@pooflabs/web 0.0.92 → 0.0.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/dist/auth/index.d.ts +7 -0
  2. package/dist/auth/providers/offchain-auth-provider.d.ts +1 -0
  3. package/dist/auth/providers/privy-wallet-provider.d.ts +7 -0
  4. package/dist/{index-dEUHmDSl.esm.js → index-Blxu9ZBh.esm.js} +2407 -2
  5. package/dist/index-Blxu9ZBh.esm.js.map +1 -0
  6. package/dist/index-C2VF8Cds.esm.js +6 -0
  7. package/dist/index-C2VF8Cds.esm.js.map +1 -0
  8. package/dist/{index-m53xb2JA.js → index-CGei1juZ.js} +2407 -3
  9. package/dist/index-CGei1juZ.js.map +1 -0
  10. package/dist/{index-vi52dsn6.js → index-CdKrnAsF.js} +2406 -2
  11. package/dist/index-CdKrnAsF.js.map +1 -0
  12. package/dist/{index-6iINLG88.esm.js → index-Cnx5UBPU.esm.js} +200 -31
  13. package/dist/index-Cnx5UBPU.esm.js.map +1 -0
  14. package/dist/{index-GeHpO_Ud.js → index-DOz63COz.js} +202 -29
  15. package/dist/index-DOz63COz.js.map +1 -0
  16. package/dist/{index-Dg3y_pRI.esm.js → index-DSSkK8ZR.esm.js} +2406 -3
  17. package/dist/index-DSSkK8ZR.esm.js.map +1 -0
  18. package/dist/{index-eFFOC8cE.js → index-DzZ1tiet.js} +2 -2
  19. package/dist/index-DzZ1tiet.js.map +1 -0
  20. package/dist/{index.browser-RwalL3F4.esm.js → index.browser-AkckBwjb.esm.js} +2 -2
  21. package/dist/{index.browser-RwalL3F4.esm.js.map → index.browser-AkckBwjb.esm.js.map} +1 -1
  22. package/dist/{index.browser-D6XPhu6r.js → index.browser-By5vlelY.js} +2 -2
  23. package/dist/{index.browser-D6XPhu6r.js.map → index.browser-By5vlelY.js.map} +1 -1
  24. package/dist/{index.browser-wZkBhwtI.esm.js → index.browser-ClqAxUrJ.esm.js} +2 -2
  25. package/dist/{index.browser-wZkBhwtI.esm.js.map → index.browser-ClqAxUrJ.esm.js.map} +1 -1
  26. package/dist/{index.browser-B1Zbn8LC.js → index.browser-Um9-5Cbs.js} +2 -2
  27. package/dist/{index.browser-B1Zbn8LC.js.map → index.browser-Um9-5Cbs.js.map} +1 -1
  28. package/dist/index.d.ts +1 -1
  29. package/dist/index.esm.js +1 -1
  30. package/dist/index.js +3 -1
  31. package/dist/index.js.map +1 -1
  32. package/dist/{index.native-Dd783Qva.esm.js → index.native-9ugIwvrJ.esm.js} +166 -31
  33. package/dist/index.native-9ugIwvrJ.esm.js.map +1 -0
  34. package/dist/{index.native-Bjx72Wnj.js → index.native-CpA5KDvL.js} +166 -29
  35. package/dist/index.native-CpA5KDvL.js.map +1 -0
  36. package/dist/index.native.esm.js +1 -1
  37. package/dist/index.native.js +1 -1
  38. package/dist/{phantom-wallet-provider-DUVViY9g.js → phantom-wallet-provider-LGxBWZXy.js} +4 -4
  39. package/dist/{phantom-wallet-provider-DUVViY9g.js.map → phantom-wallet-provider-LGxBWZXy.js.map} +1 -1
  40. package/dist/{phantom-wallet-provider-Dloixy8s.esm.js → phantom-wallet-provider-wskKKVNr.esm.js} +4 -4
  41. package/dist/{phantom-wallet-provider-Dloixy8s.esm.js.map → phantom-wallet-provider-wskKKVNr.esm.js.map} +1 -1
  42. package/dist/{privy-wallet-provider-BQbIRyXF.esm.js → privy-wallet-provider-B3bghDWY.esm.js} +22 -3
  43. package/dist/{privy-wallet-provider-BQbIRyXF.esm.js.map → privy-wallet-provider-B3bghDWY.esm.js.map} +1 -1
  44. package/dist/{privy-wallet-provider-CEdQMBT2.js → privy-wallet-provider-DsHSkIJJ.js} +22 -3
  45. package/dist/{privy-wallet-provider-CEdQMBT2.js.map → privy-wallet-provider-DsHSkIJJ.js.map} +1 -1
  46. package/dist/{solana-mobile-wallet-provider-ARvDWjP7.esm.js → solana-mobile-wallet-provider-CFYL4aOO.esm.js} +4 -4
  47. package/dist/{solana-mobile-wallet-provider-ARvDWjP7.esm.js.map → solana-mobile-wallet-provider-CFYL4aOO.esm.js.map} +1 -1
  48. package/dist/{solana-mobile-wallet-provider-CgQWQ7Sk.js → solana-mobile-wallet-provider-EkUSbs-q.js} +4 -4
  49. package/dist/{solana-mobile-wallet-provider-CgQWQ7Sk.js.map → solana-mobile-wallet-provider-EkUSbs-q.js.map} +1 -1
  50. package/package.json +2 -2
  51. package/dist/index-6iINLG88.esm.js.map +0 -1
  52. package/dist/index-CWD6VMLX.esm.js +0 -6
  53. package/dist/index-CWD6VMLX.esm.js.map +0 -1
  54. package/dist/index-Dg3y_pRI.esm.js.map +0 -1
  55. package/dist/index-GeHpO_Ud.js.map +0 -1
  56. package/dist/index-dEUHmDSl.esm.js.map +0 -1
  57. package/dist/index-eFFOC8cE.js.map +0 -1
  58. package/dist/index-m53xb2JA.js.map +0 -1
  59. package/dist/index-vi52dsn6.js.map +0 -1
  60. package/dist/index.native-Bjx72Wnj.js.map +0 -1
  61. package/dist/index.native-Dd783Qva.esm.js.map +0 -1
@@ -1,5 +1,5 @@
1
1
  import globalAxios from 'axios';
2
- import { PublicKey, SystemProgram, TransactionInstruction, ComputeBudgetProgram, Keypair, VersionedTransaction, TransactionMessage, Transaction, Connection, VersionedMessage } from '@solana/web3.js';
2
+ import { PublicKey, SystemProgram, TransactionInstruction, Connection, VersionedTransaction, ComputeBudgetProgram, Keypair, TransactionMessage, Transaction, VersionedMessage } from '@solana/web3.js';
3
3
  import * as anchor from '@coral-xyz/anchor';
4
4
  import { Program } from '@coral-xyz/anchor';
5
5
  import * as React$2 from 'react';
@@ -6683,7 +6683,14 @@ async function createSessionWithPrivy(authToken, address, privyIdToken) {
6683
6683
  const appId = config.appId;
6684
6684
  const response = await client.post('/session', {
6685
6685
  appId,
6686
- authMethod: config.authMethod,
6686
+ // createSessionWithPrivy is, by definition, the Privy session path, so the
6687
+ // server must receive authMethod:'privy' (its branch validates authToken+
6688
+ // idToken+appId). Do NOT read config.authMethod here: on a Phantom-primary app
6689
+ // with the staged Privy email swap, config.authMethod is still 'phantom' at this
6690
+ // point (commitPrivy runs after login() resolves), which routes the request to
6691
+ // the signature/message branch and fails. Hardcoding 'privy' also correctly
6692
+ // covers 'privy-expo', which the backend expects mapped to 'privy'.
6693
+ authMethod: 'privy',
6687
6694
  authToken,
6688
6695
  idToken: privyIdToken,
6689
6696
  address
@@ -9940,6 +9947,14 @@ async function updateIdTokenAndAccessToken(idToken, accessToken, isServer = fals
9940
9947
  await WebSessionManager.updateIdTokenAndAccessToken(idToken, accessToken);
9941
9948
  }
9942
9949
 
9950
+ var utils = /*#__PURE__*/Object.freeze({
9951
+ __proto__: null,
9952
+ createAuthHeader: createAuthHeader,
9953
+ getIdToken: getIdToken$1,
9954
+ getRefreshToken: getRefreshToken,
9955
+ updateIdTokenAndAccessToken: updateIdTokenAndAccessToken
9956
+ });
9957
+
9943
9958
  const apiClient = globalAxios.create();
9944
9959
  axiosRetry(apiClient, {
9945
9960
  retries: 2,
@@ -10367,7 +10382,7 @@ async function get(path, opts = {}) {
10367
10382
  // For realtime chains, prefer WebSocket reads (lower latency, already connected)
10368
10383
  const config = await getConfig();
10369
10384
  const pathIsDocument = normalizedPath.split("/").length % 2 === 0;
10370
- if (((_a = config.chain) === null || _a === void 0 ? void 0 : _a.startsWith('realtime_')) && !config.isServer && !opts.prompt && !opts.shape && !opts.cursor) {
10385
+ if (((_a = config.chain) === null || _a === void 0 ? void 0 : _a.startsWith('realtime_')) && !config.isServer && !opts.prompt && !opts.shape && !opts.cursor && !opts.includeSubPaths) {
10371
10386
  try {
10372
10387
  const { wsGet, wsQuery, hasActiveConnection } = await Promise.resolve().then(function () { return subscriptionV2; });
10373
10388
  if (hasActiveConnection()) {
@@ -10598,7 +10613,7 @@ async function set(path, document, options) {
10598
10613
  return result;
10599
10614
  }
10600
10615
  async function setMany(many, options) {
10601
- var _a, _b, _c, _d, _e, _f, _g, _h;
10616
+ var _a, _b, _c, _d, _e, _f, _g, _h, _j;
10602
10617
  // Returns the data that was set, or undefined if the document was already set.
10603
10618
  try {
10604
10619
  const config = await getConfig();
@@ -10641,12 +10656,24 @@ async function setMany(many, options) {
10641
10656
  try {
10642
10657
  const { wsSet, hasActiveConnection } = await Promise.resolve().then(function () { return subscriptionV2; });
10643
10658
  if (hasActiveConnection()) {
10659
+ // Connection is active — send via WS. If this throws, the write
10660
+ // may have been applied server-side (ack lost). Do NOT fall through
10661
+ // to HTTP, as that would double-apply non-idempotent ops (Increment).
10644
10662
  const wsResult = await wsSet(documents);
10645
- // Normalize to same shape as HTTP 200 response so downstream handling is identical
10646
10663
  setResponse = { data: wsResult, status: 200 };
10647
10664
  }
10648
10665
  }
10649
- catch ( /* fall through to HTTP */_j) { /* fall through to HTTP */ }
10666
+ catch (wsError) {
10667
+ // Only fall through to HTTP if the request was never sent (connection not available).
10668
+ // If the request was sent and ack was lost (timeout), the server may have
10669
+ // applied it — re-sending via HTTP risks double-write for non-idempotent ops.
10670
+ const msg = (_d = wsError === null || wsError === void 0 ? void 0 : wsError.message) !== null && _d !== void 0 ? _d : '';
10671
+ const neverSent = msg.includes('not available') || msg.includes('connection timeout');
10672
+ if (!neverSent) {
10673
+ throw wsError;
10674
+ }
10675
+ // Safe to retry via HTTP — request was never sent
10676
+ }
10650
10677
  }
10651
10678
  if (!setResponse) {
10652
10679
  setResponse = await makeApiRequest('PUT', `items`, { documents }, options === null || options === void 0 ? void 0 : options._overrides);
@@ -10654,9 +10681,9 @@ async function setMany(many, options) {
10654
10681
  }
10655
10682
  catch (error) {
10656
10683
  if ((error === null || error === void 0 ? void 0 : error.statusCode) === 402 && (error === null || error === void 0 ? void 0 : error.error) === 'INSUFFICIENT_BALANCE') {
10657
- const deficitLamports = Number((_d = error.deficitLamports) !== null && _d !== void 0 ? _d : 0);
10658
- const deficitSol = Number((_e = error.deficitSol) !== null && _e !== void 0 ? _e : deficitLamports / 1000000000);
10659
- throw new InsufficientBalanceError(String((_f = error.address) !== null && _f !== void 0 ? _f : ''), Number((_g = error.balanceLamports) !== null && _g !== void 0 ? _g : 0), Number((_h = error.estimatedCostLamports) !== null && _h !== void 0 ? _h : 0), deficitLamports, deficitSol);
10684
+ const deficitLamports = Number((_e = error.deficitLamports) !== null && _e !== void 0 ? _e : 0);
10685
+ const deficitSol = Number((_f = error.deficitSol) !== null && _f !== void 0 ? _f : deficitLamports / 1000000000);
10686
+ throw new InsufficientBalanceError(String((_g = error.address) !== null && _g !== void 0 ? _g : ''), Number((_h = error.balanceLamports) !== null && _h !== void 0 ? _h : 0), Number((_j = error.estimatedCostLamports) !== null && _j !== void 0 ? _j : 0), deficitLamports, deficitSol);
10660
10687
  }
10661
10688
  throw error;
10662
10689
  }
@@ -10678,7 +10705,13 @@ async function setMany(many, options) {
10678
10705
  let signedTransaction = undefined;
10679
10706
  for (let i = 0; i < transactions.length; i++) {
10680
10707
  const curTx = transactions[i];
10681
- const transactionResult = await handleSolanaTransaction(curTx, authProvider, options);
10708
+ let transactionResult;
10709
+ if (curTx.serializedTransaction) {
10710
+ transactionResult = await handlePreBuiltTransaction(curTx, authProvider, options);
10711
+ }
10712
+ else {
10713
+ transactionResult = await handleSolanaTransaction(curTx, authProvider, options);
10714
+ }
10682
10715
  lastTxSignature = transactionResult.transactionSignature;
10683
10716
  signedTransaction = transactionResult.signedTransaction;
10684
10717
  }
@@ -10784,6 +10817,68 @@ async function setMany(many, options) {
10784
10817
  const transactionResult = await authProvider.runTransaction(undefined, solTransaction, options);
10785
10818
  return transactionResult;
10786
10819
  }
10820
+ async function handlePreBuiltTransaction(tx, authProvider, options) {
10821
+ var _a, _b;
10822
+ const config = await getConfig();
10823
+ const rpcUrl = config.rpcUrl || (tx.network === 'solana_devnet'
10824
+ ? 'https://api.devnet.solana.com'
10825
+ : 'https://api.mainnet-beta.solana.com');
10826
+ const connection = new Connection(rpcUrl, 'confirmed');
10827
+ const txBytes = bufferExports$1.Buffer.from(tx.serializedTransaction, 'base64');
10828
+ const transaction = VersionedTransaction.deserialize(txBytes);
10829
+ // Validate the transaction before signing: ensure only allowed programs
10830
+ // and no unauthorized System program instructions (e.g., SOL transfers)
10831
+ const TAROBASE_PROGRAM = 'poof4b5pk1L9tmThvBmaABjcyjfhFGbMbQP5BXk2QZp';
10832
+ const COMPUTE_BUDGET = 'ComputeBudget111111111111111111111111111111';
10833
+ const SYSTEM_PROGRAM = '11111111111111111111111111111111';
10834
+ const ALLOWED_PROGRAMS = new Set([TAROBASE_PROGRAM, COMPUTE_BUDGET, SYSTEM_PROGRAM]);
10835
+ // System program instruction discriminators (first 4 bytes, little-endian u32)
10836
+ const SYSTEM_TRANSFER = 2; // Transfer instruction index
10837
+ const SYSTEM_TRANSFER_WITH_SEED = 11;
10838
+ const accountKeys = transaction.message.staticAccountKeys;
10839
+ for (const ix of transaction.message.compiledInstructions) {
10840
+ if (ix.programIdIndex >= accountKeys.length) {
10841
+ throw new Error('Pre-built transaction has program ID in lookup table (not allowed)');
10842
+ }
10843
+ const programId = accountKeys[ix.programIdIndex].toBase58();
10844
+ if (!ALLOWED_PROGRAMS.has(programId)) {
10845
+ throw new Error(`Pre-built transaction contains unauthorized program: ${programId}`);
10846
+ }
10847
+ // Block System program transfer instructions — a compromised DO could
10848
+ // embed a SOL drain. Only allow createAccount/allocate (needed for PDA init).
10849
+ if (programId === SYSTEM_PROGRAM && ix.data.length >= 4) {
10850
+ const ixIndex = ix.data[0] | (ix.data[1] << 8) | (ix.data[2] << 16) | (ix.data[3] << 24);
10851
+ if (ixIndex === SYSTEM_TRANSFER || ixIndex === SYSTEM_TRANSFER_WITH_SEED) {
10852
+ throw new Error('Pre-built transaction contains unauthorized System transfer instruction');
10853
+ }
10854
+ }
10855
+ }
10856
+ const signedTx = await authProvider.signTransaction(transaction);
10857
+ const rawTx = signedTx.serialize();
10858
+ if ((options === null || options === void 0 ? void 0 : options.shouldSubmitTx) === false) {
10859
+ return {
10860
+ transactionSignature: '',
10861
+ signedTransaction: bufferExports$1.Buffer.from(rawTx).toString('base64'),
10862
+ blockNumber: 0,
10863
+ gasUsed: '0',
10864
+ };
10865
+ }
10866
+ const signature = await connection.sendRawTransaction(rawTx, {
10867
+ skipPreflight: false,
10868
+ maxRetries: 3,
10869
+ });
10870
+ const confirmation = await connection.confirmTransaction({
10871
+ signature,
10872
+ blockhash: tx.blockhash,
10873
+ lastValidBlockHeight: tx.lastValidBlockHeight,
10874
+ }, 'confirmed');
10875
+ return {
10876
+ transactionSignature: signature,
10877
+ signedTransaction: bufferExports$1.Buffer.from(rawTx).toString('base64'),
10878
+ blockNumber: (_b = (_a = confirmation.context) === null || _a === void 0 ? void 0 : _a.slot) !== null && _b !== void 0 ? _b : 0,
10879
+ gasUsed: '0',
10880
+ };
10881
+ }
10787
10882
  async function handleOffchainTransaction(tx, authProvider, options) {
10788
10883
  var _a, _b, _c, _d, _e, _f;
10789
10884
  const config = await getConfig();
@@ -12096,30 +12191,53 @@ class RealtimeStore {
12096
12191
  this.idbDirtyKeys = new Set();
12097
12192
  this.closed = false;
12098
12193
  this.authToken = null;
12194
+ this.isServer = false;
12195
+ this.tokenRefreshTimer = null;
12196
+ // -----------------------------------------------------------------------
12197
+ // WebSocket connection
12198
+ // -----------------------------------------------------------------------
12199
+ this.initPromise = null;
12099
12200
  }
12100
12201
  // -----------------------------------------------------------------------
12101
12202
  // Initialization
12102
12203
  // -----------------------------------------------------------------------
12103
12204
  async init() {
12104
- var _a, _b;
12105
12205
  const config = await getConfig();
12106
12206
  this.appId = config.appId;
12107
12207
  this.wsUrl = config.wsApiUrl;
12108
- if (config.authProvider) {
12109
- try {
12110
- const headers = await ((_b = (_a = config.authProvider).getAuthHeaders) === null || _b === void 0 ? void 0 : _b.call(_a));
12111
- if (headers === null || headers === void 0 ? void 0 : headers.Authorization) {
12112
- this.authToken = headers.Authorization.replace('Bearer ', '');
12113
- }
12114
- }
12115
- catch ( /* no auth */_c) { /* no auth */ }
12208
+ this.isServer = config.isServer;
12209
+ await this.refreshToken();
12210
+ this.startTokenRefresh();
12211
+ }
12212
+ async refreshToken() {
12213
+ try {
12214
+ const { getIdToken } = await Promise.resolve().then(function () { return utils; });
12215
+ const token = await getIdToken(this.isServer);
12216
+ if (token)
12217
+ this.authToken = token;
12116
12218
  }
12219
+ catch ( /* no auth available */_a) { /* no auth available */ }
12220
+ }
12221
+ startTokenRefresh() {
12222
+ if (this.tokenRefreshTimer)
12223
+ return;
12224
+ this.tokenRefreshTimer = setInterval(async () => {
12225
+ var _a;
12226
+ const prevToken = this.authToken;
12227
+ await this.refreshToken();
12228
+ if (this.authToken && this.authToken !== prevToken && ((_a = this.ws) === null || _a === void 0 ? void 0 : _a.readyState) === WebSocket.OPEN) {
12229
+ // Token changed — reconnect with fresh token
12230
+ this.ws.close(1000, 'Token refreshed');
12231
+ }
12232
+ }, 5 * 60 * 1000); // Check every 5 minutes
12117
12233
  }
12118
- // -----------------------------------------------------------------------
12119
- // WebSocket connection
12120
- // -----------------------------------------------------------------------
12121
12234
  async ensureConnected() {
12122
12235
  var _a;
12236
+ if (!this.appId) {
12237
+ if (!this.initPromise)
12238
+ this.initPromise = this.init();
12239
+ await this.initPromise;
12240
+ }
12123
12241
  if (((_a = this.ws) === null || _a === void 0 ? void 0 : _a.readyState) === WebSocket.OPEN)
12124
12242
  return;
12125
12243
  if (this.connectPromise)
@@ -12135,10 +12253,12 @@ class RealtimeStore {
12135
12253
  }
12136
12254
  const params = new URLSearchParams();
12137
12255
  params.set('apiKey', this.appId);
12138
- // Auth token sent via subprotocol to avoid leaking in URL/logs
12256
+ if (this.authToken)
12257
+ params.set('authorization', this.authToken);
12258
+ // Note: token in URL is required until DO server supports subprotocol auth.
12259
+ // WSS encrypts the full URL including query params on the wire.
12139
12260
  const url = `${this.wsUrl}?${params.toString()}`;
12140
- const protocols = this.authToken ? [`bearer-${this.authToken}`] : undefined;
12141
- const ws = protocols ? new WebSocket(url, protocols) : new WebSocket(url);
12261
+ const ws = new WebSocket(url);
12142
12262
  this.ws = ws;
12143
12263
  const onOpen = () => {
12144
12264
  ws.removeEventListener('error', onError);
@@ -12769,6 +12889,8 @@ class RealtimeStore {
12769
12889
  clearTimeout(this.reconnectTimer);
12770
12890
  if (this.idbFlushTimer)
12771
12891
  clearTimeout(this.idbFlushTimer);
12892
+ if (this.tokenRefreshTimer)
12893
+ clearInterval(this.tokenRefreshTimer);
12772
12894
  this.flushIdb();
12773
12895
  if (this.ws) {
12774
12896
  this.ws.close(1000, 'Store closed');
@@ -13142,6 +13264,15 @@ class OffchainAuthProvider {
13142
13264
  async getNativeMethods() {
13143
13265
  return this.wrappedProvider.getNativeMethods();
13144
13266
  }
13267
+ // Forward wallet export to the wrapped provider (only Privy embedded wallets
13268
+ // implement it). Duck-typed so wrappers around non-embedded providers throw
13269
+ // a clear error rather than a "not a function" crash.
13270
+ async exportWallet(address) {
13271
+ if (typeof this.wrappedProvider.exportWallet !== 'function') {
13272
+ throw new Error('Wallet export is not available for this wallet.');
13273
+ }
13274
+ await this.wrappedProvider.exportWallet(address);
13275
+ }
13145
13276
  // ============ signMessage delegates to wrapped provider ============
13146
13277
  async signMessage(message) {
13147
13278
  // Delegate to wrapped provider for real wallet signing
@@ -14112,7 +14243,11 @@ async function login$1(options) {
14112
14243
  return null;
14113
14244
  }
14114
14245
  function getCurrentAuthMethod() {
14115
- return currentAuthMethod;
14246
+ // Fall back to the persisted login method so consumers (e.g. a "show export
14247
+ // wallet" gate) get the correct value synchronously on reload, before init()
14248
+ // has rebuilt the in-memory provider. The stored value is cleared on logout,
14249
+ // so a logged-out user still yields null.
14250
+ return currentAuthMethod !== null && currentAuthMethod !== void 0 ? currentAuthMethod : getStoredAuthMethod();
14116
14251
  }
14117
14252
  async function logout$1() {
14118
14253
  if (!currentAuthProvider) {
@@ -14123,6 +14258,21 @@ async function logout$1() {
14123
14258
  currentAuthProvider = null;
14124
14259
  currentAuthMethod = null;
14125
14260
  }
14261
+ /**
14262
+ * Opens the active provider's wallet-export flow (Privy's hosted modal). Only
14263
+ * embedded (email) wallets implement `exportWallet`; external wallets (Phantom)
14264
+ * throw. The private key is revealed only to the user on Privy's origin — it is
14265
+ * never exposed to this SDK or the host app.
14266
+ */
14267
+ async function exportWallet(address) {
14268
+ if (!currentAuthProvider) {
14269
+ throw new Error("Auth provider not initialized. Please call init() first.");
14270
+ }
14271
+ if (typeof currentAuthProvider.exportWallet !== 'function') {
14272
+ throw new Error("Wallet export is only available for embedded (email) wallets.");
14273
+ }
14274
+ await currentAuthProvider.exportWallet(address);
14275
+ }
14126
14276
 
14127
14277
  let authProviderInstance = null;
14128
14278
  let currentUser = null;
@@ -16799,7 +16949,7 @@ async function loadDependencies() {
16799
16949
  const [reactModule, reactDomModule, phantomModule] = await Promise.all([
16800
16950
  import('react'),
16801
16951
  import('react-dom/client'),
16802
- import('./index-dEUHmDSl.esm.js')
16952
+ import('./index-DSSkK8ZR.esm.js')
16803
16953
  ]);
16804
16954
  // Extract default export from ESM module namespace
16805
16955
  // Dynamic import() returns { default: Module, ...exports }, not the module directly
@@ -21956,6 +22106,25 @@ class PrivyWalletProvider {
21956
22106
  await this.ensureReady();
21957
22107
  return (_a = this.privyMethods) === null || _a === void 0 ? void 0 : _a.usePrivy;
21958
22108
  }
22109
+ /**
22110
+ * Opens Privy's hosted export modal so the user can reveal/copy the private key
22111
+ * for their embedded Solana wallet. The key is assembled on Privy's origin —
22112
+ * neither this SDK nor the host app ever receives it. Only available for Privy
22113
+ * embedded wallets (email login); throws otherwise.
22114
+ */
22115
+ async exportWallet(address) {
22116
+ var _a, _b;
22117
+ await this.ensureReady({ waitForWallets: true });
22118
+ const exportFn = (_b = (_a = this.privyMethods) === null || _a === void 0 ? void 0 : _a.useSolanaWallets) === null || _b === void 0 ? void 0 : _b.exportWallet;
22119
+ if (typeof exportFn !== 'function') {
22120
+ throw new Error('Wallet export is not available for this wallet.');
22121
+ }
22122
+ // Default to the session's embedded wallet address so the correct wallet is
22123
+ // exported in any HD/multi-wallet case; omit to let Privy export index 0.
22124
+ const session = await WebSessionManager.getSession();
22125
+ const target = address !== null && address !== void 0 ? address : session === null || session === void 0 ? void 0 : session.address;
22126
+ await exportFn(target ? { address: target } : undefined);
22127
+ }
21959
22128
  async logout() {
21960
22129
  await this.ensureReady();
21961
22130
  await this.privyMethods.logout();
@@ -23031,7 +23200,7 @@ async function registerMobileWalletAdapter(config) {
23031
23200
  if (typeof window === 'undefined')
23032
23201
  return;
23033
23202
  try {
23034
- const walletStandardMobile = await import('./index.browser-RwalL3F4.esm.js');
23203
+ const walletStandardMobile = await import('./index.browser-AkckBwjb.esm.js');
23035
23204
  const registerMwa = walletStandardMobile.registerMwa || ((_a = walletStandardMobile.default) === null || _a === void 0 ? void 0 : _a.registerMwa);
23036
23205
  if (!registerMwa) {
23037
23206
  console.warn('[SolanaMobileWallet] registerMwa not found in @solana-mobile/wallet-standard-mobile');
@@ -23170,7 +23339,7 @@ class SolanaMobileWalletProvider {
23170
23339
  async ensureWallet() {
23171
23340
  if (this.wallet)
23172
23341
  return this.wallet;
23173
- const mod = await import('./index.browser-RwalL3F4.esm.js');
23342
+ const mod = await import('./index.browser-AkckBwjb.esm.js');
23174
23343
  const chain = mapChainToWalletStandard(this.cluster);
23175
23344
  this.wallet = new mod.LocalSolanaMobileWalletAdapterWallet({
23176
23345
  appIdentity: this.appIdentity,
@@ -24362,5 +24531,5 @@ class PrivyExpoProvider {
24362
24531
  }
24363
24532
  }
24364
24533
 
24365
- export { genSolanaMessage as $, subscribe as A, useAuth as B, deserializeTransaction as C, getIdToken as D, setPlatform as E, getPlatform as F, PrivyWalletProvider as G, DEFAULT_TEST_ADDRESS as H, isMobileWalletAvailable as I, registerMobileWalletAdapter as J, PrivyExpoProvider as K, InsufficientBalanceError as L, MockAuthProvider as M, RealtimeStore as N, OffchainAuthProvider as O, PhantomWalletProvider as P, ServerSessionManager as Q, ReactNativeSessionManager as R, SolanaMobileWalletProvider as S, buildSetDocumentsTransaction as T, clearCache as U, closeAllSubscriptions as V, WebSessionManager as W, convertRemainingAccounts as X, createSessionWithPrivy as Y, createSessionWithSignature as Z, genAuthNonce as _, base58 as a, getCachedData as a0, getMany as a1, getRealtimeStore as a2, hasActiveConnection as a3, reconnectWithNewAuth as a4, refreshSession as a5, resetRealtimeStore as a6, signSessionCreateMessage as a7, wsDelete as a8, wsGet as a9, wsGetMany as aa, wsQuery as ab, wsSet as ac, bufferExports as b, getCurrentUser as c, onAuthLoadingChanged as d, getAuthLoading as e, logout as f, getDefaultExportFromCjs$1 as g, getConfig as h, init as i, getAuthProvider as j, get as k, login as l, setMany as m, setFile as n, onAuthStateChanged as o, getFiles as p, runQueryMany as q, runQuery as r, set as s, runExpression as t, runExpressionMany as u, signMessage as v, signTransaction as w, signAndSubmitTransaction as x, count as y, aggregate as z };
24366
- //# sourceMappingURL=index-6iINLG88.esm.js.map
24534
+ export { convertRemainingAccounts as $, signTransaction as A, signAndSubmitTransaction as B, count as C, aggregate as D, subscribe as E, useAuth as F, deserializeTransaction as G, getIdToken as H, setPlatform as I, getPlatform as J, PrivyWalletProvider as K, DEFAULT_TEST_ADDRESS as L, MockAuthProvider as M, isMobileWalletAvailable as N, OffchainAuthProvider as O, PhantomWalletProvider as P, registerMobileWalletAdapter as Q, PrivyExpoProvider as R, SolanaMobileWalletProvider as S, InsufficientBalanceError as T, ReactNativeSessionManager as U, RealtimeStore as V, ServerSessionManager as W, WebSessionManager as X, buildSetDocumentsTransaction as Y, clearCache as Z, closeAllSubscriptions as _, base58 as a, createSessionWithPrivy as a0, createSessionWithSignature as a1, genAuthNonce as a2, genSolanaMessage as a3, getCachedData as a4, getMany as a5, getRealtimeStore as a6, hasActiveConnection as a7, reconnectWithNewAuth as a8, refreshSession as a9, resetRealtimeStore as aa, signSessionCreateMessage as ab, wsDelete as ac, wsGet as ad, wsGetMany as ae, wsQuery as af, wsSet as ag, bufferExports as b, commonjsRequire as c, getCurrentUser as d, onAuthLoadingChanged as e, getAuthLoading as f, getDefaultExportFromCjs$1 as g, logout as h, init as i, getConfig as j, getAuthProvider as k, login as l, getCurrentAuthMethod as m, exportWallet as n, onAuthStateChanged as o, get as p, setMany as q, require$$0 as r, set as s, setFile as t, getFiles as u, runQuery as v, runQueryMany as w, runExpression as x, runExpressionMany as y, signMessage as z };
24535
+ //# sourceMappingURL=index-Cnx5UBPU.esm.js.map