@portal-hq/web 3.6.2-alpha → 3.7.0

package/src/mpc/index.ts

@@ -67,8 +67,33 @@ import {
   LifiStepTransactionRequest,
   LifiStepTransactionResponse,
 } from '../../lifi-types'
-
-const WEB_SDK_VERSION = '3.6.2-alpha'
+import {
+  ZeroExOptions,
+  ZeroExPriceRequest,
+  ZeroExPriceResponse,
+  ZeroExQuoteRequest,
+  ZeroExQuoteResponse,
+  ZeroExSourcesRequest,
+  ZeroExSourcesResponse,
+} from '../../zero-x'
+import {
+  ScreenAddressApiResponse,
+  ScanEVMRequest,
+  ScanEVMResponse,
+  ScanEip712Request,
+  ScanEip712Response,
+  ScanSolanaRequest,
+  ScanSolanaResponse,
+  ScanNftsRequest,
+  ScanNftsResponse,
+  ScanTokensRequest,
+  ScanTokensResponse,
+  ScanUrlRequest,
+  ScanUrlResponse,
+  ScreenAddressRequestOptions,
+} from '../../hypernative'
+
+const WEB_SDK_VERSION = '3.7.0'
 
 class Mpc {
   public iframe?: HTMLIFrameElement
@@ -135,16 +160,21 @@ class Mpc {
           window.removeEventListener('message', handleBackup)
           window.removeEventListener('message', handleProgress)
 
+          const resultData = result as Record<string, unknown>
+          const backupIds = Array.isArray(resultData.backupIds)
+            ? (resultData.backupIds as string[])
+            : []
           const storageCallback = async () => {
-            await this.setBackupStatus(
-              'STORED_CLIENT_BACKUP_SHARE',
-              result.backupIds as string[],
-            )
+            await this.setBackupStatus('STORED_CLIENT_BACKUP_SHARE', backupIds)
           }
 
           // Resolve the promise with the result
           resolve({
-            cipherText: result.cipherText,
+            cipherText: resultData.cipherText as string,
+            encryptionKey:
+              typeof resultData.encryptionKey === 'string'
+                ? (resultData.encryptionKey as string)
+                : undefined,
             storageCallback,
           })
         }
@@ -837,9 +867,9 @@ class Mpc {
   }
 
   public async getQuote(
-    apiKey: string,
-    args: QuoteArgs,
     chainId: string,
+    args: QuoteArgs,
+    apiKey?: string,
   ): Promise<QuoteResponse> {
     return new Promise((resolve, reject) => {
       const handleGetQuote = (event: MessageEvent<WorkerResult>) => {
@@ -881,8 +911,8 @@ class Mpc {
   }
 
   public async getSources(
-    apiKey: string,
     chainId: string,
+    apiKey?: string,
   ): Promise<Record<string, string>> {
     return new Promise((resolve, reject) => {
       const handleGetSources = (event: MessageEvent<WorkerResult>) => {
@@ -1350,6 +1380,119 @@ class Mpc {
     })
   }
 
+  public async getSwapsQuoteV2(
+    data: ZeroExQuoteRequest,
+    options?: ZeroExOptions,
+  ): Promise<ZeroExQuoteResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:swaps:getQuoteV2',
+      errorMessage: 'portal:swaps:getQuoteV2Error',
+      resultMessage: 'portal:swaps:getQuoteV2Result',
+      data: { ...data, options },
+    })
+  }
+
+  public async getSwapsSourcesV2(
+    data: ZeroExSourcesRequest,
+    options?: ZeroExOptions,
+  ): Promise<ZeroExSourcesResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:swaps:getSourcesV2',
+      errorMessage: 'portal:swaps:getSourcesV2Error',
+      resultMessage: 'portal:swaps:getSourcesV2Result',
+      data: { ...data, options },
+    })
+  }
+
+  public async getSwapsPrice(
+    data: ZeroExPriceRequest,
+    options?: ZeroExOptions,
+  ): Promise<ZeroExPriceResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:swaps:getPrice',
+      errorMessage: 'portal:swaps:getPriceError',
+      resultMessage: 'portal:swaps:getPriceResult',
+      data: { ...data, options },
+    })
+  }
+
+  /*******************************
+   * Security Methods
+   *******************************/
+
+  public async scanAddresses(
+    data: { addresses: string[] } & ScreenAddressRequestOptions,
+  ): Promise<ScreenAddressApiResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanAddresses',
+      errorMessage: 'portal:security:scanAddressesError',
+      resultMessage: 'portal:security:scanAddressesResult',
+      data,
+    })
+  }
+
+  public async scanEVMTx(
+    data: ScanEVMRequest,
+  ): Promise<ScanEVMResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanEVMTx',
+      errorMessage: 'portal:security:scanEVMTxError',
+      resultMessage: 'portal:security:scanEVMTxResult',
+      data,
+    })
+  }
+
+  public async scanEip712Tx(
+    data: ScanEip712Request,
+  ): Promise<ScanEip712Response> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanEip712Tx',
+      errorMessage: 'portal:security:scanEip712TxError',
+      resultMessage: 'portal:security:scanEip712TxResult',
+      data,
+    })
+  }
+
+  public async scanSolanaTx(
+    data: ScanSolanaRequest,
+  ): Promise<ScanSolanaResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanSolanaTx',
+      errorMessage: 'portal:security:scanSolanaTxError',
+      resultMessage: 'portal:security:scanSolanaTxResult',
+      data,
+    })
+  }
+
+  public async scanNFTs(nfts: ScanNftsRequest): Promise<ScanNftsResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanNfts',
+      errorMessage: 'portal:security:scanNftsError',
+      resultMessage: 'portal:security:scanNftsResult',
+      data: nfts,
+    })
+  }
+
+  public async scanTokens(
+    tokens: ScanTokensRequest,
+  ): Promise<ScanTokensResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanTokens',
+      errorMessage: 'portal:security:scanTokensError',
+      resultMessage: 'portal:security:scanTokensResult',
+      data: tokens,
+    })
+  }
+
+  public async scanUrl(url: ScanUrlRequest): Promise<ScanUrlResponse> {
+    return this.handleRequestToIframeAndPost({
+      methodMessage: 'portal:security:scanUrl',
+      errorMessage: 'portal:security:scanUrlError',
+      resultMessage: 'portal:security:scanUrlResult',
+      data: { url },
+    })
+  }
+
   /***************************
    * Private Methods
    ***************************/
@@ -1457,6 +1600,53 @@ class Mpc {
     return origin
   }
 
+  /**
+   * Fetches a scoped JWT for passkey operations from the iframe.
+   * The JWT has only "passkey" permission, reducing blast radius if compromised.
+   */
+  public async getPasskeyJwt(): Promise<string> {
+    return new Promise((resolve, reject) => {
+      const handleResult = (event: MessageEvent) => {
+        const { type, data } = event.data
+        const { origin } = event
+
+        // ignore any broadcast postMessages
+        if (origin !== this.getOrigin()) {
+          return
+        }
+
+        if (type === 'portal:getPasskeyJwtResult') {
+          window.removeEventListener('message', handleResult)
+          window.removeEventListener('message', handleError)
+          resolve(data.token)
+        }
+      }
+
+      const handleError = (event: MessageEvent) => {
+        const { type, data } = event.data
+        const { origin } = event
+
+        if (origin !== this.getOrigin()) {
+          return
+        }
+
+        if (type === 'portal:getPasskeyJwtError') {
+          window.removeEventListener('message', handleResult)
+          window.removeEventListener('message', handleError)
+          reject(new Error(data.message))
+        }
+      }
+
+      window.addEventListener('message', handleResult)
+      window.addEventListener('message', handleError)
+
+      this.postMessage({
+        type: 'portal:getPasskeyJwt',
+        data: {},
+      })
+    })
+  }
+
   private postMessage(event: { type: string; data: any }) {
     this.iframe?.contentWindow?.postMessage(event, this.getOrigin())
   }