@moon-x/core 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/sdk/index.js CHANGED
@@ -34,7 +34,8 @@ __export(sdk_exports, {
34
34
  getHeadlessAuthenticationMethods: () => getHeadlessAuthenticationMethods,
35
35
  getHeadlessEthereumMethods: () => getHeadlessEthereumMethods,
36
36
  getHeadlessGeneralMethods: () => getHeadlessGeneralMethods,
37
- getHeadlessSolanaMethods: () => getHeadlessSolanaMethods
37
+ getHeadlessSolanaMethods: () => getHeadlessSolanaMethods,
38
+ getPresenceToken: () => getPresenceToken
38
39
  });
39
40
  module.exports = __toCommonJS(sdk_exports);
40
41
 
@@ -282,6 +283,16 @@ var PostMessageMethod = {
282
283
  // begin/verify HTTP calls (where the session JWT lives).
283
284
  PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN",
284
285
  PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY",
286
+ // Passkey-asserted step-up ("presence token"). Same split as register:
287
+ // parent owns the WebAuthn API call; iframe owns the begin/verify
288
+ // HTTP halves (where the session JWT lives). Mints a short-lived
289
+ // (`tt:"presence"`) JWT app backends can verify over JWKS.
290
+ // CRITICAL: parent MUST strip response.userHandle from the assertion
291
+ // before posting PASSKEY_PRESENCE_VERIFY. The userHandle carries DEK
292
+ // material in MoonX's overloaded model and has no business reaching
293
+ // the server. The server also defensively never reads it.
294
+ PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN",
295
+ PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY",
285
296
  GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS",
286
297
  // Parent-side passkey assertion plumbing. Parent calls GET_DEK_INFO
287
298
  // to learn which credential IDs to put in allowCredentials and to
@@ -306,7 +317,8 @@ var assertPasskeyInParent = async ({
306
317
  transport,
307
318
  passkey,
308
319
  publishableKey,
309
- requireFreshAssertion = false
320
+ requireFreshAssertion = false,
321
+ validateCredentialInAllowList = false
310
322
  }) => {
311
323
  if (!requireFreshAssertion) {
312
324
  const cached = readParentAssertCache();
@@ -332,6 +344,9 @@ var assertPasskeyInParent = async ({
332
344
  challenge,
333
345
  allowCredentials: []
334
346
  });
347
+ if (validateCredentialInAllowList && !allowList.includes(credential.rawIdB64url)) {
348
+ throw new Error("unknown_passkey_for_this_account");
349
+ }
335
350
  const result = {
336
351
  userHandleB64url: credential.userHandleB64url,
337
352
  credentialIdB64url: credential.rawIdB64url
@@ -340,6 +355,35 @@ var assertPasskeyInParent = async ({
340
355
  return result;
341
356
  };
342
357
 
358
+ // src/sdk/get-presence-token.ts
359
+ var getPresenceToken = async ({
360
+ transport,
361
+ passkey,
362
+ publishableKey,
363
+ relyingPartyOrigin
364
+ }) => {
365
+ const { token, optionsJSON } = await transport.send(
366
+ PostMessageType.AUTH,
367
+ PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
368
+ { publishableKey, relyingPartyOrigin }
369
+ );
370
+ const response = await passkey.assertForServer({ optionsJSON });
371
+ const verify = await transport.send(
372
+ PostMessageType.AUTH,
373
+ PostMessageMethod.PASSKEY_PRESENCE_VERIFY,
374
+ {
375
+ publishableKey,
376
+ relyingPartyOrigin,
377
+ token,
378
+ response
379
+ }
380
+ );
381
+ return {
382
+ presenceToken: verify.presence_token,
383
+ expiresAt: verify.expires_at
384
+ };
385
+ };
386
+
343
387
  // src/sdk/headless-ethereum.ts
344
388
  var getHeadlessEthereumMethods = ({
345
389
  transport,
@@ -624,13 +668,17 @@ var getHeadlessSolanaMethods = ({
624
668
  var getHeadlessAuthenticationMethods = ({
625
669
  transport,
626
670
  publishableKey,
627
- emailConfig,
628
671
  setIsAuthenticated,
629
672
  setUser
630
673
  }) => ({
631
- /** Send a one-time passcode to the user's email address. */
674
+ /**
675
+ * Send a one-time passcode to the user's email address. Returns the
676
+ * server's response — most importantly `expires_at` (unix seconds),
677
+ * which the UI uses to render a countdown that cannot drift from the
678
+ * authoritative server-side TTL.
679
+ */
632
680
  sendCode: async (params) => {
633
- await transport.send(
681
+ const response = await transport.send(
634
682
  PostMessageType.AUTH,
635
683
  PostMessageMethod.LOGIN_CREATE,
636
684
  {
@@ -641,6 +689,7 @@ var getHeadlessAuthenticationMethods = ({
641
689
  );
642
690
  authState.clearEmail();
643
691
  authState.setEmail(params.email);
692
+ return response;
644
693
  },
645
694
  /**
646
695
  * Verify the OTP and complete the login. The iframe-app handles
@@ -656,8 +705,7 @@ var getHeadlessAuthenticationMethods = ({
656
705
  {
657
706
  email,
658
707
  code: params.code,
659
- publishableKey,
660
- expiresIn: emailConfig?.expiresIn
708
+ publishableKey
661
709
  }
662
710
  );
663
711
  authState.clearEmail();
@@ -860,5 +908,6 @@ var getHeadlessGeneralMethods = ({
860
908
  getHeadlessAuthenticationMethods,
861
909
  getHeadlessEthereumMethods,
862
910
  getHeadlessGeneralMethods,
863
- getHeadlessSolanaMethods
911
+ getHeadlessSolanaMethods,
912
+ getPresenceToken
864
913
  });
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  PostMessageMethod,
3
3
  PostMessageType
4
- } from "../chunk-SOKLPX7V.mjs";
4
+ } from "../chunk-VVL65GIB.mjs";
5
5
  import {
6
6
  arrayLikeToBytes,
7
7
  authState,
@@ -22,7 +22,8 @@ var assertPasskeyInParent = async ({
22
22
  transport,
23
23
  passkey,
24
24
  publishableKey,
25
- requireFreshAssertion = false
25
+ requireFreshAssertion = false,
26
+ validateCredentialInAllowList = false
26
27
  }) => {
27
28
  if (!requireFreshAssertion) {
28
29
  const cached = readParentAssertCache();
@@ -48,6 +49,9 @@ var assertPasskeyInParent = async ({
48
49
  challenge,
49
50
  allowCredentials: []
50
51
  });
52
+ if (validateCredentialInAllowList && !allowList.includes(credential.rawIdB64url)) {
53
+ throw new Error("unknown_passkey_for_this_account");
54
+ }
51
55
  const result = {
52
56
  userHandleB64url: credential.userHandleB64url,
53
57
  credentialIdB64url: credential.rawIdB64url
@@ -56,6 +60,35 @@ var assertPasskeyInParent = async ({
56
60
  return result;
57
61
  };
58
62
 
63
+ // src/sdk/get-presence-token.ts
64
+ var getPresenceToken = async ({
65
+ transport,
66
+ passkey,
67
+ publishableKey,
68
+ relyingPartyOrigin
69
+ }) => {
70
+ const { token, optionsJSON } = await transport.send(
71
+ PostMessageType.AUTH,
72
+ PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
73
+ { publishableKey, relyingPartyOrigin }
74
+ );
75
+ const response = await passkey.assertForServer({ optionsJSON });
76
+ const verify = await transport.send(
77
+ PostMessageType.AUTH,
78
+ PostMessageMethod.PASSKEY_PRESENCE_VERIFY,
79
+ {
80
+ publishableKey,
81
+ relyingPartyOrigin,
82
+ token,
83
+ response
84
+ }
85
+ );
86
+ return {
87
+ presenceToken: verify.presence_token,
88
+ expiresAt: verify.expires_at
89
+ };
90
+ };
91
+
59
92
  // src/sdk/headless-ethereum.ts
60
93
  var getHeadlessEthereumMethods = ({
61
94
  transport,
@@ -340,13 +373,17 @@ var getHeadlessSolanaMethods = ({
340
373
  var getHeadlessAuthenticationMethods = ({
341
374
  transport,
342
375
  publishableKey,
343
- emailConfig,
344
376
  setIsAuthenticated,
345
377
  setUser
346
378
  }) => ({
347
- /** Send a one-time passcode to the user's email address. */
379
+ /**
380
+ * Send a one-time passcode to the user's email address. Returns the
381
+ * server's response — most importantly `expires_at` (unix seconds),
382
+ * which the UI uses to render a countdown that cannot drift from the
383
+ * authoritative server-side TTL.
384
+ */
348
385
  sendCode: async (params) => {
349
- await transport.send(
386
+ const response = await transport.send(
350
387
  PostMessageType.AUTH,
351
388
  PostMessageMethod.LOGIN_CREATE,
352
389
  {
@@ -357,6 +394,7 @@ var getHeadlessAuthenticationMethods = ({
357
394
  );
358
395
  authState.clearEmail();
359
396
  authState.setEmail(params.email);
397
+ return response;
360
398
  },
361
399
  /**
362
400
  * Verify the OTP and complete the login. The iframe-app handles
@@ -372,8 +410,7 @@ var getHeadlessAuthenticationMethods = ({
372
410
  {
373
411
  email,
374
412
  code: params.code,
375
- publishableKey,
376
- expiresIn: emailConfig?.expiresIn
413
+ publishableKey
377
414
  }
378
415
  );
379
416
  authState.clearEmail();
@@ -575,5 +612,6 @@ export {
575
612
  getHeadlessAuthenticationMethods,
576
613
  getHeadlessEthereumMethods,
577
614
  getHeadlessGeneralMethods,
578
- getHeadlessSolanaMethods
615
+ getHeadlessSolanaMethods,
616
+ getPresenceToken
579
617
  };
@@ -205,6 +205,23 @@ interface IdentityTokenClaims extends BaseTokenClaims {
205
205
  picture?: string;
206
206
  [key: string]: unknown;
207
207
  }
208
+ /**
209
+ * Presence-token claims. Minted after a verified passkey assertion
210
+ * (the parent-side "step-up" ceremony). Customer backends verify these
211
+ * via the app's JWKS to gate high-risk routes without holding their
212
+ * own session/step-up model. Short-lived (5min by default, server-side
213
+ * configurable).
214
+ *
215
+ * `tt: "presence"` is the type discriminator — the verify primitive
216
+ * rejects anything else, so a long-lived access token cannot be
217
+ * substituted for a presence proof.
218
+ */
219
+ interface PresenceTokenClaims extends BaseTokenClaims {
220
+ /** Token type discriminator. Always "presence" for this shape. */
221
+ tt: "presence";
222
+ /** Base64url credential id of the WebAuthn credential that asserted. */
223
+ cid: string;
224
+ }
208
225
  /** Result of `@moon-x/node-sdk`'s `client.auth.verifySession(...)`. */
209
226
  interface VerifiedSession {
210
227
  access: AccessTokenClaims;
@@ -728,7 +745,6 @@ interface PasskeyEnrollConfig {
728
745
  }
729
746
  interface EmailOtpConfig {
730
747
  skipVerifiedSuccess?: boolean;
731
- expiresIn?: number;
732
748
  verifiedDisplayTime?: number;
733
749
  verifyEmailTitle?: string;
734
750
  verifyEmailResendTitle?: string;
@@ -897,7 +913,6 @@ interface AuthProviderConfig {
897
913
  interface SendEmailOtpRequest {
898
914
  publishableKey: string;
899
915
  email: string;
900
- expiresIn?: number;
901
916
  }
902
917
  interface VerifyEmailOtpRequest {
903
918
  publishableKey: string;
@@ -906,6 +921,7 @@ interface VerifyEmailOtpRequest {
906
921
  }
907
922
  interface SendEmailOtpResponse {
908
923
  ok: boolean;
924
+ expires_at: number;
909
925
  }
910
926
  interface VerifyEmailOtpUser {
911
927
  id: string;
@@ -1187,4 +1203,4 @@ interface WalletVerifyRequest {
1187
1203
  sessionExpiresIn: number;
1188
1204
  }
1189
1205
 
1190
- export { type AccessTokenClaims, type AppConfigRequest, type AppConfigResponse, type AttachOAuthTokenRequest, type AttachOAuthTokenResponse, type AuthAppearance, type AuthFlow, type AuthFlowComponent, type AuthLoginMethod, type AuthProviderConfig, type BaseGetBalanceParams, type BaseGetBalanceResult, type BaseGetTokenAccountsParams, type BaseSendTransactionParams, type BaseSendTransactionResult, type BaseSignMessageParams, type BaseSignMessageResult, type BaseSignTransactionParams, type BaseSignTransactionResult, type BaseTokenClaims, type BaseUIOptions, type BaseWalletHooks, Chain, ChainLikeWithId, type ContractUIOptions, type CreateWalletResponse, type DefaultFundingMethod, type DeleteSessionRequest, type DeleteSessionResponse, type DetachOAuthTokenRequest, type DeviceFingerprint, type DisplayMode, type EmailOtpConfig, type EmailOtpFlowState, type EthereumFundingConfig, type EthereumGetBalanceParams, type EthereumGetBalanceResult, type EthereumGetTokenAccountsByOwnerParams, type EthereumGetTokenAccountsByOwnerResult, type EthereumSendTransactionParams, type EthereumSendTransactionRequest, type EthereumSendTransactionResult, type EthereumSign7702AuthorizationParams, type EthereumSign7702AuthorizationResult, type EthereumSignHashParams, type EthereumSignHashResult, type EthereumSignMessageParams, type EthereumSignMessageResult, type EthereumSignTransactionParams, type EthereumSignTransactionResult, type EthereumSignTypedDataParams, type EthereumSignTypedDataResult, type EthereumSwitchChainParams, type ExportKeyConfig, type Factor, type FlexibleTheme, type FundWalletConfig, type FundingEvents, type FundingMethod, type FundingUIConfig, type GetCurrentSessionRequest, type GetCurrentSessionResponse, type Hex, type IdentityTokenClaims, type IdpProvider, type IsAuthenticatedRequest, type IsAuthenticatedResponse, type LoginTokenBundle, type LogoutRequest, type LogoutResponse, type MessageTypeProperty, type MessageTypes, type MoonKeyThemeConfig, type MoonPaySignRequest, type MoonPaySignResponse, type MpcKeyShares, Network, type OAuthRequest, type OAuthResponse, type OnrampFundingSettings, type PasskeyEnrollConfig, type PasskeySettings, type PreferredCardProvider, type PrefillConfig, type PublicEthereumWallet, type PublicSessionData, type PublicWallet, type RefreshSessionRequest, type RefreshSessionResponse, type RetrieveWalletKeyRequest, type RetrieveWalletKeyResponse, type SdkSettings, type SendEmailOtpRequest, type SendEmailOtpResponse, type SendTransactionConfig, type SendTransactionRequest, type SessionData, type SharesDeviceRequest, type SharesDeviceResponse, type Sign7702AuthorizationError, type Sign7702AuthorizationParams, type Sign7702AuthorizationResponse, type Sign7702AuthorizationResult, type SignMessageConfig, type SignTransactionConfig, type SignTypedDataError, type SignTypedDataParams, type SignTypedDataResponse, type SignTypedDataResult, type SmsSettings, type SolanaChain, type SolanaFundingConfig, type SolanaGetBalanceParams, type SolanaGetBalanceResult, type SolanaGetTokenAccountsByOwnerParams, type SolanaGetTokenAccountsByOwnerResult, type SolanaSendTransactionParams, type SolanaSendTransactionResult, type SolanaSignMessageParams, type SolanaSignMessageResult, type SolanaSignTransactionParams, type SolanaSignTransactionResult, type TransactionCommitment, type TransactionEncoding, type TransactionUIOptions, type TypedMessage, type UseFundWalletInterface, type UsersMePublicResponse, type UsersMeRequest, type UsersMeResponse, type VerifiedSession, type VerifyEmailOtpRequest, type VerifyEmailOtpResponse, type VerifyEmailOtpUser, type VerifyOAuthTokenRequest, type VerifyOAuthTokenResponse, type VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, type Wallet, type WalletChain, type WalletChainType, type WalletConnectConfig, WalletCreationError, type WalletError, type WalletErrorCode, type WalletKeyRequest, type WalletListEntry, type WalletRegistrationNonceRequest, type WalletRegistrationNonceResponse, type WalletType, type WalletVerifyRequest };
1206
+ export { type AccessTokenClaims, type AppConfigRequest, type AppConfigResponse, type AttachOAuthTokenRequest, type AttachOAuthTokenResponse, type AuthAppearance, type AuthFlow, type AuthFlowComponent, type AuthLoginMethod, type AuthProviderConfig, type BaseGetBalanceParams, type BaseGetBalanceResult, type BaseGetTokenAccountsParams, type BaseSendTransactionParams, type BaseSendTransactionResult, type BaseSignMessageParams, type BaseSignMessageResult, type BaseSignTransactionParams, type BaseSignTransactionResult, type BaseTokenClaims, type BaseUIOptions, type BaseWalletHooks, Chain, ChainLikeWithId, type ContractUIOptions, type CreateWalletResponse, type DefaultFundingMethod, type DeleteSessionRequest, type DeleteSessionResponse, type DetachOAuthTokenRequest, type DeviceFingerprint, type DisplayMode, type EmailOtpConfig, type EmailOtpFlowState, type EthereumFundingConfig, type EthereumGetBalanceParams, type EthereumGetBalanceResult, type EthereumGetTokenAccountsByOwnerParams, type EthereumGetTokenAccountsByOwnerResult, type EthereumSendTransactionParams, type EthereumSendTransactionRequest, type EthereumSendTransactionResult, type EthereumSign7702AuthorizationParams, type EthereumSign7702AuthorizationResult, type EthereumSignHashParams, type EthereumSignHashResult, type EthereumSignMessageParams, type EthereumSignMessageResult, type EthereumSignTransactionParams, type EthereumSignTransactionResult, type EthereumSignTypedDataParams, type EthereumSignTypedDataResult, type EthereumSwitchChainParams, type ExportKeyConfig, type Factor, type FlexibleTheme, type FundWalletConfig, type FundingEvents, type FundingMethod, type FundingUIConfig, type GetCurrentSessionRequest, type GetCurrentSessionResponse, type Hex, type IdentityTokenClaims, type IdpProvider, type IsAuthenticatedRequest, type IsAuthenticatedResponse, type LoginTokenBundle, type LogoutRequest, type LogoutResponse, type MessageTypeProperty, type MessageTypes, type MoonKeyThemeConfig, type MoonPaySignRequest, type MoonPaySignResponse, type MpcKeyShares, Network, type OAuthRequest, type OAuthResponse, type OnrampFundingSettings, type PasskeyEnrollConfig, type PasskeySettings, type PreferredCardProvider, type PrefillConfig, type PresenceTokenClaims, type PublicEthereumWallet, type PublicSessionData, type PublicWallet, type RefreshSessionRequest, type RefreshSessionResponse, type RetrieveWalletKeyRequest, type RetrieveWalletKeyResponse, type SdkSettings, type SendEmailOtpRequest, type SendEmailOtpResponse, type SendTransactionConfig, type SendTransactionRequest, type SessionData, type SharesDeviceRequest, type SharesDeviceResponse, type Sign7702AuthorizationError, type Sign7702AuthorizationParams, type Sign7702AuthorizationResponse, type Sign7702AuthorizationResult, type SignMessageConfig, type SignTransactionConfig, type SignTypedDataError, type SignTypedDataParams, type SignTypedDataResponse, type SignTypedDataResult, type SmsSettings, type SolanaChain, type SolanaFundingConfig, type SolanaGetBalanceParams, type SolanaGetBalanceResult, type SolanaGetTokenAccountsByOwnerParams, type SolanaGetTokenAccountsByOwnerResult, type SolanaSendTransactionParams, type SolanaSendTransactionResult, type SolanaSignMessageParams, type SolanaSignMessageResult, type SolanaSignTransactionParams, type SolanaSignTransactionResult, type TransactionCommitment, type TransactionEncoding, type TransactionUIOptions, type TypedMessage, type UseFundWalletInterface, type UsersMePublicResponse, type UsersMeRequest, type UsersMeResponse, type VerifiedSession, type VerifyEmailOtpRequest, type VerifyEmailOtpResponse, type VerifyEmailOtpUser, type VerifyOAuthTokenRequest, type VerifyOAuthTokenResponse, type VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, type Wallet, type WalletChain, type WalletChainType, type WalletConnectConfig, WalletCreationError, type WalletError, type WalletErrorCode, type WalletKeyRequest, type WalletListEntry, type WalletRegistrationNonceRequest, type WalletRegistrationNonceResponse, type WalletType, type WalletVerifyRequest };
@@ -205,6 +205,23 @@ interface IdentityTokenClaims extends BaseTokenClaims {
205
205
  picture?: string;
206
206
  [key: string]: unknown;
207
207
  }
208
+ /**
209
+ * Presence-token claims. Minted after a verified passkey assertion
210
+ * (the parent-side "step-up" ceremony). Customer backends verify these
211
+ * via the app's JWKS to gate high-risk routes without holding their
212
+ * own session/step-up model. Short-lived (5min by default, server-side
213
+ * configurable).
214
+ *
215
+ * `tt: "presence"` is the type discriminator — the verify primitive
216
+ * rejects anything else, so a long-lived access token cannot be
217
+ * substituted for a presence proof.
218
+ */
219
+ interface PresenceTokenClaims extends BaseTokenClaims {
220
+ /** Token type discriminator. Always "presence" for this shape. */
221
+ tt: "presence";
222
+ /** Base64url credential id of the WebAuthn credential that asserted. */
223
+ cid: string;
224
+ }
208
225
  /** Result of `@moon-x/node-sdk`'s `client.auth.verifySession(...)`. */
209
226
  interface VerifiedSession {
210
227
  access: AccessTokenClaims;
@@ -728,7 +745,6 @@ interface PasskeyEnrollConfig {
728
745
  }
729
746
  interface EmailOtpConfig {
730
747
  skipVerifiedSuccess?: boolean;
731
- expiresIn?: number;
732
748
  verifiedDisplayTime?: number;
733
749
  verifyEmailTitle?: string;
734
750
  verifyEmailResendTitle?: string;
@@ -897,7 +913,6 @@ interface AuthProviderConfig {
897
913
  interface SendEmailOtpRequest {
898
914
  publishableKey: string;
899
915
  email: string;
900
- expiresIn?: number;
901
916
  }
902
917
  interface VerifyEmailOtpRequest {
903
918
  publishableKey: string;
@@ -906,6 +921,7 @@ interface VerifyEmailOtpRequest {
906
921
  }
907
922
  interface SendEmailOtpResponse {
908
923
  ok: boolean;
924
+ expires_at: number;
909
925
  }
910
926
  interface VerifyEmailOtpUser {
911
927
  id: string;
@@ -1187,4 +1203,4 @@ interface WalletVerifyRequest {
1187
1203
  sessionExpiresIn: number;
1188
1204
  }
1189
1205
 
1190
- export { type AccessTokenClaims, type AppConfigRequest, type AppConfigResponse, type AttachOAuthTokenRequest, type AttachOAuthTokenResponse, type AuthAppearance, type AuthFlow, type AuthFlowComponent, type AuthLoginMethod, type AuthProviderConfig, type BaseGetBalanceParams, type BaseGetBalanceResult, type BaseGetTokenAccountsParams, type BaseSendTransactionParams, type BaseSendTransactionResult, type BaseSignMessageParams, type BaseSignMessageResult, type BaseSignTransactionParams, type BaseSignTransactionResult, type BaseTokenClaims, type BaseUIOptions, type BaseWalletHooks, Chain, ChainLikeWithId, type ContractUIOptions, type CreateWalletResponse, type DefaultFundingMethod, type DeleteSessionRequest, type DeleteSessionResponse, type DetachOAuthTokenRequest, type DeviceFingerprint, type DisplayMode, type EmailOtpConfig, type EmailOtpFlowState, type EthereumFundingConfig, type EthereumGetBalanceParams, type EthereumGetBalanceResult, type EthereumGetTokenAccountsByOwnerParams, type EthereumGetTokenAccountsByOwnerResult, type EthereumSendTransactionParams, type EthereumSendTransactionRequest, type EthereumSendTransactionResult, type EthereumSign7702AuthorizationParams, type EthereumSign7702AuthorizationResult, type EthereumSignHashParams, type EthereumSignHashResult, type EthereumSignMessageParams, type EthereumSignMessageResult, type EthereumSignTransactionParams, type EthereumSignTransactionResult, type EthereumSignTypedDataParams, type EthereumSignTypedDataResult, type EthereumSwitchChainParams, type ExportKeyConfig, type Factor, type FlexibleTheme, type FundWalletConfig, type FundingEvents, type FundingMethod, type FundingUIConfig, type GetCurrentSessionRequest, type GetCurrentSessionResponse, type Hex, type IdentityTokenClaims, type IdpProvider, type IsAuthenticatedRequest, type IsAuthenticatedResponse, type LoginTokenBundle, type LogoutRequest, type LogoutResponse, type MessageTypeProperty, type MessageTypes, type MoonKeyThemeConfig, type MoonPaySignRequest, type MoonPaySignResponse, type MpcKeyShares, Network, type OAuthRequest, type OAuthResponse, type OnrampFundingSettings, type PasskeyEnrollConfig, type PasskeySettings, type PreferredCardProvider, type PrefillConfig, type PublicEthereumWallet, type PublicSessionData, type PublicWallet, type RefreshSessionRequest, type RefreshSessionResponse, type RetrieveWalletKeyRequest, type RetrieveWalletKeyResponse, type SdkSettings, type SendEmailOtpRequest, type SendEmailOtpResponse, type SendTransactionConfig, type SendTransactionRequest, type SessionData, type SharesDeviceRequest, type SharesDeviceResponse, type Sign7702AuthorizationError, type Sign7702AuthorizationParams, type Sign7702AuthorizationResponse, type Sign7702AuthorizationResult, type SignMessageConfig, type SignTransactionConfig, type SignTypedDataError, type SignTypedDataParams, type SignTypedDataResponse, type SignTypedDataResult, type SmsSettings, type SolanaChain, type SolanaFundingConfig, type SolanaGetBalanceParams, type SolanaGetBalanceResult, type SolanaGetTokenAccountsByOwnerParams, type SolanaGetTokenAccountsByOwnerResult, type SolanaSendTransactionParams, type SolanaSendTransactionResult, type SolanaSignMessageParams, type SolanaSignMessageResult, type SolanaSignTransactionParams, type SolanaSignTransactionResult, type TransactionCommitment, type TransactionEncoding, type TransactionUIOptions, type TypedMessage, type UseFundWalletInterface, type UsersMePublicResponse, type UsersMeRequest, type UsersMeResponse, type VerifiedSession, type VerifyEmailOtpRequest, type VerifyEmailOtpResponse, type VerifyEmailOtpUser, type VerifyOAuthTokenRequest, type VerifyOAuthTokenResponse, type VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, type Wallet, type WalletChain, type WalletChainType, type WalletConnectConfig, WalletCreationError, type WalletError, type WalletErrorCode, type WalletKeyRequest, type WalletListEntry, type WalletRegistrationNonceRequest, type WalletRegistrationNonceResponse, type WalletType, type WalletVerifyRequest };
1206
+ export { type AccessTokenClaims, type AppConfigRequest, type AppConfigResponse, type AttachOAuthTokenRequest, type AttachOAuthTokenResponse, type AuthAppearance, type AuthFlow, type AuthFlowComponent, type AuthLoginMethod, type AuthProviderConfig, type BaseGetBalanceParams, type BaseGetBalanceResult, type BaseGetTokenAccountsParams, type BaseSendTransactionParams, type BaseSendTransactionResult, type BaseSignMessageParams, type BaseSignMessageResult, type BaseSignTransactionParams, type BaseSignTransactionResult, type BaseTokenClaims, type BaseUIOptions, type BaseWalletHooks, Chain, ChainLikeWithId, type ContractUIOptions, type CreateWalletResponse, type DefaultFundingMethod, type DeleteSessionRequest, type DeleteSessionResponse, type DetachOAuthTokenRequest, type DeviceFingerprint, type DisplayMode, type EmailOtpConfig, type EmailOtpFlowState, type EthereumFundingConfig, type EthereumGetBalanceParams, type EthereumGetBalanceResult, type EthereumGetTokenAccountsByOwnerParams, type EthereumGetTokenAccountsByOwnerResult, type EthereumSendTransactionParams, type EthereumSendTransactionRequest, type EthereumSendTransactionResult, type EthereumSign7702AuthorizationParams, type EthereumSign7702AuthorizationResult, type EthereumSignHashParams, type EthereumSignHashResult, type EthereumSignMessageParams, type EthereumSignMessageResult, type EthereumSignTransactionParams, type EthereumSignTransactionResult, type EthereumSignTypedDataParams, type EthereumSignTypedDataResult, type EthereumSwitchChainParams, type ExportKeyConfig, type Factor, type FlexibleTheme, type FundWalletConfig, type FundingEvents, type FundingMethod, type FundingUIConfig, type GetCurrentSessionRequest, type GetCurrentSessionResponse, type Hex, type IdentityTokenClaims, type IdpProvider, type IsAuthenticatedRequest, type IsAuthenticatedResponse, type LoginTokenBundle, type LogoutRequest, type LogoutResponse, type MessageTypeProperty, type MessageTypes, type MoonKeyThemeConfig, type MoonPaySignRequest, type MoonPaySignResponse, type MpcKeyShares, Network, type OAuthRequest, type OAuthResponse, type OnrampFundingSettings, type PasskeyEnrollConfig, type PasskeySettings, type PreferredCardProvider, type PrefillConfig, type PresenceTokenClaims, type PublicEthereumWallet, type PublicSessionData, type PublicWallet, type RefreshSessionRequest, type RefreshSessionResponse, type RetrieveWalletKeyRequest, type RetrieveWalletKeyResponse, type SdkSettings, type SendEmailOtpRequest, type SendEmailOtpResponse, type SendTransactionConfig, type SendTransactionRequest, type SessionData, type SharesDeviceRequest, type SharesDeviceResponse, type Sign7702AuthorizationError, type Sign7702AuthorizationParams, type Sign7702AuthorizationResponse, type Sign7702AuthorizationResult, type SignMessageConfig, type SignTransactionConfig, type SignTypedDataError, type SignTypedDataParams, type SignTypedDataResponse, type SignTypedDataResult, type SmsSettings, type SolanaChain, type SolanaFundingConfig, type SolanaGetBalanceParams, type SolanaGetBalanceResult, type SolanaGetTokenAccountsByOwnerParams, type SolanaGetTokenAccountsByOwnerResult, type SolanaSendTransactionParams, type SolanaSendTransactionResult, type SolanaSignMessageParams, type SolanaSignMessageResult, type SolanaSignTransactionParams, type SolanaSignTransactionResult, type TransactionCommitment, type TransactionEncoding, type TransactionUIOptions, type TypedMessage, type UseFundWalletInterface, type UsersMePublicResponse, type UsersMeRequest, type UsersMeResponse, type VerifiedSession, type VerifyEmailOtpRequest, type VerifyEmailOtpResponse, type VerifyEmailOtpUser, type VerifyOAuthTokenRequest, type VerifyOAuthTokenResponse, type VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, type Wallet, type WalletChain, type WalletChainType, type WalletConnectConfig, WalletCreationError, type WalletError, type WalletErrorCode, type WalletKeyRequest, type WalletListEntry, type WalletRegistrationNonceRequest, type WalletRegistrationNonceResponse, type WalletType, type WalletVerifyRequest };
@@ -1,4 +1,4 @@
1
- export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from '../post-message-C_99BCBh.mjs';
1
+ export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from '../post-message-CmgAfkOS.mjs';
2
2
 
3
3
  /**
4
4
  * Get the appropriate MoonKey API URL based on environment configuration
@@ -1,4 +1,4 @@
1
- export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from '../post-message-C_99BCBh.js';
1
+ export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from '../post-message-CmgAfkOS.js';
2
2
 
3
3
  /**
4
4
  * Get the appropriate MoonKey API URL based on environment configuration
@@ -156,6 +156,16 @@ var PostMessageMethod = {
156
156
  // begin/verify HTTP calls (where the session JWT lives).
157
157
  PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN",
158
158
  PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY",
159
+ // Passkey-asserted step-up ("presence token"). Same split as register:
160
+ // parent owns the WebAuthn API call; iframe owns the begin/verify
161
+ // HTTP halves (where the session JWT lives). Mints a short-lived
162
+ // (`tt:"presence"`) JWT app backends can verify over JWKS.
163
+ // CRITICAL: parent MUST strip response.userHandle from the assertion
164
+ // before posting PASSKEY_PRESENCE_VERIFY. The userHandle carries DEK
165
+ // material in MoonX's overloaded model and has no business reaching
166
+ // the server. The server also defensively never reads it.
167
+ PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN",
168
+ PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY",
159
169
  GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS",
160
170
  // Parent-side passkey assertion plumbing. Parent calls GET_DEK_INFO
161
171
  // to learn which credential IDs to put in allowCredentials and to
@@ -9,7 +9,7 @@ import {
9
9
  PostMessageMethod,
10
10
  PostMessageServer,
11
11
  PostMessageType
12
- } from "../chunk-SOKLPX7V.mjs";
12
+ } from "../chunk-VVL65GIB.mjs";
13
13
  import {
14
14
  getMoonKeyApiUrl
15
15
  } from "../chunk-GQKIA37O.mjs";
@@ -1,5 +1,5 @@
1
- import { P as PostMessageClient } from '../post-message-C_99BCBh.mjs';
2
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-fNhwnCeY.mjs';
1
+ import { P as PostMessageClient } from '../post-message-CmgAfkOS.mjs';
2
+ import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-CYtJHALV.mjs';
3
3
 
4
4
  declare const getCachedPostMessageClient: (contentWindow: Window) => PostMessageClient;
5
5
  /**
@@ -1,5 +1,5 @@
1
- import { P as PostMessageClient } from '../post-message-C_99BCBh.js';
2
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-9k0eKCc4.js';
1
+ import { P as PostMessageClient } from '../post-message-CmgAfkOS.js';
2
+ import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-Bm7fGOAI.js';
3
3
 
4
4
  declare const getCachedPostMessageClient: (contentWindow: Window) => PostMessageClient;
5
5
  /**
package/dist/web/index.js CHANGED
@@ -1,9 +1,7 @@
1
1
  "use strict";
2
- var __create = Object.create;
3
2
  var __defProp = Object.defineProperty;
4
3
  var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
6
- var __getProtoOf = Object.getPrototypeOf;
7
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
8
6
  var __export = (target, all) => {
9
7
  for (var name in all)
@@ -17,14 +15,6 @@ var __copyProps = (to, from, except, desc) => {
17
15
  }
18
16
  return to;
19
17
  };
20
- var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
21
- // If the importer is in node compatibility mode or this is not an ESM
22
- // file that has been converted to a CommonJS file using a Babel-
23
- // compatible transform (i.e. "__esModule" has not been set), then set
24
- // "default" to the CommonJS "module.exports" for node compatibility.
25
- isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
26
- mod
27
- ));
28
18
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
29
19
 
30
20
  // src/web/index.ts
@@ -310,127 +300,44 @@ var createIframeTransport = ({
310
300
  isReady
311
301
  });
312
302
 
313
- // src/lib/auth/authentication-state.ts
314
- var AuthenticationState = class {
315
- constructor() {
316
- this.email = null;
317
- }
318
- setEmail(email) {
319
- this.email = email;
320
- }
321
- getEmail() {
322
- return this.email;
323
- }
324
- clearEmail() {
325
- this.email = null;
326
- }
327
- clear() {
328
- this.clearEmail();
329
- }
330
- };
331
- var authState = new AuthenticationState();
332
-
333
- // src/lib/passkey/passkey-codec.ts
334
- var fromB64url = (b64url) => {
335
- const base64 = b64url.replace(/-/g, "+").replace(/_/g, "/");
336
- const padded = base64 + "=".repeat((4 - base64.length % 4) % 4);
337
- const binary = atob(padded);
338
- const bytes = new Uint8Array(binary.length);
339
- for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
340
- return bytes;
341
- };
342
- var toB64url = (bytes) => {
343
- let str = "";
344
- for (let i = 0; i < bytes.length; i++) str += String.fromCharCode(bytes[i]);
345
- return btoa(str).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
346
- };
347
-
348
- // src/lib/ethereum/chains.ts
349
- var import_viem = require("viem");
350
-
351
- // src/lib/ethereum/siwe.ts
352
- var import_siwe = require("siwe");
353
- var import_viem2 = require("viem");
354
-
355
- // src/lib/ethereum/tx-prep.ts
356
- var import_viem3 = require("viem");
357
-
358
- // src/lib/solana/siws.ts
359
- var nacl = __toESM(require("tweetnacl"));
360
-
361
- // src/lib/solana/transaction-log-parser.ts
362
- var import_web3 = require("@solana/web3.js");
363
- var import_bn = __toESM(require("bn.js"));
364
-
365
303
  // src/web/webauthn-passkey.ts
304
+ var import_browser = require("@simplewebauthn/browser");
366
305
  var createWebAuthnPasskey = () => ({
367
306
  assert: async ({ rpId, challenge }) => {
368
- const challengeBytes = fromB64url(challenge);
369
- const credential = await navigator.credentials.get({
370
- publicKey: {
371
- challenge: challengeBytes,
307
+ const result = await (0, import_browser.startAuthentication)({
308
+ optionsJSON: {
309
+ challenge,
372
310
  rpId,
373
311
  userVerification: "preferred",
374
- // Empty allowCredentials → discoverable login → userHandle is
375
- // REQUIRED on the response. See `parent-passkey-assert.ts`
376
- // for the full rationale.
377
312
  allowCredentials: []
378
313
  }
379
314
  });
380
- if (!credential) throw new Error("passkey_assertion_cancelled");
381
- const assertion = credential.response;
382
- if (!assertion.userHandle) {
315
+ if (!result.response.userHandle) {
383
316
  throw new Error("user_handle_missing");
384
317
  }
385
318
  return {
386
- rawIdB64url: toB64url(new Uint8Array(credential.rawId)),
387
- userHandleB64url: toB64url(new Uint8Array(assertion.userHandle))
319
+ rawIdB64url: result.rawId,
320
+ userHandleB64url: result.response.userHandle
388
321
  };
389
322
  },
390
- create: async ({
391
- rpId,
392
- rpName,
393
- userId,
394
- userName,
395
- userDisplayName,
396
- challenge,
397
- excludeCredentials
398
- }) => {
399
- const challengeBytes = fromB64url(challenge);
400
- const credential = await navigator.credentials.create({
401
- publicKey: {
402
- rp: { id: rpId, name: rpName },
403
- user: {
404
- id: userId,
405
- name: userName,
406
- displayName: userDisplayName
407
- },
408
- challenge: challengeBytes,
409
- pubKeyCredParams: [
410
- { type: "public-key", alg: -7 },
411
- // ES256
412
- { type: "public-key", alg: -257 }
413
- // RS256
414
- ],
415
- authenticatorSelection: {
416
- residentKey: "required",
417
- userVerification: "preferred"
418
- },
419
- excludeCredentials: (excludeCredentials ?? []).map((id) => ({
420
- id: fromB64url(id),
421
- type: "public-key"
422
- }))
423
- }
323
+ assertForServer: async ({ optionsJSON }) => {
324
+ const result = await (0, import_browser.startAuthentication)({
325
+ optionsJSON
424
326
  });
425
- if (!credential) throw new Error("passkey_registration_cancelled");
426
- const attestation = credential.response;
427
- return {
428
- rawIdB64url: toB64url(new Uint8Array(credential.rawId)),
429
- clientDataJSONB64url: toB64url(new Uint8Array(attestation.clientDataJSON)),
430
- attestationObjectB64url: toB64url(
431
- new Uint8Array(attestation.attestationObject)
432
- )
327
+ const sanitized = {
328
+ id: result.id,
329
+ rawId: result.rawId,
330
+ type: result.type,
331
+ response: {
332
+ clientDataJSON: result.response.clientDataJSON,
333
+ authenticatorData: result.response.authenticatorData,
334
+ signature: result.response.signature,
335
+ userHandle: void 0
336
+ },
337
+ clientExtensionResults: result.clientExtensionResults,
338
+ authenticatorAttachment: result.authenticatorAttachment
433
339
  };
340
+ return sanitized;
434
341
  }
435
342
  });
436
343