{"version":3,"file":"verifyES256KSignature.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAKjD,wBAAsB,qBAAqB,CAAC,EAAE,OAAO,EAAE,EAAE;IAAE,OAAO,EAAE,aAAa,CAAA;CAAE,iBA8BlF"}

package/dist/src/jwt/core/utils/verifyES256KSignature.js

@@ -15,10 +15,7 @@ async function verifyES256KSignature({ decoded }) {
         // Extract r and s values from the signature
         const r = signatureBytes.slice(0, 32);
         const s = signatureBytes.slice(32, 64);
-        const publicKeyHex = decoded.payload.publicKey.startsWith('0x')
-            ? decoded.payload.publicKey
-            : `0x${decoded.payload.publicKey}`;
-        const publicKeyBytes = (0, utils_1.arrayify)(publicKeyHex);
+        const publicKeyBytes = (0, utils_1.arrayify)(decoded.payload.publicKey, { allowMissingPrefix: true });
         // PKPEthersWallet.signMessage() adds Ethereum prefix, so we need to add it here too
         const ethPrefixedMessage = '\x19Ethereum Signed Message:\n' + data.length + data;
         const messageHashBytes = (0, utils_1.arrayify)(ethers_1.ethers.utils.keccak256((0, utils_1.toUtf8Bytes)(ethPrefixedMessage)));

package/dist/src/jwt/core/utils/verifyES256KSignature.js.map

@@ -1 +1 @@
-{"version":3,"file":"verifyES256KSignature.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":";;AASA,sDAiCC;;AA1CD,oEAA8C;AAC9C,mCAAgC;AAChC,4CAAyD;AAIzD,+CAA4C;AAC5C,qCAAsC;AAE/B,KAAK,UAAU,qBAAqB,CAAC,EAAE,OAAO,EAA8B;IACjF,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAEpC,6CAA6C;QAC7C,MAAM,cAAc,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;QAE7C,4CAA4C;QAC5C,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvC,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC;YAC7D,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS;YAC3B,CAAC,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QACrC,MAAM,cAAc,GAAG,IAAA,gBAAQ,EAAC,YAAY,CAAC,CAAC;QAE9C,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,gCAAgC,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACjF,MAAM,gBAAgB,GAAG,IAAA,gBAAQ,EAAC,eAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAA,mBAAW,EAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAE3F,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEtD,8CAA8C;QAC9C,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAExF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,GAAG,qBAAS,CAAC,iBAAiB,wBAAyB,KAAe,CAAC,OAAO,EAAE,CACjF,CAAC;IACJ,CAAC;AACH,CAAC"}
+{"version":3,"file":"verifyES256KSignature.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/verifyES256KSignature.ts"],"names":[],"mappings":";;AASA,sDA8BC;;AAvCD,oEAA8C;AAC9C,mCAAgC;AAChC,4CAAyD;AAIzD,+CAA4C;AAC5C,qCAAsC;AAE/B,KAAK,UAAU,qBAAqB,CAAC,EAAE,OAAO,EAA8B;IACjF,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAEpC,6CAA6C;QAC7C,MAAM,cAAc,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;QAE7C,4CAA4C;QAC5C,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvC,MAAM,cAAc,GAAG,IAAA,gBAAQ,EAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzF,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,gCAAgC,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACjF,MAAM,gBAAgB,GAAG,IAAA,gBAAQ,EAAC,eAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAA,mBAAW,EAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAE3F,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEtD,8CAA8C;QAC9C,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAExF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,GAAG,qBAAS,CAAC,iBAAiB,wBAAyB,KAAe,CAAC,OAAO,EAAE,CACjF,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/src/jwt/types.d.ts

@@ -28,7 +28,7 @@ export interface CreateJWSConfig {
     config: {
         audience: string | string[];
         expiresInMinutes: number;
-        subjectAddress?: string;
+        subjectAddress?: `0x${string}`;
         role: VincentJWTRole;
     };
 }

package/dist/src/jwt/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAErC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,WAAW,CAAC,CAAC;AAExE;;;GAGG;AACH,MAAM,MAAM,wBAAwB,GAChC,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,WAAW,GACX,MAAM,GACN,wBAAwB,CAAC;AAE7B,KAAK,YAAY,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,GAAG,IAAI;KACzC,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CACjC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK;CACjB,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnB,wBAAwB,CACzB,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,+BAA+B,CAAC;IACzC,MAAM,EAAE,eAAe,CAAC;IACxB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,cAAc,CAAC;KACtB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;IACnB,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IAEzB,sBAAsB,EAAE,MAAM,CAAC;IAG/B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE;QACN,GAAG,EAAE,KAAK,CAAC;QACX,GAAG,EAAE,QAAQ,CAAC;QAGd,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,UAAU,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;KAGK;AACL,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,UAAU,GAAG,eAAe,CAAC;AAE5E;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,UAAU;IACxD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,eAAe,CAAC;KACvB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,UAAU,CAAC;QACjB,GAAG,EAAE;YACH,EAAE,EAAE,MAAM,CAAC;YACX,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC;KACH,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,OAAO,EAAE,UAAU,GAAG;QACpB,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,sBAAsB,GAAG,iBAAiB,GAAG,mBAAmB,CAAC;AAE7F,UAAU,aAAa;IACrB,OAAO,CAAC,EAAE,+BAA+B,CAAC;IAC1C,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,UAAU,mBAAoB,SAAQ,aAAa;IACjD,SAAS,EAAE,eAAe,CAAC;IAC3B,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,MAAM,2BAA2B,GAAG,mBAAmB,CAAC;AAE9D;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,aAAa;IAC7D,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;CAC/B"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAErC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,WAAW,CAAC,CAAC;AAExE;;;GAGG;AACH,MAAM,MAAM,wBAAwB,GAChC,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,WAAW,GACX,MAAM,GACN,wBAAwB,CAAC;AAE7B,KAAK,YAAY,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,GAAG,IAAI;KACzC,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CACjC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK;CACjB,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnB,wBAAwB,CACzB,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,+BAA+B,CAAC;IACzC,MAAM,EAAE,eAAe,CAAC;IACxB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;QAC/B,IAAI,EAAE,cAAc,CAAC;KACtB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;IACnB,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IAEzB,sBAAsB,EAAE,MAAM,CAAC;IAG/B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE;QACN,GAAG,EAAE,KAAK,CAAC;QACX,GAAG,EAAE,QAAQ,CAAC;QAGd,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,UAAU,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;KAGK;AACL,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,UAAU,GAAG,eAAe,CAAC;AAE5E;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,UAAU;IACxD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,eAAe,CAAC;KACvB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,OAAO,EAAE,iBAAiB,GAAG;QAC3B,IAAI,EAAE,UAAU,CAAC;QACjB,GAAG,EAAE;YACH,EAAE,EAAE,MAAM,CAAC;YACX,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC;KACH,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,OAAO,EAAE,UAAU,GAAG;QACpB,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,sBAAsB,GAAG,iBAAiB,GAAG,mBAAmB,CAAC;AAE7F,UAAU,aAAa;IACrB,OAAO,CAAC,EAAE,+BAA+B,CAAC;IAC1C,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,UAAU,mBAAoB,SAAQ,aAAa;IACjD,SAAS,EAAE,eAAe,CAAC;IAC3B,OAAO,EAAE,SAAS,CAAC;IACnB,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAED;;;GAGG;AACH,MAAM,MAAM,2BAA2B,GAAG,mBAAmB,CAAC;AAE9D;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,aAAa;IAC7D,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;CAC/B"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lit-protocol/vincent-app-sdk",
-  "version": "1.0.3-beta.7",
+  "version": "2.0.1",
   "description": "Vincent SDK for browser and backend",
   "author": "Lit Protocol",
   "license": "ISC",
@@ -46,15 +46,15 @@
     "sdk"
   ],
   "dependencies": {
-    "@lit-protocol/auth-helpers": "^7.0.9",
-    "@lit-protocol/constants": "^7.0.8",
-    "@lit-protocol/lit-node-client": "^7.0.8",
-    "@lit-protocol/vincent-ability-sdk": "0.0.7-mma",
+    "@lit-protocol/auth-helpers": "^7.2.3",
+    "@lit-protocol/constants": "^7.2.3",
+    "@lit-protocol/lit-node-client": "^7.2.3",
     "@noble/secp256k1": "^2.2.3",
     "ethers": "5.8.0",
     "tslib": "^2.8.1",
     "zod": "3.25.64",
-    "@lit-protocol/vincent-contracts-sdk": "1.0.0-beta.3"
+    "@lit-protocol/vincent-ability-sdk": "2.0.1",
+    "@lit-protocol/vincent-contracts-sdk": "1.1.0"
   },
   "sideEffects": false,
   "files": [
@@ -62,8 +62,8 @@
     "*.md"
   ],
   "devDependencies": {
-    "@lit-protocol/pkp-ethers": "^7.2.0",
-    "@lit-protocol/types": "^7.0.8",
+    "@lit-protocol/pkp-ethers": "^7.2.3",
+    "@lit-protocol/types": "^7.2.3",
     "@types/express": "^5.0.1",
     "chokidar-cli": "^3.0.0",
     "live-server": "^1.2.2",