npm - @swype-org/react-sdk - Versions diffs - 0.1.229 → 0.1.232 - Mend

@swype-org/react-sdk 0.1.229 → 0.1.232

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -158,339 +158,358 @@ function useBlinkDepositAmount() {
   };
 }
-// node_modules/@wagmi/core/dist/esm/utils/getAction.js
-function getAction(client, actionFn, name) {
-  const action_implicit = client[actionFn.name];
-  if (typeof action_implicit === "function")
-    return action_implicit;
-  const action_explicit = client[name];
-  if (typeof action_explicit === "function")
-    return action_explicit;
-  return (params) => actionFn(client, params);
-}
-// node_modules/@wagmi/core/dist/esm/version.js
-var version = "2.22.1";
-// node_modules/@wagmi/core/dist/esm/utils/getVersion.js
-var getVersion = () => `@wagmi/core@${version}`;
-// node_modules/@wagmi/core/dist/esm/errors/base.js
-var __classPrivateFieldGet = function(receiver, state, kind, f) {
-  if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
-  return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+// src/passkey-delegation.ts
+var PasskeyIframeBlockedError = class extends Error {
+  constructor(message = "Passkey creation is not supported in this browser context.") {
+    super(message);
+    this.name = "PasskeyIframeBlockedError";
+  }
 };
-var _BaseError_instances;
-var _BaseError_walk;
-var BaseError = class _BaseError extends Error {
-  get docsBaseUrl() {
-    return "https://wagmi.sh/core";
+function isInCrossOriginIframe() {
+  if (typeof window === "undefined") return false;
+  if (window.parent === window) return false;
+  try {
+    void window.parent.location.origin;
+    return false;
+  } catch {
+    return true;
   }
-  get version() {
-    return getVersion();
+}
+function isSafari() {
+  if (typeof navigator === "undefined") return false;
+  const ua = navigator.userAgent;
+  return /Safari/i.test(ua) && !/Chrome|CriOS|Chromium|Edg|OPR|Firefox/i.test(ua);
+}
+var POPUP_RESULT_TIMEOUT_MS = 12e4;
+var POPUP_CLOSED_POLL_MS = 500;
+var POPUP_CLOSED_GRACE_MS = 1e3;
+function createPasskeyViaPopup(options) {
+  return new Promise((resolve, reject) => {
+    const verificationToken = crypto.randomUUID();
+    const payload = { ...options, verificationToken };
+    const encoded = btoa(JSON.stringify(payload));
+    const popupUrl = `${window.location.origin}/passkey-register#${encoded}`;
+    const popup = window.open(popupUrl, "blink-passkey");
+    if (!popup) {
+      reject(new Error("Pop-up blocked. Please allow pop-ups for this site and try again."));
+      return;
+    }
+    let settled = false;
+    const timer = setTimeout(() => {
+      cleanup();
+      reject(new Error("Passkey creation timed out. Please try again."));
+    }, POPUP_RESULT_TIMEOUT_MS);
+    const closedPoll = setInterval(() => {
+      if (popup.closed) {
+        clearInterval(closedPoll);
+        setTimeout(() => {
+          if (!settled) {
+            settled = true;
+            cleanup();
+            checkServerForPasskeyByToken(
+              options.authToken,
+              options.apiBaseUrl,
+              verificationToken
+            ).then((result) => {
+              if (result) {
+                resolve(result);
+              } else {
+                reject(new Error("Passkey window was closed before completing."));
+              }
+            }).catch(() => {
+              reject(new Error("Passkey window was closed before completing."));
+            });
+          }
+        }, POPUP_CLOSED_GRACE_MS);
+      }
+    }, POPUP_CLOSED_POLL_MS);
+    function cleanup() {
+      clearTimeout(timer);
+      clearInterval(closedPoll);
+    }
+  });
+}
+var VERIFY_POPUP_TIMEOUT_MS = 6e4;
+function findDevicePasskeyViaPopup(options) {
+  return new Promise((resolve, reject) => {
+    const verificationToken = crypto.randomUUID();
+    const payload = {
+      ...options,
+      verificationToken
+    };
+    const encoded = btoa(JSON.stringify(payload));
+    const popupUrl = `${window.location.origin}/passkey-verify#${encoded}`;
+    const popup = window.open(popupUrl, "blink-passkey-verify");
+    if (!popup) {
+      reject(new Error("Pop-up blocked. Please allow pop-ups for this site and try again."));
+      return;
+    }
+    let settled = false;
+    const timer = setTimeout(() => {
+      cleanup();
+      resolve(null);
+    }, VERIFY_POPUP_TIMEOUT_MS);
+    const closedPoll = setInterval(() => {
+      if (popup.closed && !settled) {
+        clearInterval(closedPoll);
+        setTimeout(() => {
+          if (!settled) {
+            settled = true;
+            cleanup();
+            checkServerForPasskeyByToken(
+              options.authToken,
+              options.apiBaseUrl,
+              verificationToken
+            ).then((result) => {
+              resolve(result?.credentialId ?? null);
+            }).catch(() => {
+              resolve(null);
+            });
+          }
+        }, POPUP_CLOSED_GRACE_MS);
+      }
+    }, POPUP_CLOSED_POLL_MS);
+    function cleanup() {
+      clearTimeout(timer);
+      clearInterval(closedPoll);
+    }
+  });
+}
+async function checkServerForPasskeyByToken(authToken, apiBaseUrl, verificationToken) {
+  if (!authToken || !apiBaseUrl) return null;
+  const res = await fetch(`${apiBaseUrl}/v1/users/config`, {
+    headers: { Authorization: `Bearer ${authToken}` }
+  });
+  if (!res.ok) return null;
+  const body = await res.json();
+  const passkeys = body.config.passkeys ?? [];
+  const matched = passkeys.find((p) => p.lastVerificationToken === verificationToken);
+  return matched ? { credentialId: matched.credentialId, publicKey: matched.publicKey } : null;
+}
+// src/passkeyRpId.ts
+function normalizeConfiguredDomain(value) {
+  return value.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/^\./, "").trim();
+}
+function resolveRootDomainFromHostname(hostname) {
+  const trimmedHostname = hostname.trim().toLowerCase();
+  if (!trimmedHostname) {
+    return "localhost";
   }
-  constructor(shortMessage, options = {}) {
-    super();
-    _BaseError_instances.add(this);
-    Object.defineProperty(this, "details", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-    Object.defineProperty(this, "docsPath", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-    Object.defineProperty(this, "metaMessages", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-    Object.defineProperty(this, "shortMessage", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: void 0
-    });
-    Object.defineProperty(this, "name", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: "WagmiCoreError"
-    });
-    const details = options.cause instanceof _BaseError ? options.cause.details : options.cause?.message ? options.cause.message : options.details;
-    const docsPath = options.cause instanceof _BaseError ? options.cause.docsPath || options.docsPath : options.docsPath;
-    this.message = [
-      shortMessage || "An error occurred.",
-      "",
-      ...options.metaMessages ? [...options.metaMessages, ""] : [],
-      ...docsPath ? [
-        `Docs: ${this.docsBaseUrl}${docsPath}.html${options.docsSlug ? `#${options.docsSlug}` : ""}`
-      ] : [],
-      ...details ? [`Details: ${details}`] : [],
-      `Version: ${this.version}`
-    ].join("\n");
-    if (options.cause)
-      this.cause = options.cause;
-    this.details = details;
-    this.docsPath = docsPath;
-    this.metaMessages = options.metaMessages;
-    this.shortMessage = shortMessage;
+  if (trimmedHostname === "localhost" || /^\d{1,3}(?:\.\d{1,3}){3}$/.test(trimmedHostname)) {
+    return trimmedHostname;
   }
-  walk(fn) {
-    return __classPrivateFieldGet(this, _BaseError_instances, "m", _BaseError_walk).call(this, this, fn);
+  const parts = trimmedHostname.split(".").filter(Boolean);
+  if (parts.length < 2) {
+    return trimmedHostname;
   }
-};
-_BaseError_instances = /* @__PURE__ */ new WeakSet(), _BaseError_walk = function _BaseError_walk2(err, fn) {
-  if (fn?.(err))
-    return err;
-  if (err.cause)
-    return __classPrivateFieldGet(this, _BaseError_instances, "m", _BaseError_walk2).call(this, err.cause, fn);
-  return err;
-};
+  return parts.slice(-2).join(".");
+}
-// node_modules/@wagmi/core/dist/esm/errors/config.js
-var ConnectorNotConnectedError = class extends BaseError {
-  constructor() {
-    super("Connector not connected.");
-    Object.defineProperty(this, "name", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: "ConnectorNotConnectedError"
-    });
-  }
-};
-var ConnectorAccountNotFoundError = class extends BaseError {
-  constructor({ address, connector }) {
-    super(`Account "${address}" not found for connector "${connector.name}".`);
-    Object.defineProperty(this, "name", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: "ConnectorAccountNotFoundError"
-    });
-  }
-};
-var ConnectorChainMismatchError = class extends BaseError {
-  constructor({ connectionChainId, connectorChainId }) {
-    super(`The current chain of the connector (id: ${connectorChainId}) does not match the connection's chain (id: ${connectionChainId}).`, {
-      metaMessages: [
-        `Current Chain ID:  ${connectorChainId}`,
-        `Expected Chain ID: ${connectionChainId}`
-      ]
-    });
-    Object.defineProperty(this, "name", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: "ConnectorChainMismatchError"
-    });
-  }
-};
-var ConnectorUnavailableReconnectingError = class extends BaseError {
-  constructor({ connector }) {
-    super(`Connector "${connector.name}" unavailable while reconnecting.`, {
-      details: [
-        "During the reconnection step, the only connector methods guaranteed to be available are: `id`, `name`, `type`, `uid`.",
-        "All other methods are not guaranteed to be available until reconnection completes and connectors are fully restored.",
-        "This error commonly occurs for connectors that asynchronously inject after reconnection has already started."
-      ].join(" ")
-    });
-    Object.defineProperty(this, "name", {
-      enumerable: true,
-      configurable: true,
-      writable: true,
-      value: "ConnectorUnavailableReconnectingError"
-    });
-  }
-};
-async function getConnectorClient(config, parameters = {}) {
-  const { assertChainId = true } = parameters;
-  let connection;
-  if (parameters.connector) {
-    const { connector: connector2 } = parameters;
-    if (config.state.status === "reconnecting" && !connector2.getAccounts && !connector2.getChainId)
-      throw new ConnectorUnavailableReconnectingError({ connector: connector2 });
-    const [accounts, chainId2] = await Promise.all([
-      connector2.getAccounts().catch((e) => {
-        if (parameters.account === null)
-          return [];
-        throw e;
-      }),
-      connector2.getChainId()
-    ]);
-    connection = {
-      accounts,
-      chainId: chainId2,
-      connector: connector2
-    };
-  } else
-    connection = config.state.connections.get(config.state.current);
-  if (!connection)
-    throw new ConnectorNotConnectedError();
-  const chainId = parameters.chainId ?? connection.chainId;
-  const connectorChainId = await connection.connector.getChainId();
-  if (assertChainId && connectorChainId !== chainId)
-    throw new ConnectorChainMismatchError({
-      connectionChainId: chainId,
-      connectorChainId
-    });
-  const connector = connection.connector;
-  if (connector.getClient)
-    return connector.getClient({ chainId });
-  const account = utils.parseAccount(parameters.account ?? connection.accounts[0]);
-  if (account)
-    account.address = utils.getAddress(account.address);
-  if (parameters.account && !connection.accounts.some((x) => x.toLowerCase() === account.address.toLowerCase()))
-    throw new ConnectorAccountNotFoundError({
-      address: account.address,
-      connector
-    });
-  const chain = config.chains.find((chain2) => chain2.id === chainId);
-  const provider = await connection.connector.getProvider({ chainId });
-  return viem.createClient({
-    account,
-    chain,
-    name: "Connector Client",
-    transport: (opts) => viem.custom(provider)({ ...opts, retryCount: 0 })
+// src/hooks/passkeyPublic.ts
+function waitForDocumentFocus(timeoutMs = 5e3, intervalMs = 100) {
+  return new Promise((resolve, reject) => {
+    if (typeof document === "undefined") {
+      resolve();
+      return;
+    }
+    if (document.hasFocus()) {
+      resolve();
+      return;
+    }
+    const deadline = Date.now() + timeoutMs;
+    const timer = setInterval(() => {
+      if (document.hasFocus()) {
+        clearInterval(timer);
+        resolve();
+      } else if (Date.now() >= deadline) {
+        clearInterval(timer);
+        resolve();
+      }
+    }, intervalMs);
   });
 }
-// node_modules/@wagmi/core/dist/esm/actions/getAccount.js
-function getAccount(config) {
-  const uid = config.state.current;
-  const connection = config.state.connections.get(uid);
-  const addresses = connection?.accounts;
-  const address = addresses?.[0];
-  const chain = config.chains.find((chain2) => chain2.id === connection?.chainId);
-  const status = config.state.status;
-  switch (status) {
-    case "connected":
-      return {
-        address,
-        addresses,
-        chain,
-        chainId: connection?.chainId,
-        connector: connection?.connector,
-        isConnected: true,
-        isConnecting: false,
-        isDisconnected: false,
-        isReconnecting: false,
-        status
-      };
-    case "reconnecting":
-      return {
-        address,
-        addresses,
-        chain,
-        chainId: connection?.chainId,
-        connector: connection?.connector,
-        isConnected: !!address,
-        isConnecting: false,
-        isDisconnected: false,
-        isReconnecting: true,
-        status
-      };
-    case "connecting":
-      return {
-        address,
-        addresses,
-        chain,
-        chainId: connection?.chainId,
-        connector: connection?.connector,
-        isConnected: false,
-        isConnecting: true,
-        isDisconnected: false,
-        isReconnecting: false,
-        status
-      };
-    case "disconnected":
-      return {
-        address: void 0,
-        addresses: void 0,
-        chain: void 0,
-        chainId: void 0,
-        connector: void 0,
-        isConnected: false,
-        isConnecting: false,
-        isDisconnected: true,
-        isReconnecting: false,
-        status
-      };
+function toBase64(buffer) {
+  return btoa(String.fromCharCode(...new Uint8Array(buffer)));
+}
+function base64ToBytes(value) {
+  const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = normalized + "=".repeat((4 - normalized.length % 4) % 4);
+  const raw = atob(padded);
+  const bytes = new Uint8Array(raw.length);
+  for (let i = 0; i < raw.length; i++) {
+    bytes[i] = raw.charCodeAt(i);
   }
+  return bytes;
 }
-async function getWalletClient(config, parameters = {}) {
-  const client = await getConnectorClient(config, parameters);
-  return client.extend(viem.walletActions);
+function readEnvValue(name) {
+  const meta = ({ url: (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)) });
+  const metaValue = meta.env?.[name];
+  if (typeof metaValue === "string" && metaValue.trim().length > 0) {
+    return metaValue.trim();
+  }
+  const processValue = globalThis.process?.env?.[name];
+  if (typeof processValue === "string" && processValue.trim().length > 0) {
+    return processValue.trim();
+  }
+  return void 0;
 }
-async function waitForTransactionReceipt(config, parameters) {
-  const { chainId, timeout = 0, ...rest } = parameters;
-  const client = config.getClient({ chainId });
-  const action = getAction(client, actions.waitForTransactionReceipt, "waitForTransactionReceipt");
-  const receipt = await action({ ...rest, timeout });
-  if (receipt.status === "reverted") {
-    const action_getTransaction = getAction(client, actions.getTransaction, "getTransaction");
-    const { from: account, ...txn } = await action_getTransaction({
-      hash: receipt.transactionHash
-    });
-    const action_call = getAction(client, actions.call, "call");
-    const code = await action_call({
-      ...txn,
-      account,
-      data: txn.input,
-      gasPrice: txn.type !== "eip1559" ? txn.gasPrice : void 0,
-      maxFeePerGas: txn.type === "eip1559" ? txn.maxFeePerGas : void 0,
-      maxPriorityFeePerGas: txn.type === "eip1559" ? txn.maxPriorityFeePerGas : void 0
-    });
-    const reason = code?.data ? viem.hexToString(`0x${code.data.substring(138)}`) : "unknown reason";
-    throw new Error(reason);
+function resolvePasskeyRpId() {
+  const configuredDomain = readEnvValue("VITE_DOMAIN") ?? readEnvValue("BLINK_DOMAIN");
+  if (configuredDomain) {
+    return normalizeConfiguredDomain(configuredDomain);
   }
-  return {
-    ...receipt,
-    chainId: client.chain.id
-  };
+  if (typeof window !== "undefined") {
+    return resolveRootDomainFromHostname(window.location.hostname);
+  }
+  return "localhost";
 }
-// src/api.ts
-var api_exports = {};
-__export(api_exports, {
-  createAccount: () => createAccount,
-  createAccountAuthorizationSession: () => createAccountAuthorizationSession,
-  createGuestAccount: () => createGuestAccount,
-  createGuestTransfer: () => createGuestTransfer,
-  createTransfer: () => createTransfer,
-  fetchAccount: () => fetchAccount,
-  fetchAccounts: () => fetchAccounts,
-  fetchAuthorizationSession: () => fetchAuthorizationSession,
-  fetchChains: () => fetchChains,
-  fetchGuestAccount: () => fetchGuestAccount,
-  fetchGuestTransferBalances: () => fetchGuestTransferBalances,
-  fetchMerchantPublicKey: () => fetchMerchantPublicKey,
-  fetchProviders: () => fetchProviders,
-  fetchTransfer: () => fetchTransfer,
-  fetchUserConfig: () => fetchUserConfig,
-  getGuestTransfer: () => getGuestTransfer,
-  getTransferByGuestToken: () => getTransferByGuestToken,
-  registerPasskey: () => registerPasskey,
-  reportActionCompletion: () => reportActionCompletion,
-  reportPasskeyActivity: () => reportPasskeyActivity,
-  setAccountOwner: () => setAccountOwner,
-  setTransferSender: () => setTransferSender,
-  signGuestTransfer: () => signGuestTransfer,
-  signTransfer: () => signTransfer,
-  updateUserConfig: () => updateUserConfig,
-  updateUserConfigBySession: () => updateUserConfigBySession
-});
-async function throwApiError(res) {
-  const body = await res.json().catch(() => null);
-  const detail = body?.error ?? body;
-  const msg = detail?.message ?? res.statusText;
-  const code = detail?.code ?? String(res.status);
+async function createPasskeyCredential(params) {
+  const challenge = new Uint8Array(32);
+  crypto.getRandomValues(challenge);
+  const rpId = resolvePasskeyRpId();
+  const publicKeyOptions = {
+    challenge,
+    rp: { name: "Blink", id: rpId },
+    user: {
+      id: new TextEncoder().encode(params.userId),
+      name: params.displayName,
+      displayName: params.displayName
+    },
+    pubKeyCredParams: [
+      { alg: -7, type: "public-key" },
+      { alg: -257, type: "public-key" }
+    ],
+    authenticatorSelection: {
+      authenticatorAttachment: "platform",
+      residentKey: "preferred",
+      userVerification: "required"
+    },
+    timeout: 6e4
+  };
+  if (isInCrossOriginIframe()) {
+    try {
+      await waitForDocumentFocus();
+      const credential2 = await navigator.credentials.create({
+        publicKey: publicKeyOptions
+      });
+      if (!credential2) {
+        throw new Error("Passkey creation was cancelled.");
+      }
+      return extractPasskeyResult(credential2);
+    } catch (err) {
+      if (err instanceof PasskeyIframeBlockedError) throw err;
+      if (err instanceof Error && err.message === "Passkey creation was cancelled.") throw err;
+      throw new PasskeyIframeBlockedError();
+    }
+  }
+  await waitForDocumentFocus();
+  const credential = await navigator.credentials.create({
+    publicKey: publicKeyOptions
+  });
+  if (!credential) {
+    throw new Error("Passkey creation was cancelled.");
+  }
+  return extractPasskeyResult(credential);
+}
+function extractPasskeyResult(credential) {
+  const response = credential.response;
+  const publicKeyBytes = response.getPublicKey?.();
+  return {
+    credentialId: toBase64(credential.rawId),
+    publicKey: publicKeyBytes ? toBase64(publicKeyBytes) : ""
+  };
+}
+function buildPasskeyPopupOptions(params) {
+  const challenge = new Uint8Array(32);
+  crypto.getRandomValues(challenge);
+  const rpId = resolvePasskeyRpId();
+  return {
+    challenge: toBase64(challenge),
+    rpId,
+    rpName: "Blink",
+    userId: toBase64(new TextEncoder().encode(params.userId)),
+    userName: params.displayName,
+    userDisplayName: params.displayName,
+    pubKeyCredParams: [
+      { alg: -7, type: "public-key" },
+      { alg: -257, type: "public-key" }
+    ],
+    authenticatorSelection: {
+      authenticatorAttachment: "platform",
+      residentKey: "preferred",
+      userVerification: "required"
+    },
+    timeout: 6e4,
+    authToken: params.authToken,
+    apiBaseUrl: params.apiBaseUrl
+  };
+}
+async function deviceHasPasskey(credentialId) {
+  const found = await findDevicePasskey([credentialId]);
+  return found != null;
+}
+async function findDevicePasskey(credentialIds) {
+  if (credentialIds.length === 0) return null;
+  try {
+    const challenge = new Uint8Array(32);
+    crypto.getRandomValues(challenge);
+    await waitForDocumentFocus();
+    const assertion = await navigator.credentials.get({
+      publicKey: {
+        challenge,
+        rpId: resolvePasskeyRpId(),
+        allowCredentials: credentialIds.map((id) => ({
+          type: "public-key",
+          id: base64ToBytes(id)
+        })),
+        userVerification: "discouraged",
+        timeout: 3e4
+      }
+    });
+    if (!assertion) return null;
+    return toBase64(assertion.rawId);
+  } catch {
+    return null;
+  }
+}
+// src/api.ts
+var api_exports = {};
+__export(api_exports, {
+  createAccount: () => createAccount,
+  createAccountAuthorizationSession: () => createAccountAuthorizationSession,
+  createGuestAccount: () => createGuestAccount,
+  createGuestTransfer: () => createGuestTransfer,
+  createTransfer: () => createTransfer,
+  fetchAccount: () => fetchAccount,
+  fetchAccounts: () => fetchAccounts,
+  fetchAuthorizationSession: () => fetchAuthorizationSession,
+  fetchAuthorizationSessionByToken: () => fetchAuthorizationSessionByToken,
+  fetchChains: () => fetchChains,
+  fetchGuestAccount: () => fetchGuestAccount,
+  fetchGuestTransferBalances: () => fetchGuestTransferBalances,
+  fetchMerchantPublicKey: () => fetchMerchantPublicKey,
+  fetchProviders: () => fetchProviders,
+  fetchTransfer: () => fetchTransfer,
+  fetchUserConfig: () => fetchUserConfig,
+  getGuestTransfer: () => getGuestTransfer,
+  getTransferByGuestToken: () => getTransferByGuestToken,
+  registerPasskey: () => registerPasskey,
+  reportActionCompletion: () => reportActionCompletion,
+  reportPasskeyActivity: () => reportPasskeyActivity,
+  setAccountOwner: () => setAccountOwner,
+  setTransferSender: () => setTransferSender,
+  signGuestTransfer: () => signGuestTransfer,
+  signTransfer: () => signTransfer,
+  updateUserConfig: () => updateUserConfig,
+  updateUserConfigBySession: () => updateUserConfigBySession
+});
+async function throwApiError(res) {
+  const body = await res.json().catch(() => null);
+  const detail = body?.error ?? body;
+  const msg = detail?.message ?? res.statusText;
+  const code = detail?.code ?? String(res.status);
   throw new Error(`${res.status} \u2014 ${code}: ${msg}`);
 }
 async function fetchProviders(apiBaseUrl, token) {
@@ -646,6 +665,13 @@ async function fetchAuthorizationSession(apiBaseUrl, sessionId) {
   if (!res.ok) await throwApiError(res);
   return await res.json();
 }
+async function fetchAuthorizationSessionByToken(apiBaseUrl, token) {
+  const res = await fetch(
+    `${apiBaseUrl}/v1/authorization-sessions?token=${encodeURIComponent(token)}`
+  );
+  if (!res.ok) await throwApiError(res);
+  return await res.json();
+}
 async function registerPasskey(apiBaseUrl, token, credentialId, publicKey) {
   const res = await fetch(`${apiBaseUrl}/v1/users/config/passkey`, {
     method: "POST",
@@ -814,24 +840,373 @@ async function reportActionCompletion(apiBaseUrl, actionId, result) {
   if (!res.ok) await throwApiError(res);
   return await res.json();
 }
-// src/passkeyRpId.ts
-function normalizeConfiguredDomain(value) {
-  return value.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/^\./, "").trim();
+// src/transferPolling.ts
+async function pollTransferTick(params) {
+  const fetchTransfer2 = params.fetchTransfer ?? fetchTransfer;
+  const token = await params.getAccessToken();
+  if (!token) {
+    return { kind: "retry" };
+  }
+  try {
+    const transfer = await fetchTransfer2(params.apiBaseUrl, token, params.transferId);
+    return { kind: "success", transfer };
+  } catch (err) {
+    return {
+      kind: "error",
+      message: err instanceof Error ? err.message : "Polling error"
+    };
+  }
+}
+// src/hooks/useTransferPolling.ts
+function useTransferPolling(intervalMs = 3e3) {
+  const { apiBaseUrl } = useBlinkConfig();
+  const { getAccessToken } = reactAuth.usePrivy();
+  const [transfer, setTransfer] = react.useState(null);
+  const [error, setError] = react.useState(null);
+  const [isPolling, setIsPolling] = react.useState(false);
+  const intervalRef = react.useRef(null);
+  const transferIdRef = react.useRef(null);
+  const stopPolling = react.useCallback(() => {
+    if (intervalRef.current) {
+      clearInterval(intervalRef.current);
+      intervalRef.current = null;
+    }
+    setIsPolling(false);
+  }, []);
+  const poll = react.useCallback(async () => {
+    if (!transferIdRef.current) return;
+    const result = await pollTransferTick({
+      apiBaseUrl,
+      transferId: transferIdRef.current,
+      getAccessToken
+    });
+    if (result.kind === "retry") {
+      return;
+    }
+    if (result.kind === "error") {
+      setError(result.message);
+      stopPolling();
+      return;
+    }
+    setError(null);
+    setTransfer(result.transfer);
+    if (result.transfer.status === "COMPLETED" || result.transfer.status === "FAILED") {
+      stopPolling();
+    }
+  }, [apiBaseUrl, getAccessToken, stopPolling]);
+  const startPolling = react.useCallback(
+    (transferId) => {
+      stopPolling();
+      transferIdRef.current = transferId;
+      setIsPolling(true);
+      setError(null);
+      poll();
+      intervalRef.current = setInterval(poll, intervalMs);
+    },
+    [poll, intervalMs, stopPolling]
+  );
+  react.useEffect(() => () => stopPolling(), [stopPolling]);
+  return { transfer, error, isPolling, startPolling, stopPolling };
+}
+// node_modules/@wagmi/core/dist/esm/utils/getAction.js
+function getAction(client, actionFn, name) {
+  const action_implicit = client[actionFn.name];
+  if (typeof action_implicit === "function")
+    return action_implicit;
+  const action_explicit = client[name];
+  if (typeof action_explicit === "function")
+    return action_explicit;
+  return (params) => actionFn(client, params);
+}
+// node_modules/@wagmi/core/dist/esm/version.js
+var version = "2.22.1";
+// node_modules/@wagmi/core/dist/esm/utils/getVersion.js
+var getVersion = () => `@wagmi/core@${version}`;
+// node_modules/@wagmi/core/dist/esm/errors/base.js
+var __classPrivateFieldGet = function(receiver, state, kind, f) {
+  if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+  return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _BaseError_instances;
+var _BaseError_walk;
+var BaseError = class _BaseError extends Error {
+  get docsBaseUrl() {
+    return "https://wagmi.sh/core";
+  }
+  get version() {
+    return getVersion();
+  }
+  constructor(shortMessage, options = {}) {
+    super();
+    _BaseError_instances.add(this);
+    Object.defineProperty(this, "details", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    Object.defineProperty(this, "docsPath", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    Object.defineProperty(this, "metaMessages", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    Object.defineProperty(this, "shortMessage", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: void 0
+    });
+    Object.defineProperty(this, "name", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: "WagmiCoreError"
+    });
+    const details = options.cause instanceof _BaseError ? options.cause.details : options.cause?.message ? options.cause.message : options.details;
+    const docsPath = options.cause instanceof _BaseError ? options.cause.docsPath || options.docsPath : options.docsPath;
+    this.message = [
+      shortMessage || "An error occurred.",
+      "",
+      ...options.metaMessages ? [...options.metaMessages, ""] : [],
+      ...docsPath ? [
+        `Docs: ${this.docsBaseUrl}${docsPath}.html${options.docsSlug ? `#${options.docsSlug}` : ""}`
+      ] : [],
+      ...details ? [`Details: ${details}`] : [],
+      `Version: ${this.version}`
+    ].join("\n");
+    if (options.cause)
+      this.cause = options.cause;
+    this.details = details;
+    this.docsPath = docsPath;
+    this.metaMessages = options.metaMessages;
+    this.shortMessage = shortMessage;
+  }
+  walk(fn) {
+    return __classPrivateFieldGet(this, _BaseError_instances, "m", _BaseError_walk).call(this, this, fn);
+  }
+};
+_BaseError_instances = /* @__PURE__ */ new WeakSet(), _BaseError_walk = function _BaseError_walk2(err, fn) {
+  if (fn?.(err))
+    return err;
+  if (err.cause)
+    return __classPrivateFieldGet(this, _BaseError_instances, "m", _BaseError_walk2).call(this, err.cause, fn);
+  return err;
+};
+// node_modules/@wagmi/core/dist/esm/errors/config.js
+var ConnectorNotConnectedError = class extends BaseError {
+  constructor() {
+    super("Connector not connected.");
+    Object.defineProperty(this, "name", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: "ConnectorNotConnectedError"
+    });
+  }
+};
+var ConnectorAccountNotFoundError = class extends BaseError {
+  constructor({ address, connector }) {
+    super(`Account "${address}" not found for connector "${connector.name}".`);
+    Object.defineProperty(this, "name", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: "ConnectorAccountNotFoundError"
+    });
+  }
+};
+var ConnectorChainMismatchError = class extends BaseError {
+  constructor({ connectionChainId, connectorChainId }) {
+    super(`The current chain of the connector (id: ${connectorChainId}) does not match the connection's chain (id: ${connectionChainId}).`, {
+      metaMessages: [
+        `Current Chain ID:  ${connectorChainId}`,
+        `Expected Chain ID: ${connectionChainId}`
+      ]
+    });
+    Object.defineProperty(this, "name", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: "ConnectorChainMismatchError"
+    });
+  }
+};
+var ConnectorUnavailableReconnectingError = class extends BaseError {
+  constructor({ connector }) {
+    super(`Connector "${connector.name}" unavailable while reconnecting.`, {
+      details: [
+        "During the reconnection step, the only connector methods guaranteed to be available are: `id`, `name`, `type`, `uid`.",
+        "All other methods are not guaranteed to be available until reconnection completes and connectors are fully restored.",
+        "This error commonly occurs for connectors that asynchronously inject after reconnection has already started."
+      ].join(" ")
+    });
+    Object.defineProperty(this, "name", {
+      enumerable: true,
+      configurable: true,
+      writable: true,
+      value: "ConnectorUnavailableReconnectingError"
+    });
+  }
+};
+async function getConnectorClient(config, parameters = {}) {
+  const { assertChainId = true } = parameters;
+  let connection;
+  if (parameters.connector) {
+    const { connector: connector2 } = parameters;
+    if (config.state.status === "reconnecting" && !connector2.getAccounts && !connector2.getChainId)
+      throw new ConnectorUnavailableReconnectingError({ connector: connector2 });
+    const [accounts, chainId2] = await Promise.all([
+      connector2.getAccounts().catch((e) => {
+        if (parameters.account === null)
+          return [];
+        throw e;
+      }),
+      connector2.getChainId()
+    ]);
+    connection = {
+      accounts,
+      chainId: chainId2,
+      connector: connector2
+    };
+  } else
+    connection = config.state.connections.get(config.state.current);
+  if (!connection)
+    throw new ConnectorNotConnectedError();
+  const chainId = parameters.chainId ?? connection.chainId;
+  const connectorChainId = await connection.connector.getChainId();
+  if (assertChainId && connectorChainId !== chainId)
+    throw new ConnectorChainMismatchError({
+      connectionChainId: chainId,
+      connectorChainId
+    });
+  const connector = connection.connector;
+  if (connector.getClient)
+    return connector.getClient({ chainId });
+  const account = utils.parseAccount(parameters.account ?? connection.accounts[0]);
+  if (account)
+    account.address = utils.getAddress(account.address);
+  if (parameters.account && !connection.accounts.some((x) => x.toLowerCase() === account.address.toLowerCase()))
+    throw new ConnectorAccountNotFoundError({
+      address: account.address,
+      connector
+    });
+  const chain = config.chains.find((chain2) => chain2.id === chainId);
+  const provider = await connection.connector.getProvider({ chainId });
+  return viem.createClient({
+    account,
+    chain,
+    name: "Connector Client",
+    transport: (opts) => viem.custom(provider)({ ...opts, retryCount: 0 })
+  });
+}
+// node_modules/@wagmi/core/dist/esm/actions/getAccount.js
+function getAccount(config) {
+  const uid = config.state.current;
+  const connection = config.state.connections.get(uid);
+  const addresses = connection?.accounts;
+  const address = addresses?.[0];
+  const chain = config.chains.find((chain2) => chain2.id === connection?.chainId);
+  const status = config.state.status;
+  switch (status) {
+    case "connected":
+      return {
+        address,
+        addresses,
+        chain,
+        chainId: connection?.chainId,
+        connector: connection?.connector,
+        isConnected: true,
+        isConnecting: false,
+        isDisconnected: false,
+        isReconnecting: false,
+        status
+      };
+    case "reconnecting":
+      return {
+        address,
+        addresses,
+        chain,
+        chainId: connection?.chainId,
+        connector: connection?.connector,
+        isConnected: !!address,
+        isConnecting: false,
+        isDisconnected: false,
+        isReconnecting: true,
+        status
+      };
+    case "connecting":
+      return {
+        address,
+        addresses,
+        chain,
+        chainId: connection?.chainId,
+        connector: connection?.connector,
+        isConnected: false,
+        isConnecting: true,
+        isDisconnected: false,
+        isReconnecting: false,
+        status
+      };
+    case "disconnected":
+      return {
+        address: void 0,
+        addresses: void 0,
+        chain: void 0,
+        chainId: void 0,
+        connector: void 0,
+        isConnected: false,
+        isConnecting: false,
+        isDisconnected: true,
+        isReconnecting: false,
+        status
+      };
+  }
+}
+async function getWalletClient(config, parameters = {}) {
+  const client = await getConnectorClient(config, parameters);
+  return client.extend(viem.walletActions);
 }
-function resolveRootDomainFromHostname(hostname) {
-  const trimmedHostname = hostname.trim().toLowerCase();
-  if (!trimmedHostname) {
-    return "localhost";
-  }
-  if (trimmedHostname === "localhost" || /^\d{1,3}(?:\.\d{1,3}){3}$/.test(trimmedHostname)) {
-    return trimmedHostname;
-  }
-  const parts = trimmedHostname.split(".").filter(Boolean);
-  if (parts.length < 2) {
-    return trimmedHostname;
+async function waitForTransactionReceipt(config, parameters) {
+  const { chainId, timeout = 0, ...rest } = parameters;
+  const client = config.getClient({ chainId });
+  const action = getAction(client, actions.waitForTransactionReceipt, "waitForTransactionReceipt");
+  const receipt = await action({ ...rest, timeout });
+  if (receipt.status === "reverted") {
+    const action_getTransaction = getAction(client, actions.getTransaction, "getTransaction");
+    const { from: account, ...txn } = await action_getTransaction({
+      hash: receipt.transactionHash
+    });
+    const action_call = getAction(client, actions.call, "call");
+    const code = await action_call({
+      ...txn,
+      account,
+      data: txn.input,
+      gasPrice: txn.type !== "eip1559" ? txn.gasPrice : void 0,
+      maxFeePerGas: txn.type === "eip1559" ? txn.maxFeePerGas : void 0,
+      maxPriorityFeePerGas: txn.type === "eip1559" ? txn.maxPriorityFeePerGas : void 0
+    });
+    const reason = code?.data ? viem.hexToString(`0x${code.data.substring(138)}`) : "unknown reason";
+    throw new Error(reason);
   }
-  return parts.slice(-2).join(".");
+  return {
+    ...receipt,
+    chainId: client.chain.id
+  };
 }
 var ERC_6492_MAGIC_SUFFIX = "6492649264926492649264926492649264926492649264926492649264926492";
 function normalizeSignature(sig) {
@@ -881,232 +1256,22 @@ function normalizeSignature(sig) {
   );
 }
-// src/transferPolling.ts
-async function pollTransferTick(params) {
-  const fetchTransfer2 = params.fetchTransfer ?? fetchTransfer;
-  const token = await params.getAccessToken();
-  if (!token) {
-    return { kind: "retry" };
-  }
-  try {
-    const transfer = await fetchTransfer2(params.apiBaseUrl, token, params.transferId);
-    return { kind: "success", transfer };
-  } catch (err) {
-    return {
-      kind: "error",
-      message: err instanceof Error ? err.message : "Polling error"
-    };
-  }
-}
-// src/passkey-delegation.ts
-var PasskeyIframeBlockedError = class extends Error {
-  constructor(message = "Passkey creation is not supported in this browser context.") {
-    super(message);
-    this.name = "PasskeyIframeBlockedError";
-  }
-};
-function isInCrossOriginIframe() {
-  if (typeof window === "undefined") return false;
-  if (window.parent === window) return false;
-  try {
-    void window.parent.location.origin;
-    return false;
-  } catch {
-    return true;
-  }
-}
-function isSafari() {
-  if (typeof navigator === "undefined") return false;
-  const ua = navigator.userAgent;
-  return /Safari/i.test(ua) && !/Chrome|CriOS|Chromium|Edg|OPR|Firefox/i.test(ua);
-}
-var POPUP_RESULT_TIMEOUT_MS = 12e4;
-var POPUP_CLOSED_POLL_MS = 500;
-var POPUP_CLOSED_GRACE_MS = 1e3;
-function createPasskeyViaPopup(options) {
-  return new Promise((resolve, reject) => {
-    const verificationToken = crypto.randomUUID();
-    const payload = { ...options, verificationToken };
-    const encoded = btoa(JSON.stringify(payload));
-    const popupUrl = `${window.location.origin}/passkey-register#${encoded}`;
-    const popup = window.open(popupUrl, "blink-passkey");
-    if (!popup) {
-      reject(new Error("Pop-up blocked. Please allow pop-ups for this site and try again."));
-      return;
-    }
-    let settled = false;
-    const timer = setTimeout(() => {
-      cleanup();
-      reject(new Error("Passkey creation timed out. Please try again."));
-    }, POPUP_RESULT_TIMEOUT_MS);
-    const closedPoll = setInterval(() => {
-      if (popup.closed) {
-        clearInterval(closedPoll);
-        setTimeout(() => {
-          if (!settled) {
-            settled = true;
-            cleanup();
-            checkServerForPasskeyByToken(
-              options.authToken,
-              options.apiBaseUrl,
-              verificationToken
-            ).then((result) => {
-              if (result) {
-                resolve(result);
-              } else {
-                reject(new Error("Passkey window was closed before completing."));
-              }
-            }).catch(() => {
-              reject(new Error("Passkey window was closed before completing."));
-            });
-          }
-        }, POPUP_CLOSED_GRACE_MS);
-      }
-    }, POPUP_CLOSED_POLL_MS);
-    function cleanup() {
-      clearTimeout(timer);
-      clearInterval(closedPoll);
-    }
-  });
-}
-var VERIFY_POPUP_TIMEOUT_MS = 6e4;
-function findDevicePasskeyViaPopup(options) {
-  return new Promise((resolve, reject) => {
-    const verificationToken = crypto.randomUUID();
-    const payload = {
-      ...options,
-      verificationToken
-    };
-    const encoded = btoa(JSON.stringify(payload));
-    const popupUrl = `${window.location.origin}/passkey-verify#${encoded}`;
-    const popup = window.open(popupUrl, "blink-passkey-verify");
-    if (!popup) {
-      reject(new Error("Pop-up blocked. Please allow pop-ups for this site and try again."));
-      return;
-    }
-    let settled = false;
-    const timer = setTimeout(() => {
-      cleanup();
-      resolve(null);
-    }, VERIFY_POPUP_TIMEOUT_MS);
-    const closedPoll = setInterval(() => {
-      if (popup.closed && !settled) {
-        clearInterval(closedPoll);
-        setTimeout(() => {
-          if (!settled) {
-            settled = true;
-            cleanup();
-            checkServerForPasskeyByToken(
-              options.authToken,
-              options.apiBaseUrl,
-              verificationToken
-            ).then((result) => {
-              resolve(result?.credentialId ?? null);
-            }).catch(() => {
-              resolve(null);
-            });
-          }
-        }, POPUP_CLOSED_GRACE_MS);
-      }
-    }, POPUP_CLOSED_POLL_MS);
-    function cleanup() {
-      clearTimeout(timer);
-      clearInterval(closedPoll);
-    }
-  });
-}
-async function checkServerForPasskeyByToken(authToken, apiBaseUrl, verificationToken) {
-  if (!authToken || !apiBaseUrl) return null;
-  const res = await fetch(`${apiBaseUrl}/v1/users/config`, {
-    headers: { Authorization: `Bearer ${authToken}` }
-  });
-  if (!res.ok) return null;
-  const body = await res.json();
-  const passkeys = body.config.passkeys ?? [];
-  const matched = passkeys.find((p) => p.lastVerificationToken === verificationToken);
-  return matched ? { credentialId: matched.credentialId, publicKey: matched.publicKey } : null;
-}
-// src/hooks.ts
+// src/hooks/authorizationExecutor.ts
 var WALLET_CLIENT_MAX_ATTEMPTS = 25;
 var WALLET_CLIENT_POLL_MS = 400;
 var ACTION_POLL_INTERVAL_MS = 500;
 var ACTION_POLL_MAX_RETRIES = 20;
 var SIGN_PERMIT2_POLL_MS = 1e3;
 var SIGN_PERMIT2_MAX_POLLS = 15;
-var TRANSFER_SIGN_MAX_POLLS = 60;
-function waitForDocumentFocus(timeoutMs = 5e3, intervalMs = 100) {
-  return new Promise((resolve, reject) => {
-    if (typeof document === "undefined") {
-      resolve();
-      return;
-    }
-    if (document.hasFocus()) {
-      resolve();
-      return;
-    }
-    const deadline = Date.now() + timeoutMs;
-    const timer = setInterval(() => {
-      if (document.hasFocus()) {
-        clearInterval(timer);
-        resolve();
-      } else if (Date.now() >= deadline) {
-        clearInterval(timer);
-        resolve();
-      }
-    }, intervalMs);
-  });
-}
 function actionSuccess(action, message, data) {
   return { actionId: action.id, type: action.type, status: "success", message, data };
 }
-function actionError(action, message) {
-  return { actionId: action.id, type: action.type, status: "error", message };
-}
-function isUserRejection(msg) {
-  const lower = msg.toLowerCase();
-  return lower.includes("rejected") || lower.includes("denied");
-}
-function hexToBytes(hex) {
-  const clean = hex.startsWith("0x") ? hex.slice(2) : hex;
-  const bytes = clean.match(/.{1,2}/g).map((b) => parseInt(b, 16));
-  return new Uint8Array(bytes);
-}
-function toBase64(buffer) {
-  return btoa(String.fromCharCode(...new Uint8Array(buffer)));
-}
-function base64ToBytes(value) {
-  const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
-  const padded = normalized + "=".repeat((4 - normalized.length % 4) % 4);
-  const raw = atob(padded);
-  const bytes = new Uint8Array(raw.length);
-  for (let i = 0; i < raw.length; i++) {
-    bytes[i] = raw.charCodeAt(i);
-  }
-  return bytes;
-}
-function readEnvValue(name) {
-  const meta = ({ url: (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)) });
-  const metaValue = meta.env?.[name];
-  if (typeof metaValue === "string" && metaValue.trim().length > 0) {
-    return metaValue.trim();
-  }
-  const processValue = globalThis.process?.env?.[name];
-  if (typeof processValue === "string" && processValue.trim().length > 0) {
-    return processValue.trim();
-  }
-  return void 0;
+function actionError(action, message) {
+  return { actionId: action.id, type: action.type, status: "error", message };
 }
-function resolvePasskeyRpId() {
-  const configuredDomain = readEnvValue("VITE_DOMAIN") ?? readEnvValue("BLINK_DOMAIN");
-  if (configuredDomain) {
-    return normalizeConfiguredDomain(configuredDomain);
-  }
-  if (typeof window !== "undefined") {
-    return resolveRootDomainFromHostname(window.location.hostname);
-  }
-  return "localhost";
+function isUserRejection(msg) {
+  const lower = msg.toLowerCase();
+  return lower.includes("rejected") || lower.includes("denied");
 }
 async function waitForWalletClient(wagmiConfig2, params = {}) {
   for (let i = 0; i < WALLET_CLIENT_MAX_ATTEMPTS; i++) {
@@ -1147,165 +1312,6 @@ function parseSignTypedDataPayload(typedData) {
 function getPendingActions(session, completedIds) {
   return session.actions.filter((a) => a.status === "PENDING" && !completedIds.has(a.id)).sort((a, b) => a.orderIndex - b.orderIndex);
 }
-async function createPasskeyCredential(params) {
-  const challenge = new Uint8Array(32);
-  crypto.getRandomValues(challenge);
-  const rpId = resolvePasskeyRpId();
-  const publicKeyOptions = {
-    challenge,
-    rp: { name: "Blink", id: rpId },
-    user: {
-      id: new TextEncoder().encode(params.userId),
-      name: params.displayName,
-      displayName: params.displayName
-    },
-    pubKeyCredParams: [
-      { alg: -7, type: "public-key" },
-      { alg: -257, type: "public-key" }
-    ],
-    authenticatorSelection: {
-      authenticatorAttachment: "platform",
-      residentKey: "preferred",
-      userVerification: "required"
-    },
-    timeout: 6e4
-  };
-  if (isInCrossOriginIframe()) {
-    try {
-      await waitForDocumentFocus();
-      const credential2 = await navigator.credentials.create({
-        publicKey: publicKeyOptions
-      });
-      if (!credential2) {
-        throw new Error("Passkey creation was cancelled.");
-      }
-      return extractPasskeyResult(credential2);
-    } catch (err) {
-      if (err instanceof PasskeyIframeBlockedError) throw err;
-      if (err instanceof Error && err.message === "Passkey creation was cancelled.") throw err;
-      throw new PasskeyIframeBlockedError();
-    }
-  }
-  await waitForDocumentFocus();
-  const credential = await navigator.credentials.create({
-    publicKey: publicKeyOptions
-  });
-  if (!credential) {
-    throw new Error("Passkey creation was cancelled.");
-  }
-  return extractPasskeyResult(credential);
-}
-function extractPasskeyResult(credential) {
-  const response = credential.response;
-  const publicKeyBytes = response.getPublicKey?.();
-  return {
-    credentialId: toBase64(credential.rawId),
-    publicKey: publicKeyBytes ? toBase64(publicKeyBytes) : ""
-  };
-}
-function buildPasskeyPopupOptions(params) {
-  const challenge = new Uint8Array(32);
-  crypto.getRandomValues(challenge);
-  const rpId = resolvePasskeyRpId();
-  return {
-    challenge: toBase64(challenge),
-    rpId,
-    rpName: "Blink",
-    userId: toBase64(new TextEncoder().encode(params.userId)),
-    userName: params.displayName,
-    userDisplayName: params.displayName,
-    pubKeyCredParams: [
-      { alg: -7, type: "public-key" },
-      { alg: -257, type: "public-key" }
-    ],
-    authenticatorSelection: {
-      authenticatorAttachment: "platform",
-      residentKey: "preferred",
-      userVerification: "required"
-    },
-    timeout: 6e4,
-    authToken: params.authToken,
-    apiBaseUrl: params.apiBaseUrl
-  };
-}
-async function deviceHasPasskey(credentialId) {
-  const found = await findDevicePasskey([credentialId]);
-  return found != null;
-}
-async function findDevicePasskey(credentialIds) {
-  if (credentialIds.length === 0) return null;
-  try {
-    const challenge = new Uint8Array(32);
-    crypto.getRandomValues(challenge);
-    await waitForDocumentFocus();
-    const assertion = await navigator.credentials.get({
-      publicKey: {
-        challenge,
-        rpId: resolvePasskeyRpId(),
-        allowCredentials: credentialIds.map((id) => ({
-          type: "public-key",
-          id: base64ToBytes(id)
-        })),
-        userVerification: "discouraged",
-        timeout: 3e4
-      }
-    });
-    if (!assertion) return null;
-    return toBase64(assertion.rawId);
-  } catch {
-    return null;
-  }
-}
-function useTransferPolling(intervalMs = 3e3) {
-  const { apiBaseUrl } = useBlinkConfig();
-  const { getAccessToken } = reactAuth.usePrivy();
-  const [transfer, setTransfer] = react.useState(null);
-  const [error, setError] = react.useState(null);
-  const [isPolling, setIsPolling] = react.useState(false);
-  const intervalRef = react.useRef(null);
-  const transferIdRef = react.useRef(null);
-  const stopPolling = react.useCallback(() => {
-    if (intervalRef.current) {
-      clearInterval(intervalRef.current);
-      intervalRef.current = null;
-    }
-    setIsPolling(false);
-  }, []);
-  const poll = react.useCallback(async () => {
-    if (!transferIdRef.current) return;
-    const result = await pollTransferTick({
-      apiBaseUrl,
-      transferId: transferIdRef.current,
-      getAccessToken
-    });
-    if (result.kind === "retry") {
-      return;
-    }
-    if (result.kind === "error") {
-      setError(result.message);
-      stopPolling();
-      return;
-    }
-    setError(null);
-    setTransfer(result.transfer);
-    if (result.transfer.status === "COMPLETED" || result.transfer.status === "FAILED") {
-      stopPolling();
-    }
-  }, [apiBaseUrl, getAccessToken, stopPolling]);
-  const startPolling = react.useCallback(
-    (transferId) => {
-      stopPolling();
-      transferIdRef.current = transferId;
-      setIsPolling(true);
-      setError(null);
-      poll();
-      intervalRef.current = setInterval(poll, intervalMs);
-    },
-    [poll, intervalMs, stopPolling]
-  );
-  react.useEffect(() => () => stopPolling(), [stopPolling]);
-  return { transfer, error, isPolling, startPolling, stopPolling };
-}
 async function executeOpenProvider(action, wagmiConfig2, connectors, connectAsync) {
   try {
     const account = getAccount(wagmiConfig2);
@@ -1702,6 +1708,47 @@ function useAuthorizationExecutor(options) {
     executeSessionById
   };
 }
+var TRANSFER_SIGN_MAX_POLLS = 60;
+function waitForDocumentFocus2(timeoutMs = 5e3, intervalMs = 100) {
+  return new Promise((resolve, reject) => {
+    if (typeof document === "undefined") {
+      resolve();
+      return;
+    }
+    if (document.hasFocus()) {
+      resolve();
+      return;
+    }
+    const deadline = Date.now() + timeoutMs;
+    const timer = setInterval(() => {
+      if (document.hasFocus()) {
+        clearInterval(timer);
+        resolve();
+      } else if (Date.now() >= deadline) {
+        clearInterval(timer);
+        resolve();
+      }
+    }, intervalMs);
+  });
+}
+function hexToBytes(hex) {
+  const clean = hex.startsWith("0x") ? hex.slice(2) : hex;
+  const bytes = clean.match(/.{1,2}/g).map((b) => parseInt(b, 16));
+  return new Uint8Array(bytes);
+}
+function toBase642(buffer) {
+  return btoa(String.fromCharCode(...new Uint8Array(buffer)));
+}
+function base64ToBytes2(value) {
+  const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = normalized + "=".repeat((4 - normalized.length % 4) % 4);
+  const raw = atob(padded);
+  const bytes = new Uint8Array(raw.length);
+  for (let i = 0; i < raw.length; i++) {
+    bytes[i] = raw.charCodeAt(i);
+  }
+  return bytes;
+}
 function useTransferSigning(pollIntervalMs = 2e3, options) {
   const blinkConfig = useOptionalBlinkConfig();
   const apiBaseUrl = options?.apiBaseUrl ?? blinkConfig?.apiBaseUrl;
@@ -1757,9 +1804,9 @@ function useTransferSigning(pollIntervalMs = 2e3, options) {
         let signedUserOp;
         const allowCredentials = payload.passkeyCredentialId ? [{
           type: "public-key",
-          id: base64ToBytes(payload.passkeyCredentialId)
+          id: base64ToBytes2(payload.passkeyCredentialId)
         }] : void 0;
-        await waitForDocumentFocus();
+        await waitForDocumentFocus2();
         const assertion = await navigator.credentials.get({
           publicKey: {
             challenge: hashBytes,
@@ -1775,10 +1822,10 @@ function useTransferSigning(pollIntervalMs = 2e3, options) {
         const response = assertion.response;
         signedUserOp = {
           ...payload.userOp,
-          credentialId: toBase64(assertion.rawId),
-          signature: toBase64(response.signature),
-          authenticatorData: toBase64(response.authenticatorData),
-          clientDataJSON: toBase64(response.clientDataJSON)
+          credentialId: toBase642(assertion.rawId),
+          signature: toBase642(response.signature),
+          authenticatorData: toBase642(response.authenticatorData),
+          clientDataJSON: toBase642(response.clientDataJSON)
         };
         return await signTransfer(
           apiBaseUrl,
@@ -1937,6 +1984,87 @@ function buildSelectSourceChoices(options) {
   })).filter((chain) => chain.tokens.length > 0).sort((a, b) => b.balance - a.balance);
 }
+// src/walletFlow.ts
+var MOBILE_USER_AGENT_PATTERN = /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i;
+function isMobileUserAgent(userAgent) {
+  if (!userAgent) {
+    return false;
+  }
+  return MOBILE_USER_AGENT_PATTERN.test(userAgent);
+}
+function shouldUseWalletConnector(options) {
+  return options.useWalletConnector ?? !isMobileUserAgent(options.userAgent);
+}
+// src/paymentResolvePhase.ts
+function hasActiveWallet(accounts) {
+  return accounts.some((a) => a.wallets.some((w) => w.status === "ACTIVE"));
+}
+function isTransferInFlight(transfer) {
+  if (!transfer) return false;
+  return ["CREATED", "SENDING", "SENT"].includes(transfer.status);
+}
+function resolvePhase(state) {
+  const p = state.phase;
+  if (p.step === "select-source" && state.transfer?.status === "COMPLETED" && state.guestPreauthorizing) {
+    return p;
+  }
+  if (state.transfer?.status === "COMPLETED" && state.guestPreauthorizing) {
+    return { step: "processing", transfer: state.transfer };
+  }
+  if (state.transfer?.status === "COMPLETED") {
+    return { step: "completed", transfer: state.transfer };
+  }
+  if (state.transfer?.status === "FAILED") {
+    return { step: "failed", transfer: state.transfer, error: state.error ?? "Transfer failed." };
+  }
+  if (state.creatingTransfer || isTransferInFlight(state.transfer)) {
+    return { step: "processing", transfer: state.transfer };
+  }
+  if (p.step === "token-picker" || p.step === "one-tap-setup" || p.step === "select-source" || p.step === "confirm-sign" || p.step === "guest-token-picker") {
+    return p;
+  }
+  if (p.step === "wallet-setup") return p;
+  if (state.mobileFlow && state.deeplinkUri) {
+    return {
+      step: "wallet-setup",
+      mobile: { deeplinkUri: state.deeplinkUri, providerId: state.selectedProviderId },
+      accountId: null
+    };
+  }
+  if (!state.activeCredentialId && !state.passkeyConfigLoaded) {
+    return { step: "initializing" };
+  }
+  if (state.verificationTarget) {
+    return { step: "otp-verify", target: state.verificationTarget };
+  }
+  if (state.loginRequested) {
+    return { step: "login" };
+  }
+  if (state.passkeyConfigLoaded && !state.activeCredentialId) {
+    if (state.knownCredentialIds.length > 0 && state.passkeyPopupNeeded) {
+      return { step: "passkey-verify" };
+    }
+    return { step: "passkey-create", popupFallback: state.passkeyPopupNeeded };
+  }
+  if (state.loadingData && state.activeCredentialId && hasActiveWallet(state.accounts)) {
+    return { step: "data-loading" };
+  }
+  if (state.isGuestFlow && state.selectedProviderId != null && !state.transfer) {
+    return { step: "guest-token-picker" };
+  }
+  if (state.activeCredentialId && !hasActiveWallet(state.accounts) && !state.mobileFlow) {
+    return { step: "wallet-picker", reason: "link" };
+  }
+  if (state.activeCredentialId && hasActiveWallet(state.accounts) && !state.loadingData) {
+    return { step: "deposit" };
+  }
+  if (state.isGuestFlow) {
+    return { step: "wallet-picker", reason: "guest-entry" };
+  }
+  return { step: "wallet-picker", reason: "entry" };
+}
 // src/paymentReducer.ts
 function deriveSourceTypeAndId(state) {
   if (state.selectedWalletId) {
@@ -1949,6 +2077,7 @@ function deriveSourceTypeAndId(state) {
 }
 function createInitialState(config) {
   return {
+    phase: { step: "initializing" },
     error: null,
     providers: [],
     accounts: [],
@@ -1969,6 +2098,7 @@ function createInitialState(config) {
     knownCredentialIds: [],
     verificationTarget: null,
     oneTapLimit: 100,
+    oneTapLimitSavedDuringSetup: false,
     mobileFlow: false,
     deeplinkUri: null,
     increasingLimit: false,
@@ -1976,12 +2106,17 @@ function createInitialState(config) {
     guestTransferId: null,
     guestSessionToken: null,
     guestPreauthAccountId: null,
+    guestPreauthSessionId: null,
     activePublicKey: null,
-    userIntent: null,
-    loginRequested: false
+    loginRequested: false,
+    guestPreauthorizing: false
   };
 }
 function paymentReducer(state, action) {
+  const next = applyAction(state, action);
+  return { ...next, phase: resolvePhase(next) };
+}
+function applyAction(state, action) {
   switch (action.type) {
     // ── Auth ──────────────────────────────────────────────────────
     case "CODE_SENT":
@@ -2059,23 +2194,20 @@ function paymentReducer(state, action) {
         selectedProviderId: action.providerId,
         selectedAccountId: null,
         selectedWalletId: null,
-        selectedTokenSymbol: null,
-        userIntent: null
+        selectedTokenSymbol: null
       };
     case "SELECT_ACCOUNT":
       return {
         ...state,
         selectedAccountId: action.accountId,
         selectedWalletId: action.walletId,
-        selectedTokenSymbol: null,
-        userIntent: null
+        selectedTokenSymbol: null
       };
     case "SELECT_TOKEN":
       return {
         ...state,
         selectedWalletId: action.walletId,
-        selectedTokenSymbol: action.tokenSymbol,
-        userIntent: null
+        selectedTokenSymbol: action.tokenSymbol
       };
     // ── Transfer lifecycle ───────────────────────────────────────
     case "PAY_STARTED":
@@ -2084,8 +2216,7 @@ function paymentReducer(state, action) {
         error: null,
         creatingTransfer: true,
         deeplinkUri: null,
-        mobileFlow: false,
-        userIntent: null
+        mobileFlow: false
       };
     case "PAY_ENDED":
       return { ...state, creatingTransfer: false };
@@ -2149,7 +2280,8 @@ function paymentReducer(state, action) {
         transfer: action.transfer,
         error: null,
         mobileFlow: false,
-        deeplinkUri: null
+        deeplinkUri: null,
+        phase: { step: "confirm-sign", transfer: action.transfer }
       };
     case "CLEAR_MOBILE_STATE":
       return { ...state, mobileFlow: false, deeplinkUri: null };
@@ -2219,29 +2351,37 @@ function paymentReducer(state, action) {
     case "GUEST_PREAUTH_DETECTED":
       return {
         ...state,
-        guestPreauthAccountId: action.accountId
+        guestPreauthAccountId: action.accountId,
+        guestPreauthSessionId: action.sessionId ?? state.guestPreauthSessionId
       };
+    case "GUEST_PREAUTH_BEGIN":
+      return { ...state, guestPreauthorizing: true, error: null };
+    case "GUEST_PREAUTH_END":
+      return { ...state, guestPreauthorizing: false };
     case "ACCOUNT_OWNER_SET":
       return {
         ...state,
         guestPreauthAccountId: null,
+        guestPreauthSessionId: null,
         activePublicKey: null,
         error: null,
-        userIntent: "configure-one-tap"
+        guestPreauthorizing: false,
+        phase: { step: "one-tap-setup", action: null }
       };
     // ── User intent & error ──────────────────────────────────────
     case "SET_USER_INTENT":
-      return { ...state, userIntent: action.intent };
+      return { ...state, phase: action.intent };
     case "REQUEST_LOGIN":
       return {
         ...state,
         loginRequested: true,
         transfer: null,
-        isGuestFlow: false,
         creatingTransfer: false
       };
     case "SET_ERROR":
       return { ...state, error: action.error };
+    case "SET_ONE_TAP_LIMIT_SAVED_DURING_SETUP":
+      return { ...state, oneTapLimitSavedDuringSetup: action.saved };
     // ── Lifecycle ────────────────────────────────────────────────
     case "NEW_PAYMENT":
       return {
@@ -2258,9 +2398,11 @@ function paymentReducer(state, action) {
         guestTransferId: null,
         guestSessionToken: null,
         guestPreauthAccountId: null,
+        guestPreauthSessionId: null,
         activePublicKey: null,
-        userIntent: null,
-        loginRequested: false
+        loginRequested: false,
+        oneTapLimitSavedDuringSetup: false,
+        guestPreauthorizing: false
       };
     case "LOGOUT":
       return {
@@ -2317,97 +2459,43 @@ function maskAuthIdentifier(identifier) {
   return `***-***-${visibleSuffix}`;
 }
-// src/walletFlow.ts
-var MOBILE_USER_AGENT_PATTERN = /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i;
-function isMobileUserAgent(userAgent) {
-  if (!userAgent) {
-    return false;
-  }
-  return MOBILE_USER_AGENT_PATTERN.test(userAgent);
-}
-function shouldUseWalletConnector(options) {
-  return options.useWalletConnector ?? !isMobileUserAgent(options.userAgent);
-}
 // src/resolveScreen.ts
-function hasActiveWallet(accounts) {
-  return accounts.some((a) => a.wallets.some((w) => w.status === "ACTIVE"));
-}
-function isTransferTerminal(transfer) {
-  return transfer?.status === "COMPLETED" || transfer?.status === "FAILED";
-}
-function isTransferInFlight(transfer) {
-  if (!transfer) return false;
-  return ["CREATED", "SENDING", "SENT"].includes(transfer.status);
-}
-function isSetupTransfer(transfer) {
-  if (!transfer) return false;
-  return transfer.sources?.some(
-    (s) => s.wallets && Array.isArray(s.wallets) && s.wallets.length === 0
-  ) ?? false;
-}
-function resolveScreen(state) {
-  if (!state.privyReady) {
-    return "loading";
-  }
-  if (state.authenticated && !state.activeCredentialId && !state.passkeyConfigLoaded) {
-    return "loading";
-  }
-  if (!state.authenticated && !state.verificationTarget && !state.isGuestFlow && (state.isReturningUser || state.guestPreauthRedirect || state.loginRequested)) {
-    return "login";
-  }
-  if (!state.authenticated && state.verificationTarget != null) {
-    return "otp-verify";
-  }
-  if (state.authenticated && !state.activeCredentialId && state.passkeyConfigLoaded && (state.knownCredentialIds.length === 0 || !state.passkeyPopupNeeded)) {
-    return "create-passkey";
-  }
-  if (state.authenticated && !state.activeCredentialId && state.passkeyConfigLoaded && state.knownCredentialIds.length > 0 && state.passkeyPopupNeeded) {
-    return "verify-passkey";
-  }
-  if (isTransferTerminal(state.transfer)) {
-    return "success";
-  }
-  if (state.creatingTransfer || state.transfer != null && isTransferInFlight(state.transfer)) {
-    return "processing";
-  }
-  if (state.transfer?.status === "AUTHORIZED" && !state.isDesktop && !isSetupTransfer(state.transfer)) {
-    return "confirm-sign";
-  }
-  if (state.pendingSelectSource != null) {
-    return state.isDesktop ? "setup" : "select-source";
-  }
-  if (state.pendingOneTapSetup != null && !state.oneTapLimitAlreadySaved) {
-    return "setup";
-  }
-  if (state.mobileFlow || state.inlineAuthorizationExecuting) {
-    return state.isDesktop ? "setup-status" : "open-wallet";
-  }
-  if (state.isGuestFlow && state.selectedProviderId != null && !state.transfer && !state.guestSettingSender) {
-    return "guest-token-picker";
-  }
-  if (state.activeCredentialId && !hasActiveWallet(state.accounts) && !state.mobileFlow || !state.authenticated && !state.isReturningUser && !state.isGuestFlow) {
-    return "wallet-picker";
-  }
-  if (state.loadingData && state.activeCredentialId != null && hasActiveWallet(state.accounts)) {
-    return "loading";
-  }
-  if (state.userIntent === "pick-token" && state.selectedAccount != null) {
-    return "token-picker";
-  }
-  if (state.userIntent === "configure-one-tap") {
-    return "setup";
-  }
-  if (state.userIntent === "switch-wallet") {
-    return "wallet-picker";
-  }
-  if (state.activeCredentialId != null && hasActiveWallet(state.accounts) && !state.loadingData) {
-    return "deposit";
-  }
-  if (state.isGuestFlow) {
-    return "wallet-picker";
+function screenForPhase(phase) {
+  switch (phase.step) {
+    case "initializing":
+    case "data-loading":
+      return "loading";
+    case "login":
+      return "login";
+    case "otp-verify":
+      return "otp-verify";
+    case "passkey-create":
+      return "create-passkey";
+    case "passkey-verify":
+      return "verify-passkey";
+    case "wallet-picker":
+      return "wallet-picker";
+    case "wallet-setup":
+      return phase.mobile ? "open-wallet" : "setup-status";
+    case "select-source":
+      if (phase.skipOneTapLimit) return "select-source";
+      return phase.isDesktop ? "setup" : "select-source";
+    case "one-tap-setup":
+      return "setup";
+    case "guest-token-picker":
+      return "guest-token-picker";
+    case "token-picker":
+      return "token-picker";
+    case "deposit":
+      return "deposit";
+    case "processing":
+      return "processing";
+    case "confirm-sign":
+      return "confirm-sign";
+    case "completed":
+    case "failed":
+      return "success";
   }
-  return "wallet-picker";
 }
 var MUTED = "#7fa4b0";
 var LOGO_SIZE = 48;
@@ -5890,85 +5978,66 @@ var DEPOSIT_SCREENS = /* @__PURE__ */ new Set([
   "processing",
   "success"
 ]);
-function getFlowPhase(screen, userIntent) {
+function getFlowPhase(screen, phase) {
   if (LINK_SCREENS.has(screen)) return "link";
   if (DEPOSIT_SCREENS.has(screen)) return "deposit";
   if (screen === "token-picker" || screen === "select-source" || screen === "guest-token-picker") {
-    return userIntent === "configure-one-tap" ? "link" : "deposit";
+    return phase.step === "one-tap-setup" ? "link" : "deposit";
   }
   return null;
 }
 function StepRenderer(props) {
-  const isDesktop = shouldUseWalletConnector({
-    userAgent: typeof navigator === "undefined" ? void 0 : navigator.userAgent
-  });
-  const isReturningUser = props.state.activeCredentialId != null || typeof window !== "undefined" && window.localStorage.getItem("blink_active_credential") != null;
-  const screenState = {
-    privyReady: props.ready,
-    authenticated: props.authenticated,
-    verificationTarget: props.state.verificationTarget,
-    activeCredentialId: props.state.activeCredentialId,
-    knownCredentialIds: props.state.knownCredentialIds,
-    passkeyConfigLoaded: props.state.passkeyConfigLoaded,
-    passkeyPopupNeeded: props.state.passkeyPopupNeeded,
-    accounts: props.state.accounts,
-    isGuestFlow: props.state.isGuestFlow,
-    selectedProviderId: props.state.selectedProviderId,
-    mobileFlow: props.state.mobileFlow,
-    inlineAuthorizationExecuting: props.inlineAuthorizationExecuting,
-    creatingTransfer: props.state.creatingTransfer,
-    transfer: props.state.transfer,
-    pendingSelectSource: props.pendingSelectSource,
-    pendingOneTapSetup: props.pendingOneTapSetup,
-    oneTapLimitAlreadySaved: props.oneTapLimitAlreadySaved,
-    loadingData: props.state.loadingData,
-    isDesktop,
-    isReturningUser,
-    guestPreauthRedirect: props.state.guestPreauthAccountId != null,
-    loginRequested: props.state.loginRequested,
-    userIntent: props.state.userIntent,
-    selectedAccount: props.selectedAccount,
-    guestSettingSender: props.guestSettingSender
-  };
-  const screen = resolveScreen(screenState);
-  const phase = getFlowPhase(screen, props.state.userIntent);
-  return /* @__PURE__ */ jsxRuntime.jsx(FlowPhaseProvider, { phase, children: /* @__PURE__ */ jsxRuntime.jsx(StepRendererContent, { ...props, screen, isDesktop }) });
+  const screen = screenForPhase(props.flow.state.phase);
+  const flowPhase = getFlowPhase(screen, props.flow.state.phase);
+  return /* @__PURE__ */ jsxRuntime.jsx(FlowPhaseProvider, { phase: flowPhase, children: /* @__PURE__ */ jsxRuntime.jsx(StepRendererContent, { ...props, screen }) });
 }
 function StepRendererContent({
-  state,
-  authenticated,
-  activeOtpStatus,
-  pollingTransfer,
-  pollingError,
-  authExecutorError,
-  transferSigningSigning,
-  transferSigningError,
-  pendingConnections,
-  depositEligibleAccounts,
-  sourceName,
-  maxSourceBalance,
-  tokenCount,
-  selectedAccount,
-  selectedSource,
-  selectSourceChoices,
-  selectSourceRecommended,
-  selectSourceAvailableBalance,
-  guestTokenEntries,
-  guestLoadingBalances,
-  guestSettingSender,
-  authInput,
-  otpCode,
-  selectSourceChainName,
-  selectSourceTokenSymbol,
-  savingOneTapLimit,
-  merchantName,
-  onBack,
-  onDismiss,
-  depositAmount,
+  flow,
+  remote,
+  derived,
+  forms,
   handlers,
-  screen,
-  isDesktop
+  screen
 }) {
+  const {
+    state,
+    authenticated,
+    activeOtpStatus,
+    isDesktop,
+    merchantName,
+    onBack,
+    onDismiss,
+    depositAmount
+  } = flow;
+  const {
+    pollingTransfer,
+    pollingError,
+    authExecutorError,
+    transferSigningSigning,
+    transferSigningError
+  } = remote;
+  const {
+    pendingConnections,
+    depositEligibleAccounts,
+    sourceName,
+    maxSourceBalance,
+    tokenCount,
+    selectedAccount,
+    selectedSource,
+    selectSourceChoices,
+    selectSourceRecommended,
+    selectSourceAvailableBalance
+  } = derived;
+  const {
+    guestTokenEntries,
+    guestLoadingBalances,
+    guestSettingSender,
+    authInput,
+    otpCode,
+    selectSourceChainName,
+    selectSourceTokenSymbol,
+    savingOneTapLimit
+  } = forms;
   const selectedWallet = selectedAccount?.wallets.find((w) => w.id === state.selectedWalletId);
   const selectedSourceLabel = selectedSource && selectedWallet ? `${selectedSource.token.symbol} on ${selectedWallet.chain.name}` : void 0;
   switch (screen) {
@@ -6041,7 +6110,7 @@ function StepRendererContent({
           onPrepareProvider: handlers.onPrepareProvider,
           onSelectProvider: handlers.onSelectProvider,
           onContinueConnection: handlers.onContinueConnection,
-          onBack: isEntryPoint ? onBack : () => handlers.onSetUserIntent(null),
+          onBack: isEntryPoint ? onBack : () => handlers.onSetPhase({ step: "deposit" }),
           onLogout: authenticated ? handlers.onLogout : void 0,
           onLogin: handlers.onLogin,
           showLoginOption: isEntryPoint
@@ -6072,7 +6141,7 @@ function StepRendererContent({
           limit: state.oneTapLimit,
           tokensApproved: 0,
           merchantName,
-          onContinue: () => handlers.onSetUserIntent("configure-one-tap"),
+          onContinue: () => handlers.onSetPhase({ step: "one-tap-setup", action: null }),
           onLogout: handlers.onLogout,
           error: state.error || authExecutorError
         }
@@ -6091,7 +6160,7 @@ function StepRendererContent({
           tokenCount: effectiveTokenCount,
           sourceName,
           onSetupOneTap: handlers.onSetupOneTap,
-          onBack: () => handlers.onSetUserIntent(null),
+          onBack: () => handlers.onSetPhase({ step: "deposit" }),
           onLogout: handlers.onLogout,
           onAdvanced: handlers.onSelectToken,
           selectedSourceLabel: effectiveSourceLabel,
@@ -6127,7 +6196,7 @@ function StepRendererContent({
           processing: state.creatingTransfer,
           error: state.error,
           onDeposit: handlers.onPay,
-          onSwitchWallet: () => handlers.onSetUserIntent("switch-wallet"),
+          onSwitchWallet: () => handlers.onSetPhase({ step: "wallet-picker", reason: "switch" }),
           onBack: onBack ?? (() => handlers.onLogout()),
           onLogout: handlers.onLogout,
           onIncreaseLimit: handlers.onIncreaseLimit,
@@ -6136,7 +6205,7 @@ function StepRendererContent({
           selectedAccountId: state.selectedAccountId,
           onSelectAccount: handlers.onSelectAccount,
           onAuthorizeAccount: handlers.onContinueConnection,
-          onAddProvider: () => handlers.onSetUserIntent("switch-wallet"),
+          onAddProvider: () => handlers.onSetPhase({ step: "wallet-picker", reason: "switch" }),
           onSelectToken: handlers.onSelectToken,
           selectedSourceLabel,
           selectedTokenSymbol: selectedSource?.token.symbol
@@ -6154,7 +6223,7 @@ function StepRendererContent({
           chains: state.chains,
           onSelectAuthorized: handlers.onSelectAuthorizedToken,
           onAuthorizeToken: handlers.onAuthorizeToken,
-          onBack: () => handlers.onSetUserIntent(null),
+          onBack: () => handlers.onSetPhase({ step: "deposit" }),
           onLogout: handlers.onLogout,
           depositAmount: depositAmount ?? void 0,
           selectedTokenSymbol: selectedSource?.token.symbol,
@@ -6172,7 +6241,7 @@ function StepRendererContent({
           depositAmount: depositAmount ?? void 0,
           error: state.error,
           onSelect: handlers.onSelectGuestToken,
-          onBack: () => handlers.onSetUserIntent(null)
+          onBack: () => handlers.onSetPhase({ step: "wallet-picker", reason: "guest-entry" })
         }
       );
     case "processing": {
@@ -6311,56 +6380,41 @@ var buttonStyle3 = {
   fontFamily: "inherit",
   cursor: "pointer"
 };
-function useDerivedState(state) {
+function selectedSourceForWallet(selectedWallet, selectedTokenSymbol) {
+  if (!selectedWallet) return null;
+  if (selectedTokenSymbol) {
+    return selectedWallet.sources.find((s) => s.token.symbol === selectedTokenSymbol) ?? null;
+  }
+  return selectedWallet.sources.find((s) => s.token.status === "AUTHORIZED") ?? selectedWallet.sources[0] ?? null;
+}
+function computeDerivedState(state) {
   const { sourceType, sourceId } = deriveSourceTypeAndId(state);
   const selectedAccount = state.accounts.find((a) => a.id === state.selectedAccountId);
   const selectedWallet = selectedAccount?.wallets.find(
     (w) => w.id === state.selectedWalletId
   );
-  const selectedSource = react.useMemo(() => {
-    if (!selectedWallet) return null;
-    if (state.selectedTokenSymbol) {
-      return selectedWallet.sources.find(
-        (s) => s.token.symbol === state.selectedTokenSymbol
-      ) ?? null;
-    }
-    return selectedWallet.sources.find((s) => s.token.status === "AUTHORIZED") ?? selectedWallet.sources[0] ?? null;
-  }, [selectedWallet, state.selectedTokenSymbol]);
+  const selectedSource = selectedSourceForWallet(selectedWallet, state.selectedTokenSymbol);
   const sourceName = selectedAccount?.name ?? selectedWallet?.chain.name ?? "Wallet";
-  const pendingConnections = react.useMemo(
-    () => state.accounts.filter(
-      (a) => a.wallets.length > 0 && !a.wallets.some((w) => w.status === "ACTIVE")
-    ),
-    [state.accounts]
+  const pendingConnections = state.accounts.filter(
+    (a) => a.wallets.length > 0 && !a.wallets.some((w) => w.status === "ACTIVE")
   );
-  const depositEligibleAccounts = react.useMemo(
-    () => getDepositEligibleAccounts(state.accounts),
-    [state.accounts]
-  );
-  const maxSourceBalance = react.useMemo(() => {
-    let max = 0;
-    for (const acct of state.accounts) {
-      for (const wallet of acct.wallets) {
-        for (const source of wallet.sources) {
-          if (source.balance.available.amount > max) {
-            max = source.balance.available.amount;
-          }
+  const depositEligibleAccounts = getDepositEligibleAccounts(state.accounts);
+  let maxSourceBalance = 0;
+  for (const acct of state.accounts) {
+    for (const wallet of acct.wallets) {
+      for (const source of wallet.sources) {
+        if (source.balance.available.amount > maxSourceBalance) {
+          maxSourceBalance = source.balance.available.amount;
         }
       }
     }
-    return max;
-  }, [state.accounts]);
-  const tokenCount = react.useMemo(() => {
-    let count = 0;
-    for (const acct of state.accounts) {
-      for (const wallet of acct.wallets) {
-        count += wallet.sources.filter(
-          (s) => s.balance.available.amount > 0
-        ).length;
-      }
+  }
+  let tokenCount = 0;
+  for (const acct of state.accounts) {
+    for (const wallet of acct.wallets) {
+      tokenCount += wallet.sources.filter((s) => s.balance.available.amount > 0).length;
     }
-    return count;
-  }, [state.accounts]);
+  }
   return {
     sourceType,
     sourceId,
@@ -6374,6 +6428,9 @@ function useDerivedState(state) {
     tokenCount
   };
 }
+function useDerivedState(state) {
+  return react.useMemo(() => computeDerivedState(state), [state]);
+}
 function useAuthHandlers(dispatch, verificationTarget) {
   const {
     sendCode: sendEmailCode,
@@ -6939,7 +6996,9 @@ function useProviderHandlers(deps) {
     reauthTokenRef,
     authenticated,
     merchantAuthorization,
-    destination
+    destination,
+    guestSessionToken,
+    selectedProviderId
   } = deps;
   const wagmiConfig2 = wagmi.useConfig();
   const { connectAsync, connectors } = wagmi.useConnect();
@@ -7252,7 +7311,7 @@ function useProviderHandlers(deps) {
     reauthTokenRef
   ]);
   const handleNavigateToTokenPicker = react.useCallback(() => {
-    dispatch({ type: "SET_USER_INTENT", intent: "pick-token" });
+    dispatch({ type: "SET_USER_INTENT", intent: { step: "token-picker" } });
   }, [dispatch]);
   const handleSelectAuthorizedToken = react.useCallback((walletId, tokenSymbol) => {
     dispatch({ type: "SELECT_TOKEN", walletId, tokenSymbol });
@@ -7335,6 +7394,76 @@ function useProviderHandlers(deps) {
     reauthSessionIdRef,
     reauthTokenRef
   ]);
+  const handlePreauthorize = react.useCallback(async () => {
+    if (!guestSessionToken || !selectedProviderId) {
+      dispatch({
+        type: "SET_ERROR",
+        error: "Missing guest session or wallet provider. Try again from the payment screen."
+      });
+      return;
+    }
+    const isMobile = !shouldUseWalletConnector({
+      useWalletConnector: useWalletConnectorProp,
+      userAgent: typeof navigator === "undefined" ? void 0 : navigator.userAgent
+    });
+    const providerName = providers.find((p) => p.id === selectedProviderId)?.name ?? "Wallet";
+    if (!isMobile) {
+      dispatch({ type: "GUEST_PREAUTH_BEGIN" });
+    }
+    try {
+      const created = await createGuestAccount(
+        apiBaseUrl,
+        guestSessionToken,
+        selectedProviderId,
+        providerName
+      );
+      const session = await fetchAuthorizationSessionByToken(
+        apiBaseUrl,
+        created.sessionToken
+      );
+      if (isMobile) {
+        handlingMobileReturnRef.current = false;
+        mobileSetupFlowRef.current = true;
+        setupAccountIdRef.current = created.accountId;
+        persistMobileFlowState({
+          accountId: created.accountId,
+          sessionId: session.id,
+          deeplinkUri: created.sessionUri,
+          providerId: selectedProviderId,
+          isSetup: true,
+          guestSessionToken
+        });
+        triggerDeeplink(created.sessionUri);
+        dispatch({ type: "MOBILE_DEEPLINK_READY", deeplinkUri: created.sessionUri });
+      }
+      dispatch({
+        type: "GUEST_PREAUTH_DETECTED",
+        accountId: created.accountId,
+        sessionId: session.id
+      });
+    } catch (err) {
+      captureException(err);
+      if (!isMobile) {
+        dispatch({ type: "GUEST_PREAUTH_END" });
+      }
+      dispatch({
+        type: "SET_ERROR",
+        error: err instanceof Error ? err.message : "Failed to start preauthorization"
+      });
+      onError?.(err instanceof Error ? err.message : "Failed to start preauthorization");
+    }
+  }, [
+    guestSessionToken,
+    selectedProviderId,
+    providers,
+    apiBaseUrl,
+    dispatch,
+    onError,
+    useWalletConnectorProp,
+    mobileSetupFlowRef,
+    handlingMobileReturnRef,
+    setupAccountIdRef
+  ]);
   return {
     handlePrepareProvider,
     handleSelectProvider,
@@ -7343,7 +7472,8 @@ function useProviderHandlers(deps) {
     handleIncreaseLimit,
     handleNavigateToTokenPicker,
     handleSelectAuthorizedToken,
-    handleAuthorizeToken
+    handleAuthorizeToken,
+    handlePreauthorize
   };
 }
@@ -7564,7 +7694,6 @@ function useOneTapSetupHandlers(deps) {
     selectSourceTokenSymbol
   } = deps;
   const [savingOneTapLimit, setSavingOneTapLimit] = react.useState(false);
-  const oneTapLimitSavedDuringSetupRef = react.useRef(false);
   const handleSetupOneTap = react.useCallback(async (limit) => {
     setSavingOneTapLimit(true);
     try {
@@ -7585,12 +7714,12 @@ function useOneTapSetupHandlers(deps) {
           chainName = recommended?.chainName ?? choices[0]?.chainName ?? "Base";
           tokenSymbol = recommended?.tokenSymbol ?? choices[0]?.tokens[0]?.tokenSymbol ?? "USDC";
         }
-        oneTapLimitSavedDuringSetupRef.current = true;
+        dispatch({ type: "SET_ONE_TAP_LIMIT_SAVED_DURING_SETUP", saved: true });
         authExecutor.resolveSelectSource({ chainName, tokenSymbol });
       } else if (authExecutor.pendingOneTapSetup) {
         authExecutor.resolveOneTapSetup();
       }
-      dispatch({ type: "SET_USER_INTENT", intent: null });
+      dispatch({ type: "SET_USER_INTENT", intent: { step: "deposit" } });
     } catch (err) {
       captureException(err);
       dispatch({
@@ -7603,124 +7732,63 @@ function useOneTapSetupHandlers(deps) {
   }, [getAccessToken, apiBaseUrl, authExecutor, dispatch, selectSourceChainName, selectSourceTokenSymbol]);
   return {
     handleSetupOneTap,
-    savingOneTapLimit,
-    oneTapLimitSavedDuringSetupRef
+    savingOneTapLimit
   };
 }
-// src/dataLoading.ts
-function resolveDataLoadAction({
-  authenticated,
-  accountsCount,
-  hasActiveCredential,
-  loading
-}) {
-  if (!authenticated || accountsCount > 0 || !hasActiveCredential) {
-    return "reset";
-  }
-  if (loading) {
-    return "wait";
-  }
-  return "load";
-}
-// src/processingStatus.ts
-var PROCESSING_TIMEOUT_MS = 18e4;
-function resolvePreferredTransfer(polledTransfer, localTransfer) {
-  return polledTransfer ?? localTransfer;
-}
-function getTransferStatus(polledTransfer, localTransfer) {
-  const transfer = resolvePreferredTransfer(polledTransfer, localTransfer);
-  return transfer?.status ?? "UNKNOWN";
-}
-function hasProcessingTimedOut(processingStartedAtMs, nowMs) {
-  if (!processingStartedAtMs) return false;
-  return nowMs - processingStartedAtMs >= PROCESSING_TIMEOUT_MS;
-}
-var STATUS_DISPLAY_LABELS = {
-  CREATED: "created",
-  AUTHORIZED: "authorized",
-  SENDING: "sending",
-  SENT: "confirming delivery",
-  COMPLETED: "completed",
-  FAILED: "failed"
-};
-function getStatusDisplayLabel(status) {
-  return STATUS_DISPLAY_LABELS[status] ?? status;
-}
-function buildProcessingTimeoutMessage(status) {
-  const label = getStatusDisplayLabel(status);
-  return `Payment is taking longer than expected (status: ${label}). Please try again.`;
-}
-// src/hooks/usePaymentEffects.ts
-function usePaymentEffects(deps) {
+function useOtpEffects(deps) {
   const {
     state,
     dispatch,
-    ready,
     authenticated,
-    apiBaseUrl,
-    depositAmount,
-    onComplete,
-    onError,
-    polling,
-    authExecutor,
-    reloadAccounts,
     activeOtpStatus,
     activeOtpErrorMessage,
     otpCode,
-    handleVerifyLoginCode,
+    handleVerifyLoginCode
+  } = deps;
+  react.useEffect(() => {
+    if (authenticated || !state.verificationTarget) return;
+    if (activeOtpErrorMessage) dispatch({ type: "SET_ERROR", error: activeOtpErrorMessage });
+  }, [activeOtpErrorMessage, authenticated, state.verificationTarget, dispatch]);
+  react.useEffect(() => {
+    if (state.verificationTarget && !authenticated && /^\d{6}$/.test(otpCode.trim()) && activeOtpStatus === "awaiting-code-input") {
+      handleVerifyLoginCode();
+    }
+  }, [otpCode, state.verificationTarget, authenticated, activeOtpStatus, handleVerifyLoginCode]);
+}
+function usePasskeyCheckEffect(deps) {
+  const {
+    dispatch,
+    ready,
+    authenticated,
+    apiBaseUrl,
+    activeCredentialId,
+    passkeyConfigLoaded,
+    checkingPasskeyRef,
     setAuthInput,
     setOtpCode,
+    polling,
     mobileSetupFlowRef,
     handlingMobileReturnRef,
     setupAccountIdRef,
     reauthSessionIdRef,
     reauthTokenRef,
-    loadingDataRef,
-    pollingTransferIdRef,
-    processingStartedAtRef,
-    checkingPasskeyRef,
-    pendingSelectSourceAction,
-    selectSourceChoices,
-    selectSourceRecommended,
-    setSelectSourceChainName,
-    setSelectSourceTokenSymbol,
-    initializedSelectSourceActionRef,
-    oneTapLimitSavedDuringSetupRef,
-    handleAuthorizedMobileReturn
+    pollingTransferIdRef
   } = deps;
   const { getAccessToken } = reactAuth.usePrivy();
-  const onCompleteRef = react.useRef(onComplete);
-  onCompleteRef.current = onComplete;
+  const onCompleteRef = react.useRef(deps.onComplete);
+  onCompleteRef.current = deps.onComplete;
   const getAccessTokenRef = react.useRef(getAccessToken);
   getAccessTokenRef.current = getAccessToken;
   const pollingRef = react.useRef(polling);
   pollingRef.current = polling;
-  const handleAuthorizedMobileReturnRef = react.useRef(handleAuthorizedMobileReturn);
-  handleAuthorizedMobileReturnRef.current = handleAuthorizedMobileReturn;
-  const lastAccountFetchRef = react.useRef(0);
-  react.useEffect(() => {
-    if (depositAmount != null) {
-      dispatch({ type: "SYNC_AMOUNT", amount: depositAmount.toString() });
-    }
-  }, [depositAmount, dispatch]);
-  react.useEffect(() => {
-    if (authenticated || !state.verificationTarget) return;
-    if (activeOtpErrorMessage) dispatch({ type: "SET_ERROR", error: activeOtpErrorMessage });
-  }, [activeOtpErrorMessage, authenticated, state.verificationTarget, dispatch]);
-  react.useEffect(() => {
-    if (state.verificationTarget && !authenticated && /^\d{6}$/.test(otpCode.trim()) && activeOtpStatus === "awaiting-code-input") {
-      handleVerifyLoginCode();
-    }
-  }, [otpCode, state.verificationTarget, authenticated, activeOtpStatus, handleVerifyLoginCode]);
+  const handleAuthorizedMobileReturnRef = react.useRef(deps.handleAuthorizedMobileReturn);
+  handleAuthorizedMobileReturnRef.current = deps.handleAuthorizedMobileReturn;
   react.useEffect(() => {
     if (!ready || !authenticated) {
       checkingPasskeyRef.current = false;
       return;
     }
-    if (state.passkeyConfigLoaded || state.activeCredentialId) return;
+    if (passkeyConfigLoaded || activeCredentialId) return;
     if (checkingPasskeyRef.current) return;
     checkingPasskeyRef.current = true;
     let cancelled = false;
@@ -7818,11 +7886,7 @@ function usePaymentEffects(deps) {
               return;
             }
             if (existingTransfer.status === "AUTHORIZED") {
-              if (persisted.isSetup) {
-                await handleAuthorizedMobileReturnRef.current(existingTransfer, true);
-              } else {
-                await handleAuthorizedMobileReturnRef.current(existingTransfer, false);
-              }
+              await handleAuthorizedMobileReturnRef.current(existingTransfer, !!persisted.isSetup);
               return;
             }
             if (persisted.isSetup) {
@@ -7873,11 +7937,9 @@ function usePaymentEffects(deps) {
           knownIds: allPasskeys.map((p) => p.credentialId),
           oneTapLimit: config.defaultAllowance ?? void 0
         });
-        if (allPasskeys.length === 0) {
-          return;
-        }
-        if (state.activeCredentialId && allPasskeys.some((p) => p.credentialId === state.activeCredentialId)) {
-          await restoreState(state.activeCredentialId, token);
+        if (allPasskeys.length === 0) return;
+        if (activeCredentialId && allPasskeys.some((p) => p.credentialId === activeCredentialId)) {
+          await restoreState(activeCredentialId, token);
           return;
         }
         if (cancelled) return;
@@ -7909,7 +7971,39 @@ function usePaymentEffects(deps) {
       cancelled = true;
       checkingPasskeyRef.current = false;
     };
-  }, [ready, authenticated, apiBaseUrl, state.activeCredentialId, state.passkeyConfigLoaded]);
+  }, [ready, authenticated, apiBaseUrl, activeCredentialId, passkeyConfigLoaded]);
+}
+// src/dataLoading.ts
+function resolveDataLoadAction({
+  authenticated,
+  accountsCount,
+  hasActiveCredential,
+  loading
+}) {
+  if (!authenticated || accountsCount > 0 || !hasActiveCredential) {
+    return "reset";
+  }
+  if (loading) {
+    return "wait";
+  }
+  return "load";
+}
+// src/hooks/useDataLoadEffect.ts
+function useDataLoadEffect(deps) {
+  const {
+    state,
+    dispatch,
+    authenticated,
+    apiBaseUrl,
+    depositAmount,
+    loadingDataRef
+  } = deps;
+  const { getAccessToken } = reactAuth.usePrivy();
+  const getAccessTokenRef = react.useRef(getAccessToken);
+  getAccessTokenRef.current = getAccessToken;
+  const lastAccountFetchRef = react.useRef(0);
   react.useEffect(() => {
     const loadAction = resolveDataLoadAction({
       authenticated,
@@ -8009,6 +8103,61 @@ function usePaymentEffects(deps) {
       cancelled = true;
     };
   }, [authenticated, state.providers.length, state.activeCredentialId, apiBaseUrl]);
+  react.useEffect(() => {
+    if (state.accounts.length > 0 && state.activeCredentialId && !state.loadingData && !state.transfer && authenticated && Date.now() - lastAccountFetchRef.current > 15e3) {
+      lastAccountFetchRef.current = Date.now();
+      deps.reloadAccounts();
+    }
+  }, [
+    state.accounts.length,
+    state.activeCredentialId,
+    state.loadingData,
+    state.transfer,
+    authenticated,
+    deps
+  ]);
+}
+// src/processingStatus.ts
+var PROCESSING_TIMEOUT_MS = 18e4;
+function resolvePreferredTransfer(polledTransfer, localTransfer) {
+  return polledTransfer ?? localTransfer;
+}
+function getTransferStatus(polledTransfer, localTransfer) {
+  const transfer = resolvePreferredTransfer(polledTransfer, localTransfer);
+  return transfer?.status ?? "UNKNOWN";
+}
+function hasProcessingTimedOut(processingStartedAtMs, nowMs) {
+  if (!processingStartedAtMs) return false;
+  return nowMs - processingStartedAtMs >= PROCESSING_TIMEOUT_MS;
+}
+var STATUS_DISPLAY_LABELS = {
+  CREATED: "created",
+  AUTHORIZED: "authorized",
+  SENDING: "sending",
+  SENT: "confirming delivery",
+  COMPLETED: "completed",
+  FAILED: "failed"
+};
+function getStatusDisplayLabel(status) {
+  return STATUS_DISPLAY_LABELS[status] ?? status;
+}
+function buildProcessingTimeoutMessage(status) {
+  const label = getStatusDisplayLabel(status);
+  return `Payment is taking longer than expected (status: ${label}). Please try again.`;
+}
+// src/hooks/useProcessingEffect.ts
+function useProcessingEffect(deps) {
+  const {
+    state,
+    dispatch,
+    polling,
+    processingStartedAtRef,
+    onComplete,
+    onError,
+    reloadAccounts
+  } = deps;
   react.useEffect(() => {
     if (!polling.transfer) return;
     if (polling.transfer.status === "COMPLETED") {
@@ -8021,19 +8170,6 @@ function usePaymentEffects(deps) {
       dispatch({ type: "TRANSFER_FAILED", transfer: polling.transfer, error: "Transfer failed." });
     }
   }, [polling.transfer, onComplete, dispatch, reloadAccounts]);
-  react.useEffect(() => {
-    if (state.accounts.length > 0 && state.activeCredentialId && !state.loadingData && !state.transfer && authenticated && Date.now() - lastAccountFetchRef.current > 15e3) {
-      lastAccountFetchRef.current = Date.now();
-      reloadAccounts();
-    }
-  }, [
-    state.accounts.length,
-    state.activeCredentialId,
-    state.loadingData,
-    state.transfer,
-    authenticated,
-    reloadAccounts
-  ]);
   react.useEffect(() => {
     const isProcessing = state.creatingTransfer || state.transfer != null && ["CREATED", "SENDING", "SENT"].includes(state.transfer.status);
     if (!isProcessing) {
@@ -8069,6 +8205,26 @@ function usePaymentEffects(deps) {
     dispatch,
     processingStartedAtRef
   ]);
+}
+function useMobilePollingEffect(deps) {
+  const {
+    state,
+    dispatch,
+    polling,
+    mobileSetupFlowRef,
+    handlingMobileReturnRef,
+    setupAccountIdRef,
+    reauthSessionIdRef,
+    reauthTokenRef,
+    pollingTransferIdRef,
+    reloadAccounts,
+    apiBaseUrl
+  } = deps;
+  const { getAccessToken } = reactAuth.usePrivy();
+  const getAccessTokenRef = react.useRef(getAccessToken);
+  getAccessTokenRef.current = getAccessToken;
+  const handleAuthorizedMobileReturnRef = react.useRef(deps.handleAuthorizedMobileReturn);
+  handleAuthorizedMobileReturnRef.current = deps.handleAuthorizedMobileReturn;
   react.useEffect(() => {
     if (!state.mobileFlow) {
       handlingMobileReturnRef.current = false;
@@ -8077,8 +8233,8 @@ function usePaymentEffects(deps) {
     if (handlingMobileReturnRef.current) return;
     const polledTransfer = polling.transfer;
     if (!polledTransfer || polledTransfer.status !== "AUTHORIZED") return;
-    void handleAuthorizedMobileReturn(polledTransfer, mobileSetupFlowRef.current);
-  }, [state.mobileFlow, polling.transfer, handleAuthorizedMobileReturn, handlingMobileReturnRef, mobileSetupFlowRef]);
+    void handleAuthorizedMobileReturnRef.current(polledTransfer, mobileSetupFlowRef.current);
+  }, [state.mobileFlow, polling.transfer, handlingMobileReturnRef, mobileSetupFlowRef]);
   react.useEffect(() => {
     if (!state.mobileFlow || !mobileSetupFlowRef.current) return;
     if (!state.activeCredentialId || !setupAccountIdRef.current) return;
@@ -8154,14 +8310,10 @@ function usePaymentEffects(deps) {
     poll();
     const intervalId = window.setInterval(poll, POLL_INTERVAL_MS);
     const handleVisibility = () => {
-      if (document.visibilityState === "visible" && !cancelled) {
-        poll();
-      }
+      if (document.visibilityState === "visible" && !cancelled) poll();
     };
     const handlePageShow = (e) => {
-      if (e.persisted && !cancelled) {
-        poll();
-      }
+      if (e.persisted && !cancelled) poll();
     };
     document.addEventListener("visibilitychange", handleVisibility);
     window.addEventListener("pageshow", handlePageShow);
@@ -8212,6 +8364,16 @@ function usePaymentEffects(deps) {
     handlingMobileReturnRef,
     pollingTransferIdRef
   ]);
+}
+function useSelectSourceEffect(deps) {
+  const {
+    pendingSelectSourceAction,
+    selectSourceChoices,
+    selectSourceRecommended,
+    setSelectSourceChainName,
+    setSelectSourceTokenSymbol,
+    initializedSelectSourceActionRef
+  } = deps;
   react.useEffect(() => {
     if (!pendingSelectSourceAction) {
       initializedSelectSourceActionRef.current = null;
@@ -8242,57 +8404,27 @@ function usePaymentEffects(deps) {
     setSelectSourceTokenSymbol,
     initializedSelectSourceActionRef
   ]);
+}
+function useOneTapAutoResolveEffect(deps) {
+  const { authExecutor, dispatch, oneTapLimitSavedDuringSetup, reloadAccounts } = deps;
   const pendingOneTapSetupAction = authExecutor.pendingOneTapSetup;
   react.useEffect(() => {
-    if (pendingOneTapSetupAction && oneTapLimitSavedDuringSetupRef.current) {
-      oneTapLimitSavedDuringSetupRef.current = false;
+    if (pendingOneTapSetupAction && oneTapLimitSavedDuringSetup) {
+      dispatch({ type: "SET_ONE_TAP_LIMIT_SAVED_DURING_SETUP", saved: false });
       authExecutor.resolveOneTapSetup();
     }
-  }, [pendingOneTapSetupAction, authExecutor, oneTapLimitSavedDuringSetupRef]);
+  }, [pendingOneTapSetupAction, authExecutor, dispatch, oneTapLimitSavedDuringSetup]);
   react.useEffect(() => {
-    if (pendingOneTapSetupAction && !oneTapLimitSavedDuringSetupRef.current) {
+    if (pendingOneTapSetupAction && !oneTapLimitSavedDuringSetup) {
       reloadAccounts();
     }
-  }, [pendingOneTapSetupAction, reloadAccounts, oneTapLimitSavedDuringSetupRef]);
-  react.useEffect(() => {
-    if (!state.guestSessionToken) return;
-    if (state.guestPreauthAccountId) return;
-    if (!state.transfer || state.transfer.status !== "COMPLETED") return;
-    let cancelled = false;
-    const ensureGuestAccount = async () => {
-      try {
-        let result = await fetchGuestAccount(apiBaseUrl, state.guestSessionToken);
-        if (cancelled) return;
-        if (!result && state.selectedProviderId) {
-          const providerName = state.providers.find((p) => p.id === state.selectedProviderId)?.name ?? "Wallet";
-          const created = await createGuestAccount(
-            apiBaseUrl,
-            state.guestSessionToken,
-            state.selectedProviderId,
-            providerName
-          );
-          if (cancelled) return;
-          result = { accountId: created.accountId, hasPasskey: false, walletAddress: null };
-        }
-        if (result && !result.hasPasskey) {
-          dispatch({ type: "GUEST_PREAUTH_DETECTED", accountId: result.accountId });
-        }
-      } catch {
-      }
-    };
-    ensureGuestAccount();
-    return () => {
-      cancelled = true;
-    };
-  }, [
-    state.transfer,
-    state.guestSessionToken,
-    state.guestPreauthAccountId,
-    state.selectedProviderId,
-    state.providers,
-    apiBaseUrl,
-    dispatch
-  ]);
+  }, [pendingOneTapSetupAction, reloadAccounts, oneTapLimitSavedDuringSetup]);
+}
+function useGuestPreauthEffect(deps) {
+  const { state, dispatch, authenticated, apiBaseUrl, reloadAccounts } = deps;
+  const { getAccessToken } = reactAuth.usePrivy();
+  const getAccessTokenRef = react.useRef(getAccessToken);
+  getAccessTokenRef.current = getAccessToken;
   const settingOwnerRef = react.useRef(false);
   react.useEffect(() => {
     if (!state.guestPreauthAccountId) return;
@@ -8301,6 +8433,8 @@ function usePaymentEffects(deps) {
     if (!authenticated) return;
     if (!state.guestSessionToken) return;
     if (settingOwnerRef.current) return;
+    const hasActive = state.accounts.some((a) => a.wallets.some((w) => w.status === "ACTIVE"));
+    if (!hasActive) return;
     settingOwnerRef.current = true;
     let cancelled = false;
     const setOwner = async () => {
@@ -8338,12 +8472,73 @@ function usePaymentEffects(deps) {
     state.activeCredentialId,
     state.activePublicKey,
     state.guestSessionToken,
+    state.accounts,
     authenticated,
     apiBaseUrl,
     dispatch,
     reloadAccounts
   ]);
 }
+function useGuestDesktopPreauthSessionEffect(deps) {
+  const { state, authExecutor, reloadAccounts, dispatch, desktopGuestPreauth } = deps;
+  const preauthExecutingRef = react.useRef(false);
+  react.useEffect(() => {
+    if (!desktopGuestPreauth) return;
+    if (!state.guestPreauthorizing) return;
+    if (!state.guestPreauthSessionId || preauthExecutingRef.current) return;
+    preauthExecutingRef.current = true;
+    const runPreauthSession = async () => {
+      try {
+        await authExecutor.executeSessionById(state.guestPreauthSessionId);
+        await reloadAccounts();
+      } catch {
+      } finally {
+        preauthExecutingRef.current = false;
+        dispatch({ type: "GUEST_PREAUTH_END" });
+      }
+    };
+    void runPreauthSession();
+  }, [
+    desktopGuestPreauth,
+    state.guestPreauthorizing,
+    state.guestPreauthSessionId,
+    authExecutor,
+    reloadAccounts,
+    dispatch
+  ]);
+}
+function useGuestPreauthPhaseSyncEffect(deps) {
+  const { state, dispatch, authExecutor, isDesktop } = deps;
+  react.useEffect(() => {
+    if (!state.guestPreauthorizing || !isDesktop) return;
+    const pending = authExecutor.pendingSelectSource;
+    if (pending) {
+      const intent = {
+        step: "select-source",
+        action: pending,
+        isDesktop,
+        skipOneTapLimit: true
+      };
+      if (state.phase.step === "select-source") {
+        const ph = state.phase;
+        if (ph.skipOneTapLimit && ph.action.id === pending.id) {
+          return;
+        }
+      }
+      dispatch({ type: "SET_USER_INTENT", intent });
+      return;
+    }
+    if (state.phase.step === "select-source" && state.phase.skipOneTapLimit === true) {
+      dispatch({ type: "SET_USER_INTENT", intent: { step: "one-tap-setup", action: null } });
+    }
+  }, [
+    state.guestPreauthorizing,
+    state.phase,
+    isDesktop,
+    authExecutor.pendingSelectSource,
+    dispatch
+  ]);
+}
 function BlinkPayment(props) {
   const resetKey = react.useRef(0);
   const handleBoundaryReset = react.useCallback(() => {
@@ -8365,6 +8560,10 @@ function BlinkPaymentInner({
   const { apiBaseUrl, depositAmount } = useBlinkConfig();
   const { ready, authenticated, logout, getAccessToken } = reactAuth.usePrivy();
   reactAuth.useLoginWithOAuth();
+  const isDesktop = shouldUseWalletConnector({
+    useWalletConnector: useWalletConnectorProp,
+    userAgent: typeof navigator === "undefined" ? void 0 : navigator.userAgent
+  });
   const [state, dispatch] = react.useReducer(
     paymentReducer,
     {
@@ -8448,7 +8647,9 @@ function BlinkPaymentInner({
     reauthTokenRef: mobileFlowRefs.reauthTokenRef,
     authenticated,
     merchantAuthorization,
-    destination
+    destination,
+    guestSessionToken: state.guestSessionToken,
+    selectedProviderId: state.selectedProviderId
   });
   const oneTapSetup = useOneTapSetupHandlers({
     dispatch,
@@ -8470,13 +8671,12 @@ function BlinkPaymentInner({
     clearMobileFlowState();
     transfer.processingStartedAtRef.current = null;
     transfer.pollingTransferIdRef.current = null;
-    oneTapSetup.oneTapLimitSavedDuringSetupRef.current = false;
     dispatch({
       type: "NEW_PAYMENT",
       depositAmount,
       firstAccountId: state.accounts.length > 0 ? state.accounts[0].id : null
     });
-  }, [depositAmount, state.accounts, transfer, oneTapSetup]);
+  }, [depositAmount, state.accounts, transfer]);
   const handleLogout = react.useCallback(async () => {
     try {
       await logout();
@@ -8488,65 +8688,112 @@ function BlinkPaymentInner({
     }
     polling.stopPolling();
     passkey.checkingPasskeyRef.current = false;
-    oneTapSetup.oneTapLimitSavedDuringSetupRef.current = false;
     auth.setAuthInput("");
     auth.setOtpCode("");
     dispatch({ type: "LOGOUT", depositAmount });
-  }, [logout, polling, depositAmount, auth, passkey, oneTapSetup]);
-  usePaymentEffects({
+  }, [logout, polling, depositAmount, auth, passkey]);
+  react.useEffect(() => {
+    if (depositAmount != null) {
+      dispatch({ type: "SYNC_AMOUNT", amount: depositAmount.toString() });
+    }
+  }, [depositAmount, dispatch]);
+  useOtpEffects({
     state,
     dispatch,
-    ready,
     authenticated,
-    apiBaseUrl,
-    depositAmount,
-    onComplete,
-    onError,
-    polling,
-    authExecutor,
-    reloadAccounts: transfer.reloadAccounts,
     activeOtpStatus: auth.activeOtpStatus,
     activeOtpErrorMessage: auth.activeOtpErrorMessage,
     otpCode: auth.otpCode,
     handleVerifyLoginCode: auth.handleVerifyLoginCode,
     setAuthInput: auth.setAuthInput,
+    setOtpCode: auth.setOtpCode
+  });
+  usePasskeyCheckEffect({
+    dispatch,
+    ready,
+    authenticated,
+    apiBaseUrl,
+    activeCredentialId: state.activeCredentialId,
+    passkeyConfigLoaded: state.passkeyConfigLoaded,
+    checkingPasskeyRef: passkey.checkingPasskeyRef,
+    setAuthInput: auth.setAuthInput,
     setOtpCode: auth.setOtpCode,
+    polling,
     mobileSetupFlowRef: mobileFlowRefs.mobileSetupFlowRef,
     handlingMobileReturnRef: mobileFlowRefs.handlingMobileReturnRef,
     setupAccountIdRef: mobileFlowRefs.setupAccountIdRef,
     reauthSessionIdRef: mobileFlowRefs.reauthSessionIdRef,
     reauthTokenRef: mobileFlowRefs.reauthTokenRef,
-    loadingDataRef: mobileFlowRefs.loadingDataRef,
     pollingTransferIdRef: transfer.pollingTransferIdRef,
+    handleAuthorizedMobileReturn: mobileFlow.handleAuthorizedMobileReturn,
+    onComplete
+  });
+  useDataLoadEffect({
+    state,
+    dispatch,
+    authenticated,
+    apiBaseUrl,
+    depositAmount,
+    loadingDataRef: mobileFlowRefs.loadingDataRef,
+    reloadAccounts: transfer.reloadAccounts
+  });
+  useProcessingEffect({
+    state,
+    dispatch,
+    polling,
     processingStartedAtRef: transfer.processingStartedAtRef,
-    checkingPasskeyRef: passkey.checkingPasskeyRef,
+    onComplete,
+    onError,
+    reloadAccounts: transfer.reloadAccounts
+  });
+  useMobilePollingEffect({
+    state,
+    dispatch,
+    polling,
+    mobileSetupFlowRef: mobileFlowRefs.mobileSetupFlowRef,
+    handlingMobileReturnRef: mobileFlowRefs.handlingMobileReturnRef,
+    setupAccountIdRef: mobileFlowRefs.setupAccountIdRef,
+    reauthSessionIdRef: mobileFlowRefs.reauthSessionIdRef,
+    reauthTokenRef: mobileFlowRefs.reauthTokenRef,
+    pollingTransferIdRef: transfer.pollingTransferIdRef,
+    reloadAccounts: transfer.reloadAccounts,
+    handleAuthorizedMobileReturn: mobileFlow.handleAuthorizedMobileReturn,
+    apiBaseUrl
+  });
+  useSelectSourceEffect({
     pendingSelectSourceAction: sourceSelection.pendingSelectSourceAction,
     selectSourceChoices: sourceSelection.selectSourceChoices,
     selectSourceRecommended: sourceSelection.selectSourceRecommended,
     setSelectSourceChainName: sourceSelection.setSelectSourceChainName,
     setSelectSourceTokenSymbol: sourceSelection.setSelectSourceTokenSymbol,
-    initializedSelectSourceActionRef: sourceSelection.initializedSelectSourceActionRef,
-    oneTapLimitSavedDuringSetupRef: oneTapSetup.oneTapLimitSavedDuringSetupRef,
-    handleAuthorizedMobileReturn: mobileFlow.handleAuthorizedMobileReturn
+    initializedSelectSourceActionRef: sourceSelection.initializedSelectSourceActionRef
   });
-  const autoSelectingRef = react.useRef(false);
-  react.useEffect(() => {
-    if (!state.isGuestFlow || !state.selectedProviderId || !state.activeCredentialId || !authenticated || autoSelectingRef.current || state.transfer != null) return;
-    const hasActive = state.accounts.some((a) => a.wallets.some((w) => w.status === "ACTIVE"));
-    if (hasActive) return;
-    autoSelectingRef.current = true;
-    provider.handleSelectProvider(state.selectedProviderId).finally(() => {
-      autoSelectingRef.current = false;
-    });
-  }, [
-    state.isGuestFlow,
-    state.selectedProviderId,
-    state.activeCredentialId,
-    state.transfer,
-    state.accounts,
+  useOneTapAutoResolveEffect({
+    authExecutor,
+    dispatch,
+    oneTapLimitSavedDuringSetup: state.oneTapLimitSavedDuringSetup,
+    reloadAccounts: transfer.reloadAccounts
+  });
+  useGuestPreauthEffect({
+    state,
+    dispatch,
     authenticated,
-    provider
-  ]);
+    apiBaseUrl,
+    reloadAccounts: transfer.reloadAccounts
+  });
+  useGuestPreauthPhaseSyncEffect({
+    state,
+    dispatch,
+    authExecutor,
+    isDesktop
+  });
+  useGuestDesktopPreauthSessionEffect({
+    state,
+    authExecutor,
+    reloadAccounts: transfer.reloadAccounts,
+    dispatch,
+    desktopGuestPreauth: isDesktop
+  });
   const handlers = react.useMemo(() => ({
     onSendLoginCode: auth.handleSendLoginCode,
     onVerifyLoginCode: auth.handleVerifyLoginCode,
@@ -8569,7 +8816,7 @@ function BlinkPaymentInner({
     onBackFromOpenWallet: () => dispatch({ type: "CLEAR_MOBILE_STATE" }),
     onLogout: handleLogout,
     onNewPayment: handleNewPayment,
-    onSetUserIntent: (intent) => dispatch({ type: "SET_USER_INTENT", intent }),
+    onSetPhase: (phase) => dispatch({ type: "SET_USER_INTENT", intent: phase }),
     onSetAuthInput: auth.setAuthInput,
     onSetOtpCode: (code) => {
       auth.setOtpCode(code);
@@ -8584,7 +8831,7 @@ function BlinkPaymentInner({
     onAuthorizeToken: provider.handleAuthorizeToken,
     onSelectGuestToken: guestTransfer.handleSelectGuestToken,
     onLogin: () => dispatch({ type: "REQUEST_LOGIN" }),
-    onPreauthorize: () => dispatch({ type: "REQUEST_LOGIN" })
+    onPreauthorize: provider.handlePreauthorize
   }), [
     auth,
     passkey,
@@ -8600,41 +8847,47 @@ function BlinkPaymentInner({
   return /* @__PURE__ */ jsxRuntime.jsx(
     StepRenderer,
     {
-      state,
-      ready,
-      authenticated,
-      activeOtpStatus: auth.activeOtpStatus,
-      pollingTransfer: polling.transfer,
-      pollingError: polling.error,
-      authExecutorError: authExecutor.error,
-      inlineAuthorizationExecuting: authExecutor.executing,
-      transferSigningSigning: transferSigning.signing,
-      transferSigningError: transferSigning.error,
-      pendingSelectSource: authExecutor.pendingSelectSource,
-      pendingOneTapSetup: authExecutor.pendingOneTapSetup,
-      oneTapLimitAlreadySaved: oneTapSetup.oneTapLimitSavedDuringSetupRef.current,
-      pendingConnections: derived.pendingConnections,
-      depositEligibleAccounts: derived.depositEligibleAccounts,
-      sourceName: derived.sourceName,
-      maxSourceBalance: derived.maxSourceBalance,
-      tokenCount: derived.tokenCount,
-      selectedAccount: derived.selectedAccount,
-      selectedSource: derived.selectedSource,
-      selectSourceChoices: sourceSelection.selectSourceChoices,
-      selectSourceRecommended: sourceSelection.selectSourceRecommended,
-      selectSourceAvailableBalance: sourceSelection.selectSourceAvailableBalance,
-      guestTokenEntries: guestTransfer.guestTokenEntries,
-      guestLoadingBalances: guestTransfer.loadingBalances,
-      guestSettingSender: guestTransfer.settingSender,
-      authInput: auth.authInput,
-      otpCode: auth.otpCode,
-      selectSourceChainName: sourceSelection.selectSourceChainName,
-      selectSourceTokenSymbol: sourceSelection.selectSourceTokenSymbol,
-      savingOneTapLimit: oneTapSetup.savingOneTapLimit,
-      merchantName,
-      onBack,
-      onDismiss,
-      depositAmount,
+      flow: {
+        state,
+        authenticated,
+        activeOtpStatus: auth.activeOtpStatus,
+        isDesktop,
+        merchantName,
+        onBack,
+        onDismiss,
+        depositAmount
+      },
+      remote: {
+        pollingTransfer: polling.transfer,
+        pollingError: polling.error,
+        authExecutorError: authExecutor.error,
+        transferSigningSigning: transferSigning.signing,
+        transferSigningError: transferSigning.error,
+        pendingSelectSource: authExecutor.pendingSelectSource,
+        pendingOneTapSetup: authExecutor.pendingOneTapSetup
+      },
+      derived: {
+        pendingConnections: derived.pendingConnections,
+        depositEligibleAccounts: derived.depositEligibleAccounts,
+        sourceName: derived.sourceName,
+        maxSourceBalance: derived.maxSourceBalance,
+        tokenCount: derived.tokenCount,
+        selectedAccount: derived.selectedAccount,
+        selectedSource: derived.selectedSource,
+        selectSourceChoices: sourceSelection.selectSourceChoices,
+        selectSourceRecommended: sourceSelection.selectSourceRecommended,
+        selectSourceAvailableBalance: sourceSelection.selectSourceAvailableBalance
+      },
+      forms: {
+        authInput: auth.authInput,
+        otpCode: auth.otpCode,
+        selectSourceChainName: sourceSelection.selectSourceChainName,
+        selectSourceTokenSymbol: sourceSelection.selectSourceTokenSymbol,
+        savingOneTapLimit: oneTapSetup.savingOneTapLimit,
+        guestTokenEntries: guestTransfer.guestTokenEntries,
+        guestLoadingBalances: guestTransfer.loadingBalances,
+        guestSettingSender: guestTransfer.settingSender
+      },
       handlers
     }
   );
@@ -8673,7 +8926,7 @@ exports.findDevicePasskeyViaPopup = findDevicePasskeyViaPopup;
 exports.getTheme = getTheme;
 exports.lightTheme = lightTheme;
 exports.resolvePasskeyRpId = resolvePasskeyRpId;
-exports.resolveScreen = resolveScreen;
+exports.screenForPhase = screenForPhase;
 exports.useAuthorizationExecutor = useAuthorizationExecutor;
 exports.useBlinkConfig = useBlinkConfig;
 exports.useBlinkDepositAmount = useBlinkDepositAmount;