@lumiapassport/ui-kit 1.4.6 → 1.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/iframe/main.js +1 -1
- package/dist/iframe/main.js.map +1 -1
- package/dist/index.cjs +1 -101
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +1 -101
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -752,33 +752,21 @@ var init_passkey = __esm({
|
|
|
752
752
|
// src/internal/lib/iframe-mpc-client.ts
|
|
753
753
|
async function ensureDkgAndGetOwner(userId, _clientSeedHex) {
|
|
754
754
|
try {
|
|
755
|
-
console.info("[IframeMPC][DKG] Starting DKG via iframe for user:", userId);
|
|
756
755
|
const iframeManager = getIframeManager();
|
|
757
756
|
const keyshareStatus = await iframeManager.checkKeyshare(userId);
|
|
758
757
|
if (keyshareStatus.hasKeyshare && keyshareStatus.address) {
|
|
759
|
-
console.info("[IframeMPC][DKG] User already has keyshare in iframe:", {
|
|
760
|
-
userId,
|
|
761
|
-
address: keyshareStatus.address
|
|
762
|
-
});
|
|
763
758
|
return {
|
|
764
759
|
sessionId: "iframe-session",
|
|
765
760
|
ownerAddress: keyshareStatus.address
|
|
766
761
|
};
|
|
767
762
|
}
|
|
768
|
-
console.info("[IframeMPC][DKG] Authenticating user with iframe...");
|
|
769
763
|
await iframeManager.authenticate(userId);
|
|
770
764
|
const { jwtTokenManager: jwtTokenManager3 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
|
|
771
765
|
const accessToken = jwtTokenManager3.getAccessToken();
|
|
772
766
|
if (!accessToken) {
|
|
773
767
|
throw new Error("No access token available for DKG");
|
|
774
768
|
}
|
|
775
|
-
console.info("[IframeMPC][DKG] Starting DKG in iframe...");
|
|
776
769
|
const ownerAddress = await iframeManager.startDKG(userId, accessToken);
|
|
777
|
-
console.info("[IframeMPC][DKG] \u2705 DKG completed successfully:", {
|
|
778
|
-
userId,
|
|
779
|
-
ownerAddress,
|
|
780
|
-
note: "Key share is securely stored in iframe localStorage at auth.lumiapassport.com"
|
|
781
|
-
});
|
|
782
770
|
return {
|
|
783
771
|
sessionId: "iframe-session",
|
|
784
772
|
ownerAddress
|
|
@@ -795,11 +783,6 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
|
|
|
795
783
|
rounds: []
|
|
796
784
|
};
|
|
797
785
|
try {
|
|
798
|
-
console.info("[IframeMPC][Sign] Starting signature via iframe:", {
|
|
799
|
-
userId,
|
|
800
|
-
digest32: `${digest32.substring(0, 20)}...`,
|
|
801
|
-
hasDetails: !!userOpDetails
|
|
802
|
-
});
|
|
803
786
|
const iframeManager = getIframeManager();
|
|
804
787
|
const { jwtTokenManager: jwtTokenManager3 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
|
|
805
788
|
const accessToken = jwtTokenManager3.getAccessToken();
|
|
@@ -819,11 +802,6 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
|
|
|
819
802
|
const endTime = performance.now();
|
|
820
803
|
currentSigningStats.endTime = endTime;
|
|
821
804
|
currentSigningStats.totalDurationMs = endTime - startTime;
|
|
822
|
-
console.info("[IframeMPC][Sign] \u2705 Signature obtained from iframe:", {
|
|
823
|
-
signature: `${signature.substring(0, 20)}...`,
|
|
824
|
-
duration: `${(endTime - startTime).toFixed(2)}ms`,
|
|
825
|
-
note: "All signing operations happened securely inside iframe"
|
|
826
|
-
});
|
|
827
805
|
return signature;
|
|
828
806
|
} catch (error) {
|
|
829
807
|
console.error("[IframeMPC][Sign] Error in signDigestWithMpc:", error);
|
|
@@ -891,14 +869,11 @@ var init_httpClient = __esm({
|
|
|
891
869
|
if (body && method !== "GET") {
|
|
892
870
|
requestConfig.body = typeof body === "string" ? body : JSON.stringify(body);
|
|
893
871
|
}
|
|
894
|
-
console.log(`[HttpClient] Making ${method} request to: ${url}`);
|
|
895
872
|
try {
|
|
896
873
|
const response = await fetch(url, requestConfig);
|
|
897
874
|
if (response.status === 401 && requireAuth) {
|
|
898
|
-
console.log("[HttpClient] Got 401, attempting token refresh...");
|
|
899
875
|
const refreshSuccess = await jwtTokenManager2.refreshAccessToken();
|
|
900
876
|
if (refreshSuccess) {
|
|
901
|
-
console.log("[HttpClient] Token refreshed, retrying request...");
|
|
902
877
|
const newAccessToken = jwtTokenManager2.getAccessToken();
|
|
903
878
|
if (newAccessToken) {
|
|
904
879
|
requestHeaders["Authorization"] = `Bearer ${newAccessToken}`;
|
|
@@ -907,7 +882,6 @@ var init_httpClient = __esm({
|
|
|
907
882
|
const retryResponse = await fetch(url, requestConfig);
|
|
908
883
|
return await this.processResponse(retryResponse);
|
|
909
884
|
} else {
|
|
910
|
-
console.error("[HttpClient] Token refresh failed");
|
|
911
885
|
return {
|
|
912
886
|
success: false,
|
|
913
887
|
error: "Authentication failed - unable to refresh token",
|
|
@@ -930,7 +904,6 @@ var init_httpClient = __esm({
|
|
|
930
904
|
try {
|
|
931
905
|
const data = await response.json();
|
|
932
906
|
if (!response.ok) {
|
|
933
|
-
console.log(`[HttpClient] Request failed with status ${status}:`, data);
|
|
934
907
|
return {
|
|
935
908
|
success: false,
|
|
936
909
|
error: data.message || data.error || `HTTP ${status}`,
|
|
@@ -938,7 +911,6 @@ var init_httpClient = __esm({
|
|
|
938
911
|
data
|
|
939
912
|
};
|
|
940
913
|
}
|
|
941
|
-
console.log(`[HttpClient] Request successful (${status})`);
|
|
942
914
|
return {
|
|
943
915
|
success: true,
|
|
944
916
|
data,
|
|
@@ -1037,11 +1009,9 @@ var init_cloudStorage = __esm({
|
|
|
1037
1009
|
discoveryDocs: [this.DISCOVERY_DOC]
|
|
1038
1010
|
});
|
|
1039
1011
|
this.gapiInitialized = true;
|
|
1040
|
-
console.log("[GoogleDrive] Google API client initialized");
|
|
1041
1012
|
}
|
|
1042
1013
|
if (!this.gisInitialized) {
|
|
1043
1014
|
this.gisInitialized = true;
|
|
1044
|
-
console.log("[GoogleDrive] Google Identity Services initialized");
|
|
1045
1015
|
}
|
|
1046
1016
|
}
|
|
1047
1017
|
loadScript(src) {
|
|
@@ -1080,7 +1050,6 @@ var init_cloudStorage = __esm({
|
|
|
1080
1050
|
}
|
|
1081
1051
|
this.accessToken = response.access_token;
|
|
1082
1052
|
window.gapi.client.setToken({ access_token: this.accessToken });
|
|
1083
|
-
console.log("[GoogleDrive] Successfully authenticated");
|
|
1084
1053
|
resolve(true);
|
|
1085
1054
|
}
|
|
1086
1055
|
});
|
|
@@ -1099,7 +1068,6 @@ var init_cloudStorage = __esm({
|
|
|
1099
1068
|
window.google?.accounts.oauth2.revoke(this.accessToken);
|
|
1100
1069
|
this.accessToken = null;
|
|
1101
1070
|
window.gapi?.client.setToken(null);
|
|
1102
|
-
console.log("[GoogleDrive] Signed out successfully");
|
|
1103
1071
|
}
|
|
1104
1072
|
}
|
|
1105
1073
|
async upload(fileName, content, usePrivateStorage = true) {
|
|
@@ -1110,18 +1078,15 @@ var init_cloudStorage = __esm({
|
|
|
1110
1078
|
if (usePrivateStorage) {
|
|
1111
1079
|
try {
|
|
1112
1080
|
const fileId = await this.uploadToAppDataFolder(fileName, content);
|
|
1113
|
-
console.log("[GoogleDrive] File uploaded to appDataFolder successfully:", fileId);
|
|
1114
1081
|
return fileId;
|
|
1115
1082
|
} catch (error) {
|
|
1116
1083
|
console.warn("[GoogleDrive] AppDataFolder upload failed, trying fallback to regular folder:", error);
|
|
1117
1084
|
const fileId = await this.uploadToAppFolder(fileName, content);
|
|
1118
|
-
console.log("[GoogleDrive] File uploaded to app folder successfully:", fileId);
|
|
1119
1085
|
return fileId;
|
|
1120
1086
|
}
|
|
1121
1087
|
} else {
|
|
1122
1088
|
try {
|
|
1123
1089
|
const fileId = await this.uploadToAppFolder(fileName, content);
|
|
1124
|
-
console.log("[GoogleDrive] File uploaded to app folder successfully:", fileId);
|
|
1125
1090
|
return fileId;
|
|
1126
1091
|
} catch (error) {
|
|
1127
1092
|
console.error("[GoogleDrive] Upload failed:", error);
|
|
@@ -1177,7 +1142,6 @@ var init_cloudStorage = __esm({
|
|
|
1177
1142
|
throw new Error(`Failed to create folder: ${createResponse.status}`);
|
|
1178
1143
|
}
|
|
1179
1144
|
const createResult = await createResponse.json();
|
|
1180
|
-
console.log(`[GoogleDrive] Created folder '${folderName}':`, createResult.id);
|
|
1181
1145
|
return createResult.id;
|
|
1182
1146
|
}
|
|
1183
1147
|
async performUpload(metadata, content) {
|
|
@@ -1307,11 +1271,8 @@ async function deleteShare() {
|
|
|
1307
1271
|
if (!response.ok && response.status !== 404) throw new Error(`Failed to delete share: ${response.status} ${response.statusText}`);
|
|
1308
1272
|
}
|
|
1309
1273
|
async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
1310
|
-
console.log("[deriveKEKFromPasskey] Starting passkey derivation for userId:", userId);
|
|
1311
|
-
console.log("[deriveKEKFromPasskey] Required credential ID:", requiredCredentialId);
|
|
1312
1274
|
const challengeString = `lumia-kek:${userId}`;
|
|
1313
1275
|
const challenge = new TextEncoder().encode(challengeString);
|
|
1314
|
-
console.log("[deriveKEKFromPasskey] Challenge string:", challengeString);
|
|
1315
1276
|
function base64urlToUint8Array3(base64url) {
|
|
1316
1277
|
const base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
|
|
1317
1278
|
const pad = base64.length % 4 ? 4 - base64.length % 4 : 0;
|
|
@@ -1324,14 +1285,8 @@ async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
|
1324
1285
|
return bytes;
|
|
1325
1286
|
}
|
|
1326
1287
|
const targetCredentialId = requiredCredentialId || createPasskeyHelpers(userId).getCredId();
|
|
1327
|
-
console.log("[deriveKEKFromPasskey] Target credential ID:", targetCredentialId);
|
|
1328
1288
|
const allowCredentials = targetCredentialId ? [{ id: base64urlToUint8Array3(targetCredentialId), type: "public-key" }] : [];
|
|
1329
|
-
console.log("[deriveKEKFromPasskey] Using allowCredentials:", allowCredentials.length > 0 ? "specific credential" : "any credential");
|
|
1330
|
-
if (!targetCredentialId) {
|
|
1331
|
-
console.warn("[deriveKEKFromPasskey] Warning: No credential ID available. User must select the correct passkey manually.");
|
|
1332
|
-
}
|
|
1333
1289
|
try {
|
|
1334
|
-
console.log("[deriveKEKFromPasskey] Calling navigator.credentials.get...");
|
|
1335
1290
|
const credential = await navigator.credentials.get({
|
|
1336
1291
|
publicKey: {
|
|
1337
1292
|
challenge,
|
|
@@ -1340,24 +1295,15 @@ async function deriveKEKFromPasskey(userId, requiredCredentialId) {
|
|
|
1340
1295
|
extensions: { prf: { eval: { first: challenge } } }
|
|
1341
1296
|
}
|
|
1342
1297
|
});
|
|
1343
|
-
console.log("[deriveKEKFromPasskey] Credential received:", !!credential);
|
|
1344
1298
|
if (credential) {
|
|
1345
|
-
console.log("[deriveKEKFromPasskey] Credential ID:", credential.id);
|
|
1346
|
-
console.log("[deriveKEKFromPasskey] Credential ID length:", credential.id.length);
|
|
1347
1299
|
const extensionResults = credential.getClientExtensionResults?.();
|
|
1348
|
-
console.log("[deriveKEKFromPasskey] Extension results:", extensionResults);
|
|
1349
1300
|
if (extensionResults?.prf?.results?.first) {
|
|
1350
|
-
console.log("[deriveKEKFromPasskey] PRF result found, returning KEK");
|
|
1351
|
-
console.log("[deriveKEKFromPasskey] PRF result length:", extensionResults.prf.results.first.byteLength);
|
|
1352
1301
|
return extensionResults.prf.results.first;
|
|
1353
1302
|
}
|
|
1354
1303
|
}
|
|
1355
|
-
console.log("[deriveKEKFromPasskey] No PRF result, falling back to HKDF...");
|
|
1356
1304
|
const credentialIdBytes = new TextEncoder().encode(credential.id);
|
|
1357
|
-
console.log("[deriveKEKFromPasskey] Credential ID length:", credential.id.length);
|
|
1358
1305
|
const keyMaterial = await crypto.subtle.importKey("raw", credentialIdBytes, "HKDF", false, ["deriveBits"]);
|
|
1359
1306
|
const kekBytes = await crypto.subtle.deriveBits({ name: "HKDF", hash: "SHA-256", salt: challenge, info: new TextEncoder().encode("client-share") }, keyMaterial, 256);
|
|
1360
|
-
console.log("[deriveKEKFromPasskey] HKDF fallback completed successfully");
|
|
1361
1307
|
return kekBytes;
|
|
1362
1308
|
} catch (error) {
|
|
1363
1309
|
console.error("[deriveKEKFromPasskey] Error during passkey operation:", error);
|
|
@@ -1445,7 +1391,6 @@ async function deriveBackupPasswordFromPasskey(userId, credentialId) {
|
|
|
1445
1391
|
type: "public-key",
|
|
1446
1392
|
transports: ["internal", "hybrid"]
|
|
1447
1393
|
}];
|
|
1448
|
-
console.log("[deriveBackupPasswordFromPasskey] Using specific credential ID:", credentialId);
|
|
1449
1394
|
} catch (error) {
|
|
1450
1395
|
console.warn("[deriveBackupPasswordFromPasskey] Failed to parse credentialId, falling back to open selection:", error);
|
|
1451
1396
|
}
|
|
@@ -1525,7 +1470,6 @@ async function downloadShareFromVault(token) {
|
|
|
1525
1470
|
async function envelopeEncryptKeyshare(data, userId) {
|
|
1526
1471
|
const passkeyHelpers = createPasskeyHelpers(userId);
|
|
1527
1472
|
const credentialId = passkeyHelpers.getCredId();
|
|
1528
|
-
console.log("[envelopeEncryptKeyshare] Using credential ID for encryption:", credentialId);
|
|
1529
1473
|
const dek = crypto.getRandomValues(new Uint8Array(32));
|
|
1530
1474
|
const kekBytes = await deriveKEKFromPasskey(userId);
|
|
1531
1475
|
const kek = await crypto.subtle.importKey("raw", kekBytes, "AES-GCM", false, ["encrypt"]);
|
|
@@ -1557,7 +1501,6 @@ async function envelopeEncryptKeyshare(data, userId) {
|
|
|
1557
1501
|
};
|
|
1558
1502
|
}
|
|
1559
1503
|
async function envelopeEncryptKeyshareWithPassword(data, password) {
|
|
1560
|
-
console.log("[envelopeEncryptKeyshareWithPassword] Encrypting with password");
|
|
1561
1504
|
const dek = crypto.getRandomValues(new Uint8Array(32));
|
|
1562
1505
|
const salt = crypto.getRandomValues(new Uint8Array(16));
|
|
1563
1506
|
const kekKey = await deriveKeyFromPassword(password, salt);
|
|
@@ -1588,36 +1531,20 @@ async function envelopeEncryptKeyshareWithPassword(data, password) {
|
|
|
1588
1531
|
};
|
|
1589
1532
|
}
|
|
1590
1533
|
async function envelopeDecryptKeyshare(envelope, userId) {
|
|
1591
|
-
console.log("[envelopeDecryptKeyshare] Starting decryption process");
|
|
1592
|
-
console.log("[envelopeDecryptKeyshare] Envelope credential ID:", envelope.credentialId);
|
|
1593
|
-
console.log("[envelopeDecryptKeyshare] Deriving KEK from passkey...");
|
|
1594
1534
|
const kekBytes = await deriveKEKFromPasskey(userId, envelope.credentialId);
|
|
1595
|
-
console.log("[envelopeDecryptKeyshare] KEK bytes length:", kekBytes.byteLength);
|
|
1596
|
-
console.log("[envelopeDecryptKeyshare] Importing KEK as crypto key...");
|
|
1597
1535
|
const kek = await crypto.subtle.importKey("raw", kekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1598
|
-
console.log("[envelopeDecryptKeyshare] Decrypting wrapped DEK...");
|
|
1599
1536
|
const wrappedDekWithIv = base64ToBytes(envelope.wrapped_dek);
|
|
1600
|
-
console.log("[envelopeDecryptKeyshare] Wrapped DEK with IV length:", wrappedDekWithIv.length);
|
|
1601
1537
|
const wrapIv = wrappedDekWithIv.slice(0, 12);
|
|
1602
1538
|
const wrappedDekData = wrappedDekWithIv.slice(12);
|
|
1603
|
-
console.log("[envelopeDecryptKeyshare] Wrap IV length:", wrapIv.length, "Wrapped DEK data length:", wrappedDekData.length);
|
|
1604
1539
|
try {
|
|
1605
1540
|
const dekBytes = await crypto.subtle.decrypt({ name: "AES-GCM", iv: wrapIv }, kek, wrappedDekData);
|
|
1606
|
-
console.log("[envelopeDecryptKeyshare] DEK decrypted successfully, length:", dekBytes.byteLength);
|
|
1607
|
-
console.log("[envelopeDecryptKeyshare] Importing DEK as crypto key...");
|
|
1608
1541
|
const dekCryptoKey = await crypto.subtle.importKey("raw", dekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1609
|
-
console.log("[envelopeDecryptKeyshare] Decrypting main data...");
|
|
1610
1542
|
const ciphertextWithIv = base64ToBytes(envelope.ciphertext_share);
|
|
1611
|
-
console.log("[envelopeDecryptKeyshare] Ciphertext with IV length:", ciphertextWithIv.length);
|
|
1612
1543
|
const dataIv = ciphertextWithIv.slice(0, 12);
|
|
1613
1544
|
const encryptedData = ciphertextWithIv.slice(12);
|
|
1614
|
-
console.log("[envelopeDecryptKeyshare] Data IV length:", dataIv.length, "Encrypted data length:", encryptedData.length);
|
|
1615
1545
|
const decryptedData = await crypto.subtle.decrypt({ name: "AES-GCM", iv: dataIv }, dekCryptoKey, encryptedData);
|
|
1616
|
-
console.log("[envelopeDecryptKeyshare] Main data decrypted successfully, length:", decryptedData.byteLength);
|
|
1617
|
-
console.log("[envelopeDecryptKeyshare] Parsing JSON...");
|
|
1618
1546
|
const plaintext = new TextDecoder().decode(decryptedData);
|
|
1619
1547
|
const result = JSON.parse(plaintext);
|
|
1620
|
-
console.log("[envelopeDecryptKeyshare] Decryption completed successfully");
|
|
1621
1548
|
return result;
|
|
1622
1549
|
} catch (error) {
|
|
1623
1550
|
console.error("[envelopeDecryptKeyshare] Decryption failed:", error);
|
|
@@ -1629,25 +1556,20 @@ async function envelopeDecryptKeyshare(envelope, userId) {
|
|
|
1629
1556
|
}
|
|
1630
1557
|
}
|
|
1631
1558
|
async function envelopeDecryptKeyshareWithPassword(envelope, password) {
|
|
1632
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Starting password-based decryption");
|
|
1633
1559
|
const wrappedDekWithSaltAndIv = base64ToBytes(envelope.wrapped_dek);
|
|
1634
1560
|
const salt = wrappedDekWithSaltAndIv.slice(0, 16);
|
|
1635
1561
|
const wrapIv = wrappedDekWithSaltAndIv.slice(16, 28);
|
|
1636
1562
|
const wrappedDekData = wrappedDekWithSaltAndIv.slice(28);
|
|
1637
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Salt length:", salt.length, "Wrap IV length:", wrapIv.length, "Wrapped DEK data length:", wrappedDekData.length);
|
|
1638
1563
|
try {
|
|
1639
1564
|
const kekKey = await deriveKeyFromPassword(password, salt);
|
|
1640
1565
|
const dekBytes = await crypto.subtle.decrypt({ name: "AES-GCM", iv: wrapIv }, kekKey, wrappedDekData);
|
|
1641
|
-
console.log("[envelopeDecryptKeyshareWithPassword] DEK decrypted successfully, length:", dekBytes.byteLength);
|
|
1642
1566
|
const dekCryptoKey = await crypto.subtle.importKey("raw", dekBytes, "AES-GCM", false, ["decrypt"]);
|
|
1643
1567
|
const ciphertextWithIv = base64ToBytes(envelope.ciphertext_share);
|
|
1644
1568
|
const dataIv = ciphertextWithIv.slice(0, 12);
|
|
1645
1569
|
const encryptedData = ciphertextWithIv.slice(12);
|
|
1646
1570
|
const decryptedData = await crypto.subtle.decrypt({ name: "AES-GCM", iv: dataIv }, dekCryptoKey, encryptedData);
|
|
1647
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Main data decrypted successfully");
|
|
1648
1571
|
const plaintext = new TextDecoder().decode(decryptedData);
|
|
1649
1572
|
const result = JSON.parse(plaintext);
|
|
1650
|
-
console.log("[envelopeDecryptKeyshareWithPassword] Decryption completed successfully");
|
|
1651
1573
|
return result;
|
|
1652
1574
|
} catch (error) {
|
|
1653
1575
|
console.error("[envelopeDecryptKeyshareWithPassword] Decryption failed:", error);
|
|
@@ -1670,22 +1592,15 @@ async function backupToServer(userId, password) {
|
|
|
1670
1592
|
updateBackupStatus(userId, "server", { enabled: true, lastBackup: Date.now(), error: void 0 });
|
|
1671
1593
|
}
|
|
1672
1594
|
async function restoreFromServer(userId, password = null) {
|
|
1673
|
-
console.log("[restoreFromServer] Starting restore for userId:", userId);
|
|
1674
|
-
console.log("[restoreFromServer] Using password:", !!password);
|
|
1675
|
-
console.log("[restoreFromServer] Getting vault token...");
|
|
1676
1595
|
const vaultToken = await getShareVaultToken(["share:get"]);
|
|
1677
|
-
console.log("[restoreFromServer] Downloading share from vault...");
|
|
1678
1596
|
const envelope = await downloadShareFromVault(vaultToken.token);
|
|
1679
|
-
console.log("[restoreFromServer] Envelope encryption method:", envelope.encryptionMethod);
|
|
1680
1597
|
const backupData = password ? await envelopeDecryptKeyshareWithPassword(envelope, password) : await envelopeDecryptKeyshare(envelope, userId);
|
|
1681
1598
|
if (backupData.userId !== userId) throw new Error("Server backup does not match current user");
|
|
1682
1599
|
const storage = typeof window !== "undefined" ? window.localStorage : void 0;
|
|
1683
1600
|
if (!storage) throw new Error("localStorage not available");
|
|
1684
|
-
console.log("[restoreFromServer] Saving keyshare to localStorage...");
|
|
1685
1601
|
storage.setItem(`tss.${userId}.keyshare`, backupData.keyshare);
|
|
1686
1602
|
storage.setItem(`tss.${userId}.sessionId`, backupData.sessionId);
|
|
1687
1603
|
storage.setItem(`tss.${userId}.ownerAddress`, backupData.ownerAddress);
|
|
1688
|
-
console.log("[restoreFromServer] Restore completed successfully");
|
|
1689
1604
|
}
|
|
1690
1605
|
async function restoreFromBackup(file, password, userId) {
|
|
1691
1606
|
const fileContent = await file.text();
|
|
@@ -1751,7 +1666,6 @@ async function backupToLocalFile(userId, password) {
|
|
|
1751
1666
|
});
|
|
1752
1667
|
backupPassword = result.password;
|
|
1753
1668
|
credentialId = result.credentialId;
|
|
1754
|
-
console.log("[backupToLocalFile] Using credential ID from passkey:", credentialId);
|
|
1755
1669
|
}
|
|
1756
1670
|
const encryptedBackup = await encryptKeyshare(backupData, backupPassword, encryptionMethod, credentialId);
|
|
1757
1671
|
const fileName = `lumia-keyshare-backup-${userId}-${Date.now()}.json`;
|
|
@@ -1784,7 +1698,6 @@ async function backupToCloud(userId, password, providerId, usePrivateStorage = t
|
|
|
1784
1698
|
});
|
|
1785
1699
|
backupPassword = result.password;
|
|
1786
1700
|
credentialId = result.credentialId;
|
|
1787
|
-
console.log("[backupToCloud] Using credential ID from passkey:", credentialId);
|
|
1788
1701
|
}
|
|
1789
1702
|
const encryptedBackup = await encryptKeyshare(backupData, backupPassword, encryptionMethod, credentialId);
|
|
1790
1703
|
const timestamp = Date.now();
|
|
@@ -4091,25 +4004,19 @@ var init_VerificationCodeInput = __esm({
|
|
|
4091
4004
|
|
|
4092
4005
|
// src/internal/clients/profile.ts
|
|
4093
4006
|
async function getUserProfile() {
|
|
4094
|
-
console.log("[ProfileClient] Fetching user profile...");
|
|
4095
4007
|
const response = await tssClient.get("/api/auth/profile", true);
|
|
4096
4008
|
if (!response.success || !response.data) {
|
|
4097
4009
|
const error = response.error || "Failed to fetch user profile";
|
|
4098
|
-
console.error("[ProfileClient] Failed to fetch profile:", error);
|
|
4099
4010
|
throw new Error(error);
|
|
4100
4011
|
}
|
|
4101
|
-
console.log("[ProfileClient] Profile fetched successfully:", response.data);
|
|
4102
4012
|
return response.data;
|
|
4103
4013
|
}
|
|
4104
4014
|
async function updateUserProfile(updates) {
|
|
4105
|
-
console.log("[ProfileClient] Updating user profile:", updates);
|
|
4106
4015
|
const response = await tssClient.patch("/api/auth/profile", updates, true);
|
|
4107
4016
|
if (!response.success || !response.data) {
|
|
4108
4017
|
const error = response.error || "Failed to update user profile";
|
|
4109
|
-
console.error("[ProfileClient] Failed to update profile:", error);
|
|
4110
4018
|
throw new Error(error);
|
|
4111
4019
|
}
|
|
4112
|
-
console.log("[ProfileClient] Profile updated successfully:", response.data);
|
|
4113
4020
|
return response.data;
|
|
4114
4021
|
}
|
|
4115
4022
|
var init_profile = __esm({
|
|
@@ -5293,10 +5200,7 @@ async function sendUserOperation(session, callTarget, amountWei, innerData = "0x
|
|
|
5293
5200
|
paymasterAndData = `0x${paymasterAddr}${packedPaymasterGasLimits.slice(2)}${paymasterDataClean}`;
|
|
5294
5201
|
}
|
|
5295
5202
|
const packedForHash = { sender: session.smartAccountAddress, nonce: BigInt(nonce2), initCode, callData, accountGasLimits, preVerificationGas: BigInt(userOp.preVerificationGas), gasFees, paymasterAndData, signature: "0x" };
|
|
5296
|
-
console.log("[Account] Computing hash for signing with sender:", session.smartAccountAddress);
|
|
5297
|
-
console.log("[Account] PackedForHash for hash computation:", JSON.stringify(packedForHash, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5298
5203
|
opHash = await publicClient.readContract({ address: entryPointAddress, abi: entryPoint07Abi, functionName: "getUserOpHash", args: [packedForHash] });
|
|
5299
|
-
console.log("[Account] \u{1F511} HASH FOR SIGNING:", opHash);
|
|
5300
5204
|
}
|
|
5301
5205
|
let signature;
|
|
5302
5206
|
if (session.mpcUserId) {
|
|
@@ -5324,10 +5228,8 @@ async function sendUserOperation(session, callTarget, amountWei, innerData = "0x
|
|
|
5324
5228
|
}
|
|
5325
5229
|
userOp.signature = signature;
|
|
5326
5230
|
if (typeof userOp.sender !== "string") {
|
|
5327
|
-
console.error("[Account] CRITICAL ERROR: userOp.sender is not a string!", userOp.sender);
|
|
5328
5231
|
userOp.sender = session.smartAccountAddress;
|
|
5329
5232
|
}
|
|
5330
|
-
console.log("[Account] \u2705 Final UserOp before sending:", JSON.stringify(userOp, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5331
5233
|
return userOp;
|
|
5332
5234
|
};
|
|
5333
5235
|
try {
|
|
@@ -5542,8 +5444,6 @@ async function prepareUserOperation(session, callTarget, amountWei, innerData =
|
|
|
5542
5444
|
if (typeof userOp.sender !== "string") {
|
|
5543
5445
|
userOp.sender = session.smartAccountAddress;
|
|
5544
5446
|
}
|
|
5545
|
-
console.log("[Account] \u2705 Prepared signed UserOp (not sent):", JSON.stringify(userOp, (key, value) => typeof value === "bigint" ? `0x${value.toString(16)}` : value, 2));
|
|
5546
|
-
console.log("[Account] \u{1F511} UserOp Hash:", opHash);
|
|
5547
5447
|
if (entryPointVersion === "v0.6") {
|
|
5548
5448
|
const userOpV06 = convertUserOpV07ToV06(userOp);
|
|
5549
5449
|
return { userOp: userOpV06, userOpHash: opHash };
|
|
@@ -8566,7 +8466,7 @@ function useLumiaPassportLinkedProfiles() {
|
|
|
8566
8466
|
// package.json
|
|
8567
8467
|
var package_default = {
|
|
8568
8468
|
name: "@lumiapassport/ui-kit",
|
|
8569
|
-
version: "1.4.
|
|
8469
|
+
version: "1.4.7",
|
|
8570
8470
|
description: "React UI components and hooks for Lumia Passport authentication and Account Abstraction",
|
|
8571
8471
|
type: "module",
|
|
8572
8472
|
main: "./dist/index.cjs",
|