npm - @tatchi-xyz/sdk - Versions diffs - 0.21.0 → 0.31.0 - Mend

@tatchi-xyz/sdk 0.21.0 → 0.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2488) hide show

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js DELETED Viewed

@@ -1,135 +0,0 @@
-import { init_errors, toError } from "../../../../../utils/errors.js";
-import { init_credentialsHelpers, isSerializedRegistrationCredential, serializeRegistrationCredentialWithPRF } from "../../../credentialsHelpers.js";
-import { ERROR_MESSAGES, isUserCancelledSecureConfirm } from "../adapters/common.js";
-import { getIntentDigest, getNearAccountId, getRegisterAccountPayload } from "../adapters/requestHelpers.js";
-import { createConfirmSession } from "../adapters/session.js";
-import { createConfirmTxFlowAdapters } from "../adapters/createAdapters.js";
-//#region src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.ts
-init_credentialsHelpers();
-init_errors();
-async function handleRegistrationFlow(ctx, request, worker, opts) {
-	const { confirmationConfig, transactionSummary } = opts;
-	const adapters = createConfirmTxFlowAdapters(ctx);
-	const session = createConfirmSession({
-		adapters,
-		worker,
-		request,
-		confirmationConfig,
-		transactionSummary
-	});
-	const nearAccountId = getNearAccountId(request);
-	console.debug("[RegistrationFlow] start", {
-		nearAccountId,
-		uiMode: confirmationConfig?.uiMode,
-		behavior: confirmationConfig?.behavior,
-		theme: confirmationConfig?.theme,
-		intentDigest: transactionSummary?.intentDigest
-	});
-	const nearRpc = await adapters.near.fetchNearContext({
-		nearAccountId,
-		txCount: 1,
-		reserveNonces: true
-	});
-	if (nearRpc.error && !nearRpc.transactionContext) return session.confirmAndCloseModal({
-		requestId: request.requestId,
-		intentDigest: getIntentDigest(request),
-		confirmed: false,
-		error: `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}`
-	});
-	const transactionContext = nearRpc.transactionContext;
-	session.setReservedNonces(nearRpc.reservedNonces);
-	const rpId = adapters.vrf.getRpId();
-	const bootstrap = await adapters.vrf.generateVrfKeypairBootstrap({
-		vrfInputData: {
-			userId: nearAccountId,
-			rpId,
-			blockHeight: transactionContext.txBlockHeight,
-			blockHash: transactionContext.txBlockHash
-		},
-		saveInMemory: true,
-		sessionId: request.requestId
-	});
-	let uiVrfChallenge = bootstrap.vrfChallenge;
-	console.debug("[RegistrationFlow] VRF bootstrap ok", { blockHeight: uiVrfChallenge.blockHeight });
-	const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallenge });
-	if (!confirmed) {
-		console.debug("[RegistrationFlow] user cancelled");
-		return session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: false,
-			error: uiError
-		});
-	}
-	try {
-		const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);
-		uiVrfChallenge = refreshed.vrfChallenge;
-		session.updateUI({ vrfChallenge: uiVrfChallenge });
-		console.debug("[RegistrationFlow] VRF JIT refresh ok", { blockHeight: uiVrfChallenge.blockHeight });
-	} catch (e) {
-		console.debug("[RegistrationFlow] VRF JIT refresh skipped", e);
-	}
-	let credential;
-	let deviceNumber = request.payload?.deviceNumber;
-	const tryCreate = async (dn) => {
-		console.debug("[RegistrationFlow] navigator.credentials.create start", { deviceNumber: dn });
-		return await adapters.webauthn.createRegistrationCredential({
-			nearAccountId,
-			challenge: uiVrfChallenge,
-			deviceNumber: dn
-		});
-	};
-	try {
-		try {
-			credential = await tryCreate(deviceNumber);
-			console.debug("[RegistrationFlow] credentials.create ok");
-		} catch (e) {
-			const err = toError(e);
-			const name = String(err?.name || "");
-			const msg = String(err?.message || "");
-			const isDuplicate = name === "InvalidStateError" || /excluded|already\s*registered/i.test(msg);
-			if (isDuplicate) {
-				const nextDeviceNumber = deviceNumber !== void 0 && Number.isFinite(deviceNumber) ? deviceNumber + 1 : 2;
-				console.debug("[RegistrationFlow] duplicate credential, retry with next deviceNumber", { nextDeviceNumber });
-				credential = await tryCreate(nextDeviceNumber);
-				getRegisterAccountPayload(request).deviceNumber = nextDeviceNumber;
-			} else {
-				console.error("[RegistrationFlow] credentials.create failed (non-duplicate)", {
-					name,
-					msg
-				});
-				throw err;
-			}
-		}
-		const serialized = isSerializedRegistrationCredential(credential) ? credential : serializeRegistrationCredentialWithPRF({
-			credential,
-			firstPrfOutput: true,
-			secondPrfOutput: true
-		});
-		session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: true,
-			credential: serialized,
-			vrfChallenge: uiVrfChallenge,
-			transactionContext
-		});
-	} catch (err) {
-		const cancelled = isUserCancelledSecureConfirm(err);
-		const msg = String(toError(err)?.message || err || "");
-		if (/Missing PRF result/i.test(msg) || /Missing PRF results/i.test(msg)) return session.cleanupAndRethrow(err);
-		if (cancelled) window.parent?.postMessage({ type: "WALLET_UI_CLOSED" }, "*");
-		const isPrfBrowserUnsupported = /WebAuthn PRF output is missing from navigator\.credentials\.create\(\)/i.test(msg) || /does not fully support the WebAuthn PRF extension during registration/i.test(msg) || /roaming hardware authenticators .* not supported in this flow/i.test(msg);
-		return session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: false,
-			error: cancelled ? ERROR_MESSAGES.cancelled : isPrfBrowserUnsupported ? msg : ERROR_MESSAGES.collectCredentialsFailed
-		});
-	}
-}
-//#endregion
-export { handleRegistrationFlow };
-//# sourceMappingURL=registration.js.map

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"registration.js","names":["uiVrfChallenge: VRFChallenge","credential: PublicKeyCredential | undefined","e: unknown","serialized: WebAuthnRegistrationCredential","err: unknown"],"sources":["../../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.ts"],"sourcesContent":["import type { VrfWorkerManagerContext } from '../../';\nimport type { ConfirmationConfig } from '../../../../types/signer-worker';\nimport {\n TransactionSummary,\n RegistrationSecureConfirmRequest,\n} from '../types';\nimport { VRFChallenge, TransactionContext } from '../../../../types';\nimport type { WebAuthnRegistrationCredential } from '../../../../types/webauthn';\nimport {\n getNearAccountId,\n getIntentDigest,\n isUserCancelledSecureConfirm,\n ERROR_MESSAGES,\n getRegisterAccountPayload,\n} from './index';\nimport { isSerializedRegistrationCredential, serializeRegistrationCredentialWithPRF } from '../../../credentialsHelpers';\nimport { toError } from '../../../../../utils/errors';\nimport { createConfirmSession } from '../adapters/session';\nimport { createConfirmTxFlowAdapters } from '../adapters/createAdapters';\n\nexport async function handleRegistrationFlow(\n ctx: VrfWorkerManagerContext,\n request: RegistrationSecureConfirmRequest,\n worker: Worker,\n opts: { confirmationConfig: ConfirmationConfig; transactionSummary: TransactionSummary },\n): Promise<void> {\n\n const { confirmationConfig, transactionSummary } = opts;\n const adapters = createConfirmTxFlowAdapters(ctx);\n const session = createConfirmSession({\n adapters,\n worker,\n request,\n confirmationConfig,\n transactionSummary,\n });\n const nearAccountId = getNearAccountId(request);\n\n console.debug('[RegistrationFlow] start', {\n nearAccountId,\n uiMode: confirmationConfig?.uiMode,\n behavior: confirmationConfig?.behavior,\n theme: confirmationConfig?.theme,\n intentDigest: transactionSummary?.intentDigest,\n });\n\n // 1) NEAR context\n const nearRpc = await adapters.near.fetchNearContext({ nearAccountId, txCount: 1, reserveNonces: true });\n if (nearRpc.error && !nearRpc.transactionContext) {\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}`,\n });\n }\n const transactionContext = nearRpc.transactionContext as TransactionContext;\n session.setReservedNonces(nearRpc.reservedNonces);\n\n // 2) Initial VRF challenge via bootstrap\n const rpId = adapters.vrf.getRpId();\n const bootstrap = await adapters.vrf.generateVrfKeypairBootstrap({\n vrfInputData: {\n userId: nearAccountId,\n rpId,\n blockHeight: transactionContext.txBlockHeight,\n blockHash: transactionContext.txBlockHash,\n },\n saveInMemory: true,\n sessionId: request.requestId,\n });\n let uiVrfChallenge: VRFChallenge = bootstrap.vrfChallenge;\n console.debug('[RegistrationFlow] VRF bootstrap ok', { blockHeight: uiVrfChallenge.blockHeight });\n\n // 3) UI confirm\n const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallenge });\n if (!confirmed) {\n console.debug('[RegistrationFlow] user cancelled');\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: uiError,\n });\n }\n\n // 4) JIT refresh VRF (best-effort)\n try {\n const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);\n uiVrfChallenge = refreshed.vrfChallenge;\n session.updateUI({ vrfChallenge: uiVrfChallenge });\n console.debug('[RegistrationFlow] VRF JIT refresh ok', { blockHeight: uiVrfChallenge.blockHeight });\n } catch (e) {\n console.debug('[RegistrationFlow] VRF JIT refresh skipped', e);\n }\n\n // 5) Collect registration credentials (with duplicate retry)\n let credential: PublicKeyCredential | undefined;\n let deviceNumber = request.payload?.deviceNumber;\n\n const tryCreate = async (dn?: number): Promise<PublicKeyCredential> => {\n console.debug('[RegistrationFlow] navigator.credentials.create start', { deviceNumber: dn });\n return await adapters.webauthn.createRegistrationCredential({\n nearAccountId,\n challenge: uiVrfChallenge,\n deviceNumber: dn,\n });\n };\n\n try {\n try {\n credential = await tryCreate(deviceNumber);\n console.debug('[RegistrationFlow] credentials.create ok');\n } catch (e: unknown) {\n const err = toError(e);\n const name = String(err?.name || '');\n const msg = String(err?.message || '');\n const isDuplicate = name === 'InvalidStateError' || /excluded|already\\s*registered/i.test(msg);\n if (isDuplicate) {\n const nextDeviceNumber = (deviceNumber !== undefined && Number.isFinite(deviceNumber)) ? (deviceNumber + 1) : 2;\n console.debug('[RegistrationFlow] duplicate credential, retry with next deviceNumber', { nextDeviceNumber });\n credential = await tryCreate(nextDeviceNumber);\n getRegisterAccountPayload(request).deviceNumber = nextDeviceNumber;\n } else {\n console.error('[RegistrationFlow] credentials.create failed (non-duplicate)', { name, msg });\n throw err;\n }\n }\n\n // We require registration credentials to include dual PRF outputs (first + second)\n // so VRF/NEAR key derivation can happen inside the workers without passing PRF outputs\n // as separate main-thread values.\n const serialized: WebAuthnRegistrationCredential = isSerializedRegistrationCredential(credential as unknown)\n ? (credential as unknown as WebAuthnRegistrationCredential)\n : serializeRegistrationCredentialWithPRF({\n credential: credential! as PublicKeyCredential,\n firstPrfOutput: true,\n secondPrfOutput: true,\n });\n\n // 6) Respond + close\n session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: true,\n credential: serialized,\n // PRF outputs are embedded in serialized credential; VRF worker extracts and sends via MessagePort\n vrfChallenge: uiVrfChallenge,\n transactionContext,\n });\n\n } catch (err: unknown) {\n const cancelled = isUserCancelledSecureConfirm(err);\n const msg = String((toError(err))?.message || err || '');\n // For missing PRF outputs, surface the error to caller (defensive path tests expect a throw)\n if (/Missing PRF result/i.test(msg) || /Missing PRF results/i.test(msg)) {\n return session.cleanupAndRethrow(err);\n }\n if (cancelled) {\n window.parent?.postMessage({ type: 'WALLET_UI_CLOSED' }, '*');\n }\n\n const isPrfBrowserUnsupported =\n /WebAuthn PRF output is missing from navigator\\.credentials\\.create\$\$/i.test(msg)\n || /does not fully support the WebAuthn PRF extension during registration/i.test(msg)\n || /roaming hardware authenticators .* not supported in this flow/i.test(msg);\n\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: cancelled\n ? ERROR_MESSAGES.cancelled\n : (isPrfBrowserUnsupported ? msg : ERROR_MESSAGES.collectCredentialsFailed),\n });\n }\n}\n"],"mappings":";;;;;;;;;;AAoBA,eAAsB,uBACpB,KACA,SACA,QACA,MACe;CAEf,MAAM,EAAE,oBAAoB,uBAAuB;CACnD,MAAM,WAAW,4BAA4B;CAC7C,MAAM,UAAU,qBAAqB;EACnC;EACA;EACA;EACA;EACA;;CAEF,MAAM,gBAAgB,iBAAiB;AAEvC,SAAQ,MAAM,4BAA4B;EACxC;EACA,QAAQ,oBAAoB;EAC5B,UAAU,oBAAoB;EAC9B,OAAO,oBAAoB;EAC3B,cAAc,oBAAoB;;CAIpC,MAAM,UAAU,MAAM,SAAS,KAAK,iBAAiB;EAAE;EAAe,SAAS;EAAG,eAAe;;AACjG,KAAI,QAAQ,SAAS,CAAC,QAAQ,mBAC5B,QAAO,QAAQ,qBAAqB;EAClC,WAAW,QAAQ;EACnB,cAAc,gBAAgB;EAC9B,WAAW;EACX,OAAO,GAAG,eAAe,cAAc,IAAI,QAAQ;;CAGvD,MAAM,qBAAqB,QAAQ;AACnC,SAAQ,kBAAkB,QAAQ;CAGlC,MAAM,OAAO,SAAS,IAAI;CAC1B,MAAM,YAAY,MAAM,SAAS,IAAI,4BAA4B;EAC/D,cAAc;GACZ,QAAQ;GACR;GACA,aAAa,mBAAmB;GAChC,WAAW,mBAAmB;;EAEhC,cAAc;EACd,WAAW,QAAQ;;CAErB,IAAIA,iBAA+B,UAAU;AAC7C,SAAQ,MAAM,uCAAuC,EAAE,aAAa,eAAe;CAGnF,MAAM,EAAE,WAAW,OAAO,YAAY,MAAM,QAAQ,WAAW,EAAE,cAAc;AAC/E,KAAI,CAAC,WAAW;AACd,UAAQ,MAAM;AACd,SAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO;;;AAKX,KAAI;EACF,MAAM,YAAY,MAAM,SAAS,IAAI,yBAAyB,SAAS;AACvE,mBAAiB,UAAU;AAC3B,UAAQ,SAAS,EAAE,cAAc;AACjC,UAAQ,MAAM,yCAAyC,EAAE,aAAa,eAAe;UAC9E,GAAG;AACV,UAAQ,MAAM,8CAA8C;;CAI9D,IAAIC;CACJ,IAAI,eAAe,QAAQ,SAAS;CAEpC,MAAM,YAAY,OAAO,OAA8C;AACrE,UAAQ,MAAM,yDAAyD,EAAE,cAAc;AACvF,SAAO,MAAM,SAAS,SAAS,6BAA6B;GAC1D;GACA,WAAW;GACX,cAAc;;;AAIlB,KAAI;AACF,MAAI;AACF,gBAAa,MAAM,UAAU;AAC7B,WAAQ,MAAM;WACPC,GAAY;GACnB,MAAM,MAAM,QAAQ;GACpB,MAAM,OAAO,OAAO,KAAK,QAAQ;GACjC,MAAM,MAAM,OAAO,KAAK,WAAW;GACnC,MAAM,cAAc,SAAS,uBAAuB,iCAAiC,KAAK;AAC1F,OAAI,aAAa;IACf,MAAM,mBAAoB,iBAAiB,UAAa,OAAO,SAAS,gBAAkB,eAAe,IAAK;AAC9G,YAAQ,MAAM,yEAAyE,EAAE;AACzF,iBAAa,MAAM,UAAU;AAC7B,8BAA0B,SAAS,eAAe;UAC7C;AACL,YAAQ,MAAM,gEAAgE;KAAE;KAAM;;AACtF,UAAM;;;EAOV,MAAMC,aAA6C,mCAAmC,cACjF,aACD,uCAAuC;GACzB;GACZ,gBAAgB;GAChB,iBAAiB;;AAIvB,UAAQ,qBAAqB;GAC3B,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,YAAY;GAEZ,cAAc;GACd;;UAGKC,KAAc;EACrB,MAAM,YAAY,6BAA6B;EAC/C,MAAM,MAAM,OAAQ,QAAQ,MAAO,WAAW,OAAO;AAErD,MAAI,sBAAsB,KAAK,QAAQ,uBAAuB,KAAK,KACjE,QAAO,QAAQ,kBAAkB;AAEnC,MAAI,UACF,QAAO,QAAQ,YAAY,EAAE,MAAM,sBAAsB;EAG3D,MAAM,0BACJ,0EAA0E,KAAK,QAC5E,yEAAyE,KAAK,QAC9E,iEAAiE,KAAK;AAE3E,SAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO,YACH,eAAe,YACd,0BAA0B,MAAM,eAAe"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js DELETED Viewed

@@ -1,51 +0,0 @@
-import { PASSKEY_MANAGER_DEFAULT_CONFIGS, init_defaultConfigs } from "../../../../defaultConfigs.js";
-import { parseAndValidateRegistrationCredentialConfirmationPayload } from "../../../SignerWorkerManager/handlers/validation.js";
-import { SecureConfirmationType } from "../types.js";
-import { runSecureConfirm } from "../../secureConfirmBridge.js";
-//#region src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.ts
-init_defaultConfigs();
-async function requestRegistrationCredentialConfirmation({ ctx, nearAccountId, deviceNumber, confirmerText, contractId, nearRpcUrl, confirmationConfig }) {
-	const resolvedContractId = contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;
-	const resolvedNearRpcUrl = nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl.split(",")[0] || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl;
-	const requestId = typeof crypto !== "undefined" && typeof crypto.randomUUID === "function" ? crypto.randomUUID() : `register-${Date.now()}-${Math.random().toString(16).slice(2)}`;
-	const title = confirmerText?.title;
-	const body = confirmerText?.body;
-	const request = {
-		schemaVersion: 2,
-		requestId,
-		type: SecureConfirmationType.REGISTER_ACCOUNT,
-		summary: {
-			nearAccountId,
-			deviceNumber,
-			contractId: resolvedContractId,
-			...title != null ? { title } : {},
-			...body != null ? { body } : {}
-		},
-		payload: {
-			nearAccountId,
-			deviceNumber,
-			rpcCall: {
-				contractId: resolvedContractId,
-				nearRpcUrl: resolvedNearRpcUrl,
-				nearAccountId
-			}
-		},
-		confirmationConfig,
-		intentDigest: `register:${nearAccountId}:${deviceNumber}`
-	};
-	const decision = await runSecureConfirm(ctx, request);
-	return parseAndValidateRegistrationCredentialConfirmationPayload({
-		confirmed: decision.confirmed,
-		requestId,
-		intentDigest: decision.intentDigest || "",
-		credential: decision.credential,
-		vrfChallenge: decision.vrfChallenge,
-		transactionContext: decision.transactionContext,
-		error: decision.error
-	});
-}
-//#endregion
-export { requestRegistrationCredentialConfirmation };
-//# sourceMappingURL=requestRegistrationCredentialConfirmation.js.map

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"requestRegistrationCredentialConfirmation.js","names":["request: SecureConfirmRequest<{\n nearAccountId: string;\n deviceNumber: number;\n rpcCall: { contractId: string; nearRpcUrl: string; nearAccountId: string };\n }, RegistrationSummary>"],"sources":["../../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.ts"],"sourcesContent":["import type { ConfirmationConfig } from '../../../../types/signer-worker';\nimport { PASSKEY_MANAGER_DEFAULT_CONFIGS } from '../../../../defaultConfigs';\nimport type { VrfWorkerManagerContext } from '../../';\nimport { runSecureConfirm } from '../../secureConfirmBridge';\nimport {\n SecureConfirmationType,\n type RegistrationSummary,\n type SecureConfirmRequest,\n} from '../types';\nimport {\n parseAndValidateRegistrationCredentialConfirmationPayload,\n type RegistrationCredentialConfirmationPayload,\n} from '../../../SignerWorkerManager/handlers/validation';\n\nexport async function requestRegistrationCredentialConfirmation({\n ctx,\n nearAccountId,\n deviceNumber,\n confirmerText,\n contractId,\n nearRpcUrl,\n confirmationConfig,\n}: {\n ctx: VrfWorkerManagerContext,\n nearAccountId: string,\n deviceNumber: number,\n confirmerText?: { title?: string; body?: string };\n contractId: string,\n nearRpcUrl: string,\n confirmationConfig?: Partial<ConfirmationConfig>,\n}): Promise<RegistrationCredentialConfirmationPayload> {\n\n // Ensure required fields are present; JSON.stringify drops undefined causing Rust parse failure\n const resolvedContractId = contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;\n // Use the first URL if defaults include a failover list\n const resolvedNearRpcUrl = nearRpcUrl\n || (PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl.split(',')[0] || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl);\n\n const requestId = (typeof crypto !== 'undefined' && typeof crypto.randomUUID === 'function')\n ? crypto.randomUUID()\n : `register-${Date.now()}-${Math.random().toString(16).slice(2)}`;\n\n const title = confirmerText?.title;\n const body = confirmerText?.body;\n const request: SecureConfirmRequest<{\n nearAccountId: string;\n deviceNumber: number;\n rpcCall: { contractId: string; nearRpcUrl: string; nearAccountId: string };\n }, RegistrationSummary> = {\n schemaVersion: 2,\n requestId,\n type: SecureConfirmationType.REGISTER_ACCOUNT,\n summary: {\n nearAccountId,\n deviceNumber,\n contractId: resolvedContractId,\n ...(title != null ? { title } : {}),\n ...(body != null ? { body } : {}),\n },\n payload: {\n nearAccountId,\n deviceNumber,\n rpcCall: {\n contractId: resolvedContractId,\n nearRpcUrl: resolvedNearRpcUrl,\n nearAccountId,\n },\n },\n confirmationConfig,\n intentDigest: `register:${nearAccountId}:${deviceNumber}`,\n };\n\n const decision = await runSecureConfirm(ctx, request);\n\n return parseAndValidateRegistrationCredentialConfirmationPayload({\n confirmed: decision.confirmed,\n requestId,\n intentDigest: decision.intentDigest || '',\n credential: decision.credential,\n vrfChallenge: decision.vrfChallenge,\n transactionContext: decision.transactionContext,\n error: decision.error,\n });\n}\n"],"mappings":";;;;;;;AAcA,eAAsB,0CAA0C,EAC9D,KACA,eACA,cACA,eACA,YACA,YACA,sBASqD;CAGrD,MAAM,qBAAqB,cAAc,gCAAgC;CAEzE,MAAM,qBAAqB,cACrB,gCAAgC,WAAW,MAAM,KAAK,MAAM,gCAAgC;CAElG,MAAM,YAAa,OAAO,WAAW,eAAe,OAAO,OAAO,eAAe,aAC7E,OAAO,eACP,YAAY,KAAK,MAAM,GAAG,KAAK,SAAS,SAAS,IAAI,MAAM;CAE/D,MAAM,QAAQ,eAAe;CAC7B,MAAM,OAAO,eAAe;CAC5B,MAAMA,UAIoB;EACxB,eAAe;EACf;EACA,MAAM,uBAAuB;EAC7B,SAAS;GACP;GACA;GACA,YAAY;GACZ,GAAI,SAAS,OAAO,EAAE,UAAU;GAChC,GAAI,QAAQ,OAAO,EAAE,SAAS;;EAEhC,SAAS;GACP;GACA;GACA,SAAS;IACP,YAAY;IACZ,YAAY;IACZ;;;EAGJ;EACA,cAAc,YAAY,cAAc,GAAG;;CAG7C,MAAM,WAAW,MAAM,iBAAiB,KAAK;AAE7C,QAAO,0DAA0D;EAC/D,WAAW,SAAS;EACpB;EACA,cAAc,SAAS,gBAAgB;EACvC,YAAY,SAAS;EACrB,cAAc,SAAS;EACvB,oBAAoB,SAAS;EAC7B,OAAO,SAAS"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js DELETED Viewed

@@ -1,172 +0,0 @@
-import { init_accountIds, toAccountId } from "../../../../types/accountIds.js";
-import { init_errors, toError } from "../../../../../utils/errors.js";
-import { PASSKEY_MANAGER_DEFAULT_CONFIGS, init_defaultConfigs } from "../../../../defaultConfigs.js";
-import { getLastLoggedInDeviceNumber, init_getDeviceNumber } from "../../../SignerWorkerManager/getDeviceNumber.js";
-import { SecureConfirmationType } from "../types.js";
-import { ERROR_MESSAGES, isUserCancelledSecureConfirm } from "../adapters/common.js";
-import { getIntentDigest, getNearAccountId, getSignTransactionPayload, getTxCount } from "../adapters/requestHelpers.js";
-import { createConfirmSession } from "../adapters/session.js";
-import { createConfirmTxFlowAdapters } from "../adapters/createAdapters.js";
-//#region src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.ts
-init_accountIds();
-init_getDeviceNumber();
-init_errors();
-init_defaultConfigs();
-function getSigningAuthMode(request) {
-	if (request.type === SecureConfirmationType.SIGN_TRANSACTION) return getSignTransactionPayload(request).signingAuthMode ?? "webauthn";
-	if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {
-		const p = request.payload;
-		return p?.signingAuthMode ?? "webauthn";
-	}
-	return "webauthn";
-}
-async function handleTransactionSigningFlow(ctx, request, worker, opts) {
-	const { confirmationConfig, transactionSummary } = opts;
-	const adapters = createConfirmTxFlowAdapters(ctx);
-	const session = createConfirmSession({
-		adapters,
-		worker,
-		request,
-		confirmationConfig,
-		transactionSummary
-	});
-	const nearAccountId = getNearAccountId(request);
-	const signingAuthMode = getSigningAuthMode(request);
-	const usesNeeded = getTxCount(request);
-	const nearRpc = await adapters.near.fetchNearContext({
-		nearAccountId,
-		txCount: usesNeeded,
-		reserveNonces: true
-	});
-	if (nearRpc.error && !nearRpc.transactionContext) {
-		console.error("[SigningFlow] fetchNearContext failed", {
-			error: nearRpc.error,
-			details: nearRpc.details
-		});
-		return session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: false,
-			error: `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}`
-		});
-	}
-	session.setReservedNonces(nearRpc.reservedNonces);
-	let transactionContext = nearRpc.transactionContext;
-	const rpId = adapters.vrf.getRpId();
-	let uiVrfChallenge;
-	let uiVrfChallengeForUi = rpId ? {
-		userId: nearAccountId,
-		rpId,
-		blockHeight: transactionContext.txBlockHeight,
-		blockHash: transactionContext.txBlockHash
-	} : void 0;
-	if (signingAuthMode === "webauthn") {
-		uiVrfChallenge = await adapters.vrf.generateVrfChallengeForSession({
-			userId: nearAccountId,
-			rpId,
-			blockHeight: transactionContext.txBlockHeight,
-			blockHash: transactionContext.txBlockHash
-		}, request.requestId);
-		uiVrfChallengeForUi = uiVrfChallenge;
-	}
-	const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallengeForUi });
-	if (!confirmed) return session.confirmAndCloseModal({
-		requestId: request.requestId,
-		intentDigest: getIntentDigest(request),
-		confirmed: false,
-		error: uiError
-	});
-	if (signingAuthMode === "warmSession") {
-		try {
-			await adapters.vrf.dispenseSessionKey({
-				sessionId: request.requestId,
-				uses: usesNeeded
-			});
-		} catch (err) {
-			const msg = String(toError(err)?.message || err || "");
-			return session.confirmAndCloseModal({
-				requestId: request.requestId,
-				intentDigest: getIntentDigest(request),
-				confirmed: false,
-				error: msg || "Failed to dispense warm session key"
-			});
-		}
-		session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: true,
-			transactionContext
-		});
-		return;
-	}
-	try {
-		const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);
-		uiVrfChallenge = refreshed.vrfChallenge;
-		transactionContext = refreshed.transactionContext;
-		session.updateUI({ vrfChallenge: uiVrfChallenge });
-	} catch (e) {
-		console.debug("[SigningFlow] VRF JIT refresh skipped", e);
-	}
-	try {
-		if (!uiVrfChallenge) throw new Error("Missing vrfChallenge for WebAuthn signing flow");
-		const serializedCredential = await adapters.webauthn.collectAuthenticationCredentialWithPRF({
-			nearAccountId,
-			vrfChallenge: uiVrfChallenge
-		});
-		let contractId;
-		let nearRpcUrl;
-		try {
-			const vrfStatus = await adapters.vrf.checkVrfStatus();
-			if (!vrfStatus.active) throw new Error("VRF keypair not active in memory. VRF session may have expired or was not properly initialized. Please refresh and try again.");
-			if (!vrfStatus.nearAccountId || String(vrfStatus.nearAccountId) !== String(toAccountId(nearAccountId))) throw new Error("VRF session is active but bound to a different account than the one being signed. Please log in again on this device.");
-			const deviceNumber = await getLastLoggedInDeviceNumber(toAccountId(nearAccountId), ctx.indexedDB.clientDB);
-			const encryptedKeyData = await ctx.indexedDB.nearKeysDB.getEncryptedKey(nearAccountId, deviceNumber);
-			const wrapKeySalt = encryptedKeyData?.wrapKeySalt || "";
-			if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in vault; re-register to upgrade vault format.");
-			if (request.type === SecureConfirmationType.SIGN_TRANSACTION) {
-				const payload = getSignTransactionPayload(request);
-				contractId = payload?.rpcCall?.contractId;
-				nearRpcUrl = payload?.rpcCall?.nearRpcUrl;
-			} else if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {
-				const payload = request.payload;
-				contractId = payload?.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;
-				nearRpcUrl = payload?.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl;
-			}
-			await adapters.vrf.mintSessionKeysAndSendToSigner({
-				sessionId: request.requestId,
-				wrapKeySalt,
-				contractId,
-				nearRpcUrl,
-				credential: serializedCredential
-			});
-		} catch (err) {
-			console.error("[SigningFlow] WrapKeySeed derivation failed:", err);
-			throw err;
-		}
-		session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: true,
-			credential: serializedCredential,
-			vrfChallenge: uiVrfChallenge,
-			transactionContext
-		});
-	} catch (err) {
-		const cancelled = isUserCancelledSecureConfirm(err);
-		const msg = String(toError(err)?.message || err || "");
-		if (/Missing PRF result/i.test(msg) || /Missing PRF results/i.test(msg)) return session.cleanupAndRethrow(err);
-		if (cancelled) window.parent?.postMessage({ type: "WALLET_UI_CLOSED" }, "*");
-		const isWrongPasskeyError = /multiple passkeys \(devicenumbers\) for account/i.test(msg);
-		return session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: false,
-			error: cancelled ? ERROR_MESSAGES.cancelled : isWrongPasskeyError ? msg : ERROR_MESSAGES.collectCredentialsFailed
-		});
-	}
-}
-//#endregion
-export { handleTransactionSigningFlow };
-//# sourceMappingURL=transactions.js.map

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"transactions.js","names":["uiVrfChallenge: VRFChallenge | undefined","uiVrfChallengeForUi: Partial<VRFChallenge> | undefined","err: unknown","contractId: string | undefined","nearRpcUrl: string | undefined"],"sources":["../../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.ts"],"sourcesContent":["import type { VrfWorkerManagerContext } from '../../';\nimport type { ConfirmationConfig } from '../../../../types/signer-worker';\nimport {\n SecureConfirmationType,\n TransactionSummary,\n SigningSecureConfirmRequest,\n SigningAuthMode,\n} from '../types';\nimport { VRFChallenge, TransactionContext } from '../../../../types';\nimport {\n getNearAccountId,\n getIntentDigest,\n getTxCount,\n isUserCancelledSecureConfirm,\n ERROR_MESSAGES,\n getSignTransactionPayload,\n} from './index';\nimport { toAccountId } from '../../../../types/accountIds';\nimport { getLastLoggedInDeviceNumber } from '../../../SignerWorkerManager/getDeviceNumber';\nimport { toError } from '../../../../../utils/errors';\nimport { PASSKEY_MANAGER_DEFAULT_CONFIGS } from '../../../../defaultConfigs';\nimport { createConfirmSession } from '../adapters/session';\nimport { createConfirmTxFlowAdapters } from '../adapters/createAdapters';\n\nfunction getSigningAuthMode(request: SigningSecureConfirmRequest): SigningAuthMode {\n if (request.type === SecureConfirmationType.SIGN_TRANSACTION) {\n return getSignTransactionPayload(request).signingAuthMode ?? 'webauthn';\n }\n if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {\n const p = request.payload as any;\n return (p?.signingAuthMode as SigningAuthMode | undefined) ?? 'webauthn';\n }\n return 'webauthn';\n}\n\nexport async function handleTransactionSigningFlow(\n ctx: VrfWorkerManagerContext,\n request: SigningSecureConfirmRequest,\n worker: Worker,\n opts: { confirmationConfig: ConfirmationConfig; transactionSummary: TransactionSummary },\n): Promise<void> {\n const { confirmationConfig, transactionSummary } = opts;\n const adapters = createConfirmTxFlowAdapters(ctx);\n const session = createConfirmSession({\n adapters,\n worker,\n request,\n confirmationConfig,\n transactionSummary,\n });\n const nearAccountId = getNearAccountId(request);\n const signingAuthMode = getSigningAuthMode(request);\n const usesNeeded = getTxCount(request);\n\n // 1) NEAR context + nonce reservation\n const nearRpc = await adapters.near.fetchNearContext({ nearAccountId, txCount: usesNeeded, reserveNonces: true });\n if (nearRpc.error && !nearRpc.transactionContext) {\n // eslint-disable-next-line no-console\n console.error('[SigningFlow] fetchNearContext failed', { error: nearRpc.error, details: nearRpc.details });\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}`,\n });\n }\n session.setReservedNonces(nearRpc.reservedNonces);\n let transactionContext = nearRpc.transactionContext as TransactionContext;\n\n // 2) Security context shown in the confirmer (rpId + block height).\n // For warmSession signing we still want to show this context even though\n // we won't collect a WebAuthn credential.\n const rpId = adapters.vrf.getRpId();\n let uiVrfChallenge: VRFChallenge | undefined;\n let uiVrfChallengeForUi: Partial<VRFChallenge> | undefined = rpId\n ? {\n userId: nearAccountId,\n rpId,\n blockHeight: transactionContext.txBlockHeight,\n blockHash: transactionContext.txBlockHash,\n }\n : undefined;\n\n // Initial VRF challenge (only needed for WebAuthn credential collection)\n if (signingAuthMode === 'webauthn') {\n uiVrfChallenge = await adapters.vrf.generateVrfChallengeForSession(\n {\n userId: nearAccountId,\n rpId,\n blockHeight: transactionContext.txBlockHeight,\n blockHash: transactionContext.txBlockHash,\n },\n request.requestId,\n );\n uiVrfChallengeForUi = uiVrfChallenge;\n }\n\n // 3) UI confirm\n const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallengeForUi });\n if (!confirmed) {\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: uiError,\n });\n }\n\n // 4) Warm session: dispense WrapKeySeed and skip WebAuthn\n if (signingAuthMode === 'warmSession') {\n try {\n await adapters.vrf.dispenseSessionKey({ sessionId: request.requestId, uses: usesNeeded });\n } catch (err: unknown) {\n const msg = String((toError(err))?.message || err || '');\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: msg || 'Failed to dispense warm session key',\n });\n }\n\n session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: true,\n transactionContext,\n });\n return;\n }\n\n // 5) JIT refresh VRF + ctx (best-effort)\n try {\n const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);\n uiVrfChallenge = refreshed.vrfChallenge;\n transactionContext = refreshed.transactionContext;\n session.updateUI({ vrfChallenge: uiVrfChallenge });\n } catch (e) {\n console.debug('[SigningFlow] VRF JIT refresh skipped', e);\n }\n\n // 6) Collect authentication credential\n try {\n if (!uiVrfChallenge) {\n throw new Error('Missing vrfChallenge for WebAuthn signing flow');\n }\n const serializedCredential = await adapters.webauthn.collectAuthenticationCredentialWithPRF({\n nearAccountId,\n vrfChallenge: uiVrfChallenge,\n });\n\n // 5c) Derive WrapKeySeed inside the VRF worker and deliver it to the signer worker via\n // the reserved WrapKeySeed MessagePort. Main thread only sees wrapKeySalt metadata.\n let contractId: string | undefined;\n let nearRpcUrl: string | undefined;\n try {\n // Ensure VRF session is active and bound to the same account we are signing for.\n const vrfStatus = await adapters.vrf.checkVrfStatus();\n if (!vrfStatus.active) {\n throw new Error('VRF keypair not active in memory. VRF session may have expired or was not properly initialized. Please refresh and try again.');\n }\n if (!vrfStatus.nearAccountId || String(vrfStatus.nearAccountId) !== String(toAccountId(nearAccountId))) {\n throw new Error('VRF session is active but bound to a different account than the one being signed. Please log in again on this device.');\n }\n\n const deviceNumber = await getLastLoggedInDeviceNumber(toAccountId(nearAccountId), ctx.indexedDB.clientDB);\n const encryptedKeyData = await ctx.indexedDB.nearKeysDB.getEncryptedKey(nearAccountId, deviceNumber);\n // For v2+ vaults, wrapKeySalt is the canonical salt.\n const wrapKeySalt = encryptedKeyData?.wrapKeySalt || '';\n if (!wrapKeySalt) {\n throw new Error('Missing wrapKeySalt in vault; re-register to upgrade vault format.');\n }\n\n // Extract contract verification context when available.\n // - SIGN_TRANSACTION: use per-request rpcCall (already normalized by caller).\n // - SIGN_NEP413_MESSAGE: allow per-request override; fall back to PASSKEY_MANAGER_DEFAULT_CONFIGS.\n if (request.type === SecureConfirmationType.SIGN_TRANSACTION) {\n const payload = getSignTransactionPayload(request);\n contractId = payload?.rpcCall?.contractId;\n nearRpcUrl = payload?.rpcCall?.nearRpcUrl;\n } else if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {\n const payload = request.payload as any;\n contractId = payload?.contractId\n || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;\n nearRpcUrl = payload?.nearRpcUrl\n || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl;\n }\n\n await adapters.vrf.mintSessionKeysAndSendToSigner({\n sessionId: request.requestId,\n wrapKeySalt,\n contractId,\n nearRpcUrl,\n credential: serializedCredential,\n });\n\t } catch (err) {\n\t console.error('[SigningFlow] WrapKeySeed derivation failed:', err);\n\t throw err; // Don't silently ignore - propagate the error\n\t }\n\n // 6) Respond; keep nonces reserved for worker to use\n session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: true,\n credential: serializedCredential,\n // prfOutput intentionally omitted to keep signer PRF-free\n // WrapKeySeed travels only over the dedicated VRF→Signer MessagePort; do not echo in the main-thread envelope\n vrfChallenge: uiVrfChallenge,\n transactionContext,\n });\n } catch (err: unknown) {\n // Treat TouchID/FaceID cancellation and related errors as a negative decision\n const cancelled = isUserCancelledSecureConfirm(err);\n // For missing PRF outputs, surface the error to caller (defensive path tests expect a throw)\n const msg = String((toError(err))?.message || err || '');\n if (/Missing PRF result/i.test(msg) || /Missing PRF results/i.test(msg)) {\n // Ensure UI is closed and nonces released, then rethrow\n return session.cleanupAndRethrow(err);\n }\n if (cancelled) {\n window.parent?.postMessage({ type: 'WALLET_UI_CLOSED' }, '*');\n }\n const isWrongPasskeyError = /multiple passkeys \$devicenumbers\$ for account/i.test(msg);\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: cancelled\n ? ERROR_MESSAGES.cancelled\n : (isWrongPasskeyError ? msg : ERROR_MESSAGES.collectCredentialsFailed),\n });\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;AAwBA,SAAS,mBAAmB,SAAuD;AACjF,KAAI,QAAQ,SAAS,uBAAuB,iBAC1C,QAAO,0BAA0B,SAAS,mBAAmB;AAE/D,KAAI,QAAQ,SAAS,uBAAuB,qBAAqB;EAC/D,MAAM,IAAI,QAAQ;AAClB,SAAQ,GAAG,mBAAmD;;AAEhE,QAAO;;AAGT,eAAsB,6BACpB,KACA,SACA,QACA,MACe;CACf,MAAM,EAAE,oBAAoB,uBAAuB;CACnD,MAAM,WAAW,4BAA4B;CAC7C,MAAM,UAAU,qBAAqB;EACnC;EACA;EACA;EACA;EACA;;CAEF,MAAM,gBAAgB,iBAAiB;CACvC,MAAM,kBAAkB,mBAAmB;CAC3C,MAAM,aAAa,WAAW;CAG9B,MAAM,UAAU,MAAM,SAAS,KAAK,iBAAiB;EAAE;EAAe,SAAS;EAAY,eAAe;;AAC1G,KAAI,QAAQ,SAAS,CAAC,QAAQ,oBAAoB;AAEhD,UAAQ,MAAM,yCAAyC;GAAE,OAAO,QAAQ;GAAO,SAAS,QAAQ;;AAChG,SAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO,GAAG,eAAe,cAAc,IAAI,QAAQ;;;AAGvD,SAAQ,kBAAkB,QAAQ;CAClC,IAAI,qBAAqB,QAAQ;CAKjC,MAAM,OAAO,SAAS,IAAI;CAC1B,IAAIA;CACJ,IAAIC,sBAAyD,OACzD;EACE,QAAQ;EACR;EACA,aAAa,mBAAmB;EAChC,WAAW,mBAAmB;KAEhC;AAGJ,KAAI,oBAAoB,YAAY;AAClC,mBAAiB,MAAM,SAAS,IAAI,+BAClC;GACE,QAAQ;GACR;GACA,aAAa,mBAAmB;GAChC,WAAW,mBAAmB;KAEhC,QAAQ;AAEV,wBAAsB;;CAIxB,MAAM,EAAE,WAAW,OAAO,YAAY,MAAM,QAAQ,WAAW,EAAE,cAAc;AAC/E,KAAI,CAAC,UACH,QAAO,QAAQ,qBAAqB;EAClC,WAAW,QAAQ;EACnB,cAAc,gBAAgB;EAC9B,WAAW;EACX,OAAO;;AAKX,KAAI,oBAAoB,eAAe;AACrC,MAAI;AACF,SAAM,SAAS,IAAI,mBAAmB;IAAE,WAAW,QAAQ;IAAW,MAAM;;WACrEC,KAAc;GACrB,MAAM,MAAM,OAAQ,QAAQ,MAAO,WAAW,OAAO;AACrD,UAAO,QAAQ,qBAAqB;IAClC,WAAW,QAAQ;IACnB,cAAc,gBAAgB;IAC9B,WAAW;IACX,OAAO,OAAO;;;AAIlB,UAAQ,qBAAqB;GAC3B,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX;;AAEF;;AAIF,KAAI;EACF,MAAM,YAAY,MAAM,SAAS,IAAI,yBAAyB,SAAS;AACvE,mBAAiB,UAAU;AAC3B,uBAAqB,UAAU;AAC/B,UAAQ,SAAS,EAAE,cAAc;UAC1B,GAAG;AACV,UAAQ,MAAM,yCAAyC;;AAIzD,KAAI;AACF,MAAI,CAAC,eACH,OAAM,IAAI,MAAM;EAElB,MAAM,uBAAuB,MAAM,SAAS,SAAS,uCAAuC;GAC1F;GACA,cAAc;;EAKhB,IAAIC;EACJ,IAAIC;AACJ,MAAI;GAEF,MAAM,YAAY,MAAM,SAAS,IAAI;AACrC,OAAI,CAAC,UAAU,OACb,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,UAAU,iBAAiB,OAAO,UAAU,mBAAmB,OAAO,YAAY,gBACrF,OAAM,IAAI,MAAM;GAGlB,MAAM,eAAe,MAAM,4BAA4B,YAAY,gBAAgB,IAAI,UAAU;GACjG,MAAM,mBAAmB,MAAM,IAAI,UAAU,WAAW,gBAAgB,eAAe;GAEvF,MAAM,cAAc,kBAAkB,eAAe;AACrD,OAAI,CAAC,YACH,OAAM,IAAI,MAAM;AAMlB,OAAI,QAAQ,SAAS,uBAAuB,kBAAkB;IAC5D,MAAM,UAAU,0BAA0B;AAC1C,iBAAa,SAAS,SAAS;AAC/B,iBAAa,SAAS,SAAS;cACtB,QAAQ,SAAS,uBAAuB,qBAAqB;IACtE,MAAM,UAAU,QAAQ;AACxB,iBAAa,SAAS,cACjB,gCAAgC;AACrC,iBAAa,SAAS,cACjB,gCAAgC;;AAGvC,SAAM,SAAS,IAAI,+BAA+B;IAChD,WAAW,QAAQ;IACnB;IACA;IACA;IACA,YAAY;;WAEN,KAAK;AACZ,WAAQ,MAAM,gDAAgD;AAC9D,SAAM;;AAIT,UAAQ,qBAAqB;GAC3B,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,YAAY;GAGZ,cAAc;GACd;;UAEKF,KAAc;EAErB,MAAM,YAAY,6BAA6B;EAE/C,MAAM,MAAM,OAAQ,QAAQ,MAAO,WAAW,OAAO;AACrD,MAAI,sBAAsB,KAAK,QAAQ,uBAAuB,KAAK,KAEjE,QAAO,QAAQ,kBAAkB;AAEnC,MAAI,UACF,QAAO,QAAQ,YAAY,EAAE,MAAM,sBAAsB;EAE3D,MAAM,sBAAsB,mDAAmD,KAAK;AACpF,SAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO,YACH,eAAe,YACd,sBAAsB,MAAM,eAAe"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js DELETED Viewed

@@ -1,118 +0,0 @@
-import { errorMessage, init_errors, toError } from "../../../../utils/errors.js";
-import { SecureConfirmationType } from "./types.js";
-import { determineConfirmationConfig } from "./determineConfirmationConfig.js";
-import { parseTransactionSummary, sanitizeForPostMessage, sendConfirmResponse } from "./adapters/common.js";
-import { getIntentDigest } from "./adapters/requestHelpers.js";
-import { assertNoForbiddenMainThreadSigningSecrets, validateSecureConfirmRequest } from "./adapters/requestAdapter.js";
-//#region src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.ts
-init_errors();
-/**
-* Handles secure confirmation requests from the worker with robust error handling
-* => SecureConfirmMessageType.PROMPT_USER_CONFIRM_IN_JS_MAIN_THREAD
-* and proper data validation. Supports both transaction and registration confirmation flows.
-*/
-async function handlePromptUserConfirmInJsMainThread(ctx, message, worker) {
-	let request;
-	let confirmationConfig;
-	let transactionSummary;
-	try {
-		request = validateSecureConfirmRequest(message.data);
-		assertNoForbiddenMainThreadSigningSecrets(request);
-		confirmationConfig = determineConfirmationConfig(ctx, request);
-		const parsedSummary = parseTransactionSummary(request.summary);
-		const intentDigest = getIntentDigest(request);
-		transactionSummary = sanitizeForPostMessage({
-			...parsedSummary,
-			...intentDigest ? { intentDigest } : {}
-		});
-	} catch (e) {
-		console.error("[SecureConfirm][Host] validateAndParseRequest failed", e);
-		try {
-			const rid = (message?.data)?.requestId;
-			if (typeof rid === "string" && rid) {
-				sendConfirmResponse(worker, {
-					requestId: rid,
-					confirmed: false,
-					error: errorMessage(e) || "Invalid secure confirm request"
-				});
-				return;
-			}
-		} catch (_err) {
-			throw toError(e);
-		}
-		throw toError(e);
-	}
-	const handler = HANDLERS[request.type];
-	if (!handler) {
-		sendConfirmResponse(worker, {
-			requestId: request.requestId,
-			confirmed: false,
-			error: "Unsupported secure confirmation type"
-		});
-		return;
-	}
-	await handler({
-		ctx,
-		request,
-		worker,
-		confirmationConfig,
-		transactionSummary
-	});
-}
-async function importFlow(label, loader) {
-	try {
-		return await loader();
-	} catch (e) {
-		console.error(`[SecureConfirm][Host] failed to import ${label} flow module`, e);
-		throw e;
-	}
-}
-const HANDLERS = {
-	[SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./flows/localOnly.js"));
-		await handleLocalOnlyFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	},
-	[SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./flows/localOnly.js"));
-		await handleLocalOnlyFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	},
-	[SecureConfirmationType.REGISTER_ACCOUNT]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleRegistrationFlow } = await importFlow("registration", () => import("./flows/registration.js"));
-		await handleRegistrationFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	},
-	[SecureConfirmationType.LINK_DEVICE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleRegistrationFlow } = await importFlow("registration", () => import("./flows/registration.js"));
-		await handleRegistrationFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	},
-	[SecureConfirmationType.SIGN_TRANSACTION]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./flows/transactions.js"));
-		await handleTransactionSigningFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	},
-	[SecureConfirmationType.SIGN_NEP413_MESSAGE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
-		const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./flows/transactions.js"));
-		await handleTransactionSigningFlow(ctx, request, worker, {
-			confirmationConfig,
-			transactionSummary
-		});
-	}
-};
-//#endregion
-export { handlePromptUserConfirmInJsMainThread };
-//# sourceMappingURL=handleSecureConfirmRequest.js.map

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"handleSecureConfirmRequest.js","names":["request: SecureConfirmRequest","confirmationConfig: ConfirmationConfig","transactionSummary: TransactionSummary","e: unknown","_err: unknown","HANDLERS: Partial<Record<SecureConfirmationType, Handler>>"],"sources":["../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.ts"],"sourcesContent":["import type { VrfWorkerManagerContext } from '../';\nimport type { ConfirmationConfig } from '../../../types/signer-worker';\nimport { determineConfirmationConfig } from './determineConfirmationConfig';\nimport {\n TransactionSummary,\n SecureConfirmMessageType,\n SecureConfirmRequest,\n SecureConfirmationType,\n} from './types';\nimport { errorMessage, toError } from '../../../../utils/errors';\nimport {\n parseTransactionSummary,\n getIntentDigest,\n sendConfirmResponse,\n sanitizeForPostMessage,\n} from './flows';\nimport {\n assertNoForbiddenMainThreadSigningSecrets,\n validateSecureConfirmRequest,\n} from './adapters/requestAdapter';\nimport type {\n LocalOnlySecureConfirmRequest,\n RegistrationSecureConfirmRequest,\n SigningSecureConfirmRequest,\n} from './types';\n\n/**\n * Handles secure confirmation requests from the worker with robust error handling\n * => SecureConfirmMessageType.PROMPT_USER_CONFIRM_IN_JS_MAIN_THREAD\n * and proper data validation. Supports both transaction and registration confirmation flows.\n */\nexport async function handlePromptUserConfirmInJsMainThread(\n ctx: VrfWorkerManagerContext,\n message: {\n type: SecureConfirmMessageType.PROMPT_USER_CONFIRM_IN_JS_MAIN_THREAD,\n data: SecureConfirmRequest,\n },\n worker: Worker\n): Promise<void> {\n\n // 1. Validate and parse request\n let request: SecureConfirmRequest;\n let confirmationConfig: ConfirmationConfig;\n let transactionSummary: TransactionSummary;\n\n try {\n\n request = validateSecureConfirmRequest(message.data);\n assertNoForbiddenMainThreadSigningSecrets(request);\n confirmationConfig = determineConfirmationConfig(ctx, request);\n\n const parsedSummary = parseTransactionSummary(request.summary);\n const intentDigest = getIntentDigest(request);\n\n transactionSummary = sanitizeForPostMessage({\n ...parsedSummary,\n ...(intentDigest ? { intentDigest } : {}),\n }) as TransactionSummary;\n\n } catch (e: unknown) {\n\n console.error('[SecureConfirm][Host] validateAndParseRequest failed', e);\n // Attempt to send a structured error back to the worker to avoid hard failure\n try {\n const rid = (message?.data as any)?.requestId;\n if (typeof rid === 'string' && rid) {\n sendConfirmResponse(worker, {\n requestId: rid,\n confirmed: false,\n error: errorMessage(e) || 'Invalid secure confirm request',\n });\n return;\n }\n } catch (_err: unknown) {\n throw toError(e);\n }\n throw toError(e);\n }\n\n const handler = HANDLERS[request.type];\n if (!handler) {\n // Unsupported type fallback: return structured error to worker.\n sendConfirmResponse(worker, {\n requestId: request.requestId,\n confirmed: false,\n error: 'Unsupported secure confirmation type'\n });\n return;\n }\n\n await handler({ ctx, request, worker, confirmationConfig, transactionSummary });\n}\n\ntype HandlerArgs = {\n ctx: VrfWorkerManagerContext;\n request: SecureConfirmRequest;\n worker: Worker;\n confirmationConfig: ConfirmationConfig;\n transactionSummary: TransactionSummary;\n};\n\ntype Handler = (args: HandlerArgs) => Promise<void>;\n\nasync function importFlow<T>(label: string, loader: () => Promise<T>): Promise<T> {\n try {\n return await loader();\n } catch (e) {\n console.error(`[SecureConfirm][Host] failed to import ${label} flow module`, e);\n throw e;\n }\n}\n\nconst HANDLERS: Partial<Record<SecureConfirmationType, Handler>> = {\n [SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleLocalOnlyFlow } = await importFlow('localOnly', () => import('./flows/localOnly'));\n await handleLocalOnlyFlow(ctx, request as LocalOnlySecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n [SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleLocalOnlyFlow } = await importFlow('localOnly', () => import('./flows/localOnly'));\n await handleLocalOnlyFlow(ctx, request as LocalOnlySecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n [SecureConfirmationType.REGISTER_ACCOUNT]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleRegistrationFlow } = await importFlow('registration', () => import('./flows/registration'));\n await handleRegistrationFlow(ctx, request as RegistrationSecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n [SecureConfirmationType.LINK_DEVICE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleRegistrationFlow } = await importFlow('registration', () => import('./flows/registration'));\n await handleRegistrationFlow(ctx, request as RegistrationSecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n [SecureConfirmationType.SIGN_TRANSACTION]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleTransactionSigningFlow } = await importFlow('transactions', () => import('./flows/transactions'));\n await handleTransactionSigningFlow(ctx, request as SigningSecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n [SecureConfirmationType.SIGN_NEP413_MESSAGE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {\n const { handleTransactionSigningFlow } = await importFlow('transactions', () => import('./flows/transactions'));\n await handleTransactionSigningFlow(ctx, request as SigningSecureConfirmRequest, worker, { confirmationConfig, transactionSummary });\n },\n};\n"],"mappings":";;;;;;;;;;;;;;AA+BA,eAAsB,sCACpB,KACA,SAIA,QACe;CAGf,IAAIA;CACJ,IAAIC;CACJ,IAAIC;AAEJ,KAAI;AAEF,YAAU,6BAA6B,QAAQ;AAC/C,4CAA0C;AAC1C,uBAAqB,4BAA4B,KAAK;EAEtD,MAAM,gBAAgB,wBAAwB,QAAQ;EACtD,MAAM,eAAe,gBAAgB;AAErC,uBAAqB,uBAAuB;GAC1C,GAAG;GACH,GAAI,eAAe,EAAE,iBAAiB;;UAGjCC,GAAY;AAEnB,UAAQ,MAAM,wDAAwD;AAEtE,MAAI;GACF,MAAM,OAAO,SAAS,OAAc;AACpC,OAAI,OAAO,QAAQ,YAAY,KAAK;AAClC,wBAAoB,QAAQ;KAC1B,WAAW;KACX,WAAW;KACX,OAAO,aAAa,MAAM;;AAE5B;;WAEKC,MAAe;AACtB,SAAM,QAAQ;;AAEhB,QAAM,QAAQ;;CAGhB,MAAM,UAAU,SAAS,QAAQ;AACjC,KAAI,CAAC,SAAS;AAEZ,sBAAoB,QAAQ;GAC1B,WAAW,QAAQ;GACnB,WAAW;GACX,OAAO;;AAET;;AAGF,OAAM,QAAQ;EAAE;EAAK;EAAS;EAAQ;EAAoB;;;AAa5D,eAAe,WAAc,OAAe,QAAsC;AAChF,KAAI;AACF,SAAO,MAAM;UACN,GAAG;AACV,UAAQ,MAAM,0CAA0C,MAAM,eAAe;AAC7E,QAAM;;;AAIV,MAAMC,WAA6D;EAChE,uBAAuB,+BAA+B,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EACjI,MAAM,EAAE,wBAAwB,MAAM,WAAW,mBAAmB,OAAO;AAC3E,QAAM,oBAAoB,KAAK,SAA0C,QAAQ;GAAE;GAAoB;;;EAExG,uBAAuB,6BAA6B,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EAC/H,MAAM,EAAE,wBAAwB,MAAM,WAAW,mBAAmB,OAAO;AAC3E,QAAM,oBAAoB,KAAK,SAA0C,QAAQ;GAAE;GAAoB;;;EAExG,uBAAuB,mBAAmB,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EACrH,MAAM,EAAE,2BAA2B,MAAM,WAAW,sBAAsB,OAAO;AACjF,QAAM,uBAAuB,KAAK,SAA6C,QAAQ;GAAE;GAAoB;;;EAE9G,uBAAuB,cAAc,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EAChH,MAAM,EAAE,2BAA2B,MAAM,WAAW,sBAAsB,OAAO;AACjF,QAAM,uBAAuB,KAAK,SAA6C,QAAQ;GAAE;GAAoB;;;EAE9G,uBAAuB,mBAAmB,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EACrH,MAAM,EAAE,iCAAiC,MAAM,WAAW,sBAAsB,OAAO;AACvF,QAAM,6BAA6B,KAAK,SAAwC,QAAQ;GAAE;GAAoB;;;EAE/G,uBAAuB,sBAAsB,OAAO,EAAE,KAAK,SAAS,QAAQ,oBAAoB,yBAAyB;EACxH,MAAM,EAAE,iCAAiC,MAAM,WAAW,sBAAsB,OAAO;AACvF,QAAM,6BAA6B,KAAK,SAAwC,QAAQ;GAAE;GAAoB"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types.js","names":[],"sources":["../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.ts"],"sourcesContent":["import { VRFChallenge } from '@/core/types/vrf-worker';\nimport { TransactionInputWasm } from '../../../types';\nimport { ConfirmationConfig } from '../../../types';\nimport { TransactionContext } from '../../../types/rpc';\nimport { RpcCallPayload } from '../../../types/signer-worker';\nimport { WebAuthnAuthenticationCredential, WebAuthnRegistrationCredential } from '../../../types/webauthn';\nimport { isObject, isString } from '../../../WalletIframe/validation';\n\n// === SECURE CONFIRM TYPES (V2) ===\n\nexport enum SecureConfirmMessageType {\n PROMPT_USER_CONFIRM_IN_JS_MAIN_THREAD = 'PROMPT_USER_CONFIRM_IN_JS_MAIN_THREAD',\n USER_PASSKEY_CONFIRM_RESPONSE = 'USER_PASSKEY_CONFIRM_RESPONSE',\n}\n\n/**\n * Type-level guardrail: these secrets must never appear in main-thread\n * request/response envelopes. WrapKeySeed is delivered only over the dedicated\n * VRF→Signer MessagePort, and PRF outputs should only exist inside credentials.\n */\nexport type ForbiddenMainThreadSecrets = {\n prfOutput?: never;\n prf_output?: never;\n wrapKeySeed?: never;\n wrapKeySalt?: never;\n vrf_sk?: never;\n prfKey?: never;\n};\n\nexport interface SecureConfirmDecision extends ForbiddenMainThreadSecrets {\n requestId: string;\n intentDigest?: string;\n confirmed: boolean;\n credential?: SerializableCredential; // Serialized WebAuthn credential\n vrfChallenge?: VRFChallenge; // VRF challenge generated during confirmation\n transactionContext?: TransactionContext; // NEAR data fetched during confirmation\n // This is a private field used to close the confirmation modal\n _confirmHandle?: { close: (confirmed: boolean) => void };\n error?: string;\n}\n\nexport interface TransactionSummary {\n totalAmount?: string;\n title?: string;\n body?: string;\n method?: string;\n intentDigest?: string;\n receiverId?: string;\n type?: string;\n delegate?: {\n senderId?: string;\n receiverId?: string;\n nonce?: string;\n maxBlockHeight?: string;\n };\n registrationDetails?: {\n nearAccountId: string;\n deviceNumber: number;\n deterministicVrfPublicKey?: string;\n };\n vrfChallenge?: VRFChallenge;\n summary?: unknown;\n}\n\n// Payload to return to Rust WASM is snake_case\nexport interface WorkerConfirmationResponse {\n request_id: string;\n intent_digest?: string;\n confirmed: boolean;\n credential?: SerializableCredential;\n vrf_challenge?: VRFChallenge; // VRF challenge generated during confirmation\n transaction_context?: TransactionContext; // NEAR data fetched during confirmation\n error?: string;\n}\n\n// ===== V2 MESSAGE TYPES =====\n\nexport enum SecureConfirmationType {\n SIGN_TRANSACTION = 'signTransaction',\n REGISTER_ACCOUNT = 'registerAccount',\n LINK_DEVICE = 'linkDevice',\n DECRYPT_PRIVATE_KEY_WITH_PRF = 'decryptPrivateKeyWithPrf',\n SIGN_NEP413_MESSAGE = 'signNep413Message',\n SHOW_SECURE_PRIVATE_KEY_UI = 'showSecurePrivateKeyUi',\n}\n\nexport type SigningAuthMode = 'webauthn' | 'warmSession';\n\n// V2 summaries (render-oriented / UI hints)\nexport interface TxSummary { totalAmount?: string; method?: string; receiverId?: string }\nexport interface RegistrationSummary {\n nearAccountId: string;\n deviceNumber?: number;\n contractId?: string;\n title?: string;\n body?: string;\n}\nexport type ExportOperation = 'Export Private Key' | 'Decrypt Private Key';\nexport interface ExportSummary { operation: ExportOperation; accountId: string; publicKey: string; warning: string }\nexport interface Nep413Summary { operation: 'Sign NEP-413 Message'; message: string; recipient: string; accountId: string }\n\n// V2 request envelope\nexport type SecureConfirmPayloadByType = {\n [SecureConfirmationType.SIGN_TRANSACTION]: SignTransactionPayload;\n [SecureConfirmationType.REGISTER_ACCOUNT]: RegisterAccountPayload;\n [SecureConfirmationType.LINK_DEVICE]: RegisterAccountPayload;\n [SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: DecryptPrivateKeyWithPrfPayload;\n [SecureConfirmationType.SIGN_NEP413_MESSAGE]: SignNep413Payload;\n [SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: ShowSecurePrivateKeyUiPayload;\n};\n\nexport type SecureConfirmSummaryByType = {\n [SecureConfirmationType.SIGN_TRANSACTION]: TransactionSummary;\n [SecureConfirmationType.REGISTER_ACCOUNT]: RegistrationSummary;\n [SecureConfirmationType.LINK_DEVICE]: RegistrationSummary;\n [SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: ExportSummary;\n [SecureConfirmationType.SIGN_NEP413_MESSAGE]: TransactionSummary;\n [SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: ExportSummary;\n};\n\nexport type SecureConfirmPayload = SecureConfirmPayloadByType[keyof SecureConfirmPayloadByType];\nexport type SecureConfirmSummary = SecureConfirmSummaryByType[keyof SecureConfirmSummaryByType];\n\nexport interface SecureConfirmRequest<TPayload = SecureConfirmPayload, TSummary = SecureConfirmSummary> {\n schemaVersion: 2;\n requestId: string;\n type: SecureConfirmationType;\n summary: TSummary;\n payload: TPayload;\n // Allow partial override from callers; effective config is computed later\n confirmationConfig?: Partial<ConfirmationConfig>;\n // Optional intent digest to echo back in responses for flows that\n // do not have a tx-centric payload (e.g., registration/link flows)\n intentDigest?: string;\n}\n\n// V2 payloads\nexport interface SignTransactionPayload {\n txSigningRequests: TransactionInputWasm[];\n intentDigest: string;\n rpcCall: RpcCallPayload;\n /**\n * Controls whether confirmTxFlow should collect a WebAuthn credential.\n * - `webauthn`: prompt TouchID/FaceID and derive WrapKeySeed from PRF.first_auth.\n * - `warmSession`: skip WebAuthn and dispense the existing VRF session key to the signer worker.\n */\n signingAuthMode?: SigningAuthMode;\n}\n\nexport interface RegisterAccountPayload {\n nearAccountId: string;\n deviceNumber?: number;\n rpcCall: RpcCallPayload;\n}\n\nexport interface DecryptPrivateKeyWithPrfPayload {\n nearAccountId: string;\n publicKey: string;\n}\n\nexport interface ShowSecurePrivateKeyUiPayload {\n nearAccountId: string;\n publicKey: string;\n privateKey: string;\n variant?: 'drawer' | 'modal';\n theme?: 'dark' | 'light';\n}\n\nexport interface SignNep413Payload {\n nearAccountId: string;\n message: string;\n recipient: string;\n /**\n * Optional contract verification context for VRF gating.\n * When provided, VRF Rust can call `verify_authentication_response` on-chain\n * before deriving and dispensing session keys.\n */\n contractId?: string;\n /**\n * Optional NEAR RPC URL for contract verification (single URL or failover list).\n */\n nearRpcUrl?: string;\n /**\n * Controls whether confirmTxFlow should collect a WebAuthn credential for this signing intent.\n * See `SignTransactionPayload.signingAuthMode`.\n */\n signingAuthMode?: SigningAuthMode;\n}\n\n// Type guards\nexport function isSecureConfirmRequestV2(x: unknown): x is SecureConfirmRequest {\n return isObject(x)\n && (x as { schemaVersion?: unknown }).schemaVersion === 2\n && isString((x as { type?: unknown }).type)\n && isString((x as { requestId?: unknown }).requestId);\n}\n\n// Serialized WebAuthn credential (authentication or registration)\nexport type SerializableCredential = WebAuthnAuthenticationCredential | WebAuthnRegistrationCredential;\n\n// Discriminated unions to bind `type` to payload shape\nexport type SecureConfirmRequestByType<TType extends SecureConfirmationType> =\n SecureConfirmRequest<SecureConfirmPayloadByType[TType], SecureConfirmSummaryByType[TType]> & { type: TType };\n\nexport type LocalOnlySecureConfirmRequest =\n | SecureConfirmRequestByType<SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF>\n | SecureConfirmRequestByType<SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI>;\n\nexport type RegistrationSecureConfirmRequest =\n | SecureConfirmRequestByType<SecureConfirmationType.REGISTER_ACCOUNT>\n | SecureConfirmRequestByType<SecureConfirmationType.LINK_DEVICE>;\n\nexport type SigningSecureConfirmRequest =\n | SecureConfirmRequestByType<SecureConfirmationType.SIGN_TRANSACTION>\n | SecureConfirmRequestByType<SecureConfirmationType.SIGN_NEP413_MESSAGE>;\n\nexport type KnownSecureConfirmRequest =\n | LocalOnlySecureConfirmRequest\n | RegistrationSecureConfirmRequest\n | SigningSecureConfirmRequest;\n"],"mappings":";AAUA,IAAY,gFAAL;AACL;AACA;;;AAiEF,IAAY,4EAAL;AACL;AACA;AACA;AACA;AACA;AACA"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"checkSessionStatus.js","names":["message: VRFWorkerMessage<WasmCheckSessionStatusRequest>"],"sources":["../../../../../../../../../src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.ts"],"sourcesContent":["import type { VRFWorkerMessage, WasmCheckSessionStatusRequest } from '../../../types/vrf-worker';\nimport type { VrfWorkerManagerHandlerContext } from './types';\n\n/**\n * Per-`sessionId` signing-session status (WrapKeySeed session gating).\n *\n * This is NOT the same as the \"global\" VRF unlock status (whether the VRF keypair is active).\n * For VRF keypair unlock status, use `checkVrfStatus`.\n */\nexport async function checkSessionStatus(\n ctx: VrfWorkerManagerHandlerContext,\n args: { sessionId: string }\n): Promise<{\n sessionId: string;\n status: 'active' | 'exhausted' | 'expired' | 'not_found';\n remainingUses?: number;\n expiresAtMs?: number;\n createdAtMs?: number;\n}> {\n await ctx.ensureWorkerReady(true);\n const message: VRFWorkerMessage<WasmCheckSessionStatusRequest> = {\n type: 'CHECK_SESSION_STATUS',\n id: ctx.generateMessageId(),\n payload: {\n sessionId: args.sessionId,\n } as any,\n };\n const response = await ctx.sendMessage<WasmCheckSessionStatusRequest>(message);\n if (!response.success) {\n throw new Error(`checkSessionStatus failed: ${response.error}`);\n }\n return (\n (response.data as any) || {\n sessionId: args.sessionId,\n status: 'not_found',\n }\n );\n}\n"],"mappings":";;;;;;;AASA,eAAsB,mBACpB,KACA,MAOC;AACD,OAAM,IAAI,kBAAkB;CAC5B,MAAMA,UAA2D;EAC/D,MAAM;EACN,IAAI,IAAI;EACR,SAAS,EACP,WAAW,KAAK;;CAGpB,MAAM,WAAW,MAAM,IAAI,YAA2C;AACtE,KAAI,CAAC,SAAS,QACZ,OAAM,IAAI,MAAM,8BAA8B,SAAS;AAEzD,QACG,SAAS,QAAgB;EACxB,WAAW,KAAK;EAChB,QAAQ"}

package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js DELETED Viewed

@@ -1,51 +0,0 @@
-import { init_accountIds, toAccountId } from "../../../types/accountIds.js";
-//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.ts
-init_accountIds();
-/**
-* "Global" VRF status: is the VRF keypair currently unlocked/active inside the VRF worker?
-*
-* This is NOT the same as a signing session status (WrapKeySeed session gating).
-* For per-`sessionId` signing-session status, use `checkSessionStatus`.
-*/
-async function checkVrfStatus(ctx) {
-	try {
-		await ctx.ensureWorkerReady();
-	} catch {
-		return {
-			active: false,
-			nearAccountId: null
-		};
-	}
-	try {
-		const message = {
-			type: "CHECK_VRF_STATUS",
-			id: ctx.generateMessageId(),
-			payload: {}
-		};
-		const response = await ctx.sendMessage(message);
-		if (response.success && response.data) {
-			const data = response.data;
-			const current = ctx.getCurrentVrfAccountId();
-			return {
-				active: data.active,
-				nearAccountId: current ? toAccountId(current) : null,
-				sessionDuration: data.sessionDuration
-			};
-		}
-		return {
-			active: false,
-			nearAccountId: null
-		};
-	} catch (error) {
-		console.warn("VRF Manager: Failed to get VRF status:", error);
-		return {
-			active: false,
-			nearAccountId: null
-		};
-	}
-}
-//#endregion
-export { checkVrfStatus };
-//# sourceMappingURL=checkVrfStatus.js.map