@openfort/react-native 1.0.5 → 1.0.6

package/dist/core/provider.js

@@ -2,7 +2,7 @@ import { EmbeddedState, ShieldConfiguration, } from '@openfort/openfort-js';
 import React, { useCallback, useEffect, useMemo, useState } from 'react';
 import { validateEnvironment } from '../lib/environmentValidation';
 import { getEmbeddedStateName, logger } from '../lib/logger';
-import { EmbeddedWalletWebView, WebViewUtils } from '../native';
+import { EmbeddedWalletWebView, NativePasskeyHandler, WebViewUtils } from '../native';
 import { createOpenfortClient, setDefaultClient } from './client';
 import { OpenfortContext } from './context';
 /**
@@ -100,7 +100,20 @@ export const OpenfortProvider = ({ children, publishableKey, supportedChains, wa
             logger.printVerboseWarning();
         logger.setVerbose(verbose);
     }, [verbose]);
-    // Create or use provided client
+    // Create passkey handler if passkey recovery is configured (single instance for SDK and WebView)
+    const passkeyHandler = useMemo(() => {
+        if (walletConfig?.passkeyRpId) {
+            if (!walletConfig.passkeyRpName) {
+                logger.warn('passkeyRpName is required when passkeyRpId is provided for passkey recovery');
+            }
+            return new NativePasskeyHandler({
+                rpId: walletConfig.passkeyRpId,
+                rpName: walletConfig.passkeyRpName ?? walletConfig.passkeyRpId,
+            });
+        }
+        return undefined;
+    }, [walletConfig?.passkeyRpId, walletConfig?.passkeyRpName]);
+    // Create client with passkeyHandler in overrides when configured
     const client = useMemo(() => {
         const newClient = createOpenfortClient({
             baseConfiguration: {
@@ -110,14 +123,19 @@ export const OpenfortProvider = ({ children, publishableKey, supportedChains, wa
                 ? new ShieldConfiguration({
                     shieldPublishableKey: walletConfig.shieldPublishableKey,
                     shieldDebug: walletConfig.debug,
+                    passkeyRpId: walletConfig.passkeyRpId,
+                    passkeyRpName: walletConfig.passkeyRpName,
                 })
                 : undefined,
-            overrides,
+            overrides: {
+                ...overrides,
+                ...(passkeyHandler && { passkeyHandler }),
+            },
             thirdPartyAuth,
         });
         setDefaultClient(newClient);
         return newClient;
-    }, [publishableKey, walletConfig, overrides]);
+    }, [publishableKey, walletConfig, overrides, thirdPartyAuth, passkeyHandler]);
     // Embedded state
     const [embeddedState, setEmbeddedState] = useState(EmbeddedState.NONE);
     // Start polling embedded state: only update and log when state changes
@@ -283,7 +301,7 @@ export const OpenfortProvider = ({ children, publishableKey, supportedChains, wa
     ]);
     return (React.createElement(OpenfortContext.Provider, { value: contextValue },
         children,
-        client && isReady && WebViewUtils.isSupported() && (React.createElement(EmbeddedWalletWebView, { client: client, isClientReady: isReady, onProxyStatusChange: (status) => {
+        client && isReady && WebViewUtils.isSupported() && (React.createElement(EmbeddedWalletWebView, { client: client, isClientReady: isReady, debug: walletConfig?.debug, onProxyStatusChange: (status) => {
                 // Handle WebView status changes for debugging
                 if (verbose) {
                     logger.debug('WebView status changed', status);

package/dist/hooks/core/index.js

@@ -6,4 +6,5 @@
 // Core SDK hooks
 export { useOpenfort } from './useOpenfort';
 export { useOpenfortClient } from './useOpenfortClient';
+export { usePasskeySupport } from './usePasskeySupport';
 export { useUser } from './useUser';

package/dist/hooks/core/usePasskeySupport.js

@@ -0,0 +1,34 @@
+import { useEffect, useState } from 'react';
+import { isPasskeySupported } from '../../native/passkey';
+/**
+ * Hook to detect if the platform supports passkeys (WebAuthn).
+ *
+ * Note: This only checks basic passkey support, not PRF extension support.
+ * PRF support can only be determined during passkey creation via the
+ * `clientExtensionResults.prf.enabled` field in the response.
+ *
+ * @returns Object with `isSupported` boolean and `isLoading` state
+ */
+export function usePasskeySupport() {
+    const [isSupported, setIsSupported] = useState(false);
+    const [isLoading, setIsLoading] = useState(true);
+    useEffect(() => {
+        async function checkSupport() {
+            try {
+                const available = await isPasskeySupported();
+                setIsSupported(available);
+            }
+            catch {
+                setIsSupported(false);
+            }
+            finally {
+                setIsLoading(false);
+            }
+        }
+        checkSupport();
+    }, []);
+    return {
+        isSupported,
+        isLoading,
+    };
+}

package/dist/hooks/wallet/useEmbeddedEthereumWallet.js

@@ -1,4 +1,4 @@
-import { AccountTypeEnum, ChainTypeEnum, EmbeddedState } from '@openfort/openfort-js';
+import { AccountTypeEnum, ChainTypeEnum, EmbeddedState, RecoveryMethod, } from '@openfort/openfort-js';
 import { useCallback, useEffect, useMemo, useRef, useState } from 'react';
 import { useOpenfortContext } from '../../core/context';
 import { onError, onSuccess } from '../../lib/hookConsistency';
@@ -246,10 +246,19 @@ export function useEmbeddedEthereumWallet(options = {}) {
             return acc;
         }, []);
         return deduplicatedAccounts.map((account, index) => ({
+            id: account.id,
             address: account.address,
+            chainType: ChainTypeEnum.EVM,
+            chainId: account.chainId,
             ownerAddress: account.ownerAddress,
+            factoryAddress: account.factoryAddress,
+            salt: account.salt,
+            accountType: account.accountType,
+            implementationAddress: account.implementationAddress,
+            createdAt: account.createdAt,
             implementationType: account.implementationType,
-            chainType: ChainTypeEnum.EVM,
+            recoveryMethod: account.recoveryMethod,
+            recoveryMethodDetails: account.recoveryMethodDetails,
             walletIndex: index,
             getProvider: async () => await getEthereumProvider(),
         }));
@@ -303,7 +312,10 @@ export function useEmbeddedEthereumWallet(options = {}) {
                 },
             });
             if (createOptions?.onSuccess) {
-                createOptions.onSuccess({ account: embeddedAccount, provider: ethProvider });
+                createOptions.onSuccess({
+                    account: embeddedAccount,
+                    provider: ethProvider,
+                });
             }
             if (options.onCreateSuccess) {
                 options.onCreateSuccess(embeddedAccount, ethProvider);
@@ -382,8 +394,30 @@ export function useEmbeddedEthereumWallet(options = {}) {
                         : `No embedded smart account found for address ${setActiveOptions.address} on chain ID ${chainId}`;
                     throw new OpenfortError(errorMsg, OpenfortErrorType.WALLET_ERROR);
                 }
+                // Auto-detect recovery method from account if not explicitly provided
+                let effectiveRecoveryMethod = setActiveOptions.recoveryMethod;
+                let effectivePasskeyId = setActiveOptions.passkeyId;
+                if (!effectiveRecoveryMethod && embeddedAccountToRecover.recoveryMethod) {
+                    if (embeddedAccountToRecover.recoveryMethod === RecoveryMethod.PASSKEY) {
+                        effectiveRecoveryMethod = 'passkey';
+                        if (!effectivePasskeyId) {
+                            const details = embeddedAccountToRecover.recoveryMethodDetails;
+                            if (details && 'passkeyId' in details && typeof details.passkeyId === 'string') {
+                                effectivePasskeyId = details.passkeyId;
+                            }
+                        }
+                    }
+                    else if (embeddedAccountToRecover.recoveryMethod === RecoveryMethod.PASSWORD) {
+                        effectiveRecoveryMethod = 'password';
+                    }
+                }
                 // Build recovery params
-                const recoveryParams = await buildRecoveryParams({ ...setActiveOptions, userId: user?.id }, walletConfig);
+                const recoveryParams = await buildRecoveryParams({
+                    ...setActiveOptions,
+                    userId: user?.id,
+                    recoveryMethod: effectiveRecoveryMethod,
+                    passkeyId: effectivePasskeyId,
+                }, walletConfig);
                 // Recover the embedded wallet
                 const embeddedAccount = await client.embeddedWallet.recover({
                     account: embeddedAccountToRecover.id,
@@ -396,10 +430,19 @@ export function useEmbeddedEthereumWallet(options = {}) {
                 const walletIndex = embeddedAccounts.findIndex((acc) => acc.address.toLowerCase() === embeddedAccount.address.toLowerCase() &&
                     acc.chainId === embeddedAccount.chainId);
                 const wallet = {
+                    id: embeddedAccount.id,
                     address: embeddedAccount.address,
+                    chainType: ChainTypeEnum.EVM,
+                    chainId: embeddedAccount.chainId,
                     ownerAddress: embeddedAccount.ownerAddress,
+                    factoryAddress: embeddedAccount.factoryAddress,
+                    salt: embeddedAccount.salt,
+                    accountType: embeddedAccount.accountType,
+                    implementationAddress: embeddedAccount.implementationAddress,
+                    createdAt: embeddedAccount.createdAt,
                     implementationType: embeddedAccount.implementationType,
-                    chainType: ChainTypeEnum.EVM,
+                    recoveryMethod: embeddedAccount.recoveryMethod,
+                    recoveryMethodDetails: embeddedAccount.recoveryMethodDetails,
                     walletIndex: walletIndex >= 0 ? walletIndex : 0,
                     getProvider: async () => ethProvider,
                 };
@@ -485,10 +528,19 @@ export function useEmbeddedEthereumWallet(options = {}) {
         // Find the wallet index in the accounts list
         const accountIndex = embeddedAccounts.findIndex((acc) => acc.id === activeWalletId);
         return {
+            id: activeAccount.id,
             address: activeAccount.address,
+            chainType: ChainTypeEnum.EVM,
+            chainId: activeAccount.chainId,
             ownerAddress: activeAccount.ownerAddress,
+            factoryAddress: activeAccount.factoryAddress,
+            salt: activeAccount.salt,
+            accountType: activeAccount.accountType,
+            implementationAddress: activeAccount.implementationAddress,
+            createdAt: activeAccount.createdAt,
             implementationType: activeAccount.implementationType,
-            chainType: ChainTypeEnum.EVM,
+            recoveryMethod: activeAccount.recoveryMethod,
+            recoveryMethodDetails: activeAccount.recoveryMethodDetails,
             walletIndex: accountIndex >= 0 ? accountIndex : 0,
             getProvider: async () => await getEthereumProvider(),
         };
@@ -510,10 +562,19 @@ export function useEmbeddedEthereumWallet(options = {}) {
             return { ...baseActions, status: 'creating', activeWallet: null };
         }
         if (status.status === 'connecting' || status.status === 'reconnecting' || status.status === 'loading') {
-            return { ...baseActions, status: 'connecting', activeWallet: activeWallet };
+            return {
+                ...baseActions,
+                status: 'connecting',
+                activeWallet: activeWallet,
+            };
         }
         if (status.status === 'error') {
-            return { ...baseActions, status: 'error', activeWallet, error: status.error?.message || 'Unknown error' };
+            return {
+                ...baseActions,
+                status: 'error',
+                activeWallet,
+                error: status.error?.message || 'Unknown error',
+            };
         }
         // Priority 2: Check authentication state from context
         if (embeddedState !== EmbeddedState.READY && embeddedState !== EmbeddedState.CREATING_ACCOUNT) {
@@ -527,7 +588,11 @@ export function useEmbeddedEthereumWallet(options = {}) {
         }
         if (activeAccount && !provider) {
             // Have wallet but provider not initialized yet (mount recovery in progress)
-            return { ...baseActions, status: 'connecting', activeWallet: activeWallet };
+            return {
+                ...baseActions,
+                status: 'connecting',
+                activeWallet: activeWallet,
+            };
         }
         // Default: disconnected (authenticated but no wallet selected)
         return { ...baseActions, status: 'disconnected', activeWallet: null };

package/dist/hooks/wallet/useEmbeddedSolanaWallet.js

@@ -1,4 +1,4 @@
-import { AccountTypeEnum, ChainTypeEnum, EmbeddedState } from '@openfort/openfort-js';
+import { AccountTypeEnum, ChainTypeEnum, EmbeddedState, RecoveryMethod, } from '@openfort/openfort-js';
 import { useCallback, useEffect, useMemo, useRef, useState } from 'react';
 import { useOpenfortContext } from '../../core/context';
 import { onError, onSuccess } from '../../lib/hookConsistency';
@@ -224,7 +224,9 @@ export function useEmbeddedSolanaWallet(options = {}) {
             },
             signMessage: async (message) => {
                 // Sign message using openfort-js (with hashMessage: false for Solana)
-                const result = await client.embeddedWallet.signMessage(message, { hashMessage: false });
+                const result = await client.embeddedWallet.signMessage(message, {
+                    hashMessage: false,
+                });
                 return result;
             },
         });
@@ -265,8 +267,12 @@ export function useEmbeddedSolanaWallet(options = {}) {
     // Build wallets list (simple deduplication by address)
     const wallets = useMemo(() => {
         return embeddedAccounts.map((account, index) => ({
+            id: account.id,
             address: account.address,
             chainType: ChainTypeEnum.SVM,
+            createdAt: account.createdAt,
+            recoveryMethod: account.recoveryMethod,
+            recoveryMethodDetails: account.recoveryMethodDetails,
             walletIndex: index,
             getProvider: async () => await getSolanaProvider(account),
         }));
@@ -278,7 +284,11 @@ export function useEmbeddedSolanaWallet(options = {}) {
             setStatus({ status: 'creating' });
             // Build recovery params (only use recoveryPassword, otpCode, and userId, ignore createAdditional)
             const recoveryParams = await buildRecoveryParams(createOptions?.recoveryPassword || createOptions?.otpCode || user?.id
-                ? { recoveryPassword: createOptions?.recoveryPassword, otpCode: createOptions?.otpCode, userId: user?.id }
+                ? {
+                    recoveryPassword: createOptions?.recoveryPassword,
+                    otpCode: createOptions?.otpCode,
+                    userId: user?.id,
+                }
                 : undefined, walletConfig);
             // Create embedded wallet
             const embeddedAccount = await client.embeddedWallet.create({
@@ -303,7 +313,10 @@ export function useEmbeddedSolanaWallet(options = {}) {
                 },
             });
             if (createOptions?.onSuccess) {
-                createOptions.onSuccess({ account: embeddedAccount, provider: solProvider });
+                createOptions.onSuccess({
+                    account: embeddedAccount,
+                    provider: solProvider,
+                });
             }
             if (options.onCreateSuccess) {
                 options.onCreateSuccess(embeddedAccount, solProvider);
@@ -357,8 +370,30 @@ export function useEmbeddedSolanaWallet(options = {}) {
                 if (!embeddedAccountToRecover) {
                     throw new OpenfortError(`No embedded Solana account found for address ${setActiveOptions.address}`, OpenfortErrorType.WALLET_ERROR);
                 }
+                // Auto-detect recovery method from account if not explicitly provided
+                let effectiveRecoveryMethod = setActiveOptions.recoveryMethod;
+                let effectivePasskeyId = setActiveOptions.passkeyId;
+                if (!effectiveRecoveryMethod && embeddedAccountToRecover.recoveryMethod) {
+                    if (embeddedAccountToRecover.recoveryMethod === RecoveryMethod.PASSKEY) {
+                        effectiveRecoveryMethod = 'passkey';
+                        if (!effectivePasskeyId) {
+                            const details = embeddedAccountToRecover.recoveryMethodDetails;
+                            if (details && 'passkeyId' in details && typeof details.passkeyId === 'string') {
+                                effectivePasskeyId = details.passkeyId;
+                            }
+                        }
+                    }
+                    else if (embeddedAccountToRecover.recoveryMethod === RecoveryMethod.PASSWORD) {
+                        effectiveRecoveryMethod = 'password';
+                    }
+                }
                 // Build recovery params
-                const recoveryParams = await buildRecoveryParams({ ...setActiveOptions, userId: user?.id }, walletConfig);
+                const recoveryParams = await buildRecoveryParams({
+                    ...setActiveOptions,
+                    userId: user?.id,
+                    recoveryMethod: effectiveRecoveryMethod,
+                    passkeyId: effectivePasskeyId,
+                }, walletConfig);
                 // Recover the embedded wallet
                 const embeddedAccount = await client.embeddedWallet.recover({
                     account: embeddedAccountToRecover.id,
@@ -370,8 +405,12 @@ export function useEmbeddedSolanaWallet(options = {}) {
                 // Find the wallet index in the accounts list
                 const walletIndex = embeddedAccounts.findIndex((acc) => acc.address.toLowerCase() === embeddedAccount.address.toLowerCase());
                 const wallet = {
+                    id: embeddedAccount.id,
                     address: embeddedAccount.address,
                     chainType: ChainTypeEnum.SVM,
+                    createdAt: embeddedAccount.createdAt,
+                    recoveryMethod: embeddedAccount.recoveryMethod,
+                    recoveryMethodDetails: embeddedAccount.recoveryMethodDetails,
                     walletIndex: walletIndex >= 0 ? walletIndex : 0,
                     getProvider: async () => solProvider,
                 };
@@ -422,8 +461,12 @@ export function useEmbeddedSolanaWallet(options = {}) {
         // Find the wallet index in the accounts list
         const accountIndex = embeddedAccounts.findIndex((acc) => acc.id === activeWalletId);
         return {
+            id: activeAccount.id,
             address: activeAccount.address,
             chainType: ChainTypeEnum.SVM,
+            createdAt: activeAccount.createdAt,
+            recoveryMethod: activeAccount.recoveryMethod,
+            recoveryMethodDetails: activeAccount.recoveryMethodDetails,
             walletIndex: accountIndex >= 0 ? accountIndex : 0,
             getProvider: async () => await getSolanaProvider(activeAccount),
         };
@@ -443,10 +486,15 @@ export function useEmbeddedSolanaWallet(options = {}) {
             return { ...baseActions, status: 'creating', activeWallet: null };
         }
         if (status.status === 'connecting' || status.status === 'reconnecting' || status.status === 'loading') {
-            return { ...baseActions, status: 'connecting' };
+            return { ...baseActions, status: 'connecting', activeWallet };
         }
         if (status.status === 'error') {
-            return { ...baseActions, status: 'error', activeWallet, error: status.error?.message || 'Unknown error' };
+            return {
+                ...baseActions,
+                status: 'error',
+                activeWallet,
+                error: status.error?.message || 'Unknown error',
+            };
         }
         // Priority 2: Check authentication state from context
         if (embeddedState !== EmbeddedState.READY && embeddedState !== EmbeddedState.CREATING_ACCOUNT) {
@@ -460,7 +508,7 @@ export function useEmbeddedSolanaWallet(options = {}) {
         }
         if (activeAccount && !provider) {
             // Have wallet but provider not initialized yet (mount recovery in progress)
-            return { ...baseActions, status: 'connecting' };
+            return { ...baseActions, status: 'connecting', activeWallet };
         }
         // Default: disconnected (authenticated but no wallet selected)
         return { ...baseActions, status: 'disconnected', activeWallet: null };

package/dist/hooks/wallet/utils.js

@@ -65,12 +65,33 @@ async function resolveEncryptionSession(walletConfig, otpCode, userId) {
  * @internal
  */
 export async function buildRecoveryParams(options, walletConfig) {
-    if (options?.recoveryPassword) {
+    // If passkey recovery method is explicitly requested
+    if (options?.recoveryMethod === 'passkey') {
+        // If passkeyId is provided, use it for recovery
+        if (options.passkeyId) {
+            return {
+                recoveryMethod: RecoveryMethod.PASSKEY,
+                passkeyInfo: {
+                    passkeyId: options.passkeyId,
+                },
+            };
+        }
+        // If no passkeyId, this is a creation request - SDK will create the passkey
+        return {
+            recoveryMethod: RecoveryMethod.PASSKEY,
+        };
+    }
+    // If password recovery method is explicitly requested or password is provided
+    if (options?.recoveryMethod === 'password' || options?.recoveryPassword) {
+        if (!options?.recoveryPassword) {
+            throw new OpenfortError('Recovery password is required when using password recovery method', OpenfortErrorType.WALLET_ERROR);
+        }
         return {
             recoveryMethod: RecoveryMethod.PASSWORD,
             password: options.recoveryPassword,
         };
     }
+    // Default to automatic recovery
     return {
         recoveryMethod: RecoveryMethod.AUTOMATIC,
         encryptionSession: await resolveEncryptionSession(walletConfig, options?.otpCode, options?.userId),

package/dist/native/index.js

@@ -1,6 +1,7 @@
-// WebView integration
 // OAuth flows
 export { authenticateWithApple, createOAuthRedirectUri, isAppleSignInAvailable, OAuthUtils, openOAuthSession, parseOAuthUrl, } from './oauth';
+// Passkey handler and support checks
+export { getPasskeyDiagnostics, isPasskeySupported, NativePasskeyHandler } from './passkey';
 // Storage utilities
 export { handleSecureStorageMessage, isSecureStorageMessage, NativeStorageUtils, } from './storage';
 export { EmbeddedWalletWebView, WebViewUtils } from './webview';

package/dist/native/passkey.js

@@ -0,0 +1,316 @@
+import { PasskeyAssertionFailedError, PasskeyCreationFailedError, PasskeyPRFNotSupportedError, PasskeySeedInvalidError, PasskeyUserCancelledError, } from '@openfort/openfort-js';
+import { logger } from '../lib/logger';
+/**
+ * Utility functions for passkey operations in React Native.
+ * Handles base64/base64url encoding, key extraction, and challenge generation.
+ */
+const PasskeyUtils = {
+    /** Valid byte lengths for derived keys (AES-128, AES-192, AES-256) */
+    validByteLengths: [16, 24, 32],
+    /**
+     * Validates that the key byte length is valid for AES encryption.
+     * @throws Error if length is not 16, 24, or 32
+     */
+    validateKeyByteLength(length) {
+        if (!this.validByteLengths.includes(length)) {
+            throw new Error(`Invalid key byte length ${length}. Must be 16, 24, or 32.`);
+        }
+    },
+    /**
+     * Generates a random 32-byte challenge for WebAuthn operations.
+     */
+    generateChallenge() {
+        const challenge = new Uint8Array(32);
+        if (typeof crypto !== 'undefined' && crypto.getRandomValues) {
+            crypto.getRandomValues(challenge);
+        }
+        else {
+            // Fallback for environments without crypto.getRandomValues
+            for (let i = 0; i < 32; i++) {
+                challenge[i] = Math.floor(Math.random() * 256);
+            }
+        }
+        return challenge;
+    },
+    /**
+     * Converts ArrayBuffer or Uint8Array to base64url string.
+     * Base64URL uses '-' and '_' instead of '+' and '/', and omits padding '='.
+     */
+    arrayBufferToBase64URL(buffer) {
+        const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
+        let binary = '';
+        for (const byte of bytes) {
+            binary += String.fromCharCode(byte);
+        }
+        const base64 = btoa(binary);
+        return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+    },
+    /**
+     * Converts base64url string to Uint8Array.
+     */
+    base64URLToUint8Array(base64url) {
+        // Convert base64url to base64
+        let base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');
+        // Add padding if needed
+        while (base64.length % 4) {
+            base64 += '=';
+        }
+        const binary = atob(base64);
+        const bytes = new Uint8Array(binary.length);
+        for (let i = 0; i < binary.length; i++) {
+            bytes[i] = binary.charCodeAt(i);
+        }
+        return bytes;
+    },
+    /**
+     * Converts standard base64 to base64url format.
+     * This is idempotent - safe to call on strings already in base64url format.
+     */
+    base64ToBase64URL(base64) {
+        return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+    },
+    /**
+     * Extracts the first N bytes from a PRF result for use as key material.
+     */
+    extractRawKeyBytes(prfResult, length) {
+        return prfResult.slice(0, length);
+    },
+};
+let passkeysModule = null;
+let passkeysLoadAttempted = false;
+let passkeysLoadError = null;
+/**
+ * Returns the passkeys API (create, get, isSupported). Resolves module.Passkeys ?? module once.
+ * Returns null if the module failed to load.
+ */
+function getPasskeysAPI() {
+    if (passkeysLoadAttempted) {
+        return passkeysLoadError ? null : passkeysModule ? (passkeysModule.Passkeys ?? passkeysModule) : null;
+    }
+    passkeysLoadAttempted = true;
+    try {
+        passkeysModule = require('react-native-passkeys');
+        return passkeysModule ? (passkeysModule.Passkeys ?? passkeysModule) : null;
+    }
+    catch (error) {
+        passkeysLoadError = error instanceof Error ? error : new Error(String(error));
+        return null;
+    }
+}
+/**
+ * Returns diagnostic information about passkey support.
+ * Useful for debugging why passkeys may not be available.
+ */
+export function getPasskeyDiagnostics() {
+    const api = getPasskeysAPI();
+    return {
+        isSupported: api !== null && api.isSupported !== undefined,
+        loadError: passkeysLoadError,
+        moduleLoaded: passkeysLoadAttempted && passkeysLoadError === null,
+    };
+}
+/**
+ * Checks if the device supports passkeys (WebAuthn). Uses the library's isSupported() only — no credential creation.
+ * Normalizes sync/async and function/boolean from react-native-passkeys.
+ */
+export async function isPasskeySupported() {
+    const api = getPasskeysAPI();
+    if (!api || api.isSupported == null) {
+        return false;
+    }
+    const supported = api.isSupported;
+    if (typeof supported === 'boolean') {
+        return supported;
+    }
+    if (typeof supported === 'function') {
+        const result = supported();
+        return result instanceof Promise ? result : Promise.resolve(result);
+    }
+    return false;
+}
+/**
+ * NativePasskeyHandler implements IPasskeyHandler using react-native-passkeys (create/get)
+ * as the native equivalent of navigator.credentials.create/get. Same contract as openfort-js
+ * PasskeyHandler; key is returned to the SDK/Shield like on web.
+ */
+export class NativePasskeyHandler {
+    rpId;
+    rpName;
+    timeout;
+    derivedKeyLengthBytes;
+    constructor(config) {
+        this.rpId = config.rpId;
+        this.rpName = config.rpName;
+        this.timeout = config.timeout ?? 60_000;
+        this.derivedKeyLengthBytes = config.derivedKeyLengthBytes ?? 32;
+        PasskeyUtils.validateKeyByteLength(this.derivedKeyLengthBytes);
+    }
+    /**
+     * Normalizes prf.results.first from the native module to Uint8Array.
+     * On Android, the bridge may return base64 string or array of numbers.
+     */
+    normalizePRFResult(first) {
+        if (typeof first === 'string') {
+            return PasskeyUtils.base64URLToUint8Array(first);
+        }
+        if (first instanceof ArrayBuffer) {
+            return new Uint8Array(first);
+        }
+        if (ArrayBuffer.isView(first)) {
+            return new Uint8Array(first.buffer, first.byteOffset, first.byteLength);
+        }
+        if (Array.isArray(first) || (typeof first === 'object' && first !== null && 'length' in first)) {
+            return new Uint8Array(first);
+        }
+        throw new Error('PRF result: expected base64 string, ArrayBuffer, TypedArray, or array of numbers');
+    }
+    /**
+     * Extracts key bytes from PRF result and returns as base64url string.
+     * Validates that the PRF result has sufficient entropy for the requested key length.
+     */
+    extractKeyBytes(prfResultBytes) {
+        // Validate PRF result has sufficient entropy
+        if (prfResultBytes.length < this.derivedKeyLengthBytes) {
+            throw new Error(`PRF result too short: got ${prfResultBytes.length} bytes, need at least ${this.derivedKeyLengthBytes} bytes`);
+        }
+        const keyBytes = PasskeyUtils.extractRawKeyBytes(prfResultBytes, this.derivedKeyLengthBytes);
+        return PasskeyUtils.arrayBufferToBase64URL(keyBytes);
+    }
+    /**
+     * Creates a passkey and derives a key using the PRF extension.
+     */
+    async createPasskey(config) {
+        if (!this.rpId || !this.rpName) {
+            throw new Error('rpId and rpName must be configured');
+        }
+        // Validate seed is non-empty for PRF entropy
+        if (!config.seed || config.seed.trim().length === 0) {
+            throw new PasskeySeedInvalidError();
+        }
+        const challenge = PasskeyUtils.generateChallenge();
+        // Android Credentials API requires base64url for challenge
+        const challengeBase64URL = PasskeyUtils.arrayBufferToBase64URL(challenge);
+        const userIdBytes = new TextEncoder().encode(config.id);
+        // Android Credentials API requires base64url for user.id
+        const userIdBase64URL = PasskeyUtils.arrayBufferToBase64URL(userIdBytes);
+        const publicKey = {
+            challenge: challengeBase64URL,
+            rp: { id: this.rpId, name: this.rpName },
+            user: {
+                id: userIdBase64URL,
+                name: config.id,
+                displayName: config.displayName,
+            },
+            pubKeyCredParams: [
+                { type: 'public-key', alg: -7 },
+                { type: 'public-key', alg: -257 },
+            ],
+            authenticatorSelection: {
+                residentKey: 'required',
+                userVerification: 'required',
+            },
+            excludeCredentials: [],
+            // PRF extension: react-native-passkeys expects all inputs as base64url
+            extensions: {
+                prf: {
+                    eval: {
+                        first: PasskeyUtils.arrayBufferToBase64URL(new TextEncoder().encode(config.seed)),
+                    },
+                },
+            },
+            timeout: this.timeout,
+            attestation: 'none',
+        };
+        const api = getPasskeysAPI();
+        if (!api?.create || typeof api.create !== 'function') {
+            throw new Error('react-native-passkeys module not available');
+        }
+        let credential;
+        try {
+            credential = await api.create(publicKey);
+        }
+        catch (e) {
+            // Re-throw known error types
+            if (e instanceof PasskeyUserCancelledError)
+                throw e;
+            if (e instanceof PasskeySeedInvalidError)
+                throw e;
+            throw new PasskeyCreationFailedError(e instanceof Error ? e.message : 'Unknown error', e instanceof Error ? e : undefined);
+        }
+        if (!credential) {
+            // Null result typically indicates user cancellation
+            throw new PasskeyUserCancelledError();
+        }
+        const prfResults = credential.clientExtensionResults?.prf;
+        if (!prfResults?.results?.first) {
+            // Log warning about orphaned passkey credential
+            logger.warn('Passkey created but PRF extension failed. ' +
+                'A passkey credential may exist on the device that cannot be used for wallet recovery. ' +
+                `Credential ID: ${credential.id}`);
+            throw new PasskeyPRFNotSupportedError();
+        }
+        const prfResultBytes = this.normalizePRFResult(prfResults.results.first);
+        const key = this.extractKeyBytes(prfResultBytes);
+        return {
+            id: credential.id,
+            displayName: config.displayName,
+            key,
+        };
+    }
+    /**
+     * Derives and exports key material from an existing passkey as base64url string.
+     */
+    async deriveAndExportKey(config) {
+        if (!this.rpId) {
+            throw new Error('rpId must be configured');
+        }
+        // Validate seed is non-empty for PRF entropy
+        if (!config.seed || config.seed.trim().length === 0) {
+            throw new PasskeySeedInvalidError();
+        }
+        const challenge = PasskeyUtils.generateChallenge();
+        const challengeBase64URL = PasskeyUtils.arrayBufferToBase64URL(challenge);
+        // Always normalize to base64url - this is idempotent for strings already in base64url format
+        const credentialId = PasskeyUtils.base64ToBase64URL(config.id);
+        const publicKey = {
+            challenge: challengeBase64URL,
+            rpId: this.rpId,
+            allowCredentials: [{ id: credentialId, type: 'public-key' }],
+            userVerification: 'required',
+            extensions: {
+                prf: {
+                    eval: {
+                        first: PasskeyUtils.arrayBufferToBase64URL(new TextEncoder().encode(config.seed)),
+                    },
+                },
+            },
+            timeout: this.timeout,
+        };
+        const api = getPasskeysAPI();
+        if (!api?.get || typeof api.get !== 'function') {
+            throw new Error('react-native-passkeys module not available');
+        }
+        let assertion;
+        try {
+            assertion = await api.get(publicKey);
+        }
+        catch (e) {
+            // Re-throw known error types
+            if (e instanceof PasskeyUserCancelledError)
+                throw e;
+            if (e instanceof PasskeySeedInvalidError)
+                throw e;
+            throw new PasskeyAssertionFailedError(e instanceof Error ? e.message : 'Unknown error', e instanceof Error ? e : undefined);
+        }
+        if (!assertion) {
+            // Null result typically indicates user cancellation
+            throw new PasskeyUserCancelledError();
+        }
+        const prfResults = assertion.clientExtensionResults?.prf;
+        if (!prfResults?.results?.first) {
+            throw new PasskeyPRFNotSupportedError();
+        }
+        const prfResultBytes = this.normalizePRFResult(prfResults.results.first);
+        return this.extractKeyBytes(prfResultBytes);
+    }
+}

package/dist/native/webview.js

@@ -12,7 +12,7 @@ import { handleSecureStorageMessage, isSecureStorageMessage } from './storage';
  *
  * @param props - Component props, see {@link EmbeddedWalletWebViewProps}
  */
-export const EmbeddedWalletWebView = ({ client, isClientReady, onProxyStatusChange, }) => {
+export const EmbeddedWalletWebView = ({ client, onProxyStatusChange, debug }) => {
     const webViewRef = useRef(null);
     // Handle app state changes to monitor WebView health
     useEffect(() => {
@@ -44,7 +44,6 @@ export const EmbeddedWalletWebView = ({ client, isClientReady, onProxyStatusChan
     // Set up WebView reference with client immediately when both are available
     useEffect(() => {
         if (webViewRef.current) {
-            // Message poster with Uint8Array preprocessing for React Native
             const messagePoster = {
                 postMessage: (message) => {
                     webViewRef.current?.postMessage(message);
@@ -52,7 +51,7 @@ export const EmbeddedWalletWebView = ({ client, isClientReady, onProxyStatusChan
             };
             client.embeddedWallet.setMessagePoster(messagePoster);
         }
-    }, [client, isClientReady]);
+    }, [client]);
     // Clean message handler using the new penpal bridge
     const handleMessage = useCallback(async (event) => {
         try {
@@ -91,7 +90,9 @@ export const EmbeddedWalletWebView = ({ client, isClientReady, onProxyStatusChan
     return (React.createElement(View, { style: { width: 0, height: 0, overflow: 'hidden' } },
         React.createElement(WebView, { ref: handleWebViewRef, source: {
                 uri: client.embeddedWallet.getURL(),
-            }, webviewDebuggingEnabled: true, cacheEnabled: false, injectedJavaScriptObject: { shouldUseAppBackedStorage: true }, cacheMode: "LOAD_NO_CACHE", onLoad: handleLoad, onError: handleError, onMessage: handleMessage })));
+            }, 
+            // Enable debugging when explicitly enabled via walletConfig.debug
+            webviewDebuggingEnabled: debug, cacheEnabled: false, injectedJavaScriptObject: { shouldUseAppBackedStorage: true }, cacheMode: "LOAD_NO_CACHE", onLoad: handleLoad, onError: handleError, onMessage: handleMessage })));
 };
 /**
  * Utilities for WebView integration

package/dist/types/core/provider.d.ts

@@ -8,8 +8,12 @@ export type CommonEmbeddedWalletConfiguration = {
     ethereumProviderPolicyId?: PolicyConfig;
     accountType?: AccountTypeEnum;
     debug?: boolean;
-    /** Recovery method for the embedded wallet: 'automatic' or 'password' */
-    recoveryMethod?: 'automatic' | 'password';
+    /** Recovery method for the embedded wallet: 'automatic', 'password', or 'passkey' */
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    /** Passkey Relying Party ID (domain) for passkey-based recovery */
+    passkeyRpId?: string;
+    /** Passkey Relying Party Name for passkey-based recovery */
+    passkeyRpName?: string;
 };
 /**
  * Parameters passed to the encryption session callback

package/dist/types/hooks/core/index.d.ts

@@ -5,4 +5,5 @@
  */
 export { useOpenfort } from './useOpenfort';
 export { useOpenfortClient } from './useOpenfortClient';
+export { usePasskeySupport } from './usePasskeySupport';
 export { useUser } from './useUser';

package/dist/types/hooks/core/usePasskeySupport.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Hook to detect if the platform supports passkeys (WebAuthn).
+ *
+ * Note: This only checks basic passkey support, not PRF extension support.
+ * PRF support can only be determined during passkey creation via the
+ * `clientExtensionResults.prf.enabled` field in the response.
+ *
+ * @returns Object with `isSupported` boolean and `isLoading` state
+ */
+export declare function usePasskeySupport(): {
+    isSupported: boolean;
+    isLoading: boolean;
+};

package/dist/types/hooks/wallet/utils.d.ts

@@ -16,4 +16,6 @@ export declare function buildRecoveryParams(options: {
     recoveryPassword?: string;
     otpCode?: string;
     userId?: string;
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    passkeyId?: string;
 } | undefined, walletConfig?: EmbeddedWalletConfiguration): Promise<RecoveryParams>;

package/dist/types/index.d.ts

@@ -14,3 +14,4 @@ export * from './core';
 export * from './hooks';
 export * from './native';
 export * from './types';
+export type { RecoveryMethodDetails } from './types/wallet';

package/dist/types/index.js

@@ -1 +1,2 @@
-export {};
+// Passkey error types (re-exported from @openfort/openfort-js)
+export { PASSKEY_ERROR_CODES, PasskeyAssertionFailedError, PasskeyCreationFailedError, PasskeyPRFNotSupportedError, PasskeySeedInvalidError, PasskeyUserCancelledError, } from '@openfort/openfort-js';

package/dist/types/native/index.d.ts

@@ -1,5 +1,7 @@
 export type { AppleAuthResult, OAuthResult, OAuthSessionConfig, } from './oauth';
 export { authenticateWithApple, createOAuthRedirectUri, isAppleSignInAvailable, OAuthUtils, openOAuthSession, parseOAuthUrl, } from './oauth';
+export type { NativePasskeyHandlerConfig, PasskeysAPI } from './passkey';
+export { getPasskeyDiagnostics, isPasskeySupported, NativePasskeyHandler } from './passkey';
 export type { SecureStorageMessage, SecureStorageResponse, } from './storage';
 export { handleSecureStorageMessage, isSecureStorageMessage, NativeStorageUtils, } from './storage';
 export { EmbeddedWalletWebView, WebViewUtils } from './webview';

package/dist/types/native/passkey.d.ts

@@ -0,0 +1,155 @@
+import { type IPasskeyHandler } from '@openfort/openfort-js';
+/**
+ * Result from passkey credential creation.
+ */
+interface PasskeyCredentialResult {
+    id: string;
+    rawId?: string;
+    type: string;
+    clientExtensionResults?: {
+        prf?: {
+            results?: {
+                first?: unknown;
+            };
+        };
+    };
+    response?: {
+        attestationObject?: string;
+        clientDataJSON?: string;
+    };
+}
+/**
+ * Result from passkey assertion (get).
+ */
+interface PasskeyAssertionResult {
+    id: string;
+    type: string;
+    clientExtensionResults?: {
+        prf?: {
+            results?: {
+                first?: unknown;
+            };
+        };
+    };
+}
+/** Resolved API from react-native-passkeys (module.Passkeys ?? module). Library may export sync or async isSupported. */
+export type PasskeysAPI = {
+    create?: (options: PublicKeyCredentialCreationOptions) => Promise<PasskeyCredentialResult | null>;
+    get?: (options: PublicKeyCredentialRequestOptions) => Promise<PasskeyAssertionResult | null>;
+    /** Sync on native (iOS/Android), sync on web; may be function or boolean. */
+    isSupported?: (() => boolean) | (() => Promise<boolean>) | boolean;
+};
+/**
+ * Returns diagnostic information about passkey support.
+ * Useful for debugging why passkeys may not be available.
+ */
+export declare function getPasskeyDiagnostics(): {
+    isSupported: boolean;
+    loadError: Error | null;
+    moduleLoaded: boolean;
+};
+/**
+ * Checks if the device supports passkeys (WebAuthn). Uses the library's isSupported() only — no credential creation.
+ * Normalizes sync/async and function/boolean from react-native-passkeys.
+ */
+export declare function isPasskeySupported(): Promise<boolean>;
+export interface NativePasskeyHandlerConfig {
+    rpId?: string;
+    rpName?: string;
+    timeout?: number;
+    derivedKeyLengthBytes?: number;
+}
+interface PublicKeyCredentialCreationOptions {
+    challenge: string;
+    rp: {
+        id: string;
+        name: string;
+    };
+    user: {
+        id: string;
+        name: string;
+        displayName: string;
+    };
+    pubKeyCredParams: Array<{
+        type: string;
+        alg: number;
+    }>;
+    authenticatorSelection: {
+        authenticatorAttachment?: string;
+        residentKey?: string;
+        requireResidentKey?: boolean;
+        userVerification?: string;
+    };
+    excludeCredentials?: Array<{
+        id: string;
+        type: string;
+    }>;
+    extensions?: {
+        prf?: {
+            eval?: {
+                first: string;
+            };
+        };
+    };
+    timeout?: number;
+    attestation?: string;
+}
+interface PublicKeyCredentialRequestOptions {
+    challenge: string;
+    rpId: string;
+    allowCredentials: Array<{
+        id: string;
+        type: string;
+    }>;
+    userVerification: string;
+    extensions?: {
+        prf?: {
+            eval?: {
+                first: string;
+            };
+        };
+    };
+    timeout?: number;
+}
+/**
+ * NativePasskeyHandler implements IPasskeyHandler using react-native-passkeys (create/get)
+ * as the native equivalent of navigator.credentials.create/get. Same contract as openfort-js
+ * PasskeyHandler; key is returned to the SDK/Shield like on web.
+ */
+export declare class NativePasskeyHandler implements IPasskeyHandler {
+    private readonly rpId?;
+    private readonly rpName?;
+    private readonly timeout;
+    private readonly derivedKeyLengthBytes;
+    constructor(config: NativePasskeyHandlerConfig);
+    /**
+     * Normalizes prf.results.first from the native module to Uint8Array.
+     * On Android, the bridge may return base64 string or array of numbers.
+     */
+    private normalizePRFResult;
+    /**
+     * Extracts key bytes from PRF result and returns as base64url string.
+     * Validates that the PRF result has sufficient entropy for the requested key length.
+     */
+    private extractKeyBytes;
+    /**
+     * Creates a passkey and derives a key using the PRF extension.
+     */
+    createPasskey(config: {
+        id: string;
+        displayName: string;
+        seed: string;
+    }): Promise<{
+        id: string;
+        displayName?: string;
+        key?: string;
+    }>;
+    /**
+     * Derives and exports key material from an existing passkey as base64url string.
+     */
+    deriveAndExportKey(config: {
+        id: string;
+        seed: string;
+    }): Promise<string>;
+}
+export {};

package/dist/types/native/webview.d.ts

@@ -11,6 +11,8 @@ interface EmbeddedWalletWebViewProps {
     isClientReady: boolean;
     /** Callback when WebView proxy status changes */
     onProxyStatusChange?: (status: 'loading' | 'loaded' | 'reloading') => void;
+    /** Enable WebView debugging (allows inspection via Safari/Chrome dev tools) */
+    debug?: boolean;
 }
 /**
  * WebView component for embedded wallet integration

package/dist/types/types/index.d.ts

@@ -6,6 +6,7 @@ export interface UseOpenfort {
     /** Any error encountered during SDK initialization. */
     error: Error | null;
 }
+export { PASSKEY_ERROR_CODES, PasskeyAssertionFailedError, PasskeyCreationFailedError, type PasskeyErrorCode, PasskeyPRFNotSupportedError, PasskeySeedInvalidError, PasskeyUserCancelledError, } from '@openfort/openfort-js';
 export type { AuthSuccessCallback, EmailLoginHookOptions, EmailLoginHookResult, ErrorCallback, GenerateSiweMessage, GenerateSiweMessageResponse, PasswordFlowState, RecoveryFlowState, SiweFlowState, SiweLoginHookOptions, SiweLoginHookResult, } from './auth';
 export type { LinkWithOAuthInput, LoginWithOAuthInput, OAuthFlowState, UseLoginWithOAuth, } from './oauth';
 export type { ConnectedEmbeddedEthereumWallet, ConnectedEmbeddedSolanaWallet, CreateEthereumWalletOptions, CreateEthereumWalletResult, CreateSolanaEmbeddedWalletOpts, CreateSolanaWalletOptions, CreateSolanaWalletResult, EIP1193EventHandler, EIP1193EventName, EIP1193RequestArguments, EmbeddedEthereumWalletState, EmbeddedSolanaWalletState, EthereumWalletActions, OpenfortEmbeddedEthereumWalletProvider, OpenfortEmbeddedSolanaWalletProvider, SetActiveEthereumWalletOptions, SetActiveEthereumWalletResult, SetActiveSolanaWalletOptions, SetActiveSolanaWalletResult, SetRecoveryOptions, SetRecoveryResult, SignedSolanaTransaction, SolanaRequestArguments, SolanaSignMessageRequest, SolanaSignTransactionRequest, SolanaTransaction, SolanaWalletActions, } from './wallet';

package/dist/types/types/wallet.d.ts

@@ -1,4 +1,8 @@
-import type { AccountTypeEnum, ChainTypeEnum, EmbeddedAccount, RecoveryParams } from '@openfort/openfort-js';
+import type { AccountTypeEnum, ChainTypeEnum, EmbeddedAccount, RecoveryMethod, RecoveryParams } from '@openfort/openfort-js';
+/**
+ * Recovery method details extracted from EmbeddedAccount
+ */
+export type RecoveryMethodDetails = EmbeddedAccount['recoveryMethodDetails'];
 import type { Hex } from './hex';
 import type { OpenfortHookOptions } from './hookOption';
 import type { OpenfortError } from './openfortError';
@@ -105,20 +109,56 @@ export interface OpenfortEmbeddedSolanaWalletProvider {
  * Connected Ethereum wallet
  */
 export type ConnectedEmbeddedEthereumWallet = {
+    /** Account ID */
+    id: string;
+    /** Account address */
     address: string;
+    /** Chain type (always EVM) */
+    chainType: ChainTypeEnum.EVM;
+    /** Chain ID */
+    chainId?: number;
+    /** Owner address (for smart accounts) */
     ownerAddress?: string;
+    /** Factory address (for smart accounts) */
+    factoryAddress?: string;
+    /** Salt (for smart accounts) */
+    salt?: string;
+    /** Account type (EOA, Smart Account, Delegated) */
+    accountType: AccountTypeEnum;
+    /** Implementation address (for smart accounts) */
+    implementationAddress?: string;
+    /** Creation timestamp */
+    createdAt?: number;
+    /** Implementation type */
     implementationType?: string;
-    chainType: ChainTypeEnum.EVM;
+    /** Recovery method used for this wallet */
+    recoveryMethod?: RecoveryMethod;
+    /** Recovery method details (e.g., passkey info) */
+    recoveryMethodDetails?: RecoveryMethodDetails;
+    /** Index in the wallets array */
     walletIndex: number;
+    /** Get the EIP-1193 provider for this wallet */
     getProvider: () => Promise<OpenfortEmbeddedEthereumWalletProvider>;
 };
 /**
  * Connected Solana wallet
  */
 export type ConnectedEmbeddedSolanaWallet = {
+    /** Account ID */
+    id: string;
+    /** Account address (public key) */
     address: string;
+    /** Chain type (always SVM) */
     chainType: ChainTypeEnum.SVM;
+    /** Creation timestamp */
+    createdAt?: number;
+    /** Recovery method used for this wallet */
+    recoveryMethod?: RecoveryMethod;
+    /** Recovery method details (e.g., passkey info) */
+    recoveryMethodDetails?: RecoveryMethodDetails;
+    /** Index in the wallets array */
     walletIndex: number;
+    /** Get the Solana provider for this wallet */
     getProvider: () => Promise<OpenfortEmbeddedSolanaWalletProvider>;
 };
 /**
@@ -139,6 +179,10 @@ export type CreateEthereumWalletOptions = {
     otpCode?: string;
     accountType?: AccountTypeEnum;
     policyId?: string;
+    /** Recovery method to use: 'automatic', 'password', or 'passkey' */
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    /** Passkey ID for passkey recovery (required when recoveryMethod is 'passkey' for recovery) */
+    passkeyId?: string;
 } & OpenfortHookOptions<CreateEthereumWalletResult>;
 /**
  * Result of setting active Ethereum wallet
@@ -157,6 +201,10 @@ export type SetActiveEthereumWalletOptions = {
     recoveryPassword?: string;
     /** OTP code for Shield verification when using automatic recovery */
     otpCode?: string;
+    /** Recovery method to use: 'automatic', 'password', or 'passkey' */
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    /** Passkey ID for passkey recovery (required when recoveryMethod is 'passkey' for recovery) */
+    passkeyId?: string;
 } & OpenfortHookOptions<SetActiveEthereumWalletResult>;
 /**
  * Result of setting recovery method
@@ -188,6 +236,10 @@ export type CreateSolanaEmbeddedWalletOpts = {
      * Create additional wallet if one already exists
      */
     createAdditional?: boolean;
+    /** Recovery method to use: 'automatic', 'password', or 'passkey' */
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    /** Passkey ID for passkey recovery (required when recoveryMethod is 'passkey' for recovery) */
+    passkeyId?: string;
 };
 /**
  * Result of creating a Solana wallet
@@ -217,6 +269,10 @@ export type SetActiveSolanaWalletOptions = {
     recoveryPassword?: string;
     /** OTP code for Shield verification when using automatic recovery */
     otpCode?: string;
+    /** Recovery method to use: 'automatic', 'password', or 'passkey' */
+    recoveryMethod?: 'automatic' | 'password' | 'passkey';
+    /** Passkey ID for passkey recovery (required when recoveryMethod is 'passkey' for recovery) */
+    passkeyId?: string;
 } & OpenfortHookOptions<SetActiveSolanaWalletResult>;
 /**
  * Common actions available on all Ethereum wallet states

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@openfort/react-native",
   "main": "dist/index.js",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "license": "MIT",
   "description": "React Native SDK for Openfort platform integration",
   "repository": {
@@ -24,7 +24,8 @@
     }
   },
   "dependencies": {
-    "@openfort/openfort-js": "^1.1.4"
+    "@openfort/openfort-js": "^1.1.5",
+    "react-native-passkeys": "0.4.0"
   },
   "peerDependencies": {
     "expo-apple-authentication": "*",
@@ -77,7 +78,10 @@
   "size-limit": [
     {
       "path": "dist/index.js",
-      "limit": "250 KB"
+      "limit": "250 KB",
+      "ignore": [
+        "expo-modules-core"
+      ]
     }
   ],
   "scripts": {