npm - @luxexchange/sessions - Versions diffs - 1.0.0 - Mend

@luxexchange/sessions 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

package/.depcheckrc +20 -0
package/.eslintrc.js +21 -0
package/README.md +1 -0
package/env.d.ts +12 -0
package/package.json +50 -0
package/project.json +42 -0
package/src/challenge-solvers/createChallengeSolverService.ts +64 -0
package/src/challenge-solvers/createHashcashMockSolver.ts +39 -0
package/src/challenge-solvers/createHashcashSolver.test.ts +385 -0
package/src/challenge-solvers/createHashcashSolver.ts +255 -0
package/src/challenge-solvers/createNoneMockSolver.ts +11 -0
package/src/challenge-solvers/createTurnstileMockSolver.ts +30 -0
package/src/challenge-solvers/createTurnstileSolver.ts +353 -0
package/src/challenge-solvers/hashcash/core.native.ts +34 -0
package/src/challenge-solvers/hashcash/core.test.ts +314 -0
package/src/challenge-solvers/hashcash/core.ts +35 -0
package/src/challenge-solvers/hashcash/core.web.ts +123 -0
package/src/challenge-solvers/hashcash/createWorkerHashcashSolver.test.ts +195 -0
package/src/challenge-solvers/hashcash/createWorkerHashcashSolver.ts +120 -0
package/src/challenge-solvers/hashcash/shared.ts +70 -0
package/src/challenge-solvers/hashcash/worker/createHashcashMultiWorkerChannel.native.ts +22 -0
package/src/challenge-solvers/hashcash/worker/createHashcashMultiWorkerChannel.ts +22 -0
package/src/challenge-solvers/hashcash/worker/createHashcashMultiWorkerChannel.web.ts +212 -0
package/src/challenge-solvers/hashcash/worker/createHashcashWorkerChannel.native.ts +16 -0
package/src/challenge-solvers/hashcash/worker/createHashcashWorkerChannel.ts +16 -0
package/src/challenge-solvers/hashcash/worker/createHashcashWorkerChannel.web.ts +97 -0
package/src/challenge-solvers/hashcash/worker/hashcash.worker.ts +91 -0
package/src/challenge-solvers/hashcash/worker/types.ts +69 -0
package/src/challenge-solvers/turnstileErrors.ts +49 -0
package/src/challenge-solvers/turnstileScriptLoader.ts +325 -0
package/src/challenge-solvers/turnstileSolver.integration.test.ts +331 -0
package/src/challenge-solvers/types.ts +55 -0
package/src/challengeFlow.integration.test.ts +627 -0
package/src/device-id/createDeviceIdService.ts +19 -0
package/src/device-id/types.ts +11 -0
package/src/index.ts +137 -0
package/src/lux-identifier/createLuxIdentifierService.ts +19 -0
package/src/lux-identifier/luxIdentifierQuery.ts +20 -0
package/src/lux-identifier/types.ts +11 -0
package/src/oauth-service/createOAuthService.ts +125 -0
package/src/oauth-service/types.ts +104 -0
package/src/performance/createNoopPerformanceTracker.ts +12 -0
package/src/performance/createPerformanceTracker.ts +43 -0
package/src/performance/index.ts +7 -0
package/src/performance/types.ts +11 -0
package/src/session-initialization/createSessionInitializationService.test.ts +557 -0
package/src/session-initialization/createSessionInitializationService.ts +193 -0
package/src/session-initialization/sessionErrors.ts +32 -0
package/src/session-repository/createSessionClient.ts +10 -0
package/src/session-repository/createSessionRepository.test.ts +313 -0
package/src/session-repository/createSessionRepository.ts +242 -0
package/src/session-repository/errors.ts +22 -0
package/src/session-repository/types.ts +289 -0
package/src/session-service/createNoopSessionService.ts +24 -0
package/src/session-service/createSessionService.test.ts +388 -0
package/src/session-service/createSessionService.ts +61 -0
package/src/session-service/types.ts +59 -0
package/src/session-storage/createSessionStorage.ts +28 -0
package/src/session-storage/types.ts +15 -0
package/src/session.integration.test.ts +480 -0
package/src/sessionLifecycle.integration.test.ts +264 -0
package/src/test-utils/createLocalCookieTransport.ts +52 -0
package/src/test-utils/createLocalHeaderTransport.ts +45 -0
package/src/test-utils/mocks.ts +122 -0
package/src/test-utils.ts +200 -0
package/tsconfig.json +19 -0
package/tsconfig.lint.json +8 -0
package/tsconfig.spec.json +8 -0
package/vitest.config.ts +20 -0
package/vitest.integration.config.ts +14 -0

package/src/challenge-solvers/createHashcashSolver.ts ADDED Viewed

@@ -0,0 +1,255 @@
+import { findProof, type HashcashChallenge } from '@luxexchange/sessions/src/challenge-solvers/hashcash/core'
+import type { HashcashWorkerChannelFactory } from '@luxexchange/sessions/src/challenge-solvers/hashcash/worker/types'
+import type { ChallengeData, ChallengeSolver } from '@luxexchange/sessions/src/challenge-solvers/types'
+import type { PerformanceTracker } from '@luxexchange/sessions/src/performance/types'
+import { z } from 'zod'
+/** Error type for analytics classification */
+type HashcashErrorType = 'validation' | 'no_proof' | 'worker_busy' | 'unknown'
+/** Base class for hashcash errors with typed errorType for reliable analytics classification */
+class HashcashError extends Error {
+  readonly errorType: HashcashErrorType
+  constructor(message: string, errorType: HashcashErrorType) {
+    super(message)
+    this.name = 'HashcashError'
+    this.errorType = errorType
+  }
+}
+/** Validation errors (parsing, missing data, invalid challenge format) */
+class HashcashValidationError extends HashcashError {
+  constructor(message: string) {
+    super(message, 'validation')
+    this.name = 'HashcashValidationError'
+  }
+}
+/** Proof not found within allowed iterations */
+class HashcashNoProofError extends HashcashError {
+  constructor(message: string) {
+    super(message, 'no_proof')
+    this.name = 'HashcashNoProofError'
+  }
+}
+/** Worker is busy processing another request */
+class HashcashWorkerBusyError extends HashcashError {
+  constructor(message: string) {
+    super(message, 'worker_busy')
+    this.name = 'HashcashWorkerBusyError'
+  }
+}
+/**
+ * Analytics data for Hashcash solve attempts.
+ * Reported via onSolveCompleted callback.
+ */
+interface HashcashSolveAnalytics {
+  durationMs: number
+  success: boolean
+  errorType?: 'validation' | 'no_proof' | 'worker_busy' | 'unknown'
+  errorMessage?: string
+  /** The difficulty level of the challenge (number of leading zero bytes) */
+  difficulty: number
+  /** Number of hash iterations to find proof (undefined on failure) */
+  iterationCount?: number
+  /** Whether the worker was used for proof computation */
+  usedWorker: boolean
+}
+/**
+ * Context for creating a hashcash solver.
+ */
+interface CreateHashcashSolverContext {
+  /**
+   * Required: Performance tracker for timing measurements.
+   * Must be injected - no implicit dependency on globalThis.performance.
+   */
+  performanceTracker: PerformanceTracker
+  /**
+   * Factory function to create a worker channel.
+   * If provided, proof-of-work runs in a Web Worker (non-blocking).
+   * If not provided, falls back to main-thread execution (blocking).
+   */
+  getWorkerChannel?: HashcashWorkerChannelFactory
+  /**
+   * Callback for analytics when solve completes (success or failure)
+   */
+  onSolveCompleted?: (data: HashcashSolveAnalytics) => void
+}
+// Zod schema for hashcash challenge validation
+const HashcashChallengeSchema = z.object({
+  difficulty: z.number().int().nonnegative(),
+  subject: z.string().min(1),
+  algorithm: z.literal('sha256'),
+  nonce: z.string().min(1),
+  max_proof_length: z.number().int().positive().default(1000000),
+  verifier: z.string().optional(),
+})
+/**
+ * Parses and validates hashcash challenge data from the backend.
+ * @param challengeDataStr - JSON string containing challenge data
+ * @returns Parsed and validated HashcashChallenge
+ * @throws {Error} If challenge data is invalid or missing required fields
+ */
+function parseHashcashChallenge(challengeDataStr: string): HashcashChallenge {
+  let parsedData: unknown
+  try {
+    parsedData = JSON.parse(challengeDataStr)
+  } catch (error) {
+    throw new HashcashValidationError(`Failed to parse challenge JSON: ${error}`)
+  }
+  // Validate with Zod
+  const result = HashcashChallengeSchema.safeParse(parsedData)
+  if (!result.success) {
+    // Get unique field paths from errors
+    const fieldPaths = new Set(
+      result.error.issues.filter((issue) => issue.path.length > 0).map((issue) => issue.path[0]),
+    )
+    if (fieldPaths.size === 1) {
+      // Single field-specific error
+      const fieldName = String(Array.from(fieldPaths)[0])
+      throw new HashcashValidationError(`Invalid challenge data: ${fieldName}`)
+    }
+    // General validation error (multiple fields or form-level errors)
+    throw new HashcashValidationError('Invalid challenge data')
+  }
+  return result.data
+}
+/**
+ * Classifies error into analytics error type.
+ * Uses instanceof checks for typed errors (preferred), with string matching fallback for external errors.
+ */
+function classifyError(error: unknown): HashcashSolveAnalytics['errorType'] {
+  // Prefer typed error classification via instanceof
+  if (error instanceof HashcashError) {
+    return error.errorType
+  }
+  // Fallback to string matching for external or legacy errors
+  if (error instanceof Error) {
+    if (error.message.includes('parse') || error.message.includes('Invalid challenge')) {
+      return 'validation'
+    }
+    if (error.message.includes('Missing challengeData')) {
+      return 'validation'
+    }
+    if (error.message.includes('Failed to find valid proof')) {
+      return 'no_proof'
+    }
+    if (error.message.includes('busy')) {
+      return 'worker_busy'
+    }
+  }
+  return 'unknown'
+}
+/**
+ * Creates a real hashcash challenge solver that performs proof-of-work
+ * to solve hashcash challenges from the backend.
+ *
+ * @param ctx - Required context with performanceTracker and optional getWorkerChannel
+ */
+function createHashcashSolver(ctx: CreateHashcashSolverContext): ChallengeSolver {
+  const usedWorker = !!ctx.getWorkerChannel
+  async function solve(challengeData: ChallengeData): Promise<string> {
+    const startTime = ctx.performanceTracker.now()
+    let difficulty = 0 // Default, will be updated after parsing
+    try {
+      let challenge: HashcashChallenge
+      // Prefer typed challengeData over legacy extra field
+      if (challengeData.challengeData?.case === 'hashcash') {
+        const typed = challengeData.challengeData.value
+        challenge = {
+          difficulty: typed.difficulty,
+          subject: typed.subject,
+          algorithm: typed.algorithm as 'sha256',
+          nonce: typed.nonce,
+          max_proof_length: typed.maxProofLength,
+          verifier: typed.verifier,
+        }
+      } else {
+        // Fallback to legacy extra field
+        const challengeDataStr = challengeData.extra?.['challengeData']
+        if (!challengeDataStr) {
+          throw new HashcashValidationError('Missing challengeData in challenge extra field')
+        }
+        challenge = parseHashcashChallenge(challengeDataStr)
+      }
+      difficulty = challenge.difficulty
+      const findProofParams = {
+        challenge,
+        rangeStart: 0,
+        rangeSize: challenge.max_proof_length,
+      }
+      // Use worker if provided, otherwise fall back to main thread
+      let proof
+      if (ctx.getWorkerChannel) {
+        const workerChannel = ctx.getWorkerChannel()
+        try {
+          proof = await workerChannel.api.findProof(findProofParams)
+        } finally {
+          workerChannel.terminate()
+        }
+      } else {
+        // Fallback to main-thread execution (still async for Web Crypto)
+        proof = await findProof(findProofParams)
+      }
+      if (!proof) {
+        throw new HashcashNoProofError(
+          `Failed to find valid proof within allowed range (0-${challenge.max_proof_length}). ` +
+            'Challenge may have expired or difficulty may be too high.',
+        )
+      }
+      // Report success
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: true,
+        difficulty,
+        iterationCount: proof.attempts,
+        usedWorker,
+      })
+      // Return the solution in the format expected by backend: "${subject}:${nonce}:${counter}"
+      return `${challenge.subject}:${challenge.nonce}:${proof.counter}`
+    } catch (error) {
+      // Report failure
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: false,
+        errorType: classifyError(error),
+        errorMessage: error instanceof Error ? error.message : String(error),
+        difficulty,
+        usedWorker,
+      })
+      throw error
+    }
+  }
+  return { solve }
+}
+export {
+  createHashcashSolver,
+  parseHashcashChallenge,
+  HashcashError,
+  HashcashValidationError,
+  HashcashNoProofError,
+  HashcashWorkerBusyError,
+}
+export type { HashcashSolveAnalytics, CreateHashcashSolverContext }

package/src/challenge-solvers/createNoneMockSolver.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import type { ChallengeData, ChallengeSolver } from '@luxfi/sessions/src/challenge-solvers/types'
+function createNoneMockSolver(): ChallengeSolver {
+  async function solve(_challengeData: ChallengeData): Promise<string> {
+    return ''
+  }
+  return { solve }
+}
+export { createNoneMockSolver }

package/src/challenge-solvers/createTurnstileMockSolver.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import type { ChallengeData, ChallengeSolver } from '@luxfi/sessions/src/challenge-solvers/types'
+import { sleep } from '@luxfi/utilities/src/time/timing'
+/**
+ * Creates a mock Turnstile challenge solver for development/testing
+ *
+ * In production, this would integrate with Cloudflare Turnstile:
+ * - Load Turnstile script
+ * - Render widget with sitekey from challengeData.extra
+ * - Return actual token from Turnstile API
+ */
+function createTurnstileMockSolver(): ChallengeSolver {
+  async function solve(challengeData: ChallengeData): Promise<string> {
+    // Simulate widget render delay
+    await sleep(300)
+    // Simulate challenge solving time (random between 200-500ms)
+    const solvingTime = 200 + Math.random() * 300
+    await sleep(solvingTime)
+    // Return mock Turnstile token
+    const timestamp = Date.now()
+    const challengeIdPrefix = challengeData.challengeId.slice(0, 8)
+    return `mock_turnstile_token_${timestamp}_${challengeIdPrefix}`
+  }
+  return { solve }
+}
+export { createTurnstileMockSolver }

package/src/challenge-solvers/createTurnstileSolver.ts ADDED Viewed

@@ -0,0 +1,353 @@
+import {
+  TurnstileApiNotAvailableError,
+  TurnstileError,
+  TurnstileScriptLoadError,
+  TurnstileTimeoutError,
+  TurnstileTokenExpiredError,
+} from '@luxexchange/sessions/src/challenge-solvers/turnstileErrors'
+import { ensureTurnstileScript } from '@luxexchange/sessions/src/challenge-solvers/turnstileScriptLoader'
+import type {
+  ChallengeData,
+  ChallengeSolver,
+  TurnstileScriptOptions,
+} from '@luxexchange/sessions/src/challenge-solvers/types'
+import type { PerformanceTracker } from '@luxexchange/sessions/src/performance/types'
+import type { Logger } from '@luxfi/utilities/src/logger/logger'
+/**
+ * Analytics data for Turnstile solve attempts.
+ * Reported via onSolveCompleted callback.
+ */
+interface TurnstileSolveAnalytics {
+  durationMs: number
+  success: boolean
+  errorType?: 'timeout' | 'script_load' | 'network' | 'validation' | 'unknown'
+  errorMessage?: string
+}
+// Declare Turnstile types inline to avoid import issues
+interface TurnstileWidget {
+  render: (container: string | HTMLElement, options: TurnstileOptions) => string
+  remove: (widgetId: string) => void
+  reset: (widgetId: string) => void
+  getResponse: (widgetId: string) => string | undefined
+  ready: (callback: () => void) => void
+}
+interface TurnstileOptions {
+  sitekey: string
+  action?: string
+  theme?: 'light' | 'dark' | 'auto'
+  size?: 'normal' | 'compact' | 'flexible'
+  callback?: (token: string) => void
+  'error-callback'?: (error: string) => void
+  'expired-callback'?: () => void
+}
+// Extend the Window interface to include turnstile
+declare global {
+  interface Window {
+    turnstile?: TurnstileWidget
+  }
+}
+interface CreateTurnstileSolverContext {
+  /**
+   * Required: Performance tracker for timing measurements.
+   * Must be injected - no implicit dependency on globalThis.performance.
+   */
+  performanceTracker: PerformanceTracker
+  /**
+   * Optional logger for debugging
+   */
+  getLogger?: () => Logger
+  /**
+   * Optional script injection options for CSP compliance
+   */
+  scriptOptions?: TurnstileScriptOptions
+  /**
+   * Widget rendering timeout in milliseconds
+   * @default 30000
+   */
+  timeoutMs?: number
+  /**
+   * Callback for analytics when solve completes (success or failure)
+   */
+  onSolveCompleted?: (data: TurnstileSolveAnalytics) => void
+}
+/**
+ * Classifies error into analytics error type
+ */
+function classifyError(error: unknown): TurnstileSolveAnalytics['errorType'] {
+  if (error instanceof TurnstileTimeoutError || error instanceof TurnstileTokenExpiredError) {
+    return 'timeout'
+  }
+  if (error instanceof TurnstileScriptLoadError || error instanceof TurnstileApiNotAvailableError) {
+    return 'script_load'
+  }
+  if (error instanceof TurnstileError) {
+    return 'network'
+  }
+  if (error instanceof Error && error.message.includes('parse')) {
+    return 'validation'
+  }
+  if (error instanceof Error && error.message.includes('Missing')) {
+    return 'validation'
+  }
+  return 'unknown'
+}
+/**
+ * Creates a Turnstile challenge solver.
+ *
+ * This integrates with Cloudflare Turnstile using explicit rendering:
+ * - Dynamically loads Turnstile script if not present (with state management)
+ * - Creates a temporary DOM container
+ * - Renders widget with sitekey and action from challengeData.extra
+ * - Returns the verification token from Turnstile API
+ *
+ * Features:
+ * - Separation of concerns: Script loading separated from widget rendering
+ * - Dependency injection: Logger and script options injected via context
+ * - Contract-based design: Implements ChallengeSolver interface
+ * - Factory pattern: Returns solver instance, not component
+ */
+function createTurnstileSolver(ctx: CreateTurnstileSolverContext): ChallengeSolver {
+  async function solve(challengeData: ChallengeData): Promise<string> {
+    const startTime = ctx.performanceTracker.now()
+    ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Solving Turnstile challenge', { challengeData })
+    // Extract challenge data — prefer typed challengeData over legacy extra field
+    let siteKey: string
+    let action: string | undefined
+    if (challengeData.challengeData?.case === 'turnstile') {
+      siteKey = challengeData.challengeData.value.siteKey
+      action = challengeData.challengeData.value.action
+    } else {
+      // Fallback to legacy extra field
+      const challengeDataStr = challengeData.extra?.['challengeData']
+      if (!challengeDataStr) {
+        const error = new Error('Missing challengeData in challenge extra')
+        ctx.onSolveCompleted?.({
+          durationMs: ctx.performanceTracker.now() - startTime,
+          success: false,
+          errorType: 'validation',
+          errorMessage: error.message,
+        })
+        throw error
+      }
+      let parsedData: { siteKey: string; action: string }
+      try {
+        parsedData = JSON.parse(challengeDataStr)
+      } catch (error) {
+        const parseError = new Error('Failed to parse challengeData', { cause: error })
+        ctx.onSolveCompleted?.({
+          durationMs: ctx.performanceTracker.now() - startTime,
+          success: false,
+          errorType: 'validation',
+          errorMessage: parseError.message,
+        })
+        throw parseError
+      }
+      siteKey = parsedData.siteKey
+      action = parsedData.action
+    }
+    if (!siteKey) {
+      const error = new Error('Missing siteKey in challengeData')
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: false,
+        errorType: 'validation',
+        errorMessage: error.message,
+      })
+      throw error
+    }
+    ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Parsed challengeData', { siteKey, action })
+    await ensureTurnstileScript(ctx.scriptOptions)
+    ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Turnstile script loaded')
+    // Verify Turnstile API is available
+    if (!window.turnstile) {
+      const error = new TurnstileApiNotAvailableError()
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: false,
+        errorType: 'script_load',
+        errorMessage: error.message,
+      })
+      throw error
+    }
+    // Create temporary container for the widget
+    const containerId = `turnstile-${challengeData.challengeId}`
+    const container = document.createElement('div')
+    container.id = containerId
+    container.style.position = 'fixed'
+    container.style.top = '-9999px' // Hide off-screen
+    container.style.left = '-9999px'
+    container.setAttribute('aria-hidden', 'true') // Accessibility
+    document.body.appendChild(container)
+    const timeoutMs = ctx.timeoutMs ?? 30000
+    const cleanupState = {
+      timeoutId: null as ReturnType<typeof setTimeout> | null,
+      widgetId: null as string | null,
+    }
+    try {
+      // Wait for Turnstile to be ready and render widget
+      const token = await new Promise<string>((resolve, reject) => {
+        // Set up timeout with proper cleanup
+        cleanupState.timeoutId = setTimeout(() => {
+          if (cleanupState.widgetId && window.turnstile) {
+            try {
+              window.turnstile.remove(cleanupState.widgetId)
+            } catch {
+              // Ignore cleanup errors
+            }
+          }
+          reject(new TurnstileTimeoutError(timeoutMs))
+        }, timeoutMs)
+        // Helper function to render the widget
+        const renderWidget = (): void => {
+          if (!window.turnstile) {
+            reject(new TurnstileApiNotAvailableError())
+            return
+          }
+          try {
+            cleanupState.widgetId = window.turnstile.render(container, {
+              sitekey: siteKey,
+              action,
+              theme: 'light',
+              size: 'normal',
+              callback: (tokenValue: string) => {
+                if (cleanupState.timeoutId) {
+                  clearTimeout(cleanupState.timeoutId)
+                  cleanupState.timeoutId = null
+                }
+                ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Turnstile token resolved', {
+                  tokenValue,
+                })
+                resolve(tokenValue)
+              },
+              'error-callback': (error: string) => {
+                if (cleanupState.timeoutId) {
+                  clearTimeout(cleanupState.timeoutId)
+                  cleanupState.timeoutId = null
+                }
+                ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Turnstile error', { error })
+                reject(new TurnstileError(error))
+              },
+              'expired-callback': () => {
+                if (cleanupState.timeoutId) {
+                  clearTimeout(cleanupState.timeoutId)
+                  cleanupState.timeoutId = null
+                }
+                ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Turnstile token expired')
+                reject(new TurnstileTokenExpiredError())
+              },
+            })
+            ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'Turnstile widget rendered', {
+              widgetId: cleanupState.widgetId,
+            })
+          } catch (error) {
+            if (cleanupState.timeoutId) {
+              clearTimeout(cleanupState.timeoutId)
+              cleanupState.timeoutId = null
+            }
+            ctx.getLogger?.().error(error, {
+              tags: {
+                file: 'createTurnstileSolver.ts',
+                function: 'solve',
+              },
+            })
+            reject(
+              new TurnstileError(`Failed to render widget: ${error instanceof Error ? error.message : String(error)}`),
+            )
+          }
+        }
+        if (!window.turnstile) {
+          reject(new TurnstileApiNotAvailableError())
+          return
+        }
+        try {
+          window.turnstile.ready(() => {
+            renderWidget()
+          })
+        } catch (error) {
+          // Fallback: render directly if ready() throws
+          ctx.getLogger?.().debug('createTurnstileSolver', 'solve', 'turnstile.ready() failed, rendering directly', {
+            error: error instanceof Error ? error.message : String(error),
+          })
+          renderWidget()
+        }
+      })
+      // Report success
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: true,
+      })
+      return token
+    } catch (error) {
+      // Report failure
+      ctx.onSolveCompleted?.({
+        durationMs: ctx.performanceTracker.now() - startTime,
+        success: false,
+        errorType: classifyError(error),
+        errorMessage: error instanceof Error ? error.message : String(error),
+      })
+      ctx.getLogger?.().error(error, {
+        tags: {
+          file: 'createTurnstileSolver.ts',
+          function: 'solve',
+        },
+      })
+      throw error
+    } finally {
+      // Clean up timeout
+      if (cleanupState.timeoutId) {
+        clearTimeout(cleanupState.timeoutId)
+      }
+      // Clean up widget if it was created
+      // widgetId only exists if turnstile was successfully loaded and rendered
+      if (cleanupState.widgetId) {
+        try {
+          // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
+          if (window.turnstile) {
+            window.turnstile.remove(cleanupState.widgetId)
+          }
+        } catch {
+          // Ignore cleanup errors
+        }
+      }
+      // Clean up container
+      if (container.parentNode) {
+        container.parentNode.removeChild(container)
+      }
+    }
+  }
+  return { solve }
+}
+export { createTurnstileSolver }
+export type { CreateTurnstileSolverContext, TurnstileSolveAnalytics }

package/src/challenge-solvers/hashcash/core.native.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Native stub for hashcash core functions.
+ *
+ * Mobile does not use this file - it uses native Nitro modules
+ * (hashcash-native package) which bypass the JS hashcash implementation entirely.
+ *
+ * @see packages/hashcash-native for the native implementation
+ */
+import { NotImplementedError } from '@luxfi/utilities/src/errors'
+export type { HashcashChallenge, ProofResult } from '@luxexchange/sessions/src/challenge-solvers/hashcash/shared'
+// Re-export shared types and platform-agnostic functions
+export { checkDifficulty, formatHashcashString } from '@luxexchange/sessions/src/challenge-solvers/hashcash/shared'
+import type { HashcashChallenge, ProofResult } from '@luxexchange/sessions/src/challenge-solvers/hashcash/shared'
+export async function computeHash(_params: { subject: string; nonce: string; counter: number }): Promise<Uint8Array> {
+  throw new NotImplementedError('computeHash - mobile uses native Nitro modules')
+}
+export async function findProof(_params: {
+  challenge: HashcashChallenge
+  rangeStart?: number
+  rangeSize?: number
+  shouldStop?: () => boolean
+  batchSize?: number
+}): Promise<ProofResult | null> {
+  throw new NotImplementedError('findProof - mobile uses native Nitro modules')
+}
+export async function verifyProof(_challenge: HashcashChallenge, _proofCounter: string): Promise<boolean> {
+  throw new NotImplementedError('verifyProof - mobile uses native Nitro modules')
+}