npm - @lumiapassport/ui-kit - Versions diffs - 1.6.3 → 1.8.0 - Mend

@lumiapassport/ui-kit 1.6.3 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.cjs CHANGED Viewed

@@ -438,6 +438,7 @@ async function beginPasskeyAuthentication(username) {
     {
       method: "POST",
       headers: { "Content-Type": "application/json" },
+      credentials: "include",
       body: JSON.stringify({ username })
     }
   );
@@ -481,6 +482,7 @@ async function completePasskeyAuthentication(challengeId, credential, options) {
     {
       method: "POST",
       headers: { "Content-Type": "application/json" },
+      credentials: "include",
       body: JSON.stringify({ challengeId, credential: credentialData })
     }
   );
@@ -510,6 +512,7 @@ async function beginPasskeyRegistration(username) {
     {
       method: "POST",
       headers: { "Content-Type": "application/json" },
+      credentials: "include",
       body: JSON.stringify({ username })
     }
   );
@@ -553,6 +556,7 @@ async function completePasskeyRegistration(challengeId, credential, options) {
     {
       method: "POST",
       headers: { "Content-Type": "application/json" },
+      credentials: "include",
       body: JSON.stringify({ challengeId, credential: credentialData })
     }
   );
@@ -805,7 +809,7 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
     }
     const transaction = {
       to: userOpDetails?.callTarget || "0x0000000000000000000000000000000000000000",
-      value: "0",
+      value: userOpDetails?.value || "0",
       data: userOpDetails?.callData || "0x",
       digest32,
       // Pre-computed digest - DO NOT recompute!
@@ -831,6 +835,47 @@ async function signDigestWithMpc(userId, digest32, userOpDetails) {
     return null;
   }
 }
+async function signTypedDataWithMpc(userId, digest32, typedData) {
+  const startTime = performance.now();
+  currentSigningStats = {
+    startTime,
+    rounds: []
+  };
+  try {
+    console.log("[signTypedDataWithMpc] Starting EIP712 signature request:", {
+      userId,
+      primaryType: typedData?.primaryType,
+      digest32
+    });
+    const iframeManager = getIframeManager();
+    const { jwtTokenManager: jwtTokenManager3 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
+    const accessToken = jwtTokenManager3.getAccessToken();
+    if (!accessToken) {
+      console.error("[signTypedDataWithMpc] No access token available");
+      throw new Error("No access token available for signing");
+    }
+    console.log("[signTypedDataWithMpc] Calling iframeManager.signTypedData...");
+    const signature = await iframeManager.signTypedData(userId, typedData, digest32, accessToken);
+    console.log("[signTypedDataWithMpc] Signature received:", signature);
+    const endTime = performance.now();
+    currentSigningStats.endTime = endTime;
+    currentSigningStats.totalDurationMs = endTime - startTime;
+    return signature;
+  } catch (error) {
+    console.error("[signTypedDataWithMpc] Error occurred:", error);
+    (0, import_error_tracking.logSdkError)(
+      error instanceof Error ? error : new Error("EIP712 MPC signing failed"),
+      { userId, primaryType: typedData?.primaryType },
+      "iframe-mpc"
+    );
+    const endTime = performance.now();
+    if (currentSigningStats) {
+      currentSigningStats.endTime = endTime;
+      currentSigningStats.totalDurationMs = endTime - startTime;
+    }
+    return null;
+  }
+}
 async function checkKeyshare(userId) {
   try {
     const iframeManager = getIframeManager();
@@ -884,7 +929,9 @@ var init_httpClient = __esm({
         }
         const requestConfig = {
           method,
-          headers: requestHeaders
+          headers: requestHeaders,
+          credentials: "include"
+          // Enable cookies for cross-origin requests
         };
         if (body && method !== "GET") {
           requestConfig.body = typeof body === "string" ? body : JSON.stringify(body);
@@ -1145,7 +1192,8 @@ var init_cloudStorage = __esm({
         const searchResponse = await fetch(
           `https://www.googleapis.com/drive/v3/files?q=name='${folderName}' and mimeType='application/vnd.google-apps.folder' and trashed=false`,
           {
-            headers: { Authorization: `Bearer ${this.accessToken}` }
+            headers: { Authorization: `Bearer ${this.accessToken}` },
+            credentials: "include"
           }
         );
         if (!searchResponse.ok) {
@@ -1161,6 +1209,7 @@ var init_cloudStorage = __esm({
             Authorization: `Bearer ${this.accessToken}`,
             "Content-Type": "application/json"
           },
+          credentials: "include",
           body: JSON.stringify({
             name: folderName,
             mimeType: "application/vnd.google-apps.folder"
@@ -1183,6 +1232,7 @@ var init_cloudStorage = __esm({
             headers: {
               Authorization: `Bearer ${this.accessToken}`
             },
+            credentials: "include",
             body: form
           }
         );
@@ -1266,7 +1316,7 @@ async function getShareVaultToken(scopes) {
 async function getShareRecoveryStats() {
   try {
     const token = await getShareVaultToken(["share:get"]);
-    const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/recovery/stats`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" } });
+    const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/recovery/stats`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" }, credentials: "include" });
     if (response.status === 404) return null;
     if (!response.ok) return null;
     return await response.json();
@@ -1276,26 +1326,26 @@ async function getShareRecoveryStats() {
 }
 async function getShare() {
   const token = await getShareVaultToken(["share:get"]);
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" } });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" }, credentials: "include" });
   if (response.status === 404) return null;
   if (!response.ok) throw new Error(`Failed to fetch share: ${response.status} ${response.statusText}`);
   return await response.json();
 }
 async function uploadShare(share, idempotencyKey) {
   const token = await getShareVaultToken(["share:put"]);
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "PUT", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json", "Idempotency-Key": idempotencyKey }, body: JSON.stringify(share) });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "PUT", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json", "Idempotency-Key": idempotencyKey }, credentials: "include", body: JSON.stringify(share) });
   if (!response.ok) throw new Error(`Failed to upload share: ${response.status} ${response.statusText}`);
   return await response.json();
 }
 async function rewrapShare(payload, idempotencyKey) {
   const token = await getShareVaultToken(["share:rewrap"]);
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/rewrap`, { method: "POST", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json", "Idempotency-Key": idempotencyKey }, body: JSON.stringify(payload) });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/rewrap`, { method: "POST", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json", "Idempotency-Key": idempotencyKey }, credentials: "include", body: JSON.stringify(payload) });
   if (!response.ok) throw new Error(`Failed to rewrap share: ${response.status} ${response.statusText}`);
   return await response.json();
 }
 async function deleteShare() {
   const token = await getShareVaultToken(["share:delete"]);
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "DELETE", headers: { Authorization: `Bearer ${token.token}` } });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "DELETE", headers: { Authorization: `Bearer ${token.token}` }, credentials: "include" });
   if (!response.ok && response.status !== 404) throw new Error(`Failed to delete share: ${response.status} ${response.statusText}`);
 }
 async function deriveKEKFromPasskey(userId, requiredCredentialId) {
@@ -1472,7 +1522,7 @@ function clearBackupStatus(userId) {
 async function checkServerBackupAvailability() {
   try {
     const token = await getShareVaultToken(["share:get"]);
-    const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/recovery/stats`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" } });
+    const response = await fetch(`${getShareVaultUrl()}/v1/shares/me/recovery/stats`, { method: "GET", headers: { Authorization: `Bearer ${token.token}`, "Content-Type": "application/json" }, credentials: "include" });
     if (response.status === 404) return { hasBackup: false, serviceAvailable: true };
     if (!response.ok) return { hasBackup: false, serviceAvailable: false };
     return { hasBackup: true, serviceAvailable: true };
@@ -1482,14 +1532,14 @@ async function checkServerBackupAvailability() {
 }
 async function uploadShareToVault(envelope, token) {
   const idempotencyKey = crypto.randomUUID ? crypto.randomUUID() : `backup-${Date.now()}`;
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "PUT", headers: { "Content-Type": "application/json", Authorization: `Bearer ${token}`, "Idempotency-Key": idempotencyKey }, body: JSON.stringify(envelope) });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "PUT", headers: { "Content-Type": "application/json", Authorization: `Bearer ${token}`, "Idempotency-Key": idempotencyKey }, credentials: "include", body: JSON.stringify(envelope) });
   if (!response.ok) {
     const errorText = await response.text();
     throw new Error(`Failed to upload share: ${response.status} ${response.statusText} - ${errorText}`);
   }
 }
 async function downloadShareFromVault(token) {
-  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "GET", headers: { Authorization: `Bearer ${token}`, "X-Client-Device-Id": "lumia-ui-kit", "X-Client-Device-Name": "Lumia UI Kit" } });
+  const response = await fetch(`${getShareVaultUrl()}/v1/shares/me`, { method: "GET", headers: { Authorization: `Bearer ${token}`, "X-Client-Device-Id": "lumia-ui-kit", "X-Client-Device-Name": "Lumia UI Kit" }, credentials: "include" });
   if (!response.ok) {
     if (response.status === 404) throw new Error("No backup found on server for this user");
     const errorText = await response.text();
@@ -2726,6 +2776,32 @@ var init_iframe_manager = __esm({
         }
         throw new Error("Transaction signing failed");
       }
+      /**
+       * Sign EIP712 typed data
+       */
+      async signTypedData(userId, typedData, digest32, accessToken) {
+        console.log("[IframeManager] signTypedData: Sending SIGN_TYPED_DATA message", {
+          userId,
+          primaryType: typedData.primaryType,
+          digest32
+        });
+        const response = await this.sendMessage("SIGN_TYPED_DATA", {
+          userId,
+          projectId: this.projectId,
+          typedData,
+          digest32,
+          accessToken
+          // Pass access token for TSS API authentication
+        });
+        console.log("[IframeManager] signTypedData: Response received", {
+          type: response.type,
+          hasSignature: !!response.signature
+        });
+        if (response.type === "LUMIA_PASSPORT_EIP712_SIGNATURE") {
+          return response.signature;
+        }
+        throw new Error("EIP712 signing failed");
+      }
       /**
        * Get user's wallet address
        */
@@ -4300,6 +4376,7 @@ var init_AuthModal = __esm({
             headers: {
               "Content-Type": "application/json"
             },
+            credentials: "include",
             body: JSON.stringify({
               email,
               purpose: "login"
@@ -4417,6 +4494,7 @@ var init_AuthModal = __esm({
             headers: {
               "Content-Type": "application/json"
             },
+            credentials: "include",
             body: JSON.stringify({
               email,
               purpose: "login"
@@ -5241,8 +5319,10 @@ async function sendUserOperation(session, callTarget, amountWei, innerData = "0x
         paymaster: userOp.paymaster,
         factory: userOp.factory,
         factoryData: userOp.factoryData,
-        callTarget
+        callTarget,
         // Add callTarget so iframe can display "To" address
+        value: amountWei
+        // Add value so iframe can display transaction amount
       });
       if (!mpcSig) throw new Error("MPC signing failed");
       signature = mpcSig;
@@ -5491,6 +5571,61 @@ async function getEntryPointDeposit(address, entryPointVersion = "v0.7") {
   const depositAbi = [{ type: "function", name: "balanceOf", stateMutability: "view", inputs: [{ name: "account", type: "address" }], outputs: [{ name: "", type: "uint256" }] }];
   return await publicClient.readContract({ address: entryPointAddress, abi: depositAbi, functionName: "balanceOf", args: [address] });
 }
+async function signTypedData(session, params) {
+  const { domain, types, primaryType, message } = params;
+  const digest = (0, import_viem3.hashTypedData)({
+    domain,
+    types,
+    primaryType,
+    message
+  });
+  const serializeForIframe = (obj) => {
+    if (typeof obj === "bigint") {
+      return obj.toString();
+    }
+    if (Array.isArray(obj)) {
+      return obj.map(serializeForIframe);
+    }
+    if (obj !== null && typeof obj === "object") {
+      const result = {};
+      for (const key in obj) {
+        result[key] = serializeForIframe(obj[key]);
+      }
+      return result;
+    }
+    return obj;
+  };
+  let signature;
+  if (session.mpcUserId) {
+    const mpcSig = await signTypedDataWithMpc(
+      session.mpcUserId,
+      digest,
+      {
+        domain: {
+          name: domain.name,
+          version: domain.version,
+          chainId: domain.chainId,
+          verifyingContract: domain.verifyingContract,
+          salt: domain.salt
+        },
+        types,
+        primaryType,
+        message: serializeForIframe(message)
+      }
+    );
+    if (!mpcSig) {
+      throw new Error("MPC signing failed");
+    }
+    signature = mpcSig;
+  } else if (session.ownerPrivateKey) {
+    const account = (0, import_accounts.privateKeyToAccount)(session.ownerPrivateKey);
+    const rawSig = await account.sign({ hash: digest });
+    signature = normalizeSignature(rawSig);
+  } else {
+    throw new Error("No signing method available");
+  }
+  return signature;
+}
 var import_viem3, import_account_abstraction2, import_accounts, import_bundler, import_meta, PAYMASTER_VERIFICATION_GAS_LIMIT, PAYMASTER_POSTOP_GAS_LIMIT, MAX_BUNDLER_VERIFICATION_GAS, PAYMASTER_VERIFICATION_GAS, executeAbi;
 var init_account = __esm({
   "src/internal/clients/account.ts"() {
@@ -5588,6 +5723,7 @@ __export(clients_exports, {
   sendDemoUserOp: () => sendDemoUserOp,
   sendLumiaUserOp: () => sendLumiaUserOp,
   sendUserOperation: () => sendUserOperation,
+  signTypedData: () => signTypedData,
   viemBundlerClient: () => viemBundlerClient
 });
 var init_clients = __esm({
@@ -5620,6 +5756,7 @@ __export(index_exports, {
   prepareUserOperation: () => prepareUserOperation,
   queryClient: () => queryClient,
   sendUserOperation: () => sendUserOperation,
+  signTypedData: () => signTypedData,
   updateUserProfile: () => updateUserProfile,
   useAssets: () => useAssets,
   useLumiaPassportConfig: () => useLumiaPassportConfig,
@@ -7124,7 +7261,7 @@ var TransactionsModal = ({ open, onOpenChange, onBack }) => {
       const explorerUrl = getExplorerUrl();
       const baseUrl = explorerUrl.replace(/\/$/, "");
       const apiUrl = `${baseUrl}/api/v2/addresses/${address}/transactions?items_count=20`;
-      const response = await fetch(apiUrl);
+      const response = await fetch(apiUrl, { credentials: "include" });
       if (!response.ok) {
         throw new Error(`Failed to fetch transactions: ${response.status}`);
       }
@@ -7771,6 +7908,7 @@ var UserOpStatus = ({
     const res = await fetch(getBundlerUrl(), {
       method: "POST",
       headers: { "content-type": "application/json" },
+      credentials: "include",
       body: JSON.stringify(body)
     });
     const json = await res.json();
@@ -8536,7 +8674,7 @@ function useLumiaPassportLinkedProfiles() {
 // package.json
 var package_default = {
   name: "@lumiapassport/ui-kit",
-  version: "1.6.3",
+  version: "1.8.0",
   description: "React UI components and hooks for Lumia Passport authentication and Account Abstraction",
   type: "module",
   main: "./dist/index.cjs",
@@ -9654,7 +9792,7 @@ var TransactionsList = ({
         const baseUrl = explorerUrl.replace(/\/$/, "");
         const apiUrl = `${baseUrl}/api/v2/addresses/${address}/transactions?items_count=${itemsCount}`;
         console.log("[TransactionsList] Fetching from:", apiUrl);
-        const response = await fetch(apiUrl);
+        const response = await fetch(apiUrl, { credentials: "include" });
         if (!response.ok) {
           throw new Error(`Failed to fetch transactions: ${response.status}`);
         }
@@ -9798,6 +9936,7 @@ function useUserOpStatus(options = {}) {
     const res = await fetch(getBundlerUrl(), {
       method: "POST",
       headers: { "content-type": "application/json" },
+      credentials: "include",
       body: JSON.stringify(body)
     });
     const json = await res.json();
@@ -10105,6 +10244,7 @@ function useSmartAccountTransactions() {
   prepareUserOperation,
   queryClient,
   sendUserOperation,
+  signTypedData,
   updateUserProfile,
   useAssets,
   useLumiaPassportConfig,