@permissionless-technologies/upp-sdk 0.5.7 → 0.6.0

package/dist/indexer/index.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-var chunkTKUOY2PQ_cjs = require('../chunk-TKUOY2PQ.cjs');
+var chunkIETMGF5J_cjs = require('../chunk-IETMGF5J.cjs');
 var chunkPGIV2GDM_cjs = require('../chunk-PGIV2GDM.cjs');
 var chunkARH2SJM3_cjs = require('../chunk-ARH2SJM3.cjs');
 require('../chunk-BCSMUH4L.cjs');
@@ -11,43 +11,43 @@ require('../chunk-G7VZBCD6.cjs');
 
 Object.defineProperty(exports, "computeSearchTag", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.computeSearchTag; }
+  get: function () { return chunkIETMGF5J_cjs.computeSearchTag; }
 });
 Object.defineProperty(exports, "createAutoAdapter", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.createAutoAdapter; }
+  get: function () { return chunkIETMGF5J_cjs.createAutoAdapter; }
 });
 Object.defineProperty(exports, "createLocalStorageAdapter", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.createLocalStorageAdapter; }
+  get: function () { return chunkIETMGF5J_cjs.createLocalStorageAdapter; }
 });
 Object.defineProperty(exports, "createMemoryAdapter", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.createMemoryAdapter; }
+  get: function () { return chunkIETMGF5J_cjs.createMemoryAdapter; }
 });
 Object.defineProperty(exports, "localStorageAdapter", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.localStorageAdapter; }
+  get: function () { return chunkIETMGF5J_cjs.localStorageAdapter; }
 });
 Object.defineProperty(exports, "makeRpcIndexer", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.makeRpcIndexer; }
+  get: function () { return chunkIETMGF5J_cjs.makeRpcIndexer; }
 });
 Object.defineProperty(exports, "matchesSearchTag", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.matchesSearchTag; }
+  get: function () { return chunkIETMGF5J_cjs.matchesSearchTag; }
 });
 Object.defineProperty(exports, "memoryAdapter", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.memoryAdapter; }
+  get: function () { return chunkIETMGF5J_cjs.memoryAdapter; }
 });
 Object.defineProperty(exports, "tryDecryptNote", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.tryDecryptNote; }
+  get: function () { return chunkIETMGF5J_cjs.tryDecryptNote; }
 });
 Object.defineProperty(exports, "unpackNoteData", {
   enumerable: true,
-  get: function () { return chunkTKUOY2PQ_cjs.unpackNoteData; }
+  get: function () { return chunkIETMGF5J_cjs.unpackNoteData; }
 });
 Object.defineProperty(exports, "COMMITMENT_INSERTED_EVENT", {
   enumerable: true,

package/dist/indexer/index.d.cts

@@ -1,13 +1,14 @@
-import { e as INoteStore, j as StorageAdapter } from '../index-a_f935pS.cjs';
-export { a0 as CommitmentInsertedArgs, f as IndexedNote, I as Indexer, Z as IndexerState, Y as LiveSyncConfig, T as NoteFilters, Q as NoteStatus, a2 as NullifiedArgs, R as RpcIndexerConfig, $ as SerializedNote, a1 as StealthTransactArgs, X as SyncConfig, W as SyncProgress, k as SyncResult, _ as SyncState } from '../index-a_f935pS.cjs';
-import { _ as ___index_js } from '../index-CzmvOht6.cjs';
-export { m as makeRpcIndexer } from '../index-CzmvOht6.cjs';
+import { e as INoteStore, j as StorageAdapter } from '../index-BafRK5nW.cjs';
+export { a0 as CommitmentInsertedArgs, f as IndexedNote, I as Indexer, Z as IndexerState, Y as LiveSyncConfig, T as NoteFilters, Q as NoteStatus, a2 as NullifiedArgs, R as RpcIndexerConfig, $ as SerializedNote, a1 as StealthTransactArgs, X as SyncConfig, W as SyncProgress, k as SyncResult, _ as SyncState } from '../index-BafRK5nW.cjs';
+import { _ as ___index_js } from '../index-BSaHIJzn.cjs';
+export { m as makeRpcIndexer } from '../index-BSaHIJzn.cjs';
 import { Hex, Address } from 'viem';
 import { P as Point } from '../merkle-mteVOlDf.cjs';
 import { H as ShieldedNote } from '../transfer-_qaZXsv7.cjs';
-import '../types-CJSbxv4q.cjs';
+import '../types-9MmVALxO.cjs';
 import '../keccak-m31-B_AqBbRF.cjs';
 import '../keys/index.cjs';
+import '../passkey-Df4lrhN5.cjs';
 import '../utils/index.cjs';
 import '@permissionless-technologies/upc-sdk';
 

package/dist/indexer/index.d.ts

@@ -1,13 +1,14 @@
-import { e as INoteStore, j as StorageAdapter } from '../index-2eL8ZLD0.js';
-export { a0 as CommitmentInsertedArgs, f as IndexedNote, I as Indexer, Z as IndexerState, Y as LiveSyncConfig, T as NoteFilters, Q as NoteStatus, a2 as NullifiedArgs, R as RpcIndexerConfig, $ as SerializedNote, a1 as StealthTransactArgs, X as SyncConfig, W as SyncProgress, k as SyncResult, _ as SyncState } from '../index-2eL8ZLD0.js';
-import { _ as ___index_js } from '../index-B31tBTbC.js';
-export { m as makeRpcIndexer } from '../index-B31tBTbC.js';
+import { e as INoteStore, j as StorageAdapter } from '../index-DndOuerz.js';
+export { a0 as CommitmentInsertedArgs, f as IndexedNote, I as Indexer, Z as IndexerState, Y as LiveSyncConfig, T as NoteFilters, Q as NoteStatus, a2 as NullifiedArgs, R as RpcIndexerConfig, $ as SerializedNote, a1 as StealthTransactArgs, X as SyncConfig, W as SyncProgress, k as SyncResult, _ as SyncState } from '../index-DndOuerz.js';
+import { _ as ___index_js } from '../index-B03HwFbO.js';
+export { m as makeRpcIndexer } from '../index-B03HwFbO.js';
 import { Hex, Address } from 'viem';
 import { P as Point } from '../merkle-mteVOlDf.js';
 import { H as ShieldedNote } from '../transfer-x7UChjh7.js';
-import '../types-mLybMxNR.js';
+import '../types-CI4nEY9S.js';
 import '../keccak-m31-B_AqBbRF.js';
 import '../keys/index.js';
+import '../passkey-ZnoYRP-r.js';
 import '../utils/index.js';
 import '@permissionless-technologies/upc-sdk';
 

package/dist/indexer/index.js

@@ -1,4 +1,4 @@
-export { computeSearchTag, createAutoAdapter, createLocalStorageAdapter, createMemoryAdapter, localStorageAdapter, makeRpcIndexer, matchesSearchTag, memoryAdapter, tryDecryptNote, unpackNoteData } from '../chunk-OG6TNEAT.js';
+export { computeSearchTag, createAutoAdapter, createLocalStorageAdapter, createMemoryAdapter, localStorageAdapter, makeRpcIndexer, matchesSearchTag, memoryAdapter, tryDecryptNote, unpackNoteData } from '../chunk-D6C2OOOC.js';
 export { COMMITMENT_INSERTED_EVENT, NULLIFIER_USED_ABI, SHIELDED_EVENT, SWAP_ORDER_CANCELLED_EVENT, SWAP_ORDER_CLAIMED_EVENT, SWAP_ORDER_FILLED_EVENT, TRANSFERRED_EVENT, createSyncEngine, decryptCandidates, deriveDecryptionKey, tryDecryptHashBased, verifyNullifiers } from '../chunk-FW2U6TKQ.js';
 export { createIndexedDBAdapter, indexedDBAdapter } from '../chunk-ABVALIIG.js';
 import '../chunk-4E23V3AT.js';

package/dist/keys/index.cjs

@@ -1,6 +1,7 @@
 'use strict';
 
-var chunkLKXC3OQT_cjs = require('../chunk-LKXC3OQT.cjs');
+var chunkPXCVNAWP_cjs = require('../chunk-PXCVNAWP.cjs');
+var chunkCCWMVO3H_cjs = require('../chunk-CCWMVO3H.cjs');
 require('../chunk-XSJ5VVH4.cjs');
 require('../chunk-BCSMUH4L.cjs');
 require('../chunk-HEHXSV47.cjs');
@@ -8,61 +9,89 @@ require('../chunk-G7VZBCD6.cjs');
 
 
 
+Object.defineProperty(exports, "derivePerNoteKey", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.derivePerNoteKey; }
+});
+Object.defineProperty(exports, "derivePerNoteKeyFromKeys", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.derivePerNoteKeyFromKeys; }
+});
+Object.defineProperty(exports, "deriveStarkPerNoteKey", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.deriveStarkPerNoteKey; }
+});
+Object.defineProperty(exports, "deriveStarkPerNoteKeyFromKeys", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.deriveStarkPerNoteKeyFromKeys; }
+});
+Object.defineProperty(exports, "exportViewingKeysForAudit", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.exportViewingKeysForAudit; }
+});
+Object.defineProperty(exports, "getViewingKeyFromExport", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.getViewingKeyFromExport; }
+});
+Object.defineProperty(exports, "validateAuditKeyExport", {
+  enumerable: true,
+  get: function () { return chunkPXCVNAWP_cjs.validateAuditKeyExport; }
+});
 Object.defineProperty(exports, "DEFAULT_KEY_DERIVATION_CONFIG", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.DEFAULT_KEY_DERIVATION_CONFIG; }
+  get: function () { return chunkCCWMVO3H_cjs.DEFAULT_KEY_DERIVATION_CONFIG; }
 });
-Object.defineProperty(exports, "deriveDualKeysFromSignature", {
+Object.defineProperty(exports, "checkPRFSupport", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveDualKeysFromSignature; }
+  get: function () { return chunkCCWMVO3H_cjs.checkPRFSupport; }
 });
-Object.defineProperty(exports, "deriveKeysFromSignature", {
+Object.defineProperty(exports, "createPasskeyWithPRF", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveKeysFromSignature; }
+  get: function () { return chunkCCWMVO3H_cjs.createPasskeyWithPRF; }
 });
-Object.defineProperty(exports, "deriveNullifierKey", {
+Object.defineProperty(exports, "deriveDualKeysFromSeed", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveNullifierKey; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveDualKeysFromSeed; }
 });
-Object.defineProperty(exports, "derivePerNoteKey", {
+Object.defineProperty(exports, "deriveDualKeysFromSignature", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.derivePerNoteKey; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveDualKeysFromSignature; }
 });
-Object.defineProperty(exports, "derivePerNoteKeyFromKeys", {
+Object.defineProperty(exports, "deriveKeysFromPasskey", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.derivePerNoteKeyFromKeys; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveKeysFromPasskey; }
 });
-Object.defineProperty(exports, "deriveStarkKeysFromSignature", {
+Object.defineProperty(exports, "deriveKeysFromSeed", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveStarkKeysFromSignature; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveKeysFromSeed; }
 });
-Object.defineProperty(exports, "deriveStarkPerNoteKey", {
+Object.defineProperty(exports, "deriveKeysFromSignature", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveStarkPerNoteKey; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveKeysFromSignature; }
 });
-Object.defineProperty(exports, "deriveStarkPerNoteKeyFromKeys", {
+Object.defineProperty(exports, "deriveNullifierKey", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.deriveStarkPerNoteKeyFromKeys; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveNullifierKey; }
 });
-Object.defineProperty(exports, "exportViewingKeysForAudit", {
+Object.defineProperty(exports, "deriveStarkKeysFromSeed", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.exportViewingKeysForAudit; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveStarkKeysFromSeed; }
 });
-Object.defineProperty(exports, "getKeyDerivationMessage", {
+Object.defineProperty(exports, "deriveStarkKeysFromSignature", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.getKeyDerivationMessage; }
+  get: function () { return chunkCCWMVO3H_cjs.deriveStarkKeysFromSignature; }
 });
-Object.defineProperty(exports, "getViewingKeyFromExport", {
+Object.defineProperty(exports, "getKeyDerivationMessage", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.getViewingKeyFromExport; }
+  get: function () { return chunkCCWMVO3H_cjs.getKeyDerivationMessage; }
 });
-Object.defineProperty(exports, "validateAuditKeyExport", {
+Object.defineProperty(exports, "getPasskeyPRFSecret", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.validateAuditKeyExport; }
+  get: function () { return chunkCCWMVO3H_cjs.getPasskeyPRFSecret; }
 });
 Object.defineProperty(exports, "verifyKeysMatchSignature", {
   enumerable: true,
-  get: function () { return chunkLKXC3OQT_cjs.verifyKeysMatchSignature; }
+  get: function () { return chunkCCWMVO3H_cjs.verifyKeysMatchSignature; }
 });
 //# sourceMappingURL=index.cjs.map
 //# sourceMappingURL=index.cjs.map

package/dist/keys/index.d.cts

@@ -1,6 +1,7 @@
-import { K as KeyDerivationConfig, M as MasterKeys, b as StarkMasterKeys, a as DualMasterKeys, A as AuditKeyExport } from '../types-CJSbxv4q.cjs';
-export { D as DEFAULT_KEY_DERIVATION_CONFIG, O as OneTimeKeys, P as ProvingSystem, S as SerializedKeys, c as StealthAddressComponents, T as TransactionViewingKey } from '../types-CJSbxv4q.cjs';
+import { K as KeyDerivationConfig, M as MasterKeys, b as StarkMasterKeys, D as DualMasterKeys, A as AuditKeyExport } from '../types-9MmVALxO.cjs';
+export { a as DEFAULT_KEY_DERIVATION_CONFIG, O as OneTimeKeys, P as ProvingSystem, S as SerializedKeys, c as StealthAddressComponents, T as TransactionViewingKey } from '../types-9MmVALxO.cjs';
 import { Hex, Address } from 'viem';
+export { P as PasskeyAuthResult, a as PasskeyCreateOptions, b as PasskeyCredential, c as checkPRFSupport, d as createPasskeyWithPRF, e as deriveKeysFromPasskey, g as getPasskeyPRFSecret } from '../passkey-Df4lrhN5.cjs';
 import { M as M31Secret } from '../keccak-m31-B_AqBbRF.cjs';
 
 /**
@@ -16,6 +17,18 @@ import { M as M31Secret } from '../keccak-m31-B_AqBbRF.cjs';
  * - Ownership proven via hash preimage (Poseidon), not discrete log
  */
 
+/**
+ * Derive master keys from a 32-byte seed (hash-based, post-quantum)
+ *
+ * This is the core derivation function used by both the wallet-signature
+ * and passkey paths. Takes a pre-hashed seed and derives spending/viewing
+ * keys via domain-separated keccak256 + Poseidon.
+ *
+ * @param seed - A 32-byte hex seed (e.g. keccak256 of a signature or PRF output)
+ * @param config - Optional key derivation configuration
+ * @returns Master keys for stealth operations
+ */
+declare function deriveKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): Promise<MasterKeys>;
 /**
  * Derive master keys from a wallet signature (hash-based, post-quantum)
  *
@@ -44,6 +57,23 @@ declare function getKeyDerivationMessage(config?: KeyDerivationConfig): string;
  * Verify that keys match a given signature
  */
 declare function verifyKeysMatchSignature(keys: MasterKeys, signature: Hex, config?: KeyDerivationConfig): Promise<boolean>;
+/**
+ * Derive STARK master keys from a 32-byte seed (M31/Keccak, post-quantum)
+ *
+ * Core STARK derivation function used by both wallet-signature and passkey paths.
+ *
+ * @param seed - A 32-byte hex seed
+ * @param config - Optional key derivation configuration
+ * @returns STARK master keys for stealth operations
+ */
+declare function deriveStarkKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): StarkMasterKeys;
+/**
+ * Derive both SNARK and STARK keys from a 32-byte seed.
+ *
+ * @param seed - A 32-byte hex seed
+ * @param config - Optional key derivation configuration
+ */
+declare function deriveDualKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): Promise<DualMasterKeys>;
 /**
  * Derive STARK master keys from a wallet signature (M31/Keccak, post-quantum)
  *
@@ -155,4 +185,4 @@ declare function deriveStarkPerNoteKey(starkViewingSecret: M31Secret, nonce: big
  */
 declare function deriveStarkPerNoteKeyFromKeys(keys: StarkMasterKeys, nonce: bigint): Hex;
 
-export { AuditKeyExport, DualMasterKeys, KeyDerivationConfig, MasterKeys, type NoteReference, StarkMasterKeys, deriveDualKeysFromSignature, deriveKeysFromSignature, deriveNullifierKey, derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkKeysFromSignature, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getKeyDerivationMessage, getViewingKeyFromExport, validateAuditKeyExport, verifyKeysMatchSignature };
+export { AuditKeyExport, DualMasterKeys, KeyDerivationConfig, MasterKeys, type NoteReference, StarkMasterKeys, deriveDualKeysFromSeed, deriveDualKeysFromSignature, deriveKeysFromSeed, deriveKeysFromSignature, deriveNullifierKey, derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkKeysFromSeed, deriveStarkKeysFromSignature, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getKeyDerivationMessage, getViewingKeyFromExport, validateAuditKeyExport, verifyKeysMatchSignature };

package/dist/keys/index.d.ts

@@ -1,6 +1,7 @@
-import { K as KeyDerivationConfig, M as MasterKeys, b as StarkMasterKeys, a as DualMasterKeys, A as AuditKeyExport } from '../types-mLybMxNR.js';
-export { D as DEFAULT_KEY_DERIVATION_CONFIG, O as OneTimeKeys, P as ProvingSystem, S as SerializedKeys, c as StealthAddressComponents, T as TransactionViewingKey } from '../types-mLybMxNR.js';
+import { K as KeyDerivationConfig, M as MasterKeys, b as StarkMasterKeys, D as DualMasterKeys, A as AuditKeyExport } from '../types-CI4nEY9S.js';
+export { a as DEFAULT_KEY_DERIVATION_CONFIG, O as OneTimeKeys, P as ProvingSystem, S as SerializedKeys, c as StealthAddressComponents, T as TransactionViewingKey } from '../types-CI4nEY9S.js';
 import { Hex, Address } from 'viem';
+export { P as PasskeyAuthResult, a as PasskeyCreateOptions, b as PasskeyCredential, c as checkPRFSupport, d as createPasskeyWithPRF, e as deriveKeysFromPasskey, g as getPasskeyPRFSecret } from '../passkey-ZnoYRP-r.js';
 import { M as M31Secret } from '../keccak-m31-B_AqBbRF.js';
 
 /**
@@ -16,6 +17,18 @@ import { M as M31Secret } from '../keccak-m31-B_AqBbRF.js';
  * - Ownership proven via hash preimage (Poseidon), not discrete log
  */
 
+/**
+ * Derive master keys from a 32-byte seed (hash-based, post-quantum)
+ *
+ * This is the core derivation function used by both the wallet-signature
+ * and passkey paths. Takes a pre-hashed seed and derives spending/viewing
+ * keys via domain-separated keccak256 + Poseidon.
+ *
+ * @param seed - A 32-byte hex seed (e.g. keccak256 of a signature or PRF output)
+ * @param config - Optional key derivation configuration
+ * @returns Master keys for stealth operations
+ */
+declare function deriveKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): Promise<MasterKeys>;
 /**
  * Derive master keys from a wallet signature (hash-based, post-quantum)
  *
@@ -44,6 +57,23 @@ declare function getKeyDerivationMessage(config?: KeyDerivationConfig): string;
  * Verify that keys match a given signature
  */
 declare function verifyKeysMatchSignature(keys: MasterKeys, signature: Hex, config?: KeyDerivationConfig): Promise<boolean>;
+/**
+ * Derive STARK master keys from a 32-byte seed (M31/Keccak, post-quantum)
+ *
+ * Core STARK derivation function used by both wallet-signature and passkey paths.
+ *
+ * @param seed - A 32-byte hex seed
+ * @param config - Optional key derivation configuration
+ * @returns STARK master keys for stealth operations
+ */
+declare function deriveStarkKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): StarkMasterKeys;
+/**
+ * Derive both SNARK and STARK keys from a 32-byte seed.
+ *
+ * @param seed - A 32-byte hex seed
+ * @param config - Optional key derivation configuration
+ */
+declare function deriveDualKeysFromSeed(seed: Hex, config?: KeyDerivationConfig): Promise<DualMasterKeys>;
 /**
  * Derive STARK master keys from a wallet signature (M31/Keccak, post-quantum)
  *
@@ -155,4 +185,4 @@ declare function deriveStarkPerNoteKey(starkViewingSecret: M31Secret, nonce: big
  */
 declare function deriveStarkPerNoteKeyFromKeys(keys: StarkMasterKeys, nonce: bigint): Hex;
 
-export { AuditKeyExport, DualMasterKeys, KeyDerivationConfig, MasterKeys, type NoteReference, StarkMasterKeys, deriveDualKeysFromSignature, deriveKeysFromSignature, deriveNullifierKey, derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkKeysFromSignature, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getKeyDerivationMessage, getViewingKeyFromExport, validateAuditKeyExport, verifyKeysMatchSignature };
+export { AuditKeyExport, DualMasterKeys, KeyDerivationConfig, MasterKeys, type NoteReference, StarkMasterKeys, deriveDualKeysFromSeed, deriveDualKeysFromSignature, deriveKeysFromSeed, deriveKeysFromSignature, deriveNullifierKey, derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkKeysFromSeed, deriveStarkKeysFromSignature, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getKeyDerivationMessage, getViewingKeyFromExport, validateAuditKeyExport, verifyKeysMatchSignature };

package/dist/keys/index.js

@@ -1,4 +1,5 @@
-export { DEFAULT_KEY_DERIVATION_CONFIG, deriveDualKeysFromSignature, deriveKeysFromSignature, deriveNullifierKey, derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkKeysFromSignature, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getKeyDerivationMessage, getViewingKeyFromExport, validateAuditKeyExport, verifyKeysMatchSignature } from '../chunk-FTEXUSHR.js';
+export { derivePerNoteKey, derivePerNoteKeyFromKeys, deriveStarkPerNoteKey, deriveStarkPerNoteKeyFromKeys, exportViewingKeysForAudit, getViewingKeyFromExport, validateAuditKeyExport } from '../chunk-36LLQN63.js';
+export { DEFAULT_KEY_DERIVATION_CONFIG, checkPRFSupport, createPasskeyWithPRF, deriveDualKeysFromSeed, deriveDualKeysFromSignature, deriveKeysFromPasskey, deriveKeysFromSeed, deriveKeysFromSignature, deriveNullifierKey, deriveStarkKeysFromSeed, deriveStarkKeysFromSignature, getKeyDerivationMessage, getPasskeyPRFSecret, verifyKeysMatchSignature } from '../chunk-2GKW4UCQ.js';
 import '../chunk-H4NDMIPF.js';
 import '../chunk-4E23V3AT.js';
 import '../chunk-5QSSX3KR.js';

package/dist/passkey-Df4lrhN5.d.cts

@@ -0,0 +1,77 @@
+import { Hex } from 'viem';
+import { D as DualMasterKeys } from './types-9MmVALxO.cjs';
+
+/**
+ * Passkey (WebAuthn PRF) Key Derivation
+ *
+ * Uses the WebAuthn PRF extension (hmac-secret) to derive deterministic
+ * secrets from passkeys. Same passkey + same salt = same output, always.
+ *
+ * The PRF output feeds into the same seed-based derivation pipeline as
+ * wallet signatures — no circuit or contract changes needed.
+ *
+ * Browser support: Chrome 120+, Safari 18+, Edge 120+
+ */
+
+interface PasskeyCreateOptions {
+    /** Relying party display name (default: "UPP Private Account") */
+    rpName?: string;
+    /** User display name for the credential (default: "UPP User") */
+    userName?: string;
+    /** Optional password mixed into PRF salt for account separation */
+    password?: string;
+}
+interface PasskeyCredential {
+    /** Base64url-encoded credential ID */
+    credentialId: string;
+    /** Derived keys from the passkey's PRF output */
+    dualKeys: DualMasterKeys;
+}
+interface PasskeyAuthResult {
+    /** Base64url-encoded credential ID */
+    credentialId: string;
+    /** 32-byte keccak256 seed derived from PRF output */
+    seed: Hex;
+    /** Derived dual keys */
+    dualKeys: DualMasterKeys;
+}
+/**
+ * Check whether the current browser supports WebAuthn with PRF extension.
+ *
+ * Returns false in non-browser environments (SSR, Node.js).
+ */
+declare function checkPRFSupport(): Promise<boolean>;
+/**
+ * Create a new passkey with PRF extension enabled.
+ *
+ * This registers a discoverable credential (resident key) with the
+ * platform authenticator. The PRF output is used immediately to derive keys.
+ *
+ * @param options - Configuration for the credential
+ * @returns Credential ID + derived dual keys
+ * @throws If WebAuthn or PRF extension is not supported
+ */
+declare function createPasskeyWithPRF(options?: PasskeyCreateOptions): Promise<PasskeyCredential>;
+/**
+ * Authenticate with an existing passkey and extract PRF secret.
+ *
+ * If credentialId is provided, the specific credential is requested.
+ * Otherwise, the browser shows a discoverable credential picker.
+ *
+ * @param credentialId - Optional base64url credential ID to request specifically
+ * @param password - Optional password (must match what was used during creation)
+ * @returns Seed + credential ID + derived dual keys
+ */
+declare function getPasskeyPRFSecret(credentialId?: string, password?: string): Promise<PasskeyAuthResult>;
+/**
+ * Derive dual keys from raw PRF output bytes.
+ *
+ * Convenience function for custom WebAuthn flows that handle
+ * credential management externally.
+ *
+ * @param prfOutput - Raw PRF extension output (32 bytes)
+ * @returns Derived dual master keys
+ */
+declare function deriveKeysFromPasskey(prfOutput: Uint8Array): Promise<DualMasterKeys>;
+
+export { type PasskeyAuthResult as P, type PasskeyCreateOptions as a, type PasskeyCredential as b, checkPRFSupport as c, createPasskeyWithPRF as d, deriveKeysFromPasskey as e, getPasskeyPRFSecret as g };

package/dist/passkey-ZnoYRP-r.d.ts

@@ -0,0 +1,77 @@
+import { Hex } from 'viem';
+import { D as DualMasterKeys } from './types-CI4nEY9S.js';
+
+/**
+ * Passkey (WebAuthn PRF) Key Derivation
+ *
+ * Uses the WebAuthn PRF extension (hmac-secret) to derive deterministic
+ * secrets from passkeys. Same passkey + same salt = same output, always.
+ *
+ * The PRF output feeds into the same seed-based derivation pipeline as
+ * wallet signatures — no circuit or contract changes needed.
+ *
+ * Browser support: Chrome 120+, Safari 18+, Edge 120+
+ */
+
+interface PasskeyCreateOptions {
+    /** Relying party display name (default: "UPP Private Account") */
+    rpName?: string;
+    /** User display name for the credential (default: "UPP User") */
+    userName?: string;
+    /** Optional password mixed into PRF salt for account separation */
+    password?: string;
+}
+interface PasskeyCredential {
+    /** Base64url-encoded credential ID */
+    credentialId: string;
+    /** Derived keys from the passkey's PRF output */
+    dualKeys: DualMasterKeys;
+}
+interface PasskeyAuthResult {
+    /** Base64url-encoded credential ID */
+    credentialId: string;
+    /** 32-byte keccak256 seed derived from PRF output */
+    seed: Hex;
+    /** Derived dual keys */
+    dualKeys: DualMasterKeys;
+}
+/**
+ * Check whether the current browser supports WebAuthn with PRF extension.
+ *
+ * Returns false in non-browser environments (SSR, Node.js).
+ */
+declare function checkPRFSupport(): Promise<boolean>;
+/**
+ * Create a new passkey with PRF extension enabled.
+ *
+ * This registers a discoverable credential (resident key) with the
+ * platform authenticator. The PRF output is used immediately to derive keys.
+ *
+ * @param options - Configuration for the credential
+ * @returns Credential ID + derived dual keys
+ * @throws If WebAuthn or PRF extension is not supported
+ */
+declare function createPasskeyWithPRF(options?: PasskeyCreateOptions): Promise<PasskeyCredential>;
+/**
+ * Authenticate with an existing passkey and extract PRF secret.
+ *
+ * If credentialId is provided, the specific credential is requested.
+ * Otherwise, the browser shows a discoverable credential picker.
+ *
+ * @param credentialId - Optional base64url credential ID to request specifically
+ * @param password - Optional password (must match what was used during creation)
+ * @returns Seed + credential ID + derived dual keys
+ */
+declare function getPasskeyPRFSecret(credentialId?: string, password?: string): Promise<PasskeyAuthResult>;
+/**
+ * Derive dual keys from raw PRF output bytes.
+ *
+ * Convenience function for custom WebAuthn flows that handle
+ * credential management externally.
+ *
+ * @param prfOutput - Raw PRF extension output (32 bytes)
+ * @returns Derived dual master keys
+ */
+declare function deriveKeysFromPasskey(prfOutput: Uint8Array): Promise<DualMasterKeys>;
+
+export { type PasskeyAuthResult as P, type PasskeyCreateOptions as a, type PasskeyCredential as b, checkPRFSupport as c, createPasskeyWithPRF as d, deriveKeysFromPasskey as e, getPasskeyPRFSecret as g };