@pooflabs/web 0.0.80 → 0.0.81-rc2

package/dist/index.native.esm.js

@@ -1,4 +1,4 @@
-export { X as DEFAULT_TEST_ADDRESS, _ as InsufficientBalanceError, V as MockAuthProvider, Y as OffchainAuthProvider, Z as PrivyExpoProvider, $ as ReactNativeSessionManager, a0 as ServerSessionManager, W as WebSessionManager, O as aggregate, b as buildSetDocumentsTransaction, a1 as clearCache, a2 as closeAllSubscriptions, c as convertRemainingAccounts, N as count, f as createSessionWithPrivy, o as createSessionWithSignature, R as deserializeTransaction, m as genAuthNonce, n as genSolanaMessage, B as get, w as getAuthLoading, A as getAuthProvider, a3 as getCachedData, z as getConfig, t as getCurrentUser, F as getFiles, T as getIdToken, a4 as getMany, g as getPlatform, q as init, x as login, y as logout, v as onAuthLoadingChanged, u as onAuthStateChanged, a5 as reconnectWithNewAuth, a6 as refreshSession, I as runExpression, J as runExpressionMany, G as runQuery, H as runQueryMany, C as set, E as setFile, D as setMany, U as setPlatform, M as signAndSubmitTransaction, K as signMessage, a7 as signSessionCreateMessage, L as signTransaction, P as subscribe, Q as useAuth } from './index.native-DuKhZcus.esm.js';
+export { U as DEFAULT_TEST_ADDRESS, Y as InsufficientBalanceError, T as MockAuthProvider, V as OffchainAuthProvider, X as PrivyExpoProvider, Z as ReactNativeSessionManager, _ as ServerSessionManager, W as WebSessionManager, M as aggregate, b as buildSetDocumentsTransaction, $ as clearCache, a0 as closeAllSubscriptions, c as convertRemainingAccounts, L as count, f as createSessionWithPrivy, n as createSessionWithSignature, P as deserializeTransaction, l as genAuthNonce, m as genSolanaMessage, z as get, u as getAuthLoading, y as getAuthProvider, a1 as getCachedData, x as getConfig, q as getCurrentUser, D as getFiles, Q as getIdToken, a2 as getMany, g as getPlatform, p as init, v as login, w as logout, t as onAuthLoadingChanged, r as onAuthStateChanged, a3 as reconnectWithNewAuth, a4 as refreshSession, G as runExpression, H as runExpressionMany, E as runQuery, F as runQueryMany, A as set, C as setFile, B as setMany, R as setPlatform, K as signAndSubmitTransaction, I as signMessage, a5 as signSessionCreateMessage, J as signTransaction, N as subscribe, O as useAuth } from './index.native-TLhfXfe6.esm.js';
 import 'axios';
 import '@solana/web3.js';
 import '@coral-xyz/anchor';

package/dist/index.native.js

@@ -1,6 +1,6 @@
 'use strict';
 
-var index_native = require('./index.native-DUnE51Mx.js');
+var index_native = require('./index.native-DJA9_K3i.js');
 require('axios');
 require('@solana/web3.js');
 require('@coral-xyz/anchor');

package/dist/{phantom-wallet-provider-Cg-srwP4.js → phantom-wallet-provider-BegJFoWW.js}

@@ -1,7 +1,7 @@
 'use strict';
 
-var index = require('./index-CSraUgD6.js');
-var index_native = require('./index.native-DUnE51Mx.js');
+var index = require('./index-Bdcc5821.js');
+var index_native = require('./index.native-DJA9_K3i.js');
 var web3_js = require('@solana/web3.js');
 var anchor = require('@coral-xyz/anchor');
 require('axios');
@@ -73,7 +73,7 @@ async function loadDependencies() {
         const [reactModule, reactDomModule, phantomModule] = await Promise.all([
             import('react'),
             import('react-dom/client'),
-            Promise.resolve().then(function () { return require('./index-BhfNMrC0.js'); })
+            Promise.resolve().then(function () { return require('./index-BjlCinic.js'); })
         ]);
         // Extract default export from ESM module namespace
         // Dynamic import() returns { default: Module, ...exports }, not the module directly
@@ -116,8 +116,13 @@ class PhantomWalletProvider {
     async initializeAsync() {
         // Lazy load dependencies only when actually instantiating
         await loadDependencies();
-        // Initialize React component
-        this.initialize();
+        // Initialize React component eagerly only when there's a real reason to
+        // (URL callback to consume, prior session to restore, in-page wallet,
+        // or non-Android). Otherwise defer until ensureReady() is reached from
+        // a user-gesture flow. See shouldMountEagerly() for the rationale.
+        if (this.shouldMountEagerly()) {
+            this.initialize();
+        }
     }
     /**
      * Check if social login providers are configured (non-injected providers).
@@ -125,6 +130,69 @@ class PhantomWalletProvider {
     hasSocialProviders() {
         return this.resolvedProviders.some(p => p !== 'injected');
     }
+    /**
+     * Decide whether to mount the @phantom/react-sdk <PhantomProvider> tree
+     * eagerly during init() or defer until the first user-triggered call
+     * (login / sign / etc.) reaches ensureReady().
+     *
+     * Mounting the React tree synchronously constructs BrowserSDK, which runs
+     * wallet-standard discovery in its constructor and fires sdk.autoConnect()
+     * in a useEffect on mount. On Solana Seeker (Android Chrome PWA), both
+     * pathways probe the Android intent surface to discover the Phantom mobile
+     * app, which surfaces Chrome's system "wants to access other apps and
+     * services" permission dialog *before* the PWA activity has window focus.
+     * The dialog renders with grayed-out buttons until the user backgrounds
+     * and resumes the app.
+     *
+     * Returns true when eager mount is needed (callback to handle, prior
+     * session, in-page wallet present, or non-Android). Otherwise returns
+     * false — the React tree is mounted lazily inside ensureReady() once a
+     * user gesture brings us there.
+     */
+    shouldMountEagerly() {
+        if (typeof window === 'undefined')
+            return false;
+        // Preserve desktop behavior: always mount eagerly.
+        if (!index_native.detectAndroid())
+            return true;
+        // In-page wallet present (Phantom in-app browser / desktop extension on
+        // a desktop-mode Android UA): no Android intent probe needed, mount free.
+        // Tighten beyond truthy `window.phantom` since arbitrary stubs can land
+        // on that key — require a wallet-shaped surface.
+        const ph = window.phantom;
+        if (ph && (ph.solana || ph.ethereum || ph.app))
+            return true;
+        // Returning from a Phantom redirect (OAuth or deeplink hop). SDK must
+        // be live to read these URL params via urlParamsAccessor.
+        const callbackKeys = ['session_id', 'wallet_id', 'selected_account_index', 'error', 'error_description'];
+        try {
+            const params = new URLSearchParams(window.location.search);
+            if (callbackKeys.some(k => params.has(k)))
+                return true;
+        }
+        catch (_a) {
+            return true; // conservative on URL access failure
+        }
+        // Returning user with a stored Phantom session. They've already
+        // approved the Android intent permission for this origin on first
+        // login, so the dialog is typically pre-granted by Chrome — eager
+        // mount lets autoConnect silently restore the wallet handshake.
+        // Require BOTH the marker AND a session storage entry so a stale
+        // orphaned marker doesn't keep eager-mounting forever. Note
+        // isAuthenticated() is a raw key-existence check, not a validity
+        // check — restoreSession() above clears the marker on the next load
+        // if the session is unusable, so the bug self-corrects after at
+        // most one further cold start.
+        try {
+            const stored = index_native.getPlatform().storage.getItem('tarobase_last_auth_method');
+            if (stored === 'phantom' && index_native.WebSessionManager.isAuthenticated())
+                return true;
+        }
+        catch (_b) {
+            return true;
+        }
+        return false;
+    }
     static getInstance(networkUrl, config) {
         if (!PhantomWalletProvider.instance) {
             new PhantomWalletProvider(networkUrl, config);
@@ -485,11 +553,20 @@ class PhantomWalletProvider {
             const handleMobileWalletClick = async () => {
                 that.loginInProgress = false;
                 walletClickedRef.current = true;
-                setShowWalletModal(false);
+                // Don't close the wallet modal yet. On Android Chrome PWA,
+                // closing the modal here triggers a React commit and a focus
+                // transition that races MWA's transact() opening a localhost
+                // WebSocket. Chrome's "Apps on Device" / Local Network Access
+                // permission dialog spawns inheriting the activity's focus
+                // state at that moment — and the in-transit focus produces a
+                // dialog with grayed-out Allow/Block buttons. Keep the modal
+                // mounted through MWA login so focus is stable when the
+                // system dialog spawns; close it after login resolves.
                 if (that.onSwitchToMWA) {
                     try {
                         const mwaProvider = await that.onSwitchToMWA();
                         const user = await mwaProvider.login();
+                        setShowWalletModal(false);
                         if (that.pendingLogin && user) {
                             that.pendingLogin.resolve(user);
                             that.pendingLogin = null;
@@ -500,12 +577,16 @@ class PhantomWalletProvider {
                         }
                     }
                     catch (error) {
+                        setShowWalletModal(false);
                         if (that.pendingLogin) {
                             that.pendingLogin.reject(error);
                             that.pendingLogin = null;
                         }
                     }
                 }
+                else {
+                    setShowWalletModal(false);
+                }
             };
             const handleCloseModal = () => {
                 setShowWalletModal(false);
@@ -801,6 +882,13 @@ class PhantomWalletProvider {
         if (this.initPromise) {
             await this.initPromise;
         }
+        // Lazy-mount path: if initializeAsync deferred the React mount (e.g.
+        // first-time visitor on Android Chrome PWA), do it now. We're being
+        // called from a user-gesture flow like login(), so any Android intent
+        // dialog that surfaces will appear with the activity already focused.
+        if (!this.containerElement) {
+            this.initialize();
+        }
         // Wait for SDK to be ready
         await new Promise((resolve) => {
             const check = () => {
@@ -910,12 +998,53 @@ class PhantomWalletProvider {
         });
     }
     async restoreSession() {
-        await this.ensureReady();
-        const session = await index_native.WebSessionManager.getSession();
-        if (session) {
-            return { provider: this, address: session.address };
+        // Read from storage directly. Do NOT ensureReady() here — that would
+        // mount @phantom/react-sdk's <PhantomProvider> during init(), which
+        // synchronously constructs BrowserSDK (running wallet-standard discovery)
+        // and fires sdk.autoConnect() — both probing the Android intent surface
+        // before the PWA activity has window focus on Solana Seeker. The
+        // resulting "access other apps and services" system dialog renders
+        // with grayed-out buttons.
+        //
+        // Wrap getSession() in try/catch: WebSessionManager.getSession() runs
+        // JSON.parse on the stored session *outside* its internal try/catch,
+        // so genuinely malformed JSON in localStorage would propagate through
+        // restoreSession() and break init() entirely. Treat any throw as
+        // "no session" and fall through to the cleanup path so corrupted
+        // storage is recoverable on next load.
+        let session;
+        try {
+            session = await index_native.WebSessionManager.getSession();
+        }
+        catch (_a) {
+            session = null;
+        }
+        if (!session) {
+            // Tidy up storage so we don't leave junk behind:
+            //  (a) clearSession() removes any stale or unparseable session
+            //      storage entry. WebSessionManager.getSession() can't reach
+            //      its own clearSession() if JSON.parse threw. Idempotent —
+            //      safe to call unconditionally here.
+            //  (b) Drop the auth-method marker if it's stale.
+            //      WebSessionManager.clearSession() only removes the session
+            //      storage key, not the marker — so without this cleanup
+            //      shouldMountEagerly() would keep eager-mounting on every
+            //      future cold start.
+            try {
+                index_native.WebSessionManager.clearSession();
+            }
+            catch ( /* best-effort */_b) { /* best-effort */ }
+            try {
+                if (index_native.getPlatform().storage.getItem('tarobase_last_auth_method') === 'phantom') {
+                    index_native.getPlatform().storage.removeItem('tarobase_last_auth_method');
+                }
+            }
+            catch (_c) {
+                // storage unavailable — best-effort cleanup
+            }
+            return null;
         }
-        return null;
+        return { provider: this, address: session.address };
     }
     async address() {
         var _a, _b, _c, _d;
@@ -1372,4 +1501,4 @@ class PhantomWalletProvider {
 PhantomWalletProvider.instance = null;
 
 exports.PhantomWalletProvider = PhantomWalletProvider;
-//# sourceMappingURL=phantom-wallet-provider-Cg-srwP4.js.map
+//# sourceMappingURL=phantom-wallet-provider-BegJFoWW.js.map

package/dist/{phantom-wallet-provider-Cg-srwP4.js.map → phantom-wallet-provider-BegJFoWW.js.map}

@@ -1 +1 @@
-{"version":3,"file":"phantom-wallet-provider-Cg-srwP4.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
+{"version":3,"file":"phantom-wallet-provider-BegJFoWW.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}

package/dist/{phantom-wallet-provider--BJjVUA1.esm.js → phantom-wallet-provider-DzUAMhbm.esm.js}

@@ -1,5 +1,5 @@
-import { b as bufferExports } from './index-CKIoDkjJ.esm.js';
-import { W as WebSessionManager, c as convertRemainingAccounts, b as buildSetDocumentsTransaction, e as confirmAndCheckTransaction, s as setCurrentUser, a as SOLANA_DEVNET_RPC_URL, S as SOLANA_MAINNET_RPC_URL, h as SURFNET_RPC_URL, j as detectMobile, k as detectAndroid, l as setAuthLoading, m as genAuthNonce, n as genSolanaMessage, o as createSessionWithSignature, g as getPlatform } from './index.native-DuKhZcus.esm.js';
+import { b as bufferExports } from './index-CrOVJFX9.esm.js';
+import { h as detectAndroid, g as getPlatform, W as WebSessionManager, c as convertRemainingAccounts, b as buildSetDocumentsTransaction, e as confirmAndCheckTransaction, s as setCurrentUser, a as SOLANA_DEVNET_RPC_URL, S as SOLANA_MAINNET_RPC_URL, i as SURFNET_RPC_URL, j as detectMobile, k as setAuthLoading, l as genAuthNonce, m as genSolanaMessage, n as createSessionWithSignature } from './index.native-TLhfXfe6.esm.js';
 import { Connection, PublicKey, VersionedTransaction } from '@solana/web3.js';
 import * as anchor from '@coral-xyz/anchor';
 import 'axios';
@@ -52,7 +52,7 @@ async function loadDependencies() {
         const [reactModule, reactDomModule, phantomModule] = await Promise.all([
             import('react'),
             import('react-dom/client'),
-            import('./index-BbtYb8sE.esm.js')
+            import('./index-CHqM9n4K.esm.js')
         ]);
         // Extract default export from ESM module namespace
         // Dynamic import() returns { default: Module, ...exports }, not the module directly
@@ -95,8 +95,13 @@ class PhantomWalletProvider {
     async initializeAsync() {
         // Lazy load dependencies only when actually instantiating
         await loadDependencies();
-        // Initialize React component
-        this.initialize();
+        // Initialize React component eagerly only when there's a real reason to
+        // (URL callback to consume, prior session to restore, in-page wallet,
+        // or non-Android). Otherwise defer until ensureReady() is reached from
+        // a user-gesture flow. See shouldMountEagerly() for the rationale.
+        if (this.shouldMountEagerly()) {
+            this.initialize();
+        }
     }
     /**
      * Check if social login providers are configured (non-injected providers).
@@ -104,6 +109,69 @@ class PhantomWalletProvider {
     hasSocialProviders() {
         return this.resolvedProviders.some(p => p !== 'injected');
     }
+    /**
+     * Decide whether to mount the @phantom/react-sdk <PhantomProvider> tree
+     * eagerly during init() or defer until the first user-triggered call
+     * (login / sign / etc.) reaches ensureReady().
+     *
+     * Mounting the React tree synchronously constructs BrowserSDK, which runs
+     * wallet-standard discovery in its constructor and fires sdk.autoConnect()
+     * in a useEffect on mount. On Solana Seeker (Android Chrome PWA), both
+     * pathways probe the Android intent surface to discover the Phantom mobile
+     * app, which surfaces Chrome's system "wants to access other apps and
+     * services" permission dialog *before* the PWA activity has window focus.
+     * The dialog renders with grayed-out buttons until the user backgrounds
+     * and resumes the app.
+     *
+     * Returns true when eager mount is needed (callback to handle, prior
+     * session, in-page wallet present, or non-Android). Otherwise returns
+     * false — the React tree is mounted lazily inside ensureReady() once a
+     * user gesture brings us there.
+     */
+    shouldMountEagerly() {
+        if (typeof window === 'undefined')
+            return false;
+        // Preserve desktop behavior: always mount eagerly.
+        if (!detectAndroid())
+            return true;
+        // In-page wallet present (Phantom in-app browser / desktop extension on
+        // a desktop-mode Android UA): no Android intent probe needed, mount free.
+        // Tighten beyond truthy `window.phantom` since arbitrary stubs can land
+        // on that key — require a wallet-shaped surface.
+        const ph = window.phantom;
+        if (ph && (ph.solana || ph.ethereum || ph.app))
+            return true;
+        // Returning from a Phantom redirect (OAuth or deeplink hop). SDK must
+        // be live to read these URL params via urlParamsAccessor.
+        const callbackKeys = ['session_id', 'wallet_id', 'selected_account_index', 'error', 'error_description'];
+        try {
+            const params = new URLSearchParams(window.location.search);
+            if (callbackKeys.some(k => params.has(k)))
+                return true;
+        }
+        catch (_a) {
+            return true; // conservative on URL access failure
+        }
+        // Returning user with a stored Phantom session. They've already
+        // approved the Android intent permission for this origin on first
+        // login, so the dialog is typically pre-granted by Chrome — eager
+        // mount lets autoConnect silently restore the wallet handshake.
+        // Require BOTH the marker AND a session storage entry so a stale
+        // orphaned marker doesn't keep eager-mounting forever. Note
+        // isAuthenticated() is a raw key-existence check, not a validity
+        // check — restoreSession() above clears the marker on the next load
+        // if the session is unusable, so the bug self-corrects after at
+        // most one further cold start.
+        try {
+            const stored = getPlatform().storage.getItem('tarobase_last_auth_method');
+            if (stored === 'phantom' && WebSessionManager.isAuthenticated())
+                return true;
+        }
+        catch (_b) {
+            return true;
+        }
+        return false;
+    }
     static getInstance(networkUrl, config) {
         if (!PhantomWalletProvider.instance) {
             new PhantomWalletProvider(networkUrl, config);
@@ -464,11 +532,20 @@ class PhantomWalletProvider {
             const handleMobileWalletClick = async () => {
                 that.loginInProgress = false;
                 walletClickedRef.current = true;
-                setShowWalletModal(false);
+                // Don't close the wallet modal yet. On Android Chrome PWA,
+                // closing the modal here triggers a React commit and a focus
+                // transition that races MWA's transact() opening a localhost
+                // WebSocket. Chrome's "Apps on Device" / Local Network Access
+                // permission dialog spawns inheriting the activity's focus
+                // state at that moment — and the in-transit focus produces a
+                // dialog with grayed-out Allow/Block buttons. Keep the modal
+                // mounted through MWA login so focus is stable when the
+                // system dialog spawns; close it after login resolves.
                 if (that.onSwitchToMWA) {
                     try {
                         const mwaProvider = await that.onSwitchToMWA();
                         const user = await mwaProvider.login();
+                        setShowWalletModal(false);
                         if (that.pendingLogin && user) {
                             that.pendingLogin.resolve(user);
                             that.pendingLogin = null;
@@ -479,12 +556,16 @@ class PhantomWalletProvider {
                         }
                     }
                     catch (error) {
+                        setShowWalletModal(false);
                         if (that.pendingLogin) {
                             that.pendingLogin.reject(error);
                             that.pendingLogin = null;
                         }
                     }
                 }
+                else {
+                    setShowWalletModal(false);
+                }
             };
             const handleCloseModal = () => {
                 setShowWalletModal(false);
@@ -780,6 +861,13 @@ class PhantomWalletProvider {
         if (this.initPromise) {
             await this.initPromise;
         }
+        // Lazy-mount path: if initializeAsync deferred the React mount (e.g.
+        // first-time visitor on Android Chrome PWA), do it now. We're being
+        // called from a user-gesture flow like login(), so any Android intent
+        // dialog that surfaces will appear with the activity already focused.
+        if (!this.containerElement) {
+            this.initialize();
+        }
         // Wait for SDK to be ready
         await new Promise((resolve) => {
             const check = () => {
@@ -889,12 +977,53 @@ class PhantomWalletProvider {
         });
     }
     async restoreSession() {
-        await this.ensureReady();
-        const session = await WebSessionManager.getSession();
-        if (session) {
-            return { provider: this, address: session.address };
+        // Read from storage directly. Do NOT ensureReady() here — that would
+        // mount @phantom/react-sdk's <PhantomProvider> during init(), which
+        // synchronously constructs BrowserSDK (running wallet-standard discovery)
+        // and fires sdk.autoConnect() — both probing the Android intent surface
+        // before the PWA activity has window focus on Solana Seeker. The
+        // resulting "access other apps and services" system dialog renders
+        // with grayed-out buttons.
+        //
+        // Wrap getSession() in try/catch: WebSessionManager.getSession() runs
+        // JSON.parse on the stored session *outside* its internal try/catch,
+        // so genuinely malformed JSON in localStorage would propagate through
+        // restoreSession() and break init() entirely. Treat any throw as
+        // "no session" and fall through to the cleanup path so corrupted
+        // storage is recoverable on next load.
+        let session;
+        try {
+            session = await WebSessionManager.getSession();
+        }
+        catch (_a) {
+            session = null;
+        }
+        if (!session) {
+            // Tidy up storage so we don't leave junk behind:
+            //  (a) clearSession() removes any stale or unparseable session
+            //      storage entry. WebSessionManager.getSession() can't reach
+            //      its own clearSession() if JSON.parse threw. Idempotent —
+            //      safe to call unconditionally here.
+            //  (b) Drop the auth-method marker if it's stale.
+            //      WebSessionManager.clearSession() only removes the session
+            //      storage key, not the marker — so without this cleanup
+            //      shouldMountEagerly() would keep eager-mounting on every
+            //      future cold start.
+            try {
+                WebSessionManager.clearSession();
+            }
+            catch ( /* best-effort */_b) { /* best-effort */ }
+            try {
+                if (getPlatform().storage.getItem('tarobase_last_auth_method') === 'phantom') {
+                    getPlatform().storage.removeItem('tarobase_last_auth_method');
+                }
+            }
+            catch (_c) {
+                // storage unavailable — best-effort cleanup
+            }
+            return null;
         }
-        return null;
+        return { provider: this, address: session.address };
     }
     async address() {
         var _a, _b, _c, _d;
@@ -1351,4 +1480,4 @@ class PhantomWalletProvider {
 PhantomWalletProvider.instance = null;
 
 export { PhantomWalletProvider };
-//# sourceMappingURL=phantom-wallet-provider--BJjVUA1.esm.js.map
+//# sourceMappingURL=phantom-wallet-provider-DzUAMhbm.esm.js.map

package/dist/{phantom-wallet-provider--BJjVUA1.esm.js.map → phantom-wallet-provider-DzUAMhbm.esm.js.map}

@@ -1 +1 @@
-{"version":3,"file":"phantom-wallet-provider--BJjVUA1.esm.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
+{"version":3,"file":"phantom-wallet-provider-DzUAMhbm.esm.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}

package/dist/{privy-wallet-provider-BLcur3Ue.esm.js → privy-wallet-provider-BspbiyOr.esm.js}

@@ -1,4 +1,4 @@
-import { S as SOLANA_MAINNET_RPC_URL, a as SOLANA_DEVNET_RPC_URL, W as WebSessionManager, c as convertRemainingAccounts, b as buildSetDocumentsTransaction, d as bs58, e as confirmAndCheckTransaction, s as setCurrentUser, g as getPlatform, f as createSessionWithPrivy } from './index.native-DuKhZcus.esm.js';
+import { S as SOLANA_MAINNET_RPC_URL, a as SOLANA_DEVNET_RPC_URL, W as WebSessionManager, c as convertRemainingAccounts, b as buildSetDocumentsTransaction, d as bs58, e as confirmAndCheckTransaction, s as setCurrentUser, g as getPlatform, f as createSessionWithPrivy } from './index.native-TLhfXfe6.esm.js';
 import { Connection, VersionedTransaction, PublicKey, Transaction } from '@solana/web3.js';
 import * as anchor from '@coral-xyz/anchor';
 import 'axios';
@@ -3848,7 +3848,7 @@ class PrivyWalletProvider {
         }));
         // The signature is returned as a Uint8Array, encode it as base58 (standard Solana format)
         const signatureBytes = (result === null || result === void 0 ? void 0 : result.signature) || result;
-        const bs58 = await import('./index.native-DuKhZcus.esm.js').then(function (n) { return n.i; });
+        const bs58 = await import('./index.native-TLhfXfe6.esm.js').then(function (n) { return n.a6; });
         return bs58.default.encode(signatureBytes);
     }
     async restoreSession() {
@@ -3917,4 +3917,4 @@ class PrivyWalletProvider {
 PrivyWalletProvider.instance = null;
 
 export { PrivyWalletProvider };
-//# sourceMappingURL=privy-wallet-provider-BLcur3Ue.esm.js.map
+//# sourceMappingURL=privy-wallet-provider-BspbiyOr.esm.js.map