@rhinestone/sdk 1.0.0-alpha.2 → 1.0.0-alpha.21

package/dist/src/actions/index.d.ts

@@ -1,29 +1,167 @@
-import { Address, Chain } from 'viem';
-import { RhinestoneAccount } from '..';
-import { WebauthnCredential } from '../modules/validators/core';
-import { Call, OwnerSet, Recovery } from '../types';
-import { trustAttester } from './registry';
+import { type Address, type Chain, type Hex } from 'viem';
+import type { RhinestoneAccount } from '..';
+import { type WebauthnCredential } from '../modules/validators/core';
+import type { Call, OwnableValidatorConfig, OwnerSet, ProviderConfig, Recovery, WebauthnValidatorConfig } from '../types';
 import { encodeSmartSessionSignature } from './smart-session';
+/**
+ * Set up social recovery
+ * @param rhinestoneAccount Account to set up social recovery on
+ * @param guardians Guardians to use for recovery
+ * @param threshold Threshold for the guardians
+ * @returns Calls to set up social recovery
+ */
 declare function setUpRecovery({ rhinestoneAccount, guardians, threshold, }: {
     rhinestoneAccount: RhinestoneAccount;
 } & Recovery): Call[];
-declare function recover(address: Address, newOwners: OwnerSet, chain: Chain): Promise<Call[]>;
+/**
+ * Recover an account's ownership
+ * @param address Account address
+ * @param newOwners New owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ * @deprecated Use `recoverEcdsaOwnership` or `recoverPasskeyOwnership` instead
+ */
+declare function recover(address: Address, newOwners: OwnerSet, chain: Chain, provider?: ProviderConfig): Promise<Call[]>;
+/**
+ * Enable ECDSA authentication
+ * @param rhinestoneAccount Account to enable ECDSA authentication on
+ * @param owners Owners to use for authentication
+ * @param threshold Threshold for the owners
+ * @returns Calls to enable ECDSA authentication
+ */
 declare function enableEcdsa({ rhinestoneAccount, owners, threshold, }: {
     rhinestoneAccount: RhinestoneAccount;
     owners: Address[];
     threshold?: number;
 }): Call[];
+/**
+ * Enable passkeys authentication
+ * @param rhinestoneAccount Account to enable passkeys authentication on
+ * @param pubKey Public key for the passkey
+ * @param authenticatorId Authenticator ID for the passkey
+ * @returns Calls to enable passkeys authentication
+ */
 declare function enablePasskeys({ rhinestoneAccount, pubKey, authenticatorId, }: {
     rhinestoneAccount: RhinestoneAccount;
 } & WebauthnCredential): Call[];
+/**
+ * Disable ECDSA authentication
+ * @param rhinestoneAccount Account to disable ECDSA authentication on
+ * @returns Calls to disable ECDSA authentication
+ */
 declare function disableEcdsa({ rhinestoneAccount, }: {
     rhinestoneAccount: RhinestoneAccount;
 }): Call[];
+/**
+ * Disable passkeys (WebAuthn) authentication
+ * @param rhinestoneAccount Account to disable passkeys authentication on
+ * @returns Calls to disable passkeys authentication
+ */
 declare function disablePasskeys({ rhinestoneAccount, }: {
     rhinestoneAccount: RhinestoneAccount;
 }): Call[];
+/**
+ * Add an ECDSA owner
+ * @param owner Owner address
+ * @returns Call to add the owner
+ */
 declare function addOwner(owner: Address): Call;
+/**
+ * Remove an ECDSA owner
+ * @param prevOwner Previous owner address
+ * @param ownerToRemove Owner to remove
+ * @returns Call to remove the owner
+ */
 declare function removeOwner(prevOwner: Address, ownerToRemove: Address): Call;
+/**
+ * Change an account's signer threshold (ECDSA)
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
 declare function changeThreshold(newThreshold: number): Call;
-export { enableEcdsa, enablePasskeys, disableEcdsa, disablePasskeys, addOwner, removeOwner, changeThreshold, recover, setUpRecovery, encodeSmartSessionSignature, trustAttester, };
+/**
+ * Add a passkey owner
+ * @param pubKeyX Public key X
+ * @param pubKeyY Public key Y
+ * @param requireUserVerification Whether to require user verification
+ * @returns Call to add the passkey owner
+ */
+declare function addPasskeyOwner(pubKeyX: bigint, pubKeyY: bigint, requireUserVerification: boolean): Call;
+/**
+ * Remove a passkey owner
+ * @param pubKeyX Public key X
+ * @param pubKeyY Public key Y
+ * @returns Call to remove the passkey owner
+ */
+declare function removePasskeyOwner(pubKeyX: bigint, pubKeyY: bigint): Call;
+/**
+ * Change an account's signer threshold (passkey)
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
+declare function changePasskeyThreshold(newThreshold: number): Call;
+/**
+ * Recover an account's ownership (ECDSA)
+ * @param address Account address
+ * @param newOwners New owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ */
+declare function recoverEcdsaOwnership(address: Address, newOwners: OwnableValidatorConfig, chain: Chain, provider?: ProviderConfig, validatorAddress?: Address): Promise<Call[]>;
+/**
+ * Recover an account's ownership (Passkey)
+ * @param address Account address
+ * @param oldCredentials Old credentials to be replaced (with pubKeyX, pubKeyY)
+ * @param newOwners New passkey owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ */
+declare function recoverPasskeyOwnership(address: Address, oldCredentials: {
+    pubKeyX: bigint;
+    pubKeyY: bigint;
+}[], newOwners: WebauthnValidatorConfig, chain: Chain, provider?: ProviderConfig): Promise<Call[]>;
+/**
+ * Enable multi-factor authentication
+ * @param rhinestoneAccount Account to enable multi-factor authentication on
+ * @param validators List of validators to use
+ * @param threshold Threshold for the validators
+ * @returns Calls to enable multi-factor authentication
+ */
+declare function enableMultiFactor({ rhinestoneAccount, validators, threshold, }: {
+    rhinestoneAccount: RhinestoneAccount;
+    validators: (OwnableValidatorConfig | WebauthnValidatorConfig | null)[];
+    threshold?: number;
+}): Call[];
+/**
+ * Disable multi-factor authentication
+ * @param rhinestoneAccount Account to disable multi-factor authentication on
+ * @returns Calls to disable multi-factor authentication
+ */
+declare function disableMultiFactor({ rhinestoneAccount, }: {
+    rhinestoneAccount: RhinestoneAccount;
+}): Call[];
+/**
+ * Change the multi-factor threshold
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
+declare function changeMultiFactorThreshold(newThreshold: number): Call;
+/**
+ * Set a sub-validator (multi-factor)
+ * @param id Validator ID
+ * @param validator Validator module
+ * @returns Call to set the sub-validator
+ */
+declare function setSubValidator(id: Hex | number, validator: OwnableValidatorConfig | WebauthnValidatorConfig): Call;
+/**
+ * Remove a sub-validator (multi-factor)
+ * @param id Validator ID
+ * @param validator Validator module
+ * @returns Call to remove the sub-validator
+ */
+declare function removeSubValidator(id: Hex | number, validator: OwnableValidatorConfig | WebauthnValidatorConfig): Call;
+export { enableEcdsa, enablePasskeys, disableEcdsa, disablePasskeys, addOwner, removeOwner, changeThreshold, addPasskeyOwner, removePasskeyOwner, changePasskeyThreshold, recover, recoverEcdsaOwnership, recoverPasskeyOwnership, setUpRecovery, encodeSmartSessionSignature, enableMultiFactor, disableMultiFactor, changeMultiFactorThreshold, setSubValidator, removeSubValidator, };
 //# sourceMappingURL=index.d.ts.map

package/dist/src/actions/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../actions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,OAAO,EACP,KAAK,EAIN,MAAM,MAAM,CAAA;AAEb,OAAO,EAAE,iBAAiB,EAAE,MAAM,IAAI,CAAA;AAKtC,OAAO,EAKL,kBAAkB,EACnB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,IAAI,EAA0B,QAAQ,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AAE3E,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAC1C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iBAAiB,CAAA;AAE7D,iBAAS,aAAa,CAAC,EACrB,iBAAiB,EACjB,SAAS,EACT,SAAa,GACd,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,GAAG,QAAQ,UAIX;AAED,iBAAe,OAAO,CACpB,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,QAAQ,EACnB,KAAK,EAAE,KAAK,GACX,OAAO,CAAC,IAAI,EAAE,CAAC,CASjB;AAED,iBAAS,WAAW,CAAC,EACnB,iBAAiB,EACjB,MAAM,EACN,SAAa,GACd,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,MAAM,EAAE,OAAO,EAAE,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,UAOA;AAED,iBAAS,cAAc,CAAC,EACtB,iBAAiB,EACjB,MAAM,EACN,eAAe,GAChB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,GAAG,kBAAkB,UAIrB;AAED,iBAAS,YAAY,CAAC,EACpB,iBAAiB,GAClB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,UAOA;AAED,iBAAS,eAAe,CAAC,EACvB,iBAAiB,GAClB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,UASA;AAED,iBAAS,QAAQ,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI,CAiBtC;AAED,iBAAS,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,GAAG,IAAI,CAoBrE;AAED,iBAAS,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAmBnD;AA+GD,OAAO,EACL,WAAW,EACX,cAAc,EACd,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,WAAW,EACX,eAAe,EACf,OAAO,EACP,aAAa,EACb,2BAA2B,EAC3B,aAAa,GACd,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../actions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,KAAK,EAGV,KAAK,GAAG,EAGT,MAAM,MAAM,CAAA;AAEb,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,IAAI,CAAA;AAM3C,OAAO,EAUL,KAAK,kBAAkB,EACxB,MAAM,4BAA4B,CAAA;AACnC,OAAO,KAAK,EACV,IAAI,EACJ,sBAAsB,EACtB,QAAQ,EACR,cAAc,EACd,QAAQ,EACR,uBAAuB,EACxB,MAAM,UAAU,CAAA;AAEjB,OAAO,EAAE,2BAA2B,EAAE,MAAM,iBAAiB,CAAA;AAE7D;;;;;;GAMG;AACH,iBAAS,aAAa,CAAC,EACrB,iBAAiB,EACjB,SAAS,EACT,SAAa,GACd,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,GAAG,QAAQ,UAIX;AAED;;;;;;;;GAQG;AACH,iBAAe,OAAO,CACpB,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,QAAQ,EACnB,KAAK,EAAE,KAAK,EACZ,QAAQ,CAAC,EAAE,cAAc,GACxB,OAAO,CAAC,IAAI,EAAE,CAAC,CAqBjB;AAED;;;;;;GAMG;AACH,iBAAS,WAAW,CAAC,EACnB,iBAAiB,EACjB,MAAM,EACN,SAAa,GACd,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,MAAM,EAAE,OAAO,EAAE,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,UAIA;AAED;;;;;;GAMG;AACH,iBAAS,cAAc,CAAC,EACtB,iBAAiB,EACjB,MAAM,EACN,eAAe,GAChB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,GAAG,kBAAkB,UAIrB;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,EACpB,iBAAiB,GAClB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,UAIA;AAED;;;;GAIG;AACH,iBAAS,eAAe,CAAC,EACvB,iBAAiB,GAClB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,UAWA;AAED;;;;GAIG;AACH,iBAAS,QAAQ,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI,CAkBtC;AAED;;;;;GAKG;AACH,iBAAS,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,GAAG,IAAI,CAqBrE;AAED;;;;GAIG;AACH,iBAAS,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAoBnD;AAED;;;;;;GAMG;AACH,iBAAS,eAAe,CACtB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EACf,uBAAuB,EAAE,OAAO,GAC/B,IAAI,CAyBN;AAED;;;;;GAKG;AACH,iBAAS,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAqBlE;AAED;;;;GAIG;AACH,iBAAS,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAoB1D;AAED;;;;;;;GAOG;AACH,iBAAe,qBAAqB,CAClC,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,sBAAsB,EACjC,KAAK,EAAE,KAAK,EACZ,QAAQ,CAAC,EAAE,cAAc,EACzB,gBAAgB,CAAC,EAAE,OAAO,GACzB,OAAO,CAAC,IAAI,EAAE,CAAC,CAuGjB;AAED;;;;;;;;GAQG;AACH,iBAAe,uBAAuB,CACpC,OAAO,EAAE,OAAO,EAChB,cAAc,EAAE;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,EAAE,EACtD,SAAS,EAAE,uBAAuB,EAClC,KAAK,EAAE,KAAK,EACZ,QAAQ,CAAC,EAAE,cAAc,GACxB,OAAO,CAAC,IAAI,EAAE,CAAC,CAyFjB;AAED;;;;;;GAMG;AACH,iBAAS,iBAAiB,CAAC,EACzB,iBAAiB,EACjB,UAAU,EACV,SAAa,GACd,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,UAAU,EAAE,CAAC,sBAAsB,GAAG,uBAAuB,GAAG,IAAI,CAAC,EAAE,CAAA;IACvE,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,UAIA;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,EAC1B,iBAAiB,GAClB,EAAE;IACD,iBAAiB,EAAE,iBAAiB,CAAA;CACrC,UAIA;AAED;;;;GAIG;AACH,iBAAS,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAkB9D;AAED;;;;;GAKG;AACH,iBAAS,eAAe,CACtB,EAAE,EAAE,GAAG,GAAG,MAAM,EAChB,SAAS,EAAE,sBAAsB,GAAG,uBAAuB,GAC1D,IAAI,CA+BN;AAED;;;;;GAKG;AACH,iBAAS,kBAAkB,CACzB,EAAE,EAAE,GAAG,GAAG,MAAM,EAChB,SAAS,EAAE,sBAAsB,GAAG,uBAAuB,GAC1D,IAAI,CA2BN;AAED,OAAO,EACL,WAAW,EACX,cAAc,EACd,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,WAAW,EACX,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,OAAO,EACP,qBAAqB,EACrB,uBAAuB,EACvB,aAAa,EACb,2BAA2B,EAC3B,iBAAiB,EACjB,kBAAkB,EAClB,0BAA0B,EAC1B,eAAe,EACf,kBAAkB,GACnB,CAAA"}

package/dist/src/actions/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.trustAttester = exports.encodeSmartSessionSignature = void 0;
+exports.encodeSmartSessionSignature = void 0;
 exports.enableEcdsa = enableEcdsa;
 exports.enablePasskeys = enablePasskeys;
 exports.disableEcdsa = disableEcdsa;
@@ -8,63 +8,120 @@ exports.disablePasskeys = disablePasskeys;
 exports.addOwner = addOwner;
 exports.removeOwner = removeOwner;
 exports.changeThreshold = changeThreshold;
+exports.addPasskeyOwner = addPasskeyOwner;
+exports.removePasskeyOwner = removePasskeyOwner;
+exports.changePasskeyThreshold = changePasskeyThreshold;
 exports.recover = recover;
+exports.recoverEcdsaOwnership = recoverEcdsaOwnership;
+exports.recoverPasskeyOwnership = recoverPasskeyOwnership;
 exports.setUpRecovery = setUpRecovery;
+exports.enableMultiFactor = enableMultiFactor;
+exports.disableMultiFactor = disableMultiFactor;
+exports.changeMultiFactorThreshold = changeMultiFactorThreshold;
+exports.setSubValidator = setSubValidator;
+exports.removeSubValidator = removeSubValidator;
 const viem_1 = require("viem");
 const accounts_1 = require("../accounts");
+const utils_1 = require("../accounts/utils");
 const core_1 = require("../modules/validators/core");
-const registry_1 = require("./registry");
-Object.defineProperty(exports, "trustAttester", { enumerable: true, get: function () { return registry_1.trustAttester; } });
 const smart_session_1 = require("./smart-session");
 Object.defineProperty(exports, "encodeSmartSessionSignature", { enumerable: true, get: function () { return smart_session_1.encodeSmartSessionSignature; } });
+/**
+ * Set up social recovery
+ * @param rhinestoneAccount Account to set up social recovery on
+ * @param guardians Guardians to use for recovery
+ * @param threshold Threshold for the guardians
+ * @returns Calls to set up social recovery
+ */
 function setUpRecovery({ rhinestoneAccount, guardians, threshold = 1, }) {
     const module = (0, core_1.getSocialRecoveryValidator)(guardians, threshold);
     const calls = (0, accounts_1.getModuleInstallationCalls)(rhinestoneAccount.config, module);
     return calls;
 }
-async function recover(address, newOwners, chain) {
+/**
+ * Recover an account's ownership
+ * @param address Account address
+ * @param newOwners New owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ * @deprecated Use `recoverEcdsaOwnership` or `recoverPasskeyOwnership` instead
+ */
+async function recover(address, newOwners, chain, provider) {
     switch (newOwners.type) {
         case 'ecdsa': {
-            return recoverEcdsaOwnership(address, newOwners, chain);
+            return recoverEcdsaOwnership(address, newOwners, chain, provider);
+        }
+        case 'ecdsa-v0': {
+            return recoverEcdsaOwnership(address, newOwners, chain, provider, core_1.OWNABLE_V0_VALIDATOR_ADDRESS);
         }
         case 'passkey': {
             throw new Error('Passkey ownership recovery is not yet supported');
         }
+        case 'multi-factor': {
+            throw new Error('Multi-factor ownership recovery is not yet supported');
+        }
     }
 }
+/**
+ * Enable ECDSA authentication
+ * @param rhinestoneAccount Account to enable ECDSA authentication on
+ * @param owners Owners to use for authentication
+ * @param threshold Threshold for the owners
+ * @returns Calls to enable ECDSA authentication
+ */
 function enableEcdsa({ rhinestoneAccount, owners, threshold = 1, }) {
-    const module = (0, core_1.getOwnableValidator)({
-        threshold,
-        owners,
-    });
+    const module = (0, core_1.getOwnableValidator)(threshold, owners);
     const calls = (0, accounts_1.getModuleInstallationCalls)(rhinestoneAccount.config, module);
     return calls;
 }
+/**
+ * Enable passkeys authentication
+ * @param rhinestoneAccount Account to enable passkeys authentication on
+ * @param pubKey Public key for the passkey
+ * @param authenticatorId Authenticator ID for the passkey
+ * @returns Calls to enable passkeys authentication
+ */
 function enablePasskeys({ rhinestoneAccount, pubKey, authenticatorId, }) {
-    const module = (0, core_1.getWebAuthnValidator)({ pubKey, authenticatorId });
+    const module = (0, core_1.getWebAuthnValidator)(1, [{ pubKey, authenticatorId }]);
     const calls = (0, accounts_1.getModuleInstallationCalls)(rhinestoneAccount.config, module);
     return calls;
 }
+/**
+ * Disable ECDSA authentication
+ * @param rhinestoneAccount Account to disable ECDSA authentication on
+ * @returns Calls to disable ECDSA authentication
+ */
 function disableEcdsa({ rhinestoneAccount, }) {
-    const module = (0, core_1.getOwnableValidator)({
-        threshold: 1,
-        owners: [],
-    });
+    const module = (0, core_1.getOwnableValidator)(1, []);
     const calls = (0, accounts_1.getModuleUninstallationCalls)(rhinestoneAccount.config, module);
     return calls;
 }
+/**
+ * Disable passkeys (WebAuthn) authentication
+ * @param rhinestoneAccount Account to disable passkeys authentication on
+ * @returns Calls to disable passkeys authentication
+ */
 function disablePasskeys({ rhinestoneAccount, }) {
-    const module = (0, core_1.getWebAuthnValidator)({
-        // Mocked values
-        pubKey: '0x580a9af0569ad3905b26a703201b358aa0904236642ebe79b22a19d00d3737637d46f725a5427ae45a9569259bf67e1e16b187d7b3ad1ed70138c4f0409677d1',
-        authenticatorId: '0x',
-    });
+    const module = (0, core_1.getWebAuthnValidator)(1, [
+        {
+            // Mocked values
+            pubKey: '0x580a9af0569ad3905b26a703201b358aa0904236642ebe79b22a19d00d3737637d46f725a5427ae45a9569259bf67e1e16b187d7b3ad1ed70138c4f0409677d1',
+            authenticatorId: '0x',
+        },
+    ]);
     const calls = (0, accounts_1.getModuleUninstallationCalls)(rhinestoneAccount.config, module);
     return calls;
 }
+/**
+ * Add an ECDSA owner
+ * @param owner Owner address
+ * @returns Call to add the owner
+ */
 function addOwner(owner) {
     return {
         to: core_1.OWNABLE_VALIDATOR_ADDRESS,
+        value: 0n,
         data: (0, viem_1.encodeFunctionData)({
             abi: [
                 {
@@ -80,9 +137,16 @@ function addOwner(owner) {
         }),
     };
 }
+/**
+ * Remove an ECDSA owner
+ * @param prevOwner Previous owner address
+ * @param ownerToRemove Owner to remove
+ * @returns Call to remove the owner
+ */
 function removeOwner(prevOwner, ownerToRemove) {
     return {
         to: core_1.OWNABLE_VALIDATOR_ADDRESS,
+        value: 0n,
         data: (0, viem_1.encodeFunctionData)({
             abi: [
                 {
@@ -101,9 +165,102 @@ function removeOwner(prevOwner, ownerToRemove) {
         }),
     };
 }
+/**
+ * Change an account's signer threshold (ECDSA)
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
 function changeThreshold(newThreshold) {
     return {
         to: core_1.OWNABLE_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    inputs: [
+                        { internalType: 'uint256', name: '_threshold', type: 'uint256' },
+                    ],
+                    name: 'setThreshold',
+                    outputs: [],
+                    stateMutability: 'nonpayable',
+                    type: 'function',
+                },
+            ],
+            functionName: 'setThreshold',
+            args: [BigInt(newThreshold)],
+        }),
+    };
+}
+/**
+ * Add a passkey owner
+ * @param pubKeyX Public key X
+ * @param pubKeyY Public key Y
+ * @param requireUserVerification Whether to require user verification
+ * @returns Call to add the passkey owner
+ */
+function addPasskeyOwner(pubKeyX, pubKeyY, requireUserVerification) {
+    return {
+        to: core_1.WEBAUTHN_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    inputs: [
+                        { name: 'pubKeyX', type: 'uint256' },
+                        { name: 'pubKeyY', type: 'uint256' },
+                        {
+                            name: 'requireUserVerification',
+                            type: 'bool',
+                        },
+                    ],
+                    name: 'addCredential',
+                    outputs: [],
+                    stateMutability: 'nonpayable',
+                    type: 'function',
+                },
+            ],
+            functionName: 'addCredential',
+            args: [pubKeyX, pubKeyY, requireUserVerification],
+        }),
+    };
+}
+/**
+ * Remove a passkey owner
+ * @param pubKeyX Public key X
+ * @param pubKeyY Public key Y
+ * @returns Call to remove the passkey owner
+ */
+function removePasskeyOwner(pubKeyX, pubKeyY) {
+    return {
+        to: core_1.WEBAUTHN_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    inputs: [
+                        { name: 'pubKeyX', type: 'uint256' },
+                        { name: 'pubKeyY', type: 'uint256' },
+                    ],
+                    name: 'removeCredential',
+                    outputs: [],
+                    stateMutability: 'nonpayable',
+                    type: 'function',
+                },
+            ],
+            functionName: 'removeCredential',
+            args: [pubKeyX, pubKeyY],
+        }),
+    };
+}
+/**
+ * Change an account's signer threshold (passkey)
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
+function changePasskeyThreshold(newThreshold) {
+    return {
+        to: core_1.WEBAUTHN_VALIDATOR_ADDRESS,
+        value: 0n,
         data: (0, viem_1.encodeFunctionData)({
             abi: [
                 {
@@ -121,16 +278,24 @@ function changeThreshold(newThreshold) {
         }),
     };
 }
-async function recoverEcdsaOwnership(address, newOwners, chain) {
+/**
+ * Recover an account's ownership (ECDSA)
+ * @param address Account address
+ * @param newOwners New owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ */
+async function recoverEcdsaOwnership(address, newOwners, chain, provider, validatorAddress) {
     const publicClient = (0, viem_1.createPublicClient)({
         chain,
-        transport: (0, viem_1.http)(),
+        transport: (0, utils_1.createTransport)(chain, provider),
     });
     // Read the existing config
     const results = await publicClient.multicall({
         contracts: [
             {
-                address: core_1.OWNABLE_VALIDATOR_ADDRESS,
+                address: validatorAddress ?? core_1.OWNABLE_VALIDATOR_ADDRESS,
                 abi: [
                     {
                         inputs: [
@@ -152,7 +317,7 @@ async function recoverEcdsaOwnership(address, newOwners, chain) {
                 args: [address],
             },
             {
-                address: core_1.OWNABLE_VALIDATOR_ADDRESS,
+                address: validatorAddress ?? core_1.OWNABLE_VALIDATOR_ADDRESS,
                 abi: [
                     {
                         inputs: [
@@ -211,3 +376,188 @@ async function recoverEcdsaOwnership(address, newOwners, chain) {
     }
     return calls;
 }
+/**
+ * Recover an account's ownership (Passkey)
+ * @param address Account address
+ * @param oldCredentials Old credentials to be replaced (with pubKeyX, pubKeyY)
+ * @param newOwners New passkey owners
+ * @param chain Chain to recover ownership on
+ * @param provider Provider to use for the recovery
+ * @returns Calls to recover ownership
+ */
+async function recoverPasskeyOwnership(address, oldCredentials, newOwners, chain, provider) {
+    const publicClient = (0, viem_1.createPublicClient)({
+        chain,
+        transport: (0, utils_1.createTransport)(chain, provider),
+    });
+    const existingThreshold = await publicClient.readContract({
+        address: core_1.WEBAUTHN_VALIDATOR_ADDRESS,
+        abi: [
+            {
+                inputs: [{ internalType: 'address', name: 'account', type: 'address' }],
+                name: 'threshold',
+                outputs: [{ internalType: 'uint256', name: '', type: 'uint256' }],
+                stateMutability: 'view',
+                type: 'function',
+            },
+        ],
+        functionName: 'threshold',
+        args: [address],
+    });
+    const calls = [];
+    // Convert new owners config to credentials and threshold
+    const newCredentials = newOwners.accounts.map((account) => {
+        const publicKey = account.publicKey;
+        // Parse the public key hex string to extract x and y coordinates
+        const publicKeyBytes = publicKey.startsWith('0x')
+            ? publicKey.slice(2)
+            : publicKey;
+        // The public key is 64 bytes: 32 bytes for x, 32 bytes for y
+        const x = BigInt(`0x${publicKeyBytes.slice(0, 64)}`);
+        const y = BigInt(`0x${publicKeyBytes.slice(64, 128)}`);
+        return {
+            pubKeyX: x,
+            pubKeyY: y,
+            requireUV: false, // Default to false for now
+        };
+    });
+    const newThreshold = newOwners.threshold ?? 1;
+    // Check if threshold needs to be updated
+    if (Number(existingThreshold) !== newThreshold) {
+        calls.push(changePasskeyThreshold(newThreshold));
+    }
+    // Compare existing and new credentials to determine what to add/remove
+    const existingCredentialKeys = oldCredentials.map((cred) => `${cred.pubKeyX.toString()}-${cred.pubKeyY.toString()}`);
+    const newCredentialKeys = newCredentials.map((cred) => `${cred.pubKeyX.toString()}-${cred.pubKeyY.toString()}`);
+    // Find credentials to add (new ones not in existing)
+    const credentialsToAdd = newCredentials.filter((cred) => !existingCredentialKeys.includes(`${cred.pubKeyX.toString()}-${cred.pubKeyY.toString()}`));
+    // Find credentials to remove (existing ones not in new)
+    const credentialsToRemove = oldCredentials.filter((cred) => !newCredentialKeys.includes(`${cred.pubKeyX.toString()}-${cred.pubKeyY.toString()}`));
+    // Remove old credentials first (important for security in recovery scenarios)
+    for (const credential of credentialsToRemove) {
+        calls.push(removePasskeyOwner(credential.pubKeyX, credential.pubKeyY));
+    }
+    // Then add new credentials
+    for (const credential of credentialsToAdd) {
+        calls.push(addPasskeyOwner(credential.pubKeyX, credential.pubKeyY, credential.requireUV));
+    }
+    return calls;
+}
+/**
+ * Enable multi-factor authentication
+ * @param rhinestoneAccount Account to enable multi-factor authentication on
+ * @param validators List of validators to use
+ * @param threshold Threshold for the validators
+ * @returns Calls to enable multi-factor authentication
+ */
+function enableMultiFactor({ rhinestoneAccount, validators, threshold = 1, }) {
+    const module = (0, core_1.getMultiFactorValidator)(threshold, validators);
+    const calls = (0, accounts_1.getModuleInstallationCalls)(rhinestoneAccount.config, module);
+    return calls;
+}
+/**
+ * Disable multi-factor authentication
+ * @param rhinestoneAccount Account to disable multi-factor authentication on
+ * @returns Calls to disable multi-factor authentication
+ */
+function disableMultiFactor({ rhinestoneAccount, }) {
+    const module = (0, core_1.getMultiFactorValidator)(1, []);
+    const calls = (0, accounts_1.getModuleUninstallationCalls)(rhinestoneAccount.config, module);
+    return calls;
+}
+/**
+ * Change the multi-factor threshold
+ * @param newThreshold New threshold
+ * @returns Call to change the threshold
+ */
+function changeMultiFactorThreshold(newThreshold) {
+    return {
+        to: core_1.MULTI_FACTOR_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    inputs: [{ internalType: 'uint8', name: 'threshold', type: 'uint8' }],
+                    name: 'setThreshold',
+                    outputs: [],
+                    stateMutability: 'nonpayable',
+                    type: 'function',
+                },
+            ],
+            functionName: 'setThreshold',
+            args: [newThreshold],
+        }),
+    };
+}
+/**
+ * Set a sub-validator (multi-factor)
+ * @param id Validator ID
+ * @param validator Validator module
+ * @returns Call to set the sub-validator
+ */
+function setSubValidator(id, validator) {
+    const validatorId = (0, viem_1.padHex)((0, viem_1.toHex)(id), { size: 12 });
+    const validatorModule = (0, core_1.getValidator)(validator);
+    return {
+        to: core_1.MULTI_FACTOR_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    type: 'function',
+                    name: 'setValidator',
+                    inputs: [
+                        {
+                            type: 'address',
+                            name: 'validatorAddress',
+                        },
+                        {
+                            type: 'bytes12',
+                            name: 'validatorId',
+                        },
+                        {
+                            type: 'bytes',
+                            name: 'newValidatorData',
+                        },
+                    ],
+                },
+            ],
+            functionName: 'setValidator',
+            args: [validatorModule.address, validatorId, validatorModule.initData],
+        }),
+    };
+}
+/**
+ * Remove a sub-validator (multi-factor)
+ * @param id Validator ID
+ * @param validator Validator module
+ * @returns Call to remove the sub-validator
+ */
+function removeSubValidator(id, validator) {
+    const validatorId = (0, viem_1.padHex)((0, viem_1.toHex)(id), { size: 12 });
+    const validatorModule = (0, core_1.getValidator)(validator);
+    return {
+        to: core_1.MULTI_FACTOR_VALIDATOR_ADDRESS,
+        value: 0n,
+        data: (0, viem_1.encodeFunctionData)({
+            abi: [
+                {
+                    type: 'function',
+                    name: 'removeValidator',
+                    inputs: [
+                        {
+                            type: 'address',
+                            name: 'validatorAddress',
+                        },
+                        {
+                            type: 'bytes12',
+                            name: 'validatorId',
+                        },
+                    ],
+                },
+            ],
+            functionName: 'removeValidator',
+            args: [validatorModule.address, validatorId],
+        }),
+    };
+}