@pollar/core 0.5.0 → 0.5.3

package/dist/index.js

@@ -767,8 +767,176 @@ var PollarFlowError = class extends Error {
   }
 };
 
+// src/wallets/FreighterAdapter.ts
+var import_freighter_api = __toESM(require_index_min());
+
+// src/wallets/types.ts
+var WalletType = /* @__PURE__ */ ((WalletType2) => {
+  WalletType2["FREIGHTER"] = "freighter";
+  WalletType2["ALBEDO"] = "albedo";
+  return WalletType2;
+})(WalletType || {});
+
+// src/wallets/FreighterAdapter.ts
+var FreighterAdapter = class {
+  constructor() {
+    this.type = "freighter" /* FREIGHTER */;
+  }
+  async isAvailable() {
+    try {
+      return await (0, import_freighter_api.isConnected)();
+    } catch {
+      return false;
+    }
+  }
+  async connect() {
+    const connected = await (0, import_freighter_api.isConnected)();
+    if (!connected) {
+      throw new Error("Freighter wallet is not installed");
+    }
+    const allowed = await (0, import_freighter_api.isAllowed)();
+    if (!allowed) {
+      await (0, import_freighter_api.setAllowed)();
+    }
+    const userInfo = await (0, import_freighter_api.getUserInfo)();
+    if (!userInfo?.publicKey) {
+      throw new Error("Failed to get user information from Freighter");
+    }
+    return { address: userInfo.publicKey, publicKey: userInfo.publicKey };
+  }
+  async disconnect() {
+  }
+  async getPublicKey() {
+    try {
+      const allowed = await (0, import_freighter_api.isAllowed)();
+      if (!allowed) return null;
+      const userInfo = await (0, import_freighter_api.getUserInfo)();
+      return userInfo?.publicKey ?? null;
+    } catch {
+      return null;
+    }
+  }
+  async getNetwork() {
+    return (0, import_freighter_api.getNetwork)();
+  }
+  async signTransaction(xdr, options) {
+    const result = await (0, import_freighter_api.signTransaction)(xdr, {
+      network: options?.network,
+      networkPassphrase: options?.networkPassphrase,
+      accountToSign: options?.accountToSign
+    });
+    if (!result || typeof result !== "string") {
+      throw new Error("Invalid response from Freighter");
+    }
+    return { signedTxXdr: result };
+  }
+  async signAuthEntry(entryXdr, options) {
+    const result = await (0, import_freighter_api.signAuthEntry)(entryXdr, { accountToSign: options?.accountToSign });
+    if (!result || typeof result !== "string") {
+      throw new Error("Invalid response from Freighter");
+    }
+    return { signedAuthEntry: result };
+  }
+};
+
+// src/wallets/AlbedoAdapter.ts
+function openAlbedoPopup(url) {
+  const popup = window.open(url, "albedo", "width=420,height=720,resizable=yes,scrollbars=yes");
+  if (!popup) {
+    throw new Error("Failed to open Albedo popup (blocked by browser)");
+  }
+  return popup;
+}
+function waitForAlbedoPopup() {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
+    function handler(event) {
+      if (event.origin !== window.location.origin || event.data?.type !== "ALBEDO_RESULT") return;
+      clearTimeout(timeout);
+      window.removeEventListener("message", handler);
+      resolve(event.data.payload);
+    }
+    window.addEventListener("message", handler);
+  });
+}
+function waitForAlbedoResult() {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
+    const parseResult = () => {
+      const params = new URLSearchParams(window.location.search);
+      if (!params.has("pubkey") && !params.has("signed_envelope_xdr") && !params.has("signed_xdr")) return;
+      clearTimeout(timeout);
+      const result = {};
+      params.forEach((value, key) => {
+        result[key] = value;
+      });
+      window.history.replaceState({}, document.title, window.location.pathname);
+      resolve(result);
+    };
+    parseResult();
+    window.addEventListener("popstate", parseResult);
+  });
+}
+var AlbedoAdapter = class {
+  constructor() {
+    this.type = "albedo" /* ALBEDO */;
+  }
+  async isAvailable() {
+    return typeof window !== "undefined";
+  }
+  async connect() {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "public-key");
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
+    url.searchParams.set("origin", window.location.origin);
+    openAlbedoPopup(url.toString());
+    const result = await waitForAlbedoPopup();
+    if (!result.pubkey) {
+      throw new Error("Albedo connection rejected");
+    }
+    return { address: result.pubkey, publicKey: result.pubkey };
+  }
+  async disconnect() {
+  }
+  async getPublicKey() {
+    return null;
+  }
+  async getNetwork() {
+    throw new Error("Albedo does not expose network");
+  }
+  async signTransaction(xdr, _options) {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "tx");
+    url.searchParams.set("xdr", xdr);
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("origin", window.location.origin);
+    window.location.href = url.toString();
+    const result = await waitForAlbedoResult();
+    if (!result.signed_envelope_xdr) throw new Error("Albedo signing rejected");
+    return { signedTxXdr: result.signed_envelope_xdr };
+  }
+  async signAuthEntry(entryXdr, _options) {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "sign-auth-entry");
+    url.searchParams.set("xdr", entryXdr);
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("origin", window.location.origin);
+    window.location.href = url.toString();
+    const result = await waitForAlbedoResult();
+    if (!result.signed_xdr) throw new Error("Albedo auth entry signing rejected");
+    return { signedAuthEntry: result.signed_xdr };
+  }
+};
+
 // src/client/session.ts
 var STORAGE_KEY = "pollar:session";
+var WALLET_TYPE_KEY = "pollar:walletType";
 function isValidSession(value) {
   if (typeof value !== "object" || value === null) {
     console.warn("[PollarClient:session] Invalid session \u2014 value is not an object");
@@ -904,8 +1072,15 @@ function writeStorage(session) {
 }
 function removeStorage() {
   localStorage.removeItem(STORAGE_KEY);
+  localStorage.removeItem(WALLET_TYPE_KEY);
   console.info("[PollarClient:session] Session removed from storage");
 }
+function writeWalletType(type) {
+  localStorage.setItem(WALLET_TYPE_KEY, type);
+}
+function readWalletType() {
+  return localStorage.getItem(WALLET_TYPE_KEY);
+}
 
 // src/client/stream.ts
 function abortableDelay(ms, signal) {
@@ -979,7 +1154,7 @@ async function streamUntilFound(api, clientSessionId, check, retryDelayMs = 200,
 }
 
 // src/client/auth/authenticate.ts
-async function authenticate(clientSessionId, deps) {
+async function authenticate(clientSessionId, deps, expectedWallet) {
   const { api, signal, setAuthState, storeSession, clearSession } = deps;
   setAuthState({ step: "authenticating" });
   await streamUntilFound(api, clientSessionId, (data2) => data2?.status === "READY", 200, signal);
@@ -988,6 +1163,16 @@ async function authenticate(clientSessionId, deps) {
     signal
   });
   if (data?.code === "SDK_LOGIN_SUCCESS" && isValidSession(data?.content)) {
+    if (expectedWallet && data.content.data.providers.wallet?.address !== expectedWallet) {
+      setAuthState({
+        step: "error",
+        previousStep: "authenticating",
+        message: "Wallet mismatch: session wallet does not match connected wallet",
+        errorCode: AUTH_ERROR_CODES.WALLET_AUTH_FAILED
+      });
+      clearSession();
+      return;
+    }
     storeSession(data.content);
   } else {
     setAuthState({
@@ -1105,173 +1290,6 @@ async function loginOAuth(provider, deps) {
   await authenticate(clientSessionId, deps);
 }
 
-// src/wallets/FreighterAdapter.ts
-var import_freighter_api = __toESM(require_index_min());
-
-// src/wallets/types.ts
-var WalletType = /* @__PURE__ */ ((WalletType2) => {
-  WalletType2["FREIGHTER"] = "freighter";
-  WalletType2["ALBEDO"] = "albedo";
-  return WalletType2;
-})(WalletType || {});
-
-// src/wallets/FreighterAdapter.ts
-var FreighterAdapter = class {
-  constructor() {
-    this.type = "freighter" /* FREIGHTER */;
-  }
-  async isAvailable() {
-    try {
-      return await (0, import_freighter_api.isConnected)();
-    } catch {
-      return false;
-    }
-  }
-  async connect() {
-    const connected = await (0, import_freighter_api.isConnected)();
-    if (!connected) {
-      throw new Error("Freighter wallet is not installed");
-    }
-    const allowed = await (0, import_freighter_api.isAllowed)();
-    if (!allowed) {
-      await (0, import_freighter_api.setAllowed)();
-    }
-    const userInfo = await (0, import_freighter_api.getUserInfo)();
-    if (!userInfo?.publicKey) {
-      throw new Error("Failed to get user information from Freighter");
-    }
-    return { address: userInfo.publicKey, publicKey: userInfo.publicKey };
-  }
-  async disconnect() {
-  }
-  async getPublicKey() {
-    try {
-      const allowed = await (0, import_freighter_api.isAllowed)();
-      if (!allowed) return null;
-      const userInfo = await (0, import_freighter_api.getUserInfo)();
-      return userInfo?.publicKey ?? null;
-    } catch {
-      return null;
-    }
-  }
-  async getNetwork() {
-    return (0, import_freighter_api.getNetwork)();
-  }
-  async signTransaction(xdr, options) {
-    const result = await (0, import_freighter_api.signTransaction)(xdr, {
-      network: options?.network,
-      networkPassphrase: options?.networkPassphrase,
-      accountToSign: options?.accountToSign
-    });
-    if (!result || typeof result !== "string") {
-      throw new Error("Invalid response from Freighter");
-    }
-    return { signedTxXdr: result };
-  }
-  async signAuthEntry(entryXdr, options) {
-    const result = await (0, import_freighter_api.signAuthEntry)(entryXdr, { accountToSign: options?.accountToSign });
-    if (!result || typeof result !== "string") {
-      throw new Error("Invalid response from Freighter");
-    }
-    return { signedAuthEntry: result };
-  }
-};
-
-// src/wallets/AlbedoAdapter.ts
-function openAlbedoPopup(url) {
-  const popup = window.open(url, "albedo", "width=420,height=720,resizable=yes,scrollbars=yes");
-  if (!popup) {
-    throw new Error("Failed to open Albedo popup (blocked by browser)");
-  }
-  return popup;
-}
-function waitForAlbedoPopup() {
-  return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
-    function handler(event) {
-      if (event.origin !== window.location.origin || event.data?.type !== "ALBEDO_RESULT") return;
-      clearTimeout(timeout);
-      window.removeEventListener("message", handler);
-      resolve(event.data.payload);
-    }
-    window.addEventListener("message", handler);
-  });
-}
-function waitForAlbedoResult() {
-  return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
-    const parseResult = () => {
-      const params = new URLSearchParams(window.location.search);
-      if (!params.has("pubkey") && !params.has("signed_envelope_xdr") && !params.has("signed_xdr")) return;
-      clearTimeout(timeout);
-      const result = {};
-      params.forEach((value, key) => {
-        result[key] = value;
-      });
-      window.history.replaceState({}, document.title, window.location.pathname);
-      resolve(result);
-    };
-    parseResult();
-    window.addEventListener("popstate", parseResult);
-  });
-}
-var AlbedoAdapter = class {
-  constructor() {
-    this.type = "albedo" /* ALBEDO */;
-  }
-  async isAvailable() {
-    return typeof window !== "undefined";
-  }
-  async connect() {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "public-key");
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
-    url.searchParams.set("origin", window.location.origin);
-    openAlbedoPopup(url.toString());
-    const result = await waitForAlbedoPopup();
-    if (!result.pubkey) {
-      throw new Error("Albedo connection rejected");
-    }
-    return { address: result.pubkey, publicKey: result.pubkey };
-  }
-  async disconnect() {
-  }
-  async getPublicKey() {
-    return null;
-  }
-  async getNetwork() {
-    throw new Error("Albedo does not expose network");
-  }
-  async signTransaction(xdr, _options) {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "tx");
-    url.searchParams.set("xdr", xdr);
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", window.location.href);
-    url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
-    if (!result.signed_envelope_xdr) throw new Error("Albedo signing rejected");
-    return { signedTxXdr: result.signed_envelope_xdr };
-  }
-  async signAuthEntry(entryXdr, _options) {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "sign-auth-entry");
-    url.searchParams.set("xdr", entryXdr);
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", window.location.href);
-    url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
-    if (!result.signed_xdr) throw new Error("Albedo auth entry signing rejected");
-    return { signedAuthEntry: result.signed_xdr };
-  }
-};
-
 // src/client/auth/walletFlow.ts
 function withSignal(promise, signal) {
   return Promise.race([
@@ -1289,6 +1307,7 @@ async function loginWallet(type, deps) {
   const { api, signal, setAuthState } = deps;
   const clientSessionId = await createAuthSession(deps);
   if (!clientSessionId) return;
+  let connectedWallet;
   try {
     setAuthState({ step: "connecting_wallet", walletType: type });
     const adapter = type === "freighter" /* FREIGHTER */ ? new FreighterAdapter() : new AlbedoAdapter();
@@ -1298,7 +1317,8 @@ async function loginWallet(type, deps) {
       return;
     }
     const { publicKey } = await withSignal(adapter.connect(), signal);
-    deps.storeWalletAdapter(adapter);
+    connectedWallet = publicKey;
+    deps.storeWalletAdapter(adapter, type);
     setAuthState({ step: "authenticating_wallet" });
     const { data: walletData, error: walletError } = await api.POST("/auth/wallet", {
       body: { clientSessionId, walletAddress: publicKey },
@@ -1322,7 +1342,7 @@ async function loginWallet(type, deps) {
     });
     return;
   }
-  await authenticate(clientSessionId, deps);
+  await authenticate(clientSessionId, deps, connectedWallet);
 }
 
 // src/client/client.ts
@@ -1339,6 +1359,8 @@ var PollarClient = class {
     this._transactionStateListeners = /* @__PURE__ */ new Set();
     this._txHistoryState = { step: "idle" };
     this._txHistoryStateListeners = /* @__PURE__ */ new Set();
+    this._walletBalanceState = { step: "idle" };
+    this._walletBalanceStateListeners = /* @__PURE__ */ new Set();
     this._authState = { step: "idle" };
     this._authStateListeners = /* @__PURE__ */ new Set();
     this._networkState = { step: "idle" };
@@ -1499,10 +1521,6 @@ var PollarClient = class {
     return () => this._transactionStateListeners.delete(cb);
   }
   // ─── Tx history ──────────────────────────────────────────────────────────
-  _setTxHistoryState(next) {
-    this._txHistoryState = next;
-    for (const cb of this._txHistoryStateListeners) cb(next);
-  }
   getTxHistoryState() {
     return this._txHistoryState;
   }
@@ -1526,13 +1544,32 @@ var PollarClient = class {
     }
   }
   // ─── Wallet balance ───────────────────────────────────────────────────────
-  async getWalletBalance(publicKey) {
+  getWalletBalanceState() {
+    return this._walletBalanceState;
+  }
+  onWalletBalanceStateChange(cb) {
+    this._walletBalanceStateListeners.add(cb);
+    cb(this._walletBalanceState);
+    return () => this._walletBalanceStateListeners.delete(cb);
+  }
+  async refreshBalance(publicKey) {
     const pk = publicKey ?? this._session?.wallet?.publicKey;
-    if (!pk) return null;
-    const network = this.getNetwork();
-    const { data, error } = await this._api.GET("/wallet/balance", { params: { query: { publicKey: pk, network } } });
-    if (!error && data?.success && data.content) return data.content;
-    return null;
+    if (!pk) {
+      this._setWalletBalanceState({ step: "error", message: "No wallet connected" });
+      return;
+    }
+    this._setWalletBalanceState({ step: "loading" });
+    try {
+      const network = this.getNetwork();
+      const { data, error } = await this._api.GET("/wallet/balance", { params: { query: { publicKey: pk, network } } });
+      if (!error && data?.success && data.content) {
+        this._setWalletBalanceState({ step: "loaded", data: data.content });
+      } else {
+        this._setWalletBalanceState({ step: "error", message: "Failed to load balance" });
+      }
+    } catch {
+      this._setWalletBalanceState({ step: "error", message: "Failed to load balance" });
+    }
   }
   // ─── Transactions ─────────────────────────────────────────────────────────
   async buildTx(operation, params, options) {
@@ -1560,27 +1597,29 @@ var PollarClient = class {
       this._setTransactionState({ step: "error" });
     }
   }
+  getWalletType() {
+    return this._walletAdapter?.type ?? null;
+  }
   async signAndSubmitTx(unsignedXdr) {
-    if (this._transactionState?.step !== "built") {
-      throw new PollarFlowError(
-        `signAndSubmitTx() requires step 'built', current step is '${this._transactionState?.step ?? "none"}'`
-      );
-    }
-    const buildData = this._transactionState.buildData;
-    this._setTransactionState({ step: "signing", buildData });
+    const state = this._transactionState;
+    const buildData = state?.step === "built" ? state.buildData : state?.step === "error" ? state.buildData : void 0;
+    const isBuiltFlow = !!buildData;
+    const stateExtra = buildData ? { buildData } : { external: true };
+    this._setTransactionState({ step: "signing", ...stateExtra });
+    const accountToSign = isBuiltFlow ? this._session?.wallet?.publicKey : this._session?.data?.providers?.wallet?.address ?? this._session?.wallet?.publicKey;
     if (this._walletAdapter) {
       try {
-        const signOpts = this._session?.wallet?.publicKey ? { networkPassphrase: this._networkPassphrase(), accountToSign: this._session.wallet.publicKey } : { networkPassphrase: this._networkPassphrase() };
+        const signOpts = accountToSign ? { networkPassphrase: this._networkPassphrase(), accountToSign } : { networkPassphrase: this._networkPassphrase() };
         const { signedTxXdr } = await this._walletAdapter.signTransaction(unsignedXdr, signOpts);
         const stellarClient = new StellarClient(this.getNetwork());
         const result = await stellarClient.submitTransaction(signedTxXdr);
         if (result.success) {
-          this._setTransactionState({ step: "success", buildData, hash: result.hash });
+          this._setTransactionState({ step: "success", ...stateExtra, hash: result.hash });
         } else {
-          this._setTransactionState({ step: "error", ...buildData && { buildData }, details: result.errorCode });
+          this._setTransactionState({ step: "error", ...stateExtra, details: result.errorCode });
         }
       } catch {
-        this._setTransactionState({ step: "error", ...buildData && { buildData } });
+        this._setTransactionState({ step: "error", ...stateExtra });
       }
       return;
     }
@@ -1592,13 +1631,13 @@ var PollarClient = class {
     try {
       const { data, error } = await this._api.POST("/tx/sign-and-send", { body });
       if (!error && data?.success && data.content?.hash) {
-        this._setTransactionState({ step: "success", buildData, hash: data.content.hash });
+        this._setTransactionState({ step: "success", ...stateExtra, hash: data.content.hash });
       } else {
         const details = error?.details;
-        this._setTransactionState({ step: "error", ...buildData && { buildData }, ...details && { details } });
+        this._setTransactionState({ step: "error", ...stateExtra, ...details && { details } });
       }
     } catch {
-      this._setTransactionState({ step: "error", ...buildData && { buildData } });
+      this._setTransactionState({ step: "error", ...stateExtra });
     }
   }
   // ─── App config ───────────────────────────────────────────────────────────
@@ -1643,6 +1682,14 @@ var PollarClient = class {
   pollRampTransaction(txId, opts) {
     return pollRampTransaction(this._api, txId, opts);
   }
+  _setTxHistoryState(next) {
+    this._txHistoryState = next;
+    for (const cb of this._txHistoryStateListeners) cb(next);
+  }
+  _setWalletBalanceState(next) {
+    this._walletBalanceState = next;
+    for (const cb of this._walletBalanceStateListeners) cb(next);
+  }
   // ─── Private ──────────────────────────────────────────────────────────────
   /** Creates a new AbortController, cancelling any existing flow first. */
   _newController() {
@@ -1658,8 +1705,9 @@ var PollarClient = class {
       setAuthState: this._setAuthState.bind(this),
       storeSession: this._storeSession.bind(this),
       clearSession: this._clearSession.bind(this),
-      storeWalletAdapter: (adapter) => {
+      storeWalletAdapter: (adapter, type) => {
         this._walletAdapter = adapter;
+        writeWalletType(type);
       }
     };
   }
@@ -1681,6 +1729,14 @@ var PollarClient = class {
     this._session = readStorage();
     if (this._session) {
       this._authState = { step: "authenticated", session: this._session };
+      if (this._session.data?.providers?.wallet?.address) {
+        const storedType = readWalletType();
+        if (storedType === "freighter" /* FREIGHTER */) {
+          this._walletAdapter = new FreighterAdapter();
+        } else if (storedType === "albedo" /* ALBEDO */) {
+          this._walletAdapter = new AlbedoAdapter();
+        }
+      }
       console.info("[PollarClient] Session restored from storage");
     } else {
       console.info("[PollarClient] No session in storage");