@tatchi-xyz/sdk 0.21.0 → 0.31.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/cjs/_virtual/rolldown_runtime.js +0 -13
- package/dist/cjs/base-styles.js +0 -1
- package/dist/cjs/base-styles.js.map +1 -1
- package/dist/cjs/build-paths.js +0 -1
- package/dist/cjs/build-paths.js.map +1 -1
- package/dist/cjs/config.js +0 -1
- package/dist/cjs/config.js.map +1 -1
- package/dist/cjs/core/ChainsigAddressManager/index.js +0 -3
- package/dist/cjs/core/ChainsigAddressManager/index.js.map +1 -1
- package/dist/cjs/core/EmailRecovery/emailRecoveryPendingStore.js +48 -60
- package/dist/cjs/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -1
- package/dist/cjs/core/EmailRecovery/index.js +19 -34
- package/dist/cjs/core/EmailRecovery/index.js.map +1 -1
- package/dist/cjs/core/ExtensionWallet/detect.js +0 -1
- package/dist/cjs/core/ExtensionWallet/detect.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/index.js +85 -92
- package/dist/cjs/core/IndexedDBManager/index.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/passkeyClientDB.js +648 -646
- package/dist/cjs/core/IndexedDBManager/passkeyClientDB.js.map +1 -1
- package/dist/cjs/core/IndexedDBManager/passkeyNearKeysDB.js +223 -154
- package/dist/cjs/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -1
- package/dist/cjs/core/NearClient.js +9 -8
- package/dist/cjs/core/NearClient.js.map +1 -1
- package/dist/cjs/core/NearRpcError.js +0 -1
- package/dist/cjs/core/NearRpcError.js.map +1 -1
- package/dist/cjs/core/OfflineExport/overlay.js +0 -1
- package/dist/cjs/core/OfflineExport/overlay.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/actions.js +86 -132
- package/dist/cjs/core/TatchiPasskey/actions.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/delegateAction.js +4 -4
- package/dist/cjs/core/TatchiPasskey/delegateAction.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/emailRecovery.js +866 -852
- package/dist/cjs/core/TatchiPasskey/emailRecovery.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/faucets/createAccountRelayServer.js +28 -16
- package/dist/cjs/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/index.js +128 -91
- package/dist/cjs/core/TatchiPasskey/index.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/linkDevice.js +85 -30
- package/dist/cjs/core/TatchiPasskey/linkDevice.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/login.js +372 -193
- package/dist/cjs/core/TatchiPasskey/login.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/registration.js +189 -77
- package/dist/cjs/core/TatchiPasskey/registration.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/relay.js +0 -2
- package/dist/cjs/core/TatchiPasskey/relay.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/scanDevice.js +2 -9
- package/dist/cjs/core/TatchiPasskey/scanDevice.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/signNEP413.js +12 -5
- package/dist/cjs/core/TatchiPasskey/signNEP413.js.map +1 -1
- package/dist/cjs/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/cjs/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/cjs/core/WalletIframe/client/IframeTransport.js +166 -134
- package/dist/cjs/core/WalletIframe/client/IframeTransport.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/on-events-progress-bus.js +4 -6
- package/dist/cjs/core/WalletIframe/client/on-events-progress-bus.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/overlay-controller.js +0 -1
- package/dist/cjs/core/WalletIframe/client/overlay-controller.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/overlay-styles.js +0 -1
- package/dist/cjs/core/WalletIframe/client/overlay-styles.js.map +1 -1
- package/dist/cjs/core/WalletIframe/client/router.js +204 -170
- package/dist/cjs/core/WalletIframe/client/router.js.map +1 -1
- package/dist/cjs/core/WalletIframe/events.js +0 -1
- package/dist/cjs/core/WalletIframe/events.js.map +1 -1
- package/dist/cjs/core/WalletIframe/host-mode.js +4 -1
- package/dist/cjs/core/WalletIframe/host-mode.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +1 -2
- package/dist/cjs/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +5 -15
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/LitElementWithProps.js +22 -18
- package/dist/cjs/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/index.js +1 -2
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +1 -3
- package/dist/cjs/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/asset-base.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/common/formatters.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui.js +3 -5
- package/dist/cjs/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/ensure-defined.js +1 -6
- package/dist/cjs/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/lit-events.js +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/tags.js +0 -31
- package/dist/cjs/core/WebAuthnManager/LitComponents/tags.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -11
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +10 -14
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +5 -9
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +6 -8
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +46 -0
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +3 -8
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +13 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +204 -48
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +170 -30
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +3 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +274 -86
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +5 -12
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/index.js +15 -10
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +15 -5
- package/dist/cjs/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +1 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +1 -6
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +1 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +1 -11
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +30 -7
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +7 -30
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -3
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +38 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +76 -64
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -3
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +82 -81
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +17 -9
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +8 -6
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +17 -15
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +6 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +36 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +6 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/index.js +37 -4
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +54 -65
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/cjs/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/credentialsHelpers.js +18 -26
- package/dist/cjs/core/WebAuthnManager/credentialsHelpers.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/index.js +355 -53
- package/dist/cjs/core/WebAuthnManager/index.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/cjs/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/cjs/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/cjs/core/WebAuthnManager/touchIdPrompt.js +200 -211
- package/dist/cjs/core/WebAuthnManager/touchIdPrompt.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/userHandle.js +0 -4
- package/dist/cjs/core/WebAuthnManager/userHandle.js.map +1 -1
- package/dist/cjs/core/WebAuthnManager/userPreferences.js +119 -37
- package/dist/cjs/core/WebAuthnManager/userPreferences.js.map +1 -1
- package/dist/cjs/core/defaultConfigs.js +58 -58
- package/dist/cjs/core/defaultConfigs.js.map +1 -1
- package/dist/cjs/core/digests/intentDigest.js +100 -0
- package/dist/cjs/core/digests/intentDigest.js.map +1 -0
- package/dist/cjs/core/nearCrypto.js +3 -30
- package/dist/cjs/core/nearCrypto.js.map +1 -1
- package/dist/cjs/core/nonceManager.js +6 -16
- package/dist/cjs/core/nonceManager.js.map +1 -1
- package/dist/cjs/core/rpcCalls.js +263 -24
- package/dist/cjs/core/rpcCalls.js.map +1 -1
- package/dist/cjs/core/sdkPaths/base.js +0 -1
- package/dist/cjs/core/sdkPaths/base.js.map +1 -1
- package/dist/cjs/core/sdkPaths/workers.js +7 -6
- package/dist/cjs/core/sdkPaths/workers.js.map +1 -1
- package/dist/cjs/core/threshold/thresholdEd25519AuthSession.js +145 -0
- package/dist/cjs/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/cjs/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/cjs/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/cjs/core/threshold/thresholdSessionPolicy.js +67 -0
- package/dist/cjs/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/cjs/core/types/accountIds.js +0 -11
- package/dist/cjs/core/types/accountIds.js.map +1 -1
- package/dist/cjs/core/types/actions.js +18 -27
- package/dist/cjs/core/types/actions.js.map +1 -1
- package/dist/cjs/core/types/emailRecovery.js +25 -26
- package/dist/cjs/core/types/emailRecovery.js.map +1 -1
- package/dist/cjs/core/types/linkDevice.js +0 -1
- package/dist/cjs/core/types/linkDevice.js.map +1 -1
- package/dist/cjs/core/types/rpc.js +9 -19
- package/dist/cjs/core/types/rpc.js.map +1 -1
- package/dist/cjs/core/types/sdkSentEvents.js +107 -118
- package/dist/cjs/core/types/sdkSentEvents.js.map +1 -1
- package/dist/cjs/core/types/signer-worker.js +94 -18
- package/dist/cjs/core/types/signer-worker.js.map +1 -1
- package/dist/cjs/core/types/vrf-worker.js +3 -13
- package/dist/cjs/core/types/vrf-worker.js.map +1 -1
- package/dist/cjs/core/workerControlMessages.js +0 -1
- package/dist/cjs/core/workerControlMessages.js.map +1 -1
- package/dist/cjs/index.js +9 -25
- package/dist/cjs/plugins/headers.js +3 -11
- package/dist/cjs/plugins/headers.js.map +1 -1
- package/dist/cjs/plugins/next.js +21 -11
- package/dist/cjs/plugins/next.js.map +1 -1
- package/dist/cjs/plugins/plugin-utils.js +1 -7
- package/dist/cjs/plugins/plugin-utils.js.map +1 -1
- package/dist/cjs/plugins/utils/validation.js +29 -0
- package/dist/cjs/plugins/utils/validation.js.map +1 -0
- package/dist/cjs/plugins/vite.js +18 -11
- package/dist/cjs/plugins/vite.js.map +1 -1
- package/dist/cjs/react/_virtual/rolldown_runtime.js +0 -13
- package/dist/cjs/react/build-paths.js +54 -0
- package/dist/cjs/react/build-paths.js.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-C-RBcCPI.css +452 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-C-RBcCPI.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal2.js +6 -5
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal2.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BCW8a1XS.css +120 -0
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BCW8a1XS.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown2.js +3 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown2.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/TransactionSettingsSection.js +37 -3
- package/dist/cjs/react/components/AccountMenuButton/TransactionSettingsSection.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-QsQWyQ9D.css +77 -0
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-QsQWyQ9D.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-BRVcqcso.css +41 -0
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-BRVcqcso.css.map +1 -0
- package/dist/cjs/react/components/AccountMenuButton/index.js +25 -4
- package/dist/cjs/react/components/AccountMenuButton/index.js.map +1 -1
- package/dist/cjs/react/components/AccountMenuButton/types.js +0 -1
- package/dist/cjs/react/components/AccountMenuButton/types.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-D2eRb2-S.css +1011 -0
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-D2eRb2-S.css.map +1 -0
- package/dist/cjs/react/components/PasskeyAuthMenu/adapters/tatchi.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/adapters/tatchi.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/authMenuTypes.js +2 -3
- package/dist/cjs/react/components/PasskeyAuthMenu/authMenuTypes.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/client.js +10 -10
- package/dist/cjs/react/components/PasskeyAuthMenu/client.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/mode.js +4 -4
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/mode.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/proceedEligibility.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/proceedEligibility.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js +3 -3
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/controller/useSDKEvents.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/features/recentLoginPrefill.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/features/recentLoginPrefill.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/passkeyAuthMenuCompat.js +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/passkeyAuthMenuCompat.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/preload.js +1 -2
- package/dist/cjs/react/components/PasskeyAuthMenu/preload.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/shell.js +52 -13
- package/dist/cjs/react/components/PasskeyAuthMenu/shell.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/skeleton.js +5 -3
- package/dist/cjs/react/components/PasskeyAuthMenu/skeleton.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js.map +1 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js +280 -367
- package/dist/cjs/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js.map +1 -1
- package/dist/cjs/react/components/ShowQRCode-DGCJv1Cw.css +113 -0
- package/dist/cjs/react/components/ShowQRCode-DGCJv1Cw.css.map +1 -0
- package/dist/cjs/react/components/ShowQRCode2.js +1 -2
- package/dist/cjs/react/components/ShowQRCode2.js.map +1 -1
- package/dist/cjs/react/components/theme/ThemeProvider.js +18 -18
- package/dist/cjs/react/components/theme/ThemeProvider.js.map +1 -1
- package/dist/cjs/react/components/theme/design-tokens.js +1 -2
- package/dist/cjs/react/components/theme/design-tokens.js.map +1 -1
- package/dist/cjs/react/components/theme/utils.js +0 -1
- package/dist/cjs/react/components/theme/utils.js.map +1 -1
- package/dist/cjs/react/context/tatchiManagerSingleton.js +2 -4
- package/dist/cjs/react/context/tatchiManagerSingleton.js.map +1 -1
- package/dist/cjs/react/context/useLoginStateRefresher.js +1 -2
- package/dist/cjs/react/context/useLoginStateRefresher.js.map +1 -1
- package/dist/cjs/react/context/useTatchiContextValue.js +17 -9
- package/dist/cjs/react/context/useTatchiContextValue.js.map +1 -1
- package/dist/cjs/react/context/useTatchiWithSdkFlow.js +9 -10
- package/dist/cjs/react/context/useTatchiWithSdkFlow.js.map +1 -1
- package/dist/cjs/react/context/useWalletIframeLifecycle.js +1 -2
- package/dist/cjs/react/context/useWalletIframeLifecycle.js.map +1 -1
- package/dist/cjs/react/deviceDetection.js +92 -81
- package/dist/cjs/react/deviceDetection.js.map +1 -1
- package/dist/cjs/react/hooks/useAccountInput.js +1 -2
- package/dist/cjs/react/hooks/useAccountInput.js.map +1 -1
- package/dist/cjs/react/hooks/useDeviceLinking.js +1 -1
- package/dist/cjs/react/hooks/useNearClient.js +2 -3
- package/dist/cjs/react/hooks/useNearClient.js.map +1 -1
- package/dist/cjs/react/hooks/usePreconnectWalletAssets.js +1 -1
- package/dist/cjs/react/hooks/useQRCamera.js +1 -2
- package/dist/cjs/react/hooks/useQRCamera.js.map +1 -1
- package/dist/cjs/react/hooks/useQRFileUpload.js +1 -1
- package/dist/cjs/react/index.js +8 -21
- package/dist/cjs/react/src/base-styles.js +20 -0
- package/dist/cjs/react/src/base-styles.js.map +1 -0
- package/dist/cjs/react/src/config.js +34 -0
- package/dist/cjs/react/src/config.js.map +1 -0
- package/dist/cjs/react/src/core/ChainsigAddressManager/index.js +27 -0
- package/dist/cjs/react/src/core/ChainsigAddressManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/EmailRecovery/emailRecoveryPendingStore.js +57 -0
- package/dist/cjs/react/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -0
- package/dist/cjs/react/src/core/EmailRecovery/index.js +99 -0
- package/dist/cjs/react/src/core/EmailRecovery/index.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/index.js +133 -0
- package/dist/cjs/react/src/core/IndexedDBManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyClientDB.js +687 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyClientDB.js.map +1 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyNearKeysDB.js +261 -0
- package/dist/cjs/react/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -0
- package/dist/cjs/react/src/core/NearClient.js +274 -0
- package/dist/cjs/react/src/core/NearClient.js.map +1 -0
- package/dist/cjs/react/src/core/NearRpcError.js +115 -0
- package/dist/cjs/react/src/core/NearRpcError.js.map +1 -0
- package/dist/cjs/react/src/core/OfflineExport/overlay.js +55 -0
- package/dist/cjs/react/src/core/OfflineExport/overlay.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/actions.js +406 -0
- package/dist/cjs/react/src/core/TatchiPasskey/actions.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/delegateAction.js +76 -0
- package/dist/cjs/react/src/core/TatchiPasskey/delegateAction.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/emailRecovery.js +933 -0
- package/dist/cjs/react/src/core/TatchiPasskey/emailRecovery.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +109 -0
- package/dist/cjs/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/index.js +1335 -0
- package/dist/cjs/react/src/core/TatchiPasskey/index.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/linkDevice.js +766 -0
- package/dist/cjs/react/src/core/TatchiPasskey/linkDevice.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/login.js +757 -0
- package/dist/cjs/react/src/core/TatchiPasskey/login.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/registration.js +452 -0
- package/dist/cjs/react/src/core/TatchiPasskey/registration.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/relay.js +110 -0
- package/dist/cjs/react/src/core/TatchiPasskey/relay.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/scanDevice.js +99 -0
- package/dist/cjs/react/src/core/TatchiPasskey/scanDevice.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/signNEP413.js +96 -0
- package/dist/cjs/react/src/core/TatchiPasskey/signNEP413.js.map +1 -0
- package/dist/cjs/react/src/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/cjs/react/src/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/IframeTransport.js +362 -0
- package/dist/cjs/react/src/core/WalletIframe/client/IframeTransport.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/on-events-progress-bus.js +208 -0
- package/dist/cjs/react/src/core/WalletIframe/client/on-events-progress-bus.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-controller.js +99 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-controller.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-styles.js +127 -0
- package/dist/cjs/react/src/core/WalletIframe/client/overlay-styles.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/client/router.js +1096 -0
- package/dist/cjs/react/src/core/WalletIframe/client/router.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/events.js +10 -0
- package/dist/cjs/react/src/core/WalletIframe/events.js.map +1 -0
- package/dist/cjs/react/src/core/WalletIframe/host-mode.js +14 -0
- package/dist/cjs/react/src/core/WalletIframe/host-mode.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js +660 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +222 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js +135 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +189 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +248 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +261 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +281 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +260 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +146 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js +502 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +211 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +181 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/asset-base.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +55 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/formatters.js +67 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js +9 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js +219 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js +109 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js +19 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/lit-events.js +34 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/tags.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/LitComponents/tags.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +28 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +67 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +71 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +46 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +64 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +45 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +121 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +16 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +261 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +220 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +57 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +302 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +75 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/index.js +457 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +93 -0
- package/dist/cjs/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +58 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +51 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +31 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +46 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +44 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +76 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +87 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +17 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +63 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +124 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +148 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +174 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +127 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +21 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +54 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +32 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +30 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +49 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +158 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +61 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +26 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +80 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +61 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +44 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +53 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +30 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +27 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +29 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +41 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/index.js +408 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +25 -0
- package/dist/cjs/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +199 -0
- package/dist/cjs/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/cjs/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/credentialsHelpers.js +293 -0
- package/dist/cjs/react/src/core/WebAuthnManager/credentialsHelpers.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/index.js +1192 -0
- package/dist/cjs/react/src/core/WebAuthnManager/index.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/cjs/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/touchIdPrompt.js +271 -0
- package/dist/cjs/react/src/core/WebAuthnManager/touchIdPrompt.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userHandle.js +35 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userHandle.js.map +1 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userPreferences.js +390 -0
- package/dist/cjs/react/src/core/WebAuthnManager/userPreferences.js.map +1 -0
- package/dist/cjs/react/src/core/defaultConfigs.js +110 -0
- package/dist/cjs/react/src/core/defaultConfigs.js.map +1 -0
- package/dist/cjs/react/src/core/digests/intentDigest.js +100 -0
- package/dist/cjs/react/src/core/digests/intentDigest.js.map +1 -0
- package/dist/cjs/react/src/core/nearCrypto.js +30 -0
- package/dist/cjs/react/src/core/nearCrypto.js.map +1 -0
- package/dist/cjs/react/src/core/nonceManager.js +393 -0
- package/dist/cjs/react/src/core/nonceManager.js.map +1 -0
- package/dist/cjs/react/src/core/rpcCalls.js +685 -0
- package/dist/cjs/react/src/core/rpcCalls.js.map +1 -0
- package/dist/cjs/react/src/core/sdkPaths/base.js +48 -0
- package/dist/cjs/react/src/core/sdkPaths/base.js.map +1 -0
- package/dist/cjs/react/src/core/sdkPaths/workers.js +46 -0
- package/dist/cjs/react/src/core/sdkPaths/workers.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519AuthSession.js +145 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/cjs/react/src/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/cjs/react/src/core/threshold/thresholdSessionPolicy.js +67 -0
- package/dist/cjs/react/src/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/cjs/react/src/core/types/accountIds.js +24 -0
- package/dist/cjs/react/src/core/types/accountIds.js.map +1 -0
- package/dist/cjs/react/src/core/types/actions.js +265 -0
- package/dist/cjs/react/src/core/types/actions.js.map +1 -0
- package/dist/cjs/react/src/core/types/authenticatorOptions.js +51 -0
- package/dist/cjs/react/src/core/types/authenticatorOptions.js.map +1 -0
- package/dist/cjs/react/src/core/types/emailRecovery.js +32 -0
- package/dist/cjs/react/src/core/types/emailRecovery.js.map +1 -0
- package/dist/cjs/react/src/core/types/linkDevice.js +24 -0
- package/dist/cjs/react/src/core/types/linkDevice.js.map +1 -0
- package/dist/cjs/react/src/core/types/rpc.js +15 -0
- package/dist/cjs/react/src/core/types/rpc.js.map +1 -0
- package/dist/cjs/react/src/core/types/sdkSentEvents.js +122 -0
- package/dist/cjs/react/src/core/types/sdkSentEvents.js.map +1 -0
- package/dist/cjs/react/src/core/types/signer-worker.js +145 -0
- package/dist/cjs/react/src/core/types/signer-worker.js.map +1 -0
- package/dist/cjs/react/src/core/types/vrf-worker.js +64 -0
- package/dist/cjs/react/src/core/types/vrf-worker.js.map +1 -0
- package/dist/cjs/react/src/core/workerControlMessages.js +20 -0
- package/dist/cjs/react/src/core/workerControlMessages.js.map +1 -0
- package/dist/cjs/react/src/theme/base-styles.js +156 -0
- package/dist/cjs/react/src/theme/base-styles.js.map +1 -0
- package/dist/cjs/react/src/theme/palette.js +208 -0
- package/dist/cjs/react/src/theme/palette.js.map +1 -0
- package/dist/cjs/react/src/threshold/participants.js +78 -0
- package/dist/cjs/react/src/threshold/participants.js.map +1 -0
- package/dist/cjs/react/src/utils/base58.js +21 -0
- package/dist/cjs/react/src/utils/base58.js.map +1 -0
- package/dist/cjs/react/src/utils/base64.js +71 -0
- package/dist/cjs/react/src/utils/base64.js.map +1 -0
- package/dist/cjs/react/src/utils/digests.js +28 -0
- package/dist/cjs/react/src/utils/digests.js.map +1 -0
- package/dist/cjs/react/src/utils/errors.js +141 -0
- package/dist/cjs/react/src/utils/errors.js.map +1 -0
- package/dist/cjs/react/src/utils/qrScanner.js +319 -0
- package/dist/cjs/react/src/utils/qrScanner.js.map +1 -0
- package/dist/cjs/react/src/utils/validation.js +160 -0
- package/dist/cjs/react/src/utils/validation.js.map +1 -0
- package/dist/cjs/react/utils/walletIframe.js +0 -1
- package/dist/cjs/react/utils/walletIframe.js.map +1 -1
- package/dist/cjs/server/core/AuthService.js +187 -65
- package/dist/cjs/server/core/AuthService.js.map +1 -1
- package/dist/cjs/server/core/SessionService.js.map +1 -1
- package/dist/cjs/server/core/ShamirService.js +1 -1
- package/dist/cjs/server/core/ShamirService.js.map +1 -1
- package/dist/cjs/server/core/ThresholdService/ThresholdSigningService.js +978 -0
- package/dist/cjs/server/core/ThresholdService/ThresholdSigningService.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/config.js +102 -0
- package/dist/cjs/server/core/ThresholdService/config.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/coordinatorGrant.js +201 -0
- package/dist/cjs/server/core/ThresholdService/coordinatorGrant.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/cosigners.js +282 -0
- package/dist/cjs/server/core/ThresholdService/cosigners.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/createThresholdSigningService.js +98 -0
- package/dist/cjs/server/core/ThresholdService/createThresholdSigningService.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/keygenStrategy.js +116 -0
- package/dist/cjs/server/core/ThresholdService/keygenStrategy.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/kv.js +340 -0
- package/dist/cjs/server/core/ThresholdService/kv.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/relayerKeyMaterial.js +66 -0
- package/dist/cjs/server/core/ThresholdService/relayerKeyMaterial.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/signingHandlers.js +1179 -0
- package/dist/cjs/server/core/ThresholdService/signingHandlers.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/AuthSessionStore.js +258 -0
- package/dist/cjs/server/core/ThresholdService/stores/AuthSessionStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/KeyStore.js +136 -0
- package/dist/cjs/server/core/ThresholdService/stores/KeyStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/stores/SessionStore.js +228 -0
- package/dist/cjs/server/core/ThresholdService/stores/SessionStore.js.map +1 -0
- package/dist/cjs/server/core/ThresholdService/validation.js +558 -0
- package/dist/cjs/server/core/ThresholdService/validation.js.map +1 -0
- package/dist/cjs/server/core/config.js +25 -18
- package/dist/cjs/server/core/config.js.map +1 -1
- package/dist/cjs/server/core/errors.js +3 -1
- package/dist/cjs/server/core/errors.js.map +1 -1
- package/dist/cjs/server/core/logger.js +2 -1
- package/dist/cjs/server/core/logger.js.map +1 -1
- package/dist/cjs/server/core/nearKeys.js +15 -0
- package/dist/cjs/server/core/nearKeys.js.map +1 -0
- package/dist/cjs/server/core/shamirHandlers.js +1 -1
- package/dist/cjs/server/core/shamirHandlers.js.map +1 -1
- package/dist/cjs/server/core/shamirWorker.js +94 -0
- package/dist/cjs/server/core/shamirWorker.js.map +1 -1
- package/dist/cjs/server/core/utils.js +1 -1
- package/dist/cjs/server/core/utils.js.map +1 -1
- package/dist/cjs/server/delegateAction/index.js.map +1 -1
- package/dist/cjs/server/email-recovery/emailEncryptor.js +1 -1
- package/dist/cjs/server/email-recovery/emailParsers.js +5 -5
- package/dist/cjs/server/email-recovery/emailParsers.js.map +1 -1
- package/dist/cjs/server/email-recovery/index.js +10 -5
- package/dist/cjs/server/email-recovery/index.js.map +1 -1
- package/dist/cjs/server/email-recovery/rpcCalls.js +2 -4
- package/dist/cjs/server/email-recovery/rpcCalls.js.map +1 -1
- package/dist/cjs/server/email-recovery/zkEmail/proverClient.js +2 -4
- package/dist/cjs/server/email-recovery/zkEmail/proverClient.js.map +1 -1
- package/dist/cjs/server/index.js +8 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js +244 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js +401 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js.map +1 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js +369 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js +52 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js +35 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js +20 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js +65 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js.map +1 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js +223 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js.map +1 -1
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js +17 -0
- package/dist/cjs/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js.map +1 -1
- package/dist/cjs/server/router/cloudflare.js +1117 -684
- package/dist/cjs/server/router/cloudflare.js.map +1 -1
- package/dist/cjs/server/router/express.js +812 -350
- package/dist/cjs/server/router/express.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/NearClient.js +8 -1
- package/dist/cjs/server/sdk/src/core/NearClient.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/defaultConfigs.js +7 -0
- package/dist/cjs/server/sdk/src/core/defaultConfigs.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/nearCrypto.js +3 -36
- package/dist/cjs/server/sdk/src/core/nearCrypto.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/types/actions.js.map +1 -1
- package/dist/cjs/server/sdk/src/core/types/rpc.js +1 -0
- package/dist/cjs/server/sdk/src/core/types/rpc.js.map +1 -1
- package/dist/cjs/server/sdk/src/threshold/participants.js +28 -0
- package/dist/cjs/server/sdk/src/threshold/participants.js.map +1 -0
- package/dist/cjs/server/sdk/src/utils/base64.js +34 -0
- package/dist/cjs/server/sdk/src/utils/base64.js.map +1 -1
- package/dist/cjs/server/sdk/src/utils/digests.js +28 -0
- package/dist/cjs/server/sdk/src/utils/digests.js.map +1 -0
- package/dist/cjs/server/sdk/src/utils/errors.js +18 -0
- package/dist/cjs/server/sdk/src/utils/errors.js.map +1 -1
- package/dist/cjs/server/sdk/src/utils/validation.js +95 -0
- package/dist/cjs/server/sdk/src/utils/validation.js.map +1 -0
- package/dist/cjs/theme/base-styles.js +0 -1
- package/dist/cjs/theme/base-styles.js.map +1 -1
- package/dist/cjs/theme/palette.js +0 -1
- package/dist/cjs/theme/palette.js.map +1 -1
- package/dist/cjs/threshold/participants.js +78 -0
- package/dist/cjs/threshold/participants.js.map +1 -0
- package/dist/cjs/utils/base58.js +12 -15
- package/dist/cjs/utils/base58.js.map +1 -1
- package/dist/cjs/utils/base64.js +32 -20
- package/dist/cjs/utils/base64.js.map +1 -1
- package/dist/cjs/utils/digests.js +28 -0
- package/dist/cjs/utils/digests.js.map +1 -0
- package/dist/cjs/utils/errors.js +0 -10
- package/dist/cjs/utils/errors.js.map +1 -1
- package/dist/cjs/utils/validation.js +102 -9
- package/dist/cjs/utils/validation.js.map +1 -1
- package/dist/esm/core/ChainsigAddressManager/index.js +2 -4
- package/dist/esm/core/ChainsigAddressManager/index.js.map +1 -1
- package/dist/esm/core/EmailRecovery/emailRecoveryPendingStore.js +50 -56
- package/dist/esm/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -1
- package/dist/esm/core/EmailRecovery/index.js +23 -32
- package/dist/esm/core/EmailRecovery/index.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/index.js +88 -89
- package/dist/esm/core/IndexedDBManager/index.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/passkeyClientDB.js +652 -645
- package/dist/esm/core/IndexedDBManager/passkeyClientDB.js.map +1 -1
- package/dist/esm/core/IndexedDBManager/passkeyNearKeysDB.js +224 -150
- package/dist/esm/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -1
- package/dist/esm/core/NearClient.js +10 -8
- package/dist/esm/core/NearClient.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/actions.js +89 -134
- package/dist/esm/core/TatchiPasskey/actions.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/delegateAction.js +7 -6
- package/dist/esm/core/TatchiPasskey/delegateAction.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/emailRecovery.js +875 -850
- package/dist/esm/core/TatchiPasskey/emailRecovery.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/faucets/createAccountRelayServer.js +31 -18
- package/dist/esm/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/index.js +124 -87
- package/dist/esm/core/TatchiPasskey/index.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/linkDevice.js +91 -35
- package/dist/esm/core/TatchiPasskey/linkDevice.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/login.js +378 -193
- package/dist/esm/core/TatchiPasskey/login.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/registration.js +192 -79
- package/dist/esm/core/TatchiPasskey/registration.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/relay.js +1 -2
- package/dist/esm/core/TatchiPasskey/relay.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/scanDevice.js +4 -10
- package/dist/esm/core/TatchiPasskey/scanDevice.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/signNEP413.js +13 -5
- package/dist/esm/core/TatchiPasskey/signNEP413.js.map +1 -1
- package/dist/esm/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/esm/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/esm/core/WalletIframe/client/IframeTransport.js +167 -134
- package/dist/esm/core/WalletIframe/client/IframeTransport.js.map +1 -1
- package/dist/esm/core/WalletIframe/client/on-events-progress-bus.js +5 -6
- package/dist/esm/core/WalletIframe/client/on-events-progress-bus.js.map +1 -1
- package/dist/esm/core/WalletIframe/client/router.js +205 -170
- package/dist/esm/core/WalletIframe/client/router.js.map +1 -1
- package/dist/esm/core/WalletIframe/host-mode.js +4 -0
- package/dist/esm/core/WalletIframe/host-mode.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +4 -14
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/LitElementWithProps.js +22 -18
- package/dist/esm/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/index.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +1 -2
- package/dist/esm/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js +2 -3
- package/dist/esm/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js +2 -6
- package/dist/esm/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/tags.js +1 -26
- package/dist/esm/core/WebAuthnManager/LitComponents/tags.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +2 -7
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +13 -16
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +8 -12
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +9 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +44 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +6 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +1 -2
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +1 -2
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +14 -11
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +1 -0
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +208 -52
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +172 -32
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +4 -10
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +278 -90
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +8 -14
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/index.js +18 -12
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +15 -4
- package/dist/esm/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +2 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +2 -6
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +1 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +1 -10
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +31 -7
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +7 -29
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -2
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +39 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +78 -65
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +1 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +86 -84
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +18 -9
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +9 -6
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +14 -11
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +7 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +37 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +7 -4
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/index.js +37 -3
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +55 -61
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/esm/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/credentialsHelpers.js +19 -21
- package/dist/esm/core/WebAuthnManager/credentialsHelpers.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/index.js +359 -56
- package/dist/esm/core/WebAuthnManager/index.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/esm/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/esm/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/esm/core/WebAuthnManager/touchIdPrompt.js +203 -208
- package/dist/esm/core/WebAuthnManager/touchIdPrompt.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/userHandle.js +1 -4
- package/dist/esm/core/WebAuthnManager/userHandle.js.map +1 -1
- package/dist/esm/core/WebAuthnManager/userPreferences.js +121 -38
- package/dist/esm/core/WebAuthnManager/userPreferences.js.map +1 -1
- package/dist/esm/core/defaultConfigs.js +57 -53
- package/dist/esm/core/defaultConfigs.js.map +1 -1
- package/dist/esm/core/digests/intentDigest.js +95 -0
- package/dist/esm/core/digests/intentDigest.js.map +1 -0
- package/dist/esm/core/nearCrypto.js +2 -23
- package/dist/esm/core/nearCrypto.js.map +1 -1
- package/dist/esm/core/nonceManager.js +7 -16
- package/dist/esm/core/nonceManager.js.map +1 -1
- package/dist/esm/core/rpcCalls.js +264 -23
- package/dist/esm/core/rpcCalls.js.map +1 -1
- package/dist/esm/core/sdkPaths/workers.js +7 -5
- package/dist/esm/core/sdkPaths/workers.js.map +1 -1
- package/dist/esm/core/threshold/thresholdEd25519AuthSession.js +140 -0
- package/dist/esm/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/esm/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/esm/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/esm/core/threshold/thresholdSessionPolicy.js +65 -0
- package/dist/esm/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/esm/core/types/accountIds.js +2 -7
- package/dist/esm/core/types/accountIds.js.map +1 -1
- package/dist/esm/core/types/actions.js +19 -22
- package/dist/esm/core/types/actions.js.map +1 -1
- package/dist/esm/core/types/emailRecovery.js +25 -22
- package/dist/esm/core/types/emailRecovery.js.map +1 -1
- package/dist/esm/core/types/rpc.js +10 -15
- package/dist/esm/core/types/rpc.js.map +1 -1
- package/dist/esm/core/types/sdkSentEvents.js +106 -112
- package/dist/esm/core/types/sdkSentEvents.js.map +1 -1
- package/dist/esm/core/types/signer-worker.js +88 -14
- package/dist/esm/core/types/signer-worker.js.map +1 -1
- package/dist/esm/core/types/vrf-worker.js +4 -8
- package/dist/esm/core/types/vrf-worker.js.map +1 -1
- package/dist/esm/index.js +11 -26
- package/dist/esm/plugins/headers.js +4 -11
- package/dist/esm/plugins/headers.js.map +1 -1
- package/dist/esm/plugins/next.js +21 -11
- package/dist/esm/plugins/next.js.map +1 -1
- package/dist/esm/plugins/plugin-utils.js +2 -7
- package/dist/esm/plugins/plugin-utils.js.map +1 -1
- package/dist/esm/plugins/utils/validation.js +27 -0
- package/dist/esm/plugins/utils/validation.js.map +1 -0
- package/dist/esm/plugins/vite.js +19 -12
- package/dist/esm/plugins/vite.js.map +1 -1
- package/dist/esm/react/build-paths.js.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BCrFe5p3.css +452 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BCrFe5p3.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal2.js +6 -5
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal2.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-CRJrtxDb.css +120 -0
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-CRJrtxDb.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown2.js +3 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown2.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/TransactionSettingsSection.js +37 -3
- package/dist/esm/react/components/AccountMenuButton/TransactionSettingsSection.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-DXFRw8ND.css +77 -0
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-DXFRw8ND.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-DNgbAK_i.css +41 -0
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-DNgbAK_i.css.map +1 -0
- package/dist/esm/react/components/AccountMenuButton/index.js +26 -5
- package/dist/esm/react/components/AccountMenuButton/index.js.map +1 -1
- package/dist/esm/react/components/AccountMenuButton/types.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-qTHAv58Z.css +1011 -0
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-qTHAv58Z.css.map +1 -0
- package/dist/esm/react/components/PasskeyAuthMenu/authMenuTypes.js +2 -2
- package/dist/esm/react/components/PasskeyAuthMenu/authMenuTypes.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/client.js +10 -10
- package/dist/esm/react/components/PasskeyAuthMenu/client.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/mode.js +4 -4
- package/dist/esm/react/components/PasskeyAuthMenu/controller/mode.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js +3 -3
- package/dist/esm/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/controller/useSDKEvents.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/preload.js +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/preload.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/shell.js +52 -13
- package/dist/esm/react/components/PasskeyAuthMenu/shell.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/skeleton.js +5 -3
- package/dist/esm/react/components/PasskeyAuthMenu/skeleton.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/AccountExistsBadge.js.map +1 -1
- package/dist/esm/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js +280 -367
- package/dist/esm/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.js.map +1 -1
- package/dist/esm/react/components/ShowQRCode-CL4gsszN.css +113 -0
- package/dist/esm/react/components/ShowQRCode-CL4gsszN.css.map +1 -0
- package/dist/esm/react/components/ShowQRCode2.js +1 -2
- package/dist/esm/react/components/ShowQRCode2.js.map +1 -1
- package/dist/esm/react/components/theme/ThemeProvider.js +18 -18
- package/dist/esm/react/components/theme/ThemeProvider.js.map +1 -1
- package/dist/esm/react/components/theme/design-tokens.js +1 -1
- package/dist/esm/react/context/tatchiManagerSingleton.js +2 -3
- package/dist/esm/react/context/tatchiManagerSingleton.js.map +1 -1
- package/dist/esm/react/context/useLoginStateRefresher.js +1 -2
- package/dist/esm/react/context/useLoginStateRefresher.js.map +1 -1
- package/dist/esm/react/context/useTatchiContextValue.js +17 -9
- package/dist/esm/react/context/useTatchiContextValue.js.map +1 -1
- package/dist/esm/react/context/useTatchiWithSdkFlow.js +9 -10
- package/dist/esm/react/context/useTatchiWithSdkFlow.js.map +1 -1
- package/dist/esm/react/context/useWalletIframeLifecycle.js +1 -2
- package/dist/esm/react/context/useWalletIframeLifecycle.js.map +1 -1
- package/dist/esm/react/deviceDetection.js +93 -72
- package/dist/esm/react/deviceDetection.js.map +1 -1
- package/dist/esm/react/hooks/useAccountInput.js +1 -2
- package/dist/esm/react/hooks/useAccountInput.js.map +1 -1
- package/dist/esm/react/hooks/useDeviceLinking.js +1 -1
- package/dist/esm/react/hooks/useNearClient.js +2 -3
- package/dist/esm/react/hooks/useNearClient.js.map +1 -1
- package/dist/esm/react/hooks/usePreconnectWalletAssets.js +1 -1
- package/dist/esm/react/hooks/useQRCamera.js +2 -3
- package/dist/esm/react/hooks/useQRCamera.js.map +1 -1
- package/dist/esm/react/hooks/useQRFileUpload.js +1 -1
- package/dist/esm/react/index.js +6 -15
- package/dist/esm/react/src/base-styles.js.map +1 -0
- package/dist/esm/react/src/config.js.map +1 -0
- package/dist/esm/react/src/core/ChainsigAddressManager/index.js +27 -0
- package/dist/esm/react/src/core/ChainsigAddressManager/index.js.map +1 -0
- package/dist/esm/react/src/core/EmailRecovery/emailRecoveryPendingStore.js +57 -0
- package/dist/esm/react/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +1 -0
- package/dist/esm/react/src/core/EmailRecovery/index.js +96 -0
- package/dist/esm/react/src/core/EmailRecovery/index.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/index.js +132 -0
- package/dist/esm/react/src/core/IndexedDBManager/index.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyClientDB.js +685 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyClientDB.js.map +1 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyNearKeysDB.js +259 -0
- package/dist/esm/react/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +1 -0
- package/dist/esm/react/src/core/NearClient.js +273 -0
- package/dist/esm/react/src/core/NearClient.js.map +1 -0
- package/dist/esm/react/src/core/NearRpcError.js.map +1 -0
- package/dist/esm/react/src/core/OfflineExport/overlay.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/actions.js +403 -0
- package/dist/esm/react/src/core/TatchiPasskey/actions.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/delegateAction.js +76 -0
- package/dist/esm/react/src/core/TatchiPasskey/delegateAction.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/emailRecovery.js +933 -0
- package/dist/esm/react/src/core/TatchiPasskey/emailRecovery.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +109 -0
- package/dist/esm/react/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/index.js +1335 -0
- package/dist/esm/react/src/core/TatchiPasskey/index.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/linkDevice.js +766 -0
- package/dist/esm/react/src/core/TatchiPasskey/linkDevice.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/login.js +754 -0
- package/dist/esm/react/src/core/TatchiPasskey/login.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/registration.js +451 -0
- package/dist/esm/react/src/core/TatchiPasskey/registration.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/relay.js +110 -0
- package/dist/esm/react/src/core/TatchiPasskey/relay.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/scanDevice.js +98 -0
- package/dist/esm/react/src/core/TatchiPasskey/scanDevice.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/signNEP413.js +96 -0
- package/dist/esm/react/src/core/TatchiPasskey/signNEP413.js.map +1 -0
- package/dist/esm/react/src/core/TatchiPasskey/syncAccount.js +505 -0
- package/dist/esm/react/src/core/TatchiPasskey/syncAccount.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/IframeTransport.js +362 -0
- package/dist/esm/react/src/core/WalletIframe/client/IframeTransport.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/on-events-progress-bus.js +207 -0
- package/dist/esm/react/src/core/WalletIframe/client/on-events-progress-bus.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/overlay-controller.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/overlay-styles.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/client/router.js +1096 -0
- package/dist/esm/react/src/core/WalletIframe/client/router.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/events.js.map +1 -0
- package/dist/esm/react/src/core/WalletIframe/host-mode.js +13 -0
- package/dist/esm/react/src/core/WalletIframe/host-mode.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +218 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +187 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +245 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +258 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js +499 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +181 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/asset-base.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js +218 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js +19 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/lit-events.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/tags.js +22 -0
- package/dist/esm/react/src/core/WebAuthnManager/LitComponents/tags.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +27 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +67 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +42 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +68 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js +44 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +23 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +42 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +118 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +15 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +258 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +217 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +55 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +299 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +74 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/index.js +457 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +92 -0
- package/dist/esm/react/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +54 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +50 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +30 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +44 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +87 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +17 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +63 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +124 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +148 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +49 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +174 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +127 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +54 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +158 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +79 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +61 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/index.js +408 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +197 -0
- package/dist/esm/react/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js +34 -0
- package/dist/esm/react/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/credentialsHelpers.js +286 -0
- package/dist/esm/react/src/core/WebAuthnManager/credentialsHelpers.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/index.js +1192 -0
- package/dist/esm/react/src/core/WebAuthnManager/index.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js +92 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js +144 -0
- package/dist/esm/react/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/touchIdPrompt.js +265 -0
- package/dist/esm/react/src/core/WebAuthnManager/touchIdPrompt.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/userHandle.js +35 -0
- package/dist/esm/react/src/core/WebAuthnManager/userHandle.js.map +1 -0
- package/dist/esm/react/src/core/WebAuthnManager/userPreferences.js +390 -0
- package/dist/esm/react/src/core/WebAuthnManager/userPreferences.js.map +1 -0
- package/dist/esm/react/src/core/defaultConfigs.js +106 -0
- package/dist/esm/react/src/core/defaultConfigs.js.map +1 -0
- package/dist/esm/react/src/core/digests/intentDigest.js +95 -0
- package/dist/esm/react/src/core/digests/intentDigest.js.map +1 -0
- package/dist/esm/react/src/core/nearCrypto.js +27 -0
- package/dist/esm/react/src/core/nearCrypto.js.map +1 -0
- package/dist/esm/react/src/core/nonceManager.js +393 -0
- package/dist/esm/react/src/core/nonceManager.js.map +1 -0
- package/dist/esm/react/src/core/rpcCalls.js +672 -0
- package/dist/esm/react/src/core/rpcCalls.js.map +1 -0
- package/dist/esm/react/src/core/sdkPaths/base.js.map +1 -0
- package/dist/esm/react/src/core/sdkPaths/workers.js +44 -0
- package/dist/esm/react/src/core/sdkPaths/workers.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519AuthSession.js +140 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519AuthSession.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519RelayerHealth.js +117 -0
- package/dist/esm/react/src/core/threshold/thresholdEd25519RelayerHealth.js.map +1 -0
- package/dist/esm/react/src/core/threshold/thresholdSessionPolicy.js +65 -0
- package/dist/esm/react/src/core/threshold/thresholdSessionPolicy.js.map +1 -0
- package/dist/esm/react/src/core/types/accountIds.js +23 -0
- package/dist/esm/react/src/core/types/accountIds.js.map +1 -0
- package/dist/esm/react/src/core/types/actions.js +260 -0
- package/dist/esm/react/src/core/types/actions.js.map +1 -0
- package/dist/esm/react/src/core/types/authenticatorOptions.js +47 -0
- package/dist/esm/react/src/core/types/authenticatorOptions.js.map +1 -0
- package/dist/esm/react/src/core/types/emailRecovery.js +29 -0
- package/dist/esm/react/src/core/types/emailRecovery.js.map +1 -0
- package/dist/esm/react/src/core/types/linkDevice.js.map +1 -0
- package/dist/esm/react/src/core/types/rpc.js +14 -0
- package/dist/esm/react/src/core/types/rpc.js.map +1 -0
- package/dist/esm/react/src/core/types/sdkSentEvents.js +110 -0
- package/dist/esm/react/src/core/types/sdkSentEvents.js.map +1 -0
- package/dist/esm/react/src/core/types/signer-worker.js +125 -0
- package/dist/esm/react/src/core/types/signer-worker.js.map +1 -0
- package/dist/esm/react/src/core/types/vrf-worker.js +62 -0
- package/dist/esm/react/src/core/types/vrf-worker.js.map +1 -0
- package/dist/esm/react/src/core/workerControlMessages.js.map +1 -0
- package/dist/esm/react/src/theme/base-styles.js.map +1 -0
- package/dist/esm/react/src/theme/palette.js.map +1 -0
- package/dist/esm/react/src/threshold/participants.js +76 -0
- package/dist/esm/react/src/threshold/participants.js.map +1 -0
- package/dist/esm/react/src/utils/base58.js +19 -0
- package/dist/esm/react/src/utils/base58.js.map +1 -0
- package/dist/esm/react/src/utils/base64.js +67 -0
- package/dist/esm/react/src/utils/base64.js.map +1 -0
- package/dist/esm/react/src/utils/digests.js +26 -0
- package/dist/esm/react/src/utils/digests.js.map +1 -0
- package/dist/esm/react/src/utils/errors.js +136 -0
- package/dist/esm/react/src/utils/errors.js.map +1 -0
- package/dist/esm/react/src/utils/qrScanner.js.map +1 -0
- package/dist/esm/react/src/utils/validation.js +144 -0
- package/dist/esm/react/src/utils/validation.js.map +1 -0
- package/dist/esm/react/styles/styles.css +2 -0
- package/dist/esm/sdk/EmailRecovery-Y7rurd4B.js +9 -0
- package/dist/esm/sdk/EmailRecovery-lsjLWApQ.js +147 -0
- package/dist/esm/sdk/HaloBorder-DYOOQFjI.js +1116 -0
- package/dist/esm/sdk/IndexedDBManager-CmdN7smS.js +1351 -0
- package/dist/esm/sdk/accountIds-DVDhXwVA.js +15 -0
- package/dist/esm/sdk/actions-fHadejPs.js +250 -0
- package/dist/esm/sdk/base64-dqpWgddX.js +66 -0
- package/dist/esm/sdk/browser-CH0Ca-MX.js +2443 -0
- package/dist/esm/sdk/chunk-DitdNFGZ.js +28 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js +1404 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js.map +1 -0
- package/dist/esm/sdk/collectAuthenticationCredentialForVrfChallenge-DqzPzwvU.js +138 -0
- package/dist/esm/sdk/config-BbNXtVtu.js +100 -0
- package/dist/esm/sdk/createAdapters-4c8mBiD5.js +3758 -0
- package/dist/esm/sdk/createAdapters-4c8mBiD5.js.map +1 -0
- package/dist/esm/sdk/createAdapters-DF32SIZa.js +515 -0
- package/dist/esm/sdk/css-loader-CAIkFQ3i.js +1143 -0
- package/dist/esm/sdk/css-loader-DWW-_Vli.js +1191 -0
- package/dist/esm/sdk/css-loader-DWW-_Vli.js.map +1 -0
- package/dist/esm/sdk/defaultConfigs-BQqiXif-.js +105 -0
- package/dist/esm/sdk/delegateAction-DdkvFFKA.js +76 -0
- package/dist/esm/sdk/emailRecovery-C0LSDleV.js +963 -0
- package/dist/esm/sdk/errors-DevlT39D.js +135 -0
- package/dist/esm/sdk/events-D2g80q67.js +8 -0
- package/dist/esm/sdk/export-private-key-viewer.js +22 -17
- package/dist/esm/sdk/getDeviceNumber-WiNzKx1x.js +601 -0
- package/dist/esm/sdk/getDeviceNumber-WiNzKx1x.js.map +1 -0
- package/dist/esm/sdk/getDeviceNumber-y3mMtky6.js +26 -0
- package/dist/esm/sdk/halo-border.js +1 -1
- package/dist/esm/sdk/host-mode-BIUqo9hg.js +44 -0
- package/dist/esm/sdk/host-mode-CgqmYAwZ.js +13 -0
- package/dist/esm/sdk/host-mode-CgqmYAwZ.js.map +1 -0
- package/dist/esm/sdk/iframe-export-bootstrap.js +3 -4
- package/dist/esm/sdk/iframe-host-BVt1hvOt.js +213 -0
- package/dist/esm/sdk/iframe-host-d_rrsoyL.js +212 -0
- package/dist/esm/sdk/iframe-host-d_rrsoyL.js.map +1 -0
- package/dist/esm/sdk/intentDigest-yivVENNK.js +117 -0
- package/dist/esm/sdk/linkDevice-Ds1GNIDk.js +772 -0
- package/dist/esm/sdk/localOnly-COpDBMkm.js +133 -0
- package/dist/esm/sdk/localOnly-COpDBMkm.js.map +1 -0
- package/dist/esm/sdk/localOnly-DQQuqgjJ.js +129 -0
- package/dist/esm/sdk/login-BKhTuGcy.js +1540 -0
- package/dist/esm/sdk/offline-export-app.js +2369 -1065
- package/dist/esm/sdk/offline-export-app.js.map +1 -1
- package/dist/esm/sdk/overlay-Ci2FOQKE.js +433 -0
- package/dist/esm/sdk/passkey-halo-loading.js +1 -1
- package/dist/esm/sdk/registration-BR2G9tz_.js +156 -0
- package/dist/esm/sdk/registration-R70lvG_o.js +145 -0
- package/dist/esm/sdk/registration-R70lvG_o.js.map +1 -0
- package/dist/esm/sdk/relay-Dq9D7fhG.js +109 -0
- package/dist/esm/sdk/router-2aGn-CTp.js +1868 -0
- package/dist/esm/sdk/rpc-Dq3ioE9T.js +13 -0
- package/dist/esm/sdk/rpcCalls-BPI0icZG.js +12 -0
- package/dist/esm/sdk/rpcCalls-BW3M_q3-.js +671 -0
- package/dist/esm/sdk/safari-fallbacks-BcMFntiP.js +480 -0
- package/dist/esm/sdk/scanDevice-BBSehlMx.js +109 -0
- package/dist/esm/sdk/sdkSentEvents-CzAZBFjP.js +109 -0
- package/dist/esm/sdk/signNEP413-DsyWH_Jo.js +95 -0
- package/dist/esm/sdk/signer-worker-DK847sXj.js +473 -0
- package/dist/esm/sdk/syncAccount-DEZHBiRa.js +16 -0
- package/dist/esm/sdk/syncAccount-DHKtl-xh.js +533 -0
- package/dist/esm/sdk/tags-ByzxP7Cc.js +22 -0
- package/dist/esm/sdk/touchIdPrompt-JPhrOx8o.js +263 -0
- package/dist/esm/sdk/transactions-Cg1TIUyK.js +182 -0
- package/dist/esm/sdk/transactions-CxsklyCK.js +169 -0
- package/dist/esm/sdk/transactions-CxsklyCK.js.map +1 -0
- package/dist/esm/sdk/tx-confirm-ui.js +58 -45
- package/dist/esm/sdk/tx-confirmer-wrapper-DWKpXTUW.js +3248 -0
- package/dist/esm/sdk/validation-BTq6LGPp.js +143 -0
- package/dist/esm/sdk/validation-hUZgySTx.js +108 -0
- package/dist/esm/sdk/validation-hUZgySTx.js.map +1 -0
- package/dist/esm/sdk/vrf-worker-BzQsJ5BW.js +61 -0
- package/dist/esm/sdk/w3a-components.css +0 -3
- package/dist/esm/sdk/w3a-tx-confirmer.js +9 -10
- package/dist/esm/sdk/wallet-iframe-host.js +6568 -10203
- package/dist/esm/server/core/AuthService.js +186 -64
- package/dist/esm/server/core/AuthService.js.map +1 -1
- package/dist/esm/server/core/SessionService.js.map +1 -1
- package/dist/esm/server/core/ShamirService.js +1 -1
- package/dist/esm/server/core/ShamirService.js.map +1 -1
- package/dist/esm/server/core/ThresholdService/ThresholdSigningService.js +976 -0
- package/dist/esm/server/core/ThresholdService/ThresholdSigningService.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/config.js +96 -0
- package/dist/esm/server/core/ThresholdService/config.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/coordinatorGrant.js +200 -0
- package/dist/esm/server/core/ThresholdService/coordinatorGrant.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/cosigners.js +278 -0
- package/dist/esm/server/core/ThresholdService/cosigners.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/createThresholdSigningService.js +98 -0
- package/dist/esm/server/core/ThresholdService/createThresholdSigningService.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/keygenStrategy.js +114 -0
- package/dist/esm/server/core/ThresholdService/keygenStrategy.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/kv.js +335 -0
- package/dist/esm/server/core/ThresholdService/kv.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/relayerKeyMaterial.js +65 -0
- package/dist/esm/server/core/ThresholdService/relayerKeyMaterial.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/signingHandlers.js +1177 -0
- package/dist/esm/server/core/ThresholdService/signingHandlers.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/AuthSessionStore.js +258 -0
- package/dist/esm/server/core/ThresholdService/stores/AuthSessionStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/KeyStore.js +136 -0
- package/dist/esm/server/core/ThresholdService/stores/KeyStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/stores/SessionStore.js +228 -0
- package/dist/esm/server/core/ThresholdService/stores/SessionStore.js.map +1 -0
- package/dist/esm/server/core/ThresholdService/validation.js +544 -0
- package/dist/esm/server/core/ThresholdService/validation.js.map +1 -0
- package/dist/esm/server/core/config.js +26 -18
- package/dist/esm/server/core/config.js.map +1 -1
- package/dist/esm/server/core/errors.js +3 -1
- package/dist/esm/server/core/errors.js.map +1 -1
- package/dist/esm/server/core/logger.js +2 -1
- package/dist/esm/server/core/logger.js.map +1 -1
- package/dist/esm/server/core/nearKeys.js +13 -0
- package/dist/esm/server/core/nearKeys.js.map +1 -0
- package/dist/esm/server/core/shamirHandlers.js +1 -1
- package/dist/esm/server/core/shamirHandlers.js.map +1 -1
- package/dist/esm/server/core/shamirWorker.js +94 -0
- package/dist/esm/server/core/shamirWorker.js.map +1 -1
- package/dist/esm/server/core/utils.js +1 -1
- package/dist/esm/server/core/utils.js.map +1 -1
- package/dist/esm/server/delegateAction/index.js.map +1 -1
- package/dist/esm/server/email-recovery/emailEncryptor.js +1 -1
- package/dist/esm/server/email-recovery/emailParsers.js +4 -4
- package/dist/esm/server/email-recovery/emailParsers.js.map +1 -1
- package/dist/esm/server/email-recovery/index.js +11 -6
- package/dist/esm/server/email-recovery/index.js.map +1 -1
- package/dist/esm/server/email-recovery/rpcCalls.js +2 -4
- package/dist/esm/server/email-recovery/rpcCalls.js.map +1 -1
- package/dist/esm/server/email-recovery/zkEmail/proverClient.js +3 -4
- package/dist/esm/server/email-recovery/zkEmail/proverClient.js.map +1 -1
- package/dist/esm/server/index.js +5 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js +243 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/curve.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js +400 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/edwards.js.map +1 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js +367 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/abstract/modular.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js +53 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/ed25519.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js +32 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_curves@2.0.1/node_modules/@noble/curves/utils.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js +20 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_md.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js +51 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/_u64.js.map +1 -0
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js +224 -2
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/sha2.js.map +1 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js +17 -1
- package/dist/esm/server/node_modules/.pnpm/@noble_hashes@2.0.1/node_modules/@noble/hashes/utils.js.map +1 -1
- package/dist/esm/server/router/cloudflare.js +1117 -684
- package/dist/esm/server/router/cloudflare.js.map +1 -1
- package/dist/esm/server/router/express.js +812 -350
- package/dist/esm/server/router/express.js.map +1 -1
- package/dist/esm/server/sdk/src/core/NearClient.js +8 -1
- package/dist/esm/server/sdk/src/core/NearClient.js.map +1 -1
- package/dist/esm/server/sdk/src/core/defaultConfigs.js +5 -1
- package/dist/esm/server/sdk/src/core/defaultConfigs.js.map +1 -1
- package/dist/esm/server/sdk/src/core/nearCrypto.js +2 -34
- package/dist/esm/server/sdk/src/core/nearCrypto.js.map +1 -1
- package/dist/esm/server/sdk/src/core/types/actions.js.map +1 -1
- package/dist/esm/server/sdk/src/core/types/rpc.js +1 -0
- package/dist/esm/server/sdk/src/core/types/rpc.js.map +1 -1
- package/dist/esm/server/sdk/src/threshold/participants.js +27 -0
- package/dist/esm/server/sdk/src/threshold/participants.js.map +1 -0
- package/dist/esm/server/sdk/src/utils/base64.js +33 -1
- package/dist/esm/server/sdk/src/utils/base64.js.map +1 -1
- package/dist/esm/server/sdk/src/utils/digests.js +26 -0
- package/dist/esm/server/sdk/src/utils/digests.js.map +1 -0
- package/dist/esm/server/sdk/src/utils/errors.js +18 -1
- package/dist/esm/server/sdk/src/utils/errors.js.map +1 -1
- package/dist/esm/server/sdk/src/utils/validation.js +84 -0
- package/dist/esm/server/sdk/src/utils/validation.js.map +1 -0
- package/dist/esm/threshold/participants.js +76 -0
- package/dist/esm/threshold/participants.js.map +1 -0
- package/dist/esm/utils/base58.js +13 -11
- package/dist/esm/utils/base58.js.map +1 -1
- package/dist/esm/utils/base64.js +33 -16
- package/dist/esm/utils/base64.js.map +1 -1
- package/dist/esm/utils/digests.js +26 -0
- package/dist/esm/utils/digests.js.map +1 -0
- package/dist/esm/utils/errors.js +1 -5
- package/dist/esm/utils/errors.js.map +1 -1
- package/dist/esm/utils/validation.js +88 -5
- package/dist/esm/utils/validation.js.map +1 -1
- package/dist/esm/wasm_signer_worker/pkg/wasm_signer_worker.js +381 -225
- package/dist/esm/wasm_signer_worker/pkg/wasm_signer_worker_bg.wasm +0 -0
- package/dist/esm/wasm_vrf_worker/pkg/wasm_vrf_worker.js +103 -11
- package/dist/esm/wasm_vrf_worker/pkg/wasm_vrf_worker_bg.wasm +0 -0
- package/dist/types/src/__tests__/e2e/thresholdEd25519.testUtils.d.ts +25 -0
- package/dist/types/src/__tests__/e2e/thresholdEd25519.testUtils.d.ts.map +1 -0
- package/dist/types/src/__tests__/helpers/thresholdEd25519TestUtils.d.ts +23 -0
- package/dist/types/src/__tests__/helpers/thresholdEd25519TestUtils.d.ts.map +1 -0
- package/dist/types/src/__tests__/relayer/helpers.d.ts +1 -0
- package/dist/types/src/__tests__/relayer/helpers.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/bootstrap.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/flows.d.ts +11 -3
- package/dist/types/src/__tests__/setup/flows.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/index.d.ts +1 -1
- package/dist/types/src/__tests__/setup/index.d.ts.map +1 -1
- package/dist/types/src/__tests__/setup/webauthn-mocks.d.ts.map +1 -1
- package/dist/types/src/core/EmailRecovery/emailRecoveryPendingStore.d.ts +1 -1
- package/dist/types/src/core/EmailRecovery/emailRecoveryPendingStore.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/index.d.ts +3 -3
- package/dist/types/src/core/IndexedDBManager/index.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/passkeyClientDB.d.ts +11 -2
- package/dist/types/src/core/IndexedDBManager/passkeyClientDB.d.ts.map +1 -1
- package/dist/types/src/core/IndexedDBManager/passkeyNearKeysDB.d.ts +33 -16
- package/dist/types/src/core/IndexedDBManager/passkeyNearKeysDB.d.ts.map +1 -1
- package/dist/types/src/core/NearClient.d.ts +2 -0
- package/dist/types/src/core/NearClient.d.ts.map +1 -1
- package/dist/types/src/core/OfflineExport/offline-export-app.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/actions.d.ts +10 -7
- package/dist/types/src/core/TatchiPasskey/actions.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/delegateAction.d.ts +1 -1
- package/dist/types/src/core/TatchiPasskey/delegateAction.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/emailRecovery.d.ts +3 -35
- package/dist/types/src/core/TatchiPasskey/emailRecovery.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/faucets/createAccountRelayServer.d.ts +22 -6
- package/dist/types/src/core/TatchiPasskey/faucets/createAccountRelayServer.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/index.d.ts +66 -33
- package/dist/types/src/core/TatchiPasskey/index.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/linkDevice.d.ts +1 -0
- package/dist/types/src/core/TatchiPasskey/linkDevice.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/login.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/registration.d.ts +1 -1
- package/dist/types/src/core/TatchiPasskey/registration.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/signNEP413.d.ts +3 -1
- package/dist/types/src/core/TatchiPasskey/signNEP413.d.ts.map +1 -1
- package/dist/types/src/core/TatchiPasskey/syncAccount.d.ts +112 -0
- package/dist/types/src/core/TatchiPasskey/syncAccount.d.ts.map +1 -0
- package/dist/types/src/core/WalletIframe/TatchiPasskeyIframe.d.ts +39 -15
- package/dist/types/src/core/WalletIframe/TatchiPasskeyIframe.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/client/IframeTransport.d.ts +11 -0
- package/dist/types/src/core/WalletIframe/client/IframeTransport.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/client/router.d.ts +66 -72
- package/dist/types/src/core/WalletIframe/client/router.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/context.d.ts +2 -2
- package/dist/types/src/core/WalletIframe/host/context.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/iframe-lit-elem-mounter.d.ts +41 -20
- package/dist/types/src/core/WalletIframe/host/iframe-lit-elem-mounter.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/iframe-lit-element-registry.d.ts +0 -34
- package/dist/types/src/core/WalletIframe/host/iframe-lit-element-registry.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/mounter-styles.d.ts +1 -1
- package/dist/types/src/core/WalletIframe/host/mounter-styles.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-handlers.d.ts +1 -2
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-handlers.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host/wallet-iframe-host.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/host-mode.d.ts.map +1 -1
- package/dist/types/src/core/WalletIframe/shared/messages.d.ts +78 -10
- package/dist/types/src/core/WalletIframe/shared/messages.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/LitElementWithProps.d.ts +5 -3
- package/dist/types/src/core/WebAuthnManager/LitComponents/LitElementWithProps.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/ensure-defined.d.ts +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/ensure-defined.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/tags.d.ts +0 -52
- package/dist/types/src/core/WebAuthnManager/LitComponents/tags.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.d.ts +13 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/index.d.ts +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.d.ts +11 -5
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.d.ts +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.d.ts +3 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.d.ts +2 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.d.ts +5 -5
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/index.d.ts +19 -4
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.d.ts +6 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/thresholdSessionHelpers.d.ts +1 -0
- package/dist/types/src/core/WebAuthnManager/SignerWorkerManager/thresholdSessionHelpers.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/interfaces.d.ts +3 -3
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/interfaces.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.d.ts +2 -7
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.d.ts +9 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.d.ts +17 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.d.ts +2 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/index.d.ts +9 -2
- package/dist/types/src/core/WebAuthnManager/VrfWorkerManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.d.ts +22 -0
- package/dist/types/src/core/WebAuthnManager/collectAuthenticationCredentialForVrfChallenge.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/credentialsHelpers.d.ts +8 -3
- package/dist/types/src/core/WebAuthnManager/credentialsHelpers.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/index.d.ts +119 -15
- package/dist/types/src/core/WebAuthnManager/index.d.ts.map +1 -1
- package/dist/types/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.d.ts +46 -0
- package/dist/types/src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.d.ts +48 -0
- package/dist/types/src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.d.ts.map +1 -0
- package/dist/types/src/core/WebAuthnManager/userPreferences.d.ts +36 -1
- package/dist/types/src/core/WebAuthnManager/userPreferences.d.ts.map +1 -1
- package/dist/types/src/core/defaultConfigs.d.ts +5 -0
- package/dist/types/src/core/defaultConfigs.d.ts.map +1 -1
- package/dist/types/src/core/digests/intentDigest.d.ts +19 -0
- package/dist/types/src/core/digests/intentDigest.d.ts.map +1 -0
- package/dist/types/src/core/nearCrypto.d.ts +2 -16
- package/dist/types/src/core/nearCrypto.d.ts.map +1 -1
- package/dist/types/src/core/nonceManager.d.ts.map +1 -1
- package/dist/types/src/core/rpcCalls.d.ts +64 -2
- package/dist/types/src/core/rpcCalls.d.ts.map +1 -1
- package/dist/types/src/core/sdkPaths/workers.d.ts +1 -1
- package/dist/types/src/core/sdkPaths/workers.d.ts.map +1 -1
- package/dist/types/src/core/threshold/index.d.ts +1 -0
- package/dist/types/src/core/threshold/index.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdEd25519AuthSession.d.ts +42 -0
- package/dist/types/src/core/threshold/thresholdEd25519AuthSession.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdEd25519RelayerHealth.d.ts +31 -0
- package/dist/types/src/core/threshold/thresholdEd25519RelayerHealth.d.ts.map +1 -0
- package/dist/types/src/core/threshold/thresholdSessionPolicy.d.ts +45 -0
- package/dist/types/src/core/threshold/thresholdSessionPolicy.d.ts.map +1 -0
- package/dist/types/src/core/types/delegate.d.ts +5 -2
- package/dist/types/src/core/types/delegate.d.ts.map +1 -1
- package/dist/types/src/core/types/emailRecovery.d.ts +82 -0
- package/dist/types/src/core/types/emailRecovery.d.ts.map +1 -1
- package/dist/types/src/core/types/rpc.d.ts +1 -0
- package/dist/types/src/core/types/rpc.d.ts.map +1 -1
- package/dist/types/src/core/types/sdkSentEvents.d.ts +82 -30
- package/dist/types/src/core/types/sdkSentEvents.d.ts.map +1 -1
- package/dist/types/src/core/types/signer-worker.d.ts +137 -20
- package/dist/types/src/core/types/signer-worker.d.ts.map +1 -1
- package/dist/types/src/core/types/tatchi.d.ts +10 -1
- package/dist/types/src/core/types/tatchi.d.ts.map +1 -1
- package/dist/types/src/core/types/vrf-worker.d.ts +27 -1
- package/dist/types/src/core/types/vrf-worker.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +2 -2
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/plugins/headers.d.ts.map +1 -1
- package/dist/types/src/plugins/plugin-utils.d.ts +1 -1
- package/dist/types/src/plugins/plugin-utils.d.ts.map +1 -1
- package/dist/types/src/plugins/vite.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/LinkedDevicesModal.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/ProfileDropdown.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/TransactionSettingsSection.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/index.d.ts.map +1 -1
- package/dist/types/src/react/components/AccountMenuButton/types.d.ts +5 -0
- package/dist/types/src/react/components/AccountMenuButton/types.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/authMenuTypes.d.ts +4 -4
- package/dist/types/src/react/components/PasskeyAuthMenu/authMenuTypes.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/client.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.d.ts +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/usePasskeyAuthMenuController.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/controller/useSDKEvents.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/preload.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/shell.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/skeleton.d.ts +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/skeleton.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/types.d.ts +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/types.d.ts.map +1 -1
- package/dist/types/src/react/components/PasskeyAuthMenu/ui/EmailRecoverySlide.d.ts.map +1 -1
- package/dist/types/src/react/context/useTatchiWithSdkFlow.d.ts +2 -2
- package/dist/types/src/react/context/useTatchiWithSdkFlow.d.ts.map +1 -1
- package/dist/types/src/react/index.d.ts +2 -4
- package/dist/types/src/react/index.d.ts.map +1 -1
- package/dist/types/src/react/types.d.ts +8 -25
- package/dist/types/src/react/types.d.ts.map +1 -1
- package/dist/types/src/server/core/AuthService.d.ts +14 -2
- package/dist/types/src/server/core/AuthService.d.ts.map +1 -1
- package/dist/types/src/server/core/SessionService.d.ts +3 -3
- package/dist/types/src/server/core/SessionService.d.ts.map +1 -1
- package/dist/types/src/server/core/ThresholdService/ThresholdSigningService.d.ts +91 -0
- package/dist/types/src/server/core/ThresholdService/ThresholdSigningService.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/config.d.ts +21 -0
- package/dist/types/src/server/core/ThresholdService/config.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/coordinatorGrant.d.ts +35 -0
- package/dist/types/src/server/core/ThresholdService/coordinatorGrant.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/cosigners.d.ts +47 -0
- package/dist/types/src/server/core/ThresholdService/cosigners.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/createThresholdSigningService.d.ts +11 -0
- package/dist/types/src/server/core/ThresholdService/createThresholdSigningService.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/index.d.ts +6 -0
- package/dist/types/src/server/core/ThresholdService/index.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/keygenStrategy.d.ts +79 -0
- package/dist/types/src/server/core/ThresholdService/keygenStrategy.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/kv.d.ts +47 -0
- package/dist/types/src/server/core/ThresholdService/kv.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/relayerKeyMaterial.d.ts +27 -0
- package/dist/types/src/server/core/ThresholdService/relayerKeyMaterial.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/signingHandlers.d.ts +66 -0
- package/dist/types/src/server/core/ThresholdService/signingHandlers.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/AuthSessionStore.d.ts +32 -0
- package/dist/types/src/server/core/ThresholdService/stores/AuthSessionStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/KeyStore.d.ts +18 -0
- package/dist/types/src/server/core/ThresholdService/stores/KeyStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/stores/SessionStore.d.ts +66 -0
- package/dist/types/src/server/core/ThresholdService/stores/SessionStore.d.ts.map +1 -0
- package/dist/types/src/server/core/ThresholdService/validation.d.ts +129 -0
- package/dist/types/src/server/core/ThresholdService/validation.d.ts.map +1 -0
- package/dist/types/src/server/core/config.d.ts.map +1 -1
- package/dist/types/src/server/core/errors.d.ts.map +1 -1
- package/dist/types/src/server/core/logger.d.ts +1 -0
- package/dist/types/src/server/core/logger.d.ts.map +1 -1
- package/dist/types/src/server/core/nearKeys.d.ts +2 -0
- package/dist/types/src/server/core/nearKeys.d.ts.map +1 -0
- package/dist/types/src/server/core/shamirWorker.d.ts.map +1 -1
- package/dist/types/src/server/core/types.d.ts +321 -1
- package/dist/types/src/server/core/types.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/emailParsers.d.ts +1 -1
- package/dist/types/src/server/email-recovery/emailParsers.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/index.d.ts +1 -1
- package/dist/types/src/server/email-recovery/index.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/rpcCalls.d.ts +1 -1
- package/dist/types/src/server/email-recovery/rpcCalls.d.ts.map +1 -1
- package/dist/types/src/server/email-recovery/zkEmail/proverClient.d.ts.map +1 -1
- package/dist/types/src/server/index.d.ts +2 -0
- package/dist/types/src/server/index.d.ts.map +1 -1
- package/dist/types/src/server/router/cloudflare/createCloudflareRouter.d.ts +22 -0
- package/dist/types/src/server/router/cloudflare/createCloudflareRouter.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/cron.d.ts +18 -0
- package/dist/types/src/server/router/cloudflare/cron.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/email.d.ts +22 -0
- package/dist/types/src/server/router/cloudflare/email.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/http.d.ts +12 -0
- package/dist/types/src/server/router/cloudflare/http.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/createAccountAndRegisterUser.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/createAccountAndRegisterUser.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/health.d.ts +4 -0
- package/dist/types/src/server/router/cloudflare/routes/health.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/recoverEmail.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/recoverEmail.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/sessions.d.ts +5 -0
- package/dist/types/src/server/router/cloudflare/routes/sessions.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/shamir.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/shamir.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/signedDelegate.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/signedDelegate.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/thresholdEd25519.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/thresholdEd25519.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/verifyAuthenticationResponse.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/verifyAuthenticationResponse.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/routes/wellKnown.d.ts +3 -0
- package/dist/types/src/server/router/cloudflare/routes/wellKnown.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare/types.d.ts +49 -0
- package/dist/types/src/server/router/cloudflare/types.d.ts.map +1 -0
- package/dist/types/src/server/router/cloudflare-adaptor.d.ts +7 -106
- package/dist/types/src/server/router/cloudflare-adaptor.d.ts.map +1 -1
- package/dist/types/src/server/router/commonRouterUtils.d.ts +26 -0
- package/dist/types/src/server/router/commonRouterUtils.d.ts.map +1 -0
- package/dist/types/src/server/router/express/cors.d.ts +4 -0
- package/dist/types/src/server/router/express/cors.d.ts.map +1 -0
- package/dist/types/src/server/router/express/createRelayRouter.d.ts +16 -0
- package/dist/types/src/server/router/express/createRelayRouter.d.ts.map +1 -0
- package/dist/types/src/server/router/express/cron.d.ts +12 -0
- package/dist/types/src/server/router/express/cron.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/createAccountAndRegisterUser.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/createAccountAndRegisterUser.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/health.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/health.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/recoverEmail.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/recoverEmail.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/sessions.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/sessions.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/shamir.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/shamir.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/signedDelegate.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/signedDelegate.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/thresholdEd25519.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/thresholdEd25519.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/verifyAuthenticationResponse.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/verifyAuthenticationResponse.d.ts.map +1 -0
- package/dist/types/src/server/router/express/routes/wellKnown.d.ts +4 -0
- package/dist/types/src/server/router/express/routes/wellKnown.d.ts.map +1 -0
- package/dist/types/src/server/router/express-adaptor.d.ts +4 -54
- package/dist/types/src/server/router/express-adaptor.d.ts.map +1 -1
- package/dist/types/src/server/router/logger.d.ts +3 -2
- package/dist/types/src/server/router/logger.d.ts.map +1 -1
- package/dist/types/src/server/router/relay.d.ts +93 -0
- package/dist/types/src/server/router/relay.d.ts.map +1 -0
- package/dist/types/src/server/router/routerOptions.d.ts +4 -0
- package/dist/types/src/server/router/routerOptions.d.ts.map +1 -0
- package/dist/types/src/server/threshold/statusCodes.d.ts +6 -0
- package/dist/types/src/server/threshold/statusCodes.d.ts.map +1 -0
- package/dist/types/src/threshold/participants.d.ts +41 -0
- package/dist/types/src/threshold/participants.d.ts.map +1 -0
- package/dist/types/src/utils/digests.d.ts +3 -0
- package/dist/types/src/utils/digests.d.ts.map +1 -0
- package/dist/types/src/utils/index.d.ts +1 -0
- package/dist/types/src/utils/index.d.ts.map +1 -1
- package/dist/types/src/utils/validation.d.ts +60 -0
- package/dist/types/src/utils/validation.d.ts.map +1 -1
- package/dist/types/src/wasm_signer_worker/pkg/wasm_signer_worker.d.ts +182 -79
- package/dist/types/src/wasm_signer_worker/pkg/wasm_signer_worker.d.ts.map +1 -1
- package/dist/types/src/wasm_vrf_worker/pkg/wasm_vrf_worker.d.ts +45 -1
- package/dist/types/src/wasm_vrf_worker/pkg/wasm_vrf_worker.d.ts.map +1 -1
- package/dist/workers/wasm_signer_worker_bg.wasm +0 -0
- package/dist/workers/wasm_vrf_worker_bg.wasm +0 -0
- package/dist/workers/web3authn-signer.worker.js +83 -47
- package/dist/workers/web3authn-vrf.worker.js +82 -13
- package/package.json +3 -8
- package/dist/cjs/core/TatchiPasskey/recoverAccount.js +0 -429
- package/dist/cjs/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/cjs/core/WalletIframe/validation.js +0 -67
- package/dist/cjs/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -363
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -707
- package/dist/cjs/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -30
- package/dist/cjs/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -17
- package/dist/cjs/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/cjs/core/WebAuthnManager/txDigest.js +0 -85
- package/dist/cjs/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/cjs/index.js.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css +0 -452
- package/dist/cjs/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css +0 -120
- package/dist/cjs/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css +0 -77
- package/dist/cjs/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css.map +0 -1
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css +0 -41
- package/dist/cjs/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css.map +0 -1
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css +0 -1009
- package/dist/cjs/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css.map +0 -1
- package/dist/cjs/react/components/SendTxButtonWithTooltip.js +0 -218
- package/dist/cjs/react/components/SendTxButtonWithTooltip.js.map +0 -1
- package/dist/cjs/react/components/ShowQRCode-CB0UCQ_h.css +0 -113
- package/dist/cjs/react/components/ShowQRCode-CB0UCQ_h.css.map +0 -1
- package/dist/cjs/react/components/WalletIframeTxButtonHost.js +0 -177
- package/dist/cjs/react/components/WalletIframeTxButtonHost.js.map +0 -1
- package/dist/cjs/react/index.js.map +0 -1
- package/dist/cjs/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/node/create-component.js +0 -32
- package/dist/cjs/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/node/create-component.js.map +0 -1
- package/dist/cjs/react/sdk/build-paths.js +0 -55
- package/dist/cjs/react/sdk/build-paths.js.map +0 -1
- package/dist/cjs/react/sdk/src/base-styles.js +0 -21
- package/dist/cjs/react/sdk/src/base-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/config.js +0 -35
- package/dist/cjs/react/sdk/src/config.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/ChainsigAddressManager/index.js +0 -30
- package/dist/cjs/react/sdk/src/core/ChainsigAddressManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js +0 -69
- package/dist/cjs/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/EmailRecovery/index.js +0 -115
- package/dist/cjs/react/sdk/src/core/EmailRecovery/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/index.js +0 -140
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js +0 -685
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js +0 -192
- package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/NearClient.js +0 -273
- package/dist/cjs/react/sdk/src/core/NearClient.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/NearRpcError.js +0 -116
- package/dist/cjs/react/sdk/src/core/NearRpcError.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/OfflineExport/overlay.js +0 -56
- package/dist/cjs/react/sdk/src/core/OfflineExport/overlay.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/actions.js +0 -452
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/actions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/delegateAction.js +0 -76
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/delegateAction.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/emailRecovery.js +0 -919
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/emailRecovery.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +0 -97
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/index.js +0 -1298
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/linkDevice.js +0 -711
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/linkDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/login.js +0 -578
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/login.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/recoverAccount.js +0 -429
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/registration.js +0 -340
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/registration.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/relay.js +0 -112
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/relay.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/scanDevice.js +0 -106
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/scanDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/signNEP413.js +0 -89
- package/dist/cjs/react/sdk/src/core/TatchiPasskey/signNEP413.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/IframeTransport.js +0 -330
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/IframeTransport.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js +0 -210
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-controller.js +0 -100
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-controller.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-styles.js +0 -128
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/overlay-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/router.js +0 -1062
- package/dist/cjs/react/sdk/src/core/WalletIframe/client/router.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/events.js +0 -11
- package/dist/cjs/react/sdk/src/core/WalletIframe/events.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/host-mode.js +0 -11
- package/dist/cjs/react/sdk/src/core/WalletIframe/host-mode.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WalletIframe/validation.js +0 -71
- package/dist/cjs/react/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js +0 -660
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +0 -223
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js +0 -135
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -363
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -707
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -190
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +0 -258
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +0 -261
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +0 -281
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +0 -256
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +0 -146
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js +0 -503
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -212
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +0 -183
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js +0 -46
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +0 -55
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js +0 -68
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -10
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js +0 -221
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -110
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js +0 -24
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js +0 -35
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js +0 -66
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -39
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +0 -71
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +0 -49
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +0 -73
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +0 -69
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -46
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +0 -118
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +0 -16
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +0 -105
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +0 -80
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +0 -64
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +0 -114
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +0 -82
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js +0 -452
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -36
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +0 -83
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +0 -61
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -50
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +0 -56
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +0 -34
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -47
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +0 -54
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -77
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +0 -64
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +0 -40
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -66
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +0 -90
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +0 -136
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -52
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +0 -173
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +0 -119
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -22
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +0 -52
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -33
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -31
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -50
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +0 -156
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -30
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +0 -59
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -27
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +0 -48
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +0 -59
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -45
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -54
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -31
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -28
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -30
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -42
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js +0 -375
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -26
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -17
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +0 -210
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js +0 -301
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/index.js +0 -890
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js +0 -282
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/txDigest.js +0 -85
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userHandle.js +0 -39
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userHandle.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userPreferences.js +0 -308
- package/dist/cjs/react/sdk/src/core/WebAuthnManager/userPreferences.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/defaultConfigs.js +0 -110
- package/dist/cjs/react/sdk/src/core/defaultConfigs.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/nearCrypto.js +0 -57
- package/dist/cjs/react/sdk/src/core/nearCrypto.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/nonceManager.js +0 -403
- package/dist/cjs/react/sdk/src/core/nonceManager.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/rpcCalls.js +0 -446
- package/dist/cjs/react/sdk/src/core/rpcCalls.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/sdkPaths/base.js +0 -49
- package/dist/cjs/react/sdk/src/core/sdkPaths/base.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/sdkPaths/workers.js +0 -45
- package/dist/cjs/react/sdk/src/core/sdkPaths/workers.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/accountIds.js +0 -33
- package/dist/cjs/react/sdk/src/core/types/accountIds.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/actions.js +0 -274
- package/dist/cjs/react/sdk/src/core/types/actions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/authenticatorOptions.js +0 -51
- package/dist/cjs/react/sdk/src/core/types/authenticatorOptions.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/emailRecovery.js +0 -33
- package/dist/cjs/react/sdk/src/core/types/emailRecovery.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/linkDevice.js +0 -25
- package/dist/cjs/react/sdk/src/core/types/linkDevice.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/rpc.js +0 -25
- package/dist/cjs/react/sdk/src/core/types/rpc.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/sdkSentEvents.js +0 -133
- package/dist/cjs/react/sdk/src/core/types/sdkSentEvents.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/signer-worker.js +0 -69
- package/dist/cjs/react/sdk/src/core/types/signer-worker.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/types/vrf-worker.js +0 -74
- package/dist/cjs/react/sdk/src/core/types/vrf-worker.js.map +0 -1
- package/dist/cjs/react/sdk/src/core/workerControlMessages.js +0 -21
- package/dist/cjs/react/sdk/src/core/workerControlMessages.js.map +0 -1
- package/dist/cjs/react/sdk/src/theme/base-styles.js +0 -157
- package/dist/cjs/react/sdk/src/theme/base-styles.js.map +0 -1
- package/dist/cjs/react/sdk/src/theme/palette.js +0 -209
- package/dist/cjs/react/sdk/src/theme/palette.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/base58.js +0 -24
- package/dist/cjs/react/sdk/src/utils/base58.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/base64.js +0 -59
- package/dist/cjs/react/sdk/src/utils/base64.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/encoders.js +0 -18
- package/dist/cjs/react/sdk/src/utils/encoders.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/errors.js +0 -151
- package/dist/cjs/react/sdk/src/utils/errors.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/index.js +0 -25
- package/dist/cjs/react/sdk/src/utils/index.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/qrScanner.js +0 -320
- package/dist/cjs/react/sdk/src/utils/qrScanner.js.map +0 -1
- package/dist/cjs/react/sdk/src/utils/validation.js +0 -67
- package/dist/cjs/react/sdk/src/utils/validation.js.map +0 -1
- package/dist/cjs/server/sdk/src/core/WalletIframe/validation.js +0 -17
- package/dist/cjs/server/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/cjs/utils/encoders.js +0 -18
- package/dist/cjs/utils/encoders.js.map +0 -1
- package/dist/cjs/utils/index.js +0 -25
- package/dist/cjs/utils/index.js.map +0 -1
- package/dist/esm/_virtual/rolldown_runtime.js +0 -28
- package/dist/esm/core/TatchiPasskey/recoverAccount.js +0 -428
- package/dist/esm/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/esm/core/WalletIframe/validation.js +0 -52
- package/dist/esm/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -357
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -703
- package/dist/esm/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -29
- package/dist/esm/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -12
- package/dist/esm/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/esm/core/WebAuthnManager/txDigest.js +0 -83
- package/dist/esm/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/esm/index.js.map +0 -1
- package/dist/esm/react/_virtual/rolldown_runtime.js +0 -28
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css +0 -452
- package/dist/esm/react/components/AccountMenuButton/LinkedDevicesModal-BRtht0XI.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css +0 -120
- package/dist/esm/react/components/AccountMenuButton/ProfileDropdown-BG_6hcim.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css +0 -77
- package/dist/esm/react/components/AccountMenuButton/Web3AuthProfileButton-k8_FAYFq.css.map +0 -1
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css +0 -41
- package/dist/esm/react/components/AccountMenuButton/icons/TouchIcon-C-RcGfr5.css.map +0 -1
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css +0 -1009
- package/dist/esm/react/components/PasskeyAuthMenu/PasskeyAuthMenu-DKMiLeT9.css.map +0 -1
- package/dist/esm/react/components/SendTxButtonWithTooltip.js +0 -214
- package/dist/esm/react/components/SendTxButtonWithTooltip.js.map +0 -1
- package/dist/esm/react/components/ShowQRCode-CB0UCQ_h.css +0 -113
- package/dist/esm/react/components/ShowQRCode-CB0UCQ_h.css.map +0 -1
- package/dist/esm/react/components/WalletIframeTxButtonHost.js +0 -174
- package/dist/esm/react/components/WalletIframeTxButtonHost.js.map +0 -1
- package/dist/esm/react/index.js.map +0 -1
- package/dist/esm/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/create-component.js +0 -45
- package/dist/esm/react/node_modules/.pnpm/@lit_react@1.0.8_@types_react@19.1.12/node_modules/@lit/react/create-component.js.map +0 -1
- package/dist/esm/react/sdk/build-paths.js.map +0 -1
- package/dist/esm/react/sdk/src/base-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/config.js.map +0 -1
- package/dist/esm/react/sdk/src/core/ChainsigAddressManager/index.js +0 -29
- package/dist/esm/react/sdk/src/core/ChainsigAddressManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js +0 -63
- package/dist/esm/react/sdk/src/core/EmailRecovery/emailRecoveryPendingStore.js.map +0 -1
- package/dist/esm/react/sdk/src/core/EmailRecovery/index.js +0 -105
- package/dist/esm/react/sdk/src/core/EmailRecovery/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/index.js +0 -133
- package/dist/esm/react/sdk/src/core/IndexedDBManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js +0 -678
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js.map +0 -1
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js +0 -185
- package/dist/esm/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js.map +0 -1
- package/dist/esm/react/sdk/src/core/NearClient.js +0 -271
- package/dist/esm/react/sdk/src/core/NearClient.js.map +0 -1
- package/dist/esm/react/sdk/src/core/NearRpcError.js.map +0 -1
- package/dist/esm/react/sdk/src/core/OfflineExport/overlay.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/actions.js +0 -448
- package/dist/esm/react/sdk/src/core/TatchiPasskey/actions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/delegateAction.js +0 -75
- package/dist/esm/react/sdk/src/core/TatchiPasskey/delegateAction.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/emailRecovery.js +0 -908
- package/dist/esm/react/sdk/src/core/TatchiPasskey/emailRecovery.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js +0 -96
- package/dist/esm/react/sdk/src/core/TatchiPasskey/faucets/createAccountRelayServer.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/index.js +0 -1298
- package/dist/esm/react/sdk/src/core/TatchiPasskey/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/linkDevice.js +0 -710
- package/dist/esm/react/sdk/src/core/TatchiPasskey/linkDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/login.js +0 -569
- package/dist/esm/react/sdk/src/core/TatchiPasskey/login.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/recoverAccount.js +0 -428
- package/dist/esm/react/sdk/src/core/TatchiPasskey/recoverAccount.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/registration.js +0 -338
- package/dist/esm/react/sdk/src/core/TatchiPasskey/registration.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/relay.js +0 -111
- package/dist/esm/react/sdk/src/core/TatchiPasskey/relay.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/scanDevice.js +0 -104
- package/dist/esm/react/sdk/src/core/TatchiPasskey/scanDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/TatchiPasskey/signNEP413.js +0 -88
- package/dist/esm/react/sdk/src/core/TatchiPasskey/signNEP413.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/IframeTransport.js +0 -329
- package/dist/esm/react/sdk/src/core/WalletIframe/client/IframeTransport.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js +0 -208
- package/dist/esm/react/sdk/src/core/WalletIframe/client/on-events-progress-bus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/overlay-controller.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/overlay-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/client/router.js +0 -1061
- package/dist/esm/react/sdk/src/core/WalletIframe/client/router.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/events.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/host-mode.js +0 -9
- package/dist/esm/react/sdk/src/core/WalletIframe/host-mode.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WalletIframe/validation.js +0 -55
- package/dist/esm/react/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/Drawer/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js +0 -219
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ExportPrivateKey/iframe-host.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/HaloBorder/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js +0 -357
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js +0 -703
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js +0 -188
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirm-content.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js +0 -255
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/tx-confirmer-wrapper.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js +0 -254
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/LitElementWithProps.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js +0 -500
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js +0 -182
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/TxTree/tx-tree-utils.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/asset-base.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/common/PadlockIcon.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/common/formatters.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui-types.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js +0 -219
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/confirm-ui.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/css/css-loader.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js +0 -23
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/ensure-defined.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/lit-events.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js +0 -47
- package/dist/esm/react/sdk/src/core/WebAuthnManager/LitComponents/tags.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js +0 -32
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/getDeviceNumber.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js +0 -70
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js +0 -46
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/decryptPrivateKeyWithPrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js +0 -70
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveNearKeypairAndEncryptFromSerialized.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js +0 -66
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/exportNearKeypairUi.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js +0 -24
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/extractCosePublicKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js +0 -43
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js +0 -115
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js +0 -14
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/session.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js +0 -102
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js +0 -77
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signNep413Message.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js +0 -61
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionWithKeyPair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js +0 -111
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js +0 -80
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js +0 -451
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js +0 -81
- package/dist/esm/react/sdk/src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js +0 -56
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/common.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js +0 -54
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/near.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js +0 -32
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestAdapter.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js +0 -53
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/session.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js +0 -63
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/vrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js +0 -39
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/webauthn.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js +0 -65
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/determineConfirmationConfig.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js +0 -89
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/localOnly.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js +0 -135
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/registration.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js +0 -51
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js +0 -172
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js +0 -118
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/handleSecureConfirmRequest.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js +0 -51
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/checkVrfStatus.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js +0 -155
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndPrepareSigningSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js +0 -29
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js +0 -58
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js +0 -46
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js +0 -58
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js +0 -374
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js +0 -12
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js +0 -203
- package/dist/esm/react/sdk/src/core/WebAuthnManager/WebAuthnFallbacks/safari-fallbacks.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js +0 -288
- package/dist/esm/react/sdk/src/core/WebAuthnManager/credentialsHelpers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/index.js +0 -889
- package/dist/esm/react/sdk/src/core/WebAuthnManager/index.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js +0 -270
- package/dist/esm/react/sdk/src/core/WebAuthnManager/touchIdPrompt.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/txDigest.js +0 -83
- package/dist/esm/react/sdk/src/core/WebAuthnManager/txDigest.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userHandle.js +0 -38
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userHandle.js.map +0 -1
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userPreferences.js +0 -307
- package/dist/esm/react/sdk/src/core/WebAuthnManager/userPreferences.js.map +0 -1
- package/dist/esm/react/sdk/src/core/defaultConfigs.js +0 -102
- package/dist/esm/react/sdk/src/core/defaultConfigs.js.map +0 -1
- package/dist/esm/react/sdk/src/core/nearCrypto.js +0 -48
- package/dist/esm/react/sdk/src/core/nearCrypto.js.map +0 -1
- package/dist/esm/react/sdk/src/core/nonceManager.js +0 -402
- package/dist/esm/react/sdk/src/core/nonceManager.js.map +0 -1
- package/dist/esm/react/sdk/src/core/rpcCalls.js +0 -431
- package/dist/esm/react/sdk/src/core/rpcCalls.js.map +0 -1
- package/dist/esm/react/sdk/src/core/sdkPaths/base.js.map +0 -1
- package/dist/esm/react/sdk/src/core/sdkPaths/workers.js +0 -42
- package/dist/esm/react/sdk/src/core/sdkPaths/workers.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/accountIds.js +0 -26
- package/dist/esm/react/sdk/src/core/types/accountIds.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/actions.js +0 -263
- package/dist/esm/react/sdk/src/core/types/actions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/authenticatorOptions.js +0 -47
- package/dist/esm/react/sdk/src/core/types/authenticatorOptions.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/emailRecovery.js +0 -26
- package/dist/esm/react/sdk/src/core/types/emailRecovery.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/linkDevice.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/rpc.js +0 -19
- package/dist/esm/react/sdk/src/core/types/rpc.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/sdkSentEvents.js +0 -116
- package/dist/esm/react/sdk/src/core/types/sdkSentEvents.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/signer-worker.js +0 -51
- package/dist/esm/react/sdk/src/core/types/signer-worker.js.map +0 -1
- package/dist/esm/react/sdk/src/core/types/vrf-worker.js +0 -66
- package/dist/esm/react/sdk/src/core/types/vrf-worker.js.map +0 -1
- package/dist/esm/react/sdk/src/core/workerControlMessages.js.map +0 -1
- package/dist/esm/react/sdk/src/theme/base-styles.js.map +0 -1
- package/dist/esm/react/sdk/src/theme/palette.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/base58.js +0 -17
- package/dist/esm/react/sdk/src/utils/base58.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/base64.js +0 -50
- package/dist/esm/react/sdk/src/utils/base64.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/encoders.js +0 -13
- package/dist/esm/react/sdk/src/utils/encoders.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/errors.js +0 -140
- package/dist/esm/react/sdk/src/utils/errors.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/index.js +0 -20
- package/dist/esm/react/sdk/src/utils/index.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/qrScanner.js.map +0 -1
- package/dist/esm/react/sdk/src/utils/validation.js +0 -61
- package/dist/esm/react/sdk/src/utils/validation.js.map +0 -1
- package/dist/esm/sdk/HaloBorder-D7vjXHnY.js +0 -1111
- package/dist/esm/sdk/WebAuthnFallbacks-Bl4BTsNt.js +0 -615
- package/dist/esm/sdk/actions-O1FD5Bq8.js +0 -252
- package/dist/esm/sdk/asset-base-K63RlTrt.js +0 -43
- package/dist/esm/sdk/base-Qt2P7SNn.js +0 -19
- package/dist/esm/sdk/base-Qt2P7SNn.js.map +0 -1
- package/dist/esm/sdk/base64-DBPGuXh4.js +0 -48
- package/dist/esm/sdk/browser-B3uuzKL0.js +0 -2443
- package/dist/esm/sdk/button-with-tooltip.css +0 -260
- package/dist/esm/sdk/chunk-DIQ1yeMN.js +0 -38
- package/dist/esm/sdk/createAdapters-DIRR8_Z9.js +0 -526
- package/dist/esm/sdk/createAdapters-Yga6W0en.js +0 -3202
- package/dist/esm/sdk/createAdapters-Yga6W0en.js.map +0 -1
- package/dist/esm/sdk/css-loader-BHxJyE5o.js +0 -1098
- package/dist/esm/sdk/css-loader-BrMMlG4X.js +0 -1184
- package/dist/esm/sdk/css-loader-BrMMlG4X.js.map +0 -1
- package/dist/esm/sdk/defaultConfigs-CfQDV-ya.js +0 -100
- package/dist/esm/sdk/ensure-defined-CHInSx7l.js +0 -34
- package/dist/esm/sdk/errors-D9ar28Dr.js +0 -265
- package/dist/esm/sdk/getDeviceNumber-BpernPnM.js +0 -121
- package/dist/esm/sdk/getDeviceNumber-BpernPnM.js.map +0 -1
- package/dist/esm/sdk/getDeviceNumber-zsOHT_Um.js +0 -30
- package/dist/esm/sdk/iframe-button-host.css +0 -84
- package/dist/esm/sdk/iframe-host-BisiSSOa.js +0 -213
- package/dist/esm/sdk/iframe-host-BisiSSOa.js.map +0 -1
- package/dist/esm/sdk/iframe-host-BoarlHRm.js +0 -1053
- package/dist/esm/sdk/iframe-host-BoarlHRm.js.map +0 -1
- package/dist/esm/sdk/iframe-host-CefZOSX2.js +0 -1105
- package/dist/esm/sdk/iframe-host-DQCSzj7r.js +0 -215
- package/dist/esm/sdk/iframe-tx-button-bootstrap.js +0 -220
- package/dist/esm/sdk/lit-events-BKobq01K.js +0 -29
- package/dist/esm/sdk/lit-events-BKobq01K.js.map +0 -1
- package/dist/esm/sdk/localOnly-BHScJasw.js +0 -93
- package/dist/esm/sdk/localOnly-VevCI7H0.js +0 -102
- package/dist/esm/sdk/localOnly-VevCI7H0.js.map +0 -1
- package/dist/esm/sdk/overlay-ZGbucXIa.js +0 -431
- package/dist/esm/sdk/registration-bKEg9Zr2.js +0 -133
- package/dist/esm/sdk/registration-bKEg9Zr2.js.map +0 -1
- package/dist/esm/sdk/registration-lDD60Ytt.js +0 -142
- package/dist/esm/sdk/requestHelpers-Dh1hEYL9.js +0 -445
- package/dist/esm/sdk/requestHelpers-aUKhXiEl.js +0 -1393
- package/dist/esm/sdk/requestHelpers-aUKhXiEl.js.map +0 -1
- package/dist/esm/sdk/router-BWtacLJg.js +0 -1799
- package/dist/esm/sdk/rpcCalls-CYGJSCgm.js +0 -10
- package/dist/esm/sdk/rpcCalls-DZZSa-sk.js +0 -427
- package/dist/esm/sdk/sdkSentEvents-_jrJLIhw.js +0 -128
- package/dist/esm/sdk/tags-C2Wlhqjd.js +0 -47
- package/dist/esm/sdk/transactions-Cn9xTWlK.js +0 -166
- package/dist/esm/sdk/transactions-Cn9xTWlK.js.map +0 -1
- package/dist/esm/sdk/transactions-DfdwDQCn.js +0 -178
- package/dist/esm/sdk/tx-confirmer-wrapper-lHNgz9i4.js +0 -2690
- package/dist/esm/sdk/tx-tree-themes-BND0SU2h.js +0 -572
- package/dist/esm/sdk/tx-tree-themes-i3It4IYY.js +0 -573
- package/dist/esm/sdk/tx-tree-themes-i3It4IYY.js.map +0 -1
- package/dist/esm/sdk/txDigest-CxjhSCgm.js +0 -89
- package/dist/esm/sdk/validation-DhPPUba7.js +0 -24
- package/dist/esm/sdk/validation-DhPPUba7.js.map +0 -1
- package/dist/esm/sdk/validation-DtLVzHDY.js +0 -50
- package/dist/esm/sdk/w3a-button-with-tooltip.js +0 -3316
- package/dist/esm/sdk/w3a-tx-button.js +0 -8
- package/dist/esm/server/sdk/src/core/WalletIframe/validation.js +0 -14
- package/dist/esm/server/sdk/src/core/WalletIframe/validation.js.map +0 -1
- package/dist/esm/utils/encoders.js +0 -13
- package/dist/esm/utils/encoders.js.map +0 -1
- package/dist/esm/utils/index.js +0 -20
- package/dist/esm/utils/index.js.map +0 -1
- package/dist/types/src/core/TatchiPasskey/recoverAccount.d.ts +0 -112
- package/dist/types/src/core/TatchiPasskey/recoverAccount.d.ts.map +0 -1
- package/dist/types/src/core/WalletIframe/host/WalletHostElements.d.ts +0 -55
- package/dist/types/src/core/WalletIframe/host/WalletHostElements.d.ts.map +0 -1
- package/dist/types/src/core/WalletIframe/validation.d.ts +0 -24
- package/dist/types/src/core/WalletIframe/validation.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/ButtonWithTooltip.d.ts +0 -160
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/ButtonWithTooltip.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.d.ts +0 -107
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-geometry.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.d.ts +0 -179
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-host.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-tx-button-bootstrap-script.d.ts +0 -7
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/iframe-tx-button-bootstrap-script.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/index.d.ts +0 -6
- package/dist/types/src/core/WebAuthnManager/LitComponents/IframeButtonWithTooltipConfirmer/index.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/LitComponents/common/iframe-messages.d.ts +0 -112
- package/dist/types/src/core/WebAuthnManager/LitComponents/common/iframe-messages.d.ts.map +0 -1
- package/dist/types/src/core/WebAuthnManager/txDigest.d.ts +0 -146
- package/dist/types/src/core/WebAuthnManager/txDigest.d.ts.map +0 -1
- package/dist/types/src/core/types/components.d.ts +0 -2
- package/dist/types/src/core/types/components.d.ts.map +0 -1
- package/dist/types/src/react/components/SendTxButtonWithTooltip.d.ts +0 -31
- package/dist/types/src/react/components/SendTxButtonWithTooltip.d.ts.map +0 -1
- package/dist/types/src/react/components/WalletIframeTxButtonHost.d.ts +0 -30
- package/dist/types/src/react/components/WalletIframeTxButtonHost.d.ts.map +0 -1
- /package/dist/esm/react/{sdk/build-paths.js → build-paths.js} +0 -0
- /package/dist/esm/react/{sdk/src → src}/base-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/config.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/NearRpcError.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/OfflineExport/overlay.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/client/overlay-controller.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/client/overlay-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WalletIframe/events.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/Drawer/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/HaloBorder/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-drawer.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/IframeTxConfirmer/viewer-modal.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/PasskeyHaloLoading/index.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/TxTree/tx-tree-themes.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/asset-base.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/common/PadlockIcon.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/common/formatters.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/confirm-ui-types.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/css/css-loader.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/LitComponents/lit-events.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/SignerWorkerManager/sessionHandshake.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/createAdapters.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/requestHelpers.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/adapters/ui.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/types.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/checkSessionStatus.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/clearSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/clearVrf.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/confirmAndDeriveDevice2RegistrationSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/dispenseSessionKey.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/mintSessionKeysAndSendToSigner.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/prepareDecryptSession.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/requestRegistrationCredentialConfirmation.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassEncryptCurrentVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/handlers/unlockVrfKeypair.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/WebAuthnManager/VrfWorkerManager/secureConfirmBridge.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/sdkPaths/base.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/types/linkDevice.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/core/workerControlMessages.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/theme/base-styles.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/theme/palette.js +0 -0
- /package/dist/esm/react/{sdk/src → src}/utils/qrScanner.js +0 -0
- /package/dist/esm/sdk/{lit-events-C-jpeT5r.js → lit-events-Bb4tAEO2.js} +0 -0
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
1
|
+
import { assertString, ensureEd25519Prefix, isFunction, isNumber, isObject, isString, stripTrailingSlashes, toOptionalTrimmedString, toTrimmedString, validateNearAccountId } from "./validation-hUZgySTx.js";
|
|
2
|
+
import { ActionType, SecureConfirmMessageType, SecureConfirmationType, TouchIdPrompt, base64Decode, base64Encode, base64UrlDecode, collectAuthenticationCredentialForVrfChallenge, computeThresholdEd25519KeygenIntentDigest, computeUiIntentDigestFromTxs, createRandomVRFChallenge, errorMessage, getIntentDigest, normalizeRegistrationCredential, orderActionForDigest, parseTransactionSummary, removePrfOutputGuard, sanitizeForPostMessage, sendConfirmResponse, serializeRegistrationCredentialWithPRF, toAccountId, toActionArgsWasm, toError, validateActionArgsWasm, validateVRFChallenge } from "./collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js";
|
|
3
|
+
import { DEFAULT_CONFIRMATION_CONFIG, DEFAULT_SIGNING_MODE, DEFAULT_THRESHOLD_BEHAVIOR, INTERNAL_WORKER_REQUEST_TYPE_SIGN_ADD_KEY_THRESHOLD_PUBLIC_KEY_NO_PROMPT, PASSKEY_MANAGER_DEFAULT_CONFIGS, THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID, THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID, UserVerificationPolicy as UserVerificationPolicy$1, WorkerRequestType, WorkerResponseType, buildConfigsFromEnv, coerceSignerMode, getLastLoggedInDeviceNumber, getThresholdBehaviorFromSignerMode, isDecryptPrivateKeyWithPrfSuccess, isDeriveNearKeypairAndEncryptSuccess, isExtractCosePublicKeySuccess, isRecoverKeypairFromPasskeySuccess, isRegisterDevice2WithDerivedKeySuccess, isSignAddKeyThresholdPublicKeyNoPromptSuccess, isSignDelegateActionSuccess, isSignNep413MessageSuccess, isSignTransactionsWithActionsSuccess, isWorkerError, isWorkerProgress, isWorkerSuccess, mergeSignerMode } from "./getDeviceNumber-WiNzKx1x.js";
|
|
4
|
+
import { __isWalletIframeHostMode } from "./host-mode-CgqmYAwZ.js";
|
|
5
5
|
|
|
6
6
|
//#region ../node_modules/.pnpm/idb@8.0.3/node_modules/idb/build/index.js
|
|
7
7
|
const instanceOfAny = (object, constructors) => constructors.some((c) => object instanceof c);
|
|
@@ -217,383 +217,6 @@ replaceTraps((oldTraps) => ({
|
|
|
217
217
|
}
|
|
218
218
|
}));
|
|
219
219
|
|
|
220
|
-
//#endregion
|
|
221
|
-
//#region src/wasm_signer_worker/pkg/wasm_signer_worker.js
|
|
222
|
-
let wasm;
|
|
223
|
-
const cachedTextEncoder = typeof TextEncoder !== "undefined" ? new TextEncoder("utf-8") : { encode: () => {
|
|
224
|
-
throw Error("TextEncoder not available");
|
|
225
|
-
} };
|
|
226
|
-
const encodeString = typeof cachedTextEncoder.encodeInto === "function" ? function(arg, view) {
|
|
227
|
-
return cachedTextEncoder.encodeInto(arg, view);
|
|
228
|
-
} : function(arg, view) {
|
|
229
|
-
const buf = cachedTextEncoder.encode(arg);
|
|
230
|
-
view.set(buf);
|
|
231
|
-
return {
|
|
232
|
-
read: arg.length,
|
|
233
|
-
written: buf.length
|
|
234
|
-
};
|
|
235
|
-
};
|
|
236
|
-
const cachedTextDecoder = typeof TextDecoder !== "undefined" ? new TextDecoder("utf-8", {
|
|
237
|
-
ignoreBOM: true,
|
|
238
|
-
fatal: true
|
|
239
|
-
}) : { decode: () => {
|
|
240
|
-
throw Error("TextDecoder not available");
|
|
241
|
-
} };
|
|
242
|
-
if (typeof TextDecoder !== "undefined") cachedTextDecoder.decode();
|
|
243
|
-
const CLOSURE_DTORS = typeof FinalizationRegistry === "undefined" ? {
|
|
244
|
-
register: () => {},
|
|
245
|
-
unregister: () => {}
|
|
246
|
-
} : new FinalizationRegistry((state) => {
|
|
247
|
-
wasm.__wbindgen_export_5.get(state.dtor)(state.a, state.b);
|
|
248
|
-
});
|
|
249
|
-
/**
|
|
250
|
-
* Behavior mode for confirmation flow
|
|
251
|
-
* @enum {0 | 1}
|
|
252
|
-
*/
|
|
253
|
-
const ConfirmationBehavior = Object.freeze({
|
|
254
|
-
RequireClick: 0,
|
|
255
|
-
"0": "RequireClick",
|
|
256
|
-
AutoProceed: 1,
|
|
257
|
-
"1": "AutoProceed"
|
|
258
|
-
});
|
|
259
|
-
/**
|
|
260
|
-
* UI mode for confirmation display
|
|
261
|
-
* @enum {0 | 1 | 2}
|
|
262
|
-
*/
|
|
263
|
-
const ConfirmationUIMode = Object.freeze({
|
|
264
|
-
Skip: 0,
|
|
265
|
-
"0": "Skip",
|
|
266
|
-
Modal: 1,
|
|
267
|
-
"1": "Modal",
|
|
268
|
-
Drawer: 2,
|
|
269
|
-
"2": "Drawer"
|
|
270
|
-
});
|
|
271
|
-
/**
|
|
272
|
-
* Progress message types that can be sent during WASM operations.
|
|
273
|
-
* Values MUST align with the progress variants of WorkerResponseType in
|
|
274
|
-
* `worker_messages.rs` so that TypeScript can treat them as progress
|
|
275
|
-
* responses (not success/failure) based on the shared numeric codes.
|
|
276
|
-
* @enum {18 | 19 | 20 | 21}
|
|
277
|
-
*/
|
|
278
|
-
const ProgressMessageType = Object.freeze({
|
|
279
|
-
RegistrationProgress: 18,
|
|
280
|
-
"18": "RegistrationProgress",
|
|
281
|
-
RegistrationComplete: 19,
|
|
282
|
-
"19": "RegistrationComplete",
|
|
283
|
-
ExecuteActionsProgress: 20,
|
|
284
|
-
"20": "ExecuteActionsProgress",
|
|
285
|
-
ExecuteActionsComplete: 21,
|
|
286
|
-
"21": "ExecuteActionsComplete"
|
|
287
|
-
});
|
|
288
|
-
/**
|
|
289
|
-
* Progress step identifiers for different phases of operations
|
|
290
|
-
* Values start at 100 to avoid conflicts with WorkerResponseType enum
|
|
291
|
-
* @enum {100 | 101 | 102 | 103 | 104 | 105 | 106}
|
|
292
|
-
*/
|
|
293
|
-
const ProgressStep = Object.freeze({
|
|
294
|
-
Preparation: 100,
|
|
295
|
-
"100": "Preparation",
|
|
296
|
-
UserConfirmation: 101,
|
|
297
|
-
"101": "UserConfirmation",
|
|
298
|
-
WebauthnAuthentication: 102,
|
|
299
|
-
"102": "WebauthnAuthentication",
|
|
300
|
-
AuthenticationComplete: 103,
|
|
301
|
-
"103": "AuthenticationComplete",
|
|
302
|
-
TransactionSigningProgress: 104,
|
|
303
|
-
"104": "TransactionSigningProgress",
|
|
304
|
-
TransactionSigningComplete: 105,
|
|
305
|
-
"105": "TransactionSigningComplete",
|
|
306
|
-
Error: 106,
|
|
307
|
-
"106": "Error"
|
|
308
|
-
});
|
|
309
|
-
/**
|
|
310
|
-
* User verification policy for WebAuthn authenticators
|
|
311
|
-
* @enum {0 | 1 | 2}
|
|
312
|
-
*/
|
|
313
|
-
const UserVerificationPolicy$1 = Object.freeze({
|
|
314
|
-
Required: 0,
|
|
315
|
-
"0": "Required",
|
|
316
|
-
Preferred: 1,
|
|
317
|
-
"1": "Preferred",
|
|
318
|
-
Discouraged: 2,
|
|
319
|
-
"2": "Discouraged"
|
|
320
|
-
});
|
|
321
|
-
/**
|
|
322
|
-
* @enum {0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8}
|
|
323
|
-
*/
|
|
324
|
-
const WorkerRequestType = Object.freeze({
|
|
325
|
-
DeriveNearKeypairAndEncrypt: 0,
|
|
326
|
-
"0": "DeriveNearKeypairAndEncrypt",
|
|
327
|
-
RecoverKeypairFromPasskey: 1,
|
|
328
|
-
"1": "RecoverKeypairFromPasskey",
|
|
329
|
-
DecryptPrivateKeyWithPrf: 2,
|
|
330
|
-
"2": "DecryptPrivateKeyWithPrf",
|
|
331
|
-
SignTransactionsWithActions: 3,
|
|
332
|
-
"3": "SignTransactionsWithActions",
|
|
333
|
-
ExtractCosePublicKey: 4,
|
|
334
|
-
"4": "ExtractCosePublicKey",
|
|
335
|
-
SignTransactionWithKeyPair: 5,
|
|
336
|
-
"5": "SignTransactionWithKeyPair",
|
|
337
|
-
SignNep413Message: 6,
|
|
338
|
-
"6": "SignNep413Message",
|
|
339
|
-
RegisterDevice2WithDerivedKey: 7,
|
|
340
|
-
"7": "RegisterDevice2WithDerivedKey",
|
|
341
|
-
SignDelegateAction: 8,
|
|
342
|
-
"8": "SignDelegateAction"
|
|
343
|
-
});
|
|
344
|
-
/**
|
|
345
|
-
* Worker response types enum - corresponds to TypeScript WorkerResponseType
|
|
346
|
-
* @enum {0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21}
|
|
347
|
-
*/
|
|
348
|
-
const WorkerResponseType = Object.freeze({
|
|
349
|
-
DeriveNearKeypairAndEncryptSuccess: 0,
|
|
350
|
-
"0": "DeriveNearKeypairAndEncryptSuccess",
|
|
351
|
-
RecoverKeypairFromPasskeySuccess: 1,
|
|
352
|
-
"1": "RecoverKeypairFromPasskeySuccess",
|
|
353
|
-
DecryptPrivateKeyWithPrfSuccess: 2,
|
|
354
|
-
"2": "DecryptPrivateKeyWithPrfSuccess",
|
|
355
|
-
SignTransactionsWithActionsSuccess: 3,
|
|
356
|
-
"3": "SignTransactionsWithActionsSuccess",
|
|
357
|
-
ExtractCosePublicKeySuccess: 4,
|
|
358
|
-
"4": "ExtractCosePublicKeySuccess",
|
|
359
|
-
SignTransactionWithKeyPairSuccess: 5,
|
|
360
|
-
"5": "SignTransactionWithKeyPairSuccess",
|
|
361
|
-
SignNep413MessageSuccess: 6,
|
|
362
|
-
"6": "SignNep413MessageSuccess",
|
|
363
|
-
RegisterDevice2WithDerivedKeySuccess: 7,
|
|
364
|
-
"7": "RegisterDevice2WithDerivedKeySuccess",
|
|
365
|
-
SignDelegateActionSuccess: 8,
|
|
366
|
-
"8": "SignDelegateActionSuccess",
|
|
367
|
-
DeriveNearKeypairAndEncryptFailure: 9,
|
|
368
|
-
"9": "DeriveNearKeypairAndEncryptFailure",
|
|
369
|
-
RecoverKeypairFromPasskeyFailure: 10,
|
|
370
|
-
"10": "RecoverKeypairFromPasskeyFailure",
|
|
371
|
-
DecryptPrivateKeyWithPrfFailure: 11,
|
|
372
|
-
"11": "DecryptPrivateKeyWithPrfFailure",
|
|
373
|
-
SignTransactionsWithActionsFailure: 12,
|
|
374
|
-
"12": "SignTransactionsWithActionsFailure",
|
|
375
|
-
ExtractCosePublicKeyFailure: 13,
|
|
376
|
-
"13": "ExtractCosePublicKeyFailure",
|
|
377
|
-
SignTransactionWithKeyPairFailure: 14,
|
|
378
|
-
"14": "SignTransactionWithKeyPairFailure",
|
|
379
|
-
SignNep413MessageFailure: 15,
|
|
380
|
-
"15": "SignNep413MessageFailure",
|
|
381
|
-
RegisterDevice2WithDerivedKeyFailure: 16,
|
|
382
|
-
"16": "RegisterDevice2WithDerivedKeyFailure",
|
|
383
|
-
SignDelegateActionFailure: 17,
|
|
384
|
-
"17": "SignDelegateActionFailure",
|
|
385
|
-
RegistrationProgress: 18,
|
|
386
|
-
"18": "RegistrationProgress",
|
|
387
|
-
RegistrationComplete: 19,
|
|
388
|
-
"19": "RegistrationComplete",
|
|
389
|
-
ExecuteActionsProgress: 20,
|
|
390
|
-
"20": "ExecuteActionsProgress",
|
|
391
|
-
ExecuteActionsComplete: 21,
|
|
392
|
-
"21": "ExecuteActionsComplete"
|
|
393
|
-
});
|
|
394
|
-
const AuthenticationResponseFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
395
|
-
register: () => {},
|
|
396
|
-
unregister: () => {}
|
|
397
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_authenticationresponse_free(ptr >>> 0, 1));
|
|
398
|
-
const AuthenticatorOptionsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
399
|
-
register: () => {},
|
|
400
|
-
unregister: () => {}
|
|
401
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_authenticatoroptions_free(ptr >>> 0, 1));
|
|
402
|
-
const ClientExtensionResultsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
403
|
-
register: () => {},
|
|
404
|
-
unregister: () => {}
|
|
405
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_clientextensionresults_free(ptr >>> 0, 1));
|
|
406
|
-
const ConfirmationConfigFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
407
|
-
register: () => {},
|
|
408
|
-
unregister: () => {}
|
|
409
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_confirmationconfig_free(ptr >>> 0, 1));
|
|
410
|
-
const CoseExtractionResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
411
|
-
register: () => {},
|
|
412
|
-
unregister: () => {}
|
|
413
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_coseextractionresult_free(ptr >>> 0, 1));
|
|
414
|
-
const DecryptPrivateKeyRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
415
|
-
register: () => {},
|
|
416
|
-
unregister: () => {}
|
|
417
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptprivatekeyrequest_free(ptr >>> 0, 1));
|
|
418
|
-
const DecryptPrivateKeyResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
419
|
-
register: () => {},
|
|
420
|
-
unregister: () => {}
|
|
421
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptprivatekeyresult_free(ptr >>> 0, 1));
|
|
422
|
-
const DecryptionPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
423
|
-
register: () => {},
|
|
424
|
-
unregister: () => {}
|
|
425
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_decryptionpayload_free(ptr >>> 0, 1));
|
|
426
|
-
const DelegateSignResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
427
|
-
register: () => {},
|
|
428
|
-
unregister: () => {}
|
|
429
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_delegatesignresult_free(ptr >>> 0, 1));
|
|
430
|
-
const DeriveNearKeypairAndEncryptRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
431
|
-
register: () => {},
|
|
432
|
-
unregister: () => {}
|
|
433
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_derivenearkeypairandencryptrequest_free(ptr >>> 0, 1));
|
|
434
|
-
const DeriveNearKeypairAndEncryptResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
435
|
-
register: () => {},
|
|
436
|
-
unregister: () => {}
|
|
437
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_derivenearkeypairandencryptresult_free(ptr >>> 0, 1));
|
|
438
|
-
const Device2TransactionContextFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
439
|
-
register: () => {},
|
|
440
|
-
unregister: () => {}
|
|
441
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_device2transactioncontext_free(ptr >>> 0, 1));
|
|
442
|
-
const ExtractCoseRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
443
|
-
register: () => {},
|
|
444
|
-
unregister: () => {}
|
|
445
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_extractcoserequest_free(ptr >>> 0, 1));
|
|
446
|
-
const KeyActionResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
447
|
-
register: () => {},
|
|
448
|
-
unregister: () => {}
|
|
449
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_keyactionresult_free(ptr >>> 0, 1));
|
|
450
|
-
const OriginPolicyInputFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
451
|
-
register: () => {},
|
|
452
|
-
unregister: () => {}
|
|
453
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_originpolicyinput_free(ptr >>> 0, 1));
|
|
454
|
-
const PrfOutputsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
455
|
-
register: () => {},
|
|
456
|
-
unregister: () => {}
|
|
457
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_prfoutputs_free(ptr >>> 0, 1));
|
|
458
|
-
const PrfResultsFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
459
|
-
register: () => {},
|
|
460
|
-
unregister: () => {}
|
|
461
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_prfresults_free(ptr >>> 0, 1));
|
|
462
|
-
const RecoverKeypairRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
463
|
-
register: () => {},
|
|
464
|
-
unregister: () => {}
|
|
465
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_recoverkeypairrequest_free(ptr >>> 0, 1));
|
|
466
|
-
const RecoverKeypairResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
467
|
-
register: () => {},
|
|
468
|
-
unregister: () => {}
|
|
469
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_recoverkeypairresult_free(ptr >>> 0, 1));
|
|
470
|
-
const RegisterDevice2WithDerivedKeyRequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
471
|
-
register: () => {},
|
|
472
|
-
unregister: () => {}
|
|
473
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registerdevice2withderivedkeyrequest_free(ptr >>> 0, 1));
|
|
474
|
-
const RegisterDevice2WithDerivedKeyResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
475
|
-
register: () => {},
|
|
476
|
-
unregister: () => {}
|
|
477
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registerdevice2withderivedkeyresult_free(ptr >>> 0, 1));
|
|
478
|
-
const RegistrationPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
479
|
-
register: () => {},
|
|
480
|
-
unregister: () => {}
|
|
481
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registrationpayload_free(ptr >>> 0, 1));
|
|
482
|
-
const RegistrationResponseFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
483
|
-
register: () => {},
|
|
484
|
-
unregister: () => {}
|
|
485
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_registrationresponse_free(ptr >>> 0, 1));
|
|
486
|
-
const RpcCallPayloadFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
487
|
-
register: () => {},
|
|
488
|
-
unregister: () => {}
|
|
489
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_rpccallpayload_free(ptr >>> 0, 1));
|
|
490
|
-
const SerializedCredentialFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
491
|
-
register: () => {},
|
|
492
|
-
unregister: () => {}
|
|
493
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_serializedcredential_free(ptr >>> 0, 1));
|
|
494
|
-
const SerializedRegistrationCredentialFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
495
|
-
register: () => {},
|
|
496
|
-
unregister: () => {}
|
|
497
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_serializedregistrationcredential_free(ptr >>> 0, 1));
|
|
498
|
-
const SignNep413RequestFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
499
|
-
register: () => {},
|
|
500
|
-
unregister: () => {}
|
|
501
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_signnep413request_free(ptr >>> 0, 1));
|
|
502
|
-
const SignNep413ResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
503
|
-
register: () => {},
|
|
504
|
-
unregister: () => {}
|
|
505
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_signnep413result_free(ptr >>> 0, 1));
|
|
506
|
-
const TransactionContextFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
507
|
-
register: () => {},
|
|
508
|
-
unregister: () => {}
|
|
509
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_transactioncontext_free(ptr >>> 0, 1));
|
|
510
|
-
const TransactionSignResultFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
511
|
-
register: () => {},
|
|
512
|
-
unregister: () => {}
|
|
513
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_transactionsignresult_free(ptr >>> 0, 1));
|
|
514
|
-
const VrfChallengeFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
515
|
-
register: () => {},
|
|
516
|
-
unregister: () => {}
|
|
517
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_vrfchallenge_free(ptr >>> 0, 1));
|
|
518
|
-
const WasmDelegateActionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
519
|
-
register: () => {},
|
|
520
|
-
unregister: () => {}
|
|
521
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmdelegateaction_free(ptr >>> 0, 1));
|
|
522
|
-
const WasmPublicKeyFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
523
|
-
register: () => {},
|
|
524
|
-
unregister: () => {}
|
|
525
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmpublickey_free(ptr >>> 0, 1));
|
|
526
|
-
const WasmSignatureFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
527
|
-
register: () => {},
|
|
528
|
-
unregister: () => {}
|
|
529
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsignature_free(ptr >>> 0, 1));
|
|
530
|
-
const WasmSignedDelegateFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
531
|
-
register: () => {},
|
|
532
|
-
unregister: () => {}
|
|
533
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsigneddelegate_free(ptr >>> 0, 1));
|
|
534
|
-
const WasmSignedTransactionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
535
|
-
register: () => {},
|
|
536
|
-
unregister: () => {}
|
|
537
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmsignedtransaction_free(ptr >>> 0, 1));
|
|
538
|
-
const WasmTransactionFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
539
|
-
register: () => {},
|
|
540
|
-
unregister: () => {}
|
|
541
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_wasmtransaction_free(ptr >>> 0, 1));
|
|
542
|
-
const WebAuthnAuthenticationCredentialStructFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
543
|
-
register: () => {},
|
|
544
|
-
unregister: () => {}
|
|
545
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_webauthnauthenticationcredentialstruct_free(ptr >>> 0, 1));
|
|
546
|
-
const WebAuthnRegistrationCredentialStructFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
547
|
-
register: () => {},
|
|
548
|
-
unregister: () => {}
|
|
549
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_webauthnregistrationcredentialstruct_free(ptr >>> 0, 1));
|
|
550
|
-
const WorkerProgressMessageFinalization = typeof FinalizationRegistry === "undefined" ? {
|
|
551
|
-
register: () => {},
|
|
552
|
-
unregister: () => {}
|
|
553
|
-
} : new FinalizationRegistry((ptr) => wasm.__wbg_workerprogressmessage_free(ptr >>> 0, 1));
|
|
554
|
-
|
|
555
|
-
//#endregion
|
|
556
|
-
//#region src/core/types/signer-worker.ts
|
|
557
|
-
const DEFAULT_CONFIRMATION_CONFIG = {
|
|
558
|
-
uiMode: "modal",
|
|
559
|
-
behavior: "requireClick",
|
|
560
|
-
autoProceedDelay: 0,
|
|
561
|
-
theme: "dark"
|
|
562
|
-
};
|
|
563
|
-
function isWorkerProgress(response) {
|
|
564
|
-
return response.type === WorkerResponseType.RegistrationProgress || response.type === WorkerResponseType.RegistrationComplete || response.type === WorkerResponseType.ExecuteActionsProgress || response.type === WorkerResponseType.ExecuteActionsComplete;
|
|
565
|
-
}
|
|
566
|
-
function isWorkerSuccess(response) {
|
|
567
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptSuccess || response.type === WorkerResponseType.RecoverKeypairFromPasskeySuccess || response.type === WorkerResponseType.DecryptPrivateKeyWithPrfSuccess || response.type === WorkerResponseType.SignTransactionsWithActionsSuccess || response.type === WorkerResponseType.SignDelegateActionSuccess || response.type === WorkerResponseType.ExtractCosePublicKeySuccess || response.type === WorkerResponseType.SignTransactionWithKeyPairSuccess || response.type === WorkerResponseType.SignNep413MessageSuccess || response.type === WorkerResponseType.RegisterDevice2WithDerivedKeySuccess;
|
|
568
|
-
}
|
|
569
|
-
function isWorkerError(response) {
|
|
570
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptFailure || response.type === WorkerResponseType.RecoverKeypairFromPasskeyFailure || response.type === WorkerResponseType.DecryptPrivateKeyWithPrfFailure || response.type === WorkerResponseType.SignTransactionsWithActionsFailure || response.type === WorkerResponseType.SignDelegateActionFailure || response.type === WorkerResponseType.ExtractCosePublicKeyFailure || response.type === WorkerResponseType.SignTransactionWithKeyPairFailure || response.type === WorkerResponseType.SignNep413MessageFailure || response.type === WorkerResponseType.RegisterDevice2WithDerivedKeyFailure;
|
|
571
|
-
}
|
|
572
|
-
function isDeriveNearKeypairAndEncryptSuccess(response) {
|
|
573
|
-
return response.type === WorkerResponseType.DeriveNearKeypairAndEncryptSuccess;
|
|
574
|
-
}
|
|
575
|
-
function isRecoverKeypairFromPasskeySuccess(response) {
|
|
576
|
-
return response.type === WorkerResponseType.RecoverKeypairFromPasskeySuccess;
|
|
577
|
-
}
|
|
578
|
-
function isSignTransactionsWithActionsSuccess(response) {
|
|
579
|
-
return response.type === WorkerResponseType.SignTransactionsWithActionsSuccess;
|
|
580
|
-
}
|
|
581
|
-
function isSignDelegateActionSuccess(response) {
|
|
582
|
-
return response.type === WorkerResponseType.SignDelegateActionSuccess;
|
|
583
|
-
}
|
|
584
|
-
function isDecryptPrivateKeyWithPrfSuccess(response) {
|
|
585
|
-
return response.type === WorkerResponseType.DecryptPrivateKeyWithPrfSuccess;
|
|
586
|
-
}
|
|
587
|
-
function isExtractCosePublicKeySuccess(response) {
|
|
588
|
-
return response.type === WorkerResponseType.ExtractCosePublicKeySuccess;
|
|
589
|
-
}
|
|
590
|
-
function isSignNep413MessageSuccess(response) {
|
|
591
|
-
return response.type === WorkerResponseType.SignNep413MessageSuccess;
|
|
592
|
-
}
|
|
593
|
-
function isRegisterDevice2WithDerivedKeySuccess(response) {
|
|
594
|
-
return response.type === WorkerResponseType.RegisterDevice2WithDerivedKeySuccess;
|
|
595
|
-
}
|
|
596
|
-
|
|
597
220
|
//#endregion
|
|
598
221
|
//#region src/core/IndexedDBManager/passkeyClientDB.ts
|
|
599
222
|
const DB_CONFIG$1 = {
|
|
@@ -890,8 +513,8 @@ var PasskeyClientDBManager = class {
|
|
|
890
513
|
await this.storeUser(userData);
|
|
891
514
|
return userData;
|
|
892
515
|
}
|
|
893
|
-
async updateUser(nearAccountId, updates) {
|
|
894
|
-
const user = await this.getUser(nearAccountId);
|
|
516
|
+
async updateUser(nearAccountId, updates, deviceNumber) {
|
|
517
|
+
const user = await this.getUser(nearAccountId, deviceNumber);
|
|
895
518
|
if (user) {
|
|
896
519
|
const updatedUser = {
|
|
897
520
|
...user,
|
|
@@ -1142,6 +765,21 @@ var PasskeyClientDBManager = class {
|
|
|
1142
765
|
return theme || "dark";
|
|
1143
766
|
}
|
|
1144
767
|
/**
|
|
768
|
+
* Get user's signer mode preference from IndexedDB
|
|
769
|
+
*/
|
|
770
|
+
async getSignerMode(nearAccountId) {
|
|
771
|
+
const user = await this.getUser(nearAccountId);
|
|
772
|
+
const raw = user?.preferences?.signerMode;
|
|
773
|
+
return coerceSignerMode(raw, DEFAULT_SIGNING_MODE);
|
|
774
|
+
}
|
|
775
|
+
/**
|
|
776
|
+
* Set user's signer mode preference in IndexedDB
|
|
777
|
+
*/
|
|
778
|
+
async setSignerMode(nearAccountId, signerMode) {
|
|
779
|
+
const next = coerceSignerMode(signerMode, DEFAULT_SIGNING_MODE);
|
|
780
|
+
await this.updatePreferences(nearAccountId, { signerMode: next });
|
|
781
|
+
}
|
|
782
|
+
/**
|
|
1145
783
|
* Toggle between dark and light theme for a user
|
|
1146
784
|
* @param nearAccountId - The user's account ID
|
|
1147
785
|
* @returns The new theme that was set
|
|
@@ -1257,253 +895,6 @@ var PasskeyClientDBManager = class {
|
|
|
1257
895
|
}
|
|
1258
896
|
};
|
|
1259
897
|
|
|
1260
|
-
//#endregion
|
|
1261
|
-
//#region src/core/IndexedDBManager/passkeyNearKeysDB.ts
|
|
1262
|
-
const DB_CONFIG = {
|
|
1263
|
-
dbName: "PasskeyNearKeys",
|
|
1264
|
-
dbVersion: 2,
|
|
1265
|
-
storeName: "encryptedKeys",
|
|
1266
|
-
keyPath: ["nearAccountId", "deviceNumber"]
|
|
1267
|
-
};
|
|
1268
|
-
var PasskeyNearKeysDBManager = class {
|
|
1269
|
-
config;
|
|
1270
|
-
db = null;
|
|
1271
|
-
disabled = false;
|
|
1272
|
-
constructor(config = DB_CONFIG) {
|
|
1273
|
-
this.config = config;
|
|
1274
|
-
}
|
|
1275
|
-
getDbName() {
|
|
1276
|
-
return this.config.dbName;
|
|
1277
|
-
}
|
|
1278
|
-
setDbName(dbName) {
|
|
1279
|
-
const next = String(dbName || "").trim();
|
|
1280
|
-
if (!next || next === this.config.dbName) return;
|
|
1281
|
-
try {
|
|
1282
|
-
this.db?.close?.();
|
|
1283
|
-
} catch {}
|
|
1284
|
-
this.db = null;
|
|
1285
|
-
this.config = {
|
|
1286
|
-
...this.config,
|
|
1287
|
-
dbName: next
|
|
1288
|
-
};
|
|
1289
|
-
}
|
|
1290
|
-
isDisabled() {
|
|
1291
|
-
return this.disabled;
|
|
1292
|
-
}
|
|
1293
|
-
setDisabled(disabled) {
|
|
1294
|
-
const next = !!disabled;
|
|
1295
|
-
if (next === this.disabled) return;
|
|
1296
|
-
this.disabled = next;
|
|
1297
|
-
if (next) {
|
|
1298
|
-
try {
|
|
1299
|
-
this.db?.close?.();
|
|
1300
|
-
} catch {}
|
|
1301
|
-
this.db = null;
|
|
1302
|
-
}
|
|
1303
|
-
}
|
|
1304
|
-
/**
|
|
1305
|
-
* Get database connection, initializing if necessary
|
|
1306
|
-
*/
|
|
1307
|
-
async getDB() {
|
|
1308
|
-
if (this.disabled) throw new Error("[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.");
|
|
1309
|
-
if (this.db) return this.db;
|
|
1310
|
-
this.db = await openDB(this.config.dbName, this.config.dbVersion, {
|
|
1311
|
-
upgrade(db) {
|
|
1312
|
-
try {
|
|
1313
|
-
if (db.objectStoreNames.contains(DB_CONFIG.storeName)) db.deleteObjectStore(DB_CONFIG.storeName);
|
|
1314
|
-
} catch {}
|
|
1315
|
-
const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });
|
|
1316
|
-
try {
|
|
1317
|
-
store.createIndex("nearAccountId", "nearAccountId", { unique: false });
|
|
1318
|
-
} catch {}
|
|
1319
|
-
},
|
|
1320
|
-
blocked() {
|
|
1321
|
-
console.warn("PasskeyNearKeysDB connection is blocked.");
|
|
1322
|
-
},
|
|
1323
|
-
blocking() {
|
|
1324
|
-
console.warn("PasskeyNearKeysDB connection is blocking another connection.");
|
|
1325
|
-
},
|
|
1326
|
-
terminated: () => {
|
|
1327
|
-
console.warn("PasskeyNearKeysDB connection has been terminated.");
|
|
1328
|
-
this.db = null;
|
|
1329
|
-
}
|
|
1330
|
-
});
|
|
1331
|
-
return this.db;
|
|
1332
|
-
}
|
|
1333
|
-
/**
|
|
1334
|
-
* Store encrypted key data
|
|
1335
|
-
*/
|
|
1336
|
-
async storeEncryptedKey(data) {
|
|
1337
|
-
const db = await this.getDB();
|
|
1338
|
-
if (!data.chacha20NonceB64u) throw new Error("PasskeyNearKeysDB: Missing chacha20NonceB64u");
|
|
1339
|
-
await db.put(this.config.storeName, data);
|
|
1340
|
-
}
|
|
1341
|
-
/**
|
|
1342
|
-
* Retrieve encrypted key data
|
|
1343
|
-
*/
|
|
1344
|
-
async getEncryptedKey(nearAccountId, deviceNumber) {
|
|
1345
|
-
const db = await this.getDB();
|
|
1346
|
-
const sanitize = (rec) => {
|
|
1347
|
-
if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
|
|
1348
|
-
return {
|
|
1349
|
-
nearAccountId: rec.nearAccountId,
|
|
1350
|
-
deviceNumber: rec.deviceNumber,
|
|
1351
|
-
encryptedData: rec.encryptedData,
|
|
1352
|
-
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1353
|
-
wrapKeySalt: rec.wrapKeySalt,
|
|
1354
|
-
version: rec.version,
|
|
1355
|
-
timestamp: rec.timestamp
|
|
1356
|
-
};
|
|
1357
|
-
};
|
|
1358
|
-
if (typeof deviceNumber === "number") {
|
|
1359
|
-
const res = await db.get(this.config.storeName, [nearAccountId, deviceNumber]);
|
|
1360
|
-
const direct = sanitize(res);
|
|
1361
|
-
if (direct) return direct;
|
|
1362
|
-
if (nearAccountId !== "_init_check") console.warn("PasskeyNearKeysDB: getEncryptedKey - No result for device", deviceNumber, "→ falling back to any key for account");
|
|
1363
|
-
try {
|
|
1364
|
-
const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
|
|
1365
|
-
const all = await idx.getAll(nearAccountId);
|
|
1366
|
-
if (Array.isArray(all) && all.length > 0) {
|
|
1367
|
-
const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
|
|
1368
|
-
return sanitize(latest);
|
|
1369
|
-
}
|
|
1370
|
-
} catch {}
|
|
1371
|
-
return null;
|
|
1372
|
-
}
|
|
1373
|
-
try {
|
|
1374
|
-
const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
|
|
1375
|
-
const all = await idx.getAll(nearAccountId);
|
|
1376
|
-
if (Array.isArray(all) && all.length > 0) {
|
|
1377
|
-
const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
|
|
1378
|
-
return sanitize(latest);
|
|
1379
|
-
}
|
|
1380
|
-
} catch {}
|
|
1381
|
-
return null;
|
|
1382
|
-
}
|
|
1383
|
-
/**
|
|
1384
|
-
* Verify key storage by attempting retrieval
|
|
1385
|
-
*/
|
|
1386
|
-
async verifyKeyStorage(nearAccountId, deviceNumber) {
|
|
1387
|
-
const retrievedKey = await this.getEncryptedKey(nearAccountId, deviceNumber);
|
|
1388
|
-
return !!retrievedKey;
|
|
1389
|
-
}
|
|
1390
|
-
/**
|
|
1391
|
-
* Delete encrypted key data for a specific account
|
|
1392
|
-
*/
|
|
1393
|
-
async deleteEncryptedKey(nearAccountId, deviceNumber) {
|
|
1394
|
-
const db = await this.getDB();
|
|
1395
|
-
if (typeof deviceNumber === "number") await db.delete(this.config.storeName, [nearAccountId, deviceNumber]);
|
|
1396
|
-
else {
|
|
1397
|
-
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1398
|
-
const idx = tx.store.index("nearAccountId");
|
|
1399
|
-
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1400
|
-
while (cursor) {
|
|
1401
|
-
await tx.store.delete(cursor.primaryKey);
|
|
1402
|
-
cursor = await cursor.continue();
|
|
1403
|
-
}
|
|
1404
|
-
await tx.done;
|
|
1405
|
-
}
|
|
1406
|
-
console.debug("PasskeyNearKeysDB: deleteEncryptedKey - Successfully deleted");
|
|
1407
|
-
}
|
|
1408
|
-
/**
|
|
1409
|
-
* Get all encrypted keys (for migration or debugging purposes)
|
|
1410
|
-
*/
|
|
1411
|
-
async getAllEncryptedKeys() {
|
|
1412
|
-
const db = await this.getDB();
|
|
1413
|
-
const all = await db.getAll(this.config.storeName);
|
|
1414
|
-
return all.map((rec) => {
|
|
1415
|
-
if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
|
|
1416
|
-
return {
|
|
1417
|
-
nearAccountId: rec.nearAccountId,
|
|
1418
|
-
deviceNumber: rec.deviceNumber,
|
|
1419
|
-
encryptedData: rec.encryptedData,
|
|
1420
|
-
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1421
|
-
wrapKeySalt: rec.wrapKeySalt,
|
|
1422
|
-
version: rec.version,
|
|
1423
|
-
timestamp: rec.timestamp
|
|
1424
|
-
};
|
|
1425
|
-
}).filter((rec) => rec !== null);
|
|
1426
|
-
}
|
|
1427
|
-
/**
|
|
1428
|
-
* Check if a key exists for the given account
|
|
1429
|
-
*/
|
|
1430
|
-
async hasEncryptedKey(nearAccountId, deviceNumber) {
|
|
1431
|
-
const keyData = await this.getEncryptedKey(nearAccountId, deviceNumber);
|
|
1432
|
-
return !!keyData;
|
|
1433
|
-
}
|
|
1434
|
-
};
|
|
1435
|
-
|
|
1436
|
-
//#endregion
|
|
1437
|
-
//#region src/core/IndexedDBManager/index.ts
|
|
1438
|
-
const passkeyClientDB = new PasskeyClientDBManager();
|
|
1439
|
-
const passkeyNearKeysDB = new PasskeyNearKeysDBManager();
|
|
1440
|
-
/**
|
|
1441
|
-
* Unified IndexedDB interface providing access to both databases
|
|
1442
|
-
* This allows centralized access while maintaining separation of concerns
|
|
1443
|
-
*/
|
|
1444
|
-
var UnifiedIndexedDBManager = class {
|
|
1445
|
-
clientDB;
|
|
1446
|
-
nearKeysDB;
|
|
1447
|
-
_initialized = false;
|
|
1448
|
-
constructor() {
|
|
1449
|
-
this.clientDB = passkeyClientDB;
|
|
1450
|
-
this.nearKeysDB = passkeyNearKeysDB;
|
|
1451
|
-
}
|
|
1452
|
-
/**
|
|
1453
|
-
* Initialize both databases proactively
|
|
1454
|
-
* This ensures both databases are created and ready for use
|
|
1455
|
-
*/
|
|
1456
|
-
async initialize() {
|
|
1457
|
-
if (this._initialized) return;
|
|
1458
|
-
try {
|
|
1459
|
-
if (this.clientDB.isDisabled() || this.nearKeysDB.isDisabled()) {
|
|
1460
|
-
this._initialized = true;
|
|
1461
|
-
return;
|
|
1462
|
-
}
|
|
1463
|
-
await Promise.all([this.clientDB.getAppState("_init_check"), this.nearKeysDB.hasEncryptedKey("_init_check", 1)]);
|
|
1464
|
-
this._initialized = true;
|
|
1465
|
-
} catch (error) {
|
|
1466
|
-
console.warn("Failed to initialize IndexedDB databases:", error);
|
|
1467
|
-
}
|
|
1468
|
-
}
|
|
1469
|
-
/**
|
|
1470
|
-
* Check if databases have been initialized
|
|
1471
|
-
*/
|
|
1472
|
-
get isInitialized() {
|
|
1473
|
-
return this._initialized;
|
|
1474
|
-
}
|
|
1475
|
-
/**
|
|
1476
|
-
* Get user data and check if they have encrypted NEAR keys
|
|
1477
|
-
*/
|
|
1478
|
-
async getUserWithKeys(nearAccountId) {
|
|
1479
|
-
const last = await this.clientDB.getLastUser();
|
|
1480
|
-
const userData = last && last.nearAccountId === nearAccountId ? last : await this.clientDB.getUserByDevice(nearAccountId, 1);
|
|
1481
|
-
const deviceNumber = last && last.nearAccountId === nearAccountId ? last.deviceNumber : userData?.deviceNumber;
|
|
1482
|
-
const [hasKeys, keyData] = await Promise.all([this.nearKeysDB.hasEncryptedKey(nearAccountId, deviceNumber), this.nearKeysDB.getEncryptedKey(nearAccountId, deviceNumber)]);
|
|
1483
|
-
return {
|
|
1484
|
-
userData,
|
|
1485
|
-
hasKeys,
|
|
1486
|
-
keyData: hasKeys ? keyData : void 0
|
|
1487
|
-
};
|
|
1488
|
-
}
|
|
1489
|
-
async setDerivedAddress(nearAccountId, args) {
|
|
1490
|
-
return this.clientDB.setDerivedAddress(nearAccountId, args);
|
|
1491
|
-
}
|
|
1492
|
-
async getDerivedAddressRecord(nearAccountId, args) {
|
|
1493
|
-
return this.clientDB.getDerivedAddressRecord(nearAccountId, args);
|
|
1494
|
-
}
|
|
1495
|
-
async getDerivedAddress(nearAccountId, args) {
|
|
1496
|
-
return this.clientDB.getDerivedAddress(nearAccountId, args);
|
|
1497
|
-
}
|
|
1498
|
-
async upsertRecoveryEmails(nearAccountId, entries) {
|
|
1499
|
-
return this.clientDB.upsertRecoveryEmails(nearAccountId, entries);
|
|
1500
|
-
}
|
|
1501
|
-
async getRecoveryEmails(nearAccountId) {
|
|
1502
|
-
return this.clientDB.getRecoveryEmails(nearAccountId);
|
|
1503
|
-
}
|
|
1504
|
-
};
|
|
1505
|
-
const IndexedDBManager = new UnifiedIndexedDBManager();
|
|
1506
|
-
|
|
1507
898
|
//#endregion
|
|
1508
899
|
//#region ../node_modules/.pnpm/base-x@5.0.1/node_modules/base-x/src/esm/index.js
|
|
1509
900
|
function base(ALPHABET$1) {
|
|
@@ -1679,25 +1070,423 @@ const hasActiveUserActivation = () => {
|
|
|
1679
1070
|
} catch {
|
|
1680
1071
|
return false;
|
|
1681
1072
|
}
|
|
1682
|
-
};
|
|
1683
|
-
/**
|
|
1684
|
-
* Heuristic: when on Safari/iOS or on a mobile device AND no active user
|
|
1685
|
-
* activation, we should surface a clickable UI to capture activation.
|
|
1686
|
-
*/
|
|
1687
|
-
const needsExplicitActivation = () => {
|
|
1688
|
-
try {
|
|
1689
|
-
if (hasActiveUserActivation()) return false;
|
|
1690
|
-
return isIOS() || isMobileDevice() || isSafari();
|
|
1691
|
-
} catch {
|
|
1692
|
-
return false;
|
|
1073
|
+
};
|
|
1074
|
+
/**
|
|
1075
|
+
* Heuristic: when on Safari/iOS or on a mobile device AND no active user
|
|
1076
|
+
* activation, we should surface a clickable UI to capture activation.
|
|
1077
|
+
*/
|
|
1078
|
+
const needsExplicitActivation = () => {
|
|
1079
|
+
try {
|
|
1080
|
+
if (hasActiveUserActivation()) return false;
|
|
1081
|
+
return isIOS() || isMobileDevice() || isSafari();
|
|
1082
|
+
} catch {
|
|
1083
|
+
return false;
|
|
1084
|
+
}
|
|
1085
|
+
};
|
|
1086
|
+
/**
|
|
1087
|
+
* Check if the current device is likely mobile
|
|
1088
|
+
*/
|
|
1089
|
+
const isMobileDevice = () => {
|
|
1090
|
+
return detectDeviceType() === "mobile";
|
|
1091
|
+
};
|
|
1092
|
+
|
|
1093
|
+
//#endregion
|
|
1094
|
+
//#region src/threshold/participants.ts
|
|
1095
|
+
function normalizeThresholdEd25519ParticipantId(id) {
|
|
1096
|
+
const n = Number(id);
|
|
1097
|
+
if (!Number.isSafeInteger(n) || n < 1 || n > 65535) return null;
|
|
1098
|
+
return n;
|
|
1099
|
+
}
|
|
1100
|
+
function normalizeThresholdEd25519ParticipantIds(input) {
|
|
1101
|
+
if (!Array.isArray(input) || input.length === 0) return null;
|
|
1102
|
+
const out = [];
|
|
1103
|
+
const seen = /* @__PURE__ */ new Set();
|
|
1104
|
+
for (const v of input) {
|
|
1105
|
+
const id = normalizeThresholdEd25519ParticipantId(v);
|
|
1106
|
+
if (!id) return null;
|
|
1107
|
+
if (!seen.has(id)) {
|
|
1108
|
+
seen.add(id);
|
|
1109
|
+
out.push(id);
|
|
1110
|
+
}
|
|
1111
|
+
}
|
|
1112
|
+
out.sort((a, b) => a - b);
|
|
1113
|
+
return out.length ? out : null;
|
|
1114
|
+
}
|
|
1115
|
+
function parseThresholdEd25519ParticipantsV1(input) {
|
|
1116
|
+
if (!Array.isArray(input) || input.length === 0) return null;
|
|
1117
|
+
const out = [];
|
|
1118
|
+
for (const item of input) {
|
|
1119
|
+
if (!item || typeof item !== "object" || Array.isArray(item)) return null;
|
|
1120
|
+
const rec = item;
|
|
1121
|
+
const id = normalizeThresholdEd25519ParticipantId(rec.id);
|
|
1122
|
+
const role = toOptionalTrimmedString(rec.role);
|
|
1123
|
+
if (!id || role !== "client" && role !== "relayer") return null;
|
|
1124
|
+
const participant = {
|
|
1125
|
+
id,
|
|
1126
|
+
role
|
|
1127
|
+
};
|
|
1128
|
+
const relayerUrl = toOptionalTrimmedString(rec.relayerUrl);
|
|
1129
|
+
if (relayerUrl) participant.relayerUrl = relayerUrl;
|
|
1130
|
+
const relayerKeyId = toOptionalTrimmedString(rec.relayerKeyId);
|
|
1131
|
+
if (relayerKeyId) participant.relayerKeyId = relayerKeyId;
|
|
1132
|
+
const verifyingShareB64u = toOptionalTrimmedString(rec.verifyingShareB64u);
|
|
1133
|
+
if (verifyingShareB64u) participant.verifyingShareB64u = verifyingShareB64u;
|
|
1134
|
+
const shareDerivation = toOptionalTrimmedString(rec.shareDerivation);
|
|
1135
|
+
if (shareDerivation === "prf_first_v1" || shareDerivation === "derived_master_secret_v1" || shareDerivation === "kv_random_v1" || shareDerivation === "unknown") participant.shareDerivation = shareDerivation;
|
|
1136
|
+
out.push(participant);
|
|
1137
|
+
}
|
|
1138
|
+
return out.length ? out : null;
|
|
1139
|
+
}
|
|
1140
|
+
function buildThresholdEd25519Participants2pV1(input) {
|
|
1141
|
+
const relayerKeyId = toOptionalTrimmedString(input.relayerKeyId);
|
|
1142
|
+
const relayerUrl = toOptionalTrimmedString(input.relayerUrl);
|
|
1143
|
+
const clientVerifyingShareB64u = toOptionalTrimmedString(input.clientVerifyingShareB64u);
|
|
1144
|
+
const relayerVerifyingShareB64u = toOptionalTrimmedString(input.relayerVerifyingShareB64u);
|
|
1145
|
+
const clientParticipantId = normalizeThresholdEd25519ParticipantId(input.clientParticipantId) ?? THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID;
|
|
1146
|
+
const relayerParticipantId = normalizeThresholdEd25519ParticipantId(input.relayerParticipantId) ?? THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID;
|
|
1147
|
+
const client = {
|
|
1148
|
+
id: clientParticipantId,
|
|
1149
|
+
role: "client",
|
|
1150
|
+
...clientVerifyingShareB64u ? { verifyingShareB64u: clientVerifyingShareB64u } : {},
|
|
1151
|
+
shareDerivation: input.clientShareDerivation || "prf_first_v1"
|
|
1152
|
+
};
|
|
1153
|
+
const relayer = {
|
|
1154
|
+
id: relayerParticipantId,
|
|
1155
|
+
role: "relayer",
|
|
1156
|
+
...relayerUrl ? { relayerUrl } : {},
|
|
1157
|
+
...relayerKeyId ? { relayerKeyId } : {},
|
|
1158
|
+
...relayerVerifyingShareB64u ? { verifyingShareB64u: relayerVerifyingShareB64u } : {},
|
|
1159
|
+
...input.relayerShareDerivation ? { shareDerivation: input.relayerShareDerivation } : {}
|
|
1160
|
+
};
|
|
1161
|
+
return [client, relayer];
|
|
1162
|
+
}
|
|
1163
|
+
|
|
1164
|
+
//#endregion
|
|
1165
|
+
//#region src/core/IndexedDBManager/passkeyNearKeysDB.ts
|
|
1166
|
+
const DB_CONFIG = {
|
|
1167
|
+
dbName: "PasskeyNearKeys",
|
|
1168
|
+
dbVersion: 4,
|
|
1169
|
+
storeName: "keyMaterial",
|
|
1170
|
+
keyPath: [
|
|
1171
|
+
"nearAccountId",
|
|
1172
|
+
"deviceNumber",
|
|
1173
|
+
"kind"
|
|
1174
|
+
]
|
|
1175
|
+
};
|
|
1176
|
+
var PasskeyNearKeysDBManager = class {
|
|
1177
|
+
config;
|
|
1178
|
+
db = null;
|
|
1179
|
+
disabled = false;
|
|
1180
|
+
constructor(config = DB_CONFIG) {
|
|
1181
|
+
this.config = config;
|
|
1182
|
+
}
|
|
1183
|
+
getDbName() {
|
|
1184
|
+
return this.config.dbName;
|
|
1185
|
+
}
|
|
1186
|
+
setDbName(dbName) {
|
|
1187
|
+
const next = String(dbName || "").trim();
|
|
1188
|
+
if (!next || next === this.config.dbName) return;
|
|
1189
|
+
try {
|
|
1190
|
+
this.db?.close?.();
|
|
1191
|
+
} catch {}
|
|
1192
|
+
this.db = null;
|
|
1193
|
+
this.config = {
|
|
1194
|
+
...this.config,
|
|
1195
|
+
dbName: next
|
|
1196
|
+
};
|
|
1197
|
+
}
|
|
1198
|
+
isDisabled() {
|
|
1199
|
+
return this.disabled;
|
|
1200
|
+
}
|
|
1201
|
+
setDisabled(disabled) {
|
|
1202
|
+
const next = !!disabled;
|
|
1203
|
+
if (next === this.disabled) return;
|
|
1204
|
+
this.disabled = next;
|
|
1205
|
+
if (next) {
|
|
1206
|
+
try {
|
|
1207
|
+
this.db?.close?.();
|
|
1208
|
+
} catch {}
|
|
1209
|
+
this.db = null;
|
|
1210
|
+
}
|
|
1211
|
+
}
|
|
1212
|
+
/**
|
|
1213
|
+
* Get database connection, initializing if necessary
|
|
1214
|
+
*/
|
|
1215
|
+
async getDB() {
|
|
1216
|
+
if (this.disabled) throw new Error("[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.");
|
|
1217
|
+
if (this.db) return this.db;
|
|
1218
|
+
this.db = await openDB(this.config.dbName, this.config.dbVersion, {
|
|
1219
|
+
upgrade(db) {
|
|
1220
|
+
for (const name of ["encryptedKeys", DB_CONFIG.storeName]) try {
|
|
1221
|
+
if (db.objectStoreNames.contains(name)) db.deleteObjectStore(name);
|
|
1222
|
+
} catch {}
|
|
1223
|
+
const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });
|
|
1224
|
+
try {
|
|
1225
|
+
store.createIndex("nearAccountId", "nearAccountId", { unique: false });
|
|
1226
|
+
} catch {}
|
|
1227
|
+
try {
|
|
1228
|
+
store.createIndex("publicKey", "publicKey", { unique: false });
|
|
1229
|
+
} catch {}
|
|
1230
|
+
try {
|
|
1231
|
+
store.createIndex("kind", "kind", { unique: false });
|
|
1232
|
+
} catch {}
|
|
1233
|
+
},
|
|
1234
|
+
blocked() {
|
|
1235
|
+
console.warn("PasskeyNearKeysDB connection is blocked.");
|
|
1236
|
+
},
|
|
1237
|
+
blocking() {
|
|
1238
|
+
console.warn("PasskeyNearKeysDB connection is blocking another connection.");
|
|
1239
|
+
},
|
|
1240
|
+
terminated: () => {
|
|
1241
|
+
console.warn("PasskeyNearKeysDB connection has been terminated.");
|
|
1242
|
+
this.db = null;
|
|
1243
|
+
}
|
|
1244
|
+
});
|
|
1245
|
+
return this.db;
|
|
1246
|
+
}
|
|
1247
|
+
/**
|
|
1248
|
+
* Store encrypted key data
|
|
1249
|
+
*/
|
|
1250
|
+
async storeKeyMaterial(data) {
|
|
1251
|
+
const db = await this.getDB();
|
|
1252
|
+
if (!data.wrapKeySalt) throw new Error("PasskeyNearKeysDB: Missing wrapKeySalt");
|
|
1253
|
+
if (!data.publicKey) throw new Error("PasskeyNearKeysDB: Missing publicKey");
|
|
1254
|
+
if (data.kind === "local_near_sk_v3") {
|
|
1255
|
+
if (!data.encryptedSk) throw new Error("PasskeyNearKeysDB: Missing encryptedSk for local_near_sk_v3");
|
|
1256
|
+
if (!data.chacha20NonceB64u) throw new Error("PasskeyNearKeysDB: Missing chacha20NonceB64u for local_near_sk_v3");
|
|
1257
|
+
} else if (data.kind === "threshold_ed25519_2p_v1") {
|
|
1258
|
+
if (!data.relayerKeyId) throw new Error("PasskeyNearKeysDB: Missing relayerKeyId for threshold_ed25519_2p_v1");
|
|
1259
|
+
if (!data.clientShareDerivation) throw new Error("PasskeyNearKeysDB: Missing clientShareDerivation for threshold_ed25519_2p_v1");
|
|
1260
|
+
const parsed = parseThresholdEd25519ParticipantsV1(data.participants);
|
|
1261
|
+
data.participants = parsed || buildThresholdEd25519Participants2pV1({
|
|
1262
|
+
relayerKeyId: data.relayerKeyId,
|
|
1263
|
+
clientShareDerivation: data.clientShareDerivation
|
|
1264
|
+
});
|
|
1265
|
+
}
|
|
1266
|
+
await db.put(this.config.storeName, data);
|
|
1267
|
+
}
|
|
1268
|
+
/**
|
|
1269
|
+
* Retrieve encrypted key data
|
|
1270
|
+
*/
|
|
1271
|
+
async getKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1272
|
+
const db = await this.getDB();
|
|
1273
|
+
if (!kind) throw new Error("PasskeyNearKeysDB: kind is required (no fallback lookup is allowed)");
|
|
1274
|
+
const sanitize = (rec) => {
|
|
1275
|
+
const kind$1 = rec?.kind;
|
|
1276
|
+
if (!rec?.nearAccountId || typeof rec?.deviceNumber !== "number") return null;
|
|
1277
|
+
if (!kind$1) return null;
|
|
1278
|
+
if (!rec?.publicKey || !rec?.wrapKeySalt || typeof rec?.timestamp !== "number") return null;
|
|
1279
|
+
if (kind$1 === "local_near_sk_v3") {
|
|
1280
|
+
if (!rec?.encryptedSk || !rec?.chacha20NonceB64u) return null;
|
|
1281
|
+
return {
|
|
1282
|
+
nearAccountId: rec.nearAccountId,
|
|
1283
|
+
deviceNumber: rec.deviceNumber,
|
|
1284
|
+
kind: kind$1,
|
|
1285
|
+
publicKey: rec.publicKey,
|
|
1286
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1287
|
+
encryptedSk: rec.encryptedSk,
|
|
1288
|
+
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1289
|
+
timestamp: rec.timestamp
|
|
1290
|
+
};
|
|
1291
|
+
}
|
|
1292
|
+
if (kind$1 === "threshold_ed25519_2p_v1") {
|
|
1293
|
+
if (!rec?.relayerKeyId || !rec?.clientShareDerivation) return null;
|
|
1294
|
+
const participants = parseThresholdEd25519ParticipantsV1(rec.participants) || buildThresholdEd25519Participants2pV1({
|
|
1295
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1296
|
+
clientShareDerivation: rec.clientShareDerivation
|
|
1297
|
+
});
|
|
1298
|
+
return {
|
|
1299
|
+
nearAccountId: rec.nearAccountId,
|
|
1300
|
+
deviceNumber: rec.deviceNumber,
|
|
1301
|
+
kind: kind$1,
|
|
1302
|
+
publicKey: rec.publicKey,
|
|
1303
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1304
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1305
|
+
clientShareDerivation: rec.clientShareDerivation,
|
|
1306
|
+
participants,
|
|
1307
|
+
timestamp: rec.timestamp
|
|
1308
|
+
};
|
|
1309
|
+
}
|
|
1310
|
+
return null;
|
|
1311
|
+
};
|
|
1312
|
+
const res = await db.get(this.config.storeName, [
|
|
1313
|
+
nearAccountId,
|
|
1314
|
+
deviceNumber,
|
|
1315
|
+
kind
|
|
1316
|
+
]);
|
|
1317
|
+
return sanitize(res);
|
|
1318
|
+
}
|
|
1319
|
+
async getLocalKeyMaterial(nearAccountId, deviceNumber) {
|
|
1320
|
+
const rec = await this.getKeyMaterial(nearAccountId, deviceNumber, "local_near_sk_v3");
|
|
1321
|
+
return rec?.kind === "local_near_sk_v3" ? rec : null;
|
|
1322
|
+
}
|
|
1323
|
+
async getThresholdKeyMaterial(nearAccountId, deviceNumber) {
|
|
1324
|
+
const rec = await this.getKeyMaterial(nearAccountId, deviceNumber, "threshold_ed25519_2p_v1");
|
|
1325
|
+
return rec?.kind === "threshold_ed25519_2p_v1" ? rec : null;
|
|
1326
|
+
}
|
|
1327
|
+
/**
|
|
1328
|
+
* Verify key storage by attempting retrieval
|
|
1329
|
+
*/
|
|
1330
|
+
async verifyKeyStorage(nearAccountId, deviceNumber, kind) {
|
|
1331
|
+
const retrievedKey = await this.getKeyMaterial(nearAccountId, deviceNumber, kind);
|
|
1332
|
+
return !!retrievedKey;
|
|
1333
|
+
}
|
|
1334
|
+
/**
|
|
1335
|
+
* Delete encrypted key data for a specific account
|
|
1336
|
+
*/
|
|
1337
|
+
async deleteKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1338
|
+
const db = await this.getDB();
|
|
1339
|
+
if (typeof deviceNumber === "number" && kind) await db.delete(this.config.storeName, [
|
|
1340
|
+
nearAccountId,
|
|
1341
|
+
deviceNumber,
|
|
1342
|
+
kind
|
|
1343
|
+
]);
|
|
1344
|
+
else if (typeof deviceNumber === "number") {
|
|
1345
|
+
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1346
|
+
const idx = tx.store.index("nearAccountId");
|
|
1347
|
+
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1348
|
+
while (cursor) {
|
|
1349
|
+
const value = cursor.value;
|
|
1350
|
+
if (value?.deviceNumber === deviceNumber) await tx.store.delete(cursor.primaryKey);
|
|
1351
|
+
cursor = await cursor.continue();
|
|
1352
|
+
}
|
|
1353
|
+
await tx.done;
|
|
1354
|
+
} else {
|
|
1355
|
+
const tx = db.transaction(this.config.storeName, "readwrite");
|
|
1356
|
+
const idx = tx.store.index("nearAccountId");
|
|
1357
|
+
let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
|
|
1358
|
+
while (cursor) {
|
|
1359
|
+
await tx.store.delete(cursor.primaryKey);
|
|
1360
|
+
cursor = await cursor.continue();
|
|
1361
|
+
}
|
|
1362
|
+
await tx.done;
|
|
1363
|
+
}
|
|
1364
|
+
console.debug("PasskeyNearKeysDB: deleteKeyMaterial - Successfully deleted");
|
|
1365
|
+
}
|
|
1366
|
+
/**
|
|
1367
|
+
* Get all encrypted keys (for migration or debugging purposes)
|
|
1368
|
+
*/
|
|
1369
|
+
async getAllKeyMaterial() {
|
|
1370
|
+
const db = await this.getDB();
|
|
1371
|
+
const all = await db.getAll(this.config.storeName);
|
|
1372
|
+
return all.map((rec) => {
|
|
1373
|
+
const kind = rec?.kind;
|
|
1374
|
+
if (!kind) return null;
|
|
1375
|
+
if (kind === "local_near_sk_v3") {
|
|
1376
|
+
if (!rec?.encryptedSk || !rec?.chacha20NonceB64u) return null;
|
|
1377
|
+
return {
|
|
1378
|
+
nearAccountId: rec.nearAccountId,
|
|
1379
|
+
deviceNumber: rec.deviceNumber,
|
|
1380
|
+
kind,
|
|
1381
|
+
publicKey: rec.publicKey,
|
|
1382
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1383
|
+
encryptedSk: rec.encryptedSk,
|
|
1384
|
+
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
1385
|
+
timestamp: rec.timestamp
|
|
1386
|
+
};
|
|
1387
|
+
}
|
|
1388
|
+
if (kind === "threshold_ed25519_2p_v1") {
|
|
1389
|
+
if (!rec?.relayerKeyId || !rec?.clientShareDerivation) return null;
|
|
1390
|
+
const participants = parseThresholdEd25519ParticipantsV1(rec.participants) || buildThresholdEd25519Participants2pV1({
|
|
1391
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1392
|
+
clientShareDerivation: rec.clientShareDerivation
|
|
1393
|
+
});
|
|
1394
|
+
return {
|
|
1395
|
+
nearAccountId: rec.nearAccountId,
|
|
1396
|
+
deviceNumber: rec.deviceNumber,
|
|
1397
|
+
kind,
|
|
1398
|
+
publicKey: rec.publicKey,
|
|
1399
|
+
wrapKeySalt: rec.wrapKeySalt,
|
|
1400
|
+
relayerKeyId: rec.relayerKeyId,
|
|
1401
|
+
clientShareDerivation: rec.clientShareDerivation,
|
|
1402
|
+
participants,
|
|
1403
|
+
timestamp: rec.timestamp
|
|
1404
|
+
};
|
|
1405
|
+
}
|
|
1406
|
+
return null;
|
|
1407
|
+
}).filter((rec) => rec !== null);
|
|
1408
|
+
}
|
|
1409
|
+
/**
|
|
1410
|
+
* Check if a key exists for the given account
|
|
1411
|
+
*/
|
|
1412
|
+
async hasKeyMaterial(nearAccountId, deviceNumber, kind) {
|
|
1413
|
+
const keyData = await this.getKeyMaterial(nearAccountId, deviceNumber, kind);
|
|
1414
|
+
return !!keyData;
|
|
1415
|
+
}
|
|
1416
|
+
};
|
|
1417
|
+
|
|
1418
|
+
//#endregion
|
|
1419
|
+
//#region src/core/IndexedDBManager/index.ts
|
|
1420
|
+
const passkeyClientDB = new PasskeyClientDBManager();
|
|
1421
|
+
const passkeyNearKeysDB = new PasskeyNearKeysDBManager();
|
|
1422
|
+
/**
|
|
1423
|
+
* Unified IndexedDB interface providing access to both databases
|
|
1424
|
+
* This allows centralized access while maintaining separation of concerns
|
|
1425
|
+
*/
|
|
1426
|
+
var UnifiedIndexedDBManager = class {
|
|
1427
|
+
clientDB;
|
|
1428
|
+
nearKeysDB;
|
|
1429
|
+
_initialized = false;
|
|
1430
|
+
constructor() {
|
|
1431
|
+
this.clientDB = passkeyClientDB;
|
|
1432
|
+
this.nearKeysDB = passkeyNearKeysDB;
|
|
1433
|
+
}
|
|
1434
|
+
/**
|
|
1435
|
+
* Initialize both databases proactively
|
|
1436
|
+
* This ensures both databases are created and ready for use
|
|
1437
|
+
*/
|
|
1438
|
+
async initialize() {
|
|
1439
|
+
if (this._initialized) return;
|
|
1440
|
+
try {
|
|
1441
|
+
if (this.clientDB.isDisabled() || this.nearKeysDB.isDisabled()) {
|
|
1442
|
+
this._initialized = true;
|
|
1443
|
+
return;
|
|
1444
|
+
}
|
|
1445
|
+
await Promise.all([this.clientDB.getAppState("_init_check"), this.nearKeysDB.hasKeyMaterial("_init_check", 1, "local_near_sk_v3")]);
|
|
1446
|
+
this._initialized = true;
|
|
1447
|
+
} catch (error) {
|
|
1448
|
+
console.warn("Failed to initialize IndexedDB databases:", error);
|
|
1449
|
+
}
|
|
1450
|
+
}
|
|
1451
|
+
/**
|
|
1452
|
+
* Check if databases have been initialized
|
|
1453
|
+
*/
|
|
1454
|
+
get isInitialized() {
|
|
1455
|
+
return this._initialized;
|
|
1456
|
+
}
|
|
1457
|
+
/**
|
|
1458
|
+
* Get user data and check if they have encrypted NEAR keys
|
|
1459
|
+
*/
|
|
1460
|
+
async getUserWithKeys(nearAccountId) {
|
|
1461
|
+
const last = await this.clientDB.getLastUser();
|
|
1462
|
+
const userData = last && last.nearAccountId === nearAccountId ? last : await this.clientDB.getUserByDevice(nearAccountId, 1);
|
|
1463
|
+
const deviceNumber = last && last.nearAccountId === nearAccountId ? last.deviceNumber : userData?.deviceNumber;
|
|
1464
|
+
const [local, threshold] = await Promise.all([this.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), this.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
1465
|
+
const keyData = local ?? threshold;
|
|
1466
|
+
const hasKeys = !!keyData;
|
|
1467
|
+
return {
|
|
1468
|
+
userData,
|
|
1469
|
+
hasKeys,
|
|
1470
|
+
keyMaterial: hasKeys ? keyData : void 0
|
|
1471
|
+
};
|
|
1472
|
+
}
|
|
1473
|
+
async setDerivedAddress(nearAccountId, args) {
|
|
1474
|
+
return this.clientDB.setDerivedAddress(nearAccountId, args);
|
|
1475
|
+
}
|
|
1476
|
+
async getDerivedAddressRecord(nearAccountId, args) {
|
|
1477
|
+
return this.clientDB.getDerivedAddressRecord(nearAccountId, args);
|
|
1478
|
+
}
|
|
1479
|
+
async getDerivedAddress(nearAccountId, args) {
|
|
1480
|
+
return this.clientDB.getDerivedAddress(nearAccountId, args);
|
|
1481
|
+
}
|
|
1482
|
+
async upsertRecoveryEmails(nearAccountId, entries) {
|
|
1483
|
+
return this.clientDB.upsertRecoveryEmails(nearAccountId, entries);
|
|
1484
|
+
}
|
|
1485
|
+
async getRecoveryEmails(nearAccountId) {
|
|
1486
|
+
return this.clientDB.getRecoveryEmails(nearAccountId);
|
|
1693
1487
|
}
|
|
1694
1488
|
};
|
|
1695
|
-
|
|
1696
|
-
* Check if the current device is likely mobile
|
|
1697
|
-
*/
|
|
1698
|
-
const isMobileDevice = () => {
|
|
1699
|
-
return detectDeviceType() === "mobile";
|
|
1700
|
-
};
|
|
1489
|
+
const IndexedDBManager = new UnifiedIndexedDBManager();
|
|
1701
1490
|
|
|
1702
1491
|
//#endregion
|
|
1703
1492
|
//#region src/core/NearRpcError.ts
|
|
@@ -1816,6 +1605,7 @@ function describeTxExecution(operationName, exec) {
|
|
|
1816
1605
|
const DEFAULT_WAIT_STATUS = {
|
|
1817
1606
|
executeAction: "EXECUTED_OPTIMISTIC",
|
|
1818
1607
|
linkDeviceAddKey: "INCLUDED_FINAL",
|
|
1608
|
+
thresholdAddKey: "EXECUTED_OPTIMISTIC",
|
|
1819
1609
|
linkDeviceSwapKey: "FINAL",
|
|
1820
1610
|
linkDeviceAccountMapping: "INCLUDED_FINAL",
|
|
1821
1611
|
linkDeviceDeleteKey: "INCLUDED_FINAL",
|
|
@@ -2032,6 +1822,13 @@ var MinimalNearClient = class MinimalNearClient {
|
|
|
2032
1822
|
}
|
|
2033
1823
|
throw lastError instanceof Error ? lastError : new Error(String(lastError));
|
|
2034
1824
|
}
|
|
1825
|
+
async txStatus(txHash, senderAccountId) {
|
|
1826
|
+
const params = {
|
|
1827
|
+
tx_hash: txHash,
|
|
1828
|
+
sender_account_id: senderAccountId
|
|
1829
|
+
};
|
|
1830
|
+
return this.makeRpcCall("EXPERIMENTAL_tx_status", params, "Tx Status");
|
|
1831
|
+
}
|
|
2035
1832
|
async callFunction(contractId, method, args, blockQuery) {
|
|
2036
1833
|
const rpcParams = {
|
|
2037
1834
|
request_type: "call_function",
|
|
@@ -2165,25 +1962,44 @@ const DEVICE_LINKING_CONFIG = {
|
|
|
2165
1962
|
RETRY: { MAX_REGISTRATION_ATTEMPTS: 5 }
|
|
2166
1963
|
};
|
|
2167
1964
|
|
|
1965
|
+
//#endregion
|
|
1966
|
+
//#region src/core/sdkPaths/base.ts
|
|
1967
|
+
const W3A_WALLET_SDK_BASE_EVENT = "W3A_WALLET_SDK_BASE_CHANGED";
|
|
1968
|
+
/**
|
|
1969
|
+
* @param cb - Callback invoked with the new absolute base URL when it changes.
|
|
1970
|
+
* @returns Unsubscribe function to remove the listener.
|
|
1971
|
+
*/
|
|
1972
|
+
function onEmbeddedBaseChange(cb) {
|
|
1973
|
+
if (typeof window === "undefined") return () => {};
|
|
1974
|
+
const handler = (e) => {
|
|
1975
|
+
const d = e.detail;
|
|
1976
|
+
if (typeof d === "string" && d.length > 0) cb(d);
|
|
1977
|
+
};
|
|
1978
|
+
window.addEventListener(W3A_WALLET_SDK_BASE_EVENT, handler, { passive: true });
|
|
1979
|
+
return () => window.removeEventListener(W3A_WALLET_SDK_BASE_EVENT, handler);
|
|
1980
|
+
}
|
|
1981
|
+
|
|
2168
1982
|
//#endregion
|
|
2169
1983
|
//#region src/core/sdkPaths/workers.ts
|
|
2170
1984
|
/**
|
|
2171
1985
|
* Resolve the base origin for worker scripts.
|
|
2172
1986
|
* Priority:
|
|
2173
|
-
* 1) window.__W3A_WALLET_SDK_BASE__ (absolute `${walletOrigin}${sdkBasePath}/`) → take its origin
|
|
1987
|
+
* 1) window.__W3A_WALLET_SDK_BASE__ (absolute `${walletOrigin}${sdkBasePath}/`) → take its origin (only if same-origin)
|
|
2174
1988
|
* 2) window.location.origin (host/app origin)
|
|
2175
1989
|
*
|
|
2176
1990
|
* @returns The origin (protocol + host [+ port]) used to resolve worker script URLs.
|
|
2177
1991
|
* Prefers the wallet SDK base origin; falls back to the current window origin.
|
|
2178
1992
|
*/
|
|
2179
1993
|
function resolveWorkerBaseOrigin() {
|
|
2180
|
-
|
|
2181
|
-
if (typeof window !== "undefined" && window.location?.origin) origin = window.location.origin;
|
|
1994
|
+
const currentOrigin = typeof window !== "undefined" && window.location?.origin ? window.location.origin : "";
|
|
2182
1995
|
try {
|
|
2183
1996
|
const embeddedBase = window?.__W3A_WALLET_SDK_BASE__;
|
|
2184
|
-
if (embeddedBase)
|
|
1997
|
+
if (embeddedBase) {
|
|
1998
|
+
const embeddedOrigin = new URL(embeddedBase, currentOrigin || "https://invalid.local").origin;
|
|
1999
|
+
if (embeddedOrigin === currentOrigin) return embeddedOrigin;
|
|
2000
|
+
}
|
|
2185
2001
|
} catch {}
|
|
2186
|
-
return
|
|
2002
|
+
return currentOrigin;
|
|
2187
2003
|
}
|
|
2188
2004
|
function resolveWorkerUrl(input, opts) {
|
|
2189
2005
|
const worker = opts.worker;
|
|
@@ -2224,13 +2040,24 @@ const WorkerControlMessage = {
|
|
|
2224
2040
|
|
|
2225
2041
|
//#endregion
|
|
2226
2042
|
//#region src/core/WebAuthnManager/SignerWorkerManager/sessionMessages.ts
|
|
2043
|
+
function asSessionMessage(msg) {
|
|
2044
|
+
if (!isObject$1(msg)) return null;
|
|
2045
|
+
if (typeof msg.type !== "string") return null;
|
|
2046
|
+
if (msg.sessionId != null && typeof msg.sessionId !== "string") return null;
|
|
2047
|
+
if (msg.error != null && typeof msg.error !== "string") return null;
|
|
2048
|
+
return msg;
|
|
2049
|
+
}
|
|
2227
2050
|
/**
|
|
2228
2051
|
* Type guard to check if a message is a control message.
|
|
2229
2052
|
*/
|
|
2230
2053
|
function isSignerWorkerControlMessage(msg) {
|
|
2231
2054
|
if (!isObject$1(msg) || typeof msg.type !== "string") return false;
|
|
2232
|
-
|
|
2233
|
-
|
|
2055
|
+
switch (msg.type) {
|
|
2056
|
+
case WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_OK: return typeof msg.sessionId === "string";
|
|
2057
|
+
case WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_ERROR: return typeof msg.sessionId === "string" && typeof msg.error === "string";
|
|
2058
|
+
case WorkerControlMessage.WORKER_READY: return typeof msg.ready === "boolean";
|
|
2059
|
+
default: return false;
|
|
2060
|
+
}
|
|
2234
2061
|
}
|
|
2235
2062
|
function isObject$1(value) {
|
|
2236
2063
|
return typeof value === "object" && value !== null;
|
|
@@ -2252,8 +2079,8 @@ function waitForSessionMessage(worker, options) {
|
|
|
2252
2079
|
reject(/* @__PURE__ */ new Error(`Timeout waiting for session message (${successTypes.join("|")})${sessionId ? ` for session ${sessionId}` : ""}`));
|
|
2253
2080
|
}, timeoutMs);
|
|
2254
2081
|
const messageHandler = (event) => {
|
|
2255
|
-
const msg = event.data;
|
|
2256
|
-
if (!msg
|
|
2082
|
+
const msg = asSessionMessage(event.data);
|
|
2083
|
+
if (!msg) return;
|
|
2257
2084
|
if (sessionId && msg.sessionId !== sessionId) return;
|
|
2258
2085
|
if (errorType && msg.type === errorType) {
|
|
2259
2086
|
cleanup();
|
|
@@ -2299,8 +2126,73 @@ function waitForWrapKeyPortAttach(worker, sessionId, timeoutMs = 2e3) {
|
|
|
2299
2126
|
});
|
|
2300
2127
|
}
|
|
2301
2128
|
|
|
2129
|
+
//#endregion
|
|
2130
|
+
//#region src/core/types/sdkSentEvents.ts
|
|
2131
|
+
let RegistrationPhase = /* @__PURE__ */ function(RegistrationPhase$1) {
|
|
2132
|
+
RegistrationPhase$1["STEP_1_WEBAUTHN_VERIFICATION"] = "webauthn-verification";
|
|
2133
|
+
RegistrationPhase$1["STEP_2_KEY_GENERATION"] = "key-generation";
|
|
2134
|
+
RegistrationPhase$1["STEP_3_CONTRACT_PRE_CHECK"] = "contract-pre-check";
|
|
2135
|
+
RegistrationPhase$1["STEP_4_ACCESS_KEY_ADDITION"] = "access-key-addition";
|
|
2136
|
+
RegistrationPhase$1["STEP_5_CONTRACT_REGISTRATION"] = "contract-registration";
|
|
2137
|
+
RegistrationPhase$1["STEP_6_ACCOUNT_VERIFICATION"] = "account-verification";
|
|
2138
|
+
RegistrationPhase$1["STEP_7_DATABASE_STORAGE"] = "database-storage";
|
|
2139
|
+
RegistrationPhase$1["STEP_8_REGISTRATION_COMPLETE"] = "registration-complete";
|
|
2140
|
+
RegistrationPhase$1["REGISTRATION_ERROR"] = "error";
|
|
2141
|
+
return RegistrationPhase$1;
|
|
2142
|
+
}({});
|
|
2143
|
+
let RegistrationStatus = /* @__PURE__ */ function(RegistrationStatus$1) {
|
|
2144
|
+
RegistrationStatus$1["PROGRESS"] = "progress";
|
|
2145
|
+
RegistrationStatus$1["SUCCESS"] = "success";
|
|
2146
|
+
RegistrationStatus$1["ERROR"] = "error";
|
|
2147
|
+
return RegistrationStatus$1;
|
|
2148
|
+
}({});
|
|
2149
|
+
|
|
2302
2150
|
//#endregion
|
|
2303
2151
|
//#region src/core/rpcCalls.ts
|
|
2152
|
+
function sleep(ms) {
|
|
2153
|
+
return new Promise((res) => setTimeout(res, ms));
|
|
2154
|
+
}
|
|
2155
|
+
function isAccessKeyNotFoundError(err) {
|
|
2156
|
+
const msg = String(errorMessage(err) || "").toLowerCase();
|
|
2157
|
+
if (!msg) return false;
|
|
2158
|
+
if (msg.includes("unknown access key") || msg.includes("unknown_access_key") || msg.includes("unknownaccesskey")) return true;
|
|
2159
|
+
if (msg.includes("accesskeydoesnotexist")) return true;
|
|
2160
|
+
if (msg.includes("access key does not exist")) return true;
|
|
2161
|
+
if (msg.includes("access key doesn't exist")) return true;
|
|
2162
|
+
if (msg.includes("access key not found")) return true;
|
|
2163
|
+
if (msg.includes("no such access key")) return true;
|
|
2164
|
+
if (msg.includes("viewing access key") && msg.includes("does not exist") && !msg.includes("account")) return true;
|
|
2165
|
+
return false;
|
|
2166
|
+
}
|
|
2167
|
+
async function hasAccessKey(nearClient, nearAccountId, publicKey, opts) {
|
|
2168
|
+
const expected = ensureEd25519Prefix(publicKey);
|
|
2169
|
+
if (!expected) return false;
|
|
2170
|
+
const attempts = Math.max(1, Math.floor(opts?.attempts ?? 6));
|
|
2171
|
+
const delayMs = Math.max(50, Math.floor(opts?.delayMs ?? 750));
|
|
2172
|
+
for (let i = 0; i < attempts; i++) {
|
|
2173
|
+
try {
|
|
2174
|
+
await nearClient.viewAccessKey(nearAccountId, expected);
|
|
2175
|
+
return true;
|
|
2176
|
+
} catch {}
|
|
2177
|
+
if (i < attempts - 1) await sleep(delayMs);
|
|
2178
|
+
}
|
|
2179
|
+
return false;
|
|
2180
|
+
}
|
|
2181
|
+
async function waitForAccessKeyAbsent(nearClient, nearAccountId, publicKey, opts) {
|
|
2182
|
+
const expected = ensureEd25519Prefix(publicKey);
|
|
2183
|
+
if (!expected) return true;
|
|
2184
|
+
const attempts = Math.max(1, Math.floor(opts?.attempts ?? 6));
|
|
2185
|
+
const delayMs = Math.max(50, Math.floor(opts?.delayMs ?? 650));
|
|
2186
|
+
for (let i = 0; i < attempts; i++) {
|
|
2187
|
+
try {
|
|
2188
|
+
await nearClient.viewAccessKey(nearAccountId, expected);
|
|
2189
|
+
} catch (err) {
|
|
2190
|
+
if (isAccessKeyNotFoundError(err)) return true;
|
|
2191
|
+
}
|
|
2192
|
+
if (i < attempts - 1) await sleep(delayMs);
|
|
2193
|
+
}
|
|
2194
|
+
return false;
|
|
2195
|
+
}
|
|
2304
2196
|
/**
|
|
2305
2197
|
* View-only registration pre-check.
|
|
2306
2198
|
*
|
|
@@ -2310,6 +2202,10 @@ function waitForWrapKeyPortAttach(worker, sessionId, timeoutMs = 2e3) {
|
|
|
2310
2202
|
*/
|
|
2311
2203
|
async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfChallenge, credential, authenticatorOptions }) {
|
|
2312
2204
|
try {
|
|
2205
|
+
const intent_digest_32 = Array.from(base64UrlDecode(vrfChallenge.intentDigest || ""));
|
|
2206
|
+
if (intent_digest_32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
2207
|
+
const session_policy_digest_32 = vrfChallenge.sessionPolicyDigest32 ? Array.from(base64UrlDecode(vrfChallenge.sessionPolicyDigest32)) : [];
|
|
2208
|
+
if (session_policy_digest_32.length !== 0 && session_policy_digest_32.length !== 32) throw new Error("Invalid vrfChallenge.sessionPolicyDigest32 (expected base64url-encoded 32 bytes)");
|
|
2313
2209
|
const vrfData = {
|
|
2314
2210
|
vrf_input_data: Array.from(base64UrlDecode(vrfChallenge.vrfInput)),
|
|
2315
2211
|
vrf_output: Array.from(base64UrlDecode(vrfChallenge.vrfOutput)),
|
|
@@ -2318,7 +2214,9 @@ async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfCha
|
|
|
2318
2214
|
user_id: vrfChallenge.userId,
|
|
2319
2215
|
rp_id: vrfChallenge.rpId,
|
|
2320
2216
|
block_height: Number(vrfChallenge.blockHeight),
|
|
2321
|
-
block_hash: Array.from(base64UrlDecode(vrfChallenge.blockHash))
|
|
2217
|
+
block_hash: Array.from(base64UrlDecode(vrfChallenge.blockHash)),
|
|
2218
|
+
intent_digest_32,
|
|
2219
|
+
...session_policy_digest_32.length ? { session_policy_digest_32 } : {}
|
|
2322
2220
|
};
|
|
2323
2221
|
const args = {
|
|
2324
2222
|
vrf_data: vrfData,
|
|
@@ -2342,6 +2240,78 @@ async function checkCanRegisterUserContractCall({ nearClient, contractId, vrfCha
|
|
|
2342
2240
|
};
|
|
2343
2241
|
}
|
|
2344
2242
|
}
|
|
2243
|
+
async function thresholdEd25519Keygen(relayServerUrl, vrfChallenge, webauthnAuthentication, args) {
|
|
2244
|
+
try {
|
|
2245
|
+
const base$1 = String(relayServerUrl || "").trim().replace(/\/$/, "");
|
|
2246
|
+
if (!base$1) throw new Error("Missing relayServerUrl");
|
|
2247
|
+
const clientVerifyingShareB64u = String(args.clientVerifyingShareB64u || "").trim();
|
|
2248
|
+
if (!clientVerifyingShareB64u) throw new Error("Missing clientVerifyingShareB64u");
|
|
2249
|
+
const nearAccountId = String(args.nearAccountId || "").trim();
|
|
2250
|
+
if (!nearAccountId) throw new Error("Missing nearAccountId");
|
|
2251
|
+
const toBytes = (b64u) => {
|
|
2252
|
+
if (!b64u) return [];
|
|
2253
|
+
return Array.from(base64UrlDecode(b64u));
|
|
2254
|
+
};
|
|
2255
|
+
const intent_digest_32 = toBytes(vrfChallenge.intentDigest);
|
|
2256
|
+
if (intent_digest_32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
2257
|
+
const vrf_data = {
|
|
2258
|
+
vrf_input_data: toBytes(vrfChallenge.vrfInput),
|
|
2259
|
+
vrf_output: toBytes(vrfChallenge.vrfOutput),
|
|
2260
|
+
vrf_proof: toBytes(vrfChallenge.vrfProof),
|
|
2261
|
+
public_key: toBytes(vrfChallenge.vrfPublicKey),
|
|
2262
|
+
user_id: vrfChallenge.userId,
|
|
2263
|
+
rp_id: vrfChallenge.rpId,
|
|
2264
|
+
block_height: Number(vrfChallenge.blockHeight || 0),
|
|
2265
|
+
block_hash: toBytes(vrfChallenge.blockHash),
|
|
2266
|
+
intent_digest_32
|
|
2267
|
+
};
|
|
2268
|
+
const webauthn_authentication = {
|
|
2269
|
+
...webauthnAuthentication,
|
|
2270
|
+
authenticatorAttachment: webauthnAuthentication.authenticatorAttachment ?? null,
|
|
2271
|
+
response: {
|
|
2272
|
+
...webauthnAuthentication.response,
|
|
2273
|
+
userHandle: webauthnAuthentication.response.userHandle ?? null
|
|
2274
|
+
},
|
|
2275
|
+
clientExtensionResults: null
|
|
2276
|
+
};
|
|
2277
|
+
const url = `${base$1}/threshold-ed25519/keygen`;
|
|
2278
|
+
const response = await fetch(url, {
|
|
2279
|
+
method: "POST",
|
|
2280
|
+
headers: { "Content-Type": "application/json" },
|
|
2281
|
+
credentials: "include",
|
|
2282
|
+
body: JSON.stringify({
|
|
2283
|
+
clientVerifyingShareB64u,
|
|
2284
|
+
nearAccountId,
|
|
2285
|
+
vrf_data,
|
|
2286
|
+
webauthn_authentication
|
|
2287
|
+
})
|
|
2288
|
+
});
|
|
2289
|
+
if (!response.ok) {
|
|
2290
|
+
const errorText = await response.text();
|
|
2291
|
+
return {
|
|
2292
|
+
ok: false,
|
|
2293
|
+
error: `HTTP ${response.status}: ${errorText}`
|
|
2294
|
+
};
|
|
2295
|
+
}
|
|
2296
|
+
const json = await response.json();
|
|
2297
|
+
return {
|
|
2298
|
+
ok: !!json?.ok,
|
|
2299
|
+
clientParticipantId: json?.clientParticipantId,
|
|
2300
|
+
relayerParticipantId: json?.relayerParticipantId,
|
|
2301
|
+
participantIds: json?.participantIds,
|
|
2302
|
+
relayerKeyId: json?.relayerKeyId,
|
|
2303
|
+
publicKey: json?.publicKey,
|
|
2304
|
+
relayerVerifyingShareB64u: json?.relayerVerifyingShareB64u,
|
|
2305
|
+
code: json?.code,
|
|
2306
|
+
message: json?.message
|
|
2307
|
+
};
|
|
2308
|
+
} catch (error) {
|
|
2309
|
+
return {
|
|
2310
|
+
ok: false,
|
|
2311
|
+
error: error?.message || "Failed to keygen threshold-ed25519"
|
|
2312
|
+
};
|
|
2313
|
+
}
|
|
2314
|
+
}
|
|
2345
2315
|
|
|
2346
2316
|
//#endregion
|
|
2347
2317
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/checkCanRegisterUser.ts
|
|
@@ -2357,9 +2327,9 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
|
|
|
2357
2327
|
const resolvedContractId = contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;
|
|
2358
2328
|
onEvent?.({
|
|
2359
2329
|
step: 3,
|
|
2360
|
-
phase:
|
|
2361
|
-
status:
|
|
2362
|
-
message: "
|
|
2330
|
+
phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
|
|
2331
|
+
status: RegistrationStatus.PROGRESS,
|
|
2332
|
+
message: "Running webauthn contract registration checks..."
|
|
2363
2333
|
});
|
|
2364
2334
|
const strippedCredential = removePrfOutputGuard(serializedCredential);
|
|
2365
2335
|
const result = await checkCanRegisterUserContractCall({
|
|
@@ -2378,9 +2348,10 @@ async function checkCanRegisterUser({ ctx, vrfChallenge, credential, contractId,
|
|
|
2378
2348
|
};
|
|
2379
2349
|
onEvent?.({
|
|
2380
2350
|
step: 3,
|
|
2381
|
-
phase:
|
|
2382
|
-
status: result.verified ?
|
|
2383
|
-
message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed"
|
|
2351
|
+
phase: RegistrationPhase.STEP_3_CONTRACT_PRE_CHECK,
|
|
2352
|
+
status: result.verified ? RegistrationStatus.SUCCESS : RegistrationStatus.ERROR,
|
|
2353
|
+
message: result.verified ? "Registration pre-check succeeded" : result.error || "Registration pre-check failed",
|
|
2354
|
+
...result.verified ? {} : { error: result.error || "Registration pre-check failed" }
|
|
2384
2355
|
});
|
|
2385
2356
|
return {
|
|
2386
2357
|
success: true,
|
|
@@ -2448,6 +2419,7 @@ const DEFAULT_AUTHENTICATOR_OPTIONS = {
|
|
|
2448
2419
|
function withSessionId(sessionId, payload) {
|
|
2449
2420
|
if (!sessionId) throw new Error("withSessionId: sessionId is required");
|
|
2450
2421
|
const existing = payload?.sessionId;
|
|
2422
|
+
if (existing != null && typeof existing !== "string") throw new Error("withSessionId: payload.sessionId must be a string when provided");
|
|
2451
2423
|
if (existing && existing !== sessionId) throw new Error(`withSessionId: payload.sessionId (${existing}) does not match provided sessionId (${sessionId})`);
|
|
2452
2424
|
return {
|
|
2453
2425
|
...payload,
|
|
@@ -2480,21 +2452,22 @@ async function deriveNearKeypairAndEncryptFromSerialized({ ctx, credential, near
|
|
|
2480
2452
|
});
|
|
2481
2453
|
if (!isDeriveNearKeypairAndEncryptSuccess(response)) throw new Error("Dual PRF registration (from serialized) failed");
|
|
2482
2454
|
const wasmResult = response.payload;
|
|
2483
|
-
const version = wasmResult.version ?? 2;
|
|
2484
2455
|
const wrapKeySaltPersisted = wasmResult.wrapKeySalt;
|
|
2456
|
+
if (!wrapKeySaltPersisted) throw new Error("Missing wrapKeySalt in deriveNearKeypairAndEncrypt result");
|
|
2485
2457
|
const deviceNumber = typeof options?.deviceNumber === "number" ? options.deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2486
2458
|
const chacha20NonceB64u = wasmResult.chacha20NonceB64u;
|
|
2487
2459
|
if (!chacha20NonceB64u) throw new Error("Missing chacha20NonceB64u in deriveNearKeypairAndEncrypt result");
|
|
2488
|
-
const
|
|
2460
|
+
const keyMaterial = {
|
|
2461
|
+
kind: "local_near_sk_v3",
|
|
2489
2462
|
nearAccountId,
|
|
2490
2463
|
deviceNumber,
|
|
2491
|
-
|
|
2464
|
+
publicKey: wasmResult.publicKey,
|
|
2465
|
+
encryptedSk: wasmResult.encryptedData,
|
|
2492
2466
|
chacha20NonceB64u,
|
|
2493
2467
|
wrapKeySalt: wrapKeySaltPersisted,
|
|
2494
|
-
version,
|
|
2495
2468
|
timestamp: Date.now()
|
|
2496
2469
|
};
|
|
2497
|
-
await ctx.indexedDB.nearKeysDB.
|
|
2470
|
+
await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
2498
2471
|
return {
|
|
2499
2472
|
success: true,
|
|
2500
2473
|
nearAccountId: toAccountId(wasmResult.nearAccountId),
|
|
@@ -2520,16 +2493,16 @@ async function decryptPrivateKeyWithPrf({ ctx, nearAccountId, authenticators, se
|
|
|
2520
2493
|
try {
|
|
2521
2494
|
console.info("WebAuthnManager: Starting private key decryption with dual PRF (local operation)");
|
|
2522
2495
|
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2523
|
-
const
|
|
2524
|
-
if (!
|
|
2496
|
+
const keyMaterial = await ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
2497
|
+
if (!keyMaterial) throw new Error(`No key material found for account: ${nearAccountId}`);
|
|
2525
2498
|
const response = await ctx.sendMessage({
|
|
2526
2499
|
sessionId,
|
|
2527
2500
|
message: {
|
|
2528
2501
|
type: WorkerRequestType.DecryptPrivateKeyWithPrf,
|
|
2529
2502
|
payload: withSessionId(sessionId, {
|
|
2530
2503
|
nearAccountId,
|
|
2531
|
-
encryptedPrivateKeyData:
|
|
2532
|
-
encryptedPrivateKeyChacha20NonceB64u:
|
|
2504
|
+
encryptedPrivateKeyData: keyMaterial.encryptedSk,
|
|
2505
|
+
encryptedPrivateKeyChacha20NonceB64u: keyMaterial.chacha20NonceB64u
|
|
2533
2506
|
})
|
|
2534
2507
|
}
|
|
2535
2508
|
});
|
|
@@ -2577,122 +2550,461 @@ const generateSessionId = () => {
|
|
|
2577
2550
|
return typeof crypto !== "undefined" && typeof crypto.randomUUID === "function" ? crypto.randomUUID() : `sign-session-${Date.now()}-${Math.random().toString(16).slice(2)}`;
|
|
2578
2551
|
};
|
|
2579
2552
|
|
|
2553
|
+
//#endregion
|
|
2554
|
+
//#region src/core/threshold/thresholdEd25519RelayerHealth.ts
|
|
2555
|
+
const DEFAULT_CACHE_TTL_MS = 6e4;
|
|
2556
|
+
const cache = /* @__PURE__ */ new Map();
|
|
2557
|
+
const inFlight = /* @__PURE__ */ new Map();
|
|
2558
|
+
const DEFAULT_WARN_TTL_MS = 10 * 6e4;
|
|
2559
|
+
const MAX_WARN_KEYS = 1e3;
|
|
2560
|
+
const warnedUnsupportedRelayerByKey = /* @__PURE__ */ new Map();
|
|
2561
|
+
async function isRelayerThresholdEd25519ConfiguredBase(base$1, opts) {
|
|
2562
|
+
if (!base$1) return false;
|
|
2563
|
+
if (typeof fetch !== "function") return false;
|
|
2564
|
+
const ttlMs = Math.max(0, Number(opts?.cacheTtlMs ?? DEFAULT_CACHE_TTL_MS));
|
|
2565
|
+
const now = Date.now();
|
|
2566
|
+
const cached = cache.get(base$1);
|
|
2567
|
+
if (cached && cached.expiresAtMs > now) return cached.configured;
|
|
2568
|
+
const existing = inFlight.get(base$1);
|
|
2569
|
+
if (existing) return existing;
|
|
2570
|
+
const req = (async () => {
|
|
2571
|
+
try {
|
|
2572
|
+
const res = await fetch(`${base$1}/threshold-ed25519/healthz`, { method: "GET" });
|
|
2573
|
+
if (!res.ok) {
|
|
2574
|
+
cache.set(base$1, {
|
|
2575
|
+
configured: false,
|
|
2576
|
+
expiresAtMs: now + ttlMs
|
|
2577
|
+
});
|
|
2578
|
+
return false;
|
|
2579
|
+
}
|
|
2580
|
+
const data = await res.json().catch(() => null);
|
|
2581
|
+
const configured = data?.configured === true;
|
|
2582
|
+
cache.set(base$1, {
|
|
2583
|
+
configured,
|
|
2584
|
+
expiresAtMs: now + ttlMs
|
|
2585
|
+
});
|
|
2586
|
+
return configured;
|
|
2587
|
+
} catch {
|
|
2588
|
+
cache.set(base$1, {
|
|
2589
|
+
configured: false,
|
|
2590
|
+
expiresAtMs: now + ttlMs
|
|
2591
|
+
});
|
|
2592
|
+
return false;
|
|
2593
|
+
} finally {
|
|
2594
|
+
inFlight.delete(base$1);
|
|
2595
|
+
}
|
|
2596
|
+
})();
|
|
2597
|
+
inFlight.set(base$1, req);
|
|
2598
|
+
return req;
|
|
2599
|
+
}
|
|
2600
|
+
function coerceThresholdBehavior(input) {
|
|
2601
|
+
return input === "fallback" || input === "strict" ? input : DEFAULT_THRESHOLD_BEHAVIOR;
|
|
2602
|
+
}
|
|
2603
|
+
function pruneWarned(nowMs) {
|
|
2604
|
+
if (warnedUnsupportedRelayerByKey.size <= MAX_WARN_KEYS) return;
|
|
2605
|
+
for (const [key, expiresAtMs] of warnedUnsupportedRelayerByKey.entries()) if (expiresAtMs <= nowMs) warnedUnsupportedRelayerByKey.delete(key);
|
|
2606
|
+
while (warnedUnsupportedRelayerByKey.size > MAX_WARN_KEYS) {
|
|
2607
|
+
const first = warnedUnsupportedRelayerByKey.keys().next().value;
|
|
2608
|
+
if (!first) break;
|
|
2609
|
+
warnedUnsupportedRelayerByKey.delete(first);
|
|
2610
|
+
}
|
|
2611
|
+
}
|
|
2612
|
+
function warnOnce(key, message, opts) {
|
|
2613
|
+
const nowMs = Date.now();
|
|
2614
|
+
const ttlMs = Math.max(0, Math.floor(opts?.warnTtlMs ?? DEFAULT_WARN_TTL_MS));
|
|
2615
|
+
if (ttlMs === 0) return;
|
|
2616
|
+
pruneWarned(nowMs);
|
|
2617
|
+
const existing = warnedUnsupportedRelayerByKey.get(key);
|
|
2618
|
+
if (existing && existing > nowMs) return;
|
|
2619
|
+
warnedUnsupportedRelayerByKey.set(key, nowMs + ttlMs);
|
|
2620
|
+
console.warn(message);
|
|
2621
|
+
opts?.warnings?.push(message);
|
|
2622
|
+
}
|
|
2623
|
+
async function fallbackToLocalSignerIfRelayerUnsupported(args) {
|
|
2624
|
+
const requested = args.signerMode.mode;
|
|
2625
|
+
if (requested !== "threshold-signer") return requested;
|
|
2626
|
+
const base$1 = stripTrailingSlashes(toTrimmedString(args.relayerUrl));
|
|
2627
|
+
const behavior = coerceThresholdBehavior(getThresholdBehaviorFromSignerMode(args.signerMode));
|
|
2628
|
+
const configured = await isRelayerThresholdEd25519ConfiguredBase(base$1, { cacheTtlMs: args.cacheTtlMs });
|
|
2629
|
+
if (configured) return requested;
|
|
2630
|
+
const msg = "[WebAuthnManager] signerMode=threshold-signer requested but the relayer does not support threshold signing";
|
|
2631
|
+
if (behavior === "fallback") {
|
|
2632
|
+
warnOnce(`${args.nearAccountId}|${base$1}`, `${msg}; falling back to local-signer`, {
|
|
2633
|
+
warnTtlMs: args.warnTtlMs,
|
|
2634
|
+
warnings: args.warnings
|
|
2635
|
+
});
|
|
2636
|
+
return "local-signer";
|
|
2637
|
+
}
|
|
2638
|
+
throw new Error(`${msg}; set signerMode={ mode: 'threshold-signer', behavior: 'fallback' } to allow local-signer fallback`);
|
|
2639
|
+
}
|
|
2640
|
+
async function resolveSignerModeForThresholdSigning(args) {
|
|
2641
|
+
const requested = args.signerMode.mode;
|
|
2642
|
+
if (requested !== "threshold-signer") return requested;
|
|
2643
|
+
const behavior = coerceThresholdBehavior(getThresholdBehaviorFromSignerMode(args.signerMode));
|
|
2644
|
+
if (!args.hasThresholdKeyMaterial) {
|
|
2645
|
+
const msg = "[WebAuthnManager] signerMode=threshold-signer requested but threshold key material is unavailable";
|
|
2646
|
+
if (behavior === "fallback") {
|
|
2647
|
+
warnOnce(`${args.nearAccountId}|threshold-key-material-missing`, `${msg}; falling back to local-signer`, {
|
|
2648
|
+
warnTtlMs: args.warnTtlMs,
|
|
2649
|
+
warnings: args.warnings
|
|
2650
|
+
});
|
|
2651
|
+
return "local-signer";
|
|
2652
|
+
}
|
|
2653
|
+
throw new Error(`${msg}; set signerMode={ mode: 'threshold-signer', behavior: 'fallback' } to allow local-signer fallback`);
|
|
2654
|
+
}
|
|
2655
|
+
return fallbackToLocalSignerIfRelayerUnsupported({
|
|
2656
|
+
nearAccountId: args.nearAccountId,
|
|
2657
|
+
signerMode: args.signerMode,
|
|
2658
|
+
relayerUrl: args.relayerUrl,
|
|
2659
|
+
warnings: args.warnings,
|
|
2660
|
+
cacheTtlMs: args.cacheTtlMs,
|
|
2661
|
+
warnTtlMs: args.warnTtlMs
|
|
2662
|
+
});
|
|
2663
|
+
}
|
|
2664
|
+
|
|
2665
|
+
//#endregion
|
|
2666
|
+
//#region src/core/threshold/thresholdEd25519AuthSession.ts
|
|
2667
|
+
const authSessionCache = /* @__PURE__ */ new Map();
|
|
2668
|
+
function makeThresholdEd25519AuthSessionCacheKey(args) {
|
|
2669
|
+
const relayerUrl = stripTrailingSlashes(toTrimmedString(args.relayerUrl));
|
|
2670
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(args.participantIds);
|
|
2671
|
+
return [
|
|
2672
|
+
String(args.nearAccountId || "").trim(),
|
|
2673
|
+
String(args.rpId || "").trim(),
|
|
2674
|
+
relayerUrl,
|
|
2675
|
+
String(args.relayerKeyId || "").trim(),
|
|
2676
|
+
...participantIds ? [participantIds.join(",")] : []
|
|
2677
|
+
].join("|");
|
|
2678
|
+
}
|
|
2679
|
+
function getCachedThresholdEd25519AuthSession(cacheKey) {
|
|
2680
|
+
const entry = authSessionCache.get(cacheKey);
|
|
2681
|
+
if (!entry) return null;
|
|
2682
|
+
if (typeof entry.expiresAtMs === "number" && Number.isFinite(entry.expiresAtMs) && Date.now() >= entry.expiresAtMs) {
|
|
2683
|
+
authSessionCache.delete(cacheKey);
|
|
2684
|
+
return null;
|
|
2685
|
+
}
|
|
2686
|
+
return entry;
|
|
2687
|
+
}
|
|
2688
|
+
function clearCachedThresholdEd25519AuthSession(cacheKey) {
|
|
2689
|
+
authSessionCache.delete(cacheKey);
|
|
2690
|
+
}
|
|
2691
|
+
function getCachedThresholdEd25519AuthSessionJwt(cacheKey) {
|
|
2692
|
+
const cached = getCachedThresholdEd25519AuthSession(cacheKey);
|
|
2693
|
+
const jwt = cached?.jwt;
|
|
2694
|
+
if (typeof jwt === "string") {
|
|
2695
|
+
const trimmed = jwt.trim();
|
|
2696
|
+
if (trimmed) return trimmed;
|
|
2697
|
+
}
|
|
2698
|
+
if (cached) clearCachedThresholdEd25519AuthSession(cacheKey);
|
|
2699
|
+
return void 0;
|
|
2700
|
+
}
|
|
2701
|
+
|
|
2702
|
+
//#endregion
|
|
2703
|
+
//#region src/core/threshold/thresholdSessionPolicy.ts
|
|
2704
|
+
const THRESHOLD_SESSION_POLICY_MAX_TTL_MS = 10 * 6e4;
|
|
2705
|
+
const DEFAULT_THRESHOLD_SESSION_POLICY = {
|
|
2706
|
+
ttlMs: 5 * 6e4,
|
|
2707
|
+
remainingUses: 5
|
|
2708
|
+
};
|
|
2709
|
+
function isThresholdSessionAuthUnavailableError(err) {
|
|
2710
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
2711
|
+
return msg.includes("no cached threshold session token") || msg.includes("relayer threshold session expired") || msg.includes("threshold session exhausted") || msg.includes("threshold session expired") || msg.includes("Missing or invalid threshold session token") || msg.includes("Invalid session token kind") || msg.includes("/authorize HTTP 401") || msg.includes("/authorize HTTP 403");
|
|
2712
|
+
}
|
|
2713
|
+
function isThresholdSignerMissingKeyError(err) {
|
|
2714
|
+
const msg = (err instanceof Error ? err.message : String(err)).toLowerCase();
|
|
2715
|
+
return msg.includes("\"code\":\"missing_key\"") || msg.includes("missing_key") || msg.includes("unknown relayerkeyid") || msg.includes("call /threshold-ed25519/keygen");
|
|
2716
|
+
}
|
|
2717
|
+
|
|
2580
2718
|
//#endregion
|
|
2581
2719
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/signTransactionsWithActions.ts
|
|
2582
2720
|
/**
|
|
2583
2721
|
* Sign multiple transactions with shared VRF challenge and credential
|
|
2584
2722
|
* Efficiently processes multiple transactions with one PRF authentication
|
|
2585
2723
|
*/
|
|
2586
|
-
async function signTransactionsWithActions({ ctx, transactions, rpcCall, onEvent, confirmationConfigOverride, title, body
|
|
2587
|
-
|
|
2588
|
-
|
|
2589
|
-
|
|
2590
|
-
|
|
2591
|
-
|
|
2592
|
-
|
|
2593
|
-
try {
|
|
2594
|
-
validateActionArgsWasm(action);
|
|
2595
|
-
} catch (error) {
|
|
2596
|
-
throw new Error(`Transaction ${txIndex}, Action ${actionIndex} validation failed: ${error instanceof Error ? error.message : "Unknown error"}`);
|
|
2597
|
-
}
|
|
2598
|
-
});
|
|
2724
|
+
async function signTransactionsWithActions({ ctx, sessionId: providedSessionId, transactions, rpcCall, signerMode, onEvent, confirmationConfigOverride, title, body }) {
|
|
2725
|
+
const sessionId = providedSessionId ?? generateSessionId();
|
|
2726
|
+
const nearAccountId = rpcCall.nearAccountId;
|
|
2727
|
+
const relayerUrl = ctx.relayerUrl;
|
|
2728
|
+
transactions.forEach((txPayload) => {
|
|
2729
|
+
txPayload.actions.forEach((action) => {
|
|
2730
|
+
validateActionArgsWasm(action);
|
|
2599
2731
|
});
|
|
2600
|
-
|
|
2601
|
-
|
|
2602
|
-
|
|
2603
|
-
|
|
2604
|
-
|
|
2605
|
-
|
|
2606
|
-
|
|
2607
|
-
|
|
2608
|
-
|
|
2609
|
-
|
|
2610
|
-
|
|
2611
|
-
|
|
2612
|
-
|
|
2613
|
-
|
|
2614
|
-
|
|
2732
|
+
});
|
|
2733
|
+
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2734
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
2735
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
2736
|
+
const warnings = [];
|
|
2737
|
+
const thresholdBehavior = getThresholdBehaviorFromSignerMode(signerMode);
|
|
2738
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
2739
|
+
nearAccountId,
|
|
2740
|
+
signerMode,
|
|
2741
|
+
relayerUrl,
|
|
2742
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial,
|
|
2743
|
+
warnings
|
|
2744
|
+
});
|
|
2745
|
+
console.debug("[signTransactionsWithActions] resolvedSignerMode", {
|
|
2746
|
+
nearAccountId,
|
|
2747
|
+
resolvedSignerMode,
|
|
2748
|
+
warnings
|
|
2749
|
+
});
|
|
2750
|
+
const signingContext = validateAndPrepareSigningContext({
|
|
2751
|
+
nearAccountId,
|
|
2752
|
+
resolvedSignerMode,
|
|
2753
|
+
relayerUrl,
|
|
2754
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
2755
|
+
localKeyMaterial,
|
|
2756
|
+
thresholdKeyMaterial
|
|
2757
|
+
});
|
|
2758
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), signingContext.signingNearPublicKeyStr);
|
|
2759
|
+
const resolvedRpcCall = {
|
|
2760
|
+
contractId: rpcCall.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId,
|
|
2761
|
+
nearRpcUrl: rpcCall.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl,
|
|
2762
|
+
nearAccountId: rpcCall.nearAccountId
|
|
2763
|
+
};
|
|
2764
|
+
const txSigningRequests = transactions.map((tx) => ({
|
|
2765
|
+
nearAccountId: rpcCall.nearAccountId,
|
|
2766
|
+
receiverId: tx.receiverId,
|
|
2767
|
+
actions: tx.actions
|
|
2768
|
+
}));
|
|
2769
|
+
if (!ctx.vrfWorkerManager) throw new Error("VrfWorkerManager not available for signing");
|
|
2770
|
+
const confirmation = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2771
|
+
ctx,
|
|
2772
|
+
sessionId,
|
|
2773
|
+
kind: "transaction",
|
|
2774
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
2775
|
+
txSigningRequests: transactions,
|
|
2776
|
+
rpcCall: resolvedRpcCall,
|
|
2777
|
+
confirmationConfigOverride,
|
|
2778
|
+
title,
|
|
2779
|
+
body
|
|
2780
|
+
});
|
|
2781
|
+
let { intentDigest, transactionContext, vrfChallenge, credential } = extractSigningEvidenceFromConfirmation$2(confirmation);
|
|
2782
|
+
if (signingContext.threshold) {
|
|
2783
|
+
const requestPayload = {
|
|
2784
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
2615
2785
|
rpcCall: resolvedRpcCall,
|
|
2616
|
-
|
|
2617
|
-
|
|
2618
|
-
|
|
2619
|
-
|
|
2620
|
-
|
|
2621
|
-
|
|
2622
|
-
|
|
2623
|
-
|
|
2624
|
-
|
|
2625
|
-
|
|
2626
|
-
|
|
2627
|
-
|
|
2628
|
-
|
|
2629
|
-
|
|
2630
|
-
|
|
2631
|
-
|
|
2632
|
-
|
|
2633
|
-
|
|
2634
|
-
|
|
2635
|
-
|
|
2636
|
-
|
|
2637
|
-
|
|
2638
|
-
|
|
2786
|
+
createdAt: Date.now(),
|
|
2787
|
+
decryption: {
|
|
2788
|
+
encryptedPrivateKeyData: "",
|
|
2789
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
2790
|
+
},
|
|
2791
|
+
threshold: {
|
|
2792
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
2793
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
2794
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
2795
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
2796
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
2797
|
+
thresholdSessionKind: "jwt",
|
|
2798
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
2799
|
+
},
|
|
2800
|
+
txSigningRequests,
|
|
2801
|
+
intentDigest,
|
|
2802
|
+
transactionContext,
|
|
2803
|
+
vrfChallenge,
|
|
2804
|
+
credential
|
|
2805
|
+
};
|
|
2806
|
+
for (let attempt = 0; attempt < 2; attempt++) try {
|
|
2807
|
+
const response = await ctx.sendMessage({
|
|
2808
|
+
sessionId,
|
|
2809
|
+
message: {
|
|
2810
|
+
type: WorkerRequestType.SignTransactionsWithActions,
|
|
2811
|
+
payload: requestPayload
|
|
2812
|
+
},
|
|
2813
|
+
onEvent
|
|
2814
|
+
});
|
|
2815
|
+
const okResponse = requireOkSignTransactionsWithActionsResponse(response);
|
|
2816
|
+
return toSignedTransactionResults({
|
|
2817
|
+
okResponse,
|
|
2818
|
+
expectedTransactionCount: transactions.length,
|
|
2819
|
+
nearAccountId,
|
|
2820
|
+
warnings
|
|
2821
|
+
});
|
|
2822
|
+
} catch (e) {
|
|
2823
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
2824
|
+
if (thresholdBehavior === "fallback" && isThresholdSignerMissingKeyError(err)) {
|
|
2825
|
+
const msg = "[WebAuthnManager] threshold-signer requested but the relayer is missing the signing share; falling back to local-signer";
|
|
2826
|
+
console.warn(msg);
|
|
2827
|
+
warnings.push(msg);
|
|
2828
|
+
try {
|
|
2829
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
2830
|
+
} catch {}
|
|
2831
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
2832
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
2833
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), localKeyMaterial.publicKey);
|
|
2834
|
+
if (!credential || !vrfChallenge) {
|
|
2835
|
+
const refreshed = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2836
|
+
ctx,
|
|
2837
|
+
sessionId,
|
|
2838
|
+
kind: "transaction",
|
|
2839
|
+
signingAuthMode: "webauthn",
|
|
2840
|
+
txSigningRequests: transactions,
|
|
2841
|
+
rpcCall: resolvedRpcCall,
|
|
2842
|
+
confirmationConfigOverride,
|
|
2843
|
+
title,
|
|
2844
|
+
body
|
|
2845
|
+
});
|
|
2846
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$2(refreshed));
|
|
2847
|
+
} else transactionContext = await ctx.nonceManager.getNonceBlockHashAndHeight(ctx.nearClient, { force: true });
|
|
2848
|
+
return await signTransactionsWithActionsLocally({
|
|
2849
|
+
ctx,
|
|
2850
|
+
sessionId,
|
|
2851
|
+
onEvent,
|
|
2852
|
+
resolvedRpcCall,
|
|
2853
|
+
localKeyMaterial,
|
|
2639
2854
|
txSigningRequests,
|
|
2640
2855
|
intentDigest,
|
|
2641
2856
|
transactionContext,
|
|
2642
|
-
credential
|
|
2857
|
+
credential,
|
|
2858
|
+
expectedTransactionCount: transactions.length,
|
|
2859
|
+
warnings
|
|
2860
|
+
});
|
|
2861
|
+
}
|
|
2862
|
+
if (attempt === 0 && isThresholdSessionAuthUnavailableError(err)) {
|
|
2863
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
2864
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
2865
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
2866
|
+
if (!credential || !vrfChallenge) {
|
|
2867
|
+
const refreshed = await ctx.vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2868
|
+
ctx,
|
|
2869
|
+
sessionId,
|
|
2870
|
+
kind: "transaction",
|
|
2871
|
+
signingAuthMode: "webauthn",
|
|
2872
|
+
txSigningRequests: transactions,
|
|
2873
|
+
rpcCall: resolvedRpcCall,
|
|
2874
|
+
confirmationConfigOverride,
|
|
2875
|
+
title,
|
|
2876
|
+
body
|
|
2877
|
+
});
|
|
2878
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$2(refreshed));
|
|
2879
|
+
requestPayload.intentDigest = intentDigest;
|
|
2880
|
+
requestPayload.transactionContext = transactionContext;
|
|
2881
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
2882
|
+
requestPayload.credential = credential;
|
|
2643
2883
|
}
|
|
2644
|
-
|
|
2645
|
-
|
|
2646
|
-
|
|
2647
|
-
if (!isSignTransactionsWithActionsSuccess(response)) {
|
|
2648
|
-
console.error("WebAuthnManager: Batch transaction signing failed:", response);
|
|
2649
|
-
const payloadError = isObject(response?.payload) && response?.payload?.error;
|
|
2650
|
-
throw new Error(payloadError || "Batch transaction signing failed");
|
|
2884
|
+
continue;
|
|
2885
|
+
}
|
|
2886
|
+
throw err;
|
|
2651
2887
|
}
|
|
2652
|
-
if (!response.payload.success) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2653
|
-
const signedTransactions = response.payload.signedTransactions || [];
|
|
2654
|
-
if (signedTransactions.length !== transactions.length) throw new Error(`Expected ${transactions.length} signed transactions but received ${signedTransactions.length}`);
|
|
2655
|
-
const results = signedTransactions.map((signedTx, index) => {
|
|
2656
|
-
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error(`Incomplete signed transaction data received for transaction ${index + 1}`);
|
|
2657
|
-
return {
|
|
2658
|
-
signedTransaction: new SignedTransaction({
|
|
2659
|
-
transaction: signedTx.transaction,
|
|
2660
|
-
signature: signedTx.signature,
|
|
2661
|
-
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
2662
|
-
}),
|
|
2663
|
-
nearAccountId: toAccountId(nearAccountId),
|
|
2664
|
-
logs: response.payload.logs
|
|
2665
|
-
};
|
|
2666
|
-
});
|
|
2667
|
-
return results;
|
|
2668
|
-
} catch (error) {
|
|
2669
|
-
console.error("WebAuthnManager: Batch transaction signing error:", error);
|
|
2670
|
-
throw error;
|
|
2671
2888
|
}
|
|
2889
|
+
return await signTransactionsWithActionsLocally({
|
|
2890
|
+
ctx,
|
|
2891
|
+
sessionId,
|
|
2892
|
+
onEvent,
|
|
2893
|
+
resolvedRpcCall,
|
|
2894
|
+
localKeyMaterial,
|
|
2895
|
+
txSigningRequests,
|
|
2896
|
+
intentDigest,
|
|
2897
|
+
transactionContext,
|
|
2898
|
+
credential,
|
|
2899
|
+
expectedTransactionCount: transactions.length,
|
|
2900
|
+
warnings
|
|
2901
|
+
});
|
|
2672
2902
|
}
|
|
2673
|
-
|
|
2674
|
-
|
|
2675
|
-
|
|
2676
|
-
|
|
2677
|
-
|
|
2678
|
-
|
|
2679
|
-
|
|
2680
|
-
|
|
2681
|
-
|
|
2682
|
-
|
|
2683
|
-
|
|
2684
|
-
|
|
2685
|
-
|
|
2686
|
-
|
|
2687
|
-
|
|
2688
|
-
|
|
2689
|
-
|
|
2690
|
-
|
|
2691
|
-
|
|
2903
|
+
async function signTransactionsWithActionsLocally(args) {
|
|
2904
|
+
const response = await args.ctx.sendMessage({
|
|
2905
|
+
sessionId: args.sessionId,
|
|
2906
|
+
message: {
|
|
2907
|
+
type: WorkerRequestType.SignTransactionsWithActions,
|
|
2908
|
+
payload: {
|
|
2909
|
+
signerMode: "local-signer",
|
|
2910
|
+
rpcCall: args.resolvedRpcCall,
|
|
2911
|
+
createdAt: Date.now(),
|
|
2912
|
+
decryption: {
|
|
2913
|
+
encryptedPrivateKeyData: args.localKeyMaterial.encryptedSk,
|
|
2914
|
+
encryptedPrivateKeyChacha20NonceB64u: args.localKeyMaterial.chacha20NonceB64u
|
|
2915
|
+
},
|
|
2916
|
+
txSigningRequests: args.txSigningRequests,
|
|
2917
|
+
intentDigest: args.intentDigest,
|
|
2918
|
+
transactionContext: args.transactionContext,
|
|
2919
|
+
credential: args.credential
|
|
2920
|
+
}
|
|
2921
|
+
},
|
|
2922
|
+
onEvent: args.onEvent
|
|
2923
|
+
});
|
|
2924
|
+
const okResponse = requireOkSignTransactionsWithActionsResponse(response);
|
|
2925
|
+
return toSignedTransactionResults({
|
|
2926
|
+
okResponse,
|
|
2927
|
+
expectedTransactionCount: args.expectedTransactionCount,
|
|
2928
|
+
nearAccountId: args.resolvedRpcCall.nearAccountId,
|
|
2929
|
+
warnings: args.warnings
|
|
2930
|
+
});
|
|
2931
|
+
}
|
|
2932
|
+
function toSignedTransactionResults(args) {
|
|
2933
|
+
const signedTransactions = args.okResponse.payload.signedTransactions || [];
|
|
2934
|
+
if (signedTransactions.length !== args.expectedTransactionCount) throw new Error(`Expected ${args.expectedTransactionCount} signed transactions but received ${signedTransactions.length}`);
|
|
2935
|
+
return signedTransactions.map((signedTx, index) => {
|
|
2936
|
+
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error(`Incomplete signed transaction data received for transaction ${index + 1}`);
|
|
2937
|
+
return {
|
|
2938
|
+
signedTransaction: new SignedTransaction({
|
|
2939
|
+
transaction: signedTx.transaction,
|
|
2940
|
+
signature: signedTx.signature,
|
|
2941
|
+
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
2942
|
+
}),
|
|
2943
|
+
nearAccountId: toAccountId(args.nearAccountId),
|
|
2944
|
+
logs: [...args.okResponse.payload.logs || [], ...args.warnings]
|
|
2945
|
+
};
|
|
2946
|
+
});
|
|
2947
|
+
}
|
|
2948
|
+
function validateAndPrepareSigningContext(args) {
|
|
2949
|
+
const localPublicKey = String(args.localKeyMaterial.publicKey || "").trim();
|
|
2950
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
2951
|
+
if (args.resolvedSignerMode !== "threshold-signer") return {
|
|
2952
|
+
resolvedSignerMode: "local-signer",
|
|
2953
|
+
signingNearPublicKeyStr: localPublicKey,
|
|
2954
|
+
threshold: null
|
|
2955
|
+
};
|
|
2956
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
2957
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
2958
|
+
const thresholdPublicKey = String(thresholdKeyMaterial.publicKey || "").trim();
|
|
2959
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
2960
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
2961
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
2962
|
+
const rpId = String(args.rpId || "").trim();
|
|
2963
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
2964
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
2965
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
2966
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
2967
|
+
nearAccountId: args.nearAccountId,
|
|
2968
|
+
rpId,
|
|
2969
|
+
relayerUrl,
|
|
2970
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
2971
|
+
participantIds
|
|
2972
|
+
});
|
|
2973
|
+
return {
|
|
2974
|
+
resolvedSignerMode: "threshold-signer",
|
|
2975
|
+
signingNearPublicKeyStr: thresholdPublicKey,
|
|
2976
|
+
threshold: {
|
|
2977
|
+
relayerUrl,
|
|
2978
|
+
thresholdKeyMaterial,
|
|
2979
|
+
thresholdSessionCacheKey,
|
|
2980
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
2981
|
+
}
|
|
2982
|
+
};
|
|
2983
|
+
}
|
|
2984
|
+
function extractSigningEvidenceFromConfirmation$2(confirmation) {
|
|
2985
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
2986
|
+
return {
|
|
2987
|
+
intentDigest: confirmation.intentDigest,
|
|
2988
|
+
transactionContext: confirmation.transactionContext,
|
|
2989
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
2990
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
2991
|
+
};
|
|
2992
|
+
}
|
|
2993
|
+
function requireOkSignTransactionsWithActionsResponse(response) {
|
|
2994
|
+
if (!isSignTransactionsWithActionsSuccess(response)) {
|
|
2995
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2996
|
+
throw new Error("Batch transaction signing failed");
|
|
2997
|
+
}
|
|
2998
|
+
if (!response.payload.success) throw new Error(response.payload.error || "Batch transaction signing failed");
|
|
2999
|
+
return response;
|
|
2692
3000
|
}
|
|
2693
3001
|
|
|
2694
3002
|
//#endregion
|
|
2695
3003
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/validation.ts
|
|
3004
|
+
const toPublicKeyString = (pk) => {
|
|
3005
|
+
if (typeof pk === "string") return pk;
|
|
3006
|
+
return ensureEd25519Prefix(base58Encode(pk.keyData));
|
|
3007
|
+
};
|
|
2696
3008
|
function validateTransactionContextMaybe(input) {
|
|
2697
3009
|
if (input == null) return void 0;
|
|
2698
3010
|
if (!isObject(input)) throw new Error("Invalid transactionContext: expected object");
|
|
@@ -2753,16 +3065,13 @@ function parseAndValidateRegistrationCredentialConfirmationPayload(payload) {
|
|
|
2753
3065
|
error: normalizedError
|
|
2754
3066
|
};
|
|
2755
3067
|
}
|
|
2756
|
-
const toPublicKeyString = (pk) => {
|
|
2757
|
-
if (typeof pk === "string") return pk;
|
|
2758
|
-
return ensureEd25519Prefix(base58Encode(pk.keyData));
|
|
2759
|
-
};
|
|
2760
3068
|
|
|
2761
3069
|
//#endregion
|
|
2762
3070
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/signDelegateAction.ts
|
|
2763
|
-
async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmationConfigOverride, title, body, sessionId: providedSessionId }) {
|
|
3071
|
+
async function signDelegateAction({ ctx, delegate, rpcCall, signerMode, onEvent, confirmationConfigOverride, title, body, sessionId: providedSessionId }) {
|
|
2764
3072
|
const sessionId = providedSessionId ?? generateSessionId();
|
|
2765
3073
|
const nearAccountId = rpcCall.nearAccountId || delegate.senderId;
|
|
3074
|
+
const relayerUrl = ctx.relayerUrl;
|
|
2766
3075
|
const resolvedRpcCall = {
|
|
2767
3076
|
contractId: rpcCall.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId,
|
|
2768
3077
|
nearRpcUrl: rpcCall.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl.split(",")[0] || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl,
|
|
@@ -2777,13 +3086,34 @@ async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmatio
|
|
|
2777
3086
|
}
|
|
2778
3087
|
});
|
|
2779
3088
|
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
2780
|
-
const
|
|
2781
|
-
if (!
|
|
2782
|
-
|
|
2783
|
-
const
|
|
3089
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
3090
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
3091
|
+
const warnings = [];
|
|
3092
|
+
const vrfWorkerManager = ctx.vrfWorkerManager;
|
|
3093
|
+
if (!vrfWorkerManager) throw new Error("VrfWorkerManager not available for delegate signing");
|
|
3094
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
3095
|
+
nearAccountId,
|
|
3096
|
+
signerMode,
|
|
3097
|
+
relayerUrl,
|
|
3098
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial,
|
|
3099
|
+
warnings
|
|
3100
|
+
});
|
|
3101
|
+
const signingContext = validateAndPrepareDelegateSigningContext({
|
|
3102
|
+
nearAccountId,
|
|
3103
|
+
resolvedSignerMode,
|
|
3104
|
+
relayerUrl,
|
|
3105
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
3106
|
+
localKeyMaterial,
|
|
3107
|
+
thresholdKeyMaterial,
|
|
3108
|
+
providedDelegatePublicKey: delegate.publicKey,
|
|
3109
|
+
warnings
|
|
3110
|
+
});
|
|
3111
|
+
ctx.nonceManager.initializeUser(toAccountId(nearAccountId), signingContext.signingNearPublicKeyStr);
|
|
3112
|
+
const confirmation = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2784
3113
|
ctx,
|
|
2785
3114
|
sessionId,
|
|
2786
3115
|
kind: "delegate",
|
|
3116
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
2787
3117
|
nearAccountId,
|
|
2788
3118
|
delegate: {
|
|
2789
3119
|
senderId: delegate.senderId || nearAccountId,
|
|
@@ -2793,57 +3123,190 @@ async function signDelegateAction({ ctx, delegate, rpcCall, onEvent, confirmatio
|
|
|
2793
3123
|
maxBlockHeight: delegate.maxBlockHeight
|
|
2794
3124
|
},
|
|
2795
3125
|
rpcCall: resolvedRpcCall,
|
|
2796
|
-
confirmationConfigOverride,
|
|
2797
|
-
title,
|
|
2798
|
-
body
|
|
2799
|
-
});
|
|
2800
|
-
|
|
2801
|
-
const
|
|
2802
|
-
|
|
2803
|
-
|
|
2804
|
-
|
|
2805
|
-
|
|
2806
|
-
|
|
2807
|
-
|
|
2808
|
-
|
|
2809
|
-
|
|
2810
|
-
|
|
2811
|
-
|
|
2812
|
-
|
|
2813
|
-
|
|
3126
|
+
confirmationConfigOverride,
|
|
3127
|
+
title,
|
|
3128
|
+
body
|
|
3129
|
+
});
|
|
3130
|
+
let { intentDigest, transactionContext, vrfChallenge, credential } = extractSigningEvidenceFromConfirmation$1(confirmation);
|
|
3131
|
+
const delegatePayload = {
|
|
3132
|
+
senderId: delegate.senderId || nearAccountId,
|
|
3133
|
+
receiverId: delegate.receiverId,
|
|
3134
|
+
actions: actionsWasm,
|
|
3135
|
+
nonce: delegate.nonce.toString(),
|
|
3136
|
+
maxBlockHeight: delegate.maxBlockHeight.toString(),
|
|
3137
|
+
publicKey: signingContext.delegatePublicKeyStr
|
|
3138
|
+
};
|
|
3139
|
+
if (!signingContext.threshold) {
|
|
3140
|
+
const response = await ctx.sendMessage({
|
|
3141
|
+
sessionId,
|
|
3142
|
+
message: {
|
|
3143
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3144
|
+
payload: {
|
|
3145
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3146
|
+
rpcCall: resolvedRpcCall,
|
|
3147
|
+
createdAt: Date.now(),
|
|
3148
|
+
decryption: {
|
|
3149
|
+
encryptedPrivateKeyData: localKeyMaterial.encryptedSk,
|
|
3150
|
+
encryptedPrivateKeyChacha20NonceB64u: localKeyMaterial.chacha20NonceB64u
|
|
3151
|
+
},
|
|
3152
|
+
delegate: delegatePayload,
|
|
3153
|
+
intentDigest,
|
|
3154
|
+
transactionContext,
|
|
3155
|
+
credential
|
|
3156
|
+
}
|
|
3157
|
+
},
|
|
3158
|
+
onEvent
|
|
3159
|
+
});
|
|
3160
|
+
const okResponse$1 = requireOkSignDelegateActionResponse(response);
|
|
3161
|
+
return {
|
|
3162
|
+
signedDelegate: okResponse$1.payload.signedDelegate,
|
|
3163
|
+
hash: okResponse$1.payload.hash,
|
|
3164
|
+
nearAccountId: toAccountId(nearAccountId),
|
|
3165
|
+
logs: [...okResponse$1.payload.logs || [], ...warnings]
|
|
3166
|
+
};
|
|
3167
|
+
}
|
|
3168
|
+
const requestPayload = {
|
|
3169
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3170
|
+
rpcCall: resolvedRpcCall,
|
|
3171
|
+
createdAt: Date.now(),
|
|
3172
|
+
decryption: {
|
|
3173
|
+
encryptedPrivateKeyData: "",
|
|
3174
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
3175
|
+
},
|
|
3176
|
+
threshold: {
|
|
3177
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
3178
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
3179
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
3180
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
3181
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
3182
|
+
thresholdSessionKind: "jwt",
|
|
3183
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
3184
|
+
},
|
|
3185
|
+
delegate: delegatePayload,
|
|
3186
|
+
intentDigest,
|
|
3187
|
+
transactionContext,
|
|
3188
|
+
vrfChallenge,
|
|
3189
|
+
credential
|
|
3190
|
+
};
|
|
3191
|
+
let okResponse;
|
|
3192
|
+
try {
|
|
3193
|
+
const resp = await ctx.sendMessage({
|
|
3194
|
+
sessionId,
|
|
3195
|
+
message: {
|
|
3196
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3197
|
+
payload: requestPayload
|
|
3198
|
+
},
|
|
3199
|
+
onEvent
|
|
3200
|
+
});
|
|
3201
|
+
okResponse = requireOkSignDelegateActionResponse(resp);
|
|
3202
|
+
} catch (e) {
|
|
3203
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
3204
|
+
if (!isThresholdSessionAuthUnavailableError(err)) throw err;
|
|
3205
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
3206
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
3207
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
3208
|
+
if (!credential || !vrfChallenge) {
|
|
3209
|
+
const refreshed = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
3210
|
+
ctx,
|
|
3211
|
+
sessionId,
|
|
3212
|
+
kind: "delegate",
|
|
3213
|
+
signingAuthMode: "webauthn",
|
|
3214
|
+
nearAccountId,
|
|
2814
3215
|
delegate: {
|
|
2815
3216
|
senderId: delegate.senderId || nearAccountId,
|
|
2816
3217
|
receiverId: delegate.receiverId,
|
|
2817
3218
|
actions: actionsWasm,
|
|
2818
|
-
nonce: delegate.nonce
|
|
2819
|
-
maxBlockHeight: delegate.maxBlockHeight
|
|
2820
|
-
publicKey: toPublicKeyString(delegate.publicKey)
|
|
3219
|
+
nonce: delegate.nonce,
|
|
3220
|
+
maxBlockHeight: delegate.maxBlockHeight
|
|
2821
3221
|
},
|
|
2822
|
-
|
|
2823
|
-
|
|
2824
|
-
|
|
2825
|
-
|
|
2826
|
-
|
|
2827
|
-
|
|
2828
|
-
|
|
2829
|
-
|
|
2830
|
-
|
|
2831
|
-
|
|
2832
|
-
|
|
2833
|
-
|
|
2834
|
-
|
|
2835
|
-
|
|
2836
|
-
|
|
2837
|
-
|
|
2838
|
-
|
|
3222
|
+
rpcCall: resolvedRpcCall,
|
|
3223
|
+
confirmationConfigOverride,
|
|
3224
|
+
title,
|
|
3225
|
+
body
|
|
3226
|
+
});
|
|
3227
|
+
({intentDigest, transactionContext, vrfChallenge, credential} = extractSigningEvidenceFromConfirmation$1(refreshed));
|
|
3228
|
+
requestPayload.intentDigest = intentDigest;
|
|
3229
|
+
requestPayload.transactionContext = transactionContext;
|
|
3230
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
3231
|
+
requestPayload.credential = credential;
|
|
3232
|
+
}
|
|
3233
|
+
const resp = await ctx.sendMessage({
|
|
3234
|
+
sessionId,
|
|
3235
|
+
message: {
|
|
3236
|
+
type: WorkerRequestType.SignDelegateAction,
|
|
3237
|
+
payload: requestPayload
|
|
3238
|
+
},
|
|
3239
|
+
onEvent
|
|
3240
|
+
});
|
|
3241
|
+
okResponse = requireOkSignDelegateActionResponse(resp);
|
|
2839
3242
|
}
|
|
2840
3243
|
return {
|
|
2841
|
-
signedDelegate: payload.signedDelegate,
|
|
2842
|
-
hash: payload.hash,
|
|
3244
|
+
signedDelegate: okResponse.payload.signedDelegate,
|
|
3245
|
+
hash: okResponse.payload.hash,
|
|
2843
3246
|
nearAccountId: toAccountId(nearAccountId),
|
|
2844
|
-
logs: payload.logs
|
|
3247
|
+
logs: [...okResponse.payload.logs || [], ...warnings]
|
|
3248
|
+
};
|
|
3249
|
+
}
|
|
3250
|
+
function validateAndPrepareDelegateSigningContext(args) {
|
|
3251
|
+
const localPublicKey = ensureEd25519Prefix(args.localKeyMaterial.publicKey);
|
|
3252
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
3253
|
+
const providedDelegatePublicKeyStr = ensureEd25519Prefix(toPublicKeyString(args.providedDelegatePublicKey));
|
|
3254
|
+
if (args.resolvedSignerMode !== "threshold-signer") {
|
|
3255
|
+
if (providedDelegatePublicKeyStr && providedDelegatePublicKeyStr !== localPublicKey) args.warnings.push(`Delegate public key ${providedDelegatePublicKeyStr} does not match local signer key; using ${localPublicKey}`);
|
|
3256
|
+
return {
|
|
3257
|
+
resolvedSignerMode: "local-signer",
|
|
3258
|
+
signingNearPublicKeyStr: localPublicKey,
|
|
3259
|
+
delegatePublicKeyStr: localPublicKey,
|
|
3260
|
+
threshold: null
|
|
3261
|
+
};
|
|
3262
|
+
}
|
|
3263
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
3264
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
3265
|
+
const thresholdPublicKey = ensureEd25519Prefix(thresholdKeyMaterial.publicKey);
|
|
3266
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
3267
|
+
if (providedDelegatePublicKeyStr && providedDelegatePublicKeyStr !== thresholdPublicKey) args.warnings.push(`Delegate public key ${providedDelegatePublicKeyStr} does not match threshold signer key; using ${thresholdPublicKey}`);
|
|
3268
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
3269
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
3270
|
+
const rpId = String(args.rpId || "").trim();
|
|
3271
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
3272
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
3273
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
3274
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
3275
|
+
nearAccountId: args.nearAccountId,
|
|
3276
|
+
rpId,
|
|
3277
|
+
relayerUrl,
|
|
3278
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
3279
|
+
participantIds
|
|
3280
|
+
});
|
|
3281
|
+
return {
|
|
3282
|
+
resolvedSignerMode: "threshold-signer",
|
|
3283
|
+
signingNearPublicKeyStr: thresholdPublicKey,
|
|
3284
|
+
delegatePublicKeyStr: thresholdPublicKey,
|
|
3285
|
+
threshold: {
|
|
3286
|
+
relayerUrl,
|
|
3287
|
+
thresholdKeyMaterial,
|
|
3288
|
+
thresholdSessionCacheKey,
|
|
3289
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
3290
|
+
}
|
|
3291
|
+
};
|
|
3292
|
+
}
|
|
3293
|
+
function extractSigningEvidenceFromConfirmation$1(confirmation) {
|
|
3294
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
3295
|
+
return {
|
|
3296
|
+
intentDigest: confirmation.intentDigest,
|
|
3297
|
+
transactionContext: confirmation.transactionContext,
|
|
3298
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
3299
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
2845
3300
|
};
|
|
2846
3301
|
}
|
|
3302
|
+
function requireOkSignDelegateActionResponse(response) {
|
|
3303
|
+
if (!isSignDelegateActionSuccess(response)) {
|
|
3304
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "Delegate action signing failed");
|
|
3305
|
+
throw new Error("Delegate action signing failed");
|
|
3306
|
+
}
|
|
3307
|
+
if (!response.payload.success || !response.payload.signedDelegate || !response.payload.hash) throw new Error(response.payload.error || "Delegate action signing failed");
|
|
3308
|
+
return response;
|
|
3309
|
+
}
|
|
2847
3310
|
|
|
2848
3311
|
//#endregion
|
|
2849
3312
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/recoverKeypairFromPasskey.ts
|
|
@@ -2910,12 +3373,8 @@ async function extractCosePublicKey({ ctx, attestationObjectBase64url }) {
|
|
|
2910
3373
|
async function signTransactionWithKeyPair({ ctx, nearPrivateKey, signerAccountId, receiverId, nonce, blockHash, actions }) {
|
|
2911
3374
|
try {
|
|
2912
3375
|
console.info("SignerWorkerManager: Starting transaction signing with provided private key");
|
|
2913
|
-
actions.forEach((action
|
|
2914
|
-
|
|
2915
|
-
validateActionArgsWasm(action);
|
|
2916
|
-
} catch (error) {
|
|
2917
|
-
throw new Error(`Action ${index} validation failed: ${error instanceof Error ? error.message : "Unknown error"}`);
|
|
2918
|
-
}
|
|
3376
|
+
actions.forEach((action) => {
|
|
3377
|
+
validateActionArgsWasm(action);
|
|
2919
3378
|
});
|
|
2920
3379
|
const response = await ctx.sendMessage({ message: {
|
|
2921
3380
|
type: WorkerRequestType.SignTransactionWithKeyPair,
|
|
@@ -2964,16 +3423,34 @@ async function signTransactionWithKeyPair({ ctx, nearPrivateKey, signerAccountId
|
|
|
2964
3423
|
*/
|
|
2965
3424
|
async function signNep413Message({ ctx, payload }) {
|
|
2966
3425
|
try {
|
|
2967
|
-
const deviceNumber = await getLastLoggedInDeviceNumber(payload.accountId, ctx.indexedDB.clientDB);
|
|
2968
|
-
const encryptedKeyData = await ctx.indexedDB.nearKeysDB.getEncryptedKey(payload.accountId, deviceNumber);
|
|
2969
|
-
if (!encryptedKeyData) throw new Error(`No encrypted key found for account: ${payload.accountId}`);
|
|
2970
3426
|
const sessionId = payload.sessionId ?? generateSessionId();
|
|
2971
|
-
|
|
2972
|
-
|
|
3427
|
+
const relayerUrl = ctx.relayerUrl;
|
|
3428
|
+
const nearAccountId = payload.accountId;
|
|
3429
|
+
const deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, ctx.indexedDB.clientDB);
|
|
3430
|
+
const [localKeyMaterial, thresholdKeyMaterial] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber), ctx.indexedDB.nearKeysDB.getThresholdKeyMaterial(nearAccountId, deviceNumber)]);
|
|
3431
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account: ${nearAccountId}`);
|
|
3432
|
+
const resolvedSignerMode = await resolveSignerModeForThresholdSigning({
|
|
3433
|
+
nearAccountId,
|
|
3434
|
+
signerMode: payload.signerMode,
|
|
3435
|
+
relayerUrl,
|
|
3436
|
+
hasThresholdKeyMaterial: !!thresholdKeyMaterial
|
|
3437
|
+
});
|
|
3438
|
+
const vrfWorkerManager = ctx.vrfWorkerManager;
|
|
3439
|
+
if (!vrfWorkerManager) throw new Error("VrfWorkerManager not available for NEP-413 signing");
|
|
3440
|
+
const signingContext = validateAndPrepareNep413SigningContext({
|
|
3441
|
+
nearAccountId,
|
|
3442
|
+
resolvedSignerMode,
|
|
3443
|
+
relayerUrl,
|
|
3444
|
+
rpId: ctx.touchIdPrompt.getRpId(),
|
|
3445
|
+
localKeyMaterial,
|
|
3446
|
+
thresholdKeyMaterial
|
|
3447
|
+
});
|
|
3448
|
+
const confirmation = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
2973
3449
|
ctx,
|
|
2974
3450
|
sessionId,
|
|
2975
3451
|
kind: "nep413",
|
|
2976
|
-
|
|
3452
|
+
...signingContext.threshold && !signingContext.threshold.thresholdSessionJwt ? { signingAuthMode: "webauthn" } : {},
|
|
3453
|
+
nearAccountId,
|
|
2977
3454
|
message: payload.message,
|
|
2978
3455
|
recipient: payload.recipient,
|
|
2979
3456
|
title: payload.title,
|
|
@@ -2982,32 +3459,95 @@ async function signNep413Message({ ctx, payload }) {
|
|
|
2982
3459
|
contractId: payload.contractId,
|
|
2983
3460
|
nearRpcUrl: payload.nearRpcUrl
|
|
2984
3461
|
});
|
|
2985
|
-
|
|
2986
|
-
|
|
2987
|
-
|
|
2988
|
-
|
|
2989
|
-
|
|
3462
|
+
let { vrfChallenge, credential } = extractSigningEvidenceFromConfirmation(confirmation);
|
|
3463
|
+
const requestPayload = {
|
|
3464
|
+
signerMode: signingContext.resolvedSignerMode,
|
|
3465
|
+
message: payload.message,
|
|
3466
|
+
recipient: payload.recipient,
|
|
3467
|
+
nonce: payload.nonce,
|
|
3468
|
+
state: payload.state || void 0,
|
|
3469
|
+
accountId: nearAccountId,
|
|
3470
|
+
nearPublicKey: signingContext.nearPublicKey,
|
|
3471
|
+
decryption: signingContext.decryption,
|
|
3472
|
+
threshold: signingContext.threshold ? {
|
|
3473
|
+
relayerUrl: signingContext.threshold.relayerUrl,
|
|
3474
|
+
relayerKeyId: signingContext.threshold.thresholdKeyMaterial.relayerKeyId,
|
|
3475
|
+
clientParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "client")?.id,
|
|
3476
|
+
relayerParticipantId: signingContext.threshold.thresholdKeyMaterial.participants.find((p) => p.role === "relayer")?.id,
|
|
3477
|
+
participantIds: signingContext.threshold.thresholdKeyMaterial.participants.map((p) => p.id),
|
|
3478
|
+
thresholdSessionKind: "jwt",
|
|
3479
|
+
thresholdSessionJwt: signingContext.threshold.thresholdSessionJwt
|
|
3480
|
+
} : void 0,
|
|
3481
|
+
vrfChallenge,
|
|
3482
|
+
credential
|
|
3483
|
+
};
|
|
3484
|
+
if (!signingContext.threshold) {
|
|
3485
|
+
const response = await ctx.sendMessage({
|
|
3486
|
+
sessionId,
|
|
3487
|
+
message: {
|
|
3488
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3489
|
+
payload: requestPayload
|
|
3490
|
+
}
|
|
3491
|
+
});
|
|
3492
|
+
const okResponse$1 = requireOkSignNep413MessageResponse(response);
|
|
3493
|
+
return {
|
|
3494
|
+
success: true,
|
|
3495
|
+
accountId: okResponse$1.payload.accountId,
|
|
3496
|
+
publicKey: okResponse$1.payload.publicKey,
|
|
3497
|
+
signature: okResponse$1.payload.signature,
|
|
3498
|
+
state: okResponse$1.payload.state || void 0
|
|
3499
|
+
};
|
|
3500
|
+
}
|
|
3501
|
+
let okResponse;
|
|
3502
|
+
try {
|
|
3503
|
+
const response = await ctx.sendMessage({
|
|
3504
|
+
sessionId,
|
|
3505
|
+
message: {
|
|
3506
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3507
|
+
payload: requestPayload
|
|
3508
|
+
}
|
|
3509
|
+
});
|
|
3510
|
+
okResponse = requireOkSignNep413MessageResponse(response);
|
|
3511
|
+
} catch (e) {
|
|
3512
|
+
const err = e instanceof Error ? e : new Error(String(e));
|
|
3513
|
+
if (!isThresholdSessionAuthUnavailableError(err)) throw err;
|
|
3514
|
+
clearCachedThresholdEd25519AuthSession(signingContext.threshold.thresholdSessionCacheKey);
|
|
3515
|
+
signingContext.threshold.thresholdSessionJwt = void 0;
|
|
3516
|
+
requestPayload.threshold.thresholdSessionJwt = void 0;
|
|
3517
|
+
if (!credential || !vrfChallenge) {
|
|
3518
|
+
const refreshed = await vrfWorkerManager.confirmAndPrepareSigningSession({
|
|
3519
|
+
ctx,
|
|
3520
|
+
sessionId,
|
|
3521
|
+
kind: "nep413",
|
|
3522
|
+
signingAuthMode: "webauthn",
|
|
3523
|
+
nearAccountId,
|
|
2990
3524
|
message: payload.message,
|
|
2991
3525
|
recipient: payload.recipient,
|
|
2992
|
-
|
|
2993
|
-
|
|
2994
|
-
|
|
2995
|
-
|
|
2996
|
-
|
|
2997
|
-
}
|
|
3526
|
+
title: payload.title,
|
|
3527
|
+
body: payload.body,
|
|
3528
|
+
confirmationConfigOverride: payload.confirmationConfigOverride,
|
|
3529
|
+
contractId: payload.contractId,
|
|
3530
|
+
nearRpcUrl: payload.nearRpcUrl
|
|
3531
|
+
});
|
|
3532
|
+
({vrfChallenge, credential} = extractSigningEvidenceFromConfirmation(refreshed));
|
|
3533
|
+
requestPayload.vrfChallenge = vrfChallenge;
|
|
3534
|
+
requestPayload.credential = credential;
|
|
2998
3535
|
}
|
|
2999
|
-
|
|
3000
|
-
|
|
3001
|
-
|
|
3002
|
-
|
|
3003
|
-
|
|
3536
|
+
const response = await ctx.sendMessage({
|
|
3537
|
+
sessionId,
|
|
3538
|
+
message: {
|
|
3539
|
+
type: WorkerRequestType.SignNep413Message,
|
|
3540
|
+
payload: requestPayload
|
|
3541
|
+
}
|
|
3542
|
+
});
|
|
3543
|
+
okResponse = requireOkSignNep413MessageResponse(response);
|
|
3004
3544
|
}
|
|
3005
3545
|
return {
|
|
3006
3546
|
success: true,
|
|
3007
|
-
accountId:
|
|
3008
|
-
publicKey:
|
|
3009
|
-
signature:
|
|
3010
|
-
state:
|
|
3547
|
+
accountId: okResponse.payload.accountId,
|
|
3548
|
+
publicKey: okResponse.payload.publicKey,
|
|
3549
|
+
signature: okResponse.payload.signature,
|
|
3550
|
+
state: okResponse.payload.state || void 0
|
|
3011
3551
|
};
|
|
3012
3552
|
} catch (error) {
|
|
3013
3553
|
console.error("SignerWorkerManager: NEP-413 signing error:", error);
|
|
@@ -3020,6 +3560,64 @@ async function signNep413Message({ ctx, payload }) {
|
|
|
3020
3560
|
};
|
|
3021
3561
|
}
|
|
3022
3562
|
}
|
|
3563
|
+
function validateAndPrepareNep413SigningContext(args) {
|
|
3564
|
+
const localPublicKey = String(args.localKeyMaterial.publicKey || "").trim();
|
|
3565
|
+
if (!localPublicKey) throw new Error(`Missing local signing public key for ${args.nearAccountId}`);
|
|
3566
|
+
if (args.resolvedSignerMode !== "threshold-signer") return {
|
|
3567
|
+
resolvedSignerMode: "local-signer",
|
|
3568
|
+
nearPublicKey: localPublicKey,
|
|
3569
|
+
decryption: {
|
|
3570
|
+
encryptedPrivateKeyData: args.localKeyMaterial.encryptedSk,
|
|
3571
|
+
encryptedPrivateKeyChacha20NonceB64u: args.localKeyMaterial.chacha20NonceB64u
|
|
3572
|
+
},
|
|
3573
|
+
threshold: null
|
|
3574
|
+
};
|
|
3575
|
+
const thresholdKeyMaterial = args.thresholdKeyMaterial;
|
|
3576
|
+
if (!thresholdKeyMaterial) throw new Error(`Missing threshold key material for ${args.nearAccountId}`);
|
|
3577
|
+
const thresholdPublicKey = String(thresholdKeyMaterial.publicKey || "").trim();
|
|
3578
|
+
if (!thresholdPublicKey) throw new Error(`Missing threshold signing public key for ${args.nearAccountId}`);
|
|
3579
|
+
const relayerUrl = String(args.relayerUrl || "").trim();
|
|
3580
|
+
if (!relayerUrl) throw new Error("Missing relayerUrl (required for threshold-signer)");
|
|
3581
|
+
const rpId = String(args.rpId || "").trim();
|
|
3582
|
+
if (!rpId) throw new Error("Missing rpId for threshold signing");
|
|
3583
|
+
const participantIds = normalizeThresholdEd25519ParticipantIds(thresholdKeyMaterial.participants.map((p) => p.id));
|
|
3584
|
+
if (!participantIds || participantIds.length < 2) throw new Error(`Invalid threshold signing participantIds (expected >=2 participants, got [${(participantIds || []).join(",")}])`);
|
|
3585
|
+
const thresholdSessionCacheKey = makeThresholdEd25519AuthSessionCacheKey({
|
|
3586
|
+
nearAccountId: args.nearAccountId,
|
|
3587
|
+
rpId,
|
|
3588
|
+
relayerUrl,
|
|
3589
|
+
relayerKeyId: thresholdKeyMaterial.relayerKeyId,
|
|
3590
|
+
participantIds
|
|
3591
|
+
});
|
|
3592
|
+
return {
|
|
3593
|
+
resolvedSignerMode: "threshold-signer",
|
|
3594
|
+
nearPublicKey: thresholdPublicKey,
|
|
3595
|
+
decryption: {
|
|
3596
|
+
encryptedPrivateKeyData: "",
|
|
3597
|
+
encryptedPrivateKeyChacha20NonceB64u: ""
|
|
3598
|
+
},
|
|
3599
|
+
threshold: {
|
|
3600
|
+
relayerUrl,
|
|
3601
|
+
thresholdKeyMaterial,
|
|
3602
|
+
thresholdSessionCacheKey,
|
|
3603
|
+
thresholdSessionJwt: getCachedThresholdEd25519AuthSessionJwt(thresholdSessionCacheKey)
|
|
3604
|
+
}
|
|
3605
|
+
};
|
|
3606
|
+
}
|
|
3607
|
+
function extractSigningEvidenceFromConfirmation(confirmation) {
|
|
3608
|
+
const credentialForRelay = confirmation.credential ? removePrfOutputGuard(confirmation.credential) : void 0;
|
|
3609
|
+
return {
|
|
3610
|
+
vrfChallenge: confirmation.vrfChallenge,
|
|
3611
|
+
credential: credentialForRelay ? JSON.stringify(credentialForRelay) : void 0
|
|
3612
|
+
};
|
|
3613
|
+
}
|
|
3614
|
+
function requireOkSignNep413MessageResponse(response) {
|
|
3615
|
+
if (!isSignNep413MessageSuccess(response)) {
|
|
3616
|
+
if (isWorkerError(response)) throw new Error(response.payload.error || "NEP-413 signing failed");
|
|
3617
|
+
throw new Error("NEP-413 signing failed");
|
|
3618
|
+
}
|
|
3619
|
+
return response;
|
|
3620
|
+
}
|
|
3023
3621
|
|
|
3024
3622
|
//#endregion
|
|
3025
3623
|
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/registerDevice2WithDerivedKey.ts
|
|
@@ -3050,6 +3648,8 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3050
3648
|
if (!s) return [];
|
|
3051
3649
|
return Array.from(base64UrlDecode(s));
|
|
3052
3650
|
};
|
|
3651
|
+
const intentDigest32 = b64ToBytes(vrfChallenge.intentDigest);
|
|
3652
|
+
if (intentDigest32.length !== 32) throw new Error("Missing or invalid vrfChallenge.intentDigest (expected base64url-encoded 32 bytes)");
|
|
3053
3653
|
const finalContractArgs = {
|
|
3054
3654
|
vrf_data: {
|
|
3055
3655
|
vrf_input_data: b64ToBytes(vrfChallenge.vrfInput),
|
|
@@ -3059,7 +3659,8 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3059
3659
|
user_id: vrfChallenge.userId,
|
|
3060
3660
|
rp_id: vrfChallenge.rpId,
|
|
3061
3661
|
block_height: Number(vrfChallenge.blockHeight),
|
|
3062
|
-
block_hash: b64ToBytes(vrfChallenge.blockHash)
|
|
3662
|
+
block_hash: b64ToBytes(vrfChallenge.blockHash),
|
|
3663
|
+
intent_digest_32: intentDigest32
|
|
3063
3664
|
},
|
|
3064
3665
|
webauthn_registration: credential,
|
|
3065
3666
|
deterministic_vrf_public_key: b64ToBytes(deterministicVrfPublicKey),
|
|
@@ -3094,22 +3695,25 @@ async function registerDevice2WithDerivedKey({ ctx, sessionId, nearAccountId, cr
|
|
|
3094
3695
|
console.debug("[SignerWorkerManager] Device2 registration complete, storing encrypted key");
|
|
3095
3696
|
const chacha20NonceB64u = wasmResult.chacha20NonceB64u;
|
|
3096
3697
|
if (!chacha20NonceB64u) throw new Error("Missing chacha20NonceB64u in Device2 registration result");
|
|
3097
|
-
const
|
|
3698
|
+
const wrapKeySaltPersisted = wasmResult.wrapKeySalt;
|
|
3699
|
+
if (!wrapKeySaltPersisted) throw new Error("Missing wrapKeySalt in Device2 registration result");
|
|
3700
|
+
const keyMaterial = {
|
|
3701
|
+
kind: "local_near_sk_v3",
|
|
3098
3702
|
nearAccountId,
|
|
3099
3703
|
deviceNumber: deviceNumber ?? 2,
|
|
3100
|
-
|
|
3704
|
+
publicKey: wasmResult.publicKey,
|
|
3705
|
+
encryptedSk: wasmResult.encryptedData,
|
|
3101
3706
|
chacha20NonceB64u,
|
|
3102
|
-
wrapKeySalt:
|
|
3103
|
-
version: 2,
|
|
3707
|
+
wrapKeySalt: wrapKeySaltPersisted,
|
|
3104
3708
|
timestamp: Date.now()
|
|
3105
3709
|
};
|
|
3106
|
-
await ctx.indexedDB.nearKeysDB.
|
|
3710
|
+
await ctx.indexedDB.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
3107
3711
|
console.debug("[SignerWorkerManager] Device2 encrypted key stored successfully");
|
|
3108
3712
|
return {
|
|
3109
3713
|
success: true,
|
|
3110
3714
|
publicKey: wasmResult.publicKey,
|
|
3111
3715
|
signedTransaction: wasmResult.signedTransaction,
|
|
3112
|
-
wrapKeySalt:
|
|
3716
|
+
wrapKeySalt: wrapKeySaltPersisted,
|
|
3113
3717
|
encryptedData: wasmResult.encryptedData,
|
|
3114
3718
|
chacha20NonceB64u
|
|
3115
3719
|
};
|
|
@@ -3194,7 +3798,6 @@ function validateSecureConfirmRequest(input) {
|
|
|
3194
3798
|
if (typeof input === "string") throw new Error("Invalid secure confirm request: expected an object (JSON strings are not supported)");
|
|
3195
3799
|
if (!isObject(input)) throw new Error("parsed is not an object");
|
|
3196
3800
|
const p = input;
|
|
3197
|
-
if (p.schemaVersion !== 2) throw new Error("schemaVersion must be 2");
|
|
3198
3801
|
if (!isString(p.requestId) || !p.requestId) throw new Error("missing requestId");
|
|
3199
3802
|
if (!isString(p.type) || !p.type) throw new Error("missing type");
|
|
3200
3803
|
if (p.summary === void 0 || p.summary === null) throw new Error("missing summary");
|
|
@@ -3257,13 +3860,23 @@ async function handlePromptUserConfirmInJsMainThread(ctx, message, worker) {
|
|
|
3257
3860
|
});
|
|
3258
3861
|
return;
|
|
3259
3862
|
}
|
|
3260
|
-
|
|
3261
|
-
|
|
3262
|
-
|
|
3263
|
-
|
|
3264
|
-
|
|
3265
|
-
|
|
3266
|
-
|
|
3863
|
+
try {
|
|
3864
|
+
await handler({
|
|
3865
|
+
ctx,
|
|
3866
|
+
request,
|
|
3867
|
+
worker,
|
|
3868
|
+
confirmationConfig,
|
|
3869
|
+
transactionSummary
|
|
3870
|
+
});
|
|
3871
|
+
} catch (e) {
|
|
3872
|
+
console.error("[SecureConfirm][Host] handler failed", e);
|
|
3873
|
+
sendConfirmResponse(worker, {
|
|
3874
|
+
requestId: request.requestId,
|
|
3875
|
+
intentDigest: getIntentDigest(request),
|
|
3876
|
+
confirmed: false,
|
|
3877
|
+
error: errorMessage(e) || "Secure confirmation failed"
|
|
3878
|
+
});
|
|
3879
|
+
}
|
|
3267
3880
|
}
|
|
3268
3881
|
async function importFlow(label, loader) {
|
|
3269
3882
|
try {
|
|
@@ -3275,42 +3888,42 @@ async function importFlow(label, loader) {
|
|
|
3275
3888
|
}
|
|
3276
3889
|
const HANDLERS = {
|
|
3277
3890
|
[SecureConfirmationType.DECRYPT_PRIVATE_KEY_WITH_PRF]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3278
|
-
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-
|
|
3891
|
+
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-COpDBMkm.js"));
|
|
3279
3892
|
await handleLocalOnlyFlow(ctx, request, worker, {
|
|
3280
3893
|
confirmationConfig,
|
|
3281
3894
|
transactionSummary
|
|
3282
3895
|
});
|
|
3283
3896
|
},
|
|
3284
3897
|
[SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3285
|
-
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-
|
|
3898
|
+
const { handleLocalOnlyFlow } = await importFlow("localOnly", () => import("./localOnly-COpDBMkm.js"));
|
|
3286
3899
|
await handleLocalOnlyFlow(ctx, request, worker, {
|
|
3287
3900
|
confirmationConfig,
|
|
3288
3901
|
transactionSummary
|
|
3289
3902
|
});
|
|
3290
3903
|
},
|
|
3291
3904
|
[SecureConfirmationType.REGISTER_ACCOUNT]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3292
|
-
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-
|
|
3905
|
+
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-R70lvG_o.js"));
|
|
3293
3906
|
await handleRegistrationFlow(ctx, request, worker, {
|
|
3294
3907
|
confirmationConfig,
|
|
3295
3908
|
transactionSummary
|
|
3296
3909
|
});
|
|
3297
3910
|
},
|
|
3298
3911
|
[SecureConfirmationType.LINK_DEVICE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3299
|
-
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-
|
|
3912
|
+
const { handleRegistrationFlow } = await importFlow("registration", () => import("./registration-R70lvG_o.js"));
|
|
3300
3913
|
await handleRegistrationFlow(ctx, request, worker, {
|
|
3301
3914
|
confirmationConfig,
|
|
3302
3915
|
transactionSummary
|
|
3303
3916
|
});
|
|
3304
3917
|
},
|
|
3305
3918
|
[SecureConfirmationType.SIGN_TRANSACTION]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3306
|
-
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-
|
|
3919
|
+
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-CxsklyCK.js"));
|
|
3307
3920
|
await handleTransactionSigningFlow(ctx, request, worker, {
|
|
3308
3921
|
confirmationConfig,
|
|
3309
3922
|
transactionSummary
|
|
3310
3923
|
});
|
|
3311
3924
|
},
|
|
3312
3925
|
[SecureConfirmationType.SIGN_NEP413_MESSAGE]: async ({ ctx, request, worker, confirmationConfig, transactionSummary }) => {
|
|
3313
|
-
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-
|
|
3926
|
+
const { handleTransactionSigningFlow } = await importFlow("transactions", () => import("./transactions-CxsklyCK.js"));
|
|
3314
3927
|
await handleTransactionSigningFlow(ctx, request, worker, {
|
|
3315
3928
|
confirmationConfig,
|
|
3316
3929
|
transactionSummary
|
|
@@ -3349,7 +3962,7 @@ async function runSecureConfirm(ctx, request) {
|
|
|
3349
3962
|
async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, sessionId }) {
|
|
3350
3963
|
const accountId = toAccountId(nearAccountId);
|
|
3351
3964
|
const deviceNumber = await getLastLoggedInDeviceNumber(accountId, ctx.indexedDB.clientDB);
|
|
3352
|
-
const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.
|
|
3965
|
+
const [keyData, user] = await Promise.all([ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(accountId, deviceNumber), ctx.indexedDB.clientDB.getUserByDevice(accountId, deviceNumber)]);
|
|
3353
3966
|
const publicKey = user?.clientNearPublicKey || "";
|
|
3354
3967
|
if (!keyData || !publicKey) throw new Error("Missing local key material for export. Re-register to upgrade vault.");
|
|
3355
3968
|
const response = await ctx.sendMessage({
|
|
@@ -3358,7 +3971,7 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3358
3971
|
type: WorkerRequestType.DecryptPrivateKeyWithPrf,
|
|
3359
3972
|
payload: {
|
|
3360
3973
|
nearAccountId: accountId,
|
|
3361
|
-
encryptedPrivateKeyData: keyData.
|
|
3974
|
+
encryptedPrivateKeyData: keyData.encryptedSk,
|
|
3362
3975
|
encryptedPrivateKeyChacha20NonceB64u: keyData.chacha20NonceB64u
|
|
3363
3976
|
}
|
|
3364
3977
|
}
|
|
@@ -3371,7 +3984,6 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3371
3984
|
}
|
|
3372
3985
|
const privateKey = response.payload.privateKey;
|
|
3373
3986
|
const showReq = {
|
|
3374
|
-
schemaVersion: 2,
|
|
3375
3987
|
requestId: sessionId,
|
|
3376
3988
|
type: SecureConfirmationType.SHOW_SECURE_PRIVATE_KEY_UI,
|
|
3377
3989
|
summary: {
|
|
@@ -3391,6 +4003,46 @@ async function exportNearKeypairUi({ ctx, nearAccountId, variant, theme, session
|
|
|
3391
4003
|
await runSecureConfirm(ctx, showReq);
|
|
3392
4004
|
}
|
|
3393
4005
|
|
|
4006
|
+
//#endregion
|
|
4007
|
+
//#region src/core/WebAuthnManager/SignerWorkerManager/handlers/deriveThresholdEd25519ClientVerifyingShare.ts
|
|
4008
|
+
async function deriveThresholdEd25519ClientVerifyingShare(args) {
|
|
4009
|
+
const { ctx } = args;
|
|
4010
|
+
const sessionId = args.sessionId;
|
|
4011
|
+
const nearAccountId = args.nearAccountId;
|
|
4012
|
+
try {
|
|
4013
|
+
if (!sessionId) throw new Error("Missing sessionId");
|
|
4014
|
+
if (!nearAccountId) throw new Error("Missing nearAccountId");
|
|
4015
|
+
const response = await ctx.sendMessage({
|
|
4016
|
+
sessionId,
|
|
4017
|
+
message: {
|
|
4018
|
+
type: WorkerRequestType.DeriveThresholdEd25519ClientVerifyingShare,
|
|
4019
|
+
payload: { nearAccountId }
|
|
4020
|
+
}
|
|
4021
|
+
});
|
|
4022
|
+
if (response.type !== WorkerResponseType.DeriveThresholdEd25519ClientVerifyingShareSuccess) throw new Error("DeriveThresholdEd25519ClientVerifyingShare failed");
|
|
4023
|
+
const wasmResult = response.payload;
|
|
4024
|
+
const clientVerifyingShareB64u = wasmResult?.clientVerifyingShareB64u;
|
|
4025
|
+
const wrapKeySalt = wasmResult?.wrapKeySalt;
|
|
4026
|
+
if (!clientVerifyingShareB64u) throw new Error("Missing clientVerifyingShareB64u in worker response");
|
|
4027
|
+
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in worker response");
|
|
4028
|
+
return {
|
|
4029
|
+
success: true,
|
|
4030
|
+
nearAccountId,
|
|
4031
|
+
clientVerifyingShareB64u,
|
|
4032
|
+
wrapKeySalt
|
|
4033
|
+
};
|
|
4034
|
+
} catch (error) {
|
|
4035
|
+
const message = String(error?.message ?? error);
|
|
4036
|
+
return {
|
|
4037
|
+
success: false,
|
|
4038
|
+
nearAccountId,
|
|
4039
|
+
clientVerifyingShareB64u: "",
|
|
4040
|
+
wrapKeySalt: "",
|
|
4041
|
+
error: message
|
|
4042
|
+
};
|
|
4043
|
+
}
|
|
4044
|
+
}
|
|
4045
|
+
|
|
3394
4046
|
//#endregion
|
|
3395
4047
|
//#region src/core/WebAuthnManager/SignerWorkerManager/index.ts
|
|
3396
4048
|
/**
|
|
@@ -3406,15 +4058,17 @@ var SignerWorkerManager = class {
|
|
|
3406
4058
|
nearClient;
|
|
3407
4059
|
userPreferencesManager;
|
|
3408
4060
|
nonceManager;
|
|
4061
|
+
relayerUrl;
|
|
3409
4062
|
workerBaseOrigin;
|
|
3410
4063
|
nearExplorerUrl;
|
|
3411
|
-
constructor(vrfWorkerManager, nearClient, userPreferencesManager, nonceManager, rpIdOverride, enableSafariGetWebauthnRegistrationFallback = true, nearExplorerUrl) {
|
|
4064
|
+
constructor(vrfWorkerManager, nearClient, userPreferencesManager, nonceManager, relayerUrl, rpIdOverride, enableSafariGetWebauthnRegistrationFallback = true, nearExplorerUrl) {
|
|
3412
4065
|
this.indexedDB = IndexedDBManager;
|
|
3413
4066
|
this.touchIdPrompt = new TouchIdPrompt(rpIdOverride, enableSafariGetWebauthnRegistrationFallback);
|
|
3414
4067
|
this.vrfWorkerManager = vrfWorkerManager;
|
|
3415
4068
|
this.nearClient = nearClient;
|
|
3416
4069
|
this.userPreferencesManager = userPreferencesManager;
|
|
3417
4070
|
this.nonceManager = nonceManager;
|
|
4071
|
+
this.relayerUrl = relayerUrl;
|
|
3418
4072
|
this.nearExplorerUrl = nearExplorerUrl;
|
|
3419
4073
|
}
|
|
3420
4074
|
setWorkerBaseOrigin(origin) {
|
|
@@ -3430,7 +4084,8 @@ var SignerWorkerManager = class {
|
|
|
3430
4084
|
userPreferencesManager: this.userPreferencesManager,
|
|
3431
4085
|
nonceManager: this.nonceManager,
|
|
3432
4086
|
rpIdOverride: this.touchIdPrompt.getRpId(),
|
|
3433
|
-
nearExplorerUrl: this.nearExplorerUrl
|
|
4087
|
+
nearExplorerUrl: this.nearExplorerUrl,
|
|
4088
|
+
relayerUrl: this.relayerUrl
|
|
3434
4089
|
};
|
|
3435
4090
|
}
|
|
3436
4091
|
createSecureWorker() {
|
|
@@ -3712,6 +4367,13 @@ var SignerWorkerManager = class {
|
|
|
3712
4367
|
...args
|
|
3713
4368
|
});
|
|
3714
4369
|
}
|
|
4370
|
+
async deriveThresholdEd25519ClientVerifyingShare(args) {
|
|
4371
|
+
return deriveThresholdEd25519ClientVerifyingShare({
|
|
4372
|
+
ctx: this.getContext(),
|
|
4373
|
+
sessionId: args.sessionId,
|
|
4374
|
+
nearAccountId: String(args.nearAccountId)
|
|
4375
|
+
});
|
|
4376
|
+
}
|
|
3715
4377
|
/**
|
|
3716
4378
|
* Secure private key decryption with dual PRF
|
|
3717
4379
|
*/
|
|
@@ -3826,7 +4488,8 @@ async function checkVrfStatus(ctx) {
|
|
|
3826
4488
|
} catch {
|
|
3827
4489
|
return {
|
|
3828
4490
|
active: false,
|
|
3829
|
-
nearAccountId: null
|
|
4491
|
+
nearAccountId: null,
|
|
4492
|
+
vrfPublicKey: null
|
|
3830
4493
|
};
|
|
3831
4494
|
}
|
|
3832
4495
|
try {
|
|
@@ -3842,18 +4505,21 @@ async function checkVrfStatus(ctx) {
|
|
|
3842
4505
|
return {
|
|
3843
4506
|
active: data.active,
|
|
3844
4507
|
nearAccountId: current ? toAccountId(current) : null,
|
|
3845
|
-
sessionDuration: data.sessionDuration
|
|
4508
|
+
sessionDuration: data.sessionDuration,
|
|
4509
|
+
vrfPublicKey: data.vrfPublicKey ?? null
|
|
3846
4510
|
};
|
|
3847
4511
|
}
|
|
3848
4512
|
return {
|
|
3849
4513
|
active: false,
|
|
3850
|
-
nearAccountId: null
|
|
4514
|
+
nearAccountId: null,
|
|
4515
|
+
vrfPublicKey: null
|
|
3851
4516
|
};
|
|
3852
4517
|
} catch (error) {
|
|
3853
4518
|
console.warn("VRF Manager: Failed to get VRF status:", error);
|
|
3854
4519
|
return {
|
|
3855
4520
|
active: false,
|
|
3856
|
-
nearAccountId: null
|
|
4521
|
+
nearAccountId: null,
|
|
4522
|
+
vrfPublicKey: null
|
|
3857
4523
|
};
|
|
3858
4524
|
}
|
|
3859
4525
|
}
|
|
@@ -3965,7 +4631,7 @@ async function confirmAndDeriveDevice2RegistrationSession(ctx, params) {
|
|
|
3965
4631
|
/**
|
|
3966
4632
|
* Kick off the SecureConfirm signing flow inside the VRF worker.
|
|
3967
4633
|
*
|
|
3968
|
-
* This creates a
|
|
4634
|
+
* This creates a `SecureConfirmRequest` (tx / delegate / NEP-413) and sends it to the
|
|
3969
4635
|
* VRF worker, which will render UI, collect a WebAuthn credential when needed, and return the
|
|
3970
4636
|
* `transactionContext` (reserved nonces, block hash/height) needed by the signer worker.
|
|
3971
4637
|
*/
|
|
@@ -3989,14 +4655,15 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
3989
4655
|
...params.body != null ? { body: params.body } : {}
|
|
3990
4656
|
};
|
|
3991
4657
|
request = {
|
|
3992
|
-
schemaVersion: 2,
|
|
3993
4658
|
requestId: sessionId,
|
|
3994
4659
|
type: SecureConfirmationType.SIGN_TRANSACTION,
|
|
3995
4660
|
summary,
|
|
3996
4661
|
payload: {
|
|
3997
4662
|
txSigningRequests,
|
|
3998
4663
|
intentDigest,
|
|
3999
|
-
rpcCall: params.rpcCall
|
|
4664
|
+
rpcCall: params.rpcCall,
|
|
4665
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4666
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4000
4667
|
},
|
|
4001
4668
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4002
4669
|
intentDigest
|
|
@@ -4027,14 +4694,15 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4027
4694
|
}
|
|
4028
4695
|
};
|
|
4029
4696
|
request = {
|
|
4030
|
-
schemaVersion: 2,
|
|
4031
4697
|
requestId: sessionId,
|
|
4032
4698
|
type: SecureConfirmationType.SIGN_TRANSACTION,
|
|
4033
4699
|
summary,
|
|
4034
4700
|
payload: {
|
|
4035
4701
|
txSigningRequests,
|
|
4036
4702
|
intentDigest,
|
|
4037
|
-
rpcCall: params.rpcCall
|
|
4703
|
+
rpcCall: params.rpcCall,
|
|
4704
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4705
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4038
4706
|
},
|
|
4039
4707
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4040
4708
|
intentDigest
|
|
@@ -4051,7 +4719,6 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4051
4719
|
...params.body != null ? { body: params.body } : {}
|
|
4052
4720
|
};
|
|
4053
4721
|
request = {
|
|
4054
|
-
schemaVersion: 2,
|
|
4055
4722
|
requestId: sessionId,
|
|
4056
4723
|
type: SecureConfirmationType.SIGN_NEP413_MESSAGE,
|
|
4057
4724
|
summary,
|
|
@@ -4059,8 +4726,10 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4059
4726
|
nearAccountId: params.nearAccountId,
|
|
4060
4727
|
message: params.message,
|
|
4061
4728
|
recipient: params.recipient,
|
|
4729
|
+
...params.sessionPolicyDigest32 ? { sessionPolicyDigest32: params.sessionPolicyDigest32 } : {},
|
|
4062
4730
|
...params.contractId ? { contractId: params.contractId } : {},
|
|
4063
|
-
...params.nearRpcUrl ? { nearRpcUrl: params.nearRpcUrl } : {}
|
|
4731
|
+
...params.nearRpcUrl ? { nearRpcUrl: params.nearRpcUrl } : {},
|
|
4732
|
+
...params.signingAuthMode ? { signingAuthMode: params.signingAuthMode } : {}
|
|
4064
4733
|
},
|
|
4065
4734
|
confirmationConfig: params.confirmationConfigOverride,
|
|
4066
4735
|
intentDigest
|
|
@@ -4084,7 +4753,8 @@ async function confirmAndPrepareSigningSession(handlerCtx, params) {
|
|
|
4084
4753
|
sessionId,
|
|
4085
4754
|
transactionContext: decision.transaction_context,
|
|
4086
4755
|
intentDigest: decision.intent_digest || intentDigest,
|
|
4087
|
-
credential: decision.credential
|
|
4756
|
+
credential: decision.credential,
|
|
4757
|
+
vrfChallenge: decision.vrf_challenge
|
|
4088
4758
|
};
|
|
4089
4759
|
}
|
|
4090
4760
|
function computeTotalAmountYocto(txSigningRequests) {
|
|
@@ -4108,31 +4778,6 @@ function computeTotalAmountYocto(txSigningRequests) {
|
|
|
4108
4778
|
}
|
|
4109
4779
|
}
|
|
4110
4780
|
|
|
4111
|
-
//#endregion
|
|
4112
|
-
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/createSigningSessionChannel.ts
|
|
4113
|
-
/**
|
|
4114
|
-
* Create a VRF-owned MessageChannel for signing and return the signer-facing port.
|
|
4115
|
-
* VRF retains the sibling port for WrapKeySeed delivery.
|
|
4116
|
-
*
|
|
4117
|
-
* This is the first step in the VRF ↔ Signer "warm session" handshake:
|
|
4118
|
-
* - transfer Port1 to the VRF worker (sender),
|
|
4119
|
-
* - return Port2 so the caller can transfer it to the signer worker (receiver).
|
|
4120
|
-
*/
|
|
4121
|
-
async function createSigningSessionChannel(ctx, sessionId) {
|
|
4122
|
-
await ctx.ensureWorkerReady(true);
|
|
4123
|
-
const channel = new MessageChannel();
|
|
4124
|
-
try {
|
|
4125
|
-
ctx.postToWorker({
|
|
4126
|
-
type: WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT,
|
|
4127
|
-
sessionId
|
|
4128
|
-
}, [channel.port1]);
|
|
4129
|
-
} catch (err) {
|
|
4130
|
-
console.error("[VrfWorkerManager] Failed to attach WrapKeySeed port to VRF worker", err);
|
|
4131
|
-
throw err;
|
|
4132
|
-
}
|
|
4133
|
-
return channel.port2;
|
|
4134
|
-
}
|
|
4135
|
-
|
|
4136
4781
|
//#endregion
|
|
4137
4782
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/deriveVrfKeypairFromPrf.ts
|
|
4138
4783
|
/**
|
|
@@ -4154,7 +4799,9 @@ async function deriveVrfKeypairFromPrf(ctx, args) {
|
|
|
4154
4799
|
userId: vrfInputData.userId,
|
|
4155
4800
|
rpId: vrfInputData.rpId,
|
|
4156
4801
|
blockHeight: String(vrfInputData.blockHeight),
|
|
4157
|
-
blockHash: vrfInputData.blockHash
|
|
4802
|
+
blockHash: vrfInputData.blockHash,
|
|
4803
|
+
intentDigest: vrfInputData.intentDigest,
|
|
4804
|
+
sessionPolicyDigest32: vrfInputData.sessionPolicyDigest32
|
|
4158
4805
|
} : void 0
|
|
4159
4806
|
}
|
|
4160
4807
|
};
|
|
@@ -4172,7 +4819,9 @@ async function deriveVrfKeypairFromPrf(ctx, args) {
|
|
|
4172
4819
|
userId: data.vrfChallengeData.userId,
|
|
4173
4820
|
rpId: data.vrfChallengeData.rpId,
|
|
4174
4821
|
blockHeight: data.vrfChallengeData.blockHeight,
|
|
4175
|
-
blockHash: data.vrfChallengeData.blockHash
|
|
4822
|
+
blockHash: data.vrfChallengeData.blockHash,
|
|
4823
|
+
...data.vrfChallengeData.intentDigest ? { intentDigest: data.vrfChallengeData.intentDigest } : {},
|
|
4824
|
+
...data.vrfChallengeData.sessionPolicyDigest32 ? { sessionPolicyDigest32: data.vrfChallengeData.sessionPolicyDigest32 } : {}
|
|
4176
4825
|
}) : null;
|
|
4177
4826
|
if (saveInMemory) {
|
|
4178
4827
|
ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
@@ -4250,6 +4899,30 @@ async function dispenseSessionKey(ctx, args) {
|
|
|
4250
4899
|
return response.data || { sessionId: args.sessionId };
|
|
4251
4900
|
}
|
|
4252
4901
|
|
|
4902
|
+
//#endregion
|
|
4903
|
+
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.ts
|
|
4904
|
+
/**
|
|
4905
|
+
* Shamir 3-pass (client): decrypt/unlock a VRF keypair using a server-protected envelope.
|
|
4906
|
+
*
|
|
4907
|
+
* On success, the VRF keypair becomes active in the VRF worker and is bound (in TS state) to `nearAccountId`.
|
|
4908
|
+
*/
|
|
4909
|
+
async function shamir3PassDecryptVrfKeypair(ctx, args) {
|
|
4910
|
+
await ctx.ensureWorkerReady(true);
|
|
4911
|
+
const message = {
|
|
4912
|
+
type: "SHAMIR3PASS_CLIENT_DECRYPT_VRF_KEYPAIR",
|
|
4913
|
+
id: ctx.generateMessageId(),
|
|
4914
|
+
payload: {
|
|
4915
|
+
nearAccountId: args.nearAccountId,
|
|
4916
|
+
kek_s_b64u: args.kek_s_b64u,
|
|
4917
|
+
ciphertextVrfB64u: args.ciphertextVrfB64u,
|
|
4918
|
+
keyId: args.serverKeyId
|
|
4919
|
+
}
|
|
4920
|
+
};
|
|
4921
|
+
const response = await ctx.sendMessage(message);
|
|
4922
|
+
if (response.success) ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
4923
|
+
return response;
|
|
4924
|
+
}
|
|
4925
|
+
|
|
4253
4926
|
//#endregion
|
|
4254
4927
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfChallenge.ts
|
|
4255
4928
|
/**
|
|
@@ -4271,6 +4944,7 @@ async function generateVrfChallengeOnce(ctx, inputData) {
|
|
|
4271
4944
|
}
|
|
4272
4945
|
async function generateVrfChallengeInternal(ctx, inputData, sessionId) {
|
|
4273
4946
|
await ctx.ensureWorkerReady(true);
|
|
4947
|
+
await ensureVrfKeypairBoundToLastUser(ctx, inputData.userId);
|
|
4274
4948
|
const message = {
|
|
4275
4949
|
type: "GENERATE_VRF_CHALLENGE",
|
|
4276
4950
|
id: ctx.generateMessageId(),
|
|
@@ -4280,16 +4954,45 @@ async function generateVrfChallengeInternal(ctx, inputData, sessionId) {
|
|
|
4280
4954
|
userId: inputData.userId,
|
|
4281
4955
|
rpId: inputData.rpId,
|
|
4282
4956
|
blockHeight: String(inputData.blockHeight),
|
|
4283
|
-
blockHash: inputData.blockHash
|
|
4957
|
+
blockHash: inputData.blockHash,
|
|
4958
|
+
intentDigest: inputData.intentDigest,
|
|
4959
|
+
sessionPolicyDigest32: inputData.sessionPolicyDigest32
|
|
4284
4960
|
}
|
|
4285
4961
|
}
|
|
4286
4962
|
};
|
|
4287
4963
|
const response = await ctx.sendMessage(message);
|
|
4288
4964
|
if (!response.success || !response.data) throw new Error(`VRF challenge generation failed: ${response.error}`);
|
|
4289
4965
|
const data = response.data;
|
|
4290
|
-
console.debug("VRF Manager: VRF challenge generated successfully");
|
|
4291
4966
|
return validateVRFChallenge(data);
|
|
4292
4967
|
}
|
|
4968
|
+
async function ensureVrfKeypairBoundToLastUser(ctx, nearAccountId) {
|
|
4969
|
+
const accountId = toAccountId(nearAccountId);
|
|
4970
|
+
const { indexedDB: indexedDB$1 } = ctx.getContext();
|
|
4971
|
+
const lastUser = await indexedDB$1.clientDB.getLastUser().catch(() => null);
|
|
4972
|
+
if (!lastUser || toAccountId(lastUser.nearAccountId) !== accountId) return;
|
|
4973
|
+
const lastUserDeviceNumber = Number(lastUser.deviceNumber);
|
|
4974
|
+
if (!Number.isFinite(lastUserDeviceNumber) || lastUserDeviceNumber < 1) return;
|
|
4975
|
+
const status = await checkVrfStatus(ctx);
|
|
4976
|
+
const currentVrfPublicKey = toTrimmedString(status.vrfPublicKey);
|
|
4977
|
+
const authenticators = await indexedDB$1.clientDB.getAuthenticatorsByUser(accountId).catch(() => []);
|
|
4978
|
+
const expectedVrfPublicKey = toTrimmedString(authenticators.find((a) => a.credentialId === lastUser.passkeyCredential.rawId)?.vrfPublicKey ?? authenticators.find((a) => a.deviceNumber === lastUserDeviceNumber)?.vrfPublicKey);
|
|
4979
|
+
const needsRebind = !status.active || expectedVrfPublicKey && currentVrfPublicKey !== expectedVrfPublicKey;
|
|
4980
|
+
if (!needsRebind) return;
|
|
4981
|
+
const shamir = lastUser.serverEncryptedVrfKeypair;
|
|
4982
|
+
if (!shamir?.ciphertextVrfB64u || !shamir?.kek_s_b64u || !shamir?.serverKeyId) throw new Error("VRF session is not bound to the last logged-in passkey device. Please log in again on this device.");
|
|
4983
|
+
const unlock = await shamir3PassDecryptVrfKeypair(ctx, {
|
|
4984
|
+
nearAccountId: accountId,
|
|
4985
|
+
ciphertextVrfB64u: shamir.ciphertextVrfB64u,
|
|
4986
|
+
kek_s_b64u: shamir.kek_s_b64u,
|
|
4987
|
+
serverKeyId: shamir.serverKeyId
|
|
4988
|
+
});
|
|
4989
|
+
if (!unlock.success) throw new Error(unlock.error || "Failed to rebind VRF keypair to the last logged-in device");
|
|
4990
|
+
if (expectedVrfPublicKey) {
|
|
4991
|
+
const rebound = await checkVrfStatus(ctx);
|
|
4992
|
+
const reboundPk = toTrimmedString(rebound.vrfPublicKey);
|
|
4993
|
+
if (!rebound.active || reboundPk !== expectedVrfPublicKey) throw new Error("VRF session mismatch: VRF keypair did not match the last logged-in device after rebind. Please log in again.");
|
|
4994
|
+
}
|
|
4995
|
+
}
|
|
4293
4996
|
|
|
4294
4997
|
//#endregion
|
|
4295
4998
|
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/generateVrfKeypairBootstrap.ts
|
|
@@ -4313,7 +5016,9 @@ async function generateVrfKeypairBootstrap(ctx, args) {
|
|
|
4313
5016
|
userId: args.vrfInputData.userId,
|
|
4314
5017
|
rpId: args.vrfInputData.rpId,
|
|
4315
5018
|
blockHeight: String(args.vrfInputData.blockHeight),
|
|
4316
|
-
blockHash: args.vrfInputData.blockHash
|
|
5019
|
+
blockHash: args.vrfInputData.blockHash,
|
|
5020
|
+
intentDigest: args.vrfInputData.intentDigest,
|
|
5021
|
+
sessionPolicyDigest32: args.vrfInputData.sessionPolicyDigest32
|
|
4317
5022
|
} : void 0
|
|
4318
5023
|
}
|
|
4319
5024
|
};
|
|
@@ -4335,7 +5040,9 @@ async function generateVrfKeypairBootstrap(ctx, args) {
|
|
|
4335
5040
|
userId: challengeData.userId,
|
|
4336
5041
|
rpId: challengeData.rpId,
|
|
4337
5042
|
blockHeight: challengeData.blockHeight,
|
|
4338
|
-
blockHash: challengeData.blockHash
|
|
5043
|
+
blockHash: challengeData.blockHash,
|
|
5044
|
+
...challengeData.intentDigest ? { intentDigest: challengeData.intentDigest } : {},
|
|
5045
|
+
...challengeData.sessionPolicyDigest32 ? { sessionPolicyDigest32: challengeData.sessionPolicyDigest32 } : {}
|
|
4339
5046
|
})
|
|
4340
5047
|
};
|
|
4341
5048
|
} catch (error) {
|
|
@@ -4426,7 +5133,6 @@ async function requestRegistrationCredentialConfirmation$1({ ctx, nearAccountId,
|
|
|
4426
5133
|
const title = confirmerText?.title;
|
|
4427
5134
|
const body = confirmerText?.body;
|
|
4428
5135
|
const request = {
|
|
4429
|
-
schemaVersion: 2,
|
|
4430
5136
|
requestId,
|
|
4431
5137
|
type: SecureConfirmationType.REGISTER_ACCOUNT,
|
|
4432
5138
|
summary: {
|
|
@@ -4466,48 +5172,24 @@ async function requestRegistrationCredentialConfirmation$1({ ctx, nearAccountId,
|
|
|
4466
5172
|
* Kick off the SecureConfirm UI flow for account registration and return the confirmed decision.
|
|
4467
5173
|
*
|
|
4468
5174
|
* This is used when the host (main thread) needs a registration credential + VRF challenge + NEAR context,
|
|
4469
|
-
* but the UI/confirmation orchestration lives in the VRF worker confirmation flow.
|
|
4470
|
-
*/
|
|
4471
|
-
async function requestRegistrationCredentialConfirmation(ctx, params) {
|
|
4472
|
-
const hostCtx = ctx.getContext();
|
|
4473
|
-
const decision = await requestRegistrationCredentialConfirmation$1({
|
|
4474
|
-
ctx: hostCtx,
|
|
4475
|
-
nearAccountId: params.nearAccountId,
|
|
4476
|
-
deviceNumber: params.deviceNumber,
|
|
4477
|
-
confirmerText: params.confirmerText,
|
|
4478
|
-
contractId: params.contractId,
|
|
4479
|
-
nearRpcUrl: params.nearRpcUrl,
|
|
4480
|
-
confirmationConfig: params.confirmationConfigOverride
|
|
4481
|
-
});
|
|
4482
|
-
if (!decision.confirmed) throw new Error(decision.error || "User rejected registration request");
|
|
4483
|
-
if (!decision.credential) throw new Error("Missing credential from registration confirmation");
|
|
4484
|
-
if (!decision.vrfChallenge) throw new Error("Missing vrfChallenge from registration confirmation");
|
|
4485
|
-
if (!decision.transactionContext) throw new Error("Missing transactionContext from registration confirmation");
|
|
4486
|
-
return decision;
|
|
4487
|
-
}
|
|
4488
|
-
|
|
4489
|
-
//#endregion
|
|
4490
|
-
//#region src/core/WebAuthnManager/VrfWorkerManager/handlers/shamir3PassDecryptVrfKeypair.ts
|
|
4491
|
-
/**
|
|
4492
|
-
* Shamir 3-pass (client): decrypt/unlock a VRF keypair using a server-protected envelope.
|
|
4493
|
-
*
|
|
4494
|
-
* On success, the VRF keypair becomes active in the VRF worker and is bound (in TS state) to `nearAccountId`.
|
|
4495
|
-
*/
|
|
4496
|
-
async function shamir3PassDecryptVrfKeypair(ctx, args) {
|
|
4497
|
-
await ctx.ensureWorkerReady(true);
|
|
4498
|
-
const message = {
|
|
4499
|
-
type: "SHAMIR3PASS_CLIENT_DECRYPT_VRF_KEYPAIR",
|
|
4500
|
-
id: ctx.generateMessageId(),
|
|
4501
|
-
payload: {
|
|
4502
|
-
nearAccountId: args.nearAccountId,
|
|
4503
|
-
kek_s_b64u: args.kek_s_b64u,
|
|
4504
|
-
ciphertextVrfB64u: args.ciphertextVrfB64u,
|
|
4505
|
-
keyId: args.serverKeyId
|
|
4506
|
-
}
|
|
4507
|
-
};
|
|
4508
|
-
const response = await ctx.sendMessage(message);
|
|
4509
|
-
if (response.success) ctx.setCurrentVrfAccountId(args.nearAccountId);
|
|
4510
|
-
return response;
|
|
5175
|
+
* but the UI/confirmation orchestration lives in the VRF worker confirmation flow.
|
|
5176
|
+
*/
|
|
5177
|
+
async function requestRegistrationCredentialConfirmation(ctx, params) {
|
|
5178
|
+
const hostCtx = ctx.getContext();
|
|
5179
|
+
const decision = await requestRegistrationCredentialConfirmation$1({
|
|
5180
|
+
ctx: hostCtx,
|
|
5181
|
+
nearAccountId: params.nearAccountId,
|
|
5182
|
+
deviceNumber: params.deviceNumber,
|
|
5183
|
+
confirmerText: params.confirmerText,
|
|
5184
|
+
contractId: params.contractId,
|
|
5185
|
+
nearRpcUrl: params.nearRpcUrl,
|
|
5186
|
+
confirmationConfig: params.confirmationConfigOverride
|
|
5187
|
+
});
|
|
5188
|
+
if (!decision.confirmed) throw new Error(decision.error || "User rejected registration request");
|
|
5189
|
+
if (!decision.credential) throw new Error("Missing credential from registration confirmation");
|
|
5190
|
+
if (!decision.vrfChallenge) throw new Error("Missing vrfChallenge from registration confirmation");
|
|
5191
|
+
if (!decision.transactionContext) throw new Error("Missing transactionContext from registration confirmation");
|
|
5192
|
+
return decision;
|
|
4511
5193
|
}
|
|
4512
5194
|
|
|
4513
5195
|
//#endregion
|
|
@@ -4632,7 +5314,41 @@ var VrfWorkerManager = class {
|
|
|
4632
5314
|
* VRF retains the sibling port for WrapKeySeed delivery.
|
|
4633
5315
|
*/
|
|
4634
5316
|
async createSigningSessionChannel(sessionId) {
|
|
4635
|
-
|
|
5317
|
+
await this.ensureWorkerReady(true);
|
|
5318
|
+
if (!this.vrfWorker) throw new Error("VRF Web Worker not available");
|
|
5319
|
+
const channel = new MessageChannel();
|
|
5320
|
+
const ackPromise = new Promise((resolve, reject) => {
|
|
5321
|
+
const worker = this.vrfWorker;
|
|
5322
|
+
const timeout = setTimeout(() => {
|
|
5323
|
+
cleanup();
|
|
5324
|
+
reject(/* @__PURE__ */ new Error(`Timeout waiting for VRF WrapKeySeed port attach for session ${sessionId}`));
|
|
5325
|
+
}, 2e3);
|
|
5326
|
+
const onMessage = (event) => {
|
|
5327
|
+
const msg = event?.data;
|
|
5328
|
+
if (!msg || typeof msg.type !== "string") return;
|
|
5329
|
+
if (msg.sessionId !== sessionId) return;
|
|
5330
|
+
if (msg.type === WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_ERROR) {
|
|
5331
|
+
cleanup();
|
|
5332
|
+
reject(new Error(String(msg.error || "VRF worker failed to attach WrapKeySeed port")));
|
|
5333
|
+
return;
|
|
5334
|
+
}
|
|
5335
|
+
if (msg.type === WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT_OK) {
|
|
5336
|
+
cleanup();
|
|
5337
|
+
resolve();
|
|
5338
|
+
}
|
|
5339
|
+
};
|
|
5340
|
+
const cleanup = () => {
|
|
5341
|
+
clearTimeout(timeout);
|
|
5342
|
+
worker.removeEventListener("message", onMessage);
|
|
5343
|
+
};
|
|
5344
|
+
worker.addEventListener("message", onMessage);
|
|
5345
|
+
});
|
|
5346
|
+
this.vrfWorker.postMessage({
|
|
5347
|
+
type: WorkerControlMessage.ATTACH_WRAP_KEY_SEED_PORT,
|
|
5348
|
+
sessionId
|
|
5349
|
+
}, [channel.port1]);
|
|
5350
|
+
await ackPromise;
|
|
5351
|
+
return channel.port2;
|
|
4636
5352
|
}
|
|
4637
5353
|
/**
|
|
4638
5354
|
* Derive WrapKeySeed in the VRF worker and deliver it (along with PRF.second if credential provided)
|
|
@@ -4929,9 +5645,13 @@ var VrfWorkerManager = class {
|
|
|
4929
5645
|
var UserPreferencesManager = class {
|
|
4930
5646
|
themeChangeListeners = /* @__PURE__ */ new Set();
|
|
4931
5647
|
confirmationConfigChangeListeners = /* @__PURE__ */ new Set();
|
|
5648
|
+
signerModeChangeListeners = /* @__PURE__ */ new Set();
|
|
4932
5649
|
currentUserAccountId;
|
|
4933
5650
|
confirmationConfig = DEFAULT_CONFIRMATION_CONFIG;
|
|
5651
|
+
signerMode = DEFAULT_SIGNING_MODE;
|
|
4934
5652
|
walletThemeOverride = null;
|
|
5653
|
+
signerModeOverride = null;
|
|
5654
|
+
walletIframeSignerModeWriter = null;
|
|
4935
5655
|
envThemeSyncedForSession = false;
|
|
4936
5656
|
constructor() {
|
|
4937
5657
|
this.subscribeToIndexedDBChanges();
|
|
@@ -4957,6 +5677,26 @@ var UserPreferencesManager = class {
|
|
|
4957
5677
|
}
|
|
4958
5678
|
}
|
|
4959
5679
|
/**
|
|
5680
|
+
* Apply an app-provided default signer mode (e.g., `configs.signerMode`) without
|
|
5681
|
+
* persisting it as a per-user preference in IndexedDB.
|
|
5682
|
+
*/
|
|
5683
|
+
configureDefaultSignerMode(signerMode) {
|
|
5684
|
+
const next = coerceSignerMode(signerMode, DEFAULT_SIGNING_MODE);
|
|
5685
|
+
this.signerModeOverride = next;
|
|
5686
|
+
if (!this.currentUserAccountId) this.setSignerModeInternal(next, {
|
|
5687
|
+
persist: false,
|
|
5688
|
+
notify: true
|
|
5689
|
+
});
|
|
5690
|
+
}
|
|
5691
|
+
/**
|
|
5692
|
+
* In wallet-iframe mode on the app origin, user preferences must be persisted by the wallet host
|
|
5693
|
+
* (not the app origin). This configures a best-effort writer used by `setSignerMode(...)` when
|
|
5694
|
+
* IndexedDB is disabled.
|
|
5695
|
+
*/
|
|
5696
|
+
configureWalletIframeSignerModeWriter(writer) {
|
|
5697
|
+
this.walletIframeSignerModeWriter = writer;
|
|
5698
|
+
}
|
|
5699
|
+
/**
|
|
4960
5700
|
* Register a callback for theme change events
|
|
4961
5701
|
*/
|
|
4962
5702
|
onThemeChange(callback) {
|
|
@@ -4976,6 +5716,15 @@ var UserPreferencesManager = class {
|
|
|
4976
5716
|
};
|
|
4977
5717
|
}
|
|
4978
5718
|
/**
|
|
5719
|
+
* Register a callback for signer mode changes.
|
|
5720
|
+
*/
|
|
5721
|
+
onSignerModeChange(callback) {
|
|
5722
|
+
this.signerModeChangeListeners.add(callback);
|
|
5723
|
+
return () => {
|
|
5724
|
+
this.signerModeChangeListeners.delete(callback);
|
|
5725
|
+
};
|
|
5726
|
+
}
|
|
5727
|
+
/**
|
|
4979
5728
|
* Notify all registered listeners of theme changes
|
|
4980
5729
|
*/
|
|
4981
5730
|
notifyThemeChange(theme) {
|
|
@@ -4983,21 +5732,15 @@ var UserPreferencesManager = class {
|
|
|
4983
5732
|
console.debug(`[UserPreferencesManager]: No listeners registered, theme change will not propagate.`);
|
|
4984
5733
|
return;
|
|
4985
5734
|
}
|
|
4986
|
-
|
|
4987
|
-
this.themeChangeListeners.forEach((listener) => {
|
|
4988
|
-
index++;
|
|
4989
|
-
try {
|
|
4990
|
-
listener(theme);
|
|
4991
|
-
} catch (error) {}
|
|
4992
|
-
});
|
|
5735
|
+
for (const listener of this.themeChangeListeners) listener(theme);
|
|
4993
5736
|
}
|
|
4994
5737
|
notifyConfirmationConfigChange(config) {
|
|
4995
5738
|
if (this.confirmationConfigChangeListeners.size === 0) return;
|
|
4996
|
-
this.confirmationConfigChangeListeners
|
|
4997
|
-
|
|
4998
|
-
|
|
4999
|
-
|
|
5000
|
-
|
|
5739
|
+
for (const listener of this.confirmationConfigChangeListeners) listener(config);
|
|
5740
|
+
}
|
|
5741
|
+
notifySignerModeChange(mode) {
|
|
5742
|
+
if (this.signerModeChangeListeners.size === 0) return;
|
|
5743
|
+
for (const listener of this.signerModeChangeListeners) listener(mode);
|
|
5001
5744
|
}
|
|
5002
5745
|
/**
|
|
5003
5746
|
* Best-effort async initialization from IndexedDB.
|
|
@@ -5006,18 +5749,18 @@ var UserPreferencesManager = class {
|
|
|
5006
5749
|
* app-origin IndexedDB (wallet-iframe mode) can skip it entirely.
|
|
5007
5750
|
*/
|
|
5008
5751
|
async initFromIndexedDB() {
|
|
5009
|
-
|
|
5010
|
-
await this.loadUserSettings();
|
|
5011
|
-
} catch (error) {
|
|
5752
|
+
await this.loadUserSettings().catch((error) => {
|
|
5012
5753
|
console.warn("[WebAuthnManager]: Failed to initialize user settings:", error);
|
|
5013
|
-
}
|
|
5754
|
+
});
|
|
5014
5755
|
}
|
|
5015
5756
|
/**
|
|
5016
5757
|
* Subscribe to IndexedDB change events for automatic synchronization
|
|
5017
5758
|
*/
|
|
5018
5759
|
subscribeToIndexedDBChanges() {
|
|
5019
5760
|
this.unsubscribeFromIndexedDB = IndexedDBManager.clientDB.onChange((event) => {
|
|
5020
|
-
this.handleIndexedDBEvent(event)
|
|
5761
|
+
this.handleIndexedDBEvent(event).catch((error) => {
|
|
5762
|
+
console.warn("[WebAuthnManager]: Error handling IndexedDB event:", error);
|
|
5763
|
+
});
|
|
5021
5764
|
});
|
|
5022
5765
|
}
|
|
5023
5766
|
/**
|
|
@@ -5025,23 +5768,19 @@ var UserPreferencesManager = class {
|
|
|
5025
5768
|
* @param event - The IndexedDBEvent: `user-updated`, `preferences-updated`, `user-deleted` to handle.
|
|
5026
5769
|
*/
|
|
5027
5770
|
async handleIndexedDBEvent(event) {
|
|
5028
|
-
|
|
5029
|
-
|
|
5030
|
-
|
|
5031
|
-
|
|
5032
|
-
|
|
5033
|
-
|
|
5034
|
-
|
|
5035
|
-
|
|
5036
|
-
|
|
5037
|
-
|
|
5038
|
-
|
|
5039
|
-
|
|
5040
|
-
|
|
5041
|
-
break;
|
|
5042
|
-
}
|
|
5043
|
-
} catch (error) {
|
|
5044
|
-
console.warn("[WebAuthnManager]: Error handling IndexedDB event:", error);
|
|
5771
|
+
switch (event.type) {
|
|
5772
|
+
case "preferences-updated":
|
|
5773
|
+
if (event.accountId === this.currentUserAccountId) await this.reloadUserSettings();
|
|
5774
|
+
break;
|
|
5775
|
+
case "user-updated":
|
|
5776
|
+
if (event.accountId === this.currentUserAccountId) await this.reloadUserSettings();
|
|
5777
|
+
break;
|
|
5778
|
+
case "user-deleted":
|
|
5779
|
+
if (event.accountId === this.currentUserAccountId) {
|
|
5780
|
+
this.currentUserAccountId = void 0;
|
|
5781
|
+
this.confirmationConfig = DEFAULT_CONFIRMATION_CONFIG;
|
|
5782
|
+
}
|
|
5783
|
+
break;
|
|
5045
5784
|
}
|
|
5046
5785
|
}
|
|
5047
5786
|
/**
|
|
@@ -5056,8 +5795,10 @@ var UserPreferencesManager = class {
|
|
|
5056
5795
|
this.unsubscribeFromIndexedDB();
|
|
5057
5796
|
this.unsubscribeFromIndexedDB = void 0;
|
|
5058
5797
|
}
|
|
5798
|
+
this.walletIframeSignerModeWriter = null;
|
|
5059
5799
|
this.themeChangeListeners.clear();
|
|
5060
5800
|
this.confirmationConfigChangeListeners.clear();
|
|
5801
|
+
this.signerModeChangeListeners.clear();
|
|
5061
5802
|
}
|
|
5062
5803
|
getCurrentUserAccountId() {
|
|
5063
5804
|
if (!this.currentUserAccountId) {
|
|
@@ -5069,6 +5810,9 @@ var UserPreferencesManager = class {
|
|
|
5069
5810
|
getConfirmationConfig() {
|
|
5070
5811
|
return this.confirmationConfig;
|
|
5071
5812
|
}
|
|
5813
|
+
getSignerMode() {
|
|
5814
|
+
return this.signerMode;
|
|
5815
|
+
}
|
|
5072
5816
|
/**
|
|
5073
5817
|
* Apply an authoritative confirmation config snapshot from the wallet-iframe host.
|
|
5074
5818
|
* This updates in-memory state only; persistence remains owned by the wallet origin.
|
|
@@ -5086,6 +5830,20 @@ var UserPreferencesManager = class {
|
|
|
5086
5830
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5087
5831
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5088
5832
|
}
|
|
5833
|
+
/**
|
|
5834
|
+
* Apply an authoritative signer mode snapshot from the wallet-iframe host.
|
|
5835
|
+
* This updates in-memory state only; persistence remains owned by the wallet origin.
|
|
5836
|
+
*/
|
|
5837
|
+
applyWalletHostSignerMode(args) {
|
|
5838
|
+
const { nearAccountId, signerMode } = args || {};
|
|
5839
|
+
if (nearAccountId) this.currentUserAccountId = nearAccountId;
|
|
5840
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5841
|
+
const next = coerceSignerMode(signerMode, base$1);
|
|
5842
|
+
this.setSignerModeInternal(next, {
|
|
5843
|
+
persist: false,
|
|
5844
|
+
notify: true
|
|
5845
|
+
});
|
|
5846
|
+
}
|
|
5089
5847
|
setCurrentUser(nearAccountId) {
|
|
5090
5848
|
this.currentUserAccountId = nearAccountId;
|
|
5091
5849
|
if (!IndexedDBManager.clientDB.isDisabled()) this.loadSettingsForUser(nearAccountId).catch(() => void 0);
|
|
@@ -5117,6 +5875,13 @@ var UserPreferencesManager = class {
|
|
|
5117
5875
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5118
5876
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5119
5877
|
}
|
|
5878
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5879
|
+
const stored = user?.preferences?.signerMode;
|
|
5880
|
+
const nextSignerMode = stored != null ? coerceSignerMode(stored, base$1) : base$1;
|
|
5881
|
+
this.setSignerModeInternal(nextSignerMode, {
|
|
5882
|
+
persist: false,
|
|
5883
|
+
notify: true
|
|
5884
|
+
});
|
|
5120
5885
|
}
|
|
5121
5886
|
/**
|
|
5122
5887
|
* Reload current user settings from IndexedDB
|
|
@@ -5165,6 +5930,13 @@ var UserPreferencesManager = class {
|
|
|
5165
5930
|
this.notifyConfirmationConfigChange(this.confirmationConfig);
|
|
5166
5931
|
if (this.confirmationConfig.theme !== prevTheme) this.notifyThemeChange(this.confirmationConfig.theme);
|
|
5167
5932
|
} else console.debug("[WebAuthnManager]: No user preferences found, using defaults");
|
|
5933
|
+
const base$1 = this.signerModeOverride ?? DEFAULT_SIGNING_MODE;
|
|
5934
|
+
const stored = user?.preferences?.signerMode;
|
|
5935
|
+
const nextSignerMode = stored != null ? coerceSignerMode(stored, base$1) : base$1;
|
|
5936
|
+
this.setSignerModeInternal(nextSignerMode, {
|
|
5937
|
+
persist: false,
|
|
5938
|
+
notify: true
|
|
5939
|
+
});
|
|
5168
5940
|
} else console.debug("[WebAuthnManager]: No last user found, using default settings");
|
|
5169
5941
|
}
|
|
5170
5942
|
/**
|
|
@@ -5220,6 +5992,35 @@ var UserPreferencesManager = class {
|
|
|
5220
5992
|
console.warn("[UserPreferencesManager]: Failed to save user theme:", error);
|
|
5221
5993
|
}
|
|
5222
5994
|
}
|
|
5995
|
+
/**
|
|
5996
|
+
* Set signer mode preference (in-memory immediately; IndexedDB persistence is best-effort).
|
|
5997
|
+
*/
|
|
5998
|
+
setSignerMode(signerMode) {
|
|
5999
|
+
const next = mergeSignerMode(this.signerMode, signerMode);
|
|
6000
|
+
if (this.walletIframeSignerModeWriter && IndexedDBManager.clientDB.isDisabled()) {
|
|
6001
|
+
this.walletIframeSignerModeWriter(next).catch(() => void 0);
|
|
6002
|
+
return;
|
|
6003
|
+
}
|
|
6004
|
+
this.setSignerModeInternal(next, {
|
|
6005
|
+
persist: true,
|
|
6006
|
+
notify: true
|
|
6007
|
+
});
|
|
6008
|
+
}
|
|
6009
|
+
isSignerModeEqual(a, b) {
|
|
6010
|
+
if (a.mode !== b.mode) return false;
|
|
6011
|
+
if (a.mode !== "threshold-signer" || b.mode !== "threshold-signer") return true;
|
|
6012
|
+
return (a.behavior ?? null) === (b.behavior ?? null);
|
|
6013
|
+
}
|
|
6014
|
+
setSignerModeInternal(next, opts) {
|
|
6015
|
+
const prev = this.signerMode;
|
|
6016
|
+
this.signerMode = next;
|
|
6017
|
+
if (opts.notify && !this.isSignerModeEqual(prev, next)) this.notifySignerModeChange(next);
|
|
6018
|
+
if (opts.persist) {
|
|
6019
|
+
const id = this.currentUserAccountId;
|
|
6020
|
+
if (!id || IndexedDBManager.clientDB.isDisabled()) return;
|
|
6021
|
+
IndexedDBManager.clientDB.setSignerMode(id, next).catch(() => void 0);
|
|
6022
|
+
}
|
|
6023
|
+
}
|
|
5223
6024
|
};
|
|
5224
6025
|
const UserPreferencesInstance = new UserPreferencesManager();
|
|
5225
6026
|
var userPreferences_default = UserPreferencesInstance;
|
|
@@ -5367,10 +6168,8 @@ var NonceManager = class NonceManager {
|
|
|
5367
6168
|
} catch (akErr) {
|
|
5368
6169
|
const msg = errorMessage(akErr);
|
|
5369
6170
|
const missingAk = msg.includes("does not exist while viewing") || msg.includes("Access key not found") || msg.includes("unknown public key") || msg.includes("does not exist");
|
|
5370
|
-
if (missingAk)
|
|
5371
|
-
|
|
5372
|
-
maybeAccessKey = null;
|
|
5373
|
-
} else accessKeyError = akErr;
|
|
6171
|
+
if (missingAk) maybeAccessKey = null;
|
|
6172
|
+
else accessKeyError = akErr;
|
|
5374
6173
|
}
|
|
5375
6174
|
})());
|
|
5376
6175
|
if (fetchBlock) tasks.push((async () => {
|
|
@@ -5480,7 +6279,6 @@ var NonceManager = class NonceManager {
|
|
|
5480
6279
|
for (const n of planned) newSet.add(n);
|
|
5481
6280
|
this.reservedNonces = newSet;
|
|
5482
6281
|
this.lastReservedNonce = planned[planned.length - 1];
|
|
5483
|
-
console.debug(`[NonceManager]: Reserved ${count} nonces:`, planned);
|
|
5484
6282
|
return planned;
|
|
5485
6283
|
}
|
|
5486
6284
|
/**
|
|
@@ -5488,19 +6286,15 @@ var NonceManager = class NonceManager {
|
|
|
5488
6286
|
* @param nonce - The nonce to release
|
|
5489
6287
|
*/
|
|
5490
6288
|
releaseNonce(nonce) {
|
|
5491
|
-
if (this.reservedNonces.has(nonce))
|
|
5492
|
-
this.reservedNonces.delete(nonce);
|
|
5493
|
-
console.debug(`[NonceManager]: Released nonce ${nonce}`);
|
|
5494
|
-
}
|
|
6289
|
+
if (this.reservedNonces.has(nonce)) this.reservedNonces.delete(nonce);
|
|
5495
6290
|
}
|
|
5496
6291
|
/**
|
|
5497
6292
|
* Release all reserved nonces
|
|
5498
6293
|
*/
|
|
5499
6294
|
releaseAllNonces() {
|
|
5500
|
-
|
|
6295
|
+
this.reservedNonces.size;
|
|
5501
6296
|
this.reservedNonces.clear();
|
|
5502
6297
|
this.lastReservedNonce = null;
|
|
5503
|
-
console.debug(`[NonceManager]: Released all ${count} reserved nonces`);
|
|
5504
6298
|
}
|
|
5505
6299
|
/**
|
|
5506
6300
|
* Update nonce from blockchain after transaction completion
|
|
@@ -5515,7 +6309,7 @@ var NonceManager = class NonceManager {
|
|
|
5515
6309
|
if (!accessKeyInfo || accessKeyInfo.nonce === void 0) throw new Error(`Access key not found or invalid for account ${this.nearAccountId}`);
|
|
5516
6310
|
const chainNonceBigInt = BigInt(accessKeyInfo.nonce);
|
|
5517
6311
|
const actualNonceBigInt = BigInt(actualNonce);
|
|
5518
|
-
if (chainNonceBigInt < actualNonceBigInt - BigInt(1)) console.warn(`[NonceManager]: Chain nonce (${chainNonceBigInt}) behind expected (${actualNonceBigInt - BigInt(1)}).
|
|
6312
|
+
if (chainNonceBigInt < actualNonceBigInt - BigInt(1)) console.warn(`[NonceManager]: Chain nonce (${chainNonceBigInt}) behind expected (${actualNonceBigInt - BigInt(1)}). Updating...`);
|
|
5519
6313
|
const candidateNext = this.maxBigInt(chainNonceBigInt + 1n, actualNonceBigInt + 1n, this.transactionContext?.nextNonce ? BigInt(this.transactionContext.nextNonce) : 0n, this.lastReservedNonce ? BigInt(this.lastReservedNonce) + 1n : 0n);
|
|
5520
6314
|
if (this.transactionContext) {
|
|
5521
6315
|
this.transactionContext.accessKeyInfo = accessKeyInfo;
|
|
@@ -5620,10 +6414,221 @@ const NonceManagerInstance = NonceManager.getInstance();
|
|
|
5620
6414
|
var nonceManager_default = NonceManagerInstance;
|
|
5621
6415
|
|
|
5622
6416
|
//#endregion
|
|
5623
|
-
//#region src/core/
|
|
5624
|
-
|
|
5625
|
-
|
|
5626
|
-
|
|
6417
|
+
//#region src/core/WebAuthnManager/threshold/enrollThresholdEd25519Key.ts
|
|
6418
|
+
/**
|
|
6419
|
+
* Threshold keygen helper (2-of-2):
|
|
6420
|
+
* - derive deterministic client verifying share from WrapKeySeed (via signer worker session)
|
|
6421
|
+
* - run `/threshold-ed25519/keygen` to fetch relayer share + group public key
|
|
6422
|
+
*/
|
|
6423
|
+
async function enrollThresholdEd25519KeyHandler(ctx, args) {
|
|
6424
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
6425
|
+
const sessionId = String(args.sessionId || "").trim();
|
|
6426
|
+
const relayerUrl = String(ctx.relayerUrl || "").trim();
|
|
6427
|
+
try {
|
|
6428
|
+
if (!sessionId) throw new Error("Missing sessionId");
|
|
6429
|
+
if (!relayerUrl) throw new Error("Missing relayer url (configs.relayer.url)");
|
|
6430
|
+
const derived = await ctx.signerWorkerManager.deriveThresholdEd25519ClientVerifyingShare({
|
|
6431
|
+
sessionId,
|
|
6432
|
+
nearAccountId
|
|
6433
|
+
});
|
|
6434
|
+
if (!derived.success) throw new Error(derived.error || "Failed to derive threshold client verifying share");
|
|
6435
|
+
const rpId = ctx.touchIdPrompt.getRpId();
|
|
6436
|
+
if (!rpId) throw new Error("Missing rpId for WebAuthn VRF challenge");
|
|
6437
|
+
const keygenIntentDigestB64u = await computeThresholdEd25519KeygenIntentDigest({
|
|
6438
|
+
nearAccountId,
|
|
6439
|
+
rpId,
|
|
6440
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u
|
|
6441
|
+
});
|
|
6442
|
+
const block = await ctx.nearClient.viewBlock({ finality: "final" });
|
|
6443
|
+
const blockHeight = String(block?.header?.height ?? "");
|
|
6444
|
+
const blockHash = String(block?.header?.hash ?? "");
|
|
6445
|
+
if (!blockHeight || !blockHash) throw new Error("Failed to fetch NEAR block context for keygen VRF challenge");
|
|
6446
|
+
const vrfChallenge = await ctx.vrfWorkerManager.generateVrfChallengeOnce({
|
|
6447
|
+
userId: nearAccountId,
|
|
6448
|
+
rpId,
|
|
6449
|
+
blockHeight,
|
|
6450
|
+
blockHash,
|
|
6451
|
+
intentDigest: keygenIntentDigestB64u
|
|
6452
|
+
});
|
|
6453
|
+
const webauthnAuthentication = await collectAuthenticationCredentialForVrfChallenge({
|
|
6454
|
+
indexedDB: IndexedDBManager,
|
|
6455
|
+
touchIdPrompt: ctx.touchIdPrompt,
|
|
6456
|
+
nearAccountId,
|
|
6457
|
+
vrfChallenge
|
|
6458
|
+
});
|
|
6459
|
+
const keygen = await thresholdEd25519Keygen(relayerUrl, vrfChallenge, webauthnAuthentication, {
|
|
6460
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u,
|
|
6461
|
+
nearAccountId
|
|
6462
|
+
});
|
|
6463
|
+
if (!keygen.ok) throw new Error(keygen.error || keygen.message || keygen.code || "Threshold keygen failed");
|
|
6464
|
+
const publicKeyRaw = keygen.publicKey;
|
|
6465
|
+
const relayerKeyId = keygen.relayerKeyId;
|
|
6466
|
+
const relayerVerifyingShareB64u = keygen.relayerVerifyingShareB64u;
|
|
6467
|
+
if (!publicKeyRaw) throw new Error("Threshold keygen returned empty publicKey");
|
|
6468
|
+
if (!relayerKeyId) throw new Error("Threshold keygen returned empty relayerKeyId");
|
|
6469
|
+
if (!relayerVerifyingShareB64u) throw new Error("Threshold keygen returned empty relayerVerifyingShareB64u");
|
|
6470
|
+
const publicKey = ensureEd25519Prefix(publicKeyRaw);
|
|
6471
|
+
if (!publicKey) throw new Error("Threshold keygen returned empty publicKey");
|
|
6472
|
+
const clientParticipantId = typeof keygen.clientParticipantId === "number" ? keygen.clientParticipantId : void 0;
|
|
6473
|
+
const relayerParticipantId = typeof keygen.relayerParticipantId === "number" ? keygen.relayerParticipantId : void 0;
|
|
6474
|
+
return {
|
|
6475
|
+
success: true,
|
|
6476
|
+
publicKey,
|
|
6477
|
+
clientParticipantId,
|
|
6478
|
+
relayerParticipantId,
|
|
6479
|
+
participantIds: Array.isArray(keygen.participantIds) ? keygen.participantIds : void 0,
|
|
6480
|
+
clientVerifyingShareB64u: derived.clientVerifyingShareB64u,
|
|
6481
|
+
relayerKeyId,
|
|
6482
|
+
relayerVerifyingShareB64u,
|
|
6483
|
+
wrapKeySalt: derived.wrapKeySalt
|
|
6484
|
+
};
|
|
6485
|
+
} catch (error) {
|
|
6486
|
+
const message = String(error?.message ?? error);
|
|
6487
|
+
return {
|
|
6488
|
+
success: false,
|
|
6489
|
+
publicKey: "",
|
|
6490
|
+
clientVerifyingShareB64u: "",
|
|
6491
|
+
relayerKeyId: "",
|
|
6492
|
+
relayerVerifyingShareB64u: "",
|
|
6493
|
+
wrapKeySalt: "",
|
|
6494
|
+
error: message
|
|
6495
|
+
};
|
|
6496
|
+
}
|
|
6497
|
+
}
|
|
6498
|
+
|
|
6499
|
+
//#endregion
|
|
6500
|
+
//#region src/core/WebAuthnManager/threshold/rotateThresholdEd25519KeyPostRegistration.ts
|
|
6501
|
+
/**
|
|
6502
|
+
* Threshold key rotation (post-registration):
|
|
6503
|
+
* - keygen (new relayerKeyId + publicKey)
|
|
6504
|
+
* - AddKey(new threshold publicKey)
|
|
6505
|
+
* - DeleteKey(old threshold publicKey)
|
|
6506
|
+
*
|
|
6507
|
+
* Uses the local signer key for AddKey/DeleteKey, and requires the account to already
|
|
6508
|
+
* have a stored `threshold_ed25519_2p_v1` key material entry for the target device.
|
|
6509
|
+
*/
|
|
6510
|
+
async function rotateThresholdEd25519KeyPostRegistrationHandler(ctx, args) {
|
|
6511
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
6512
|
+
const oldPublicKey = String(args.oldPublicKey || "");
|
|
6513
|
+
const oldRelayerKeyId = String(args.oldRelayerKeyId || "");
|
|
6514
|
+
const newPublicKey = String(args.newPublicKey || "");
|
|
6515
|
+
const newRelayerKeyId = String(args.newRelayerKeyId || "");
|
|
6516
|
+
const wrapKeySalt = String(args.wrapKeySalt || "");
|
|
6517
|
+
const base$1 = {
|
|
6518
|
+
oldPublicKey,
|
|
6519
|
+
oldRelayerKeyId,
|
|
6520
|
+
publicKey: newPublicKey,
|
|
6521
|
+
relayerKeyId: newRelayerKeyId,
|
|
6522
|
+
wrapKeySalt
|
|
6523
|
+
};
|
|
6524
|
+
const ok = (params) => {
|
|
6525
|
+
const { warning,...rest } = params;
|
|
6526
|
+
return {
|
|
6527
|
+
success: true,
|
|
6528
|
+
...base$1,
|
|
6529
|
+
...rest,
|
|
6530
|
+
...warning ? { warning } : {}
|
|
6531
|
+
};
|
|
6532
|
+
};
|
|
6533
|
+
try {
|
|
6534
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
6535
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : NaN;
|
|
6536
|
+
if (!Number.isSafeInteger(resolvedDeviceNumber) || resolvedDeviceNumber < 1) throw new Error("Invalid deviceNumber");
|
|
6537
|
+
const oldNormalized = ensureEd25519Prefix(oldPublicKey);
|
|
6538
|
+
const newNormalized = ensureEd25519Prefix(newPublicKey);
|
|
6539
|
+
if (!oldNormalized) return ok({
|
|
6540
|
+
deleteOldKeyAttempted: false,
|
|
6541
|
+
deleteOldKeySuccess: false,
|
|
6542
|
+
warning: "Rotation completed but old threshold key material had an invalid publicKey; skipped DeleteKey."
|
|
6543
|
+
});
|
|
6544
|
+
if (oldNormalized === newNormalized) return ok({
|
|
6545
|
+
deleteOldKeyAttempted: false,
|
|
6546
|
+
deleteOldKeySuccess: true,
|
|
6547
|
+
warning: "Rotation returned the same threshold public key; skipped DeleteKey(old)."
|
|
6548
|
+
});
|
|
6549
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
6550
|
+
if (!localKeyMaterial) return ok({
|
|
6551
|
+
deleteOldKeyAttempted: false,
|
|
6552
|
+
deleteOldKeySuccess: false,
|
|
6553
|
+
warning: `Rotation completed but could not load local key material for DeleteKey(old) (account ${nearAccountId} device ${resolvedDeviceNumber}).`
|
|
6554
|
+
});
|
|
6555
|
+
const localPk = ensureEd25519Prefix(localKeyMaterial.publicKey);
|
|
6556
|
+
if (localPk && localPk === oldNormalized) return ok({
|
|
6557
|
+
deleteOldKeyAttempted: false,
|
|
6558
|
+
deleteOldKeySuccess: false,
|
|
6559
|
+
warning: "Refusing to DeleteKey(old) because it matches the local signer public key."
|
|
6560
|
+
});
|
|
6561
|
+
const oldOnChain = await hasAccessKey(ctx.nearClient, nearAccountId, oldPublicKey, {
|
|
6562
|
+
attempts: 1,
|
|
6563
|
+
delayMs: 0
|
|
6564
|
+
});
|
|
6565
|
+
if (!oldOnChain) return ok({
|
|
6566
|
+
deleteOldKeyAttempted: false,
|
|
6567
|
+
deleteOldKeySuccess: true
|
|
6568
|
+
});
|
|
6569
|
+
const deleteKeyAction = {
|
|
6570
|
+
action_type: ActionType.DeleteKey,
|
|
6571
|
+
public_key: oldNormalized
|
|
6572
|
+
};
|
|
6573
|
+
const txInputs = [{
|
|
6574
|
+
receiverId: nearAccountId,
|
|
6575
|
+
actions: [deleteKeyAction]
|
|
6576
|
+
}];
|
|
6577
|
+
let deleteOldKeyAttempted = false;
|
|
6578
|
+
try {
|
|
6579
|
+
const rpcCall = {
|
|
6580
|
+
contractId: ctx.contractId,
|
|
6581
|
+
nearRpcUrl: ctx.nearRpcUrl,
|
|
6582
|
+
nearAccountId
|
|
6583
|
+
};
|
|
6584
|
+
const signed = await ctx.signTransactionsWithActions({
|
|
6585
|
+
transactions: txInputs,
|
|
6586
|
+
rpcCall,
|
|
6587
|
+
signerMode: { mode: "local-signer" },
|
|
6588
|
+
confirmationConfigOverride: {
|
|
6589
|
+
uiMode: "skip",
|
|
6590
|
+
behavior: "autoProceed",
|
|
6591
|
+
autoProceedDelay: 0
|
|
6592
|
+
},
|
|
6593
|
+
title: "Rotate threshold key",
|
|
6594
|
+
body: "Confirm deletion of the old threshold access key."
|
|
6595
|
+
});
|
|
6596
|
+
const signedTx = signed?.[0]?.signedTransaction;
|
|
6597
|
+
if (!signedTx) throw new Error("Failed to sign DeleteKey(oldThresholdPublicKey) transaction");
|
|
6598
|
+
deleteOldKeyAttempted = true;
|
|
6599
|
+
await ctx.nearClient.sendTransaction(signedTx, DEFAULT_WAIT_STATUS.linkDeviceDeleteKey);
|
|
6600
|
+
const deleted = await waitForAccessKeyAbsent(ctx.nearClient, nearAccountId, oldPublicKey);
|
|
6601
|
+
if (!deleted) return ok({
|
|
6602
|
+
deleteOldKeyAttempted,
|
|
6603
|
+
deleteOldKeySuccess: false,
|
|
6604
|
+
warning: "DeleteKey(old) submitted but old access key is still present on-chain."
|
|
6605
|
+
});
|
|
6606
|
+
return ok({
|
|
6607
|
+
deleteOldKeyAttempted,
|
|
6608
|
+
deleteOldKeySuccess: true
|
|
6609
|
+
});
|
|
6610
|
+
} catch (error) {
|
|
6611
|
+
const message = String(error?.message ?? error);
|
|
6612
|
+
return ok({
|
|
6613
|
+
deleteOldKeyAttempted,
|
|
6614
|
+
deleteOldKeySuccess: false,
|
|
6615
|
+
warning: `Rotation completed but failed to DeleteKey(old): ${message}`
|
|
6616
|
+
});
|
|
6617
|
+
}
|
|
6618
|
+
} catch (error) {
|
|
6619
|
+
const message = String(error?.message ?? error);
|
|
6620
|
+
return {
|
|
6621
|
+
success: false,
|
|
6622
|
+
oldPublicKey,
|
|
6623
|
+
oldRelayerKeyId,
|
|
6624
|
+
publicKey: "",
|
|
6625
|
+
relayerKeyId: "",
|
|
6626
|
+
wrapKeySalt: "",
|
|
6627
|
+
deleteOldKeyAttempted: false,
|
|
6628
|
+
deleteOldKeySuccess: false,
|
|
6629
|
+
error: message
|
|
6630
|
+
};
|
|
6631
|
+
}
|
|
5627
6632
|
}
|
|
5628
6633
|
|
|
5629
6634
|
//#endregion
|
|
@@ -5652,9 +6657,8 @@ var WebAuthnManager = class {
|
|
|
5652
6657
|
this.nearClient = nearClient;
|
|
5653
6658
|
this.touchIdPrompt = new TouchIdPrompt(tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true);
|
|
5654
6659
|
this.userPreferencesManager = userPreferences_default;
|
|
5655
|
-
|
|
5656
|
-
|
|
5657
|
-
} catch {}
|
|
6660
|
+
this.userPreferencesManager.configureWalletTheme?.(tatchiPasskeyConfigs.walletTheme);
|
|
6661
|
+
this.userPreferencesManager.configureDefaultSignerMode?.(tatchiPasskeyConfigs.signerMode);
|
|
5658
6662
|
this.nonceManager = nonceManager_default;
|
|
5659
6663
|
const { vrfWorkerConfigs } = tatchiPasskeyConfigs;
|
|
5660
6664
|
this.vrfWorkerManager = new VrfWorkerManager({
|
|
@@ -5671,7 +6675,7 @@ var WebAuthnManager = class {
|
|
|
5671
6675
|
rpIdOverride: this.touchIdPrompt.getRpId(),
|
|
5672
6676
|
nearExplorerUrl: tatchiPasskeyConfigs.nearExplorerUrl
|
|
5673
6677
|
});
|
|
5674
|
-
this.signerWorkerManager = new SignerWorkerManager(this.vrfWorkerManager, nearClient, this.userPreferencesManager, this.nonceManager, tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true, tatchiPasskeyConfigs.nearExplorerUrl);
|
|
6678
|
+
this.signerWorkerManager = new SignerWorkerManager(this.vrfWorkerManager, nearClient, this.userPreferencesManager, this.nonceManager, this.tatchiPasskeyConfigs.relayer.url, tatchiPasskeyConfigs.iframeWallet?.rpIdOverride, true, tatchiPasskeyConfigs.nearExplorerUrl);
|
|
5675
6679
|
this.workerBaseOrigin = resolveWorkerBaseOrigin() || (typeof window !== "undefined" ? window.location.origin : "");
|
|
5676
6680
|
this.signerWorkerManager.setWorkerBaseOrigin(this.workerBaseOrigin);
|
|
5677
6681
|
this.vrfWorkerManager.setWorkerBaseOrigin?.(this.workerBaseOrigin);
|
|
@@ -5753,7 +6757,7 @@ var WebAuthnManager = class {
|
|
|
5753
6757
|
}
|
|
5754
6758
|
async withSigningSession(args) {
|
|
5755
6759
|
if (typeof args.handler !== "function") throw new Error("withSigningSession requires a handler function");
|
|
5756
|
-
const sessionId =
|
|
6760
|
+
const sessionId = args.sessionId || (args.prefix ? this.generateSessionId(args.prefix) : "");
|
|
5757
6761
|
if (!sessionId) throw new Error("withSigningSession requires a sessionId or prefix");
|
|
5758
6762
|
return await this.withSigningSessionInternal({
|
|
5759
6763
|
sessionId,
|
|
@@ -5767,6 +6771,7 @@ var WebAuthnManager = class {
|
|
|
5767
6771
|
try {
|
|
5768
6772
|
if (args.options) await this.vrfWorkerManager.mintSessionKeysAndSendToSigner({
|
|
5769
6773
|
sessionId: args.sessionId,
|
|
6774
|
+
wrapKeySalt: args.options.wrapKeySalt,
|
|
5770
6775
|
credential: args.options.credential
|
|
5771
6776
|
});
|
|
5772
6777
|
return await args.handler(args.sessionId);
|
|
@@ -5804,15 +6809,15 @@ var WebAuthnManager = class {
|
|
|
5804
6809
|
if (deviceNumber === null) throw new Error(`No deviceNumber found for account ${nearAccountId} (decrypt session)`);
|
|
5805
6810
|
const userForDevice = await IndexedDBManager.clientDB.getUserByDevice(nearAccountId, deviceNumber).catch(() => null);
|
|
5806
6811
|
const encryptedVrfKeypair = userForDevice?.encryptedVrfKeypair;
|
|
5807
|
-
const
|
|
5808
|
-
if (!
|
|
6812
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
6813
|
+
if (!keyMaterial) {
|
|
5809
6814
|
console.error("WebAuthnManager: No encrypted key found for decrypt session", {
|
|
5810
6815
|
nearAccountId: String(nearAccountId),
|
|
5811
6816
|
deviceNumber
|
|
5812
6817
|
});
|
|
5813
|
-
throw new Error(`No
|
|
6818
|
+
throw new Error(`No key material found for account: ${nearAccountId}`);
|
|
5814
6819
|
}
|
|
5815
|
-
const wrapKeySalt =
|
|
6820
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
5816
6821
|
if (!wrapKeySalt) {
|
|
5817
6822
|
console.error("WebAuthnManager: Missing wrapKeySalt in vault for decrypt session", {
|
|
5818
6823
|
nearAccountId: String(nearAccountId),
|
|
@@ -5843,6 +6848,16 @@ var WebAuthnManager = class {
|
|
|
5843
6848
|
allowCredentials
|
|
5844
6849
|
});
|
|
5845
6850
|
}
|
|
6851
|
+
async collectAuthenticationCredentialForVrfChallenge(args) {
|
|
6852
|
+
return collectAuthenticationCredentialForVrfChallenge({
|
|
6853
|
+
indexedDB: IndexedDBManager,
|
|
6854
|
+
touchIdPrompt: this.touchIdPrompt,
|
|
6855
|
+
nearAccountId: args.nearAccountId,
|
|
6856
|
+
vrfChallenge: args.vrfChallenge,
|
|
6857
|
+
includeSecondPrfOutput: args.includeSecondPrfOutput,
|
|
6858
|
+
onBeforePrompt: args.onBeforePrompt
|
|
6859
|
+
});
|
|
6860
|
+
}
|
|
5846
6861
|
/**
|
|
5847
6862
|
* Generate a VRF challenge bound to a specific signing/confirm session.
|
|
5848
6863
|
* The challenge will be cached in the VRF worker under this sessionId so
|
|
@@ -5914,9 +6929,9 @@ var WebAuthnManager = class {
|
|
|
5914
6929
|
const contractId = this.tatchiPasskeyConfigs.contractId;
|
|
5915
6930
|
try {
|
|
5916
6931
|
const sessionId = `device2-sign-${Date.now()}-${Math.random().toString(36).slice(2, 11)}`;
|
|
5917
|
-
const
|
|
5918
|
-
if (!
|
|
5919
|
-
const wrapKeySalt =
|
|
6932
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
6933
|
+
if (!keyMaterial) throw new Error(`No key material found for account ${nearAccountId} device ${deviceNumber}`);
|
|
6934
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
5920
6935
|
if (!wrapKeySalt) throw new Error(`Missing wrapKeySalt for account ${nearAccountId} device ${deviceNumber}`);
|
|
5921
6936
|
const signerPort = await this.vrfWorkerManager.createSigningSessionChannel(sessionId);
|
|
5922
6937
|
await this.signerWorkerManager.reserveSignerWorkerSession(sessionId, { signerPort });
|
|
@@ -6045,13 +7060,13 @@ var WebAuthnManager = class {
|
|
|
6045
7060
|
/**
|
|
6046
7061
|
* Persist refreshed server-encrypted VRF keypair in IndexedDB.
|
|
6047
7062
|
*/
|
|
6048
|
-
async updateServerEncryptedVrfKeypair(nearAccountId, serverEncrypted) {
|
|
7063
|
+
async updateServerEncryptedVrfKeypair(nearAccountId, serverEncrypted, deviceNumber) {
|
|
6049
7064
|
await IndexedDBManager.clientDB.updateUser(nearAccountId, { serverEncryptedVrfKeypair: {
|
|
6050
7065
|
ciphertextVrfB64u: serverEncrypted.ciphertextVrfB64u,
|
|
6051
7066
|
kek_s_b64u: serverEncrypted.kek_s_b64u,
|
|
6052
7067
|
serverKeyId: serverEncrypted.serverKeyId,
|
|
6053
7068
|
updatedAt: Date.now()
|
|
6054
|
-
} });
|
|
7069
|
+
} }, deviceNumber);
|
|
6055
7070
|
}
|
|
6056
7071
|
async clearVrfSession() {
|
|
6057
7072
|
if (typeof window !== "undefined" && this.workerBaseOrigin !== window.location.origin) return;
|
|
@@ -6079,10 +7094,28 @@ var WebAuthnManager = class {
|
|
|
6079
7094
|
const vrfStatus = await this.vrfWorkerManager.checkVrfStatus();
|
|
6080
7095
|
if (!vrfStatus.active) throw new Error("VRF keypair not active in memory. Please log in again.");
|
|
6081
7096
|
if (!vrfStatus.nearAccountId || String(vrfStatus.nearAccountId) !== String(nearAccountId)) throw new Error("VRF keypair active but bound to a different account. Please log in again.");
|
|
6082
|
-
const
|
|
6083
|
-
const
|
|
6084
|
-
|
|
6085
|
-
|
|
7097
|
+
const credentialRawId = String(args.credential?.rawId || "").trim();
|
|
7098
|
+
const authenticators = await this.getAuthenticatorsByUser(nearAccountId).catch(() => []);
|
|
7099
|
+
let deviceNumber;
|
|
7100
|
+
try {
|
|
7101
|
+
deviceNumber = await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB);
|
|
7102
|
+
} catch (err) {
|
|
7103
|
+
if (credentialRawId) {
|
|
7104
|
+
const matched = authenticators.find((a) => a.credentialId === credentialRawId);
|
|
7105
|
+
const inferred = matched && typeof matched.deviceNumber === "number" && Number.isFinite(matched.deviceNumber) ? matched.deviceNumber : null;
|
|
7106
|
+
if (inferred !== null) {
|
|
7107
|
+
deviceNumber = inferred;
|
|
7108
|
+
await this.setLastUser(nearAccountId, inferred).catch(() => void 0);
|
|
7109
|
+
} else throw err;
|
|
7110
|
+
} else throw err;
|
|
7111
|
+
}
|
|
7112
|
+
if (credentialRawId && authenticators.length > 1) {
|
|
7113
|
+
const { wrongPasskeyError } = await IndexedDBManager.clientDB.ensureCurrentPasskey(nearAccountId, authenticators, credentialRawId);
|
|
7114
|
+
if (wrongPasskeyError) throw new Error(wrongPasskeyError);
|
|
7115
|
+
}
|
|
7116
|
+
const keyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);
|
|
7117
|
+
if (!keyMaterial) throw new Error(`No key material found for account ${nearAccountId} device ${deviceNumber}`);
|
|
7118
|
+
const wrapKeySalt = keyMaterial.wrapKeySalt;
|
|
6086
7119
|
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt in vault; re-register to upgrade vault format.");
|
|
6087
7120
|
const { ttlMs, remainingUses } = this.resolveSigningSessionPolicy(args);
|
|
6088
7121
|
await this.vrfWorkerManager.mintSessionKeysAndSendToSigner({
|
|
@@ -6141,7 +7174,7 @@ var WebAuthnManager = class {
|
|
|
6141
7174
|
const active = status.active && status.nearAccountId === nearAccountId;
|
|
6142
7175
|
if (!active) return false;
|
|
6143
7176
|
const refreshed = await this.shamir3PassEncryptCurrentVrfKeypair();
|
|
6144
|
-
await this.updateServerEncryptedVrfKeypair(nearAccountId, refreshed);
|
|
7177
|
+
await this.updateServerEncryptedVrfKeypair(nearAccountId, refreshed, userData?.deviceNumber);
|
|
6145
7178
|
return true;
|
|
6146
7179
|
} catch {
|
|
6147
7180
|
return false;
|
|
@@ -6287,14 +7320,13 @@ var WebAuthnManager = class {
|
|
|
6287
7320
|
* @param onEvent: Optional callback for progress updates during signing
|
|
6288
7321
|
* @param onEvent - Optional callback for progress updates during signing
|
|
6289
7322
|
*/
|
|
6290
|
-
async signTransactionsWithActions({ transactions, rpcCall, confirmationConfigOverride, title, body, onEvent }) {
|
|
6291
|
-
if (transactions.length === 0) throw new Error("No payloads provided for signing");
|
|
6292
|
-
const activeSessionId = this.getOrCreateActiveSigningSessionId(toAccountId(rpcCall.nearAccountId));
|
|
7323
|
+
async signTransactionsWithActions({ transactions, rpcCall, signerMode, confirmationConfigOverride, title, body, onEvent }) {
|
|
6293
7324
|
return this.withSigningSession({
|
|
6294
|
-
sessionId:
|
|
7325
|
+
sessionId: this.getOrCreateActiveSigningSessionId(toAccountId(rpcCall.nearAccountId)),
|
|
6295
7326
|
handler: (sessionId) => this.signerWorkerManager.signTransactionsWithActions({
|
|
6296
7327
|
transactions,
|
|
6297
7328
|
rpcCall,
|
|
7329
|
+
signerMode,
|
|
6298
7330
|
confirmationConfigOverride,
|
|
6299
7331
|
title,
|
|
6300
7332
|
body,
|
|
@@ -6303,7 +7335,74 @@ var WebAuthnManager = class {
|
|
|
6303
7335
|
})
|
|
6304
7336
|
});
|
|
6305
7337
|
}
|
|
6306
|
-
|
|
7338
|
+
/**
|
|
7339
|
+
* Sign AddKey(thresholdPublicKey) for `receiverId === nearAccountId` without running confirmTxFlow.
|
|
7340
|
+
*
|
|
7341
|
+
* This is a narrowly-scoped, internal-only helper for post-registration activation flows where
|
|
7342
|
+
* the caller already has a PRF-bearing credential in memory (e.g., immediately after registration)
|
|
7343
|
+
* and wants to avoid an extra TouchID/WebAuthn prompt.
|
|
7344
|
+
*/
|
|
7345
|
+
async signAddKeyThresholdPublicKeyNoPrompt(args) {
|
|
7346
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7347
|
+
const wrapKeySalt = args.wrapKeySalt;
|
|
7348
|
+
if (!wrapKeySalt) throw new Error("Missing wrapKeySalt for AddKey(thresholdPublicKey) signing");
|
|
7349
|
+
if (!args.credential) throw new Error("Missing credential for AddKey(thresholdPublicKey) signing");
|
|
7350
|
+
if (!args.transactionContext) throw new Error("Missing transactionContext for no-prompt signing");
|
|
7351
|
+
const thresholdPublicKey = ensureEd25519Prefix(args.thresholdPublicKey);
|
|
7352
|
+
if (!thresholdPublicKey) throw new Error("Missing thresholdPublicKey for AddKey(thresholdPublicKey) signing");
|
|
7353
|
+
const relayerVerifyingShareB64u = args.relayerVerifyingShareB64u;
|
|
7354
|
+
if (!relayerVerifyingShareB64u) throw new Error("Missing relayerVerifyingShareB64u for AddKey(thresholdPublicKey) signing");
|
|
7355
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7356
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7357
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7358
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account ${nearAccountId} device ${resolvedDeviceNumber}`);
|
|
7359
|
+
if (localKeyMaterial.wrapKeySalt !== wrapKeySalt) throw new Error("wrapKeySalt mismatch for AddKey(thresholdPublicKey) signing");
|
|
7360
|
+
return await this.withSigningSession({
|
|
7361
|
+
prefix: "no-prompt-add-threshold-key",
|
|
7362
|
+
options: {
|
|
7363
|
+
credential: args.credential,
|
|
7364
|
+
wrapKeySalt
|
|
7365
|
+
},
|
|
7366
|
+
handler: async (sessionId) => {
|
|
7367
|
+
const response = await this.signerWorkerManager.getContext().sendMessage({
|
|
7368
|
+
sessionId,
|
|
7369
|
+
message: {
|
|
7370
|
+
type: INTERNAL_WORKER_REQUEST_TYPE_SIGN_ADD_KEY_THRESHOLD_PUBLIC_KEY_NO_PROMPT,
|
|
7371
|
+
payload: {
|
|
7372
|
+
createdAt: Date.now(),
|
|
7373
|
+
decryption: {
|
|
7374
|
+
encryptedPrivateKeyData: localKeyMaterial.encryptedSk,
|
|
7375
|
+
encryptedPrivateKeyChacha20NonceB64u: localKeyMaterial.chacha20NonceB64u
|
|
7376
|
+
},
|
|
7377
|
+
transactionContext: args.transactionContext,
|
|
7378
|
+
nearAccountId,
|
|
7379
|
+
thresholdPublicKey,
|
|
7380
|
+
relayerVerifyingShareB64u,
|
|
7381
|
+
clientParticipantId: typeof args.clientParticipantId === "number" ? args.clientParticipantId : void 0,
|
|
7382
|
+
relayerParticipantId: typeof args.relayerParticipantId === "number" ? args.relayerParticipantId : void 0
|
|
7383
|
+
}
|
|
7384
|
+
},
|
|
7385
|
+
onEvent: args.onEvent
|
|
7386
|
+
});
|
|
7387
|
+
if (!isSignAddKeyThresholdPublicKeyNoPromptSuccess(response)) throw new Error("AddKey(thresholdPublicKey) signing failed");
|
|
7388
|
+
if (!response.payload.success) throw new Error(response.payload.error || "AddKey(thresholdPublicKey) signing failed");
|
|
7389
|
+
const signedTransactions = response.payload.signedTransactions || [];
|
|
7390
|
+
if (signedTransactions.length !== 1) throw new Error(`Expected 1 signed transaction but received ${signedTransactions.length}`);
|
|
7391
|
+
const signedTx = signedTransactions[0];
|
|
7392
|
+
if (!signedTx || !signedTx.transaction || !signedTx.signature) throw new Error("Incomplete signed transaction data received for AddKey(thresholdPublicKey)");
|
|
7393
|
+
return {
|
|
7394
|
+
signedTransaction: new SignedTransaction({
|
|
7395
|
+
transaction: signedTx.transaction,
|
|
7396
|
+
signature: signedTx.signature,
|
|
7397
|
+
borsh_bytes: Array.from(signedTx.borshBytes || [])
|
|
7398
|
+
}),
|
|
7399
|
+
nearAccountId: String(nearAccountId),
|
|
7400
|
+
logs: response.payload.logs || []
|
|
7401
|
+
};
|
|
7402
|
+
}
|
|
7403
|
+
});
|
|
7404
|
+
}
|
|
7405
|
+
async signDelegateAction({ delegate, rpcCall, signerMode, confirmationConfigOverride, title, body, onEvent }) {
|
|
6307
7406
|
const nearAccountId = toAccountId(rpcCall.nearAccountId || delegate.senderId);
|
|
6308
7407
|
const normalizedRpcCall = {
|
|
6309
7408
|
contractId: rpcCall.contractId || this.tatchiPasskeyConfigs.contractId,
|
|
@@ -6319,6 +7418,7 @@ var WebAuthnManager = class {
|
|
|
6319
7418
|
return this.signerWorkerManager.signDelegateAction({
|
|
6320
7419
|
delegate,
|
|
6321
7420
|
rpcCall: normalizedRpcCall,
|
|
7421
|
+
signerMode,
|
|
6322
7422
|
confirmationConfigOverride,
|
|
6323
7423
|
title,
|
|
6324
7424
|
body,
|
|
@@ -6365,29 +7465,6 @@ var WebAuthnManager = class {
|
|
|
6365
7465
|
async extractCosePublicKey(attestationObjectBase64url) {
|
|
6366
7466
|
return await this.signerWorkerManager.extractCosePublicKey(attestationObjectBase64url);
|
|
6367
7467
|
}
|
|
6368
|
-
/**
|
|
6369
|
-
* Helper to ensure the local `lastUser` pointer is consistent with the latest DB updates.
|
|
6370
|
-
* This fixes issues where a recovery or registration might have updated the user record
|
|
6371
|
-
* but failed to update the `lastUser` pointer (e.g. due to previous bugs or interruptions),
|
|
6372
|
-
* preventing the strict `ensureCurrentPasskey` check from passing.
|
|
6373
|
-
*/
|
|
6374
|
-
async autoHealLastUserPointer(nearAccountId) {
|
|
6375
|
-
try {
|
|
6376
|
-
const lastUser = await this.getLastUser();
|
|
6377
|
-
if (lastUser && lastUser.nearAccountId === nearAccountId) {
|
|
6378
|
-
const freshest = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6379
|
-
if (freshest && freshest.deviceNumber !== lastUser.deviceNumber) {
|
|
6380
|
-
console.log(`[WebAuthnManager] Auto-healing lastUser pointer from device ${lastUser.deviceNumber} to ${freshest.deviceNumber}`);
|
|
6381
|
-
await this.setLastUser(nearAccountId, freshest.deviceNumber);
|
|
6382
|
-
}
|
|
6383
|
-
} else {
|
|
6384
|
-
const freshest = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6385
|
-
if (freshest) await this.setLastUser(nearAccountId, freshest.deviceNumber);
|
|
6386
|
-
}
|
|
6387
|
-
} catch (e) {
|
|
6388
|
-
console.warn("[WebAuthnManager] Auto-heal pointer failed (non-fatal):", e);
|
|
6389
|
-
}
|
|
6390
|
-
}
|
|
6391
7468
|
/** Worker-driven export: two-phase V2 (collect PRF → decrypt → show UI) */
|
|
6392
7469
|
async exportNearKeypairWithUIWorkerDriven(nearAccountId, options) {
|
|
6393
7470
|
await this.withSigningSession({
|
|
@@ -6412,7 +7489,7 @@ var WebAuthnManager = class {
|
|
|
6412
7489
|
if (!userData || userData.nearAccountId !== nearAccountId) userData = await IndexedDBManager.clientDB.getLastDBUpdatedUser(nearAccountId);
|
|
6413
7490
|
return {
|
|
6414
7491
|
accountId: String(nearAccountId),
|
|
6415
|
-
publicKey:
|
|
7492
|
+
publicKey: userData?.clientNearPublicKey ?? "",
|
|
6416
7493
|
privateKey: ""
|
|
6417
7494
|
};
|
|
6418
7495
|
}
|
|
@@ -6485,6 +7562,232 @@ var WebAuthnManager = class {
|
|
|
6485
7562
|
actions
|
|
6486
7563
|
});
|
|
6487
7564
|
}
|
|
7565
|
+
/**
|
|
7566
|
+
* Derive the deterministic threshold client verifying share (2-of-2 ed25519) from WrapKeySeed.
|
|
7567
|
+
* This is safe to call during registration because it only requires the PRF-bearing credential
|
|
7568
|
+
* (no on-chain verification needed) and returns public material only.
|
|
7569
|
+
*/
|
|
7570
|
+
async deriveThresholdEd25519ClientVerifyingShareFromCredential(args) {
|
|
7571
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7572
|
+
try {
|
|
7573
|
+
return await this.withSigningSession({
|
|
7574
|
+
prefix: "threshold-client-share",
|
|
7575
|
+
options: {
|
|
7576
|
+
credential: args.credential,
|
|
7577
|
+
wrapKeySalt: args.wrapKeySalt
|
|
7578
|
+
},
|
|
7579
|
+
handler: (sessionId) => this.signerWorkerManager.deriveThresholdEd25519ClientVerifyingShare({
|
|
7580
|
+
sessionId,
|
|
7581
|
+
nearAccountId
|
|
7582
|
+
})
|
|
7583
|
+
});
|
|
7584
|
+
} catch (error) {
|
|
7585
|
+
const message = String(error?.message ?? error);
|
|
7586
|
+
return {
|
|
7587
|
+
success: false,
|
|
7588
|
+
nearAccountId,
|
|
7589
|
+
clientVerifyingShareB64u: "",
|
|
7590
|
+
wrapKeySalt: "",
|
|
7591
|
+
error: message
|
|
7592
|
+
};
|
|
7593
|
+
}
|
|
7594
|
+
}
|
|
7595
|
+
/**
|
|
7596
|
+
* Threshold key enrollment (post-registration):
|
|
7597
|
+
* prompts for a dual-PRF WebAuthn authentication to obtain PRF.first/second,
|
|
7598
|
+
* then runs the `/threshold-ed25519/keygen` enrollment flow.
|
|
7599
|
+
*
|
|
7600
|
+
* This is intended to be called only after the passkey is registered on-chain.
|
|
7601
|
+
*/
|
|
7602
|
+
async enrollThresholdEd25519KeyPostRegistration(args) {
|
|
7603
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7604
|
+
try {
|
|
7605
|
+
const rpId = this.touchIdPrompt.getRpId();
|
|
7606
|
+
if (!rpId) throw new Error("Missing rpId for WebAuthn VRF challenge");
|
|
7607
|
+
const block = await this.nearClient.viewBlock({ finality: "final" });
|
|
7608
|
+
const blockHeight = String(block?.header?.height ?? "");
|
|
7609
|
+
const blockHash = String(block?.header?.hash ?? "");
|
|
7610
|
+
if (!blockHeight || !blockHash) throw new Error("Failed to fetch NEAR block context for VRF challenge");
|
|
7611
|
+
const vrfChallenge = await this.vrfWorkerManager.generateVrfChallengeOnce({
|
|
7612
|
+
userId: nearAccountId,
|
|
7613
|
+
rpId,
|
|
7614
|
+
blockHeight,
|
|
7615
|
+
blockHash
|
|
7616
|
+
});
|
|
7617
|
+
const authenticators = await this.getAuthenticatorsByUser(nearAccountId);
|
|
7618
|
+
if (!authenticators.length) throw new Error(`No passkey authenticators found for account ${nearAccountId}`);
|
|
7619
|
+
const authCredential = await this.collectAuthenticationCredentialForVrfChallenge({
|
|
7620
|
+
nearAccountId,
|
|
7621
|
+
vrfChallenge,
|
|
7622
|
+
includeSecondPrfOutput: true
|
|
7623
|
+
});
|
|
7624
|
+
return await this.enrollThresholdEd25519Key({
|
|
7625
|
+
credential: authCredential,
|
|
7626
|
+
nearAccountId,
|
|
7627
|
+
deviceNumber: args.deviceNumber
|
|
7628
|
+
});
|
|
7629
|
+
} catch (error) {
|
|
7630
|
+
const message = String(error?.message ?? error);
|
|
7631
|
+
return {
|
|
7632
|
+
success: false,
|
|
7633
|
+
publicKey: "",
|
|
7634
|
+
relayerKeyId: "",
|
|
7635
|
+
wrapKeySalt: "",
|
|
7636
|
+
error: message
|
|
7637
|
+
};
|
|
7638
|
+
}
|
|
7639
|
+
}
|
|
7640
|
+
/**
|
|
7641
|
+
* Threshold key rotation (post-registration):
|
|
7642
|
+
* - keygen (new relayerKeyId + publicKey)
|
|
7643
|
+
* - AddKey(new threshold publicKey)
|
|
7644
|
+
* - DeleteKey(old threshold publicKey)
|
|
7645
|
+
*
|
|
7646
|
+
* Uses the local signer key for AddKey/DeleteKey, and requires the account to already
|
|
7647
|
+
* have a stored `threshold_ed25519_2p_v1` key material entry for the target device.
|
|
7648
|
+
*/
|
|
7649
|
+
async rotateThresholdEd25519KeyPostRegistration(args) {
|
|
7650
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7651
|
+
let oldPublicKey = "";
|
|
7652
|
+
let oldRelayerKeyId = "";
|
|
7653
|
+
try {
|
|
7654
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7655
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7656
|
+
const existing = await IndexedDBManager.nearKeysDB.getThresholdKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7657
|
+
if (!existing) throw new Error(`No threshold key material found for account ${nearAccountId} device ${resolvedDeviceNumber}. Call enrollThresholdEd25519Key() first.`);
|
|
7658
|
+
oldPublicKey = existing.publicKey;
|
|
7659
|
+
oldRelayerKeyId = existing.relayerKeyId;
|
|
7660
|
+
const enrollment = await this.enrollThresholdEd25519KeyPostRegistration({
|
|
7661
|
+
nearAccountId,
|
|
7662
|
+
deviceNumber: resolvedDeviceNumber
|
|
7663
|
+
});
|
|
7664
|
+
if (!enrollment.success) throw new Error(enrollment.error || "Threshold keygen/enrollment failed");
|
|
7665
|
+
return await rotateThresholdEd25519KeyPostRegistrationHandler({
|
|
7666
|
+
nearClient: this.nearClient,
|
|
7667
|
+
contractId: this.tatchiPasskeyConfigs.contractId,
|
|
7668
|
+
nearRpcUrl: this.tatchiPasskeyConfigs.nearRpcUrl,
|
|
7669
|
+
signTransactionsWithActions: (params) => this.signTransactionsWithActions(params)
|
|
7670
|
+
}, {
|
|
7671
|
+
nearAccountId,
|
|
7672
|
+
deviceNumber: resolvedDeviceNumber,
|
|
7673
|
+
oldPublicKey,
|
|
7674
|
+
oldRelayerKeyId,
|
|
7675
|
+
newPublicKey: enrollment.publicKey,
|
|
7676
|
+
newRelayerKeyId: enrollment.relayerKeyId,
|
|
7677
|
+
wrapKeySalt: enrollment.wrapKeySalt
|
|
7678
|
+
});
|
|
7679
|
+
} catch (error) {
|
|
7680
|
+
const message = String(error?.message ?? error);
|
|
7681
|
+
return {
|
|
7682
|
+
success: false,
|
|
7683
|
+
oldPublicKey,
|
|
7684
|
+
oldRelayerKeyId,
|
|
7685
|
+
publicKey: "",
|
|
7686
|
+
relayerKeyId: "",
|
|
7687
|
+
wrapKeySalt: "",
|
|
7688
|
+
deleteOldKeyAttempted: false,
|
|
7689
|
+
deleteOldKeySuccess: false,
|
|
7690
|
+
error: message
|
|
7691
|
+
};
|
|
7692
|
+
}
|
|
7693
|
+
}
|
|
7694
|
+
/**
|
|
7695
|
+
* Threshold key enrollment (2-of-2): deterministically derive the client verifying share
|
|
7696
|
+
* from WrapKeySeed and register the corresponding relayer share via `/threshold-ed25519/keygen`.
|
|
7697
|
+
*
|
|
7698
|
+
* Stores a v3 vault entry of kind `threshold_ed25519_2p_v1` (breaking; no migration).
|
|
7699
|
+
*/
|
|
7700
|
+
async enrollThresholdEd25519Key(args) {
|
|
7701
|
+
const nearAccountId = toAccountId(args.nearAccountId);
|
|
7702
|
+
const relayerUrl = this.tatchiPasskeyConfigs.relayer.url;
|
|
7703
|
+
try {
|
|
7704
|
+
if (!relayerUrl) throw new Error("Missing relayer url (configs.relayer.url)");
|
|
7705
|
+
if (!args.credential) throw new Error("Missing credential");
|
|
7706
|
+
const deviceNumber = Number(args.deviceNumber);
|
|
7707
|
+
const resolvedDeviceNumber = Number.isSafeInteger(deviceNumber) && deviceNumber >= 1 ? deviceNumber : await getLastLoggedInDeviceNumber(nearAccountId, IndexedDBManager.clientDB).catch(() => 1);
|
|
7708
|
+
const keygen = await this.withSigningSession({
|
|
7709
|
+
prefix: "threshold-keygen",
|
|
7710
|
+
options: { credential: args.credential },
|
|
7711
|
+
handler: (sessionId) => enrollThresholdEd25519KeyHandler({
|
|
7712
|
+
nearClient: this.nearClient,
|
|
7713
|
+
vrfWorkerManager: this.vrfWorkerManager,
|
|
7714
|
+
signerWorkerManager: this.signerWorkerManager,
|
|
7715
|
+
touchIdPrompt: this.touchIdPrompt,
|
|
7716
|
+
relayerUrl
|
|
7717
|
+
}, {
|
|
7718
|
+
sessionId,
|
|
7719
|
+
nearAccountId
|
|
7720
|
+
})
|
|
7721
|
+
});
|
|
7722
|
+
if (!keygen.success) throw new Error(keygen.error || "Threshold keygen failed");
|
|
7723
|
+
const publicKey = keygen.publicKey;
|
|
7724
|
+
const clientVerifyingShareB64u = keygen.clientVerifyingShareB64u;
|
|
7725
|
+
const relayerKeyId = keygen.relayerKeyId;
|
|
7726
|
+
const relayerVerifyingShareB64u = keygen.relayerVerifyingShareB64u;
|
|
7727
|
+
if (!clientVerifyingShareB64u) throw new Error("Threshold keygen returned empty clientVerifyingShareB64u");
|
|
7728
|
+
const localKeyMaterial = await IndexedDBManager.nearKeysDB.getLocalKeyMaterial(nearAccountId, resolvedDeviceNumber);
|
|
7729
|
+
if (!localKeyMaterial) throw new Error(`No local key material found for account ${nearAccountId} device ${resolvedDeviceNumber}`);
|
|
7730
|
+
const alreadyActive = await hasAccessKey(this.nearClient, nearAccountId, publicKey, {
|
|
7731
|
+
attempts: 1,
|
|
7732
|
+
delayMs: 0
|
|
7733
|
+
});
|
|
7734
|
+
if (!alreadyActive) {
|
|
7735
|
+
this.nonceManager.initializeUser(nearAccountId, localKeyMaterial.publicKey);
|
|
7736
|
+
const txContext = await this.nonceManager.getNonceBlockHashAndHeight(this.nearClient, { force: true });
|
|
7737
|
+
const signed = await this.signAddKeyThresholdPublicKeyNoPrompt({
|
|
7738
|
+
nearAccountId,
|
|
7739
|
+
credential: args.credential,
|
|
7740
|
+
wrapKeySalt: localKeyMaterial.wrapKeySalt,
|
|
7741
|
+
transactionContext: txContext,
|
|
7742
|
+
thresholdPublicKey: publicKey,
|
|
7743
|
+
relayerVerifyingShareB64u,
|
|
7744
|
+
clientParticipantId: keygen.clientParticipantId,
|
|
7745
|
+
relayerParticipantId: keygen.relayerParticipantId,
|
|
7746
|
+
deviceNumber: resolvedDeviceNumber
|
|
7747
|
+
});
|
|
7748
|
+
const signedTx = signed?.signedTransaction;
|
|
7749
|
+
if (!signedTx) throw new Error("Failed to sign AddKey(thresholdPublicKey) transaction");
|
|
7750
|
+
await this.nearClient.sendTransaction(signedTx, DEFAULT_WAIT_STATUS.thresholdAddKey);
|
|
7751
|
+
const activated = await hasAccessKey(this.nearClient, nearAccountId, publicKey);
|
|
7752
|
+
if (!activated) throw new Error("Threshold access key not found on-chain after AddKey");
|
|
7753
|
+
}
|
|
7754
|
+
const keyMaterial = {
|
|
7755
|
+
kind: "threshold_ed25519_2p_v1",
|
|
7756
|
+
nearAccountId,
|
|
7757
|
+
deviceNumber: resolvedDeviceNumber,
|
|
7758
|
+
publicKey,
|
|
7759
|
+
wrapKeySalt: keygen.wrapKeySalt,
|
|
7760
|
+
relayerKeyId,
|
|
7761
|
+
clientShareDerivation: "prf_first_v1",
|
|
7762
|
+
participants: buildThresholdEd25519Participants2pV1({
|
|
7763
|
+
clientParticipantId: keygen.clientParticipantId,
|
|
7764
|
+
relayerParticipantId: keygen.relayerParticipantId,
|
|
7765
|
+
relayerKeyId,
|
|
7766
|
+
relayerUrl,
|
|
7767
|
+
clientVerifyingShareB64u,
|
|
7768
|
+
relayerVerifyingShareB64u,
|
|
7769
|
+
clientShareDerivation: "prf_first_v1"
|
|
7770
|
+
}),
|
|
7771
|
+
timestamp: Date.now()
|
|
7772
|
+
};
|
|
7773
|
+
await IndexedDBManager.nearKeysDB.storeKeyMaterial(keyMaterial);
|
|
7774
|
+
return {
|
|
7775
|
+
success: true,
|
|
7776
|
+
publicKey,
|
|
7777
|
+
relayerKeyId,
|
|
7778
|
+
wrapKeySalt: keygen.wrapKeySalt
|
|
7779
|
+
};
|
|
7780
|
+
} catch (error) {
|
|
7781
|
+
const message = String(error?.message ?? error);
|
|
7782
|
+
return {
|
|
7783
|
+
success: false,
|
|
7784
|
+
publicKey: "",
|
|
7785
|
+
relayerKeyId: "",
|
|
7786
|
+
wrapKeySalt: "",
|
|
7787
|
+
error: message
|
|
7788
|
+
};
|
|
7789
|
+
}
|
|
7790
|
+
}
|
|
6488
7791
|
/** * Get user preferences manager */
|
|
6489
7792
|
getUserPreferences() {
|
|
6490
7793
|
return this.userPreferencesManager;
|
|
@@ -6712,13 +8015,14 @@ async function main() {
|
|
|
6712
8015
|
if (isAeadDecryptMismatch && !existing) throw new Error(`Decryption failed and no local user record was found for '${account}'. Open the wallet once online on this device to restore local vault state, then retry offline export.`);
|
|
6713
8016
|
const expectedPublicKey = String(existing?.clientNearPublicKey || "");
|
|
6714
8017
|
if (expectedPublicKey && expectedPublicKey !== rec.publicKey) throw new Error(`Selected passkey does not match the existing key for '${account}'. Please select the correct passkey for this account and try again.`);
|
|
6715
|
-
await IndexedDBManager.nearKeysDB.
|
|
8018
|
+
await IndexedDBManager.nearKeysDB.storeKeyMaterial({
|
|
8019
|
+
kind: "local_near_sk_v3",
|
|
6716
8020
|
nearAccountId: account,
|
|
6717
8021
|
deviceNumber,
|
|
6718
|
-
|
|
8022
|
+
publicKey: rec.publicKey,
|
|
8023
|
+
encryptedSk: rec.encryptedPrivateKey,
|
|
6719
8024
|
chacha20NonceB64u: rec.chacha20NonceB64u,
|
|
6720
8025
|
wrapKeySalt: rec.wrapKeySalt,
|
|
6721
|
-
version: 2,
|
|
6722
8026
|
timestamp: Date.now()
|
|
6723
8027
|
});
|
|
6724
8028
|
if (!existing?.clientNearPublicKey) try {
|