@tatchi-xyz/sdk 0.21.0 → 0.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/cjs/_virtual/rolldown_runtime.js +0 -13
- package/dist/cjs/base-styles.js +0 -1
- package/dist/cjs/base-styles.js.map +1 -1
- package/dist/cjs/build-paths.js +0 -1
- package/dist/cjs/build-paths.js.map +1 -1
- package/dist/cjs/config.js +0 -1
- package/dist/cjs/config.js.map +1 -1
- package/dist/cjs/core/ChainsigAddressManager/index.js +0 -3
- package/dist/cjs/core/ChainsigAddressManager/index.js.map +1 -1
- package/dist/cjs/core/EmailRecovery/emailRecoveryPendingStore.js +48 -60
- package/dist/cjs/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -1
- package/dist/cjs/core/EmailRecovery/index.js +19 -34
- package/dist/cjs/core/EmailRecovery/index.js.map +1 -1
- package/dist/cjs/core/ExtensionWallet/detect.js +0 -1
- package/dist/cjs/core/ExtensionWallet/detect.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/index.js +85 -92
- package/dist/cjs/core/IndexedDBManager/index.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/passkeyClientDB.js +648 -646
- package/dist/cjs/core/IndexedDBManager/passkeyClientDB.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/passkeyNearKeysDB.js +223 -154
- package/dist/cjs/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -1
- package/dist/cjs/core/NearClient.js +9 -8
- package/dist/cjs/core/NearClient.js.map +1 -1
- package/dist/cjs/core/NearRpcError.js +0 -1
- package/dist/cjs/core/NearRpcError.js.map +1 -1
- package/dist/cjs/core/OfflineExport/overlay.js +0 -1
- package/dist/cjs/core/OfflineExport/overlay.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/actions.js +86 -132
- package/dist/cjs/core/TatchiPasskey/actions.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/delegateAction.js +4 -4
- package/dist/cjs/core/TatchiPasskey/delegateAction.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/emailRecovery.js +866 -852
- package/dist/cjs/core/TatchiPasskey/emailRecovery.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/faucets/createAccountRelayServer.js +23 -12
- package/dist/cjs/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/index.js +128 -91
- package/dist/cjs/core/TatchiPasskey/index.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/linkDevice.js +85 -30
- package/dist/cjs/core/TatchiPasskey/linkDevice.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/login.js +371 -192
- package/dist/cjs/core/TatchiPasskey/login.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/registration.js +131 -30
- package/dist/cjs/core/TatchiPasskey/registration.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/relay.js +0 -2
- package/dist/cjs/core/TatchiPasskey/relay.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/scanDevice.js +2 -9
- package/dist/cjs/core/TatchiPasskey/scanDevice.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/signNEP413.js +12 -5
- package/dist/cjs/core/TatchiPasskey/signNEP413.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/cjs/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/cjs/core/WalletIframe/client/IframeTransport.js +166 -134
- package/dist/cjs/core/WalletIframe/client/IframeTransport.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/on-events-progress-bus.js +4 -6
- package/dist/cjs/core/WalletIframe/client/on-events-progress-bus.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/overlay-controller.js +0 -1
- package/dist/cjs/core/WalletIframe/client/overlay-controller.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/overlay-styles.js +0 -1
- package/dist/cjs/core/WalletIframe/client/overlay-styles.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/router.js +204 -170
- package/dist/cjs/core/WalletIframe/client/router.js.map +1 -1
- package/dist/cjs/core/WalletIframe/events.js +0 -1
- package/dist/cjs/core/WalletIframe/events.js.map +1 -1
- package/dist/cjs/core/WalletIframe/host-mode.js +4 -1
- package/dist/cjs/core/WalletIframe/host-mode.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +1 -2
- package/dist/cjs/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +5 -15
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/LitElementWithProps.js +22 -18
- package/dist/cjs/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/index.js +1 -2
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +1 -3
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/asset-base.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/common/formatters.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui.js +3 -5
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/ensure-defined.js +1 -6
- package/dist/cjs/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/lit-events.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/tags.js +0 -31
- package/dist/cjs/core/WebAuthnManager/LitComponents/tags.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -11
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +10 -14
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +5 -9
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +6 -8
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +46 -0
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +3 -8
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +13 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +204 -48
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +170 -30
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +3 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +274 -86
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +5 -12
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/index.js +15 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +15 -5
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +1 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +1 -6
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +1 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +30 -7
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +7 -30
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -3
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +38 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +27 -6
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -3
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +19 -17
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +0 -2
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +8 -6
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +17 -15
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +6 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +36 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +6 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/index.js +37 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +54 -65
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/cjs/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/credentialsHelpers.js +18 -26
- package/dist/cjs/core/WebAuthnManager/credentialsHelpers.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/index.js +352 -50
- package/dist/cjs/core/WebAuthnManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/cjs/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/cjs/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/touchIdPrompt.js +200 -211
- package/dist/cjs/core/WebAuthnManager/touchIdPrompt.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/userHandle.js +0 -4
- package/dist/cjs/core/WebAuthnManager/userHandle.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/userPreferences.js +119 -37
- package/dist/cjs/core/WebAuthnManager/userPreferences.js.map +1 -1
- package/dist/cjs/core/defaultConfigs.js +55 -57
- package/dist/cjs/core/defaultConfigs.js.map +1 -1
- package/dist/cjs/core/digests/intentDigest.js +100 -0
- package/dist/cjs/core/digests/intentDigest.js.map +1 -0
- package/dist/cjs/core/nearCrypto.js +3 -30
- package/dist/cjs/core/nearCrypto.js.map +1 -1
- package/dist/cjs/core/nonceManager.js +6 -16
- package/dist/cjs/core/nonceManager.js.map +1 -1
- package/dist/cjs/core/rpcCalls.js +263 -24
- package/dist/cjs/core/rpcCalls.js.map +1 -1
- package/dist/cjs/core/sdkPaths/base.js +0 -1
- package/dist/cjs/core/sdkPaths/base.js.map +1 -1
- package/dist/cjs/core/sdkPaths/workers.js +7 -6
- package/dist/cjs/core/sdkPaths/workers.js.map +1 -1
- package/dist/cjs/core/threshold/thresholdEd25519AuthSession.js +145 -0
- package/dist/cjs/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/cjs/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/cjs/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/cjs/core/threshold/thresholdSessionPolicy.js +67 -0
- package/dist/cjs/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/cjs/core/types/accountIds.js +0 -11
- package/dist/cjs/core/types/accountIds.js.map +1 -1
- package/dist/cjs/core/types/actions.js +18 -27
- package/dist/cjs/core/types/actions.js.map +1 -1
- package/dist/cjs/core/types/emailRecovery.js +25 -26
- package/dist/cjs/core/types/emailRecovery.js.map +1 -1
- package/dist/cjs/core/types/linkDevice.js +0 -1
- package/dist/cjs/core/types/linkDevice.js.map +1 -1
- package/dist/cjs/core/types/rpc.js +9 -19
- package/dist/cjs/core/types/rpc.js.map +1 -1
- package/dist/cjs/core/types/sdkSentEvents.js +107 -118
- package/dist/cjs/core/types/sdkSentEvents.js.map +1 -1
- package/dist/cjs/core/types/signer-worker.js +94 -18
- package/dist/cjs/core/types/signer-worker.js.map +1 -1
- package/dist/cjs/core/types/vrf-worker.js +3 -13
- package/dist/cjs/core/types/vrf-worker.js.map +1 -1
- package/dist/cjs/core/workerControlMessages.js +0 -1
- package/dist/cjs/core/workerControlMessages.js.map +1 -1
- package/dist/cjs/index.js +9 -25
- package/dist/cjs/plugins/headers.js +3 -11
- package/dist/cjs/plugins/headers.js.map +1 -1
- package/dist/cjs/plugins/next.js +21 -11
- package/dist/cjs/plugins/next.js.map +1 -1
- package/dist/cjs/plugins/plugin-utils.js +1 -7
- package/dist/cjs/plugins/plugin-utils.js.map +1 -1
- package/dist/cjs/plugins/utils/validation.js +29 -0
- package/dist/cjs/plugins/utils/validation.js.map +1 -0
- package/dist/cjs/plugins/vite.js +18 -11
- package/dist/cjs/plugins/vite.js.map +1 -1
- package/dist/cjs/react/_virtual/rolldown_runtime.js +0 -13
- package/dist/cjs/react/build-paths.js +54 -0
- package/dist/cjs/react/build-paths.js.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-C-RBcCPI.css +452 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-C-RBcCPI.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal2.js +6 -5
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal2.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BCW8a1XS.css +120 -0
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BCW8a1XS.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown2.js +3 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown2.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/TransactionSettingsSection.js +35 -1
- package/dist/cjs/react/components/AccountMenuButton/TransactionSettingsSection.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-QsQWyQ9D.css +77 -0
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-QsQWyQ9D.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-BRVcqcso.css +41 -0
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-BRVcqcso.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/index.js +25 -4
- package/dist/cjs/react/components/AccountMenuButton/index.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/types.js +0 -1
- package/dist/cjs/react/components/AccountMenuButton/types.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-CRlobBrN.css +1009 -0
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-CRlobBrN.css.map +1 -0
- package/dist/cjs/react/components/PasskeyAuthMenu/adapters/tatchi.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/adapters/tatchi.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/authMenuTypes.js +2 -3
- package/dist/cjs/react/components/PasskeyAuthMenu/authMenuTypes.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/client.js +10 -10
- package/dist/cjs/react/components/PasskeyAuthMenu/client.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/mode.js +4 -4
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/mode.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/proceedEligibility.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/proceedEligibility.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js +3 -3
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/useSDKEvents.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/features/recentLoginPrefill.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/features/recentLoginPrefill.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/passkeyAuthMenuCompat.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/passkeyAuthMenuCompat.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/preload.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/preload.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/skeleton.js +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/skeleton.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js +275 -366
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js.map +1 -1
- package/dist/cjs/react/components/ShowQRCode-DGCJv1Cw.css +113 -0
- package/dist/cjs/react/components/ShowQRCode-DGCJv1Cw.css.map +1 -0
- package/dist/cjs/react/components/ShowQRCode2.js +1 -2
- package/dist/cjs/react/components/ShowQRCode2.js.map +1 -1
- package/dist/cjs/react/components/theme/ThemeProvider.js +18 -18
- package/dist/cjs/react/components/theme/ThemeProvider.js.map +1 -1
- package/dist/cjs/react/components/theme/design-tokens.js +1 -2
- package/dist/cjs/react/components/theme/design-tokens.js.map +1 -1
- package/dist/cjs/react/components/theme/utils.js +0 -1
- package/dist/cjs/react/components/theme/utils.js.map +1 -1
- package/dist/cjs/react/context/tatchiManagerSingleton.js +2 -4
- package/dist/cjs/react/context/tatchiManagerSingleton.js.map +1 -1
- package/dist/cjs/react/context/useLoginStateRefresher.js +1 -2
- package/dist/cjs/react/context/useLoginStateRefresher.js.map +1 -1
- package/dist/cjs/react/context/useTatchiContextValue.js +17 -9
- package/dist/cjs/react/context/useTatchiContextValue.js.map +1 -1
- package/dist/cjs/react/context/useTatchiWithSdkFlow.js +9 -10
- package/dist/cjs/react/context/useTatchiWithSdkFlow.js.map +1 -1
- package/dist/cjs/react/context/useWalletIframeLifecycle.js +1 -2
- package/dist/cjs/react/context/useWalletIframeLifecycle.js.map +1 -1
- package/dist/cjs/react/deviceDetection.js +92 -81
- package/dist/cjs/react/deviceDetection.js.map +1 -1
- package/dist/cjs/react/hooks/useAccountInput.js +1 -2
- package/dist/cjs/react/hooks/useAccountInput.js.map +1 -1
- package/dist/cjs/react/hooks/useDeviceLinking.js +1 -1
- package/dist/cjs/react/hooks/useNearClient.js +2 -3
- package/dist/cjs/react/hooks/useNearClient.js.map +1 -1
- package/dist/cjs/react/hooks/usePreconnectWalletAssets.js +1 -1
- package/dist/cjs/react/hooks/useQRCamera.js +1 -2
- package/dist/cjs/react/hooks/useQRCamera.js.map +1 -1
- package/dist/cjs/react/hooks/useQRFileUpload.js +1 -1
- package/dist/cjs/react/index.js +7 -20
- package/dist/cjs/react/src/base-styles.js +20 -0
- package/dist/cjs/react/src/base-styles.js.map +1 -0
- package/dist/cjs/react/src/config.js +34 -0
- package/dist/cjs/react/src/config.js.map +1 -0
- package/dist/cjs/react/src/core/ChainsigAddressManager/index.js +27 -0
- package/dist/cjs/react/src/core/ChainsigAddressManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/EmailRecovery/emailRecoveryPendingStore.js +57 -0
- package/dist/cjs/react/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -0
- package/dist/cjs/react/src/core/EmailRecovery/index.js +99 -0
- package/dist/cjs/react/src/core/EmailRecovery/index.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/index.js +133 -0
- package/dist/cjs/react/src/core/IndexedDBManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyClientDB.js +687 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyClientDB.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyNearKeysDB.js +261 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -0
- package/dist/cjs/react/src/core/NearClient.js +274 -0
- package/dist/cjs/react/src/core/NearClient.js.map +1 -0
- package/dist/cjs/react/src/core/NearRpcError.js +115 -0
- package/dist/cjs/react/src/core/NearRpcError.js.map +1 -0
- package/dist/cjs/react/src/core/OfflineExport/overlay.js +55 -0
- package/dist/cjs/react/src/core/OfflineExport/overlay.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/actions.js +406 -0
- package/dist/cjs/react/src/core/TatchiPasskey/actions.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/delegateAction.js +76 -0
- package/dist/cjs/react/src/core/TatchiPasskey/delegateAction.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/emailRecovery.js +933 -0
- package/dist/cjs/react/src/core/TatchiPasskey/emailRecovery.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +108 -0
- package/dist/cjs/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/index.js +1335 -0
- package/dist/cjs/react/src/core/TatchiPasskey/index.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/linkDevice.js +766 -0
- package/dist/cjs/react/src/core/TatchiPasskey/linkDevice.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/login.js +757 -0
- package/dist/cjs/react/src/core/TatchiPasskey/login.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/registration.js +441 -0
- package/dist/cjs/react/src/core/TatchiPasskey/registration.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/relay.js +110 -0
- package/dist/cjs/react/src/core/TatchiPasskey/relay.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/scanDevice.js +99 -0
- package/dist/cjs/react/src/core/TatchiPasskey/scanDevice.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/signNEP413.js +96 -0
- package/dist/cjs/react/src/core/TatchiPasskey/signNEP413.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/cjs/react/src/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/IframeTransport.js +362 -0
- package/dist/cjs/react/src/core/WalletIframe/client/IframeTransport.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/on-events-progress-bus.js +208 -0
- package/dist/cjs/react/src/core/WalletIframe/client/on-events-progress-bus.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-controller.js +99 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-controller.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-styles.js +127 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-styles.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/router.js +1096 -0
- package/dist/cjs/react/src/core/WalletIframe/client/router.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/events.js +10 -0
- package/dist/cjs/react/src/core/WalletIframe/events.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/host-mode.js +14 -0
- package/dist/cjs/react/src/core/WalletIframe/host-mode.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js +660 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +222 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js +135 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +189 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +248 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +261 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +281 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +260 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +146 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js +502 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +211 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +181 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/asset-base.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +55 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/formatters.js +67 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js +9 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js +219 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js +109 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js +19 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/lit-events.js +34 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/tags.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/tags.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +28 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +67 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +71 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +46 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +64 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +121 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +16 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +261 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +220 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +57 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +302 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +75 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/index.js +457 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +93 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +58 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +51 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +31 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +46 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +53 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +76 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +87 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +17 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +63 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +124 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +157 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +175 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +117 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +21 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +54 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +32 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +30 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +158 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +61 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +80 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +61 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +44 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +53 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +30 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +27 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +29 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +41 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/index.js +408 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +25 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +199 -0
- package/dist/cjs/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/cjs/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/credentialsHelpers.js +293 -0
- package/dist/cjs/react/src/core/WebAuthnManager/credentialsHelpers.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/index.js +1192 -0
- package/dist/cjs/react/src/core/WebAuthnManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/touchIdPrompt.js +271 -0
- package/dist/cjs/react/src/core/WebAuthnManager/touchIdPrompt.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userHandle.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userHandle.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userPreferences.js +390 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userPreferences.js.map +1 -0
- package/dist/cjs/react/src/core/defaultConfigs.js +108 -0
- package/dist/cjs/react/src/core/defaultConfigs.js.map +1 -0
- package/dist/cjs/react/src/core/digests/intentDigest.js +100 -0
- package/dist/cjs/react/src/core/digests/intentDigest.js.map +1 -0
- package/dist/cjs/react/src/core/nearCrypto.js +30 -0
- package/dist/cjs/react/src/core/nearCrypto.js.map +1 -0
- package/dist/cjs/react/src/core/nonceManager.js +393 -0
- package/dist/cjs/react/src/core/nonceManager.js.map +1 -0
- package/dist/cjs/react/src/core/rpcCalls.js +685 -0
- package/dist/cjs/react/src/core/rpcCalls.js.map +1 -0
- package/dist/cjs/react/src/core/sdkPaths/base.js +48 -0
- package/dist/cjs/react/src/core/sdkPaths/base.js.map +1 -0
- package/dist/cjs/react/src/core/sdkPaths/workers.js +46 -0
- package/dist/cjs/react/src/core/sdkPaths/workers.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519AuthSession.js +145 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdSessionPolicy.js +67 -0
- package/dist/cjs/react/src/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/cjs/react/src/core/types/accountIds.js +24 -0
- package/dist/cjs/react/src/core/types/accountIds.js.map +1 -0
- package/dist/cjs/react/src/core/types/actions.js +265 -0
- package/dist/cjs/react/src/core/types/actions.js.map +1 -0
- package/dist/cjs/react/src/core/types/authenticatorOptions.js +51 -0
- package/dist/cjs/react/src/core/types/authenticatorOptions.js.map +1 -0
- package/dist/cjs/react/src/core/types/emailRecovery.js +32 -0
- package/dist/cjs/react/src/core/types/emailRecovery.js.map +1 -0
- package/dist/cjs/react/src/core/types/linkDevice.js +24 -0
- package/dist/cjs/react/src/core/types/linkDevice.js.map +1 -0
- package/dist/cjs/react/src/core/types/rpc.js +15 -0
- package/dist/cjs/react/src/core/types/rpc.js.map +1 -0
- package/dist/cjs/react/src/core/types/sdkSentEvents.js +122 -0
- package/dist/cjs/react/src/core/types/sdkSentEvents.js.map +1 -0
- package/dist/cjs/react/src/core/types/signer-worker.js +145 -0
- package/dist/cjs/react/src/core/types/signer-worker.js.map +1 -0
- package/dist/cjs/react/src/core/types/vrf-worker.js +64 -0
- package/dist/cjs/react/src/core/types/vrf-worker.js.map +1 -0
- package/dist/cjs/react/src/core/workerControlMessages.js +20 -0
- package/dist/cjs/react/src/core/workerControlMessages.js.map +1 -0
- package/dist/cjs/react/src/theme/base-styles.js +156 -0
- package/dist/cjs/react/src/theme/base-styles.js.map +1 -0
- package/dist/cjs/react/src/theme/palette.js +208 -0
- package/dist/cjs/react/src/theme/palette.js.map +1 -0
- package/dist/cjs/react/src/threshold/participants.js +78 -0
- package/dist/cjs/react/src/threshold/participants.js.map +1 -0
- package/dist/cjs/react/src/utils/base58.js +21 -0
- package/dist/cjs/react/src/utils/base58.js.map +1 -0
- package/dist/cjs/react/src/utils/base64.js +71 -0
- package/dist/cjs/react/src/utils/base64.js.map +1 -0
- package/dist/cjs/react/src/utils/digests.js +28 -0
- package/dist/cjs/react/src/utils/digests.js.map +1 -0
- package/dist/cjs/react/src/utils/errors.js +141 -0
- package/dist/cjs/react/src/utils/errors.js.map +1 -0
- package/dist/cjs/react/src/utils/qrScanner.js +319 -0
- package/dist/cjs/react/src/utils/qrScanner.js.map +1 -0
- package/dist/cjs/react/src/utils/validation.js +160 -0
- package/dist/cjs/react/src/utils/validation.js.map +1 -0
- package/dist/cjs/react/utils/walletIframe.js +0 -1
- package/dist/cjs/react/utils/walletIframe.js.map +1 -1
- package/dist/cjs/server/core/AuthService.js +138 -59
- package/dist/cjs/server/core/AuthService.js.map +1 -1
- package/dist/cjs/server/core/SessionService.js.map +1 -1
- package/dist/cjs/server/core/ShamirService.js +1 -1
- package/dist/cjs/server/core/ShamirService.js.map +1 -1
- package/dist/cjs/server/core/ThresholdService/ThresholdSigningService.js +978 -0
- package/dist/cjs/server/core/ThresholdService/ThresholdSigningService.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/config.js +102 -0
- package/dist/cjs/server/core/ThresholdService/config.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/coordinatorGrant.js +201 -0
- package/dist/cjs/server/core/ThresholdService/coordinatorGrant.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/cosigners.js +282 -0
- package/dist/cjs/server/core/ThresholdService/cosigners.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/createThresholdSigningService.js +98 -0
- package/dist/cjs/server/core/ThresholdService/createThresholdSigningService.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/keygenStrategy.js +116 -0
- package/dist/cjs/server/core/ThresholdService/keygenStrategy.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/kv.js +340 -0
- package/dist/cjs/server/core/ThresholdService/kv.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/relayerKeyMaterial.js +66 -0
- package/dist/cjs/server/core/ThresholdService/relayerKeyMaterial.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/signingHandlers.js +1179 -0
- package/dist/cjs/server/core/ThresholdService/signingHandlers.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/AuthSessionStore.js +258 -0
- package/dist/cjs/server/core/ThresholdService/stores/AuthSessionStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/KeyStore.js +136 -0
- package/dist/cjs/server/core/ThresholdService/stores/KeyStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/SessionStore.js +228 -0
- package/dist/cjs/server/core/ThresholdService/stores/SessionStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/validation.js +558 -0
- package/dist/cjs/server/core/ThresholdService/validation.js.map +1 -0
- package/dist/cjs/server/core/config.js +25 -18
- package/dist/cjs/server/core/config.js.map +1 -1
- package/dist/cjs/server/core/errors.js +3 -1
- package/dist/cjs/server/core/errors.js.map +1 -1
- package/dist/cjs/server/core/logger.js +2 -1
- package/dist/cjs/server/core/logger.js.map +1 -1
- package/dist/cjs/server/core/nearKeys.js +15 -0
- package/dist/cjs/server/core/nearKeys.js.map +1 -0
- package/dist/cjs/server/core/shamirHandlers.js +1 -1
- package/dist/cjs/server/core/shamirHandlers.js.map +1 -1
- package/dist/cjs/server/core/shamirWorker.js +94 -0
- package/dist/cjs/server/core/shamirWorker.js.map +1 -1
- package/dist/cjs/server/core/utils.js +1 -1
- package/dist/cjs/server/core/utils.js.map +1 -1
- package/dist/cjs/server/delegateAction/index.js.map +1 -1
- package/dist/cjs/server/email-recovery/emailEncryptor.js +1 -1
- package/dist/cjs/server/email-recovery/emailParsers.js +5 -5
- package/dist/cjs/server/email-recovery/emailParsers.js.map +1 -1
- package/dist/cjs/server/email-recovery/index.js +10 -5
- package/dist/cjs/server/email-recovery/index.js.map +1 -1
- package/dist/cjs/server/email-recovery/rpcCalls.js +2 -4
- package/dist/cjs/server/email-recovery/rpcCalls.js.map +1 -1
- package/dist/cjs/server/email-recovery/zkEmail/proverClient.js +2 -4
- package/dist/cjs/server/email-recovery/zkEmail/proverClient.js.map +1 -1
- package/dist/cjs/server/index.js +8 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js +244 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js +401 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js.map +1 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js +369 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js +52 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js +35 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js +20 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js +65 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js.map +1 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js +223 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js +17 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js.map +1 -1
- package/dist/cjs/server/router/cloudflare.js +1117 -684
- package/dist/cjs/server/router/cloudflare.js.map +1 -1
- package/dist/cjs/server/router/express.js +812 -350
- package/dist/cjs/server/router/express.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/NearClient.js +8 -1
- package/dist/cjs/server/sdk/src/core/NearClient.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/defaultConfigs.js +7 -0
- package/dist/cjs/server/sdk/src/core/defaultConfigs.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/nearCrypto.js +3 -36
- package/dist/cjs/server/sdk/src/core/nearCrypto.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/types/actions.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/types/rpc.js +1 -0
- package/dist/cjs/server/sdk/src/core/types/rpc.js.map +1 -1
- package/dist/cjs/server/sdk/src/threshold/participants.js +28 -0
- package/dist/cjs/server/sdk/src/threshold/participants.js.map +1 -0
- package/dist/cjs/server/sdk/src/utils/base64.js +34 -0
- package/dist/cjs/server/sdk/src/utils/base64.js.map +1 -1
- package/dist/cjs/server/sdk/src/utils/digests.js +28 -0
- package/dist/cjs/server/sdk/src/utils/digests.js.map +1 -0
- package/dist/cjs/server/sdk/src/utils/errors.js +18 -0
- package/dist/cjs/server/sdk/src/utils/errors.js.map +1 -1
- package/dist/cjs/server/sdk/src/utils/validation.js +95 -0
- package/dist/cjs/server/sdk/src/utils/validation.js.map +1 -0
- package/dist/cjs/theme/base-styles.js +0 -1
- package/dist/cjs/theme/base-styles.js.map +1 -1
- package/dist/cjs/theme/palette.js +0 -1
- package/dist/cjs/theme/palette.js.map +1 -1
- package/dist/cjs/threshold/participants.js +78 -0
- package/dist/cjs/threshold/participants.js.map +1 -0
- package/dist/cjs/utils/base58.js +12 -15
- package/dist/cjs/utils/base58.js.map +1 -1
- package/dist/cjs/utils/base64.js +32 -20
- package/dist/cjs/utils/base64.js.map +1 -1
- package/dist/cjs/utils/digests.js +28 -0
- package/dist/cjs/utils/digests.js.map +1 -0
- package/dist/cjs/utils/errors.js +0 -10
- package/dist/cjs/utils/errors.js.map +1 -1
- package/dist/cjs/utils/validation.js +102 -9
- package/dist/cjs/utils/validation.js.map +1 -1
- package/dist/esm/core/ChainsigAddressManager/index.js +2 -4
- package/dist/esm/core/ChainsigAddressManager/index.js.map +1 -1
- package/dist/esm/core/EmailRecovery/emailRecoveryPendingStore.js +50 -56
- package/dist/esm/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -1
- package/dist/esm/core/EmailRecovery/index.js +23 -32
- package/dist/esm/core/EmailRecovery/index.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/index.js +88 -89
- package/dist/esm/core/IndexedDBManager/index.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/passkeyClientDB.js +652 -645
- package/dist/esm/core/IndexedDBManager/passkeyClientDB.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/passkeyNearKeysDB.js +224 -150
- package/dist/esm/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -1
- package/dist/esm/core/NearClient.js +10 -8
- package/dist/esm/core/NearClient.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/actions.js +89 -134
- package/dist/esm/core/TatchiPasskey/actions.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/delegateAction.js +7 -6
- package/dist/esm/core/TatchiPasskey/delegateAction.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/emailRecovery.js +875 -850
- package/dist/esm/core/TatchiPasskey/emailRecovery.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/faucets/createAccountRelayServer.js +26 -14
- package/dist/esm/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/index.js +124 -87
- package/dist/esm/core/TatchiPasskey/index.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/linkDevice.js +91 -35
- package/dist/esm/core/TatchiPasskey/linkDevice.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/login.js +377 -192
- package/dist/esm/core/TatchiPasskey/login.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/registration.js +134 -32
- package/dist/esm/core/TatchiPasskey/registration.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/relay.js +1 -2
- package/dist/esm/core/TatchiPasskey/relay.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/scanDevice.js +4 -10
- package/dist/esm/core/TatchiPasskey/scanDevice.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/signNEP413.js +13 -5
- package/dist/esm/core/TatchiPasskey/signNEP413.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/esm/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/esm/core/WalletIframe/client/IframeTransport.js +167 -134
- package/dist/esm/core/WalletIframe/client/IframeTransport.js.map +1 -1
- package/dist/esm/core/WalletIframe/client/on-events-progress-bus.js +5 -6
- package/dist/esm/core/WalletIframe/client/on-events-progress-bus.js.map +1 -1
- package/dist/esm/core/WalletIframe/client/router.js +205 -170
- package/dist/esm/core/WalletIframe/client/router.js.map +1 -1
- package/dist/esm/core/WalletIframe/host-mode.js +4 -0
- package/dist/esm/core/WalletIframe/host-mode.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +4 -14
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/LitElementWithProps.js +22 -18
- package/dist/esm/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/index.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js +2 -3
- package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js +2 -6
- package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/tags.js +1 -26
- package/dist/esm/core/WebAuthnManager/LitComponents/tags.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +2 -7
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +13 -16
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +8 -12
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +9 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +44 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +6 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +1 -2
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +1 -2
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +14 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +1 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +208 -52
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +172 -32
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +4 -10
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +278 -90
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +8 -14
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/index.js +18 -12
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +15 -4
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +2 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +2 -6
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +1 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +31 -7
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +7 -29
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -2
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +39 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +29 -7
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +1 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +23 -20
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +1 -2
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +9 -6
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +14 -11
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +7 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +37 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +7 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/index.js +37 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +55 -61
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/esm/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/credentialsHelpers.js +19 -21
- package/dist/esm/core/WebAuthnManager/credentialsHelpers.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/index.js +356 -53
- package/dist/esm/core/WebAuthnManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/esm/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/esm/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/touchIdPrompt.js +203 -208
- package/dist/esm/core/WebAuthnManager/touchIdPrompt.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/userHandle.js +1 -4
- package/dist/esm/core/WebAuthnManager/userHandle.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/userPreferences.js +121 -38
- package/dist/esm/core/WebAuthnManager/userPreferences.js.map +1 -1
- package/dist/esm/core/defaultConfigs.js +54 -52
- package/dist/esm/core/defaultConfigs.js.map +1 -1
- package/dist/esm/core/digests/intentDigest.js +95 -0
- package/dist/esm/core/digests/intentDigest.js.map +1 -0
- package/dist/esm/core/nearCrypto.js +2 -23
- package/dist/esm/core/nearCrypto.js.map +1 -1
- package/dist/esm/core/nonceManager.js +7 -16
- package/dist/esm/core/nonceManager.js.map +1 -1
- package/dist/esm/core/rpcCalls.js +264 -23
- package/dist/esm/core/rpcCalls.js.map +1 -1
- package/dist/esm/core/sdkPaths/workers.js +7 -5
- package/dist/esm/core/sdkPaths/workers.js.map +1 -1
- package/dist/esm/core/threshold/thresholdEd25519AuthSession.js +140 -0
- package/dist/esm/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/esm/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/esm/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/esm/core/threshold/thresholdSessionPolicy.js +65 -0
- package/dist/esm/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/esm/core/types/accountIds.js +2 -7
- package/dist/esm/core/types/accountIds.js.map +1 -1
- package/dist/esm/core/types/actions.js +19 -22
- package/dist/esm/core/types/actions.js.map +1 -1
- package/dist/esm/core/types/emailRecovery.js +25 -22
- package/dist/esm/core/types/emailRecovery.js.map +1 -1
- package/dist/esm/core/types/rpc.js +10 -15
- package/dist/esm/core/types/rpc.js.map +1 -1
- package/dist/esm/core/types/sdkSentEvents.js +106 -112
- package/dist/esm/core/types/sdkSentEvents.js.map +1 -1
- package/dist/esm/core/types/signer-worker.js +88 -14
- package/dist/esm/core/types/signer-worker.js.map +1 -1
- package/dist/esm/core/types/vrf-worker.js +4 -8
- package/dist/esm/core/types/vrf-worker.js.map +1 -1
- package/dist/esm/index.js +11 -26
- package/dist/esm/plugins/headers.js +4 -11
- package/dist/esm/plugins/headers.js.map +1 -1
- package/dist/esm/plugins/next.js +21 -11
- package/dist/esm/plugins/next.js.map +1 -1
- package/dist/esm/plugins/plugin-utils.js +2 -7
- package/dist/esm/plugins/plugin-utils.js.map +1 -1
- package/dist/esm/plugins/utils/validation.js +27 -0
- package/dist/esm/plugins/utils/validation.js.map +1 -0
- package/dist/esm/plugins/vite.js +19 -12
- package/dist/esm/plugins/vite.js.map +1 -1
- package/dist/esm/react/build-paths.js.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BCrFe5p3.css +452 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BCrFe5p3.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal2.js +6 -5
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal2.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-CRJrtxDb.css +120 -0
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-CRJrtxDb.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown2.js +3 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown2.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/TransactionSettingsSection.js +35 -1
- package/dist/esm/react/components/AccountMenuButton/TransactionSettingsSection.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-DXFRw8ND.css +77 -0
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-DXFRw8ND.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-DNgbAK_i.css +41 -0
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-DNgbAK_i.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/index.js +26 -5
- package/dist/esm/react/components/AccountMenuButton/index.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/types.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-D2VHZ04W.css +1009 -0
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-D2VHZ04W.css.map +1 -0
- package/dist/esm/react/components/PasskeyAuthMenu/authMenuTypes.js +2 -2
- package/dist/esm/react/components/PasskeyAuthMenu/authMenuTypes.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/client.js +10 -10
- package/dist/esm/react/components/PasskeyAuthMenu/client.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/mode.js +4 -4
- package/dist/esm/react/components/PasskeyAuthMenu/controller/mode.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js +3 -3
- package/dist/esm/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/useSDKEvents.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/skeleton.js +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/skeleton.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js +275 -366
- package/dist/esm/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js.map +1 -1
- package/dist/esm/react/components/ShowQRCode-CL4gsszN.css +113 -0
- package/dist/esm/react/components/ShowQRCode-CL4gsszN.css.map +1 -0
- package/dist/esm/react/components/ShowQRCode2.js +1 -2
- package/dist/esm/react/components/ShowQRCode2.js.map +1 -1
- package/dist/esm/react/components/theme/ThemeProvider.js +18 -18
- package/dist/esm/react/components/theme/ThemeProvider.js.map +1 -1
- package/dist/esm/react/components/theme/design-tokens.js +1 -1
- package/dist/esm/react/context/tatchiManagerSingleton.js +2 -3
- package/dist/esm/react/context/tatchiManagerSingleton.js.map +1 -1
- package/dist/esm/react/context/useLoginStateRefresher.js +1 -2
- package/dist/esm/react/context/useLoginStateRefresher.js.map +1 -1
- package/dist/esm/react/context/useTatchiContextValue.js +17 -9
- package/dist/esm/react/context/useTatchiContextValue.js.map +1 -1
- package/dist/esm/react/context/useTatchiWithSdkFlow.js +9 -10
- package/dist/esm/react/context/useTatchiWithSdkFlow.js.map +1 -1
- package/dist/esm/react/context/useWalletIframeLifecycle.js +1 -2
- package/dist/esm/react/context/useWalletIframeLifecycle.js.map +1 -1
- package/dist/esm/react/deviceDetection.js +93 -72
- package/dist/esm/react/deviceDetection.js.map +1 -1
- package/dist/esm/react/hooks/useAccountInput.js +1 -2
- package/dist/esm/react/hooks/useAccountInput.js.map +1 -1
- package/dist/esm/react/hooks/useDeviceLinking.js +1 -1
- package/dist/esm/react/hooks/useNearClient.js +2 -3
- package/dist/esm/react/hooks/useNearClient.js.map +1 -1
- package/dist/esm/react/hooks/usePreconnectWalletAssets.js +1 -1
- package/dist/esm/react/hooks/useQRCamera.js +2 -3
- package/dist/esm/react/hooks/useQRCamera.js.map +1 -1
- package/dist/esm/react/hooks/useQRFileUpload.js +1 -1
- package/dist/esm/react/index.js +5 -14
- package/dist/esm/react/src/base-styles.js.map +1 -0
- package/dist/esm/react/src/config.js.map +1 -0
- package/dist/esm/react/src/core/ChainsigAddressManager/index.js +27 -0
- package/dist/esm/react/src/core/ChainsigAddressManager/index.js.map +1 -0
- package/dist/esm/react/src/core/EmailRecovery/emailRecoveryPendingStore.js +57 -0
- package/dist/esm/react/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -0
- package/dist/esm/react/src/core/EmailRecovery/index.js +96 -0
- package/dist/esm/react/src/core/EmailRecovery/index.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/index.js +132 -0
- package/dist/esm/react/src/core/IndexedDBManager/index.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyClientDB.js +685 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyClientDB.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyNearKeysDB.js +259 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -0
- package/dist/esm/react/src/core/NearClient.js +273 -0
- package/dist/esm/react/src/core/NearClient.js.map +1 -0
- package/dist/esm/react/src/core/NearRpcError.js.map +1 -0
- package/dist/esm/react/src/core/OfflineExport/overlay.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/actions.js +403 -0
- package/dist/esm/react/src/core/TatchiPasskey/actions.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/delegateAction.js +76 -0
- package/dist/esm/react/src/core/TatchiPasskey/delegateAction.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/emailRecovery.js +933 -0
- package/dist/esm/react/src/core/TatchiPasskey/emailRecovery.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +108 -0
- package/dist/esm/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/index.js +1335 -0
- package/dist/esm/react/src/core/TatchiPasskey/index.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/linkDevice.js +766 -0
- package/dist/esm/react/src/core/TatchiPasskey/linkDevice.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/login.js +754 -0
- package/dist/esm/react/src/core/TatchiPasskey/login.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/registration.js +440 -0
- package/dist/esm/react/src/core/TatchiPasskey/registration.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/relay.js +110 -0
- package/dist/esm/react/src/core/TatchiPasskey/relay.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/scanDevice.js +98 -0
- package/dist/esm/react/src/core/TatchiPasskey/scanDevice.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/signNEP413.js +96 -0
- package/dist/esm/react/src/core/TatchiPasskey/signNEP413.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/esm/react/src/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/IframeTransport.js +362 -0
- package/dist/esm/react/src/core/WalletIframe/client/IframeTransport.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/on-events-progress-bus.js +207 -0
- package/dist/esm/react/src/core/WalletIframe/client/on-events-progress-bus.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/overlay-controller.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/overlay-styles.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/router.js +1096 -0
- package/dist/esm/react/src/core/WalletIframe/client/router.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/events.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/host-mode.js +13 -0
- package/dist/esm/react/src/core/WalletIframe/host-mode.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +218 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +187 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +245 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +258 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js +499 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +181 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js +218 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js +19 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/tags.js +22 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/tags.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +27 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +67 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +42 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +68 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +44 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +23 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +42 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +118 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +15 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +258 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +217 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +55 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +299 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +74 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/index.js +457 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +92 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +54 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +50 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +30 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +87 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +17 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +63 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +124 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +157 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +49 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +175 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +117 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +54 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +158 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +79 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/index.js +408 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +197 -0
- package/dist/esm/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/esm/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/credentialsHelpers.js +286 -0
- package/dist/esm/react/src/core/WebAuthnManager/credentialsHelpers.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/index.js +1192 -0
- package/dist/esm/react/src/core/WebAuthnManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/touchIdPrompt.js +265 -0
- package/dist/esm/react/src/core/WebAuthnManager/touchIdPrompt.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/userHandle.js +35 -0
- package/dist/esm/react/src/core/WebAuthnManager/userHandle.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/userPreferences.js +390 -0
- package/dist/esm/react/src/core/WebAuthnManager/userPreferences.js.map +1 -0
- package/dist/esm/react/src/core/defaultConfigs.js +104 -0
- package/dist/esm/react/src/core/defaultConfigs.js.map +1 -0
- package/dist/esm/react/src/core/digests/intentDigest.js +95 -0
- package/dist/esm/react/src/core/digests/intentDigest.js.map +1 -0
- package/dist/esm/react/src/core/nearCrypto.js +27 -0
- package/dist/esm/react/src/core/nearCrypto.js.map +1 -0
- package/dist/esm/react/src/core/nonceManager.js +393 -0
- package/dist/esm/react/src/core/nonceManager.js.map +1 -0
- package/dist/esm/react/src/core/rpcCalls.js +672 -0
- package/dist/esm/react/src/core/rpcCalls.js.map +1 -0
- package/dist/esm/react/src/core/sdkPaths/base.js.map +1 -0
- package/dist/esm/react/src/core/sdkPaths/workers.js +44 -0
- package/dist/esm/react/src/core/sdkPaths/workers.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519AuthSession.js +140 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdSessionPolicy.js +65 -0
- package/dist/esm/react/src/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/esm/react/src/core/types/accountIds.js +23 -0
- package/dist/esm/react/src/core/types/accountIds.js.map +1 -0
- package/dist/esm/react/src/core/types/actions.js +260 -0
- package/dist/esm/react/src/core/types/actions.js.map +1 -0
- package/dist/esm/react/src/core/types/authenticatorOptions.js +47 -0
- package/dist/esm/react/src/core/types/authenticatorOptions.js.map +1 -0
- package/dist/esm/react/src/core/types/emailRecovery.js +29 -0
- package/dist/esm/react/src/core/types/emailRecovery.js.map +1 -0
- package/dist/esm/react/src/core/types/linkDevice.js.map +1 -0
- package/dist/esm/react/src/core/types/rpc.js +14 -0
- package/dist/esm/react/src/core/types/rpc.js.map +1 -0
- package/dist/esm/react/src/core/types/sdkSentEvents.js +110 -0
- package/dist/esm/react/src/core/types/sdkSentEvents.js.map +1 -0
- package/dist/esm/react/src/core/types/signer-worker.js +125 -0
- package/dist/esm/react/src/core/types/signer-worker.js.map +1 -0
- package/dist/esm/react/src/core/types/vrf-worker.js +62 -0
- package/dist/esm/react/src/core/types/vrf-worker.js.map +1 -0
- package/dist/esm/react/src/core/workerControlMessages.js.map +1 -0
- package/dist/esm/react/src/theme/base-styles.js.map +1 -0
- package/dist/esm/react/src/theme/palette.js.map +1 -0
- package/dist/esm/react/src/threshold/participants.js +76 -0
- package/dist/esm/react/src/threshold/participants.js.map +1 -0
- package/dist/esm/react/src/utils/base58.js +19 -0
- package/dist/esm/react/src/utils/base58.js.map +1 -0
- package/dist/esm/react/src/utils/base64.js +67 -0
- package/dist/esm/react/src/utils/base64.js.map +1 -0
- package/dist/esm/react/src/utils/digests.js +26 -0
- package/dist/esm/react/src/utils/digests.js.map +1 -0
- package/dist/esm/react/src/utils/errors.js +136 -0
- package/dist/esm/react/src/utils/errors.js.map +1 -0
- package/dist/esm/react/src/utils/qrScanner.js.map +1 -0
- package/dist/esm/react/src/utils/validation.js +144 -0
- package/dist/esm/react/src/utils/validation.js.map +1 -0
- package/dist/esm/sdk/EmailRecovery-Dl8b4ONg.js +9 -0
- package/dist/esm/sdk/EmailRecovery-v9oNO2Tc.js +147 -0
- package/dist/esm/sdk/HaloBorder-DYOOQFjI.js +1116 -0
- package/dist/esm/sdk/IndexedDBManager-B1cUvdyY.js +1351 -0
- package/dist/esm/sdk/accountIds-DVDhXwVA.js +15 -0
- package/dist/esm/sdk/actions-fHadejPs.js +250 -0
- package/dist/esm/sdk/base64-dqpWgddX.js +66 -0
- package/dist/esm/sdk/browser-CH0Ca-MX.js +2443 -0
- package/dist/esm/sdk/chunk-DitdNFGZ.js +28 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js +1404 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js.map +1 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-DqzPzwvU.js +138 -0
- package/dist/esm/sdk/config-BbNXtVtu.js +100 -0
- package/dist/esm/sdk/createAdapters-1Hmc1vVC.js +524 -0
- package/dist/esm/sdk/createAdapters-Dv7ZJPf1.js +3767 -0
- package/dist/esm/sdk/createAdapters-Dv7ZJPf1.js.map +1 -0
- package/dist/esm/sdk/css-loader-CAIkFQ3i.js +1143 -0
- package/dist/esm/sdk/css-loader-DWW-_Vli.js +1191 -0
- package/dist/esm/sdk/css-loader-DWW-_Vli.js.map +1 -0
- package/dist/esm/sdk/defaultConfigs-BmCU1_qI.js +103 -0
- package/dist/esm/sdk/delegateAction-DdkvFFKA.js +76 -0
- package/dist/esm/sdk/emailRecovery-4J-g9tlY.js +963 -0
- package/dist/esm/sdk/errors-DevlT39D.js +135 -0
- package/dist/esm/sdk/events-D2g80q67.js +8 -0
- package/dist/esm/sdk/export-private-key-viewer.js +22 -17
- package/dist/esm/sdk/getDeviceNumber-f8bfPB9U.js +599 -0
- package/dist/esm/sdk/getDeviceNumber-f8bfPB9U.js.map +1 -0
- package/dist/esm/sdk/getDeviceNumber-y3mMtky6.js +26 -0
- package/dist/esm/sdk/halo-border.js +1 -1
- package/dist/esm/sdk/host-mode-BIUqo9hg.js +44 -0
- package/dist/esm/sdk/host-mode-CgqmYAwZ.js +13 -0
- package/dist/esm/sdk/host-mode-CgqmYAwZ.js.map +1 -0
- package/dist/esm/sdk/iframe-export-bootstrap.js +3 -4
- package/dist/esm/sdk/iframe-host-BVt1hvOt.js +213 -0
- package/dist/esm/sdk/iframe-host-d_rrsoyL.js +212 -0
- package/dist/esm/sdk/iframe-host-d_rrsoyL.js.map +1 -0
- package/dist/esm/sdk/intentDigest-yivVENNK.js +117 -0
- package/dist/esm/sdk/linkDevice-C98klpcE.js +772 -0
- package/dist/esm/sdk/localOnly-40zxrBMm.js +133 -0
- package/dist/esm/sdk/localOnly-40zxrBMm.js.map +1 -0
- package/dist/esm/sdk/localOnly-BZPBj14l.js +129 -0
- package/dist/esm/sdk/login-DnROv3eA.js +1540 -0
- package/dist/esm/sdk/offline-export-app.js +2355 -1061
- package/dist/esm/sdk/offline-export-app.js.map +1 -1
- package/dist/esm/sdk/overlay-Ci2FOQKE.js +433 -0
- package/dist/esm/sdk/passkey-halo-loading.js +1 -1
- package/dist/esm/sdk/registration-BP9M3tE1.js +165 -0
- package/dist/esm/sdk/registration-MrAOC8Ub.js +154 -0
- package/dist/esm/sdk/registration-MrAOC8Ub.js.map +1 -0
- package/dist/esm/sdk/relay-Dq9D7fhG.js +109 -0
- package/dist/esm/sdk/router-BEGGuWaB.js +1868 -0
- package/dist/esm/sdk/rpc-Dq3ioE9T.js +13 -0
- package/dist/esm/sdk/rpcCalls-B44MZora.js +671 -0
- package/dist/esm/sdk/rpcCalls-CMzj_Va_.js +12 -0
- package/dist/esm/sdk/safari-fallbacks-BcMFntiP.js +480 -0
- package/dist/esm/sdk/scanDevice-Cp-r-Z2T.js +109 -0
- package/dist/esm/sdk/sdkSentEvents-CzAZBFjP.js +109 -0
- package/dist/esm/sdk/signNEP413-DsyWH_Jo.js +95 -0
- package/dist/esm/sdk/signer-worker-DK847sXj.js +473 -0
- package/dist/esm/sdk/syncAccount-CqWCmBVb.js +16 -0
- package/dist/esm/sdk/syncAccount-Dt5jJbEB.js +533 -0
- package/dist/esm/sdk/tags-ByzxP7Cc.js +22 -0
- package/dist/esm/sdk/touchIdPrompt-JPhrOx8o.js +263 -0
- package/dist/esm/sdk/transactions-CrjP8yPD.js +170 -0
- package/dist/esm/sdk/transactions-CrjP8yPD.js.map +1 -0
- package/dist/esm/sdk/transactions-DAZrPW-6.js +183 -0
- package/dist/esm/sdk/tx-confirm-ui.js +58 -45
- package/dist/esm/sdk/tx-confirmer-wrapper-DWKpXTUW.js +3248 -0
- package/dist/esm/sdk/validation-BTq6LGPp.js +143 -0
- package/dist/esm/sdk/validation-hUZgySTx.js +108 -0
- package/dist/esm/sdk/validation-hUZgySTx.js.map +1 -0
- package/dist/esm/sdk/vrf-worker-BzQsJ5BW.js +61 -0
- package/dist/esm/sdk/w3a-components.css +0 -3
- package/dist/esm/sdk/w3a-tx-confirmer.js +9 -10
- package/dist/esm/sdk/wallet-iframe-host.js +6537 -10194
- package/dist/esm/server/core/AuthService.js +137 -58
- package/dist/esm/server/core/AuthService.js.map +1 -1
- package/dist/esm/server/core/SessionService.js.map +1 -1
- package/dist/esm/server/core/ShamirService.js +1 -1
- package/dist/esm/server/core/ShamirService.js.map +1 -1
- package/dist/esm/server/core/ThresholdService/ThresholdSigningService.js +976 -0
- package/dist/esm/server/core/ThresholdService/ThresholdSigningService.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/config.js +96 -0
- package/dist/esm/server/core/ThresholdService/config.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/coordinatorGrant.js +200 -0
- package/dist/esm/server/core/ThresholdService/coordinatorGrant.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/cosigners.js +278 -0
- package/dist/esm/server/core/ThresholdService/cosigners.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/createThresholdSigningService.js +98 -0
- package/dist/esm/server/core/ThresholdService/createThresholdSigningService.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/keygenStrategy.js +114 -0
- package/dist/esm/server/core/ThresholdService/keygenStrategy.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/kv.js +335 -0
- package/dist/esm/server/core/ThresholdService/kv.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/relayerKeyMaterial.js +65 -0
- package/dist/esm/server/core/ThresholdService/relayerKeyMaterial.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/signingHandlers.js +1177 -0
- package/dist/esm/server/core/ThresholdService/signingHandlers.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/AuthSessionStore.js +258 -0
- package/dist/esm/server/core/ThresholdService/stores/AuthSessionStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/KeyStore.js +136 -0
- package/dist/esm/server/core/ThresholdService/stores/KeyStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/SessionStore.js +228 -0
- package/dist/esm/server/core/ThresholdService/stores/SessionStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/validation.js +544 -0
- package/dist/esm/server/core/ThresholdService/validation.js.map +1 -0
- package/dist/esm/server/core/config.js +26 -18
- package/dist/esm/server/core/config.js.map +1 -1
- package/dist/esm/server/core/errors.js +3 -1
- package/dist/esm/server/core/errors.js.map +1 -1
- package/dist/esm/server/core/logger.js +2 -1
- package/dist/esm/server/core/logger.js.map +1 -1
- package/dist/esm/server/core/nearKeys.js +13 -0
- package/dist/esm/server/core/nearKeys.js.map +1 -0
- package/dist/esm/server/core/shamirHandlers.js +1 -1
- package/dist/esm/server/core/shamirHandlers.js.map +1 -1
- package/dist/esm/server/core/shamirWorker.js +94 -0
- package/dist/esm/server/core/shamirWorker.js.map +1 -1
- package/dist/esm/server/core/utils.js +1 -1
- package/dist/esm/server/core/utils.js.map +1 -1
- package/dist/esm/server/delegateAction/index.js.map +1 -1
- package/dist/esm/server/email-recovery/emailEncryptor.js +1 -1
- package/dist/esm/server/email-recovery/emailParsers.js +4 -4
- package/dist/esm/server/email-recovery/emailParsers.js.map +1 -1
- package/dist/esm/server/email-recovery/index.js +11 -6
- package/dist/esm/server/email-recovery/index.js.map +1 -1
- package/dist/esm/server/email-recovery/rpcCalls.js +2 -4
- package/dist/esm/server/email-recovery/rpcCalls.js.map +1 -1
- package/dist/esm/server/email-recovery/zkEmail/proverClient.js +3 -4
- package/dist/esm/server/email-recovery/zkEmail/proverClient.js.map +1 -1
- package/dist/esm/server/index.js +5 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js +243 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js +400 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js.map +1 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js +367 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js +53 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js +32 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js +20 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js +51 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js.map +1 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js +224 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js +17 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js.map +1 -1
- package/dist/esm/server/router/cloudflare.js +1117 -684
- package/dist/esm/server/router/cloudflare.js.map +1 -1
- package/dist/esm/server/router/express.js +812 -350
- package/dist/esm/server/router/express.js.map +1 -1
- package/dist/esm/server/sdk/src/core/NearClient.js +8 -1
- package/dist/esm/server/sdk/src/core/NearClient.js.map +1 -1
- package/dist/esm/server/sdk/src/core/defaultConfigs.js +5 -1
- package/dist/esm/server/sdk/src/core/defaultConfigs.js.map +1 -1
- package/dist/esm/server/sdk/src/core/nearCrypto.js +2 -34
- package/dist/esm/server/sdk/src/core/nearCrypto.js.map +1 -1
- package/dist/esm/server/sdk/src/core/types/actions.js.map +1 -1
- package/dist/esm/server/sdk/src/core/types/rpc.js +1 -0
- package/dist/esm/server/sdk/src/core/types/rpc.js.map +1 -1
- package/dist/esm/server/sdk/src/threshold/participants.js +27 -0
- package/dist/esm/server/sdk/src/threshold/participants.js.map +1 -0
- package/dist/esm/server/sdk/src/utils/base64.js +33 -1
- package/dist/esm/server/sdk/src/utils/base64.js.map +1 -1
- package/dist/esm/server/sdk/src/utils/digests.js +26 -0
- package/dist/esm/server/sdk/src/utils/digests.js.map +1 -0
- package/dist/esm/server/sdk/src/utils/errors.js +18 -1
- package/dist/esm/server/sdk/src/utils/errors.js.map +1 -1
- package/dist/esm/server/sdk/src/utils/validation.js +84 -0
- package/dist/esm/server/sdk/src/utils/validation.js.map +1 -0
- package/dist/esm/threshold/participants.js +76 -0
- package/dist/esm/threshold/participants.js.map +1 -0
- package/dist/esm/utils/base58.js +13 -11
- package/dist/esm/utils/base58.js.map +1 -1
- package/dist/esm/utils/base64.js +33 -16
- package/dist/esm/utils/base64.js.map +1 -1
- package/dist/esm/utils/digests.js +26 -0
- package/dist/esm/utils/digests.js.map +1 -0
- package/dist/esm/utils/errors.js +1 -5
- package/dist/esm/utils/errors.js.map +1 -1
- package/dist/esm/utils/validation.js +88 -5
- package/dist/esm/utils/validation.js.map +1 -1
- package/dist/esm/wasm_signer_worker/pkg/wasm_signer_worker.js +381 -225
- package/dist/esm/wasm_signer_worker/pkg/wasm_signer_worker_bg.wasm +0 -0
- package/dist/esm/wasm_vrf_worker/pkg/wasm_vrf_worker.js +103 -11
- package/dist/esm/wasm_vrf_worker/pkg/wasm_vrf_worker_bg.wasm +0 -0
- package/dist/types/src/__tests__/e2e/thresholdEd25519.testUtils.d.ts +25 -0
- package/dist/types/src/__tests__/e2e/thresholdEd25519.testUtils.d.ts.map +1 -0
- package/dist/types/src/__tests__/helpers/thresholdEd25519TestUtils.d.ts +23 -0
- package/dist/types/src/__tests__/helpers/thresholdEd25519TestUtils.d.ts.map +1 -0
- package/dist/types/src/__tests__/relayer/helpers.d.ts +1 -0
- package/dist/types/src/__tests__/relayer/helpers.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/bootstrap.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/flows.d.ts +11 -3
- package/dist/types/src/__tests__/setup/flows.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/index.d.ts +1 -1
- package/dist/types/src/__tests__/setup/index.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/webauthn-mocks.d.ts.map +1 -1
- package/dist/types/src/core/EmailRecovery/emailRecoveryPendingStore.d.ts +1 -1
- package/dist/types/src/core/EmailRecovery/emailRecoveryPendingStore.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/index.d.ts +3 -3
- package/dist/types/src/core/IndexedDBManager/index.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/passkeyClientDB.d.ts +10 -1
- package/dist/types/src/core/IndexedDBManager/passkeyClientDB.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/passkeyNearKeysDB.d.ts +33 -16
- package/dist/types/src/core/IndexedDBManager/passkeyNearKeysDB.d.ts.map +1 -1
- package/dist/types/src/core/NearClient.d.ts +2 -0
- package/dist/types/src/core/NearClient.d.ts.map +1 -1
- package/dist/types/src/core/OfflineExport/offline-export-app.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/actions.d.ts +10 -7
- package/dist/types/src/core/TatchiPasskey/actions.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/delegateAction.d.ts +1 -1
- package/dist/types/src/core/TatchiPasskey/delegateAction.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/emailRecovery.d.ts +3 -35
- package/dist/types/src/core/TatchiPasskey/emailRecovery.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/faucets/createAccountRelayServer.d.ts +17 -1
- package/dist/types/src/core/TatchiPasskey/faucets/createAccountRelayServer.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/index.d.ts +66 -33
- package/dist/types/src/core/TatchiPasskey/index.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/linkDevice.d.ts +1 -0
- package/dist/types/src/core/TatchiPasskey/linkDevice.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/login.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/registration.d.ts +1 -1
- package/dist/types/src/core/TatchiPasskey/registration.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/signNEP413.d.ts +3 -1
- package/dist/types/src/core/TatchiPasskey/signNEP413.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/syncAccount.d.ts +112 -0
- package/dist/types/src/core/TatchiPasskey/syncAccount.d.ts.map +1 -0
- package/dist/types/src/core/WalletIframe/TatchiPasskeyIframe.d.ts +39 -15
- package/dist/types/src/core/WalletIframe/TatchiPasskeyIframe.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/client/IframeTransport.d.ts +11 -0
- package/dist/types/src/core/WalletIframe/client/IframeTransport.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/client/router.d.ts +66 -72
- package/dist/types/src/core/WalletIframe/client/router.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/context.d.ts +2 -2
- package/dist/types/src/core/WalletIframe/host/context.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/iframe-lit-elem-mounter.d.ts +41 -20
- package/dist/types/src/core/WalletIframe/host/iframe-lit-elem-mounter.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/iframe-lit-element-registry.d.ts +0 -34
- package/dist/types/src/core/WalletIframe/host/iframe-lit-element-registry.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/mounter-styles.d.ts +1 -1
- package/dist/types/src/core/WalletIframe/host/mounter-styles.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-handlers.d.ts +1 -2
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-handlers.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-host.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host-mode.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/shared/messages.d.ts +78 -10
- package/dist/types/src/core/WalletIframe/shared/messages.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/LitElementWithProps.d.ts +5 -3
- package/dist/types/src/core/WebAuthnManager/LitComponents/LitElementWithProps.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/ensure-defined.d.ts +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/ensure-defined.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/tags.d.ts +0 -52
- package/dist/types/src/core/WebAuthnManager/LitComponents/tags.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.d.ts +13 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/index.d.ts +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.d.ts +11 -5
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.d.ts +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.d.ts +3 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.d.ts +2 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.d.ts +5 -5
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/index.d.ts +19 -4
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.d.ts +6 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/thresholdSessionHelpers.d.ts +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/thresholdSessionHelpers.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/interfaces.d.ts +3 -3
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/interfaces.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.d.ts +9 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.d.ts +17 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/index.d.ts +9 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.d.ts +22 -0
- package/dist/types/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/credentialsHelpers.d.ts +8 -3
- package/dist/types/src/core/WebAuthnManager/credentialsHelpers.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/index.d.ts +118 -14
- package/dist/types/src/core/WebAuthnManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.d.ts +46 -0
- package/dist/types/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.d.ts +48 -0
- package/dist/types/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/userPreferences.d.ts +36 -1
- package/dist/types/src/core/WebAuthnManager/userPreferences.d.ts.map +1 -1
- package/dist/types/src/core/defaultConfigs.d.ts +5 -0
- package/dist/types/src/core/defaultConfigs.d.ts.map +1 -1
- package/dist/types/src/core/digests/intentDigest.d.ts +19 -0
- package/dist/types/src/core/digests/intentDigest.d.ts.map +1 -0
- package/dist/types/src/core/nearCrypto.d.ts +2 -16
- package/dist/types/src/core/nearCrypto.d.ts.map +1 -1
- package/dist/types/src/core/nonceManager.d.ts.map +1 -1
- package/dist/types/src/core/rpcCalls.d.ts +64 -2
- package/dist/types/src/core/rpcCalls.d.ts.map +1 -1
- package/dist/types/src/core/sdkPaths/workers.d.ts +1 -1
- package/dist/types/src/core/sdkPaths/workers.d.ts.map +1 -1
- package/dist/types/src/core/threshold/index.d.ts +1 -0
- package/dist/types/src/core/threshold/index.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdEd25519AuthSession.d.ts +42 -0
- package/dist/types/src/core/threshold/thresholdEd25519AuthSession.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdEd25519RelayerHealth.d.ts +31 -0
- package/dist/types/src/core/threshold/thresholdEd25519RelayerHealth.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdSessionPolicy.d.ts +45 -0
- package/dist/types/src/core/threshold/thresholdSessionPolicy.d.ts.map +1 -0
- package/dist/types/src/core/types/delegate.d.ts +5 -2
- package/dist/types/src/core/types/delegate.d.ts.map +1 -1
- package/dist/types/src/core/types/emailRecovery.d.ts +82 -0
- package/dist/types/src/core/types/emailRecovery.d.ts.map +1 -1
- package/dist/types/src/core/types/rpc.d.ts +1 -0
- package/dist/types/src/core/types/rpc.d.ts.map +1 -1
- package/dist/types/src/core/types/sdkSentEvents.d.ts +82 -30
- package/dist/types/src/core/types/sdkSentEvents.d.ts.map +1 -1
- package/dist/types/src/core/types/signer-worker.d.ts +137 -20
- package/dist/types/src/core/types/signer-worker.d.ts.map +1 -1
- package/dist/types/src/core/types/tatchi.d.ts +10 -1
- package/dist/types/src/core/types/tatchi.d.ts.map +1 -1
- package/dist/types/src/core/types/vrf-worker.d.ts +27 -1
- package/dist/types/src/core/types/vrf-worker.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +2 -2
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/plugins/headers.d.ts.map +1 -1
- package/dist/types/src/plugins/plugin-utils.d.ts +1 -1
- package/dist/types/src/plugins/plugin-utils.d.ts.map +1 -1
- package/dist/types/src/plugins/vite.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/LinkedDevicesModal.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/ProfileDropdown.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/TransactionSettingsSection.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/index.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/types.d.ts +5 -0
- package/dist/types/src/react/components/AccountMenuButton/types.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/authMenuTypes.d.ts +4 -4
- package/dist/types/src/react/components/PasskeyAuthMenu/authMenuTypes.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/client.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.d.ts +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/useSDKEvents.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/types.d.ts +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/types.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.d.ts.map +1 -1
- package/dist/types/src/react/context/useTatchiWithSdkFlow.d.ts +2 -2
- package/dist/types/src/react/context/useTatchiWithSdkFlow.d.ts.map +1 -1
- package/dist/types/src/react/index.d.ts +2 -4
- package/dist/types/src/react/index.d.ts.map +1 -1
- package/dist/types/src/react/types.d.ts +8 -25
- package/dist/types/src/react/types.d.ts.map +1 -1
- package/dist/types/src/server/core/AuthService.d.ts +14 -2
- package/dist/types/src/server/core/AuthService.d.ts.map +1 -1
- package/dist/types/src/server/core/SessionService.d.ts +3 -3
- package/dist/types/src/server/core/SessionService.d.ts.map +1 -1
- package/dist/types/src/server/core/ThresholdService/ThresholdSigningService.d.ts +91 -0
- package/dist/types/src/server/core/ThresholdService/ThresholdSigningService.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/config.d.ts +21 -0
- package/dist/types/src/server/core/ThresholdService/config.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/coordinatorGrant.d.ts +35 -0
- package/dist/types/src/server/core/ThresholdService/coordinatorGrant.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/cosigners.d.ts +47 -0
- package/dist/types/src/server/core/ThresholdService/cosigners.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/createThresholdSigningService.d.ts +11 -0
- package/dist/types/src/server/core/ThresholdService/createThresholdSigningService.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/index.d.ts +6 -0
- package/dist/types/src/server/core/ThresholdService/index.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/keygenStrategy.d.ts +79 -0
- package/dist/types/src/server/core/ThresholdService/keygenStrategy.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/kv.d.ts +47 -0
- package/dist/types/src/server/core/ThresholdService/kv.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/relayerKeyMaterial.d.ts +27 -0
- package/dist/types/src/server/core/ThresholdService/relayerKeyMaterial.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/signingHandlers.d.ts +66 -0
- package/dist/types/src/server/core/ThresholdService/signingHandlers.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/AuthSessionStore.d.ts +32 -0
- package/dist/types/src/server/core/ThresholdService/stores/AuthSessionStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/KeyStore.d.ts +18 -0
- package/dist/types/src/server/core/ThresholdService/stores/KeyStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/SessionStore.d.ts +66 -0
- package/dist/types/src/server/core/ThresholdService/stores/SessionStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/validation.d.ts +129 -0
- package/dist/types/src/server/core/ThresholdService/validation.d.ts.map +1 -0
- package/dist/types/src/server/core/config.d.ts.map +1 -1
- package/dist/types/src/server/core/errors.d.ts.map +1 -1
- package/dist/types/src/server/core/logger.d.ts +1 -0
- package/dist/types/src/server/core/logger.d.ts.map +1 -1
- package/dist/types/src/server/core/nearKeys.d.ts +2 -0
- package/dist/types/src/server/core/nearKeys.d.ts.map +1 -0
- package/dist/types/src/server/core/shamirWorker.d.ts.map +1 -1
- package/dist/types/src/server/core/types.d.ts +321 -1
- package/dist/types/src/server/core/types.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/emailParsers.d.ts +1 -1
- package/dist/types/src/server/email-recovery/emailParsers.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/index.d.ts +1 -1
- package/dist/types/src/server/email-recovery/index.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/rpcCalls.d.ts +1 -1
- package/dist/types/src/server/email-recovery/rpcCalls.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/zkEmail/proverClient.d.ts.map +1 -1
- package/dist/types/src/server/index.d.ts +2 -0
- package/dist/types/src/server/index.d.ts.map +1 -1
- package/dist/types/src/server/router/cloudflare/createCloudflareRouter.d.ts +22 -0
- package/dist/types/src/server/router/cloudflare/createCloudflareRouter.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/cron.d.ts +18 -0
- package/dist/types/src/server/router/cloudflare/cron.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/email.d.ts +22 -0
- package/dist/types/src/server/router/cloudflare/email.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/http.d.ts +12 -0
- package/dist/types/src/server/router/cloudflare/http.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/createAccountAndRegisterUser.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/createAccountAndRegisterUser.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/health.d.ts +4 -0
- package/dist/types/src/server/router/cloudflare/routes/health.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/recoverEmail.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/recoverEmail.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/sessions.d.ts +5 -0
- package/dist/types/src/server/router/cloudflare/routes/sessions.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/shamir.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/shamir.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/signedDelegate.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/signedDelegate.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/thresholdEd25519.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/thresholdEd25519.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/verifyAuthenticationResponse.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/verifyAuthenticationResponse.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/wellKnown.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/wellKnown.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/types.d.ts +49 -0
- package/dist/types/src/server/router/cloudflare/types.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare-adaptor.d.ts +7 -106
- package/dist/types/src/server/router/cloudflare-adaptor.d.ts.map +1 -1
- package/dist/types/src/server/router/commonRouterUtils.d.ts +26 -0
- package/dist/types/src/server/router/commonRouterUtils.d.ts.map +1 -0
- package/dist/types/src/server/router/express/cors.d.ts +4 -0
- package/dist/types/src/server/router/express/cors.d.ts.map +1 -0
- package/dist/types/src/server/router/express/createRelayRouter.d.ts +16 -0
- package/dist/types/src/server/router/express/createRelayRouter.d.ts.map +1 -0
- package/dist/types/src/server/router/express/cron.d.ts +12 -0
- package/dist/types/src/server/router/express/cron.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/createAccountAndRegisterUser.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/createAccountAndRegisterUser.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/health.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/health.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/recoverEmail.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/recoverEmail.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/sessions.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/sessions.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/shamir.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/shamir.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/signedDelegate.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/signedDelegate.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/thresholdEd25519.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/thresholdEd25519.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/verifyAuthenticationResponse.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/verifyAuthenticationResponse.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/wellKnown.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/wellKnown.d.ts.map +1 -0
- package/dist/types/src/server/router/express-adaptor.d.ts +4 -54
- package/dist/types/src/server/router/express-adaptor.d.ts.map +1 -1
- package/dist/types/src/server/router/logger.d.ts +3 -2
- package/dist/types/src/server/router/logger.d.ts.map +1 -1
- package/dist/types/src/server/router/relay.d.ts +93 -0
- package/dist/types/src/server/router/relay.d.ts.map +1 -0
- package/dist/types/src/server/router/routerOptions.d.ts +4 -0
- package/dist/types/src/server/router/routerOptions.d.ts.map +1 -0
- package/dist/types/src/server/threshold/statusCodes.d.ts +6 -0
- package/dist/types/src/server/threshold/statusCodes.d.ts.map +1 -0
- package/dist/types/src/threshold/participants.d.ts +41 -0
- package/dist/types/src/threshold/participants.d.ts.map +1 -0
- package/dist/types/src/utils/digests.d.ts +3 -0
- package/dist/types/src/utils/digests.d.ts.map +1 -0
- package/dist/types/src/utils/index.d.ts +1 -0
- package/dist/types/src/utils/index.d.ts.map +1 -1
- package/dist/types/src/utils/validation.d.ts +60 -0
- package/dist/types/src/utils/validation.d.ts.map +1 -1
- package/dist/types/src/wasm_signer_worker/pkg/wasm_signer_worker.d.ts +182 -79
- package/dist/types/src/wasm_signer_worker/pkg/wasm_signer_worker.d.ts.map +1 -1
- package/dist/types/src/wasm_vrf_worker/pkg/wasm_vrf_worker.d.ts +45 -1
- package/dist/types/src/wasm_vrf_worker/pkg/wasm_vrf_worker.d.ts.map +1 -1
- package/dist/workers/offline-export-sw.js +1 -156
- package/dist/workers/wasm_signer_worker_bg.wasm +0 -0
- package/dist/workers/wasm_vrf_worker_bg.wasm +0 -0
- package/dist/workers/web3authn-signer.worker.js +2 -1324
- package/dist/workers/web3authn-vrf.worker.js +2 -2788
- package/package.json +3 -8
- package/dist/cjs/core/TatchiPasskey/recoverAccount.js +0 -429
- package/dist/cjs/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/cjs/core/WalletIframe/validation.js +0 -67
- package/dist/cjs/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -363
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -707
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -30
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -17
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/txDigest.js +0 -85
- package/dist/cjs/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/cjs/index.js.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css +0 -452
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css +0 -120
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css +0 -77
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css +0 -41
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css.map +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css +0 -1009
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css.map +0 -1
- package/dist/cjs/react/components/SendTxButtonWithTooltip.js +0 -218
- package/dist/cjs/react/components/SendTxButtonWithTooltip.js.map +0 -1
- package/dist/cjs/react/components/ShowQRCode-CB0UCQ_h.css +0 -113
- package/dist/cjs/react/components/ShowQRCode-CB0UCQ_h.css.map +0 -1
- package/dist/cjs/react/components/WalletIframeTxButtonHost.js +0 -177
- package/dist/cjs/react/components/WalletIframeTxButtonHost.js.map +0 -1
- package/dist/cjs/react/index.js.map +0 -1
- package/dist/cjs/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/node/create-component.js +0 -32
- package/dist/cjs/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/node/create-component.js.map +0 -1
- package/dist/cjs/react/sdk/build-paths.js +0 -55
- package/dist/cjs/react/sdk/build-paths.js.map +0 -1
- package/dist/cjs/react/sdk/src/base-styles.js +0 -21
- package/dist/cjs/react/sdk/src/base-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/config.js +0 -35
- package/dist/cjs/react/sdk/src/config.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/ChainsigAddressManager/index.js +0 -30
- package/dist/cjs/react/sdk/src/core/ChainsigAddressManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js +0 -69
- package/dist/cjs/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/EmailRecovery/index.js +0 -115
- package/dist/cjs/react/sdk/src/core/EmailRecovery/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/index.js +0 -140
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js +0 -685
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js +0 -192
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/NearClient.js +0 -273
- package/dist/cjs/react/sdk/src/core/NearClient.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/NearRpcError.js +0 -116
- package/dist/cjs/react/sdk/src/core/NearRpcError.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/OfflineExport/overlay.js +0 -56
- package/dist/cjs/react/sdk/src/core/OfflineExport/overlay.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/actions.js +0 -452
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/actions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/delegateAction.js +0 -76
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/delegateAction.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/emailRecovery.js +0 -919
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/emailRecovery.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +0 -97
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/index.js +0 -1298
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/linkDevice.js +0 -711
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/linkDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/login.js +0 -578
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/login.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/recoverAccount.js +0 -429
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/registration.js +0 -340
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/registration.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/relay.js +0 -112
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/relay.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/scanDevice.js +0 -106
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/scanDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/signNEP413.js +0 -89
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/signNEP413.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/IframeTransport.js +0 -330
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/IframeTransport.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js +0 -210
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-controller.js +0 -100
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-controller.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-styles.js +0 -128
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/router.js +0 -1062
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/router.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/events.js +0 -11
- package/dist/cjs/react/sdk/src/core/WalletIframe/events.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/host-mode.js +0 -11
- package/dist/cjs/react/sdk/src/core/WalletIframe/host-mode.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/validation.js +0 -71
- package/dist/cjs/react/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js +0 -660
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +0 -223
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js +0 -135
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -363
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -707
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -190
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +0 -258
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +0 -261
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +0 -281
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +0 -256
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +0 -146
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js +0 -503
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -212
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +0 -183
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js +0 -46
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +0 -55
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js +0 -68
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -10
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js +0 -221
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -110
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js +0 -24
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js +0 -35
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js +0 -66
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -39
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +0 -71
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +0 -49
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +0 -73
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +0 -69
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -46
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +0 -118
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +0 -16
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +0 -105
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +0 -80
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +0 -64
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +0 -114
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +0 -82
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js +0 -452
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -36
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +0 -83
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +0 -61
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -50
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +0 -56
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +0 -34
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -47
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +0 -54
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -77
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +0 -64
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +0 -40
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -66
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +0 -90
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +0 -136
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -52
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +0 -173
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +0 -119
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -22
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +0 -52
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -33
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -31
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -50
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +0 -156
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -30
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +0 -59
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +0 -48
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +0 -59
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -45
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -54
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -31
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -28
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -30
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -42
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js +0 -375
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -26
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -17
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +0 -210
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js +0 -301
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/index.js +0 -890
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js +0 -282
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/txDigest.js +0 -85
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userHandle.js +0 -39
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userHandle.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userPreferences.js +0 -308
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userPreferences.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/defaultConfigs.js +0 -110
- package/dist/cjs/react/sdk/src/core/defaultConfigs.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/nearCrypto.js +0 -57
- package/dist/cjs/react/sdk/src/core/nearCrypto.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/nonceManager.js +0 -403
- package/dist/cjs/react/sdk/src/core/nonceManager.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/rpcCalls.js +0 -446
- package/dist/cjs/react/sdk/src/core/rpcCalls.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/sdkPaths/base.js +0 -49
- package/dist/cjs/react/sdk/src/core/sdkPaths/base.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/sdkPaths/workers.js +0 -45
- package/dist/cjs/react/sdk/src/core/sdkPaths/workers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/accountIds.js +0 -33
- package/dist/cjs/react/sdk/src/core/types/accountIds.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/actions.js +0 -274
- package/dist/cjs/react/sdk/src/core/types/actions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/authenticatorOptions.js +0 -51
- package/dist/cjs/react/sdk/src/core/types/authenticatorOptions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/emailRecovery.js +0 -33
- package/dist/cjs/react/sdk/src/core/types/emailRecovery.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/linkDevice.js +0 -25
- package/dist/cjs/react/sdk/src/core/types/linkDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/rpc.js +0 -25
- package/dist/cjs/react/sdk/src/core/types/rpc.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/sdkSentEvents.js +0 -133
- package/dist/cjs/react/sdk/src/core/types/sdkSentEvents.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/signer-worker.js +0 -69
- package/dist/cjs/react/sdk/src/core/types/signer-worker.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/vrf-worker.js +0 -74
- package/dist/cjs/react/sdk/src/core/types/vrf-worker.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/workerControlMessages.js +0 -21
- package/dist/cjs/react/sdk/src/core/workerControlMessages.js.map +0 -1
- package/dist/cjs/react/sdk/src/theme/base-styles.js +0 -157
- package/dist/cjs/react/sdk/src/theme/base-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/theme/palette.js +0 -209
- package/dist/cjs/react/sdk/src/theme/palette.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/base58.js +0 -24
- package/dist/cjs/react/sdk/src/utils/base58.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/base64.js +0 -59
- package/dist/cjs/react/sdk/src/utils/base64.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/encoders.js +0 -18
- package/dist/cjs/react/sdk/src/utils/encoders.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/errors.js +0 -151
- package/dist/cjs/react/sdk/src/utils/errors.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/index.js +0 -25
- package/dist/cjs/react/sdk/src/utils/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/qrScanner.js +0 -320
- package/dist/cjs/react/sdk/src/utils/qrScanner.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/validation.js +0 -67
- package/dist/cjs/react/sdk/src/utils/validation.js.map +0 -1
- package/dist/cjs/server/sdk/src/core/WalletIframe/validation.js +0 -17
- package/dist/cjs/server/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/utils/encoders.js +0 -18
- package/dist/cjs/utils/encoders.js.map +0 -1
- package/dist/cjs/utils/index.js +0 -25
- package/dist/cjs/utils/index.js.map +0 -1
- package/dist/esm/_virtual/rolldown_runtime.js +0 -28
- package/dist/esm/core/TatchiPasskey/recoverAccount.js +0 -428
- package/dist/esm/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/esm/core/WalletIframe/validation.js +0 -52
- package/dist/esm/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -357
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -703
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -29
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -12
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/txDigest.js +0 -83
- package/dist/esm/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/esm/index.js.map +0 -1
- package/dist/esm/react/_virtual/rolldown_runtime.js +0 -28
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css +0 -452
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css +0 -120
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css +0 -77
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css +0 -41
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css.map +0 -1
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css +0 -1009
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css.map +0 -1
- package/dist/esm/react/components/SendTxButtonWithTooltip.js +0 -214
- package/dist/esm/react/components/SendTxButtonWithTooltip.js.map +0 -1
- package/dist/esm/react/components/ShowQRCode-CB0UCQ_h.css +0 -113
- package/dist/esm/react/components/ShowQRCode-CB0UCQ_h.css.map +0 -1
- package/dist/esm/react/components/WalletIframeTxButtonHost.js +0 -174
- package/dist/esm/react/components/WalletIframeTxButtonHost.js.map +0 -1
- package/dist/esm/react/index.js.map +0 -1
- package/dist/esm/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/create-component.js +0 -45
- package/dist/esm/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/create-component.js.map +0 -1
- package/dist/esm/react/sdk/build-paths.js.map +0 -1
- package/dist/esm/react/sdk/src/base-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/config.js.map +0 -1
- package/dist/esm/react/sdk/src/core/ChainsigAddressManager/index.js +0 -29
- package/dist/esm/react/sdk/src/core/ChainsigAddressManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js +0 -63
- package/dist/esm/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +0 -1
- package/dist/esm/react/sdk/src/core/EmailRecovery/index.js +0 -105
- package/dist/esm/react/sdk/src/core/EmailRecovery/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/index.js +0 -133
- package/dist/esm/react/sdk/src/core/IndexedDBManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js +0 -678
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js +0 -185
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +0 -1
- package/dist/esm/react/sdk/src/core/NearClient.js +0 -271
- package/dist/esm/react/sdk/src/core/NearClient.js.map +0 -1
- package/dist/esm/react/sdk/src/core/NearRpcError.js.map +0 -1
- package/dist/esm/react/sdk/src/core/OfflineExport/overlay.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/actions.js +0 -448
- package/dist/esm/react/sdk/src/core/TatchiPasskey/actions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/delegateAction.js +0 -75
- package/dist/esm/react/sdk/src/core/TatchiPasskey/delegateAction.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/emailRecovery.js +0 -908
- package/dist/esm/react/sdk/src/core/TatchiPasskey/emailRecovery.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +0 -96
- package/dist/esm/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/index.js +0 -1298
- package/dist/esm/react/sdk/src/core/TatchiPasskey/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/linkDevice.js +0 -710
- package/dist/esm/react/sdk/src/core/TatchiPasskey/linkDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/login.js +0 -569
- package/dist/esm/react/sdk/src/core/TatchiPasskey/login.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/recoverAccount.js +0 -428
- package/dist/esm/react/sdk/src/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/registration.js +0 -338
- package/dist/esm/react/sdk/src/core/TatchiPasskey/registration.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/relay.js +0 -111
- package/dist/esm/react/sdk/src/core/TatchiPasskey/relay.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/scanDevice.js +0 -104
- package/dist/esm/react/sdk/src/core/TatchiPasskey/scanDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/signNEP413.js +0 -88
- package/dist/esm/react/sdk/src/core/TatchiPasskey/signNEP413.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/IframeTransport.js +0 -329
- package/dist/esm/react/sdk/src/core/WalletIframe/client/IframeTransport.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js +0 -208
- package/dist/esm/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/overlay-controller.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/overlay-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/router.js +0 -1061
- package/dist/esm/react/sdk/src/core/WalletIframe/client/router.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/events.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/host-mode.js +0 -9
- package/dist/esm/react/sdk/src/core/WalletIframe/host-mode.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/validation.js +0 -55
- package/dist/esm/react/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +0 -219
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -357
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -703
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -188
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +0 -255
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +0 -254
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js +0 -500
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +0 -182
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js +0 -219
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js +0 -23
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js +0 -47
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -32
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +0 -70
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +0 -46
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +0 -70
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +0 -66
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -24
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -43
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +0 -115
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +0 -14
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +0 -102
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +0 -77
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +0 -61
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +0 -111
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +0 -80
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js +0 -451
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +0 -81
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +0 -56
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +0 -54
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +0 -32
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +0 -63
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +0 -39
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -65
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +0 -89
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +0 -135
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -51
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +0 -172
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +0 -118
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +0 -51
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +0 -155
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -29
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +0 -58
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +0 -46
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +0 -58
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js +0 -374
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -12
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +0 -203
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js +0 -288
- package/dist/esm/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/index.js +0 -889
- package/dist/esm/react/sdk/src/core/WebAuthnManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js +0 -270
- package/dist/esm/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/txDigest.js +0 -83
- package/dist/esm/react/sdk/src/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userHandle.js +0 -38
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userHandle.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userPreferences.js +0 -307
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userPreferences.js.map +0 -1
- package/dist/esm/react/sdk/src/core/defaultConfigs.js +0 -102
- package/dist/esm/react/sdk/src/core/defaultConfigs.js.map +0 -1
- package/dist/esm/react/sdk/src/core/nearCrypto.js +0 -48
- package/dist/esm/react/sdk/src/core/nearCrypto.js.map +0 -1
- package/dist/esm/react/sdk/src/core/nonceManager.js +0 -402
- package/dist/esm/react/sdk/src/core/nonceManager.js.map +0 -1
- package/dist/esm/react/sdk/src/core/rpcCalls.js +0 -431
- package/dist/esm/react/sdk/src/core/rpcCalls.js.map +0 -1
- package/dist/esm/react/sdk/src/core/sdkPaths/base.js.map +0 -1
- package/dist/esm/react/sdk/src/core/sdkPaths/workers.js +0 -42
- package/dist/esm/react/sdk/src/core/sdkPaths/workers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/accountIds.js +0 -26
- package/dist/esm/react/sdk/src/core/types/accountIds.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/actions.js +0 -263
- package/dist/esm/react/sdk/src/core/types/actions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/authenticatorOptions.js +0 -47
- package/dist/esm/react/sdk/src/core/types/authenticatorOptions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/emailRecovery.js +0 -26
- package/dist/esm/react/sdk/src/core/types/emailRecovery.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/linkDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/rpc.js +0 -19
- package/dist/esm/react/sdk/src/core/types/rpc.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/sdkSentEvents.js +0 -116
- package/dist/esm/react/sdk/src/core/types/sdkSentEvents.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/signer-worker.js +0 -51
- package/dist/esm/react/sdk/src/core/types/signer-worker.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/vrf-worker.js +0 -66
- package/dist/esm/react/sdk/src/core/types/vrf-worker.js.map +0 -1
- package/dist/esm/react/sdk/src/core/workerControlMessages.js.map +0 -1
- package/dist/esm/react/sdk/src/theme/base-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/theme/palette.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/base58.js +0 -17
- package/dist/esm/react/sdk/src/utils/base58.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/base64.js +0 -50
- package/dist/esm/react/sdk/src/utils/base64.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/encoders.js +0 -13
- package/dist/esm/react/sdk/src/utils/encoders.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/errors.js +0 -140
- package/dist/esm/react/sdk/src/utils/errors.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/index.js +0 -20
- package/dist/esm/react/sdk/src/utils/index.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/qrScanner.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/validation.js +0 -61
- package/dist/esm/react/sdk/src/utils/validation.js.map +0 -1
- package/dist/esm/sdk/HaloBorder-D7vjXHnY.js +0 -1111
- package/dist/esm/sdk/WebAuthnFallbacks-Bl4BTsNt.js +0 -615
- package/dist/esm/sdk/actions-O1FD5Bq8.js +0 -252
- package/dist/esm/sdk/asset-base-K63RlTrt.js +0 -43
- package/dist/esm/sdk/base-Qt2P7SNn.js +0 -19
- package/dist/esm/sdk/base-Qt2P7SNn.js.map +0 -1
- package/dist/esm/sdk/base64-DBPGuXh4.js +0 -48
- package/dist/esm/sdk/browser-B3uuzKL0.js +0 -2443
- package/dist/esm/sdk/button-with-tooltip.css +0 -260
- package/dist/esm/sdk/chunk-DIQ1yeMN.js +0 -38
- package/dist/esm/sdk/createAdapters-DIRR8_Z9.js +0 -526
- package/dist/esm/sdk/createAdapters-Yga6W0en.js +0 -3202
- package/dist/esm/sdk/createAdapters-Yga6W0en.js.map +0 -1
- package/dist/esm/sdk/css-loader-BHxJyE5o.js +0 -1098
- package/dist/esm/sdk/css-loader-BrMMlG4X.js +0 -1184
- package/dist/esm/sdk/css-loader-BrMMlG4X.js.map +0 -1
- package/dist/esm/sdk/defaultConfigs-CfQDV-ya.js +0 -100
- package/dist/esm/sdk/ensure-defined-CHInSx7l.js +0 -34
- package/dist/esm/sdk/errors-D9ar28Dr.js +0 -265
- package/dist/esm/sdk/getDeviceNumber-BpernPnM.js +0 -121
- package/dist/esm/sdk/getDeviceNumber-BpernPnM.js.map +0 -1
- package/dist/esm/sdk/getDeviceNumber-zsOHT_Um.js +0 -30
- package/dist/esm/sdk/iframe-button-host.css +0 -84
- package/dist/esm/sdk/iframe-host-BisiSSOa.js +0 -213
- package/dist/esm/sdk/iframe-host-BisiSSOa.js.map +0 -1
- package/dist/esm/sdk/iframe-host-BoarlHRm.js +0 -1053
- package/dist/esm/sdk/iframe-host-BoarlHRm.js.map +0 -1
- package/dist/esm/sdk/iframe-host-CefZOSX2.js +0 -1105
- package/dist/esm/sdk/iframe-host-DQCSzj7r.js +0 -215
- package/dist/esm/sdk/iframe-tx-button-bootstrap.js +0 -220
- package/dist/esm/sdk/lit-events-BKobq01K.js +0 -29
- package/dist/esm/sdk/lit-events-BKobq01K.js.map +0 -1
- package/dist/esm/sdk/localOnly-BHScJasw.js +0 -93
- package/dist/esm/sdk/localOnly-VevCI7H0.js +0 -102
- package/dist/esm/sdk/localOnly-VevCI7H0.js.map +0 -1
- package/dist/esm/sdk/overlay-ZGbucXIa.js +0 -431
- package/dist/esm/sdk/registration-bKEg9Zr2.js +0 -133
- package/dist/esm/sdk/registration-bKEg9Zr2.js.map +0 -1
- package/dist/esm/sdk/registration-lDD60Ytt.js +0 -142
- package/dist/esm/sdk/requestHelpers-Dh1hEYL9.js +0 -445
- package/dist/esm/sdk/requestHelpers-aUKhXiEl.js +0 -1393
- package/dist/esm/sdk/requestHelpers-aUKhXiEl.js.map +0 -1
- package/dist/esm/sdk/router-BWtacLJg.js +0 -1799
- package/dist/esm/sdk/rpcCalls-CYGJSCgm.js +0 -10
- package/dist/esm/sdk/rpcCalls-DZZSa-sk.js +0 -427
- package/dist/esm/sdk/sdkSentEvents-_jrJLIhw.js +0 -128
- package/dist/esm/sdk/tags-C2Wlhqjd.js +0 -47
- package/dist/esm/sdk/transactions-Cn9xTWlK.js +0 -166
- package/dist/esm/sdk/transactions-Cn9xTWlK.js.map +0 -1
- package/dist/esm/sdk/transactions-DfdwDQCn.js +0 -178
- package/dist/esm/sdk/tx-confirmer-wrapper-lHNgz9i4.js +0 -2690
- package/dist/esm/sdk/tx-tree-themes-BND0SU2h.js +0 -572
- package/dist/esm/sdk/tx-tree-themes-i3It4IYY.js +0 -573
- package/dist/esm/sdk/tx-tree-themes-i3It4IYY.js.map +0 -1
- package/dist/esm/sdk/txDigest-CxjhSCgm.js +0 -89
- package/dist/esm/sdk/validation-DhPPUba7.js +0 -24
- package/dist/esm/sdk/validation-DhPPUba7.js.map +0 -1
- package/dist/esm/sdk/validation-DtLVzHDY.js +0 -50
- package/dist/esm/sdk/w3a-button-with-tooltip.js +0 -3316
- package/dist/esm/sdk/w3a-tx-button.js +0 -8
- package/dist/esm/server/sdk/src/core/WalletIframe/validation.js +0 -14
- package/dist/esm/server/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/utils/encoders.js +0 -13
- package/dist/esm/utils/encoders.js.map +0 -1
- package/dist/esm/utils/index.js +0 -20
- package/dist/esm/utils/index.js.map +0 -1
- package/dist/types/src/core/TatchiPasskey/recoverAccount.d.ts +0 -112
- package/dist/types/src/core/TatchiPasskey/recoverAccount.d.ts.map +0 -1
- package/dist/types/src/core/WalletIframe/host/WalletHostElements.d.ts +0 -55
- package/dist/types/src/core/WalletIframe/host/WalletHostElements.d.ts.map +0 -1
- package/dist/types/src/core/WalletIframe/validation.d.ts +0 -24
- package/dist/types/src/core/WalletIframe/validation.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/ButtonWithTooltip.d.ts +0 -160
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/ButtonWithTooltip.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.d.ts +0 -107
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.d.ts +0 -179
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-tx-button-bootstrap-script.d.ts +0 -7
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-tx-button-bootstrap-script.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/index.d.ts +0 -6
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/index.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/common/iframe-messages.d.ts +0 -112
- package/dist/types/src/core/WebAuthnManager/LitComponents/common/iframe-messages.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/txDigest.d.ts +0 -146
- package/dist/types/src/core/WebAuthnManager/txDigest.d.ts.map +0 -1
- package/dist/types/src/core/types/components.d.ts +0 -2
- package/dist/types/src/core/types/components.d.ts.map +0 -1
- package/dist/types/src/react/components/SendTxButtonWithTooltip.d.ts +0 -31
- package/dist/types/src/react/components/SendTxButtonWithTooltip.d.ts.map +0 -1
- package/dist/types/src/react/components/WalletIframeTxButtonHost.d.ts +0 -30
- package/dist/types/src/react/components/WalletIframeTxButtonHost.d.ts.map +0 -1
- /package/dist/esm/react/{sdk/build-paths.js → build-paths.js} +0 -0
- /package/dist/esm/react/{sdk/src → src}/base-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/config.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/NearRpcError.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/OfflineExport/overlay.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/client/overlay-controller.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/client/overlay-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/events.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/Drawer/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/HaloBorder/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/asset-base.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/common/formatters.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/lit-events.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/sdkPaths/base.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/types/linkDevice.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/workerControlMessages.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/theme/base-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/theme/palette.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/utils/qrScanner.js +0 -0
- /package/dist/esm/sdk/{lit-events-C-jpeT5r.js → lit-events-Bb4tAEO2.js} +0 -0
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
1
|
+
import { assertString, ensureEd25519Prefix, isFunction, isNumber, isObject, isString, stripTrailingSlashes, toOptionalTrimmedString, toTrimmedString, validateNearAccountId } from "./validation-hUZgySTx.js";
|
|
2
|
+
import { ActionType, SecureConfirmMessageType, SecureConfirmationType, TouchIdPrompt, base64Decode, base64Encode, base64UrlDecode, collectAuthenticationCredentialForVrfChallenge, computeThresholdEd25519KeygenIntentDigest, computeUiIntentDigestFromTxs, createRandomVRFChallenge, errorMessage, getIntentDigest, normalizeRegistrationCredential, orderActionForDigest, parseTransactionSummary, removePrfOutputGuard, sanitizeForPostMessage, sendConfirmResponse, serializeRegistrationCredentialWithPRF, toAccountId, toActionArgsWasm, toError, validateActionArgsWasm, validateVRFChallenge } from "./collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js";
|
|
3
|
+
import { DEFAULT_CONFIRMATION_CONFIG, DEFAULT_SIGNING_MODE, DEFAULT_THRESHOLD_BEHAVIOR, INTERNAL_WORKER_REQUEST_TYPE_SIGN_ADD_KEY_THRESHOLD_PUBLIC_KEY_NO_PROMPT, PASSKEY_MANAGER_DEFAULT_CONFIGS, THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID, THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID, UserVerificationPolicy as UserVerificationPolicy$1, WorkerRequestType, WorkerResponseType, buildConfigsFromEnv, coerceSignerMode, getLastLoggedInDeviceNumber, getThresholdBehaviorFromSignerMode, isDecryptPrivateKeyWithPrfSuccess, isDeriveNearKeypairAndEncryptSuccess, isExtractCosePublicKeySuccess, isRecoverKeypairFromPasskeySuccess, isRegisterDevice2WithDerivedKeySuccess, isSignAddKeyThresholdPublicKeyNoPromptSuccess, isSignDelegateActionSuccess, isSignNep413MessageSuccess, isSignTransactionsWithActionsSuccess, isWorkerError, isWorkerProgress, isWorkerSuccess, mergeSignerMode } from "./getDeviceNumber-f8bfPB9U.js";
|
|
4
|
+
import { __isWalletIframeHostMode } from "./host-mode-CgqmYAwZ.js";
|
|
5
5
|
|
|
6
6
|
//#region ../node_modules/.pnpm/idb@8.0.3/node_modules/idb/build/index.js
|
|
7
7
|
const instanceOfAny = (object, constructors) => constructors.some((c) => object instanceof c);
|
|
@@ -217,383 +217,6 @@ replaceTraps((oldTraps) => ({
|
|
|
217
217
|
}
|
|
218
218
|
}));
|
|
219
219
|
|
|
220
|
-
//#endregion
|
|
221
|
-
//#region src/wasm_signer_worker/pkg/wasm_signer_worker.js
|
|
222
|
-
let wasm;
|
|
223
|
-
const cachedTextEncoder = typeof TextEncoder !== "undefined" ? new TextEncoder("utf-8") : { encode: () => {
|
|
224
|
-
throw Error("TextEncoder not available");
|
|
225
|
-
} };
|
|
226
|
-
const encodeString = typeof cachedTextEncoder.encodeInto === "function" ? function(arg, view) {
|
|
227
|
-
return cachedTextEncoder.encodeInto(arg, view);
|
|
228
|
-
} : function(arg, view) {
|
|
229
|
-
const buf = cachedTextEncoder.encode(arg);
|
|
230
|
-
view.set(buf);
|
|
231
|
-
return {
|
|
232
|
-
read: arg.length,
|
|
233
|
-
written: buf.length
|
|
234
|
-
};
|
|
235
|
-
};
|
|
236
|
-
const cachedTextDecoder = typeof TextDecoder !== "undefined" ? new TextDecoder("utf-8", {
|
|
237
|
-
ignoreBOM: true,
|
|
238
|
-
fatal: true
|
|
239
|
-
}) : { decode: () => {
|
|
240
|
-
throw Error("TextDecoder not available");
|
|
241
|
-
} };
|
|
242
|
-
if (typeof TextDecoder !== "undefined") cachedTextDecoder.decode();
|
|
243
|
-
const CLOSURE_DTORS = typeof FinalizationRegistry === "undefined" ? {
|
|
244
|
-
register: () => {},
|
|
245
|
-
unregister: () => {}
|
|
246
|
-
} : new FinalizationRegistry((state) => {
|
|
247
|
-
wasm.__wbindgen_export_5.get(state.dtor)(state.a, state.b);
|
|
248
|
-
});
|
|
249
|
-
/**
|
|
250
|
-
* Behavior mode for confirmation flow
|
|
251
|
-
* @enum {0 | 1}
|
|
252
|
-
*/
|
|
253
|
-
const ConfirmationBehavior = Object.freeze({
|
|
254
|
-
RequireClick: 0,
|
|
255
|
-
"0": "RequireClick",
|
|
256
|
-
AutoProceed: 1,
|
|
257
|
-
"1": "AutoProceed"
|
|
258
|
-
});
|
|
259
|
-
/**
|
|
260
|
-
* UI mode for confirmation display
|
|
261
|
-
* @enum {0 | 1 | 2}
|
|
262
|
-
*/
|
|
263
|
-
const ConfirmationUIMode = Object.freeze({
|
|
264
|
-
Skip: 0,
|
|
265
|
-
"0": "Skip",
|
|
266
|
-
Modal: 1,
|
|
267
|
-
"1": "Modal",
|
|
268
|
-
Drawer: 2,
|
|
269
|
-
"2": "Drawer"
|
|
270
|
-
});
|
|
271
|
-
/**
|
|
272
|
-
* Progress message types that can be sent during WASM operations.
|
|
273
|
-
* Values MUST align with the progress variants of WorkerResponseType in
|
|
274
|
-
* `worker_messages.rs` so that TypeScript can treat them as progress
|
|
275
|
-
* responses (not success/failure) based on the shared numeric codes.
|
|
276
|
-
* @enum {18 | 19 | 20 | 21}
|
|
277
|
-
*/
|
|
278
|
-
const ProgressMessageType = Object.freeze({
|
|
279
|
-
RegistrationProgress: 18,
|
|
280
|
-
"18": "RegistrationProgress",
|
|
281
|
-
RegistrationComplete: 19,
|
|
282
|
-
"19": "RegistrationComplete",
|
|
283
|
-
ExecuteActionsProgress: 20,
|
|
284
|
-
"20": "ExecuteActionsProgress",
|
|
285
|
-
ExecuteActionsComplete: 21,
|
|
286
|
-
"21": "ExecuteActionsComplete"
|
|
287
|
-
});
|
|
288
|
-
/**
|
|
289
|
-
* Progress step identifiers for different phases of operations
|
|
290
|
-
* Values start at 100 to avoid conflicts with WorkerResponseType enum
|
|
291
|
-
* @enum {100 | 101 | 102 | 103 | 104 | 105 | 106}
|
|
292
|
-
*/
|
|
293
|
-
const ProgressStep = Object.freeze({
|
|
294
|
-
Preparation: 100,
|
|
295
|
-
"100": "Preparation",
|
|
296
|
-
UserConfirmation: 101,
|
|
297
|
-
"101": "UserConfirmation",
|
|
298
|
-
WebauthnAuthentication: 102,
|
|
299
|
-
"102": "WebauthnAuthentication",
|
|
300
|
-
AuthenticationComplete: 103,
|
|
301
|
-
"103": "AuthenticationComplete",
|
|
302
|
-
TransactionSigningProgress: 104,
|
|
303
|
-
"104": "TransactionSigningProgress",
|
|
304
|
-
TransactionSigningComplete: 105,
|
|
305
|
-
"105": "TransactionSigningComplete",
|
|
306
|
-
Error: 106,
|
|
307
|
-
"106": "Error"
|
|
308
|
-
});
|
|
309
|
-
/**
|
|
310
|
-
* User verification policy for WebAuthn authenticators
|
|
311
|
-
* @enum {0 | 1 | 2}
|
|
312
|
-
*/
|
|
313
|
-
const UserVerificationPolicy$1 = Object.freeze({
|
|
314
|
-
Required: 0,
|
|
315
|
-
"0": "Required",
|
|
316
|
-
Preferred: 1,
|
|
317
|
-
"1": "Preferred",
|
|
318
|
-
Discouraged: 2,
|
|
319
|
-
"2": "Discouraged"
|
|
320
|
-
});
|
|
321
|
-
/**
|
|
322
|
-
* @enum {0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8}
|
|
323
|
-
*/
|
|
324
|
-
const WorkerRequestType = Object.freeze({
|
|
325
|
-
DeriveNearKeypairAndEncrypt: 0,
|
|
326
|
-
"0": "DeriveNearKeypairAndEncrypt",
|
|
327
|
-
RecoverKeypairFromPasskey: 1,
|
|
328
|
-
"1": "RecoverKeypairFromPasskey",
|
|
329
|
-
DecryptPrivateKeyWithPrf: 2,
|
|
330
|
-
"2": "DecryptPrivateKeyWithPrf",
|
|
331
|
-
SignTransactionsWithActions: 3,
|
|
332
|
-
"3": "SignTransactionsWithActions",
|
|
333
|
-
ExtractCosePublicKey: 4,
|
|
334
|
-
"4": "ExtractCosePublicKey",
|
|
335
|
-
SignTransactionWithKeyPair: 5,
|
|
336
|
-
"5": "SignTransactionWithKeyPair",
|
|
337
|
-
SignNep413Message: 6,
|
|
338
|
-
"6": "SignNep413Message",
|
|
339
|
-
RegisterDevice2WithDerivedKey: 7,
|
|
340
|
-
"7": "RegisterDevice2WithDerivedKey",
|
|
341
|
-
SignDelegateAction: 8,
|
|
342
|
-
"8": "SignDelegateAction"
|
|
343
|
-
});
|
|
344
|
-
/**
|
|
345
|
-
* Worker response types enum - corresponds to TypeScript WorkerResponseType
|
|
346
|
-
* @enum {0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21}
|
|
347
|
-
*/
|
|
348
|
-
const WorkerResponseType = Object.freeze({
|
|
349
|
-
DeriveNearKeypairAndEncryptSuccess: 0,
|
|
350
|
-
"0": "DeriveNearKeypairAndEncryptSuccess",
|
|
351
|
-
RecoverKeypairFromPasskeySuccess: 1,
|
|
352
|
-
"1": "RecoverKeypairFromPasskeySuccess",
|
|
353
|
-
DecryptPrivateKeyWithPrfSuccess: 2,
|
|
354
|
-
"2": "DecryptPrivateKeyWithPrfSuccess",
|
|
355
|
-
SignTransactionsWithActionsSuccess: 3,
|
|
356
|
-
"3": "SignTransactionsWithActionsSuccess",
|
|
357
|
-
ExtractCosePublicKeySuccess: 4,
|
|
358
|
-
"4": "ExtractCosePublicKeySuccess",
|
|
359
|
-
SignTransactionWithKeyPairSuccess: 5,
|
|
360
|
-
"5": "SignTransactionWithKeyPairSuccess",
|
|
361
|
-
SignNep413MessageSuccess: 6,
|
|
362
|
-
"6": "SignNep413MessageSuccess",
|
|
363
|
-
RegisterDevice2WithDerivedKeySuccess: 7,
|
|
364
|
-
"7": "RegisterDevice2WithDerivedKeySuccess",
|
|
365
|
-
SignDelegateActionSuccess: 8,
|
|
366
|
-
"8": "SignDelegateActionSuccess",
|
|
367
|
-
DeriveNearKeypairAndEncryptFailure: 9,
|
|
368
|
-
"9": "DeriveNearKeypairAndEncryptFailure",
|
|
369
|
-
RecoverKeypairFromPasskeyFailure: 10,
|
|
370
|
-
"10": "RecoverKeypairFromPasskeyFailure",
|
|
371
|
-
DecryptPrivateKeyWithPrfFailure: 11,
|
|
372
|
-
"11": "DecryptPrivateKeyWithPrfFailure",
|
|
373
|
-
SignTransactionsWithActionsFailure: 12,
|
|
374
|
-
"12": "SignTransactionsWithActionsFailure",
|
|
375
|
-
ExtractCosePublicKeyFailure: 13,
|
|
376
|
-
"13": "ExtractCosePublicKeyFailure",
|
|
377
|
-
SignTransactionWithKeyPairFailure: 14,
|
|
378
|
-
"14": "SignTransactionWithKeyPairFailure",
|
|
379
|
-
SignNep413MessageFailure: 15,
|
|
380
|
-
"15": "SignNep413MessageFailure",
|
|
381
|
-
RegisterDevice2WithDerivedKeyFailure: 16,
|
|
382
|
-
"16": "RegisterDevice2WithDerivedKeyFailure",
|
|
383
|
-
SignDelegateActionFailure: 17,
|
|
384
|
-
"17": "SignDelegateActionFailure",
|
|
385
|
-
RegistrationProgress: 18,
|
|
386
|
-
"18": "RegistrationProgress",
|
|
387
|
-
RegistrationComplete: 19,
|
|
388
|
-
"19": "RegistrationComplete",
|
|
389
|
-
ExecuteActionsProgress: 20,
|
|
390
|
-
"20": "ExecuteActionsProgress",
|
|
391
|
-
ExecuteActionsComplete: 21,
|
|
392
|
-
"21": "ExecuteActionsComplete"
|
|
393
|
-
});
|
|
394
|
-
const AuthenticationResponseFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
395
|
-
register: () => {},
|
|
396
|
-
unregister: () => {}
|
|
397
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_authenticationresponse_free(ptr >>> 0, 1));
|
|
398
|
-
const AuthenticatorOptionsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
399
|
-
register: () => {},
|
|
400
|
-
unregister: () => {}
|
|
401
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_authenticatoroptions_free(ptr >>> 0, 1));
|
|
402
|
-
const ClientExtensionResultsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
403
|
-
register: () => {},
|
|
404
|
-
unregister: () => {}
|
|
405
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_clientextensionresults_free(ptr >>> 0, 1));
|
|
406
|
-
const ConfirmationConfigFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
407
|
-
register: () => {},
|
|
408
|
-
unregister: () => {}
|
|
409
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_confirmationconfig_free(ptr >>> 0, 1));
|
|
410
|
-
const CoseExtractionResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
411
|
-
register: () => {},
|
|
412
|
-
unregister: () => {}
|
|
413
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_coseextractionresult_free(ptr >>> 0, 1));
|
|
414
|
-
const DecryptPrivateKeyRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
415
|
-
register: () => {},
|
|
416
|
-
unregister: () => {}
|
|
417
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptprivatekeyrequest_free(ptr >>> 0, 1));
|
|
418
|
-
const DecryptPrivateKeyResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
419
|
-
register: () => {},
|
|
420
|
-
unregister: () => {}
|
|
421
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptprivatekeyresult_free(ptr >>> 0, 1));
|
|
422
|
-
const DecryptionPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
423
|
-
register: () => {},
|
|
424
|
-
unregister: () => {}
|
|
425
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptionpayload_free(ptr >>> 0, 1));
|
|
426
|
-
const DelegateSignResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
427
|
-
register: () => {},
|
|
428
|
-
unregister: () => {}
|
|
429
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_delegatesignresult_free(ptr >>> 0, 1));
|
|
430
|
-
const DeriveNearKeypairAndEncryptRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
431
|
-
register: () => {},
|
|
432
|
-
unregister: () => {}
|
|
433
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_derivenearkeypairandencryptrequest_free(ptr >>> 0, 1));
|
|
434
|
-
const DeriveNearKeypairAndEncryptResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
435
|
-
register: () => {},
|
|
436
|
-
unregister: () => {}
|
|
437
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_derivenearkeypairandencryptresult_free(ptr >>> 0, 1));
|
|
438
|
-
const Device2TransactionContextFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
439
|
-
register: () => {},
|
|
440
|
-
unregister: () => {}
|
|
441
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_device2transactioncontext_free(ptr >>> 0, 1));
|
|
442
|
-
const ExtractCoseRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
443
|
-
register: () => {},
|
|
444
|
-
unregister: () => {}
|
|
445
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_extractcoserequest_free(ptr >>> 0, 1));
|
|
446
|
-
const KeyActionResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
447
|
-
register: () => {},
|
|
448
|
-
unregister: () => {}
|
|
449
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_keyactionresult_free(ptr >>> 0, 1));
|
|
450
|
-
const OriginPolicyInputFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
451
|
-
register: () => {},
|
|
452
|
-
unregister: () => {}
|
|
453
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_originpolicyinput_free(ptr >>> 0, 1));
|
|
454
|
-
const PrfOutputsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
455
|
-
register: () => {},
|
|
456
|
-
unregister: () => {}
|
|
457
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_prfoutputs_free(ptr >>> 0, 1));
|
|
458
|
-
const PrfResultsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
459
|
-
register: () => {},
|
|
460
|
-
unregister: () => {}
|
|
461
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_prfresults_free(ptr >>> 0, 1));
|
|
462
|
-
const RecoverKeypairRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
463
|
-
register: () => {},
|
|
464
|
-
unregister: () => {}
|
|
465
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_recoverkeypairrequest_free(ptr >>> 0, 1));
|
|
466
|
-
const RecoverKeypairResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
467
|
-
register: () => {},
|
|
468
|
-
unregister: () => {}
|
|
469
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_recoverkeypairresult_free(ptr >>> 0, 1));
|
|
470
|
-
const RegisterDevice2WithDerivedKeyRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
471
|
-
register: () => {},
|
|
472
|
-
unregister: () => {}
|
|
473
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registerdevice2withderivedkeyrequest_free(ptr >>> 0, 1));
|
|
474
|
-
const RegisterDevice2WithDerivedKeyResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
475
|
-
register: () => {},
|
|
476
|
-
unregister: () => {}
|
|
477
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registerdevice2withderivedkeyresult_free(ptr >>> 0, 1));
|
|
478
|
-
const RegistrationPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
479
|
-
register: () => {},
|
|
480
|
-
unregister: () => {}
|
|
481
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registrationpayload_free(ptr >>> 0, 1));
|
|
482
|
-
const RegistrationResponseFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
483
|
-
register: () => {},
|
|
484
|
-
unregister: () => {}
|
|
485
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registrationresponse_free(ptr >>> 0, 1));
|
|
486
|
-
const RpcCallPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
487
|
-
register: () => {},
|
|
488
|
-
unregister: () => {}
|
|
489
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_rpccallpayload_free(ptr >>> 0, 1));
|
|
490
|
-
const SerializedCredentialFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
491
|
-
register: () => {},
|
|
492
|
-
unregister: () => {}
|
|
493
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_serializedcredential_free(ptr >>> 0, 1));
|
|
494
|
-
const SerializedRegistrationCredentialFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
495
|
-
register: () => {},
|
|
496
|
-
unregister: () => {}
|
|
497
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_serializedregistrationcredential_free(ptr >>> 0, 1));
|
|
498
|
-
const SignNep413RequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
499
|
-
register: () => {},
|
|
500
|
-
unregister: () => {}
|
|
501
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_signnep413request_free(ptr >>> 0, 1));
|
|
502
|
-
const SignNep413ResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
503
|
-
register: () => {},
|
|
504
|
-
unregister: () => {}
|
|
505
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_signnep413result_free(ptr >>> 0, 1));
|
|
506
|
-
const TransactionContextFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
507
|
-
register: () => {},
|
|
508
|
-
unregister: () => {}
|
|
509
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_transactioncontext_free(ptr >>> 0, 1));
|
|
510
|
-
const TransactionSignResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
511
|
-
register: () => {},
|
|
512
|
-
unregister: () => {}
|
|
513
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_transactionsignresult_free(ptr >>> 0, 1));
|
|
514
|
-
const VrfChallengeFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
515
|
-
register: () => {},
|
|
516
|
-
unregister: () => {}
|
|
517
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_vrfchallenge_free(ptr >>> 0, 1));
|
|
518
|
-
const WasmDelegateActionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
519
|
-
register: () => {},
|
|
520
|
-
unregister: () => {}
|
|
521
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmdelegateaction_free(ptr >>> 0, 1));
|
|
522
|
-
const WasmPublicKeyFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
523
|
-
register: () => {},
|
|
524
|
-
unregister: () => {}
|
|
525
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmpublickey_free(ptr >>> 0, 1));
|
|
526
|
-
const WasmSignatureFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
527
|
-
register: () => {},
|
|
528
|
-
unregister: () => {}
|
|
529
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsignature_free(ptr >>> 0, 1));
|
|
530
|
-
const WasmSignedDelegateFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
531
|
-
register: () => {},
|
|
532
|
-
unregister: () => {}
|
|
533
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsigneddelegate_free(ptr >>> 0, 1));
|
|
534
|
-
const WasmSignedTransactionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
535
|
-
register: () => {},
|
|
536
|
-
unregister: () => {}
|
|
537
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsignedtransaction_free(ptr >>> 0, 1));
|
|
538
|
-
const WasmTransactionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
539
|
-
register: () => {},
|
|
540
|
-
unregister: () => {}
|
|
541
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmtransaction_free(ptr >>> 0, 1));
|
|
542
|
-
const WebAuthnAuthenticationCredentialStructFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
543
|
-
register: () => {},
|
|
544
|
-
unregister: () => {}
|
|
545
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_webauthnauthenticationcredentialstruct_free(ptr >>> 0, 1));
|
|
546
|
-
const WebAuthnRegistrationCredentialStructFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
547
|
-
register: () => {},
|
|
548
|
-
unregister: () => {}
|
|
549
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_webauthnregistrationcredentialstruct_free(ptr >>> 0, 1));
|
|
550
|
-
const WorkerProgressMessageFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
551
|
-
register: () => {},
|
|
552
|
-
unregister: () => {}
|
|
553
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_workerprogressmessage_free(ptr >>> 0, 1));
|
|
554
|
-
|
|
555
|
-
//#endregion
|
|
556
|
-
//#region src/core/types/signer-worker.ts
|
|
557
|
-
const DEFAULT_CONFIRMATION_CONFIG = {
|
|
558
|
-
uiMode: "modal",
|
|
559
|
-
behavior: "requireClick",
|
|
560
|
-
autoProceedDelay: 0,
|
|
561
|
-
theme: "dark"
|
|
562
|
-
};
|
|
563
|
-
function isWorkerProgress(response) {
|
|
564
|
-
return response.type === WorkerResponseType.RegistrationProgress || response.type === WorkerResponseType.RegistrationComplete || response.type === WorkerResponseType.ExecuteActionsProgress || response.type === WorkerResponseType.ExecuteActionsComplete;
|
|
565
|
-
}
|
|
566
|
-
function isWorkerSuccess(response) {
|
|
567
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptSuccess || response.type === WorkerResponseType.RecoverKeypairFromPasskeySuccess || response.type === WorkerResponseType.DecryptPrivateKeyWithPrfSuccess || response.type === WorkerResponseType.SignTransactionsWithActionsSuccess || response.type === WorkerResponseType.SignDelegateActionSuccess || response.type === WorkerResponseType.ExtractCosePublicKeySuccess || response.type === WorkerResponseType.SignTransactionWithKeyPairSuccess || response.type === WorkerResponseType.SignNep413MessageSuccess || response.type === WorkerResponseType.RegisterDevice2WithDerivedKeySuccess;
|
|
568
|
-
}
|
|
569
|
-
function isWorkerError(response) {
|
|
570
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptFailure || response.type === WorkerResponseType.RecoverKeypairFromPasskeyFailure || response.type === WorkerResponseType.DecryptPrivateKeyWithPrfFailure || response.type === WorkerResponseType.SignTransactionsWithActionsFailure || response.type === WorkerResponseType.SignDelegateActionFailure || response.type === WorkerResponseType.ExtractCosePublicKeyFailure || response.type === WorkerResponseType.SignTransactionWithKeyPairFailure || response.type === WorkerResponseType.SignNep413MessageFailure || response.type === WorkerResponseType.RegisterDevice2WithDerivedKeyFailure;
|
|
571
|
-
}
|
|
572
|
-
function isDeriveNearKeypairAndEncryptSuccess(response) {
|
|
573
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptSuccess;
|
|
574
|
-
}
|
|
575
|
-
function isRecoverKeypairFromPasskeySuccess(response) {
|
|
576
|
-
return response.type === WorkerResponseType.RecoverKeypairFromPasskeySuccess;
|
|
577
|
-
}
|
|
578
|
-
function isSignTransactionsWithActionsSuccess(response) {
|
|
579
|
-
return response.type === WorkerResponseType.SignTransactionsWithActionsSuccess;
|
|
580
|
-
}
|
|
581
|
-
function isSignDelegateActionSuccess(response) {
|
|
582
|
-
return response.type === WorkerResponseType.SignDelegateActionSuccess;
|
|
583
|
-
}
|
|
584
|
-
function isDecryptPrivateKeyWithPrfSuccess(response) {
|
|
585
|
-
return response.type === WorkerResponseType.DecryptPrivateKeyWithPrfSuccess;
|
|
586
|
-
}
|
|
587
|
-
function isExtractCosePublicKeySuccess(response) {
|
|
588
|
-
return response.type === WorkerResponseType.ExtractCosePublicKeySuccess;
|
|
589
|
-
}
|
|
590
|
-
function isSignNep413MessageSuccess(response) {
|
|
591
|
-
return response.type === WorkerResponseType.SignNep413MessageSuccess;
|
|
592
|
-
}
|
|
593
|
-
function isRegisterDevice2WithDerivedKeySuccess(response) {
|
|
594
|
-
return response.type === WorkerResponseType.RegisterDevice2WithDerivedKeySuccess;
|
|
595
|
-
}
|
|
596
|
-
|
|
597
220
|
//#endregion
|
|
598
221
|
//#region src/core/IndexedDBManager/passkeyClientDB.ts
|
|
599
222
|
const DB_CONFIG$1 = {
|
|
@@ -1142,6 +765,21 @@ var PasskeyClientDBManager = class {
|
|
|
1142
765
|
return theme || "dark";
|
|
1143
766
|
}
|
|
1144
767
|
/**
|
|
768
|
+
* Get user's signer mode preference from IndexedDB
|
|
769
|
+
*/
|
|
770
|
+
async getSignerMode(nearAccountId) {
|
|
771
|
+
const user = await this.getUser(nearAccountId);
|
|
772
|
+
const raw = user?.preferences?.signerMode;
|
|
773
|
+
return coerceSignerMode(raw, DEFAULT_SIGNING_MODE);
|
|
774
|
+
}
|
|
775
|
+
/**
|
|
776
|
+
* Set user's signer mode preference in IndexedDB
|
|
777
|
+
*/
|
|
778
|
+
async setSignerMode(nearAccountId, signerMode) {
|
|
779
|
+
const next = coerceSignerMode(signerMode, DEFAULT_SIGNING_MODE);
|
|
780
|
+
await this.updatePreferences(nearAccountId, { signerMode: next });
|
|
781
|
+
}
|
|
782
|
+
/**
|
|
1145
783
|
* Toggle between dark and light theme for a user
|
|
1146
784
|
* @param nearAccountId - The user's account ID
|
|
1147
785
|
* @returns The new theme that was set
|
|
@@ -1257,253 +895,6 @@ var PasskeyClientDBManager = class {
|
|
|
1257
895
|
}
|
|
1258
896
|
};
|
|
1259
897
|
|
|
1260
|
-
//#endregion
|
|
1261
|
-
//#region src/core/IndexedDBManager/passkeyNearKeysDB.ts
|
|
1262
|
-
const DB_CONFIG = {
|
|
1263
|
-
dbName: "PasskeyNearKeys",
|
|
1264
|
-
dbVersion: 2,
|
|
1265
|
-
storeName: "encryptedKeys",
|
|
1266
|
-
keyPath: ["nearAccountId", "deviceNumber"]
|
|
1267
|
-
};
|
|
1268
|
-
var PasskeyNearKeysDBManager = class {
|
|
1269
|
-
config;
|
|
1270
|
-
db = null;
|
|
1271
|
-
disabled = false;
|
|
1272
|
-
constructor(config = DB_CONFIG) {
|
|
1273
|
-
this.config = config;
|
|
1274
|
-
}
|
|
1275
|
-
getDbName() {
|
|
1276
|
-
return this.config.dbName;
|
|
1277
|
-
}
|
|
1278
|
-
setDbName(dbName) {
|
|
1279
|
-
const next = String(dbName || "").trim();
|
|
1280
|
-
if (!next || next === this.config.dbName) return;
|
|
1281
|
-
try {
|
|
1282
|
-
this.db?.close?.();
|
|
1283
|
-
} catch {}
|
|
1284
|
-
this.db = null;
|
|
1285
|
-
this.config = {
|
|
1286
|
-
...this.config,
|
|
1287
|
-
dbName: next
|
|
1288
|
-
};
|
|
1289
|
-
}
|
|
1290
|
-
isDisabled() {
|
|
1291
|
-
return this.disabled;
|
|
1292
|
-
}
|
|
1293
|
-
setDisabled(disabled) {
|
|
1294
|
-
const next = !!disabled;
|
|
1295
|
-
if (next === this.disabled) return;
|
|
1296
|
-
this.disabled = next;
|
|
1297
|
-
if (next) {
|
|
1298
|
-
try {
|
|
1299
|
-
this.db?.close?.();
|
|
1300
|
-
} catch {}
|
|
1301
|
-
this.db = null;
|
|
1302
|
-
}
|
|
1303
|
-
}
|
|
1304
|
-
/**
|
|
1305
|
-
* Get database connection, initializing if necessary
|
|
1306
|
-
*/
|
|
1307
|
-
async getDB() {
|
|
1308
|
-
if (this.disabled) throw new Error("[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.");
|
|
1309
|
-
if (this.db) return this.db;
|
|
1310
|
-
this.db = await openDB(this.config.dbName, this.config.dbVersion, {
|
|
1311
|
-
upgrade(db) {
|
|
1312
|
-
try {
|
|
1313
|
-
if (db.objectStoreNames.contains(DB_CONFIG.storeName)) db.deleteObjectStore(DB_CONFIG.storeName);
|
|
1314
|
-
} catch {}
|
|
1315
|
-
const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });
|
|
1316
|
-
try {
|
|
1317
|
-
store.createIndex("nearAccountId", "nearAccountId", { unique: false });
|
|
1318
|
-
} catch {}
|
|
1319
|
-
},
|
|
1320
|
-
blocked() {
|
|
1321
|
-
console.warn("PasskeyNearKeysDB connection is blocked.");
|
|
1322
|
-
},
|
|
1323
|
-
blocking() {
|
|
1324
|
-
console.warn("PasskeyNearKeysDB connection is blocking another connection.");
|
|
1325
|
-
},
|
|
1326
|
-
terminated: () => {
|
|
1327
|
-
console.warn("PasskeyNearKeysDB connection has been terminated.");
|
|
1328
|
-
this.db = null;
|
|
1329
|
-
}
|
|
1330
|
-
});
|
|
1331
|
-
return this.db;
|
|
1332
|
-
}
|
|
1333
|
-
/**
|
|
1334
|
-
* Store encrypted key data
|
|
1335
|
-
*/
|
|
1336
|
-
async storeEncryptedKey(data) {
|
|
1337
|
-
const db = await this.getDB();
|
|
1338
|
-
if (!data.chacha20NonceB64u) throw new Error("PasskeyNearKeysDB: Missing chacha20NonceB64u");
|
|
1339
|
-
await db.put(this.config.storeName, data);
|
|
1340
|
-
}
|
|
1341
|
-
/**
|
|
1342
|
-
* Retrieve encrypted key data
|
|
1343
|
-
*/
|
|
1344
|
-
async getEncryptedKey(nearAccountId, deviceNumber) {
|
|
1345
|
-
const db = await this.getDB();
|
|
1346
|
-
const sanitize = (rec) => {
|
|
1347
|
-
if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
|
|
1348
|
-
return {
|
|
1349
|
-
nearAccountId: rec.nearAccountId,
|
|
1350
|
-
deviceNumber: rec.deviceNumber,
|
|
1351
|
-
encryptedData: rec.encryptedData,
|
|
1352
|
-
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1353
|
-
wrapKeySalt: rec.wrapKeySalt,
|
|
1354
|
-
version: rec.version,
|
|
1355
|
-
timestamp: rec.timestamp
|
|
1356
|
-
};
|
|
1357
|
-
};
|
|
1358
|
-
if (typeof deviceNumber === "number") {
|
|
1359
|
-
const res = await db.get(this.config.storeName, [nearAccountId, deviceNumber]);
|
|
1360
|
-
const direct = sanitize(res);
|
|
1361
|
-
if (direct) return direct;
|
|
1362
|
-
if (nearAccountId !== "_init_check") console.warn("PasskeyNearKeysDB: getEncryptedKey - No result for device", deviceNumber, "→ falling back to any key for account");
|
|
1363
|
-
try {
|
|
1364
|
-
const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
|
|
1365
|
-
const all = await idx.getAll(nearAccountId);
|
|
1366
|
-
if (Array.isArray(all) && all.length > 0) {
|
|
1367
|
-
const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
|
|
1368
|
-
return sanitize(latest);
|
|
1369
|
-
}
|
|
1370
|
-
} catch {}
|
|
1371
|
-
return null;
|
|
1372
|
-
}
|
|
1373
|
-
try {
|
|
1374
|
-
const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
|
|
1375
|
-
const all = await idx.getAll(nearAccountId);
|
|
1376
|
-
if (Array.isArray(all) && all.length > 0) {
|
|
1377
|
-
const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
|
|
1378
|
-
return sanitize(latest);
|
|
1379
|
-
}
|
|
1380
|
-
} catch {}
|
|
1381
|
-
return null;
|
|
1382
|
-
}
|
|
1383
|
-
/**
|
|
1384
|
-
* Verify key storage by attempting retrieval
|
|
1385
|
-
*/
|
|
1386
|
-
async verifyKeyStorage(nearAccountId, deviceNumber) {
|
|
1387
|
-
const retrievedKey = await this.getEncryptedKey(nearAccountId, deviceNumber);
|
|
1388
|
-
return !!retrievedKey;
|
|
1389
|
-
}
|
|
1390
|
-
/**
|
|
1391
|
-
* Delete encrypted key data for a specific account
|
|
1392
|
-
*/
|
|
1393
|
-
async deleteEncryptedKey(nearAccountId, deviceNumber) {
|
|
1394
|
-
const db = await this.getDB();
|
|
1395
|
-
if (typeof deviceNumber === "number") await db.delete(this.config.storeName, [nearAccountId, deviceNumber]);
|
|
1396
|
-
else {
|
|
1397
|
-
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1398
|
-
const idx = tx.store.index("nearAccountId");
|
|
1399
|
-
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1400
|
-
while (cursor) {
|
|
1401
|
-
await tx.store.delete(cursor.primaryKey);
|
|
1402
|
-
cursor = await cursor.continue();
|
|
1403
|
-
}
|
|
1404
|
-
await tx.done;
|
|
1405
|
-
}
|
|
1406
|
-
console.debug("PasskeyNearKeysDB: deleteEncryptedKey - Successfully deleted");
|
|
1407
|
-
}
|
|
1408
|
-
/**
|
|
1409
|
-
* Get all encrypted keys (for migration or debugging purposes)
|
|
1410
|
-
*/
|
|
1411
|
-
async getAllEncryptedKeys() {
|
|
1412
|
-
const db = await this.getDB();
|
|
1413
|
-
const all = await db.getAll(this.config.storeName);
|
|
1414
|
-
return all.map((rec) => {
|
|
1415
|
-
if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
|
|
1416
|
-
return {
|
|
1417
|
-
nearAccountId: rec.nearAccountId,
|
|
1418
|
-
deviceNumber: rec.deviceNumber,
|
|
1419
|
-
encryptedData: rec.encryptedData,
|
|
1420
|
-
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1421
|
-
wrapKeySalt: rec.wrapKeySalt,
|
|
1422
|
-
version: rec.version,
|
|
1423
|
-
timestamp: rec.timestamp
|
|
1424
|
-
};
|
|
1425
|
-
}).filter((rec) => rec !== null);
|
|
1426
|
-
}
|
|
1427
|
-
/**
|
|
1428
|
-
* Check if a key exists for the given account
|
|
1429
|
-
*/
|
|
1430
|
-
async hasEncryptedKey(nearAccountId, deviceNumber) {
|
|
1431
|
-
const keyData = await this.getEncryptedKey(nearAccountId, deviceNumber);
|
|
1432
|
-
return !!keyData;
|
|
1433
|
-
}
|
|
1434
|
-
};
|
|
1435
|
-
|
|
1436
|
-
//#endregion
|
|
1437
|
-
//#region src/core/IndexedDBManager/index.ts
|
|
1438
|
-
const passkeyClientDB = new PasskeyClientDBManager();
|
|
1439
|
-
const passkeyNearKeysDB = new PasskeyNearKeysDBManager();
|
|
1440
|
-
/**
|
|
1441
|
-
* Unified IndexedDB interface providing access to both databases
|
|
1442
|
-
* This allows centralized access while maintaining separation of concerns
|
|
1443
|
-
*/
|
|
1444
|
-
var UnifiedIndexedDBManager = class {
|
|
1445
|
-
clientDB;
|
|
1446
|
-
nearKeysDB;
|
|
1447
|
-
_initialized = false;
|
|
1448
|
-
constructor() {
|
|
1449
|
-
this.clientDB = passkeyClientDB;
|
|
1450
|
-
this.nearKeysDB = passkeyNearKeysDB;
|
|
1451
|
-
}
|
|
1452
|
-
/**
|
|
1453
|
-
* Initialize both databases proactively
|
|
1454
|
-
* This ensures both databases are created and ready for use
|
|
1455
|
-
*/
|
|
1456
|
-
async initialize() {
|
|
1457
|
-
if (this._initialized) return;
|
|
1458
|
-
try {
|
|
1459
|
-
if (this.clientDB.isDisabled() || this.nearKeysDB.isDisabled()) {
|
|
1460
|
-
this._initialized = true;
|
|
1461
|
-
return;
|
|
1462
|
-
}
|
|
1463
|
-
await Promise.all([this.clientDB.getAppState("_init_check"), this.nearKeysDB.hasEncryptedKey("_init_check", 1)]);
|
|
1464
|
-
this._initialized = true;
|
|
1465
|
-
} catch (error) {
|
|
1466
|
-
console.warn("Failed to initialize IndexedDB databases:", error);
|
|
1467
|
-
}
|
|
1468
|
-
}
|
|
1469
|
-
/**
|
|
1470
|
-
* Check if databases have been initialized
|
|
1471
|
-
*/
|
|
1472
|
-
get isInitialized() {
|
|
1473
|
-
return this._initialized;
|
|
1474
|
-
}
|
|
1475
|
-
/**
|
|
1476
|
-
* Get user data and check if they have encrypted NEAR keys
|
|
1477
|
-
*/
|
|
1478
|
-
async getUserWithKeys(nearAccountId) {
|
|
1479
|
-
const last = await this.clientDB.getLastUser();
|
|
1480
|
-
const userData = last && last.nearAccountId === nearAccountId ? last : await this.clientDB.getUserByDevice(nearAccountId, 1);
|
|
1481
|
-
const deviceNumber = last && last.nearAccountId === nearAccountId ? last.deviceNumber : userData?.deviceNumber;
|
|
1482
|
-
const [hasKeys, keyData] = await Promise.all([this.nearKeysDB.hasEncryptedKey(nearAccountId, deviceNumber), this.nearKeysDB.getEncryptedKey(nearAccountId, deviceNumber)]);
|
|
1483
|
-
return {
|
|
1484
|
-
userData,
|
|
1485
|
-
hasKeys,
|
|
1486
|
-
keyData: hasKeys ? keyData : void 0
|
|
1487
|
-
};
|
|
1488
|
-
}
|
|
1489
|
-
async setDerivedAddress(nearAccountId, args) {
|
|
1490
|
-
return this.clientDB.setDerivedAddress(nearAccountId, args);
|
|
1491
|
-
}
|
|
1492
|
-
async getDerivedAddressRecord(nearAccountId, args) {
|
|
1493
|
-
return this.clientDB.getDerivedAddressRecord(nearAccountId, args);
|
|
1494
|
-
}
|
|
1495
|
-
async getDerivedAddress(nearAccountId, args) {
|
|
1496
|
-
return this.clientDB.getDerivedAddress(nearAccountId, args);
|
|
1497
|
-
}
|
|
1498
|
-
async upsertRecoveryEmails(nearAccountId, entries) {
|
|
1499
|
-
return this.clientDB.upsertRecoveryEmails(nearAccountId, entries);
|
|
1500
|
-
}
|
|
1501
|
-
async getRecoveryEmails(nearAccountId) {
|
|
1502
|
-
return this.clientDB.getRecoveryEmails(nearAccountId);
|
|
1503
|
-
}
|
|
1504
|
-
};
|
|
1505
|
-
const IndexedDBManager = new UnifiedIndexedDBManager();
|
|
1506
|
-
|
|
1507
898
|
//#endregion
|
|
1508
899
|
//#region ../node_modules/.pnpm/base-x@5.0.1/node_modules/base-x/src/esm/index.js
|
|
1509
900
|
function base(ALPHABET$1) {
|
|
@@ -1667,37 +1058,435 @@ const isIOS = () => {
|
|
|
1667
1058
|
} catch {
|
|
1668
1059
|
return false;
|
|
1669
1060
|
}
|
|
1670
|
-
};
|
|
1671
|
-
/**
|
|
1672
|
-
* Returns true when the page currently has a transient user activation
|
|
1673
|
-
* (click/tap/key within the allowed time window).
|
|
1674
|
-
*/
|
|
1675
|
-
const hasActiveUserActivation = () => {
|
|
1676
|
-
try {
|
|
1677
|
-
const ua = navigator.userActivation;
|
|
1678
|
-
return !!(ua && typeof ua.isActive === "boolean" && ua.isActive);
|
|
1679
|
-
} catch {
|
|
1680
|
-
return false;
|
|
1061
|
+
};
|
|
1062
|
+
/**
|
|
1063
|
+
* Returns true when the page currently has a transient user activation
|
|
1064
|
+
* (click/tap/key within the allowed time window).
|
|
1065
|
+
*/
|
|
1066
|
+
const hasActiveUserActivation = () => {
|
|
1067
|
+
try {
|
|
1068
|
+
const ua = navigator.userActivation;
|
|
1069
|
+
return !!(ua && typeof ua.isActive === "boolean" && ua.isActive);
|
|
1070
|
+
} catch {
|
|
1071
|
+
return false;
|
|
1072
|
+
}
|
|
1073
|
+
};
|
|
1074
|
+
/**
|
|
1075
|
+
* Heuristic: when on Safari/iOS or on a mobile device AND no active user
|
|
1076
|
+
* activation, we should surface a clickable UI to capture activation.
|
|
1077
|
+
*/
|
|
1078
|
+
const needsExplicitActivation = () => {
|
|
1079
|
+
try {
|
|
1080
|
+
if (hasActiveUserActivation()) return false;
|
|
1081
|
+
return isIOS() || isMobileDevice() || isSafari();
|
|
1082
|
+
} catch {
|
|
1083
|
+
return false;
|
|
1084
|
+
}
|
|
1085
|
+
};
|
|
1086
|
+
/**
|
|
1087
|
+
* Check if the current device is likely mobile
|
|
1088
|
+
*/
|
|
1089
|
+
const isMobileDevice = () => {
|
|
1090
|
+
return detectDeviceType() === "mobile";
|
|
1091
|
+
};
|
|
1092
|
+
|
|
1093
|
+
//#endregion
|
|
1094
|
+
//#region src/threshold/participants.ts
|
|
1095
|
+
function normalizeThresholdEd25519ParticipantId(id) {
|
|
1096
|
+
const n = Number(id);
|
|
1097
|
+
if (!Number.isSafeInteger(n) || n < 1 || n > 65535) return null;
|
|
1098
|
+
return n;
|
|
1099
|
+
}
|
|
1100
|
+
function normalizeThresholdEd25519ParticipantIds(input) {
|
|
1101
|
+
if (!Array.isArray(input) || input.length === 0) return null;
|
|
1102
|
+
const out = [];
|
|
1103
|
+
const seen = /* @__PURE__ */ new Set();
|
|
1104
|
+
for (const v of input) {
|
|
1105
|
+
const id = normalizeThresholdEd25519ParticipantId(v);
|
|
1106
|
+
if (!id) return null;
|
|
1107
|
+
if (!seen.has(id)) {
|
|
1108
|
+
seen.add(id);
|
|
1109
|
+
out.push(id);
|
|
1110
|
+
}
|
|
1111
|
+
}
|
|
1112
|
+
out.sort((a, b) => a - b);
|
|
1113
|
+
return out.length ? out : null;
|
|
1114
|
+
}
|
|
1115
|
+
function parseThresholdEd25519ParticipantsV1(input) {
|
|
1116
|
+
if (!Array.isArray(input) || input.length === 0) return null;
|
|
1117
|
+
const out = [];
|
|
1118
|
+
for (const item of input) {
|
|
1119
|
+
if (!item || typeof item !== "object" || Array.isArray(item)) return null;
|
|
1120
|
+
const rec = item;
|
|
1121
|
+
const id = normalizeThresholdEd25519ParticipantId(rec.id);
|
|
1122
|
+
const role = toOptionalTrimmedString(rec.role);
|
|
1123
|
+
if (!id || role !== "client" && role !== "relayer") return null;
|
|
1124
|
+
const participant = {
|
|
1125
|
+
id,
|
|
1126
|
+
role
|
|
1127
|
+
};
|
|
1128
|
+
const relayerUrl = toOptionalTrimmedString(rec.relayerUrl);
|
|
1129
|
+
if (relayerUrl) participant.relayerUrl = relayerUrl;
|
|
1130
|
+
const relayerKeyId = toOptionalTrimmedString(rec.relayerKeyId);
|
|
1131
|
+
if (relayerKeyId) participant.relayerKeyId = relayerKeyId;
|
|
1132
|
+
const verifyingShareB64u = toOptionalTrimmedString(rec.verifyingShareB64u);
|
|
1133
|
+
if (verifyingShareB64u) participant.verifyingShareB64u = verifyingShareB64u;
|
|
1134
|
+
const shareDerivation = toOptionalTrimmedString(rec.shareDerivation);
|
|
1135
|
+
if (shareDerivation === "prf_first_v1" || shareDerivation === "derived_master_secret_v1" || shareDerivation === "kv_random_v1" || shareDerivation === "unknown") participant.shareDerivation = shareDerivation;
|
|
1136
|
+
out.push(participant);
|
|
1137
|
+
}
|
|
1138
|
+
return out.length ? out : null;
|
|
1139
|
+
}
|
|
1140
|
+
function buildThresholdEd25519Participants2pV1(input) {
|
|
1141
|
+
const relayerKeyId = toOptionalTrimmedString(input.relayerKeyId);
|
|
1142
|
+
const relayerUrl = toOptionalTrimmedString(input.relayerUrl);
|
|
1143
|
+
const clientVerifyingShareB64u = toOptionalTrimmedString(input.clientVerifyingShareB64u);
|
|
1144
|
+
const relayerVerifyingShareB64u = toOptionalTrimmedString(input.relayerVerifyingShareB64u);
|
|
1145
|
+
const clientParticipantId = normalizeThresholdEd25519ParticipantId(input.clientParticipantId) ?? THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID;
|
|
1146
|
+
const relayerParticipantId = normalizeThresholdEd25519ParticipantId(input.relayerParticipantId) ?? THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID;
|
|
1147
|
+
const client = {
|
|
1148
|
+
id: clientParticipantId,
|
|
1149
|
+
role: "client",
|
|
1150
|
+
...clientVerifyingShareB64u ? { verifyingShareB64u: clientVerifyingShareB64u } : {},
|
|
1151
|
+
shareDerivation: input.clientShareDerivation || "prf_first_v1"
|
|
1152
|
+
};
|
|
1153
|
+
const relayer = {
|
|
1154
|
+
id: relayerParticipantId,
|
|
1155
|
+
role: "relayer",
|
|
1156
|
+
...relayerUrl ? { relayerUrl } : {},
|
|
1157
|
+
...relayerKeyId ? { relayerKeyId } : {},
|
|
1158
|
+
...relayerVerifyingShareB64u ? { verifyingShareB64u: relayerVerifyingShareB64u } : {},
|
|
1159
|
+
...input.relayerShareDerivation ? { shareDerivation: input.relayerShareDerivation } : {}
|
|
1160
|
+
};
|
|
1161
|
+
return [client, relayer];
|
|
1162
|
+
}
|
|
1163
|
+
|
|
1164
|
+
//#endregion
|
|
1165
|
+
//#region src/core/IndexedDBManager/passkeyNearKeysDB.ts
|
|
1166
|
+
const DB_CONFIG = {
|
|
1167
|
+
dbName: "PasskeyNearKeys",
|
|
1168
|
+
dbVersion: 4,
|
|
1169
|
+
storeName: "keyMaterial",
|
|
1170
|
+
keyPath: [
|
|
1171
|
+
"nearAccountId",
|
|
1172
|
+
"deviceNumber",
|
|
1173
|
+
"kind"
|
|
1174
|
+
]
|
|
1175
|
+
};
|
|
1176
|
+
var PasskeyNearKeysDBManager = class {
|
|
1177
|
+
config;
|
|
1178
|
+
db = null;
|
|
1179
|
+
disabled = false;
|
|
1180
|
+
constructor(config = DB_CONFIG) {
|
|
1181
|
+
this.config = config;
|
|
1182
|
+
}
|
|
1183
|
+
getDbName() {
|
|
1184
|
+
return this.config.dbName;
|
|
1185
|
+
}
|
|
1186
|
+
setDbName(dbName) {
|
|
1187
|
+
const next = String(dbName || "").trim();
|
|
1188
|
+
if (!next || next === this.config.dbName) return;
|
|
1189
|
+
try {
|
|
1190
|
+
this.db?.close?.();
|
|
1191
|
+
} catch {}
|
|
1192
|
+
this.db = null;
|
|
1193
|
+
this.config = {
|
|
1194
|
+
...this.config,
|
|
1195
|
+
dbName: next
|
|
1196
|
+
};
|
|
1197
|
+
}
|
|
1198
|
+
isDisabled() {
|
|
1199
|
+
return this.disabled;
|
|
1200
|
+
}
|
|
1201
|
+
setDisabled(disabled) {
|
|
1202
|
+
const next = !!disabled;
|
|
1203
|
+
if (next === this.disabled) return;
|
|
1204
|
+
this.disabled = next;
|
|
1205
|
+
if (next) {
|
|
1206
|
+
try {
|
|
1207
|
+
this.db?.close?.();
|
|
1208
|
+
} catch {}
|
|
1209
|
+
this.db = null;
|
|
1210
|
+
}
|
|
1211
|
+
}
|
|
1212
|
+
/**
|
|
1213
|
+
* Get database connection, initializing if necessary
|
|
1214
|
+
*/
|
|
1215
|
+
async getDB() {
|
|
1216
|
+
if (this.disabled) throw new Error("[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.");
|
|
1217
|
+
if (this.db) return this.db;
|
|
1218
|
+
this.db = await openDB(this.config.dbName, this.config.dbVersion, {
|
|
1219
|
+
upgrade(db) {
|
|
1220
|
+
for (const name of ["encryptedKeys", DB_CONFIG.storeName]) try {
|
|
1221
|
+
if (db.objectStoreNames.contains(name)) db.deleteObjectStore(name);
|
|
1222
|
+
} catch {}
|
|
1223
|
+
const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });
|
|
1224
|
+
try {
|
|
1225
|
+
store.createIndex("nearAccountId", "nearAccountId", { unique: false });
|
|
1226
|
+
} catch {}
|
|
1227
|
+
try {
|
|
1228
|
+
store.createIndex("publicKey", "publicKey", { unique: false });
|
|
1229
|
+
} catch {}
|
|
1230
|
+
try {
|
|
1231
|
+
store.createIndex("kind", "kind", { unique: false });
|
|
1232
|
+
} catch {}
|
|
1233
|
+
},
|
|
1234
|
+
blocked() {
|
|
1235
|
+
console.warn("PasskeyNearKeysDB connection is blocked.");
|
|
1236
|
+
},
|
|
1237
|
+
blocking() {
|
|
1238
|
+
console.warn("PasskeyNearKeysDB connection is blocking another connection.");
|
|
1239
|
+
},
|
|
1240
|
+
terminated: () => {
|
|
1241
|
+
console.warn("PasskeyNearKeysDB connection has been terminated.");
|
|
1242
|
+
this.db = null;
|
|
1243
|
+
}
|
|
1244
|
+
});
|
|
1245
|
+
return this.db;
|
|
1246
|
+
}
|
|
1247
|
+
/**
|
|
1248
|
+
* Store encrypted key data
|
|
1249
|
+
*/
|
|
1250
|
+
async storeKeyMaterial(data) {
|
|
1251
|
+
const db = await this.getDB();
|
|
1252
|
+
if (!data.wrapKeySalt) throw new Error("PasskeyNearKeysDB: Missing wrapKeySalt");
|
|
1253
|
+
if (!data.publicKey) throw new Error("PasskeyNearKeysDB: Missing publicKey");
|
|
1254
|
+
if (data.kind === "local_near_sk_v3") {
|
|
1255
|
+
if (!data.encryptedSk) throw new Error("PasskeyNearKeysDB: Missing encryptedSk for local_near_sk_v3");
|
|
1256
|
+
if (!data.chacha20NonceB64u) throw new Error("PasskeyNearKeysDB: Missing chacha20NonceB64u for local_near_sk_v3");
|
|
1257
|
+
} else if (data.kind === "threshold_ed25519_2p_v1") {
|
|
1258
|
+
if (!data.relayerKeyId) throw new Error("PasskeyNearKeysDB: Missing relayerKeyId for threshold_ed25519_2p_v1");
|
|
1259
|
+
if (!data.clientShareDerivation) throw new Error("PasskeyNearKeysDB: Missing clientShareDerivation for threshold_ed25519_2p_v1");
|
|
1260
|
+
const parsed = parseThresholdEd25519ParticipantsV1(data.participants);
|
|
1261
|
+
data.participants = parsed || buildThresholdEd25519Participants2pV1({
|
|
1262
|
+
relayerKeyId: data.relayerKeyId,
|
|
1263
|
+
clientShareDerivation: data.clientShareDerivation
|
|
1264
|
+
});
|
|
1265
|
+
}
|
|
1266
|
+
await db.put(this.config.storeName, data);
|
|
1267
|
+
}
|
|
1268
|
+
/**
|
|
1269
|
+
* Retrieve encrypted key data
|
|
1270
|
+
*/
|
|
1271
|
+
async getKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1272
|
+
const db = await this.getDB();
|
|
1273
|
+
if (!kind) throw new Error("PasskeyNearKeysDB: kind is required (no fallback lookup is allowed)");
|
|
1274
|
+
const sanitize = (rec) => {
|
|
1275
|
+
const kind$1 = rec?.kind;
|
|
1276
|
+
if (!rec?.nearAccountId || typeof rec?.deviceNumber !== "number") return null;
|
|
1277
|
+
if (!kind$1) return null;
|
|
1278
|
+
if (!rec?.publicKey || !rec?.wrapKeySalt || typeof rec?.timestamp !== "number") return null;
|
|
1279
|
+
if (kind$1 === "local_near_sk_v3") {
|
|
1280
|
+
if (!rec?.encryptedSk || !rec?.chacha20NonceB64u) return null;
|
|
1281
|
+
return {
|
|
1282
|
+
nearAccountId: rec.nearAccountId,
|
|
1283
|
+
deviceNumber: rec.deviceNumber,
|
|
1284
|
+
kind: kind$1,
|
|
1285
|
+
publicKey: rec.publicKey,
|
|
1286
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1287
|
+
encryptedSk: rec.encryptedSk,
|
|
1288
|
+
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1289
|
+
timestamp: rec.timestamp
|
|
1290
|
+
};
|
|
1291
|
+
}
|
|
1292
|
+
if (kind$1 === "threshold_ed25519_2p_v1") {
|
|
1293
|
+
if (!rec?.relayerKeyId || !rec?.clientShareDerivation) return null;
|
|
1294
|
+
const participants = parseThresholdEd25519ParticipantsV1(rec.participants) || buildThresholdEd25519Participants2pV1({
|
|
1295
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1296
|
+
clientShareDerivation: rec.clientShareDerivation
|
|
1297
|
+
});
|
|
1298
|
+
return {
|
|
1299
|
+
nearAccountId: rec.nearAccountId,
|
|
1300
|
+
deviceNumber: rec.deviceNumber,
|
|
1301
|
+
kind: kind$1,
|
|
1302
|
+
publicKey: rec.publicKey,
|
|
1303
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1304
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1305
|
+
clientShareDerivation: rec.clientShareDerivation,
|
|
1306
|
+
participants,
|
|
1307
|
+
timestamp: rec.timestamp
|
|
1308
|
+
};
|
|
1309
|
+
}
|
|
1310
|
+
return null;
|
|
1311
|
+
};
|
|
1312
|
+
const res = await db.get(this.config.storeName, [
|
|
1313
|
+
nearAccountId,
|
|
1314
|
+
deviceNumber,
|
|
1315
|
+
kind
|
|
1316
|
+
]);
|
|
1317
|
+
return sanitize(res);
|
|
1318
|
+
}
|
|
1319
|
+
async getLocalKeyMaterial(nearAccountId, deviceNumber) {
|
|
1320
|
+
const rec = await this.getKeyMaterial(nearAccountId, deviceNumber, "local_near_sk_v3");
|
|
1321
|
+
return rec?.kind === "local_near_sk_v3" ? rec : null;
|
|
1322
|
+
}
|
|
1323
|
+
async getThresholdKeyMaterial(nearAccountId, deviceNumber) {
|
|
1324
|
+
const rec = await this.getKeyMaterial(nearAccountId, deviceNumber, "threshold_ed25519_2p_v1");
|
|
1325
|
+
return rec?.kind === "threshold_ed25519_2p_v1" ? rec : null;
|
|
1326
|
+
}
|
|
1327
|
+
/**
|
|
1328
|
+
* Verify key storage by attempting retrieval
|
|
1329
|
+
*/
|
|
1330
|
+
async verifyKeyStorage(nearAccountId, deviceNumber, kind) {
|
|
1331
|
+
const retrievedKey = await this.getKeyMaterial(nearAccountId, deviceNumber, kind);
|
|
1332
|
+
return !!retrievedKey;
|
|
1333
|
+
}
|
|
1334
|
+
/**
|
|
1335
|
+
* Delete encrypted key data for a specific account
|
|
1336
|
+
*/
|
|
1337
|
+
async deleteKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1338
|
+
const db = await this.getDB();
|
|
1339
|
+
if (typeof deviceNumber === "number" && kind) await db.delete(this.config.storeName, [
|
|
1340
|
+
nearAccountId,
|
|
1341
|
+
deviceNumber,
|
|
1342
|
+
kind
|
|
1343
|
+
]);
|
|
1344
|
+
else if (typeof deviceNumber === "number") {
|
|
1345
|
+
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1346
|
+
const idx = tx.store.index("nearAccountId");
|
|
1347
|
+
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1348
|
+
while (cursor) {
|
|
1349
|
+
const value = cursor.value;
|
|
1350
|
+
if (value?.deviceNumber === deviceNumber) await tx.store.delete(cursor.primaryKey);
|
|
1351
|
+
cursor = await cursor.continue();
|
|
1352
|
+
}
|
|
1353
|
+
await tx.done;
|
|
1354
|
+
} else {
|
|
1355
|
+
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1356
|
+
const idx = tx.store.index("nearAccountId");
|
|
1357
|
+
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1358
|
+
while (cursor) {
|
|
1359
|
+
await tx.store.delete(cursor.primaryKey);
|
|
1360
|
+
cursor = await cursor.continue();
|
|
1361
|
+
}
|
|
1362
|
+
await tx.done;
|
|
1363
|
+
}
|
|
1364
|
+
console.debug("PasskeyNearKeysDB: deleteKeyMaterial - Successfully deleted");
|
|
1365
|
+
}
|
|
1366
|
+
/**
|
|
1367
|
+
* Get all encrypted keys (for migration or debugging purposes)
|
|
1368
|
+
*/
|
|
1369
|
+
async getAllKeyMaterial() {
|
|
1370
|
+
const db = await this.getDB();
|
|
1371
|
+
const all = await db.getAll(this.config.storeName);
|
|
1372
|
+
return all.map((rec) => {
|
|
1373
|
+
const kind = rec?.kind;
|
|
1374
|
+
if (!kind) return null;
|
|
1375
|
+
if (kind === "local_near_sk_v3") {
|
|
1376
|
+
if (!rec?.encryptedSk || !rec?.chacha20NonceB64u) return null;
|
|
1377
|
+
return {
|
|
1378
|
+
nearAccountId: rec.nearAccountId,
|
|
1379
|
+
deviceNumber: rec.deviceNumber,
|
|
1380
|
+
kind,
|
|
1381
|
+
publicKey: rec.publicKey,
|
|
1382
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1383
|
+
encryptedSk: rec.encryptedSk,
|
|
1384
|
+
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1385
|
+
timestamp: rec.timestamp
|
|
1386
|
+
};
|
|
1387
|
+
}
|
|
1388
|
+
if (kind === "threshold_ed25519_2p_v1") {
|
|
1389
|
+
if (!rec?.relayerKeyId || !rec?.clientShareDerivation) return null;
|
|
1390
|
+
const participants = parseThresholdEd25519ParticipantsV1(rec.participants) || buildThresholdEd25519Participants2pV1({
|
|
1391
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1392
|
+
clientShareDerivation: rec.clientShareDerivation
|
|
1393
|
+
});
|
|
1394
|
+
return {
|
|
1395
|
+
nearAccountId: rec.nearAccountId,
|
|
1396
|
+
deviceNumber: rec.deviceNumber,
|
|
1397
|
+
kind,
|
|
1398
|
+
publicKey: rec.publicKey,
|
|
1399
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1400
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1401
|
+
clientShareDerivation: rec.clientShareDerivation,
|
|
1402
|
+
participants,
|
|
1403
|
+
timestamp: rec.timestamp
|
|
1404
|
+
};
|
|
1405
|
+
}
|
|
1406
|
+
return null;
|
|
1407
|
+
}).filter((rec) => rec !== null);
|
|
1408
|
+
}
|
|
1409
|
+
/**
|
|
1410
|
+
* Check if a key exists for the given account
|
|
1411
|
+
*/
|
|
1412
|
+
async hasKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1413
|
+
const keyData = await this.getKeyMaterial(nearAccountId, deviceNumber, kind);
|
|
1414
|
+
return !!keyData;
|
|
1415
|
+
}
|
|
1416
|
+
};
|
|
1417
|
+
|
|
1418
|
+
//#endregion
|
|
1419
|
+
//#region src/core/IndexedDBManager/index.ts
|
|
1420
|
+
const passkeyClientDB = new PasskeyClientDBManager();
|
|
1421
|
+
const passkeyNearKeysDB = new PasskeyNearKeysDBManager();
|
|
1422
|
+
/**
|
|
1423
|
+
* Unified IndexedDB interface providing access to both databases
|
|
1424
|
+
* This allows centralized access while maintaining separation of concerns
|
|
1425
|
+
*/
|
|
1426
|
+
var UnifiedIndexedDBManager = class {
|
|
1427
|
+
clientDB;
|
|
1428
|
+
nearKeysDB;
|
|
1429
|
+
_initialized = false;
|
|
1430
|
+
constructor() {
|
|
1431
|
+
this.clientDB = passkeyClientDB;
|
|
1432
|
+
this.nearKeysDB = passkeyNearKeysDB;
|
|
1433
|
+
}
|
|
1434
|
+
/**
|
|
1435
|
+
* Initialize both databases proactively
|
|
1436
|
+
* This ensures both databases are created and ready for use
|
|
1437
|
+
*/
|
|
1438
|
+
async initialize() {
|
|
1439
|
+
if (this._initialized) return;
|
|
1440
|
+
try {
|
|
1441
|
+
if (this.clientDB.isDisabled() || this.nearKeysDB.isDisabled()) {
|
|
1442
|
+
this._initialized = true;
|
|
1443
|
+
return;
|
|
1444
|
+
}
|
|
1445
|
+
await Promise.all([this.clientDB.getAppState("_init_check"), this.nearKeysDB.hasKeyMaterial("_init_check", 1, "local_near_sk_v3")]);
|
|
1446
|
+
this._initialized = true;
|
|
1447
|
+
} catch (error) {
|
|
1448
|
+
console.warn("Failed to initialize IndexedDB databases:", error);
|
|
1449
|
+
}
|
|
1450
|
+
}
|
|
1451
|
+
/**
|
|
1452
|
+
* Check if databases have been initialized
|
|
1453
|
+
*/
|
|
1454
|
+
get isInitialized() {
|
|
1455
|
+
return this._initialized;
|
|
1456
|
+
}
|
|
1457
|
+
/**
|
|
1458
|
+
* Get user data and check if they have encrypted NEAR keys
|
|
1459
|
+
*/
|
|
1460
|
+
async getUserWithKeys(nearAccountId) {
|
|
1461
|
+
const last = await this.clientDB.getLastUser();
|
|
1462
|
+
const userData = last && last.nearAccountId === nearAccountId ? last : await this.clientDB.getUserByDevice(nearAccountId, 1);
|
|
1463
|
+
const deviceNumber = last && last.nearAccountId === nearAccountId ? last.deviceNumber : userData?.deviceNumber;
|
|
1464
|
+
const [local, threshold] = await Promise.all([this.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), this.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
1465
|
+
const keyData = local ?? threshold;
|
|
1466
|
+
const hasKeys = !!keyData;
|
|
1467
|
+
return {
|
|
1468
|
+
userData,
|
|
1469
|
+
hasKeys,
|
|
1470
|
+
keyMaterial: hasKeys ? keyData : void 0
|
|
1471
|
+
};
|
|
1472
|
+
}
|
|
1473
|
+
async setDerivedAddress(nearAccountId, args) {
|
|
1474
|
+
return this.clientDB.setDerivedAddress(nearAccountId, args);
|
|
1681
1475
|
}
|
|
1682
|
-
|
|
1683
|
-
|
|
1684
|
-
|
|
1685
|
-
|
|
1686
|
-
|
|
1687
|
-
|
|
1688
|
-
|
|
1689
|
-
|
|
1690
|
-
|
|
1691
|
-
|
|
1692
|
-
return
|
|
1476
|
+
async getDerivedAddressRecord(nearAccountId, args) {
|
|
1477
|
+
return this.clientDB.getDerivedAddressRecord(nearAccountId, args);
|
|
1478
|
+
}
|
|
1479
|
+
async getDerivedAddress(nearAccountId, args) {
|
|
1480
|
+
return this.clientDB.getDerivedAddress(nearAccountId, args);
|
|
1481
|
+
}
|
|
1482
|
+
async upsertRecoveryEmails(nearAccountId, entries) {
|
|
1483
|
+
return this.clientDB.upsertRecoveryEmails(nearAccountId, entries);
|
|
1484
|
+
}
|
|
1485
|
+
async getRecoveryEmails(nearAccountId) {
|
|
1486
|
+
return this.clientDB.getRecoveryEmails(nearAccountId);
|
|
1693
1487
|
}
|
|
1694
1488
|
};
|
|
1695
|
-
|
|
1696
|
-
* Check if the current device is likely mobile
|
|
1697
|
-
*/
|
|
1698
|
-
const isMobileDevice = () => {
|
|
1699
|
-
return detectDeviceType() === "mobile";
|
|
1700
|
-
};
|
|
1489
|
+
const IndexedDBManager = new UnifiedIndexedDBManager();
|
|
1701
1490
|
|
|
1702
1491
|
//#endregion
|
|
1703
1492
|
//#region src/core/NearRpcError.ts
|
|
@@ -1816,6 +1605,7 @@ function describeTxExecution(operationName, exec) {
|
|
|
1816
1605
|
const DEFAULT_WAIT_STATUS = {
|
|
1817
1606
|
executeAction: "EXECUTED_OPTIMISTIC",
|
|
1818
1607
|
linkDeviceAddKey: "INCLUDED_FINAL",
|
|
1608
|
+
thresholdAddKey: "EXECUTED_OPTIMISTIC",
|
|
1819
1609
|
linkDeviceSwapKey: "FINAL",
|
|
1820
1610
|
linkDeviceAccountMapping: "INCLUDED_FINAL",
|
|
1821
1611
|
linkDeviceDeleteKey: "INCLUDED_FINAL",
|
|
@@ -2032,6 +1822,13 @@ var MinimalNearClient = class MinimalNearClient {
|
|
|
2032
1822
|
}
|
|
2033
1823
|
throw lastError instanceof Error ? lastError : new Error(String(lastError));
|
|
2034
1824
|
}
|
|
1825
|
+
async txStatus(txHash, senderAccountId) {
|
|
1826
|
+
const params = {
|
|
1827
|
+
tx_hash: txHash,
|
|
1828
|
+
sender_account_id: senderAccountId
|
|
1829
|
+
};
|
|
1830
|
+
return this.makeRpcCall("EXPERIMENTAL_tx_status", params, "Tx Status");
|
|
1831
|
+
}
|
|
2035
1832
|
async callFunction(contractId, method, args, blockQuery) {
|
|
2036
1833
|
const rpcParams = {
|
|
2037
1834
|
request_type: "call_function",
|
|
@@ -2165,25 +1962,44 @@ const DEVICE_LINKING_CONFIG = {
|
|
|
2165
1962
|
RETRY: { MAX_REGISTRATION_ATTEMPTS: 5 }
|
|
2166
1963
|
};
|
|
2167
1964
|
|
|
1965
|
+
//#endregion
|
|
1966
|
+
//#region src/core/sdkPaths/base.ts
|
|
1967
|
+
const W3A_WALLET_SDK_BASE_EVENT = "W3A_WALLET_SDK_BASE_CHANGED";
|
|
1968
|
+
/**
|
|
1969
|
+
* @param cb - Callback invoked with the new absolute base URL when it changes.
|
|
1970
|
+
* @returns Unsubscribe function to remove the listener.
|
|
1971
|
+
*/
|
|
1972
|
+
function onEmbeddedBaseChange(cb) {
|
|
1973
|
+
if (typeof window === "undefined") return () => {};
|
|
1974
|
+
const handler = (e) => {
|
|
1975
|
+
const d = e.detail;
|
|
1976
|
+
if (typeof d === "string" && d.length > 0) cb(d);
|
|
1977
|
+
};
|
|
1978
|
+
window.addEventListener(W3A_WALLET_SDK_BASE_EVENT, handler, { passive: true });
|
|
1979
|
+
return () => window.removeEventListener(W3A_WALLET_SDK_BASE_EVENT, handler);
|
|
1980
|
+
}
|
|
1981
|
+
|
|
2168
1982
|
//#endregion
|
|
2169
1983
|
//#region src/core/sdkPaths/workers.ts
|
|
2170
1984
|
/**
|
|
2171
1985
|
* Resolve the base origin for worker scripts.
|
|
2172
1986
|
* Priority:
|
|
2173
|
-
* 1) window.__W3A_WALLET_SDK_BASE__ (absolute `${walletOrigin}${sdkBasePath}/`) → take its origin
|
|
1987
|
+
* 1) window.__W3A_WALLET_SDK_BASE__ (absolute `${walletOrigin}${sdkBasePath}/`) → take its origin (only if same-origin)
|
|
2174
1988
|
* 2) window.location.origin (host/app origin)
|
|
2175
1989
|
*
|
|
2176
1990
|
* @returns The origin (protocol + host [+ port]) used to resolve worker script URLs.
|
|
2177
1991
|
* Prefers the wallet SDK base origin; falls back to the current window origin.
|
|
2178
1992
|
*/
|
|
2179
1993
|
function resolveWorkerBaseOrigin() {
|
|
2180
|
-
|
|
2181
|
-
if (typeof window !== "undefined" && window.location?.origin) origin = window.location.origin;
|
|
1994
|
+
const currentOrigin = typeof window !== "undefined" && window.location?.origin ? window.location.origin : "";
|
|
2182
1995
|
try {
|
|
2183
1996
|
const embeddedBase = window?.__W3A_WALLET_SDK_BASE__;
|
|
2184
|
-
if (embeddedBase)
|
|
1997
|
+
if (embeddedBase) {
|
|
1998
|
+
const embeddedOrigin = new URL(embeddedBase, currentOrigin || "https://invalid.local").origin;
|
|
1999
|
+
if (embeddedOrigin === currentOrigin) return embeddedOrigin;
|
|
2000
|
+
}
|
|
2185
2001
|
} catch {}
|
|
2186
|
-
return
|
|
2002
|
+
return currentOrigin;
|
|
2187
2003
|
}
|
|
2188
2004
|
function resolveWorkerUrl(input, opts) {
|
|
2189
2005
|
const worker = opts.worker;
|
|
@@ -2224,13 +2040,24 @@ const WorkerControlMessage = {
|
|
|
2224
2040
|
|
|
2225
2041
|
//#endregion
|
|
2226
2042
|
//#region src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.ts
|
|
2043
|
+
function asSessionMessage(msg) {
|
|
2044
|
+
if (!isObject$1(msg)) return null;
|
|
2045
|
+
if (typeof msg.type !== "string") return null;
|
|
2046
|
+
if (msg.sessionId != null && typeof msg.sessionId !== "string") return null;
|
|
2047
|
+
if (msg.error != null && typeof msg.error !== "string") return null;
|
|
2048
|
+
return msg;
|
|
2049
|
+
}
|
|
2227
2050
|
/**
|
|
2228
2051
|
* Type guard to check if a message is a control message.
|
|
2229
2052
|
*/
|
|
2230
2053
|
function isSignerWorkerControlMessage(msg) {
|
|
2231
2054
|
if (!isObject$1(msg) || typeof msg.type !== "string") return false;
|
|
2232
|
-
|
|
2233
|
-
|
|
2055
|
+
switch (msg.type) {
|
|
2056
|
+
case WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_OK: return typeof msg.sessionId === "string";
|
|
2057
|
+
case WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_ERROR: return typeof msg.sessionId === "string" && typeof msg.error === "string";
|
|
2058
|
+
case WorkerControlMessage.WORKER_READY: return typeof msg.ready === "boolean";
|
|
2059
|
+
default: return false;
|
|
2060
|
+
}
|
|
2234
2061
|
}
|
|
2235
2062
|
function isObject$1(value) {
|
|
2236
2063
|
return typeof value === "object" && value !== null;
|
|
@@ -2252,8 +2079,8 @@ function waitForSessionMessage(worker, options) {
|
|
|
2252
2079
|
reject(/* @__PURE__ */ new Error(`Timeout waiting for session message (${successTypes.join("|")})${sessionId ? ` for session ${sessionId}` : ""}`));
|
|
2253
2080
|
}, timeoutMs);
|
|
2254
2081
|
const messageHandler = (event) => {
|
|
2255
|
-
const msg = event.data;
|
|
2256
|
-
if (!msg
|
|
2082
|
+
const msg = asSessionMessage(event.data);
|
|
2083
|
+
if (!msg) return;
|
|
2257
2084
|
if (sessionId && msg.sessionId !== sessionId) return;
|
|
2258
2085
|
if (errorType && msg.type === errorType) {
|
|
2259
2086
|
cleanup();
|
|
@@ -2299,8 +2126,73 @@ function waitForWrapKeyPortAttach(worker, sessionId, timeoutMs = 2e3) {
|
|
|
2299
2126
|
});
|
|
2300
2127
|
}
|
|
2301
2128
|
|
|
2129
|
+
//#endregion
|
|
2130
|
+
//#region src/core/types/sdkSentEvents.ts
|
|
2131
|
+
let RegistrationPhase = /* @__PURE__ */ function(RegistrationPhase$1) {
|
|
2132
|
+
RegistrationPhase$1["STEP_1_WEBAUTHN_VERIFICATION"] = "webauthn-verification";
|
|
2133
|
+
RegistrationPhase$1["STEP_2_KEY_GENERATION"] = "key-generation";
|
|
2134
|
+
RegistrationPhase$1["STEP_3_CONTRACT_PRE_CHECK"] = "contract-pre-check";
|
|
2135
|
+
RegistrationPhase$1["STEP_4_ACCESS_KEY_ADDITION"] = "access-key-addition";
|
|
2136
|
+
RegistrationPhase$1["STEP_5_CONTRACT_REGISTRATION"] = "contract-registration";
|
|
2137
|
+
RegistrationPhase$1["STEP_6_ACCOUNT_VERIFICATION"] = "account-verification";
|
|
2138
|
+
RegistrationPhase$1["STEP_7_DATABASE_STORAGE"] = "database-storage";
|
|
2139
|
+
RegistrationPhase$1["STEP_8_REGISTRATION_COMPLETE"] = "registration-complete";
|
|
2140
|
+
RegistrationPhase$1["REGISTRATION_ERROR"] = "error";
|
|
2141
|
+
return RegistrationPhase$1;
|
|
2142
|
+
}({});
|
|
2143
|
+
let RegistrationStatus = /* @__PURE__ */ function(RegistrationStatus$1) {
|
|
2144
|
+
RegistrationStatus$1["PROGRESS"] = "progress";
|
|
2145
|
+
RegistrationStatus$1["SUCCESS"] = "success";
|
|
2146
|
+
RegistrationStatus$1["ERROR"] = "error";
|
|
2147
|
+
return RegistrationStatus$1;
|
|
2148
|
+
}({});
|
|
2149
|
+
|
|
2302
2150
|
//#endregion
|
|
2303
2151
|
//#region src/core/rpcCalls.ts
|
|
2152
|
+
function sleep(ms) {
|
|
2153
|
+
return new Promise((res) => setTimeout(res, ms));
|
|
2154
|
+
}
|
|
2155
|
+
function isAccessKeyNotFoundError(err) {
|
|
2156
|
+
const msg = String(errorMessage(err) || "").toLowerCase();
|
|
2157
|
+
if (!msg) return false;
|
|
2158
|
+
if (msg.includes("unknown access key") || msg.includes("unknown_access_key") || msg.includes("unknownaccesskey")) return true;
|
|
2159
|
+
if (msg.includes("accesskeydoesnotexist")) return true;
|
|
2160
|
+
if (msg.includes("access key does not exist")) return true;
|
|
2161
|
+
if (msg.includes("access key doesn't exist")) return true;
|
|
2162
|
+
if (msg.includes("access key not found")) return true;
|
|
2163
|
+
if (msg.includes("no such access key")) return true;
|
|
2164
|
+
if (msg.includes("viewing access key") && msg.includes("does not exist") && !msg.includes("account")) return true;
|
|
2165
|
+
return false;
|
|
2166
|
+
}
|
|
2167
|
+
async function hasAccessKey(nearClient, nearAccountId, publicKey, opts) {
|
|
2168
|
+
const expected = ensureEd25519Prefix(publicKey);
|
|
2169
|
+
if (!expected) return false;
|
|
2170
|
+
const attempts = Math.max(1, Math.floor(opts?.attempts ?? 6));
|
|
2171
|
+
const delayMs = Math.max(50, Math.floor(opts?.delayMs ?? 750));
|
|
2172
|
+
for (let i = 0; i < attempts; i++) {
|
|
2173
|
+
try {
|
|
2174
|
+
await nearClient.viewAccessKey(nearAccountId, expected);
|
|
2175
|
+
return true;
|
|
2176
|
+
} catch {}
|
|
2177
|
+
if (i < attempts - 1) await sleep(delayMs);
|
|
2178
|
+
}
|
|
2179
|
+
return false;
|
|
2180
|
+
}
|
|
2181
|
+
async function waitForAccessKeyAbsent(nearClient, nearAccountId, publicKey, opts) {
|
|
2182
|
+
const expected = ensureEd25519Prefix(publicKey);
|
|
2183
|
+
if (!expected) return true;
|
|
2184
|
+
const attempts = Math.max(1, Math.floor(opts?.attempts ?? 6));
|
|
2185
|
+
const delayMs = Math.max(50, Math.floor(opts?.delayMs ?? 650));
|
|
2186
|
+
for (let i = 0; i < attempts; i++) {
|
|
2187
|
+
try {
|
|
2188
|
+
await nearClient.viewAccessKey(nearAccountId, expected);
|
|
2189
|
+
} catch (err) {
|
|
2190
|
+
if (isAccessKeyNotFoundError(err)) return true;
|
|
2191
|
+
}
|
|
2192
|
+
if (i < attempts - 1) await sleep(delayMs);
|
|
2193
|
+
}
|
|
2194
|
+
return false;
|
|
2195
|
+
}
|
|
2304
2196
|
/**
|
|
2305
2197
|
* View-only registration pre-check.
|
|
2306
2198
|
*
|
|
@@ -2310,6 +2202,10 @@ function waitForWrapKeyPortAttach(worker, sessionId, timeoutMs = 2e3) {
|
|
|
2310
2202
|
*/
|
|
2311
2203
|
async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfChallenge, credential, authenticatorOptions }) {
|
|
2312
2204
|
try {
|
|
2205
|
+
const intent_digest_32 = Array.from(base64UrlDecode(vrfChallenge.intentDigest || ""));
|
|
2206
|
+
if (intent_digest_32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
2207
|
+
const session_policy_digest_32 = vrfChallenge.sessionPolicyDigest32 ? Array.from(base64UrlDecode(vrfChallenge.sessionPolicyDigest32)) : [];
|
|
2208
|
+
if (session_policy_digest_32.length !== 0 && session_policy_digest_32.length !== 32) throw new Error("Invalid vrfChallenge.sessionPolicyDigest32 (expected base64url-encoded 32 bytes)");
|
|
2313
2209
|
const vrfData = {
|
|
2314
2210
|
vrf_input_data: Array.from(base64UrlDecode(vrfChallenge.vrfInput)),
|
|
2315
2211
|
vrf_output: Array.from(base64UrlDecode(vrfChallenge.vrfOutput)),
|
|
@@ -2318,7 +2214,9 @@ async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfCha
|
|
|
2318
2214
|
user_id: vrfChallenge.userId,
|
|
2319
2215
|
rp_id: vrfChallenge.rpId,
|
|
2320
2216
|
block_height: Number(vrfChallenge.blockHeight),
|
|
2321
|
-
block_hash: Array.from(base64UrlDecode(vrfChallenge.blockHash))
|
|
2217
|
+
block_hash: Array.from(base64UrlDecode(vrfChallenge.blockHash)),
|
|
2218
|
+
intent_digest_32,
|
|
2219
|
+
...session_policy_digest_32.length ? { session_policy_digest_32 } : {}
|
|
2322
2220
|
};
|
|
2323
2221
|
const args = {
|
|
2324
2222
|
vrf_data: vrfData,
|
|
@@ -2342,6 +2240,78 @@ async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfCha
|
|
|
2342
2240
|
};
|
|
2343
2241
|
}
|
|
2344
2242
|
}
|
|
2243
|
+
async function thresholdEd25519Keygen(relayServerUrl, vrfChallenge, webauthnAuthentication, args) {
|
|
2244
|
+
try {
|
|
2245
|
+
const base$1 = String(relayServerUrl || "").trim().replace(/\/$/, "");
|
|
2246
|
+
if (!base$1) throw new Error("Missing relayServerUrl");
|
|
2247
|
+
const clientVerifyingShareB64u = String(args.clientVerifyingShareB64u || "").trim();
|
|
2248
|
+
if (!clientVerifyingShareB64u) throw new Error("Missing clientVerifyingShareB64u");
|
|
2249
|
+
const nearAccountId = String(args.nearAccountId || "").trim();
|
|
2250
|
+
if (!nearAccountId) throw new Error("Missing nearAccountId");
|
|
2251
|
+
const toBytes = (b64u) => {
|
|
2252
|
+
if (!b64u) return [];
|
|
2253
|
+
return Array.from(base64UrlDecode(b64u));
|
|
2254
|
+
};
|
|
2255
|
+
const intent_digest_32 = toBytes(vrfChallenge.intentDigest);
|
|
2256
|
+
if (intent_digest_32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
2257
|
+
const vrf_data = {
|
|
2258
|
+
vrf_input_data: toBytes(vrfChallenge.vrfInput),
|
|
2259
|
+
vrf_output: toBytes(vrfChallenge.vrfOutput),
|
|
2260
|
+
vrf_proof: toBytes(vrfChallenge.vrfProof),
|
|
2261
|
+
public_key: toBytes(vrfChallenge.vrfPublicKey),
|
|
2262
|
+
user_id: vrfChallenge.userId,
|
|
2263
|
+
rp_id: vrfChallenge.rpId,
|
|
2264
|
+
block_height: Number(vrfChallenge.blockHeight || 0),
|
|
2265
|
+
block_hash: toBytes(vrfChallenge.blockHash),
|
|
2266
|
+
intent_digest_32
|
|
2267
|
+
};
|
|
2268
|
+
const webauthn_authentication = {
|
|
2269
|
+
...webauthnAuthentication,
|
|
2270
|
+
authenticatorAttachment: webauthnAuthentication.authenticatorAttachment ?? null,
|
|
2271
|
+
response: {
|
|
2272
|
+
...webauthnAuthentication.response,
|
|
2273
|
+
userHandle: webauthnAuthentication.response.userHandle ?? null
|
|
2274
|
+
},
|
|
2275
|
+
clientExtensionResults: null
|
|
2276
|
+
};
|
|
2277
|
+
const url = `${base$1}/threshold-ed25519/keygen`;
|
|
2278
|
+
const response = await fetch(url, {
|
|
2279
|
+
method: "POST",
|
|
2280
|
+
headers: { "Content-Type": "application/json" },
|
|
2281
|
+
credentials: "include",
|
|
2282
|
+
body: JSON.stringify({
|
|
2283
|
+
clientVerifyingShareB64u,
|
|
2284
|
+
nearAccountId,
|
|
2285
|
+
vrf_data,
|
|
2286
|
+
webauthn_authentication
|
|
2287
|
+
})
|
|
2288
|
+
});
|
|
2289
|
+
if (!response.ok) {
|
|
2290
|
+
const errorText = await response.text();
|
|
2291
|
+
return {
|
|
2292
|
+
ok: false,
|
|
2293
|
+
error: `HTTP ${response.status}: ${errorText}`
|
|
2294
|
+
};
|
|
2295
|
+
}
|
|
2296
|
+
const json = await response.json();
|
|
2297
|
+
return {
|
|
2298
|
+
ok: !!json?.ok,
|
|
2299
|
+
clientParticipantId: json?.clientParticipantId,
|
|
2300
|
+
relayerParticipantId: json?.relayerParticipantId,
|
|
2301
|
+
participantIds: json?.participantIds,
|
|
2302
|
+
relayerKeyId: json?.relayerKeyId,
|
|
2303
|
+
publicKey: json?.publicKey,
|
|
2304
|
+
relayerVerifyingShareB64u: json?.relayerVerifyingShareB64u,
|
|
2305
|
+
code: json?.code,
|
|
2306
|
+
message: json?.message
|
|
2307
|
+
};
|
|
2308
|
+
} catch (error) {
|
|
2309
|
+
return {
|
|
2310
|
+
ok: false,
|
|
2311
|
+
error: error?.message || "Failed to keygen threshold-ed25519"
|
|
2312
|
+
};
|
|
2313
|
+
}
|
|
2314
|
+
}
|
|
2345
2315
|
|
|
2346
2316
|
//#endregion
|
|
2347
2317
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.ts
|
|
@@ -2357,9 +2327,9 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
|
|
|
2357
2327
|
const resolvedContractId = contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;
|
|
2358
2328
|
onEvent?.({
|
|
2359
2329
|
step: 3,
|
|
2360
|
-
phase:
|
|
2361
|
-
status:
|
|
2362
|
-
message: "
|
|
2330
|
+
phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
|
|
2331
|
+
status: RegistrationStatus.PROGRESS,
|
|
2332
|
+
message: "Running webauthn contract registration checks..."
|
|
2363
2333
|
});
|
|
2364
2334
|
const strippedCredential = removePrfOutputGuard(serializedCredential);
|
|
2365
2335
|
const result = await checkCanRegisterUserContractCall({
|
|
@@ -2378,9 +2348,10 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
|
|
|
2378
2348
|
};
|
|
2379
2349
|
onEvent?.({
|
|
2380
2350
|
step: 3,
|
|
2381
|
-
phase:
|
|
2382
|
-
status: result.verified ?
|
|
2383
|
-
message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed"
|
|
2351
|
+
phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
|
|
2352
|
+
status: result.verified ? RegistrationStatus.SUCCESS : RegistrationStatus.ERROR,
|
|
2353
|
+
message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed",
|
|
2354
|
+
...result.verified ? {} : { error: result.error || "Registration pre-check failed" }
|
|
2384
2355
|
});
|
|
2385
2356
|
return {
|
|
2386
2357
|
success: true,
|
|
@@ -2448,6 +2419,7 @@ const DEFAULT_AUTHENTICATOR_OPTIONS = {
|
|
|
2448
2419
|
function withSessionId(sessionId, payload) {
|
|
2449
2420
|
if (!sessionId) throw new Error("withSessionId: sessionId is required");
|
|
2450
2421
|
const existing = payload?.sessionId;
|
|
2422
|
+
if (existing != null && typeof existing !== "string") throw new Error("withSessionId: payload.sessionId must be a string when provided");
|
|
2451
2423
|
if (existing && existing !== sessionId) throw new Error(`withSessionId: payload.sessionId (${existing}) does not match provided sessionId (${sessionId})`);
|
|
2452
2424
|
return {
|
|
2453
2425
|
...payload,
|
|
@@ -2480,21 +2452,22 @@ async function deriveNearKeypairAndEncryptFromSerialized({ ctx, credential, near
|
|
|
2480
2452
|
});
|
|
2481
2453
|
if (!isDeriveNearKeypairAndEncryptSuccess(response)) throw new Error("Dual PRF registration (from serialized) failed");
|
|
2482
2454
|
const wasmResult = response.payload;
|
|
2483
|
-
const version = wasmResult.version ?? 2;
|
|
2484
2455
|
const wrapKeySaltPersisted = wasmResult.wrapKeySalt;
|
|
2456
|
+
if (!wrapKeySaltPersisted) throw new Error("Missing wrapKeySalt in deriveNearKeypairAndEncrypt result");
|
|
2485
2457
|
const deviceNumber = typeof options?.deviceNumber === "number" ? options.deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2486
2458
|
const chacha20NonceB64u = wasmResult.chacha20NonceB64u;
|
|
2487
2459
|
if (!chacha20NonceB64u) throw new Error("Missing chacha20NonceB64u in deriveNearKeypairAndEncrypt result");
|
|
2488
|
-
const
|
|
2460
|
+
const keyMaterial = {
|
|
2461
|
+
kind: "local_near_sk_v3",
|
|
2489
2462
|
nearAccountId,
|
|
2490
2463
|
deviceNumber,
|
|
2491
|
-
|
|
2464
|
+
publicKey: wasmResult.publicKey,
|
|
2465
|
+
encryptedSk: wasmResult.encryptedData,
|
|
2492
2466
|
chacha20NonceB64u,
|
|
2493
2467
|
wrapKeySalt: wrapKeySaltPersisted,
|
|
2494
|
-
version,
|
|
2495
2468
|
timestamp: Date.now()
|
|
2496
2469
|
};
|
|
2497
|
-
await ctx.indexedDB.nearKeysDB.
|
|
2470
|
+
await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
2498
2471
|
return {
|
|
2499
2472
|
success: true,
|
|
2500
2473
|
nearAccountId: toAccountId(wasmResult.nearAccountId),
|
|
@@ -2520,16 +2493,16 @@ async function decryptPrivateKeyWithPrf({ ctx, nearAccountId, authenticators, se
|
|
|
2520
2493
|
try {
|
|
2521
2494
|
console.info("WebAuthnManager: Starting private key decryption with dual PRF (local operation)");
|
|
2522
2495
|
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2523
|
-
const
|
|
2524
|
-
if (!
|
|
2496
|
+
const keyMaterial = await ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
2497
|
+
if (!keyMaterial) throw new Error(`No key material found for account: ${nearAccountId}`);
|
|
2525
2498
|
const response = await ctx.sendMessage({
|
|
2526
2499
|
sessionId,
|
|
2527
2500
|
message: {
|
|
2528
2501
|
type: WorkerRequestType.DecryptPrivateKeyWithPrf,
|
|
2529
2502
|
payload: withSessionId(sessionId, {
|
|
2530
2503
|
nearAccountId,
|
|
2531
|
-
encryptedPrivateKeyData:
|
|
2532
|
-
encryptedPrivateKeyChacha20NonceB64u:
|
|
2504
|
+
encryptedPrivateKeyData: keyMaterial.encryptedSk,
|
|
2505
|
+
encryptedPrivateKeyChacha20NonceB64u: keyMaterial.chacha20NonceB64u
|
|
2533
2506
|
})
|
|
2534
2507
|
}
|
|
2535
2508
|
});
|
|
@@ -2577,122 +2550,461 @@ const generateSessionId = () => {
|
|
|
2577
2550
|
return typeof crypto !== "undefined" && typeof crypto.randomUUID === "function" ? crypto.randomUUID() : `sign-session-${Date.now()}-${Math.random().toString(16).slice(2)}`;
|
|
2578
2551
|
};
|
|
2579
2552
|
|
|
2553
|
+
//#endregion
|
|
2554
|
+
//#region src/core/threshold/thresholdEd25519RelayerHealth.ts
|
|
2555
|
+
const DEFAULT_CACHE_TTL_MS = 6e4;
|
|
2556
|
+
const cache = /* @__PURE__ */ new Map();
|
|
2557
|
+
const inFlight = /* @__PURE__ */ new Map();
|
|
2558
|
+
const DEFAULT_WARN_TTL_MS = 10 * 6e4;
|
|
2559
|
+
const MAX_WARN_KEYS = 1e3;
|
|
2560
|
+
const warnedUnsupportedRelayerByKey = /* @__PURE__ */ new Map();
|
|
2561
|
+
async function isRelayerThresholdEd25519ConfiguredBase(base$1, opts) {
|
|
2562
|
+
if (!base$1) return false;
|
|
2563
|
+
if (typeof fetch !== "function") return false;
|
|
2564
|
+
const ttlMs = Math.max(0, Number(opts?.cacheTtlMs ?? DEFAULT_CACHE_TTL_MS));
|
|
2565
|
+
const now = Date.now();
|
|
2566
|
+
const cached = cache.get(base$1);
|
|
2567
|
+
if (cached && cached.expiresAtMs > now) return cached.configured;
|
|
2568
|
+
const existing = inFlight.get(base$1);
|
|
2569
|
+
if (existing) return existing;
|
|
2570
|
+
const req = (async () => {
|
|
2571
|
+
try {
|
|
2572
|
+
const res = await fetch(`${base$1}/threshold-ed25519/healthz`, { method: "GET" });
|
|
2573
|
+
if (!res.ok) {
|
|
2574
|
+
cache.set(base$1, {
|
|
2575
|
+
configured: false,
|
|
2576
|
+
expiresAtMs: now + ttlMs
|
|
2577
|
+
});
|
|
2578
|
+
return false;
|
|
2579
|
+
}
|
|
2580
|
+
const data = await res.json().catch(() => null);
|
|
2581
|
+
const configured = data?.configured === true;
|
|
2582
|
+
cache.set(base$1, {
|
|
2583
|
+
configured,
|
|
2584
|
+
expiresAtMs: now + ttlMs
|
|
2585
|
+
});
|
|
2586
|
+
return configured;
|
|
2587
|
+
} catch {
|
|
2588
|
+
cache.set(base$1, {
|
|
2589
|
+
configured: false,
|
|
2590
|
+
expiresAtMs: now + ttlMs
|
|
2591
|
+
});
|
|
2592
|
+
return false;
|
|
2593
|
+
} finally {
|
|
2594
|
+
inFlight.delete(base$1);
|
|
2595
|
+
}
|
|
2596
|
+
})();
|
|
2597
|
+
inFlight.set(base$1, req);
|
|
2598
|
+
return req;
|
|
2599
|
+
}
|
|
2600
|
+
function coerceThresholdBehavior(input) {
|
|
2601
|
+
return input === "fallback" || input === "strict" ? input : DEFAULT_THRESHOLD_BEHAVIOR;
|
|
2602
|
+
}
|
|
2603
|
+
function pruneWarned(nowMs) {
|
|
2604
|
+
if (warnedUnsupportedRelayerByKey.size <= MAX_WARN_KEYS) return;
|
|
2605
|
+
for (const [key, expiresAtMs] of warnedUnsupportedRelayerByKey.entries()) if (expiresAtMs <= nowMs) warnedUnsupportedRelayerByKey.delete(key);
|
|
2606
|
+
while (warnedUnsupportedRelayerByKey.size > MAX_WARN_KEYS) {
|
|
2607
|
+
const first = warnedUnsupportedRelayerByKey.keys().next().value;
|
|
2608
|
+
if (!first) break;
|
|
2609
|
+
warnedUnsupportedRelayerByKey.delete(first);
|
|
2610
|
+
}
|
|
2611
|
+
}
|
|
2612
|
+
function warnOnce(key, message, opts) {
|
|
2613
|
+
const nowMs = Date.now();
|
|
2614
|
+
const ttlMs = Math.max(0, Math.floor(opts?.warnTtlMs ?? DEFAULT_WARN_TTL_MS));
|
|
2615
|
+
if (ttlMs === 0) return;
|
|
2616
|
+
pruneWarned(nowMs);
|
|
2617
|
+
const existing = warnedUnsupportedRelayerByKey.get(key);
|
|
2618
|
+
if (existing && existing > nowMs) return;
|
|
2619
|
+
warnedUnsupportedRelayerByKey.set(key, nowMs + ttlMs);
|
|
2620
|
+
console.warn(message);
|
|
2621
|
+
opts?.warnings?.push(message);
|
|
2622
|
+
}
|
|
2623
|
+
async function fallbackToLocalSignerIfRelayerUnsupported(args) {
|
|
2624
|
+
const requested = args.signerMode.mode;
|
|
2625
|
+
if (requested !== "threshold-signer") return requested;
|
|
2626
|
+
const base$1 = stripTrailingSlashes(toTrimmedString(args.relayerUrl));
|
|
2627
|
+
const behavior = coerceThresholdBehavior(getThresholdBehaviorFromSignerMode(args.signerMode));
|
|
2628
|
+
const configured = await isRelayerThresholdEd25519ConfiguredBase(base$1, { cacheTtlMs: args.cacheTtlMs });
|
|
2629
|
+
if (configured) return requested;
|
|
2630
|
+
const msg = "[WebAuthnManager] signerMode=threshold-signer requested but the relayer does not support threshold signing";
|
|
2631
|
+
if (behavior === "fallback") {
|
|
2632
|
+
warnOnce(`${args.nearAccountId}|${base$1}`, `${msg}; falling back to local-signer`, {
|
|
2633
|
+
warnTtlMs: args.warnTtlMs,
|
|
2634
|
+
warnings: args.warnings
|
|
2635
|
+
});
|
|
2636
|
+
return "local-signer";
|
|
2637
|
+
}
|
|
2638
|
+
throw new Error(`${msg}; set signerMode={ mode: 'threshold-signer', behavior: 'fallback' } to allow local-signer fallback`);
|
|
2639
|
+
}
|
|
2640
|
+
async function resolveSignerModeForThresholdSigning(args) {
|
|
2641
|
+
const requested = args.signerMode.mode;
|
|
2642
|
+
if (requested !== "threshold-signer") return requested;
|
|
2643
|
+
const behavior = coerceThresholdBehavior(getThresholdBehaviorFromSignerMode(args.signerMode));
|
|
2644
|
+
if (!args.hasThresholdKeyMaterial) {
|
|
2645
|
+
const msg = "[WebAuthnManager] signerMode=threshold-signer requested but threshold key material is unavailable";
|
|
2646
|
+
if (behavior === "fallback") {
|
|
2647
|
+
warnOnce(`${args.nearAccountId}|threshold-key-material-missing`, `${msg}; falling back to local-signer`, {
|
|
2648
|
+
warnTtlMs: args.warnTtlMs,
|
|
2649
|
+
warnings: args.warnings
|
|
2650
|
+
});
|
|
2651
|
+
return "local-signer";
|
|
2652
|
+
}
|
|
2653
|
+
throw new Error(`${msg}; set signerMode={ mode: 'threshold-signer', behavior: 'fallback' } to allow local-signer fallback`);
|
|
2654
|
+
}
|
|
2655
|
+
return fallbackToLocalSignerIfRelayerUnsupported({
|
|
2656
|
+
nearAccountId: args.nearAccountId,
|
|
2657
|
+
signerMode: args.signerMode,
|
|
2658
|
+
relayerUrl: args.relayerUrl,
|
|
2659
|
+
warnings: args.warnings,
|
|
2660
|
+
cacheTtlMs: args.cacheTtlMs,
|
|
2661
|
+
warnTtlMs: args.warnTtlMs
|
|
2662
|
+
});
|
|
2663
|
+
}
|
|
2664
|
+
|
|
2665
|
+
//#endregion
|
|
2666
|
+
//#region src/core/threshold/thresholdEd25519AuthSession.ts
|
|
2667
|
+
const authSessionCache = /* @__PURE__ */ new Map();
|
|
2668
|
+
function makeThresholdEd25519AuthSessionCacheKey(args) {
|
|
2669
|
+
const relayerUrl = stripTrailingSlashes(toTrimmedString(args.relayerUrl));
|
|
2670
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(args.participantIds);
|
|
2671
|
+
return [
|
|
2672
|
+
String(args.nearAccountId || "").trim(),
|
|
2673
|
+
String(args.rpId || "").trim(),
|
|
2674
|
+
relayerUrl,
|
|
2675
|
+
String(args.relayerKeyId || "").trim(),
|
|
2676
|
+
...participantIds ? [participantIds.join(",")] : []
|
|
2677
|
+
].join("|");
|
|
2678
|
+
}
|
|
2679
|
+
function getCachedThresholdEd25519AuthSession(cacheKey) {
|
|
2680
|
+
const entry = authSessionCache.get(cacheKey);
|
|
2681
|
+
if (!entry) return null;
|
|
2682
|
+
if (typeof entry.expiresAtMs === "number" && Number.isFinite(entry.expiresAtMs) && Date.now() >= entry.expiresAtMs) {
|
|
2683
|
+
authSessionCache.delete(cacheKey);
|
|
2684
|
+
return null;
|
|
2685
|
+
}
|
|
2686
|
+
return entry;
|
|
2687
|
+
}
|
|
2688
|
+
function clearCachedThresholdEd25519AuthSession(cacheKey) {
|
|
2689
|
+
authSessionCache.delete(cacheKey);
|
|
2690
|
+
}
|
|
2691
|
+
function getCachedThresholdEd25519AuthSessionJwt(cacheKey) {
|
|
2692
|
+
const cached = getCachedThresholdEd25519AuthSession(cacheKey);
|
|
2693
|
+
const jwt = cached?.jwt;
|
|
2694
|
+
if (typeof jwt === "string") {
|
|
2695
|
+
const trimmed = jwt.trim();
|
|
2696
|
+
if (trimmed) return trimmed;
|
|
2697
|
+
}
|
|
2698
|
+
if (cached) clearCachedThresholdEd25519AuthSession(cacheKey);
|
|
2699
|
+
return void 0;
|
|
2700
|
+
}
|
|
2701
|
+
|
|
2702
|
+
//#endregion
|
|
2703
|
+
//#region src/core/threshold/thresholdSessionPolicy.ts
|
|
2704
|
+
const THRESHOLD_SESSION_POLICY_MAX_TTL_MS = 10 * 6e4;
|
|
2705
|
+
const DEFAULT_THRESHOLD_SESSION_POLICY = {
|
|
2706
|
+
ttlMs: 5 * 6e4,
|
|
2707
|
+
remainingUses: 5
|
|
2708
|
+
};
|
|
2709
|
+
function isThresholdSessionAuthUnavailableError(err) {
|
|
2710
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
2711
|
+
return msg.includes("no cached threshold session token") || msg.includes("relayer threshold session expired") || msg.includes("threshold session exhausted") || msg.includes("threshold session expired") || msg.includes("Missing or invalid threshold session token") || msg.includes("Invalid session token kind") || msg.includes("/authorize HTTP 401") || msg.includes("/authorize HTTP 403");
|
|
2712
|
+
}
|
|
2713
|
+
function isThresholdSignerMissingKeyError(err) {
|
|
2714
|
+
const msg = (err instanceof Error ? err.message : String(err)).toLowerCase();
|
|
2715
|
+
return msg.includes("\"code\":\"missing_key\"") || msg.includes("missing_key") || msg.includes("unknown relayerkeyid") || msg.includes("call /threshold-ed25519/keygen");
|
|
2716
|
+
}
|
|
2717
|
+
|
|
2580
2718
|
//#endregion
|
|
2581
2719
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.ts
|
|
2582
2720
|
/**
|
|
2583
2721
|
* Sign multiple transactions with shared VRF challenge and credential
|
|
2584
2722
|
* Efficiently processes multiple transactions with one PRF authentication
|
|
2585
2723
|
*/
|
|
2586
|
-
async function signTransactionsWithActions({ ctx, transactions, rpcCall, onEvent, confirmationConfigOverride, title, body
|
|
2587
|
-
|
|
2588
|
-
|
|
2589
|
-
|
|
2590
|
-
|
|
2591
|
-
|
|
2592
|
-
|
|
2593
|
-
try {
|
|
2594
|
-
validateActionArgsWasm(action);
|
|
2595
|
-
} catch (error) {
|
|
2596
|
-
throw new Error(`Transaction ${txIndex}, Action ${actionIndex} validation failed: ${error instanceof Error ? error.message : "Unknown error"}`);
|
|
2597
|
-
}
|
|
2598
|
-
});
|
|
2724
|
+
async function signTransactionsWithActions({ ctx, sessionId: providedSessionId, transactions, rpcCall, signerMode, onEvent, confirmationConfigOverride, title, body }) {
|
|
2725
|
+
const sessionId = providedSessionId ?? generateSessionId();
|
|
2726
|
+
const nearAccountId = rpcCall.nearAccountId;
|
|
2727
|
+
const relayerUrl = ctx.relayerUrl;
|
|
2728
|
+
transactions.forEach((txPayload) => {
|
|
2729
|
+
txPayload.actions.forEach((action) => {
|
|
2730
|
+
validateActionArgsWasm(action);
|
|
2599
2731
|
});
|
|
2600
|
-
|
|
2601
|
-
|
|
2602
|
-
|
|
2603
|
-
|
|
2604
|
-
|
|
2605
|
-
|
|
2606
|
-
|
|
2607
|
-
|
|
2608
|
-
|
|
2609
|
-
|
|
2610
|
-
|
|
2611
|
-
|
|
2612
|
-
|
|
2613
|
-
|
|
2614
|
-
|
|
2732
|
+
});
|
|
2733
|
+
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2734
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
2735
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
2736
|
+
const warnings = [];
|
|
2737
|
+
const thresholdBehavior = getThresholdBehaviorFromSignerMode(signerMode);
|
|
2738
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
2739
|
+
nearAccountId,
|
|
2740
|
+
signerMode,
|
|
2741
|
+
relayerUrl,
|
|
2742
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial,
|
|
2743
|
+
warnings
|
|
2744
|
+
});
|
|
2745
|
+
console.debug("[signTransactionsWithActions] resolvedSignerMode", {
|
|
2746
|
+
nearAccountId,
|
|
2747
|
+
resolvedSignerMode,
|
|
2748
|
+
warnings
|
|
2749
|
+
});
|
|
2750
|
+
const signingContext = validateAndPrepareSigningContext({
|
|
2751
|
+
nearAccountId,
|
|
2752
|
+
resolvedSignerMode,
|
|
2753
|
+
relayerUrl,
|
|
2754
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
2755
|
+
localKeyMaterial,
|
|
2756
|
+
thresholdKeyMaterial
|
|
2757
|
+
});
|
|
2758
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), signingContext.signingNearPublicKeyStr);
|
|
2759
|
+
const resolvedRpcCall = {
|
|
2760
|
+
contractId: rpcCall.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId,
|
|
2761
|
+
nearRpcUrl: rpcCall.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl,
|
|
2762
|
+
nearAccountId: rpcCall.nearAccountId
|
|
2763
|
+
};
|
|
2764
|
+
const txSigningRequests = transactions.map((tx) => ({
|
|
2765
|
+
nearAccountId: rpcCall.nearAccountId,
|
|
2766
|
+
receiverId: tx.receiverId,
|
|
2767
|
+
actions: tx.actions
|
|
2768
|
+
}));
|
|
2769
|
+
if (!ctx.vrfWorkerManager) throw new Error("VrfWorkerManager not available for signing");
|
|
2770
|
+
const confirmation = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2771
|
+
ctx,
|
|
2772
|
+
sessionId,
|
|
2773
|
+
kind: "transaction",
|
|
2774
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
2775
|
+
txSigningRequests: transactions,
|
|
2776
|
+
rpcCall: resolvedRpcCall,
|
|
2777
|
+
confirmationConfigOverride,
|
|
2778
|
+
title,
|
|
2779
|
+
body
|
|
2780
|
+
});
|
|
2781
|
+
let { intentDigest, transactionContext, vrfChallenge, credential } = extractSigningEvidenceFromConfirmation$2(confirmation);
|
|
2782
|
+
if (signingContext.threshold) {
|
|
2783
|
+
const requestPayload = {
|
|
2784
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
2615
2785
|
rpcCall: resolvedRpcCall,
|
|
2616
|
-
|
|
2617
|
-
|
|
2618
|
-
|
|
2619
|
-
|
|
2620
|
-
|
|
2621
|
-
|
|
2622
|
-
|
|
2623
|
-
|
|
2624
|
-
|
|
2625
|
-
|
|
2626
|
-
|
|
2627
|
-
|
|
2628
|
-
|
|
2629
|
-
|
|
2630
|
-
|
|
2631
|
-
|
|
2632
|
-
|
|
2633
|
-
|
|
2634
|
-
|
|
2635
|
-
|
|
2636
|
-
|
|
2637
|
-
|
|
2638
|
-
|
|
2786
|
+
createdAt: Date.now(),
|
|
2787
|
+
decryption: {
|
|
2788
|
+
encryptedPrivateKeyData: "",
|
|
2789
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
2790
|
+
},
|
|
2791
|
+
threshold: {
|
|
2792
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
2793
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
2794
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
2795
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
2796
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
2797
|
+
thresholdSessionKind: "jwt",
|
|
2798
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
2799
|
+
},
|
|
2800
|
+
txSigningRequests,
|
|
2801
|
+
intentDigest,
|
|
2802
|
+
transactionContext,
|
|
2803
|
+
vrfChallenge,
|
|
2804
|
+
credential
|
|
2805
|
+
};
|
|
2806
|
+
for (let attempt = 0; attempt < 2; attempt++) try {
|
|
2807
|
+
const response = await ctx.sendMessage({
|
|
2808
|
+
sessionId,
|
|
2809
|
+
message: {
|
|
2810
|
+
type: WorkerRequestType.SignTransactionsWithActions,
|
|
2811
|
+
payload: requestPayload
|
|
2812
|
+
},
|
|
2813
|
+
onEvent
|
|
2814
|
+
});
|
|
2815
|
+
const okResponse = requireOkSignTransactionsWithActionsResponse(response);
|
|
2816
|
+
return toSignedTransactionResults({
|
|
2817
|
+
okResponse,
|
|
2818
|
+
expectedTransactionCount: transactions.length,
|
|
2819
|
+
nearAccountId,
|
|
2820
|
+
warnings
|
|
2821
|
+
});
|
|
2822
|
+
} catch (e) {
|
|
2823
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
2824
|
+
if (thresholdBehavior === "fallback" && isThresholdSignerMissingKeyError(err)) {
|
|
2825
|
+
const msg = "[WebAuthnManager] threshold-signer requested but the relayer is missing the signing share; falling back to local-signer";
|
|
2826
|
+
console.warn(msg);
|
|
2827
|
+
warnings.push(msg);
|
|
2828
|
+
try {
|
|
2829
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
2830
|
+
} catch {}
|
|
2831
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
2832
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
2833
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), localKeyMaterial.publicKey);
|
|
2834
|
+
if (!credential || !vrfChallenge) {
|
|
2835
|
+
const refreshed = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2836
|
+
ctx,
|
|
2837
|
+
sessionId,
|
|
2838
|
+
kind: "transaction",
|
|
2839
|
+
signingAuthMode: "webauthn",
|
|
2840
|
+
txSigningRequests: transactions,
|
|
2841
|
+
rpcCall: resolvedRpcCall,
|
|
2842
|
+
confirmationConfigOverride,
|
|
2843
|
+
title,
|
|
2844
|
+
body
|
|
2845
|
+
});
|
|
2846
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$2(refreshed));
|
|
2847
|
+
} else transactionContext = await ctx.nonceManager.getNonceBlockHashAndHeight(ctx.nearClient, { force: true });
|
|
2848
|
+
return await signTransactionsWithActionsLocally({
|
|
2849
|
+
ctx,
|
|
2850
|
+
sessionId,
|
|
2851
|
+
onEvent,
|
|
2852
|
+
resolvedRpcCall,
|
|
2853
|
+
localKeyMaterial,
|
|
2639
2854
|
txSigningRequests,
|
|
2640
2855
|
intentDigest,
|
|
2641
2856
|
transactionContext,
|
|
2642
|
-
credential
|
|
2857
|
+
credential,
|
|
2858
|
+
expectedTransactionCount: transactions.length,
|
|
2859
|
+
warnings
|
|
2860
|
+
});
|
|
2861
|
+
}
|
|
2862
|
+
if (attempt === 0 && isThresholdSessionAuthUnavailableError(err)) {
|
|
2863
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
2864
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
2865
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
2866
|
+
if (!credential || !vrfChallenge) {
|
|
2867
|
+
const refreshed = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2868
|
+
ctx,
|
|
2869
|
+
sessionId,
|
|
2870
|
+
kind: "transaction",
|
|
2871
|
+
signingAuthMode: "webauthn",
|
|
2872
|
+
txSigningRequests: transactions,
|
|
2873
|
+
rpcCall: resolvedRpcCall,
|
|
2874
|
+
confirmationConfigOverride,
|
|
2875
|
+
title,
|
|
2876
|
+
body
|
|
2877
|
+
});
|
|
2878
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$2(refreshed));
|
|
2879
|
+
requestPayload.intentDigest = intentDigest;
|
|
2880
|
+
requestPayload.transactionContext = transactionContext;
|
|
2881
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
2882
|
+
requestPayload.credential = credential;
|
|
2643
2883
|
}
|
|
2644
|
-
|
|
2645
|
-
|
|
2646
|
-
|
|
2647
|
-
if (!isSignTransactionsWithActionsSuccess(response)) {
|
|
2648
|
-
console.error("WebAuthnManager: Batch transaction signing failed:", response);
|
|
2649
|
-
const payloadError = isObject(response?.payload) && response?.payload?.error;
|
|
2650
|
-
throw new Error(payloadError || "Batch transaction signing failed");
|
|
2884
|
+
continue;
|
|
2885
|
+
}
|
|
2886
|
+
throw err;
|
|
2651
2887
|
}
|
|
2652
|
-
if (!response.payload.success) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2653
|
-
const signedTransactions = response.payload.signedTransactions || [];
|
|
2654
|
-
if (signedTransactions.length !== transactions.length) throw new Error(`Expected ${transactions.length} signed transactions but received ${signedTransactions.length}`);
|
|
2655
|
-
const results = signedTransactions.map((signedTx, index) => {
|
|
2656
|
-
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error(`Incomplete signed transaction data received for transaction ${index + 1}`);
|
|
2657
|
-
return {
|
|
2658
|
-
signedTransaction: new SignedTransaction({
|
|
2659
|
-
transaction: signedTx.transaction,
|
|
2660
|
-
signature: signedTx.signature,
|
|
2661
|
-
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
2662
|
-
}),
|
|
2663
|
-
nearAccountId: toAccountId(nearAccountId),
|
|
2664
|
-
logs: response.payload.logs
|
|
2665
|
-
};
|
|
2666
|
-
});
|
|
2667
|
-
return results;
|
|
2668
|
-
} catch (error) {
|
|
2669
|
-
console.error("WebAuthnManager: Batch transaction signing error:", error);
|
|
2670
|
-
throw error;
|
|
2671
2888
|
}
|
|
2889
|
+
return await signTransactionsWithActionsLocally({
|
|
2890
|
+
ctx,
|
|
2891
|
+
sessionId,
|
|
2892
|
+
onEvent,
|
|
2893
|
+
resolvedRpcCall,
|
|
2894
|
+
localKeyMaterial,
|
|
2895
|
+
txSigningRequests,
|
|
2896
|
+
intentDigest,
|
|
2897
|
+
transactionContext,
|
|
2898
|
+
credential,
|
|
2899
|
+
expectedTransactionCount: transactions.length,
|
|
2900
|
+
warnings
|
|
2901
|
+
});
|
|
2672
2902
|
}
|
|
2673
|
-
|
|
2674
|
-
|
|
2675
|
-
|
|
2676
|
-
|
|
2677
|
-
|
|
2678
|
-
|
|
2679
|
-
|
|
2680
|
-
|
|
2681
|
-
|
|
2682
|
-
|
|
2683
|
-
|
|
2684
|
-
|
|
2685
|
-
|
|
2686
|
-
|
|
2687
|
-
|
|
2688
|
-
|
|
2689
|
-
|
|
2690
|
-
|
|
2691
|
-
|
|
2903
|
+
async function signTransactionsWithActionsLocally(args) {
|
|
2904
|
+
const response = await args.ctx.sendMessage({
|
|
2905
|
+
sessionId: args.sessionId,
|
|
2906
|
+
message: {
|
|
2907
|
+
type: WorkerRequestType.SignTransactionsWithActions,
|
|
2908
|
+
payload: {
|
|
2909
|
+
signerMode: "local-signer",
|
|
2910
|
+
rpcCall: args.resolvedRpcCall,
|
|
2911
|
+
createdAt: Date.now(),
|
|
2912
|
+
decryption: {
|
|
2913
|
+
encryptedPrivateKeyData: args.localKeyMaterial.encryptedSk,
|
|
2914
|
+
encryptedPrivateKeyChacha20NonceB64u: args.localKeyMaterial.chacha20NonceB64u
|
|
2915
|
+
},
|
|
2916
|
+
txSigningRequests: args.txSigningRequests,
|
|
2917
|
+
intentDigest: args.intentDigest,
|
|
2918
|
+
transactionContext: args.transactionContext,
|
|
2919
|
+
credential: args.credential
|
|
2920
|
+
}
|
|
2921
|
+
},
|
|
2922
|
+
onEvent: args.onEvent
|
|
2923
|
+
});
|
|
2924
|
+
const okResponse = requireOkSignTransactionsWithActionsResponse(response);
|
|
2925
|
+
return toSignedTransactionResults({
|
|
2926
|
+
okResponse,
|
|
2927
|
+
expectedTransactionCount: args.expectedTransactionCount,
|
|
2928
|
+
nearAccountId: args.resolvedRpcCall.nearAccountId,
|
|
2929
|
+
warnings: args.warnings
|
|
2930
|
+
});
|
|
2931
|
+
}
|
|
2932
|
+
function toSignedTransactionResults(args) {
|
|
2933
|
+
const signedTransactions = args.okResponse.payload.signedTransactions || [];
|
|
2934
|
+
if (signedTransactions.length !== args.expectedTransactionCount) throw new Error(`Expected ${args.expectedTransactionCount} signed transactions but received ${signedTransactions.length}`);
|
|
2935
|
+
return signedTransactions.map((signedTx, index) => {
|
|
2936
|
+
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error(`Incomplete signed transaction data received for transaction ${index + 1}`);
|
|
2937
|
+
return {
|
|
2938
|
+
signedTransaction: new SignedTransaction({
|
|
2939
|
+
transaction: signedTx.transaction,
|
|
2940
|
+
signature: signedTx.signature,
|
|
2941
|
+
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
2942
|
+
}),
|
|
2943
|
+
nearAccountId: toAccountId(args.nearAccountId),
|
|
2944
|
+
logs: [...args.okResponse.payload.logs || [], ...args.warnings]
|
|
2945
|
+
};
|
|
2946
|
+
});
|
|
2947
|
+
}
|
|
2948
|
+
function validateAndPrepareSigningContext(args) {
|
|
2949
|
+
const localPublicKey = String(args.localKeyMaterial.publicKey || "").trim();
|
|
2950
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
2951
|
+
if (args.resolvedSignerMode !== "threshold-signer") return {
|
|
2952
|
+
resolvedSignerMode: "local-signer",
|
|
2953
|
+
signingNearPublicKeyStr: localPublicKey,
|
|
2954
|
+
threshold: null
|
|
2955
|
+
};
|
|
2956
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
2957
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
2958
|
+
const thresholdPublicKey = String(thresholdKeyMaterial.publicKey || "").trim();
|
|
2959
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
2960
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
2961
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
2962
|
+
const rpId = String(args.rpId || "").trim();
|
|
2963
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
2964
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
2965
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
2966
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
2967
|
+
nearAccountId: args.nearAccountId,
|
|
2968
|
+
rpId,
|
|
2969
|
+
relayerUrl,
|
|
2970
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
2971
|
+
participantIds
|
|
2972
|
+
});
|
|
2973
|
+
return {
|
|
2974
|
+
resolvedSignerMode: "threshold-signer",
|
|
2975
|
+
signingNearPublicKeyStr: thresholdPublicKey,
|
|
2976
|
+
threshold: {
|
|
2977
|
+
relayerUrl,
|
|
2978
|
+
thresholdKeyMaterial,
|
|
2979
|
+
thresholdSessionCacheKey,
|
|
2980
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
2981
|
+
}
|
|
2982
|
+
};
|
|
2983
|
+
}
|
|
2984
|
+
function extractSigningEvidenceFromConfirmation$2(confirmation) {
|
|
2985
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
2986
|
+
return {
|
|
2987
|
+
intentDigest: confirmation.intentDigest,
|
|
2988
|
+
transactionContext: confirmation.transactionContext,
|
|
2989
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
2990
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
2991
|
+
};
|
|
2992
|
+
}
|
|
2993
|
+
function requireOkSignTransactionsWithActionsResponse(response) {
|
|
2994
|
+
if (!isSignTransactionsWithActionsSuccess(response)) {
|
|
2995
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2996
|
+
throw new Error("Batch transaction signing failed");
|
|
2997
|
+
}
|
|
2998
|
+
if (!response.payload.success) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2999
|
+
return response;
|
|
2692
3000
|
}
|
|
2693
3001
|
|
|
2694
3002
|
//#endregion
|
|
2695
3003
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.ts
|
|
3004
|
+
const toPublicKeyString = (pk) => {
|
|
3005
|
+
if (typeof pk === "string") return pk;
|
|
3006
|
+
return ensureEd25519Prefix(base58Encode(pk.keyData));
|
|
3007
|
+
};
|
|
2696
3008
|
function validateTransactionContextMaybe(input) {
|
|
2697
3009
|
if (input == null) return void 0;
|
|
2698
3010
|
if (!isObject(input)) throw new Error("Invalid transactionContext: expected object");
|
|
@@ -2753,16 +3065,13 @@ function parseAndValidateRegistrationCredentialConfirmationPayload(payload) {
|
|
|
2753
3065
|
error: normalizedError
|
|
2754
3066
|
};
|
|
2755
3067
|
}
|
|
2756
|
-
const toPublicKeyString = (pk) => {
|
|
2757
|
-
if (typeof pk === "string") return pk;
|
|
2758
|
-
return ensureEd25519Prefix(base58Encode(pk.keyData));
|
|
2759
|
-
};
|
|
2760
3068
|
|
|
2761
3069
|
//#endregion
|
|
2762
3070
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.ts
|
|
2763
|
-
async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmationConfigOverride, title, body, sessionId: providedSessionId }) {
|
|
3071
|
+
async function signDelegateAction({ ctx, delegate, rpcCall, signerMode, onEvent, confirmationConfigOverride, title, body, sessionId: providedSessionId }) {
|
|
2764
3072
|
const sessionId = providedSessionId ?? generateSessionId();
|
|
2765
3073
|
const nearAccountId = rpcCall.nearAccountId || delegate.senderId;
|
|
3074
|
+
const relayerUrl = ctx.relayerUrl;
|
|
2766
3075
|
const resolvedRpcCall = {
|
|
2767
3076
|
contractId: rpcCall.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId,
|
|
2768
3077
|
nearRpcUrl: rpcCall.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl.split(",")[0] || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl,
|
|
@@ -2777,13 +3086,34 @@ async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmatio
|
|
|
2777
3086
|
}
|
|
2778
3087
|
});
|
|
2779
3088
|
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2780
|
-
const
|
|
2781
|
-
if (!
|
|
2782
|
-
|
|
2783
|
-
const
|
|
3089
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
3090
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
3091
|
+
const warnings = [];
|
|
3092
|
+
const vrfWorkerManager = ctx.vrfWorkerManager;
|
|
3093
|
+
if (!vrfWorkerManager) throw new Error("VrfWorkerManager not available for delegate signing");
|
|
3094
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
3095
|
+
nearAccountId,
|
|
3096
|
+
signerMode,
|
|
3097
|
+
relayerUrl,
|
|
3098
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial,
|
|
3099
|
+
warnings
|
|
3100
|
+
});
|
|
3101
|
+
const signingContext = validateAndPrepareDelegateSigningContext({
|
|
3102
|
+
nearAccountId,
|
|
3103
|
+
resolvedSignerMode,
|
|
3104
|
+
relayerUrl,
|
|
3105
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
3106
|
+
localKeyMaterial,
|
|
3107
|
+
thresholdKeyMaterial,
|
|
3108
|
+
providedDelegatePublicKey: delegate.publicKey,
|
|
3109
|
+
warnings
|
|
3110
|
+
});
|
|
3111
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), signingContext.signingNearPublicKeyStr);
|
|
3112
|
+
const confirmation = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2784
3113
|
ctx,
|
|
2785
3114
|
sessionId,
|
|
2786
3115
|
kind: "delegate",
|
|
3116
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
2787
3117
|
nearAccountId,
|
|
2788
3118
|
delegate: {
|
|
2789
3119
|
senderId: delegate.senderId || nearAccountId,
|
|
@@ -2797,53 +3127,186 @@ async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmatio
|
|
|
2797
3127
|
title,
|
|
2798
3128
|
body
|
|
2799
3129
|
});
|
|
2800
|
-
|
|
2801
|
-
const
|
|
2802
|
-
|
|
2803
|
-
|
|
2804
|
-
|
|
2805
|
-
|
|
2806
|
-
|
|
2807
|
-
|
|
2808
|
-
|
|
2809
|
-
|
|
2810
|
-
|
|
2811
|
-
|
|
2812
|
-
|
|
2813
|
-
|
|
3130
|
+
let { intentDigest, transactionContext, vrfChallenge, credential } = extractSigningEvidenceFromConfirmation$1(confirmation);
|
|
3131
|
+
const delegatePayload = {
|
|
3132
|
+
senderId: delegate.senderId || nearAccountId,
|
|
3133
|
+
receiverId: delegate.receiverId,
|
|
3134
|
+
actions: actionsWasm,
|
|
3135
|
+
nonce: delegate.nonce.toString(),
|
|
3136
|
+
maxBlockHeight: delegate.maxBlockHeight.toString(),
|
|
3137
|
+
publicKey: signingContext.delegatePublicKeyStr
|
|
3138
|
+
};
|
|
3139
|
+
if (!signingContext.threshold) {
|
|
3140
|
+
const response = await ctx.sendMessage({
|
|
3141
|
+
sessionId,
|
|
3142
|
+
message: {
|
|
3143
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3144
|
+
payload: {
|
|
3145
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3146
|
+
rpcCall: resolvedRpcCall,
|
|
3147
|
+
createdAt: Date.now(),
|
|
3148
|
+
decryption: {
|
|
3149
|
+
encryptedPrivateKeyData: localKeyMaterial.encryptedSk,
|
|
3150
|
+
encryptedPrivateKeyChacha20NonceB64u: localKeyMaterial.chacha20NonceB64u
|
|
3151
|
+
},
|
|
3152
|
+
delegate: delegatePayload,
|
|
3153
|
+
intentDigest,
|
|
3154
|
+
transactionContext,
|
|
3155
|
+
credential
|
|
3156
|
+
}
|
|
3157
|
+
},
|
|
3158
|
+
onEvent
|
|
3159
|
+
});
|
|
3160
|
+
const okResponse$1 = requireOkSignDelegateActionResponse(response);
|
|
3161
|
+
return {
|
|
3162
|
+
signedDelegate: okResponse$1.payload.signedDelegate,
|
|
3163
|
+
hash: okResponse$1.payload.hash,
|
|
3164
|
+
nearAccountId: toAccountId(nearAccountId),
|
|
3165
|
+
logs: [...okResponse$1.payload.logs || [], ...warnings]
|
|
3166
|
+
};
|
|
3167
|
+
}
|
|
3168
|
+
const requestPayload = {
|
|
3169
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3170
|
+
rpcCall: resolvedRpcCall,
|
|
3171
|
+
createdAt: Date.now(),
|
|
3172
|
+
decryption: {
|
|
3173
|
+
encryptedPrivateKeyData: "",
|
|
3174
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
3175
|
+
},
|
|
3176
|
+
threshold: {
|
|
3177
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
3178
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
3179
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
3180
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
3181
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
3182
|
+
thresholdSessionKind: "jwt",
|
|
3183
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
3184
|
+
},
|
|
3185
|
+
delegate: delegatePayload,
|
|
3186
|
+
intentDigest,
|
|
3187
|
+
transactionContext,
|
|
3188
|
+
vrfChallenge,
|
|
3189
|
+
credential
|
|
3190
|
+
};
|
|
3191
|
+
let okResponse;
|
|
3192
|
+
try {
|
|
3193
|
+
const resp = await ctx.sendMessage({
|
|
3194
|
+
sessionId,
|
|
3195
|
+
message: {
|
|
3196
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3197
|
+
payload: requestPayload
|
|
3198
|
+
},
|
|
3199
|
+
onEvent
|
|
3200
|
+
});
|
|
3201
|
+
okResponse = requireOkSignDelegateActionResponse(resp);
|
|
3202
|
+
} catch (e) {
|
|
3203
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
3204
|
+
if (!isThresholdSessionAuthUnavailableError(err)) throw err;
|
|
3205
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
3206
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
3207
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
3208
|
+
if (!credential || !vrfChallenge) {
|
|
3209
|
+
const refreshed = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
3210
|
+
ctx,
|
|
3211
|
+
sessionId,
|
|
3212
|
+
kind: "delegate",
|
|
3213
|
+
signingAuthMode: "webauthn",
|
|
3214
|
+
nearAccountId,
|
|
2814
3215
|
delegate: {
|
|
2815
3216
|
senderId: delegate.senderId || nearAccountId,
|
|
2816
3217
|
receiverId: delegate.receiverId,
|
|
2817
3218
|
actions: actionsWasm,
|
|
2818
|
-
nonce: delegate.nonce
|
|
2819
|
-
maxBlockHeight: delegate.maxBlockHeight
|
|
2820
|
-
publicKey: toPublicKeyString(delegate.publicKey)
|
|
3219
|
+
nonce: delegate.nonce,
|
|
3220
|
+
maxBlockHeight: delegate.maxBlockHeight
|
|
2821
3221
|
},
|
|
2822
|
-
|
|
2823
|
-
|
|
2824
|
-
|
|
2825
|
-
|
|
2826
|
-
|
|
2827
|
-
|
|
2828
|
-
|
|
2829
|
-
|
|
2830
|
-
|
|
2831
|
-
|
|
2832
|
-
|
|
2833
|
-
|
|
2834
|
-
|
|
2835
|
-
|
|
2836
|
-
|
|
2837
|
-
|
|
2838
|
-
|
|
3222
|
+
rpcCall: resolvedRpcCall,
|
|
3223
|
+
confirmationConfigOverride,
|
|
3224
|
+
title,
|
|
3225
|
+
body
|
|
3226
|
+
});
|
|
3227
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$1(refreshed));
|
|
3228
|
+
requestPayload.intentDigest = intentDigest;
|
|
3229
|
+
requestPayload.transactionContext = transactionContext;
|
|
3230
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
3231
|
+
requestPayload.credential = credential;
|
|
3232
|
+
}
|
|
3233
|
+
const resp = await ctx.sendMessage({
|
|
3234
|
+
sessionId,
|
|
3235
|
+
message: {
|
|
3236
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3237
|
+
payload: requestPayload
|
|
3238
|
+
},
|
|
3239
|
+
onEvent
|
|
3240
|
+
});
|
|
3241
|
+
okResponse = requireOkSignDelegateActionResponse(resp);
|
|
2839
3242
|
}
|
|
2840
3243
|
return {
|
|
2841
|
-
signedDelegate: payload.signedDelegate,
|
|
2842
|
-
hash: payload.hash,
|
|
3244
|
+
signedDelegate: okResponse.payload.signedDelegate,
|
|
3245
|
+
hash: okResponse.payload.hash,
|
|
2843
3246
|
nearAccountId: toAccountId(nearAccountId),
|
|
2844
|
-
logs: payload.logs
|
|
3247
|
+
logs: [...okResponse.payload.logs || [], ...warnings]
|
|
3248
|
+
};
|
|
3249
|
+
}
|
|
3250
|
+
function validateAndPrepareDelegateSigningContext(args) {
|
|
3251
|
+
const localPublicKey = ensureEd25519Prefix(args.localKeyMaterial.publicKey);
|
|
3252
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
3253
|
+
const providedDelegatePublicKeyStr = ensureEd25519Prefix(toPublicKeyString(args.providedDelegatePublicKey));
|
|
3254
|
+
if (args.resolvedSignerMode !== "threshold-signer") {
|
|
3255
|
+
if (providedDelegatePublicKeyStr && providedDelegatePublicKeyStr !== localPublicKey) args.warnings.push(`Delegate public key ${providedDelegatePublicKeyStr} does not match local signer key; using ${localPublicKey}`);
|
|
3256
|
+
return {
|
|
3257
|
+
resolvedSignerMode: "local-signer",
|
|
3258
|
+
signingNearPublicKeyStr: localPublicKey,
|
|
3259
|
+
delegatePublicKeyStr: localPublicKey,
|
|
3260
|
+
threshold: null
|
|
3261
|
+
};
|
|
3262
|
+
}
|
|
3263
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
3264
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
3265
|
+
const thresholdPublicKey = ensureEd25519Prefix(thresholdKeyMaterial.publicKey);
|
|
3266
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
3267
|
+
if (providedDelegatePublicKeyStr && providedDelegatePublicKeyStr !== thresholdPublicKey) args.warnings.push(`Delegate public key ${providedDelegatePublicKeyStr} does not match threshold signer key; using ${thresholdPublicKey}`);
|
|
3268
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
3269
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
3270
|
+
const rpId = String(args.rpId || "").trim();
|
|
3271
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
3272
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
3273
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
3274
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
3275
|
+
nearAccountId: args.nearAccountId,
|
|
3276
|
+
rpId,
|
|
3277
|
+
relayerUrl,
|
|
3278
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
3279
|
+
participantIds
|
|
3280
|
+
});
|
|
3281
|
+
return {
|
|
3282
|
+
resolvedSignerMode: "threshold-signer",
|
|
3283
|
+
signingNearPublicKeyStr: thresholdPublicKey,
|
|
3284
|
+
delegatePublicKeyStr: thresholdPublicKey,
|
|
3285
|
+
threshold: {
|
|
3286
|
+
relayerUrl,
|
|
3287
|
+
thresholdKeyMaterial,
|
|
3288
|
+
thresholdSessionCacheKey,
|
|
3289
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
3290
|
+
}
|
|
3291
|
+
};
|
|
3292
|
+
}
|
|
3293
|
+
function extractSigningEvidenceFromConfirmation$1(confirmation) {
|
|
3294
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
3295
|
+
return {
|
|
3296
|
+
intentDigest: confirmation.intentDigest,
|
|
3297
|
+
transactionContext: confirmation.transactionContext,
|
|
3298
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
3299
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
2845
3300
|
};
|
|
2846
3301
|
}
|
|
3302
|
+
function requireOkSignDelegateActionResponse(response) {
|
|
3303
|
+
if (!isSignDelegateActionSuccess(response)) {
|
|
3304
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "Delegate action signing failed");
|
|
3305
|
+
throw new Error("Delegate action signing failed");
|
|
3306
|
+
}
|
|
3307
|
+
if (!response.payload.success || !response.payload.signedDelegate || !response.payload.hash) throw new Error(response.payload.error || "Delegate action signing failed");
|
|
3308
|
+
return response;
|
|
3309
|
+
}
|
|
2847
3310
|
|
|
2848
3311
|
//#endregion
|
|
2849
3312
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.ts
|
|
@@ -2910,12 +3373,8 @@ async function extractCosePublicKey({ ctx, attestationObjectBase64url }) {
|
|
|
2910
3373
|
async function signTransactionWithKeyPair({ ctx, nearPrivateKey, signerAccountId, receiverId, nonce, blockHash, actions }) {
|
|
2911
3374
|
try {
|
|
2912
3375
|
console.info("SignerWorkerManager: Starting transaction signing with provided private key");
|
|
2913
|
-
actions.forEach((action
|
|
2914
|
-
|
|
2915
|
-
validateActionArgsWasm(action);
|
|
2916
|
-
} catch (error) {
|
|
2917
|
-
throw new Error(`Action ${index} validation failed: ${error instanceof Error ? error.message : "Unknown error"}`);
|
|
2918
|
-
}
|
|
3376
|
+
actions.forEach((action) => {
|
|
3377
|
+
validateActionArgsWasm(action);
|
|
2919
3378
|
});
|
|
2920
3379
|
const response = await ctx.sendMessage({ message: {
|
|
2921
3380
|
type: WorkerRequestType.SignTransactionWithKeyPair,
|
|
@@ -2964,16 +3423,34 @@ async function signTransactionWithKeyPair({ ctx, nearPrivateKey, signerAccountId
|
|
|
2964
3423
|
*/
|
|
2965
3424
|
async function signNep413Message({ ctx, payload }) {
|
|
2966
3425
|
try {
|
|
2967
|
-
const deviceNumber = await getLastLoggedInDeviceNumber(payload.accountId, ctx.indexedDB.clientDB);
|
|
2968
|
-
const encryptedKeyData = await ctx.indexedDB.nearKeysDB.getEncryptedKey(payload.accountId, deviceNumber);
|
|
2969
|
-
if (!encryptedKeyData) throw new Error(`No encrypted key found for account: ${payload.accountId}`);
|
|
2970
3426
|
const sessionId = payload.sessionId ?? generateSessionId();
|
|
2971
|
-
|
|
2972
|
-
|
|
3427
|
+
const relayerUrl = ctx.relayerUrl;
|
|
3428
|
+
const nearAccountId = payload.accountId;
|
|
3429
|
+
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
3430
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
3431
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
3432
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
3433
|
+
nearAccountId,
|
|
3434
|
+
signerMode: payload.signerMode,
|
|
3435
|
+
relayerUrl,
|
|
3436
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial
|
|
3437
|
+
});
|
|
3438
|
+
const vrfWorkerManager = ctx.vrfWorkerManager;
|
|
3439
|
+
if (!vrfWorkerManager) throw new Error("VrfWorkerManager not available for NEP-413 signing");
|
|
3440
|
+
const signingContext = validateAndPrepareNep413SigningContext({
|
|
3441
|
+
nearAccountId,
|
|
3442
|
+
resolvedSignerMode,
|
|
3443
|
+
relayerUrl,
|
|
3444
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
3445
|
+
localKeyMaterial,
|
|
3446
|
+
thresholdKeyMaterial
|
|
3447
|
+
});
|
|
3448
|
+
const confirmation = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2973
3449
|
ctx,
|
|
2974
3450
|
sessionId,
|
|
2975
3451
|
kind: "nep413",
|
|
2976
|
-
|
|
3452
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
3453
|
+
nearAccountId,
|
|
2977
3454
|
message: payload.message,
|
|
2978
3455
|
recipient: payload.recipient,
|
|
2979
3456
|
title: payload.title,
|
|
@@ -2982,32 +3459,95 @@ async function signNep413Message({ ctx, payload }) {
|
|
|
2982
3459
|
contractId: payload.contractId,
|
|
2983
3460
|
nearRpcUrl: payload.nearRpcUrl
|
|
2984
3461
|
});
|
|
2985
|
-
|
|
2986
|
-
|
|
2987
|
-
|
|
2988
|
-
|
|
2989
|
-
|
|
3462
|
+
let { vrfChallenge, credential } = extractSigningEvidenceFromConfirmation(confirmation);
|
|
3463
|
+
const requestPayload = {
|
|
3464
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3465
|
+
message: payload.message,
|
|
3466
|
+
recipient: payload.recipient,
|
|
3467
|
+
nonce: payload.nonce,
|
|
3468
|
+
state: payload.state || void 0,
|
|
3469
|
+
accountId: nearAccountId,
|
|
3470
|
+
nearPublicKey: signingContext.nearPublicKey,
|
|
3471
|
+
decryption: signingContext.decryption,
|
|
3472
|
+
threshold: signingContext.threshold ? {
|
|
3473
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
3474
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
3475
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
3476
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
3477
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
3478
|
+
thresholdSessionKind: "jwt",
|
|
3479
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
3480
|
+
} : void 0,
|
|
3481
|
+
vrfChallenge,
|
|
3482
|
+
credential
|
|
3483
|
+
};
|
|
3484
|
+
if (!signingContext.threshold) {
|
|
3485
|
+
const response = await ctx.sendMessage({
|
|
3486
|
+
sessionId,
|
|
3487
|
+
message: {
|
|
3488
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3489
|
+
payload: requestPayload
|
|
3490
|
+
}
|
|
3491
|
+
});
|
|
3492
|
+
const okResponse$1 = requireOkSignNep413MessageResponse(response);
|
|
3493
|
+
return {
|
|
3494
|
+
success: true,
|
|
3495
|
+
accountId: okResponse$1.payload.accountId,
|
|
3496
|
+
publicKey: okResponse$1.payload.publicKey,
|
|
3497
|
+
signature: okResponse$1.payload.signature,
|
|
3498
|
+
state: okResponse$1.payload.state || void 0
|
|
3499
|
+
};
|
|
3500
|
+
}
|
|
3501
|
+
let okResponse;
|
|
3502
|
+
try {
|
|
3503
|
+
const response = await ctx.sendMessage({
|
|
3504
|
+
sessionId,
|
|
3505
|
+
message: {
|
|
3506
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3507
|
+
payload: requestPayload
|
|
3508
|
+
}
|
|
3509
|
+
});
|
|
3510
|
+
okResponse = requireOkSignNep413MessageResponse(response);
|
|
3511
|
+
} catch (e) {
|
|
3512
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
3513
|
+
if (!isThresholdSessionAuthUnavailableError(err)) throw err;
|
|
3514
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
3515
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
3516
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
3517
|
+
if (!credential || !vrfChallenge) {
|
|
3518
|
+
const refreshed = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
3519
|
+
ctx,
|
|
3520
|
+
sessionId,
|
|
3521
|
+
kind: "nep413",
|
|
3522
|
+
signingAuthMode: "webauthn",
|
|
3523
|
+
nearAccountId,
|
|
2990
3524
|
message: payload.message,
|
|
2991
3525
|
recipient: payload.recipient,
|
|
2992
|
-
|
|
2993
|
-
|
|
2994
|
-
|
|
2995
|
-
|
|
2996
|
-
|
|
2997
|
-
}
|
|
3526
|
+
title: payload.title,
|
|
3527
|
+
body: payload.body,
|
|
3528
|
+
confirmationConfigOverride: payload.confirmationConfigOverride,
|
|
3529
|
+
contractId: payload.contractId,
|
|
3530
|
+
nearRpcUrl: payload.nearRpcUrl
|
|
3531
|
+
});
|
|
3532
|
+
({vrfChallenge, credential} = extractSigningEvidenceFromConfirmation(refreshed));
|
|
3533
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
3534
|
+
requestPayload.credential = credential;
|
|
2998
3535
|
}
|
|
2999
|
-
|
|
3000
|
-
|
|
3001
|
-
|
|
3002
|
-
|
|
3003
|
-
|
|
3536
|
+
const response = await ctx.sendMessage({
|
|
3537
|
+
sessionId,
|
|
3538
|
+
message: {
|
|
3539
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3540
|
+
payload: requestPayload
|
|
3541
|
+
}
|
|
3542
|
+
});
|
|
3543
|
+
okResponse = requireOkSignNep413MessageResponse(response);
|
|
3004
3544
|
}
|
|
3005
3545
|
return {
|
|
3006
3546
|
success: true,
|
|
3007
|
-
accountId:
|
|
3008
|
-
publicKey:
|
|
3009
|
-
signature:
|
|
3010
|
-
state:
|
|
3547
|
+
accountId: okResponse.payload.accountId,
|
|
3548
|
+
publicKey: okResponse.payload.publicKey,
|
|
3549
|
+
signature: okResponse.payload.signature,
|
|
3550
|
+
state: okResponse.payload.state || void 0
|
|
3011
3551
|
};
|
|
3012
3552
|
} catch (error) {
|
|
3013
3553
|
console.error("SignerWorkerManager: NEP-413 signing error:", error);
|
|
@@ -3020,6 +3560,64 @@ async function signNep413Message({ ctx, payload }) {
|
|
|
3020
3560
|
};
|
|
3021
3561
|
}
|
|
3022
3562
|
}
|
|
3563
|
+
function validateAndPrepareNep413SigningContext(args) {
|
|
3564
|
+
const localPublicKey = String(args.localKeyMaterial.publicKey || "").trim();
|
|
3565
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
3566
|
+
if (args.resolvedSignerMode !== "threshold-signer") return {
|
|
3567
|
+
resolvedSignerMode: "local-signer",
|
|
3568
|
+
nearPublicKey: localPublicKey,
|
|
3569
|
+
decryption: {
|
|
3570
|
+
encryptedPrivateKeyData: args.localKeyMaterial.encryptedSk,
|
|
3571
|
+
encryptedPrivateKeyChacha20NonceB64u: args.localKeyMaterial.chacha20NonceB64u
|
|
3572
|
+
},
|
|
3573
|
+
threshold: null
|
|
3574
|
+
};
|
|
3575
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
3576
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
3577
|
+
const thresholdPublicKey = String(thresholdKeyMaterial.publicKey || "").trim();
|
|
3578
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
3579
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
3580
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
3581
|
+
const rpId = String(args.rpId || "").trim();
|
|
3582
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
3583
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
3584
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
3585
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
3586
|
+
nearAccountId: args.nearAccountId,
|
|
3587
|
+
rpId,
|
|
3588
|
+
relayerUrl,
|
|
3589
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
3590
|
+
participantIds
|
|
3591
|
+
});
|
|
3592
|
+
return {
|
|
3593
|
+
resolvedSignerMode: "threshold-signer",
|
|
3594
|
+
nearPublicKey: thresholdPublicKey,
|
|
3595
|
+
decryption: {
|
|
3596
|
+
encryptedPrivateKeyData: "",
|
|
3597
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
3598
|
+
},
|
|
3599
|
+
threshold: {
|
|
3600
|
+
relayerUrl,
|
|
3601
|
+
thresholdKeyMaterial,
|
|
3602
|
+
thresholdSessionCacheKey,
|
|
3603
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
3604
|
+
}
|
|
3605
|
+
};
|
|
3606
|
+
}
|
|
3607
|
+
function extractSigningEvidenceFromConfirmation(confirmation) {
|
|
3608
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
3609
|
+
return {
|
|
3610
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
3611
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
3612
|
+
};
|
|
3613
|
+
}
|
|
3614
|
+
function requireOkSignNep413MessageResponse(response) {
|
|
3615
|
+
if (!isSignNep413MessageSuccess(response)) {
|
|
3616
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "NEP-413 signing failed");
|
|
3617
|
+
throw new Error("NEP-413 signing failed");
|
|
3618
|
+
}
|
|
3619
|
+
return response;
|
|
3620
|
+
}
|
|
3023
3621
|
|
|
3024
3622
|
//#endregion
|
|
3025
3623
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.ts
|
|
@@ -3050,6 +3648,8 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3050
3648
|
if (!s) return [];
|
|
3051
3649
|
return Array.from(base64UrlDecode(s));
|
|
3052
3650
|
};
|
|
3651
|
+
const intentDigest32 = b64ToBytes(vrfChallenge.intentDigest);
|
|
3652
|
+
if (intentDigest32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
3053
3653
|
const finalContractArgs = {
|
|
3054
3654
|
vrf_data: {
|
|
3055
3655
|
vrf_input_data: b64ToBytes(vrfChallenge.vrfInput),
|
|
@@ -3059,7 +3659,8 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3059
3659
|
user_id: vrfChallenge.userId,
|
|
3060
3660
|
rp_id: vrfChallenge.rpId,
|
|
3061
3661
|
block_height: Number(vrfChallenge.blockHeight),
|
|
3062
|
-
block_hash: b64ToBytes(vrfChallenge.blockHash)
|
|
3662
|
+
block_hash: b64ToBytes(vrfChallenge.blockHash),
|
|
3663
|
+
intent_digest_32: intentDigest32
|
|
3063
3664
|
},
|
|
3064
3665
|
webauthn_registration: credential,
|
|
3065
3666
|
deterministic_vrf_public_key: b64ToBytes(deterministicVrfPublicKey),
|
|
@@ -3094,22 +3695,25 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3094
3695
|
console.debug("[SignerWorkerManager] Device2 registration complete, storing encrypted key");
|
|
3095
3696
|
const chacha20NonceB64u = wasmResult.chacha20NonceB64u;
|
|
3096
3697
|
if (!chacha20NonceB64u) throw new Error("Missing chacha20NonceB64u in Device2 registration result");
|
|
3097
|
-
const
|
|
3698
|
+
const wrapKeySaltPersisted = wasmResult.wrapKeySalt;
|
|
3699
|
+
if (!wrapKeySaltPersisted) throw new Error("Missing wrapKeySalt in Device2 registration result");
|
|
3700
|
+
const keyMaterial = {
|
|
3701
|
+
kind: "local_near_sk_v3",
|
|
3098
3702
|
nearAccountId,
|
|
3099
3703
|
deviceNumber: deviceNumber ?? 2,
|
|
3100
|
-
|
|
3704
|
+
publicKey: wasmResult.publicKey,
|
|
3705
|
+
encryptedSk: wasmResult.encryptedData,
|
|
3101
3706
|
chacha20NonceB64u,
|
|
3102
|
-
wrapKeySalt:
|
|
3103
|
-
version: 2,
|
|
3707
|
+
wrapKeySalt: wrapKeySaltPersisted,
|
|
3104
3708
|
timestamp: Date.now()
|
|
3105
3709
|
};
|
|
3106
|
-
await ctx.indexedDB.nearKeysDB.
|
|
3710
|
+
await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
3107
3711
|
console.debug("[SignerWorkerManager] Device2 encrypted key stored successfully");
|
|
3108
3712
|
return {
|
|
3109
3713
|
success: true,
|
|
3110
3714
|
publicKey: wasmResult.publicKey,
|
|
3111
3715
|
signedTransaction: wasmResult.signedTransaction,
|
|
3112
|
-
wrapKeySalt:
|
|
3716
|
+
wrapKeySalt: wrapKeySaltPersisted,
|
|
3113
3717
|
encryptedData: wasmResult.encryptedData,
|
|
3114
3718
|
chacha20NonceB64u
|
|
3115
3719
|
};
|
|
@@ -3194,7 +3798,6 @@ function validateSecureConfirmRequest(input) {
|
|
|
3194
3798
|
if (typeof input === "string") throw new Error("Invalid secure confirm request: expected an object (JSON strings are not supported)");
|
|
3195
3799
|
if (!isObject(input)) throw new Error("parsed is not an object");
|
|
3196
3800
|
const p = input;
|
|
3197
|
-
if (p.schemaVersion !== 2) throw new Error("schemaVersion must be 2");
|
|
3198
3801
|
if (!isString(p.requestId) || !p.requestId) throw new Error("missing requestId");
|
|
3199
3802
|
if (!isString(p.type) || !p.type) throw new Error("missing type");
|
|
3200
3803
|
if (p.summary === void 0 || p.summary === null) throw new Error("missing summary");
|
|
@@ -3275,42 +3878,42 @@ async function importFlow(label, loader) {
|
|
|
3275
3878
|
}
|
|
3276
3879
|
const HANDLERS = {
|
|
3277
3880
|
[SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3278
|
-
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-
|
|
3881
|
+
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-40zxrBMm.js"));
|
|
3279
3882
|
await handleLocalOnlyFlow(ctx, request, worker, {
|
|
3280
3883
|
confirmationConfig,
|
|
3281
3884
|
transactionSummary
|
|
3282
3885
|
});
|
|
3283
3886
|
},
|
|
3284
3887
|
[SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3285
|
-
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-
|
|
3888
|
+
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-40zxrBMm.js"));
|
|
3286
3889
|
await handleLocalOnlyFlow(ctx, request, worker, {
|
|
3287
3890
|
confirmationConfig,
|
|
3288
3891
|
transactionSummary
|
|
3289
3892
|
});
|
|
3290
3893
|
},
|
|
3291
3894
|
[SecureConfirmationType.REGISTER_ACCOUNT]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3292
|
-
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-
|
|
3895
|
+
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-MrAOC8Ub.js"));
|
|
3293
3896
|
await handleRegistrationFlow(ctx, request, worker, {
|
|
3294
3897
|
confirmationConfig,
|
|
3295
3898
|
transactionSummary
|
|
3296
3899
|
});
|
|
3297
3900
|
},
|
|
3298
3901
|
[SecureConfirmationType.LINK_DEVICE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3299
|
-
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-
|
|
3902
|
+
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-MrAOC8Ub.js"));
|
|
3300
3903
|
await handleRegistrationFlow(ctx, request, worker, {
|
|
3301
3904
|
confirmationConfig,
|
|
3302
3905
|
transactionSummary
|
|
3303
3906
|
});
|
|
3304
3907
|
},
|
|
3305
3908
|
[SecureConfirmationType.SIGN_TRANSACTION]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3306
|
-
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-
|
|
3909
|
+
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-CrjP8yPD.js"));
|
|
3307
3910
|
await handleTransactionSigningFlow(ctx, request, worker, {
|
|
3308
3911
|
confirmationConfig,
|
|
3309
3912
|
transactionSummary
|
|
3310
3913
|
});
|
|
3311
3914
|
},
|
|
3312
3915
|
[SecureConfirmationType.SIGN_NEP413_MESSAGE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3313
|
-
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-
|
|
3916
|
+
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-CrjP8yPD.js"));
|
|
3314
3917
|
await handleTransactionSigningFlow(ctx, request, worker, {
|
|
3315
3918
|
confirmationConfig,
|
|
3316
3919
|
transactionSummary
|
|
@@ -3349,7 +3952,7 @@ async function runSecureConfirm(ctx, request) {
|
|
|
3349
3952
|
async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, sessionId }) {
|
|
3350
3953
|
const accountId = toAccountId(nearAccountId);
|
|
3351
3954
|
const deviceNumber = await getLastLoggedInDeviceNumber(accountId, ctx.indexedDB.clientDB);
|
|
3352
|
-
const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.
|
|
3955
|
+
const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(accountId, deviceNumber), ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber)]);
|
|
3353
3956
|
const publicKey = user?.clientNearPublicKey || "";
|
|
3354
3957
|
if (!keyData || !publicKey) throw new Error("Missing local key material for export. Re-register to upgrade vault.");
|
|
3355
3958
|
const response = await ctx.sendMessage({
|
|
@@ -3358,7 +3961,7 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3358
3961
|
type: WorkerRequestType.DecryptPrivateKeyWithPrf,
|
|
3359
3962
|
payload: {
|
|
3360
3963
|
nearAccountId: accountId,
|
|
3361
|
-
encryptedPrivateKeyData: keyData.
|
|
3964
|
+
encryptedPrivateKeyData: keyData.encryptedSk,
|
|
3362
3965
|
encryptedPrivateKeyChacha20NonceB64u: keyData.chacha20NonceB64u
|
|
3363
3966
|
}
|
|
3364
3967
|
}
|
|
@@ -3371,7 +3974,6 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3371
3974
|
}
|
|
3372
3975
|
const privateKey = response.payload.privateKey;
|
|
3373
3976
|
const showReq = {
|
|
3374
|
-
schemaVersion: 2,
|
|
3375
3977
|
requestId: sessionId,
|
|
3376
3978
|
type: SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI,
|
|
3377
3979
|
summary: {
|
|
@@ -3391,6 +3993,46 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3391
3993
|
await runSecureConfirm(ctx, showReq);
|
|
3392
3994
|
}
|
|
3393
3995
|
|
|
3996
|
+
//#endregion
|
|
3997
|
+
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.ts
|
|
3998
|
+
async function deriveThresholdEd25519ClientVerifyingShare(args) {
|
|
3999
|
+
const { ctx } = args;
|
|
4000
|
+
const sessionId = args.sessionId;
|
|
4001
|
+
const nearAccountId = args.nearAccountId;
|
|
4002
|
+
try {
|
|
4003
|
+
if (!sessionId) throw new Error("Missing sessionId");
|
|
4004
|
+
if (!nearAccountId) throw new Error("Missing nearAccountId");
|
|
4005
|
+
const response = await ctx.sendMessage({
|
|
4006
|
+
sessionId,
|
|
4007
|
+
message: {
|
|
4008
|
+
type: WorkerRequestType.DeriveThresholdEd25519ClientVerifyingShare,
|
|
4009
|
+
payload: { nearAccountId }
|
|
4010
|
+
}
|
|
4011
|
+
});
|
|
4012
|
+
if (response.type !== WorkerResponseType.DeriveThresholdEd25519ClientVerifyingShareSuccess) throw new Error("DeriveThresholdEd25519ClientVerifyingShare failed");
|
|
4013
|
+
const wasmResult = response.payload;
|
|
4014
|
+
const clientVerifyingShareB64u = wasmResult?.clientVerifyingShareB64u;
|
|
4015
|
+
const wrapKeySalt = wasmResult?.wrapKeySalt;
|
|
4016
|
+
if (!clientVerifyingShareB64u) throw new Error("Missing clientVerifyingShareB64u in worker response");
|
|
4017
|
+
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in worker response");
|
|
4018
|
+
return {
|
|
4019
|
+
success: true,
|
|
4020
|
+
nearAccountId,
|
|
4021
|
+
clientVerifyingShareB64u,
|
|
4022
|
+
wrapKeySalt
|
|
4023
|
+
};
|
|
4024
|
+
} catch (error) {
|
|
4025
|
+
const message = String(error?.message ?? error);
|
|
4026
|
+
return {
|
|
4027
|
+
success: false,
|
|
4028
|
+
nearAccountId,
|
|
4029
|
+
clientVerifyingShareB64u: "",
|
|
4030
|
+
wrapKeySalt: "",
|
|
4031
|
+
error: message
|
|
4032
|
+
};
|
|
4033
|
+
}
|
|
4034
|
+
}
|
|
4035
|
+
|
|
3394
4036
|
//#endregion
|
|
3395
4037
|
//#region src/core/WebAuthnManager/SignerWorkerManager/index.ts
|
|
3396
4038
|
/**
|
|
@@ -3406,15 +4048,17 @@ var SignerWorkerManager = class {
|
|
|
3406
4048
|
nearClient;
|
|
3407
4049
|
userPreferencesManager;
|
|
3408
4050
|
nonceManager;
|
|
4051
|
+
relayerUrl;
|
|
3409
4052
|
workerBaseOrigin;
|
|
3410
4053
|
nearExplorerUrl;
|
|
3411
|
-
constructor(vrfWorkerManager, nearClient, userPreferencesManager, nonceManager, rpIdOverride, enableSafariGetWebauthnRegistrationFallback = true, nearExplorerUrl) {
|
|
4054
|
+
constructor(vrfWorkerManager, nearClient, userPreferencesManager, nonceManager, relayerUrl, rpIdOverride, enableSafariGetWebauthnRegistrationFallback = true, nearExplorerUrl) {
|
|
3412
4055
|
this.indexedDB = IndexedDBManager;
|
|
3413
4056
|
this.touchIdPrompt = new TouchIdPrompt(rpIdOverride, enableSafariGetWebauthnRegistrationFallback);
|
|
3414
4057
|
this.vrfWorkerManager = vrfWorkerManager;
|
|
3415
4058
|
this.nearClient = nearClient;
|
|
3416
4059
|
this.userPreferencesManager = userPreferencesManager;
|
|
3417
4060
|
this.nonceManager = nonceManager;
|
|
4061
|
+
this.relayerUrl = relayerUrl;
|
|
3418
4062
|
this.nearExplorerUrl = nearExplorerUrl;
|
|
3419
4063
|
}
|
|
3420
4064
|
setWorkerBaseOrigin(origin) {
|
|
@@ -3430,7 +4074,8 @@ var SignerWorkerManager = class {
|
|
|
3430
4074
|
userPreferencesManager: this.userPreferencesManager,
|
|
3431
4075
|
nonceManager: this.nonceManager,
|
|
3432
4076
|
rpIdOverride: this.touchIdPrompt.getRpId(),
|
|
3433
|
-
nearExplorerUrl: this.nearExplorerUrl
|
|
4077
|
+
nearExplorerUrl: this.nearExplorerUrl,
|
|
4078
|
+
relayerUrl: this.relayerUrl
|
|
3434
4079
|
};
|
|
3435
4080
|
}
|
|
3436
4081
|
createSecureWorker() {
|
|
@@ -3712,6 +4357,13 @@ var SignerWorkerManager = class {
|
|
|
3712
4357
|
...args
|
|
3713
4358
|
});
|
|
3714
4359
|
}
|
|
4360
|
+
async deriveThresholdEd25519ClientVerifyingShare(args) {
|
|
4361
|
+
return deriveThresholdEd25519ClientVerifyingShare({
|
|
4362
|
+
ctx: this.getContext(),
|
|
4363
|
+
sessionId: args.sessionId,
|
|
4364
|
+
nearAccountId: String(args.nearAccountId)
|
|
4365
|
+
});
|
|
4366
|
+
}
|
|
3715
4367
|
/**
|
|
3716
4368
|
* Secure private key decryption with dual PRF
|
|
3717
4369
|
*/
|
|
@@ -3826,7 +4478,8 @@ async function checkVrfStatus(ctx) {
|
|
|
3826
4478
|
} catch {
|
|
3827
4479
|
return {
|
|
3828
4480
|
active: false,
|
|
3829
|
-
nearAccountId: null
|
|
4481
|
+
nearAccountId: null,
|
|
4482
|
+
vrfPublicKey: null
|
|
3830
4483
|
};
|
|
3831
4484
|
}
|
|
3832
4485
|
try {
|
|
@@ -3842,18 +4495,21 @@ async function checkVrfStatus(ctx) {
|
|
|
3842
4495
|
return {
|
|
3843
4496
|
active: data.active,
|
|
3844
4497
|
nearAccountId: current ? toAccountId(current) : null,
|
|
3845
|
-
sessionDuration: data.sessionDuration
|
|
4498
|
+
sessionDuration: data.sessionDuration,
|
|
4499
|
+
vrfPublicKey: data.vrfPublicKey ?? null
|
|
3846
4500
|
};
|
|
3847
4501
|
}
|
|
3848
4502
|
return {
|
|
3849
4503
|
active: false,
|
|
3850
|
-
nearAccountId: null
|
|
4504
|
+
nearAccountId: null,
|
|
4505
|
+
vrfPublicKey: null
|
|
3851
4506
|
};
|
|
3852
4507
|
} catch (error) {
|
|
3853
4508
|
console.warn("VRF Manager: Failed to get VRF status:", error);
|
|
3854
4509
|
return {
|
|
3855
4510
|
active: false,
|
|
3856
|
-
nearAccountId: null
|
|
4511
|
+
nearAccountId: null,
|
|
4512
|
+
vrfPublicKey: null
|
|
3857
4513
|
};
|
|
3858
4514
|
}
|
|
3859
4515
|
}
|
|
@@ -3965,7 +4621,7 @@ async function confirmAndDeriveDevice2RegistrationSession(ctx, params) {
|
|
|
3965
4621
|
/**
|
|
3966
4622
|
* Kick off the SecureConfirm signing flow inside the VRF worker.
|
|
3967
4623
|
*
|
|
3968
|
-
* This creates a
|
|
4624
|
+
* This creates a `SecureConfirmRequest` (tx / delegate / NEP-413) and sends it to the
|
|
3969
4625
|
* VRF worker, which will render UI, collect a WebAuthn credential when needed, and return the
|
|
3970
4626
|
* `transactionContext` (reserved nonces, block hash/height) needed by the signer worker.
|
|
3971
4627
|
*/
|
|
@@ -3989,14 +4645,15 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
3989
4645
|
...params.body != null ? { body: params.body } : {}
|
|
3990
4646
|
};
|
|
3991
4647
|
request = {
|
|
3992
|
-
schemaVersion: 2,
|
|
3993
4648
|
requestId: sessionId,
|
|
3994
4649
|
type: SecureConfirmationType.SIGN_TRANSACTION,
|
|
3995
4650
|
summary,
|
|
3996
4651
|
payload: {
|
|
3997
4652
|
txSigningRequests,
|
|
3998
4653
|
intentDigest,
|
|
3999
|
-
rpcCall: params.rpcCall
|
|
4654
|
+
rpcCall: params.rpcCall,
|
|
4655
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4656
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4000
4657
|
},
|
|
4001
4658
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4002
4659
|
intentDigest
|
|
@@ -4027,14 +4684,15 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4027
4684
|
}
|
|
4028
4685
|
};
|
|
4029
4686
|
request = {
|
|
4030
|
-
schemaVersion: 2,
|
|
4031
4687
|
requestId: sessionId,
|
|
4032
4688
|
type: SecureConfirmationType.SIGN_TRANSACTION,
|
|
4033
4689
|
summary,
|
|
4034
4690
|
payload: {
|
|
4035
4691
|
txSigningRequests,
|
|
4036
4692
|
intentDigest,
|
|
4037
|
-
rpcCall: params.rpcCall
|
|
4693
|
+
rpcCall: params.rpcCall,
|
|
4694
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4695
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4038
4696
|
},
|
|
4039
4697
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4040
4698
|
intentDigest
|
|
@@ -4051,7 +4709,6 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4051
4709
|
...params.body != null ? { body: params.body } : {}
|
|
4052
4710
|
};
|
|
4053
4711
|
request = {
|
|
4054
|
-
schemaVersion: 2,
|
|
4055
4712
|
requestId: sessionId,
|
|
4056
4713
|
type: SecureConfirmationType.SIGN_NEP413_MESSAGE,
|
|
4057
4714
|
summary,
|
|
@@ -4059,8 +4716,10 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4059
4716
|
nearAccountId: params.nearAccountId,
|
|
4060
4717
|
message: params.message,
|
|
4061
4718
|
recipient: params.recipient,
|
|
4719
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4062
4720
|
...params.contractId ? { contractId: params.contractId } : {},
|
|
4063
|
-
...params.nearRpcUrl ? { nearRpcUrl: params.nearRpcUrl } : {}
|
|
4721
|
+
...params.nearRpcUrl ? { nearRpcUrl: params.nearRpcUrl } : {},
|
|
4722
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4064
4723
|
},
|
|
4065
4724
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4066
4725
|
intentDigest
|
|
@@ -4084,7 +4743,8 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4084
4743
|
sessionId,
|
|
4085
4744
|
transactionContext: decision.transaction_context,
|
|
4086
4745
|
intentDigest: decision.intent_digest || intentDigest,
|
|
4087
|
-
credential: decision.credential
|
|
4746
|
+
credential: decision.credential,
|
|
4747
|
+
vrfChallenge: decision.vrf_challenge
|
|
4088
4748
|
};
|
|
4089
4749
|
}
|
|
4090
4750
|
function computeTotalAmountYocto(txSigningRequests) {
|
|
@@ -4108,31 +4768,6 @@ function computeTotalAmountYocto(txSigningRequests) {
|
|
|
4108
4768
|
}
|
|
4109
4769
|
}
|
|
4110
4770
|
|
|
4111
|
-
//#endregion
|
|
4112
|
-
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.ts
|
|
4113
|
-
/**
|
|
4114
|
-
* Create a VRF-owned MessageChannel for signing and return the signer-facing port.
|
|
4115
|
-
* VRF retains the sibling port for WrapKeySeed delivery.
|
|
4116
|
-
*
|
|
4117
|
-
* This is the first step in the VRF ↔ Signer "warm session" handshake:
|
|
4118
|
-
* - transfer Port1 to the VRF worker (sender),
|
|
4119
|
-
* - return Port2 so the caller can transfer it to the signer worker (receiver).
|
|
4120
|
-
*/
|
|
4121
|
-
async function createSigningSessionChannel(ctx, sessionId) {
|
|
4122
|
-
await ctx.ensureWorkerReady(true);
|
|
4123
|
-
const channel = new MessageChannel();
|
|
4124
|
-
try {
|
|
4125
|
-
ctx.postToWorker({
|
|
4126
|
-
type: WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT,
|
|
4127
|
-
sessionId
|
|
4128
|
-
}, [channel.port1]);
|
|
4129
|
-
} catch (err) {
|
|
4130
|
-
console.error("[VrfWorkerManager] Failed to attach WrapKeySeed port to VRF worker", err);
|
|
4131
|
-
throw err;
|
|
4132
|
-
}
|
|
4133
|
-
return channel.port2;
|
|
4134
|
-
}
|
|
4135
|
-
|
|
4136
4771
|
//#endregion
|
|
4137
4772
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.ts
|
|
4138
4773
|
/**
|
|
@@ -4154,7 +4789,9 @@ async function deriveVrfKeypairFromPrf(ctx, args) {
|
|
|
4154
4789
|
userId: vrfInputData.userId,
|
|
4155
4790
|
rpId: vrfInputData.rpId,
|
|
4156
4791
|
blockHeight: String(vrfInputData.blockHeight),
|
|
4157
|
-
blockHash: vrfInputData.blockHash
|
|
4792
|
+
blockHash: vrfInputData.blockHash,
|
|
4793
|
+
intentDigest: vrfInputData.intentDigest,
|
|
4794
|
+
sessionPolicyDigest32: vrfInputData.sessionPolicyDigest32
|
|
4158
4795
|
} : void 0
|
|
4159
4796
|
}
|
|
4160
4797
|
};
|
|
@@ -4172,7 +4809,9 @@ async function deriveVrfKeypairFromPrf(ctx, args) {
|
|
|
4172
4809
|
userId: data.vrfChallengeData.userId,
|
|
4173
4810
|
rpId: data.vrfChallengeData.rpId,
|
|
4174
4811
|
blockHeight: data.vrfChallengeData.blockHeight,
|
|
4175
|
-
blockHash: data.vrfChallengeData.blockHash
|
|
4812
|
+
blockHash: data.vrfChallengeData.blockHash,
|
|
4813
|
+
...data.vrfChallengeData.intentDigest ? { intentDigest: data.vrfChallengeData.intentDigest } : {},
|
|
4814
|
+
...data.vrfChallengeData.sessionPolicyDigest32 ? { sessionPolicyDigest32: data.vrfChallengeData.sessionPolicyDigest32 } : {}
|
|
4176
4815
|
}) : null;
|
|
4177
4816
|
if (saveInMemory) {
|
|
4178
4817
|
ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
@@ -4250,6 +4889,30 @@ async function dispenseSessionKey(ctx, args) {
|
|
|
4250
4889
|
return response.data || { sessionId: args.sessionId };
|
|
4251
4890
|
}
|
|
4252
4891
|
|
|
4892
|
+
//#endregion
|
|
4893
|
+
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.ts
|
|
4894
|
+
/**
|
|
4895
|
+
* Shamir 3-pass (client): decrypt/unlock a VRF keypair using a server-protected envelope.
|
|
4896
|
+
*
|
|
4897
|
+
* On success, the VRF keypair becomes active in the VRF worker and is bound (in TS state) to `nearAccountId`.
|
|
4898
|
+
*/
|
|
4899
|
+
async function shamir3PassDecryptVrfKeypair(ctx, args) {
|
|
4900
|
+
await ctx.ensureWorkerReady(true);
|
|
4901
|
+
const message = {
|
|
4902
|
+
type: "SHAMIR3PASS_CLIENT_DECRYPT_VRF_KEYPAIR",
|
|
4903
|
+
id: ctx.generateMessageId(),
|
|
4904
|
+
payload: {
|
|
4905
|
+
nearAccountId: args.nearAccountId,
|
|
4906
|
+
kek_s_b64u: args.kek_s_b64u,
|
|
4907
|
+
ciphertextVrfB64u: args.ciphertextVrfB64u,
|
|
4908
|
+
keyId: args.serverKeyId
|
|
4909
|
+
}
|
|
4910
|
+
};
|
|
4911
|
+
const response = await ctx.sendMessage(message);
|
|
4912
|
+
if (response.success) ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
4913
|
+
return response;
|
|
4914
|
+
}
|
|
4915
|
+
|
|
4253
4916
|
//#endregion
|
|
4254
4917
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.ts
|
|
4255
4918
|
/**
|
|
@@ -4271,6 +4934,7 @@ async function generateVrfChallengeOnce(ctx, inputData) {
|
|
|
4271
4934
|
}
|
|
4272
4935
|
async function generateVrfChallengeInternal(ctx, inputData, sessionId) {
|
|
4273
4936
|
await ctx.ensureWorkerReady(true);
|
|
4937
|
+
await ensureVrfKeypairBoundToLastUser(ctx, inputData.userId);
|
|
4274
4938
|
const message = {
|
|
4275
4939
|
type: "GENERATE_VRF_CHALLENGE",
|
|
4276
4940
|
id: ctx.generateMessageId(),
|
|
@@ -4280,16 +4944,45 @@ async function generateVrfChallengeInternal(ctx, inputData, sessionId) {
|
|
|
4280
4944
|
userId: inputData.userId,
|
|
4281
4945
|
rpId: inputData.rpId,
|
|
4282
4946
|
blockHeight: String(inputData.blockHeight),
|
|
4283
|
-
blockHash: inputData.blockHash
|
|
4947
|
+
blockHash: inputData.blockHash,
|
|
4948
|
+
intentDigest: inputData.intentDigest,
|
|
4949
|
+
sessionPolicyDigest32: inputData.sessionPolicyDigest32
|
|
4284
4950
|
}
|
|
4285
4951
|
}
|
|
4286
4952
|
};
|
|
4287
4953
|
const response = await ctx.sendMessage(message);
|
|
4288
4954
|
if (!response.success || !response.data) throw new Error(`VRF challenge generation failed: ${response.error}`);
|
|
4289
4955
|
const data = response.data;
|
|
4290
|
-
console.debug("VRF Manager: VRF challenge generated successfully");
|
|
4291
4956
|
return validateVRFChallenge(data);
|
|
4292
4957
|
}
|
|
4958
|
+
async function ensureVrfKeypairBoundToLastUser(ctx, nearAccountId) {
|
|
4959
|
+
const accountId = toAccountId(nearAccountId);
|
|
4960
|
+
const { indexedDB: indexedDB$1 } = ctx.getContext();
|
|
4961
|
+
const lastUser = await indexedDB$1.clientDB.getLastUser().catch(() => null);
|
|
4962
|
+
if (!lastUser || toAccountId(lastUser.nearAccountId) !== accountId) return;
|
|
4963
|
+
const lastUserDeviceNumber = Number(lastUser.deviceNumber);
|
|
4964
|
+
if (!Number.isFinite(lastUserDeviceNumber) || lastUserDeviceNumber < 1) return;
|
|
4965
|
+
const status = await checkVrfStatus(ctx);
|
|
4966
|
+
const currentVrfPublicKey = toTrimmedString(status.vrfPublicKey);
|
|
4967
|
+
const authenticators = await indexedDB$1.clientDB.getAuthenticatorsByUser(accountId).catch(() => []);
|
|
4968
|
+
const expectedVrfPublicKey = toTrimmedString(authenticators.find((a) => a.credentialId === lastUser.passkeyCredential.rawId)?.vrfPublicKey ?? authenticators.find((a) => a.deviceNumber === lastUserDeviceNumber)?.vrfPublicKey);
|
|
4969
|
+
const needsRebind = !status.active || expectedVrfPublicKey && currentVrfPublicKey !== expectedVrfPublicKey;
|
|
4970
|
+
if (!needsRebind) return;
|
|
4971
|
+
const shamir = lastUser.serverEncryptedVrfKeypair;
|
|
4972
|
+
if (!shamir?.ciphertextVrfB64u || !shamir?.kek_s_b64u || !shamir?.serverKeyId) throw new Error("VRF session is not bound to the last logged-in passkey device. Please log in again on this device.");
|
|
4973
|
+
const unlock = await shamir3PassDecryptVrfKeypair(ctx, {
|
|
4974
|
+
nearAccountId: accountId,
|
|
4975
|
+
ciphertextVrfB64u: shamir.ciphertextVrfB64u,
|
|
4976
|
+
kek_s_b64u: shamir.kek_s_b64u,
|
|
4977
|
+
serverKeyId: shamir.serverKeyId
|
|
4978
|
+
});
|
|
4979
|
+
if (!unlock.success) throw new Error(unlock.error || "Failed to rebind VRF keypair to the last logged-in device");
|
|
4980
|
+
if (expectedVrfPublicKey) {
|
|
4981
|
+
const rebound = await checkVrfStatus(ctx);
|
|
4982
|
+
const reboundPk = toTrimmedString(rebound.vrfPublicKey);
|
|
4983
|
+
if (!rebound.active || reboundPk !== expectedVrfPublicKey) throw new Error("VRF session mismatch: VRF keypair did not match the last logged-in device after rebind. Please log in again.");
|
|
4984
|
+
}
|
|
4985
|
+
}
|
|
4293
4986
|
|
|
4294
4987
|
//#endregion
|
|
4295
4988
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.ts
|
|
@@ -4313,7 +5006,9 @@ async function generateVrfKeypairBootstrap(ctx, args) {
|
|
|
4313
5006
|
userId: args.vrfInputData.userId,
|
|
4314
5007
|
rpId: args.vrfInputData.rpId,
|
|
4315
5008
|
blockHeight: String(args.vrfInputData.blockHeight),
|
|
4316
|
-
blockHash: args.vrfInputData.blockHash
|
|
5009
|
+
blockHash: args.vrfInputData.blockHash,
|
|
5010
|
+
intentDigest: args.vrfInputData.intentDigest,
|
|
5011
|
+
sessionPolicyDigest32: args.vrfInputData.sessionPolicyDigest32
|
|
4317
5012
|
} : void 0
|
|
4318
5013
|
}
|
|
4319
5014
|
};
|
|
@@ -4335,7 +5030,9 @@ async function generateVrfKeypairBootstrap(ctx, args) {
|
|
|
4335
5030
|
userId: challengeData.userId,
|
|
4336
5031
|
rpId: challengeData.rpId,
|
|
4337
5032
|
blockHeight: challengeData.blockHeight,
|
|
4338
|
-
blockHash: challengeData.blockHash
|
|
5033
|
+
blockHash: challengeData.blockHash,
|
|
5034
|
+
...challengeData.intentDigest ? { intentDigest: challengeData.intentDigest } : {},
|
|
5035
|
+
...challengeData.sessionPolicyDigest32 ? { sessionPolicyDigest32: challengeData.sessionPolicyDigest32 } : {}
|
|
4339
5036
|
})
|
|
4340
5037
|
};
|
|
4341
5038
|
} catch (error) {
|
|
@@ -4426,7 +5123,6 @@ async function requestRegistrationCredentialConfirmation$1({ ctx, nearAccountId,
|
|
|
4426
5123
|
const title = confirmerText?.title;
|
|
4427
5124
|
const body = confirmerText?.body;
|
|
4428
5125
|
const request = {
|
|
4429
|
-
schemaVersion: 2,
|
|
4430
5126
|
requestId,
|
|
4431
5127
|
type: SecureConfirmationType.REGISTER_ACCOUNT,
|
|
4432
5128
|
summary: {
|
|
@@ -4465,49 +5161,25 @@ async function requestRegistrationCredentialConfirmation$1({ ctx, nearAccountId,
|
|
|
4465
5161
|
/**
|
|
4466
5162
|
* Kick off the SecureConfirm UI flow for account registration and return the confirmed decision.
|
|
4467
5163
|
*
|
|
4468
|
-
* This is used when the host (main thread) needs a registration credential + VRF challenge + NEAR context,
|
|
4469
|
-
* but the UI/confirmation orchestration lives in the VRF worker confirmation flow.
|
|
4470
|
-
*/
|
|
4471
|
-
async function requestRegistrationCredentialConfirmation(ctx, params) {
|
|
4472
|
-
const hostCtx = ctx.getContext();
|
|
4473
|
-
const decision = await requestRegistrationCredentialConfirmation$1({
|
|
4474
|
-
ctx: hostCtx,
|
|
4475
|
-
nearAccountId: params.nearAccountId,
|
|
4476
|
-
deviceNumber: params.deviceNumber,
|
|
4477
|
-
confirmerText: params.confirmerText,
|
|
4478
|
-
contractId: params.contractId,
|
|
4479
|
-
nearRpcUrl: params.nearRpcUrl,
|
|
4480
|
-
confirmationConfig: params.confirmationConfigOverride
|
|
4481
|
-
});
|
|
4482
|
-
if (!decision.confirmed) throw new Error(decision.error || "User rejected registration request");
|
|
4483
|
-
if (!decision.credential) throw new Error("Missing credential from registration confirmation");
|
|
4484
|
-
if (!decision.vrfChallenge) throw new Error("Missing vrfChallenge from registration confirmation");
|
|
4485
|
-
if (!decision.transactionContext) throw new Error("Missing transactionContext from registration confirmation");
|
|
4486
|
-
return decision;
|
|
4487
|
-
}
|
|
4488
|
-
|
|
4489
|
-
//#endregion
|
|
4490
|
-
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.ts
|
|
4491
|
-
/**
|
|
4492
|
-
* Shamir 3-pass (client): decrypt/unlock a VRF keypair using a server-protected envelope.
|
|
4493
|
-
*
|
|
4494
|
-
* On success, the VRF keypair becomes active in the VRF worker and is bound (in TS state) to `nearAccountId`.
|
|
4495
|
-
*/
|
|
4496
|
-
async function shamir3PassDecryptVrfKeypair(ctx, args) {
|
|
4497
|
-
await ctx.ensureWorkerReady(true);
|
|
4498
|
-
const message = {
|
|
4499
|
-
type: "SHAMIR3PASS_CLIENT_DECRYPT_VRF_KEYPAIR",
|
|
4500
|
-
id: ctx.generateMessageId(),
|
|
4501
|
-
payload: {
|
|
4502
|
-
nearAccountId: args.nearAccountId,
|
|
4503
|
-
kek_s_b64u: args.kek_s_b64u,
|
|
4504
|
-
ciphertextVrfB64u: args.ciphertextVrfB64u,
|
|
4505
|
-
keyId: args.serverKeyId
|
|
4506
|
-
}
|
|
4507
|
-
};
|
|
4508
|
-
const response = await ctx.sendMessage(message);
|
|
4509
|
-
if (response.success) ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
4510
|
-
return response;
|
|
5164
|
+
* This is used when the host (main thread) needs a registration credential + VRF challenge + NEAR context,
|
|
5165
|
+
* but the UI/confirmation orchestration lives in the VRF worker confirmation flow.
|
|
5166
|
+
*/
|
|
5167
|
+
async function requestRegistrationCredentialConfirmation(ctx, params) {
|
|
5168
|
+
const hostCtx = ctx.getContext();
|
|
5169
|
+
const decision = await requestRegistrationCredentialConfirmation$1({
|
|
5170
|
+
ctx: hostCtx,
|
|
5171
|
+
nearAccountId: params.nearAccountId,
|
|
5172
|
+
deviceNumber: params.deviceNumber,
|
|
5173
|
+
confirmerText: params.confirmerText,
|
|
5174
|
+
contractId: params.contractId,
|
|
5175
|
+
nearRpcUrl: params.nearRpcUrl,
|
|
5176
|
+
confirmationConfig: params.confirmationConfigOverride
|
|
5177
|
+
});
|
|
5178
|
+
if (!decision.confirmed) throw new Error(decision.error || "User rejected registration request");
|
|
5179
|
+
if (!decision.credential) throw new Error("Missing credential from registration confirmation");
|
|
5180
|
+
if (!decision.vrfChallenge) throw new Error("Missing vrfChallenge from registration confirmation");
|
|
5181
|
+
if (!decision.transactionContext) throw new Error("Missing transactionContext from registration confirmation");
|
|
5182
|
+
return decision;
|
|
4511
5183
|
}
|
|
4512
5184
|
|
|
4513
5185
|
//#endregion
|
|
@@ -4632,7 +5304,41 @@ var VrfWorkerManager = class {
|
|
|
4632
5304
|
* VRF retains the sibling port for WrapKeySeed delivery.
|
|
4633
5305
|
*/
|
|
4634
5306
|
async createSigningSessionChannel(sessionId) {
|
|
4635
|
-
|
|
5307
|
+
await this.ensureWorkerReady(true);
|
|
5308
|
+
if (!this.vrfWorker) throw new Error("VRF Web Worker not available");
|
|
5309
|
+
const channel = new MessageChannel();
|
|
5310
|
+
const ackPromise = new Promise((resolve, reject) => {
|
|
5311
|
+
const worker = this.vrfWorker;
|
|
5312
|
+
const timeout = setTimeout(() => {
|
|
5313
|
+
cleanup();
|
|
5314
|
+
reject(/* @__PURE__ */ new Error(`Timeout waiting for VRF WrapKeySeed port attach for session ${sessionId}`));
|
|
5315
|
+
}, 2e3);
|
|
5316
|
+
const onMessage = (event) => {
|
|
5317
|
+
const msg = event?.data;
|
|
5318
|
+
if (!msg || typeof msg.type !== "string") return;
|
|
5319
|
+
if (msg.sessionId !== sessionId) return;
|
|
5320
|
+
if (msg.type === WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_ERROR) {
|
|
5321
|
+
cleanup();
|
|
5322
|
+
reject(new Error(String(msg.error || "VRF worker failed to attach WrapKeySeed port")));
|
|
5323
|
+
return;
|
|
5324
|
+
}
|
|
5325
|
+
if (msg.type === WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_OK) {
|
|
5326
|
+
cleanup();
|
|
5327
|
+
resolve();
|
|
5328
|
+
}
|
|
5329
|
+
};
|
|
5330
|
+
const cleanup = () => {
|
|
5331
|
+
clearTimeout(timeout);
|
|
5332
|
+
worker.removeEventListener("message", onMessage);
|
|
5333
|
+
};
|
|
5334
|
+
worker.addEventListener("message", onMessage);
|
|
5335
|
+
});
|
|
5336
|
+
this.vrfWorker.postMessage({
|
|
5337
|
+
type: WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT,
|
|
5338
|
+
sessionId
|
|
5339
|
+
}, [channel.port1]);
|
|
5340
|
+
await ackPromise;
|
|
5341
|
+
return channel.port2;
|
|
4636
5342
|
}
|
|
4637
5343
|
/**
|
|
4638
5344
|
* Derive WrapKeySeed in the VRF worker and deliver it (along with PRF.second if credential provided)
|
|
@@ -4929,9 +5635,13 @@ var VrfWorkerManager = class {
|
|
|
4929
5635
|
var UserPreferencesManager = class {
|
|
4930
5636
|
themeChangeListeners = /* @__PURE__ */ new Set();
|
|
4931
5637
|
confirmationConfigChangeListeners = /* @__PURE__ */ new Set();
|
|
5638
|
+
signerModeChangeListeners = /* @__PURE__ */ new Set();
|
|
4932
5639
|
currentUserAccountId;
|
|
4933
5640
|
confirmationConfig = DEFAULT_CONFIRMATION_CONFIG;
|
|
5641
|
+
signerMode = DEFAULT_SIGNING_MODE;
|
|
4934
5642
|
walletThemeOverride = null;
|
|
5643
|
+
signerModeOverride = null;
|
|
5644
|
+
walletIframeSignerModeWriter = null;
|
|
4935
5645
|
envThemeSyncedForSession = false;
|
|
4936
5646
|
constructor() {
|
|
4937
5647
|
this.subscribeToIndexedDBChanges();
|
|
@@ -4957,6 +5667,26 @@ var UserPreferencesManager = class {
|
|
|
4957
5667
|
}
|
|
4958
5668
|
}
|
|
4959
5669
|
/**
|
|
5670
|
+
* Apply an app-provided default signer mode (e.g., `configs.signerMode`) without
|
|
5671
|
+
* persisting it as a per-user preference in IndexedDB.
|
|
5672
|
+
*/
|
|
5673
|
+
configureDefaultSignerMode(signerMode) {
|
|
5674
|
+
const next = coerceSignerMode(signerMode, DEFAULT_SIGNING_MODE);
|
|
5675
|
+
this.signerModeOverride = next;
|
|
5676
|
+
if (!this.currentUserAccountId) this.setSignerModeInternal(next, {
|
|
5677
|
+
persist: false,
|
|
5678
|
+
notify: true
|
|
5679
|
+
});
|
|
5680
|
+
}
|
|
5681
|
+
/**
|
|
5682
|
+
* In wallet-iframe mode on the app origin, user preferences must be persisted by the wallet host
|
|
5683
|
+
* (not the app origin). This configures a best-effort writer used by `setSignerMode(...)` when
|
|
5684
|
+
* IndexedDB is disabled.
|
|
5685
|
+
*/
|
|
5686
|
+
configureWalletIframeSignerModeWriter(writer) {
|
|
5687
|
+
this.walletIframeSignerModeWriter = writer;
|
|
5688
|
+
}
|
|
5689
|
+
/**
|
|
4960
5690
|
* Register a callback for theme change events
|
|
4961
5691
|
*/
|
|
4962
5692
|
onThemeChange(callback) {
|
|
@@ -4976,6 +5706,15 @@ var UserPreferencesManager = class {
|
|
|
4976
5706
|
};
|
|
4977
5707
|
}
|
|
4978
5708
|
/**
|
|
5709
|
+
* Register a callback for signer mode changes.
|
|
5710
|
+
*/
|
|
5711
|
+
onSignerModeChange(callback) {
|
|
5712
|
+
this.signerModeChangeListeners.add(callback);
|
|
5713
|
+
return () => {
|
|
5714
|
+
this.signerModeChangeListeners.delete(callback);
|
|
5715
|
+
};
|
|
5716
|
+
}
|
|
5717
|
+
/**
|
|
4979
5718
|
* Notify all registered listeners of theme changes
|
|
4980
5719
|
*/
|
|
4981
5720
|
notifyThemeChange(theme) {
|
|
@@ -4983,21 +5722,15 @@ var UserPreferencesManager = class {
|
|
|
4983
5722
|
console.debug(`[UserPreferencesManager]: No listeners registered, theme change will not propagate.`);
|
|
4984
5723
|
return;
|
|
4985
5724
|
}
|
|
4986
|
-
|
|
4987
|
-
this.themeChangeListeners.forEach((listener) => {
|
|
4988
|
-
index++;
|
|
4989
|
-
try {
|
|
4990
|
-
listener(theme);
|
|
4991
|
-
} catch (error) {}
|
|
4992
|
-
});
|
|
5725
|
+
for (const listener of this.themeChangeListeners) listener(theme);
|
|
4993
5726
|
}
|
|
4994
5727
|
notifyConfirmationConfigChange(config) {
|
|
4995
5728
|
if (this.confirmationConfigChangeListeners.size === 0) return;
|
|
4996
|
-
this.confirmationConfigChangeListeners
|
|
4997
|
-
|
|
4998
|
-
|
|
4999
|
-
|
|
5000
|
-
|
|
5729
|
+
for (const listener of this.confirmationConfigChangeListeners) listener(config);
|
|
5730
|
+
}
|
|
5731
|
+
notifySignerModeChange(mode) {
|
|
5732
|
+
if (this.signerModeChangeListeners.size === 0) return;
|
|
5733
|
+
for (const listener of this.signerModeChangeListeners) listener(mode);
|
|
5001
5734
|
}
|
|
5002
5735
|
/**
|
|
5003
5736
|
* Best-effort async initialization from IndexedDB.
|
|
@@ -5006,18 +5739,18 @@ var UserPreferencesManager = class {
|
|
|
5006
5739
|
* app-origin IndexedDB (wallet-iframe mode) can skip it entirely.
|
|
5007
5740
|
*/
|
|
5008
5741
|
async initFromIndexedDB() {
|
|
5009
|
-
|
|
5010
|
-
await this.loadUserSettings();
|
|
5011
|
-
} catch (error) {
|
|
5742
|
+
await this.loadUserSettings().catch((error) => {
|
|
5012
5743
|
console.warn("[WebAuthnManager]: Failed to initialize user settings:", error);
|
|
5013
|
-
}
|
|
5744
|
+
});
|
|
5014
5745
|
}
|
|
5015
5746
|
/**
|
|
5016
5747
|
* Subscribe to IndexedDB change events for automatic synchronization
|
|
5017
5748
|
*/
|
|
5018
5749
|
subscribeToIndexedDBChanges() {
|
|
5019
5750
|
this.unsubscribeFromIndexedDB = IndexedDBManager.clientDB.onChange((event) => {
|
|
5020
|
-
this.handleIndexedDBEvent(event)
|
|
5751
|
+
this.handleIndexedDBEvent(event).catch((error) => {
|
|
5752
|
+
console.warn("[WebAuthnManager]: Error handling IndexedDB event:", error);
|
|
5753
|
+
});
|
|
5021
5754
|
});
|
|
5022
5755
|
}
|
|
5023
5756
|
/**
|
|
@@ -5025,23 +5758,19 @@ var UserPreferencesManager = class {
|
|
|
5025
5758
|
* @param event - The IndexedDBEvent: `user-updated`, `preferences-updated`, `user-deleted` to handle.
|
|
5026
5759
|
*/
|
|
5027
5760
|
async handleIndexedDBEvent(event) {
|
|
5028
|
-
|
|
5029
|
-
|
|
5030
|
-
|
|
5031
|
-
|
|
5032
|
-
|
|
5033
|
-
|
|
5034
|
-
|
|
5035
|
-
|
|
5036
|
-
|
|
5037
|
-
|
|
5038
|
-
|
|
5039
|
-
|
|
5040
|
-
|
|
5041
|
-
break;
|
|
5042
|
-
}
|
|
5043
|
-
} catch (error) {
|
|
5044
|
-
console.warn("[WebAuthnManager]: Error handling IndexedDB event:", error);
|
|
5761
|
+
switch (event.type) {
|
|
5762
|
+
case "preferences-updated":
|
|
5763
|
+
if (event.accountId === this.currentUserAccountId) await this.reloadUserSettings();
|
|
5764
|
+
break;
|
|
5765
|
+
case "user-updated":
|
|
5766
|
+
if (event.accountId === this.currentUserAccountId) await this.reloadUserSettings();
|
|
5767
|
+
break;
|
|
5768
|
+
case "user-deleted":
|
|
5769
|
+
if (event.accountId === this.currentUserAccountId) {
|
|
5770
|
+
this.currentUserAccountId = void 0;
|
|
5771
|
+
this.confirmationConfig = DEFAULT_CONFIRMATION_CONFIG;
|
|
5772
|
+
}
|
|
5773
|
+
break;
|
|
5045
5774
|
}
|
|
5046
5775
|
}
|
|
5047
5776
|
/**
|
|
@@ -5056,8 +5785,10 @@ var UserPreferencesManager = class {
|
|
|
5056
5785
|
this.unsubscribeFromIndexedDB();
|
|
5057
5786
|
this.unsubscribeFromIndexedDB = void 0;
|
|
5058
5787
|
}
|
|
5788
|
+
this.walletIframeSignerModeWriter = null;
|
|
5059
5789
|
this.themeChangeListeners.clear();
|
|
5060
5790
|
this.confirmationConfigChangeListeners.clear();
|
|
5791
|
+
this.signerModeChangeListeners.clear();
|
|
5061
5792
|
}
|
|
5062
5793
|
getCurrentUserAccountId() {
|
|
5063
5794
|
if (!this.currentUserAccountId) {
|
|
@@ -5069,6 +5800,9 @@ var UserPreferencesManager = class {
|
|
|
5069
5800
|
getConfirmationConfig() {
|
|
5070
5801
|
return this.confirmationConfig;
|
|
5071
5802
|
}
|
|
5803
|
+
getSignerMode() {
|
|
5804
|
+
return this.signerMode;
|
|
5805
|
+
}
|
|
5072
5806
|
/**
|
|
5073
5807
|
* Apply an authoritative confirmation config snapshot from the wallet-iframe host.
|
|
5074
5808
|
* This updates in-memory state only; persistence remains owned by the wallet origin.
|
|
@@ -5086,6 +5820,20 @@ var UserPreferencesManager = class {
|
|
|
5086
5820
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5087
5821
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5088
5822
|
}
|
|
5823
|
+
/**
|
|
5824
|
+
* Apply an authoritative signer mode snapshot from the wallet-iframe host.
|
|
5825
|
+
* This updates in-memory state only; persistence remains owned by the wallet origin.
|
|
5826
|
+
*/
|
|
5827
|
+
applyWalletHostSignerMode(args) {
|
|
5828
|
+
const { nearAccountId, signerMode } = args || {};
|
|
5829
|
+
if (nearAccountId) this.currentUserAccountId = nearAccountId;
|
|
5830
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5831
|
+
const next = coerceSignerMode(signerMode, base$1);
|
|
5832
|
+
this.setSignerModeInternal(next, {
|
|
5833
|
+
persist: false,
|
|
5834
|
+
notify: true
|
|
5835
|
+
});
|
|
5836
|
+
}
|
|
5089
5837
|
setCurrentUser(nearAccountId) {
|
|
5090
5838
|
this.currentUserAccountId = nearAccountId;
|
|
5091
5839
|
if (!IndexedDBManager.clientDB.isDisabled()) this.loadSettingsForUser(nearAccountId).catch(() => void 0);
|
|
@@ -5117,6 +5865,13 @@ var UserPreferencesManager = class {
|
|
|
5117
5865
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5118
5866
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5119
5867
|
}
|
|
5868
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5869
|
+
const stored = user?.preferences?.signerMode;
|
|
5870
|
+
const nextSignerMode = stored != null ? coerceSignerMode(stored, base$1) : base$1;
|
|
5871
|
+
this.setSignerModeInternal(nextSignerMode, {
|
|
5872
|
+
persist: false,
|
|
5873
|
+
notify: true
|
|
5874
|
+
});
|
|
5120
5875
|
}
|
|
5121
5876
|
/**
|
|
5122
5877
|
* Reload current user settings from IndexedDB
|
|
@@ -5165,6 +5920,13 @@ var UserPreferencesManager = class {
|
|
|
5165
5920
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5166
5921
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5167
5922
|
} else console.debug("[WebAuthnManager]: No user preferences found, using defaults");
|
|
5923
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5924
|
+
const stored = user?.preferences?.signerMode;
|
|
5925
|
+
const nextSignerMode = stored != null ? coerceSignerMode(stored, base$1) : base$1;
|
|
5926
|
+
this.setSignerModeInternal(nextSignerMode, {
|
|
5927
|
+
persist: false,
|
|
5928
|
+
notify: true
|
|
5929
|
+
});
|
|
5168
5930
|
} else console.debug("[WebAuthnManager]: No last user found, using default settings");
|
|
5169
5931
|
}
|
|
5170
5932
|
/**
|
|
@@ -5220,6 +5982,35 @@ var UserPreferencesManager = class {
|
|
|
5220
5982
|
console.warn("[UserPreferencesManager]: Failed to save user theme:", error);
|
|
5221
5983
|
}
|
|
5222
5984
|
}
|
|
5985
|
+
/**
|
|
5986
|
+
* Set signer mode preference (in-memory immediately; IndexedDB persistence is best-effort).
|
|
5987
|
+
*/
|
|
5988
|
+
setSignerMode(signerMode) {
|
|
5989
|
+
const next = mergeSignerMode(this.signerMode, signerMode);
|
|
5990
|
+
if (this.walletIframeSignerModeWriter && IndexedDBManager.clientDB.isDisabled()) {
|
|
5991
|
+
this.walletIframeSignerModeWriter(next).catch(() => void 0);
|
|
5992
|
+
return;
|
|
5993
|
+
}
|
|
5994
|
+
this.setSignerModeInternal(next, {
|
|
5995
|
+
persist: true,
|
|
5996
|
+
notify: true
|
|
5997
|
+
});
|
|
5998
|
+
}
|
|
5999
|
+
isSignerModeEqual(a, b) {
|
|
6000
|
+
if (a.mode !== b.mode) return false;
|
|
6001
|
+
if (a.mode !== "threshold-signer" || b.mode !== "threshold-signer") return true;
|
|
6002
|
+
return (a.behavior ?? null) === (b.behavior ?? null);
|
|
6003
|
+
}
|
|
6004
|
+
setSignerModeInternal(next, opts) {
|
|
6005
|
+
const prev = this.signerMode;
|
|
6006
|
+
this.signerMode = next;
|
|
6007
|
+
if (opts.notify && !this.isSignerModeEqual(prev, next)) this.notifySignerModeChange(next);
|
|
6008
|
+
if (opts.persist) {
|
|
6009
|
+
const id = this.currentUserAccountId;
|
|
6010
|
+
if (!id || IndexedDBManager.clientDB.isDisabled()) return;
|
|
6011
|
+
IndexedDBManager.clientDB.setSignerMode(id, next).catch(() => void 0);
|
|
6012
|
+
}
|
|
6013
|
+
}
|
|
5223
6014
|
};
|
|
5224
6015
|
const UserPreferencesInstance = new UserPreferencesManager();
|
|
5225
6016
|
var userPreferences_default = UserPreferencesInstance;
|
|
@@ -5367,10 +6158,8 @@ var NonceManager = class NonceManager {
|
|
|
5367
6158
|
} catch (akErr) {
|
|
5368
6159
|
const msg = errorMessage(akErr);
|
|
5369
6160
|
const missingAk = msg.includes("does not exist while viewing") || msg.includes("Access key not found") || msg.includes("unknown public key") || msg.includes("does not exist");
|
|
5370
|
-
if (missingAk)
|
|
5371
|
-
|
|
5372
|
-
maybeAccessKey = null;
|
|
5373
|
-
} else accessKeyError = akErr;
|
|
6161
|
+
if (missingAk) maybeAccessKey = null;
|
|
6162
|
+
else accessKeyError = akErr;
|
|
5374
6163
|
}
|
|
5375
6164
|
})());
|
|
5376
6165
|
if (fetchBlock) tasks.push((async () => {
|
|
@@ -5480,7 +6269,6 @@ var NonceManager = class NonceManager {
|
|
|
5480
6269
|
for (const n of planned) newSet.add(n);
|
|
5481
6270
|
this.reservedNonces = newSet;
|
|
5482
6271
|
this.lastReservedNonce = planned[planned.length - 1];
|
|
5483
|
-
console.debug(`[NonceManager]: Reserved ${count} nonces:`, planned);
|
|
5484
6272
|
return planned;
|
|
5485
6273
|
}
|
|
5486
6274
|
/**
|
|
@@ -5488,19 +6276,15 @@ var NonceManager = class NonceManager {
|
|
|
5488
6276
|
* @param nonce - The nonce to release
|
|
5489
6277
|
*/
|
|
5490
6278
|
releaseNonce(nonce) {
|
|
5491
|
-
if (this.reservedNonces.has(nonce))
|
|
5492
|
-
this.reservedNonces.delete(nonce);
|
|
5493
|
-
console.debug(`[NonceManager]: Released nonce ${nonce}`);
|
|
5494
|
-
}
|
|
6279
|
+
if (this.reservedNonces.has(nonce)) this.reservedNonces.delete(nonce);
|
|
5495
6280
|
}
|
|
5496
6281
|
/**
|
|
5497
6282
|
* Release all reserved nonces
|
|
5498
6283
|
*/
|
|
5499
6284
|
releaseAllNonces() {
|
|
5500
|
-
|
|
6285
|
+
this.reservedNonces.size;
|
|
5501
6286
|
this.reservedNonces.clear();
|
|
5502
6287
|
this.lastReservedNonce = null;
|
|
5503
|
-
console.debug(`[NonceManager]: Released all ${count} reserved nonces`);
|
|
5504
6288
|
}
|
|
5505
6289
|
/**
|
|
5506
6290
|
* Update nonce from blockchain after transaction completion
|
|
@@ -5515,7 +6299,7 @@ var NonceManager = class NonceManager {
|
|
|
5515
6299
|
if (!accessKeyInfo || accessKeyInfo.nonce === void 0) throw new Error(`Access key not found or invalid for account ${this.nearAccountId}`);
|
|
5516
6300
|
const chainNonceBigInt = BigInt(accessKeyInfo.nonce);
|
|
5517
6301
|
const actualNonceBigInt = BigInt(actualNonce);
|
|
5518
|
-
if (chainNonceBigInt < actualNonceBigInt - BigInt(1)) console.warn(`[NonceManager]: Chain nonce (${chainNonceBigInt}) behind expected (${actualNonceBigInt - BigInt(1)}).
|
|
6302
|
+
if (chainNonceBigInt < actualNonceBigInt - BigInt(1)) console.warn(`[NonceManager]: Chain nonce (${chainNonceBigInt}) behind expected (${actualNonceBigInt - BigInt(1)}). Updating...`);
|
|
5519
6303
|
const candidateNext = this.maxBigInt(chainNonceBigInt + 1n, actualNonceBigInt + 1n, this.transactionContext?.nextNonce ? BigInt(this.transactionContext.nextNonce) : 0n, this.lastReservedNonce ? BigInt(this.lastReservedNonce) + 1n : 0n);
|
|
5520
6304
|
if (this.transactionContext) {
|
|
5521
6305
|
this.transactionContext.accessKeyInfo = accessKeyInfo;
|
|
@@ -5620,10 +6404,221 @@ const NonceManagerInstance = NonceManager.getInstance();
|
|
|
5620
6404
|
var nonceManager_default = NonceManagerInstance;
|
|
5621
6405
|
|
|
5622
6406
|
//#endregion
|
|
5623
|
-
//#region src/core/
|
|
5624
|
-
|
|
5625
|
-
|
|
5626
|
-
|
|
6407
|
+
//#region src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.ts
|
|
6408
|
+
/**
|
|
6409
|
+
* Threshold keygen helper (2-of-2):
|
|
6410
|
+
* - derive deterministic client verifying share from WrapKeySeed (via signer worker session)
|
|
6411
|
+
* - run `/threshold-ed25519/keygen` to fetch relayer share + group public key
|
|
6412
|
+
*/
|
|
6413
|
+
async function enrollThresholdEd25519KeyHandler(ctx, args) {
|
|
6414
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
6415
|
+
const sessionId = String(args.sessionId || "").trim();
|
|
6416
|
+
const relayerUrl = String(ctx.relayerUrl || "").trim();
|
|
6417
|
+
try {
|
|
6418
|
+
if (!sessionId) throw new Error("Missing sessionId");
|
|
6419
|
+
if (!relayerUrl) throw new Error("Missing relayer url (configs.relayer.url)");
|
|
6420
|
+
const derived = await ctx.signerWorkerManager.deriveThresholdEd25519ClientVerifyingShare({
|
|
6421
|
+
sessionId,
|
|
6422
|
+
nearAccountId
|
|
6423
|
+
});
|
|
6424
|
+
if (!derived.success) throw new Error(derived.error || "Failed to derive threshold client verifying share");
|
|
6425
|
+
const rpId = ctx.touchIdPrompt.getRpId();
|
|
6426
|
+
if (!rpId) throw new Error("Missing rpId for WebAuthn VRF challenge");
|
|
6427
|
+
const keygenIntentDigestB64u = await computeThresholdEd25519KeygenIntentDigest({
|
|
6428
|
+
nearAccountId,
|
|
6429
|
+
rpId,
|
|
6430
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u
|
|
6431
|
+
});
|
|
6432
|
+
const block = await ctx.nearClient.viewBlock({ finality: "final" });
|
|
6433
|
+
const blockHeight = String(block?.header?.height ?? "");
|
|
6434
|
+
const blockHash = String(block?.header?.hash ?? "");
|
|
6435
|
+
if (!blockHeight || !blockHash) throw new Error("Failed to fetch NEAR block context for keygen VRF challenge");
|
|
6436
|
+
const vrfChallenge = await ctx.vrfWorkerManager.generateVrfChallengeOnce({
|
|
6437
|
+
userId: nearAccountId,
|
|
6438
|
+
rpId,
|
|
6439
|
+
blockHeight,
|
|
6440
|
+
blockHash,
|
|
6441
|
+
intentDigest: keygenIntentDigestB64u
|
|
6442
|
+
});
|
|
6443
|
+
const webauthnAuthentication = await collectAuthenticationCredentialForVrfChallenge({
|
|
6444
|
+
indexedDB: IndexedDBManager,
|
|
6445
|
+
touchIdPrompt: ctx.touchIdPrompt,
|
|
6446
|
+
nearAccountId,
|
|
6447
|
+
vrfChallenge
|
|
6448
|
+
});
|
|
6449
|
+
const keygen = await thresholdEd25519Keygen(relayerUrl, vrfChallenge, webauthnAuthentication, {
|
|
6450
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u,
|
|
6451
|
+
nearAccountId
|
|
6452
|
+
});
|
|
6453
|
+
if (!keygen.ok) throw new Error(keygen.error || keygen.message || keygen.code || "Threshold keygen failed");
|
|
6454
|
+
const publicKeyRaw = keygen.publicKey;
|
|
6455
|
+
const relayerKeyId = keygen.relayerKeyId;
|
|
6456
|
+
const relayerVerifyingShareB64u = keygen.relayerVerifyingShareB64u;
|
|
6457
|
+
if (!publicKeyRaw) throw new Error("Threshold keygen returned empty publicKey");
|
|
6458
|
+
if (!relayerKeyId) throw new Error("Threshold keygen returned empty relayerKeyId");
|
|
6459
|
+
if (!relayerVerifyingShareB64u) throw new Error("Threshold keygen returned empty relayerVerifyingShareB64u");
|
|
6460
|
+
const publicKey = ensureEd25519Prefix(publicKeyRaw);
|
|
6461
|
+
if (!publicKey) throw new Error("Threshold keygen returned empty publicKey");
|
|
6462
|
+
const clientParticipantId = typeof keygen.clientParticipantId === "number" ? keygen.clientParticipantId : void 0;
|
|
6463
|
+
const relayerParticipantId = typeof keygen.relayerParticipantId === "number" ? keygen.relayerParticipantId : void 0;
|
|
6464
|
+
return {
|
|
6465
|
+
success: true,
|
|
6466
|
+
publicKey,
|
|
6467
|
+
clientParticipantId,
|
|
6468
|
+
relayerParticipantId,
|
|
6469
|
+
participantIds: Array.isArray(keygen.participantIds) ? keygen.participantIds : void 0,
|
|
6470
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u,
|
|
6471
|
+
relayerKeyId,
|
|
6472
|
+
relayerVerifyingShareB64u,
|
|
6473
|
+
wrapKeySalt: derived.wrapKeySalt
|
|
6474
|
+
};
|
|
6475
|
+
} catch (error) {
|
|
6476
|
+
const message = String(error?.message ?? error);
|
|
6477
|
+
return {
|
|
6478
|
+
success: false,
|
|
6479
|
+
publicKey: "",
|
|
6480
|
+
clientVerifyingShareB64u: "",
|
|
6481
|
+
relayerKeyId: "",
|
|
6482
|
+
relayerVerifyingShareB64u: "",
|
|
6483
|
+
wrapKeySalt: "",
|
|
6484
|
+
error: message
|
|
6485
|
+
};
|
|
6486
|
+
}
|
|
6487
|
+
}
|
|
6488
|
+
|
|
6489
|
+
//#endregion
|
|
6490
|
+
//#region src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.ts
|
|
6491
|
+
/**
|
|
6492
|
+
* Threshold key rotation (post-registration):
|
|
6493
|
+
* - keygen (new relayerKeyId + publicKey)
|
|
6494
|
+
* - AddKey(new threshold publicKey)
|
|
6495
|
+
* - DeleteKey(old threshold publicKey)
|
|
6496
|
+
*
|
|
6497
|
+
* Uses the local signer key for AddKey/DeleteKey, and requires the account to already
|
|
6498
|
+
* have a stored `threshold_ed25519_2p_v1` key material entry for the target device.
|
|
6499
|
+
*/
|
|
6500
|
+
async function rotateThresholdEd25519KeyPostRegistrationHandler(ctx, args) {
|
|
6501
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
6502
|
+
const oldPublicKey = String(args.oldPublicKey || "");
|
|
6503
|
+
const oldRelayerKeyId = String(args.oldRelayerKeyId || "");
|
|
6504
|
+
const newPublicKey = String(args.newPublicKey || "");
|
|
6505
|
+
const newRelayerKeyId = String(args.newRelayerKeyId || "");
|
|
6506
|
+
const wrapKeySalt = String(args.wrapKeySalt || "");
|
|
6507
|
+
const base$1 = {
|
|
6508
|
+
oldPublicKey,
|
|
6509
|
+
oldRelayerKeyId,
|
|
6510
|
+
publicKey: newPublicKey,
|
|
6511
|
+
relayerKeyId: newRelayerKeyId,
|
|
6512
|
+
wrapKeySalt
|
|
6513
|
+
};
|
|
6514
|
+
const ok = (params) => {
|
|
6515
|
+
const { warning,...rest } = params;
|
|
6516
|
+
return {
|
|
6517
|
+
success: true,
|
|
6518
|
+
...base$1,
|
|
6519
|
+
...rest,
|
|
6520
|
+
...warning ? { warning } : {}
|
|
6521
|
+
};
|
|
6522
|
+
};
|
|
6523
|
+
try {
|
|
6524
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
6525
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : NaN;
|
|
6526
|
+
if (!Number.isSafeInteger(resolvedDeviceNumber) || resolvedDeviceNumber < 1) throw new Error("Invalid deviceNumber");
|
|
6527
|
+
const oldNormalized = ensureEd25519Prefix(oldPublicKey);
|
|
6528
|
+
const newNormalized = ensureEd25519Prefix(newPublicKey);
|
|
6529
|
+
if (!oldNormalized) return ok({
|
|
6530
|
+
deleteOldKeyAttempted: false,
|
|
6531
|
+
deleteOldKeySuccess: false,
|
|
6532
|
+
warning: "Rotation completed but old threshold key material had an invalid publicKey; skipped DeleteKey."
|
|
6533
|
+
});
|
|
6534
|
+
if (oldNormalized === newNormalized) return ok({
|
|
6535
|
+
deleteOldKeyAttempted: false,
|
|
6536
|
+
deleteOldKeySuccess: true,
|
|
6537
|
+
warning: "Rotation returned the same threshold public key; skipped DeleteKey(old)."
|
|
6538
|
+
});
|
|
6539
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
6540
|
+
if (!localKeyMaterial) return ok({
|
|
6541
|
+
deleteOldKeyAttempted: false,
|
|
6542
|
+
deleteOldKeySuccess: false,
|
|
6543
|
+
warning: `Rotation completed but could not load local key material for DeleteKey(old) (account ${nearAccountId} device ${resolvedDeviceNumber}).`
|
|
6544
|
+
});
|
|
6545
|
+
const localPk = ensureEd25519Prefix(localKeyMaterial.publicKey);
|
|
6546
|
+
if (localPk && localPk === oldNormalized) return ok({
|
|
6547
|
+
deleteOldKeyAttempted: false,
|
|
6548
|
+
deleteOldKeySuccess: false,
|
|
6549
|
+
warning: "Refusing to DeleteKey(old) because it matches the local signer public key."
|
|
6550
|
+
});
|
|
6551
|
+
const oldOnChain = await hasAccessKey(ctx.nearClient, nearAccountId, oldPublicKey, {
|
|
6552
|
+
attempts: 1,
|
|
6553
|
+
delayMs: 0
|
|
6554
|
+
});
|
|
6555
|
+
if (!oldOnChain) return ok({
|
|
6556
|
+
deleteOldKeyAttempted: false,
|
|
6557
|
+
deleteOldKeySuccess: true
|
|
6558
|
+
});
|
|
6559
|
+
const deleteKeyAction = {
|
|
6560
|
+
action_type: ActionType.DeleteKey,
|
|
6561
|
+
public_key: oldNormalized
|
|
6562
|
+
};
|
|
6563
|
+
const txInputs = [{
|
|
6564
|
+
receiverId: nearAccountId,
|
|
6565
|
+
actions: [deleteKeyAction]
|
|
6566
|
+
}];
|
|
6567
|
+
let deleteOldKeyAttempted = false;
|
|
6568
|
+
try {
|
|
6569
|
+
const rpcCall = {
|
|
6570
|
+
contractId: ctx.contractId,
|
|
6571
|
+
nearRpcUrl: ctx.nearRpcUrl,
|
|
6572
|
+
nearAccountId
|
|
6573
|
+
};
|
|
6574
|
+
const signed = await ctx.signTransactionsWithActions({
|
|
6575
|
+
transactions: txInputs,
|
|
6576
|
+
rpcCall,
|
|
6577
|
+
signerMode: { mode: "local-signer" },
|
|
6578
|
+
confirmationConfigOverride: {
|
|
6579
|
+
uiMode: "skip",
|
|
6580
|
+
behavior: "autoProceed",
|
|
6581
|
+
autoProceedDelay: 0
|
|
6582
|
+
},
|
|
6583
|
+
title: "Rotate threshold key",
|
|
6584
|
+
body: "Confirm deletion of the old threshold access key."
|
|
6585
|
+
});
|
|
6586
|
+
const signedTx = signed?.[0]?.signedTransaction;
|
|
6587
|
+
if (!signedTx) throw new Error("Failed to sign DeleteKey(oldThresholdPublicKey) transaction");
|
|
6588
|
+
deleteOldKeyAttempted = true;
|
|
6589
|
+
await ctx.nearClient.sendTransaction(signedTx, DEFAULT_WAIT_STATUS.linkDeviceDeleteKey);
|
|
6590
|
+
const deleted = await waitForAccessKeyAbsent(ctx.nearClient, nearAccountId, oldPublicKey);
|
|
6591
|
+
if (!deleted) return ok({
|
|
6592
|
+
deleteOldKeyAttempted,
|
|
6593
|
+
deleteOldKeySuccess: false,
|
|
6594
|
+
warning: "DeleteKey(old) submitted but old access key is still present on-chain."
|
|
6595
|
+
});
|
|
6596
|
+
return ok({
|
|
6597
|
+
deleteOldKeyAttempted,
|
|
6598
|
+
deleteOldKeySuccess: true
|
|
6599
|
+
});
|
|
6600
|
+
} catch (error) {
|
|
6601
|
+
const message = String(error?.message ?? error);
|
|
6602
|
+
return ok({
|
|
6603
|
+
deleteOldKeyAttempted,
|
|
6604
|
+
deleteOldKeySuccess: false,
|
|
6605
|
+
warning: `Rotation completed but failed to DeleteKey(old): ${message}`
|
|
6606
|
+
});
|
|
6607
|
+
}
|
|
6608
|
+
} catch (error) {
|
|
6609
|
+
const message = String(error?.message ?? error);
|
|
6610
|
+
return {
|
|
6611
|
+
success: false,
|
|
6612
|
+
oldPublicKey,
|
|
6613
|
+
oldRelayerKeyId,
|
|
6614
|
+
publicKey: "",
|
|
6615
|
+
relayerKeyId: "",
|
|
6616
|
+
wrapKeySalt: "",
|
|
6617
|
+
deleteOldKeyAttempted: false,
|
|
6618
|
+
deleteOldKeySuccess: false,
|
|
6619
|
+
error: message
|
|
6620
|
+
};
|
|
6621
|
+
}
|
|
5627
6622
|
}
|
|
5628
6623
|
|
|
5629
6624
|
//#endregion
|
|
@@ -5652,9 +6647,8 @@ var WebAuthnManager = class {
|
|
|
5652
6647
|
this.nearClient = nearClient;
|
|
5653
6648
|
this.touchIdPrompt = new TouchIdPrompt(tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true);
|
|
5654
6649
|
this.userPreferencesManager = userPreferences_default;
|
|
5655
|
-
|
|
5656
|
-
|
|
5657
|
-
} catch {}
|
|
6650
|
+
this.userPreferencesManager.configureWalletTheme?.(tatchiPasskeyConfigs.walletTheme);
|
|
6651
|
+
this.userPreferencesManager.configureDefaultSignerMode?.(tatchiPasskeyConfigs.signerMode);
|
|
5658
6652
|
this.nonceManager = nonceManager_default;
|
|
5659
6653
|
const { vrfWorkerConfigs } = tatchiPasskeyConfigs;
|
|
5660
6654
|
this.vrfWorkerManager = new VrfWorkerManager({
|
|
@@ -5671,7 +6665,7 @@ var WebAuthnManager = class {
|
|
|
5671
6665
|
rpIdOverride: this.touchIdPrompt.getRpId(),
|
|
5672
6666
|
nearExplorerUrl: tatchiPasskeyConfigs.nearExplorerUrl
|
|
5673
6667
|
});
|
|
5674
|
-
this.signerWorkerManager = new SignerWorkerManager(this.vrfWorkerManager, nearClient, this.userPreferencesManager, this.nonceManager, tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true, tatchiPasskeyConfigs.nearExplorerUrl);
|
|
6668
|
+
this.signerWorkerManager = new SignerWorkerManager(this.vrfWorkerManager, nearClient, this.userPreferencesManager, this.nonceManager, this.tatchiPasskeyConfigs.relayer.url, tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true, tatchiPasskeyConfigs.nearExplorerUrl);
|
|
5675
6669
|
this.workerBaseOrigin = resolveWorkerBaseOrigin() || (typeof window !== "undefined" ? window.location.origin : "");
|
|
5676
6670
|
this.signerWorkerManager.setWorkerBaseOrigin(this.workerBaseOrigin);
|
|
5677
6671
|
this.vrfWorkerManager.setWorkerBaseOrigin?.(this.workerBaseOrigin);
|
|
@@ -5753,7 +6747,7 @@ var WebAuthnManager = class {
|
|
|
5753
6747
|
}
|
|
5754
6748
|
async withSigningSession(args) {
|
|
5755
6749
|
if (typeof args.handler !== "function") throw new Error("withSigningSession requires a handler function");
|
|
5756
|
-
const sessionId =
|
|
6750
|
+
const sessionId = args.sessionId || (args.prefix ? this.generateSessionId(args.prefix) : "");
|
|
5757
6751
|
if (!sessionId) throw new Error("withSigningSession requires a sessionId or prefix");
|
|
5758
6752
|
return await this.withSigningSessionInternal({
|
|
5759
6753
|
sessionId,
|
|
@@ -5767,6 +6761,7 @@ var WebAuthnManager = class {
|
|
|
5767
6761
|
try {
|
|
5768
6762
|
if (args.options) await this.vrfWorkerManager.mintSessionKeysAndSendToSigner({
|
|
5769
6763
|
sessionId: args.sessionId,
|
|
6764
|
+
wrapKeySalt: args.options.wrapKeySalt,
|
|
5770
6765
|
credential: args.options.credential
|
|
5771
6766
|
});
|
|
5772
6767
|
return await args.handler(args.sessionId);
|
|
@@ -5804,15 +6799,15 @@ var WebAuthnManager = class {
|
|
|
5804
6799
|
if (deviceNumber === null) throw new Error(`No deviceNumber found for account ${nearAccountId} (decrypt session)`);
|
|
5805
6800
|
const userForDevice = await IndexedDBManager.clientDB.getUserByDevice(nearAccountId, deviceNumber).catch(() => null);
|
|
5806
6801
|
const encryptedVrfKeypair = userForDevice?.encryptedVrfKeypair;
|
|
5807
|
-
const
|
|
5808
|
-
if (!
|
|
6802
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
6803
|
+
if (!keyMaterial) {
|
|
5809
6804
|
console.error("WebAuthnManager: No encrypted key found for decrypt session", {
|
|
5810
6805
|
nearAccountId: String(nearAccountId),
|
|
5811
6806
|
deviceNumber
|
|
5812
6807
|
});
|
|
5813
|
-
throw new Error(`No
|
|
6808
|
+
throw new Error(`No key material found for account: ${nearAccountId}`);
|
|
5814
6809
|
}
|
|
5815
|
-
const wrapKeySalt =
|
|
6810
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
5816
6811
|
if (!wrapKeySalt) {
|
|
5817
6812
|
console.error("WebAuthnManager: Missing wrapKeySalt in vault for decrypt session", {
|
|
5818
6813
|
nearAccountId: String(nearAccountId),
|
|
@@ -5843,6 +6838,16 @@ var WebAuthnManager = class {
|
|
|
5843
6838
|
allowCredentials
|
|
5844
6839
|
});
|
|
5845
6840
|
}
|
|
6841
|
+
async collectAuthenticationCredentialForVrfChallenge(args) {
|
|
6842
|
+
return collectAuthenticationCredentialForVrfChallenge({
|
|
6843
|
+
indexedDB: IndexedDBManager,
|
|
6844
|
+
touchIdPrompt: this.touchIdPrompt,
|
|
6845
|
+
nearAccountId: args.nearAccountId,
|
|
6846
|
+
vrfChallenge: args.vrfChallenge,
|
|
6847
|
+
includeSecondPrfOutput: args.includeSecondPrfOutput,
|
|
6848
|
+
onBeforePrompt: args.onBeforePrompt
|
|
6849
|
+
});
|
|
6850
|
+
}
|
|
5846
6851
|
/**
|
|
5847
6852
|
* Generate a VRF challenge bound to a specific signing/confirm session.
|
|
5848
6853
|
* The challenge will be cached in the VRF worker under this sessionId so
|
|
@@ -5914,9 +6919,9 @@ var WebAuthnManager = class {
|
|
|
5914
6919
|
const contractId = this.tatchiPasskeyConfigs.contractId;
|
|
5915
6920
|
try {
|
|
5916
6921
|
const sessionId = `device2-sign-${Date.now()}-${Math.random().toString(36).slice(2, 11)}`;
|
|
5917
|
-
const
|
|
5918
|
-
if (!
|
|
5919
|
-
const wrapKeySalt =
|
|
6922
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
6923
|
+
if (!keyMaterial) throw new Error(`No key material found for account ${nearAccountId} device ${deviceNumber}`);
|
|
6924
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
5920
6925
|
if (!wrapKeySalt) throw new Error(`Missing wrapKeySalt for account ${nearAccountId} device ${deviceNumber}`);
|
|
5921
6926
|
const signerPort = await this.vrfWorkerManager.createSigningSessionChannel(sessionId);
|
|
5922
6927
|
await this.signerWorkerManager.reserveSignerWorkerSession(sessionId, { signerPort });
|
|
@@ -6079,10 +7084,28 @@ var WebAuthnManager = class {
|
|
|
6079
7084
|
const vrfStatus = await this.vrfWorkerManager.checkVrfStatus();
|
|
6080
7085
|
if (!vrfStatus.active) throw new Error("VRF keypair not active in memory. Please log in again.");
|
|
6081
7086
|
if (!vrfStatus.nearAccountId || String(vrfStatus.nearAccountId) !== String(nearAccountId)) throw new Error("VRF keypair active but bound to a different account. Please log in again.");
|
|
6082
|
-
const
|
|
6083
|
-
const
|
|
6084
|
-
|
|
6085
|
-
|
|
7087
|
+
const credentialRawId = String(args.credential?.rawId || "").trim();
|
|
7088
|
+
const authenticators = await this.getAuthenticatorsByUser(nearAccountId).catch(() => []);
|
|
7089
|
+
let deviceNumber;
|
|
7090
|
+
try {
|
|
7091
|
+
deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB);
|
|
7092
|
+
} catch (err) {
|
|
7093
|
+
if (credentialRawId) {
|
|
7094
|
+
const matched = authenticators.find((a) => a.credentialId === credentialRawId);
|
|
7095
|
+
const inferred = matched && typeof matched.deviceNumber === "number" && Number.isFinite(matched.deviceNumber) ? matched.deviceNumber : null;
|
|
7096
|
+
if (inferred !== null) {
|
|
7097
|
+
deviceNumber = inferred;
|
|
7098
|
+
await this.setLastUser(nearAccountId, inferred).catch(() => void 0);
|
|
7099
|
+
} else throw err;
|
|
7100
|
+
} else throw err;
|
|
7101
|
+
}
|
|
7102
|
+
if (credentialRawId && authenticators.length > 1) {
|
|
7103
|
+
const { wrongPasskeyError } = await IndexedDBManager.clientDB.ensureCurrentPasskey(nearAccountId, authenticators, credentialRawId);
|
|
7104
|
+
if (wrongPasskeyError) throw new Error(wrongPasskeyError);
|
|
7105
|
+
}
|
|
7106
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
7107
|
+
if (!keyMaterial) throw new Error(`No key material found for account ${nearAccountId} device ${deviceNumber}`);
|
|
7108
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
6086
7109
|
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in vault; re-register to upgrade vault format.");
|
|
6087
7110
|
const { ttlMs, remainingUses } = this.resolveSigningSessionPolicy(args);
|
|
6088
7111
|
await this.vrfWorkerManager.mintSessionKeysAndSendToSigner({
|
|
@@ -6287,14 +7310,13 @@ var WebAuthnManager = class {
|
|
|
6287
7310
|
* @param onEvent: Optional callback for progress updates during signing
|
|
6288
7311
|
* @param onEvent - Optional callback for progress updates during signing
|
|
6289
7312
|
*/
|
|
6290
|
-
async signTransactionsWithActions({ transactions, rpcCall, confirmationConfigOverride, title, body, onEvent }) {
|
|
6291
|
-
if (transactions.length === 0) throw new Error("No payloads provided for signing");
|
|
6292
|
-
const activeSessionId = this.getOrCreateActiveSigningSessionId(toAccountId(rpcCall.nearAccountId));
|
|
7313
|
+
async signTransactionsWithActions({ transactions, rpcCall, signerMode, confirmationConfigOverride, title, body, onEvent }) {
|
|
6293
7314
|
return this.withSigningSession({
|
|
6294
|
-
sessionId:
|
|
7315
|
+
sessionId: this.getOrCreateActiveSigningSessionId(toAccountId(rpcCall.nearAccountId)),
|
|
6295
7316
|
handler: (sessionId) => this.signerWorkerManager.signTransactionsWithActions({
|
|
6296
7317
|
transactions,
|
|
6297
7318
|
rpcCall,
|
|
7319
|
+
signerMode,
|
|
6298
7320
|
confirmationConfigOverride,
|
|
6299
7321
|
title,
|
|
6300
7322
|
body,
|
|
@@ -6303,7 +7325,74 @@ var WebAuthnManager = class {
|
|
|
6303
7325
|
})
|
|
6304
7326
|
});
|
|
6305
7327
|
}
|
|
6306
|
-
|
|
7328
|
+
/**
|
|
7329
|
+
* Sign AddKey(thresholdPublicKey) for `receiverId === nearAccountId` without running confirmTxFlow.
|
|
7330
|
+
*
|
|
7331
|
+
* This is a narrowly-scoped, internal-only helper for post-registration activation flows where
|
|
7332
|
+
* the caller already has a PRF-bearing credential in memory (e.g., immediately after registration)
|
|
7333
|
+
* and wants to avoid an extra TouchID/WebAuthn prompt.
|
|
7334
|
+
*/
|
|
7335
|
+
async signAddKeyThresholdPublicKeyNoPrompt(args) {
|
|
7336
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7337
|
+
const wrapKeySalt = args.wrapKeySalt;
|
|
7338
|
+
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt for AddKey(thresholdPublicKey) signing");
|
|
7339
|
+
if (!args.credential) throw new Error("Missing credential for AddKey(thresholdPublicKey) signing");
|
|
7340
|
+
if (!args.transactionContext) throw new Error("Missing transactionContext for no-prompt signing");
|
|
7341
|
+
const thresholdPublicKey = ensureEd25519Prefix(args.thresholdPublicKey);
|
|
7342
|
+
if (!thresholdPublicKey) throw new Error("Missing thresholdPublicKey for AddKey(thresholdPublicKey) signing");
|
|
7343
|
+
const relayerVerifyingShareB64u = args.relayerVerifyingShareB64u;
|
|
7344
|
+
if (!relayerVerifyingShareB64u) throw new Error("Missing relayerVerifyingShareB64u for AddKey(thresholdPublicKey) signing");
|
|
7345
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7346
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7347
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7348
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account ${nearAccountId} device ${resolvedDeviceNumber}`);
|
|
7349
|
+
if (localKeyMaterial.wrapKeySalt !== wrapKeySalt) throw new Error("wrapKeySalt mismatch for AddKey(thresholdPublicKey) signing");
|
|
7350
|
+
return await this.withSigningSession({
|
|
7351
|
+
prefix: "no-prompt-add-threshold-key",
|
|
7352
|
+
options: {
|
|
7353
|
+
credential: args.credential,
|
|
7354
|
+
wrapKeySalt
|
|
7355
|
+
},
|
|
7356
|
+
handler: async (sessionId) => {
|
|
7357
|
+
const response = await this.signerWorkerManager.getContext().sendMessage({
|
|
7358
|
+
sessionId,
|
|
7359
|
+
message: {
|
|
7360
|
+
type: INTERNAL_WORKER_REQUEST_TYPE_SIGN_ADD_KEY_THRESHOLD_PUBLIC_KEY_NO_PROMPT,
|
|
7361
|
+
payload: {
|
|
7362
|
+
createdAt: Date.now(),
|
|
7363
|
+
decryption: {
|
|
7364
|
+
encryptedPrivateKeyData: localKeyMaterial.encryptedSk,
|
|
7365
|
+
encryptedPrivateKeyChacha20NonceB64u: localKeyMaterial.chacha20NonceB64u
|
|
7366
|
+
},
|
|
7367
|
+
transactionContext: args.transactionContext,
|
|
7368
|
+
nearAccountId,
|
|
7369
|
+
thresholdPublicKey,
|
|
7370
|
+
relayerVerifyingShareB64u,
|
|
7371
|
+
clientParticipantId: typeof args.clientParticipantId === "number" ? args.clientParticipantId : void 0,
|
|
7372
|
+
relayerParticipantId: typeof args.relayerParticipantId === "number" ? args.relayerParticipantId : void 0
|
|
7373
|
+
}
|
|
7374
|
+
},
|
|
7375
|
+
onEvent: args.onEvent
|
|
7376
|
+
});
|
|
7377
|
+
if (!isSignAddKeyThresholdPublicKeyNoPromptSuccess(response)) throw new Error("AddKey(thresholdPublicKey) signing failed");
|
|
7378
|
+
if (!response.payload.success) throw new Error(response.payload.error || "AddKey(thresholdPublicKey) signing failed");
|
|
7379
|
+
const signedTransactions = response.payload.signedTransactions || [];
|
|
7380
|
+
if (signedTransactions.length !== 1) throw new Error(`Expected 1 signed transaction but received ${signedTransactions.length}`);
|
|
7381
|
+
const signedTx = signedTransactions[0];
|
|
7382
|
+
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error("Incomplete signed transaction data received for AddKey(thresholdPublicKey)");
|
|
7383
|
+
return {
|
|
7384
|
+
signedTransaction: new SignedTransaction({
|
|
7385
|
+
transaction: signedTx.transaction,
|
|
7386
|
+
signature: signedTx.signature,
|
|
7387
|
+
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
7388
|
+
}),
|
|
7389
|
+
nearAccountId: String(nearAccountId),
|
|
7390
|
+
logs: response.payload.logs || []
|
|
7391
|
+
};
|
|
7392
|
+
}
|
|
7393
|
+
});
|
|
7394
|
+
}
|
|
7395
|
+
async signDelegateAction({ delegate, rpcCall, signerMode, confirmationConfigOverride, title, body, onEvent }) {
|
|
6307
7396
|
const nearAccountId = toAccountId(rpcCall.nearAccountId || delegate.senderId);
|
|
6308
7397
|
const normalizedRpcCall = {
|
|
6309
7398
|
contractId: rpcCall.contractId || this.tatchiPasskeyConfigs.contractId,
|
|
@@ -6319,6 +7408,7 @@ var WebAuthnManager = class {
|
|
|
6319
7408
|
return this.signerWorkerManager.signDelegateAction({
|
|
6320
7409
|
delegate,
|
|
6321
7410
|
rpcCall: normalizedRpcCall,
|
|
7411
|
+
signerMode,
|
|
6322
7412
|
confirmationConfigOverride,
|
|
6323
7413
|
title,
|
|
6324
7414
|
body,
|
|
@@ -6365,29 +7455,6 @@ var WebAuthnManager = class {
|
|
|
6365
7455
|
async extractCosePublicKey(attestationObjectBase64url) {
|
|
6366
7456
|
return await this.signerWorkerManager.extractCosePublicKey(attestationObjectBase64url);
|
|
6367
7457
|
}
|
|
6368
|
-
/**
|
|
6369
|
-
* Helper to ensure the local `lastUser` pointer is consistent with the latest DB updates.
|
|
6370
|
-
* This fixes issues where a recovery or registration might have updated the user record
|
|
6371
|
-
* but failed to update the `lastUser` pointer (e.g. due to previous bugs or interruptions),
|
|
6372
|
-
* preventing the strict `ensureCurrentPasskey` check from passing.
|
|
6373
|
-
*/
|
|
6374
|
-
async autoHealLastUserPointer(nearAccountId) {
|
|
6375
|
-
try {
|
|
6376
|
-
const lastUser = await this.getLastUser();
|
|
6377
|
-
if (lastUser && lastUser.nearAccountId === nearAccountId) {
|
|
6378
|
-
const freshest = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6379
|
-
if (freshest && freshest.deviceNumber !== lastUser.deviceNumber) {
|
|
6380
|
-
console.log(`[WebAuthnManager] Auto-healing lastUser pointer from device ${lastUser.deviceNumber} to ${freshest.deviceNumber}`);
|
|
6381
|
-
await this.setLastUser(nearAccountId, freshest.deviceNumber);
|
|
6382
|
-
}
|
|
6383
|
-
} else {
|
|
6384
|
-
const freshest = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6385
|
-
if (freshest) await this.setLastUser(nearAccountId, freshest.deviceNumber);
|
|
6386
|
-
}
|
|
6387
|
-
} catch (e) {
|
|
6388
|
-
console.warn("[WebAuthnManager] Auto-heal pointer failed (non-fatal):", e);
|
|
6389
|
-
}
|
|
6390
|
-
}
|
|
6391
7458
|
/** Worker-driven export: two-phase V2 (collect PRF → decrypt → show UI) */
|
|
6392
7459
|
async exportNearKeypairWithUIWorkerDriven(nearAccountId, options) {
|
|
6393
7460
|
await this.withSigningSession({
|
|
@@ -6412,7 +7479,7 @@ var WebAuthnManager = class {
|
|
|
6412
7479
|
if (!userData || userData.nearAccountId !== nearAccountId) userData = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6413
7480
|
return {
|
|
6414
7481
|
accountId: String(nearAccountId),
|
|
6415
|
-
publicKey:
|
|
7482
|
+
publicKey: userData?.clientNearPublicKey ?? "",
|
|
6416
7483
|
privateKey: ""
|
|
6417
7484
|
};
|
|
6418
7485
|
}
|
|
@@ -6485,6 +7552,232 @@ var WebAuthnManager = class {
|
|
|
6485
7552
|
actions
|
|
6486
7553
|
});
|
|
6487
7554
|
}
|
|
7555
|
+
/**
|
|
7556
|
+
* Derive the deterministic threshold client verifying share (2-of-2 ed25519) from WrapKeySeed.
|
|
7557
|
+
* This is safe to call during registration because it only requires the PRF-bearing credential
|
|
7558
|
+
* (no on-chain verification needed) and returns public material only.
|
|
7559
|
+
*/
|
|
7560
|
+
async deriveThresholdEd25519ClientVerifyingShareFromCredential(args) {
|
|
7561
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7562
|
+
try {
|
|
7563
|
+
return await this.withSigningSession({
|
|
7564
|
+
prefix: "threshold-client-share",
|
|
7565
|
+
options: {
|
|
7566
|
+
credential: args.credential,
|
|
7567
|
+
wrapKeySalt: args.wrapKeySalt
|
|
7568
|
+
},
|
|
7569
|
+
handler: (sessionId) => this.signerWorkerManager.deriveThresholdEd25519ClientVerifyingShare({
|
|
7570
|
+
sessionId,
|
|
7571
|
+
nearAccountId
|
|
7572
|
+
})
|
|
7573
|
+
});
|
|
7574
|
+
} catch (error) {
|
|
7575
|
+
const message = String(error?.message ?? error);
|
|
7576
|
+
return {
|
|
7577
|
+
success: false,
|
|
7578
|
+
nearAccountId,
|
|
7579
|
+
clientVerifyingShareB64u: "",
|
|
7580
|
+
wrapKeySalt: "",
|
|
7581
|
+
error: message
|
|
7582
|
+
};
|
|
7583
|
+
}
|
|
7584
|
+
}
|
|
7585
|
+
/**
|
|
7586
|
+
* Threshold key enrollment (post-registration):
|
|
7587
|
+
* prompts for a dual-PRF WebAuthn authentication to obtain PRF.first/second,
|
|
7588
|
+
* then runs the `/threshold-ed25519/keygen` enrollment flow.
|
|
7589
|
+
*
|
|
7590
|
+
* This is intended to be called only after the passkey is registered on-chain.
|
|
7591
|
+
*/
|
|
7592
|
+
async enrollThresholdEd25519KeyPostRegistration(args) {
|
|
7593
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7594
|
+
try {
|
|
7595
|
+
const rpId = this.touchIdPrompt.getRpId();
|
|
7596
|
+
if (!rpId) throw new Error("Missing rpId for WebAuthn VRF challenge");
|
|
7597
|
+
const block = await this.nearClient.viewBlock({ finality: "final" });
|
|
7598
|
+
const blockHeight = String(block?.header?.height ?? "");
|
|
7599
|
+
const blockHash = String(block?.header?.hash ?? "");
|
|
7600
|
+
if (!blockHeight || !blockHash) throw new Error("Failed to fetch NEAR block context for VRF challenge");
|
|
7601
|
+
const vrfChallenge = await this.vrfWorkerManager.generateVrfChallengeOnce({
|
|
7602
|
+
userId: nearAccountId,
|
|
7603
|
+
rpId,
|
|
7604
|
+
blockHeight,
|
|
7605
|
+
blockHash
|
|
7606
|
+
});
|
|
7607
|
+
const authenticators = await this.getAuthenticatorsByUser(nearAccountId);
|
|
7608
|
+
if (!authenticators.length) throw new Error(`No passkey authenticators found for account ${nearAccountId}`);
|
|
7609
|
+
const authCredential = await this.collectAuthenticationCredentialForVrfChallenge({
|
|
7610
|
+
nearAccountId,
|
|
7611
|
+
vrfChallenge,
|
|
7612
|
+
includeSecondPrfOutput: true
|
|
7613
|
+
});
|
|
7614
|
+
return await this.enrollThresholdEd25519Key({
|
|
7615
|
+
credential: authCredential,
|
|
7616
|
+
nearAccountId,
|
|
7617
|
+
deviceNumber: args.deviceNumber
|
|
7618
|
+
});
|
|
7619
|
+
} catch (error) {
|
|
7620
|
+
const message = String(error?.message ?? error);
|
|
7621
|
+
return {
|
|
7622
|
+
success: false,
|
|
7623
|
+
publicKey: "",
|
|
7624
|
+
relayerKeyId: "",
|
|
7625
|
+
wrapKeySalt: "",
|
|
7626
|
+
error: message
|
|
7627
|
+
};
|
|
7628
|
+
}
|
|
7629
|
+
}
|
|
7630
|
+
/**
|
|
7631
|
+
* Threshold key rotation (post-registration):
|
|
7632
|
+
* - keygen (new relayerKeyId + publicKey)
|
|
7633
|
+
* - AddKey(new threshold publicKey)
|
|
7634
|
+
* - DeleteKey(old threshold publicKey)
|
|
7635
|
+
*
|
|
7636
|
+
* Uses the local signer key for AddKey/DeleteKey, and requires the account to already
|
|
7637
|
+
* have a stored `threshold_ed25519_2p_v1` key material entry for the target device.
|
|
7638
|
+
*/
|
|
7639
|
+
async rotateThresholdEd25519KeyPostRegistration(args) {
|
|
7640
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7641
|
+
let oldPublicKey = "";
|
|
7642
|
+
let oldRelayerKeyId = "";
|
|
7643
|
+
try {
|
|
7644
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7645
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7646
|
+
const existing = await IndexedDBManager.nearKeysDB.getThresholdKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7647
|
+
if (!existing) throw new Error(`No threshold key material found for account ${nearAccountId} device ${resolvedDeviceNumber}. Call enrollThresholdEd25519Key() first.`);
|
|
7648
|
+
oldPublicKey = existing.publicKey;
|
|
7649
|
+
oldRelayerKeyId = existing.relayerKeyId;
|
|
7650
|
+
const enrollment = await this.enrollThresholdEd25519KeyPostRegistration({
|
|
7651
|
+
nearAccountId,
|
|
7652
|
+
deviceNumber: resolvedDeviceNumber
|
|
7653
|
+
});
|
|
7654
|
+
if (!enrollment.success) throw new Error(enrollment.error || "Threshold keygen/enrollment failed");
|
|
7655
|
+
return await rotateThresholdEd25519KeyPostRegistrationHandler({
|
|
7656
|
+
nearClient: this.nearClient,
|
|
7657
|
+
contractId: this.tatchiPasskeyConfigs.contractId,
|
|
7658
|
+
nearRpcUrl: this.tatchiPasskeyConfigs.nearRpcUrl,
|
|
7659
|
+
signTransactionsWithActions: (params) => this.signTransactionsWithActions(params)
|
|
7660
|
+
}, {
|
|
7661
|
+
nearAccountId,
|
|
7662
|
+
deviceNumber: resolvedDeviceNumber,
|
|
7663
|
+
oldPublicKey,
|
|
7664
|
+
oldRelayerKeyId,
|
|
7665
|
+
newPublicKey: enrollment.publicKey,
|
|
7666
|
+
newRelayerKeyId: enrollment.relayerKeyId,
|
|
7667
|
+
wrapKeySalt: enrollment.wrapKeySalt
|
|
7668
|
+
});
|
|
7669
|
+
} catch (error) {
|
|
7670
|
+
const message = String(error?.message ?? error);
|
|
7671
|
+
return {
|
|
7672
|
+
success: false,
|
|
7673
|
+
oldPublicKey,
|
|
7674
|
+
oldRelayerKeyId,
|
|
7675
|
+
publicKey: "",
|
|
7676
|
+
relayerKeyId: "",
|
|
7677
|
+
wrapKeySalt: "",
|
|
7678
|
+
deleteOldKeyAttempted: false,
|
|
7679
|
+
deleteOldKeySuccess: false,
|
|
7680
|
+
error: message
|
|
7681
|
+
};
|
|
7682
|
+
}
|
|
7683
|
+
}
|
|
7684
|
+
/**
|
|
7685
|
+
* Threshold key enrollment (2-of-2): deterministically derive the client verifying share
|
|
7686
|
+
* from WrapKeySeed and register the corresponding relayer share via `/threshold-ed25519/keygen`.
|
|
7687
|
+
*
|
|
7688
|
+
* Stores a v3 vault entry of kind `threshold_ed25519_2p_v1` (breaking; no migration).
|
|
7689
|
+
*/
|
|
7690
|
+
async enrollThresholdEd25519Key(args) {
|
|
7691
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7692
|
+
const relayerUrl = this.tatchiPasskeyConfigs.relayer.url;
|
|
7693
|
+
try {
|
|
7694
|
+
if (!relayerUrl) throw new Error("Missing relayer url (configs.relayer.url)");
|
|
7695
|
+
if (!args.credential) throw new Error("Missing credential");
|
|
7696
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7697
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7698
|
+
const keygen = await this.withSigningSession({
|
|
7699
|
+
prefix: "threshold-keygen",
|
|
7700
|
+
options: { credential: args.credential },
|
|
7701
|
+
handler: (sessionId) => enrollThresholdEd25519KeyHandler({
|
|
7702
|
+
nearClient: this.nearClient,
|
|
7703
|
+
vrfWorkerManager: this.vrfWorkerManager,
|
|
7704
|
+
signerWorkerManager: this.signerWorkerManager,
|
|
7705
|
+
touchIdPrompt: this.touchIdPrompt,
|
|
7706
|
+
relayerUrl
|
|
7707
|
+
}, {
|
|
7708
|
+
sessionId,
|
|
7709
|
+
nearAccountId
|
|
7710
|
+
})
|
|
7711
|
+
});
|
|
7712
|
+
if (!keygen.success) throw new Error(keygen.error || "Threshold keygen failed");
|
|
7713
|
+
const publicKey = keygen.publicKey;
|
|
7714
|
+
const clientVerifyingShareB64u = keygen.clientVerifyingShareB64u;
|
|
7715
|
+
const relayerKeyId = keygen.relayerKeyId;
|
|
7716
|
+
const relayerVerifyingShareB64u = keygen.relayerVerifyingShareB64u;
|
|
7717
|
+
if (!clientVerifyingShareB64u) throw new Error("Threshold keygen returned empty clientVerifyingShareB64u");
|
|
7718
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7719
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account ${nearAccountId} device ${resolvedDeviceNumber}`);
|
|
7720
|
+
const alreadyActive = await hasAccessKey(this.nearClient, nearAccountId, publicKey, {
|
|
7721
|
+
attempts: 1,
|
|
7722
|
+
delayMs: 0
|
|
7723
|
+
});
|
|
7724
|
+
if (!alreadyActive) {
|
|
7725
|
+
this.nonceManager.initializeUser(nearAccountId, localKeyMaterial.publicKey);
|
|
7726
|
+
const txContext = await this.nonceManager.getNonceBlockHashAndHeight(this.nearClient, { force: true });
|
|
7727
|
+
const signed = await this.signAddKeyThresholdPublicKeyNoPrompt({
|
|
7728
|
+
nearAccountId,
|
|
7729
|
+
credential: args.credential,
|
|
7730
|
+
wrapKeySalt: localKeyMaterial.wrapKeySalt,
|
|
7731
|
+
transactionContext: txContext,
|
|
7732
|
+
thresholdPublicKey: publicKey,
|
|
7733
|
+
relayerVerifyingShareB64u,
|
|
7734
|
+
clientParticipantId: keygen.clientParticipantId,
|
|
7735
|
+
relayerParticipantId: keygen.relayerParticipantId,
|
|
7736
|
+
deviceNumber: resolvedDeviceNumber
|
|
7737
|
+
});
|
|
7738
|
+
const signedTx = signed?.signedTransaction;
|
|
7739
|
+
if (!signedTx) throw new Error("Failed to sign AddKey(thresholdPublicKey) transaction");
|
|
7740
|
+
await this.nearClient.sendTransaction(signedTx, DEFAULT_WAIT_STATUS.thresholdAddKey);
|
|
7741
|
+
const activated = await hasAccessKey(this.nearClient, nearAccountId, publicKey);
|
|
7742
|
+
if (!activated) throw new Error("Threshold access key not found on-chain after AddKey");
|
|
7743
|
+
}
|
|
7744
|
+
const keyMaterial = {
|
|
7745
|
+
kind: "threshold_ed25519_2p_v1",
|
|
7746
|
+
nearAccountId,
|
|
7747
|
+
deviceNumber: resolvedDeviceNumber,
|
|
7748
|
+
publicKey,
|
|
7749
|
+
wrapKeySalt: keygen.wrapKeySalt,
|
|
7750
|
+
relayerKeyId,
|
|
7751
|
+
clientShareDerivation: "prf_first_v1",
|
|
7752
|
+
participants: buildThresholdEd25519Participants2pV1({
|
|
7753
|
+
clientParticipantId: keygen.clientParticipantId,
|
|
7754
|
+
relayerParticipantId: keygen.relayerParticipantId,
|
|
7755
|
+
relayerKeyId,
|
|
7756
|
+
relayerUrl,
|
|
7757
|
+
clientVerifyingShareB64u,
|
|
7758
|
+
relayerVerifyingShareB64u,
|
|
7759
|
+
clientShareDerivation: "prf_first_v1"
|
|
7760
|
+
}),
|
|
7761
|
+
timestamp: Date.now()
|
|
7762
|
+
};
|
|
7763
|
+
await IndexedDBManager.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
7764
|
+
return {
|
|
7765
|
+
success: true,
|
|
7766
|
+
publicKey,
|
|
7767
|
+
relayerKeyId,
|
|
7768
|
+
wrapKeySalt: keygen.wrapKeySalt
|
|
7769
|
+
};
|
|
7770
|
+
} catch (error) {
|
|
7771
|
+
const message = String(error?.message ?? error);
|
|
7772
|
+
return {
|
|
7773
|
+
success: false,
|
|
7774
|
+
publicKey: "",
|
|
7775
|
+
relayerKeyId: "",
|
|
7776
|
+
wrapKeySalt: "",
|
|
7777
|
+
error: message
|
|
7778
|
+
};
|
|
7779
|
+
}
|
|
7780
|
+
}
|
|
6488
7781
|
/** * Get user preferences manager */
|
|
6489
7782
|
getUserPreferences() {
|
|
6490
7783
|
return this.userPreferencesManager;
|
|
@@ -6712,13 +8005,14 @@ async function main() {
|
|
|
6712
8005
|
if (isAeadDecryptMismatch && !existing) throw new Error(`Decryption failed and no local user record was found for '${account}'. Open the wallet once online on this device to restore local vault state, then retry offline export.`);
|
|
6713
8006
|
const expectedPublicKey = String(existing?.clientNearPublicKey || "");
|
|
6714
8007
|
if (expectedPublicKey && expectedPublicKey !== rec.publicKey) throw new Error(`Selected passkey does not match the existing key for '${account}'. Please select the correct passkey for this account and try again.`);
|
|
6715
|
-
await IndexedDBManager.nearKeysDB.
|
|
8008
|
+
await IndexedDBManager.nearKeysDB.storeKeyMaterial({
|
|
8009
|
+
kind: "local_near_sk_v3",
|
|
6716
8010
|
nearAccountId: account,
|
|
6717
8011
|
deviceNumber,
|
|
6718
|
-
|
|
8012
|
+
publicKey: rec.publicKey,
|
|
8013
|
+
encryptedSk: rec.encryptedPrivateKey,
|
|
6719
8014
|
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
6720
8015
|
wrapKeySalt: rec.wrapKeySalt,
|
|
6721
|
-
version: 2,
|
|
6722
8016
|
timestamp: Date.now()
|
|
6723
8017
|
});
|
|
6724
8018
|
if (!existing?.clientNearPublicKey) try {
|