@oxyhq/services 5.16.34 → 5.16.35

package/lib/module/shared/crypto/signature.js

@@ -0,0 +1,186 @@
+"use strict";
+
+/**
+ * Signature Verification Service
+ * 
+ * Unified signature verification used by both backend (API) and SDK.
+ * Uses platform adapters for crypto operations while keeping message construction shared.
+ */
+
+import { ec as EC } from 'elliptic';
+import { getCryptoAdapter, PlatformDetector } from './platform';
+import { buildAuthMessage, buildRegistrationMessage, buildRequestMessage, isTimestampFresh } from './messageBuilders';
+const ec = new EC('secp256k1');
+
+/**
+ * Maximum age for signed messages (5 minutes)
+ */
+export const MAX_SIGNATURE_AGE_MS = 5 * 60 * 1000;
+
+/**
+ * Challenge TTL (5 minutes)
+ */
+export const CHALLENGE_TTL_MS = 5 * 60 * 1000;
+
+/**
+ * Signature Service
+ * Provides signature verification that works across all platforms
+ */
+export class SignatureService {
+  /**
+   * Verify an ECDSA signature
+   * 
+   * @param message - The original message that was signed
+   * @param signature - The signature in DER format (hex encoded)
+   * @param publicKey - The public key (hex encoded, uncompressed)
+   * @returns true if the signature is valid
+   */
+  static async verify(message, signature, publicKey) {
+    try {
+      const key = ec.keyFromPublic(publicKey, 'hex');
+      const adapter = await getCryptoAdapter();
+      const messageHash = await adapter.sha256(message);
+      return key.verify(messageHash, signature);
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Synchronous signature verification (Node.js only)
+   * Uses Node.js crypto module directly for hashing
+   */
+  static verifySync(message, signature, publicKey) {
+    if (!PlatformDetector.isNode()) {
+      throw new Error('verifySync should only be used in Node.js. Use verify() in other environments.');
+    }
+    try {
+      // eslint-disable-next-line @typescript-eslint/no-implied-eval
+      const getCrypto = new Function('return require("crypto")');
+      const crypto = getCrypto();
+      const key = ec.keyFromPublic(publicKey, 'hex');
+      const messageHash = crypto.createHash('sha256').update(message).digest('hex');
+      return key.verify(messageHash, signature);
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Verify an authentication challenge response
+   * 
+   * @param publicKey - The user's public key
+   * @param challenge - The original challenge string
+   * @param signature - The signature of the auth message
+   * @param timestamp - The timestamp when the signature was created
+   * @param maxAgeMs - Maximum age of the signature in milliseconds
+   * @returns true if the challenge response is valid
+   */
+  static async verifyChallengeResponse(publicKey, challenge, signature, timestamp, maxAgeMs = CHALLENGE_TTL_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildAuthMessage(publicKey, challenge, timestamp);
+
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+
+  /**
+   * Synchronous challenge response verification (Node.js only)
+   */
+  static verifyChallengeResponseSync(publicKey, challenge, signature, timestamp, maxAgeMs = CHALLENGE_TTL_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildAuthMessage(publicKey, challenge, timestamp);
+
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+
+  /**
+   * Verify a registration signature
+   * Signature format: oxy:register:{publicKey}:{timestamp}
+   */
+  static async verifyRegistrationSignature(publicKey, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildRegistrationMessage(publicKey, timestamp);
+
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+
+  /**
+   * Synchronous registration signature verification (Node.js only)
+   */
+  static verifyRegistrationSignatureSync(publicKey, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildRegistrationMessage(publicKey, timestamp);
+
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+
+  /**
+   * Verify a signed request
+   * Used for authenticated API operations
+   */
+  static async verifyRequestSignature(publicKey, data, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildRequestMessage(publicKey, timestamp, data);
+
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+
+  /**
+   * Synchronous request signature verification (Node.js only)
+   */
+  static verifyRequestSignatureSync(publicKey, data, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!isTimestampFresh(timestamp, maxAgeMs)) {
+      return false;
+    }
+
+    // Build the canonical message
+    const message = buildRequestMessage(publicKey, timestamp, data);
+
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+
+  /**
+   * Validate that a string is a valid public key
+   */
+  static isValidPublicKey(publicKey) {
+    try {
+      ec.keyFromPublic(publicKey, 'hex');
+      return true;
+    } catch {
+      return false;
+    }
+  }
+}
+//# sourceMappingURL=signature.js.map

package/lib/module/shared/crypto/signature.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["ec","EC","getCryptoAdapter","PlatformDetector","buildAuthMessage","buildRegistrationMessage","buildRequestMessage","isTimestampFresh","MAX_SIGNATURE_AGE_MS","CHALLENGE_TTL_MS","SignatureService","verify","message","signature","publicKey","key","keyFromPublic","adapter","messageHash","sha256","verifySync","isNode","Error","getCrypto","Function","crypto","createHash","update","digest","verifyChallengeResponse","challenge","timestamp","maxAgeMs","verifyChallengeResponseSync","verifyRegistrationSignature","verifyRegistrationSignatureSync","verifyRequestSignature","data","verifyRequestSignatureSync","isValidPublicKey"],"sourceRoot":"../../../../src","sources":["shared/crypto/signature.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,EAAE,IAAIC,EAAE,QAAQ,UAAU;AACnC,SAASC,gBAAgB,EAAEC,gBAAgB,QAAQ,YAAY;AAC/D,SACEC,gBAAgB,EAChBC,wBAAwB,EACxBC,mBAAmB,EACnBC,gBAAgB,QACX,mBAAmB;AAE1B,MAAMP,EAAE,GAAG,IAAIC,EAAE,CAAC,WAAW,CAAC;;AAE9B;AACA;AACA;AACA,OAAO,MAAMO,oBAAoB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI;;AAEjD;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI;;AAE7C;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,CAAC;EAC5B;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE,aAAaC,MAAMA,CACjBC,OAAe,EACfC,SAAiB,EACjBC,SAAiB,EACC;IAClB,IAAI;MACF,MAAMC,GAAG,GAAGf,EAAE,CAACgB,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAC9C,MAAMG,OAAO,GAAG,MAAMf,gBAAgB,CAAC,CAAC;MACxC,MAAMgB,WAAW,GAAG,MAAMD,OAAO,CAACE,MAAM,CAACP,OAAO,CAAC;MACjD,OAAOG,GAAG,CAACJ,MAAM,CAACO,WAAW,EAAEL,SAAS,CAAC;IAC3C,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;AACA;EACE,OAAOO,UAAUA,CACfR,OAAe,EACfC,SAAiB,EACjBC,SAAiB,EACR;IACT,IAAI,CAACX,gBAAgB,CAACkB,MAAM,CAAC,CAAC,EAAE;MAC9B,MAAM,IAAIC,KAAK,CACb,gFACF,CAAC;IACH;IAEA,IAAI;MACF;MACA,MAAMC,SAAS,GAAG,IAAIC,QAAQ,CAAC,0BAA0B,CAAC;MAC1D,MAAMC,MAAM,GAAGF,SAAS,CAAC,CAAC;MAC1B,MAAMR,GAAG,GAAGf,EAAE,CAACgB,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAC9C,MAAMI,WAAW,GAAGO,MAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACf,OAAO,CAAC,CAACgB,MAAM,CAAC,KAAK,CAAC;MAC7E,OAAOb,GAAG,CAACJ,MAAM,CAACO,WAAW,EAAEL,SAAS,CAAC;IAC3C,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,aAAagB,uBAAuBA,CAClCf,SAAiB,EACjBgB,SAAiB,EACjBjB,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGvB,gBAAgB,EACjB;IAClB;IACA,IAAI,CAACF,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGR,gBAAgB,CAACU,SAAS,EAAEgB,SAAS,EAAEC,SAAS,CAAC;;IAEjE;IACA,OAAO,IAAI,CAACpB,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAOmB,2BAA2BA,CAChCnB,SAAiB,EACjBgB,SAAiB,EACjBjB,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGvB,gBAAgB,EAC1B;IACT;IACA,IAAI,CAACF,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGR,gBAAgB,CAACU,SAAS,EAAEgB,SAAS,EAAEC,SAAS,CAAC;;IAEjE;IACA,OAAO,IAAI,CAACX,UAAU,CAACR,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;AACA;EACE,aAAaoB,2BAA2BA,CACtCpB,SAAiB,EACjBD,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGxB,oBAAoB,EACrB;IAClB;IACA,IAAI,CAACD,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGP,wBAAwB,CAACS,SAAS,EAAEiB,SAAS,CAAC;;IAE9D;IACA,OAAO,IAAI,CAACpB,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAOqB,+BAA+BA,CACpCrB,SAAiB,EACjBD,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGxB,oBAAoB,EAC9B;IACT;IACA,IAAI,CAACD,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGP,wBAAwB,CAACS,SAAS,EAAEiB,SAAS,CAAC;;IAE9D;IACA,OAAO,IAAI,CAACX,UAAU,CAACR,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;AACA;EACE,aAAasB,sBAAsBA,CACjCtB,SAAiB,EACjBuB,IAA6B,EAC7BxB,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGxB,oBAAoB,EACrB;IAClB;IACA,IAAI,CAACD,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGN,mBAAmB,CAACQ,SAAS,EAAEiB,SAAS,EAAEM,IAAI,CAAC;;IAE/D;IACA,OAAO,IAAI,CAAC1B,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAOwB,0BAA0BA,CAC/BxB,SAAiB,EACjBuB,IAA6B,EAC7BxB,SAAiB,EACjBkB,SAAiB,EACjBC,QAAgB,GAAGxB,oBAAoB,EAC9B;IACT;IACA,IAAI,CAACD,gBAAgB,CAACwB,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMpB,OAAO,GAAGN,mBAAmB,CAACQ,SAAS,EAAEiB,SAAS,EAAEM,IAAI,CAAC;;IAE/D;IACA,OAAO,IAAI,CAACjB,UAAU,CAACR,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;EACE,OAAOyB,gBAAgBA,CAACzB,SAAiB,EAAW;IAClD,IAAI;MACFd,EAAE,CAACgB,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAClC,OAAO,IAAI;IACb,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;AACF","ignoreList":[]}

package/lib/module/shared/index.js

@@ -0,0 +1,30 @@
+"use strict";
+
+/**
+ * @oxyhq/shared
+ * 
+ * Shared utilities, models, and crypto primitives for OxyHQ packages.
+ * 
+ * This package provides:
+ * - Canonical data models (User, Session, ChallengePayload, etc.)
+ * - Unified signature verification across platforms
+ * - Platform-agnostic crypto adapters
+ * - Shared utility functions
+ * - Canonical message builders for signing
+ */
+
+// Models
+export * from './models/index';
+
+// Crypto
+export * from './crypto/signature';
+export * from './crypto/messageBuilders';
+export * from './crypto/platform';
+export { getCryptoAdapter, PlatformDetector } from './crypto/platform';
+
+// Utils
+export * from './utils/index';
+
+// Transport
+export * from './transport/index';
+//# sourceMappingURL=index.js.map

package/lib/module/shared/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getCryptoAdapter","PlatformDetector"],"sourceRoot":"../../../src","sources":["shared/index.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,cAAc,gBAAgB;;AAE9B;AACA,cAAc,oBAAoB;AAClC,cAAc,0BAA0B;AACxC,cAAc,mBAAmB;AACjC,SAASA,gBAAgB,EAAEC,gBAAgB,QAAQ,mBAAmB;;AAEtE;AACA,cAAc,eAAe;;AAE7B;AACA,cAAc,mBAAmB","ignoreList":[]}

package/lib/module/shared/models/index.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=index.js.map

package/lib/module/shared/models/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sourceRoot":"../../../../src","sources":["shared/models/index.ts"],"mappings":"","ignoreList":[]}

package/lib/module/shared/transport/index.js

@@ -0,0 +1,254 @@
+"use strict";
+
+/**
+ * Transport Abstraction
+ * 
+ * Unified transport layer for WebSocket, SSE, and polling.
+ * Provides automatic fallback and unified configuration.
+ */
+
+/**
+ * Transport Interface
+ * All transport implementations must implement this
+ */
+
+/**
+ * Transport Factory
+ * Creates the appropriate transport based on availability and configuration
+ */
+export class TransportFactory {
+  /**
+   * Create a transport with automatic fallback
+   * Tries WebSocket first, then SSE, then polling
+   */
+  static async create(config, callbacks) {
+    // Try WebSocket first (best for real-time)
+    if (await this.isWebSocketAvailable()) {
+      try {
+        return new WebSocketTransport(config, callbacks);
+      } catch (error) {
+        // Fall through to SSE
+      }
+    }
+
+    // Try SSE second (good for one-way updates)
+    if (await this.isSSEAvailable()) {
+      try {
+        return new SSETransport(config, callbacks);
+      } catch (error) {
+        // Fall through to polling
+      }
+    }
+
+    // Fall back to polling (always available)
+    return new PollingTransport(config, callbacks);
+  }
+
+  /**
+   * Check if WebSocket is available
+   */
+  static async isWebSocketAvailable() {
+    // WebSocket is available in browsers and Node.js with socket.io-client
+    return typeof window !== 'undefined' || typeof process !== 'undefined';
+  }
+
+  /**
+   * Check if SSE is available
+   */
+  static async isSSEAvailable() {
+    // SSE is available in browsers via EventSource
+    // In Node.js, would need a polyfill or library
+    return typeof EventSource !== 'undefined' || typeof window !== 'undefined' && 'EventSource' in window;
+  }
+}
+
+/**
+ * WebSocket Transport Implementation
+ * Uses socket.io-client for WebSocket connections
+ */
+class WebSocketTransport {
+  socket = null;
+  connected = false;
+  constructor(config, callbacks) {
+    this.config = config;
+    this.callbacks = callbacks;
+  }
+  async connect() {
+    // Dynamic import to avoid bundling socket.io-client if not needed
+    let io;
+    try {
+      io = (await import('socket.io-client')).default;
+    } catch (error) {
+      throw new Error('socket.io-client is required for WebSocket transport. Install it as a dependency.');
+    }
+    const url = this.config.namespace ? `${this.config.baseURL}/${this.config.namespace}` : this.config.baseURL;
+    const socketOptions = {
+      transports: ['websocket', 'polling'],
+      reconnection: true,
+      reconnectionAttempts: this.config.reconnectAttempts ?? 3,
+      reconnectionDelay: this.config.reconnectDelay ?? 1000
+    };
+    if (this.config.accessToken) {
+      socketOptions.auth = {
+        token: this.config.accessToken
+      };
+    }
+    this.socket = io(url, socketOptions);
+    this.socket.on('connect', () => {
+      this.connected = true;
+      if (this.config.sessionToken) {
+        this.socket.emit('join', this.config.sessionToken);
+      }
+      this.callbacks.onConnect?.();
+    });
+    this.socket.on('auth_update', payload => {
+      this.callbacks.onUpdate?.(payload);
+    });
+    this.socket.on('connect_error', error => {
+      this.callbacks.onError?.(error);
+    });
+    this.socket.on('disconnect', () => {
+      this.connected = false;
+      this.callbacks.onDisconnect?.();
+    });
+  }
+  disconnect() {
+    if (this.socket) {
+      this.socket.disconnect();
+      this.socket = null;
+      this.connected = false;
+    }
+  }
+  isConnected() {
+    return this.connected && this.socket?.connected === true;
+  }
+  getType() {
+    return 'websocket';
+  }
+}
+
+/**
+ * SSE Transport Implementation
+ * Uses EventSource for Server-Sent Events
+ */
+class SSETransport {
+  eventSource = null;
+  connected = false;
+  constructor(config, callbacks) {
+    this.config = config;
+    this.callbacks = callbacks;
+  }
+  async connect() {
+    if (typeof EventSource === 'undefined') {
+      throw new Error('EventSource is not available in this environment');
+    }
+    const url = this.config.sessionToken ? `${this.config.baseURL}/auth/session/stream/${this.config.sessionToken}` : `${this.config.baseURL}/auth/session/stream`;
+    this.eventSource = new EventSource(url);
+    this.eventSource.onopen = () => {
+      this.connected = true;
+      this.callbacks.onConnect?.();
+    };
+    this.eventSource.onmessage = event => {
+      try {
+        const update = JSON.parse(event.data);
+        this.callbacks.onUpdate?.(update);
+      } catch (error) {
+        this.callbacks.onError?.(error);
+      }
+    };
+    this.eventSource.onerror = error => {
+      this.callbacks.onError?.(new Error('SSE connection error'));
+    };
+  }
+  disconnect() {
+    if (this.eventSource) {
+      this.eventSource.close();
+      this.eventSource = null;
+      this.connected = false;
+    }
+  }
+  isConnected() {
+    return this.connected && this.eventSource?.readyState === EventSource.OPEN;
+  }
+  getType() {
+    return 'sse';
+  }
+}
+
+/**
+ * Polling Transport Implementation
+ * Uses HTTP polling as fallback
+ */
+class PollingTransport {
+  intervalId = null;
+  connected = false;
+  abortController = null;
+  constructor(config, callbacks) {
+    this.config = config;
+    this.callbacks = callbacks;
+  }
+  async connect() {
+    this.connected = true;
+    this.callbacks.onConnect?.();
+    const poll = async () => {
+      if (!this.config.sessionToken) {
+        return;
+      }
+      try {
+        this.abortController = new AbortController();
+        const response = await fetch(`${this.config.baseURL}/api/auth/session/status/${this.config.sessionToken}`, {
+          signal: this.abortController.signal,
+          headers: this.config.accessToken ? {
+            Authorization: `Bearer ${this.config.accessToken}`
+          } : {}
+        });
+        if (!response.ok) {
+          throw new Error(`Polling failed: ${response.statusText}`);
+        }
+        const data = await response.json();
+        if (data.authorized && data.sessionId) {
+          this.callbacks.onUpdate?.({
+            status: 'authorized',
+            sessionId: data.sessionId,
+            publicKey: data.publicKey
+          });
+        } else if (data.status === 'expired') {
+          this.callbacks.onUpdate?.({
+            status: 'expired'
+          });
+        } else if (data.status === 'cancelled') {
+          this.callbacks.onUpdate?.({
+            status: 'cancelled'
+          });
+        }
+      } catch (error) {
+        if (error instanceof Error && error.name !== 'AbortError') {
+          this.callbacks.onError?.(error);
+        }
+      }
+    };
+
+    // Poll immediately, then at intervals
+    await poll();
+    this.intervalId = setInterval(poll, this.config.pollingInterval ?? 3000);
+  }
+  disconnect() {
+    if (this.intervalId) {
+      clearInterval(this.intervalId);
+      this.intervalId = null;
+    }
+    if (this.abortController) {
+      this.abortController.abort();
+      this.abortController = null;
+    }
+    this.connected = false;
+    this.callbacks.onDisconnect?.();
+  }
+  isConnected() {
+    return this.connected && this.intervalId !== null;
+  }
+  getType() {
+    return 'polling';
+  }
+}
+//# sourceMappingURL=index.js.map

package/lib/module/shared/transport/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["TransportFactory","create","config","callbacks","isWebSocketAvailable","WebSocketTransport","error","isSSEAvailable","SSETransport","PollingTransport","window","process","EventSource","socket","connected","constructor","connect","io","default","Error","url","namespace","baseURL","socketOptions","transports","reconnection","reconnectionAttempts","reconnectAttempts","reconnectionDelay","reconnectDelay","accessToken","auth","token","on","sessionToken","emit","onConnect","payload","onUpdate","onError","onDisconnect","disconnect","isConnected","getType","eventSource","onopen","onmessage","event","update","JSON","parse","data","onerror","close","readyState","OPEN","intervalId","abortController","poll","AbortController","response","fetch","signal","headers","Authorization","ok","statusText","json","authorized","sessionId","status","publicKey","name","setInterval","pollingInterval","clearInterval","abort"],"sourceRoot":"../../../../src","sources":["shared/transport/index.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;;AA+BA;AACA;AACA;AACA;;AAuBA;AACA;AACA;AACA;AACA,OAAO,MAAMA,gBAAgB,CAAC;EAC5B;AACF;AACA;AACA;EACE,aAAaC,MAAMA,CACjBC,MAAuB,EACvBC,SAA6B,EACT;IACpB;IACA,IAAI,MAAM,IAAI,CAACC,oBAAoB,CAAC,CAAC,EAAE;MACrC,IAAI;QACF,OAAO,IAAIC,kBAAkB,CAACH,MAAM,EAAEC,SAAS,CAAC;MAClD,CAAC,CAAC,OAAOG,KAAK,EAAE;QACd;MAAA;IAEJ;;IAEA;IACA,IAAI,MAAM,IAAI,CAACC,cAAc,CAAC,CAAC,EAAE;MAC/B,IAAI;QACF,OAAO,IAAIC,YAAY,CAACN,MAAM,EAAEC,SAAS,CAAC;MAC5C,CAAC,CAAC,OAAOG,KAAK,EAAE;QACd;MAAA;IAEJ;;IAEA;IACA,OAAO,IAAIG,gBAAgB,CAACP,MAAM,EAAEC,SAAS,CAAC;EAChD;;EAEA;AACF;AACA;EACE,aAAqBC,oBAAoBA,CAAA,EAAqB;IAC5D;IACA,OAAO,OAAOM,MAAM,KAAK,WAAW,IAAI,OAAOC,OAAO,KAAK,WAAW;EACxE;;EAEA;AACF;AACA;EACE,aAAqBJ,cAAcA,CAAA,EAAqB;IACtD;IACA;IACA,OAAO,OAAOK,WAAW,KAAK,WAAW,IACjC,OAAOF,MAAM,KAAK,WAAW,IAAI,aAAa,IAAIA,MAAO;EACnE;AACF;;AAEA;AACA;AACA;AACA;AACA,MAAML,kBAAkB,CAAsB;EACpCQ,MAAM,GAAQ,IAAI;EAGlBC,SAAS,GAAG,KAAK;EAEzBC,WAAWA,CAACb,MAAuB,EAAEC,SAA6B,EAAE;IAClE,IAAI,CAACD,MAAM,GAAGA,MAAM;IACpB,IAAI,CAACC,SAAS,GAAGA,SAAS;EAC5B;EAEA,MAAMa,OAAOA,CAAA,EAAkB;IAC7B;IACA,IAAIC,EAAO;IACX,IAAI;MACFA,EAAE,GAAG,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,EAAEC,OAAO;IACjD,CAAC,CAAC,OAAOZ,KAAK,EAAE;MACd,MAAM,IAAIa,KAAK,CAAC,mFAAmF,CAAC;IACtG;IAEA,MAAMC,GAAG,GAAG,IAAI,CAAClB,MAAM,CAACmB,SAAS,GAC7B,GAAG,IAAI,CAACnB,MAAM,CAACoB,OAAO,IAAI,IAAI,CAACpB,MAAM,CAACmB,SAAS,EAAE,GACjD,IAAI,CAACnB,MAAM,CAACoB,OAAO;IAEvB,MAAMC,aAAkB,GAAG;MACzBC,UAAU,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;MACpCC,YAAY,EAAE,IAAI;MAClBC,oBAAoB,EAAE,IAAI,CAACxB,MAAM,CAACyB,iBAAiB,IAAI,CAAC;MACxDC,iBAAiB,EAAE,IAAI,CAAC1B,MAAM,CAAC2B,cAAc,IAAI;IACnD,CAAC;IAED,IAAI,IAAI,CAAC3B,MAAM,CAAC4B,WAAW,EAAE;MAC3BP,aAAa,CAACQ,IAAI,GAAG;QAAEC,KAAK,EAAE,IAAI,CAAC9B,MAAM,CAAC4B;MAAY,CAAC;IACzD;IAEA,IAAI,CAACjB,MAAM,GAAGI,EAAE,CAACG,GAAG,EAAEG,aAAa,CAAC;IAEpC,IAAI,CAACV,MAAM,CAACoB,EAAE,CAAC,SAAS,EAAE,MAAM;MAC9B,IAAI,CAACnB,SAAS,GAAG,IAAI;MACrB,IAAI,IAAI,CAACZ,MAAM,CAACgC,YAAY,EAAE;QAC5B,IAAI,CAACrB,MAAM,CAACsB,IAAI,CAAC,MAAM,EAAE,IAAI,CAACjC,MAAM,CAACgC,YAAY,CAAC;MACpD;MACA,IAAI,CAAC/B,SAAS,CAACiC,SAAS,GAAG,CAAC;IAC9B,CAAC,CAAC;IAEF,IAAI,CAACvB,MAAM,CAACoB,EAAE,CAAC,aAAa,EAAGI,OAAwB,IAAK;MAC1D,IAAI,CAAClC,SAAS,CAACmC,QAAQ,GAAGD,OAAO,CAAC;IACpC,CAAC,CAAC;IAEF,IAAI,CAACxB,MAAM,CAACoB,EAAE,CAAC,eAAe,EAAG3B,KAAY,IAAK;MAChD,IAAI,CAACH,SAAS,CAACoC,OAAO,GAAGjC,KAAK,CAAC;IACjC,CAAC,CAAC;IAEF,IAAI,CAACO,MAAM,CAACoB,EAAE,CAAC,YAAY,EAAE,MAAM;MACjC,IAAI,CAACnB,SAAS,GAAG,KAAK;MACtB,IAAI,CAACX,SAAS,CAACqC,YAAY,GAAG,CAAC;IACjC,CAAC,CAAC;EACJ;EAEAC,UAAUA,CAAA,EAAS;IACjB,IAAI,IAAI,CAAC5B,MAAM,EAAE;MACf,IAAI,CAACA,MAAM,CAAC4B,UAAU,CAAC,CAAC;MACxB,IAAI,CAAC5B,MAAM,GAAG,IAAI;MAClB,IAAI,CAACC,SAAS,GAAG,KAAK;IACxB;EACF;EAEA4B,WAAWA,CAAA,EAAY;IACrB,OAAO,IAAI,CAAC5B,SAAS,IAAI,IAAI,CAACD,MAAM,EAAEC,SAAS,KAAK,IAAI;EAC1D;EAEA6B,OAAOA,CAAA,EAAkB;IACvB,OAAO,WAAW;EACpB;AACF;;AAEA;AACA;AACA;AACA;AACA,MAAMnC,YAAY,CAAsB;EAC9BoC,WAAW,GAAuB,IAAI;EAGtC9B,SAAS,GAAG,KAAK;EAEzBC,WAAWA,CAACb,MAAuB,EAAEC,SAA6B,EAAE;IAClE,IAAI,CAACD,MAAM,GAAGA,MAAM;IACpB,IAAI,CAACC,SAAS,GAAGA,SAAS;EAC5B;EAEA,MAAMa,OAAOA,CAAA,EAAkB;IAC7B,IAAI,OAAOJ,WAAW,KAAK,WAAW,EAAE;MACtC,MAAM,IAAIO,KAAK,CAAC,kDAAkD,CAAC;IACrE;IAEA,MAAMC,GAAG,GAAG,IAAI,CAAClB,MAAM,CAACgC,YAAY,GAChC,GAAG,IAAI,CAAChC,MAAM,CAACoB,OAAO,wBAAwB,IAAI,CAACpB,MAAM,CAACgC,YAAY,EAAE,GACxE,GAAG,IAAI,CAAChC,MAAM,CAACoB,OAAO,sBAAsB;IAEhD,IAAI,CAACsB,WAAW,GAAG,IAAIhC,WAAW,CAACQ,GAAG,CAAC;IAEvC,IAAI,CAACwB,WAAW,CAACC,MAAM,GAAG,MAAM;MAC9B,IAAI,CAAC/B,SAAS,GAAG,IAAI;MACrB,IAAI,CAACX,SAAS,CAACiC,SAAS,GAAG,CAAC;IAC9B,CAAC;IAED,IAAI,CAACQ,WAAW,CAACE,SAAS,GAAIC,KAAK,IAAK;MACtC,IAAI;QACF,MAAMC,MAAM,GAAGC,IAAI,CAACC,KAAK,CAACH,KAAK,CAACI,IAAI,CAAoB;QACxD,IAAI,CAAChD,SAAS,CAACmC,QAAQ,GAAGU,MAAM,CAAC;MACnC,CAAC,CAAC,OAAO1C,KAAK,EAAE;QACd,IAAI,CAACH,SAAS,CAACoC,OAAO,GAAGjC,KAAc,CAAC;MAC1C;IACF,CAAC;IAED,IAAI,CAACsC,WAAW,CAACQ,OAAO,GAAI9C,KAAK,IAAK;MACpC,IAAI,CAACH,SAAS,CAACoC,OAAO,GAAG,IAAIpB,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC7D,CAAC;EACH;EAEAsB,UAAUA,CAAA,EAAS;IACjB,IAAI,IAAI,CAACG,WAAW,EAAE;MACpB,IAAI,CAACA,WAAW,CAACS,KAAK,CAAC,CAAC;MACxB,IAAI,CAACT,WAAW,GAAG,IAAI;MACvB,IAAI,CAAC9B,SAAS,GAAG,KAAK;IACxB;EACF;EAEA4B,WAAWA,CAAA,EAAY;IACrB,OAAO,IAAI,CAAC5B,SAAS,IAAI,IAAI,CAAC8B,WAAW,EAAEU,UAAU,KAAK1C,WAAW,CAAC2C,IAAI;EAC5E;EAEAZ,OAAOA,CAAA,EAAkB;IACvB,OAAO,KAAK;EACd;AACF;;AAEA;AACA;AACA;AACA;AACA,MAAMlC,gBAAgB,CAAsB;EAClC+C,UAAU,GAA0C,IAAI;EAGxD1C,SAAS,GAAG,KAAK;EACjB2C,eAAe,GAA2B,IAAI;EAEtD1C,WAAWA,CAACb,MAAuB,EAAEC,SAA6B,EAAE;IAClE,IAAI,CAACD,MAAM,GAAGA,MAAM;IACpB,IAAI,CAACC,SAAS,GAAGA,SAAS;EAC5B;EAEA,MAAMa,OAAOA,CAAA,EAAkB;IAC7B,IAAI,CAACF,SAAS,GAAG,IAAI;IACrB,IAAI,CAACX,SAAS,CAACiC,SAAS,GAAG,CAAC;IAE5B,MAAMsB,IAAI,GAAG,MAAAA,CAAA,KAAY;MACvB,IAAI,CAAC,IAAI,CAACxD,MAAM,CAACgC,YAAY,EAAE;QAC7B;MACF;MAEA,IAAI;QACF,IAAI,CAACuB,eAAe,GAAG,IAAIE,eAAe,CAAC,CAAC;QAC5C,MAAMC,QAAQ,GAAG,MAAMC,KAAK,CAC1B,GAAG,IAAI,CAAC3D,MAAM,CAACoB,OAAO,4BAA4B,IAAI,CAACpB,MAAM,CAACgC,YAAY,EAAE,EAC5E;UACE4B,MAAM,EAAE,IAAI,CAACL,eAAe,CAACK,MAAM;UACnCC,OAAO,EAAE,IAAI,CAAC7D,MAAM,CAAC4B,WAAW,GAC5B;YAAEkC,aAAa,EAAE,UAAU,IAAI,CAAC9D,MAAM,CAAC4B,WAAW;UAAG,CAAC,GACtD,CAAC;QACP,CACF,CAAC;QAED,IAAI,CAAC8B,QAAQ,CAACK,EAAE,EAAE;UAChB,MAAM,IAAI9C,KAAK,CAAC,mBAAmByC,QAAQ,CAACM,UAAU,EAAE,CAAC;QAC3D;QAEA,MAAMf,IAAI,GAAG,MAAMS,QAAQ,CAACO,IAAI,CAAC,CAAC;QAElC,IAAIhB,IAAI,CAACiB,UAAU,IAAIjB,IAAI,CAACkB,SAAS,EAAE;UACrC,IAAI,CAAClE,SAAS,CAACmC,QAAQ,GAAG;YACxBgC,MAAM,EAAE,YAAY;YACpBD,SAAS,EAAElB,IAAI,CAACkB,SAAS;YACzBE,SAAS,EAAEpB,IAAI,CAACoB;UAClB,CAAC,CAAC;QACJ,CAAC,MAAM,IAAIpB,IAAI,CAACmB,MAAM,KAAK,SAAS,EAAE;UACpC,IAAI,CAACnE,SAAS,CAACmC,QAAQ,GAAG;YAAEgC,MAAM,EAAE;UAAU,CAAC,CAAC;QAClD,CAAC,MAAM,IAAInB,IAAI,CAACmB,MAAM,KAAK,WAAW,EAAE;UACtC,IAAI,CAACnE,SAAS,CAACmC,QAAQ,GAAG;YAAEgC,MAAM,EAAE;UAAY,CAAC,CAAC;QACpD;MACF,CAAC,CAAC,OAAOhE,KAAK,EAAE;QACd,IAAIA,KAAK,YAAYa,KAAK,IAAIb,KAAK,CAACkE,IAAI,KAAK,YAAY,EAAE;UACzD,IAAI,CAACrE,SAAS,CAACoC,OAAO,GAAGjC,KAAK,CAAC;QACjC;MACF;IACF,CAAC;;IAED;IACA,MAAMoD,IAAI,CAAC,CAAC;IACZ,IAAI,CAACF,UAAU,GAAGiB,WAAW,CAC3Bf,IAAI,EACJ,IAAI,CAACxD,MAAM,CAACwE,eAAe,IAAI,IACjC,CAAC;EACH;EAEAjC,UAAUA,CAAA,EAAS;IACjB,IAAI,IAAI,CAACe,UAAU,EAAE;MACnBmB,aAAa,CAAC,IAAI,CAACnB,UAAU,CAAC;MAC9B,IAAI,CAACA,UAAU,GAAG,IAAI;IACxB;IACA,IAAI,IAAI,CAACC,eAAe,EAAE;MACxB,IAAI,CAACA,eAAe,CAACmB,KAAK,CAAC,CAAC;MAC5B,IAAI,CAACnB,eAAe,GAAG,IAAI;IAC7B;IACA,IAAI,CAAC3C,SAAS,GAAG,KAAK;IACtB,IAAI,CAACX,SAAS,CAACqC,YAAY,GAAG,CAAC;EACjC;EAEAE,WAAWA,CAAA,EAAY;IACrB,OAAO,IAAI,CAAC5B,SAAS,IAAI,IAAI,CAAC0C,UAAU,KAAK,IAAI;EACnD;EAEAb,OAAOA,CAAA,EAAkB;IACvB,OAAO,SAAS;EAClB;AACF","ignoreList":[]}

package/lib/module/shared/utils/index.js

@@ -0,0 +1,74 @@
+"use strict";
+
+/**
+ * Shared Utilities
+ * 
+ * Common utility functions used across Accounts, Services SDK, and API packages.
+ */
+
+/**
+ * Get a shortened display version of a public key
+ * Format: first 8 chars ... last 8 chars
+ */
+export function shortenPublicKey(publicKey) {
+  if (publicKey.length <= 16) return publicKey;
+  return `${publicKey.slice(0, 8)}...${publicKey.slice(-8)}`;
+}
+
+/**
+ * Generate a secure random session token
+ * Uses crypto.randomBytes (Node) or Web Crypto API (Browser/RN)
+ */
+export async function generateSessionToken(size = 32) {
+  // Use platform-appropriate random bytes
+  if (typeof window !== 'undefined' && window.crypto) {
+    // Web platform
+    const array = new Uint8Array(size);
+    window.crypto.getRandomValues(array);
+    return Array.from(array, byte => byte.toString(16).padStart(2, '0')).join('');
+  }
+  if (typeof process !== 'undefined' && process.versions?.node) {
+    // Node.js platform
+    // eslint-disable-next-line @typescript-eslint/no-implied-eval
+    const getCrypto = new Function('return require("crypto")');
+    const crypto = getCrypto();
+    return crypto.randomBytes(size).toString('hex');
+  }
+
+  // React Native - will be handled by platform adapter
+  // For now, throw an error if we can't determine platform
+  throw new Error('Unable to generate session token: no crypto implementation available');
+}
+
+/**
+ * Generate a session token synchronously (Node.js only)
+ */
+export function generateSessionTokenSync(size = 32) {
+  if (typeof process === 'undefined' || !process.versions?.node) {
+    throw new Error('generateSessionTokenSync can only be used in Node.js');
+  }
+
+  // eslint-disable-next-line @typescript-eslint/no-implied-eval
+  const getCrypto = new Function('return require("crypto")');
+  const crypto = getCrypto();
+  return crypto.randomBytes(size).toString('hex');
+}
+
+/**
+ * Convert bytes to hex string
+ */
+export function bytesToHex(bytes) {
+  return Array.from(bytes, byte => byte.toString(16).padStart(2, '0')).join('');
+}
+
+/**
+ * Convert hex string to bytes
+ */
+export function hexToBytes(hex) {
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = parseInt(hex.substr(i, 2), 16);
+  }
+  return bytes;
+}
+//# sourceMappingURL=index.js.map

package/lib/module/shared/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["shortenPublicKey","publicKey","length","slice","generateSessionToken","size","window","crypto","array","Uint8Array","getRandomValues","Array","from","byte","toString","padStart","join","process","versions","node","getCrypto","Function","randomBytes","Error","generateSessionTokenSync","bytesToHex","bytes","hexToBytes","hex","i","parseInt","substr"],"sourceRoot":"../../../../src","sources":["shared/utils/index.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA,OAAO,SAASA,gBAAgBA,CAACC,SAAiB,EAAU;EAC1D,IAAIA,SAAS,CAACC,MAAM,IAAI,EAAE,EAAE,OAAOD,SAAS;EAC5C,OAAO,GAAGA,SAAS,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAMF,SAAS,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;AAC5D;;AAEA;AACA;AACA;AACA;AACA,OAAO,eAAeC,oBAAoBA,CAACC,IAAY,GAAG,EAAE,EAAmB;EAC7E;EACA,IAAI,OAAOC,MAAM,KAAK,WAAW,IAAIA,MAAM,CAACC,MAAM,EAAE;IAClD;IACA,MAAMC,KAAK,GAAG,IAAIC,UAAU,CAACJ,IAAI,CAAC;IAClCC,MAAM,CAACC,MAAM,CAACG,eAAe,CAACF,KAAK,CAAC;IACpC,OAAOG,KAAK,CAACC,IAAI,CAACJ,KAAK,EAAEK,IAAI,IAAIA,IAAI,CAACC,QAAQ,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC,EAAE,CAAC;EAC/E;EAEA,IAAI,OAAOC,OAAO,KAAK,WAAW,IAAIA,OAAO,CAACC,QAAQ,EAAEC,IAAI,EAAE;IAC5D;IACA;IACA,MAAMC,SAAS,GAAG,IAAIC,QAAQ,CAAC,0BAA0B,CAAC;IAC1D,MAAMd,MAAM,GAAGa,SAAS,CAAC,CAAC;IAC1B,OAAOb,MAAM,CAACe,WAAW,CAACjB,IAAI,CAAC,CAACS,QAAQ,CAAC,KAAK,CAAC;EACjD;;EAEA;EACA;EACA,MAAM,IAAIS,KAAK,CAAC,sEAAsE,CAAC;AACzF;;AAEA;AACA;AACA;AACA,OAAO,SAASC,wBAAwBA,CAACnB,IAAY,GAAG,EAAE,EAAU;EAClE,IAAI,OAAOY,OAAO,KAAK,WAAW,IAAI,CAACA,OAAO,CAACC,QAAQ,EAAEC,IAAI,EAAE;IAC7D,MAAM,IAAII,KAAK,CAAC,sDAAsD,CAAC;EACzE;;EAEA;EACA,MAAMH,SAAS,GAAG,IAAIC,QAAQ,CAAC,0BAA0B,CAAC;EAC1D,MAAMd,MAAM,GAAGa,SAAS,CAAC,CAAC;EAC1B,OAAOb,MAAM,CAACe,WAAW,CAACjB,IAAI,CAAC,CAACS,QAAQ,CAAC,KAAK,CAAC;AACjD;;AAEA;AACA;AACA;AACA,OAAO,SAASW,UAAUA,CAACC,KAAiB,EAAU;EACpD,OAAOf,KAAK,CAACC,IAAI,CAACc,KAAK,EAAEb,IAAI,IAAIA,IAAI,CAACC,QAAQ,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC,EAAE,CAAC;AAC/E;;AAEA;AACA;AACA;AACA,OAAO,SAASW,UAAUA,CAACC,GAAW,EAAc;EAClD,MAAMF,KAAK,GAAG,IAAIjB,UAAU,CAACmB,GAAG,CAAC1B,MAAM,GAAG,CAAC,CAAC;EAC5C,KAAK,IAAI2B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGD,GAAG,CAAC1B,MAAM,EAAE2B,CAAC,IAAI,CAAC,EAAE;IACtCH,KAAK,CAACG,CAAC,GAAG,CAAC,CAAC,GAAGC,QAAQ,CAACF,GAAG,CAACG,MAAM,CAACF,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;EAC/C;EACA,OAAOH,KAAK;AACd","ignoreList":[]}

package/lib/module/ui/index.js

@@ -60,5 +60,5 @@ export { OxyProvider, OxySignInButton, OxyLogo, Avatar, FollowButton, OxyPayButt
 
 // Re-export core services for convenience in UI context
 export { OxyServices } from '../core';
-// Note: User and LoginResponse should be imported from @oxyhq/shared
+// Note: User and LoginResponse are available from the shared module (exported from main index)
 //# sourceMappingURL=index.js.map

package/lib/module/ui/screens/OxyAuthScreen.js

@@ -20,6 +20,7 @@ import { useThemeColors } from '../styles';
 import { useOxy } from '../context/OxyContext';
 import QRCode from 'react-native-qrcode-svg';
 import OxyLogo from '../components/OxyLogo';
+import { generateSessionToken } from '../../shared';
 
 // Deep link scheme for Oxy Accounts app
 import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from "react/jsx-runtime";
@@ -184,7 +185,7 @@ const OxyAuthScreen = ({
     isProcessingRef.current = false;
     try {
       // Generate a unique session token for this auth request
-      const sessionToken = await generateSessionToken();
+      const sessionToken = await generateSessionToken(32);
       const expiresAt = Date.now() + AUTH_SESSION_EXPIRY_MS;
 
       // Register the auth session with the server
@@ -210,14 +211,6 @@ const OxyAuthScreen = ({
     }
   }, [oxyServices, connectSocket]);
 
-  // Generate a random session token using secure random bytes
-  const generateSessionToken = async () => {
-    const {
-      generateSessionToken: sharedGenerate
-    } = await import('@oxyhq/shared');
-    return sharedGenerate(32); // 32 bytes = 64 hex characters
-  };
-
   // Clean up on unmount
   useEffect(() => {
     return () => {