@phantom/react-native-sdk 1.0.4 → 1.0.5

package/dist/index.js

@@ -557,7 +557,7 @@ var ExpoAuthProvider = class {
         // OAuth session management - defaults to allow refresh unless explicitly clearing after logout
         clear_previous_session: (phantomOptions.clearPreviousSession ?? false).toString(),
         allow_refresh: (phantomOptions.allowRefresh ?? true).toString(),
-        sdk_version: "1.0.4",
+        sdk_version: "1.0.5",
         sdk_type: "react-native",
         platform: import_react_native5.Platform.OS
       });
@@ -657,7 +657,6 @@ var ExpoAuth2AuthProvider = class {
       throw new Error("Stamper key pair not found.");
     }
     const codeVerifier = (0, import_auth2.createCodeVerifier)();
-    const salt = (0, import_auth2.createSalt)();
     const url = await (0, import_auth2.createConnectStartUrl)({
       keyPair,
       connectLoginUrl: this.auth2ProviderOptions.connectLoginUrl,
@@ -666,7 +665,8 @@ var ExpoAuth2AuthProvider = class {
       sessionId: options.sessionId,
       provider: options.provider,
       codeVerifier,
-      salt
+      // The P-256 ephemeral key is unique per wallet, so no additional salt is needed.
+      salt: ""
     });
     await WebBrowser2.warmUpAsync();
     let result;
@@ -699,8 +699,7 @@ var ExpoAuth2AuthProvider = class {
       code,
       codeVerifier
     });
-    this.stamper.idToken = idToken;
-    this.stamper.salt = salt;
+    await this.stamper.setIdToken(idToken);
     const { organizationId, walletId } = await this.kms.discoverOrganizationAndWalletId(bearerToken, authUserId);
     return {
       walletId,
@@ -728,18 +727,23 @@ var ExpoAuth2Stamper = class {
    */
   constructor(storageKey) {
     this.storageKey = storageKey;
-    this.privateKey = null;
-    this.publicKey = null;
+    this._keyPair = null;
     this._keyInfo = null;
+    this._idToken = null;
     this.algorithm = import_sdk_types.Algorithm.secp256r1;
     this.type = "OIDC";
   }
   async init() {
     const stored = await this.loadRecord();
     if (stored) {
-      this.privateKey = await this.importPrivateKey(stored.privateKeyPkcs8);
-      this.publicKey = await this.importPublicKeyFromBase58(stored.keyInfo.publicKey);
+      this._keyPair = {
+        privateKey: await this.importPrivateKey(stored.privateKeyPkcs8),
+        publicKey: await this.importPublicKeyFromBase58(stored.keyInfo.publicKey)
+      };
       this._keyInfo = stored.keyInfo;
+      if (stored.idToken) {
+        this._idToken = stored.idToken;
+      }
       return this._keyInfo;
     }
     return this.generateAndStore();
@@ -748,45 +752,51 @@ var ExpoAuth2Stamper = class {
     return this._keyInfo;
   }
   getCryptoKeyPair() {
-    if (!this.privateKey || !this.publicKey)
-      return null;
-    return { privateKey: this.privateKey, publicKey: this.publicKey };
+    return this._keyPair;
+  }
+  /**
+   * Arms the stamper with the OIDC id token for subsequent KMS stamp() calls.
+   *
+   * Persists the token to SecureStore alongside the key pair so that
+   * auto-connect can restore it on the next app launch without a new login.
+   */
+  async setIdToken(idToken) {
+    this._idToken = idToken;
+    const existing = await this.loadRecord();
+    if (existing) {
+      await this.storeRecord({ ...existing, idToken });
+    }
   }
   async stamp(params) {
-    if (!this.privateKey || !this._keyInfo) {
+    if (!this._keyPair || !this._keyInfo || this._idToken === null) {
       throw new Error("ExpoAuth2Stamper not initialized. Call init() first.");
     }
     const signatureRaw = await crypto.subtle.sign(
       { name: "ECDSA", hash: "SHA-256" },
-      this.privateKey,
+      this._keyPair.privateKey,
       new Uint8Array(params.data)
     );
     const rawPublicKey = import_bs58.default.decode(this._keyInfo.publicKey);
-    if (this.idToken === void 0 || this.salt === void 0) {
-      throw new Error("ExpoAuth2Stamper not initialized with idToken or salt.");
-    }
     const stampData = {
-      kind: "OIDC",
-      idToken: this.idToken,
+      kind: this.type,
+      idToken: this._idToken,
       publicKey: (0, import_base64url.base64urlEncode)(rawPublicKey),
-      algorithm: "Secp256r1",
-      salt: this.salt,
+      algorithm: this.algorithm,
+      // The P-256 ephemeral key is unique per wallet, so no additional salt is needed.
+      salt: "",
       signature: (0, import_base64url.base64urlEncode)(new Uint8Array(signatureRaw))
     };
     return (0, import_base64url.base64urlEncode)(new TextEncoder().encode(JSON.stringify(stampData)));
   }
   async resetKeyPair() {
-    await this.clearStoredRecord();
-    this.privateKey = null;
-    this.publicKey = null;
-    this._keyInfo = null;
+    await this.clear();
     return this.generateAndStore();
   }
   async clear() {
     await this.clearStoredRecord();
-    this.privateKey = null;
-    this.publicKey = null;
+    this._keyPair = null;
     this._keyInfo = null;
+    this._idToken = null;
   }
   // Auth2 doesn't use key rotation; minimal no-op implementations.
   async rotateKeyPair() {
@@ -811,16 +821,11 @@ var ExpoAuth2Stamper = class {
     const publicKeyBase58 = import_bs58.default.encode(rawPublicKey);
     const keyIdBuffer = await crypto.subtle.digest("SHA-256", rawPublicKey.buffer);
     const keyId = (0, import_base64url.base64urlEncode)(new Uint8Array(keyIdBuffer)).substring(0, 16);
+    this._keyPair = keyPair;
     this._keyInfo = { keyId, publicKey: publicKeyBase58, createdAt: Date.now() };
     const pkcs8Buffer = await crypto.subtle.exportKey("pkcs8", keyPair.privateKey);
     const privateKeyPkcs8 = import_buffer.Buffer.from(pkcs8Buffer).toString("base64");
-    await SecureStore2.setItemAsync(
-      this.storageKey,
-      JSON.stringify({ privateKeyPkcs8, keyInfo: this._keyInfo }),
-      { requireAuthentication: false }
-    );
-    this.privateKey = await this.importPrivateKey(privateKeyPkcs8);
-    this.publicKey = keyPair.publicKey;
+    await this.storeRecord({ privateKeyPkcs8, keyInfo: this._keyInfo });
     return this._keyInfo;
   }
   async importPublicKeyFromBase58(base58PublicKey) {
@@ -853,6 +858,9 @@ var ExpoAuth2Stamper = class {
       return null;
     }
   }
+  async storeRecord(record) {
+    await SecureStore2.setItemAsync(this.storageKey, JSON.stringify(record), { requireAuthentication: false });
+  }
   async clearStoredRecord() {
     try {
       await SecureStore2.deleteItemAsync(this.storageKey);
@@ -1203,7 +1211,7 @@ function PhantomProvider({ children, config, debugConfig, theme, appIcon, appNam
         [import_constants3.ANALYTICS_HEADERS.CLIENT]: import_react_native7.Platform.OS,
         [import_constants3.ANALYTICS_HEADERS.APP_ID]: config.appId,
         [import_constants3.ANALYTICS_HEADERS.WALLET_TYPE]: config.embeddedWalletType,
-        [import_constants3.ANALYTICS_HEADERS.SDK_VERSION]: "1.0.4"
+        [import_constants3.ANALYTICS_HEADERS.SDK_VERSION]: "1.0.5"
         // Replaced at build time
       }
     };

package/dist/index.mjs

@@ -515,7 +515,7 @@ var ExpoAuthProvider = class {
         // OAuth session management - defaults to allow refresh unless explicitly clearing after logout
         clear_previous_session: (phantomOptions.clearPreviousSession ?? false).toString(),
         allow_refresh: (phantomOptions.allowRefresh ?? true).toString(),
-        sdk_version: "1.0.4",
+        sdk_version: "1.0.5",
         sdk_type: "react-native",
         platform: Platform.OS
       });
@@ -594,7 +594,6 @@ var ExpoAuthProvider = class {
 import * as WebBrowser2 from "expo-web-browser";
 import {
   createCodeVerifier,
-  createSalt,
   exchangeAuthCode,
   Auth2KmsRpcClient,
   createConnectStartUrl
@@ -621,7 +620,6 @@ var ExpoAuth2AuthProvider = class {
       throw new Error("Stamper key pair not found.");
     }
     const codeVerifier = createCodeVerifier();
-    const salt = createSalt();
     const url = await createConnectStartUrl({
       keyPair,
       connectLoginUrl: this.auth2ProviderOptions.connectLoginUrl,
@@ -630,7 +628,8 @@ var ExpoAuth2AuthProvider = class {
       sessionId: options.sessionId,
       provider: options.provider,
       codeVerifier,
-      salt
+      // The P-256 ephemeral key is unique per wallet, so no additional salt is needed.
+      salt: ""
     });
     await WebBrowser2.warmUpAsync();
     let result;
@@ -663,8 +662,7 @@ var ExpoAuth2AuthProvider = class {
       code,
       codeVerifier
     });
-    this.stamper.idToken = idToken;
-    this.stamper.salt = salt;
+    await this.stamper.setIdToken(idToken);
     const { organizationId, walletId } = await this.kms.discoverOrganizationAndWalletId(bearerToken, authUserId);
     return {
       walletId,
@@ -692,18 +690,23 @@ var ExpoAuth2Stamper = class {
    */
   constructor(storageKey) {
     this.storageKey = storageKey;
-    this.privateKey = null;
-    this.publicKey = null;
+    this._keyPair = null;
     this._keyInfo = null;
+    this._idToken = null;
     this.algorithm = Algorithm.secp256r1;
     this.type = "OIDC";
   }
   async init() {
     const stored = await this.loadRecord();
     if (stored) {
-      this.privateKey = await this.importPrivateKey(stored.privateKeyPkcs8);
-      this.publicKey = await this.importPublicKeyFromBase58(stored.keyInfo.publicKey);
+      this._keyPair = {
+        privateKey: await this.importPrivateKey(stored.privateKeyPkcs8),
+        publicKey: await this.importPublicKeyFromBase58(stored.keyInfo.publicKey)
+      };
       this._keyInfo = stored.keyInfo;
+      if (stored.idToken) {
+        this._idToken = stored.idToken;
+      }
       return this._keyInfo;
     }
     return this.generateAndStore();
@@ -712,45 +715,51 @@ var ExpoAuth2Stamper = class {
     return this._keyInfo;
   }
   getCryptoKeyPair() {
-    if (!this.privateKey || !this.publicKey)
-      return null;
-    return { privateKey: this.privateKey, publicKey: this.publicKey };
+    return this._keyPair;
+  }
+  /**
+   * Arms the stamper with the OIDC id token for subsequent KMS stamp() calls.
+   *
+   * Persists the token to SecureStore alongside the key pair so that
+   * auto-connect can restore it on the next app launch without a new login.
+   */
+  async setIdToken(idToken) {
+    this._idToken = idToken;
+    const existing = await this.loadRecord();
+    if (existing) {
+      await this.storeRecord({ ...existing, idToken });
+    }
   }
   async stamp(params) {
-    if (!this.privateKey || !this._keyInfo) {
+    if (!this._keyPair || !this._keyInfo || this._idToken === null) {
       throw new Error("ExpoAuth2Stamper not initialized. Call init() first.");
     }
     const signatureRaw = await crypto.subtle.sign(
       { name: "ECDSA", hash: "SHA-256" },
-      this.privateKey,
+      this._keyPair.privateKey,
       new Uint8Array(params.data)
     );
     const rawPublicKey = bs58.decode(this._keyInfo.publicKey);
-    if (this.idToken === void 0 || this.salt === void 0) {
-      throw new Error("ExpoAuth2Stamper not initialized with idToken or salt.");
-    }
     const stampData = {
-      kind: "OIDC",
-      idToken: this.idToken,
+      kind: this.type,
+      idToken: this._idToken,
       publicKey: base64urlEncode(rawPublicKey),
-      algorithm: "Secp256r1",
-      salt: this.salt,
+      algorithm: this.algorithm,
+      // The P-256 ephemeral key is unique per wallet, so no additional salt is needed.
+      salt: "",
       signature: base64urlEncode(new Uint8Array(signatureRaw))
     };
     return base64urlEncode(new TextEncoder().encode(JSON.stringify(stampData)));
   }
   async resetKeyPair() {
-    await this.clearStoredRecord();
-    this.privateKey = null;
-    this.publicKey = null;
-    this._keyInfo = null;
+    await this.clear();
     return this.generateAndStore();
   }
   async clear() {
     await this.clearStoredRecord();
-    this.privateKey = null;
-    this.publicKey = null;
+    this._keyPair = null;
     this._keyInfo = null;
+    this._idToken = null;
   }
   // Auth2 doesn't use key rotation; minimal no-op implementations.
   async rotateKeyPair() {
@@ -775,16 +784,11 @@ var ExpoAuth2Stamper = class {
     const publicKeyBase58 = bs58.encode(rawPublicKey);
     const keyIdBuffer = await crypto.subtle.digest("SHA-256", rawPublicKey.buffer);
     const keyId = base64urlEncode(new Uint8Array(keyIdBuffer)).substring(0, 16);
+    this._keyPair = keyPair;
     this._keyInfo = { keyId, publicKey: publicKeyBase58, createdAt: Date.now() };
     const pkcs8Buffer = await crypto.subtle.exportKey("pkcs8", keyPair.privateKey);
     const privateKeyPkcs8 = Buffer.from(pkcs8Buffer).toString("base64");
-    await SecureStore2.setItemAsync(
-      this.storageKey,
-      JSON.stringify({ privateKeyPkcs8, keyInfo: this._keyInfo }),
-      { requireAuthentication: false }
-    );
-    this.privateKey = await this.importPrivateKey(privateKeyPkcs8);
-    this.publicKey = keyPair.publicKey;
+    await this.storeRecord({ privateKeyPkcs8, keyInfo: this._keyInfo });
     return this._keyInfo;
   }
   async importPublicKeyFromBase58(base58PublicKey) {
@@ -817,6 +821,9 @@ var ExpoAuth2Stamper = class {
       return null;
     }
   }
+  async storeRecord(record) {
+    await SecureStore2.setItemAsync(this.storageKey, JSON.stringify(record), { requireAuthentication: false });
+  }
   async clearStoredRecord() {
     try {
       await SecureStore2.deleteItemAsync(this.storageKey);
@@ -1167,7 +1174,7 @@ function PhantomProvider({ children, config, debugConfig, theme, appIcon, appNam
         [ANALYTICS_HEADERS.CLIENT]: Platform2.OS,
         [ANALYTICS_HEADERS.APP_ID]: config.appId,
         [ANALYTICS_HEADERS.WALLET_TYPE]: config.embeddedWalletType,
-        [ANALYTICS_HEADERS.SDK_VERSION]: "1.0.4"
+        [ANALYTICS_HEADERS.SDK_VERSION]: "1.0.5"
         // Replaced at build time
       }
     };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@phantom/react-native-sdk",
-  "version": "1.0.4",
+  "version": "1.0.5",
   "description": "Phantom Wallet SDK for React Native and Expo applications",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -45,16 +45,16 @@
     "directory": "packages/react-native-sdk"
   },
   "dependencies": {
-    "@phantom/api-key-stamper": "^1.0.4",
-    "@phantom/auth2": "^1.0.0",
-    "@phantom/base64url": "^1.0.4",
-    "@phantom/chain-interfaces": "^1.0.4",
-    "@phantom/client": "^1.0.4",
-    "@phantom/constants": "^1.0.4",
-    "@phantom/crypto": "^1.0.4",
-    "@phantom/embedded-provider-core": "^1.0.4",
-    "@phantom/sdk-types": "^1.0.4",
-    "@phantom/wallet-sdk-ui": "^1.0.4",
+    "@phantom/api-key-stamper": "^1.0.5",
+    "@phantom/auth2": "^1.0.1",
+    "@phantom/base64url": "^1.0.5",
+    "@phantom/chain-interfaces": "^1.0.5",
+    "@phantom/client": "^1.0.5",
+    "@phantom/constants": "^1.0.5",
+    "@phantom/crypto": "^1.0.5",
+    "@phantom/embedded-provider-core": "^1.0.5",
+    "@phantom/sdk-types": "^1.0.5",
+    "@phantom/wallet-sdk-ui": "^1.0.5",
     "@types/bs58": "^5.0.0",
     "bs58": "^6.0.0",
     "buffer": "^6.0.3"