@pollar/core 0.8.2 → 0.9.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/README.md +35 -0
  2. package/dist/adapters/react-native-appstate.d.mts +1 -1
  3. package/dist/adapters/react-native-appstate.d.ts +1 -1
  4. package/dist/index.d.mts +996 -96
  5. package/dist/index.d.ts +996 -96
  6. package/dist/index.js +546 -112
  7. package/dist/index.js.map +1 -1
  8. package/dist/index.mjs +545 -113
  9. package/dist/index.mjs.map +1 -1
  10. package/dist/index.rn.d.mts +2 -2
  11. package/dist/index.rn.d.ts +2 -2
  12. package/dist/index.rn.js +691 -262
  13. package/dist/index.rn.js.map +1 -1
  14. package/dist/index.rn.mjs +690 -263
  15. package/dist/index.rn.mjs.map +1 -1
  16. package/dist/{types-84G_htcn.d.mts → types-Dyky8g0p.d.mts} +5 -12
  17. package/dist/{types-84G_htcn.d.ts → types-Dyky8g0p.d.ts} +5 -12
  18. package/package.json +1 -1
package/dist/index.d.mts CHANGED
@@ -1,8 +1,36 @@
1
1
  import { S as Storage, O as OnStorageDegrade } from './types-DqgJIJBl.mjs';
2
2
  export { a as StorageDegradeReason } from './types-DqgJIJBl.mjs';
3
- import { V as VisibilityProvider } from './types-84G_htcn.mjs';
3
+ import { V as VisibilityProvider } from './types-Dyky8g0p.mjs';
4
4
  import * as openapi_fetch from 'openapi-fetch';
5
5
 
6
+ /**
7
+ * Log levels in increasing verbosity. Setting a level emits that level and
8
+ * every more-important one; `silent` disables all SDK logging.
9
+ *
10
+ * silent < error < warn < info < debug
11
+ */
12
+ type LogLevel = 'silent' | 'error' | 'warn' | 'info' | 'debug';
13
+ /**
14
+ * Sink the SDK writes logs to. The global `console` already satisfies this
15
+ * shape, so it's the default. Inject your own (pino, Sentry breadcrumbs, a test
16
+ * spy…) via `PollarClientConfig.logger` to route SDK logs wherever you want.
17
+ */
18
+ interface PollarLogger {
19
+ error(...args: unknown[]): void;
20
+ warn(...args: unknown[]): void;
21
+ info(...args: unknown[]): void;
22
+ debug(...args: unknown[]): void;
23
+ }
24
+ /**
25
+ * Build a level-gated logger over a sink. The returned object has the same
26
+ * method surface as {@link PollarLogger}; each call is silently dropped when its
27
+ * level is more verbose than the configured `level`. Messages keep their own
28
+ * `[PollarClient…]` prefixes, so this only adds filtering + sink routing.
29
+ *
30
+ * Defaults: `level = 'info'`, `sink = console`.
31
+ */
32
+ declare function createLogger(level?: LogLevel, sink?: PollarLogger): PollarLogger;
33
+
6
34
  type StellarNetwork = 'mainnet' | 'testnet';
7
35
  type StellarClientConfig = StellarNetwork | {
8
36
  horizonUrl: string;
@@ -90,7 +118,6 @@ declare enum WalletType {
90
118
  type WalletId = WalletType | (string & {});
91
119
  interface ConnectWalletResponse {
92
120
  address: string;
93
- publicKey: string;
94
121
  }
95
122
  interface SignTransactionOptions {
96
123
  network?: string;
@@ -133,14 +160,23 @@ declare class FreighterAdapter implements WalletAdapter {
133
160
  signAuthEntry(entryXdr: string, options?: SignAuthEntryOptions): Promise<SignAuthEntryResponse>;
134
161
  }
135
162
 
163
+ /** Albedo's own network vocabulary (it only understands these two values). */
164
+ type AlbedoNetwork = 'public' | 'testnet';
136
165
  declare class AlbedoAdapter implements WalletAdapter {
166
+ private readonly network;
137
167
  readonly type = WalletType.ALBEDO;
168
+ /**
169
+ * Network used for `connect` and `signAuthEntry` (which carry no per-call
170
+ * network) and as the fallback for `signTransaction`. Defaults to `'testnet'`
171
+ * to preserve the previous behavior when constructed with no argument.
172
+ */
173
+ constructor(network?: AlbedoNetwork);
138
174
  isAvailable(): Promise<boolean>;
139
175
  connect(): Promise<ConnectWalletResponse>;
140
176
  disconnect(): Promise<void>;
141
177
  getPublicKey(): Promise<string | null>;
142
178
  getNetwork(): Promise<string>;
143
- signTransaction(xdr: string, _options?: SignTransactionOptions): Promise<SignTransactionResponse>;
179
+ signTransaction(xdr: string, options?: SignTransactionOptions): Promise<SignTransactionResponse>;
144
180
  signAuthEntry(entryXdr: string, _options?: SignAuthEntryOptions): Promise<SignAuthEntryResponse>;
145
181
  }
146
182
 
@@ -165,9 +201,13 @@ interface PollarPersistedSession {
165
201
  ready: boolean;
166
202
  };
167
203
  wallet: {
168
- publicKey: string | null;
204
+ type: 'custodial' | 'smart' | 'external';
205
+ address: string | null;
169
206
  existsOnStellar?: boolean;
170
207
  createdAt?: number;
208
+ linkedAt?: number;
209
+ network?: string;
210
+ deployTxHash?: string | null;
171
211
  };
172
212
  }
173
213
  /** In-memory user profile (kept on `PollarClient`, never persisted). */
@@ -203,9 +243,22 @@ interface PollarClientConfig {
203
243
  storage?: Storage;
204
244
  /**
205
245
  * Pluggable DPoP key manager. Defaults to `defaultKeyManager(storage,
206
- * apiKeyHash)`: WebCrypto in browsers, `@noble/curves` in RN.
246
+ * apiKey)`: WebCrypto in browsers, `@noble/curves` in RN.
207
247
  */
208
248
  keyManager?: KeyManager;
249
+ /**
250
+ * Minimum severity the SDK logs. `silent` disables all SDK logging; the rest
251
+ * emit that level and everything more important (`error` < `warn` < `info` <
252
+ * `debug`). State-transition chatter (auth/tx/network) is at `debug`.
253
+ * Defaults to `'info'`.
254
+ */
255
+ logLevel?: LogLevel;
256
+ /**
257
+ * Sink the SDK writes logs to. Defaults to the global `console`. Inject your
258
+ * own (pino, Sentry breadcrumbs, a test spy…) to route SDK logs anywhere.
259
+ * Filtering by `logLevel` still applies on top of whatever you pass.
260
+ */
261
+ logger?: PollarLogger;
209
262
  /**
210
263
  * Notified when persistent storage silently degrades to in-memory mode
211
264
  * (Safari private browsing quota errors, sandboxed iframes, etc.). Useful
@@ -242,7 +295,8 @@ interface PollarClientConfig {
242
295
  * the moment visibility comes back. Defaults to a web provider in the
243
296
  * browser (`visibilitychange` + BFCache + focus) and a noop elsewhere.
244
297
  * React Native consumers should inject an `AppState`-backed provider —
245
- * see TODO on `VisibilityProvider`.
298
+ * use `createAppStateVisibilityProvider` from
299
+ * `@pollar/core/adapters/react-native-appstate`.
246
300
  */
247
301
  visibilityProvider?: VisibilityProvider;
248
302
  /**
@@ -271,7 +325,55 @@ interface PollarClientConfig {
271
325
  * same URL you pass to `WebBrowser.openAuthSessionAsync`.
272
326
  */
273
327
  oauthRedirectUri?: string;
328
+ /**
329
+ * The passkey (WebAuthn) ceremony for "Smart Wallet" login, injected by the
330
+ * runtime layer (`@pollar/react` implements it with `@simplewebauthn/browser`).
331
+ * `@pollar/core` stays runtime-agnostic and never touches `navigator.credentials`
332
+ * directly. Required to use `loginSmartWallet()`. Browser-only for now;
333
+ * React Native needs a native passkey provider.
334
+ */
335
+ passkey?: PasskeyCeremony;
336
+ /**
337
+ * Signs smart-account (C-address) transactions with the user's passkey.
338
+ * Required to send from a smart wallet. Injected by `@pollar/react`;
339
+ * browser-only for now.
340
+ */
341
+ passkeySign?: PasskeySigner;
274
342
  }
343
+ /**
344
+ * Runs the device WebAuthn ceremony for a server-issued challenge and returns
345
+ * the result to forward to the backend: a registration response for a new user
346
+ * (`create()`) or an authentication assertion for a returning one (`get()`).
347
+ * The implementation decides which (e.g. try `get()` first, fall back to
348
+ * `create()`). `response` is the browser's PublicKeyCredential serialized to
349
+ * JSON — forwarded verbatim to `/auth/passkey/{register,login}`.
350
+ */
351
+ type PasskeyCeremony = (ctx: {
352
+ challenge: string;
353
+ }) => Promise<{
354
+ kind: 'login';
355
+ response: unknown;
356
+ } | {
357
+ kind: 'register';
358
+ response: unknown;
359
+ }>;
360
+ /**
361
+ * Signs a smart-account transaction's auth digest with the user's passkey
362
+ * (a WebAuthn `get()` whose challenge is the raw digest). Returns the PUBLIC
363
+ * assertion fields (base64url) for the server to assemble into the Soroban auth
364
+ * entry — no secret leaves the device. Injected by the runtime layer
365
+ * (`@pollar/react`); `@pollar/core` never touches `navigator.credentials`.
366
+ */
367
+ type PasskeySigner = (ctx: {
368
+ /** base64url WebAuthn credential id to sign with. */
369
+ credentialId: string;
370
+ /** hex-encoded auth digest to use as the WebAuthn challenge. */
371
+ challenge: string;
372
+ }) => Promise<{
373
+ authenticatorData: string;
374
+ clientDataJSON: string;
375
+ signature: string;
376
+ }>;
275
377
  /**
276
378
  * Strategy for opening the hosted OAuth URL. The SDK mints the per-login auth
277
379
  * session lazily inside `getUrl()` (call it once; the first call creates the
@@ -310,6 +412,23 @@ interface SessionInfo {
310
412
  current: boolean;
311
413
  expiresAt: string;
312
414
  }
415
+ /**
416
+ * Observable state for the active-sessions list. Lives on the client (like
417
+ * {@link TxHistoryState} / {@link WalletBalanceState}) so UI layers can
418
+ * subscribe via `onSessionsStateChange` and stay pure readers instead of
419
+ * holding the loading state locally.
420
+ */
421
+ type SessionsState = {
422
+ step: 'idle';
423
+ } | {
424
+ step: 'loading';
425
+ } | {
426
+ step: 'loaded';
427
+ sessions: SessionInfo[];
428
+ } | {
429
+ step: 'error';
430
+ message: string;
431
+ };
313
432
  type TxBuildBody = NonNullable<paths['/tx/build']['post']['requestBody']>['content']['application/json'];
314
433
  type TxBuildResponse = paths['/tx/build']['post']['responses'][200]['content']['application/json'];
315
434
  type TxSignAndSendBody = NonNullable<paths['/tx/sign-and-send']['post']['requestBody']>['content']['application/json'];
@@ -451,6 +570,7 @@ declare const AUTH_ERROR_CODES: {
451
570
  readonly WALLET_CONNECT_FAILED: "WALLET_CONNECT_FAILED";
452
571
  readonly WALLET_AUTH_FAILED: "WALLET_AUTH_FAILED";
453
572
  readonly WALLET_RESOLVER_TIMEOUT: "WALLET_RESOLVER_TIMEOUT";
573
+ readonly PASSKEY_FAILED: "PASSKEY_FAILED";
454
574
  readonly UNEXPECTED_ERROR: "UNEXPECTED_ERROR";
455
575
  };
456
576
  type AuthErrorCode = (typeof AUTH_ERROR_CODES)[keyof typeof AUTH_ERROR_CODES];
@@ -483,11 +603,21 @@ type AuthState = {
483
603
  walletType: WalletId;
484
604
  } | {
485
605
  step: 'authenticating_wallet';
606
+ } | {
607
+ step: 'creating_passkey';
608
+ } | {
609
+ step: 'deploying_smart_account';
486
610
  } | {
487
611
  step: 'authenticating';
488
612
  } | {
489
613
  step: 'authenticated';
490
614
  session: PollarPersistedSession;
615
+ /**
616
+ * `false` while the session is restored optimistically from storage and
617
+ * not yet revalidated with the server; `true` after a fresh login/refresh
618
+ * or a successful `/auth/session/resume`. Gate sensitive actions on this.
619
+ */
620
+ verified: boolean;
491
621
  } | {
492
622
  step: 'error';
493
623
  previousStep: string;
@@ -519,6 +649,19 @@ type WalletBalanceState = {
519
649
  step: 'error';
520
650
  message: string;
521
651
  };
652
+ type WalletAssetsContent = paths['/wallet/assets']['get']['responses'][200]['content']['application/json']['content'];
653
+ type EnabledAssetRecord = WalletAssetsContent['assets'][number];
654
+ type EnabledAssetsState = {
655
+ step: 'idle';
656
+ } | {
657
+ step: 'loading';
658
+ } | {
659
+ step: 'loaded';
660
+ data: WalletAssetsContent;
661
+ } | {
662
+ step: 'error';
663
+ message: string;
664
+ };
522
665
  type TxHistoryRecord = paths['/tx/history']['get']['responses'][200]['content']['application/json']['content']['records'][number];
523
666
  type TxHistoryParams = NonNullable<paths['/tx/history']['get']['parameters']['query']>;
524
667
  type TxHistoryContent = paths['/tx/history']['get']['responses'][200]['content']['application/json']['content'];
@@ -581,6 +724,7 @@ declare class PollarClient {
581
724
  readonly id: string;
582
725
  readonly basePath: string;
583
726
  private readonly _api;
727
+ private readonly _log;
584
728
  private readonly _storage;
585
729
  private readonly _keyManager;
586
730
  /** Resolves once `keyManager.init()` and the initial session restore complete. */
@@ -625,8 +769,12 @@ declare class PollarClient {
625
769
  private _transactionStateListeners;
626
770
  private _txHistoryState;
627
771
  private _txHistoryStateListeners;
772
+ private _sessionsState;
773
+ private _sessionsStateListeners;
628
774
  private _walletBalanceState;
629
775
  private _walletBalanceStateListeners;
776
+ private _enabledAssetsState;
777
+ private _enabledAssetsStateListeners;
630
778
  private _authState;
631
779
  private _authStateListeners;
632
780
  private _networkState;
@@ -643,7 +791,11 @@ declare class PollarClient {
643
791
  private _walletAdapter;
644
792
  private readonly _walletAdapterResolver;
645
793
  private readonly _walletResolverTimeoutMs;
794
+ private readonly _passkey;
795
+ private readonly _passkeySign;
646
796
  private _loginController;
797
+ /** Aborts an in-flight `/auth/session/resume` on destroy() or re-trigger. */
798
+ private _resumeController;
647
799
  /** Platform strategy for opening the hosted-OAuth URL (popup on web; injected on RN). */
648
800
  private readonly _openAuthUrl;
649
801
  /** `redirect_uri` sent to the backend for hosted OAuth. */
@@ -718,6 +870,12 @@ declare class PollarClient {
718
870
  sendEmailCode(email: string): void;
719
871
  verifyEmailCode(code: string): void;
720
872
  loginWallet(type: WalletId): void;
873
+ /**
874
+ * "Smart Wallet" login: runs the passkey (WebAuthn) ceremony and, for a new
875
+ * user, creates a sponsored smart-account C-address. Requires the `passkey`
876
+ * ceremony to be configured (e.g. via `@pollar/react`).
877
+ */
878
+ loginSmartWallet(): void;
721
879
  cancelLogin(): void;
722
880
  /**
723
881
  * Revoke the current session server-side, then clear local storage.
@@ -741,6 +899,14 @@ declare class PollarClient {
741
899
  * `current` flag identifies which entry corresponds to this client.
742
900
  */
743
901
  listSessions(): Promise<SessionInfo[]>;
902
+ getSessionsState(): SessionsState;
903
+ onSessionsStateChange(cb: (state: SessionsState) => void): () => void;
904
+ /**
905
+ * Fire-and-forget variant of {@link listSessions} that drives the observable
906
+ * `SessionsState` store instead of returning the array. UI layers subscribe
907
+ * via `onSessionsStateChange` and stay pure readers — mirrors `fetchTxHistory`.
908
+ */
909
+ fetchSessions(): Promise<void>;
744
910
  /**
745
911
  * Revoke a specific refresh-token family (a single device session). Use
746
912
  * `listSessions` to enumerate the familyIds. Revoking the current session
@@ -749,6 +915,12 @@ declare class PollarClient {
749
915
  revokeSession(familyId: string): Promise<void>;
750
916
  getNetwork(): StellarNetwork;
751
917
  getNetworkState(): NetworkState;
918
+ /**
919
+ * The client's level-gated logger (built from `logLevel` / `logger`). Exposed
920
+ * so the runtime layer (`@pollar/react`) can route its own logs through the
921
+ * same level and sink instead of calling `console` directly.
922
+ */
923
+ getLogger(): PollarLogger;
752
924
  setNetwork(network: StellarNetwork): void;
753
925
  onNetworkStateChange(cb: (state: NetworkState) => void): () => void;
754
926
  getTransactionState(): TransactionState | null;
@@ -758,7 +930,28 @@ declare class PollarClient {
758
930
  fetchTxHistory(params?: TxHistoryParams): Promise<void>;
759
931
  getWalletBalanceState(): WalletBalanceState;
760
932
  onWalletBalanceStateChange(cb: (state: WalletBalanceState) => void): () => void;
761
- refreshBalance(publicKey?: string): Promise<void>;
933
+ /**
934
+ * Refreshes the balances of the authenticated user's OWN wallet. The wallet
935
+ * and network are resolved server-side from the session — no arguments. Drives
936
+ * `walletBalanceState`. For an arbitrary wallet, use {@link getWalletBalance}.
937
+ */
938
+ refreshBalance(): Promise<void>;
939
+ /**
940
+ * General-purpose balance lookup for ANY wallet on ANY network — not scoped
941
+ * to this application. Enumerates the account's real on-chain holdings via
942
+ * Horizon (server-side) and returns the data directly (no reactive state).
943
+ * `network` defaults to the client's current network.
944
+ */
945
+ getWalletBalance(publicKey: string, network?: StellarNetwork): Promise<WalletBalanceContent>;
946
+ getEnabledAssetsState(): EnabledAssetsState;
947
+ onEnabledAssetsStateChange(cb: (state: EnabledAssetsState) => void): () => void;
948
+ /**
949
+ * Loads the application's enabled assets paired with the authenticated
950
+ * wallet's on-chain trustline state — so the SDK knows which trustlines still
951
+ * need to be added. Wallet and network are resolved server-side from the
952
+ * session. Drives `enabledAssetsState`; mirrors {@link refreshBalance}.
953
+ */
954
+ refreshAssets(): Promise<void>;
762
955
  /**
763
956
  * Builds an unsigned XDR. Drives `_setTransactionState` for modal-style UIs
764
957
  * AND returns a {@link BuildOutcome} so headless callers can `await` and
@@ -813,7 +1006,7 @@ declare class PollarClient {
813
1006
  * backend call) and then transitions to `submitted` (Horizon ack only) or
814
1007
  * `success` (ledger-confirmed), or `error[phase: 'signing-submitting']`.
815
1008
  */
816
- signAndSubmitTx(unsignedXdr: string): Promise<SubmitOutcome>;
1009
+ signAndSubmitTx(unsignedXdr?: string): Promise<SubmitOutcome>;
817
1010
  /**
818
1011
  * One-shot: build → sign → submit, returning the final {@link SubmitOutcome}.
819
1012
  *
@@ -834,6 +1027,20 @@ declare class PollarClient {
834
1027
  buildAndSignAndSubmitTx(operation: TxBuildBody['operation'], params: TxBuildBody['params'], options?: TxBuildBody['options']): Promise<SubmitOutcome>;
835
1028
  /** Alias for {@link buildAndSignAndSubmitTx} — shorter "just do the thing" name. */
836
1029
  runTx(operation: TxBuildBody['operation'], params: TxBuildBody['params'], options?: TxBuildBody['options']): Promise<SubmitOutcome>;
1030
+ /**
1031
+ * Smart-wallet (passkey / C-address) transaction: build (server prepares the
1032
+ * SAC transfer + returns the auth digest) → sign the digest with the passkey
1033
+ * → submit (server assembles the signed auth entry and broadcasts; the
1034
+ * sponsor pays the fee). State machine: building → built → signing →
1035
+ * submitting → success.
1036
+ */
1037
+ private _runSmartTx;
1038
+ /**
1039
+ * Steps 2–3 of the smart-wallet flow: sign the prepared auth digest with the
1040
+ * passkey, then submit. Shared by `_runSmartTx` (atomic) and `signAndSubmitTx`
1041
+ * (split flow, when a smart build is already on the state machine).
1042
+ */
1043
+ private _signSubmitSmart;
837
1044
  getAppConfig(): Promise<unknown>;
838
1045
  getKycStatus(providerId?: string): Promise<{
839
1046
  status: KycStatus;
@@ -871,7 +1078,9 @@ declare class PollarClient {
871
1078
  listDistributionRules(): Promise<DistributionRule[]>;
872
1079
  claimDistributionRule(body: DistributionClaimBody): Promise<DistributionClaimContent>;
873
1080
  private _setTxHistoryState;
1081
+ private _setSessionsState;
874
1082
  private _setWalletBalanceState;
1083
+ private _setEnabledAssetsState;
875
1084
  private _newController;
876
1085
  private _flowDeps;
877
1086
  /**
@@ -883,6 +1092,21 @@ declare class PollarClient {
883
1092
  private _resolveWalletAdapter;
884
1093
  private _handleFlowError;
885
1094
  private _restoreSession;
1095
+ /**
1096
+ * Validate the restored session against the server and repopulate the
1097
+ * in-memory profile (PII is never persisted, so it's null after a cold
1098
+ * reload). Goes through the normal authed client, so it coalesces with any
1099
+ * in-flight refresh (onRequest awaits `_refreshPromise`) and, being a GET,
1100
+ * is auto-retried after a 401-triggered refresh.
1101
+ *
1102
+ * - 200 → store profile, mark the session `verified`.
1103
+ * - 401 → the refresh-on-401 path already ran; if the family was
1104
+ * revoked, refresh failed and `_clearSession()` took us to
1105
+ * idle. Nothing to do here — don't double-handle.
1106
+ * - network error → stay optimistic (do NOT log out); revalidated later on
1107
+ * `visibilitychange` or first use.
1108
+ */
1109
+ private _resume;
886
1110
  private _storeSession;
887
1111
  private _clearSession;
888
1112
  private _networkPassphrase;
@@ -898,6 +1122,16 @@ declare class PollarClient {
898
1122
  private _currentBuildData;
899
1123
  }
900
1124
 
1125
+ /**
1126
+ * Version of this `@pollar/core` build (e.g. `'0.8.2'`). Falls back to `'dev'`
1127
+ * when running unbundled.
1128
+ *
1129
+ * Named per-package on purpose: importing it alongside `@pollar/react`'s
1130
+ * `POLLAR_REACT_VERSION` never collides, so an app can report both versions in
1131
+ * a single bug-report / diagnostics line.
1132
+ */
1133
+ declare const POLLAR_CORE_VERSION: string;
1134
+
901
1135
  /**
902
1136
  * In-memory storage backed by a `Map`. Always available, never throws.
903
1137
  * Used as the default fallback for SSR, private browsing, sandboxed iframes
@@ -911,6 +1145,11 @@ interface LocalStorageAdapterOptions {
911
1145
  * in-memory fallback (e.g. quota exceeded, throwing `localStorage`).
912
1146
  */
913
1147
  onDegrade?: OnStorageDegrade;
1148
+ /**
1149
+ * Logger for the one-shot degrade warning. Defaults to the global `console`;
1150
+ * `PollarClient` passes its level-gated logger so `logLevel` applies here too.
1151
+ */
1152
+ logger?: PollarLogger;
914
1153
  }
915
1154
  /**
916
1155
  * `localStorage`-backed adapter that wraps every operation in try/catch and
@@ -968,6 +1207,20 @@ declare class WebCryptoKeyManager implements KeyManager {
968
1207
  */
969
1208
  init(): Promise<void>;
970
1209
  private _doInit;
1210
+ /**
1211
+ * Derive the public JWK from a `CryptoKey`. Prefers the `'raw'` export (the
1212
+ * 65-byte uncompressed point `0x04 || X(32) || Y(32)`) and base64url-encodes
1213
+ * the coordinates ourselves — that sidesteps polyfills whose `exportKey('jwk')`
1214
+ * emits non-base64url `x`/`y` (standard base64, `=` padding, or — as seen with
1215
+ * `react-native-quick-crypto` — a stray `.`). Real browsers and most polyfills
1216
+ * support `'raw'` for public EC keys.
1217
+ *
1218
+ * Falls back to the `'jwk'` export (normalized via `canonicalEcJwk`) if `'raw'`
1219
+ * is unsupported or returns an unexpected shape, so this can't regress on a
1220
+ * runtime that only implements the JWK path. Both routes yield identical
1221
+ * coordinate bytes, so the `cnf.jkt` thumbprint is unchanged either way.
1222
+ */
1223
+ private _exportPublicJwk;
971
1224
  reset(): Promise<void>;
972
1225
  getPublicJwk(): Promise<PublicEcJwk>;
973
1226
  getThumbprint(): Promise<string>;
@@ -995,9 +1248,11 @@ declare class WebCryptoKeyManager implements KeyManager {
995
1248
  */
996
1249
  declare function computeJwkThumbprint(jwk: PublicEcJwk): Promise<string>;
997
1250
  /**
998
- * Strip a JWK to only the four required EC public members. Useful when the
999
- * input came from `crypto.subtle.exportKey('jwk', publicKey)` which adds
1000
- * `ext` / `key_ops`. Returns a fresh object — never mutates input.
1251
+ * Strip a JWK to only the four required EC public members and normalize the
1252
+ * coordinates to unpadded base64url. Useful when the input came from
1253
+ * `crypto.subtle.exportKey('jwk', publicKey)` which adds `ext` / `key_ops`
1254
+ * (and, under some RN polyfills, non-base64url coordinates). Returns a fresh
1255
+ * object — never mutates input.
1001
1256
  */
1002
1257
  declare function canonicalEcJwk(jwk: {
1003
1258
  kty?: string;
@@ -1265,6 +1520,66 @@ interface paths {
1265
1520
  patch?: never;
1266
1521
  trace?: never;
1267
1522
  };
1523
+ "/auth/passkey/challenge": {
1524
+ parameters: {
1525
+ query?: never;
1526
+ header?: never;
1527
+ path?: never;
1528
+ cookie?: never;
1529
+ };
1530
+ get?: never;
1531
+ put?: never;
1532
+ /**
1533
+ * Issue a WebAuthn challenge
1534
+ * @description Returns a server challenge bound to the client session for the create()/get() ceremony.
1535
+ */
1536
+ post: operations["postAuthPasskeyChallenge"];
1537
+ delete?: never;
1538
+ options?: never;
1539
+ head?: never;
1540
+ patch?: never;
1541
+ trace?: never;
1542
+ };
1543
+ "/auth/passkey/register": {
1544
+ parameters: {
1545
+ query?: never;
1546
+ header?: never;
1547
+ path?: never;
1548
+ cookie?: never;
1549
+ };
1550
+ get?: never;
1551
+ put?: never;
1552
+ /**
1553
+ * Register a passkey and create a Smart Wallet
1554
+ * @description Verifies the WebAuthn registration, creates the user, deploys the smart-account C-address (sponsored), and sets the session ready.
1555
+ */
1556
+ post: operations["postAuthPasskeyRegister"];
1557
+ delete?: never;
1558
+ options?: never;
1559
+ head?: never;
1560
+ patch?: never;
1561
+ trace?: never;
1562
+ };
1563
+ "/auth/passkey/login": {
1564
+ parameters: {
1565
+ query?: never;
1566
+ header?: never;
1567
+ path?: never;
1568
+ cookie?: never;
1569
+ };
1570
+ get?: never;
1571
+ put?: never;
1572
+ /**
1573
+ * Authenticate a returning passkey user
1574
+ * @description Verifies the WebAuthn assertion against the stored credential, resolves the C-address, sets the session ready.
1575
+ */
1576
+ post: operations["postAuthPasskeyLogin"];
1577
+ delete?: never;
1578
+ options?: never;
1579
+ head?: never;
1580
+ patch?: never;
1581
+ trace?: never;
1582
+ };
1268
1583
  "/auth/login": {
1269
1584
  parameters: {
1270
1585
  query?: never;
@@ -1345,6 +1660,26 @@ interface paths {
1345
1660
  patch?: never;
1346
1661
  trace?: never;
1347
1662
  };
1663
+ "/auth/session/resume": {
1664
+ parameters: {
1665
+ query?: never;
1666
+ header?: never;
1667
+ path?: never;
1668
+ cookie?: never;
1669
+ };
1670
+ /**
1671
+ * Validate the current session and return the user profile
1672
+ * @description DPoP-bound resume/validate + touch. Confirms the refresh-token family is still active, returns the same profile shape as login `data` (mail, names, avatar, providers), and records the return (last_used_at + UA/IP-hash). Does NOT rotate the refresh token or create a new family. A revoked/expired family returns 401 so the client can converge to a logged-out state.
1673
+ */
1674
+ get: operations["getAuthSessionResume"];
1675
+ put?: never;
1676
+ post?: never;
1677
+ delete?: never;
1678
+ options?: never;
1679
+ head?: never;
1680
+ patch?: never;
1681
+ trace?: never;
1682
+ };
1348
1683
  "/auth/sessions/{familyId}": {
1349
1684
  parameters: {
1350
1685
  query?: never;
@@ -1590,8 +1925,8 @@ interface paths {
1590
1925
  cookie?: never;
1591
1926
  };
1592
1927
  /**
1593
- * Get wallet balances
1594
- * @description Returns XLM and configured asset balances for a Stellar account using Soroban RPC (no Horizon). The asset list is derived from the application's enabled assets. "available" reflects the spendable amount after minimum reserve (XLM) and selling liabilities.
1928
+ * Get my wallet balances
1929
+ * @description Returns XLM and the application's enabled-asset balances for the authenticated user's wallet using Soroban RPC (no Horizon). The wallet and network are derived from the session no parameters required. "available" reflects the spendable amount after minimum reserve (XLM) and selling liabilities.
1595
1930
  */
1596
1931
  get: operations["getWalletBalance"];
1597
1932
  put?: never;
@@ -1602,6 +1937,46 @@ interface paths {
1602
1937
  patch?: never;
1603
1938
  trace?: never;
1604
1939
  };
1940
+ "/wallet/assets": {
1941
+ parameters: {
1942
+ query?: never;
1943
+ header?: never;
1944
+ path?: never;
1945
+ cookie?: never;
1946
+ };
1947
+ /**
1948
+ * Get my enabled assets
1949
+ * @description Returns the application's dashboard-enabled assets paired with the authenticated wallet's on-chain trustline state (code, type, issuer, name, trustlineEstablished, limit). No balances. Native XLM is always included with trustlineEstablished=true. Lets the SDK know which trustlines the wallet still needs to add. The wallet and network are derived from the session — no parameters required.
1950
+ */
1951
+ get: operations["getWalletAssets"];
1952
+ put?: never;
1953
+ post?: never;
1954
+ delete?: never;
1955
+ options?: never;
1956
+ head?: never;
1957
+ patch?: never;
1958
+ trace?: never;
1959
+ };
1960
+ "/wallet/{publicKey}/balance": {
1961
+ parameters: {
1962
+ query?: never;
1963
+ header?: never;
1964
+ path?: never;
1965
+ cookie?: never;
1966
+ };
1967
+ /**
1968
+ * Get any wallet balances
1969
+ * @description Returns the real on-chain balances of any Stellar account on the requested network, enumerated via Horizon. Not scoped to the application — every established trustline (native included) is returned.
1970
+ */
1971
+ get: operations["getWalletByPublicKeyBalance"];
1972
+ put?: never;
1973
+ post?: never;
1974
+ delete?: never;
1975
+ options?: never;
1976
+ head?: never;
1977
+ patch?: never;
1978
+ trace?: never;
1979
+ };
1605
1980
  "/kyc/status": {
1606
1981
  parameters: {
1607
1982
  query?: never;
@@ -2478,7 +2853,7 @@ interface operations {
2478
2853
  };
2479
2854
  };
2480
2855
  };
2481
- postAuthLogin: {
2856
+ postAuthPasskeyChallenge: {
2482
2857
  parameters: {
2483
2858
  query?: never;
2484
2859
  header?: never;
@@ -2489,20 +2864,11 @@ interface operations {
2489
2864
  content: {
2490
2865
  "application/json": {
2491
2866
  clientSessionId: string;
2492
- dpopJwk?: {
2493
- /** @constant */
2494
- kty: "EC";
2495
- /** @constant */
2496
- crv: "P-256";
2497
- x: string;
2498
- y: string;
2499
- };
2500
- deviceLabel?: string;
2501
2867
  };
2502
2868
  };
2503
2869
  };
2504
2870
  responses: {
2505
- /** @description Authenticated */
2871
+ /** @description Challenge issued */
2506
2872
  200: {
2507
2873
  headers: {
2508
2874
  [name: string]: unknown;
@@ -2510,47 +2876,12 @@ interface operations {
2510
2876
  content: {
2511
2877
  "application/json": {
2512
2878
  /** @constant */
2513
- code: "SDK_LOGIN_SUCCESS";
2879
+ code: "SDK_PASSKEY_CHALLENGE_CREATED";
2514
2880
  /** @constant */
2515
2881
  success: true;
2516
2882
  content: {
2517
2883
  clientSessionId: string;
2518
- userId: string | null;
2519
- status: string;
2520
- token: {
2521
- accessToken: string;
2522
- refreshToken: string;
2523
- expiresAt: number;
2524
- };
2525
- user: {
2526
- id?: string;
2527
- ready: boolean;
2528
- };
2529
- wallet: {
2530
- publicKey: string | null;
2531
- existsOnStellar?: boolean;
2532
- createdAt?: number;
2533
- };
2534
- data: {
2535
- mail: string;
2536
- first_name: string;
2537
- last_name: string;
2538
- avatar: string;
2539
- providers: {
2540
- email: {
2541
- address: string;
2542
- } | null;
2543
- google: {
2544
- id: string;
2545
- } | null;
2546
- github: {
2547
- id: string;
2548
- } | null;
2549
- wallet: {
2550
- address: string;
2551
- } | null;
2552
- };
2553
- };
2884
+ challenge: string;
2554
2885
  };
2555
2886
  };
2556
2887
  };
@@ -2622,7 +2953,7 @@ interface operations {
2622
2953
  };
2623
2954
  };
2624
2955
  };
2625
- postAuthRefresh: {
2956
+ postAuthPasskeyRegister: {
2626
2957
  parameters: {
2627
2958
  query?: never;
2628
2959
  header?: never;
@@ -2632,12 +2963,15 @@ interface operations {
2632
2963
  requestBody: {
2633
2964
  content: {
2634
2965
  "application/json": {
2635
- refreshToken: string;
2966
+ clientSessionId: string;
2967
+ response: {
2968
+ [key: string]: unknown;
2969
+ };
2636
2970
  };
2637
2971
  };
2638
2972
  };
2639
2973
  responses: {
2640
- /** @description New token pair issued */
2974
+ /** @description Passkey registered, smart wallet created */
2641
2975
  200: {
2642
2976
  headers: {
2643
2977
  [name: string]: unknown;
@@ -2645,15 +2979,12 @@ interface operations {
2645
2979
  content: {
2646
2980
  "application/json": {
2647
2981
  /** @constant */
2648
- code: "SDK_TOKEN_REFRESHED";
2982
+ code: "SDK_PASSKEY_REGISTERED";
2649
2983
  /** @constant */
2650
2984
  success: true;
2651
2985
  content: {
2652
- token: {
2653
- accessToken: string;
2654
- refreshToken: string;
2655
- expiresAt: number;
2656
- };
2986
+ clientSessionId: string;
2987
+ contractAddress: string;
2657
2988
  };
2658
2989
  };
2659
2990
  };
@@ -2725,7 +3056,7 @@ interface operations {
2725
3056
  };
2726
3057
  };
2727
3058
  };
2728
- postAuthLogout: {
3059
+ postAuthPasskeyLogin: {
2729
3060
  parameters: {
2730
3061
  query?: never;
2731
3062
  header?: never;
@@ -2735,12 +3066,15 @@ interface operations {
2735
3066
  requestBody: {
2736
3067
  content: {
2737
3068
  "application/json": {
2738
- everywhere?: boolean;
3069
+ clientSessionId: string;
3070
+ response: {
3071
+ [key: string]: unknown;
3072
+ };
2739
3073
  };
2740
3074
  };
2741
3075
  };
2742
3076
  responses: {
2743
- /** @description Sessions revoked */
3077
+ /** @description Passkey authenticated */
2744
3078
  200: {
2745
3079
  headers: {
2746
3080
  [name: string]: unknown;
@@ -2748,17 +3082,18 @@ interface operations {
2748
3082
  content: {
2749
3083
  "application/json": {
2750
3084
  /** @constant */
2751
- code: "SDK_LOGOUT_SUCCESS";
3085
+ code: "SDK_PASSKEY_AUTHENTICATED";
2752
3086
  /** @constant */
2753
3087
  success: true;
2754
3088
  content: {
2755
- revoked: number;
3089
+ clientSessionId: string;
3090
+ contractAddress: string;
2756
3091
  };
2757
3092
  };
2758
3093
  };
2759
3094
  };
2760
- /** @description Unauthorized */
2761
- 401: {
3095
+ /** @description Validation error */
3096
+ 400: {
2762
3097
  headers: {
2763
3098
  [name: string]: unknown;
2764
3099
  };
@@ -2770,14 +3105,366 @@ interface operations {
2770
3105
  };
2771
3106
  };
2772
3107
  };
2773
- };
2774
- };
2775
- getAuthSessions: {
2776
- parameters: {
2777
- query?: never;
2778
- header?: never;
2779
- path?: never;
2780
- cookie?: never;
3108
+ /** @description Unauthorized */
3109
+ 401: {
3110
+ headers: {
3111
+ [name: string]: unknown;
3112
+ };
3113
+ content: {
3114
+ "application/json": {
3115
+ /** @constant */
3116
+ success: false;
3117
+ code: string;
3118
+ };
3119
+ };
3120
+ };
3121
+ /** @description Forbidden */
3122
+ 403: {
3123
+ headers: {
3124
+ [name: string]: unknown;
3125
+ };
3126
+ content: {
3127
+ "application/json": {
3128
+ /** @constant */
3129
+ success: false;
3130
+ code: string;
3131
+ };
3132
+ };
3133
+ };
3134
+ /** @description Not found */
3135
+ 404: {
3136
+ headers: {
3137
+ [name: string]: unknown;
3138
+ };
3139
+ content: {
3140
+ "application/json": {
3141
+ /** @constant */
3142
+ success: false;
3143
+ code: string;
3144
+ };
3145
+ };
3146
+ };
3147
+ /** @description Gone (expired) */
3148
+ 410: {
3149
+ headers: {
3150
+ [name: string]: unknown;
3151
+ };
3152
+ content: {
3153
+ "application/json": {
3154
+ /** @constant */
3155
+ success: false;
3156
+ code: string;
3157
+ };
3158
+ };
3159
+ };
3160
+ };
3161
+ };
3162
+ postAuthLogin: {
3163
+ parameters: {
3164
+ query?: never;
3165
+ header?: never;
3166
+ path?: never;
3167
+ cookie?: never;
3168
+ };
3169
+ requestBody: {
3170
+ content: {
3171
+ "application/json": {
3172
+ clientSessionId: string;
3173
+ dpopJwk?: {
3174
+ /** @constant */
3175
+ kty: "EC";
3176
+ /** @constant */
3177
+ crv: "P-256";
3178
+ x: string;
3179
+ y: string;
3180
+ };
3181
+ deviceLabel?: string;
3182
+ };
3183
+ };
3184
+ };
3185
+ responses: {
3186
+ /** @description Authenticated */
3187
+ 200: {
3188
+ headers: {
3189
+ [name: string]: unknown;
3190
+ };
3191
+ content: {
3192
+ "application/json": {
3193
+ /** @constant */
3194
+ code: "SDK_LOGIN_SUCCESS";
3195
+ /** @constant */
3196
+ success: true;
3197
+ content: {
3198
+ clientSessionId: string;
3199
+ userId: string | null;
3200
+ status: string;
3201
+ token: {
3202
+ accessToken: string;
3203
+ refreshToken: string;
3204
+ expiresAt: number;
3205
+ };
3206
+ user: {
3207
+ id?: string;
3208
+ ready: boolean;
3209
+ };
3210
+ wallet: {
3211
+ /** @enum {string} */
3212
+ type: "custodial" | "smart" | "external";
3213
+ publicKey: string | null;
3214
+ address: string | null;
3215
+ existsOnStellar?: boolean;
3216
+ createdAt?: number;
3217
+ linkedAt?: number;
3218
+ network?: string;
3219
+ deployTxHash?: string | null;
3220
+ };
3221
+ data: {
3222
+ mail: string;
3223
+ first_name: string;
3224
+ last_name: string;
3225
+ avatar: string;
3226
+ providers: {
3227
+ email: {
3228
+ address: string;
3229
+ } | null;
3230
+ google: {
3231
+ id: string;
3232
+ } | null;
3233
+ github: {
3234
+ id: string;
3235
+ } | null;
3236
+ wallet: {
3237
+ address: string;
3238
+ } | null;
3239
+ };
3240
+ };
3241
+ };
3242
+ };
3243
+ };
3244
+ };
3245
+ /** @description Validation error */
3246
+ 400: {
3247
+ headers: {
3248
+ [name: string]: unknown;
3249
+ };
3250
+ content: {
3251
+ "application/json": {
3252
+ /** @constant */
3253
+ success: false;
3254
+ code: string;
3255
+ };
3256
+ };
3257
+ };
3258
+ /** @description Unauthorized */
3259
+ 401: {
3260
+ headers: {
3261
+ [name: string]: unknown;
3262
+ };
3263
+ content: {
3264
+ "application/json": {
3265
+ /** @constant */
3266
+ success: false;
3267
+ code: string;
3268
+ };
3269
+ };
3270
+ };
3271
+ /** @description Forbidden */
3272
+ 403: {
3273
+ headers: {
3274
+ [name: string]: unknown;
3275
+ };
3276
+ content: {
3277
+ "application/json": {
3278
+ /** @constant */
3279
+ success: false;
3280
+ code: string;
3281
+ };
3282
+ };
3283
+ };
3284
+ /** @description Not found */
3285
+ 404: {
3286
+ headers: {
3287
+ [name: string]: unknown;
3288
+ };
3289
+ content: {
3290
+ "application/json": {
3291
+ /** @constant */
3292
+ success: false;
3293
+ code: string;
3294
+ };
3295
+ };
3296
+ };
3297
+ /** @description Gone (expired) */
3298
+ 410: {
3299
+ headers: {
3300
+ [name: string]: unknown;
3301
+ };
3302
+ content: {
3303
+ "application/json": {
3304
+ /** @constant */
3305
+ success: false;
3306
+ code: string;
3307
+ };
3308
+ };
3309
+ };
3310
+ };
3311
+ };
3312
+ postAuthRefresh: {
3313
+ parameters: {
3314
+ query?: never;
3315
+ header?: never;
3316
+ path?: never;
3317
+ cookie?: never;
3318
+ };
3319
+ requestBody: {
3320
+ content: {
3321
+ "application/json": {
3322
+ refreshToken: string;
3323
+ };
3324
+ };
3325
+ };
3326
+ responses: {
3327
+ /** @description New token pair issued */
3328
+ 200: {
3329
+ headers: {
3330
+ [name: string]: unknown;
3331
+ };
3332
+ content: {
3333
+ "application/json": {
3334
+ /** @constant */
3335
+ code: "SDK_TOKEN_REFRESHED";
3336
+ /** @constant */
3337
+ success: true;
3338
+ content: {
3339
+ token: {
3340
+ accessToken: string;
3341
+ refreshToken: string;
3342
+ expiresAt: number;
3343
+ };
3344
+ };
3345
+ };
3346
+ };
3347
+ };
3348
+ /** @description Validation error */
3349
+ 400: {
3350
+ headers: {
3351
+ [name: string]: unknown;
3352
+ };
3353
+ content: {
3354
+ "application/json": {
3355
+ /** @constant */
3356
+ success: false;
3357
+ code: string;
3358
+ };
3359
+ };
3360
+ };
3361
+ /** @description Unauthorized */
3362
+ 401: {
3363
+ headers: {
3364
+ [name: string]: unknown;
3365
+ };
3366
+ content: {
3367
+ "application/json": {
3368
+ /** @constant */
3369
+ success: false;
3370
+ code: string;
3371
+ };
3372
+ };
3373
+ };
3374
+ /** @description Forbidden */
3375
+ 403: {
3376
+ headers: {
3377
+ [name: string]: unknown;
3378
+ };
3379
+ content: {
3380
+ "application/json": {
3381
+ /** @constant */
3382
+ success: false;
3383
+ code: string;
3384
+ };
3385
+ };
3386
+ };
3387
+ /** @description Not found */
3388
+ 404: {
3389
+ headers: {
3390
+ [name: string]: unknown;
3391
+ };
3392
+ content: {
3393
+ "application/json": {
3394
+ /** @constant */
3395
+ success: false;
3396
+ code: string;
3397
+ };
3398
+ };
3399
+ };
3400
+ /** @description Gone (expired) */
3401
+ 410: {
3402
+ headers: {
3403
+ [name: string]: unknown;
3404
+ };
3405
+ content: {
3406
+ "application/json": {
3407
+ /** @constant */
3408
+ success: false;
3409
+ code: string;
3410
+ };
3411
+ };
3412
+ };
3413
+ };
3414
+ };
3415
+ postAuthLogout: {
3416
+ parameters: {
3417
+ query?: never;
3418
+ header?: never;
3419
+ path?: never;
3420
+ cookie?: never;
3421
+ };
3422
+ requestBody: {
3423
+ content: {
3424
+ "application/json": {
3425
+ everywhere?: boolean;
3426
+ };
3427
+ };
3428
+ };
3429
+ responses: {
3430
+ /** @description Sessions revoked */
3431
+ 200: {
3432
+ headers: {
3433
+ [name: string]: unknown;
3434
+ };
3435
+ content: {
3436
+ "application/json": {
3437
+ /** @constant */
3438
+ code: "SDK_LOGOUT_SUCCESS";
3439
+ /** @constant */
3440
+ success: true;
3441
+ content: {
3442
+ revoked: number;
3443
+ };
3444
+ };
3445
+ };
3446
+ };
3447
+ /** @description Unauthorized */
3448
+ 401: {
3449
+ headers: {
3450
+ [name: string]: unknown;
3451
+ };
3452
+ content: {
3453
+ "application/json": {
3454
+ /** @constant */
3455
+ success: false;
3456
+ code: string;
3457
+ };
3458
+ };
3459
+ };
3460
+ };
3461
+ };
3462
+ getAuthSessions: {
3463
+ parameters: {
3464
+ query?: never;
3465
+ header?: never;
3466
+ path?: never;
3467
+ cookie?: never;
2781
3468
  };
2782
3469
  requestBody?: never;
2783
3470
  responses: {
@@ -2822,6 +3509,64 @@ interface operations {
2822
3509
  };
2823
3510
  };
2824
3511
  };
3512
+ getAuthSessionResume: {
3513
+ parameters: {
3514
+ query?: never;
3515
+ header?: never;
3516
+ path?: never;
3517
+ cookie?: never;
3518
+ };
3519
+ requestBody?: never;
3520
+ responses: {
3521
+ /** @description Session valid; profile returned */
3522
+ 200: {
3523
+ headers: {
3524
+ [name: string]: unknown;
3525
+ };
3526
+ content: {
3527
+ "application/json": {
3528
+ /** @constant */
3529
+ code: "SDK_SESSION_RESUMED";
3530
+ /** @constant */
3531
+ success: true;
3532
+ content: {
3533
+ mail: string;
3534
+ first_name: string;
3535
+ last_name: string;
3536
+ avatar: string;
3537
+ providers: {
3538
+ email: {
3539
+ address: string;
3540
+ } | null;
3541
+ google: {
3542
+ id: string;
3543
+ } | null;
3544
+ github: {
3545
+ id: string;
3546
+ } | null;
3547
+ wallet: {
3548
+ address: string;
3549
+ } | null;
3550
+ };
3551
+ };
3552
+ };
3553
+ };
3554
+ };
3555
+ /** @description Unauthorized */
3556
+ 401: {
3557
+ headers: {
3558
+ [name: string]: unknown;
3559
+ };
3560
+ content: {
3561
+ "application/json": {
3562
+ /** @constant */
3563
+ success: false;
3564
+ code: string;
3565
+ };
3566
+ };
3567
+ };
3568
+ };
3569
+ };
2825
3570
  deleteAuthSessionsByFamilyId: {
2826
3571
  parameters: {
2827
3572
  query?: never;
@@ -3008,7 +3753,8 @@ interface operations {
3008
3753
  "application/json": {
3009
3754
  /** @enum {string} */
3010
3755
  network: "testnet" | "mainnet";
3011
- publicKey: string;
3756
+ publicKey?: string;
3757
+ address?: string;
3012
3758
  options?: {
3013
3759
  timeoutSec?: number;
3014
3760
  memo?: {
@@ -3219,7 +3965,7 @@ interface operations {
3219
3965
  /** @constant */
3220
3966
  success: true;
3221
3967
  content: {
3222
- unsignedXdr: string;
3968
+ unsignedXdr?: string;
3223
3969
  networkPassphrase: string;
3224
3970
  estimatedFee: string;
3225
3971
  summary: {
@@ -3228,6 +3974,12 @@ interface operations {
3228
3974
  network: string;
3229
3975
  fee: string;
3230
3976
  };
3977
+ smart?: {
3978
+ digest: string;
3979
+ entryXdr: string;
3980
+ funcXdr: string;
3981
+ credentialId: string;
3982
+ };
3231
3983
  };
3232
3984
  };
3233
3985
  };
@@ -3285,7 +4037,8 @@ interface operations {
3285
4037
  "application/json": {
3286
4038
  /** @enum {string} */
3287
4039
  network: "testnet" | "mainnet";
3288
- publicKey: string;
4040
+ publicKey?: string;
4041
+ address?: string;
3289
4042
  unsignedXdr: string;
3290
4043
  };
3291
4044
  };
@@ -3378,7 +4131,8 @@ interface operations {
3378
4131
  "application/json": {
3379
4132
  /** @enum {string} */
3380
4133
  network: "testnet" | "mainnet";
3381
- publicKey: string;
4134
+ publicKey?: string;
4135
+ address?: string;
3382
4136
  unsignedXdr: string;
3383
4137
  idempotencyKey?: string;
3384
4138
  };
@@ -3469,8 +4223,18 @@ interface operations {
3469
4223
  "application/json": {
3470
4224
  /** @enum {string} */
3471
4225
  network: "testnet" | "mainnet";
3472
- publicKey: string;
3473
- signedXdr: string;
4226
+ publicKey?: string;
4227
+ address?: string;
4228
+ signedXdr?: string;
4229
+ smart?: {
4230
+ entryXdr: string;
4231
+ funcXdr: string;
4232
+ assertion: {
4233
+ authenticatorData: string;
4234
+ clientDataJSON: string;
4235
+ signature: string;
4236
+ };
4237
+ };
3474
4238
  idempotencyKey?: string;
3475
4239
  };
3476
4240
  };
@@ -3550,7 +4314,8 @@ interface operations {
3550
4314
  "application/json": {
3551
4315
  /** @enum {string} */
3552
4316
  network: "testnet" | "mainnet";
3553
- publicKey: string;
4317
+ publicKey?: string;
4318
+ address?: string;
3554
4319
  options?: {
3555
4320
  timeoutSec?: number;
3556
4321
  memo?: {
@@ -4149,13 +4914,148 @@ interface operations {
4149
4914
  };
4150
4915
  };
4151
4916
  getWalletBalance: {
4917
+ parameters: {
4918
+ query?: never;
4919
+ header?: never;
4920
+ path?: never;
4921
+ cookie?: never;
4922
+ };
4923
+ requestBody?: never;
4924
+ responses: {
4925
+ /** @description Account balances */
4926
+ 200: {
4927
+ headers: {
4928
+ [name: string]: unknown;
4929
+ };
4930
+ content: {
4931
+ "application/json": {
4932
+ /** @constant */
4933
+ code: "SDK_WALLET_BALANCE";
4934
+ /** @constant */
4935
+ success: true;
4936
+ content: {
4937
+ publicKey: string;
4938
+ /** @enum {string} */
4939
+ network: "testnet" | "mainnet";
4940
+ exists: boolean;
4941
+ balances: {
4942
+ /** @enum {string} */
4943
+ type: "native" | "credit_alphanum4" | "credit_alphanum12";
4944
+ code: string;
4945
+ issuer?: string;
4946
+ balance: string;
4947
+ available: string;
4948
+ limit?: string;
4949
+ enabledInApp: boolean;
4950
+ trustlineRemoved: boolean;
4951
+ }[];
4952
+ };
4953
+ };
4954
+ };
4955
+ };
4956
+ /** @description Validation error */
4957
+ 400: {
4958
+ headers: {
4959
+ [name: string]: unknown;
4960
+ };
4961
+ content: {
4962
+ "application/json": {
4963
+ /** @constant */
4964
+ success: false;
4965
+ code: string;
4966
+ };
4967
+ };
4968
+ };
4969
+ /** @description Unauthorized */
4970
+ 401: {
4971
+ headers: {
4972
+ [name: string]: unknown;
4973
+ };
4974
+ content: {
4975
+ "application/json": {
4976
+ /** @constant */
4977
+ success: false;
4978
+ code: string;
4979
+ };
4980
+ };
4981
+ };
4982
+ };
4983
+ };
4984
+ getWalletAssets: {
4985
+ parameters: {
4986
+ query?: never;
4987
+ header?: never;
4988
+ path?: never;
4989
+ cookie?: never;
4990
+ };
4991
+ requestBody?: never;
4992
+ responses: {
4993
+ /** @description Enabled assets with trustline state */
4994
+ 200: {
4995
+ headers: {
4996
+ [name: string]: unknown;
4997
+ };
4998
+ content: {
4999
+ "application/json": {
5000
+ /** @constant */
5001
+ code: "SDK_WALLET_ASSETS";
5002
+ /** @constant */
5003
+ success: true;
5004
+ content: {
5005
+ publicKey: string;
5006
+ /** @enum {string} */
5007
+ network: "testnet" | "mainnet";
5008
+ exists: boolean;
5009
+ assets: {
5010
+ /** @enum {string} */
5011
+ type: "native" | "credit_alphanum4" | "credit_alphanum12";
5012
+ code: string;
5013
+ issuer?: string;
5014
+ name?: string;
5015
+ trustlineEstablished: boolean;
5016
+ limit?: string;
5017
+ }[];
5018
+ };
5019
+ };
5020
+ };
5021
+ };
5022
+ /** @description Validation error */
5023
+ 400: {
5024
+ headers: {
5025
+ [name: string]: unknown;
5026
+ };
5027
+ content: {
5028
+ "application/json": {
5029
+ /** @constant */
5030
+ success: false;
5031
+ code: string;
5032
+ };
5033
+ };
5034
+ };
5035
+ /** @description Unauthorized */
5036
+ 401: {
5037
+ headers: {
5038
+ [name: string]: unknown;
5039
+ };
5040
+ content: {
5041
+ "application/json": {
5042
+ /** @constant */
5043
+ success: false;
5044
+ code: string;
5045
+ };
5046
+ };
5047
+ };
5048
+ };
5049
+ };
5050
+ getWalletByPublicKeyBalance: {
4152
5051
  parameters: {
4153
5052
  query: {
4154
5053
  network: "testnet" | "mainnet";
4155
- publicKey: string;
4156
5054
  };
4157
5055
  header?: never;
4158
- path?: never;
5056
+ path: {
5057
+ publicKey: string;
5058
+ };
4159
5059
  cookie?: never;
4160
5060
  };
4161
5061
  requestBody?: never;
@@ -4904,7 +5804,7 @@ interface operations {
4904
5804
  type PollarApiClient = ReturnType<typeof createApiClient>;
4905
5805
  declare function createApiClient(baseUrl: string): openapi_fetch.Client<paths, `${string}/${string}`>;
4906
5806
 
4907
- declare function isValidSession(value: unknown): value is PollarPersistedSession;
5807
+ declare function isValidSession(value: unknown, logger?: PollarLogger): value is PollarPersistedSession;
4908
5808
 
4909
5809
  /**
4910
5810
  * GET /kyc/status
@@ -4997,4 +5897,4 @@ declare function listDistributionRules(api: PollarApiClient): Promise<Distributi
4997
5897
  */
4998
5898
  declare function claimDistributionRule(api: PollarApiClient, body: DistributionClaimBody): Promise<DistributionClaimContent>;
4999
5899
 
5000
- export { AUTH_ERROR_CODES, type AdapterFn, AlbedoAdapter, type AuthErrorCode, type AuthOpenContext, type AuthState, type AuthUrlOpener, type BuildOutcome, type BuildProofArgs, type ConnectWalletResponse, type DistributionClaimBody, type DistributionClaimContent, type DistributionRule, type DistributionRulesState, FreighterAdapter, type KeyManager, type KycFlow, type KycLevel, type KycProvider, type KycStartBody, type KycStartResponse, type KycStatus, type LocalStorageAdapterOptions, type NetworkState, OnStorageDegrade, type PaymentInstructions, type PollarAdapter, type PollarAdapters, type PollarApiClient, type PollarApplicationConfigContent, type PollarApplicationConfigResponse, PollarClient, type PollarClientConfig, PollarFlowError, type PollarLoginOptions, type PollarPersistedSession, type PollarUserProfile, type PublicEcJwk, type RampDirection, type RampQuote, type RampTxStatus, type RampsOfframpBody, type RampsOfframpResponse, type RampsOnrampBody, type RampsOnrampResponse, type RampsQuoteQuery, type RampsQuoteResponse, type RampsTransactionResponse, type RulePeriod, type SessionInfo, type SignAuthEntryOptions, type SignAuthEntryResponse, type SignOutcome, type SignTransactionOptions, type SignTransactionResponse, type StellarBalance, StellarClient, type StellarClientConfig, type StellarNetwork, Storage, type SubmitOutcome, type TransactionState, type TxBuildBody, type TxBuildContent, type TxBuildResponse, type TxBuildSignSubmitBody, type TxBuildSignSubmitContent, type TxBuildSignSubmitResponse, type TxErrorPhase, type TxHistoryContent, type TxHistoryParams, type TxHistoryRecord, type TxHistoryState, type TxSignAndSendBody, type TxSignBody, type TxSignContent, type TxSignResponse, type TxSignSendResponse, type TxSubmitSignedBody, type WalletAdapter, type WalletAdapterResolver, type WalletBalanceContent, type WalletBalanceRecord, type WalletBalanceState, type WalletId, WalletType, WebCryptoKeyManager, buildProof, canonicalEcJwk, claimDistributionRule, computeJwkThumbprint, createLocalStorageAdapter, createMemoryAdapter, createOffRamp, createOnRamp, defaultKeyManager, defaultStorage, getKycProviders, getKycStatus, getRampTransaction, getRampsQuote, isValidSession, listDistributionRules, normalizeHtu, pollKycStatus, pollRampTransaction, type paths as pollarPaths, resolveKyc, startKyc };
5900
+ export { AUTH_ERROR_CODES, type AdapterFn, AlbedoAdapter, type AuthErrorCode, type AuthOpenContext, type AuthState, type AuthUrlOpener, type BuildOutcome, type BuildProofArgs, type ConnectWalletResponse, type DistributionClaimBody, type DistributionClaimContent, type DistributionRule, type DistributionRulesState, type EnabledAssetRecord, type EnabledAssetsState, FreighterAdapter, type KeyManager, type KycFlow, type KycLevel, type KycProvider, type KycStartBody, type KycStartResponse, type KycStatus, type LocalStorageAdapterOptions, type LogLevel, type NetworkState, OnStorageDegrade, POLLAR_CORE_VERSION, type PasskeyCeremony, type PasskeySigner, type PaymentInstructions, type PollarAdapter, type PollarAdapters, type PollarApiClient, type PollarApplicationConfigContent, type PollarApplicationConfigResponse, PollarClient, type PollarClientConfig, PollarFlowError, type PollarLogger, type PollarLoginOptions, type PollarPersistedSession, type PollarUserProfile, type PublicEcJwk, type RampDirection, type RampQuote, type RampTxStatus, type RampsOfframpBody, type RampsOfframpResponse, type RampsOnrampBody, type RampsOnrampResponse, type RampsQuoteQuery, type RampsQuoteResponse, type RampsTransactionResponse, type RulePeriod, type SessionInfo, type SessionsState, type SignAuthEntryOptions, type SignAuthEntryResponse, type SignOutcome, type SignTransactionOptions, type SignTransactionResponse, type StellarBalance, StellarClient, type StellarClientConfig, type StellarNetwork, Storage, type SubmitOutcome, type TransactionState, type TxBuildBody, type TxBuildContent, type TxBuildResponse, type TxBuildSignSubmitBody, type TxBuildSignSubmitContent, type TxBuildSignSubmitResponse, type TxErrorPhase, type TxHistoryContent, type TxHistoryParams, type TxHistoryRecord, type TxHistoryState, type TxSignAndSendBody, type TxSignBody, type TxSignContent, type TxSignResponse, type TxSignSendResponse, type TxSubmitSignedBody, type WalletAdapter, type WalletAdapterResolver, type WalletAssetsContent, type WalletBalanceContent, type WalletBalanceRecord, type WalletBalanceState, type WalletId, WalletType, WebCryptoKeyManager, buildProof, canonicalEcJwk, claimDistributionRule, computeJwkThumbprint, createLocalStorageAdapter, createLogger, createMemoryAdapter, createOffRamp, createOnRamp, defaultKeyManager, defaultStorage, getKycProviders, getKycStatus, getRampTransaction, getRampsQuote, isValidSession, listDistributionRules, normalizeHtu, pollKycStatus, pollRampTransaction, type paths as pollarPaths, resolveKyc, startKyc };