@mocanetwork/airkit-connector 1.9.0-beta.2 → 1.10.0

package/dist/airkitConnector.cjs.js

@@ -94,7 +94,7 @@ typeof SuppressedError === "function" ? SuppressedError : function (error, suppr
   var e = new Error(message);
   return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 };
-var version$2 = "1.9.0-beta.2";
+var version$2 = "1.10.0";
 var airkitPackage = {
   version: version$2
 };
@@ -134,10 +134,23 @@ const AirAuthMessageTypes = {
   LOGOUT_RESPONSE: "air_auth_logout_response",
   START_RECOVERY_REQUEST: "air_start_recovery_request",
   START_RECOVERY_RESPONSE: "air_start_recovery_response",
+  // Dashboard intent posted by recovery-frontend's RecoveryEntryView when
+  // the user picks an action. Distinct from START_RECOVERY_REQUEST so that
+  // when auth-frontend forwards the actual START_RECOVERY_REQUEST onto the
+  // shared recovery channel, the local echo doesn't loop back into
+  // auth-frontend's own recovery-channel subscription.
+  START_RECOVERY_DASHBOARD_REQUEST: "air_start_recovery_dashboard_request",
   RECOVERY_REQUEST: "air_auth_recovery_request",
   RECOVERY_RESPONSE: "air_auth_recovery_response",
-  ISSUE_ON_BEHALF_NEW_USER_CONFIRMATION_REQUEST: "air_auth_issue_on_behalf_new_user_confirmation_request",
-  ISSUE_ON_BEHALF_NEW_USER_CONFIRMATION_RESPONSE: "air_auth_issue_on_behalf_new_user_confirmation_response",
+  // Mid-flow signing RPCs for the RECOVER_ACCOUNT flow. The recovery
+  // private key never leaves recovery-frontend; auth-frontend asks for
+  // a signature each time it needs one (after collecting the new email
+  // for the canonical reset payload, and after the backend returns the
+  // Privy authorization payload to wallet-PATCH).
+  RECOVER_ACCOUNT_RESET_SIGNATURE_REQUEST: "air_auth_recover_account_reset_signature_request",
+  RECOVER_ACCOUNT_RESET_SIGNATURE_RESPONSE: "air_auth_recover_account_reset_signature_response",
+  RECOVER_ACCOUNT_AUTHORIZATION_SIGNATURE_REQUEST: "air_auth_recover_account_authorization_signature_request",
+  RECOVER_ACCOUNT_AUTHORIZATION_SIGNATURE_RESPONSE: "air_auth_recover_account_authorization_signature_response",
   REMOVE_SIGNER_SIGNATURE_REQUEST: "air_auth_remove_signer_signature_request",
   REMOVE_SIGNER_SIGNATURE_RESPONSE: "air_auth_remove_signer_signature_response",
   RESET_WALLET_REQUEST: "air_auth_reset_wallet_request",
@@ -172,6 +185,12 @@ const AirRecoveryMessageTypes = {
   RECOVERY_IFRAME_VISIBILITY_REQUEST: "air_recovery_iframe_visibility_request",
   UPDATE_SESSION_CONFIG_REQUEST: "air_recovery_update_session_config_request",
   UPDATE_SESSION_CONFIG_RESPONSE: "air_recovery_update_session_config_response",
+  GET_AGENT_KEYS_REQUEST: "air_recovery_get_agent_keys_request",
+  GET_AGENT_KEYS_RESPONSE: "air_recovery_get_agent_keys_response",
+  REGISTER_AGENT_KEY_REQUEST: "air_recovery_register_agent_key_request",
+  REGISTER_AGENT_KEY_RESPONSE: "air_recovery_register_agent_key_response",
+  REMOVE_AGENT_KEY_REQUEST: "air_recovery_remove_agent_key_request",
+  REMOVE_AGENT_KEY_RESPONSE: "air_recovery_remove_agent_key_response",
   LOGOUT_REQUEST: "air_recovery_logout_request",
   LOGOUT_RESPONSE: "air_recovery_logout_response"
 };
@@ -610,11 +629,11 @@ const BUILD_ENV = {
 const IFRAME_NAME_PREFIX_SET = ["air-wallet", "air-credential", "air-auth", "air-recovery"]; // order defines the z-index from highest to lowest
 
 const FONT_CDNS = ["https://fonts.googleapis.com", "https://fonts.gstatic.com"];
-const SANDBOX_TESTNET_URLS = {
-  authUrl: "https://account.sandbox-testnet.air3.com/auth/",
-  walletUrl: "https://account.sandbox-testnet.air3.com/wallet/",
-  recoveryUrl: "https://account.sandbox-testnet.air3.com/recovery/",
-  credentialUrl: "https://account.sandbox-testnet.air3.com/credential/"
+const PRODUCTION_MAINNET_URLS = {
+  authUrl: "https://account-mainnet.air3.com/auth/",
+  walletUrl: "https://account-mainnet.air3.com/wallet/",
+  recoveryUrl: "https://account-mainnet.air3.com/recovery/",
+  credentialUrl: "https://account-mainnet.air3.com/credential/"
 };
 const AIR_URLS = {
   [BUILD_ENV.DEVELOPMENT]: {
@@ -636,10 +655,10 @@ const AIR_URLS = {
     credentialUrl: "https://account.uat.air3.com/credential/"
   },
   [BUILD_ENV.SANDBOX]: {
-    authUrl: "https://account.sandbox.air3.com/auth/",
-    walletUrl: "https://account.sandbox.air3.com/wallet/",
-    recoveryUrl: "https://account.sandbox.air3.com/recovery/",
-    credentialUrl: "https://account.sandbox.air3.com/credential/"
+    authUrl: "https://account.sandbox-testnet.air3.com/auth/",
+    walletUrl: "https://account.sandbox-testnet.air3.com/wallet/",
+    recoveryUrl: "https://account.sandbox-testnet.air3.com/recovery/",
+    credentialUrl: "https://account.sandbox-testnet.air3.com/credential/"
   },
   [BUILD_ENV.PRODUCTION]: {
     authUrl: "https://account.air3.com/auth/",
@@ -649,8 +668,8 @@ const AIR_URLS = {
   }
 };
 const getAirUrls = (buildEnv, credentialNetwork) => {
-  if (buildEnv === BUILD_ENV.SANDBOX && credentialNetwork === "testnet") {
-    return SANDBOX_TESTNET_URLS;
+  if (buildEnv === BUILD_ENV.PRODUCTION && credentialNetwork === "mainnet") {
+    return PRODUCTION_MAINNET_URLS;
   }
   return AIR_URLS[buildEnv];
 };
@@ -1529,6 +1548,41 @@ var AnonymousSubject = function (_super) {
   };
   return AnonymousSubject;
 }(Subject);
+var BehaviorSubject = function (_super) {
+  __extends(BehaviorSubject, _super);
+  function BehaviorSubject(_value) {
+    var _this = _super.call(this) || this;
+    _this._value = _value;
+    return _this;
+  }
+  Object.defineProperty(BehaviorSubject.prototype, "value", {
+    get: function () {
+      return this.getValue();
+    },
+    enumerable: false,
+    configurable: true
+  });
+  BehaviorSubject.prototype._subscribe = function (subscriber) {
+    var subscription = _super.prototype._subscribe.call(this, subscriber);
+    !subscription.closed && subscriber.next(this._value);
+    return subscription;
+  };
+  BehaviorSubject.prototype.getValue = function () {
+    var _a = this,
+      hasError = _a.hasError,
+      thrownError = _a.thrownError,
+      _value = _a._value;
+    if (hasError) {
+      throw thrownError;
+    }
+    this._throwIfClosed();
+    return _value;
+  };
+  BehaviorSubject.prototype.next = function (value) {
+    _super.prototype.next.call(this, this._value = value);
+  };
+  return BehaviorSubject;
+}(Subject);
 var EmptyError = createErrorClass(function (_super) {
   return function EmptyErrorImpl() {
     _super(this);
@@ -1605,6 +1659,8 @@ var PartnerAccessTokenErrorName;
 (function (PartnerAccessTokenErrorName) {
   PartnerAccessTokenErrorName["PARTNER_ACCESS_TOKEN_INVALID"] = "PARTNER_ACCESS_TOKEN_INVALID";
   PartnerAccessTokenErrorName["USER_MISMATCH"] = "USER_MISMATCH";
+  /** dApp-supplied partner JWT is past its `exp` — SDK consumers should mint a fresh one. */
+  PartnerAccessTokenErrorName["PARTNER_TOKEN_EXPIRED"] = "PARTNER_TOKEN_EXPIRED";
 })(PartnerAccessTokenErrorName || (PartnerAccessTokenErrorName = {}));
 /*** Realm ID Errors ***/
 var RealmIDErrorName;
@@ -1675,6 +1731,12 @@ var PrivyErrorName;
 (function (PrivyErrorName) {
   PrivyErrorName["WALLET_PROVIDER_ERROR"] = "WALLET_PROVIDER_ERROR";
 })(PrivyErrorName || (PrivyErrorName = {}));
+/*** Recovery Errors ***/
+var RecoveryErrorName;
+(function (RecoveryErrorName) {
+  RecoveryErrorName["RECOVERY_NOT_CONFIGURED"] = "RECOVERY_NOT_CONFIGURED";
+  RecoveryErrorName["RECOVERY_LOCK_EXCEEDED"] = "RECOVERY_LOCK_EXCEEDED";
+})(RecoveryErrorName || (RecoveryErrorName = {}));
 /*** Air ID Errors ***/
 var AirIDErrorName;
 (function (AirIDErrorName) {
@@ -1694,6 +1756,13 @@ var AirIDErrorName;
   AirIDErrorName["AIR_ID_INVALID_MINT_NAME"] = "AIR_ID_INVALID_MINT_NAME";
   AirIDErrorName["AIR_ID_MINT_TRANSACTION_HASH_MISMATCH"] = "AIR_ID_MINT_TRANSACTION_HASH_MISMATCH";
 })(AirIDErrorName || (AirIDErrorName = {}));
+/*** Agent Errors ***/
+var AgentErrorName;
+(function (AgentErrorName) {
+  AgentErrorName["CONFLICT_REQUEST"] = "CONFLICT_REQUEST";
+  AgentErrorName["INVALID_PARAMETER"] = "INVALID_PARAMETER";
+  AgentErrorName["WALLET_PROVIDER_ERROR"] = "WALLET_PROVIDER_ERROR";
+})(AgentErrorName || (AgentErrorName = {}));
 /*** Window Errors ***/
 var WindowErrorName;
 (function (WindowErrorName) {
@@ -1712,10 +1781,12 @@ const Codes = {
   ...WalletLinkErrorName,
   ...IntentErrorName,
   ...PrivyErrorName,
+  ...RecoveryErrorName,
   ...AirIDErrorName,
-  ...WindowErrorName
+  ...WindowErrorName,
+  ...AgentErrorName
 };
-const AirClientUserErrors = ["USER_CANCELLED", "CONFIG_ERROR", "CLIENT_ERROR", "UNKNOWN_ERROR", "PERMISSION_NOT_ENABLED", "SMART_ACCOUNT_NOT_DEPLOYED", "ACCOUNT_DELETION_PENDING", "SWAP_TO_ONRAMP", "USER_REJECTED"];
+const AirClientUserErrors = ["USER_CANCELLED", "CONFIG_ERROR", "CLIENT_ERROR", "UNKNOWN_ERROR", "PERMISSION_NOT_ENABLED", "SMART_ACCOUNT_NOT_DEPLOYED", "ACCOUNT_DELETION_PENDING", "SWAP_TO_ONRAMP", "USER_REJECTED", "START_PIN_RECOVERY"];
 class AirError extends BaseError$2 {}
 new Set(AirClientUserErrors);
 new Set(Object.values(Codes));
@@ -1728,12 +1799,18 @@ class MessageServiceBase {
     return this._messages$;
   }
   get isOpen() {
-    return !!this.closeListener;
+    return this._isOpen$.value;
+  }
+  async waitUntilOpen() {
+    if (this.isOpen) return;
+    await firstValueFrom(this._isOpen$.pipe(filter(Boolean)));
   }
   constructor(name, allowedMessageTypes) {
     this.name = name;
     this.allowedMessageTypes = allowedMessageTypes;
     this.closeListener = null;
+    this._isOpen$ = new BehaviorSubject(false);
+    this.isOpen$ = this._isOpen$.asObservable();
   }
   static _getName(name, targetName) {
     return `${name} Service: ${targetName} Channel`;
@@ -1776,6 +1853,7 @@ class MessageServiceBase {
         window.removeEventListener("message", handleMessage);
       };
     }
+    this._isOpen$.next(true);
   }
   isMessageAllowed(message) {
     return this.allowedMessageTypes.includes(message.type);
@@ -1792,6 +1870,7 @@ class MessageServiceBase {
     if (this.eventSubject && !this.eventSubject.closed) {
       this.eventSubject.complete();
     }
+    if (this._isOpen$.value) this._isOpen$.next(false);
   }
   createErrorResponseMessage(type, error) {
     return {
@@ -1866,7 +1945,7 @@ _a$4 = ProviderMessageService;
 _ProviderMessageService_instance = {
   value: void 0
 };
-var _AirWalletProvider_instances, _AirWalletProvider_providerMessageService, _AirWalletProvider_isWalletInitialized, _AirWalletProvider_getLoginResult, _AirWalletProvider_ensureWallet, _AirWalletProvider_eventListeners, _AirWalletProvider_emit;
+var _AirWalletProvider_instances, _AirWalletProvider_providerMessageService, _AirWalletProvider_isWalletInitialized, _AirWalletProvider_getLoginResult, _AirWalletProvider_ensureWallet, _AirWalletProvider_eventListeners, _AirWalletProvider_currentChainId, _AirWalletProvider_emit, _AirWalletProvider_getAddressForCurrentChain, _AirWalletProvider_parseChainId;
 class AirWalletProvider {
   constructor({
     ensureWallet,
@@ -1879,9 +1958,16 @@ class AirWalletProvider {
     _AirWalletProvider_getLoginResult.set(this, void 0);
     _AirWalletProvider_ensureWallet.set(this, void 0);
     _AirWalletProvider_eventListeners.set(this, void 0);
+    _AirWalletProvider_currentChainId.set(this, null);
     this.startEventMessageListening = async walletIframe => {
       await __classPrivateFieldGet$1(this, _AirWalletProvider_providerMessageService, "f").open(walletIframe);
       __classPrivateFieldGet$1(this, _AirWalletProvider_providerMessageService, "f").messages$.pipe(filter(msg => msg.type === AirWalletProviderMessageTypes.EVENT)).subscribe(message => {
+        if (message.payload.event === "chainChanged") {
+          const parsedChainId = __classPrivateFieldGet$1(this, _AirWalletProvider_instances, "m", _AirWalletProvider_parseChainId).call(this, message.payload.data);
+          if (parsedChainId !== null) {
+            __classPrivateFieldSet(this, _AirWalletProvider_currentChainId, parsedChainId);
+          }
+        }
         __classPrivateFieldGet$1(this, _AirWalletProvider_instances, "m", _AirWalletProvider_emit).call(this, message.payload.event, ...[message.payload.data]);
       });
     };
@@ -1918,8 +2004,12 @@ class AirWalletProvider {
     if (!loginResult) {
       throw new UnauthorizedProviderError("User is not logged in");
     }
-    if ((method === "eth_accounts" || method === "eth_requestAccounts") && !__classPrivateFieldGet$1(this, _AirWalletProvider_isWalletInitialized, "f").call(this) && loginResult?.abstractAccountAddress) {
-      return [loginResult.abstractAccountAddress];
+    // Early return optimization: return cached address from login result if wallet not yet initialized
+    if ((method === "eth_accounts" || method === "eth_requestAccounts") && !__classPrivateFieldGet$1(this, _AirWalletProvider_isWalletInitialized, "f").call(this)) {
+      const address = __classPrivateFieldGet$1(this, _AirWalletProvider_instances, "m", _AirWalletProvider_getAddressForCurrentChain).call(this, loginResult);
+      if (address) {
+        return [address];
+      }
     }
     const skipWalletLoginMethods = ["eth_chainId"];
     try {
@@ -1941,6 +2031,12 @@ class AirWalletProvider {
     if (!response.success) {
       throw ensureProviderRpcError(response.payload);
     }
+    if (method === "eth_chainId") {
+      const parsedChainId = __classPrivateFieldGet$1(this, _AirWalletProvider_instances, "m", _AirWalletProvider_parseChainId).call(this, response.payload.response);
+      if (parsedChainId !== null) {
+        __classPrivateFieldSet(this, _AirWalletProvider_currentChainId, parsedChainId);
+      }
+    }
     return response.payload.response;
   }
   on(eventName, listener) {
@@ -1964,7 +2060,7 @@ class AirWalletProvider {
     });
   }
 }
-_AirWalletProvider_providerMessageService = new WeakMap(), _AirWalletProvider_isWalletInitialized = new WeakMap(), _AirWalletProvider_getLoginResult = new WeakMap(), _AirWalletProvider_ensureWallet = new WeakMap(), _AirWalletProvider_eventListeners = new WeakMap(), _AirWalletProvider_instances = new WeakSet(), _AirWalletProvider_emit = function _AirWalletProvider_emit(eventName, ...args) {
+_AirWalletProvider_providerMessageService = new WeakMap(), _AirWalletProvider_isWalletInitialized = new WeakMap(), _AirWalletProvider_getLoginResult = new WeakMap(), _AirWalletProvider_ensureWallet = new WeakMap(), _AirWalletProvider_eventListeners = new WeakMap(), _AirWalletProvider_currentChainId = new WeakMap(), _AirWalletProvider_instances = new WeakSet(), _AirWalletProvider_emit = function _AirWalletProvider_emit(eventName, ...args) {
   (__classPrivateFieldGet$1(this, _AirWalletProvider_eventListeners, "f")[eventName] || []).forEach(listener => {
     try {
       return listener(...args);
@@ -1972,6 +2068,30 @@ _AirWalletProvider_providerMessageService = new WeakMap(), _AirWalletProvider_is
       log$1.warn(error);
     }
   });
+}, _AirWalletProvider_getAddressForCurrentChain = function _AirWalletProvider_getAddressForCurrentChain(loginResult) {
+  const currentChainId = __classPrivateFieldGet$1(this, _AirWalletProvider_currentChainId, "f");
+  // If we have the new addresses array and current chainId, look up by chain
+  if (loginResult.abstractAccountAddresses && currentChainId !== null) {
+    const chainIdStr = String(currentChainId);
+    const addressEntry = loginResult.abstractAccountAddresses.find(entry => entry.chainIds.includes(chainIdStr));
+    if (addressEntry) {
+      return addressEntry.address;
+    }
+  }
+  // Fallback to legacy single address (backward compatibility)
+  return loginResult.abstractAccountAddress;
+}, _AirWalletProvider_parseChainId = function _AirWalletProvider_parseChainId(chainId) {
+  if (typeof chainId === "number") {
+    return Number.isFinite(chainId) ? chainId : null;
+  }
+  if (typeof chainId === "bigint") {
+    return Number(chainId);
+  }
+  if (typeof chainId !== "string" || !chainId) {
+    return null;
+  }
+  const parsed = chainId.startsWith("0x") ? parseInt(chainId, 16) : parseInt(chainId, 10);
+  return Number.isNaN(parsed) ? null : parsed;
 };
 var _a$3, _AuthMessageService_instance;
 const ALLOWED_AUTH_MESSAGES = [AirAuthMessageTypes.INITIALIZATION_RESPONSE, AirAuthMessageTypes.LOGIN_RESPONSE, AirAuthMessageTypes.SETUP_WALLET_REQUEST, AirAuthMessageTypes.SETUP_RECOVERY_REQUEST, AirAuthMessageTypes.SETUP_CREDENTIAL_REQUEST, AirAuthMessageTypes.LOGOUT_RESPONSE, AirAuthMessageTypes.UPDATE_SESSION_CONFIG_RESPONSE, AirAuthMessageTypes.PARTNER_USER_INFO_RESPONSE, AirAuthMessageTypes.CROSS_PARTNER_TOKEN_RESPONSE, AirAuthMessageTypes.PARTNER_ACCESS_TOKEN_RESPONSE, AirAuthMessageTypes.IFRAME_VISIBILITY_REQUEST, AirAuthMessageTypes.START_RECOVERY_RESPONSE, AirAuthMessageTypes.EXPIRED_LOGOUT_REQUEST];
@@ -2095,7 +2215,7 @@ class AuthMessageService extends MessageServiceBase {
     const response = firstValueFrom(this.messages$.pipe(filter(msg => msg.type === AirAuthMessageTypes.START_RECOVERY_RESPONSE)));
     await this.sendMessage({
       type: AirAuthMessageTypes.START_RECOVERY_REQUEST,
-      payload
+      payload: payload ?? {}
     });
     return response;
   }
@@ -2187,11 +2307,14 @@ class IframeController {
   get iframeElement() {
     return this._iframeElement;
   }
+  get isVisible() {
+    return this.state.isVisible;
+  }
   createIframe() {
     if (this._iframeElement) return this._iframeElement;
     const iframe = document.createElement("iframe");
     iframe.id = this.iframeId;
-    iframe.allow = ["publickey-credentials-get *", "publickey-credentials-create *", "ch-ua-model", "ch-ua-platform-version", "clipboard-write", "web-share"].join("; ");
+    iframe.allow = ["publickey-credentials-get *", "publickey-credentials-create *", "ch-ua-model", "ch-ua-platform-version", "clipboard-read", "clipboard-write", "web-share"].join("; ");
     iframe.src = this.iframeUrl;
     iframe.style.position = "fixed";
     iframe.style.zIndex = `${this.getZIndex()}`;
@@ -2226,6 +2349,15 @@ class IframeController {
     style.bottom = "0px";
     Object.assign(this.iframeElement.style, style);
   }
+  focus() {
+    try {
+      this.iframeElement?.contentWindow?.focus();
+    } catch {
+      // Some browsers reject cross-origin focus() outside a user gesture.
+      // The first interaction inside the iframe will restore the correct
+      // keyboard routing, so swallowing this is safe.
+    }
+  }
   destroy() {
     if (this.iframeElement) {
       this.iframeElement.remove();
@@ -2279,6 +2411,29 @@ class RecoveryMessageService extends MessageServiceBase {
     });
     return response;
   }
+  async sendGetAgentKeysRequest() {
+    const response = firstValueFrom(this.messages$.pipe(filter(msg => msg.type === AirRecoveryMessageTypes.GET_AGENT_KEYS_RESPONSE)));
+    await this.sendMessage({
+      type: AirRecoveryMessageTypes.GET_AGENT_KEYS_REQUEST
+    });
+    return response;
+  }
+  async sendRegisterAgentKeyRequest(payload) {
+    const response = firstValueFrom(this.messages$.pipe(filter(msg => msg.type === AirRecoveryMessageTypes.REGISTER_AGENT_KEY_RESPONSE)));
+    await this.sendMessage({
+      type: AirRecoveryMessageTypes.REGISTER_AGENT_KEY_REQUEST,
+      payload
+    });
+    return response;
+  }
+  async sendRemoveAgentKeyRequest(payload) {
+    const response = firstValueFrom(this.messages$.pipe(filter(msg => msg.type === AirRecoveryMessageTypes.REMOVE_AGENT_KEY_RESPONSE)));
+    await this.sendMessage({
+      type: AirRecoveryMessageTypes.REMOVE_AGENT_KEY_REQUEST,
+      payload
+    });
+    return response;
+  }
   async open(element) {
     await this._open({
       window: element.contentWindow,
@@ -2661,7 +2816,7 @@ class WindowService {
   }
 }
 var WindowService$1 = WindowService.instance;
-var _AirService_instances, _AirService_loginResult, _AirService_buildEnv, _AirService_enableLogging, _AirService_partnerId, _AirService_sessionId, _AirService_sessionConfig, _AirService_authMessagingService, _AirService_authIframeController, _AirService_isAuthInitialized, _AirService_airEventListener, _AirService_walletMessagingService, _AirService_walletIframeController, _AirService_walletInitialization, _AirService_walletLoggedInResult, _AirService_airWalletProvider, _AirService_recoveryInitialization, _AirService_recoveryMessagingService, _AirService_recoveryIframeController, _AirService_credentialsInitialization, _AirService_credentialMessagingService, _AirService_credentialIframeController, _AirService_credentialNetwork, _AirService_assertInitialized, _AirService_assertLoggedIn, _AirService_ensureCredential, _AirService_initializeCredentials, _AirService_subscribeToCredentialEvents, _AirService_cleanUpCredential, _AirService_ensureWallet, _AirService_initializeWallet, _AirService_subscribeToWalletEvents, _AirService_triggerEventListeners, _AirService_triggerAirAuthInitialized, _AirService_triggerAirAuthLoggedIn, _AirService_triggerAirAuthLoggedOut, _AirService_triggerWalletInitialized, _AirService_createLoginResult, _AirService_createWalletInitializedResult, _AirService_cleanUpAuth, _AirService_cleanUpWallet, _AirService_ensureRecovery, _AirService_initializeRecovery, _AirService_subscribeToRecoveryEvents, _AirService_cleanUpRecovery;
+var _AirService_instances, _AirService_loginResult, _AirService_buildEnv, _AirService_enableLogging, _AirService_partnerId, _AirService_sessionId, _AirService_sessionConfig, _AirService_authMessagingService, _AirService_authIframeController, _AirService_isAuthInitialized, _AirService_airEventListener, _AirService_walletMessagingService, _AirService_walletIframeController, _AirService_walletInitialization, _AirService_walletLoggedInResult, _AirService_airWalletProvider, _AirService_recoveryInitialization, _AirService_recoveryMessagingService, _AirService_recoveryIframeController, _AirService_credentialsInitialization, _AirService_credentialMessagingService, _AirService_credentialIframeController, _AirService_credentialNetwork, _AirService_assertInitialized, _AirService_assertLoggedIn, _AirService_ensureCredential, _AirService_initializeCredentials, _AirService_subscribeToCredentialEvents, _AirService_cleanUpCredential, _AirService_ensureWallet, _AirService_initializeWallet, _AirService_subscribeToWalletEvents, _AirService_triggerEventListeners, _AirService_triggerAirAuthInitialized, _AirService_triggerAirAuthLoggedIn, _AirService_triggerAirAuthLoggedOut, _AirService_triggerWalletInitialized, _AirService_assignAndTriggerLoginResult, _AirService_createWalletInitializedResult, _AirService_cleanUpAuth, _AirService_cleanUpWallet, _AirService_ensureRecovery, _AirService_initializeRecovery, _AirService_subscribeToRecoveryEvents, _AirService_cleanUpRecovery, _AirService_refocusTopmostVisibleIframe;
 const airKitVersion = airkitPackage.version;
 class AirService {
   constructor({
@@ -2739,11 +2894,11 @@ class AirService {
       sessionConfig = undefined,
       preloadWallet = false,
       preloadCredential = false,
-      credentialNetwork = "devnet"
+      credentialNetwork
     } = config;
     if (!__classPrivateFieldGet$1(this, _AirService_partnerId, "f")) throw new AirServiceError("CLIENT_ERROR", "Partner ID is required to initialize the service");
     if (__classPrivateFieldGet$1(this, _AirService_isAuthInitialized, "f")) return __classPrivateFieldGet$1(this, _AirService_loginResult, "f") ?? null;
-    __classPrivateFieldSet(this, _AirService_credentialNetwork, buildEnv === BUILD_ENV.SANDBOX ? credentialNetwork : undefined);
+    __classPrivateFieldSet(this, _AirService_credentialNetwork, buildEnv === BUILD_ENV.PRODUCTION ? credentialNetwork : undefined);
     configureLogLevel(buildEnv, enableLogging);
     const {
       authUrl,
@@ -2774,6 +2929,7 @@ class AirService {
               const authIframeController = __classPrivateFieldGet$1(this, _AirService_authIframeController, "f");
               authIframeController.setIframeVisibility(msg.payload.visible);
               authIframeController.updateIframeState();
+              __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_refocusTopmostVisibleIframe).call(this);
               break;
             }
           case AirAuthMessageTypes.SETUP_WALLET_REQUEST:
@@ -2816,6 +2972,20 @@ class AirService {
               await this.logout();
               break;
             }
+          case AirAuthMessageTypes.LOGIN_RESPONSE:
+            {
+              if (msg.payload.success === true) {
+                __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_assignAndTriggerLoginResult).call(this, msg.payload);
+              }
+              break;
+            }
+          case AirAuthMessageTypes.LOGOUT_RESPONSE:
+            {
+              const wasLoggedIn = !!__classPrivateFieldGet$1(this, _AirService_loginResult, "f");
+              __classPrivateFieldSet(this, _AirService_loginResult, undefined, "f");
+              if (wasLoggedIn) __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_triggerAirAuthLoggedOut).call(this);
+              break;
+            }
         }
       });
       const result = await new Promise((resolve, reject) => {
@@ -2852,9 +3022,7 @@ class AirService {
       if (preloadCredential) void this.preloadCredential();
       // rehydrated auth session
       if (result.rehydrated) {
-        __classPrivateFieldSet(this, _AirService_loginResult, __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_createLoginResult).call(this, result), "f");
-        __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_triggerAirAuthLoggedIn).call(this);
-        return __classPrivateFieldGet$1(this, _AirService_loginResult, "f");
+        return __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_assignAndTriggerLoginResult).call(this, result);
       }
     } catch (error) {
       log$1.debug("Error initializing auth service", error);
@@ -2872,9 +3040,7 @@ class AirService {
       partnerLoginToken: options?.authToken
     });
     if (payload.success === true) {
-      __classPrivateFieldSet(this, _AirService_loginResult, __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_createLoginResult).call(this, payload));
-      __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_triggerAirAuthLoggedIn).call(this);
-      return __classPrivateFieldGet$1(this, _AirService_loginResult, "f");
+      return __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_assignAndTriggerLoginResult).call(this, payload);
     }
     throw new AirServiceError(payload.errorName, payload.errorMessage);
   }
@@ -2992,6 +3158,43 @@ class AirService {
       throw new AirServiceError(result.payload.errorName, result.payload.errorMessage);
     }
   }
+  async getAgentKeys() {
+    await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_ensureRecovery).call(this);
+    const {
+      payload
+    } = await __classPrivateFieldGet$1(this, _AirService_recoveryMessagingService, "f").sendGetAgentKeysRequest();
+    if (payload.success === false) {
+      throw new AirServiceError(payload.errorName, payload.errorMessage);
+    }
+    return payload.agentKeys;
+  }
+  async registerAgentKey(publicKey) {
+    await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_ensureRecovery).call(this);
+    const {
+      payload
+    } = await __classPrivateFieldGet$1(this, _AirService_recoveryMessagingService, "f").sendRegisterAgentKeyRequest({
+      publicKey
+    });
+    if (payload.success === false) {
+      throw new AirServiceError(payload.errorName, payload.errorMessage);
+    }
+    return {
+      id: payload.id,
+      publicKey: payload.publicKey,
+      createdAt: payload.createdAt
+    };
+  }
+  async removeAgentKey(id) {
+    await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_ensureRecovery).call(this);
+    const {
+      payload
+    } = await __classPrivateFieldGet$1(this, _AirService_recoveryMessagingService, "f").sendRemoveAgentKeyRequest({
+      id
+    });
+    if (payload.success === false) {
+      throw new AirServiceError(payload.errorName, payload.errorMessage);
+    }
+  }
   async getUserInfo() {
     __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_assertLoggedIn).call(this);
     const info = await __classPrivateFieldGet$1(this, _AirService_authMessagingService, "f").sendPartnerUserInfoRequest();
@@ -3006,7 +3209,8 @@ class AirService {
         id: info.payload.user.id,
         abstractAccountAddress: info.payload.user.abstractAccountAddress,
         email: info.payload.user.email,
-        isMFASetup: info.payload.user.activeMfaMethods.length > 0
+        wallet: info.payload.user.wallet,
+        isMFASetup: (info.payload.user.activeMfaMethods?.length ?? 0) > 0
       }
     };
   }
@@ -3070,8 +3274,6 @@ class AirService {
     // Clear up credentials first to avoid issues with wallet and auth messaging services
     await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_cleanUpCredential).call(this);
     await Promise.all([__classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_cleanUpWallet).call(this), __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_cleanUpRecovery).call(this), __classPrivateFieldGet$1(this, _AirService_authMessagingService, "f").logout()]);
-    __classPrivateFieldSet(this, _AirService_loginResult, undefined);
-    __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_triggerAirAuthLoggedOut).call(this);
   }
   async cleanUp() {
     await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_cleanUpCredential).call(this);
@@ -3097,7 +3299,7 @@ class AirService {
     credentialId,
     credentialSubject,
     curve,
-    offchain
+    waitForOnchainCompletion
   }) {
     await __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_ensureCredential).call(this);
     const response = await __classPrivateFieldGet$1(this, _AirService_credentialMessagingService, "f").sendIssueCredentialRequest({
@@ -3106,7 +3308,7 @@ class AirService {
       credentialId,
       credentialSubject,
       curve,
-      offchain
+      waitForOnchainCompletion
     });
     const {
       payload
@@ -3230,6 +3432,7 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
         {
           __classPrivateFieldGet$1(this, _AirService_credentialIframeController, "f").setIframeVisibility(message.payload.visible);
           __classPrivateFieldGet$1(this, _AirService_credentialIframeController, "f").updateIframeState();
+          __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_refocusTopmostVisibleIframe).call(this);
           break;
         }
     }
@@ -3329,6 +3532,7 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
           const walletIframeController = __classPrivateFieldGet$1(this, _AirService_walletIframeController, "f");
           walletIframeController.setIframeVisibility(msg.payload.visible);
           walletIframeController.updateIframeState();
+          __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_refocusTopmostVisibleIframe).call(this);
           break;
         }
       case AirWalletMessageTypes.WALLET_LOGIN_RESPONSE:
@@ -3396,14 +3600,19 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
     event: "wallet_initialized",
     result
   });
-}, _AirService_createLoginResult = function _AirService_createLoginResult(payload) {
-  return {
-    isLoggedIn: true,
-    id: payload.id,
-    abstractAccountAddress: payload.abstractAccountAddress,
-    token: payload.partnerAccessToken,
-    isMFASetup: payload.activeMfaMethods.length > 0
-  };
+}, _AirService_assignAndTriggerLoginResult = function _AirService_assignAndTriggerLoginResult(payload) {
+  if (!__classPrivateFieldGet$1(this, _AirService_loginResult, "f")) {
+    __classPrivateFieldSet(this, _AirService_loginResult, {
+      isLoggedIn: true,
+      id: payload.id,
+      abstractAccountAddress: payload.abstractAccountAddress,
+      abstractAccountAddresses: payload.abstractAccountAddresses,
+      token: payload.partnerAccessToken,
+      isMFASetup: (payload.activeMfaMethods?.length ?? 0) > 0
+    });
+    __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_triggerAirAuthLoggedIn).call(this);
+  }
+  return __classPrivateFieldGet$1(this, _AirService_loginResult, "f");
 }, _AirService_createWalletInitializedResult = function _AirService_createWalletInitializedResult(payload) {
   if ("isWalletLoggedIn" in payload && !payload.isWalletLoggedIn) {
     return {
@@ -3413,7 +3622,7 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
   }
   return {
     abstractAccountAddress: payload.addresses.aa,
-    isMFASetup: payload.activeMfaMethods.length > 0
+    isMFASetup: (payload.activeMfaMethods?.length ?? 0) > 0
   };
 }, _AirService_cleanUpAuth = async function _AirService_cleanUpAuth() {
   // Logout auth session
@@ -3505,6 +3714,7 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
           const recoveryIframeController = __classPrivateFieldGet$1(this, _AirService_recoveryIframeController, "f");
           recoveryIframeController.setIframeVisibility(message.payload.visible);
           recoveryIframeController.updateIframeState();
+          __classPrivateFieldGet$1(this, _AirService_instances, "m", _AirService_refocusTopmostVisibleIframe).call(this);
           break;
         }
     }
@@ -3521,6 +3731,14 @@ _AirService_loginResult = new WeakMap(), _AirService_buildEnv = new WeakMap(), _
   // Close the message service
   await __classPrivateFieldGet$1(this, _AirService_recoveryMessagingService, "f").close();
   __classPrivateFieldSet(this, _AirService_recoveryInitialization, undefined);
+}, _AirService_refocusTopmostVisibleIframe = function _AirService_refocusTopmostVisibleIframe() {
+  const candidates = [__classPrivateFieldGet$1(this, _AirService_walletIframeController, "f"), __classPrivateFieldGet$1(this, _AirService_credentialIframeController, "f"), __classPrivateFieldGet$1(this, _AirService_authIframeController, "f"), __classPrivateFieldGet$1(this, _AirService_recoveryIframeController, "f")];
+  for (const controller of candidates) {
+    if (controller?.isVisible) {
+      controller.focus();
+      return;
+    }
+  }
 };
 
 function isHex(value, {