@pooflabs/server 0.0.2 → 0.0.4

package/dist/index.mjs

@@ -1,6 +1,7 @@
 import axios from 'axios';
 import { PublicKey, ComputeBudgetProgram, SystemProgram, TransactionInstruction, VersionedTransaction, TransactionMessage, Keypair, Connection, Transaction } from '@solana/web3.js';
-import require$$0 from 'crypto';
+import require$$0 from 'buffer';
+import require$$0$1 from 'crypto';
 import * as anchor from '@coral-xyz/anchor';
 import { Program } from '@coral-xyz/anchor';
 
@@ -17,6 +18,15 @@ async function getAxiosAuthClient() {
     }
     return axiosClient;
 }
+async function genAuthNonce() {
+    const client = await getAxiosAuthClient();
+    const config = await getConfig();
+    const appId = config.appId;
+    const response = await client.post('/auth/nonce', {
+        appId
+    });
+    return response.data.nonce;
+}
 async function createSessionWithSignature(address, message, signature) {
     const client = await getAxiosAuthClient();
     const config = await getConfig();
@@ -88,7 +98,6 @@ class WebSessionManager {
         /* ---------- validate app-id ---------- */
         const config = await getConfig();
         if (sessionObj.appId && sessionObj.appId !== config.appId) {
-            console.warn("Session appId mismatch. Stored session belongs to a different app. Logging out.");
             this.clearSession();
             return null;
         }
@@ -113,7 +122,6 @@ class WebSessionManager {
             }
         }
         catch (err) {
-            console.error("Error decoding access token:", err);
             return null;
         }
         return { address: sessionObj.address, session: sessionObj };
@@ -164,7 +172,6 @@ class WebSessionManager {
         /* ---------- app-id guard ---------- */
         const config = await getConfig();
         if (sessionObj.appId && sessionObj.appId !== config.appId) {
-            console.warn("Session appId mismatch during token refresh. Logging out.");
             this.clearSession();
             return;
         }
@@ -176,137 +183,235 @@ class WebSessionManager {
 }
 WebSessionManager.TAROBASE_SESSION_STORAGE_KEY = "tarobase_session_storage";
 
-// base-x encoding / decoding
-// Copyright (c) 2018 base-x contributors
-// Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
-// Distributed under the MIT software license, see the accompanying
-// file LICENSE or http://www.opensource.org/licenses/mit-license.php.
-function base (ALPHABET) {
-  if (ALPHABET.length >= 255) { throw new TypeError('Alphabet too long') }
-  const BASE_MAP = new Uint8Array(256);
-  for (let j = 0; j < BASE_MAP.length; j++) {
-    BASE_MAP[j] = 255;
-  }
-  for (let i = 0; i < ALPHABET.length; i++) {
-    const x = ALPHABET.charAt(i);
-    const xc = x.charCodeAt(0);
-    if (BASE_MAP[xc] !== 255) { throw new TypeError(x + ' is ambiguous') }
-    BASE_MAP[xc] = i;
-  }
-  const BASE = ALPHABET.length;
-  const LEADER = ALPHABET.charAt(0);
-  const FACTOR = Math.log(BASE) / Math.log(256); // log(BASE) / log(256), rounded up
-  const iFACTOR = Math.log(256) / Math.log(BASE); // log(256) / log(BASE), rounded up
-  function encode (source) {
-    // eslint-disable-next-line no-empty
-    if (source instanceof Uint8Array) ; else if (ArrayBuffer.isView(source)) {
-      source = new Uint8Array(source.buffer, source.byteOffset, source.byteLength);
-    } else if (Array.isArray(source)) {
-      source = Uint8Array.from(source);
-    }
-    if (!(source instanceof Uint8Array)) { throw new TypeError('Expected Uint8Array') }
-    if (source.length === 0) { return '' }
-    // Skip & count leading zeroes.
-    let zeroes = 0;
-    let length = 0;
-    let pbegin = 0;
-    const pend = source.length;
-    while (pbegin !== pend && source[pbegin] === 0) {
-      pbegin++;
-      zeroes++;
-    }
-    // Allocate enough space in big-endian base58 representation.
-    const size = ((pend - pbegin) * iFACTOR + 1) >>> 0;
-    const b58 = new Uint8Array(size);
-    // Process the bytes.
-    while (pbegin !== pend) {
-      let carry = source[pbegin];
-      // Apply "b58 = b58 * 256 + ch".
-      let i = 0;
-      for (let it1 = size - 1; (carry !== 0 || i < length) && (it1 !== -1); it1--, i++) {
-        carry += (256 * b58[it1]) >>> 0;
-        b58[it1] = (carry % BASE) >>> 0;
-        carry = (carry / BASE) >>> 0;
-      }
-      if (carry !== 0) { throw new Error('Non-zero carry') }
-      length = i;
-      pbegin++;
-    }
-    // Skip leading zeroes in base58 result.
-    let it2 = size - length;
-    while (it2 !== size && b58[it2] === 0) {
-      it2++;
-    }
-    // Translate the result into a string.
-    let str = LEADER.repeat(zeroes);
-    for (; it2 < size; ++it2) { str += ALPHABET.charAt(b58[it2]); }
-    return str
-  }
-  function decodeUnsafe (source) {
-    if (typeof source !== 'string') { throw new TypeError('Expected String') }
-    if (source.length === 0) { return new Uint8Array() }
-    let psz = 0;
-    // Skip and count leading '1's.
-    let zeroes = 0;
-    let length = 0;
-    while (source[psz] === LEADER) {
-      zeroes++;
-      psz++;
-    }
-    // Allocate enough space in big-endian base256 representation.
-    const size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
-    const b256 = new Uint8Array(size);
-    // Process the characters.
-    while (psz < source.length) {
-      // Find code of next character
-      const charCode = source.charCodeAt(psz);
-      // Base map can not be indexed using char code
-      if (charCode > 255) { return }
-      // Decode character
-      let carry = BASE_MAP[charCode];
-      // Invalid character
-      if (carry === 255) { return }
-      let i = 0;
-      for (let it3 = size - 1; (carry !== 0 || i < length) && (it3 !== -1); it3--, i++) {
-        carry += (BASE * b256[it3]) >>> 0;
-        b256[it3] = (carry % 256) >>> 0;
-        carry = (carry / 256) >>> 0;
-      }
-      if (carry !== 0) { throw new Error('Non-zero carry') }
-      length = i;
-      psz++;
-    }
-    // Skip leading zeroes in b256.
-    let it4 = size - length;
-    while (it4 !== size && b256[it4] === 0) {
-      it4++;
-    }
-    const vch = new Uint8Array(zeroes + (size - it4));
-    let j = zeroes;
-    while (it4 !== size) {
-      vch[j++] = b256[it4++];
-    }
-    return vch
-  }
-  function decode (string) {
-    const buffer = decodeUnsafe(string);
-    if (buffer) { return buffer }
-    throw new Error('Non-base' + BASE + ' character')
-  }
-  return {
-    encode,
-    decodeUnsafe,
-    decode
-  }
+function getDefaultExportFromCjs$1 (x) {
+	return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
 }
 
-var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
-var bs58$2 = base(ALPHABET);
+var safeBuffer = {exports: {}};
 
-function getDefaultExportFromCjs$1 (x) {
-	return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
+/*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
+
+var hasRequiredSafeBuffer;
+
+function requireSafeBuffer () {
+	if (hasRequiredSafeBuffer) return safeBuffer.exports;
+	hasRequiredSafeBuffer = 1;
+	(function (module, exports$1) {
+		/* eslint-disable node/no-deprecated-api */
+		var buffer = require$$0;
+		var Buffer = buffer.Buffer;
+
+		// alternative to using Object.keys for old browsers
+		function copyProps (src, dst) {
+		  for (var key in src) {
+		    dst[key] = src[key];
+		  }
+		}
+		if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) {
+		  module.exports = buffer;
+		} else {
+		  // Copy properties from require('buffer')
+		  copyProps(buffer, exports$1);
+		  exports$1.Buffer = SafeBuffer;
+		}
+
+		function SafeBuffer (arg, encodingOrOffset, length) {
+		  return Buffer(arg, encodingOrOffset, length)
+		}
+
+		SafeBuffer.prototype = Object.create(Buffer.prototype);
+
+		// Copy static methods from Buffer
+		copyProps(Buffer, SafeBuffer);
+
+		SafeBuffer.from = function (arg, encodingOrOffset, length) {
+		  if (typeof arg === 'number') {
+		    throw new TypeError('Argument must not be a number')
+		  }
+		  return Buffer(arg, encodingOrOffset, length)
+		};
+
+		SafeBuffer.alloc = function (size, fill, encoding) {
+		  if (typeof size !== 'number') {
+		    throw new TypeError('Argument must be a number')
+		  }
+		  var buf = Buffer(size);
+		  if (fill !== undefined) {
+		    if (typeof encoding === 'string') {
+		      buf.fill(fill, encoding);
+		    } else {
+		      buf.fill(fill);
+		    }
+		  } else {
+		    buf.fill(0);
+		  }
+		  return buf
+		};
+
+		SafeBuffer.allocUnsafe = function (size) {
+		  if (typeof size !== 'number') {
+		    throw new TypeError('Argument must be a number')
+		  }
+		  return Buffer(size)
+		};
+
+		SafeBuffer.allocUnsafeSlow = function (size) {
+		  if (typeof size !== 'number') {
+		    throw new TypeError('Argument must be a number')
+		  }
+		  return buffer.SlowBuffer(size)
+		}; 
+	} (safeBuffer, safeBuffer.exports));
+	return safeBuffer.exports;
 }
 
+var src$1;
+var hasRequiredSrc$1;
+
+function requireSrc$1 () {
+	if (hasRequiredSrc$1) return src$1;
+	hasRequiredSrc$1 = 1;
+	// base-x encoding / decoding
+	// Copyright (c) 2018 base-x contributors
+	// Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
+	// Distributed under the MIT software license, see the accompanying
+	// file LICENSE or http://www.opensource.org/licenses/mit-license.php.
+	// @ts-ignore
+	var _Buffer = requireSafeBuffer().Buffer;
+	function base (ALPHABET) {
+	  if (ALPHABET.length >= 255) { throw new TypeError('Alphabet too long') }
+	  var BASE_MAP = new Uint8Array(256);
+	  for (var j = 0; j < BASE_MAP.length; j++) {
+	    BASE_MAP[j] = 255;
+	  }
+	  for (var i = 0; i < ALPHABET.length; i++) {
+	    var x = ALPHABET.charAt(i);
+	    var xc = x.charCodeAt(0);
+	    if (BASE_MAP[xc] !== 255) { throw new TypeError(x + ' is ambiguous') }
+	    BASE_MAP[xc] = i;
+	  }
+	  var BASE = ALPHABET.length;
+	  var LEADER = ALPHABET.charAt(0);
+	  var FACTOR = Math.log(BASE) / Math.log(256); // log(BASE) / log(256), rounded up
+	  var iFACTOR = Math.log(256) / Math.log(BASE); // log(256) / log(BASE), rounded up
+	  function encode (source) {
+	    if (Array.isArray(source) || source instanceof Uint8Array) { source = _Buffer.from(source); }
+	    if (!_Buffer.isBuffer(source)) { throw new TypeError('Expected Buffer') }
+	    if (source.length === 0) { return '' }
+	        // Skip & count leading zeroes.
+	    var zeroes = 0;
+	    var length = 0;
+	    var pbegin = 0;
+	    var pend = source.length;
+	    while (pbegin !== pend && source[pbegin] === 0) {
+	      pbegin++;
+	      zeroes++;
+	    }
+	        // Allocate enough space in big-endian base58 representation.
+	    var size = ((pend - pbegin) * iFACTOR + 1) >>> 0;
+	    var b58 = new Uint8Array(size);
+	        // Process the bytes.
+	    while (pbegin !== pend) {
+	      var carry = source[pbegin];
+	            // Apply "b58 = b58 * 256 + ch".
+	      var i = 0;
+	      for (var it1 = size - 1; (carry !== 0 || i < length) && (it1 !== -1); it1--, i++) {
+	        carry += (256 * b58[it1]) >>> 0;
+	        b58[it1] = (carry % BASE) >>> 0;
+	        carry = (carry / BASE) >>> 0;
+	      }
+	      if (carry !== 0) { throw new Error('Non-zero carry') }
+	      length = i;
+	      pbegin++;
+	    }
+	        // Skip leading zeroes in base58 result.
+	    var it2 = size - length;
+	    while (it2 !== size && b58[it2] === 0) {
+	      it2++;
+	    }
+	        // Translate the result into a string.
+	    var str = LEADER.repeat(zeroes);
+	    for (; it2 < size; ++it2) { str += ALPHABET.charAt(b58[it2]); }
+	    return str
+	  }
+	  function decodeUnsafe (source) {
+	    if (typeof source !== 'string') { throw new TypeError('Expected String') }
+	    if (source.length === 0) { return _Buffer.alloc(0) }
+	    var psz = 0;
+	        // Skip and count leading '1's.
+	    var zeroes = 0;
+	    var length = 0;
+	    while (source[psz] === LEADER) {
+	      zeroes++;
+	      psz++;
+	    }
+	        // Allocate enough space in big-endian base256 representation.
+	    var size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
+	    var b256 = new Uint8Array(size);
+	        // Process the characters.
+	    while (psz < source.length) {
+	            // Find code of next character
+	      var charCode = source.charCodeAt(psz);
+	            // Base map can not be indexed using char code
+	      if (charCode > 255) { return }
+	            // Decode character
+	      var carry = BASE_MAP[charCode];
+	            // Invalid character
+	      if (carry === 255) { return }
+	      var i = 0;
+	      for (var it3 = size - 1; (carry !== 0 || i < length) && (it3 !== -1); it3--, i++) {
+	        carry += (BASE * b256[it3]) >>> 0;
+	        b256[it3] = (carry % 256) >>> 0;
+	        carry = (carry / 256) >>> 0;
+	      }
+	      if (carry !== 0) { throw new Error('Non-zero carry') }
+	      length = i;
+	      psz++;
+	    }
+	        // Skip leading zeroes in b256.
+	    var it4 = size - length;
+	    while (it4 !== size && b256[it4] === 0) {
+	      it4++;
+	    }
+	    var vch = _Buffer.allocUnsafe(zeroes + (size - it4));
+	    vch.fill(0x00, 0, zeroes);
+	    var j = zeroes;
+	    while (it4 !== size) {
+	      vch[j++] = b256[it4++];
+	    }
+	    return vch
+	  }
+	  function decode (string) {
+	    var buffer = decodeUnsafe(string);
+	    if (buffer) { return buffer }
+	    throw new Error('Non-base' + BASE + ' character')
+	  }
+	  return {
+	    encode: encode,
+	    decodeUnsafe: decodeUnsafe,
+	    decode: decode
+	  }
+	}
+	src$1 = base;
+	return src$1;
+}
+
+var bs58$1$1;
+var hasRequiredBs58$1;
+
+function requireBs58$1 () {
+	if (hasRequiredBs58$1) return bs58$1$1;
+	hasRequiredBs58$1 = 1;
+	var basex = requireSrc$1();
+	var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
+
+	bs58$1$1 = basex(ALPHABET);
+	return bs58$1$1;
+}
+
+var bs58Exports$1 = requireBs58$1();
+var bs58$2 = /*@__PURE__*/getDefaultExportFromCjs$1(bs58Exports$1);
+
 function commonjsRequire$1(path) {
 	throw new Error('Could not dynamically require "' + path + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
 }
@@ -2697,7 +2802,7 @@ function requireNaclFast$1 () {
 		    });
 		  } else if (typeof commonjsRequire$1 !== 'undefined') {
 		    // Node.js.
-		    crypto = require$$0;
+		    crypto = require$$0$1;
 		    if (crypto && crypto.randomBytes) {
 		      nacl.setPRNG(function(x, n) {
 		        var i, v = crypto.randomBytes(n);
@@ -2769,7 +2874,7 @@ function requireBn () {
 	if (hasRequiredBn) return bn$1.exports;
 	hasRequiredBn = 1;
 	(function (module) {
-		(function (module, exports) {
+		(function (module, exports$1) {
 
 		  // Utils
 		  function assert (val, msg) {
@@ -2812,7 +2917,7 @@ function requireBn () {
 		  if (typeof module === 'object') {
 		    module.exports = BN;
 		  } else {
-		    exports.BN = BN;
+		    exports$1.BN = BN;
 		  }
 
 		  BN.BN = BN;
@@ -6128,19 +6233,33 @@ var BN = /*@__PURE__*/getDefaultExportFromCjs$1(bnExports);
 /* ------------------------------------------------------------------ */
 /*  RFC-4501 message                                                  */
 /* ------------------------------------------------------------------ */
-async function genSolanaMessage(address) {
+async function genSolanaMessage(address, nonce) {
     var _a, _b;
-    /*  Domain / origin aren’t available server-side – fall back to envs
+    /*  Domain / origin aren't available server-side – fall back to envs
         or simple placeholders.  */
     const domain = (_a = process.env.SESSION_DOMAIN) !== null && _a !== void 0 ? _a : "server";
     const origin = (_b = process.env.SESSION_ORIGIN) !== null && _b !== void 0 ? _b : "server";
     const statement = "Sign this message to authenticate with our application.";
-    const ISO8601 = new Date().toISOString();
+    const currentDate = new Date();
+    const issuedAt = currentDate.toISOString();
+    // If nonce is provided, include it and expiration time (for secure authentication)
+    if (nonce) {
+        const expirationDate = new Date(currentDate.getTime() + 5 * 60 * 1000);
+        const expirationTime = expirationDate.toISOString();
+        return `${statement}\n\n` +
+            `Wallet address:\n${address}\n\n` +
+            `Domain: ${domain}\n` +
+            `Origin: ${origin}\n` +
+            `Nonce: ${nonce}\n` +
+            `Issued At: ${issuedAt}\n` +
+            `Expiration Time: ${expirationTime}`;
+    }
+    // Backward compatible: without nonce (for server-side usage)
     return `${statement}\n\n` +
         `Wallet address:\n${address}\n\n` +
         `Domain: ${domain}\n` +
         `Origin: ${origin}\n` +
-        `Issued At: ${ISO8601}`;
+        `Issued At: ${issuedAt}`;
 }
 // ─────────────────────────────────────────────────────────────
 // Serialization Helpers
@@ -6257,7 +6376,8 @@ async function buildSetDocumentsTransaction(connection, idl, anchorProvider, pay
     const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash("confirmed");
     tx.recentBlockhash = blockhash;
     if (lutKey == null) {
-        const computeUnits = await getSimulationComputeUnits(connection, tx.instructions, payerPublicKey, []);
+        const isSurfnet = anchorProvider.connection.rpcEndpoint == "https://surfpool.fly.dev";
+        const computeUnits = isSurfnet ? 1400000 : await getSimulationComputeUnits(connection, tx.instructions, payerPublicKey, []);
         const computeBudgetIxOptimized = ComputeBudgetProgram.setComputeUnitLimit({
             units: computeUnits ? computeUnits * 1.2 : 1400000,
         }); // 20% buffer
@@ -6267,7 +6387,8 @@ async function buildSetDocumentsTransaction(connection, idl, anchorProvider, pay
     const { value: table } = await connection.getAddressLookupTable(new PublicKey(lutKey));
     if (!table)
         throw new Error('LUT not found after creation/extend');
-    const computeUnits = await getSimulationComputeUnits(connection, tx.instructions, payerPublicKey, [table]);
+    const isSurfnet = anchorProvider.connection.rpcEndpoint == "https://surfpool.fly.dev";
+    const computeUnits = isSurfnet ? 1400000 : await getSimulationComputeUnits(connection, tx.instructions, payerPublicKey, [table]);
     const computeBudgetIxOptimized = ComputeBudgetProgram.setComputeUnitLimit({
         units: computeUnits ? computeUnits * 1.2 : 1400000,
     }); // 20% buffer
@@ -6404,7 +6525,7 @@ function updateIdTokenAndAccessToken(idToken, accessToken) {
 }
 
 async function makeApiRequest(method, urlPath, data, _overrides) {
-    var _a, _b, _c, _d, _e, _f, _g, _h, _j;
+    var _a, _b, _c, _d, _e, _f;
     const config = await getConfig();
     async function executeRequest() {
         const authHeader = await createAuthHeader(config.isServer);
@@ -6454,8 +6575,7 @@ async function makeApiRequest(method, urlPath, data, _overrides) {
             return { data: null, status: 404 };
         }
         if ((_d = (_c = error.response) === null || _c === void 0 ? void 0 : _c.data) === null || _d === void 0 ? void 0 : _d.message) {
-            console.error(`Error in set call with code ${(_e = error.response) === null || _e === void 0 ? void 0 : _e.status} and message ${(_g = (_f = error.response) === null || _f === void 0 ? void 0 : _f.data) === null || _g === void 0 ? void 0 : _g.message}`);
-            throw new Error((_j = (_h = error.response) === null || _h === void 0 ? void 0 : _h.data) === null || _j === void 0 ? void 0 : _j.message);
+            throw new Error((_f = (_e = error.response) === null || _e === void 0 ? void 0 : _e.data) === null || _f === void 0 ? void 0 : _f.message);
         }
         throw error;
     }
@@ -6496,8 +6616,6 @@ function init$1(newConfig) {
             isInitialized = true;
             resolve();
         }).catch((error) => {
-            console.error('Failed to authenticate with API key or fetch config for this app:', error);
-            console.error('Please check your API key and try again.');
             reject(new Error("Failed to initialize Tarobase app."));
         });
     });
@@ -6601,16 +6719,11 @@ async function get(path, opts = {}) {
 // Helper to clean up expired cache entries
 function cleanupExpiredCache() {
     const now = Date.now();
-    let removedCount = 0;
     Object.keys(getCache).forEach(key => {
         if (getCache[key] && getCache[key].expiresAt < now) {
             delete getCache[key];
-            removedCount++;
         }
     });
-    if (removedCount > 0) {
-        console.debug(`Cleaned up ${removedCount} expired cache entries`);
-    }
     lastCacheCleanup = now;
 }
 async function runQuery(absolutePath, queryName, queryArgs) {
@@ -6744,7 +6857,6 @@ async function setMany(many, options) {
         }
     }
     catch (error) {
-        console.error("Error setting data", error);
         throw error;
     }
     async function handleSolanaTransaction(tx, authProvider, options) {
@@ -6861,9 +6973,7 @@ async function setFile(path, file) {
     });
     // 3) Check if the upload was successful
     if (!uploadResponse.ok) {
-        console.error(uploadResponse);
-        const errorText = await uploadResponse.text();
-        console.error('S3 Error Body:', errorText);
+        await uploadResponse.text();
         throw new Error(`Upload failed with status: ${uploadResponse.status}`);
     }
     // Optionally return the file's public URL or some confirmation
@@ -7551,10 +7661,9 @@ async function subscribe(path, subscriptionOptions) {
         }
     });
     ws.addEventListener('error', (event) => {
-        console.error(`WebSocket error for path: ${connectionKey}`, event);
         notifyError(connectionKey, event);
     });
-    ws.addEventListener('close', (event) => {
+    ws.addEventListener('close', () => {
         // Connection will be recreated on next subscription if needed
     });
     return async () => await removeSubscription(connectionKey, subscriptionOptions);
@@ -7595,8 +7704,7 @@ async function removeSubscription(connectionKey, subscription) {
         ws.addEventListener('close', () => {
             resolve();
         });
-        ws.addEventListener('error', (err) => {
-            console.error(`WebSocket closure error for connection: ${connectionKey}`, err);
+        ws.addEventListener('error', () => {
             resolve(); // Resolve even on error to avoid hanging
         });
         ws.close();
@@ -9999,7 +10107,7 @@ function requireNaclFast () {
 		    });
 		  } else if (typeof commonjsRequire !== 'undefined') {
 		    // Node.js.
-		    crypto = require$$0;
+		    crypto = require$$0$1;
 		    if (crypto && crypto.randomBytes) {
 		      nacl.setPRNG(function(x, n) {
 		        var i, v = crypto.randomBytes(n);
@@ -10241,6 +10349,18 @@ class SolanaKeypairProvider {
         const sig = nacl.sign.detached(new TextEncoder().encode(message), this.keypair.secretKey);
         return Buffer.from(sig).toString('base64');
     }
+    /* ----------------------------------------------------------- *
+     * Sign transaction
+     * ----------------------------------------------------------- */
+    async signTransaction(transaction) {
+        if (transaction instanceof Transaction) {
+            transaction.partialSign(this.keypair);
+        }
+        else if (transaction instanceof VersionedTransaction) {
+            transaction.sign([this.keypair]);
+        }
+        return transaction;
+    }
     /* ----------------------------------------------------------- *
      * Transaction runner
      * ----------------------------------------------------------- */
@@ -10394,6 +10514,7 @@ class SolanaKeypairProvider {
 let currentAuthProvider = null;
 const SOLANA_DEVNET_RPC_URL$1 = "https://api.devnet.solana.com";
 const SOLANA_MAINNET_RPC_URL$1 = "https://celestia-cegncv-fast-mainnet.helius-rpc.com";
+const SURFNET_RPC_URL$1 = "https://surfpool.fly.dev";
 async function getAuthProvider() {
     var _a;
     if (currentAuthProvider) {
@@ -10409,7 +10530,7 @@ async function getAuthProvider() {
         rpcUrl = SOLANA_MAINNET_RPC_URL$1;
     }
     else {
-        rpcUrl = SOLANA_DEVNET_RPC_URL$1;
+        rpcUrl = SURFNET_RPC_URL$1;
     }
     currentAuthProvider = await matchAuthProvider((_a = config.rpcUrl) !== null && _a !== void 0 ? _a : rpcUrl);
     return currentAuthProvider;
@@ -10421,6 +10542,7 @@ async function matchAuthProvider(rpcUrl) {
 let authProviderInstance = null;
 const SOLANA_DEVNET_RPC_URL = "https://api.devnet.solana.com";
 const SOLANA_MAINNET_RPC_URL = "https://celestia-cegncv-fast-mainnet.helius-rpc.com";
+const SURFNET_RPC_URL = "https://surfpool.fly.dev";
 async function init(newConfig) {
     var _a;
     let defaultRpcUrl = '';
@@ -10431,11 +10553,17 @@ async function init(newConfig) {
         defaultRpcUrl = SOLANA_MAINNET_RPC_URL;
     }
     else {
-        defaultRpcUrl = SOLANA_DEVNET_RPC_URL;
+        defaultRpcUrl = SURFNET_RPC_URL;
     }
     authProviderInstance = await matchAuthProvider((_a = newConfig.rpcUrl) !== null && _a !== void 0 ? _a : defaultRpcUrl);
     await init$1(Object.assign(Object.assign({}, newConfig), { authProvider: authProviderInstance, isServer: true }));
 }
+async function signTransaction(transaction) {
+    if (!authProviderInstance) {
+        throw new Error('Auth provider not initialized. Please call init() first.');
+    }
+    return await authProviderInstance.signTransaction(transaction);
+}
 
-export { ServerSessionManager, WebSessionManager, buildSetDocumentsTransaction, convertRemainingAccounts, createSessionWithPrivy, createSessionWithSignature, genSolanaMessage, get, getAuthProvider, getConfig, getFiles, getIdToken, init, refreshSession, runExpression, runExpressionMany, runQuery, runQueryMany, set, setFile, setMany, signSessionCreateMessage, subscribe };
+export { ServerSessionManager, WebSessionManager, buildSetDocumentsTransaction, convertRemainingAccounts, createSessionWithPrivy, createSessionWithSignature, genAuthNonce, genSolanaMessage, get, getAuthProvider, getConfig, getFiles, getIdToken, init, refreshSession, runExpression, runExpressionMany, runQuery, runQueryMany, set, setFile, setMany, signSessionCreateMessage, signTransaction, subscribe };
 //# sourceMappingURL=index.mjs.map