@pooflabs/web 0.0.84 → 0.0.85-rc2

package/dist/solana-mobile-wallet-provider-S8yWHG6i.js

@@ -0,0 +1,841 @@
+'use strict';
+
+var index = require('./index-DyRIXw-l.js');
+var index_native = require('./index.native-ANhb4jEB.js');
+var web3_js = require('@solana/web3.js');
+var anchor = require('@coral-xyz/anchor');
+require('axios');
+require('react');
+
+function _interopNamespaceDefault(e) {
+    var n = Object.create(null);
+    if (e) {
+        Object.keys(e).forEach(function (k) {
+            if (k !== 'default') {
+                var d = Object.getOwnPropertyDescriptor(e, k);
+                Object.defineProperty(n, k, d.get ? d : {
+                    enumerable: true,
+                    get: function () { return e[k]; }
+                });
+            }
+        });
+    }
+    n.default = e;
+    return Object.freeze(n);
+}
+
+var anchor__namespace = /*#__PURE__*/_interopNamespaceDefault(anchor);
+
+const ED25519_SIGNATURE_LENGTH = 64;
+const STORED_AUTH_METHOD_KEY = 'tarobase_last_auth_method';
+const MWA_AUTH_METHOD = 'mobile-wallet-adapter';
+function findMwaError(e, maxDepth = 5) {
+    var _a;
+    let cur = e;
+    let depth = 0;
+    while (cur && depth < maxDepth) {
+        if ((cur === null || cur === void 0 ? void 0 : cur.name) === 'SolanaMobileWalletAdapterError' && typeof (cur === null || cur === void 0 ? void 0 : cur.code) === 'string') {
+            return { code: cur.code, message: String((_a = cur.message) !== null && _a !== void 0 ? _a : '') };
+        }
+        cur = cur === null || cur === void 0 ? void 0 : cur.cause;
+        depth++;
+    }
+    return null;
+}
+/**
+ * Returns the matched MwaErrorInfo when the error is from an association
+ * failure that an automatic retry can recover from (i.e. the wallet exists
+ * on-device but the dApp's protocol session didn't complete in time). Returns
+ * null for non-retryable errors (user cancel, unknown wallet errors, etc.).
+ *
+ * Specifically:
+ *   - ERROR_WALLET_NOT_FOUND: thrown from the protocol's startScenario when
+ *     it gave up waiting for a wallet to respond. On Seeker this races the
+ *     first-time-consent UI on the very first authorize.
+ *   - ERROR_SESSION_TIMEOUT: similar — the protocol's session-establishment
+ *     timer expired.
+ *   - ERROR_ASSOCIATION_CANCELLED: shared by user-cancel ("Wallet connection
+ *     cancelled by user") AND the 30s wallet-standard WALLET_ASSOCIATION_TIMEOUT
+ *     ("Wallet connection timed out"). Discriminate by message — never retry
+ *     a user cancel.
+ */
+function isMwaAssociationRetryable(e) {
+    const info = findMwaError(e);
+    if (!info)
+        return null;
+    if (info.code === 'ERROR_WALLET_NOT_FOUND')
+        return info;
+    if (info.code === 'ERROR_SESSION_TIMEOUT')
+        return info;
+    if (info.code === 'ERROR_ASSOCIATION_CANCELLED' && /timed out/i.test(info.message))
+        return info;
+    return null;
+}
+/**
+ * Single-retry wrapper for MWA association failures. Used ONLY for login's
+ * `standard:connect` and `solana:signMessage` calls — never for
+ * `signAndSendTransaction`/`runTransaction` because retry on a path that
+ * may have already submitted a tx can double-send.
+ *
+ * The retry exists for one specific scenario: on first-time MWA usage from a
+ * given origin on Seeker, the protocol's session-establishment timer races
+ * Seeker's first-time consent UI. The user reads the consent sheet, taps
+ * Connect — but by then the protocol has given up and thrown
+ * ERROR_WALLET_NOT_FOUND. The consent itself IS persisted on Seeker though,
+ * so a second attempt skips the consent sheet, jumps straight to
+ * Verify/Approve, and completes inside the timeout.
+ */
+async function withMwaAssociationRetry(label, fn) {
+    const t0 = Date.now();
+    console.log(`[MWA-DEBUG] ${label} attempt=1 start`);
+    try {
+        const result = await fn();
+        console.log(`[MWA-DEBUG] ${label} attempt=1 ok (${Date.now() - t0}ms)`);
+        return result;
+    }
+    catch (e) {
+        const info = findMwaError(e);
+        console.log(`[MWA-DEBUG] ${label} attempt=1 err (${Date.now() - t0}ms)`, {
+            outer: { name: e === null || e === void 0 ? void 0 : e.name, message: e === null || e === void 0 ? void 0 : e.message },
+            mwa: info,
+        });
+        const retryable = isMwaAssociationRetryable(e);
+        if (!retryable)
+            throw e;
+        // Seeker's consent sheet is a bottom-sheet overlay — Chrome doesn't
+        // reliably flip document.visibilityState to 'hidden' while it's open,
+        // so visibility-based waits fire too early. Use a fixed delay long
+        // enough for Seeker to dismiss its sheet and the OS to release intent
+        // state. 2.5s is empirically safe; tune from device traces if needed.
+        console.log(`[MWA-DEBUG] ${label} retryable (${retryable.code}); waiting 2500ms before retry`);
+        await new Promise(r => setTimeout(r, 2500));
+        const t1 = Date.now();
+        console.log(`[MWA-DEBUG] ${label} attempt=2 start`);
+        try {
+            const result = await fn();
+            console.log(`[MWA-DEBUG] ${label} attempt=2 ok (${Date.now() - t1}ms)`);
+            return result;
+        }
+        catch (e2) {
+            const info2 = findMwaError(e2);
+            console.log(`[MWA-DEBUG] ${label} attempt=2 err (${Date.now() - t1}ms)`, {
+                outer: { name: e2 === null || e2 === void 0 ? void 0 : e2.name, message: e2 === null || e2 === void 0 ? void 0 : e2.message },
+                mwa: info2,
+            });
+            // Only mask the error with the clean Seeker message when the
+            // second failure is also an association-flavored error. If it's
+            // a user cancel, wallet rejection, or unknown error, rethrow
+            // the original so the host app surfaces the real cause.
+            if (isMwaAssociationRetryable(e2)) {
+                throw new Error("Couldn't connect to your Seeker wallet. Please try again.");
+            }
+            throw e2;
+        }
+    }
+}
+/**
+ * Normalize a chain string to a wallet-standard Solana chain identifier.
+ *
+ * Handles three input shapes that all show up in practice:
+ *  - Bare cluster name from `SolanaMobileWalletConfig.cluster` (e.g. 'devnet').
+ *  - Prefixed `solana:cluster` (e.g. 'solana:devnet').
+ *  - Double-prefixed `solana:solana:cluster` (constructor used to wrap cluster
+ *    with `solana:` blindly; if a caller already passed a prefixed string the
+ *    result was `solana:solana:devnet`).
+ *
+ * Wallet-standard Solana chains are exactly:
+ *   'solana:mainnet' | 'solana:devnet' | 'solana:testnet' | 'solana:localnet'
+ * — `mainnet-beta` is NOT a valid wallet-standard identifier and must be
+ * normalized to `solana:mainnet`.
+ */
+function mapChainToWalletStandard(input) {
+    if (!input)
+        return 'solana:mainnet';
+    let s = String(input).toLowerCase();
+    while (s.startsWith('solana:'))
+        s = s.slice('solana:'.length);
+    if (s === 'mainnet-beta' || s === 'mainnet')
+        return 'solana:mainnet';
+    if (s === 'devnet')
+        return 'solana:devnet';
+    if (s === 'testnet')
+        return 'solana:testnet';
+    if (s === 'localnet')
+        return 'solana:localnet';
+    return 'solana:mainnet';
+}
+/**
+ * Serialize a Transaction/VersionedTransaction to a Uint8Array wire payload
+ * that the wallet-standard `solana:signTransaction` /
+ * `solana:signAndSendTransaction` features expect.
+ *
+ * Legacy transactions must serialize with `requireAllSignatures: false` and
+ * `verifySignatures: false` — the wallet hasn't signed yet, and the default
+ * `serialize()` would throw "Signature verification failed". Versioned
+ * transactions use the default `serialize()` which already permits unsigned
+ * payloads. Mirrors the helper at
+ * `@solana-mobile/mobile-wallet-adapter-protocol-web3js/lib/esm/index.browser.js:13-18`.
+ */
+function txToWireBytes(tx) {
+    if ('version' in tx)
+        return tx.serialize();
+    return tx.serialize({ requireAllSignatures: false, verifySignatures: false });
+}
+/**
+ * Deserialize a wire-format transaction returned by the wallet
+ * `solana:signTransaction` feature. Mirrors the helper at
+ * `@solana-mobile/mobile-wallet-adapter-protocol-web3js/lib/esm/index.browser.js:19-23`
+ * so legacy and versioned bytes both round-trip correctly.
+ */
+function txFromWireBytes(byteArray) {
+    const messageOffset = byteArray[0] * ED25519_SIGNATURE_LENGTH + 1;
+    const messageVersion = web3_js.VersionedMessage.deserializeMessageVersion(byteArray.slice(messageOffset, byteArray.length));
+    if (messageVersion === 'legacy') {
+        return web3_js.Transaction.from(byteArray);
+    }
+    return web3_js.VersionedTransaction.deserialize(byteArray);
+}
+/**
+ * Per-method runtime narrowing of wallet-standard features. The wallet's
+ * `.features` type is a union (`signAndSendTransaction` | `signTransaction`),
+ * and after authorization the wallet may also narrow `#optionalFeatures`
+ * based on actual wallet capabilities. Narrow at the call site so a method
+ * that needs only `signMessage` doesn't fail when a wallet lacks
+ * `signTransaction`.
+ */
+function getSignMessageFeature(wallet) {
+    const f = wallet.features;
+    const feat = f['solana:signMessage'];
+    if (!feat || typeof feat.signMessage !== 'function') {
+        throw new Error('Wallet does not support solana:signMessage');
+    }
+    return feat;
+}
+function getSignTransactionFeature(wallet) {
+    const f = wallet.features;
+    const feat = f['solana:signTransaction'];
+    if (!feat || typeof feat.signTransaction !== 'function') {
+        throw new Error('Wallet does not support solana:signTransaction');
+    }
+    return feat;
+}
+function getSignAndSendTransactionFeature(wallet) {
+    const f = wallet.features;
+    const feat = f['solana:signAndSendTransaction'];
+    if (!feat || typeof feat.signAndSendTransaction !== 'function') {
+        throw new Error('Wallet does not support solana:signAndSendTransaction');
+    }
+    return feat;
+}
+function getConnectFeature(wallet) {
+    const f = wallet.features;
+    const feat = f['standard:connect'];
+    if (!feat || typeof feat.connect !== 'function') {
+        throw new Error('Wallet does not support standard:connect');
+    }
+    return feat;
+}
+function getDisconnectFeature(wallet) {
+    const f = wallet.features;
+    const feat = f['standard:disconnect'];
+    return feat && typeof feat.disconnect === 'function' ? feat : null;
+}
+function writeAuthMethod(method) {
+    try {
+        if (method === null) {
+            index_native.getPlatform().storage.removeItem(STORED_AUTH_METHOD_KEY);
+        }
+        else {
+            index_native.getPlatform().storage.setItem(STORED_AUTH_METHOD_KEY, method);
+        }
+    }
+    catch (_a) {
+        // storage may be unavailable
+    }
+}
+function readAuthMethod() {
+    try {
+        return index_native.getPlatform().storage.getItem(STORED_AUTH_METHOD_KEY);
+    }
+    catch (_a) {
+        return null;
+    }
+}
+/**
+ * SolanaMobileWalletProvider implements the AuthProvider interface using
+ * Solana Mobile's wallet-standard wrapper (`LocalSolanaMobileWalletAdapterWallet`).
+ *
+ * Why wallet-standard and not the raw MWA protocol: as of
+ * `@solana-mobile/wallet-standard-mobile@0.5.0+`, the wallet's internal
+ * `#transact` calls `checkLocalNetworkAccessPermission()` before opening the
+ * localhost WebSocket. That helper renders a three-stage UX flow Solana
+ * Mobile designed specifically to defuse Chrome's Local Network Access
+ * permission dialog (which renders with disabled buttons on Android Chrome,
+ * the source of the long-running Seeker MWA bug):
+ *
+ *   1. "Allow connections to your wallet" informational modal.
+ *   2. Chrome's permission prompt (interactive because it's spawned as a
+ *      fresh user gesture from step 1).
+ *   3. "Ready to connect!" success modal.
+ *
+ * `checkLocalNetworkAccessPermission` is internal to the library — it's not
+ * exported. The only way to invoke it is to go through the wallet's
+ * `standard:connect` / `solana:sign*` features, which is what this provider
+ * does.
+ *
+ * Notes on UX: login uses two wallet popups in succession — `standard:connect`
+ * (authorize) and `solana:signMessage` (sign the Tarobase nonce). The
+ * previous implementation combined both inside a single `transact` callback;
+ * splitting them is the cost of going through wallet-standard, and is
+ * acceptable given the alternative was broken on Seeker.
+ */
+class SolanaMobileWalletProvider {
+    constructor(networkUrl = null, config = {}) {
+        /** LocalSolanaMobileWalletAdapterWallet, lazy-constructed in ensureWallet(). */
+        this.wallet = null;
+        this.networkUrl = networkUrl;
+        this.config = config;
+        if (typeof window === 'undefined') {
+            throw new Error('SolanaMobileWalletProvider can only be instantiated in a browser environment');
+        }
+        if (SolanaMobileWalletProvider.instance) {
+            return SolanaMobileWalletProvider.instance;
+        }
+        this.appIdentity = config.appIdentity || {
+            name: 'TaroBase App',
+            uri: index_native.getPlatform().getLocationOrigin(),
+        };
+        this.cluster = config.cluster || 'mainnet-beta';
+        SolanaMobileWalletProvider.instance = this;
+    }
+    static getInstance(networkUrl, config) {
+        if (!SolanaMobileWalletProvider.instance) {
+            new SolanaMobileWalletProvider(networkUrl, config);
+        }
+        return SolanaMobileWalletProvider.instance;
+    }
+    /** Lazy-construct LocalSolanaMobileWalletAdapterWallet on first need. */
+    async ensureWallet() {
+        if (this.wallet)
+            return this.wallet;
+        const mod = await Promise.resolve().then(function () { return require('./index.browser-DZtZWdul.js'); });
+        const chain = mapChainToWalletStandard(this.cluster);
+        this.wallet = new mod.LocalSolanaMobileWalletAdapterWallet({
+            appIdentity: this.appIdentity,
+            authorizationCache: mod.createDefaultAuthorizationCache(),
+            chains: [chain],
+            chainSelector: mod.createDefaultChainSelector(),
+            // Suppress the default "We can't find a wallet" modal — that
+            // modal is misleading when ERROR_WALLET_NOT_FOUND fires during
+            // a first-time-consent race on Seeker (the wallet IS installed,
+            // the protocol just gave up before the user finished consenting).
+            // login()'s withMwaAssociationRetry handles this case; on second
+            // failure it surfaces a clean error message to the host app.
+            onWalletNotFound: async () => {
+                console.warn('[MWA-DEBUG] ensureWallet onWalletNotFound (suppressed)');
+            },
+        });
+        return this.wallet;
+    }
+    /**
+     * Ensure the wallet has an active authorization. After a Tarobase session
+     * is restored from storage on cold-start, `wallet.accounts` is empty until
+     * we silently reconnect from the AuthorizationCache. If the cache is also
+     * empty, fall back to interactive `login()` (which surfaces the three-stage
+     * Solana Mobile LNA flow + wallet popups).
+     *
+     * Returns the wallet-standard `WalletAccount` to use for sign operations.
+     */
+    async ensureAuthorized() {
+        const wallet = await this.ensureWallet();
+        if (wallet.accounts.length === 0) {
+            try {
+                const connectFeat = getConnectFeature(wallet);
+                await connectFeat.connect({ silent: true });
+            }
+            catch (e) {
+                console.warn('[SolanaMobileWallet] silent connect failed:', e === null || e === void 0 ? void 0 : e.message);
+            }
+        }
+        if (wallet.accounts.length === 0) {
+            const user = await this.login();
+            if (!user)
+                throw new Error('MWA not connected');
+        }
+        return wallet.accounts[0];
+    }
+    /** Returns the active wallet-standard chain identifier (e.g. 'solana:mainnet'). */
+    getChain() {
+        return mapChainToWalletStandard(this.cluster);
+    }
+    async login() {
+        var _a, _b, _c, _d, _e;
+        index_native.setAuthLoading(true);
+        // Mark the auth method early so a concurrent Phantom auto-create-session
+        // effect (see phantom-wallet-provider) sees 'mobile-wallet-adapter'
+        // during our slow connect/sign roundtrip and backs off. Capture the
+        // previous value so we can restore it if login fails.
+        const prevAuthMethod = readAuthMethod();
+        writeAuthMethod(MWA_AUTH_METHOD);
+        try {
+            const wallet = await this.ensureWallet();
+            // Quick-check: wallet may already have authorization (e.g. from a
+            // previous in-page login) and a matching Tarobase session — skip
+            // popups in that case.
+            if (wallet.accounts.length > 0) {
+                const accountPubkey = new web3_js.PublicKey(wallet.accounts[0].publicKey);
+                const base58Addr = accountPubkey.toBase58();
+                const existingSession = await index_native.WebSessionManager.getSession();
+                if (existingSession && existingSession.address === base58Addr) {
+                    const user = { provider: this, address: base58Addr };
+                    index_native.setCurrentUser(user);
+                    return user;
+                }
+            }
+            // Pre-fetch nonce while the wallet popup is not yet open.
+            const nonce = await index_native.genAuthNonce();
+            // Wallet popup #1: standard:connect performs MWA authorize. This
+            // is where wallet-standard's checkLocalNetworkAccessPermission()
+            // fires the three-stage LNA UX (info modal → permission prompt →
+            // success modal) before opening the localhost WebSocket.
+            //
+            // Wrap with single-retry: on a Seeker origin's first MWA usage,
+            // the protocol's session-establishment timer often races Seeker's
+            // first-time consent UI and throws ERROR_WALLET_NOT_FOUND before
+            // the user finishes tapping. The retry hits Seeker's cached
+            // consent on the second pass and completes quickly. See
+            // withMwaAssociationRetry for details.
+            const connectFeat = getConnectFeature(wallet);
+            const { accounts } = await withMwaAssociationRetry('login:connect', () => connectFeat.connect());
+            if (!accounts || accounts.length === 0) {
+                throw new Error('MWA returned no accounts');
+            }
+            const account = accounts[0];
+            const accountPubkey = new web3_js.PublicKey(account.publicKey);
+            const base58Addr = accountPubkey.toBase58();
+            // If we happen to already have a matching Tarobase session, reuse it.
+            const existingSession = await index_native.WebSessionManager.getSession();
+            if (existingSession && existingSession.address === base58Addr) {
+                const user = { provider: this, address: base58Addr };
+                index_native.setCurrentUser(user);
+                return user;
+            }
+            // Wallet popup #2: sign the Tarobase nonce message. Wrap with the
+            // same retry for defense in depth — by now Seeker has cached the
+            // consent so this rarely hits the retry path, but if the
+            // protocol's session timer fires here too we recover transparently.
+            const messageText = await index_native.genSolanaMessage(base58Addr, nonce);
+            const messageBytes = index_native.getPlatform().textEncode(messageText);
+            const signMessageFeat = getSignMessageFeature(wallet);
+            const signResults = await withMwaAssociationRetry('login:signMessage', () => signMessageFeat.signMessage({ account, message: messageBytes }));
+            if (!signResults || signResults.length === 0) {
+                throw new Error('MWA returned no signature');
+            }
+            const { signature: sigBytes } = signResults[0];
+            const signatureBase64 = index.bufferExports.Buffer.from(sigBytes).toString('base64');
+            // Create Tarobase session on the server.
+            const createSessionResult = await index_native.createSessionWithSignature(base58Addr, messageText, signatureBase64);
+            await index_native.WebSessionManager.storeSession(base58Addr, createSessionResult.accessToken, createSessionResult.idToken, createSessionResult.refreshToken);
+            // Auth-method marker is already 'mobile-wallet-adapter' from above.
+            const user = { provider: this, address: base58Addr };
+            index_native.setCurrentUser(user);
+            return user;
+        }
+        catch (error) {
+            // Restore the previous auth-method marker since this login attempt failed.
+            writeAuthMethod(prevAuthMethod);
+            const isUserRejection = (error === null || error === void 0 ? void 0 : error.code) === 4001 ||
+                ((_a = error === null || error === void 0 ? void 0 : error.message) === null || _a === void 0 ? void 0 : _a.toLowerCase().includes('user rejected')) ||
+                ((_b = error === null || error === void 0 ? void 0 : error.message) === null || _b === void 0 ? void 0 : _b.toLowerCase().includes('user denied')) ||
+                ((_c = error === null || error === void 0 ? void 0 : error.message) === null || _c === void 0 ? void 0 : _c.toLowerCase().includes('user cancelled')) ||
+                ((_d = error === null || error === void 0 ? void 0 : error.message) === null || _d === void 0 ? void 0 : _d.toLowerCase().includes('user canceled')) ||
+                ((_e = error === null || error === void 0 ? void 0 : error.message) === null || _e === void 0 ? void 0 : _e.toLowerCase().includes('user declined'));
+            if (!isUserRejection) {
+                console.error('[SolanaMobileWallet] Login failed:', error);
+            }
+            throw error;
+        }
+        finally {
+            index_native.setAuthLoading(false);
+        }
+    }
+    async restoreSession() {
+        const session = await index_native.WebSessionManager.getSession();
+        if (session) {
+            return { provider: this, address: session.address };
+        }
+        return null;
+    }
+    async logout() {
+        try {
+            const wallet = await this.ensureWallet();
+            const disconnectFeat = getDisconnectFeature(wallet);
+            if (disconnectFeat) {
+                // Disconnect clears the AuthorizationCache and resets
+                // wallet.#authorization internally (no LNA dialog).
+                await disconnectFeat.disconnect();
+            }
+        }
+        catch (error) {
+            console.error('[SolanaMobileWallet] Disconnect error:', error);
+        }
+        index_native.WebSessionManager.clearSession();
+        // Clear the auth-method marker so Phantom auto-create is unblocked
+        // for any subsequent fresh login on this device.
+        writeAuthMethod(null);
+        index_native.setCurrentUser(null);
+    }
+    async signMessage(message) {
+        var _a, _b;
+        const account = await this.ensureAuthorized();
+        const wallet = await this.ensureWallet();
+        try {
+            const signMessageFeat = getSignMessageFeature(wallet);
+            const messageBytes = index_native.getPlatform().textEncode(message);
+            const results = await signMessageFeat.signMessage({ account, message: messageBytes });
+            if (!results || results.length === 0) {
+                throw new Error('MWA returned no signature');
+            }
+            const { signature: sigBytes } = results[0];
+            return index.bufferExports.Buffer.from(sigBytes).toString('base64');
+        }
+        catch (error) {
+            if (((_a = error === null || error === void 0 ? void 0 : error.message) === null || _a === void 0 ? void 0 : _a.includes('not connected')) || ((_b = error === null || error === void 0 ? void 0 : error.message) === null || _b === void 0 ? void 0 : _b.includes('not authorized')) ||
+                (error === null || error === void 0 ? void 0 : error.code) === 'ERROR_AUTHORIZATION_FAILED') {
+                await this.logout();
+                throw new Error('Wallet connection lost. Please reconnect.');
+            }
+            throw new Error(`Failed to sign message: ${error.message}`);
+        }
+    }
+    async signTransaction(transaction) {
+        var _a, _b;
+        const account = await this.ensureAuthorized();
+        const connectedPubkey = new web3_js.PublicKey(account.publicKey);
+        const wallet = await this.ensureWallet();
+        const chain = this.getChain();
+        // Preserve existing prep: fill missing blockhash / fee payer so call
+        // sites that build a tx without these fields don't regress.
+        const isLegacyTransaction = 'recentBlockhash' in transaction && !('message' in transaction && 'staticAccountKeys' in transaction.message);
+        if (isLegacyTransaction) {
+            const legacyTx = transaction;
+            if (!legacyTx.recentBlockhash) {
+                const conn = new web3_js.Connection(this.getRpcUrl(), 'confirmed');
+                const { blockhash, lastValidBlockHeight } = await conn.getLatestBlockhash('confirmed');
+                legacyTx.recentBlockhash = blockhash;
+                legacyTx.lastValidBlockHeight = lastValidBlockHeight;
+            }
+            if (!legacyTx.feePayer) {
+                legacyTx.feePayer = connectedPubkey;
+            }
+        }
+        else {
+            const versionedTx = transaction;
+            if (!versionedTx.message.recentBlockhash) {
+                const conn = new web3_js.Connection(this.getRpcUrl(), 'confirmed');
+                const { blockhash } = await conn.getLatestBlockhash('confirmed');
+                versionedTx.message.recentBlockhash = blockhash;
+            }
+        }
+        try {
+            const signTxFeat = getSignTransactionFeature(wallet);
+            const wireBytes = txToWireBytes(transaction);
+            const results = await signTxFeat.signTransaction({ account, transaction: wireBytes, chain });
+            if (!results || results.length === 0) {
+                throw new Error('MWA returned no signed transaction');
+            }
+            const { signedTransaction: signedBytes } = results[0];
+            return txFromWireBytes(new Uint8Array(signedBytes));
+        }
+        catch (error) {
+            if (((_a = error === null || error === void 0 ? void 0 : error.message) === null || _a === void 0 ? void 0 : _a.includes('not connected')) || ((_b = error === null || error === void 0 ? void 0 : error.message) === null || _b === void 0 ? void 0 : _b.includes('not authorized')) ||
+                (error === null || error === void 0 ? void 0 : error.code) === 'ERROR_AUTHORIZATION_FAILED') {
+                await this.logout();
+                throw new Error('Wallet connection lost. Please reconnect.');
+            }
+            throw new Error(`Failed to sign transaction: ${error.message}`);
+        }
+    }
+    async signAndSubmitTransaction(transaction, feePayer) {
+        var _a, _b, _c, _d, _e, _f;
+        const account = await this.ensureAuthorized();
+        const connectedPubkey = new web3_js.PublicKey(account.publicKey);
+        const wallet = await this.ensureWallet();
+        const chain = this.getChain();
+        const rpcUrl = this.getRpcUrl();
+        const connection = new web3_js.Connection(rpcUrl, 'confirmed');
+        const isSurfnet = rpcUrl === index_native.SURFNET_RPC_URL;
+        try {
+            // Preserve existing prep: refresh blockhash and set fee payer.
+            const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash('confirmed');
+            const isLegacyTransaction = 'recentBlockhash' in transaction && !('message' in transaction && 'staticAccountKeys' in transaction.message);
+            if (isLegacyTransaction) {
+                const legacyTx = transaction;
+                legacyTx.recentBlockhash = blockhash;
+                legacyTx.lastValidBlockHeight = lastValidBlockHeight;
+                if (!legacyTx.feePayer) {
+                    legacyTx.feePayer = feePayer !== null && feePayer !== void 0 ? feePayer : connectedPubkey;
+                }
+            }
+            else {
+                const versionedTx = transaction;
+                versionedTx.message.recentBlockhash = blockhash;
+            }
+            if (isSurfnet) {
+                // Surfnet: sign locally via wallet-standard, submit manually
+                // to the Surfnet RPC. Don't route through signAndSendTransaction
+                // because the wallet would submit to its own RPC.
+                const signTxFeat = getSignTransactionFeature(wallet);
+                const wireBytes = txToWireBytes(transaction);
+                const results = await signTxFeat.signTransaction({ account, transaction: wireBytes, chain });
+                if (!results || results.length === 0) {
+                    throw new Error('MWA returned no signed transaction');
+                }
+                const { signedTransaction: signedBytes } = results[0];
+                const signedTx = txFromWireBytes(new Uint8Array(signedBytes));
+                const signature = await connection.sendRawTransaction(signedTx.serialize(), {
+                    preflightCommitment: 'confirmed',
+                });
+                const confirmation = await connection.confirmTransaction({
+                    signature,
+                    blockhash,
+                    lastValidBlockHeight,
+                }, 'confirmed');
+                if (confirmation.value.err) {
+                    throw new Error(`Transaction failed: ${confirmation.value.err.toString()}`);
+                }
+                return signature;
+            }
+            // Non-Surfnet: wallet signs and submits to its own RPC.
+            const signSendFeat = getSignAndSendTransactionFeature(wallet);
+            const wireBytes = txToWireBytes(transaction);
+            const results = await signSendFeat.signAndSendTransaction({
+                account,
+                transaction: wireBytes,
+                chain,
+                options: { commitment: 'confirmed' },
+            });
+            if (!results || results.length === 0) {
+                throw new Error('MWA returned no signature');
+            }
+            const { signature: sigBytes } = results[0];
+            const signature = index_native.base58.encode(sigBytes);
+            await index_native.confirmAndCheckTransaction(connection, signature);
+            return signature;
+        }
+        catch (error) {
+            if (((_a = error === null || error === void 0 ? void 0 : error.message) === null || _a === void 0 ? void 0 : _a.includes('not connected')) || ((_b = error === null || error === void 0 ? void 0 : error.message) === null || _b === void 0 ? void 0 : _b.includes('not authorized')) ||
+                (error === null || error === void 0 ? void 0 : error.code) === 'ERROR_AUTHORIZATION_FAILED') {
+                await this.logout();
+                throw new Error('Wallet connection lost. Please reconnect.');
+            }
+            const isUserRejection = (error === null || error === void 0 ? void 0 : error.code) === 4001 ||
+                ((_c = error === null || error === void 0 ? void 0 : error.message) === null || _c === void 0 ? void 0 : _c.toLowerCase().includes('user rejected')) ||
+                ((_d = error === null || error === void 0 ? void 0 : error.message) === null || _d === void 0 ? void 0 : _d.toLowerCase().includes('user denied')) ||
+                ((_e = error === null || error === void 0 ? void 0 : error.message) === null || _e === void 0 ? void 0 : _e.toLowerCase().includes('user cancelled')) ||
+                ((_f = error === null || error === void 0 ? void 0 : error.message) === null || _f === void 0 ? void 0 : _f.toLowerCase().includes('user canceled'));
+            if (!isUserRejection) {
+                console.error('[SolanaMobileWallet] Transaction failed:', error);
+            }
+            throw new Error(`Failed to execute transaction: ${error.message}`);
+        }
+    }
+    async runTransaction(_evmTransactionData, solTransactionData, options) {
+        var _a, _b, _c, _d, _e, _f, _g, _h;
+        if (!solTransactionData) {
+            throw new Error('Solana transaction data is required for mobile wallet');
+        }
+        const account = await this.ensureAuthorized();
+        const connectedPubkey = new web3_js.PublicKey(account.publicKey);
+        const wallet = await this.ensureWallet();
+        const chain = this.getChain();
+        const rpcUrl = this.getRpcUrl(solTransactionData.network);
+        const connection = new web3_js.Connection(rpcUrl, 'confirmed');
+        const isSurfnet = rpcUrl === index_native.SURFNET_RPC_URL;
+        try {
+            const remainingAccounts = index_native.convertRemainingAccounts(solTransactionData.txArgs[0].remainingAccounts);
+            let app_id = solTransactionData.appId;
+            if (typeof window !== 'undefined' && window.CUSTOM_TAROBASE_APP_ID_HEADER) {
+                app_id = window.CUSTOM_TAROBASE_APP_ID_HEADER;
+            }
+            if (!app_id) {
+                throw new Error('App ID is required');
+            }
+            // Mock wallet adapter for Anchor — only publicKey is read during build.
+            const mockWalletAdapter = {
+                publicKey: connectedPubkey,
+                signTransaction: async (tx) => tx,
+                signAllTransactions: async (txs) => txs,
+            };
+            const anchorProvider = new anchor__namespace.AnchorProvider(connection, mockWalletAdapter, anchor__namespace.AnchorProvider.defaultOptions());
+            const finalDeduped = [];
+            for (const acc of remainingAccounts) {
+                const existing = finalDeduped.find((d) => d.pubkey.equals(acc.pubkey));
+                if (existing) {
+                    existing.isSigner = existing.isSigner || acc.isSigner;
+                    existing.isWritable = existing.isWritable || acc.isWritable;
+                }
+                else {
+                    finalDeduped.push(acc);
+                }
+            }
+            let tx;
+            if (solTransactionData.signedTransaction) {
+                // Server has co-signed a CPI attestation. Do NOT mutate its
+                // blockhash — that would invalidate the server's signature.
+                tx = web3_js.VersionedTransaction.deserialize(index.bufferExports.Buffer.from(solTransactionData.signedTransaction, 'base64'));
+            }
+            else {
+                const result = await index_native.buildSetDocumentsTransaction(connection, solTransactionData.txArgs[0].idl, anchorProvider, connectedPubkey, {
+                    app_id,
+                    documents: solTransactionData.txArgs[0].setDocumentData,
+                    delete_paths: solTransactionData.txArgs[0].deletePaths,
+                    txData: solTransactionData.txArgs[0].txData
+                }, finalDeduped, solTransactionData.lutKey, solTransactionData.preInstructions, false, solTransactionData.additionalLutAddresses);
+                tx = result.tx;
+            }
+            // Sign-only branch — sign the tx but don't submit.
+            if ((options === null || options === void 0 ? void 0 : options.shouldSubmitTx) === false) {
+                const signTxFeat = getSignTransactionFeature(wallet);
+                const wireBytes = txToWireBytes(tx);
+                const results = await signTxFeat.signTransaction({ account, transaction: wireBytes, chain });
+                if (!results || results.length === 0) {
+                    throw new Error('MWA returned no signed transaction');
+                }
+                const { signedTransaction: signedBytes } = results[0];
+                const signedTx = txFromWireBytes(new Uint8Array(signedBytes));
+                return {
+                    signedTransaction: signedTx,
+                    blockNumber: 0,
+                    gasUsed: '0',
+                    data: ''
+                };
+            }
+            if (isSurfnet) {
+                // Surfnet: sign locally via wallet-standard, submit manually.
+                const signTxFeat = getSignTransactionFeature(wallet);
+                const wireBytes = txToWireBytes(tx);
+                const results = await signTxFeat.signTransaction({ account, transaction: wireBytes, chain });
+                if (!results || results.length === 0) {
+                    throw new Error('MWA returned no signed transaction');
+                }
+                const { signedTransaction: signedBytes } = results[0];
+                const signedTx = txFromWireBytes(new Uint8Array(signedBytes));
+                const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash('confirmed');
+                const signature = await connection.sendRawTransaction(signedTx.serialize(), {
+                    preflightCommitment: 'confirmed',
+                });
+                const confirmation = await connection.confirmTransaction({
+                    signature,
+                    blockhash,
+                    lastValidBlockHeight,
+                }, 'confirmed');
+                if (confirmation.value.err) {
+                    throw new Error(`Transaction failed: ${confirmation.value.err.toString()}`);
+                }
+                const txInfo = await connection.getParsedTransaction(signature, {
+                    maxSupportedTransactionVersion: 0,
+                    commitment: 'confirmed',
+                });
+                return {
+                    transactionSignature: signature,
+                    blockNumber: (txInfo === null || txInfo === void 0 ? void 0 : txInfo.slot) || 0,
+                    gasUsed: ((_a = txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta) === null || _a === void 0 ? void 0 : _a.fee.toString()) || '0',
+                    data: txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta,
+                };
+            }
+            // Non-Surfnet: wallet signs and submits to its own RPC.
+            const signSendFeat = getSignAndSendTransactionFeature(wallet);
+            const wireBytes = txToWireBytes(tx);
+            const results = await signSendFeat.signAndSendTransaction({
+                account,
+                transaction: wireBytes,
+                chain,
+                options: { commitment: 'confirmed' },
+            });
+            if (!results || results.length === 0) {
+                throw new Error('MWA returned no signature');
+            }
+            const { signature: sigBytes } = results[0];
+            const signature = index_native.base58.encode(sigBytes);
+            const txInfo = await index_native.confirmAndCheckTransaction(connection, signature);
+            return {
+                transactionSignature: signature,
+                blockNumber: (txInfo === null || txInfo === void 0 ? void 0 : txInfo.slot) || 0,
+                gasUsed: ((_b = txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta) === null || _b === void 0 ? void 0 : _b.fee.toString()) || '0',
+                data: txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta,
+            };
+        }
+        catch (error) {
+            if (((_c = error === null || error === void 0 ? void 0 : error.message) === null || _c === void 0 ? void 0 : _c.includes('not connected')) || ((_d = error === null || error === void 0 ? void 0 : error.message) === null || _d === void 0 ? void 0 : _d.includes('not authorized')) ||
+                (error === null || error === void 0 ? void 0 : error.code) === 'ERROR_AUTHORIZATION_FAILED') {
+                await this.logout();
+                throw new Error('Wallet connection lost. Please reconnect.');
+            }
+            const isUserRejection = (error === null || error === void 0 ? void 0 : error.code) === 4001 ||
+                ((_e = error === null || error === void 0 ? void 0 : error.message) === null || _e === void 0 ? void 0 : _e.toLowerCase().includes('user rejected')) ||
+                ((_f = error === null || error === void 0 ? void 0 : error.message) === null || _f === void 0 ? void 0 : _f.toLowerCase().includes('user denied')) ||
+                ((_g = error === null || error === void 0 ? void 0 : error.message) === null || _g === void 0 ? void 0 : _g.toLowerCase().includes('user cancelled')) ||
+                ((_h = error === null || error === void 0 ? void 0 : error.message) === null || _h === void 0 ? void 0 : _h.toLowerCase().includes('user canceled'));
+            if (!isUserRejection) {
+                console.error('[SolanaMobileWallet] Transaction failed:', error);
+            }
+            throw new Error(`Failed to execute transaction: ${error.message}`);
+        }
+    }
+    async getNativeMethods() {
+        var _a, _b, _c;
+        // Synchronous-ish state read; tolerate the wallet being unauthorized
+        // (return nulls). Don't trigger ensureAuthorized() here — callers that
+        // need the wallet active should sign through one of the sign methods.
+        const wallet = this.wallet;
+        if (!wallet) {
+            return {
+                authToken: null,
+                walletUriBase: null,
+                publicKey: null,
+                base64Address: null,
+                wallet: null,
+                currentAuthorization: null,
+            };
+        }
+        const acct = (_a = wallet.accounts) === null || _a === void 0 ? void 0 : _a[0];
+        const auth = wallet.currentAuthorization;
+        let publicKey = null;
+        let base64Address = null;
+        if (acct) {
+            publicKey = new web3_js.PublicKey(acct.publicKey);
+            base64Address = btoa(String.fromCharCode(...acct.publicKey));
+        }
+        return {
+            authToken: (_b = auth === null || auth === void 0 ? void 0 : auth.auth_token) !== null && _b !== void 0 ? _b : null,
+            walletUriBase: (_c = auth === null || auth === void 0 ? void 0 : auth.wallet_uri_base) !== null && _c !== void 0 ? _c : null,
+            publicKey,
+            base64Address,
+            wallet,
+            currentAuthorization: auth !== null && auth !== void 0 ? auth : null,
+        };
+    }
+    /* ----------------------------------------------------------- *
+     * Private Helpers
+     * ----------------------------------------------------------- */
+    getRpcUrl(network) {
+        if (this.networkUrl) {
+            return this.networkUrl;
+        }
+        if (network === 'solana_devnet') {
+            return index_native.SOLANA_DEVNET_RPC_URL;
+        }
+        else if (network === 'solana_mainnet') {
+            return index_native.SOLANA_MAINNET_RPC_URL;
+        }
+        else if (network === 'surfnet') {
+            return index_native.SURFNET_RPC_URL;
+        }
+        return index_native.SOLANA_MAINNET_RPC_URL;
+    }
+}
+SolanaMobileWalletProvider.instance = null;
+
+exports.SolanaMobileWalletProvider = SolanaMobileWalletProvider;
+//# sourceMappingURL=solana-mobile-wallet-provider-S8yWHG6i.js.map