@thru/wallet 0.2.25 → 0.2.28

package/README.md

@@ -65,3 +65,4 @@ export default function Root() {
 ```
 
 Expo apps should install the config plugin from `@thru/wallet/native/plugin`.
+The SDK trusts both production wallet hosts: `wallet.thru.org` and `wallet.tid.sh`.

package/dist/{BrowserSDK-CpRFiJsW.d.ts → BrowserSDK-CRQTOT8S.d.ts}

@@ -56,6 +56,34 @@ interface ThruTransactionReviewPayload {
     simulation?: ThruTransactionReviewSimulation;
     abiReflection?: ThruTransactionReviewAbiReflection;
 }
+type ThruSigningSessionTimestamp = Date | number | bigint | string;
+interface ThruSigningSessionCreateOptions {
+    walletAddress?: string;
+    durationSeconds?: number;
+    expiresAt?: ThruSigningSessionTimestamp;
+    review?: ThruTransactionReviewPayload;
+}
+interface ThruSigningSessionInstructionCreateOptions extends Omit<ThruSigningSessionCreateOptions, "review"> {
+    walletAccountIdx: number;
+}
+interface ThruSigningSessionDescriptor {
+    id: string;
+    walletAddress: string;
+    publicKey: string;
+    authIdx: number;
+    expiresAt: number;
+    createdAt: number;
+}
+interface ThruSigningSession extends ThruSigningSessionDescriptor {
+    signTransaction(transaction: ThruTransactionIntent): Promise<string>;
+    revoke(): Promise<void>;
+    toJSON(): ThruSigningSessionDescriptor;
+}
+interface ThruSigningSessionInstruction {
+    session: ThruSigningSession;
+    programAddress: string;
+    instructionData: Uint8Array;
+}
 interface ThruTransactionIntent {
     walletAddress?: string;
     programAddress: string;
@@ -63,6 +91,19 @@ interface ThruTransactionIntent {
     readWriteAddresses?: string[];
     readOnlyAddresses?: string[];
     review?: ThruTransactionReviewPayload;
+    /** @internal Used by ThruSigningSession handles. */
+    signingSessionId?: string;
+}
+interface ThruPasskeyChallengeIntent {
+    /** base64url-encoded passkey-manager challenge bytes. */
+    challenge: string;
+    walletAddress?: string;
+}
+interface ThruPasskeyChallengeSignature {
+    signatureR: string;
+    signatureS: string;
+    authenticatorData: string;
+    clientDataJSON: string;
 }
 interface ConnectedApp {
     accountId: number;
@@ -113,18 +154,51 @@ interface IThruChain {
      * account ordering, headers, nonces, and final wire layout.
      */
     signTransaction(transaction: ThruTransactionIntent): Promise<string>;
+    /**
+     * Sign a backend-prepared passkey-manager challenge with the wallet-owned
+     * selected passkey and return submit-ready signature fields.
+     */
+    signPasskeyChallenge(challenge: ThruPasskeyChallengeIntent): Promise<ThruPasskeyChallengeSignature>;
+    /**
+     * Create a temporary wallet-owned signing session. The SDK stores the
+     * returned descriptor in app-local storage; the wallet stores the private key.
+     */
+    createSigningSession(options: ThruSigningSessionCreateOptions): Promise<ThruSigningSession>;
+    /**
+     * Prepare a temporary signing-session authority instruction without asking
+     * for passkey approval. The returned instruction must be included in a
+     * later passkey-approved transaction before the session can sign.
+     */
+    createSigningSessionInstruction(options: ThruSigningSessionInstructionCreateOptions): Promise<ThruSigningSessionInstruction>;
+    /**
+     * Confirm that a prepared signing-session instruction landed on-chain and
+     * publish the resulting session descriptor into SDK storage.
+     */
+    confirmSigningSession(id: string): Promise<ThruSigningSession>;
+    /** Return a locally known signing session by id. */
+    getSigningSession(id: string): Promise<ThruSigningSession | null>;
+    /** Return locally known signing sessions for this SDK app scope only. */
+    getSigningSessions(): Promise<ThruSigningSession[]>;
+    /** Delete a locally known session and ask the wallet to delete its key. */
+    revokeSigningSession(id: string): Promise<void>;
 }
 
 declare const POST_MESSAGE_REQUEST_TYPES: {
     readonly CONNECT: "connect";
+    readonly CREATE_ACCOUNT: "createAccount";
     readonly DISCONNECT: "disconnect";
     readonly SIGN_MESSAGE: "signMessage";
     readonly SIGN_TRANSACTION: "signTransaction";
+    readonly SIGN_PASSKEY_CHALLENGE: "signPasskeyChallenge";
     readonly GET_ACCOUNTS: "getAccounts";
     readonly GET_CONNECTION_STATE: "getConnectionState";
     readonly GET_SIGNING_CONTEXT: "getSigningContext";
     readonly SELECT_ACCOUNT: "selectAccount";
     readonly MANAGE_ACCOUNTS: "manageAccounts";
+    readonly CREATE_SIGNING_SESSION: "createSigningSession";
+    readonly CREATE_SIGNING_SESSION_INSTRUCTION: "createSigningSessionInstruction";
+    readonly CONFIRM_SIGNING_SESSION: "confirmSigningSession";
+    readonly REVOKE_SIGNING_SESSION: "revokeSigningSession";
 };
 type RequestType = (typeof POST_MESSAGE_REQUEST_TYPES)[keyof typeof POST_MESSAGE_REQUEST_TYPES];
 declare const EMBEDDED_PROVIDER_EVENTS: {
@@ -140,7 +214,7 @@ declare const EMBEDDED_PROVIDER_EVENTS: {
 type EmbeddedProviderEvent = (typeof EMBEDDED_PROVIDER_EVENTS)[keyof typeof EMBEDDED_PROVIDER_EVENTS];
 declare const POST_MESSAGE_EVENT_TYPE: "event";
 declare const IFRAME_READY_EVENT: "iframe:ready";
-declare const DEFAULT_IFRAME_URL = "http://localhost:3000/embedded";
+declare const DEFAULT_IFRAME_URL = "http://localhost:3010/embedded";
 declare const createRequestId: (prefix?: string) => string;
 interface BaseRequest {
     id: string;
@@ -154,6 +228,10 @@ interface DisconnectRequestMessage extends BaseRequest {
     type: typeof POST_MESSAGE_REQUEST_TYPES.DISCONNECT;
     payload?: undefined;
 }
+interface CreateAccountRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT;
+    payload: CreateAccountPayload;
+}
 interface SignMessageRequestMessage extends BaseRequest {
     type: typeof POST_MESSAGE_REQUEST_TYPES.SIGN_MESSAGE;
     payload: SignMessagePayload;
@@ -162,6 +240,10 @@ interface SignTransactionRequestMessage extends BaseRequest {
     type: typeof POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION;
     payload: SignTransactionPayload;
 }
+interface SignPasskeyChallengeRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE;
+    payload: SignPasskeyChallengePayload;
+}
 interface GetAccountsRequestMessage extends BaseRequest {
     type: typeof POST_MESSAGE_REQUEST_TYPES.GET_ACCOUNTS;
     payload?: undefined;
@@ -182,9 +264,38 @@ interface ManageAccountsRequestMessage extends BaseRequest {
     type: typeof POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS;
     payload?: undefined;
 }
-type PostMessageRequest = ConnectRequestMessage | DisconnectRequestMessage | SignMessageRequestMessage | SignTransactionRequestMessage | GetAccountsRequestMessage | GetConnectionStateRequestMessage | GetSigningContextRequestMessage | SelectAccountRequestMessage | ManageAccountsRequestMessage;
+interface CreateSigningSessionRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION;
+    payload: CreateSigningSessionPayload;
+}
+interface CreateSigningSessionInstructionRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION;
+    payload: CreateSigningSessionInstructionPayload;
+}
+interface ConfirmSigningSessionRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION;
+    payload: ConfirmSigningSessionPayload;
+}
+interface RevokeSigningSessionRequestMessage extends BaseRequest {
+    type: typeof POST_MESSAGE_REQUEST_TYPES.REVOKE_SIGNING_SESSION;
+    payload: RevokeSigningSessionPayload;
+}
+type PostMessageRequest = ConnectRequestMessage | CreateAccountRequestMessage | DisconnectRequestMessage | SignMessageRequestMessage | SignTransactionRequestMessage | SignPasskeyChallengeRequestMessage | GetAccountsRequestMessage | GetConnectionStateRequestMessage | GetSigningContextRequestMessage | SelectAccountRequestMessage | ManageAccountsRequestMessage | CreateSigningSessionRequestMessage | CreateSigningSessionInstructionRequestMessage | ConfirmSigningSessionRequestMessage | RevokeSigningSessionRequestMessage;
 interface DisconnectResult {
 }
+interface CreateAccountPayload {
+    accountName?: string;
+    metadata?: ConnectMetadataInput;
+}
+interface CreateAccountResult {
+    account: WalletAccount;
+    accounts: WalletAccount[];
+    selectedAccount: WalletAccount;
+    signature: string | null;
+    vmError: string | null;
+    userErrorCode: string | null;
+    executionResult: string | null;
+}
 interface GetAccountsResult {
     accounts: WalletAccount[];
 }
@@ -210,14 +321,20 @@ interface ManageAccountsResult {
 }
 type RequestResultMap = {
     [POST_MESSAGE_REQUEST_TYPES.CONNECT]: ConnectResult;
+    [POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT]: CreateAccountResult;
     [POST_MESSAGE_REQUEST_TYPES.DISCONNECT]: DisconnectResult;
     [POST_MESSAGE_REQUEST_TYPES.SIGN_MESSAGE]: SignMessageResult;
     [POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION]: SignTransactionResult;
+    [POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE]: SignPasskeyChallengeResult;
     [POST_MESSAGE_REQUEST_TYPES.GET_ACCOUNTS]: GetAccountsResult;
     [POST_MESSAGE_REQUEST_TYPES.GET_CONNECTION_STATE]: GetConnectionStateResult;
     [POST_MESSAGE_REQUEST_TYPES.GET_SIGNING_CONTEXT]: GetSigningContextResult;
     [POST_MESSAGE_REQUEST_TYPES.SELECT_ACCOUNT]: SelectAccountResult;
     [POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS]: ManageAccountsResult;
+    [POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION]: CreateSigningSessionResult;
+    [POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION]: CreateSigningSessionInstructionResult;
+    [POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION]: ConfirmSigningSessionResult;
+    [POST_MESSAGE_REQUEST_TYPES.REVOKE_SIGNING_SESSION]: RevokeSigningSessionResult;
 };
 interface ResponseErrorPayload {
     code: ErrorCode;
@@ -291,10 +408,60 @@ interface SignTransactionPayload {
     readWriteAddresses?: string[];
     readOnlyAddresses?: string[];
     review?: TransactionReviewPayload;
+    signingSessionId?: string;
 }
 interface SignTransactionResult {
     signedTransaction: string;
 }
+interface SignPasskeyChallengePayload {
+    /** base64url-encoded challenge bytes from a backend passkey-manager flow. */
+    challenge: string;
+    /** Optional expected wallet address for the selected transparent account. */
+    walletAddress?: string;
+}
+interface SignPasskeyChallengeResult {
+    signatureR: string;
+    signatureS: string;
+    authenticatorData: string;
+    clientDataJSON: string;
+}
+interface CreateSigningSessionPayload {
+    walletAddress?: string;
+    expiresAt: string;
+    review?: TransactionReviewPayload;
+}
+interface CreateSigningSessionInstructionPayload {
+    walletAddress?: string;
+    expiresAt: string;
+    walletAccountIdx: number;
+}
+interface SigningSessionDescriptorPayload {
+    id: string;
+    walletAddress: string;
+    publicKey: string;
+    authIdx: number;
+    expiresAt: string;
+    createdAt: string;
+}
+interface CreateSigningSessionResult {
+    session: SigningSessionDescriptorPayload;
+}
+interface CreateSigningSessionInstructionResult {
+    session: SigningSessionDescriptorPayload;
+    programAddress: string;
+    instructionData: string;
+}
+interface ConfirmSigningSessionPayload {
+    sessionId: string;
+}
+interface ConfirmSigningSessionResult {
+    session: SigningSessionDescriptorPayload;
+}
+interface RevokeSigningSessionPayload {
+    sessionId: string;
+}
+interface RevokeSigningSessionResult {
+}
 interface TransactionReviewSimulation {
     before?: string;
     after?: string;
@@ -320,10 +487,18 @@ interface GetSigningContextResult {
     signingContext: ThruSigningContext;
 }
 
+interface SigningSessionStorage {
+    getItem: (key: string) => string | null | Promise<string | null>;
+    setItem: (key: string, value: string) => void | Promise<void>;
+    removeItem: (key: string) => void | Promise<void>;
+}
+
 interface BrowserSDKConfig {
     iframeUrl?: string;
     addressTypes?: AddressType[];
     rpcUrl?: string;
+    signingSessionStorage?: SigningSessionStorage | false;
+    signingSessionStorageKey?: string;
 }
 interface ConnectOptions {
     metadata?: ConnectMetadataInput;
@@ -406,4 +581,4 @@ declare class BrowserSDK {
     private refreshCachedAccounts;
 }
 
-export { type TransactionReviewSimulation as $, AddressType as A, BrowserSDK as B, type ConnectIntent as C, DEFAULT_IFRAME_URL as D, EMBEDDED_PROVIDER_EVENTS as E, type SelectAccountPayload as F, type GetAccountsRequestMessage as G, type SelectAccountRequestMessage as H, IFRAME_READY_EVENT as I, type SelectAccountResult as J, type SignMessageParams as K, type SignMessagePayload as L, type ManageAccountsRequestMessage as M, type SignMessageRequestMessage as N, type SignMessageResult$1 as O, POST_MESSAGE_EVENT_TYPE as P, type SignTransactionPayload as Q, type RequestType as R, type SDKEvent as S, type SignTransactionRequestMessage as T, type SignTransactionResult as U, type SuccessfulPostMessageResponse as V, type ThruSigningContext as W, ThruTransactionEncoding as X, type ThruTransactionIntent as Y, type TransactionReviewAbiReflection as Z, type TransactionReviewPayload as _, type AppMetadata as a, type WalletAccount as a0, createRequestId as a1, type BrowserSDKConfig as b, type ConnectMetadataInput as c, type ConnectOptions as d, type ConnectRequestMessage as e, type ConnectRequestPayload as f, type ConnectResult as g, type ConnectedApp as h, type DisconnectRequestMessage as i, type DisconnectResult as j, type EmbeddedProviderEvent as k, ErrorCode as l, type EventCallback as m, type GetAccountsResult as n, type GetConnectionStateRequestMessage as o, type GetConnectionStateResult as p, type GetSigningContextRequestMessage as q, type GetSigningContextResult as r, type IThruChain as s, type InferPostMessageResponse as t, type InferSuccessfulPostMessageResponse as u, type ManageAccountsResult as v, POST_MESSAGE_REQUEST_TYPES as w, type PostMessageEvent as x, type PostMessageRequest as y, type PostMessageResponse as z };
+export { type SelectAccountRequestMessage as $, AddressType as A, BrowserSDK as B, type ConfirmSigningSessionPayload as C, DEFAULT_IFRAME_URL as D, EMBEDDED_PROVIDER_EVENTS as E, type GetConnectionStateRequestMessage as F, type GetAccountsRequestMessage as G, type GetConnectionStateResult as H, type GetSigningContextRequestMessage as I, type GetSigningContextResult as J, IFRAME_READY_EVENT as K, type IThruChain as L, type InferPostMessageResponse as M, type InferSuccessfulPostMessageResponse as N, type ManageAccountsRequestMessage as O, type ManageAccountsResult as P, POST_MESSAGE_EVENT_TYPE as Q, POST_MESSAGE_REQUEST_TYPES as R, type PostMessageEvent as S, type PostMessageRequest as T, type PostMessageResponse as U, type RequestType as V, type RevokeSigningSessionPayload as W, type RevokeSigningSessionRequestMessage as X, type RevokeSigningSessionResult as Y, type SDKEvent as Z, type SelectAccountPayload as _, type AppMetadata as a, type SelectAccountResult as a0, type SignMessageParams as a1, type SignMessagePayload as a2, type SignMessageRequestMessage as a3, type SignMessageResult$1 as a4, type SignPasskeyChallengePayload as a5, type SignPasskeyChallengeRequestMessage as a6, type SignPasskeyChallengeResult as a7, type SignTransactionPayload as a8, type SignTransactionRequestMessage as a9, type SignTransactionResult as aa, type SigningSessionDescriptorPayload as ab, type SigningSessionStorage as ac, type SuccessfulPostMessageResponse as ad, type ThruSigningContext as ae, type ThruSigningSession as af, type ThruSigningSessionCreateOptions as ag, type ThruSigningSessionDescriptor as ah, type ThruSigningSessionInstruction as ai, type ThruSigningSessionInstructionCreateOptions as aj, type ThruSigningSessionTimestamp as ak, ThruTransactionEncoding as al, type ThruTransactionIntent as am, type TransactionReviewAbiReflection as an, type TransactionReviewPayload as ao, type TransactionReviewSimulation as ap, type WalletAccount as aq, createRequestId as ar, type BrowserSDKConfig as b, type ConfirmSigningSessionRequestMessage as c, type ConfirmSigningSessionResult as d, type ConnectIntent as e, type ConnectMetadataInput as f, type ConnectOptions as g, type ConnectRequestMessage as h, type ConnectRequestPayload as i, type ConnectResult as j, type ConnectedApp as k, type CreateAccountPayload as l, type CreateAccountRequestMessage as m, type CreateAccountResult as n, type CreateSigningSessionInstructionPayload as o, type CreateSigningSessionInstructionRequestMessage as p, type CreateSigningSessionInstructionResult as q, type CreateSigningSessionPayload as r, type CreateSigningSessionRequestMessage as s, type CreateSigningSessionResult as t, type DisconnectRequestMessage as u, type DisconnectResult as v, type EmbeddedProviderEvent as w, ErrorCode as x, type EventCallback as y, type GetAccountsResult as z };

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-import { a0 as WalletAccount, p as GetConnectionStateResult } from './BrowserSDK-CpRFiJsW.js';
-export { A as AddressType, a as AppMetadata, B as BrowserSDK, b as BrowserSDKConfig, C as ConnectIntent, c as ConnectMetadataInput, d as ConnectOptions, e as ConnectRequestMessage, f as ConnectRequestPayload, g as ConnectResult, h as ConnectedApp, D as DEFAULT_IFRAME_URL, i as DisconnectRequestMessage, j as DisconnectResult, E as EMBEDDED_PROVIDER_EVENTS, k as EmbeddedProviderEvent, l as ErrorCode, m as EventCallback, G as GetAccountsRequestMessage, n as GetAccountsResult, o as GetConnectionStateRequestMessage, q as GetSigningContextRequestMessage, r as GetSigningContextResult, I as IFRAME_READY_EVENT, s as IThruChain, t as InferPostMessageResponse, u as InferSuccessfulPostMessageResponse, M as ManageAccountsRequestMessage, v as ManageAccountsResult, P as POST_MESSAGE_EVENT_TYPE, w as POST_MESSAGE_REQUEST_TYPES, x as PostMessageEvent, y as PostMessageRequest, z as PostMessageResponse, R as RequestType, S as SDKEvent, F as SelectAccountPayload, H as SelectAccountRequestMessage, J as SelectAccountResult, K as SignMessageParams, L as SignMessagePayload, N as SignMessageRequestMessage, O as SignMessageResult, Q as SignTransactionPayload, T as SignTransactionRequestMessage, U as SignTransactionResult, V as SuccessfulPostMessageResponse, W as ThruSigningContext, X as ThruTransactionEncoding, Y as ThruTransactionIntent, Z as TransactionReviewAbiReflection, _ as TransactionReviewPayload, $ as TransactionReviewSimulation, a1 as createRequestId } from './BrowserSDK-CpRFiJsW.js';
+import { aq as WalletAccount, H as GetConnectionStateResult } from './BrowserSDK-CRQTOT8S.js';
+export { A as AddressType, a as AppMetadata, B as BrowserSDK, b as BrowserSDKConfig, C as ConfirmSigningSessionPayload, c as ConfirmSigningSessionRequestMessage, d as ConfirmSigningSessionResult, e as ConnectIntent, f as ConnectMetadataInput, g as ConnectOptions, h as ConnectRequestMessage, i as ConnectRequestPayload, j as ConnectResult, k as ConnectedApp, l as CreateAccountPayload, m as CreateAccountRequestMessage, n as CreateAccountResult, o as CreateSigningSessionInstructionPayload, p as CreateSigningSessionInstructionRequestMessage, q as CreateSigningSessionInstructionResult, r as CreateSigningSessionPayload, s as CreateSigningSessionRequestMessage, t as CreateSigningSessionResult, D as DEFAULT_IFRAME_URL, u as DisconnectRequestMessage, v as DisconnectResult, E as EMBEDDED_PROVIDER_EVENTS, w as EmbeddedProviderEvent, x as ErrorCode, y as EventCallback, G as GetAccountsRequestMessage, z as GetAccountsResult, F as GetConnectionStateRequestMessage, I as GetSigningContextRequestMessage, J as GetSigningContextResult, K as IFRAME_READY_EVENT, L as IThruChain, M as InferPostMessageResponse, N as InferSuccessfulPostMessageResponse, O as ManageAccountsRequestMessage, P as ManageAccountsResult, Q as POST_MESSAGE_EVENT_TYPE, R as POST_MESSAGE_REQUEST_TYPES, S as PostMessageEvent, T as PostMessageRequest, U as PostMessageResponse, V as RequestType, W as RevokeSigningSessionPayload, X as RevokeSigningSessionRequestMessage, Y as RevokeSigningSessionResult, Z as SDKEvent, _ as SelectAccountPayload, $ as SelectAccountRequestMessage, a0 as SelectAccountResult, a1 as SignMessageParams, a2 as SignMessagePayload, a3 as SignMessageRequestMessage, a4 as SignMessageResult, a5 as SignPasskeyChallengePayload, a6 as SignPasskeyChallengeRequestMessage, a7 as SignPasskeyChallengeResult, a8 as SignTransactionPayload, a9 as SignTransactionRequestMessage, aa as SignTransactionResult, ab as SigningSessionDescriptorPayload, ac as SigningSessionStorage, ad as SuccessfulPostMessageResponse, ae as ThruSigningContext, af as ThruSigningSession, ag as ThruSigningSessionCreateOptions, ah as ThruSigningSessionDescriptor, ai as ThruSigningSessionInstruction, aj as ThruSigningSessionInstructionCreateOptions, ak as ThruSigningSessionTimestamp, al as ThruTransactionEncoding, am as ThruTransactionIntent, an as TransactionReviewAbiReflection, ao as TransactionReviewPayload, ap as TransactionReviewSimulation, ar as createRequestId } from './BrowserSDK-CRQTOT8S.js';
 import '@thru/sdk/client';
 
 interface ActiveWalletAccounts {