@oxyhq/services 5.16.18 → 5.16.20

package/src/crypto/polyfill.ts

@@ -5,12 +5,12 @@
  * before any crypto operations are performed.
  * 
  * Polyfills included:
- * - Buffer: Required by bip39 and other crypto libraries
- * - crypto.getRandomValues: Required by bip39 for secure random number generation
+ * - Buffer: Required by crypto libraries
+ * - crypto.getRandomValues: Required for secure random number generation
  */
 
 // Import Buffer polyfill for React Native compatibility
-// Libraries like bip39 depend on Buffer which isn't available in React Native
+// Some crypto libraries depend on Buffer which isn't available in React Native
 import { Buffer } from 'buffer';
 
 // Get the global object in a cross-platform way
@@ -30,7 +30,7 @@ if (!globalObject.Buffer) {
 }
 
 // Polyfill crypto.getRandomValues for React Native
-// This is required by bip39 and other crypto libraries
+// This is required by crypto libraries for secure random number generation
 type CryptoLike = {
   getRandomValues: <T extends ArrayBufferView>(array: T) => T;
 };

package/src/crypto/types.ts

@@ -0,0 +1,19 @@
+/**
+ * Cryptographic types for identity management
+ */
+
+/**
+ * Encrypted backup data structure
+ * Used for identity backup files and QR code transfers
+ */
+export interface BackupData {
+  /** Base64-encoded encrypted private key */
+  encrypted: string;
+  /** Hex-encoded salt used for key derivation */
+  salt: string;
+  /** Hex-encoded initialization vector */
+  iv: string;
+  /** Public key associated with the encrypted private key */
+  publicKey: string;
+}
+

package/src/i18n/locales/en-US.json

@@ -237,7 +237,7 @@
     "enterCode": "Enter the 6‑digit code from your authenticator app.",
     "newPassword": "Set New Password",
     "resetSuccess": "Your password has been reset! You can now sign in.",
-    "noEmail": "We no longer send recovery emails. Please use your recovery phrase to restore your identity. Contact support if you need assistance.",
+    "noEmail": "We no longer send recovery emails. Please use your backup file to restore your identity. Contact support if you need assistance.",
     "password": {
       "minLength": "Password must be at least 8 characters long",
       "mismatch": "Passwords do not match",

package/src/index.ts

@@ -13,8 +13,7 @@ import './crypto/polyfill';
 // Crypto/Identity exports (must be before core to ensure polyfills are available)
 export { 
   KeyManager, 
-  SignatureService, 
-  RecoveryPhraseService 
+  SignatureService
 } from './crypto';
 
 // Core exports
@@ -23,8 +22,7 @@ export { OXY_CLOUD_URL, oxyClient } from './core';
 export type { 
   KeyPair, 
   SignedMessage, 
-  AuthChallenge, 
-  RecoveryPhraseResult 
+  AuthChallenge
 } from './crypto';
 
 // React context

package/src/ui/context/OxyContext.tsx

@@ -9,7 +9,7 @@ import {
   useState,
   type ReactNode,
 } from 'react';
-import { Platform } from 'react-native';
+import { Platform, Alert } from 'react-native';
 import { OxyServices } from '../../core';
 import type { User, ApiError } from '../../models/interfaces';
 import type { ClientSession } from '../../models/session';
@@ -29,7 +29,7 @@ import type { RouteName } from '../navigation/routes';
 import { showBottomSheet as globalShowBottomSheet } from '../navigation/bottomSheetManager';
 import { useQueryClient } from '@tanstack/react-query';
 import { clearQueryCache } from '../hooks/queryClient';
-import { KeyManager } from '../../crypto/keyManager';
+import { KeyManager, type BackupData } from '../../crypto';
 import { translate } from '../../i18n';
 import { updateAvatarVisibility, updateProfileWithAvatar } from '../utils/avatarUtils';
 import { useAccountStore } from '../stores/accountStore';
@@ -50,8 +50,8 @@ export interface OxyContextState {
   currentNativeLanguageName: string;
 
   // Identity management (public key authentication - offline-first)
-  createIdentity: () => Promise<{ recoveryPhrase: string[]; synced: boolean }>;
-  importIdentity: (phrase: string) => Promise<{ synced: boolean }>;
+  createIdentity: () => Promise<{ synced: boolean }>;
+  importIdentity: (backupData: BackupData, password: string) => Promise<{ synced: boolean }>;
   signIn: (deviceName?: string) => Promise<User>;
   hasIdentity: () => Promise<boolean>;
   getPublicKey: () => Promise<string | null>;
@@ -216,7 +216,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
             if (__DEV__) {
               logger(restored
                 ? 'Identity restored from backup successfully'
-                : 'Identity integrity check failed - user may need to restore from recovery phrase'
+                : 'Identity integrity check failed - user may need to restore from backup file'
               );
             }
           } else {
@@ -234,7 +234,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
         if (__DEV__) {
           logger('Error during identity integrity check', error);
         }
-        // Don't block app startup - user can recover with recovery phrase
+        // Don't block app startup - user can recover with backup file
       }
     };
 
@@ -287,7 +287,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
 
   const {
     createIdentity,
-    importIdentity,
+    importIdentity: importIdentityBase,
     signIn,
     logout,
     logoutAll,
@@ -320,6 +320,24 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
   // syncIdentity - TanStack Query handles offline mutations automatically
   const syncIdentity = useCallback(() => syncIdentityBase(), [syncIdentityBase]);
 
+  // Wrapper for importIdentity to handle legacy calls gracefully
+  const importIdentity = useCallback(
+    async (backupData: BackupData | string, password?: string): Promise<{ synced: boolean }> => {
+      // Handle legacy calls with single string argument (old recovery phrase signature)
+      if (typeof backupData === 'string') {
+        throw new Error('Recovery phrase import is no longer supported. Please use backup file import or QR code transfer instead.');
+      }
+
+      // Validate that password is provided
+      if (!password || typeof password !== 'string') {
+        throw new Error('Password is required for backup file import.');
+      }
+
+      return importIdentityBase(backupData, password);
+    },
+    [importIdentityBase]
+  );
+
   // Clear all account data when identity is lost (for accounts app)
   // In accounts app, identity = account, so losing identity means losing everything
   const clearAllAccountData = useCallback(async (): Promise<void> => {
@@ -613,6 +631,43 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     logout().catch((remoteError) => logger('Failed to process remote sign out', remoteError));
   }, [logger, logout]);
 
+  const handleIdentityTransferComplete = useCallback(
+    async (data: { transferId: string; sourceDeviceId: string; publicKey: string; completedAt: string }) => {
+      // Show confirmation dialog asking if user wants to delete identity from this device
+      return new Promise<void>((resolve) => {
+        Alert.alert(
+          'Identity Transfer Complete',
+          'Your identity has been successfully transferred to another device. Would you like to remove it from this device?',
+          [
+            {
+              text: 'Keep on This Device',
+              style: 'cancel',
+              onPress: () => resolve(),
+            },
+            {
+              text: 'Remove from This Device',
+              style: 'destructive',
+              onPress: async () => {
+                try {
+                  // Delete identity with user confirmation
+                  await deleteIdentityAndClearAccount(false, false, true);
+                  toast.success('Identity removed from this device');
+                } catch (error: any) {
+                  logger('Failed to delete identity after transfer', error);
+                  toast.error(error?.message || 'Failed to remove identity from this device');
+                } finally {
+                  resolve();
+                }
+              },
+            },
+          ],
+          { cancelable: true, onDismiss: () => resolve() }
+        );
+      });
+    },
+    [deleteIdentityAndClearAccount, logger]
+  );
+
   useSessionSocket({
     userId,
     activeSessionId,
@@ -623,6 +678,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     baseURL: oxyServices.getBaseURL(),
     onRemoteSignOut: handleRemoteSignOut,
     onSessionRemoved: handleSessionRemoved,
+    onIdentityTransferComplete: handleIdentityTransferComplete,
   });
 
   const switchSessionForContext = useCallback(

package/src/ui/context/hooks/useAuthOperations.ts

@@ -7,7 +7,7 @@ import { fetchSessionsWithFallback, mapSessionsToClient } from '../../utils/sess
 import { handleAuthError, isInvalidSessionError } from '../../utils/errorHandlers';
 import type { StorageInterface } from '../../utils/storageHelpers';
 import type { OxyServices } from '../../../core';
-import { KeyManager, SignatureService, RecoveryPhraseService } from '../../../crypto';
+import { KeyManager, SignatureService, type BackupData } from '../../../crypto';
 
 export interface UseAuthOperationsOptions {
   oxyServices: OxyServices;
@@ -34,9 +34,9 @@ export interface UseAuthOperationsOptions {
 
 export interface UseAuthOperationsResult {
   /** Create a new identity locally (offline-first) and optionally sync with server */
-  createIdentity: () => Promise<{ recoveryPhrase: string[]; synced: boolean }>;
-  /** Import an existing identity from recovery phrase */
-  importIdentity: (phrase: string) => Promise<{ synced: boolean }>;
+  createIdentity: () => Promise<{ synced: boolean }>;
+  /** Import an existing identity from backup file data */
+  importIdentity: (backupData: BackupData, password: string) => Promise<{ synced: boolean }>;
   /** Sign in with existing identity on device */
   signIn: (deviceName?: string) => Promise<User>;
   /** Logout from current session */
@@ -274,18 +274,19 @@ export const useAuthOperations = ({
   );
 
   /**
-   * Create a new identity with recovery phrase (offline-first)
+   * Create a new identity (offline-first)
    * Identity is purely cryptographic - no username or email required
    */
   const createIdentity = useCallback(
-    async (): Promise<{ recoveryPhrase: string[]; synced: boolean }> => {
+    async (): Promise<{ synced: boolean }> => {
       if (!storage) throw new Error('Storage not initialized');
 
       setAuthState({ isLoading: true, error: null });
 
       try {
-        // Generate new identity with recovery phrase (works offline)
-        const { phrase, words, publicKey } = await RecoveryPhraseService.generateIdentityWithRecovery();
+        // Generate new key pair directly (works offline)
+        const { publicKey, privateKey } = await KeyManager.generateKeyPair();
+        await KeyManager.importKeyPair(privateKey);
 
         // Mark as not synced
         await storage.setItem('oxy_identity_synced', 'false');
@@ -301,7 +302,6 @@ export const useAuthOperations = ({
           setIdentitySynced(true);
 
           return {
-            recoveryPhrase: words,
             synced: true,
           };
         } catch (syncError) {
@@ -311,13 +311,12 @@ export const useAuthOperations = ({
           }
           
           return {
-            recoveryPhrase: words,
             synced: false,
           };
         }
       } catch (error) {
         // CRITICAL: Never delete identity on error - it may have been successfully created
-        // Only log the error and let the user recover using their recovery phrase
+        // Only log the error and let the user recover using their backup file
         // Identity deletion should ONLY happen when explicitly requested by the user
         if (__DEV__ && logger) {
           logger('Error during identity creation (identity may still exist):', error);
@@ -330,7 +329,7 @@ export const useAuthOperations = ({
           await storage.setItem('oxy_identity_synced', 'false').catch(() => {});
           setIdentitySynced(false);
           if (__DEV__ && logger) {
-            logger('Identity was created but sync failed - user can sync later using recovery phrase');
+            logger('Identity was created but sync failed - user can sync later using backup file');
           }
         } else {
           // No identity exists - this was a generation failure, safe to clean up sync flag
@@ -434,17 +433,68 @@ export const useAuthOperations = ({
   );
 
   /**
-   * Import identity from recovery phrase (offline-first)
+   * Import identity from backup file data (offline-first)
    */
   const importIdentity = useCallback(
-    async (phrase: string): Promise<{ synced: boolean }> => {
+    async (backupData: BackupData, password: string): Promise<{ synced: boolean }> => {
       if (!storage) throw new Error('Storage not initialized');
 
+      // Validate arguments - ensure backupData is an object, not a string (old signature)
+      if (!backupData || typeof backupData !== 'object' || Array.isArray(backupData)) {
+        throw new Error('Invalid backup data. Please use the backup file import feature.');
+      }
+
+      if (!backupData.encrypted || !backupData.salt || !backupData.iv || !backupData.publicKey) {
+        throw new Error('Invalid backup data structure. Missing required fields.');
+      }
+
+      if (!password || typeof password !== 'string') {
+        throw new Error('Password is required for backup file import.');
+      }
+
       setAuthState({ isLoading: true, error: null });
 
       try {
-        // Restore identity from phrase (works offline)
-        const publicKey = await RecoveryPhraseService.restoreFromPhrase(phrase);
+        // Decrypt private key from backup data
+        const Crypto = await import('expo-crypto');
+        
+        // Convert hex strings to Uint8Array
+        const saltBytes = new Uint8Array(
+          backupData.salt.match(/.{1,2}/g)?.map(byte => parseInt(byte, 16)) || []
+        );
+        const ivBytes = new Uint8Array(
+          backupData.iv.match(/.{1,2}/g)?.map(byte => parseInt(byte, 16)) || []
+        );
+
+        // Derive key from password (same algorithm as EncryptedBackupGenerator)
+        const saltHex = Array.from(saltBytes).map(b => b.toString(16).padStart(2, '0')).join('');
+        let key = password + saltHex;
+        for (let i = 0; i < 10000; i++) {
+          key = await Crypto.digestStringAsync(
+            Crypto.CryptoDigestAlgorithm.SHA256,
+            key
+          );
+        }
+        const keyBytes = new Uint8Array(32);
+        for (let i = 0; i < 64 && i < key.length; i += 2) {
+          keyBytes[i / 2] = parseInt(key.substring(i, i + 2), 16);
+        }
+
+        // Decrypt private key (XOR decryption - same as encryption)
+        const encryptedBytes = Buffer.from(backupData.encrypted, 'base64');
+        const decryptedBytes = new Uint8Array(encryptedBytes.length);
+        for (let i = 0; i < encryptedBytes.length; i++) {
+          decryptedBytes[i] = encryptedBytes[i] ^ keyBytes[i % keyBytes.length] ^ ivBytes[i % ivBytes.length];
+        }
+        const privateKey = new TextDecoder().decode(decryptedBytes);
+
+        // Import the key pair
+        const publicKey = await KeyManager.importKeyPair(privateKey);
+
+        // Verify public key matches
+        if (publicKey !== backupData.publicKey) {
+          throw new Error('Backup file is corrupted or password is incorrect');
+        }
 
         // Mark as not synced
         await storage.setItem('oxy_identity_synced', 'false');
@@ -478,7 +528,7 @@ export const useAuthOperations = ({
         }
       } catch (error) {
         const message = handleAuthError(error, {
-          defaultMessage: 'Failed to import identity',
+          defaultMessage: 'Failed to import identity. Please check your password and backup file.',
           code: REGISTER_ERROR_CODE,
           onError,
           setAuthError: (msg: string) => setAuthState({ error: msg }),

package/src/ui/hooks/useSessionSocket.ts

@@ -13,9 +13,10 @@ interface UseSessionSocketProps {
   baseURL: string;
   onRemoteSignOut?: () => void;
   onSessionRemoved?: (sessionId: string) => void;
+  onIdentityTransferComplete?: (data: { transferId: string; sourceDeviceId: string; publicKey: string; completedAt: string }) => void;
 }
 
-export function useSessionSocket({ userId, activeSessionId, currentDeviceId, refreshSessions, logout, clearSessionState, baseURL, onRemoteSignOut, onSessionRemoved }: UseSessionSocketProps) {
+export function useSessionSocket({ userId, activeSessionId, currentDeviceId, refreshSessions, logout, clearSessionState, baseURL, onRemoteSignOut, onSessionRemoved, onIdentityTransferComplete }: UseSessionSocketProps) {
   const socketRef = useRef<any>(null);
   const joinedRoomRef = useRef<string | null>(null);
   
@@ -25,6 +26,7 @@ export function useSessionSocket({ userId, activeSessionId, currentDeviceId, ref
   const clearSessionStateRef = useRef(clearSessionState);
   const onRemoteSignOutRef = useRef(onRemoteSignOut);
   const onSessionRemovedRef = useRef(onSessionRemoved);
+  const onIdentityTransferCompleteRef = useRef(onIdentityTransferComplete);
   const activeSessionIdRef = useRef(activeSessionId);
   const currentDeviceIdRef = useRef(currentDeviceId);
 
@@ -35,9 +37,10 @@ export function useSessionSocket({ userId, activeSessionId, currentDeviceId, ref
     clearSessionStateRef.current = clearSessionState;
     onRemoteSignOutRef.current = onRemoteSignOut;
     onSessionRemovedRef.current = onSessionRemoved;
+    onIdentityTransferCompleteRef.current = onIdentityTransferComplete;
     activeSessionIdRef.current = activeSessionId;
     currentDeviceIdRef.current = currentDeviceId;
-  }, [refreshSessions, logout, clearSessionState, onRemoteSignOut, onSessionRemoved, activeSessionId, currentDeviceId]);
+  }, [refreshSessions, logout, clearSessionState, onRemoteSignOut, onSessionRemoved, onIdentityTransferComplete, activeSessionId, currentDeviceId]);
 
   useEffect(() => {
     if (!userId || !baseURL) {
@@ -192,6 +195,63 @@ export function useSessionSocket({ userId, activeSessionId, currentDeviceId, ref
             }
           });
         }
+      } else if (data.type === 'identity_transfer_complete') {
+        // Handle identity transfer completion notification
+        const transferData = data as {
+          type: 'identity_transfer_complete';
+          transferId: string;
+          sourceDeviceId: string;
+          publicKey: string;
+          completedAt: string;
+        };
+        
+        if (__DEV__) {
+          logger.debug('Received identity_transfer_complete event', {
+            component: 'useSessionSocket',
+            transferId: transferData.transferId,
+            sourceDeviceId: transferData.sourceDeviceId,
+            currentDeviceId,
+            activeSessionId: activeSessionIdRef.current,
+          });
+        }
+        
+        // Check if this device is the source device
+        // Match by deviceId if available, otherwise show prompt if we have an active session
+        // (user can decide if they want to delete)
+        const isSourceDevice = transferData.sourceDeviceId && (
+          transferData.sourceDeviceId === currentDeviceId ||
+          // Fallback: if we don't have currentDeviceId but have an active session,
+          // show the prompt anyway (user can decide)
+          (currentDeviceId === null && activeSessionIdRef.current !== null)
+        );
+        
+        if (isSourceDevice) {
+          if (__DEV__) {
+            logger.debug('Matched source device, showing deletion prompt', {
+              component: 'useSessionSocket',
+              transferId: transferData.transferId,
+              sourceDeviceId: transferData.sourceDeviceId,
+              currentDeviceId,
+              matchedBy: transferData.sourceDeviceId === currentDeviceId ? 'deviceId' : 'session',
+            });
+          }
+          // This is the source device - notify callback to show deletion prompt
+          if (onIdentityTransferCompleteRef.current) {
+            onIdentityTransferCompleteRef.current({
+              transferId: transferData.transferId,
+              sourceDeviceId: transferData.sourceDeviceId,
+              publicKey: transferData.publicKey,
+              completedAt: transferData.completedAt,
+            });
+          }
+        } else if (__DEV__) {
+          logger.debug('Not the source device, ignoring transfer completion', {
+            component: 'useSessionSocket',
+            sourceDeviceId: transferData.sourceDeviceId,
+            currentDeviceId,
+            hasActiveSession: activeSessionIdRef.current !== null,
+          });
+        }
       } else {
         // For other event types (e.g., session_created), refresh sessions (with error handling)
         refreshSessionsRef.current().catch((error) => {

package/lib/commonjs/crypto/recoveryPhrase.js

@@ -1,152 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.default = exports.RecoveryPhraseService = void 0;
-var bip39 = _interopRequireWildcard(require("bip39"));
-var _keyManager = require("./keyManager");
-function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
-/**
- * Recovery Phrase Service - BIP39 Mnemonic Generation
- * 
- * Handles generation and restoration of recovery phrases (mnemonic seeds)
- * for backing up and restoring user identities.
- * 
- * Note: This module requires the polyfill to be loaded first (done via crypto/index.ts)
- */
-
-/**
- * Convert Uint8Array or array-like to hexadecimal string
- * Works in both Node.js and React Native without depending on Buffer
- */
-function toHex(data) {
-  // Convert to array of numbers if needed
-  const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
-  return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
-}
-class RecoveryPhraseService {
-  /**
-   * Generate a new identity with a recovery phrase
-   * Returns the mnemonic phrase (should only be shown once to the user)
-   */
-  static async generateIdentityWithRecovery() {
-    // Generate 128-bit entropy for 12-word mnemonic
-    const mnemonic = bip39.generateMnemonic(128);
-
-    // Derive private key from mnemonic
-    // Using the seed directly as the private key (simplified approach)
-    const seed = await bip39.mnemonicToSeed(mnemonic);
-
-    // Use first 32 bytes of seed as private key
-    const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
-    const privateKeyHex = toHex(seedSlice);
-
-    // Import the derived key pair
-    const publicKey = await _keyManager.KeyManager.importKeyPair(privateKeyHex);
-    return {
-      phrase: mnemonic,
-      words: mnemonic.split(' '),
-      publicKey
-    };
-  }
-
-  /**
-   * Generate a 24-word recovery phrase for higher security
-   */
-  static async generateIdentityWithRecovery24() {
-    // Generate 256-bit entropy for 24-word mnemonic
-    const mnemonic = bip39.generateMnemonic(256);
-    const seed = await bip39.mnemonicToSeed(mnemonic);
-    const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
-    const privateKeyHex = toHex(seedSlice);
-    const publicKey = await _keyManager.KeyManager.importKeyPair(privateKeyHex);
-    return {
-      phrase: mnemonic,
-      words: mnemonic.split(' '),
-      publicKey
-    };
-  }
-
-  /**
-   * Restore an identity from a recovery phrase
-   */
-  static async restoreFromPhrase(phrase) {
-    // Normalize and validate the phrase
-    const normalizedPhrase = phrase.trim().toLowerCase();
-    if (!bip39.validateMnemonic(normalizedPhrase)) {
-      throw new Error('Invalid recovery phrase. Please check the words and try again.');
-    }
-
-    // Derive the same private key from the mnemonic
-    const seed = await bip39.mnemonicToSeed(normalizedPhrase);
-    const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
-    const privateKeyHex = toHex(seedSlice);
-
-    // Import and store the key pair
-    const publicKey = await _keyManager.KeyManager.importKeyPair(privateKeyHex);
-    return publicKey;
-  }
-
-  /**
-   * Validate a recovery phrase without importing it
-   */
-  static validatePhrase(phrase) {
-    const normalizedPhrase = phrase.trim().toLowerCase();
-    return bip39.validateMnemonic(normalizedPhrase);
-  }
-
-  /**
-   * Get the word list for autocomplete/validation
-   */
-  static getWordList() {
-    return bip39.wordlists.english;
-  }
-
-  /**
-   * Check if a word is valid in the BIP39 word list
-   */
-  static isValidWord(word) {
-    return bip39.wordlists.english.includes(word.toLowerCase());
-  }
-
-  /**
-   * Get suggestions for a partial word
-   */
-  static getSuggestions(partial, limit = 5) {
-    const lowerPartial = partial.toLowerCase();
-    return bip39.wordlists.english.filter(word => word.startsWith(lowerPartial)).slice(0, limit);
-  }
-
-  /**
-   * Derive the public key from a phrase without storing
-   * Useful for verification before importing
-   */
-  static async derivePublicKeyFromPhrase(phrase) {
-    const normalizedPhrase = phrase.trim().toLowerCase();
-    if (!bip39.validateMnemonic(normalizedPhrase)) {
-      throw new Error('Invalid recovery phrase');
-    }
-    const seed = await bip39.mnemonicToSeed(normalizedPhrase);
-    const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
-    const privateKeyHex = toHex(seedSlice);
-    return _keyManager.KeyManager.derivePublicKey(privateKeyHex);
-  }
-
-  /**
-   * Convert a phrase to its word array
-   */
-  static phraseToWords(phrase) {
-    return phrase.trim().toLowerCase().split(/\s+/);
-  }
-
-  /**
-   * Convert a word array to a phrase string
-   */
-  static wordsToPhrase(words) {
-    return words.map(w => w.toLowerCase().trim()).join(' ');
-  }
-}
-exports.RecoveryPhraseService = RecoveryPhraseService;
-var _default = exports.default = RecoveryPhraseService;
-//# sourceMappingURL=recoveryPhrase.js.map

package/lib/commonjs/crypto/recoveryPhrase.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["bip39","_interopRequireWildcard","require","_keyManager","e","t","WeakMap","r","n","__esModule","o","i","f","__proto__","default","has","get","set","hasOwnProperty","call","Object","defineProperty","getOwnPropertyDescriptor","toHex","data","bytes","Uint8Array","Array","from","map","b","toString","padStart","join","RecoveryPhraseService","generateIdentityWithRecovery","mnemonic","generateMnemonic","seed","mnemonicToSeed","seedSlice","subarray","slice","privateKeyHex","publicKey","KeyManager","importKeyPair","phrase","words","split","generateIdentityWithRecovery24","restoreFromPhrase","normalizedPhrase","trim","toLowerCase","validateMnemonic","Error","validatePhrase","getWordList","wordlists","english","isValidWord","word","includes","getSuggestions","partial","limit","lowerPartial","filter","startsWith","derivePublicKeyFromPhrase","derivePublicKey","phraseToWords","wordsToPhrase","w","exports","_default"],"sourceRoot":"../../../src","sources":["crypto/recoveryPhrase.ts"],"mappings":";;;;;;AASA,IAAAA,KAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAA0C,SAAAD,wBAAAG,CAAA,EAAAC,CAAA,6BAAAC,OAAA,MAAAC,CAAA,OAAAD,OAAA,IAAAE,CAAA,OAAAF,OAAA,YAAAL,uBAAA,YAAAA,CAAAG,CAAA,EAAAC,CAAA,SAAAA,CAAA,IAAAD,CAAA,IAAAA,CAAA,CAAAK,UAAA,SAAAL,CAAA,MAAAM,CAAA,EAAAC,CAAA,EAAAC,CAAA,KAAAC,SAAA,QAAAC,OAAA,EAAAV,CAAA,iBAAAA,CAAA,uBAAAA,CAAA,yBAAAA,CAAA,SAAAQ,CAAA,MAAAF,CAAA,GAAAL,CAAA,GAAAG,CAAA,GAAAD,CAAA,QAAAG,CAAA,CAAAK,GAAA,CAAAX,CAAA,UAAAM,CAAA,CAAAM,GAAA,CAAAZ,CAAA,GAAAM,CAAA,CAAAO,GAAA,CAAAb,CAAA,EAAAQ,CAAA,gBAAAP,CAAA,IAAAD,CAAA,gBAAAC,CAAA,OAAAa,cAAA,CAAAC,IAAA,CAAAf,CAAA,EAAAC,CAAA,OAAAM,CAAA,IAAAD,CAAA,GAAAU,MAAA,CAAAC,cAAA,KAAAD,MAAA,CAAAE,wBAAA,CAAAlB,CAAA,EAAAC,CAAA,OAAAM,CAAA,CAAAK,GAAA,IAAAL,CAAA,CAAAM,GAAA,IAAAP,CAAA,CAAAE,CAAA,EAAAP,CAAA,EAAAM,CAAA,IAAAC,CAAA,CAAAP,CAAA,IAAAD,CAAA,CAAAC,CAAA,WAAAO,CAAA,KAAAR,CAAA,EAAAC,CAAA;AAV1C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA,SAASkB,KAAKA,CAACC,IAAoC,EAAU;EAC3D;EACA,MAAMC,KAAK,GAAGD,IAAI,YAAYE,UAAU,GAAGF,IAAI,GAAG,IAAIE,UAAU,CAACF,IAAI,CAAC;EACtE,OAAOG,KAAK,CAACC,IAAI,CAACH,KAAK,CAAC,CACrBI,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,QAAQ,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CACzCC,IAAI,CAAC,EAAE,CAAC;AACb;AAQO,MAAMC,qBAAqB,CAAC;EACjC;AACF;AACA;AACA;EACE,aAAaC,4BAA4BA,CAAA,EAAkC;IACzE;IACA,MAAMC,QAAQ,GAAGpC,KAAK,CAACqC,gBAAgB,CAAC,GAAG,CAAC;;IAE5C;IACA;IACA,MAAMC,IAAI,GAAG,MAAMtC,KAAK,CAACuC,cAAc,CAACH,QAAQ,CAAC;;IAEjD;IACA,MAAMI,SAAS,GAAGF,IAAI,CAACG,QAAQ,GAAGH,IAAI,CAACG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1E,MAAMC,aAAa,GAAGpB,KAAK,CAACiB,SAAS,CAAC;;IAEtC;IACA,MAAMI,SAAS,GAAG,MAAMC,sBAAU,CAACC,aAAa,CAACH,aAAa,CAAC;IAE/D,OAAO;MACLI,MAAM,EAAEX,QAAQ;MAChBY,KAAK,EAAEZ,QAAQ,CAACa,KAAK,CAAC,GAAG,CAAC;MAC1BL;IACF,CAAC;EACH;;EAEA;AACF;AACA;EACE,aAAaM,8BAA8BA,CAAA,EAAkC;IAC3E;IACA,MAAMd,QAAQ,GAAGpC,KAAK,CAACqC,gBAAgB,CAAC,GAAG,CAAC;IAE5C,MAAMC,IAAI,GAAG,MAAMtC,KAAK,CAACuC,cAAc,CAACH,QAAQ,CAAC;IACjD,MAAMI,SAAS,GAAGF,IAAI,CAACG,QAAQ,GAAGH,IAAI,CAACG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1E,MAAMC,aAAa,GAAGpB,KAAK,CAACiB,SAAS,CAAC;IACtC,MAAMI,SAAS,GAAG,MAAMC,sBAAU,CAACC,aAAa,CAACH,aAAa,CAAC;IAE/D,OAAO;MACLI,MAAM,EAAEX,QAAQ;MAChBY,KAAK,EAAEZ,QAAQ,CAACa,KAAK,CAAC,GAAG,CAAC;MAC1BL;IACF,CAAC;EACH;;EAEA;AACF;AACA;EACE,aAAaO,iBAAiBA,CAACJ,MAAc,EAAmB;IAC9D;IACA,MAAMK,gBAAgB,GAAGL,MAAM,CAACM,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAACtD,KAAK,CAACuD,gBAAgB,CAACH,gBAAgB,CAAC,EAAE;MAC7C,MAAM,IAAII,KAAK,CAAC,gEAAgE,CAAC;IACnF;;IAEA;IACA,MAAMlB,IAAI,GAAG,MAAMtC,KAAK,CAACuC,cAAc,CAACa,gBAAgB,CAAC;IACzD,MAAMZ,SAAS,GAAGF,IAAI,CAACG,QAAQ,GAAGH,IAAI,CAACG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1E,MAAMC,aAAa,GAAGpB,KAAK,CAACiB,SAAS,CAAC;;IAEtC;IACA,MAAMI,SAAS,GAAG,MAAMC,sBAAU,CAACC,aAAa,CAACH,aAAa,CAAC;IAE/D,OAAOC,SAAS;EAClB;;EAEA;AACF;AACA;EACE,OAAOa,cAAcA,CAACV,MAAc,EAAW;IAC7C,MAAMK,gBAAgB,GAAGL,MAAM,CAACM,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC;IACpD,OAAOtD,KAAK,CAACuD,gBAAgB,CAACH,gBAAgB,CAAC;EACjD;;EAEA;AACF;AACA;EACE,OAAOM,WAAWA,CAAA,EAAa;IAC7B,OAAO1D,KAAK,CAAC2D,SAAS,CAACC,OAAO;EAChC;;EAEA;AACF;AACA;EACE,OAAOC,WAAWA,CAACC,IAAY,EAAW;IACxC,OAAO9D,KAAK,CAAC2D,SAAS,CAACC,OAAO,CAACG,QAAQ,CAACD,IAAI,CAACR,WAAW,CAAC,CAAC,CAAC;EAC7D;;EAEA;AACF;AACA;EACE,OAAOU,cAAcA,CAACC,OAAe,EAAEC,KAAa,GAAG,CAAC,EAAY;IAClE,MAAMC,YAAY,GAAGF,OAAO,CAACX,WAAW,CAAC,CAAC;IAC1C,OAAOtD,KAAK,CAAC2D,SAAS,CAACC,OAAO,CAC3BQ,MAAM,CAAEN,IAAY,IAAKA,IAAI,CAACO,UAAU,CAACF,YAAY,CAAC,CAAC,CACvDzB,KAAK,CAAC,CAAC,EAAEwB,KAAK,CAAC;EACpB;;EAEA;AACF;AACA;AACA;EACE,aAAaI,yBAAyBA,CAACvB,MAAc,EAAmB;IACtE,MAAMK,gBAAgB,GAAGL,MAAM,CAACM,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC;IAEpD,IAAI,CAACtD,KAAK,CAACuD,gBAAgB,CAACH,gBAAgB,CAAC,EAAE;MAC7C,MAAM,IAAII,KAAK,CAAC,yBAAyB,CAAC;IAC5C;IAEA,MAAMlB,IAAI,GAAG,MAAMtC,KAAK,CAACuC,cAAc,CAACa,gBAAgB,CAAC;IACzD,MAAMZ,SAAS,GAAGF,IAAI,CAACG,QAAQ,GAAGH,IAAI,CAACG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1E,MAAMC,aAAa,GAAGpB,KAAK,CAACiB,SAAS,CAAC;IAEtC,OAAOK,sBAAU,CAAC0B,eAAe,CAAC5B,aAAa,CAAC;EAClD;;EAEA;AACF;AACA;EACE,OAAO6B,aAAaA,CAACzB,MAAc,EAAY;IAC7C,OAAOA,MAAM,CAACM,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC,CAACL,KAAK,CAAC,KAAK,CAAC;EACjD;;EAEA;AACF;AACA;EACE,OAAOwB,aAAaA,CAACzB,KAAe,EAAU;IAC5C,OAAOA,KAAK,CAACnB,GAAG,CAAC6C,CAAC,IAAIA,CAAC,CAACpB,WAAW,CAAC,CAAC,CAACD,IAAI,CAAC,CAAC,CAAC,CAACpB,IAAI,CAAC,GAAG,CAAC;EACzD;AACF;AAAC0C,OAAA,CAAAzC,qBAAA,GAAAA,qBAAA;AAAA,IAAA0C,QAAA,GAAAD,OAAA,CAAA7D,OAAA,GAEcoB,qBAAqB","ignoreList":[]}