npm - @tatchi-xyz/sdk - Versions diffs - 0.21.0 → 0.31.0 - Mend

@tatchi-xyz/sdk 0.21.0 → 0.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2488) hide show

package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js CHANGED Viewed

@@ -1,12 +1,11 @@
-import { init_actions, isActionArgsWasm, toActionArgsWasm } from "../../types/actions.js";
-import { computeUiIntentDigestFromTxs, orderActionForDigest } from "../txDigest.js";
+import { isActionArgsWasm, toActionArgsWasm } from "../../types/actions.js";
+import { computeUiIntentDigestFromTxs, orderActionForDigest } from "../../digests/intentDigest.js";
 import { WalletIframeDomEvents } from "../../WalletIframe/events.js";
 import { CONFIRM_UI_ELEMENT_SELECTORS, W3A_CONFIRM_PORTAL_ID, W3A_TX_CONFIRMER_ID } from "./tags.js";
 import { validateTheme } from "./confirm-ui-types.js";
 import { TxConfirmerWrapperElement } from "./IframeTxConfirmer/tx-confirmer-wrapper.js";
 //#region src/core/WebAuthnManager/LitComponents/confirm-ui.ts
-init_actions();
 try {
 	if (typeof customElements !== "undefined" && !customElements.get(W3A_TX_CONFIRMER_ID)) customElements.define(W3A_TX_CONFIRMER_ID, TxConfirmerWrapperElement);
 } catch {}

package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"confirm-ui.js","names":["v: 'modal' \| 'drawer'","normalized: TransactionInputWasm[]"],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/confirm-ui.ts"],"sourcesContent":["import { isActionArgsWasm, toActionArgsWasm, type ActionArgs, type ActionArgsWasm } from '@/core/types/actions';\nimport type { VrfWorkerManagerContext } from '../VrfWorkerManager';\nimport type { TransactionSummary } from '../VrfWorkerManager/confirmTxFlow/types';\nimport { WalletIframeDomEvents } from '../../WalletIframe/events';\nimport { TransactionInputWasm, VRFChallenge } from '../../types';\n\nimport { W3A_TX_CONFIRMER_ID, CONFIRM_UI_ELEMENT_SELECTORS, W3A_CONFIRM_PORTAL_ID } from './tags';\nimport type { ConfirmUIHandle, ConfirmUIUpdate, ConfirmationUIMode, ThemeName } from './confirm-ui-types';\nexport type { ConfirmUIHandle, ConfirmUIUpdate, ConfirmationUIMode } from './confirm-ui-types';\nimport { validateTheme } from './confirm-ui-types';\nimport { computeUiIntentDigestFromTxs, orderActionForDigest } from '../txDigest';\n// Ensure the wrapper element is registered when this module loads.\n// Note: this must be a value import (not side-effect-only) so bundlers don't\n// tree-shake it away under `sideEffects: false`.\nimport { TxConfirmerWrapperElement } from './IframeTxConfirmer/tx-confirmer-wrapper';\n\ntry {\n if (typeof customElements !== 'undefined' && !customElements.get(W3A_TX_CONFIRMER_ID)) {\n customElements.define(W3A_TX_CONFIRMER_ID, TxConfirmerWrapperElement);\n }\n} catch {}\n\n// Resolve theme preference from explicit param, user preferences, or DOM attribute\nfunction resolveTheme(ctx: VrfWorkerManagerContext, requested?: ThemeName): ThemeName {\n let resolved = validateTheme(requested);\n if (!resolved) {\n try { resolved = validateTheme((ctx as any)?.userPreferencesManager?.getUserTheme?.()); } catch {}\n }\n if (!resolved) {\n const domAttr = (document?.documentElement?.getAttribute('data-w3a-theme') \|\| '').toLowerCase();\n resolved = validateTheme(domAttr);\n }\n return resolved \|\| 'dark';\n}\n\n// Minimal host element interface for the inline confirmer wrapper.\ninterface HostTxConfirmerElement extends HTMLElement {\n variant?: 'modal' \| 'drawer';\n nearAccountId: string;\n txSigningRequests: TransactionInputWasm[];\n intentDigest?: string;\n vrfChallenge?: Partial<VRFChallenge>;\n theme?: ThemeName;\n loading?: boolean; // host elements use `loading` (iframe element uses `showLoading`)\n deferClose?: boolean; // two-phase close coordination\n errorMessage?: string;\n body?: string;\n title: string;\n requestUpdate?: () => void; // Lit element update hook (optional)\n nearExplorerUrl?: string;\n}\n\n////////////////////////////\n// === Public Functions ===\n////////////////////////////\n\nexport async function mountConfirmUI({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n uiMode,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests?: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n loading?: boolean,\n theme?: ThemeName,\n uiMode: ConfirmationUIMode,\n nearAccountIdOverride?: string,\n}): Promise<ConfirmUIHandle> {\n // 'skip' mode should never request a UI mount; callers handle this.\n const variant = uiModeToVariant(uiMode);\n const { handle } = mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n variant,\n nearAccountIdOverride,\n });\n return handle;\n}\n\nexport async function awaitConfirmUIDecision({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n theme,\n uiMode,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n theme: ThemeName,\n uiMode: ConfirmationUIMode,\n nearAccountIdOverride: string,\n}): Promise<{ confirmed: boolean; handle: ConfirmUIHandle; error?: string }> {\n const variant = uiModeToVariant(uiMode);\n const v: 'modal' \| 'drawer' = variant \|\| 'modal';\n\n return new Promise((resolve) => {\n const { el, handle } = mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n theme,\n variant: v,\n nearAccountIdOverride,\n });\n\n const finalize = (result: { confirmed: boolean; error?: string }) => {\n cleanup();\n resolve({ ...result, handle });\n };\n\n const onConfirm = async (event: Event) => {\n const detail = (event as CustomEvent<ConfirmEventDetail> \| undefined)?.detail;\n let confirmed = detail?.confirmed !== false;\n let error = typeof detail?.error === 'string' ? detail.error : undefined;\n // Defensive UI digest validation in case wrapper capture-phase did not intercept\n if (confirmed) {\n const guardErr = await checkIntentDigestGuard(summary, txSigningRequests);\n if (guardErr) {\n confirmed = false;\n if (!error) error = guardErr;\n }\n }\n\n if (!confirmed) {\n if (error) {\n handle.update({ errorMessage: error, loading: false });\n } else {\n handle.update({ loading: false, errorMessage: '' });\n }\n finalize({ confirmed: false, error });\n return;\n }\n finalize({ confirmed: true });\n };\n\n const onCancel = (event?: Event) => {\n const detail = (event as CustomEvent<ConfirmEventDetail> \| undefined)?.detail;\n const error = typeof detail?.error === 'string' ? detail.error : undefined;\n if (error) {\n handle.update({ errorMessage: error, loading: false });\n } else {\n handle.update({ loading: false });\n }\n finalize({ confirmed: false, error });\n };\n\n const cleanup = () => {\n el.removeEventListener(WalletIframeDomEvents.TX_CONFIRMER_CONFIRM, onConfirm as EventListener);\n el.removeEventListener(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, onCancel as EventListener);\n };\n\n // Listen to canonical events only\n el.addEventListener(WalletIframeDomEvents.TX_CONFIRMER_CONFIRM, onConfirm as EventListener);\n el.addEventListener(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, onCancel as EventListener);\n });\n}\n\n//////////////////////\n// Internal Functions\n//////////////////////\n\nasync function checkIntentDigestGuard(\n summary: TransactionSummary \| undefined,\n txSigningRequests?: TransactionInputWasm[],\n): Promise<string \| undefined> {\n const hasTxs = (txSigningRequests?.length \|\| 0) > 0;\n const expected = summary?.intentDigest;\n if (!hasTxs \|\| !expected) return undefined;\n try {\n // UI-side check must mirror the canonical intent digest:\n // { receiverId, actions: ActionArgsWasm[] } with actions normalized\n // via orderActionForDigest, and no nonce included.\n const normalized: TransactionInputWasm[] = (txSigningRequests \|\| []).map((tx) => ({\n receiverId: tx.receiverId,\n actions: (tx.actions \|\| [])\n .map((a) => (isActionArgsWasm(a) ? a : toActionArgsWasm(a as unknown as ActionArgs)))\n .map((a) => orderActionForDigest(a as ActionArgsWasm) as ActionArgsWasm),\n }));\n const uiDigest = await computeUiIntentDigestFromTxs(normalized);\n if (uiDigest !== expected) return 'INTENT_DIGEST_MISMATCH';\n return undefined;\n } catch {\n return 'UI_DIGEST_VALIDATION_FAILED';\n }\n}\n\nfunction createHostConfirmHandle(el: HostTxConfirmerElement): ConfirmUIHandle {\n return {\n close: (_confirmed: boolean) => { el.remove(); },\n update: (props: ConfirmUIUpdate) => applyHostElementProps(el, props),\n };\n}\n\n// Small helper to keep a host element's error attribute in sync\nfunction setErrorAttribute(el: HTMLElement, msg: string): void {\n if (msg) {\n el.setAttribute('data-error-message', msg);\n } else {\n el.removeAttribute('data-error-message');\n }\n}\n\nfunction applyHostElementProps(el: HostTxConfirmerElement, props?: ConfirmUIUpdate): void {\n if (!props) return;\n if (props.nearAccountId != null) el.nearAccountId = props.nearAccountId;\n if (props.txSigningRequests != null) el.txSigningRequests = props.txSigningRequests;\n if (props.vrfChallenge != null) el.vrfChallenge = props.vrfChallenge;\n if (props.theme != null) el.theme = props.theme;\n if (props.loading != null) el.loading = !!props.loading;\n if (props.body != null) el.body = props.body;\n if (props.title != null) el.title = props.title;\n if ('errorMessage' in (props as Record<string, unknown>)) {\n const msg = props.errorMessage ?? '';\n el.errorMessage = msg;\n setErrorAttribute(el, msg);\n }\n if ((props as any).nearExplorerUrl != null) {\n el.nearExplorerUrl = (props as any).nearExplorerUrl;\n }\n el.requestUpdate?.();\n}\n\n// ===== Inline confirmer helpers =====\nfunction cleanupExistingConfirmers(): void {\n const portal = document.getElementById(W3A_CONFIRM_PORTAL_ID);\n if (portal) {\n const existing = Array.from(portal.querySelectorAll('*')) as HTMLElement[];\n for (const el of existing) {\n el.dispatchEvent(new CustomEvent(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, { bubbles: true, composed: true }));\n }\n portal.replaceChildren();\n return;\n }\n\n const selectors = CONFIRM_UI_ELEMENT_SELECTORS as readonly string[];\n const els = selectors.flatMap((sel) => Array.from(document.querySelectorAll(sel)) as HTMLElement[]);\n for (const el of els) {\n el.dispatchEvent(new CustomEvent(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, { bubbles: true, composed: true }));\n el.remove();\n }\n}\n\nfunction ensureConfirmPortal(): HTMLElement {\n let portal = document.getElementById(W3A_CONFIRM_PORTAL_ID) as HTMLElement \| null;\n if (!portal) {\n portal = document.createElement('div');\n portal.id = W3A_CONFIRM_PORTAL_ID;\n // Keep the portal inert except for stacking; children handle their own overlay\n // Class-based only to comply with strict CSP\n portal.classList.add('w3a-portal');\n const root = document.body ?? document.documentElement;\n if (root) {\n root.appendChild(portal);\n }\n }\n return portal;\n}\n\ntype ConfirmEventDetail = {\n confirmed?: boolean;\n error?: string;\n};\n\nfunction uiModeToVariant(uiMode: ConfirmationUIMode): 'modal' \| 'drawer' {\n return uiMode === 'drawer' ? 'drawer' : 'modal';\n}\n\n// Create and mount a fresh host element into the tx-confirmer portal\nfunction mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n variant,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests?: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n loading?: boolean,\n theme?: ThemeName,\n variant?: 'modal' \| 'drawer',\n nearAccountIdOverride?: string,\n}): { el: HostTxConfirmerElement; handle: ConfirmUIHandle } {\n const v: 'modal' \| 'drawer' = variant \|\| 'modal';\n cleanupExistingConfirmers();\n const el = document.createElement(W3A_TX_CONFIRMER_ID) as HostTxConfirmerElement;\n el.variant = v;\n el.nearAccountId = nearAccountIdOverride \|\| ctx.userPreferencesManager.getCurrentUserAccountId() \|\| '';\n el.txSigningRequests = txSigningRequests \|\| [];\n if (ctx.nearExplorerUrl) {\n el.nearExplorerUrl = ctx.nearExplorerUrl;\n }\n // Only enable UI digest validation for transaction-signing flows where txs exist.\n // Registration/link and other non-tx flows should not set intentDigest to avoid\n // spurious INTENT_DIGEST_MISMATCH on confirm.\n if ((txSigningRequests?.length \|\| 0) > 0) {\n el.intentDigest = summary?.intentDigest;\n }\n if (vrfChallenge) el.vrfChallenge = vrfChallenge;\n // Resolve theme with short-circuiting helper\n el.theme = resolveTheme(ctx, theme);\n if (loading != null) el.loading = !!loading;\n el.removeAttribute('data-error-message');\n // Two-phase close: let caller control removal\n el.deferClose = true;\n // Optional per-request display overrides\n if (summary?.title != null) el.title = summary.title;\n if (summary?.body != null) el.body = summary.body;\n // Default title for delegate signing when not overridden\n if (summary?.delegate && summary?.title == null) {\n el.title = 'Sign Delegate Action';\n }\n const portal = ensureConfirmPortal();\n // Ensure hidden state (idempotent) and mount\n portal.classList.remove('w3a-portal--visible');\n portal.replaceChildren(el);\n // Reveal in the next frame via class toggle\n requestAnimationFrame(() => {\n portal.classList.add('w3a-portal--visible');\n });\n const handle = createHostConfirmHandle(el);\n return { el, handle };\n}\n\n// Types and element export for consumers that need the inline confirmer handle\nexport type { TxConfirmerWrapperElement } from './IframeTxConfirmer/tx-confirmer-wrapper';\nexport { W3A_TX_CONFIRMER_ID };\n"],"mappings":";;;;;;;;;AAgBA,IAAI;AACF,KAAI,OAAO,mBAAmB,eAAe,CAAC,eAAe,IAAI,qBAC/D,gBAAe,OAAO,qBAAqB;QAEvC;AAGR,SAAS,aAAa,KAA8B,WAAkC;CACpF,IAAI,WAAW,cAAc;AAC7B,KAAI,CAAC,SACH,KAAI;AAAE,aAAW,cAAe,KAAa,wBAAwB;SAA2B;AAElG,KAAI,CAAC,UAAU;EACb,MAAM,WAAW,UAAU,iBAAiB,aAAa,qBAAqB,IAAI;AAClF,aAAW,cAAc;;AAE3B,QAAO,YAAY;;AAwBrB,eAAsB,eAAe,EACnC,KACA,SACA,mBACA,cACA,SACA,OACA,QACA,yBAU2B;CAE3B,MAAM,UAAU,gBAAgB;CAChC,MAAM,EAAE,WAAW,iBAAiB;EAClC;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEF,QAAO;;AAGT,eAAsB,uBAAuB,EAC3C,KACA,SACA,mBACA,cACA,OACA,QACA,yBAS2E;CAC3E,MAAM,UAAU,gBAAgB;CAChC,MAAMA,IAAwB,WAAW;AAEzC,QAAO,IAAI,SAAS,YAAY;EAC9B,MAAM,EAAE,IAAI,WAAW,iBAAiB;GACtC;GACA;GACA;GACA;GACA;GACA,SAAS;GACT;;EAGF,MAAM,YAAY,WAAmD;AACnE;AACA,WAAQ;IAAE,GAAG;IAAQ;;;EAGvB,MAAM,YAAY,OAAO,UAAiB;GACxC,MAAM,SAAU,OAAuD;GACvE,IAAI,YAAY,QAAQ,cAAc;GACtC,IAAI,QAAQ,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ;AAE/D,OAAI,WAAW;IACb,MAAM,WAAW,MAAM,uBAAuB,SAAS;AACvD,QAAI,UAAU;AACZ,iBAAY;AACZ,SAAI,CAAC,MAAO,SAAQ;;;AAIxB,OAAI,CAAC,WAAW;AACd,QAAI,MACF,QAAO,OAAO;KAAE,cAAc;KAAO,SAAS;;QAE9C,QAAO,OAAO;KAAE,SAAS;KAAO,cAAc;;AAEhD,aAAS;KAAE,WAAW;KAAO;;AAC7B;;AAEF,YAAS,EAAE,WAAW;;EAGxB,MAAM,YAAY,UAAkB;GAClC,MAAM,SAAU,OAAuD;GACvE,MAAM,QAAQ,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ;AACjE,OAAI,MACF,QAAO,OAAO;IAAE,cAAc;IAAO,SAAS;;OAE9C,QAAO,OAAO,EAAE,SAAS;AAE3B,YAAS;IAAE,WAAW;IAAO;;;EAG/B,MAAM,gBAAgB;AACpB,MAAG,oBAAoB,sBAAsB,sBAAsB;AACnE,MAAG,oBAAoB,sBAAsB,qBAAqB;;AAIpE,KAAG,iBAAiB,sBAAsB,sBAAsB;AAChE,KAAG,iBAAiB,sBAAsB,qBAAqB;;;AAQnE,eAAe,uBACb,SACA,mBAC6B;CAC7B,MAAM,UAAU,mBAAmB,UAAU,KAAK;CAClD,MAAM,WAAW,SAAS;AAC1B,KAAI,CAAC,UAAU,CAAC,SAAU,QAAO;AACjC,KAAI;EAIF,MAAMC,cAAsC,qBAAqB,IAAI,KAAK,QAAQ;GAChF,YAAY,GAAG;GACf,UAAU,GAAG,WAAW,IACrB,KAAK,MAAO,iBAAiB,KAAK,IAAI,iBAAiB,IACvD,KAAK,MAAM,qBAAqB;;EAErC,MAAM,WAAW,MAAM,6BAA6B;AACpD,MAAI,aAAa,SAAU,QAAO;AAClC,SAAO;SACD;AACN,SAAO;;;AAIX,SAAS,wBAAwB,IAA6C;AAC5E,QAAO;EACL,QAAQ,eAAwB;AAAE,MAAG;;EACrC,SAAS,UAA2B,sBAAsB,IAAI;;;AAKlE,SAAS,kBAAkB,IAAiB,KAAmB;AAC7D,KAAI,IACF,IAAG,aAAa,sBAAsB;KAEtC,IAAG,gBAAgB;;AAIvB,SAAS,sBAAsB,IAA4B,OAA+B;AACxF,KAAI,CAAC,MAAO;AACZ,KAAI,MAAM,iBAAiB,KAAM,IAAG,gBAAgB,MAAM;AAC1D,KAAI,MAAM,qBAAqB,KAAM,IAAG,oBAAoB,MAAM;AAClE,KAAI,MAAM,gBAAgB,KAAM,IAAG,eAAe,MAAM;AACxD,KAAI,MAAM,SAAS,KAAM,IAAG,QAAQ,MAAM;AAC1C,KAAI,MAAM,WAAW,KAAM,IAAG,UAAU,CAAC,CAAC,MAAM;AAChD,KAAI,MAAM,QAAQ,KAAM,IAAG,OAAO,MAAM;AACxC,KAAI,MAAM,SAAS,KAAM,IAAG,QAAQ,MAAM;AAC1C,KAAI,kBAAmB,OAAmC;EACxD,MAAM,MAAM,MAAM,gBAAgB;AAClC,KAAG,eAAe;AAClB,oBAAkB,IAAI;;AAExB,KAAK,MAAc,mBAAmB,KACpC,IAAG,kBAAmB,MAAc;AAEtC,IAAG;;AAIL,SAAS,4BAAkC;CACzC,MAAM,SAAS,SAAS,eAAe;AACvC,KAAI,QAAQ;EACV,MAAM,WAAW,MAAM,KAAK,OAAO,iBAAiB;AACpD,OAAK,MAAM,MAAM,SACf,IAAG,cAAc,IAAI,YAAY,sBAAsB,qBAAqB;GAAE,SAAS;GAAM,UAAU;;AAEzG,SAAO;AACP;;CAGF,MAAM,YAAY;CAClB,MAAM,MAAM,UAAU,SAAS,QAAQ,MAAM,KAAK,SAAS,iBAAiB;AAC5E,MAAK,MAAM,MAAM,KAAK;AACpB,KAAG,cAAc,IAAI,YAAY,sBAAsB,qBAAqB;GAAE,SAAS;GAAM,UAAU;;AACvG,KAAG;;;AAIP,SAAS,sBAAmC;CAC1C,IAAI,SAAS,SAAS,eAAe;AACrC,KAAI,CAAC,QAAQ;AACX,WAAS,SAAS,cAAc;AAChC,SAAO,KAAK;AAGZ,SAAO,UAAU,IAAI;EACrB,MAAM,OAAO,SAAS,QAAQ,SAAS;AACvC,MAAI,KACF,MAAK,YAAY;;AAGrB,QAAO;;AAQT,SAAS,gBAAgB,QAAgD;AACvE,QAAO,WAAW,WAAW,WAAW;;AAI1C,SAAS,iBAAiB,EACxB,KACA,SACA,mBACA,cACA,SACA,OACA,SACA,yBAU0D;CAC1D,MAAMD,IAAwB,WAAW;AACzC;CACA,MAAM,KAAK,SAAS,cAAc;AAClC,IAAG,UAAU;AACb,IAAG,gBAAgB,yBAAyB,IAAI,uBAAuB,6BAA6B;AACpG,IAAG,oBAAoB,qBAAqB;AAC5C,KAAI,IAAI,gBACN,IAAG,kBAAkB,IAAI;AAK3B,MAAK,mBAAmB,UAAU,KAAK,EACrC,IAAG,eAAe,SAAS;AAE7B,KAAI,aAAc,IAAG,eAAe;AAEpC,IAAG,QAAQ,aAAa,KAAK;AAC7B,KAAI,WAAW,KAAM,IAAG,UAAU,CAAC,CAAC;AACpC,IAAG,gBAAgB;AAEnB,IAAG,aAAa;AAEhB,KAAI,SAAS,SAAS,KAAM,IAAG,QAAQ,QAAQ;AAC/C,KAAI,SAAS,QAAQ,KAAM,IAAG,OAAO,QAAQ;AAE7C,KAAI,SAAS,YAAY,SAAS,SAAS,KACzC,IAAG,QAAQ;CAEb,MAAM,SAAS;AAEf,QAAO,UAAU,OAAO;AACxB,QAAO,gBAAgB;AAEvB,6BAA4B;AAC1B,SAAO,UAAU,IAAI;;CAEvB,MAAM,SAAS,wBAAwB;AACvC,QAAO;EAAE;EAAI"}
1	+ {"version":3,"file":"confirm-ui.js","names":["v: 'modal' \| 'drawer'","normalized: TransactionInputWasm[]"],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/confirm-ui.ts"],"sourcesContent":["import { isActionArgsWasm, toActionArgsWasm, type ActionArgs, type ActionArgsWasm } from '@/core/types/actions';\nimport type { VrfWorkerManagerContext } from '../VrfWorkerManager';\nimport type { TransactionSummary } from '../VrfWorkerManager/confirmTxFlow/types';\nimport { WalletIframeDomEvents } from '../../WalletIframe/events';\nimport { TransactionInputWasm, VRFChallenge } from '../../types';\n\nimport { W3A_TX_CONFIRMER_ID, CONFIRM_UI_ELEMENT_SELECTORS, W3A_CONFIRM_PORTAL_ID } from './tags';\nimport type { ConfirmUIHandle, ConfirmUIUpdate, ConfirmationUIMode, ThemeName } from './confirm-ui-types';\nexport type { ConfirmUIHandle, ConfirmUIUpdate, ConfirmationUIMode } from './confirm-ui-types';\nimport { validateTheme } from './confirm-ui-types';\nimport { computeUiIntentDigestFromTxs, orderActionForDigest } from '../../digests/intentDigest';\n// Ensure the wrapper element is registered when this module loads.\n// Note: this must be a value import (not side-effect-only) so bundlers don't\n// tree-shake it away under `sideEffects: false`.\nimport { TxConfirmerWrapperElement } from './IframeTxConfirmer/tx-confirmer-wrapper';\n\ntry {\n if (typeof customElements !== 'undefined' && !customElements.get(W3A_TX_CONFIRMER_ID)) {\n customElements.define(W3A_TX_CONFIRMER_ID, TxConfirmerWrapperElement);\n }\n} catch {}\n\n// Resolve theme preference from explicit param, user preferences, or DOM attribute\nfunction resolveTheme(ctx: VrfWorkerManagerContext, requested?: ThemeName): ThemeName {\n let resolved = validateTheme(requested);\n if (!resolved) {\n try { resolved = validateTheme((ctx as any)?.userPreferencesManager?.getUserTheme?.()); } catch {}\n }\n if (!resolved) {\n const domAttr = (document?.documentElement?.getAttribute('data-w3a-theme') \|\| '').toLowerCase();\n resolved = validateTheme(domAttr);\n }\n return resolved \|\| 'dark';\n}\n\n// Minimal host element interface for the inline confirmer wrapper.\ninterface HostTxConfirmerElement extends HTMLElement {\n variant?: 'modal' \| 'drawer';\n nearAccountId: string;\n txSigningRequests: TransactionInputWasm[];\n intentDigest?: string;\n vrfChallenge?: Partial<VRFChallenge>;\n theme?: ThemeName;\n loading?: boolean; // host elements use `loading` (iframe element uses `showLoading`)\n deferClose?: boolean; // two-phase close coordination\n errorMessage?: string;\n body?: string;\n title: string;\n requestUpdate?: () => void; // Lit element update hook (optional)\n nearExplorerUrl?: string;\n}\n\n////////////////////////////\n// === Public Functions ===\n////////////////////////////\n\nexport async function mountConfirmUI({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n uiMode,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests?: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n loading?: boolean,\n theme?: ThemeName,\n uiMode: ConfirmationUIMode,\n nearAccountIdOverride?: string,\n}): Promise<ConfirmUIHandle> {\n // 'skip' mode should never request a UI mount; callers handle this.\n const variant = uiModeToVariant(uiMode);\n const { handle } = mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n variant,\n nearAccountIdOverride,\n });\n return handle;\n}\n\nexport async function awaitConfirmUIDecision({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n theme,\n uiMode,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n theme: ThemeName,\n uiMode: ConfirmationUIMode,\n nearAccountIdOverride: string,\n}): Promise<{ confirmed: boolean; handle: ConfirmUIHandle; error?: string }> {\n const variant = uiModeToVariant(uiMode);\n const v: 'modal' \| 'drawer' = variant \|\| 'modal';\n\n return new Promise((resolve) => {\n const { el, handle } = mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n theme,\n variant: v,\n nearAccountIdOverride,\n });\n\n const finalize = (result: { confirmed: boolean; error?: string }) => {\n cleanup();\n resolve({ ...result, handle });\n };\n\n const onConfirm = async (event: Event) => {\n const detail = (event as CustomEvent<ConfirmEventDetail> \| undefined)?.detail;\n let confirmed = detail?.confirmed !== false;\n let error = typeof detail?.error === 'string' ? detail.error : undefined;\n // Defensive UI digest validation in case wrapper capture-phase did not intercept\n if (confirmed) {\n const guardErr = await checkIntentDigestGuard(summary, txSigningRequests);\n if (guardErr) {\n confirmed = false;\n if (!error) error = guardErr;\n }\n }\n\n if (!confirmed) {\n if (error) {\n handle.update({ errorMessage: error, loading: false });\n } else {\n handle.update({ loading: false, errorMessage: '' });\n }\n finalize({ confirmed: false, error });\n return;\n }\n finalize({ confirmed: true });\n };\n\n const onCancel = (event?: Event) => {\n const detail = (event as CustomEvent<ConfirmEventDetail> \| undefined)?.detail;\n const error = typeof detail?.error === 'string' ? detail.error : undefined;\n if (error) {\n handle.update({ errorMessage: error, loading: false });\n } else {\n handle.update({ loading: false });\n }\n finalize({ confirmed: false, error });\n };\n\n const cleanup = () => {\n el.removeEventListener(WalletIframeDomEvents.TX_CONFIRMER_CONFIRM, onConfirm as EventListener);\n el.removeEventListener(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, onCancel as EventListener);\n };\n\n // Listen to canonical events only\n el.addEventListener(WalletIframeDomEvents.TX_CONFIRMER_CONFIRM, onConfirm as EventListener);\n el.addEventListener(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, onCancel as EventListener);\n });\n}\n\n//////////////////////\n// Internal Functions\n//////////////////////\n\nasync function checkIntentDigestGuard(\n summary: TransactionSummary \| undefined,\n txSigningRequests?: TransactionInputWasm[],\n): Promise<string \| undefined> {\n const hasTxs = (txSigningRequests?.length \|\| 0) > 0;\n const expected = summary?.intentDigest;\n if (!hasTxs \|\| !expected) return undefined;\n try {\n // UI-side check must mirror the canonical intent digest:\n // { receiverId, actions: ActionArgsWasm[] } with actions normalized\n // via orderActionForDigest, and no nonce included.\n const normalized: TransactionInputWasm[] = (txSigningRequests \|\| []).map((tx) => ({\n receiverId: tx.receiverId,\n actions: (tx.actions \|\| [])\n .map((a) => (isActionArgsWasm(a) ? a : toActionArgsWasm(a as unknown as ActionArgs)))\n .map((a) => orderActionForDigest(a as ActionArgsWasm) as ActionArgsWasm),\n }));\n const uiDigest = await computeUiIntentDigestFromTxs(normalized);\n if (uiDigest !== expected) return 'INTENT_DIGEST_MISMATCH';\n return undefined;\n } catch {\n return 'UI_DIGEST_VALIDATION_FAILED';\n }\n}\n\nfunction createHostConfirmHandle(el: HostTxConfirmerElement): ConfirmUIHandle {\n return {\n close: (_confirmed: boolean) => { el.remove(); },\n update: (props: ConfirmUIUpdate) => applyHostElementProps(el, props),\n };\n}\n\n// Small helper to keep a host element's error attribute in sync\nfunction setErrorAttribute(el: HTMLElement, msg: string): void {\n if (msg) {\n el.setAttribute('data-error-message', msg);\n } else {\n el.removeAttribute('data-error-message');\n }\n}\n\nfunction applyHostElementProps(el: HostTxConfirmerElement, props?: ConfirmUIUpdate): void {\n if (!props) return;\n if (props.nearAccountId != null) el.nearAccountId = props.nearAccountId;\n if (props.txSigningRequests != null) el.txSigningRequests = props.txSigningRequests;\n if (props.vrfChallenge != null) el.vrfChallenge = props.vrfChallenge;\n if (props.theme != null) el.theme = props.theme;\n if (props.loading != null) el.loading = !!props.loading;\n if (props.body != null) el.body = props.body;\n if (props.title != null) el.title = props.title;\n if ('errorMessage' in (props as Record<string, unknown>)) {\n const msg = props.errorMessage ?? '';\n el.errorMessage = msg;\n setErrorAttribute(el, msg);\n }\n if ((props as any).nearExplorerUrl != null) {\n el.nearExplorerUrl = (props as any).nearExplorerUrl;\n }\n el.requestUpdate?.();\n}\n\n// ===== Inline confirmer helpers =====\nfunction cleanupExistingConfirmers(): void {\n const portal = document.getElementById(W3A_CONFIRM_PORTAL_ID);\n if (portal) {\n const existing = Array.from(portal.querySelectorAll('*')) as HTMLElement[];\n for (const el of existing) {\n el.dispatchEvent(new CustomEvent(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, { bubbles: true, composed: true }));\n }\n portal.replaceChildren();\n return;\n }\n\n const selectors = CONFIRM_UI_ELEMENT_SELECTORS as readonly string[];\n const els = selectors.flatMap((sel) => Array.from(document.querySelectorAll(sel)) as HTMLElement[]);\n for (const el of els) {\n el.dispatchEvent(new CustomEvent(WalletIframeDomEvents.TX_CONFIRMER_CANCEL, { bubbles: true, composed: true }));\n el.remove();\n }\n}\n\nfunction ensureConfirmPortal(): HTMLElement {\n let portal = document.getElementById(W3A_CONFIRM_PORTAL_ID) as HTMLElement \| null;\n if (!portal) {\n portal = document.createElement('div');\n portal.id = W3A_CONFIRM_PORTAL_ID;\n // Keep the portal inert except for stacking; children handle their own overlay\n // Class-based only to comply with strict CSP\n portal.classList.add('w3a-portal');\n const root = document.body ?? document.documentElement;\n if (root) {\n root.appendChild(portal);\n }\n }\n return portal;\n}\n\ntype ConfirmEventDetail = {\n confirmed?: boolean;\n error?: string;\n};\n\nfunction uiModeToVariant(uiMode: ConfirmationUIMode): 'modal' \| 'drawer' {\n return uiMode === 'drawer' ? 'drawer' : 'modal';\n}\n\n// Create and mount a fresh host element into the tx-confirmer portal\nfunction mountHostElement({\n ctx,\n summary,\n txSigningRequests,\n vrfChallenge,\n loading,\n theme,\n variant,\n nearAccountIdOverride,\n}: {\n ctx: VrfWorkerManagerContext,\n summary: TransactionSummary,\n txSigningRequests?: TransactionInputWasm[],\n vrfChallenge?: Partial<VRFChallenge>,\n loading?: boolean,\n theme?: ThemeName,\n variant?: 'modal' \| 'drawer',\n nearAccountIdOverride?: string,\n}): { el: HostTxConfirmerElement; handle: ConfirmUIHandle } {\n const v: 'modal' \| 'drawer' = variant \|\| 'modal';\n cleanupExistingConfirmers();\n const el = document.createElement(W3A_TX_CONFIRMER_ID) as HostTxConfirmerElement;\n el.variant = v;\n el.nearAccountId = nearAccountIdOverride \|\| ctx.userPreferencesManager.getCurrentUserAccountId() \|\| '';\n el.txSigningRequests = txSigningRequests \|\| [];\n if (ctx.nearExplorerUrl) {\n el.nearExplorerUrl = ctx.nearExplorerUrl;\n }\n // Only enable UI digest validation for transaction-signing flows where txs exist.\n // Registration/link and other non-tx flows should not set intentDigest to avoid\n // spurious INTENT_DIGEST_MISMATCH on confirm.\n if ((txSigningRequests?.length \|\| 0) > 0) {\n el.intentDigest = summary?.intentDigest;\n }\n if (vrfChallenge) el.vrfChallenge = vrfChallenge;\n // Resolve theme with short-circuiting helper\n el.theme = resolveTheme(ctx, theme);\n if (loading != null) el.loading = !!loading;\n el.removeAttribute('data-error-message');\n // Two-phase close: let caller control removal\n el.deferClose = true;\n // Optional per-request display overrides\n if (summary?.title != null) el.title = summary.title;\n if (summary?.body != null) el.body = summary.body;\n // Default title for delegate signing when not overridden\n if (summary?.delegate && summary?.title == null) {\n el.title = 'Sign Delegate Action';\n }\n const portal = ensureConfirmPortal();\n // Ensure hidden state (idempotent) and mount\n portal.classList.remove('w3a-portal--visible');\n portal.replaceChildren(el);\n // Reveal in the next frame via class toggle\n requestAnimationFrame(() => {\n portal.classList.add('w3a-portal--visible');\n });\n const handle = createHostConfirmHandle(el);\n return { el, handle };\n}\n\n// Types and element export for consumers that need the inline confirmer handle\nexport type { TxConfirmerWrapperElement } from './IframeTxConfirmer/tx-confirmer-wrapper';\nexport { W3A_TX_CONFIRMER_ID };\n"],"mappings":";;;;;;;;AAgBA,IAAI;AACF,KAAI,OAAO,mBAAmB,eAAe,CAAC,eAAe,IAAI,qBAC/D,gBAAe,OAAO,qBAAqB;QAEvC;AAGR,SAAS,aAAa,KAA8B,WAAkC;CACpF,IAAI,WAAW,cAAc;AAC7B,KAAI,CAAC,SACH,KAAI;AAAE,aAAW,cAAe,KAAa,wBAAwB;SAA2B;AAElG,KAAI,CAAC,UAAU;EACb,MAAM,WAAW,UAAU,iBAAiB,aAAa,qBAAqB,IAAI;AAClF,aAAW,cAAc;;AAE3B,QAAO,YAAY;;AAwBrB,eAAsB,eAAe,EACnC,KACA,SACA,mBACA,cACA,SACA,OACA,QACA,yBAU2B;CAE3B,MAAM,UAAU,gBAAgB;CAChC,MAAM,EAAE,WAAW,iBAAiB;EAClC;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEF,QAAO;;AAGT,eAAsB,uBAAuB,EAC3C,KACA,SACA,mBACA,cACA,OACA,QACA,yBAS2E;CAC3E,MAAM,UAAU,gBAAgB;CAChC,MAAMA,IAAwB,WAAW;AAEzC,QAAO,IAAI,SAAS,YAAY;EAC9B,MAAM,EAAE,IAAI,WAAW,iBAAiB;GACtC;GACA;GACA;GACA;GACA;GACA,SAAS;GACT;;EAGF,MAAM,YAAY,WAAmD;AACnE;AACA,WAAQ;IAAE,GAAG;IAAQ;;;EAGvB,MAAM,YAAY,OAAO,UAAiB;GACxC,MAAM,SAAU,OAAuD;GACvE,IAAI,YAAY,QAAQ,cAAc;GACtC,IAAI,QAAQ,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ;AAE/D,OAAI,WAAW;IACb,MAAM,WAAW,MAAM,uBAAuB,SAAS;AACvD,QAAI,UAAU;AACZ,iBAAY;AACZ,SAAI,CAAC,MAAO,SAAQ;;;AAIxB,OAAI,CAAC,WAAW;AACd,QAAI,MACF,QAAO,OAAO;KAAE,cAAc;KAAO,SAAS;;QAE9C,QAAO,OAAO;KAAE,SAAS;KAAO,cAAc;;AAEhD,aAAS;KAAE,WAAW;KAAO;;AAC7B;;AAEF,YAAS,EAAE,WAAW;;EAGxB,MAAM,YAAY,UAAkB;GAClC,MAAM,SAAU,OAAuD;GACvE,MAAM,QAAQ,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ;AACjE,OAAI,MACF,QAAO,OAAO;IAAE,cAAc;IAAO,SAAS;;OAE9C,QAAO,OAAO,EAAE,SAAS;AAE3B,YAAS;IAAE,WAAW;IAAO;;;EAG/B,MAAM,gBAAgB;AACpB,MAAG,oBAAoB,sBAAsB,sBAAsB;AACnE,MAAG,oBAAoB,sBAAsB,qBAAqB;;AAIpE,KAAG,iBAAiB,sBAAsB,sBAAsB;AAChE,KAAG,iBAAiB,sBAAsB,qBAAqB;;;AAQnE,eAAe,uBACb,SACA,mBAC6B;CAC7B,MAAM,UAAU,mBAAmB,UAAU,KAAK;CAClD,MAAM,WAAW,SAAS;AAC1B,KAAI,CAAC,UAAU,CAAC,SAAU,QAAO;AACjC,KAAI;EAIF,MAAMC,cAAsC,qBAAqB,IAAI,KAAK,QAAQ;GAChF,YAAY,GAAG;GACf,UAAU,GAAG,WAAW,IACrB,KAAK,MAAO,iBAAiB,KAAK,IAAI,iBAAiB,IACvD,KAAK,MAAM,qBAAqB;;EAErC,MAAM,WAAW,MAAM,6BAA6B;AACpD,MAAI,aAAa,SAAU,QAAO;AAClC,SAAO;SACD;AACN,SAAO;;;AAIX,SAAS,wBAAwB,IAA6C;AAC5E,QAAO;EACL,QAAQ,eAAwB;AAAE,MAAG;;EACrC,SAAS,UAA2B,sBAAsB,IAAI;;;AAKlE,SAAS,kBAAkB,IAAiB,KAAmB;AAC7D,KAAI,IACF,IAAG,aAAa,sBAAsB;KAEtC,IAAG,gBAAgB;;AAIvB,SAAS,sBAAsB,IAA4B,OAA+B;AACxF,KAAI,CAAC,MAAO;AACZ,KAAI,MAAM,iBAAiB,KAAM,IAAG,gBAAgB,MAAM;AAC1D,KAAI,MAAM,qBAAqB,KAAM,IAAG,oBAAoB,MAAM;AAClE,KAAI,MAAM,gBAAgB,KAAM,IAAG,eAAe,MAAM;AACxD,KAAI,MAAM,SAAS,KAAM,IAAG,QAAQ,MAAM;AAC1C,KAAI,MAAM,WAAW,KAAM,IAAG,UAAU,CAAC,CAAC,MAAM;AAChD,KAAI,MAAM,QAAQ,KAAM,IAAG,OAAO,MAAM;AACxC,KAAI,MAAM,SAAS,KAAM,IAAG,QAAQ,MAAM;AAC1C,KAAI,kBAAmB,OAAmC;EACxD,MAAM,MAAM,MAAM,gBAAgB;AAClC,KAAG,eAAe;AAClB,oBAAkB,IAAI;;AAExB,KAAK,MAAc,mBAAmB,KACpC,IAAG,kBAAmB,MAAc;AAEtC,IAAG;;AAIL,SAAS,4BAAkC;CACzC,MAAM,SAAS,SAAS,eAAe;AACvC,KAAI,QAAQ;EACV,MAAM,WAAW,MAAM,KAAK,OAAO,iBAAiB;AACpD,OAAK,MAAM,MAAM,SACf,IAAG,cAAc,IAAI,YAAY,sBAAsB,qBAAqB;GAAE,SAAS;GAAM,UAAU;;AAEzG,SAAO;AACP;;CAGF,MAAM,YAAY;CAClB,MAAM,MAAM,UAAU,SAAS,QAAQ,MAAM,KAAK,SAAS,iBAAiB;AAC5E,MAAK,MAAM,MAAM,KAAK;AACpB,KAAG,cAAc,IAAI,YAAY,sBAAsB,qBAAqB;GAAE,SAAS;GAAM,UAAU;;AACvG,KAAG;;;AAIP,SAAS,sBAAmC;CAC1C,IAAI,SAAS,SAAS,eAAe;AACrC,KAAI,CAAC,QAAQ;AACX,WAAS,SAAS,cAAc;AAChC,SAAO,KAAK;AAGZ,SAAO,UAAU,IAAI;EACrB,MAAM,OAAO,SAAS,QAAQ,SAAS;AACvC,MAAI,KACF,MAAK,YAAY;;AAGrB,QAAO;;AAQT,SAAS,gBAAgB,QAAgD;AACvE,QAAO,WAAW,WAAW,WAAW;;AAI1C,SAAS,iBAAiB,EACxB,KACA,SACA,mBACA,cACA,SACA,OACA,SACA,yBAU0D;CAC1D,MAAMD,IAAwB,WAAW;AACzC;CACA,MAAM,KAAK,SAAS,cAAc;AAClC,IAAG,UAAU;AACb,IAAG,gBAAgB,yBAAyB,IAAI,uBAAuB,6BAA6B;AACpG,IAAG,oBAAoB,qBAAqB;AAC5C,KAAI,IAAI,gBACN,IAAG,kBAAkB,IAAI;AAK3B,MAAK,mBAAmB,UAAU,KAAK,EACrC,IAAG,eAAe,SAAS;AAE7B,KAAI,aAAc,IAAG,eAAe;AAEpC,IAAG,QAAQ,aAAa,KAAK;AAC7B,KAAI,WAAW,KAAM,IAAG,UAAU,CAAC,CAAC;AACpC,IAAG,gBAAgB;AAEnB,IAAG,aAAa;AAEhB,KAAI,SAAS,SAAS,KAAM,IAAG,QAAQ,QAAQ;AAC/C,KAAI,SAAS,QAAQ,KAAM,IAAG,OAAO,QAAQ;AAE7C,KAAI,SAAS,YAAY,SAAS,SAAS,KACzC,IAAG,QAAQ;CAEb,MAAM,SAAS;AAEf,QAAO,UAAU,OAAO;AACxB,QAAO,gBAAgB;AAEvB,6BAA4B;AAC1B,SAAO,UAAU,IAAI;;CAEvB,MAAM,SAAS,wBAAwB;AACvC,QAAO;EAAE;EAAI"}

package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js CHANGED Viewed

@@ -1,6 +1,7 @@
-import { W3A_EXPORT_VIEWER_IFRAME_ID, W3A_TX_BUTTON_HOST_ID, W3A_TX_BUTTON_ID } from "./tags.js";
+import { W3A_EXPORT_VIEWER_IFRAME_ID } from "./tags.js";
 //#region src/core/WebAuthnManager/LitComponents/ensure-defined.ts
+const TAG_LOADERS = { [W3A_EXPORT_VIEWER_IFRAME_ID]: () => import("./ExportPrivateKey/iframe-host.js") };
 /**
 * Small utility that guarantees a custom element definition exists in the
 * current runtime before creating/using it. If the tag is not yet defined,
@@ -12,11 +13,6 @@ async function ensureDefined(tag, loader) {
 		if (!customElements.get(tag)) await loader();
 	} catch {}
 }
-const TAG_LOADERS = {
-	[W3A_EXPORT_VIEWER_IFRAME_ID]: () => import("./ExportPrivateKey/iframe-host.js"),
-	[W3A_TX_BUTTON_ID]: () => import("./IframeButtonWithTooltipConfirmer/iframe-host.js"),
-	[W3A_TX_BUTTON_HOST_ID]: () => import("./IframeButtonWithTooltipConfirmer/iframe-host.js")
-};
 //#endregion
 export { ensureDefined };

package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ensure-defined.js","names":["TAG_LOADERS: Record<string, () => Promise<unknown>>"],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/ensure-defined.ts"],"sourcesContent":["/*\n Small utility that guarantees a custom element definition exists in the\n * current runtime before creating/using it. If the tag is not yet defined,\n * it runs the provided dynamic import loader to execute the module that calls\n * customElements.define().\n /\nexport async function ensureDefined(tag: string, loader: () => Promise<unknown>): Promise<void> {\n try {\n if (!customElements.get(tag)) {\n await loader();\n }\n } catch {\n // Best-effort; downstream calls will still throw useful errors if missing\n }\n}\n\n// Consolidated loaders for known W3A custom elements that may be used across runtimes.\n// This allows dev tooling to auto-ensure definitions for common elements when possible.\nimport { W3A_EXPORT_VIEWER_IFRAME_ID, W3A_TX_BUTTON_ID, W3A_TX_BUTTON_HOST_ID } from './tags';\n\nexport const TAG_LOADERS: Record<string, () => Promise<unknown>> = {\n [W3A_EXPORT_VIEWER_IFRAME_ID]: () => import('./ExportPrivateKey/iframe-host'),\n [W3A_TX_BUTTON_ID]: () => import('./IframeButtonWithTooltipConfirmer/iframe-host'),\n [W3A_TX_BUTTON_HOST_ID]: () => import('./IframeButtonWithTooltipConfirmer/iframe-host'),\n};\n\n/* Attempt to ensure a known W3A element by tag; returns true if a loader ran. */\nexport async function ensureKnownW3aElement(tag: string): Promise<boolean> {\n try {\n const t = (tag \|\| '').toLowerCase();\n const loader = TAG_LOADERS[t];\n if (!loader) return false;\n await ensureDefined(t, loader);\n return true;\n } catch {\n return false;\n }\n}\n\n"],"mappings":"~~;;;;;;;;;~~AAMA,eAAsB,cAAc,KAAa,QAA+C;AAC9F,KAAI;AACF,MAAI,CAAC,eAAe,IAAI,KACtB,OAAM;SAEF~~;;AASV,MAAaA,cAAsD;EAChE,oCAAoC,OAAO;EAC3C,yBAAyB,OAAO;EAChC,8BAA8B,OAAO~~"}
1	+ {"version":3,"file":"ensure-defined.js","names":["TAG_LOADERS: Record<string, () => Promise<unknown>>"],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/ensure-defined.ts"],"sourcesContent":["/*\n Consolidated loaders for known W3A custom elements that may be used across runtimes.\n * This allows dev tooling to auto-ensure definitions for common elements when possible.\n /\nimport { W3A_EXPORT_VIEWER_IFRAME_ID } from './tags';\n\nexport const TAG_LOADERS: Record<string, () => Promise<unknown>> = {\n [W3A_EXPORT_VIEWER_IFRAME_ID]: () => import('./ExportPrivateKey/iframe-host'),\n};\n\n/\n Small utility that guarantees a custom element definition exists in the\n * current runtime before creating/using it. If the tag is not yet defined,\n * it runs the provided dynamic import loader to execute the module that calls\n * customElements.define().\n /\nexport async function ensureDefined(tag: string, loader: () => Promise<unknown>): Promise<void> {\n try {\n if (!customElements.get(tag)) {\n await loader();\n }\n } catch {\n // Best-effort; downstream calls will still throw useful errors if missing\n }\n}\n\n/* Attempt to ensure a known W3A element by tag; returns true if a loader ran. */\nexport async function ensureKnownW3aElement(tag: string): Promise<boolean> {\n try {\n const t = (tag \|\| '').toLowerCase();\n const loader = TAG_LOADERS[t];\n if (!loader) return false;\n await ensureDefined(t, loader);\n return true;\n } catch {\n return false;\n }\n}\n"],"mappings":";;;AAMA,MAAaA,cAAsD,GAChE,oCAAoC,OAAO;;;;;;;AAS9C,eAAsB,cAAc,KAAa,QAA+C;AAC9F,KAAI;AACF,MAAI,CAAC,eAAe,IAAI,KACtB,OAAM;SAEF"}

package/dist/esm/core/WebAuthnManager/LitComponents/tags.js CHANGED Viewed

@@ -1,29 +1,4 @@
 //#region src/core/WebAuthnManager/LitComponents/tags.ts
-const W3A_BUTTON_WITH_TOOLTIP_ID = "w3a-button-with-tooltip";
-const W3A_TX_BUTTON_ID = "w3a-tx-button";
-const W3A_TX_BUTTON_HOST_ID = "w3a-tx-button-host";
-const TAG_DEFS = {
-	txButton: {
-		id: W3A_TX_BUTTON_ID,
-		aliases: []
-	},
-	txHost: {
-		id: W3A_TX_BUTTON_HOST_ID,
-		aliases: ["w3a-wallet-tx-host"]
-	}
-};
-/** Define a custom element for canonical and alias tags (no-throw). */
-function defineTag(key, ctor) {
-	const def = TAG_DEFS[key];
-	try {
-		if (!customElements.get(def.id)) customElements.define(def.id, ctor);
-	} catch {}
-	const aliases = def.aliases || [];
-	for (const alias of aliases) try {
-		if (!customElements.get(alias)) customElements.define(alias, ctor);
-	} catch {}
-}
-const IFRAME_TX_BUTTON_BOOTSTRAP_MODULE = "iframe-tx-button-bootstrap.js";
 const W3A_TX_CONFIRMER_ID = "w3a-tx-confirmer";
 const W3A_MODAL_TX_CONFIRMER_ID = "w3a-modal-tx-confirmer";
 const W3A_DRAWER_TX_CONFIRMER_ID = "w3a-drawer-tx-confirmer";
@@ -43,5 +18,5 @@ const IFRAME_EXPORT_BOOTSTRAP_MODULE = "iframe-export-bootstrap.js";
 const EXPORT_VIEWER_BUNDLE = "export-private-key-viewer.js";
 //#endregion
-export { CONFIRM_UI_ELEMENT_SELECTORS, EXPORT_VIEWER_BUNDLE, IFRAME_EXPORT_BOOTSTRAP_MODULE, IFRAME_TX_BUTTON_BOOTSTRAP_MODULE, W3A_BUTTON_WITH_TOOLTIP_ID, W3A_CONFIRM_PORTAL_ID, W3A_DRAWER_ID, W3A_DRAWER_TX_CONFIRMER_ID, W3A_EXPORT_VIEWER_IFRAME_ID, W3A_HALO_BORDER_ID, W3A_MODAL_TX_CONFIRMER_ID, W3A_PASSKEY_HALO_LOADING_ID, W3A_TX_BUTTON_HOST_ID, W3A_TX_BUTTON_ID, W3A_TX_CONFIRMER_ID, W3A_TX_CONFIRM_CONTENT_ID, W3A_TX_TREE_ID, defineTag };
+export { CONFIRM_UI_ELEMENT_SELECTORS, EXPORT_VIEWER_BUNDLE, IFRAME_EXPORT_BOOTSTRAP_MODULE, W3A_CONFIRM_PORTAL_ID, W3A_DRAWER_ID, W3A_DRAWER_TX_CONFIRMER_ID, W3A_EXPORT_VIEWER_IFRAME_ID, W3A_HALO_BORDER_ID, W3A_MODAL_TX_CONFIRMER_ID, W3A_PASSKEY_HALO_LOADING_ID, W3A_TX_CONFIRMER_ID, W3A_TX_CONFIRM_CONTENT_ID, W3A_TX_TREE_ID };
 //# sourceMappingURL=tags.js.map

package/dist/esm/core/WebAuthnManager/LitComponents/tags.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"tags.js","names":[],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/tags.ts"],"sourcesContent":["// Lit component tag names\n// These are rendered as web components:\n// e.g. <w3a-tx-~~button~~></w3a-tx-~~button~~>, <w3a-~~button~~-~~with-tooltip~~>, etc;\n\n// Preferred aliases for top-level elements used by WalletIframe host\nexport const W3A_BUTTON_WITH_TOOLTIP_ID = 'w3a-button-with-tooltip';\nexport const W3A_TX_BUTTON_ID = 'w3a-tx-button';\nexport const W3A_TX_BUTTON_HOST_ID = 'w3a-tx-button-host';\n\n// Consolidated tag registry and helpers\nexport type TagDef = { id: string; aliases?: string[] };\nexport const TAG_DEFS = {\n txButton: { id: W3A_TX_BUTTON_ID, aliases: [] },\n txHost: { id: W3A_TX_BUTTON_HOST_ID, aliases: ['w3a-wallet-tx-host'] },\n} satisfies Record<string, TagDef>;\nexport type TagKey = keyof typeof TAG_DEFS;\n\n/** Return canonical tag for a tag key /\nexport function getTag(key: TagKey): string { return TAG_DEFS[key].id; }\n\n/* Define a custom element for canonical and alias tags (no-throw). */\nexport function defineTag(key: TagKey, ctor: CustomElementConstructor): void {\n const def = TAG_DEFS[key];\n try {\n if (!customElements.get(def.id)) {\n customElements.define(def.id, ctor);\n }\n } catch {}\n const aliases = def.aliases \|\| [];\n for (const alias of aliases) {\n try { if (!customElements.get(alias)) customElements.define(alias, ctor); } catch {}\n }\n}\n\n// Asset path and bootstrap module used by the iframe host to hydrate the embedded element.\nexport const EMBEDDED_SDK_BASE_PATH = '/sdk/';\nexport const IFRAME_TX_BUTTON_BOOTSTRAP_MODULE = 'iframe-tx-button-bootstrap.js';\n\n// Transaction confirmer element tags (host-rendered)\n// Canonical tag names use the \"-tx-confirmer\" suffix for consistency\nexport const W3A_TX_CONFIRMER_ID = 'w3a-tx-confirmer';\nexport const W3A_MODAL_TX_CONFIRMER_ID = 'w3a-modal-tx-confirmer';\nexport const W3A_DRAWER_TX_CONFIRMER_ID = 'w3a-drawer-tx-confirmer';\nexport const W3A_TX_CONFIRM_CONTENT_ID = 'w3a-tx-confirm-content';\n\n// Shared building blocks\nexport const W3A_DRAWER_ID = 'w3a-drawer';\nexport const W3A_TX_TREE_ID = 'w3a-tx-tree';\nexport const W3A_HALO_BORDER_ID = 'w3a-halo-border';\nexport const W3A_PASSKEY_HALO_LOADING_ID = 'w3a-passkey-halo-loading';\n\n// Unified list of confirmer hosts the wallet may need to target for lifecycle events\nexport const CONFIRM_UI_ELEMENT_SELECTORS = [\n W3A_TX_CONFIRMER_ID,\n W3A_MODAL_TX_CONFIRMER_ID,\n W3A_DRAWER_TX_CONFIRMER_ID,\n] as const;\n\n// Dedicated portal container to enforce a single confirmer instance\nexport const W3A_CONFIRM_PORTAL_ID = 'w3a-confirm-portal';\n\n// Export viewer iframe host + bootstrap + viewer bundle\nexport const W3A_EXPORT_VIEWER_IFRAME_ID = 'w3a-export-viewer-iframe';\nexport const W3A_EXPORT_KEY_VIEWER_ID = 'w3a-export-key-viewer';\nexport const IFRAME_EXPORT_BOOTSTRAP_MODULE = 'iframe-export-bootstrap.js';\nexport const EXPORT_VIEWER_BUNDLE = 'export-private-key-viewer.js';\nexport const EXPORT_DRAWER_BUNDLE = 'export-private-key-drawer.js';\n\n// CSS Class Names - Centralized for type safety and maintainability\nexport const CSS_CLASSES = {\n // Container elements\n EMBEDDED_CONFIRM_CONTAINER: 'embedded-confirm-container',\n\n // Button elements\n EMBEDDED_BTN: 'embedded-btn',\n\n // Tooltip elements\n TOOLTIP_CONTENT: 'tooltip-content',\n\n // Loading elements\n LOADING: 'loading',\n SPINNER: 'spinner',\n} as const;\n\n// Type-safe selector functions using data attributes - corresponds to CSS selectors in ButtonWithTooltip.ts\nexport const SELECTORS = {\n EMBEDDED_CONFIRM_CONTAINER: `[data-embedded-tx-button-root]`, // CSS: [data-embedded-tx-button-root]\n EMBEDDED_BTN: `[data-embedded-btn]`, // CSS: [data-embedded-btn]\n TOOLTIP_CONTENT: `[data-tooltip-content]`, // CSS: [data-tooltip-content], [data-tooltip-content][data-position=\"~~...\"~~], ~~etc.\n LOADING: `[data-loading]`, // CSS: [data-loading], [data-loading][data-visible=\~~"true\"]\n SPINNER: `[data-spinner]`, // CSS: [data-spinner]\n} as const;\n\n// Type-safe query selector functions for HTMLElement - uses SELECTORS constants that correspond to CSS selectors\nexport class ElementSelectors {\n private root: Document \| ShadowRoot \| Element \| null \| undefined;\n\n constructor(root?: Document \| ShadowRoot \| Element \| null) {\n this.root = root;\n }\n\n // Instance methods (bound to the root passed in constructor) - uses SELECTORS that correspond to CSS selectors\n getEmbeddedConfirmContainer(): HTMLElement \| null { // Corresponds to [data-embedded-tx-button-root] CSS selector\n return this.root?.querySelector(SELECTORS.EMBEDDED_CONFIRM_CONTAINER) \|\| null;\n }\n\n getEmbeddedBtn(): HTMLElement \| null { // Corresponds to [data-embedded-btn] CSS selector\n return this.root?.querySelector(SELECTORS.EMBEDDED_BTN) \|\| null;\n }\n\n getTooltipContent(): HTMLElement \| null { // Corresponds to [data-tooltip-content] CSS selector\n return this.root?.querySelector(SELECTORS.TOOLTIP_CONTENT) \|\| null;\n }\n\n getLoading(): HTMLElement \| null { // Corresponds to [data-loading] CSS selector\n return this.root?.querySelector(SELECTORS.LOADING) \|\| null;\n }\n\n getSpinner(): HTMLElement \| null { // Corresponds to [data-spinner] CSS selector\n return this.root?.querySelector(SELECTORS.SPINNER) \|\| null;\n }\n\n // Static methods (require root parameter) - uses SELECTORS that correspond to CSS selectors\n static getEmbeddedConfirmContainer(root: Document \| ShadowRoot \| Element \| null \| undefined): HTMLElement \| null { // Corresponds to [data-embedded-tx-button-root] CSS selector\n return root?.querySelector(SELECTORS.EMBEDDED_CONFIRM_CONTAINER) \|\| null;\n }\n\n static getEmbeddedBtn(root: Document \| ShadowRoot \| Element \| null \| undefined): HTMLElement \| null { // Corresponds to [data-embedded-btn] CSS selector\n return root?.querySelector(SELECTORS.EMBEDDED_BTN) \|\| null;\n }\n\n static getTooltipContent(root: Document \| ShadowRoot \| Element \| null \| undefined): HTMLElement \| null { // Corresponds to [data-tooltip-content] CSS selector\n return root?.querySelector(SELECTORS.TOOLTIP_CONTENT) \|\| null;\n }\n\n static getLoading(root: Document \| ShadowRoot \| Element \| null \| undefined): HTMLElement \| null { // Corresponds to [data-loading] CSS selector\n return root?.querySelector(SELECTORS.LOADING) \|\| null;\n }\n\n static getSpinner(root: Document \| ShadowRoot \| Element \| null \| undefined): HTMLElement \| null { // Corresponds to [data-spinner] CSS selector\n return root?.querySelector(SELECTORS.SPINNER) \|\| null;\n }\n}\n"],"mappings":";~~AAKA~~,MAAa,6BAA6B;AAC1C,MAAa,mBAAmB;AAChC,MAAa,wBAAwB;AAIrC,MAAa,WAAW;CACtB,UAAU;EAAE,IAAI;EAAkB,SAAS;;CAC3C,QAAQ;EAAE,IAAI;EAAuB,SAAS,CAAC;;;;AAQjD,SAAgB,UAAU,KAAa,MAAsC;CAC3E,MAAM,MAAM,SAAS;AACrB,KAAI;AACF,MAAI,CAAC,eAAe,IAAI,IAAI,IAC1B,gBAAe,OAAO,IAAI,IAAI;SAE1B;CACR,MAAM,UAAU,IAAI,WAAW;AAC/B,MAAK,MAAM,SAAS,QAClB,KAAI;AAAE,MAAI,CAAC,eAAe,IAAI,OAAQ,gBAAe,OAAO,OAAO;SAAe;;AAMtF,MAAa,oCAAoC;AAIjD,MAAa,sBAAsB;AACnC,MAAa,4BAA4B;AACzC,MAAa,6BAA6B;AAC1C,MAAa,4BAA4B;AAGzC,MAAa,gBAAgB;AAC7B,MAAa,iBAAiB;AAC9B,MAAa,qBAAqB;AAClC,MAAa,8BAA8B;AAG3C,MAAa,+BAA+B;CAC1C;CACA;CACA;;AAIF,MAAa,wBAAwB;AAGrC,MAAa,8BAA8B;AAE3C,MAAa,iCAAiC;AAC9C,MAAa,uBAAuB"}
1	+ {"version":3,"file":"tags.js","names":[],"sources":["../../../../../src/core/WebAuthnManager/LitComponents/tags.ts"],"sourcesContent":["// Lit component tag names\n// These are rendered as web components:\n// e.g. <w3a-modal-tx-confirmer></w3a-modal-tx-confirmer>, <w3a-tx-tree>, etc;\n\n// Transaction confirmer element tags (host-rendered)\n// Canonical tag names use the \"-tx-confirmer\" suffix for consistency\nexport const W3A_TX_CONFIRMER_ID = 'w3a-tx-confirmer';\nexport const W3A_MODAL_TX_CONFIRMER_ID = 'w3a-modal-tx-confirmer';\nexport const W3A_DRAWER_TX_CONFIRMER_ID = 'w3a-drawer-tx-confirmer';\nexport const W3A_TX_CONFIRM_CONTENT_ID = 'w3a-tx-confirm-content';\n\n// Shared building blocks\nexport const W3A_DRAWER_ID = 'w3a-drawer';\nexport const W3A_TX_TREE_ID = 'w3a-tx-tree';\nexport const W3A_HALO_BORDER_ID = 'w3a-halo-border';\nexport const W3A_PASSKEY_HALO_LOADING_ID = 'w3a-passkey-halo-loading';\n\n// Unified list of confirmer hosts the wallet may need to target for lifecycle events\nexport const CONFIRM_UI_ELEMENT_SELECTORS = [\n W3A_TX_CONFIRMER_ID,\n W3A_MODAL_TX_CONFIRMER_ID,\n W3A_DRAWER_TX_CONFIRMER_ID,\n] as const;\n\n// Dedicated portal container to enforce a single confirmer instance\nexport const W3A_CONFIRM_PORTAL_ID = 'w3a-confirm-portal';\n\n// Export viewer iframe host + bootstrap + viewer bundle\nexport const W3A_EXPORT_VIEWER_IFRAME_ID = 'w3a-export-viewer-iframe';\nexport const W3A_EXPORT_KEY_VIEWER_ID = 'w3a-export-key-viewer';\nexport const IFRAME_EXPORT_BOOTSTRAP_MODULE = 'iframe-export-bootstrap.js';\nexport const EXPORT_VIEWER_BUNDLE = 'export-private-key-viewer.js';\nexport const EXPORT_DRAWER_BUNDLE = 'export-private-key-drawer.js';\n"],"mappings":";AAMA,MAAa,sBAAsB;AACnC,MAAa,4BAA4B;AACzC,MAAa,6BAA6B;AAC1C,MAAa,4BAA4B;AAGzC,MAAa,gBAAgB;AAC7B,MAAa,iBAAiB;AAC9B,MAAa,qBAAqB;AAClC,MAAa,8BAA8B;AAG3C,MAAa,+BAA+B;CAC1C;CACA;CACA;;AAIF,MAAa,wBAAwB;AAGrC,MAAa,8BAA8B;AAE3C,MAAa,iCAAiC;AAC9C,MAAa,uBAAuB"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js CHANGED Viewed

@@ -1,5 +1,4 @@
-import { __esm } from "../../../_virtual/rolldown_runtime.js";
-import { init_accountIds, toAccountId } from "../../types/accountIds.js";
+import { toAccountId } from "../../types/accountIds.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.ts
 function parseDeviceNumber(value, options = {}) {
@@ -22,11 +21,7 @@ async function getLastLoggedInDeviceNumber(nearAccountId, clientDB) {
 	}
 	throw new Error(`No last user session for account ${accountId}`);
 }
-var init_getDeviceNumber = __esm({ "src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.ts": (() => {
-	init_accountIds();
-}) });
 //#endregion
-init_getDeviceNumber();
-export { getLastLoggedInDeviceNumber, init_getDeviceNumber, parseDeviceNumber };
+export { getLastLoggedInDeviceNumber, parseDeviceNumber };
 //# sourceMappingURL=getDeviceNumber.js.map

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"getDeviceNumber.js","names":[],"sources":["../../../../../src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.ts"],"sourcesContent":["import type { PasskeyClientDBManager } from '@/core/IndexedDBManager';\nimport { toAccountId, type AccountId } from '../../types/accountIds';\n\nexport function parseDeviceNumber(\n value: unknown,\n options: { min?: number } = {}\n): number \| null {\n const deviceNumber = Number(value);\n const min = options.min ?? 1;\n if (!Number.isSafeInteger(deviceNumber) \|\| deviceNumber < min) {\n return null;\n }\n return deviceNumber;\n}\n\n/*\n Return the deviceNumber for the last logged-in user for the given account.\n * This uses the app-state \"last user\" pointer only; if it does not match the\n * requested account, an error is thrown instead of silently falling back.\n */\nexport async function getLastLoggedInDeviceNumber(\n nearAccountId: AccountId \| string,\n clientDB: PasskeyClientDBManager\n): Promise<number> {\n const accountId = toAccountId(nearAccountId);\n const last = await clientDB.getLastUser();\n if (last && last.nearAccountId === accountId) {\n const deviceNumber = parseDeviceNumber((last ~~as any)~~.deviceNumber, { min: 1 });\n if (deviceNumber !== null) {\n return deviceNumber;\n }\n }\n throw new Error(`No last user session for account ${accountId}`);\n}\n"],"mappings":"~~;;;;~~AAGA,SAAgB,kBACd,OACA,UAA4B,IACb;CACf,MAAM,eAAe,OAAO;CAC5B,MAAM,MAAM,QAAQ,OAAO;AAC3B,KAAI,CAAC,OAAO,cAAc,iBAAiB,eAAe,IACxD,QAAO;AAET,QAAO;;;;;;;AAQT,eAAsB,4BACpB,eACA,UACiB;CACjB,MAAM,YAAY,YAAY;CAC9B,MAAM,OAAO,MAAM,SAAS;AAC5B,KAAI,QAAQ,KAAK,kBAAkB,WAAW;EAC5C,MAAM,eAAe,~~kBAAmB~~,~~KAAa~~,cAAc,EAAE,KAAK;~~AAC1E~~,MAAI,iBAAiB,KACnB,QAAO;;AAGX,OAAM,IAAI,MAAM,oCAAoC"}
1	+ {"version":3,"file":"getDeviceNumber.js","names":[],"sources":["../../../../../src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.ts"],"sourcesContent":["import type { PasskeyClientDBManager } from '@/core/IndexedDBManager';\nimport { toAccountId, type AccountId } from '../../types/accountIds';\n\nexport function parseDeviceNumber(\n value: unknown,\n options: { min?: number } = {}\n): number \| null {\n const deviceNumber = Number(value);\n const min = options.min ?? 1;\n if (!Number.isSafeInteger(deviceNumber) \|\| deviceNumber < min) {\n return null;\n }\n return deviceNumber;\n}\n\n/*\n Return the deviceNumber for the last logged-in user for the given account.\n * This uses the app-state \"last user\" pointer only; if it does not match the\n * requested account, an error is thrown instead of silently falling back.\n */\nexport async function getLastLoggedInDeviceNumber(\n nearAccountId: AccountId \| string,\n clientDB: PasskeyClientDBManager\n): Promise<number> {\n const accountId = toAccountId(nearAccountId);\n const last = await clientDB.getLastUser();\n if (last && last.nearAccountId === accountId) {\n const deviceNumber = parseDeviceNumber(last.deviceNumber, { min: 1 });\n if (deviceNumber !== null) {\n return deviceNumber;\n }\n }\n throw new Error(`No last user session for account ${accountId}`);\n}\n"],"mappings":";;;AAGA,SAAgB,kBACd,OACA,UAA4B,IACb;CACf,MAAM,eAAe,OAAO;CAC5B,MAAM,MAAM,QAAQ,OAAO;AAC3B,KAAI,CAAC,OAAO,cAAc,iBAAiB,eAAe,IACxD,QAAO;AAET,QAAO;;;;;;;AAQT,eAAsB,4BACpB,eACA,UACiB;CACjB,MAAM,YAAY,YAAY;CAC9B,MAAM,OAAO,MAAM,SAAS;AAC5B,KAAI,QAAQ,KAAK,kBAAkB,WAAW;EAC5C,MAAM,eAAe,kBAAkB,KAAK,cAAc,EAAE,KAAK;AACjE,MAAI,iBAAiB,KACnB,QAAO;;AAGX,OAAM,IAAI,MAAM,oCAAoC"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js CHANGED Viewed

@@ -1,15 +1,11 @@
-import { init_validation, isObject, isString } from "../../../WalletIframe/validation.js";
-import { errorMessage, init_errors } from "../../../../utils/errors.js";
-import { init_credentialsHelpers, removePrfOutputGuard, serializeRegistrationCredentialWithPRF } from "../../credentialsHelpers.js";
-import { PASSKEY_MANAGER_DEFAULT_CONFIGS, init_defaultConfigs } from "../../../defaultConfigs.js";
-import { checkCanRegisterUserContractCall, init_rpcCalls } from "../../../rpcCalls.js";
+import { isObject, isString } from "../../../../utils/validation.js";
+import { errorMessage } from "../../../../utils/errors.js";
+import { PASSKEY_MANAGER_DEFAULT_CONFIGS } from "../../../defaultConfigs.js";
+import { removePrfOutputGuard, serializeRegistrationCredentialWithPRF } from "../../credentialsHelpers.js";
+import { RegistrationPhase, RegistrationStatus } from "../../../types/sdkSentEvents.js";
+import { checkCanRegisterUserContractCall } from "../../../rpcCalls.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.ts
-init_defaultConfigs();
-init_rpcCalls();
-init_credentialsHelpers();
-init_errors();
-init_validation();
 async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId, nearRpcUrl, authenticatorOptions, onEvent }) {
 	try {
 		const isSerialized = (cred) => {
@@ -22,9 +18,9 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
 		const resolvedContractId = contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;
 		onEvent?.({
 			step: 3,
-			phase: "REGISTRATION_CONTRACT_PRE_CHECK",
-			status: "PROGRESS",
-			message: "Calling check_can_register_user on contract..."
+			phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
+			status: RegistrationStatus.PROGRESS,
+			message: "Running webauthn contract registration checks..."
 		});
 		const strippedCredential = removePrfOutputGuard(serializedCredential);
 		const result = await checkCanRegisterUserContractCall({
@@ -43,9 +39,10 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
 		};
 		onEvent?.({
 			step: 3,
-			phase: "REGISTRATION_CONTRACT_PRE_CHECK",
-			status: result.verified ? "SUCCESS" : "ERROR",
-			message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed"
+			phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
+			status: result.verified ? RegistrationStatus.SUCCESS : RegistrationStatus.ERROR,
+			message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed",
+			...result.verified ? {} : { error: result.error || "Registration pre-check failed" }
 		});
 		return {
 			success: true,

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"checkCanRegisterUser.js","names":["serializedCredential: WebAuthnRegistrationCredential","result: CheckCanRegisterUserResult","error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.ts"],"sourcesContent":["\nimport { PASSKEY_MANAGER_DEFAULT_CONFIGS } from \"../../../defaultConfigs\";\nimport type { CheckCanRegisterUserResult } from '../../../rpcCalls';\nimport { checkCanRegisterUserContractCall } from '../../../rpcCalls';\nimport { serializeRegistrationCredentialWithPRF, removePrfOutputGuard } from '../../credentialsHelpers';\nimport { VRFChallenge } from '../../../types/vrf-worker';\nimport type { ~~onProgressEvents~~ } from '../../../types/sdkSentEvents';\nimport type { AuthenticatorOptions } from '../../../types/authenticatorOptions';\nimport { SignerWorkerManagerContext } from '..';\nimport type { WebAuthnRegistrationCredential } from '../../../types/webauthn';\nimport { errorMessage } from '@/utils/errors';\nimport { isObject, isString } from '~~../../../WalletIframe~~/validation';\n\n\nexport async function checkCanRegisterUser({\n ctx,\n vrfChallenge,\n credential,\n contractId,\n nearRpcUrl,\n authenticatorOptions,\n onEvent,\n}: {\n ctx: SignerWorkerManagerContext,\n vrfChallenge: VRFChallenge,\n credential: WebAuthnRegistrationCredential,\n contractId: string;\n nearRpcUrl: string;\n authenticatorOptions?: AuthenticatorOptions; // Authenticator options for registration check\n onEvent?: (update: ~~onProgressEvents~~) => void;\n}): Promise<{\n success: boolean;\n verified?: boolean;\n registrationInfo?: {\n credentialId: Uint8Array;\n credentialPublicKey: Uint8Array;\n userId: string;\n vrfPublicKey: Uint8Array \| undefined;\n };\n logs?: string[];\n signedTransactionBorsh?: number[];\n error?: string;\n}> {\n try {\n // Accept either a real PublicKeyCredential or an already-serialized credential\n const isSerialized = (cred: unknown): cred is WebAuthnRegistrationCredential => {\n if (!isObject(cred)) return false;\n const resp = (cred as { response?: unknown }).response;\n if (!isObject(resp)) return false;\n return isString((resp as { clientDataJSON?: unknown }).clientDataJSON)\n && isString((resp as { attestationObject?: unknown }).attestationObject);\n };\n\n const serializedCredential: WebAuthnRegistrationCredential = isSerialized(credential)\n ? credential\n : serializeRegistrationCredentialWithPRF({ credential: credential });\n\n // Ensure required fields are present; avoid undefined which gets dropped by JSON.stringify in the worker\n const resolvedContractId = contractId \|\| PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;\n\n onEvent?.({\n step: 3,\n phase: ~~'REGISTRATION_CONTRACT_PRE_CHECK' as any~~,\n status: 'PROGRESS~~' as any~~,\n message: '~~Calling~~ ~~check_can_register_user~~ on ~~contract~~...',\n });\n\n // PRF outputs must never be sent over the network. Strip them before\n // calling the contract while preserving the rest of the credential shape.\n const strippedCredential = removePrfOutputGuard<WebAuthnRegistrationCredential>(serializedCredential);\n\n const result: CheckCanRegisterUserResult = await checkCanRegisterUserContractCall({\n nearClient: ctx.nearClient,\n contractId: resolvedContractId,\n vrfChallenge,\n credential: strippedCredential,\n authenticatorOptions,\n });\n\n if (!result.success) {\n throw new Error(result.error \|\| 'Registration pre-check RPC failed');\n }\n\n const wasmResult = {\n verified: result.verified,\n registrationInfo: undefined,\n logs: result.logs,\n error: result.error,\n };\n\n onEvent?.({\n step: 3,\n phase: ~~'REGISTRATION_CONTRACT_PRE_CHECK' as any~~,\n status: result.verified ? 'SUCCESS' ~~as any~~ : 'ERROR~~' as any~~,\n message: result.verified ? 'Registration pre-check succeeded' : (result.error \|\| 'Registration pre-check failed'),\n });\n\n return {\n success: true,\n verified: wasmResult.verified,\n registrationInfo: wasmResult.registrationInfo,\n logs: wasmResult.logs,\n error: wasmResult.error,\n };\n\n } catch (error: unknown) {\n // Preserve the detailed error message instead of converting to generic error\n console.error('checkCanRegisterUser failed:', error);\n return {\n success: false,\n verified: false,\n error: errorMessage(error) \|\| 'Unknown error occurred',\n logs: [],\n };\n }\n}\n"],"mappings":"~~;;;;;;;;;;;;~~AAcA,eAAsB,qBAAqB,EACzC,KACA,cACA,YACA,YACA,YACA,sBACA,WAqBC;AACD,KAAI;EAEF,MAAM,gBAAgB,SAA0D;AAC9E,OAAI,CAAC,SAAS,MAAO,QAAO;GAC5B,MAAM,OAAQ,KAAgC;AAC9C,OAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,UAAO,SAAU,KAAsC,mBAClD,SAAU,KAAyC;;EAG1D,MAAMA,uBAAuD,aAAa,cACtE,aACA,uCAAuC,EAAc;EAGzD,MAAM,qBAAqB,cAAc,gCAAgC;AAEzE,YAAU;GACR,MAAM;GACN,OAAO;~~GACP~~,QAAQ;~~GACR~~,SAAS;;EAKX,MAAM,qBAAqB,qBAAqD;EAEhF,MAAMC,SAAqC,MAAM,iCAAiC;GAChF,YAAY,IAAI;GAChB,YAAY;GACZ;GACA,YAAY;GACZ;;AAGF,MAAI,CAAC,OAAO,QACV,OAAM,IAAI,MAAM,OAAO,SAAS;EAGlC,MAAM,aAAa;GACjB,UAAU,OAAO;GACjB,kBAAkB;GAClB,MAAM,OAAO;GACb,OAAO,OAAO;;AAGhB,YAAU;GACR,MAAM;GACN,OAAO;~~GACP~~,QAAQ,OAAO,WAAW,~~YAAmB~~;~~GAC7C~~,SAAS,OAAO,WAAW,qCAAsC,OAAO,SAAS;;~~AAGnF~~,SAAO;GACL,SAAS;GACT,UAAU,WAAW;GACrB,kBAAkB,WAAW;GAC7B,MAAM,WAAW;GACjB,OAAO,WAAW;;UAGbC,OAAgB;AAEvB,UAAQ,MAAM,gCAAgC;AAC9C,SAAO;GACL,SAAS;GACT,UAAU;GACV,OAAO,aAAa,UAAU;GAC9B,MAAM"}
1	+ {"version":3,"file":"checkCanRegisterUser.js","names":["serializedCredential: WebAuthnRegistrationCredential","result: CheckCanRegisterUserResult","error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.ts"],"sourcesContent":["\nimport { PASSKEY_MANAGER_DEFAULT_CONFIGS } from \"../../../defaultConfigs\";\nimport type { CheckCanRegisterUserResult } from '../../../rpcCalls';\nimport { checkCanRegisterUserContractCall } from '../../../rpcCalls';\nimport { serializeRegistrationCredentialWithPRF, removePrfOutputGuard } from '../../credentialsHelpers';\nimport { VRFChallenge } from '../../../types/vrf-worker';\nimport { RegistrationPhase, RegistrationStatus, type RegistrationEventStep3 } from '../../../types/sdkSentEvents';\nimport type { AuthenticatorOptions } from '../../../types/authenticatorOptions';\nimport { SignerWorkerManagerContext } from '..';\nimport type { WebAuthnRegistrationCredential } from '../../../types/webauthn';\nimport { errorMessage } from '@/utils/errors';\nimport { isObject, isString } from '@/utils/validation';\n\n\nexport async function checkCanRegisterUser({\n ctx,\n vrfChallenge,\n credential,\n contractId,\n nearRpcUrl,\n authenticatorOptions,\n onEvent,\n}: {\n ctx: SignerWorkerManagerContext,\n vrfChallenge: VRFChallenge,\n credential: WebAuthnRegistrationCredential,\n contractId: string;\n nearRpcUrl: string;\n authenticatorOptions?: AuthenticatorOptions; // Authenticator options for registration check\n onEvent?: (update: RegistrationEventStep3) => void;\n}): Promise<{\n success: boolean;\n verified?: boolean;\n registrationInfo?: {\n credentialId: Uint8Array;\n credentialPublicKey: Uint8Array;\n userId: string;\n vrfPublicKey: Uint8Array \| undefined;\n };\n logs?: string[];\n signedTransactionBorsh?: number[];\n error?: string;\n}> {\n try {\n // Accept either a real PublicKeyCredential or an already-serialized credential\n const isSerialized = (cred: unknown): cred is WebAuthnRegistrationCredential => {\n if (!isObject(cred)) return false;\n const resp = (cred as { response?: unknown }).response;\n if (!isObject(resp)) return false;\n return isString((resp as { clientDataJSON?: unknown }).clientDataJSON)\n && isString((resp as { attestationObject?: unknown }).attestationObject);\n };\n\n const serializedCredential: WebAuthnRegistrationCredential = isSerialized(credential)\n ? credential\n : serializeRegistrationCredentialWithPRF({ credential: credential });\n\n // Ensure required fields are present; avoid undefined which gets dropped by JSON.stringify in the worker\n const resolvedContractId = contractId \|\| PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;\n\n onEvent?.({\n step: 3,\n phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,\n status: RegistrationStatus.PROGRESS,\n message: 'Running webauthn contract registration checks...',\n });\n\n // PRF outputs must never be sent over the network. Strip them before\n // calling the contract while preserving the rest of the credential shape.\n const strippedCredential = removePrfOutputGuard<WebAuthnRegistrationCredential>(serializedCredential);\n\n const result: CheckCanRegisterUserResult = await checkCanRegisterUserContractCall({\n nearClient: ctx.nearClient,\n contractId: resolvedContractId,\n vrfChallenge,\n credential: strippedCredential,\n authenticatorOptions,\n });\n\n if (!result.success) {\n throw new Error(result.error \|\| 'Registration pre-check RPC failed');\n }\n\n const wasmResult = {\n verified: result.verified,\n registrationInfo: undefined,\n logs: result.logs,\n error: result.error,\n };\n\n onEvent?.({\n step: 3,\n phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,\n status: result.verified ? RegistrationStatus.SUCCESS : RegistrationStatus.ERROR,\n message: result.verified ? 'Registration pre-check succeeded' : (result.error \|\| 'Registration pre-check failed'),\n ...(result.verified ? {} : { error: result.error \|\| 'Registration pre-check failed' }),\n });\n\n return {\n success: true,\n verified: wasmResult.verified,\n registrationInfo: wasmResult.registrationInfo,\n logs: wasmResult.logs,\n error: wasmResult.error,\n };\n\n } catch (error: unknown) {\n // Preserve the detailed error message instead of converting to generic error\n console.error('checkCanRegisterUser failed:', error);\n return {\n success: false,\n verified: false,\n error: errorMessage(error) \|\| 'Unknown error occurred',\n logs: [],\n };\n }\n}\n"],"mappings":";;;;;;;;AAcA,eAAsB,qBAAqB,EACzC,KACA,cACA,YACA,YACA,YACA,sBACA,WAqBC;AACD,KAAI;EAEF,MAAM,gBAAgB,SAA0D;AAC9E,OAAI,CAAC,SAAS,MAAO,QAAO;GAC5B,MAAM,OAAQ,KAAgC;AAC9C,OAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,UAAO,SAAU,KAAsC,mBAClD,SAAU,KAAyC;;EAG1D,MAAMA,uBAAuD,aAAa,cACtE,aACA,uCAAuC,EAAc;EAGzD,MAAM,qBAAqB,cAAc,gCAAgC;AAEzE,YAAU;GACR,MAAM;GACN,OAAO,kBAAkB;GACzB,QAAQ,mBAAmB;GAC3B,SAAS;;EAKX,MAAM,qBAAqB,qBAAqD;EAEhF,MAAMC,SAAqC,MAAM,iCAAiC;GAChF,YAAY,IAAI;GAChB,YAAY;GACZ;GACA,YAAY;GACZ;;AAGF,MAAI,CAAC,OAAO,QACV,OAAM,IAAI,MAAM,OAAO,SAAS;EAGlC,MAAM,aAAa;GACjB,UAAU,OAAO;GACjB,kBAAkB;GAClB,MAAM,OAAO;GACb,OAAO,OAAO;;AAGhB,YAAU;GACR,MAAM;GACN,OAAO,kBAAkB;GACzB,QAAQ,OAAO,WAAW,mBAAmB,UAAU,mBAAmB;GAC1E,SAAS,OAAO,WAAW,qCAAsC,OAAO,SAAS;GACjF,GAAI,OAAO,WAAW,KAAK,EAAE,OAAO,OAAO,SAAS;;AAGtD,SAAO;GACL,SAAS;GACT,UAAU,WAAW;GACrB,kBAAkB,WAAW;GAC7B,MAAM,WAAW;GACjB,OAAO,WAAW;;UAGbC,OAAgB;AAEvB,UAAQ,MAAM,gCAAgC;AAC9C,SAAO;GACL,SAAS;GACT,UAAU;GACV,OAAO,aAAa,UAAU;GAC9B,MAAM"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js CHANGED Viewed

@@ -1,28 +1,24 @@
-import { init_accountIds, toAccountId } from "../../../types/accountIds.js";
-import { WorkerRequestType, init_signer_worker, isDecryptPrivateKeyWithPrfSuccess } from "../../../types/signer-worker.js";
-import { init_validation, isObject } from "../../../WalletIframe/validation.js";
-import { getLastLoggedInDeviceNumber, init_getDeviceNumber } from "../getDeviceNumber.js";
+import { isObject } from "../../../../utils/validation.js";
+import { toAccountId } from "../../../types/accountIds.js";
+import { WorkerRequestType, isDecryptPrivateKeyWithPrfSuccess } from "../../../types/signer-worker.js";
+import { getLastLoggedInDeviceNumber } from "../getDeviceNumber.js";
 import { withSessionId } from "./session.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.ts
-init_signer_worker();
-init_accountIds();
-init_getDeviceNumber();
-init_validation();
 async function decryptPrivateKeyWithPrf({ ctx, nearAccountId, authenticators, sessionId }) {
 	try {
 		console.info("WebAuthnManager: Starting private key decryption with dual PRF (local operation)");
 		const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
-		const encryptedKeyData = await ctx.indexedDB.nearKeysDB.getEncryptedKey(nearAccountId, deviceNumber);
-		if (!encryptedKeyData) throw new Error(`No encrypted key found for account: ${nearAccountId}`);
+		const keyMaterial = await ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
+		if (!keyMaterial) throw new Error(`No key material found for account: ${nearAccountId}`);
 		const response = await ctx.sendMessage({
 			sessionId,
 			message: {
 				type: WorkerRequestType.DecryptPrivateKeyWithPrf,
 				payload: withSessionId(sessionId, {
 					nearAccountId,
-					encryptedPrivateKeyData: encryptedKeyData.encryptedData,
-					encryptedPrivateKeyChacha20NonceB64u: encryptedKeyData.chacha20NonceB64u
+					encryptedPrivateKeyData: keyMaterial.encryptedSk,
+					encryptedPrivateKeyChacha20NonceB64u: keyMaterial.chacha20NonceB64u
 				})
 			}
 		});

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"decryptPrivateKeyWithPrf.js","names":["error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.ts"],"sourcesContent":["\nimport { ClientAuthenticatorData } from '../../../IndexedDBManager';\nimport {\n WorkerRequestType,\n isDecryptPrivateKeyWithPrfSuccess,\n} from '../../../types/signer-worker';\nimport { AccountId, toAccountId } from \"../../../types/accountIds\";\n\nimport { SignerWorkerManagerContext } from '..';\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\nimport { isObject } from '~~../../../WalletIframe~~/validation';\nimport { withSessionId } from './session';\n\nexport async function decryptPrivateKeyWithPrf({\n ctx,\n nearAccountId,\n authenticators,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext,\n nearAccountId: AccountId,\n authenticators: ClientAuthenticatorData[],\n sessionId: string,\n}): Promise<{ decryptedPrivateKey: string; nearAccountId: AccountId }> {\n try {\n console.info('WebAuthnManager: Starting private key decryption with dual PRF (local operation)');\n // Retrieve encrypted key data from IndexedDB in main thread\n const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);\n const ~~encryptedKeyData~~ = await ctx.indexedDB.nearKeysDB.~~getEncryptedKey~~(nearAccountId, deviceNumber);\n if (!~~encryptedKeyData~~) {\n throw new Error(`No ~~encrypted~~ key found for account: ${nearAccountId}`);\n }\n\n const response = await ctx.sendMessage({\n sessionId,\n message: {\n type: WorkerRequestType.DecryptPrivateKeyWithPrf,\n payload: withSessionId(sessionId, {\n nearAccountId: nearAccountId,\n encryptedPrivateKeyData: ~~encryptedKeyData~~.~~encryptedData~~,\n encryptedPrivateKeyChacha20NonceB64u: ~~encryptedKeyData~~.chacha20NonceB64u,\n })\n },\n });\n\n if (!isDecryptPrivateKeyWithPrfSuccess(response)) {\n console.error('WebAuthnManager: Dual PRF private key decryption failed:', response);\n const payloadError = isObject(response?.payload) && (response as any)?.payload?.error;\n throw new Error(payloadError \|\| 'Private key decryption failed');\n }\n return {\n decryptedPrivateKey: response.payload.privateKey,\n nearAccountId: toAccountId(response.payload.nearAccountId)\n };\n } catch (error: unknown) {\n console.error('WebAuthnManager: Dual PRF private key decryption error:', error);\n throw error;\n }\n}\n"],"mappings":"~~;;;;;;;;;;;~~AAaA,eAAsB,yBAAyB,EAC7C,KACA,eACA,gBACA,aAMqE;AACrE,KAAI;AACF,UAAQ,KAAK;EAEb,MAAM,eAAe,MAAM,4BAA4B,eAAe,IAAI,UAAU;EACpF,MAAM,~~mBAAmB~~,MAAM,IAAI,UAAU,WAAW,~~gBAAgB~~,eAAe;~~AACvF~~,MAAI,CAAC,~~iBACH~~,OAAM,IAAI,MAAM,~~uCAAuC~~;~~EAGzD~~,MAAM,WAAW,MAAM,IAAI,YAAY;GACrC;GACA,SAAS;IACP,MAAM,kBAAkB;IACxB,SAAS,cAAc,WAAW;KACjB;KACf,yBAAyB,~~iBAAiB~~;~~KAC1C~~,sCAAsC,~~iBAAiB~~;;;;~~AAK7D~~,MAAI,CAAC,kCAAkC,WAAW;AAChD,WAAQ,MAAM,4DAA4D;GAC1E,MAAM,eAAe,SAAS,UAAU,YAAa,UAAkB,SAAS;AAChF,SAAM,IAAI,MAAM,gBAAgB;;AAElC,SAAO;GACL,qBAAqB,SAAS,QAAQ;GACtC,eAAe,YAAY,SAAS,QAAQ;;UAEvCA,OAAgB;AACvB,UAAQ,MAAM,2DAA2D;AACzE,QAAM"}
1	+ {"version":3,"file":"decryptPrivateKeyWithPrf.js","names":["error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.ts"],"sourcesContent":["\nimport { ClientAuthenticatorData } from '../../../IndexedDBManager';\nimport {\n WorkerRequestType,\n isDecryptPrivateKeyWithPrfSuccess,\n} from '../../../types/signer-worker';\nimport { AccountId, toAccountId } from \"../../../types/accountIds\";\n\nimport { SignerWorkerManagerContext } from '..';\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\nimport { isObject } from '@/utils/validation';\nimport { withSessionId } from './session';\n\nexport async function decryptPrivateKeyWithPrf({\n ctx,\n nearAccountId,\n authenticators,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext,\n nearAccountId: AccountId,\n authenticators: ClientAuthenticatorData[],\n sessionId: string,\n}): Promise<{ decryptedPrivateKey: string; nearAccountId: AccountId }> {\n try {\n console.info('WebAuthnManager: Starting private key decryption with dual PRF (local operation)');\n // Retrieve encrypted key data from IndexedDB in main thread\n const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);\n const keyMaterial = await ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);\n if (!keyMaterial) {\n throw new Error(`No key material found for account: ${nearAccountId}`);\n }\n\n const response = await ctx.sendMessage({\n sessionId,\n message: {\n type: WorkerRequestType.DecryptPrivateKeyWithPrf,\n payload: withSessionId(sessionId, {\n nearAccountId: nearAccountId,\n encryptedPrivateKeyData: keyMaterial.encryptedSk,\n encryptedPrivateKeyChacha20NonceB64u: keyMaterial.chacha20NonceB64u,\n })\n },\n });\n\n if (!isDecryptPrivateKeyWithPrfSuccess(response)) {\n console.error('WebAuthnManager: Dual PRF private key decryption failed:', response);\n const payloadError = isObject(response?.payload) && (response as any)?.payload?.error;\n throw new Error(payloadError \|\| 'Private key decryption failed');\n }\n return {\n decryptedPrivateKey: response.payload.privateKey,\n nearAccountId: toAccountId(response.payload.nearAccountId)\n };\n } catch (error: unknown) {\n console.error('WebAuthnManager: Dual PRF private key decryption error:', error);\n throw error;\n }\n}\n"],"mappings":";;;;;;;AAaA,eAAsB,yBAAyB,EAC7C,KACA,eACA,gBACA,aAMqE;AACrE,KAAI;AACF,UAAQ,KAAK;EAEb,MAAM,eAAe,MAAM,4BAA4B,eAAe,IAAI,UAAU;EACpF,MAAM,cAAc,MAAM,IAAI,UAAU,WAAW,oBAAoB,eAAe;AACtF,MAAI,CAAC,YACH,OAAM,IAAI,MAAM,sCAAsC;EAGxD,MAAM,WAAW,MAAM,IAAI,YAAY;GACrC;GACA,SAAS;IACP,MAAM,kBAAkB;IACxB,SAAS,cAAc,WAAW;KACjB;KACf,yBAAyB,YAAY;KACrC,sCAAsC,YAAY;;;;AAKxD,MAAI,CAAC,kCAAkC,WAAW;AAChD,WAAQ,MAAM,4DAA4D;GAC1E,MAAM,eAAe,SAAS,UAAU,YAAa,UAAkB,SAAS;AAChF,SAAM,IAAI,MAAM,gBAAgB;;AAElC,SAAO;GACL,qBAAqB,SAAS,QAAQ;GACtC,eAAe,YAAY,SAAS,QAAQ;;UAEvCA,OAAgB;AACvB,UAAQ,MAAM,2DAA2D;AACzE,QAAM"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js CHANGED Viewed

@@ -1,13 +1,10 @@
-import { init_accountIds, toAccountId } from "../../../types/accountIds.js";
-import { WorkerRequestType, init_signer_worker, isDeriveNearKeypairAndEncryptSuccess } from "../../../types/signer-worker.js";
-import { getLastLoggedInDeviceNumber, init_getDeviceNumber } from "../getDeviceNumber.js";
+import { toAccountId } from "../../../types/accountIds.js";
+import { WorkerRequestType, isDeriveNearKeypairAndEncryptSuccess } from "../../../types/signer-worker.js";
+import { getLastLoggedInDeviceNumber } from "../getDeviceNumber.js";
 import { toEnumUserVerificationPolicy } from "../../../types/authenticatorOptions.js";
 import { withSessionId } from "./session.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.ts
-init_signer_worker();
-init_accountIds();
-init_getDeviceNumber();
 /**
 * Derive NEAR keypair and encrypt it from a serialized WebAuthn registration credential
 * (shape compatible with SerializedRegistrationCredential from WASM) by extracting PRF outputs from it.
@@ -31,21 +28,22 @@ async function deriveNearKeypairAndEncryptFromSerialized({ ctx, credential, near
 		});
 		if (!isDeriveNearKeypairAndEncryptSuccess(response)) throw new Error("Dual PRF registration (from serialized) failed");
 		const wasmResult = response.payload;
-		const version = wasmResult.version ?? 2;
 		const wrapKeySaltPersisted = wasmResult.wrapKeySalt;
+		if (!wrapKeySaltPersisted) throw new Error("Missing wrapKeySalt in deriveNearKeypairAndEncrypt result");
 		const deviceNumber = typeof options?.deviceNumber === "number" ? options.deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
 		const chacha20NonceB64u = wasmResult.chacha20NonceB64u;
 		if (!chacha20NonceB64u) throw new Error("Missing chacha20NonceB64u in deriveNearKeypairAndEncrypt result");
-		const keyData = {
+		const keyMaterial = {
+			kind: "local_near_sk_v3",
 			nearAccountId,
 			deviceNumber,
-			encryptedData: wasmResult.encryptedData,
+			publicKey: wasmResult.publicKey,
+			encryptedSk: wasmResult.encryptedData,
 			chacha20NonceB64u,
 			wrapKeySalt: wrapKeySaltPersisted,
-			version,
 			timestamp: Date.now()
 		};
-		await ctx.indexedDB.nearKeysDB.storeEncryptedKey(keyData);
+		await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);
 		return {
 			success: true,
 			nearAccountId: toAccountId(wasmResult.nearAccountId),

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"deriveNearKeypairAndEncryptFromSerialized.js","names":["~~keyData~~: ~~EncryptedKeyData~~","error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.ts"],"sourcesContent":["\nimport type { ~~EncryptedKeyData~~ } from '../../../IndexedDBManager/passkeyNearKeysDB';\nimport type { AuthenticatorOptions } from '../../../types/authenticatorOptions';\nimport {\n WorkerRequestType,\n isDeriveNearKeypairAndEncryptSuccess,\n} from '../../../types/signer-worker';\nimport { AccountId, toAccountId } from \"../../../types/accountIds\";\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\nimport { SignerWorkerManagerContext } from '..';\nimport type { WebAuthnRegistrationCredential } from '@/core/types/webauthn';\nimport { toEnumUserVerificationPolicy } from '../../../types/authenticatorOptions';\nimport { withSessionId } from './session';\n\n/*\n Derive NEAR keypair and encrypt it from a serialized WebAuthn registration credential\n * (shape compatible with SerializedRegistrationCredential from WASM) by extracting PRF outputs from it.\n /\nexport async function deriveNearKeypairAndEncryptFromSerialized({\n ctx,\n credential,\n nearAccountId,\n options,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext,\n credential: WebAuthnRegistrationCredential;\n nearAccountId: AccountId,\n options?: {\n authenticatorOptions?: AuthenticatorOptions;\n deviceNumber?: number;\n };\n sessionId: string;\n}): Promise<{\n success: boolean;\n nearAccountId: AccountId;\n publicKey: string;\n /\n Base64url-encoded AEAD nonce (ChaCha20-Poly1305) for the encrypted private key.\n */\n chacha20NonceB64u?: string;\n wrapKeySalt?: string;\n error?: string;\n}> {\n try {\n // PRF outputs are now extracted by VRF worker and delivered to signer worker via MessagePort\n // No need to extract or send them through main thread\n if (!sessionId) throw new Error('Missing sessionId for registration WrapKeySeed delivery');\n\n const response = await ctx.sendMessage<WorkerRequestType.DeriveNearKeypairAndEncrypt>({\n sessionId,\n message: {\n type: WorkerRequestType.DeriveNearKeypairAndEncrypt,\n payload: withSessionId(sessionId, {\n nearAccountId: nearAccountId,\n credential,\n authenticatorOptions: options?.authenticatorOptions ? {\n userVerification: toEnumUserVerificationPolicy(options.authenticatorOptions.userVerification),\n originPolicy: options.authenticatorOptions.originPolicy,\n } : undefined,\n })\n },\n });\n\n if (!isDeriveNearKeypairAndEncryptSuccess(response)) {\n throw new Error('Dual PRF registration (from serialized) failed');\n }\n\n const wasmResult = response.payload;\n const ~~version~~ = (wasmResult ~~as any)~~.~~version ?? 2~~;\n ~~const~~ wrapKeySaltPersisted = ~~wasmResult.~~wrapKeySalt;\n // Prefer explicitly provided deviceNumber, else derive from IndexedDB state\n const deviceNumber = (typeof options?.deviceNumber === 'number')\n ? options!.deviceNumber!\n : await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);\n const chacha20NonceB64u = wasmResult.chacha20NonceB64u;\n if (!chacha20NonceB64u) {\n throw new Error('Missing chacha20NonceB64u in deriveNearKeypairAndEncrypt result');\n }\n const ~~keyData~~: ~~EncryptedKeyData~~ = {\n ~~nearAccountId~~: nearAccountId,\n deviceNumber,\n ~~encryptedData~~: wasmResult.encryptedData,\n chacha20NonceB64u,\n wrapKeySalt: wrapKeySaltPersisted,\n ~~version,\n~~ timestamp: Date.now()\n };\n await ctx.indexedDB.nearKeysDB.~~storeEncryptedKey~~(~~keyData~~);\n\n return {\n success: true,\n nearAccountId: toAccountId(wasmResult.nearAccountId),\n publicKey: wasmResult.publicKey,\n chacha20NonceB64u,\n wrapKeySalt: wrapKeySaltPersisted,\n };\n } catch (error: unknown) {\n console.error('WebAuthnManager: deriveNearKeypairAndEncryptFromSerialized error:', error);\n const message = String((error as { message?: unknown })?.message \|\| error \|\| '');\n return {\n success: false,\n nearAccountId,\n publicKey: '',\n error: message\n };\n }\n}\n"],"mappings":"~~;;;;;;;;;;;;;;~~AAkBA,eAAsB,0CAA0C,EAC9D,KACA,YACA,eACA,SACA,aAoBC;AACD,KAAI;AAGF,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM;EAEhC,MAAM,WAAW,MAAM,IAAI,YAA2D;GACpF;GACA,SAAS;IACP,MAAM,kBAAkB;IACxB,SAAS,cAAc,WAAW;KACjB;KACf;KACA,sBAAsB,SAAS,uBAAuB;MACpD,kBAAkB,6BAA6B,QAAQ,qBAAqB;MAC5E,cAAc,QAAQ,qBAAqB;SACzC;;;;AAKV,MAAI,CAAC,qCAAqC,UACxC,OAAM,IAAI,MAAM;EAGlB,MAAM,aAAa,SAAS;EAC5B,MAAM,~~UAAW~~,~~WAAmB,~~WAAW;~~EAC/C~~,~~MAAM~~,~~uBAAuB~~,~~WAAW~~;~~EAExC~~,MAAM,eAAgB,OAAO,SAAS,iBAAiB,WACnD,QAAS,eACT,MAAM,4BAA4B,eAAe,IAAI,UAAU;EACnE,MAAM,oBAAoB,WAAW;AACrC,MAAI,CAAC,kBACH,OAAM,IAAI,MAAM;EAElB,MAAMA,~~UAA4B~~;~~GACjB~~;~~GACf~~;GACA,~~eAAe~~,WAAW;~~GAC1B~~;GACA,aAAa;GACb~~;GACA~~,WAAW,KAAK;;AAElB,QAAM,IAAI,UAAU,WAAW,~~kBAAkB~~;~~AAEjD~~,SAAO;GACL,SAAS;GACT,eAAe,YAAY,WAAW;GACtC,WAAW,WAAW;GACtB;GACA,aAAa;;UAERC,OAAgB;AACvB,UAAQ,MAAM,qEAAqE;EACnF,MAAM,UAAU,OAAQ,OAAiC,WAAW,SAAS;AAC7E,SAAO;GACL,SAAS;GACT;GACA,WAAW;GACX,OAAO"}
1	+ {"version":3,"file":"deriveNearKeypairAndEncryptFromSerialized.js","names":["keyMaterial: LocalNearSkV3Material","error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.ts"],"sourcesContent":["\nimport type { LocalNearSkV3Material } from '../../../IndexedDBManager/passkeyNearKeysDB';\nimport type { AuthenticatorOptions } from '../../../types/authenticatorOptions';\nimport {\n WorkerRequestType,\n isDeriveNearKeypairAndEncryptSuccess,\n} from '../../../types/signer-worker';\nimport { AccountId, toAccountId } from \"../../../types/accountIds\";\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\nimport { SignerWorkerManagerContext } from '..';\nimport type { WebAuthnRegistrationCredential } from '@/core/types/webauthn';\nimport { toEnumUserVerificationPolicy } from '../../../types/authenticatorOptions';\nimport { withSessionId } from './session';\n\n/*\n Derive NEAR keypair and encrypt it from a serialized WebAuthn registration credential\n * (shape compatible with SerializedRegistrationCredential from WASM) by extracting PRF outputs from it.\n /\nexport async function deriveNearKeypairAndEncryptFromSerialized({\n ctx,\n credential,\n nearAccountId,\n options,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext,\n credential: WebAuthnRegistrationCredential;\n nearAccountId: AccountId,\n options?: {\n authenticatorOptions?: AuthenticatorOptions;\n deviceNumber?: number;\n };\n sessionId: string;\n}): Promise<{\n success: boolean;\n nearAccountId: AccountId;\n publicKey: string;\n /\n Base64url-encoded AEAD nonce (ChaCha20-Poly1305) for the encrypted private key.\n */\n chacha20NonceB64u?: string;\n wrapKeySalt?: string;\n error?: string;\n}> {\n try {\n // PRF outputs are now extracted by VRF worker and delivered to signer worker via MessagePort\n // No need to extract or send them through main thread\n if (!sessionId) throw new Error('Missing sessionId for registration WrapKeySeed delivery');\n\n const response = await ctx.sendMessage<WorkerRequestType.DeriveNearKeypairAndEncrypt>({\n sessionId,\n message: {\n type: WorkerRequestType.DeriveNearKeypairAndEncrypt,\n payload: withSessionId(sessionId, {\n nearAccountId: nearAccountId,\n credential,\n authenticatorOptions: options?.authenticatorOptions ? {\n userVerification: toEnumUserVerificationPolicy(options.authenticatorOptions.userVerification),\n originPolicy: options.authenticatorOptions.originPolicy,\n } : undefined,\n })\n },\n });\n\n if (!isDeriveNearKeypairAndEncryptSuccess(response)) {\n throw new Error('Dual PRF registration (from serialized) failed');\n }\n\n const wasmResult = response.payload;\n const wrapKeySaltPersisted = wasmResult.wrapKeySalt;\n if (!wrapKeySaltPersisted) {\n throw new Error('Missing wrapKeySalt in deriveNearKeypairAndEncrypt result');\n }\n // Prefer explicitly provided deviceNumber, else derive from IndexedDB state\n const deviceNumber = (typeof options?.deviceNumber === 'number')\n ? options!.deviceNumber!\n : await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);\n const chacha20NonceB64u = wasmResult.chacha20NonceB64u;\n if (!chacha20NonceB64u) {\n throw new Error('Missing chacha20NonceB64u in deriveNearKeypairAndEncrypt result');\n }\n const keyMaterial: LocalNearSkV3Material = {\n kind: 'local_near_sk_v3',\n nearAccountId,\n deviceNumber,\n publicKey: wasmResult.publicKey,\n encryptedSk: wasmResult.encryptedData,\n chacha20NonceB64u,\n wrapKeySalt: wrapKeySaltPersisted,\n timestamp: Date.now(),\n };\n await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);\n\n return {\n success: true,\n nearAccountId: toAccountId(wasmResult.nearAccountId),\n publicKey: wasmResult.publicKey,\n chacha20NonceB64u,\n wrapKeySalt: wrapKeySaltPersisted,\n };\n } catch (error: unknown) {\n console.error('WebAuthnManager: deriveNearKeypairAndEncryptFromSerialized error:', error);\n const message = String((error as { message?: unknown })?.message \|\| error \|\| '');\n return {\n success: false,\n nearAccountId,\n publicKey: '',\n error: message\n };\n }\n}\n"],"mappings":";;;;;;;;;;;AAkBA,eAAsB,0CAA0C,EAC9D,KACA,YACA,eACA,SACA,aAoBC;AACD,KAAI;AAGF,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM;EAEhC,MAAM,WAAW,MAAM,IAAI,YAA2D;GACpF;GACA,SAAS;IACP,MAAM,kBAAkB;IACxB,SAAS,cAAc,WAAW;KACjB;KACf;KACA,sBAAsB,SAAS,uBAAuB;MACpD,kBAAkB,6BAA6B,QAAQ,qBAAqB;MAC5E,cAAc,QAAQ,qBAAqB;SACzC;;;;AAKV,MAAI,CAAC,qCAAqC,UACxC,OAAM,IAAI,MAAM;EAGlB,MAAM,aAAa,SAAS;EAC5B,MAAM,uBAAuB,WAAW;AACxC,MAAI,CAAC,qBACH,OAAM,IAAI,MAAM;EAGlB,MAAM,eAAgB,OAAO,SAAS,iBAAiB,WACnD,QAAS,eACT,MAAM,4BAA4B,eAAe,IAAI,UAAU;EACnE,MAAM,oBAAoB,WAAW;AACrC,MAAI,CAAC,kBACH,OAAM,IAAI,MAAM;EAElB,MAAMA,cAAqC;GACzC,MAAM;GACN;GACA;GACA,WAAW,WAAW;GACtB,aAAa,WAAW;GACxB;GACA,aAAa;GACb,WAAW,KAAK;;AAElB,QAAM,IAAI,UAAU,WAAW,iBAAiB;AAEhD,SAAO;GACL,SAAS;GACT,eAAe,YAAY,WAAW;GACtC,WAAW,WAAW;GACtB;GACA,aAAa;;UAERC,OAAgB;AACvB,UAAQ,MAAM,qEAAqE;EACnF,MAAM,UAAU,OAAQ,OAAiC,WAAW,SAAS;AAC7E,SAAO;GACL,SAAS;GACT;GACA,WAAW;GACX,OAAO"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js ADDED Viewed

@@ -0,0 +1,44 @@
+import { WorkerRequestType, WorkerResponseType } from "../../../types/signer-worker.js";
+//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.ts
+async function deriveThresholdEd25519ClientVerifyingShare(args) {
+	const { ctx } = args;
+	const sessionId = args.sessionId;
+	const nearAccountId = args.nearAccountId;
+	try {
+		if (!sessionId) throw new Error("Missing sessionId");
+		if (!nearAccountId) throw new Error("Missing nearAccountId");
+		const response = await ctx.sendMessage({
+			sessionId,
+			message: {
+				type: WorkerRequestType.DeriveThresholdEd25519ClientVerifyingShare,
+				payload: { nearAccountId }
+			}
+		});
+		if (response.type !== WorkerResponseType.DeriveThresholdEd25519ClientVerifyingShareSuccess) throw new Error("DeriveThresholdEd25519ClientVerifyingShare failed");
+		const wasmResult = response.payload;
+		const clientVerifyingShareB64u = wasmResult?.clientVerifyingShareB64u;
+		const wrapKeySalt = wasmResult?.wrapKeySalt;
+		if (!clientVerifyingShareB64u) throw new Error("Missing clientVerifyingShareB64u in worker response");
+		if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in worker response");
+		return {
+			success: true,
+			nearAccountId,
+			clientVerifyingShareB64u,
+			wrapKeySalt
+		};
+	} catch (error) {
+		const message = String(error?.message ?? error);
+		return {
+			success: false,
+			nearAccountId,
+			clientVerifyingShareB64u: "",
+			wrapKeySalt: "",
+			error: message
+		};
+	}
+}
+//#endregion
+export { deriveThresholdEd25519ClientVerifyingShare };
+//# sourceMappingURL=deriveThresholdEd25519ClientVerifyingShare.js.map

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"deriveThresholdEd25519ClientVerifyingShare.js","names":["error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.ts"],"sourcesContent":["import type { SignerWorkerManagerContext } from '..';\nimport {\n WorkerRequestType,\n WorkerResponseType,\n type WasmDeriveThresholdEd25519ClientVerifyingShareResult,\n} from '../../../types/signer-worker';\n\nexport async function deriveThresholdEd25519ClientVerifyingShare(args: {\n ctx: SignerWorkerManagerContext;\n sessionId: string;\n nearAccountId: string;\n}): Promise<{\n success: boolean;\n nearAccountId: string;\n clientVerifyingShareB64u: string;\n wrapKeySalt: string;\n error?: string;\n}> {\n const { ctx } = args;\n const sessionId = args.sessionId;\n const nearAccountId = args.nearAccountId;\n\n try {\n if (!sessionId) throw new Error('Missing sessionId');\n if (!nearAccountId) throw new Error('Missing nearAccountId');\n\n const response = await ctx.sendMessage<WorkerRequestType.DeriveThresholdEd25519ClientVerifyingShare>({\n sessionId,\n message: {\n type: WorkerRequestType.DeriveThresholdEd25519ClientVerifyingShare,\n payload: { nearAccountId },\n },\n });\n\n if (response.type !== WorkerResponseType.DeriveThresholdEd25519ClientVerifyingShareSuccess) {\n throw new Error('DeriveThresholdEd25519ClientVerifyingShare failed');\n }\n\n const wasmResult = response.payload as WasmDeriveThresholdEd25519ClientVerifyingShareResult;\n const clientVerifyingShareB64u = wasmResult?.clientVerifyingShareB64u;\n const wrapKeySalt = wasmResult?.wrapKeySalt;\n\n if (!clientVerifyingShareB64u) throw new Error('Missing clientVerifyingShareB64u in worker response');\n if (!wrapKeySalt) throw new Error('Missing wrapKeySalt in worker response');\n\n return {\n success: true,\n nearAccountId,\n clientVerifyingShareB64u,\n wrapKeySalt\n };\n } catch (error: unknown) {\n const message = String((error as { message?: unknown })?.message ?? error);\n return {\n success: false,\n nearAccountId,\n clientVerifyingShareB64u: '',\n wrapKeySalt: '',\n error: message\n };\n }\n}\n"],"mappings":";;;AAOA,eAAsB,2CAA2C,MAU9D;CACD,MAAM,EAAE,QAAQ;CAChB,MAAM,YAAY,KAAK;CACvB,MAAM,gBAAgB,KAAK;AAE3B,KAAI;AACF,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM;AAChC,MAAI,CAAC,cAAe,OAAM,IAAI,MAAM;EAEpC,MAAM,WAAW,MAAM,IAAI,YAA0E;GACnG;GACA,SAAS;IACP,MAAM,kBAAkB;IACxB,SAAS,EAAE;;;AAIf,MAAI,SAAS,SAAS,mBAAmB,kDACvC,OAAM,IAAI,MAAM;EAGlB,MAAM,aAAa,SAAS;EAC5B,MAAM,2BAA2B,YAAY;EAC7C,MAAM,cAAc,YAAY;AAEhC,MAAI,CAAC,yBAA0B,OAAM,IAAI,MAAM;AAC/C,MAAI,CAAC,YAAa,OAAM,IAAI,MAAM;AAElC,SAAO;GACL,SAAS;GACT;GACA;GACA;;UAEKA,OAAgB;EACvB,MAAM,UAAU,OAAQ,OAAiC,WAAW;AACpE,SAAO;GACL,SAAS;GACT;GACA,0BAA0B;GAC1B,aAAa;GACb,OAAO"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js CHANGED Viewed

@@ -1,15 +1,11 @@
-import { init_accountIds, toAccountId } from "../../../types/accountIds.js";
-import { WorkerRequestType, init_signer_worker, isDecryptPrivateKeyWithPrfSuccess } from "../../../types/signer-worker.js";
-import { init_validation, isObject } from "../../../WalletIframe/validation.js";
-import { getLastLoggedInDeviceNumber, init_getDeviceNumber } from "../getDeviceNumber.js";
+import { isObject } from "../../../../utils/validation.js";
+import { toAccountId } from "../../../types/accountIds.js";
+import { WorkerRequestType, isDecryptPrivateKeyWithPrfSuccess } from "../../../types/signer-worker.js";
+import { getLastLoggedInDeviceNumber } from "../getDeviceNumber.js";
 import { SecureConfirmationType } from "../../VrfWorkerManager/confirmTxFlow/types.js";
 import { runSecureConfirm } from "../../VrfWorkerManager/secureConfirmBridge.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.ts
-init_validation();
-init_accountIds();
-init_signer_worker();
-init_getDeviceNumber();
 /**
 * Two-phase export (worker-driven):
 *  - Phase 1: collect PRF (uiMode: 'skip') and derive WrapKeySeed in VRF worker
@@ -19,7 +15,7 @@ init_getDeviceNumber();
 async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, sessionId }) {
 	const accountId = toAccountId(nearAccountId);
 	const deviceNumber = await getLastLoggedInDeviceNumber(accountId, ctx.indexedDB.clientDB);
-	const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.getEncryptedKey(accountId, deviceNumber), ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber)]);
+	const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(accountId, deviceNumber), ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber)]);
 	const publicKey = user?.clientNearPublicKey || "";
 	if (!keyData || !publicKey) throw new Error("Missing local key material for export. Re-register to upgrade vault.");
 	const response = await ctx.sendMessage({
@@ -28,7 +24,7 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
 			type: WorkerRequestType.DecryptPrivateKeyWithPrf,
 			payload: {
 				nearAccountId: accountId,
-				encryptedPrivateKeyData: keyData.encryptedData,
+				encryptedPrivateKeyData: keyData.encryptedSk,
 				encryptedPrivateKeyChacha20NonceB64u: keyData.chacha20NonceB64u
 			}
 		}
@@ -41,7 +37,6 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
 	}
 	const privateKey = response.payload.privateKey;
 	const showReq = {
-		schemaVersion: 2,
 		requestId: sessionId,
 		type: SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI,
 		summary: {

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"exportNearKeypairUi.js","names":[],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.ts"],"sourcesContent":["import { isObject } from '~~../../../WalletIframe~~/validation';\nimport { AccountId, toAccountId } from '../../../types/accountIds';\nimport {\n WorkerRequestType,\n isDecryptPrivateKeyWithPrfSuccess,\n} from '../../../types/signer-worker';\nimport { runSecureConfirm } from '../../VrfWorkerManager/secureConfirmBridge';\nimport { SecureConfirmationType } from '../../VrfWorkerManager/confirmTxFlow/types';\nimport { SignerWorkerManagerContext } from '..';\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\n\n/*\n Two-phase export (worker-driven):\n * - Phase 1: collect PRF (uiMode: 'skip') and derive WrapKeySeed in VRF worker\n * - Decrypt inside signer worker (session-bound)\n * - Phase 2: show export UI with decrypted key (kept open until user closes)\n */\nexport async function exportNearKeypairUi({\n ctx,\n nearAccountId,\n variant,\n theme,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext;\n nearAccountId: AccountId;\n variant?: 'drawer' \| 'modal';\n theme?: 'dark' \| 'light';\n sessionId: string;\n}): Promise<void> {\n const accountId = toAccountId(nearAccountId);\n\n // Gather encrypted key + ChaCha20 nonce and public key from IndexedDB\n const deviceNumber = await getLastLoggedInDeviceNumber(accountId, ctx.indexedDB.clientDB);\n const [keyData, user] = await Promise.all([\n ctx.indexedDB.nearKeysDB.~~getEncryptedKey~~(accountId, deviceNumber),\n ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber),\n ]);\n const publicKey = user?.clientNearPublicKey \|\| '';\n if (!keyData \|\| !publicKey) {\n throw new Error('Missing local key material for export. Re-register to upgrade vault.');\n }\n\n // Decrypt inside signer worker using the reserved session\n const response = await ctx.sendMessage<WorkerRequestType.DecryptPrivateKeyWithPrf>({\n sessionId,\n message: {\n type: WorkerRequestType.DecryptPrivateKeyWithPrf,\n payload: {\n nearAccountId: accountId,\n encryptedPrivateKeyData: keyData.~~encryptedData~~,\n encryptedPrivateKeyChacha20NonceB64u: keyData.chacha20NonceB64u,\n },\n },\n });\n\n if (!isDecryptPrivateKeyWithPrfSuccess(response)) {\n console.error('WebAuthnManager: Export decrypt failed:', response);\n const payloadError = isObject(response?.payload) && response?.payload?.error;\n const msg = String(payloadError \|\| 'Export decrypt failed');\n throw new Error(msg);\n }\n\n const privateKey = response.payload.privateKey;\n\n // Phase 2: show secure UI (VRF-driven viewer)\n const showReq = {\n ~~schemaVersion: 2 as const,\n~~ requestId: sessionId,\n type: SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI,\n summary: {\n operation: 'Export Private Key' as const,\n accountId,\n publicKey,\n warning: 'Anyone with your private key can fully control your account. Never share it.',\n },\n payload: {\n nearAccountId: accountId,\n publicKey,\n privateKey,\n variant,\n theme,\n },\n };\n await runSecureConfirm(ctx, showReq);\n}\n"],"mappings":"~~;;;;;;;;;;;;;;;;;;~~AAiBA,eAAsB,oBAAoB,EACxC,KACA,eACA,SACA,OACA,aAOgB;CAChB,MAAM,YAAY,YAAY;CAG9B,MAAM,eAAe,MAAM,4BAA4B,WAAW,IAAI,UAAU;CAChF,MAAM,CAAC,SAAS,QAAQ,MAAM,QAAQ,IAAI,CACxC,IAAI,UAAU,WAAW,~~gBAAgB~~,WAAW,~~eACpD~~,IAAI,UAAU,SAAS,gBAAgB,WAAW;CAEpD,MAAM,YAAY,MAAM,uBAAuB;AAC/C,KAAI,CAAC,WAAW,CAAC,UACf,OAAM,IAAI,MAAM;CAIlB,MAAM,WAAW,MAAM,IAAI,YAAwD;EACjF;EACA,SAAS;GACP,MAAM,kBAAkB;GACxB,SAAS;IACP,eAAe;IACf,yBAAyB,QAAQ;IACjC,sCAAsC,QAAQ;;;;AAKpD,KAAI,CAAC,kCAAkC,WAAW;AAChD,UAAQ,MAAM,2CAA2C;EACzD,MAAM,eAAe,SAAS,UAAU,YAAY,UAAU,SAAS;EACvE,MAAM,MAAM,OAAO,gBAAgB;AACnC,QAAM,IAAI,MAAM;;CAGlB,MAAM,aAAa,SAAS,QAAQ;CAGpC,MAAM,UAAU;EACd,~~eAAe;EACf,~~WAAW;EACX,MAAM,uBAAuB;EAC7B,SAAS;GACP,WAAW;GACX;GACA;GACA,SAAS;;EAEX,SAAS;GACP,eAAe;GACf;GACA;GACA;GACA;;;AAGJ,OAAM,iBAAiB,KAAK"}
1	+ {"version":3,"file":"exportNearKeypairUi.js","names":[],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.ts"],"sourcesContent":["import { isObject } from '@/utils/validation';\nimport { AccountId, toAccountId } from '../../../types/accountIds';\nimport {\n WorkerRequestType,\n isDecryptPrivateKeyWithPrfSuccess,\n} from '../../../types/signer-worker';\nimport { runSecureConfirm } from '../../VrfWorkerManager/secureConfirmBridge';\nimport { SecureConfirmationType } from '../../VrfWorkerManager/confirmTxFlow/types';\nimport { SignerWorkerManagerContext } from '..';\nimport { getLastLoggedInDeviceNumber } from '../getDeviceNumber';\n\n/*\n Two-phase export (worker-driven):\n * - Phase 1: collect PRF (uiMode: 'skip') and derive WrapKeySeed in VRF worker\n * - Decrypt inside signer worker (session-bound)\n * - Phase 2: show export UI with decrypted key (kept open until user closes)\n */\nexport async function exportNearKeypairUi({\n ctx,\n nearAccountId,\n variant,\n theme,\n sessionId,\n}: {\n ctx: SignerWorkerManagerContext;\n nearAccountId: AccountId;\n variant?: 'drawer' \| 'modal';\n theme?: 'dark' \| 'light';\n sessionId: string;\n}): Promise<void> {\n const accountId = toAccountId(nearAccountId);\n\n // Gather encrypted key + ChaCha20 nonce and public key from IndexedDB\n const deviceNumber = await getLastLoggedInDeviceNumber(accountId, ctx.indexedDB.clientDB);\n const [keyData, user] = await Promise.all([\n ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(accountId, deviceNumber),\n ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber),\n ]);\n const publicKey = user?.clientNearPublicKey \|\| '';\n if (!keyData \|\| !publicKey) {\n throw new Error('Missing local key material for export. Re-register to upgrade vault.');\n }\n\n // Decrypt inside signer worker using the reserved session\n const response = await ctx.sendMessage<WorkerRequestType.DecryptPrivateKeyWithPrf>({\n sessionId,\n message: {\n type: WorkerRequestType.DecryptPrivateKeyWithPrf,\n payload: {\n nearAccountId: accountId,\n encryptedPrivateKeyData: keyData.encryptedSk,\n encryptedPrivateKeyChacha20NonceB64u: keyData.chacha20NonceB64u,\n },\n },\n });\n\n if (!isDecryptPrivateKeyWithPrfSuccess(response)) {\n console.error('WebAuthnManager: Export decrypt failed:', response);\n const payloadError = isObject(response?.payload) && response?.payload?.error;\n const msg = String(payloadError \|\| 'Export decrypt failed');\n throw new Error(msg);\n }\n\n const privateKey = response.payload.privateKey;\n\n // Phase 2: show secure UI (VRF-driven viewer)\n const showReq = {\n requestId: sessionId,\n type: SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI,\n summary: {\n operation: 'Export Private Key' as const,\n accountId,\n publicKey,\n warning: 'Anyone with your private key can fully control your account. Never share it.',\n },\n payload: {\n nearAccountId: accountId,\n publicKey,\n privateKey,\n variant,\n theme,\n },\n };\n await runSecureConfirm(ctx, showReq);\n}\n"],"mappings":";;;;;;;;;;;;;;AAiBA,eAAsB,oBAAoB,EACxC,KACA,eACA,SACA,OACA,aAOgB;CAChB,MAAM,YAAY,YAAY;CAG9B,MAAM,eAAe,MAAM,4BAA4B,WAAW,IAAI,UAAU;CAChF,MAAM,CAAC,SAAS,QAAQ,MAAM,QAAQ,IAAI,CACxC,IAAI,UAAU,WAAW,oBAAoB,WAAW,eACxD,IAAI,UAAU,SAAS,gBAAgB,WAAW;CAEpD,MAAM,YAAY,MAAM,uBAAuB;AAC/C,KAAI,CAAC,WAAW,CAAC,UACf,OAAM,IAAI,MAAM;CAIlB,MAAM,WAAW,MAAM,IAAI,YAAwD;EACjF;EACA,SAAS;GACP,MAAM,kBAAkB;GACxB,SAAS;IACP,eAAe;IACf,yBAAyB,QAAQ;IACjC,sCAAsC,QAAQ;;;;AAKpD,KAAI,CAAC,kCAAkC,WAAW;AAChD,UAAQ,MAAM,2CAA2C;EACzD,MAAM,eAAe,SAAS,UAAU,YAAY,UAAU,SAAS;EACvE,MAAM,MAAM,OAAO,gBAAgB;AACnC,QAAM,IAAI,MAAM;;CAGlB,MAAM,aAAa,SAAS,QAAQ;CAGpC,MAAM,UAAU;EACd,WAAW;EACX,MAAM,uBAAuB;EAC7B,SAAS;GACP,WAAW;GACX;GACA;GACA,SAAS;;EAEX,SAAS;GACP,eAAe;GACf;GACA;GACA;GACA;;;AAGJ,OAAM,iBAAiB,KAAK"}

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js CHANGED Viewed

@@ -1,7 +1,6 @@
-import { WorkerRequestType, init_signer_worker, isExtractCosePublicKeySuccess } from "../../../types/signer-worker.js";
+import { WorkerRequestType, isExtractCosePublicKeySuccess } from "../../../types/signer-worker.js";
 //#region src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.ts
-init_signer_worker();
 /**
 * Extract COSE public key from WebAuthn attestation object
 * Simple operation that doesn't require TouchID or progress updates

package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"extractCosePublicKey.js","names":["error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.ts"],"sourcesContent":["\nimport { WorkerRequestType, isExtractCosePublicKeySuccess } from '../../../types/signer-worker';\nimport { SignerWorkerManagerContext } from '..';\n\n\n/*\n Extract COSE public key from WebAuthn attestation object\n * Simple operation that doesn't require TouchID or progress updates\n */\nexport async function extractCosePublicKey({ ctx, attestationObjectBase64url }: {\n ctx: SignerWorkerManagerContext;\n attestationObjectBase64url: string;\n}): Promise<Uint8Array> {\n try {\n const response = await ctx.sendMessage<WorkerRequestType.ExtractCosePublicKey>({\n message: {\n type: WorkerRequestType.ExtractCosePublicKey,\n payload: {\n attestationObjectBase64url\n }\n }\n });\n\n if (isExtractCosePublicKeySuccess(response)) {\n return response.payload.cosePublicKeyBytes;\n } else {\n throw new Error('COSE public key extraction failed in WASM worker');\n }\n } catch (error: unknown) {\n throw error;\n }\n}\n"],"mappings":"~~;;;;;;;;~~AASA,eAAsB,qBAAqB,EAAE,KAAK,8BAG1B;AACtB,KAAI;EACF,MAAM,WAAW,MAAM,IAAI,YAAoD,EAC7E,SAAS;GACP,MAAM,kBAAkB;GACxB,SAAS,EACP;;AAKN,MAAI,8BAA8B,UAChC,QAAO,SAAS,QAAQ;MAExB,OAAM,IAAI,MAAM;UAEXA,OAAgB;AACvB,QAAM"}
1	+ {"version":3,"file":"extractCosePublicKey.js","names":["error: unknown"],"sources":["../../../../../../src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.ts"],"sourcesContent":["\nimport { WorkerRequestType, isExtractCosePublicKeySuccess } from '../../../types/signer-worker';\nimport { SignerWorkerManagerContext } from '..';\n\n\n/*\n Extract COSE public key from WebAuthn attestation object\n * Simple operation that doesn't require TouchID or progress updates\n */\nexport async function extractCosePublicKey({ ctx, attestationObjectBase64url }: {\n ctx: SignerWorkerManagerContext;\n attestationObjectBase64url: string;\n}): Promise<Uint8Array> {\n try {\n const response = await ctx.sendMessage<WorkerRequestType.ExtractCosePublicKey>({\n message: {\n type: WorkerRequestType.ExtractCosePublicKey,\n payload: {\n attestationObjectBase64url\n }\n }\n });\n\n if (isExtractCosePublicKeySuccess(response)) {\n return response.payload.cosePublicKeyBytes;\n } else {\n throw new Error('COSE public key extraction failed in WASM worker');\n }\n } catch (error: unknown) {\n throw error;\n }\n}\n"],"mappings":";;;;;;;AASA,eAAsB,qBAAqB,EAAE,KAAK,8BAG1B;AACtB,KAAI;EACF,MAAM,WAAW,MAAM,IAAI,YAAoD,EAC7E,SAAS;GACP,MAAM,kBAAkB;GACxB,SAAS,EACP;;AAKN,MAAI,8BAA8B,UAChC,QAAO,SAAS,QAAQ;MAExB,OAAM,IAAI,MAAM;UAEXA,OAAgB;AACvB,QAAM"}