@lumiapassport/ui-kit 1.4.6 → 1.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/iframe/main.js +1 -1
- package/dist/iframe/main.js.map +1 -1
- package/dist/index.cjs +1 -101
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +1 -101
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -764,33 +764,21 @@ var init_passkey = __esm({
|
|
|
764
764
|
// src/internal/lib/iframe-mpc-client.ts
|
|
765
765
|
async function ensureDkgAndGetOwner(userId, _clientSeedHex) {
|
|
766
766
|
try {
|
|
767
|
-
console.info("[IframeMPC][DKG] Starting DKG via iframe for user:", userId);
|
|
768
767
|
const iframeManager = getIframeManager();
|
|
769
768
|
const keyshareStatus = await iframeManager.checkKeyshare(userId);
|
|
770
769
|
if (keyshareStatus.hasKeyshare && keyshareStatus.address) {
|
|
771
|
-
console.info("[IframeMPC][DKG] User already has keyshare in iframe:", {
|
|
772
|
-
userId,
|
|
773
|
-
address: keyshareStatus.address
|
|
774
|
-
});
|
|
775
770
|
return {
|
|
776
771
|
sessionId: "iframe-session",
|
|
777
772
|
ownerAddress: keyshareStatus.address
|
|
778
773
|
};
|
|
779
774
|
}
|
|
780
|
-
console.info("[IframeMPC][DKG] Authenticating user with iframe...");
|
|
781
775
|
await iframeManager.authenticate(userId);
|
|
782
776
|
const { jwtTokenManager: jwtTokenManager3 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
|
|
783
777
|
const accessToken = jwtTokenManager3.getAccessToken();
|
|
784
778
|
if (!accessToken) {
|
|
785
779
|
throw new Error("No access token available for DKG");
|
|
786
780
|
}
|
|
787
|
-
console.info("[IframeMPC][DKG] Starting DKG in iframe...");
|
|
788
781
|
const ownerAddress = await iframeManager.startDKG(userId, accessToken);
|
|
789
|
-
console.info("[IframeMPC][DKG] \u2705 DKG completed successfully:", {
|
|
790
|
-
userId,
|
|
791
|
-
ownerAddress,
|
|
792
|
-
note: "Key share is securely stored in iframe localStorage at auth.lumiapassport.com"
|
|
793
|
-
});
|
|
794
782
|
return {
|
|
795
783
|
sessionId: "iframe-session",
|
|
796
784
|
ownerAddress
|
|
@@ -807,11 +795,6 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
|
|
|
807
795
|
rounds: []
|
|
808
796
|
};
|
|
809
797
|
try {
|
|
810
|
-
console.info("[IframeMPC][Sign] Starting signature via iframe:", {
|
|
811
|
-
userId,
|
|
812
|
-
digest32: `${digest32.substring(0, 20)}...`,
|
|
813
|
-
hasDetails: !!userOpDetails
|
|
814
|
-
});
|
|
815
798
|
const iframeManager = getIframeManager();
|
|
816
799
|
const { jwtTokenManager: jwtTokenManager3 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
|
|
817
800
|
const accessToken = jwtTokenManager3.getAccessToken();
|
|
@@ -831,11 +814,6 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
|
|
|
831
814
|
const endTime = performance.now();
|
|
832
815
|
currentSigningStats.endTime = endTime;
|
|
833
816
|
currentSigningStats.totalDurationMs = endTime - startTime;
|
|
834
|
-
console.info("[IframeMPC][Sign] \u2705 Signature obtained from iframe:", {
|
|
835
|
-
signature: `${signature.substring(0, 20)}...`,
|
|
836
|
-
duration: `${(endTime - startTime).toFixed(2)}ms`,
|
|
837
|
-
note: "All signing operations happened securely inside iframe"
|
|
838
|
-
});
|
|
839
817
|
return signature;
|
|
840
818
|
} catch (error) {
|
|
841
819
|
console.error("[IframeMPC][Sign] Error in signDigestWithMpc:", error);
|
|
@@ -903,14 +881,11 @@ var init_httpClient = __esm({
|
|
|
903
881
|
if (body && method !== "GET") {
|
|
904
882
|
requestConfig.body = typeof body === "string" ? body : JSON.stringify(body);
|
|
905
883
|
}
|
|
906
|
-
console.log(`[HttpClient] Making ${method} request to: ${url}`);
|
|
907
884
|
try {
|
|
908
885
|
const response = await fetch(url, requestConfig);
|
|
909
886
|
if (response.status === 401 && requireAuth) {
|
|
910
|
-
console.log("[HttpClient] Got 401, attempting token refresh...");
|
|
911
887
|
const refreshSuccess = await import_auth3.jwtTokenManager.refreshAccessToken();
|
|
912
888
|
if (refreshSuccess) {
|
|
913
|
-
console.log("[HttpClient] Token refreshed, retrying request...");
|
|
914
889
|
const newAccessToken = import_auth3.jwtTokenManager.getAccessToken();
|
|
915
890
|
if (newAccessToken) {
|
|
916
891
|
requestHeaders["Authorization"] = `Bearer ${newAccessToken}`;
|
|
@@ -919,7 +894,6 @@ var init_httpClient = __esm({
|
|
|
919
894
|
const retryResponse = await fetch(url, requestConfig);
|
|
920
895
|
return await this.processResponse(retryResponse);
|
|
921
896
|
} else {
|
|
922
|
-
console.error("[HttpClient] Token refresh failed");
|
|
923
897
|
return {
|
|
924
898
|
success: false,
|
|
925
899
|
error: "Authentication failed - unable to refresh token",
|
|
@@ -942,7 +916,6 @@ var init_httpClient = __esm({
|
|
|
942
916
|
try {
|
|
943
917
|
const data = await response.json();
|
|
944
918
|
if (!response.ok) {
|
|
945
|
-
console.log(`[HttpClient] Request failed with status ${status}:`, data);
|
|
946
919
|
return {
|
|
947
920
|
success: false,
|
|
948
921
|
error: data.message || data.error || `HTTP ${status}`,
|
|
@@ -950,7 +923,6 @@ var init_httpClient = __esm({
|
|
|
950
923
|
data
|
|
951
924
|
};
|
|
952
925
|
}
|
|
953
|
-
console.log(`[HttpClient] Request successful (${status})`);
|
|
954
926
|
return {
|
|
955
927
|
success: true,
|
|
956
928
|
data,
|
|
@@ -1049,11 +1021,9 @@ var init_cloudStorage = __esm({
|
|
|
1049
1021
|
discoveryDocs: [this.DISCOVERY_DOC]
|
|
1050
1022
|
});
|
|
1051
1023
|
this.gapiInitialized = true;
|
|
1052
|
-
console.log("[GoogleDrive] Google API client initialized");
|
|
1053
1024
|
}
|
|
1054
1025
|
if (!this.gisInitialized) {
|
|
1055
1026
|
this.gisInitialized = true;
|
|
1056
|
-
console.log("[GoogleDrive] Google Identity Services initialized");
|
|
1057
1027
|
}
|
|
1058
1028
|
}
|
|
1059
1029
|
loadScript(src) {
|
|
@@ -1092,7 +1062,6 @@ var init_cloudStorage = __esm({
|
|
|
1092
1062
|
}
|
|
1093
1063
|
this.accessToken = response.access_token;
|
|
1094
1064
|
window.gapi.client.setToken({ access_token: this.accessToken });
|
|
1095
|
-
console.log("[GoogleDrive] Successfully authenticated");
|
|
1096
1065
|
resolve(true);
|
|
1097
1066
|
}
|
|
1098
1067
|
});
|
|
@@ -1111,7 +1080,6 @@ var init_cloudStorage = __esm({
|
|
|
1111
1080
|
window.google?.accounts.oauth2.revoke(this.accessToken);
|
|
1112
1081
|
this.accessToken = null;
|
|
1113
1082
|
window.gapi?.client.setToken(null);
|
|
1114
|
-
console.log("[GoogleDrive] Signed out successfully");
|
|
1115
1083
|
}
|
|
1116
1084
|
}
|
|
1117
1085
|
async upload(fileName, content, usePrivateStorage = true) {
|
|
@@ -1122,18 +1090,15 @@ var init_cloudStorage = __esm({
|
|
|
1122
1090
|
if (usePrivateStorage) {
|
|
1123
1091
|
try {
|
|
1124
1092
|
const fileId = await this.uploadToAppDataFolder(fileName, content);
|
|
1125
|
-
console.log("[GoogleDrive] File uploaded to appDataFolder successfully:", fileId);
|
|
1126
1093
|
return fileId;
|
|
1127
1094
|
} catch (error) {
|
|
1128
1095
|
console.warn("[GoogleDrive] AppDataFolder upload failed, trying fallback to regular folder:", error);
|
|
1129
1096
|
const fileId = await this.uploadToAppFolder(fileName, content);
|
|
1130
|
-
console.log("[GoogleDrive] File uploaded to app folder successfully:", fileId);
|
|
1131
1097
|
return fileId;
|
|
1132
1098
|
}
|
|
1133
1099
|
} else {
|
|
1134
1100
|
try {
|
|
1135
1101
|
const fileId = await this.uploadToAppFolder(fileName, content);
|
|
1136
|
-
console.log("[GoogleDrive] File uploaded to app folder successfully:", fileId);
|
|
1137
1102
|
return fileId;
|
|
1138
1103
|
} catch (error) {
|
|
1139
1104
|
console.error("[GoogleDrive] Upload failed:", error);
|
|
@@ -1189,7 +1154,6 @@ var init_cloudStorage = __esm({
|
|
|
1189
1154
|
throw new Error(`Failed to create folder: ${createResponse.status}`);
|
|
1190
1155
|
}
|
|
1191
1156
|
const createResult = await createResponse.json();
|
|
1192
|
-
console.log(`[GoogleDrive] Created folder '${folderName}':`, createResult.id);
|
|
1193
1157
|
return createResult.id;
|
|
1194
1158
|
}
|
|
1195
1159
|
async performUpload(metadata, content) {
|
|
@@ -1319,11 +1283,8 @@ async function deleteShare() {
|
|
|
1319
1283
|
if (!response.ok && response.status !== 404) throw new Error(`Failed to delete share: ${response.status} ${response.statusText}`);
|
|
1320
1284
|
}
|
|
1321
1285
|
async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
1322
|
-
console.log("[deriveKEKFromPasskey] Starting passkey derivation for userId:", userId);
|
|
1323
|
-
console.log("[deriveKEKFromPasskey] Required credential ID:", requiredCredentialId);
|
|
1324
1286
|
const challengeString = `lumia-kek:${userId}`;
|
|
1325
1287
|
const challenge = new TextEncoder().encode(challengeString);
|
|
1326
|
-
console.log("[deriveKEKFromPasskey] Challenge string:", challengeString);
|
|
1327
1288
|
function base64urlToUint8Array3(base64url) {
|
|
1328
1289
|
const base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
|
|
1329
1290
|
const pad = base64.length % 4 ? 4 - base64.length % 4 : 0;
|
|
@@ -1336,14 +1297,8 @@ async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
|
1336
1297
|
return bytes;
|
|
1337
1298
|
}
|
|
1338
1299
|
const targetCredentialId = requiredCredentialId || createPasskeyHelpers(userId).getCredId();
|
|
1339
|
-
console.log("[deriveKEKFromPasskey] Target credential ID:", targetCredentialId);
|
|
1340
1300
|
const allowCredentials = targetCredentialId ? [{ id: base64urlToUint8Array3(targetCredentialId), type: "public-key" }] : [];
|
|
1341
|
-
console.log("[deriveKEKFromPasskey] Using allowCredentials:", allowCredentials.length > 0 ? "specific credential" : "any credential");
|
|
1342
|
-
if (!targetCredentialId) {
|
|
1343
|
-
console.warn("[deriveKEKFromPasskey] Warning: No credential ID available. User must select the correct passkey manually.");
|
|
1344
|
-
}
|
|
1345
1301
|
try {
|
|
1346
|
-
console.log("[deriveKEKFromPasskey] Calling navigator.credentials.get...");
|
|
1347
1302
|
const credential = await navigator.credentials.get({
|
|
1348
1303
|
publicKey: {
|
|
1349
1304
|
challenge,
|
|
@@ -1352,24 +1307,15 @@ async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
|
1352
1307
|
extensions: { prf: { eval: { first: challenge } } }
|
|
1353
1308
|
}
|
|
1354
1309
|
});
|
|
1355
|
-
console.log("[deriveKEKFromPasskey] Credential received:", !!credential);
|
|
1356
1310
|
if (credential) {
|
|
1357
|
-
console.log("[deriveKEKFromPasskey] Credential ID:", credential.id);
|
|
1358
|
-
console.log("[deriveKEKFromPasskey] Credential ID length:", credential.id.length);
|
|
1359
1311
|
const extensionResults = credential.getClientExtensionResults?.();
|
|
1360
|
-
console.log("[deriveKEKFromPasskey] Extension results:", extensionResults);
|
|
1361
1312
|
if (extensionResults?.prf?.results?.first) {
|
|
1362
|
-
console.log("[deriveKEKFromPasskey] PRF result found, returning KEK");
|
|
1363
|
-
console.log("[deriveKEKFromPasskey] PRF result length:", extensionResults.prf.results.first.byteLength);
|
|
1364
1313
|
return extensionResults.prf.results.first;
|
|
1365
1314
|
}
|
|
1366
1315
|
}
|
|
1367
|
-
console.log("[deriveKEKFromPasskey] No PRF result, falling back to HKDF...");
|
|
1368
1316
|
const credentialIdBytes = new TextEncoder().encode(credential.id);
|
|
1369
|
-
console.log("[deriveKEKFromPasskey] Credential ID length:", credential.id.length);
|
|
1370
1317
|
const keyMaterial = await crypto.subtle.importKey("raw", credentialIdBytes, "HKDF", false, ["deriveBits"]);
|
|
1371
1318
|
const kekBytes = await crypto.subtle.deriveBits({ name: "HKDF", hash: "SHA-256", salt: challenge, info: new TextEncoder().encode("client-share") }, keyMaterial, 256);
|
|
1372
|
-
console.log("[deriveKEKFromPasskey] HKDF fallback completed successfully");
|
|
1373
1319
|
return kekBytes;
|
|
1374
1320
|
} catch (error) {
|
|
1375
1321
|
console.error("[deriveKEKFromPasskey] Error during passkey operation:", error);
|
|
@@ -1457,7 +1403,6 @@ async function deriveBackupPasswordFromPasskey(userId, credentialId) {
|
|
|
1457
1403
|
type: "public-key",
|
|
1458
1404
|
transports: ["internal", "hybrid"]
|
|
1459
1405
|
}];
|
|
1460
|
-
console.log("[deriveBackupPasswordFromPasskey] Using specific credential ID:", credentialId);
|
|
1461
1406
|
} catch (error) {
|
|
1462
1407
|
console.warn("[deriveBackupPasswordFromPasskey] Failed to parse credentialId, falling back to open selection:", error);
|
|
1463
1408
|
}
|
|
@@ -1537,7 +1482,6 @@ async function downloadShareFromVault(token) {
|
|
|
1537
1482
|
async function envelopeEncryptKeyshare(data, userId) {
|
|
1538
1483
|
const passkeyHelpers = createPasskeyHelpers(userId);
|
|
1539
1484
|
const credentialId = passkeyHelpers.getCredId();
|
|
1540
|
-
console.log("[envelopeEncryptKeyshare] Using credential ID for encryption:", credentialId);
|
|
1541
1485
|
const dek = crypto.getRandomValues(new Uint8Array(32));
|
|
1542
1486
|
const kekBytes = await deriveKEKFromPasskey(userId);
|
|
1543
1487
|
const kek = await crypto.subtle.importKey("raw", kekBytes, "AES-GCM", false, ["encrypt"]);
|
|
@@ -1569,7 +1513,6 @@ async function envelopeEncryptKeyshare(data, userId) {
|
|
|
1569
1513
|
};
|
|
1570
1514
|
}
|
|
1571
1515
|
async function envelopeEncryptKeyshareWithPassword(data, password) {
|
|
1572
|
-
console.log("[envelopeEncryptKeyshareWithPassword] Encrypting with password");
|
|
1573
1516
|
const dek = crypto.getRandomValues(new Uint8Array(32));
|
|
1574
1517
|
const salt = crypto.getRandomValues(new Uint8Array(16));
|
|
1575
1518
|
const kekKey = await deriveKeyFromPassword(password, salt);
|
|
@@ -1600,36 +1543,20 @@ async function envelopeEncryptKeyshareWithPassword(data, password) {
|
|
|
1600
1543
|
};
|
|
1601
1544
|
}
|
|
1602
1545
|
async function envelopeDecryptKeyshare(envelope, userId) {
|
|
1603
|
-
console.log("[envelopeDecryptKeyshare] Starting decryption process");
|
|
1604
|
-
console.log("[envelopeDecryptKeyshare] Envelope credential ID:", envelope.credentialId);
|
|
1605
|
-
console.log("[envelopeDecryptKeyshare] Deriving KEK from passkey...");
|
|
1606
1546
|
const kekBytes = await deriveKEKFromPasskey(userId, envelope.credentialId);
|
|
1607
|
-
console.log("[envelopeDecryptKeyshare] KEK bytes length:", kekBytes.byteLength);
|
|
1608
|
-
console.log("[envelopeDecryptKeyshare] Importing KEK as crypto key...");
|
|
1609
1547
|
const kek = await crypto.subtle.importKey("raw", kekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1610
|
-
console.log("[envelopeDecryptKeyshare] Decrypting wrapped DEK...");
|
|
1611
1548
|
const wrappedDekWithIv = base64ToBytes(envelope.wrapped_dek);
|
|
1612
|
-
console.log("[envelopeDecryptKeyshare] Wrapped DEK with IV length:", wrappedDekWithIv.length);
|
|
1613
1549
|
const wrapIv = wrappedDekWithIv.slice(0, 12);
|
|
1614
1550
|
const wrappedDekData = wrappedDekWithIv.slice(12);
|
|
1615
|
-
console.log("[envelopeDecryptKeyshare] Wrap IV length:", wrapIv.length, "Wrapped DEK data length:", wrappedDekData.length);
|
|
1616
1551
|
try {
|
|
1617
1552
|
const dekBytes = await crypto.subtle.decrypt({ name: "AES-GCM", iv: wrapIv }, kek, wrappedDekData);
|
|
1618
|
-
console.log("[envelopeDecryptKeyshare] DEK decrypted successfully, length:", dekBytes.byteLength);
|
|
1619
|
-
console.log("[envelopeDecryptKeyshare] Importing DEK as crypto key...");
|
|
1620
1553
|
const dekCryptoKey = await crypto.subtle.importKey("raw", dekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1621
|
-
console.log("[envelopeDecryptKeyshare] Decrypting main data...");
|
|
1622
1554
|
const ciphertextWithIv = base64ToBytes(envelope.ciphertext_share);
|
|
1623
|
-
console.log("[envelopeDecryptKeyshare] Ciphertext with IV length:", ciphertextWithIv.length);
|
|
1624
1555
|
const dataIv = ciphertextWithIv.slice(0, 12);
|
|
1625
1556
|
const encryptedData = ciphertextWithIv.slice(12);
|
|
1626
|
-
console.log("[envelopeDecryptKeyshare] Data IV length:", dataIv.length, "Encrypted data length:", encryptedData.length);
|
|
1627
1557
|
const decryptedData = await crypto.subtle.decrypt({ name: "AES-GCM", iv: dataIv }, dekCryptoKey, encryptedData);
|
|
1628
|
-
console.log("[envelopeDecryptKeyshare] Main data decrypted successfully, length:", decryptedData.byteLength);
|
|
1629
|
-
console.log("[envelopeDecryptKeyshare] Parsing JSON...");
|
|
1630
1558
|
const plaintext = new TextDecoder().decode(decryptedData);
|
|
1631
1559
|
const result = JSON.parse(plaintext);
|
|
1632
|
-
console.log("[envelopeDecryptKeyshare] Decryption completed successfully");
|
|
1633
1560
|
return result;
|
|
1634
1561
|
} catch (error) {
|
|
1635
1562
|
console.error("[envelopeDecryptKeyshare] Decryption failed:", error);
|
|
@@ -1641,25 +1568,20 @@ async function envelopeDecryptKeyshare(envelope, userId) {
|
|
|
1641
1568
|
}
|
|
1642
1569
|
}
|
|
1643
1570
|
async function envelopeDecryptKeyshareWithPassword(envelope, password) {
|
|
1644
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Starting password-based decryption");
|
|
1645
1571
|
const wrappedDekWithSaltAndIv = base64ToBytes(envelope.wrapped_dek);
|
|
1646
1572
|
const salt = wrappedDekWithSaltAndIv.slice(0, 16);
|
|
1647
1573
|
const wrapIv = wrappedDekWithSaltAndIv.slice(16, 28);
|
|
1648
1574
|
const wrappedDekData = wrappedDekWithSaltAndIv.slice(28);
|
|
1649
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Salt length:", salt.length, "Wrap IV length:", wrapIv.length, "Wrapped DEK data length:", wrappedDekData.length);
|
|
1650
1575
|
try {
|
|
1651
1576
|
const kekKey = await deriveKeyFromPassword(password, salt);
|
|
1652
1577
|
const dekBytes = await crypto.subtle.decrypt({ name: "AES-GCM", iv: wrapIv }, kekKey, wrappedDekData);
|
|
1653
|
-
console.log("[envelopeDecryptKeyshareWithPassword] DEK decrypted successfully, length:", dekBytes.byteLength);
|
|
1654
1578
|
const dekCryptoKey = await crypto.subtle.importKey("raw", dekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1655
1579
|
const ciphertextWithIv = base64ToBytes(envelope.ciphertext_share);
|
|
1656
1580
|
const dataIv = ciphertextWithIv.slice(0, 12);
|
|
1657
1581
|
const encryptedData = ciphertextWithIv.slice(12);
|
|
1658
1582
|
const decryptedData = await crypto.subtle.decrypt({ name: "AES-GCM", iv: dataIv }, dekCryptoKey, encryptedData);
|
|
1659
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Main data decrypted successfully");
|
|
1660
1583
|
const plaintext = new TextDecoder().decode(decryptedData);
|
|
1661
1584
|
const result = JSON.parse(plaintext);
|
|
1662
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Decryption completed successfully");
|
|
1663
1585
|
return result;
|
|
1664
1586
|
} catch (error) {
|
|
1665
1587
|
console.error("[envelopeDecryptKeyshareWithPassword] Decryption failed:", error);
|
|
@@ -1682,22 +1604,15 @@ async function backupToServer(userId, password) {
|
|
|
1682
1604
|
updateBackupStatus(userId, "server", { enabled: true, lastBackup: Date.now(), error: void 0 });
|
|
1683
1605
|
}
|
|
1684
1606
|
async function restoreFromServer(userId, password = null) {
|
|
1685
|
-
console.log("[restoreFromServer] Starting restore for userId:", userId);
|
|
1686
|
-
console.log("[restoreFromServer] Using password:", !!password);
|
|
1687
|
-
console.log("[restoreFromServer] Getting vault token...");
|
|
1688
1607
|
const vaultToken = await getShareVaultToken(["share:get"]);
|
|
1689
|
-
console.log("[restoreFromServer] Downloading share from vault...");
|
|
1690
1608
|
const envelope = await downloadShareFromVault(vaultToken.token);
|
|
1691
|
-
console.log("[restoreFromServer] Envelope encryption method:", envelope.encryptionMethod);
|
|
1692
1609
|
const backupData = password ? await envelopeDecryptKeyshareWithPassword(envelope, password) : await envelopeDecryptKeyshare(envelope, userId);
|
|
1693
1610
|
if (backupData.userId !== userId) throw new Error("Server backup does not match current user");
|
|
1694
1611
|
const storage = typeof window !== "undefined" ? window.localStorage : void 0;
|
|
1695
1612
|
if (!storage) throw new Error("localStorage not available");
|
|
1696
|
-
console.log("[restoreFromServer] Saving keyshare to localStorage...");
|
|
1697
1613
|
storage.setItem(`tss.${userId}.keyshare`, backupData.keyshare);
|
|
1698
1614
|
storage.setItem(`tss.${userId}.sessionId`, backupData.sessionId);
|
|
1699
1615
|
storage.setItem(`tss.${userId}.ownerAddress`, backupData.ownerAddress);
|
|
1700
|
-
console.log("[restoreFromServer] Restore completed successfully");
|
|
1701
1616
|
}
|
|
1702
1617
|
async function restoreFromBackup(file, password, userId) {
|
|
1703
1618
|
const fileContent = await file.text();
|
|
@@ -1763,7 +1678,6 @@ async function backupToLocalFile(userId, password) {
|
|
|
1763
1678
|
});
|
|
1764
1679
|
backupPassword = result.password;
|
|
1765
1680
|
credentialId = result.credentialId;
|
|
1766
|
-
console.log("[backupToLocalFile] Using credential ID from passkey:", credentialId);
|
|
1767
1681
|
}
|
|
1768
1682
|
const encryptedBackup = await encryptKeyshare(backupData, backupPassword, encryptionMethod, credentialId);
|
|
1769
1683
|
const fileName = `lumia-keyshare-backup-${userId}-${Date.now()}.json`;
|
|
@@ -1796,7 +1710,6 @@ async function backupToCloud(userId, password, providerId, usePrivateStorage = t
|
|
|
1796
1710
|
});
|
|
1797
1711
|
backupPassword = result.password;
|
|
1798
1712
|
credentialId = result.credentialId;
|
|
1799
|
-
console.log("[backupToCloud] Using credential ID from passkey:", credentialId);
|
|
1800
1713
|
}
|
|
1801
1714
|
const encryptedBackup = await encryptKeyshare(backupData, backupPassword, encryptionMethod, credentialId);
|
|
1802
1715
|
const timestamp = Date.now();
|
|
@@ -4093,25 +4006,19 @@ var init_VerificationCodeInput = __esm({
|
|
|
4093
4006
|
|
|
4094
4007
|
// src/internal/clients/profile.ts
|
|
4095
4008
|
async function getUserProfile() {
|
|
4096
|
-
console.log("[ProfileClient] Fetching user profile...");
|
|
4097
4009
|
const response = await tssClient.get("/api/auth/profile", true);
|
|
4098
4010
|
if (!response.success || !response.data) {
|
|
4099
4011
|
const error = response.error || "Failed to fetch user profile";
|
|
4100
|
-
console.error("[ProfileClient] Failed to fetch profile:", error);
|
|
4101
4012
|
throw new Error(error);
|
|
4102
4013
|
}
|
|
4103
|
-
console.log("[ProfileClient] Profile fetched successfully:", response.data);
|
|
4104
4014
|
return response.data;
|
|
4105
4015
|
}
|
|
4106
4016
|
async function updateUserProfile(updates) {
|
|
4107
|
-
console.log("[ProfileClient] Updating user profile:", updates);
|
|
4108
4017
|
const response = await tssClient.patch("/api/auth/profile", updates, true);
|
|
4109
4018
|
if (!response.success || !response.data) {
|
|
4110
4019
|
const error = response.error || "Failed to update user profile";
|
|
4111
|
-
console.error("[ProfileClient] Failed to update profile:", error);
|
|
4112
4020
|
throw new Error(error);
|
|
4113
4021
|
}
|
|
4114
|
-
console.log("[ProfileClient] Profile updated successfully:", response.data);
|
|
4115
4022
|
return response.data;
|
|
4116
4023
|
}
|
|
4117
4024
|
var init_profile = __esm({
|
|
@@ -5286,10 +5193,7 @@ async function sendUserOperation(session, callTarget, amountWei, innerData = "0x
|
|
|
5286
5193
|
paymasterAndData = `0x${paymasterAddr}${packedPaymasterGasLimits.slice(2)}${paymasterDataClean}`;
|
|
5287
5194
|
}
|
|
5288
5195
|
const packedForHash = { sender: session.smartAccountAddress, nonce: BigInt(nonce2), initCode, callData, accountGasLimits, preVerificationGas: BigInt(userOp.preVerificationGas), gasFees, paymasterAndData, signature: "0x" };
|
|
5289
|
-
console.log("[Account] Computing hash for signing with sender:", session.smartAccountAddress);
|
|
5290
|
-
console.log("[Account] PackedForHash for hash computation:", JSON.stringify(packedForHash, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5291
5196
|
opHash = await publicClient.readContract({ address: entryPointAddress, abi: import_account_abstraction2.entryPoint07Abi, functionName: "getUserOpHash", args: [packedForHash] });
|
|
5292
|
-
console.log("[Account] \u{1F511} HASH FOR SIGNING:", opHash);
|
|
5293
5197
|
}
|
|
5294
5198
|
let signature;
|
|
5295
5199
|
if (session.mpcUserId) {
|
|
@@ -5317,10 +5221,8 @@ async function sendUserOperation(session, callTarget, amountWei, innerData = "0x
|
|
|
5317
5221
|
}
|
|
5318
5222
|
userOp.signature = signature;
|
|
5319
5223
|
if (typeof userOp.sender !== "string") {
|
|
5320
|
-
console.error("[Account] CRITICAL ERROR: userOp.sender is not a string!", userOp.sender);
|
|
5321
5224
|
userOp.sender = session.smartAccountAddress;
|
|
5322
5225
|
}
|
|
5323
|
-
console.log("[Account] \u2705 Final UserOp before sending:", JSON.stringify(userOp, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5324
5226
|
return userOp;
|
|
5325
5227
|
};
|
|
5326
5228
|
try {
|
|
@@ -5535,8 +5437,6 @@ async function prepareUserOperation(session, callTarget, amountWei, innerData =
|
|
|
5535
5437
|
if (typeof userOp.sender !== "string") {
|
|
5536
5438
|
userOp.sender = session.smartAccountAddress;
|
|
5537
5439
|
}
|
|
5538
|
-
console.log("[Account] \u2705 Prepared signed UserOp (not sent):", JSON.stringify(userOp, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5539
|
-
console.log("[Account] \u{1F511} UserOp Hash:", opHash);
|
|
5540
5440
|
if (entryPointVersion === "v0.6") {
|
|
5541
5441
|
const userOpV06 = convertUserOpV07ToV06(userOp);
|
|
5542
5442
|
return { userOp: userOpV06, userOpHash: opHash };
|
|
@@ -8592,7 +8492,7 @@ function useLumiaPassportLinkedProfiles() {
|
|
|
8592
8492
|
// package.json
|
|
8593
8493
|
var package_default = {
|
|
8594
8494
|
name: "@lumiapassport/ui-kit",
|
|
8595
|
-
version: "1.4.
|
|
8495
|
+
version: "1.4.7",
|
|
8596
8496
|
description: "React UI components and hooks for Lumia Passport authentication and Account Abstraction",
|
|
8597
8497
|
type: "module",
|
|
8598
8498
|
main: "./dist/index.cjs",
|