@oxyhq/core 1.11.11 → 1.11.13

package/dist/types/mixins/OxyServices.fedcm.d.ts

@@ -174,6 +174,7 @@ export declare function OxyServicesFedCMMixin<T extends typeof OxyServicesBase>(
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.karma.d.ts

@@ -55,6 +55,7 @@ export declare function OxyServicesKarmaMixin<T extends typeof OxyServicesBase>(
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.language.d.ts

@@ -51,6 +51,7 @@ export declare function OxyServicesLanguageMixin<T extends typeof OxyServicesBas
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.location.d.ts

@@ -34,6 +34,7 @@ export declare function OxyServicesLocationMixin<T extends typeof OxyServicesBas
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.managedAccounts.d.ts

@@ -91,6 +91,7 @@ export declare function OxyServicesManagedAccountsMixin<T extends typeof OxyServ
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.payment.d.ts

@@ -81,6 +81,7 @@ export declare function OxyServicesPaymentMixin<T extends typeof OxyServicesBase
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.popup.d.ts

@@ -171,6 +171,7 @@ export declare function OxyServicesPopupAuthMixin<T extends typeof OxyServicesBa
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.privacy.d.ts

@@ -92,6 +92,7 @@ export declare function OxyServicesPrivacyMixin<T extends typeof OxyServicesBase
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.redirect.d.ts

@@ -208,6 +208,7 @@ export declare function OxyServicesRedirectAuthMixin<T extends typeof OxyService
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.security.d.ts

@@ -48,6 +48,7 @@ export declare function OxyServicesSecurityMixin<T extends typeof OxyServicesBas
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.topics.d.ts

@@ -74,6 +74,7 @@ export declare function OxyServicesTopicsMixin<T extends typeof OxyServicesBase>
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.user.d.ts

@@ -1,7 +1,7 @@
 /**
  * User Management Methods Mixin
  */
-import type { User, Notification, SearchProfilesResponse } from '../models/interfaces';
+import type { User, Notification, SearchProfilesResponse, PrivacySettings } from '../models/interfaces';
 import type { OxyServicesBase } from '../OxyServices.base';
 import { type PaginationParams } from '../utils/apiUtils';
 export declare function OxyServicesUserMixin<T extends typeof OxyServicesBase>(Base: T): {
@@ -10,6 +10,18 @@ export declare function OxyServicesUserMixin<T extends typeof OxyServicesBase>(B
          * Get profile by username
          */
         getProfileByUsername(username: string): Promise<User>;
+        /**
+         * Lightweight username lookup for login flows.
+         * Returns minimal public info: exists, color, avatar, displayName.
+         * Faster than getProfileByUsername — no stats, no formatting.
+         */
+        lookupUsername(username: string): Promise<{
+            exists: boolean;
+            username: string;
+            color: string | null;
+            avatar: string | null;
+            displayName: string;
+        }>;
         /**
          * Search user profiles
          */
@@ -80,21 +92,30 @@ export declare function OxyServicesUserMixin<T extends typeof OxyServicesBase>(B
          */
         getCurrentUser(): Promise<User>;
         /**
-         * Update user profile
-         * TanStack Query handles offline queuing automatically
+         * Update user profile.
+         *
+         * Invalidates the SDK-side response cache for every endpoint that
+         * returns the current user (`GET /users/me`, `GET /session/user/*`,
+         * `GET /users/<id>`, `GET /profiles/username/*`) so the next read
+         * doesn't return a stale snapshot. Without this, a follow-up
+         * `getUserBySession` call inside the 2-minute cache window can return
+         * the pre-update user — most visibly during onboarding, where it
+         * causes the username step to flicker back as if nothing was saved.
+         *
+         * TanStack Query handles offline queuing automatically.
          */
-        updateProfile(updates: Record<string, any>): Promise<User>;
+        updateProfile(updates: Partial<User>): Promise<User>;
         /**
          * Get privacy settings for a user
          * @param userId - The user ID (defaults to current user)
          */
-        getPrivacySettings(userId?: string): Promise<any>;
+        getPrivacySettings(userId?: string): Promise<PrivacySettings>;
         /**
          * Update privacy settings
          * @param settings - Partial privacy settings object
          * @param userId - The user ID (defaults to current user)
          */
-        updatePrivacySettings(settings: Record<string, any>, userId?: string): Promise<any>;
+        updatePrivacySettings(settings: Partial<PrivacySettings>, userId?: string): Promise<PrivacySettings>;
         /**
          * Request account verification
          */
@@ -107,11 +128,18 @@ export declare function OxyServicesUserMixin<T extends typeof OxyServicesBase>(B
          */
         downloadAccountData(format?: "json" | "csv"): Promise<Blob>;
         /**
-         * Delete account permanently
-         * @param password - User password for confirmation
-         * @param confirmText - Confirmation text (usually username)
-         */
-        deleteAccount(password: string, confirmText: string): Promise<{
+         * Delete account permanently.
+         *
+         * Signs `delete:{publicKey}:{timestamp}` with the locally-stored identity
+         * private key and submits the signature alongside the confirmation text
+         * (must equal the user's username). The signature is the cryptographic
+         * proof of ownership — only the device holding the private key can issue
+         * a valid signature, so no password is required.
+         *
+         * @param confirmText - Must equal the user's username (verified server-side)
+         * @throws If no identity is stored on this device, or signing fails
+         */
+        deleteAccount(confirmText: string): Promise<{
             message: string;
         }>;
         /**
@@ -191,6 +219,7 @@ export declare function OxyServicesUserMixin<T extends typeof OxyServicesBase>(B
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/OxyServices.utility.d.ts

@@ -163,6 +163,7 @@ export declare function OxyServicesUtilityMixin<T extends typeof OxyServicesBase
         };
         clearCache(): void;
         clearCacheEntry(key: string): void;
+        clearCacheByPrefix(prefix: string): number;
         getCacheStats(): {
             size: number;
             hits: number;

package/dist/types/mixins/index.d.ts

@@ -4,7 +4,50 @@
  * This module provides a clean way to compose all mixins
  * and ensures consistent ordering for better maintainability
  */
-type MixinFunction = (Base: any) => any;
+import { OxyServicesBase } from '../OxyServices.base';
+import { OxyServicesAuthMixin } from './OxyServices.auth';
+import { OxyServicesFedCMMixin } from './OxyServices.fedcm';
+import { OxyServicesPopupAuthMixin } from './OxyServices.popup';
+import { OxyServicesRedirectAuthMixin } from './OxyServices.redirect';
+import { OxyServicesUserMixin } from './OxyServices.user';
+import { OxyServicesPrivacyMixin } from './OxyServices.privacy';
+import { OxyServicesLanguageMixin } from './OxyServices.language';
+import { OxyServicesPaymentMixin } from './OxyServices.payment';
+import { OxyServicesKarmaMixin } from './OxyServices.karma';
+import { OxyServicesAssetsMixin } from './OxyServices.assets';
+import { OxyServicesDeveloperMixin } from './OxyServices.developer';
+import { OxyServicesLocationMixin } from './OxyServices.location';
+import { OxyServicesAnalyticsMixin } from './OxyServices.analytics';
+import { OxyServicesDevicesMixin } from './OxyServices.devices';
+import { OxyServicesSecurityMixin } from './OxyServices.security';
+import { OxyServicesUtilityMixin } from './OxyServices.utility';
+import { OxyServicesFeaturesMixin } from './OxyServices.features';
+import { OxyServicesTopicsMixin } from './OxyServices.topics';
+import { OxyServicesManagedAccountsMixin } from './OxyServices.managedAccounts';
+import { OxyServicesContactsMixin } from './OxyServices.contacts';
+/**
+ * Instance shape of every mixin in the pipeline, intersected. The runtime
+ * `composeOxyServices()` produces a class whose instances expose all of
+ * these methods; we surface that to TypeScript via this intersection so the
+ * `extends` site in `OxyServices.ts` can avoid an `as any` cast.
+ *
+ * If you add a new mixin to `MIXIN_PIPELINE`, add it here too so its methods
+ * are visible without a cast.
+ */
+type AllMixinInstances = InstanceType<ReturnType<typeof OxyServicesAuthMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesFedCMMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesPopupAuthMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesRedirectAuthMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesUserMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesPrivacyMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesLanguageMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesPaymentMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesKarmaMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesAssetsMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesDeveloperMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesLocationMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesAnalyticsMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesDevicesMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesSecurityMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesFeaturesMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesTopicsMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesManagedAccountsMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesContactsMixin<typeof OxyServicesBase>>> & InstanceType<ReturnType<typeof OxyServicesUtilityMixin<typeof OxyServicesBase>>>;
+/**
+ * Constructor type for the fully composed mixin pipeline. Each mixin returns
+ * a new constructor that augments its input; reducing across the pipeline
+ * yields an instance with every mixin's methods.
+ */
+export type ComposedOxyServicesConstructor = new (config: import('../OxyServices.base').OxyConfig) => AllMixinInstances;
+/**
+ * A mixin function: takes a constructor and returns an augmented constructor.
+ * Each individual mixin uses a `<T extends typeof OxyServicesBase>` generic
+ * to preserve its specific augmentations, but those refinements are
+ * intentionally collapsed across the `reduce` call below.
+ */
+type MixinFunction = (Base: new (...args: unknown[]) => OxyServicesBase) => new (...args: unknown[]) => OxyServicesBase;
 /**
  * Mixin pipeline - applied in order from first to last.
  *
@@ -22,9 +65,14 @@ declare const MIXIN_PIPELINE: MixinFunction[];
  * Composes all OxyServices mixins using a pipeline pattern.
  *
  * This is equivalent to the nested calls but more readable and maintainable.
- * Adding a new mixin: just add it to MIXIN_PIPELINE at the appropriate position.
+ * Adding a new mixin: add it to MIXIN_PIPELINE at the appropriate position
+ * AND extend `AllMixinInstances` so its methods are visible to consumers.
+ *
+ * The cast through `unknown` carries the runtime augmentation chain into the
+ * static type system. `Array.reduce` cannot track each mixin's generic
+ * refinement, so we assert the final shape exposed by all mixins together.
  *
- * @returns The fully composed OxyServices class with all mixins applied
+ * @returns The fully composed OxyServices constructor with all mixins applied
  */
-export declare function composeOxyServices(): any;
+export declare function composeOxyServices(): ComposedOxyServicesConstructor;
 export { MIXIN_PIPELINE };

package/dist/types/models/interfaces.d.ts

@@ -18,6 +18,40 @@ export interface OxyConfig {
     onRequestEnd?: (url: string, method: string, duration: number, success: boolean) => void;
     onRequestError?: (url: string, method: string, error: Error) => void;
 }
+/**
+ * Privacy settings for a user account.
+ *
+ * All fields are optional because:
+ *  - Updates are dot-path partial PATCHes — clients send only changed keys.
+ *  - The server may return a partial subdocument depending on the API
+ *    build (older builds returned only the field that changed).
+ *  - User accounts created before a new toggle was introduced won't
+ *    have that key persisted yet.
+ *
+ * Mirrors `IPrivacySettings` from `packages/api/src/types/privacy.types.ts`,
+ * but with every field marked optional.
+ */
+export interface PrivacySettings {
+    isPrivateAccount?: boolean;
+    hideOnlineStatus?: boolean;
+    hideLastSeen?: boolean;
+    profileVisibility?: boolean;
+    loginAlerts?: boolean;
+    blockScreenshots?: boolean;
+    login?: boolean;
+    biometricLogin?: boolean;
+    showActivity?: boolean;
+    allowTagging?: boolean;
+    allowMentions?: boolean;
+    hideReadReceipts?: boolean;
+    allowDirectMessages?: boolean;
+    dataSharing?: boolean;
+    locationSharing?: boolean;
+    analyticsSharing?: boolean;
+    sensitiveContent?: boolean;
+    autoFilter?: boolean;
+    muteKeywords?: boolean;
+}
 export interface User {
     id: string;
     publicKey: string;
@@ -25,9 +59,7 @@ export interface User {
     email?: string;
     avatar?: string;
     color?: string;
-    privacySettings?: {
-        [key: string]: unknown;
-    };
+    privacySettings?: PrivacySettings;
     name?: {
         first?: string;
         last?: string;
@@ -240,6 +272,33 @@ export interface FileDeleteResponse {
     message: string;
     fileId: string;
 }
+/**
+ * React Native file descriptor accepted by FormData.
+ *
+ * On React Native, the multipart upload reads the file from disk via the URI
+ * during the network request — no in-JS Blob construction is required (and
+ * doing so would fail on Hermes since RN's BlobManager cannot wrap an
+ * ArrayBuffer/ArrayBufferView).
+ *
+ * This shape matches what `expo-document-picker` and `expo-image-picker`
+ * return for selected assets, and is what `OxyServices.assetUpload` accepts
+ * on native platforms.
+ */
+export interface RNFileDescriptor {
+    uri: string;
+    type?: string;
+    name?: string;
+    size?: number;
+}
+/**
+ * Asset upload input — accepted by `OxyServices.assetUpload` and `uploadRawFile`.
+ *
+ * - `File` / `Blob`: standard web browser path. `assetUpload` appends the
+ *   Blob to FormData directly.
+ * - {@link RNFileDescriptor}: React Native path. FormData reads the file from
+ *   disk via the URI during the multipart request.
+ */
+export type AssetUploadInput = File | Blob | RNFileDescriptor;
 /**
  * Central Asset Service interfaces
  */

package/dist/types/utils/accountUtils.d.ts

@@ -10,6 +10,44 @@ export interface QuickAccount {
     avatar?: string;
     avatarUrl?: string;
 }
+/** Minimal user shape accepted by display-name helpers. Avoids importing the full User type. */
+export interface DisplayNameUserShape {
+    name?: string | {
+        first?: string;
+        last?: string;
+        full?: string;
+        [key: string]: unknown;
+    };
+    username?: string;
+    publicKey?: string;
+}
+/**
+ * Truncate a long public key for display, e.g. `0x12345678…`.
+ * Falls back to the raw key if it's too short to truncate.
+ */
+export declare const formatPublicKeyHandle: (publicKey: string) => string;
+/**
+ * Resolve a friendly display name for a user.
+ *
+ * Order of preference:
+ *  1. `name.full`, or composed `name.first name.last`
+ *  2. `name` (when stored as a plain string)
+ *  3. `username`
+ *  4. `Account 0x12345678…` (derived from publicKey, when present)
+ *  5. Translated fallback (e.g. "Unnamed")
+ *
+ * The translation key `common.unnamed` is used for the final fallback. If the
+ * caller does not pass a locale, the default English translation is used.
+ */
+export declare const getAccountDisplayName: (user: DisplayNameUserShape | null | undefined, locale?: string) => string;
+/**
+ * Resolve a `@handle` style identifier for a user.
+ *
+ * Returns the bare username when present (without the `@`), otherwise a
+ * truncated public-key handle (`0x12345678…`), or `undefined` when neither is
+ * available — callers can decide whether to hide the line entirely.
+ */
+export declare const getAccountFallbackHandle: (user: DisplayNameUserShape | null | undefined) => string | undefined;
 /**
  * Build an ordered array of QuickAccounts from a map and order list.
  */
@@ -23,11 +61,13 @@ export declare const buildAccountsArray: (accounts: Record<string, QuickAccount>
  * @param getFileDownloadUrl - Function to generate avatar download URL from file ID
  */
 export declare const createQuickAccount: (sessionId: string, userData: {
-    name?: {
+    name?: string | {
         full?: string;
         first?: string;
+        last?: string;
     };
     username?: string;
+    publicKey?: string;
     id?: string;
     _id?: {
         toString(): string;

package/dist/types/utils/asyncUtils.d.ts

@@ -13,8 +13,12 @@ export declare function parallelWithErrorHandling<T>(operations: (() => Promise<
 /**
  * Retry an async operation with exponential backoff
  *
- * By default, does not retry on 4xx errors (client errors).
- * Use shouldRetry callback to customize retry behavior.
+ * By default, does not retry on 4xx errors (client errors). The default
+ * predicate accepts both the axios-style `error.response.status` and the
+ * flat `error.status` shape produced by {@link handleHttpError}, so callers
+ * never accidentally retry a deterministic client failure.
+ *
+ * Use the `shouldRetry` callback to customize retry behavior.
  */
 export declare function retryAsync<T>(operation: () => Promise<T>, maxRetries?: number, baseDelay?: number, shouldRetry?: (error: any) => boolean): Promise<T>;
 /**

package/dist/types/utils/platformCrypto.d.ts

@@ -0,0 +1,87 @@
+/**
+ * Platform Crypto / Storage — Default Variant (Node.js, Browser, generic bundlers)
+ *
+ * Provides lazy access to platform-specific crypto and storage modules.
+ *
+ * # Variants
+ *
+ * This module ships in two physical variants on disk, selected per consumer
+ * by the bundler / runtime:
+ *
+ * - `platformCrypto.js`           — this file. Used by Node.js, Vite, webpack,
+ *                                   Rollup, esbuild, and anything that does
+ *                                   not match Metro's `*.native.js`
+ *                                   source-extension preference.
+ * - `platformCrypto.native.js`    — sibling file. Picked up automatically by
+ *                                   Metro's resolver (which prefers
+ *                                   `*.<platform>.js` and `*.native.js` over
+ *                                   plain `*.js` when `preferNativePlatform`
+ *                                   is true — Expo sets this for all non-web
+ *                                   builds).
+ *
+ * The `package.json#exports` map also declares a `"react-native"` condition
+ * pointing at the same `dist/esm/index.js` entry — that entry transitively
+ * imports `./platformCrypto`, and Metro's per-file source-extension lookup
+ * substitutes the `.native.js` sibling automatically inside `dist/`. This
+ * means consumers never have to add resolver shims; Metro Just Works.
+ *
+ * Both variants expose the EXACT same public API; importers don't need to know
+ * which one they got. The variant difference is purely about which underlying
+ * native modules each one references:
+ *
+ *   ┌──────────────────┬───────────────────────┬───────────────────────────────┐
+ *   │ Function         │ Default variant       │ React Native variant          │
+ *   ├──────────────────┼───────────────────────┼───────────────────────────────┤
+ *   │ loadNodeCrypto   │ `await import('crypto')` (Node built-in)              │
+ *   │                  │                       │ throws — Node crypto is not   │
+ *   │                  │                       │ available on Hermes/RN        │
+ *   ├──────────────────┼───────────────────────┼───────────────────────────────┤
+ *   │ loadExpoCrypto   │ throws — expo-crypto  │ static `import 'expo-crypto'` │
+ *   │                  │ is not part of a      │                               │
+ *   │                  │ Node/Vite bundle      │                               │
+ *   ├──────────────────┼───────────────────────┼───────────────────────────────┤
+ *   │ loadSecureStore  │ throws (web/Node have │ static `import 'expo-secure-` │
+ *   │                  │ their own storage)    │ store'                        │
+ *   ├──────────────────┼───────────────────────┼───────────────────────────────┤
+ *   │ loadAsyncStorage │ throws (web/Node have │ static `import '@react-       │
+ *   │                  │ their own storage)    │ native-async-storage/...'     │
+ *   ├──────────────────┼───────────────────────┼───────────────────────────────┤
+ *   │ getRandomBytesRN │ throws (RN-only)      │ direct call into expo-crypto  │
+ *   └──────────────────┴───────────────────────┴───────────────────────────────┘
+ *
+ * Crucially, the default variant references ONLY Node's `'crypto'`. It never
+ * mentions `expo-*` or `@react-native-async-storage/*` — so Vite, webpack,
+ * esbuild, Rollup, and Node itself can bundle / require it without ever
+ * attempting to resolve those RN-only packages.
+ *
+ * The React Native variant references ONLY the RN packages. It never
+ * mentions `'crypto'` — so Metro and Hermes have nothing to choke on.
+ *
+ * # Why not a single file with dynamic import?
+ *
+ * A previous iteration used a "bundler-opaque" `new Function('s', 'return
+ * import(s)')` trick so a single file could service every platform. It
+ * bundled cleanly on Metro but Hermes refused to PARSE the resulting
+ * `import()` expression inside a Function-constructor body
+ * (`SyntaxError: Invalid expression encountered` at the `(` of `import(`).
+ * The platform-extension split is the only approach that lets each runtime
+ * see a file containing only specifiers it can understand — no tricks, no
+ * runtime parsing risks.
+ */
+export declare function loadNodeCrypto(): Promise<typeof import('crypto')>;
+export declare function loadExpoCrypto(): Promise<typeof import('expo-crypto')>;
+export declare function loadSecureStore(): Promise<typeof import('expo-secure-store')>;
+export declare function loadAsyncStorage(): Promise<{
+    default: {
+        getItem: (key: string) => Promise<string | null>;
+        setItem: (key: string, value: string) => Promise<void>;
+        removeItem: (key: string) => Promise<void>;
+    };
+}>;
+/**
+ * Synchronous random-bytes via `expo-crypto.getRandomBytes`. Only available
+ * in the React Native variant. The default variant throws because Node and
+ * browsers have their own native CSPRNGs (`crypto.randomBytes` and
+ * `crypto.getRandomValues` respectively) — callers should use those.
+ */
+export declare function getRandomBytesRN(_byteCount: number): Uint8Array;

package/dist/types/utils/platformCrypto.native.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Platform Crypto / Storage — React Native Variant
+ *
+ * Companion to `./platformCrypto.ts`. See the doc-comment at the top of that
+ * file for the full design.
+ *
+ * Metro auto-selects this file in any non-web build (`preferNativePlatform`
+ * is `true` for iOS / Android, so `*.native.js` shadows `*.js` during
+ * source-extension resolution inside `node_modules/@oxyhq/core/dist/`). On
+ * iOS / Android `<base>.ios.js` / `<base>.android.js` would shadow this file
+ * if they existed, but they don't — `.native.js` is the shared RN variant.
+ *
+ *   - The default variant references Node's `'crypto'` and would crash Metro
+ *     if bundled into an RN app.
+ *   - This variant references the RN-only modules (`expo-crypto`,
+ *     `expo-secure-store`, `@react-native-async-storage/async-storage`)
+ *     as static imports, so Metro and Hermes both resolve and parse them
+ *     cleanly.
+ *
+ * Both variants expose the same surface; importers don't care which one
+ * they got.
+ *
+ * # Why static imports?
+ *
+ * Every RN consumer of `@oxyhq/core` already lists or transitively pulls
+ * in `expo-crypto`, `expo-secure-store`, and
+ * `@react-native-async-storage/async-storage` (they're stable Expo modules
+ * present in `services`, `accounts`, `inbox`, and `test-app`). A static
+ * import is what Metro wants to see anyway, and Hermes parses it like any
+ * other ES module — no `Function`-constructor parser exotic-mode involved.
+ *
+ * This is also clearer to debug: Metro fails up-front with a normal
+ * unresolved-module error if a consumer is missing a peer dep, instead of
+ * a confusing runtime throw the first time a code path that needs the
+ * module is exercised.
+ */
+export declare function loadNodeCrypto(): Promise<typeof import('crypto')>;
+export declare function loadExpoCrypto(): Promise<typeof import('expo-crypto')>;
+export declare function loadSecureStore(): Promise<typeof import('expo-secure-store')>;
+type AsyncStorageLike = {
+    getItem: (key: string) => Promise<string | null>;
+    setItem: (key: string, value: string) => Promise<void>;
+    removeItem: (key: string) => Promise<void>;
+};
+export declare function loadAsyncStorage(): Promise<{
+    default: AsyncStorageLike;
+}>;
+/**
+ * Synchronous random-bytes via `expo-crypto.getRandomBytes`. Available
+ * synchronously because `expo-crypto` is statically imported by this file
+ * — no async initialization race.
+ */
+export declare function getRandomBytesRN(byteCount: number): Uint8Array;
+export {};