npm - @tatchi-xyz/sdk - Versions diffs - 0.21.0 → 0.31.1 - Mend

@tatchi-xyz/sdk 0.21.0 → 0.31.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2501) hide show

package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyClientDB.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"passkeyClientDB.js","names":["DB_CONFIG: PasskeyClientDBConfig","err: any","entry: AppStateEntry<T>","validateNearAccountId","toAccountId","userData: ClientUserData","DEFAULT_CONFIRMATION_CONFIG","lastUserState: LastUserAccountIdState","fixed: ClientUserData","updatedUser: ClientUserData","clientAuth: ClientAuthenticatorData","rec: DerivedAddressRecord","rec: RecoveryEmailRecord"],"sources":["../../../../../../../src/core/IndexedDBManager/passkeyClientDB.ts"],"sourcesContent":["import { openDB, type IDBPDatabase } from 'idb';\nimport { type ValidationResult, validateNearAccountId } from '../../utils/validation';\nimport type { AccountId } from '../types/accountIds';\nimport { toAccountId } from '../types/accountIds';\nimport { ConfirmationConfig, DEFAULT_CONFIRMATION_CONFIG } from '../types/signer-worker'\n\n\nexport interface ClientUserData {\n // Primary key - now uses AccountId + deviceNumber for unique identification\n nearAccountId: AccountId;\n deviceNumber: number; // Device number for multi-device support (1-indexed)\n version?: number;\n\n // User metadata\n registeredAt?: number;\n lastLogin?: number;\n lastUpdated?: number;\n\n // WebAuthn/Passkey data (merged from WebAuthnManager)\n clientNearPublicKey: string;\n passkeyCredential: {\n id: string;\n rawId: string;\n };\n\n // VRF credentials for stateless authentication\n encryptedVrfKeypair: {\n encryptedVrfDataB64u: string;\n chacha20NonceB64u: string;\n };\n // Server-assisted auto-login (VRF key session): Shamir 3-pass fields\n // Stores relayer-blinded KEK and the VRF ciphertext; server never sees plaintext VRF or KEK\n serverEncryptedVrfKeypair?: {\n ciphertextVrfB64u: string;\n kek_s_b64u: string;\n // Metadata for proactive refresh\n serverKeyId: string;\n updatedAt?: number;\n };\n\n // User preferences\n preferences?: UserPreferences;\n}\n\nexport type StoreUserDataInput = Omit<ClientUserData, 'deviceNumber' | 'lastLogin' | 'registeredAt'>\n & {\n deviceNumber?: number;\n serverEncryptedVrfKeypair?: ClientUserData['serverEncryptedVrfKeypair'];\n version?: number;\n };\n\nexport type StoreWebAuthnUserDataInput = {\n nearAccountId: AccountId;\n deviceNumber: number;\n clientNearPublicKey: string;\n lastUpdated?: number;\n version?: number;\n passkeyCredential: ClientUserData['passkeyCredential'];\n encryptedVrfKeypair: ClientUserData['encryptedVrfKeypair'];\n serverEncryptedVrfKeypair?: ClientUserData['serverEncryptedVrfKeypair'];\n};\n\nexport interface UserPreferences {\n useRelayer: boolean;\n useNetwork: 'testnet' | 'mainnet';\n confirmationConfig: ConfirmationConfig;\n // User preferences can be extended here as needed\n}\n\n// Authenticator cache\nexport interface ClientAuthenticatorData {\n credentialId: string;\n credentialPublicKey: Uint8Array;\n transports?: string[]; // AuthenticatorTransport[]\n name?: string;\n nearAccountId: AccountId; // FK reference using AccountId\n deviceNumber: number; // Device number for this authenticator (1-indexed)\n registered: string; // ISO date string\n syncedAt: string; // When this cache entry was last synced with contract\n vrfPublicKey: string; // Base64-encoded VRF public key (1:1 relationship on client)\n}\n\ninterface AppStateEntry<T = unknown> {\n key: string;\n value: T;\n}\n\n// Internal helper: legacy user records may be missing deviceNumber.\ntype ClientUserDataWithOptionalDevice =\n | ClientUserData\n | (Omit<ClientUserData, 'deviceNumber'> & { deviceNumber?: number });\n\n// Special type for lastUserAccountId app state entry\nexport interface LastUserAccountIdState {\n accountId: AccountId;\n deviceNumber: number;\n}\n\ninterface PasskeyClientDBConfig {\n dbName: string;\n dbVersion: number;\n userStore: string;\n appStateStore: string;\n authenticatorStore: string;\n derivedAddressStore: string;\n recoveryEmailStore: string;\n}\n\n// === CONSTANTS ===\nconst DB_CONFIG: PasskeyClientDBConfig = {\n dbName: 'PasskeyClientDB',\n dbVersion: 15, // v15: add recoveryEmails store\n userStore: 'users',\n appStateStore: 'appState',\n authenticatorStore: 'authenticators',\n derivedAddressStore: 'derivedAddresses',\n recoveryEmailStore: 'recoveryEmails'\n} as const;\n\nexport interface IndexedDBEvent {\n type: 'user-updated' | 'preferences-updated' | 'user-deleted';\n accountId: AccountId;\n data?: Record<string, unknown>;\n}\n\n// Persisted mapping of derived (e.g., EVM) addresses tied to an account\n/**\n * Persisted mapping of derived (e.g., EVM/Solana/Zcash) addresses tied to an account.\n *\n * Notes on multi-chain support:\n * - The composite primary key is [nearAccountId, contractId, path]. To support\n * different chains and chain IDs, encode them in the `path` string, e.g.:\n * - EVM: `evm:<chainId>:<derivationPath>` → `evm:84532:ethereum-1`\n * - Solana: `solana:<derivationPath>`\n * - Zcash: `zcash:<derivationPath>`\n * - Additional descriptive fields like `namespace` and `chainRef` are optional metadata\n * and are not part of the key.\n */\nexport interface DerivedAddressRecord {\n nearAccountId: AccountId;\n contractId: string; // MPC/Derivation contract on NEAR\n path: string; // Composite path (may include namespace/chainId); see docs above\n address: string; // Derived address (e.g., 0x...)\n updatedAt: number;\n // Optional metadata (not used in the key)\n namespace?: string; // e.g., 'evm', 'solana', 'zcash'\n chainRef?: string; // e.g., chainId '84532' or a named network slug\n}\n\n/**\n * Persisted mapping of recovery email hashes to canonical email addresses for an account.\n *\n * Notes:\n * - Composite primary key is [nearAccountId, hashHex].\n * - `hashHex` is the 0x-prefixed hex encoding of the 32-byte hash:\n * SHA256(canonical_email || \"|\" || account_id)\n * - `email` is the canonical form: \"local@domain\", lowercased.\n */\nexport interface RecoveryEmailRecord {\n nearAccountId: AccountId;\n hashHex: string;\n email: string;\n addedAt: number;\n}\n\nexport class PasskeyClientDBManager {\n private config: PasskeyClientDBConfig;\n private db: IDBPDatabase | null = null;\n private disabled = false;\n private eventListeners: Set<(event: IndexedDBEvent) => void> = new Set();\n\n constructor(config: PasskeyClientDBConfig = DB_CONFIG) {\n this.config = config;\n }\n\n getDbName(): string {\n return this.config.dbName;\n }\n\n setDbName(dbName: string): void {\n const next = String(dbName || '').trim();\n if (!next || next === this.config.dbName) return;\n try { (this.db as any)?.close?.(); } catch {}\n this.db = null;\n this.config = { ...this.config, dbName: next };\n }\n\n isDisabled(): boolean {\n return this.disabled;\n }\n\n setDisabled(disabled: boolean): void {\n const next = !!disabled;\n if (next === this.disabled) return;\n this.disabled = next;\n if (next) {\n try { (this.db as any)?.close?.(); } catch {}\n this.db = null;\n }\n }\n\n // === EVENT SYSTEM ===\n\n onChange(listener: (event: IndexedDBEvent) => void): () => void {\n this.eventListeners.add(listener);\n return () => {\n this.eventListeners.delete(listener);\n };\n }\n\n private emitEvent(event: IndexedDBEvent): void {\n this.eventListeners.forEach(listener => {\n try {\n listener(event);\n } catch (error) {\n console.warn('[IndexedDBManager]: Error in event listener:', error);\n }\n });\n }\n\n private async getDB(): Promise<IDBPDatabase> {\n if (this.disabled) {\n throw new Error('[PasskeyClientDBManager] IndexedDB is disabled in this environment.');\n }\n if (this.db) {\n return this.db;\n }\n\n try {\n this.db = await openDB(this.config.dbName, this.config.dbVersion, {\n upgrade: (db, oldVersion, _newVersion, _transaction): void => {\n // Create stores if they don't exist\n if (!db.objectStoreNames.contains(DB_CONFIG.userStore)) {\n // Users table: composite key of [nearAccountId, deviceNumber]\n const userStore = db.createObjectStore(DB_CONFIG.userStore, { keyPath: ['nearAccountId', 'deviceNumber'] });\n userStore.createIndex('nearAccountId', 'nearAccountId', { unique: false });\n }\n if (!db.objectStoreNames.contains(DB_CONFIG.appStateStore)) {\n db.createObjectStore(DB_CONFIG.appStateStore, { keyPath: 'key' });\n }\n if (!db.objectStoreNames.contains(DB_CONFIG.authenticatorStore)) {\n // Authenticators table: composite key of [nearAccountId, deviceNumber, credentialId]\n const authStore = db.createObjectStore(DB_CONFIG.authenticatorStore, { keyPath: ['nearAccountId', 'deviceNumber', 'credentialId'] });\n authStore.createIndex('nearAccountId', 'nearAccountId', { unique: false });\n }\n if (!db.objectStoreNames.contains(DB_CONFIG.derivedAddressStore)) {\n // Derived addresses: composite key of [nearAccountId, contractId, path]\n const dStore = db.createObjectStore(DB_CONFIG.derivedAddressStore, { keyPath: ['nearAccountId', 'contractId', 'path'] });\n try { dStore.createIndex('nearAccountId', 'nearAccountId', { unique: false }); } catch {}\n }\n if (!db.objectStoreNames.contains(DB_CONFIG.recoveryEmailStore)) {\n // Recovery emails: composite key of [nearAccountId, hashHex]\n const rStore = db.createObjectStore(DB_CONFIG.recoveryEmailStore, { keyPath: ['nearAccountId', 'hashHex'] });\n try { rStore.createIndex('nearAccountId', 'nearAccountId', { unique: false }); } catch {}\n }\n },\n blocked() {\n console.warn('PasskeyClientDB connection is blocked.');\n },\n blocking() {\n console.warn('PasskeyClientDB connection is blocking another connection.');\n },\n terminated: () => {\n console.warn('PasskeyClientDB connection has been terminated.');\n this.db = null;\n },\n });\n\n // Post-open migrations (non-blocking)\n try { await this.runMigrationsIfNeeded(this.db); } catch {}\n\n } catch (err: any) {\n const msg = String(err?.message || '');\n if (err?.name === 'VersionError' || /less than the existing version/i.test(msg)) {\n // Mixed-version contexts (host/app) — open without version to adopt existing DB\n try {\n console.warn('PasskeyClientDB: opening existing DB without version due to VersionError');\n this.db = await openDB(this.config.dbName);\n } catch (e) {\n throw err;\n }\n } else {\n throw err;\n }\n }\n\n return this.db;\n }\n\n private async runMigrationsIfNeeded(_db: IDBPDatabase): Promise<void> {\n return;\n }\n\n // === APP STATE METHODS ===\n\n async getAppState<T = unknown>(key: string): Promise<T | undefined> {\n const db = await this.getDB();\n const result = await db.get(DB_CONFIG.appStateStore, key);\n return result?.value as T | undefined;\n }\n\n async setAppState<T = unknown>(key: string, value: T): Promise<void> {\n const db = await this.getDB();\n const entry: AppStateEntry<T> = { key, value };\n await db.put(DB_CONFIG.appStateStore, entry);\n }\n\n // === ACCOUNT ID VALIDATION AND UTILITIES ===\n\n /**\n * Validate that a NEAR account ID is in the expected format\n * Supports both <username>.<relayerAccountId> and <username>.testnet formats\n */\n validateNearAccountId(nearAccountId: AccountId): ValidationResult {\n return validateNearAccountId(nearAccountId);\n }\n\n /**\n * Extract username from NEAR account ID\n */\n extractUsername(nearAccountId: AccountId): string {\n const validation = validateNearAccountId(nearAccountId);\n if (!validation.valid) {\n throw new Error(`Invalid NEAR account ID: ${validation.error}`);\n }\n return nearAccountId.split('.')[0];\n }\n\n /**\n * Generate a NEAR account ID from a username and domain\n * @param username - The username to use for the account ID\n * @param domain - The domain to use for the account ID\n * @returns The generated NEAR account ID\n */\n generateNearAccountId(username: string, domain: string): string {\n const sanitizedName = username\n .toLowerCase()\n .replace(/[^a-z0-9_\\\\-]/g, '')\n .substring(0, 32);\n return `${sanitizedName}.${domain}`;\n }\n\n // === USER MANAGEMENT METHODS ===\n\n async getUser(nearAccountId: AccountId, deviceNumber?: number): Promise<ClientUserData | null> {\n if (!nearAccountId) return null;\n\n const validation = this.validateNearAccountId(nearAccountId);\n if (!validation.valid) {\n console.warn(`Invalid account ID format: ${nearAccountId}`);\n return null;\n }\n\n const db = await this.getDB();\n const accountId = toAccountId(nearAccountId);\n\n if (typeof deviceNumber === 'number') {\n const rec = await db.get(DB_CONFIG.userStore, [accountId, deviceNumber]);\n if (!rec) return null;\n return await this.normalizeUserDeviceNumber(rec as ClientUserDataWithOptionalDevice, deviceNumber);\n }\n\n const index = db.transaction(DB_CONFIG.userStore).store.index('nearAccountId');\n const results = await index.getAll(accountId);\n if (results.length === 0) {\n return null;\n }\n\n if (results.length > 1) {\n console.warn(\n `Multiple passkeys found for account ${accountId}, deviceNumber not provided; ` +\n 'defaulting to last logged-in user.'\n );\n console.log('defaulting to last used user deviceNumber');\n const lastUserState = await this.getAppState<LastUserAccountIdState>('lastUserAccountId').catch(() => null);\n if (lastUserState && toAccountId(lastUserState.accountId) === accountId) {\n const keyed = await db.get(DB_CONFIG.userStore, [accountId, lastUserState.deviceNumber]);\n if (keyed) {\n return await this.normalizeUserDeviceNumber(\n keyed as ClientUserDataWithOptionalDevice,\n lastUserState.deviceNumber\n );\n }\n }\n }\n\n const first = results[0] as ClientUserDataWithOptionalDevice;\n if (!first) return null;\n return await this.normalizeUserDeviceNumber(first, 1);\n }\n\n /**\n * Get the current/last user\n * This is maintained via app state and updated whenever a user is stored or updated\n */\n async getLastUser(): Promise<ClientUserData | null> {\n const lastUserState = await this.getAppState<LastUserAccountIdState>('lastUserAccountId');\n if (!lastUserState) return null;\n const db = await this.getDB();\n const accountId = toAccountId(lastUserState.accountId);\n // Prefer exact device match using composite primary key\n const record = await db.get(DB_CONFIG.userStore, [accountId, lastUserState.deviceNumber]);\n if (record) return record as ClientUserData;\n // Fallback: return any user for account\n return this.getUser(accountId);\n }\n\n /** Get user record by composite key (nearAccountId, deviceNumber) */\n async getUserByDevice(nearAccountId: AccountId, deviceNumber: number): Promise<ClientUserData | null> {\n const db = await this.getDB();\n const accountId = toAccountId(nearAccountId);\n const rec = await db.get(DB_CONFIG.userStore, [accountId, deviceNumber]);\n return rec as ClientUserData || null;\n }\n\n /**\n * Get the most recently updated user record for a given account.\n * Useful when deviceNumber is unknown but we need the freshest key for the account.\n */\n /**\n * Get the most recently updated user record for a given account.\n * Useful when deviceNumber is unknown but we need the freshest key for the account.\n */\n async getLastDBUpdatedUser(nearAccountId: AccountId): Promise<ClientUserData | null> {\n const db = await this.getDB();\n try {\n const idx = db.transaction(DB_CONFIG.userStore).store.index('nearAccountId');\n const all = await idx.getAll(toAccountId(nearAccountId));\n if (Array.isArray(all) && all.length > 0) {\n const latest = (all as ClientUserData[]).reduce((a, b) =>\n (a.lastUpdated ?? 0) >= (b.lastUpdated ?? 0) ? a : b\n );\n return latest;\n }\n } catch {\n // fall through\n }\n return null;\n }\n\n async hasPasskeyCredential(nearAccountId: AccountId): Promise<boolean> {\n const authenticators = await this.getAuthenticatorsByUser(nearAccountId);\n return !!authenticators[0]?.credentialId;\n }\n\n /**\n * Ensure the current passkey selection is aligned with the last logged-in device.\n *\n * - When multiple authenticators exist for an account and no deviceNumber is specified,\n * this helper prefers authenticators whose deviceNumber matches the last logged-in user.\n * - Optionally validates that a selected credential (by rawId) also matches the last-user device.\n *\n * @param nearAccountId - Account ID for which the operation is being performed\n * @param authenticators - All authenticators stored for the account\n * @param selectedCredentialRawId - Optional rawId of the credential chosen by WebAuthn\n * @returns filtered authenticators for allowCredentials, plus optional wrongPasskeyError\n */\n async ensureCurrentPasskey(\n nearAccountId: AccountId,\n authenticators: ClientAuthenticatorData[],\n selectedCredentialRawId?: string,\n ): Promise<{\n authenticatorsForPrompt: ClientAuthenticatorData[];\n wrongPasskeyError?: string;\n }> {\n if (authenticators.length <= 1) {\n return { authenticatorsForPrompt: authenticators };\n }\n\n const accountIdNormalized = toAccountId(nearAccountId);\n const lastUser = await this.getLastUser().catch(() => null);\n if (!lastUser || lastUser.nearAccountId !== accountIdNormalized) {\n return { authenticatorsForPrompt: authenticators };\n }\n\n const expectedDeviceNumber = lastUser.deviceNumber;\n const byDeviceNumber = authenticators.filter(a => a.deviceNumber === expectedDeviceNumber);\n\n // Prefer the credentialId for the last-user deviceNumber; use the stored last-user rawId\n // only when it matches an authenticator for that device (or when we have no device match).\n let expectedCredentialId = lastUser.passkeyCredential.rawId;\n if (byDeviceNumber.length > 0 && !byDeviceNumber.some(a => a.credentialId === expectedCredentialId)) {\n expectedCredentialId = byDeviceNumber[0].credentialId;\n }\n\n // Preference: restrict allowCredentials to the last-user credentialId.\n // Fallback: if the local authenticator cache is missing that entry, prefer the last-user deviceNumber.\n const byCredentialId = authenticators.filter(a => a.credentialId === expectedCredentialId);\n const authenticatorsForPrompt =\n byCredentialId.length > 0\n ? byCredentialId\n : (byDeviceNumber.length > 0 ? byDeviceNumber : authenticators);\n\n const wrongPasskeyError =\n selectedCredentialRawId && selectedCredentialRawId !== expectedCredentialId\n ? (\n `You have multiple passkeys (deviceNumbers) for account ${accountIdNormalized}, ` +\n 'but used a different passkey than the most recently logged-in one. Please use the passkey for the most recently logged-in device.'\n )\n : undefined;\n\n return { authenticatorsForPrompt, wrongPasskeyError };\n }\n\n /**\n * Register a new user with the given NEAR account ID\n * @param nearAccountId - Full NEAR account ID (e.g., \"username.testnet\" or \"username.relayer.testnet\")\n * @param additionalData - Additional user data to store\n */\n async registerUser(storeUserData: StoreUserDataInput): Promise<ClientUserData> {\n\n const validation = this.validateNearAccountId(storeUserData.nearAccountId);\n if (!validation.valid) {\n throw new Error(`Cannot register user with invalid account ID: ${validation.error}`);\n }\n\n const now = Date.now();\n\n const userData: ClientUserData = {\n nearAccountId: toAccountId(storeUserData.nearAccountId),\n deviceNumber: storeUserData.deviceNumber || 1, // Default to device 1 (1-indexed)\n version: storeUserData.version || 2,\n registeredAt: now,\n lastLogin: now,\n lastUpdated: now,\n clientNearPublicKey: storeUserData.clientNearPublicKey,\n passkeyCredential: storeUserData.passkeyCredential,\n preferences: {\n useRelayer: false,\n useNetwork: 'testnet',\n confirmationConfig: DEFAULT_CONFIRMATION_CONFIG,\n // Default preferences can be set here\n },\n encryptedVrfKeypair: storeUserData.encryptedVrfKeypair,\n serverEncryptedVrfKeypair: storeUserData.serverEncryptedVrfKeypair,\n };\n\n await this.storeUser(userData);\n return userData;\n }\n\n async updateUser(nearAccountId: AccountId, updates: Partial<ClientUserData>): Promise<void> {\n const user = await this.getUser(nearAccountId);\n if (user) {\n const updatedUser = {\n ...user,\n ...updates,\n lastUpdated: Date.now()\n };\n await this.storeUser(updatedUser); // This will update the app state lastUserAccountId\n\n // Emit event for user updates\n this.emitEvent({\n type: 'user-updated',\n accountId: nearAccountId,\n data: { updates, updatedUser }\n });\n }\n }\n\n async updateLastLogin(nearAccountId: AccountId): Promise<void> {\n await this.updateUser(nearAccountId, { lastLogin: Date.now() });\n }\n\n /**\n * Set the last logged-in user\n * @param nearAccountId - The account ID of the user\n * @param deviceNumber - The device number (defaults to 1)\n */\n async setLastUser(nearAccountId: AccountId, deviceNumber: number = 1): Promise<void> {\n const lastUserState: LastUserAccountIdState = {\n accountId: nearAccountId,\n deviceNumber,\n };\n await this.setAppState('lastUserAccountId', lastUserState);\n }\n\n async updatePreferences(\n nearAccountId: AccountId,\n preferences: Partial<UserPreferences>\n ): Promise<void> {\n const user = await this.getUser(nearAccountId);\n if (user) {\n const updatedPreferences = {\n ...user.preferences,\n ...preferences\n } as UserPreferences;\n await this.updateUser(nearAccountId, { preferences: updatedPreferences });\n\n // Emit event for preference changes\n this.emitEvent({\n type: 'preferences-updated',\n accountId: nearAccountId,\n data: { preferences: updatedPreferences }\n });\n }\n }\n\n private async normalizeUserDeviceNumber(\n user: ClientUserDataWithOptionalDevice,\n defaultDeviceNumber: number\n ): Promise<ClientUserData> {\n const hasValidDevice =\n typeof user.deviceNumber === 'number' && Number.isFinite(user.deviceNumber);\n if (hasValidDevice) {\n return user as ClientUserData;\n }\n\n const deviceNumber = defaultDeviceNumber;\n const fixed: ClientUserData = {\n ...(user as Omit<ClientUserData, 'deviceNumber'>),\n deviceNumber,\n };\n await this.storeUser(fixed);\n return fixed;\n }\n\n private async storeUser(userData: ClientUserData): Promise<void> {\n const validation = this.validateNearAccountId(userData.nearAccountId);\n if (!validation.valid) {\n throw new Error(`Cannot store user with invalid account ID: ${validation.error}`);\n }\n\n const db = await this.getDB();\n await db.put(DB_CONFIG.userStore, userData);\n\n // Update lastUserAccountId with new format including device info\n const lastUserState: LastUserAccountIdState = {\n accountId: userData.nearAccountId,\n deviceNumber: userData.deviceNumber,\n };\n\n await this.setAppState('lastUserAccountId', lastUserState);\n }\n\n /**\n * Store WebAuthn user data (compatibility with WebAuthnManager)\n * @param userData - User data with nearAccountId as primary identifier\n */\n async storeWebAuthnUserData(userData: StoreWebAuthnUserDataInput): Promise<void> {\n const validation = this.validateNearAccountId(userData.nearAccountId);\n if (!validation.valid) {\n throw new Error(`Cannot store WebAuthn data for invalid account ID: ${validation.error}`);\n }\n\n const accountId = toAccountId(userData.nearAccountId);\n const deviceNumber = userData.deviceNumber;\n let user = await this.getUser(accountId, deviceNumber);\n\n if (!user) {\n user = await this.registerUser({\n nearAccountId: accountId,\n deviceNumber,\n clientNearPublicKey: userData.clientNearPublicKey,\n passkeyCredential: userData.passkeyCredential,\n encryptedVrfKeypair: userData.encryptedVrfKeypair,\n version: userData.version || 2,\n serverEncryptedVrfKeypair: userData.serverEncryptedVrfKeypair,\n });\n }\n\n const updatedUser: ClientUserData = {\n ...user,\n clientNearPublicKey: userData.clientNearPublicKey,\n passkeyCredential: userData.passkeyCredential,\n encryptedVrfKeypair: userData.encryptedVrfKeypair,\n serverEncryptedVrfKeypair: userData.serverEncryptedVrfKeypair ?? user.serverEncryptedVrfKeypair,\n version: userData.version ?? user.version,\n lastUpdated: userData.lastUpdated ?? Date.now(),\n };\n\n await this.storeUser(updatedUser);\n this.emitEvent({\n type: 'user-updated',\n accountId,\n data: { updatedUser }\n });\n }\n\n async getAllUsers(): Promise<ClientUserData[]> {\n const db = await this.getDB();\n return db.getAll(DB_CONFIG.userStore);\n }\n\n async deleteUser(nearAccountId: AccountId): Promise<void> {\n const db = await this.getDB();\n await db.delete(DB_CONFIG.userStore, nearAccountId);\n // Also clean up related authenticators\n await this.clearAuthenticatorsForUser(nearAccountId);\n }\n\n async clearAllUsers(): Promise<void> {\n const db = await this.getDB();\n await db.clear(DB_CONFIG.userStore);\n }\n\n async clearAllAppState(): Promise<void> {\n const db = await this.getDB();\n await db.clear(DB_CONFIG.appStateStore);\n }\n\n /**\n * Store authenticator data for a user\n */\n async storeAuthenticator(authenticatorData: ClientAuthenticatorData): Promise<void> {\n const db = await this.getDB();\n await db.put(DB_CONFIG.authenticatorStore, authenticatorData);\n }\n\n /**\n * Get all authenticators for a user (optionally for a specific device)\n */\n async getAuthenticatorsByUser(nearAccountId: AccountId): Promise<ClientAuthenticatorData[]> {\n const db = await this.getDB();\n const tx = db.transaction(DB_CONFIG.authenticatorStore, 'readonly');\n const store = tx.objectStore(DB_CONFIG.authenticatorStore);\n const accountId = toAccountId(nearAccountId);\n\n // Get all authenticators for this account across all devices\n const index = store.index('nearAccountId');\n return await index.getAll(accountId);\n }\n\n /**\n * Get a specific authenticator by credential ID\n */\n async getAuthenticatorByCredentialId(\n nearAccountId: AccountId,\n credentialId: string\n ): Promise<ClientAuthenticatorData | null> {\n const db = await this.getDB();\n const tx = db.transaction(DB_CONFIG.authenticatorStore, 'readonly');\n const store = tx.objectStore(DB_CONFIG.authenticatorStore);\n const accountId = toAccountId(nearAccountId);\n\n // Primary key is [nearAccountId, deviceNumber, credentialId], so we cannot\n // look up by [nearAccountId, credentialId] directly. Use the nearAccountId\n // index and filter by credentialId.\n const index = store.index('nearAccountId');\n const all = await index.getAll(accountId);\n const match = all.find((auth: any) => auth.credentialId === credentialId) || null;\n return match;\n }\n\n /**\n * Clear all authenticators for a user\n */\n async clearAuthenticatorsForUser(nearAccountId: AccountId): Promise<void> {\n const authenticators = await this.getAuthenticatorsByUser(nearAccountId);\n const db = await this.getDB();\n const tx = db.transaction(DB_CONFIG.authenticatorStore, 'readwrite');\n const store = tx.objectStore(DB_CONFIG.authenticatorStore);\n\n for (const auth of authenticators) {\n // Composite PK is [nearAccountId, deviceNumber, credentialId]\n await store.delete([nearAccountId, auth.deviceNumber, auth.credentialId]);\n }\n }\n\n /**\n * Sync authenticators from contract data\n */\n async syncAuthenticatorsFromContract(\n nearAccountId: AccountId,\n contractAuthenticators: Array<{\n credentialId: string;\n credentialPublicKey: Uint8Array;\n transports?: string[];\n name?: string;\n registered: string;\n vrfPublicKey: string;\n deviceNumber?: number; // Device number from contract\n }>\n ): Promise<void> {\n // Clear existing cache for this user\n await this.clearAuthenticatorsForUser(nearAccountId);\n\n // Add all contract authenticators to cache\n const syncedAt = new Date().toISOString();\n for (const auth of contractAuthenticators) {\n // Fix transport processing: filter out undefined values and provide fallback\n const rawTransports = auth.transports || [];\n const validTransports = rawTransports.filter((transport: any) =>\n transport !== undefined && transport !== null && typeof transport === 'string'\n );\n\n // If no valid transports, default to 'internal' for platform authenticators\n const transports = validTransports.length > 0 ? validTransports : ['internal'];\n\n const clientAuth: ClientAuthenticatorData = {\n credentialId: auth.credentialId,\n credentialPublicKey: auth.credentialPublicKey,\n transports,\n name: auth.name,\n nearAccountId: toAccountId(nearAccountId),\n deviceNumber: auth.deviceNumber || 1, // Default to device 1 (1-indexed)\n registered: auth.registered,\n syncedAt: syncedAt,\n vrfPublicKey: auth.vrfPublicKey,\n };\n await this.storeAuthenticator(clientAuth);\n }\n }\n\n // === ATOMIC OPERATIONS AND ROLLBACK METHODS ===\n\n /**\n * Delete all authenticators for a user\n */\n async deleteAllAuthenticatorsForUser(nearAccountId: AccountId): Promise<void> {\n const authenticators = await this.getAuthenticatorsByUser(nearAccountId);\n\n if (authenticators.length === 0) {\n console.warn(`No authenticators found for user ${nearAccountId}`);\n return;\n }\n\n const db = await this.getDB();\n const tx = db.transaction(DB_CONFIG.authenticatorStore, 'readwrite');\n const store = tx.objectStore(DB_CONFIG.authenticatorStore);\n\n for (const auth of authenticators) {\n // Composite PK is [nearAccountId, deviceNumber, credentialId]\n await store.delete([nearAccountId, auth.deviceNumber, auth.credentialId]);\n }\n\n console.debug(`Deleted ${authenticators.length} authenticators for user ${nearAccountId}`);\n }\n\n /**\n * Get user's confirmation config from IndexedDB\n * @param nearAccountId - The user's account ID\n * @returns ConfirmationConfig or undefined\n */\n async getConfirmationConfig(nearAccountId: AccountId): Promise<ConfirmationConfig> {\n const user = await this.getUser(nearAccountId);\n return user?.preferences?.confirmationConfig || DEFAULT_CONFIRMATION_CONFIG;\n }\n\n /**\n * Get user's theme preference from IndexedDB\n * @param nearAccountId - The user's account ID\n * @returns 'dark' | 'light' | null\n */\n async getTheme(nearAccountId: AccountId): Promise<'dark' | 'light' | null> {\n const user = await this.getUser(nearAccountId);\n return user?.preferences?.confirmationConfig.theme || null;\n }\n\n /**\n * Set user's theme preference in IndexedDB\n * @param nearAccountId - The user's account ID\n * @param theme - The theme to set ('dark' | 'light')\n */\n async setTheme(nearAccountId: AccountId, theme: 'dark' | 'light'): Promise<void> {\n const existingConfig = await this.getConfirmationConfig(nearAccountId);\n const confirmationConfig = { ...existingConfig, theme };\n await this.updatePreferences(nearAccountId, { confirmationConfig });\n }\n\n /**\n * Get user's theme with fallback to 'dark'\n * @param nearAccountId - The user's account ID\n * @returns 'dark' | 'light'\n */\n async getThemeOrDefault(nearAccountId: AccountId): Promise<'dark' | 'light'> {\n const theme = await this.getTheme(nearAccountId);\n return theme || 'dark';\n }\n\n /**\n * Toggle between dark and light theme for a user\n * @param nearAccountId - The user's account ID\n * @returns The new theme that was set\n */\n async toggleTheme(nearAccountId: AccountId): Promise<'dark' | 'light'> {\n const currentTheme = await this.getThemeOrDefault(nearAccountId);\n const newTheme = currentTheme === 'dark' ? 'light' : 'dark';\n await this.setTheme(nearAccountId, newTheme);\n return newTheme;\n }\n\n // === DERIVED ADDRESS METHODS ===\n\n /**\n * Store a derived address for a given NEAR account + contract + path\n */\n async setDerivedAddress(nearAccountId: AccountId, args: { contractId: string; path: string; address: string }): Promise<void> {\n if (!nearAccountId || !args?.contractId || !args?.path || !args?.address) return;\n const validation = this.validateNearAccountId(nearAccountId);\n if (!validation.valid) return;\n const rec: DerivedAddressRecord = {\n nearAccountId: toAccountId(nearAccountId),\n contractId: String(args.contractId),\n path: String(args.path),\n address: String(args.address),\n updatedAt: Date.now(),\n };\n const db = await this.getDB();\n await db.put(DB_CONFIG.derivedAddressStore, rec);\n }\n\n /**\n * Fetch a derived address record; returns null if not found\n */\n async getDerivedAddressRecord(nearAccountId: AccountId, args: { contractId: string; path: string }): Promise<DerivedAddressRecord | null> {\n if (!nearAccountId || !args?.contractId || !args?.path) return null;\n const db = await this.getDB();\n const rec = await db.get(DB_CONFIG.derivedAddressStore, [toAccountId(nearAccountId), String(args.contractId), String(args.path)]);\n return (rec as DerivedAddressRecord) || null;\n }\n\n /**\n * Get only the derived address string; returns null if not set\n */\n async getDerivedAddress(nearAccountId: AccountId, args: { contractId: string; path: string }): Promise<string | null> {\n const rec = await this.getDerivedAddressRecord(nearAccountId, args);\n return rec?.address || null;\n }\n\n // === RECOVERY EMAIL METHODS ===\n\n /**\n * Upsert recovery email records for an account.\n * Merges by hashHex, preferring the most recent email.\n */\n async upsertRecoveryEmails(\n nearAccountId: AccountId,\n entries: Array<{ hashHex: string; email: string }>\n ): Promise<void> {\n if (!nearAccountId || !entries?.length) return;\n const validation = this.validateNearAccountId(nearAccountId);\n if (!validation.valid) return;\n\n const db = await this.getDB();\n const accountId = toAccountId(nearAccountId);\n const now = Date.now();\n\n for (const entry of entries) {\n const hashHex = String(entry?.hashHex || '').trim();\n const email = String(entry?.email || '').trim();\n if (!hashHex || !email) continue;\n\n const rec: RecoveryEmailRecord = {\n nearAccountId: accountId,\n hashHex,\n email,\n addedAt: now,\n };\n await db.put(DB_CONFIG.recoveryEmailStore, rec);\n }\n }\n\n /**\n * Fetch all recovery email records for an account.\n */\n async getRecoveryEmails(nearAccountId: AccountId): Promise<RecoveryEmailRecord[]> {\n if (!nearAccountId) return [];\n const db = await this.getDB();\n const accountId = toAccountId(nearAccountId);\n const tx = db.transaction(DB_CONFIG.recoveryEmailStore, 'readonly');\n const store = tx.objectStore(DB_CONFIG.recoveryEmailStore);\n const index = store.index('nearAccountId');\n const result = await index.getAll(accountId);\n return (result as RecoveryEmailRecord[]) || [];\n }\n\n /**\n * Atomic operation wrapper for multiple IndexedDB operations\n * Either all operations succeed or all are rolled back\n */\n async atomicOperation<T>(operation: (db: IDBPDatabase) => Promise<T>): Promise<T> {\n const db = await this.getDB();\n try {\n const result = await operation(db);\n return result;\n } catch (error) {\n console.error('Atomic operation failed:', error);\n throw error;\n }\n }\n\n /**\n * Complete rollback of user registration data\n * Deletes user, authenticators, and WebAuthn data atomically\n */\n async rollbackUserRegistration(nearAccountId: AccountId): Promise<void> {\n console.debug(`Rolling back registration data for ${nearAccountId}`);\n\n await this.atomicOperation(async (db) => {\n // Delete all authenticators for this user\n await this.deleteAllAuthenticatorsForUser(nearAccountId);\n\n // Delete user record\n await db.delete(DB_CONFIG.userStore, nearAccountId);\n\n // Clear from app state if this was the last user\n const lastUserAccount = await this.getAppState<string>('lastUserAccountId');\n if (lastUserAccount === nearAccountId) {\n await this.setAppState('lastUserAccountId', null);\n }\n\n console.debug(`Rolled back all registration data for ${nearAccountId}`);\n return true;\n });\n }\n}\n"],"mappings":";;;;;;;;;;;;;CA6GMA,YAAmC;EACvC,QAAQ;EACR,WAAW;EACX,WAAW;EACX,eAAe;EACf,oBAAoB;EACpB,qBAAqB;EACrB,oBAAoB;;CAiDT,yBAAb,MAAoC;EAClC,AAAQ;EACR,AAAQ,KAA0B;EAClC,AAAQ,WAAW;EACnB,AAAQ,iCAAuD,IAAI;EAEnE,YAAY,SAAgC,WAAW;AACrD,QAAK,SAAS;;EAGhB,YAAoB;AAClB,UAAO,KAAK,OAAO;;EAGrB,UAAU,QAAsB;GAC9B,MAAM,OAAO,OAAO,UAAU,IAAI;AAClC,OAAI,CAAC,QAAQ,SAAS,KAAK,OAAO,OAAQ;AAC1C,OAAI;AAAE,IAAC,KAAK,IAAY;WAAmB;AAC3C,QAAK,KAAK;AACV,QAAK,SAAS;IAAE,GAAG,KAAK;IAAQ,QAAQ;;;EAG1C,aAAsB;AACpB,UAAO,KAAK;;EAGd,YAAY,UAAyB;GACnC,MAAM,OAAO,CAAC,CAAC;AACf,OAAI,SAAS,KAAK,SAAU;AAC5B,QAAK,WAAW;AAChB,OAAI,MAAM;AACR,QAAI;AAAE,KAAC,KAAK,IAAY;YAAmB;AAC3C,SAAK,KAAK;;;EAMd,SAAS,UAAuD;AAC9D,QAAK,eAAe,IAAI;AACxB,gBAAa;AACX,SAAK,eAAe,OAAO;;;EAI/B,AAAQ,UAAU,OAA6B;AAC7C,QAAK,eAAe,SAAQ,aAAY;AACtC,QAAI;AACF,cAAS;aACF,OAAO;AACd,aAAQ,KAAK,gDAAgD;;;;EAKnE,MAAc,QAA+B;AAC3C,OAAI,KAAK,SACP,OAAM,IAAI,MAAM;AAElB,OAAI,KAAK,GACP,QAAO,KAAK;AAGd,OAAI;AACF,SAAK,KAAK,sBAAa,KAAK,OAAO,QAAQ,KAAK,OAAO,WAAW;KAClE,UAAU,IAAI,YAAY,aAAa,iBAAuB;AAE1D,UAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,YAAY;OAEtD,MAAM,YAAY,GAAG,kBAAkB,UAAU,WAAW,EAAE,SAAS,CAAC,iBAAiB;AACzF,iBAAU,YAAY,iBAAiB,iBAAiB,EAAE,QAAQ;;AAEpE,UAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,eAC1C,IAAG,kBAAkB,UAAU,eAAe,EAAE,SAAS;AAE3D,UAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,qBAAqB;OAE/D,MAAM,YAAY,GAAG,kBAAkB,UAAU,oBAAoB,EAAE,SAAS;QAAC;QAAiB;QAAgB;;AAClH,iBAAU,YAAY,iBAAiB,iBAAiB,EAAE,QAAQ;;AAEpE,UAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,sBAAsB;OAEhE,MAAM,SAAS,GAAG,kBAAkB,UAAU,qBAAqB,EAAE,SAAS;QAAC;QAAiB;QAAc;;AAC9G,WAAI;AAAE,eAAO,YAAY,iBAAiB,iBAAiB,EAAE,QAAQ;eAAkB;;AAEzF,UAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,qBAAqB;OAE/D,MAAM,SAAS,GAAG,kBAAkB,UAAU,oBAAoB,EAAE,SAAS,CAAC,iBAAiB;AAC/F,WAAI;AAAE,eAAO,YAAY,iBAAiB,iBAAiB,EAAE,QAAQ;eAAkB;;;KAG3F,UAAU;AACR,cAAQ,KAAK;;KAEf,WAAW;AACT,cAAQ,KAAK;;KAEf,kBAAkB;AAChB,cAAQ,KAAK;AACb,WAAK,KAAK;;;AAKd,QAAI;AAAE,WAAM,KAAK,sBAAsB,KAAK;YAAa;YAElDC,KAAU;IACjB,MAAM,MAAM,OAAO,KAAK,WAAW;AACnC,QAAI,KAAK,SAAS,kBAAkB,kCAAkC,KAAK,KAEzE,KAAI;AACF,aAAQ,KAAK;AACb,UAAK,KAAK,sBAAa,KAAK,OAAO;aAC5B,GAAG;AACV,WAAM;;QAGR,OAAM;;AAIV,UAAO,KAAK;;EAGd,MAAc,sBAAsB,KAAkC;EAMtE,MAAM,YAAyB,KAAqC;GAClE,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,SAAS,MAAM,GAAG,IAAI,UAAU,eAAe;AACrD,UAAO,QAAQ;;EAGjB,MAAM,YAAyB,KAAa,OAAyB;GACnE,MAAM,KAAK,MAAM,KAAK;GACtB,MAAMC,QAA0B;IAAE;IAAK;;AACvC,SAAM,GAAG,IAAI,UAAU,eAAe;;;;;;EASxC,sBAAsB,eAA4C;AAChE,UAAOC,yCAAsB;;;;;EAM/B,gBAAgB,eAAkC;GAChD,MAAM,aAAaA,yCAAsB;AACzC,OAAI,CAAC,WAAW,MACd,OAAM,IAAI,MAAM,4BAA4B,WAAW;AAEzD,UAAO,cAAc,MAAM,KAAK;;;;;;;;EASlC,sBAAsB,UAAkB,QAAwB;GAC9D,MAAM,gBAAgB,SACnB,cACA,QAAQ,kBAAkB,IAC1B,UAAU,GAAG;AAChB,UAAO,GAAG,cAAc,GAAG;;EAK7B,MAAM,QAAQ,eAA0B,cAAuD;AAC7F,OAAI,CAAC,cAAe,QAAO;GAE3B,MAAM,aAAa,KAAK,sBAAsB;AAC9C,OAAI,CAAC,WAAW,OAAO;AACrB,YAAQ,KAAK,8BAA8B;AAC3C,WAAO;;GAGT,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAYC,+BAAY;AAE9B,OAAI,OAAO,iBAAiB,UAAU;IACpC,MAAM,MAAM,MAAM,GAAG,IAAI,UAAU,WAAW,CAAC,WAAW;AAC1D,QAAI,CAAC,IAAK,QAAO;AACjB,WAAO,MAAM,KAAK,0BAA0B,KAAyC;;GAGvF,MAAM,QAAQ,GAAG,YAAY,UAAU,WAAW,MAAM,MAAM;GAC9D,MAAM,UAAU,MAAM,MAAM,OAAO;AACnC,OAAI,QAAQ,WAAW,EACrB,QAAO;AAGT,OAAI,QAAQ,SAAS,GAAG;AACtB,YAAQ,KACN,uCAAuC,UAAU;AAGnD,YAAQ,IAAI;IACZ,MAAM,gBAAgB,MAAM,KAAK,YAAoC,qBAAqB,YAAY;AACtG,QAAI,iBAAiBA,+BAAY,cAAc,eAAe,WAAW;KACvE,MAAM,QAAQ,MAAM,GAAG,IAAI,UAAU,WAAW,CAAC,WAAW,cAAc;AAC1E,SAAI,MACF,QAAO,MAAM,KAAK,0BAChB,OACA,cAAc;;;GAMtB,MAAM,QAAQ,QAAQ;AACtB,OAAI,CAAC,MAAO,QAAO;AACnB,UAAO,MAAM,KAAK,0BAA0B,OAAO;;;;;;EAOrD,MAAM,cAA8C;GAClD,MAAM,gBAAgB,MAAM,KAAK,YAAoC;AACrE,OAAI,CAAC,cAAe,QAAO;GAC3B,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAYA,+BAAY,cAAc;GAE5C,MAAM,SAAS,MAAM,GAAG,IAAI,UAAU,WAAW,CAAC,WAAW,cAAc;AAC3E,OAAI,OAAQ,QAAO;AAEnB,UAAO,KAAK,QAAQ;;;EAItB,MAAM,gBAAgB,eAA0B,cAAsD;GACpG,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAYA,+BAAY;GAC9B,MAAM,MAAM,MAAM,GAAG,IAAI,UAAU,WAAW,CAAC,WAAW;AAC1D,UAAO,OAAyB;;;;;;;;;;EAWlC,MAAM,qBAAqB,eAA0D;GACnF,MAAM,KAAK,MAAM,KAAK;AACtB,OAAI;IACF,MAAM,MAAM,GAAG,YAAY,UAAU,WAAW,MAAM,MAAM;IAC5D,MAAM,MAAM,MAAM,IAAI,OAAOA,+BAAY;AACzC,QAAI,MAAM,QAAQ,QAAQ,IAAI,SAAS,GAAG;KACxC,MAAM,SAAU,IAAyB,QAAQ,GAAG,OACjD,EAAE,eAAe,OAAO,EAAE,eAAe,KAAK,IAAI;AAErD,YAAO;;WAEH;AAGR,UAAO;;EAGT,MAAM,qBAAqB,eAA4C;GACrE,MAAM,iBAAiB,MAAM,KAAK,wBAAwB;AAC1D,UAAO,CAAC,CAAC,eAAe,IAAI;;;;;;;;;;;;;;EAe9B,MAAM,qBACJ,eACA,gBACA,yBAIC;AACD,OAAI,eAAe,UAAU,EAC3B,QAAO,EAAE,yBAAyB;GAGpC,MAAM,sBAAsBA,+BAAY;GACxC,MAAM,WAAW,MAAM,KAAK,cAAc,YAAY;AACtD,OAAI,CAAC,YAAY,SAAS,kBAAkB,oBAC1C,QAAO,EAAE,yBAAyB;GAGpC,MAAM,uBAAuB,SAAS;GACtC,MAAM,iBAAiB,eAAe,QAAO,MAAK,EAAE,iBAAiB;GAIrE,IAAI,uBAAuB,SAAS,kBAAkB;AACtD,OAAI,eAAe,SAAS,KAAK,CAAC,eAAe,MAAK,MAAK,EAAE,iBAAiB,sBAC5E,wBAAuB,eAAe,GAAG;GAK3C,MAAM,iBAAiB,eAAe,QAAO,MAAK,EAAE,iBAAiB;GACrE,MAAM,0BACJ,eAAe,SAAS,IACpB,iBACC,eAAe,SAAS,IAAI,iBAAiB;GAEpD,MAAM,oBACJ,2BAA2B,4BAA4B,uBAEnD,0DAA0D,oBAAoB,uIAG9E;AAEN,UAAO;IAAE;IAAyB;;;;;;;;EAQpC,MAAM,aAAa,eAA4D;GAE7E,MAAM,aAAa,KAAK,sBAAsB,cAAc;AAC5D,OAAI,CAAC,WAAW,MACd,OAAM,IAAI,MAAM,iDAAiD,WAAW;GAG9E,MAAM,MAAM,KAAK;GAEjB,MAAMC,WAA2B;IAC/B,eAAeD,+BAAY,cAAc;IACzC,cAAc,cAAc,gBAAgB;IAC5C,SAAS,cAAc,WAAW;IAClC,cAAc;IACd,WAAW;IACX,aAAa;IACb,qBAAqB,cAAc;IACnC,mBAAmB,cAAc;IACjC,aAAa;KACX,YAAY;KACZ,YAAY;KACZ,oBAAoBE;;IAGtB,qBAAqB,cAAc;IACnC,2BAA2B,cAAc;;AAG3C,SAAM,KAAK,UAAU;AACrB,UAAO;;EAGT,MAAM,WAAW,eAA0B,SAAiD;GAC1F,MAAM,OAAO,MAAM,KAAK,QAAQ;AAChC,OAAI,MAAM;IACR,MAAM,cAAc;KAClB,GAAG;KACH,GAAG;KACH,aAAa,KAAK;;AAEpB,UAAM,KAAK,UAAU;AAGrB,SAAK,UAAU;KACb,MAAM;KACN,WAAW;KACX,MAAM;MAAE;MAAS;;;;;EAKvB,MAAM,gBAAgB,eAAyC;AAC7D,SAAM,KAAK,WAAW,eAAe,EAAE,WAAW,KAAK;;;;;;;EAQzD,MAAM,YAAY,eAA0B,eAAuB,GAAkB;GACnF,MAAMC,gBAAwC;IAC5C,WAAW;IACX;;AAEF,SAAM,KAAK,YAAY,qBAAqB;;EAG9C,MAAM,kBACJ,eACA,aACe;GACf,MAAM,OAAO,MAAM,KAAK,QAAQ;AAChC,OAAI,MAAM;IACR,MAAM,qBAAqB;KACzB,GAAG,KAAK;KACR,GAAG;;AAEL,UAAM,KAAK,WAAW,eAAe,EAAE,aAAa;AAGpD,SAAK,UAAU;KACb,MAAM;KACN,WAAW;KACX,MAAM,EAAE,aAAa;;;;EAK3B,MAAc,0BACZ,MACA,qBACyB;GACzB,MAAM,iBACJ,OAAO,KAAK,iBAAiB,YAAY,OAAO,SAAS,KAAK;AAChE,OAAI,eACF,QAAO;GAGT,MAAM,eAAe;GACrB,MAAMC,QAAwB;IAC5B,GAAI;IACJ;;AAEF,SAAM,KAAK,UAAU;AACrB,UAAO;;EAGT,MAAc,UAAU,UAAyC;GAC/D,MAAM,aAAa,KAAK,sBAAsB,SAAS;AACvD,OAAI,CAAC,WAAW,MACd,OAAM,IAAI,MAAM,8CAA8C,WAAW;GAG3E,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,IAAI,UAAU,WAAW;GAGlC,MAAMD,gBAAwC;IAC5C,WAAW,SAAS;IACpB,cAAc,SAAS;;AAGzB,SAAM,KAAK,YAAY,qBAAqB;;;;;;EAO9C,MAAM,sBAAsB,UAAqD;GAC/E,MAAM,aAAa,KAAK,sBAAsB,SAAS;AACvD,OAAI,CAAC,WAAW,MACd,OAAM,IAAI,MAAM,sDAAsD,WAAW;GAGnF,MAAM,YAAYH,+BAAY,SAAS;GACvC,MAAM,eAAe,SAAS;GAC9B,IAAI,OAAO,MAAM,KAAK,QAAQ,WAAW;AAEzC,OAAI,CAAC,KACH,QAAO,MAAM,KAAK,aAAa;IAC7B,eAAe;IACf;IACA,qBAAqB,SAAS;IAC9B,mBAAmB,SAAS;IAC5B,qBAAqB,SAAS;IAC9B,SAAS,SAAS,WAAW;IAC7B,2BAA2B,SAAS;;GAIxC,MAAMK,cAA8B;IAClC,GAAG;IACH,qBAAqB,SAAS;IAC9B,mBAAmB,SAAS;IAC5B,qBAAqB,SAAS;IAC9B,2BAA2B,SAAS,6BAA6B,KAAK;IACtE,SAAS,SAAS,WAAW,KAAK;IAClC,aAAa,SAAS,eAAe,KAAK;;AAG5C,SAAM,KAAK,UAAU;AACrB,QAAK,UAAU;IACb,MAAM;IACN;IACA,MAAM,EAAE;;;EAIZ,MAAM,cAAyC;GAC7C,MAAM,KAAK,MAAM,KAAK;AACtB,UAAO,GAAG,OAAO,UAAU;;EAG7B,MAAM,WAAW,eAAyC;GACxD,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,OAAO,UAAU,WAAW;AAErC,SAAM,KAAK,2BAA2B;;EAGxC,MAAM,gBAA+B;GACnC,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,MAAM,UAAU;;EAG3B,MAAM,mBAAkC;GACtC,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,MAAM,UAAU;;;;;EAM3B,MAAM,mBAAmB,mBAA2D;GAClF,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,IAAI,UAAU,oBAAoB;;;;;EAM7C,MAAM,wBAAwB,eAA8D;GAC1F,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,KAAK,GAAG,YAAY,UAAU,oBAAoB;GACxD,MAAM,QAAQ,GAAG,YAAY,UAAU;GACvC,MAAM,YAAYL,+BAAY;GAG9B,MAAM,QAAQ,MAAM,MAAM;AAC1B,UAAO,MAAM,MAAM,OAAO;;;;;EAM5B,MAAM,+BACJ,eACA,cACyC;GACzC,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,KAAK,GAAG,YAAY,UAAU,oBAAoB;GACxD,MAAM,QAAQ,GAAG,YAAY,UAAU;GACvC,MAAM,YAAYA,+BAAY;GAK9B,MAAM,QAAQ,MAAM,MAAM;GAC1B,MAAM,MAAM,MAAM,MAAM,OAAO;GAC/B,MAAM,QAAQ,IAAI,MAAM,SAAc,KAAK,iBAAiB,iBAAiB;AAC7E,UAAO;;;;;EAMT,MAAM,2BAA2B,eAAyC;GACxE,MAAM,iBAAiB,MAAM,KAAK,wBAAwB;GAC1D,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,KAAK,GAAG,YAAY,UAAU,oBAAoB;GACxD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAEvC,QAAK,MAAM,QAAQ,eAEjB,OAAM,MAAM,OAAO;IAAC;IAAe,KAAK;IAAc,KAAK;;;;;;EAO/D,MAAM,+BACJ,eACA,wBASe;AAEf,SAAM,KAAK,2BAA2B;GAGtC,MAAM,4BAAW,IAAI,QAAO;AAC5B,QAAK,MAAM,QAAQ,wBAAwB;IAEzC,MAAM,gBAAgB,KAAK,cAAc;IACzC,MAAM,kBAAkB,cAAc,QAAQ,cAC5C,cAAc,UAAa,cAAc,QAAQ,OAAO,cAAc;IAIxE,MAAM,aAAa,gBAAgB,SAAS,IAAI,kBAAkB,CAAC;IAEnE,MAAMM,aAAsC;KAC1C,cAAc,KAAK;KACnB,qBAAqB,KAAK;KAC1B;KACA,MAAM,KAAK;KACX,eAAeN,+BAAY;KAC3B,cAAc,KAAK,gBAAgB;KACnC,YAAY,KAAK;KACP;KACV,cAAc,KAAK;;AAErB,UAAM,KAAK,mBAAmB;;;;;;EASlC,MAAM,+BAA+B,eAAyC;GAC5E,MAAM,iBAAiB,MAAM,KAAK,wBAAwB;AAE1D,OAAI,eAAe,WAAW,GAAG;AAC/B,YAAQ,KAAK,oCAAoC;AACjD;;GAGF,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,KAAK,GAAG,YAAY,UAAU,oBAAoB;GACxD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAEvC,QAAK,MAAM,QAAQ,eAEjB,OAAM,MAAM,OAAO;IAAC;IAAe,KAAK;IAAc,KAAK;;AAG7D,WAAQ,MAAM,WAAW,eAAe,OAAO,2BAA2B;;;;;;;EAQ5E,MAAM,sBAAsB,eAAuD;GACjF,MAAM,OAAO,MAAM,KAAK,QAAQ;AAChC,UAAO,MAAM,aAAa,sBAAsBE;;;;;;;EAQlD,MAAM,SAAS,eAA4D;GACzE,MAAM,OAAO,MAAM,KAAK,QAAQ;AAChC,UAAO,MAAM,aAAa,mBAAmB,SAAS;;;;;;;EAQxD,MAAM,SAAS,eAA0B,OAAwC;GAC/E,MAAM,iBAAiB,MAAM,KAAK,sBAAsB;GACxD,MAAM,qBAAqB;IAAE,GAAG;IAAgB;;AAChD,SAAM,KAAK,kBAAkB,eAAe,EAAE;;;;;;;EAQhD,MAAM,kBAAkB,eAAqD;GAC3E,MAAM,QAAQ,MAAM,KAAK,SAAS;AAClC,UAAO,SAAS;;;;;;;EAQlB,MAAM,YAAY,eAAqD;GACrE,MAAM,eAAe,MAAM,KAAK,kBAAkB;GAClD,MAAM,WAAW,iBAAiB,SAAS,UAAU;AACrD,SAAM,KAAK,SAAS,eAAe;AACnC,UAAO;;;;;EAQT,MAAM,kBAAkB,eAA0B,MAA4E;AAC5H,OAAI,CAAC,iBAAiB,CAAC,MAAM,cAAc,CAAC,MAAM,QAAQ,CAAC,MAAM,QAAS;GAC1E,MAAM,aAAa,KAAK,sBAAsB;AAC9C,OAAI,CAAC,WAAW,MAAO;GACvB,MAAMK,MAA4B;IAChC,eAAeP,+BAAY;IAC3B,YAAY,OAAO,KAAK;IACxB,MAAM,OAAO,KAAK;IAClB,SAAS,OAAO,KAAK;IACrB,WAAW,KAAK;;GAElB,MAAM,KAAK,MAAM,KAAK;AACtB,SAAM,GAAG,IAAI,UAAU,qBAAqB;;;;;EAM9C,MAAM,wBAAwB,eAA0B,MAAkF;AACxI,OAAI,CAAC,iBAAiB,CAAC,MAAM,cAAc,CAAC,MAAM,KAAM,QAAO;GAC/D,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,MAAM,MAAM,GAAG,IAAI,UAAU,qBAAqB;IAACA,+BAAY;IAAgB,OAAO,KAAK;IAAa,OAAO,KAAK;;AAC1H,UAAQ,OAAgC;;;;;EAM1C,MAAM,kBAAkB,eAA0B,MAAoE;GACpH,MAAM,MAAM,MAAM,KAAK,wBAAwB,eAAe;AAC9D,UAAO,KAAK,WAAW;;;;;;EASzB,MAAM,qBACJ,eACA,SACe;AACf,OAAI,CAAC,iBAAiB,CAAC,SAAS,OAAQ;GACxC,MAAM,aAAa,KAAK,sBAAsB;AAC9C,OAAI,CAAC,WAAW,MAAO;GAEvB,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAYA,+BAAY;GAC9B,MAAM,MAAM,KAAK;AAEjB,QAAK,MAAM,SAAS,SAAS;IAC3B,MAAM,UAAU,OAAO,OAAO,WAAW,IAAI;IAC7C,MAAM,QAAQ,OAAO,OAAO,SAAS,IAAI;AACzC,QAAI,CAAC,WAAW,CAAC,MAAO;IAExB,MAAMQ,MAA2B;KAC/B,eAAe;KACf;KACA;KACA,SAAS;;AAEX,UAAM,GAAG,IAAI,UAAU,oBAAoB;;;;;;EAO/C,MAAM,kBAAkB,eAA0D;AAChF,OAAI,CAAC,cAAe,QAAO;GAC3B,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAYR,+BAAY;GAC9B,MAAM,KAAK,GAAG,YAAY,UAAU,oBAAoB;GACxD,MAAM,QAAQ,GAAG,YAAY,UAAU;GACvC,MAAM,QAAQ,MAAM,MAAM;GAC1B,MAAM,SAAS,MAAM,MAAM,OAAO;AAClC,UAAQ,UAAoC;;;;;;EAO9C,MAAM,gBAAmB,WAAyD;GAChF,MAAM,KAAK,MAAM,KAAK;AACtB,OAAI;IACF,MAAM,SAAS,MAAM,UAAU;AAC/B,WAAO;YACA,OAAO;AACd,YAAQ,MAAM,4BAA4B;AAC1C,UAAM;;;;;;;EAQV,MAAM,yBAAyB,eAAyC;AACtE,WAAQ,MAAM,sCAAsC;AAEpD,SAAM,KAAK,gBAAgB,OAAO,OAAO;AAEvC,UAAM,KAAK,+BAA+B;AAG1C,UAAM,GAAG,OAAO,UAAU,WAAW;IAGrC,MAAM,kBAAkB,MAAM,KAAK,YAAoB;AACvD,QAAI,oBAAoB,cACtB,OAAM,KAAK,YAAY,qBAAqB;AAG9C,YAAQ,MAAM,yCAAyC;AACvD,WAAO"}

package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js DELETED Viewed

@@ -1,192 +0,0 @@
-const require_rolldown_runtime = require('../../../../_virtual/rolldown_runtime.js');
-let idb = require("idb");
-idb = require_rolldown_runtime.__toESM(idb);
-//#region src/core/IndexedDBManager/passkeyNearKeysDB.ts
-var DB_CONFIG, PasskeyNearKeysDBManager;
-var init_passkeyNearKeysDB = require_rolldown_runtime.__esm({ "src/core/IndexedDBManager/passkeyNearKeysDB.ts": (() => {
-	DB_CONFIG = {
-		dbName: "PasskeyNearKeys",
-		dbVersion: 2,
-		storeName: "encryptedKeys",
-		keyPath: ["nearAccountId", "deviceNumber"]
-	};
-	PasskeyNearKeysDBManager = class {
-		config;
-		db = null;
-		disabled = false;
-		constructor(config = DB_CONFIG) {
-			this.config = config;
-		}
-		getDbName() {
-			return this.config.dbName;
-		}
-		setDbName(dbName) {
-			const next = String(dbName || "").trim();
-			if (!next || next === this.config.dbName) return;
-			try {
-				this.db?.close?.();
-			} catch {}
-			this.db = null;
-			this.config = {
-				...this.config,
-				dbName: next
-			};
-		}
-		isDisabled() {
-			return this.disabled;
-		}
-		setDisabled(disabled) {
-			const next = !!disabled;
-			if (next === this.disabled) return;
-			this.disabled = next;
-			if (next) {
-				try {
-					this.db?.close?.();
-				} catch {}
-				this.db = null;
-			}
-		}
-		/**
-		* Get database connection, initializing if necessary
-		*/
-		async getDB() {
-			if (this.disabled) throw new Error("[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.");
-			if (this.db) return this.db;
-			this.db = await (0, idb.openDB)(this.config.dbName, this.config.dbVersion, {
-				upgrade(db) {
-					try {
-						if (db.objectStoreNames.contains(DB_CONFIG.storeName)) db.deleteObjectStore(DB_CONFIG.storeName);
-					} catch {}
-					const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });
-					try {
-						store.createIndex("nearAccountId", "nearAccountId", { unique: false });
-					} catch {}
-				},
-				blocked() {
-					console.warn("PasskeyNearKeysDB connection is blocked.");
-				},
-				blocking() {
-					console.warn("PasskeyNearKeysDB connection is blocking another connection.");
-				},
-				terminated: () => {
-					console.warn("PasskeyNearKeysDB connection has been terminated.");
-					this.db = null;
-				}
-			});
-			return this.db;
-		}
-		/**
-		* Store encrypted key data
-		*/
-		async storeEncryptedKey(data) {
-			const db = await this.getDB();
-			if (!data.chacha20NonceB64u) throw new Error("PasskeyNearKeysDB: Missing chacha20NonceB64u");
-			await db.put(this.config.storeName, data);
-		}
-		/**
-		* Retrieve encrypted key data
-		*/
-		async getEncryptedKey(nearAccountId, deviceNumber) {
-			const db = await this.getDB();
-			const sanitize = (rec) => {
-				if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
-				return {
-					nearAccountId: rec.nearAccountId,
-					deviceNumber: rec.deviceNumber,
-					encryptedData: rec.encryptedData,
-					chacha20NonceB64u: rec.chacha20NonceB64u,
-					wrapKeySalt: rec.wrapKeySalt,
-					version: rec.version,
-					timestamp: rec.timestamp
-				};
-			};
-			if (typeof deviceNumber === "number") {
-				const res = await db.get(this.config.storeName, [nearAccountId, deviceNumber]);
-				const direct = sanitize(res);
-				if (direct) return direct;
-				if (nearAccountId !== "_init_check") console.warn("PasskeyNearKeysDB: getEncryptedKey - No result for device", deviceNumber, "→ falling back to any key for account");
-				try {
-					const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
-					const all = await idx.getAll(nearAccountId);
-					if (Array.isArray(all) && all.length > 0) {
-						const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
-						return sanitize(latest);
-					}
-				} catch {}
-				return null;
-			}
-			try {
-				const idx = db.transaction(this.config.storeName).store.index("nearAccountId");
-				const all = await idx.getAll(nearAccountId);
-				if (Array.isArray(all) && all.length > 0) {
-					const latest = all.reduce((a, b) => a.timestamp >= b.timestamp ? a : b);
-					return sanitize(latest);
-				}
-			} catch {}
-			return null;
-		}
-		/**
-		* Verify key storage by attempting retrieval
-		*/
-		async verifyKeyStorage(nearAccountId, deviceNumber) {
-			const retrievedKey = await this.getEncryptedKey(nearAccountId, deviceNumber);
-			return !!retrievedKey;
-		}
-		/**
-		* Delete encrypted key data for a specific account
-		*/
-		async deleteEncryptedKey(nearAccountId, deviceNumber) {
-			const db = await this.getDB();
-			if (typeof deviceNumber === "number") await db.delete(this.config.storeName, [nearAccountId, deviceNumber]);
-			else {
-				const tx = db.transaction(this.config.storeName, "readwrite");
-				const idx = tx.store.index("nearAccountId");
-				let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));
-				while (cursor) {
-					await tx.store.delete(cursor.primaryKey);
-					cursor = await cursor.continue();
-				}
-				await tx.done;
-			}
-			console.debug("PasskeyNearKeysDB: deleteEncryptedKey - Successfully deleted");
-		}
-		/**
-		* Get all encrypted keys (for migration or debugging purposes)
-		*/
-		async getAllEncryptedKeys() {
-			const db = await this.getDB();
-			const all = await db.getAll(this.config.storeName);
-			return all.map((rec) => {
-				if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;
-				return {
-					nearAccountId: rec.nearAccountId,
-					deviceNumber: rec.deviceNumber,
-					encryptedData: rec.encryptedData,
-					chacha20NonceB64u: rec.chacha20NonceB64u,
-					wrapKeySalt: rec.wrapKeySalt,
-					version: rec.version,
-					timestamp: rec.timestamp
-				};
-			}).filter((rec) => rec !== null);
-		}
-		/**
-		* Check if a key exists for the given account
-		*/
-		async hasEncryptedKey(nearAccountId, deviceNumber) {
-			const keyData = await this.getEncryptedKey(nearAccountId, deviceNumber);
-			return !!keyData;
-		}
-	};
-}) });
-//#endregion
-init_passkeyNearKeysDB();
-exports.PasskeyNearKeysDBManager = PasskeyNearKeysDBManager;
-Object.defineProperty(exports, 'init_passkeyNearKeysDB', {
-  enumerable: true,
-  get: function () {
-    return init_passkeyNearKeysDB;
-  }
-});
-//# sourceMappingURL=passkeyNearKeysDB.js.map

package/dist/cjs/react/sdk/src/core/IndexedDBManager/passkeyNearKeysDB.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"passkeyNearKeysDB.js","names":["DB_CONFIG: PasskeyNearKeysDBConfig"],"sources":["../../../../../../../src/core/IndexedDBManager/passkeyNearKeysDB.ts"],"sourcesContent":["import { openDB, type IDBPDatabase } from 'idb';\n\nconst DB_CONFIG: PasskeyNearKeysDBConfig = {\n dbName: 'PasskeyNearKeys',\n dbVersion: 2,\n storeName: 'encryptedKeys',\n keyPath: ['nearAccountId', 'deviceNumber']\n} as const;\n\nexport interface EncryptedKeyData {\n nearAccountId: string;\n deviceNumber: number; // 1-indexed device number\n encryptedData: string;\n /**\n * Base64url-encoded AEAD nonce (ChaCha20-Poly1305) for `encryptedData`.\n */\n chacha20NonceB64u: string;\n /**\n * HKDF salt used alongside WrapKeySeed for KEK derivation.\n * Required for v2+ vaults; entries missing `wrapKeySalt` are considered invalid\n * and require re-registration to upgrade the vault format.\n */\n wrapKeySalt?: string;\n version?: number;\n timestamp: number;\n}\n\ninterface PasskeyNearKeysDBConfig {\n dbName: string;\n dbVersion: number;\n storeName: string;\n keyPath: string | [string, string];\n}\n\nexport class PasskeyNearKeysDBManager {\n private config: PasskeyNearKeysDBConfig;\n private db: IDBPDatabase | null = null;\n private disabled = false;\n\n constructor(config: PasskeyNearKeysDBConfig = DB_CONFIG) {\n this.config = config;\n }\n\n getDbName(): string {\n return this.config.dbName;\n }\n\n setDbName(dbName: string): void {\n const next = String(dbName || '').trim();\n if (!next || next === this.config.dbName) return;\n try { (this.db as any)?.close?.(); } catch {}\n this.db = null;\n this.config = { ...this.config, dbName: next };\n }\n\n isDisabled(): boolean {\n return this.disabled;\n }\n\n setDisabled(disabled: boolean): void {\n const next = !!disabled;\n if (next === this.disabled) return;\n this.disabled = next;\n if (next) {\n try { (this.db as any)?.close?.(); } catch {}\n this.db = null;\n }\n }\n\n /**\n * Get database connection, initializing if necessary\n */\n private async getDB(): Promise<IDBPDatabase> {\n if (this.disabled) {\n throw new Error('[PasskeyNearKeysDBManager] IndexedDB is disabled in this environment.');\n }\n if (this.db) {\n return this.db;\n }\n\n this.db = await openDB(this.config.dbName, this.config.dbVersion, {\n upgrade(db): void {\n // Always recreate store with composite key; no migration\n try { if (db.objectStoreNames.contains(DB_CONFIG.storeName)) db.deleteObjectStore(DB_CONFIG.storeName); } catch {}\n const store = db.createObjectStore(DB_CONFIG.storeName, { keyPath: DB_CONFIG.keyPath });\n try { store.createIndex('nearAccountId', 'nearAccountId', { unique: false }); } catch {}\n },\n blocked() {\n console.warn('PasskeyNearKeysDB connection is blocked.');\n },\n blocking() {\n console.warn('PasskeyNearKeysDB connection is blocking another connection.');\n },\n terminated: () => {\n console.warn('PasskeyNearKeysDB connection has been terminated.');\n this.db = null;\n },\n });\n\n return this.db;\n }\n\n /**\n * Store encrypted key data\n */\n async storeEncryptedKey(data: EncryptedKeyData): Promise<void> {\n const db = await this.getDB();\n if (!data.chacha20NonceB64u) {\n throw new Error('PasskeyNearKeysDB: Missing chacha20NonceB64u');\n }\n await db.put(this.config.storeName, data);\n }\n\n /**\n * Retrieve encrypted key data\n */\n async getEncryptedKey(nearAccountId: string, deviceNumber: number): Promise<EncryptedKeyData | null> {\n const db = await this.getDB();\n const sanitize = (rec: any): EncryptedKeyData | null => {\n if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;\n return {\n nearAccountId: rec.nearAccountId,\n deviceNumber: rec.deviceNumber,\n encryptedData: rec.encryptedData,\n chacha20NonceB64u: rec.chacha20NonceB64u,\n wrapKeySalt: rec.wrapKeySalt,\n version: rec.version,\n timestamp: rec.timestamp,\n };\n };\n\n if (typeof deviceNumber === 'number') {\n const res = await db.get(this.config.storeName, [nearAccountId, deviceNumber]);\n const direct = sanitize(res);\n if (direct) return direct;\n // Fallback: if specific device key missing, return the most recent key for the account\n if (nearAccountId !== '_init_check') {\n console.warn('PasskeyNearKeysDB: getEncryptedKey - No result for device', deviceNumber, '→ falling back to any key for account');\n }\n try {\n const idx = db.transaction(this.config.storeName).store.index('nearAccountId');\n const all = await idx.getAll(nearAccountId);\n if (Array.isArray(all) && all.length > 0) {\n // Choose the most recently stored entry by timestamp\n const latest = (all as any[]).reduce((a, b) => (a.timestamp >= b.timestamp ? a : b));\n return sanitize(latest);\n }\n } catch {}\n return null;\n }\n // Fallback: pick the first entry for this account (non-deterministic order)\n try {\n const idx = db.transaction(this.config.storeName).store.index('nearAccountId');\n // Prefer all+latest even in generic path for consistency\n const all = await idx.getAll(nearAccountId);\n if (Array.isArray(all) && all.length > 0) {\n const latest = (all as any[]).reduce((a, b) => (a.timestamp >= b.timestamp ? a : b));\n return sanitize(latest);\n }\n } catch {}\n return null;\n }\n\n /**\n * Verify key storage by attempting retrieval\n */\n async verifyKeyStorage(nearAccountId: string, deviceNumber: number): Promise<boolean> {\n const retrievedKey = await this.getEncryptedKey(nearAccountId, deviceNumber);\n return !!retrievedKey;\n }\n\n /**\n * Delete encrypted key data for a specific account\n */\n async deleteEncryptedKey(nearAccountId: string, deviceNumber?: number): Promise<void> {\n const db = await this.getDB();\n if (typeof deviceNumber === 'number') {\n await db.delete(this.config.storeName, [nearAccountId, deviceNumber]);\n } else {\n // Delete all keys for this account if device unspecified\n const tx = db.transaction(this.config.storeName, 'readwrite');\n const idx = tx.store.index('nearAccountId');\n let cursor = await idx.openCursor(IDBKeyRange.only(nearAccountId));\n while (cursor) {\n await tx.store.delete(cursor.primaryKey);\n cursor = await cursor.continue();\n }\n await tx.done;\n }\n console.debug('PasskeyNearKeysDB: deleteEncryptedKey - Successfully deleted');\n }\n\n /**\n * Get all encrypted keys (for migration or debugging purposes)\n */\n async getAllEncryptedKeys(): Promise<EncryptedKeyData[]> {\n const db = await this.getDB();\n const all = await db.getAll(this.config.storeName);\n return (all as any[])\n .map((rec) => {\n if (!rec?.encryptedData || !rec?.chacha20NonceB64u) return null;\n return {\n nearAccountId: rec.nearAccountId,\n deviceNumber: rec.deviceNumber,\n encryptedData: rec.encryptedData,\n chacha20NonceB64u: rec.chacha20NonceB64u,\n wrapKeySalt: rec.wrapKeySalt,\n version: rec.version,\n timestamp: rec.timestamp,\n } as EncryptedKeyData;\n })\n .filter((rec): rec is EncryptedKeyData => rec !== null);\n }\n\n /**\n * Check if a key exists for the given account\n */\n async hasEncryptedKey(nearAccountId: string, deviceNumber: number): Promise<boolean> {\n const keyData = await this.getEncryptedKey(nearAccountId, deviceNumber);\n return !!keyData;\n }\n}\n"],"mappings":";;;;;;;CAEMA,YAAqC;EACzC,QAAQ;EACR,WAAW;EACX,WAAW;EACX,SAAS,CAAC,iBAAiB;;CA4BhB,2BAAb,MAAsC;EACpC,AAAQ;EACR,AAAQ,KAA0B;EAClC,AAAQ,WAAW;EAEnB,YAAY,SAAkC,WAAW;AACvD,QAAK,SAAS;;EAGhB,YAAoB;AAClB,UAAO,KAAK,OAAO;;EAGrB,UAAU,QAAsB;GAC9B,MAAM,OAAO,OAAO,UAAU,IAAI;AAClC,OAAI,CAAC,QAAQ,SAAS,KAAK,OAAO,OAAQ;AAC1C,OAAI;AAAE,IAAC,KAAK,IAAY;WAAmB;AAC3C,QAAK,KAAK;AACV,QAAK,SAAS;IAAE,GAAG,KAAK;IAAQ,QAAQ;;;EAG1C,aAAsB;AACpB,UAAO,KAAK;;EAGd,YAAY,UAAyB;GACnC,MAAM,OAAO,CAAC,CAAC;AACf,OAAI,SAAS,KAAK,SAAU;AAC5B,QAAK,WAAW;AAChB,OAAI,MAAM;AACR,QAAI;AAAE,KAAC,KAAK,IAAY;YAAmB;AAC3C,SAAK,KAAK;;;;;;EAOd,MAAc,QAA+B;AAC3C,OAAI,KAAK,SACP,OAAM,IAAI,MAAM;AAElB,OAAI,KAAK,GACP,QAAO,KAAK;AAGd,QAAK,KAAK,sBAAa,KAAK,OAAO,QAAQ,KAAK,OAAO,WAAW;IAChE,QAAQ,IAAU;AAEhB,SAAI;AAAE,UAAI,GAAG,iBAAiB,SAAS,UAAU,WAAY,IAAG,kBAAkB,UAAU;aAAoB;KAChH,MAAM,QAAQ,GAAG,kBAAkB,UAAU,WAAW,EAAE,SAAS,UAAU;AAC7E,SAAI;AAAE,YAAM,YAAY,iBAAiB,iBAAiB,EAAE,QAAQ;aAAkB;;IAExF,UAAU;AACR,aAAQ,KAAK;;IAEf,WAAW;AACT,aAAQ,KAAK;;IAEf,kBAAkB;AAChB,aAAQ,KAAK;AACb,UAAK,KAAK;;;AAId,UAAO,KAAK;;;;;EAMd,MAAM,kBAAkB,MAAuC;GAC7D,MAAM,KAAK,MAAM,KAAK;AACtB,OAAI,CAAC,KAAK,kBACR,OAAM,IAAI,MAAM;AAElB,SAAM,GAAG,IAAI,KAAK,OAAO,WAAW;;;;;EAMtC,MAAM,gBAAgB,eAAuB,cAAwD;GACnG,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,YAAY,QAAsC;AACtD,QAAI,CAAC,KAAK,iBAAiB,CAAC,KAAK,kBAAmB,QAAO;AAC3D,WAAO;KACL,eAAe,IAAI;KACnB,cAAc,IAAI;KAClB,eAAe,IAAI;KACnB,mBAAmB,IAAI;KACvB,aAAa,IAAI;KACjB,SAAS,IAAI;KACb,WAAW,IAAI;;;AAInB,OAAI,OAAO,iBAAiB,UAAU;IACpC,MAAM,MAAM,MAAM,GAAG,IAAI,KAAK,OAAO,WAAW,CAAC,eAAe;IAChE,MAAM,SAAS,SAAS;AACxB,QAAI,OAAQ,QAAO;AAEnB,QAAI,kBAAkB,cACpB,SAAQ,KAAK,6DAA6D,cAAc;AAE1F,QAAI;KACF,MAAM,MAAM,GAAG,YAAY,KAAK,OAAO,WAAW,MAAM,MAAM;KAC9D,MAAM,MAAM,MAAM,IAAI,OAAO;AAC7B,SAAI,MAAM,QAAQ,QAAQ,IAAI,SAAS,GAAG;MAExC,MAAM,SAAU,IAAc,QAAQ,GAAG,MAAO,EAAE,aAAa,EAAE,YAAY,IAAI;AACjF,aAAO,SAAS;;YAEZ;AACR,WAAO;;AAGT,OAAI;IACF,MAAM,MAAM,GAAG,YAAY,KAAK,OAAO,WAAW,MAAM,MAAM;IAE9D,MAAM,MAAM,MAAM,IAAI,OAAO;AAC7B,QAAI,MAAM,QAAQ,QAAQ,IAAI,SAAS,GAAG;KACxC,MAAM,SAAU,IAAc,QAAQ,GAAG,MAAO,EAAE,aAAa,EAAE,YAAY,IAAI;AACjF,YAAO,SAAS;;WAEZ;AACR,UAAO;;;;;EAMT,MAAM,iBAAiB,eAAuB,cAAwC;GACpF,MAAM,eAAe,MAAM,KAAK,gBAAgB,eAAe;AAC/D,UAAO,CAAC,CAAC;;;;;EAMX,MAAM,mBAAmB,eAAuB,cAAsC;GACpF,MAAM,KAAK,MAAM,KAAK;AACtB,OAAI,OAAO,iBAAiB,SAC1B,OAAM,GAAG,OAAO,KAAK,OAAO,WAAW,CAAC,eAAe;QAClD;IAEL,MAAM,KAAK,GAAG,YAAY,KAAK,OAAO,WAAW;IACjD,MAAM,MAAM,GAAG,MAAM,MAAM;IAC3B,IAAI,SAAS,MAAM,IAAI,WAAW,YAAY,KAAK;AACnD,WAAO,QAAQ;AACb,WAAM,GAAG,MAAM,OAAO,OAAO;AAC7B,cAAS,MAAM,OAAO;;AAExB,UAAM,GAAG;;AAEX,WAAQ,MAAM;;;;;EAMhB,MAAM,sBAAmD;GACvD,MAAM,KAAK,MAAM,KAAK;GACtB,MAAM,MAAM,MAAM,GAAG,OAAO,KAAK,OAAO;AACxC,UAAQ,IACL,KAAK,QAAQ;AACZ,QAAI,CAAC,KAAK,iBAAiB,CAAC,KAAK,kBAAmB,QAAO;AAC3D,WAAO;KACL,eAAe,IAAI;KACnB,cAAc,IAAI;KAClB,eAAe,IAAI;KACnB,mBAAmB,IAAI;KACvB,aAAa,IAAI;KACjB,SAAS,IAAI;KACb,WAAW,IAAI;;MAGlB,QAAQ,QAAiC,QAAQ;;;;;EAMtD,MAAM,gBAAgB,eAAuB,cAAwC;GACnF,MAAM,UAAU,MAAM,KAAK,gBAAgB,eAAe;AAC1D,UAAO,CAAC,CAAC"}

package/dist/cjs/react/sdk/src/core/NearClient.js DELETED Viewed

@@ -1,273 +0,0 @@
-const require_rolldown_runtime = require('../../../_virtual/rolldown_runtime.js');
-const require_validation = require('./WalletIframe/validation.js');
-const require_base64 = require('../utils/base64.js');
-const require_errors = require('../utils/errors.js');
-const require_index = require('../utils/index.js');
-const require_rpc = require('./types/rpc.js');
-const require_NearRpcError = require('./NearRpcError.js');
-//#region src/core/NearClient.ts
-require_index.init_utils();
-require_errors.init_errors();
-require_rpc.init_rpc();
-require_validation.init_validation();
-let RpcCallType = /* @__PURE__ */ function(RpcCallType$1) {
-	RpcCallType$1["Query"] = "query";
-	RpcCallType$1["View"] = "view";
-	RpcCallType$1["Send"] = "send_tx";
-	RpcCallType$1["Block"] = "block";
-	RpcCallType$1["Call"] = "call_function";
-	return RpcCallType$1;
-}({});
-var SignedTransaction = class SignedTransaction {
-	transaction;
-	signature;
-	borsh_bytes;
-	constructor(data) {
-		this.transaction = data.transaction;
-		this.signature = data.signature;
-		this.borsh_bytes = data.borsh_bytes;
-	}
-	static fromPlain(input) {
-		return new SignedTransaction({
-			transaction: input.transaction,
-			signature: input.signature,
-			borsh_bytes: input.borsh_bytes
-		});
-	}
-	encode() {
-		return new Uint8Array(this.borsh_bytes).buffer;
-	}
-	base64Encode() {
-		return require_base64.base64Encode(this.encode());
-	}
-	static decode(bytes) {
-		throw new Error("SignedTransaction.decode(): borsh deserialization not implemented");
-	}
-};
-function toArrayBufferFromUnknownBytes(bytes) {
-	if (!bytes) return null;
-	if (Array.isArray(bytes)) return new Uint8Array(bytes).buffer;
-	if (ArrayBuffer.isView(bytes)) {
-		const view = bytes;
-		return view.buffer.slice(view.byteOffset, view.byteOffset + view.byteLength);
-	}
-	if (bytes instanceof ArrayBuffer) return bytes;
-	return null;
-}
-function encodeSignedTransactionBase64(signed) {
-	const maybeSigned = signed?.signedTransaction;
-	const txPayload = maybeSigned && typeof maybeSigned === "object" ? maybeSigned : signed;
-	const maybeBase64 = txPayload.base64Encode;
-	if (require_validation.isFunction(maybeBase64)) return maybeBase64.call(txPayload);
-	const maybeEncode = txPayload.encode;
-	if (require_validation.isFunction(maybeEncode)) {
-		const buf = maybeEncode.call(txPayload);
-		return require_base64.base64Encode(buf);
-	}
-	const snakeBuf = toArrayBufferFromUnknownBytes(txPayload.borsh_bytes);
-	if (snakeBuf) return require_base64.base64Encode(snakeBuf);
-	const camelBuf = toArrayBufferFromUnknownBytes(txPayload.borshBytes);
-	if (camelBuf) return require_base64.base64Encode(camelBuf);
-	throw new Error("Invalid signed transaction payload: cannot serialize to base64");
-}
-var MinimalNearClient = class MinimalNearClient {
-	rpcUrls;
-	constructor(rpcUrl) {
-		this.rpcUrls = MinimalNearClient.normalizeRpcUrls(rpcUrl);
-	}
-	static normalizeRpcUrls(input) {
-		const urls = Array.isArray(input) ? input : input.split(/[\s,]+/).map((url) => url.trim()).filter(Boolean);
-		const normalized = urls.map((url) => {
-			try {
-				return new URL(url).toString();
-			} catch (err) {
-				const message = require_errors.errorMessage(err) || `Invalid NEAR RPC URL: ${url}`;
-				throw new Error(message);
-			}
-		});
-		if (!normalized.length) throw new Error("NEAR RPC URL cannot be empty");
-		return Array.from(new Set(normalized));
-	}
-	/** Build a JSON-RPC 2.0 POST body (stringified). */
-	buildRequestBody(method, params) {
-		return JSON.stringify({
-			jsonrpc: "2.0",
-			id: crypto.randomUUID(),
-			method,
-			params
-		});
-	}
-	/** Perform a single POST to one endpoint and return parsed RpcResponse. */
-	async postOnce(url, requestBody) {
-		const response = await fetch(url, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: requestBody
-		});
-		if (!response.ok) throw new Error(`RPC request failed: ${response.status} ${response.statusText}`);
-		const text = await response.text();
-		if (!text?.trim()) throw new Error("Empty response from RPC server");
-		return JSON.parse(text);
-	}
-	/** Try each configured RPC endpoint in order and return the first successful RpcResponse. */
-	async requestWithFallback(requestBody) {
-		let lastError;
-		for (const [index, url] of this.rpcUrls.entries()) try {
-			const result = await this.postOnce(url, requestBody);
-			if (index > 0) console.warn(`[NearClient] RPC succeeded via fallback: ${url}`);
-			return result;
-		} catch (err) {
-			lastError = err;
-			const remaining = index < this.rpcUrls.length - 1;
-			console.warn(`[NearClient] RPC call to ${url} failed${remaining ? ", trying next" : ""}: ${require_errors.errorMessage(err) || "RPC request failed"}`);
-			if (!remaining) throw err instanceof Error ? err : new Error(String(err));
-		}
-		throw new Error(require_errors.errorMessage(lastError) || "RPC request failed");
-	}
-	/** Validate and unwrap RpcResponse into the typed result with rich error forwarding. */
-	unwrapRpcResult(rpc, operationName) {
-		if (rpc.error) throw require_NearRpcError.NearRpcError.fromRpcResponse(operationName, rpc);
-		const result = rpc.result;
-		if (result?.error) {
-			const msg = typeof result.error === "string" ? result.error : JSON.stringify(result.error);
-			throw new require_NearRpcError.NearRpcError({
-				message: `${operationName} Error: ${msg}`,
-				short: "RpcError",
-				type: "RpcError"
-			});
-		}
-		return rpc.result;
-	}
-	/**
-	* Execute RPC call with proper error handling and result extraction
-	*/
-	async makeRpcCall(method, params, operationName) {
-		const requestBody = this.buildRequestBody(method, params);
-		const rpc = await this.requestWithFallback(requestBody);
-		return this.unwrapRpcResult(rpc, operationName);
-	}
-	async query(params) {
-		return this.makeRpcCall(RpcCallType.Query, params, "Query");
-	}
-	async viewAccessKey(accountId, publicKey, finalityQuery) {
-		const publicKeyStr = publicKey;
-		const finality = finalityQuery?.finality || "final";
-		const params = {
-			request_type: "view_access_key",
-			finality,
-			account_id: accountId,
-			public_key: publicKeyStr
-		};
-		return this.makeRpcCall(RpcCallType.Query, params, "View Access Key");
-	}
-	async viewAccessKeyList(accountId, finalityQuery) {
-		const finality = finalityQuery?.finality || "final";
-		const params = {
-			request_type: "view_access_key_list",
-			finality,
-			account_id: accountId
-		};
-		return this.makeRpcCall(RpcCallType.Query, params, "View Access Key List");
-	}
-	async viewAccount(accountId) {
-		const params = {
-			request_type: "view_account",
-			finality: "final",
-			account_id: accountId
-		};
-		return this.makeRpcCall(RpcCallType.Query, params, "View Account");
-	}
-	async viewCode(accountId, finalityQuery) {
-		const finality = finalityQuery?.finality || "final";
-		const params = {
-			request_type: "view_code",
-			finality,
-			account_id: accountId
-		};
-		const result = await this.makeRpcCall(RpcCallType.Query, params, "View Code");
-		const codeBase64 = result?.code_base64;
-		if (typeof codeBase64 !== "string" || !codeBase64.length) throw new Error("Invalid View Code response: missing code_base64");
-		return require_base64.base64Decode(codeBase64);
-	}
-	async viewBlock(params) {
-		return this.makeRpcCall(RpcCallType.Block, params, "View Block");
-	}
-	async sendTransaction(signedTransaction, waitUntil = require_rpc.DEFAULT_WAIT_STATUS.executeAction) {
-		const params = {
-			signed_tx_base64: encodeSignedTransactionBase64(signedTransaction),
-			wait_until: waitUntil
-		};
-		const maxAttempts = 5;
-		let lastError = null;
-		for (let attempt = 1; attempt <= maxAttempts; attempt++) try {
-			const outcome = await this.makeRpcCall(RpcCallType.Send, params, "Send Transaction");
-			const status = outcome?.status;
-			if (status && typeof status === "object" && "Failure" in status) {
-				const failure = status.Failure;
-				throw require_NearRpcError.NearRpcError.fromOutcome("Send Transaction", outcome, failure);
-			}
-			return outcome;
-		} catch (err) {
-			lastError = err;
-			const msg = require_errors.errorMessage(err);
-			const retryable = /server error|internal|temporar|timeout|too many requests|429|unavailable|bad gateway|gateway timeout/i.test(msg || "");
-			if (!retryable || attempt === maxAttempts) throw err;
-			const base = 200 * Math.pow(2, attempt - 1);
-			const jitter = Math.floor(Math.random() * 150);
-			await new Promise((r) => setTimeout(r, base + jitter));
-		}
-		throw lastError instanceof Error ? lastError : new Error(String(lastError));
-	}
-	async callFunction(contractId, method, args, blockQuery) {
-		const rpcParams = {
-			request_type: "call_function",
-			finality: "final",
-			account_id: contractId,
-			method_name: method,
-			args_base64: require_base64.base64Encode(new TextEncoder().encode(JSON.stringify(args)).buffer)
-		};
-		const result = await this.makeRpcCall(RpcCallType.Query, rpcParams, "View Function");
-		const resultBytes = result.result;
-		if (!Array.isArray(resultBytes)) return result;
-		const resultString = String.fromCharCode(...resultBytes);
-		if (!resultString.trim()) return null;
-		try {
-			const parsed = JSON.parse(resultString);
-			return parsed;
-		} catch (parseError) {
-			console.warn("Failed to parse result as JSON, returning as string:", parseError);
-			console.warn("Raw result string:", resultString);
-			const cleanString = resultString.replace(/^"|"$/g, "");
-			return cleanString;
-		}
-	}
-	async view(params) {
-		return this.callFunction(params.account, params.method, params.args);
-	}
-	async getAccessKeys({ account, block_id }) {
-		const params = {
-			request_type: "view_access_key_list",
-			account_id: account,
-			finality: "final"
-		};
-		if (block_id) {
-			params.block_id = block_id;
-			delete params.finality;
-		}
-		const accessKeyList = await this.makeRpcCall(RpcCallType.Query, params, "View Access Key List");
-		const fullAccessKeys = [];
-		const functionCallAccessKeys = [];
-		for (const key of accessKeyList.keys) if (key.access_key.permission === "FullAccess") fullAccessKeys.push(key);
-		else if (key.access_key.permission && typeof key.access_key.permission === "object" && "FunctionCall" in key.access_key.permission) functionCallAccessKeys.push(key);
-		return {
-			fullAccessKeys,
-			functionCallAccessKeys
-		};
-	}
-};
-//#endregion
-exports.MinimalNearClient = MinimalNearClient;
-exports.SignedTransaction = SignedTransaction;
-//# sourceMappingURL=NearClient.js.map