@portal-hq/web 3.6.2-alpha → 3.7.0

package/src/index.ts

@@ -17,9 +17,10 @@ import {
   NFTAsset,
   OrgBackupShares,
   SendAssetParams,
-  SendAssetResponse,
   type BackupConfigs,
+  type BackupOptions,
   type BackupResponse,
+  type BackupShareResult,
   type Balance,
   type ClientResponse,
   type ClientResponseWallet,
@@ -29,6 +30,7 @@ import {
   type GDriveConfig,
   type NFT,
   type PasskeyConfig,
+  type PasskeyOptions,
   type PortalOptions,
   type ProgressCallback,
   type QuoteArgs,
@@ -45,6 +47,9 @@ import Mpc from './mpc'
 import Provider, { RequestMethod } from './provider'
 import Yield from './integrations/yield'
 import Trading from './integrations/trading'
+import Security from './integrations/security'
+import PasskeyService from './passkeys'
+
 
 class Portal {
   public address?: string
@@ -58,6 +63,7 @@ class Portal {
   public mpc: Mpc
   public yield: Yield
   public trading: Trading
+  public security: Security
   public mpcHost: string
   public mpcVersion: string
   public provider: Provider
@@ -66,6 +72,8 @@ class Portal {
   private errorCallbacks: ((reason: string) => any | Promise<any>)[] = []
   private rpcConfig: RpcConfig
   private readyCallbacks: (() => any | Promise<any>)[] = []
+  private passkeyService?: PasskeyService
+  private passkeyServiceDefaultDomain?: string
 
   public get ready() {
     return this.mpc.ready
@@ -113,6 +121,8 @@ class Portal {
 
     this.trading = new Trading({ mpc: this.mpc })
 
+    this.security = new Security({ mpc: this.mpc })
+
     this.provider = new Provider({
       portal: this,
       chainId: chainId ? Number(chainId) : undefined,
@@ -192,6 +202,141 @@ class Portal {
     return address
   }
 
+  public async generateBackupShare(
+    progress: ProgressCallback = () => {
+      // Noop
+    },
+  ): Promise<BackupShareResult> {
+    const response = await this.mpc.backup(
+      {
+        backupMethod: BackupMethods.custom,
+        backupConfigs: {},
+        host: this.host,
+        mpcVersion: this.mpcVersion,
+        featureFlags: this.featureFlags,
+      },
+      progress,
+    )
+
+    if (!response.encryptionKey) {
+      throw new Error(
+        '[Portal] Custom backup did not return an encryption key. Please ensure you are using the latest iframe bundle.',
+      )
+    }
+
+    return {
+      cipherText: response.cipherText,
+      encryptionKey: response.encryptionKey,
+    }
+  }
+
+  public async registerPasskeyAndStoreEncryptionKey(
+    cipherText: string,
+    encryptionKey: string,
+    options: PasskeyOptions = {},
+  ): Promise<void> {
+    const { service, customDomain, relyingPartyId, relyingPartyName } =
+      this.resolvePasskeyOptions(options)
+
+    await service.registerPasskeyAndStoreKey({
+      customDomain,
+      relyingPartyName,
+      encryptionKey,
+      relyingPartyId,
+      cipherText,
+    })
+  }
+
+  public async authenticatePasskeyAndRetrieveKey(
+    options: PasskeyOptions = {},
+  ): Promise<string> {
+    const { service, customDomain, relyingPartyId, relyingPartyName } =
+      this.resolvePasskeyOptions(options)
+
+    return await service.authenticatePasskeyAndRetrieveKey({
+      customDomain,
+      relyingPartyName,
+      relyingPartyId,
+    })
+  }
+
+  /**
+   * Register a passkey without tying it to an encryption key.
+   * The encryption key can be stored later using authenticatePasskeyAndWriteKey.
+   */
+  public async registerPasskey(
+    options: PasskeyOptions = {},
+  ): Promise<void> {
+    const { service, customDomain, relyingPartyId, relyingPartyName } =
+      this.resolvePasskeyOptions(options)
+
+    await service.registerPasskey({
+      customDomain,
+      relyingPartyName,
+      relyingPartyId,
+    })
+  }
+
+  /**
+   * Authenticate with passkey and store an encryption key.
+   * Used after registerPasskey to associate an encryption key with the passkey.
+   */
+  public async authenticatePasskeyAndWriteKey(
+    encryptionKey: string,
+    options: PasskeyOptions = {},
+  ): Promise<void> {
+    const { service, customDomain, relyingPartyId, relyingPartyName } =
+      this.resolvePasskeyOptions(options)
+
+    await service.authenticatePasskeyAndWriteKey({
+      customDomain,
+      relyingPartyName,
+      relyingPartyId,
+      encryptionKey,
+    })
+  }
+
+  public async backupWithPasskey(
+    options: BackupOptions = {},
+    progress: ProgressCallback = () => {
+      // Noop
+    },
+  ): Promise<void> {
+    const {
+      usePopup = true,
+      customDomain,
+      relyingPartyName,
+      backupMethod = BackupMethods.passkey,
+    } = options
+
+    if (usePopup) {
+      await this.backupWallet(backupMethod, progress, {})
+      return
+    }
+
+    if (backupMethod !== BackupMethods.passkey) {
+      throw new Error(
+        `[Portal] Direct passkey backup currently supports only BackupMethods.passkey (received ${backupMethod}).`,
+      )
+    }
+
+    const { cipherText, encryptionKey } = await this.generateBackupShare(
+      progress,
+    )
+
+    await this.registerPasskeyAndStoreEncryptionKey(
+      cipherText,
+      encryptionKey,
+      {
+        customDomain,
+        relyingPartyName,
+        usePopup,
+      },
+    )
+
+    await this.storedClientBackupShare(true, BackupMethods.passkey)
+  }
+
   public async backupWallet(
     backupMethod: BackupMethods,
     progress: ProgressCallback = () => {
@@ -441,7 +586,7 @@ class Portal {
   public async sendAsset(
     chain: string,
     params: SendAssetParams,
-  ): Promise<SendAssetResponse> {
+  ): Promise<string> {
     try {
       // Convert the chain to a chain ID
       const chainId = this.convertChainToChainId(chain)
@@ -465,6 +610,7 @@ class Portal {
             chainId,
             method: 'eth_sendTransaction',
             params: [buildTxResponse.transaction],
+            sponsorGas: params.sponsorGas,
           })
           break
         }
@@ -473,6 +619,7 @@ class Portal {
             chainId,
             method: 'sol_signAndSendTransaction',
             params: [buildTxResponse.transaction],
+            sponsorGas: params.sponsorGas,
           })
           break
         }
@@ -899,7 +1046,7 @@ class Portal {
     args: QuoteArgs,
     chainId: string,
   ): Promise<QuoteResponse> {
-    return this.mpc?.getQuote(apiKey, args, chainId)
+    return this.mpc?.getQuote(chainId, args, apiKey)
   }
 
   /**
@@ -909,7 +1056,7 @@ class Portal {
     apiKey: string,
     chainId: string,
   ): Promise<Record<string, string>> {
-    return this.mpc?.getSources(apiKey, chainId)
+    return this.mpc?.getSources(chainId, apiKey)
   }
 
   /*******************************
@@ -1030,6 +1177,66 @@ class Portal {
 
     return chainId
   }
+
+  private ensurePasskeyService(): PasskeyService {
+    const defaultDomain = this.getDefaultPasskeyDomain()
+
+    if (
+      !this.passkeyService ||
+      this.passkeyServiceDefaultDomain !== defaultDomain
+    ) {
+      this.passkeyService = new PasskeyService({
+        defaultDomain,
+        getJwt: () => this.mpc!.getPasskeyJwt(),
+      })
+      this.passkeyServiceDefaultDomain = defaultDomain
+    }
+
+    return this.passkeyService
+  }
+
+  private getDefaultPasskeyDomain(): string {
+    return this.passkeyConfig?.webAuthnHost ?? 'backup.web.portalhq.io'
+  }
+
+  private extractRpId(domain?: string): string {
+    const targetDomain = domain ?? this.getDefaultPasskeyDomain()
+
+    try {
+      const normalized = targetDomain.startsWith('http')
+        ? targetDomain
+        : `https://${targetDomain}`
+      return new URL(normalized).hostname
+    } catch {
+      return targetDomain
+    }
+  }
+
+  private resolvePasskeyOptions(options: PasskeyOptions): {
+    service: PasskeyService
+    customDomain: string | undefined
+    relyingPartyId: string
+    relyingPartyName: string
+  } {
+    if (options.usePopup) {
+      throw new Error(
+        '[Portal] This method does not support the popup flow. Use usePopup: false.',
+      )
+    }
+
+    const service = this.ensurePasskeyService()
+    const domain = options.customDomain ?? this.getDefaultPasskeyDomain()
+    const relyingPartyId = options.relyingPartyId ?? this.extractRpId(domain)
+    const relyingPartyName =
+      options.relyingPartyName ?? this.passkeyConfig?.relyingParty ?? 'Portal'
+
+    return {
+      service,
+      customDomain: options.customDomain,
+      relyingPartyId,
+      relyingPartyName,
+    }
+  }
 }
 
 export {
@@ -1079,6 +1286,7 @@ export enum BackupMethods {
   gdrive = 'GDRIVE',
   password = 'PASSWORD',
   passkey = 'PASSKEY',
+  custom = 'CUSTOM',
   unknown = 'UNKNOWN',
 }
 

package/src/integrations/security/hypernative/index.test.ts

@@ -0,0 +1,196 @@
+/**
+ * @jest-environment jsdom
+ */
+
+import Hypernative from '.'
+import Mpc from '../../../mpc'
+import portalMock from '../../../__mocks/portal/portal'
+import {
+  mockHost,
+  mockScanAddressesRequest,
+  mockScanAddressesResponse,
+  mockScanEVMTxRequest,
+  mockScanEVMTxResponse,
+  mockScanEip712TxRequest,
+  mockScanEip712TxResponse,
+  mockScanSolanaTxRequest,
+  mockScanSolanaTxResponse,
+  mockScanNftRequest,
+  mockScanNftResponse,
+  mockScanTokenRequest,
+  mockScanTokenResponse,
+  mockScanUrlRequest,
+  mockScanUrlResponse,
+} from '../../../__mocks/constants'
+
+describe('Hypernative', () => {
+  let hypernative: Hypernative
+  let mpc: Mpc
+
+  beforeEach(() => {
+    jest.clearAllMocks()
+
+    portalMock.host = mockHost
+    mpc = new Mpc({
+      portal: portalMock,
+    })
+
+    hypernative = new Hypernative({ mpc })
+  })
+
+  describe('scanEVMTx', () => {
+    it('should call mpc.scanEVMTx with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanEVMTx')
+        .mockResolvedValue(mockScanEVMTxResponse)
+
+      const result = await hypernative.scanEVMTx(mockScanEVMTxRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanEVMTxRequest)
+      expect(result).toEqual(mockScanEVMTxResponse)
+    })
+
+    it('should propagate errors from mpc.scanEVMTx', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanEVMTx').mockRejectedValue(error)
+
+      await expect(
+        hypernative.scanEVMTx(mockScanEVMTxRequest),
+      ).rejects.toThrow('Test error')
+    })
+  })
+
+  describe('scanEip712Tx', () => {
+    it('should call mpc.scanEip712Tx with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanEip712Tx')
+        .mockResolvedValue(mockScanEip712TxResponse)
+
+      const result = await hypernative.scanEip712Tx(mockScanEip712TxRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanEip712TxRequest)
+      expect(result).toEqual(mockScanEip712TxResponse)
+    })
+
+    it('should propagate errors from mpc.scanEip712Tx', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanEip712Tx').mockRejectedValue(error)
+
+      await expect(
+        hypernative.scanEip712Tx(mockScanEip712TxRequest),
+      ).rejects.toThrow('Test error')
+    })
+  })
+
+  describe('scanSolanaTx', () => {
+    it('should call mpc.scanSolanaTx with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanSolanaTx')
+        .mockResolvedValue(mockScanSolanaTxResponse)
+
+      const result = await hypernative.scanSolanaTx(mockScanSolanaTxRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanSolanaTxRequest)
+      expect(result).toEqual(mockScanSolanaTxResponse)
+    })
+
+    it('should propagate errors from mpc.scanSolanaTx', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanSolanaTx').mockRejectedValue(error)
+
+      await expect(
+        hypernative.scanSolanaTx(mockScanSolanaTxRequest),
+      ).rejects.toThrow('Test error')
+    })
+  })
+
+  describe('scanAddresses', () => {
+    it('should call mpc.scanAddresses with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanAddresses')
+        .mockResolvedValue(mockScanAddressesResponse)
+
+      const { addresses, ...options } = mockScanAddressesRequest
+      const result = await hypernative.scanAddresses(addresses, options)
+
+      expect(spy).toHaveBeenCalledWith(mockScanAddressesRequest)
+      expect(result).toEqual(mockScanAddressesResponse)
+    })
+
+    it('should propagate errors from mpc.scanAddresses', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanAddresses').mockRejectedValue(error)
+
+      const { addresses, ...options } = mockScanAddressesRequest
+      await expect(
+        hypernative.scanAddresses(addresses, options),
+      ).rejects.toThrow('Test error')
+    })
+  })
+
+  describe('scanNFTs', () => {
+    it('should call mpc.scanNFTs with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanNFTs')
+        .mockResolvedValue(mockScanNftResponse)
+
+      const result = await hypernative.scanNFTs(mockScanNftRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanNftRequest)
+      expect(result).toEqual(mockScanNftResponse)
+    })
+
+    it('should propagate errors from mpc.scanNFTs', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanNFTs').mockRejectedValue(error)
+
+      await expect(hypernative.scanNFTs(mockScanNftRequest)).rejects.toThrow(
+        'Test error',
+      )
+    })
+  })
+
+  describe('scanTokens', () => {
+    it('should call mpc.scanTokens with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanTokens')
+        .mockResolvedValue(mockScanTokenResponse)
+
+      const result = await hypernative.scanTokens(mockScanTokenRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanTokenRequest)
+      expect(result).toEqual(mockScanTokenResponse)
+    })
+
+    it('should propagate errors from mpc.scanTokens', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanTokens').mockRejectedValue(error)
+
+      await expect(
+        hypernative.scanTokens(mockScanTokenRequest),
+      ).rejects.toThrow('Test error')
+    })
+  })
+
+  describe('scanURL', () => {
+    it('should call mpc.scanUrl with the correct arguments', async () => {
+      const spy = jest
+        .spyOn(mpc, 'scanUrl')
+        .mockResolvedValue(mockScanUrlResponse)
+
+      const result = await hypernative.scanURL(mockScanUrlRequest)
+
+      expect(spy).toHaveBeenCalledWith(mockScanUrlRequest)
+      expect(result).toEqual(mockScanUrlResponse)
+    })
+
+    it('should propagate errors from mpc.scanUrl', async () => {
+      const error = new Error('Test error')
+      jest.spyOn(mpc, 'scanUrl').mockRejectedValue(error)
+
+      await expect(hypernative.scanURL(mockScanUrlRequest)).rejects.toThrow(
+        'Test error',
+      )
+    })
+  })
+})

package/src/integrations/security/hypernative/index.ts

@@ -0,0 +1,106 @@
+import Mpc from '../../../mpc'
+import {
+  ScreenAddressApiResponse,
+  ScanEVMRequest,
+  ScanEVMResponse,
+  ScanEip712Request,
+  ScanEip712Response,
+  ScanSolanaRequest,
+  ScanSolanaResponse,
+  ScanNftsRequest,
+  ScanNftsResponse,
+  ScanTokensRequest,
+  ScanTokensResponse,
+  ScanUrlRequest,
+  ScanUrlResponse,
+  ScreenAddressRequestOptions,
+} from '../../../../hypernative'
+
+export default class Hypernative {
+  private mpc: Mpc
+
+  constructor({ mpc }: { mpc: Mpc }) {
+    this.mpc = mpc
+  }
+
+  /**
+   * Scans an EIP-155 transaction for security risks.
+   * @param data - The parameters for the EIP-155 transaction scan request.
+   * @returns A `ScanEVMResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanEVMTx(
+    data: ScanEVMRequest,
+  ): Promise<ScanEVMResponse> {
+    return this.mpc?.scanEVMTx(data)
+  }
+
+  /**
+   * Scans an EIP-712 typed message for security risks.
+   * @param data - The parameters for the EIP-712 message scan request.
+   * @returns A `ScanEip712Response` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanEip712Tx(
+    data: ScanEip712Request,
+  ): Promise<ScanEip712Response> {
+    return this.mpc?.scanEip712Tx(data)
+  }
+
+  /**
+   * Scans a Solana transaction for security risks.
+   * @param data - The parameters for the Solana transaction scan request.
+   * @returns A `ScanSolanaResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanSolanaTx(
+    data: ScanSolanaRequest,
+  ): Promise<ScanSolanaResponse> {
+    return this.mpc?.scanSolanaTx(data)
+  }
+
+  /**
+   * Scans addresses for security risks and flags.
+   * @param data - The parameters for the address scan request.
+   * @returns A `ScreenAddressApiResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanAddresses(
+    addresses: string[],
+    options?: ScreenAddressRequestOptions,
+  ): Promise<ScreenAddressApiResponse> {
+    return this.mpc?.scanAddresses({ addresses, ...options })
+  }
+
+  /**
+   * Scans NFTs for security risks.
+   * @param data - The parameters for the NFT scan request.
+   * @returns A `ScanNftResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanNFTs(nfts: ScanNftsRequest): Promise<ScanNftsResponse> {
+    return this.mpc?.scanNFTs(nfts)
+  }
+
+  /**
+   * Scans tokens for security risks.
+   * @param data - The parameters for the token scan request.
+   * @returns A `ScanTokenResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanTokens(
+    tokens: ScanTokensRequest,
+  ): Promise<ScanTokensResponse> {
+    return this.mpc?.scanTokens(tokens)
+  }
+
+  /**
+   * Scans a URL for malicious content.
+   * @param data - The parameters for the URL scan request.
+   * @returns A `ScanUrlResponse` promise.
+   * @throws An error if the operation fails.
+   */
+  public async scanURL(url: ScanUrlRequest): Promise<ScanUrlResponse> {
+    return this.mpc?.scanUrl(url)
+  }
+}

package/src/integrations/security/index.ts

@@ -0,0 +1,14 @@
+import Mpc from '../../mpc'
+import Hypernative from './hypernative'
+
+/**
+ * This class is a container for the Hypernative class.
+ * In the future, Security domain logic should be here.
+ */
+export default class Security {
+  public hypernative: Hypernative
+
+  constructor({ mpc }: { mpc: Mpc }) {
+    this.hypernative = new Hypernative({ mpc })
+  }
+}