@thru/wallet 0.2.25 → 0.2.28

package/dist/native/react.js

@@ -49,14 +49,20 @@ var AddressType = {
 // src/protocol/postMessage.ts
 var POST_MESSAGE_REQUEST_TYPES = {
   CONNECT: "connect",
+  CREATE_ACCOUNT: "createAccount",
   DISCONNECT: "disconnect",
   SIGN_MESSAGE: "signMessage",
   SIGN_TRANSACTION: "signTransaction",
+  SIGN_PASSKEY_CHALLENGE: "signPasskeyChallenge",
   GET_ACCOUNTS: "getAccounts",
   GET_CONNECTION_STATE: "getConnectionState",
   GET_SIGNING_CONTEXT: "getSigningContext",
   SELECT_ACCOUNT: "selectAccount",
-  MANAGE_ACCOUNTS: "manageAccounts"
+  MANAGE_ACCOUNTS: "manageAccounts",
+  CREATE_SIGNING_SESSION: "createSigningSession",
+  CREATE_SIGNING_SESSION_INSTRUCTION: "createSigningSessionInstruction",
+  CONFIRM_SIGNING_SESSION: "confirmSigningSession",
+  REVOKE_SIGNING_SESSION: "revokeSigningSession"
 };
 var EMBEDDED_PROVIDER_EVENTS = {
   CONNECT_START: "connect_start",
@@ -86,12 +92,195 @@ function normalizeConnectionStateResult(result) {
   return normalizeWalletAccountResult(result);
 }
 
+// src/encoding.ts
+var BASE64_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+var BASE64_LOOKUP = new Map(
+  [...BASE64_ALPHABET].map((char, index) => [char, index])
+);
+function base64ToBytes(value) {
+  const normalized = value.replace(/\s+/g, "");
+  if (normalized.length === 0) return new Uint8Array();
+  if (normalized.length % 4 === 1) {
+    throw new Error("Invalid base64 data");
+  }
+  const padded = normalized.padEnd(
+    normalized.length + (4 - normalized.length % 4) % 4,
+    "="
+  );
+  const padding = padded.endsWith("==") ? 2 : padded.endsWith("=") ? 1 : 0;
+  const output = new Uint8Array(padded.length / 4 * 3 - padding);
+  let outIdx = 0;
+  for (let i = 0; i < padded.length; i += 4) {
+    const chars = padded.slice(i, i + 4);
+    const a = BASE64_LOOKUP.get(chars[0]);
+    const b = BASE64_LOOKUP.get(chars[1]);
+    const c = chars[2] === "=" ? 0 : BASE64_LOOKUP.get(chars[2]);
+    const d = chars[3] === "=" ? 0 : BASE64_LOOKUP.get(chars[3]);
+    if (a === void 0 || b === void 0 || c === void 0 || d === void 0) {
+      throw new Error("Invalid base64 data");
+    }
+    const chunk = a << 18 | b << 12 | c << 6 | d;
+    if (outIdx < output.length) output[outIdx++] = chunk >> 16 & 255;
+    if (outIdx < output.length) output[outIdx++] = chunk >> 8 & 255;
+    if (outIdx < output.length) output[outIdx++] = chunk & 255;
+  }
+  return output;
+}
+
+// src/signing-sessions.ts
+var STORAGE_VERSION = 1;
+var KEY_PREFIX = "thru.wallet.signing-sessions.v1";
+function encodeKeyPart(input) {
+  return encodeURIComponent(input).replace(
+    /[!'()*]/g,
+    (char) => `%${char.charCodeAt(0).toString(16).toUpperCase()}`
+  );
+}
+function nowSeconds() {
+  return Math.floor(Date.now() / 1e3);
+}
+function resolveSigningSessionStorageKey(params) {
+  if (params.storageKey) return params.storageKey;
+  return `${KEY_PREFIX}:${encodeKeyPart(params.walletOrigin)}:${encodeKeyPart(params.appOrigin)}`;
+}
+function normalizeExpiresAt(value, label = "expiresAt") {
+  if (value instanceof Date) {
+    const millis = value.getTime();
+    if (!Number.isFinite(millis)) throw new Error(`${label} must be a valid Date`);
+    return Math.floor(millis / 1e3);
+  }
+  if (typeof value === "bigint") {
+    if (value < 0n || value > BigInt(Number.MAX_SAFE_INTEGER)) {
+      throw new Error(`${label} must fit in a JavaScript safe integer`);
+    }
+    return Number(value);
+  }
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    if (!/^\d+$/.test(trimmed)) {
+      throw new Error(`${label} must be a Unix timestamp in seconds`);
+    }
+    return normalizeExpiresAt(BigInt(trimmed), label);
+  }
+  if (!Number.isFinite(value) || value < 0) {
+    throw new Error(`${label} must be a finite positive Unix timestamp`);
+  }
+  return Math.floor(value);
+}
+function resolveSessionExpirySeconds(options) {
+  const hasDuration = options.durationSeconds !== void 0;
+  const hasExpiresAt = options.expiresAt !== void 0;
+  if (hasDuration === hasExpiresAt) {
+    throw new Error("Provide exactly one of durationSeconds or expiresAt");
+  }
+  if (hasDuration) {
+    const duration = options.durationSeconds;
+    if (typeof duration !== "number" || !Number.isFinite(duration) || duration <= 0) {
+      throw new Error("durationSeconds must be a positive number");
+    }
+    return nowSeconds() + Math.floor(duration);
+  }
+  return normalizeExpiresAt(options.expiresAt, "expiresAt");
+}
+function assertSigningSessionWalletAccountIdx(walletAccountIdx) {
+  if (!Number.isInteger(walletAccountIdx) || walletAccountIdx < 2 || walletAccountIdx > 65535) {
+    throw new Error("walletAccountIdx must be an account index between 2 and 65535");
+  }
+}
+function normalizeDescriptor(descriptor) {
+  return {
+    id: descriptor.id,
+    walletAddress: descriptor.walletAddress,
+    publicKey: descriptor.publicKey,
+    authIdx: Number(descriptor.authIdx),
+    expiresAt: normalizeExpiresAt(descriptor.expiresAt, "descriptor.expiresAt"),
+    createdAt: normalizeExpiresAt(descriptor.createdAt, "descriptor.createdAt")
+  };
+}
+function isActive(descriptor) {
+  return nowSeconds() < descriptor.expiresAt;
+}
+var SigningSessionDescriptorStore = class {
+  constructor(storage, key) {
+    this.storage = storage;
+    this.key = key;
+  }
+  async list() {
+    const sessions = await this.read();
+    const active = sessions.filter(isActive);
+    if (active.length !== sessions.length) {
+      await this.write(active);
+    }
+    return active;
+  }
+  async get(id) {
+    const sessions = await this.list();
+    return sessions.find((session) => session.id === id) ?? null;
+  }
+  async save(descriptor) {
+    const normalized = normalizeDescriptor(descriptor);
+    const sessions = (await this.list()).filter((session) => session.id !== normalized.id);
+    sessions.push(normalized);
+    await this.write(sessions);
+  }
+  async saveReplacingWalletSessions(descriptor) {
+    const normalized = normalizeDescriptor(descriptor);
+    const sessions = (await this.list()).filter(
+      (session) => session.id === normalized.id || session.walletAddress !== normalized.walletAddress
+    );
+    const withoutCurrent = sessions.filter((session) => session.id !== normalized.id);
+    withoutCurrent.push(normalized);
+    await this.write(withoutCurrent);
+  }
+  async remove(id) {
+    const sessions = (await this.list()).filter((session) => session.id !== id);
+    if (sessions.length === 0) {
+      await this.storage.removeItem(this.key);
+      return;
+    }
+    await this.write(sessions);
+  }
+  async read() {
+    const raw = await this.storage.getItem(this.key);
+    if (!raw) return [];
+    try {
+      const parsed = JSON.parse(raw);
+      if (parsed.version !== STORAGE_VERSION || !Array.isArray(parsed.sessions)) {
+        await this.storage.removeItem(this.key);
+        return [];
+      }
+      return parsed.sessions.map(normalizeDescriptor);
+    } catch {
+      await this.storage.removeItem(this.key);
+      return [];
+    }
+  }
+  async write(sessions) {
+    const payload = {
+      version: STORAGE_VERSION,
+      sessions: sessions.map(normalizeDescriptor)
+    };
+    await this.storage.setItem(this.key, JSON.stringify(payload));
+  }
+};
+
 // src/native/provider/chains/ThruChain.ts
+function descriptorFromWire(session) {
+  return {
+    id: session.id,
+    walletAddress: session.walletAddress,
+    publicKey: session.publicKey,
+    authIdx: session.authIdx,
+    expiresAt: Number(BigInt(session.expiresAt)),
+    createdAt: Number(BigInt(session.createdAt))
+  };
+}
 var NativeThruChain = class {
-  constructor(bridge, provider, origin) {
+  constructor(bridge, provider, origin, signingSessions) {
     this.bridge = bridge;
     this.provider = provider;
     this.origin = origin;
+    this.signingSessions = signingSessions;
   }
   get connected() {
     return this.provider.isConnected();
@@ -109,7 +298,7 @@ var NativeThruChain = class {
     await this.provider.disconnect();
   }
   async getSigningContext() {
-    if (!this.provider.isConnected()) {
+    if (!this.provider.isConnected() && !this.provider.isTransparent()) {
       throw new Error("Wallet not connected");
     }
     const response = await this.bridge.sendMessage({
@@ -120,33 +309,179 @@ var NativeThruChain = class {
     return response.result.signingContext;
   }
   async signTransaction(transaction) {
-    if (!this.provider.isConnected()) {
+    const signingSessionId = transaction.signingSessionId;
+    if (!signingSessionId && !this.provider.isConnected() && !this.provider.isTransparent()) {
       throw new Error("Wallet not connected");
     }
-    this.provider.requestShow();
+    const session = signingSessionId ? await this.requireSigningSession(signingSessionId) : null;
+    const shouldShowWallet = !signingSessionId;
+    if (shouldShowWallet) {
+      await this.provider.requestShow();
+    }
     try {
       const response = await this.bridge.sendMessage({
         id: createRequestId(),
         type: POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION,
         payload: {
-          walletAddress: transaction.walletAddress,
+          walletAddress: transaction.walletAddress ?? session?.walletAddress,
           programAddress: transaction.programAddress,
           instructionData: transaction.instructionData,
           readWriteAddresses: transaction.readWriteAddresses,
           readOnlyAddresses: transaction.readOnlyAddresses,
-          review: transaction.review
+          review: transaction.review,
+          signingSessionId
         },
         origin: this.origin
       });
       return response.result.signedTransaction;
+    } finally {
+      if (shouldShowWallet) {
+        this.provider.requestHide();
+      }
+    }
+  }
+  async signPasskeyChallenge(challenge) {
+    if (!this.provider.isConnected() && !this.provider.isTransparent()) {
+      throw new Error("Wallet not connected");
+    }
+    await this.provider.requestShow();
+    try {
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE,
+        payload: {
+          challenge: challenge.challenge,
+          walletAddress: challenge.walletAddress
+        },
+        origin: this.origin
+      });
+      return response.result;
     } finally {
       this.provider.requestHide();
     }
   }
+  async createSigningSession(options) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const expiresAt = resolveSessionExpirySeconds(options);
+    await this.provider.requestShow();
+    try {
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION,
+        payload: {
+          walletAddress: options.walletAddress,
+          expiresAt: String(expiresAt),
+          review: options.review
+        },
+        origin: this.origin
+      });
+      const descriptor = descriptorFromWire(response.result.session);
+      await this.signingSessions.saveReplacingWalletSessions(descriptor);
+      return this.toSigningSession(descriptor);
+    } finally {
+      this.provider.requestHide();
+    }
+  }
+  async createSigningSessionInstruction(options) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const expiresAt = resolveSessionExpirySeconds(options);
+    assertSigningSessionWalletAccountIdx(options.walletAccountIdx);
+    const response = await this.bridge.sendMessage({
+      id: createRequestId(),
+      type: POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION,
+      payload: {
+        walletAddress: options.walletAddress,
+        expiresAt: String(expiresAt),
+        walletAccountIdx: options.walletAccountIdx
+      },
+      origin: this.origin
+    });
+    const descriptor = descriptorFromWire(response.result.session);
+    return {
+      session: this.toSigningSession(descriptor),
+      programAddress: response.result.programAddress,
+      instructionData: base64ToBytes(response.result.instructionData)
+    };
+  }
+  async confirmSigningSession(id) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const response = await this.bridge.sendMessage({
+      id: createRequestId(),
+      type: POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION,
+      payload: { sessionId: id },
+      origin: this.origin
+    });
+    const descriptor = descriptorFromWire(response.result.session);
+    await this.signingSessions.saveReplacingWalletSessions(descriptor);
+    return this.toSigningSession(descriptor);
+  }
+  async getSigningSession(id) {
+    if (!this.signingSessions) return null;
+    const descriptor = await this.signingSessions.get(id);
+    return descriptor ? this.toSigningSession(descriptor) : null;
+  }
+  async getSigningSessions() {
+    if (!this.signingSessions) return [];
+    return (await this.signingSessions.list()).map(
+      (descriptor) => this.toSigningSession(descriptor)
+    );
+  }
+  async revokeSigningSession(id) {
+    try {
+      await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.REVOKE_SIGNING_SESSION,
+        payload: { sessionId: id },
+        origin: this.origin
+      });
+    } finally {
+      await this.signingSessions?.remove(id);
+    }
+  }
+  async requireSigningSession(id) {
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const session = await this.signingSessions.get(id);
+    if (!session) {
+      throw new Error("Signing session is not known to this app");
+    }
+    return session;
+  }
+  toSigningSession(descriptor) {
+    return {
+      ...descriptor,
+      signTransaction: (transaction) => this.signTransaction({
+        ...transaction,
+        walletAddress: transaction.walletAddress ?? descriptor.walletAddress,
+        signingSessionId: descriptor.id
+      }),
+      revoke: () => this.revokeSigningSession(descriptor.id),
+      toJSON: () => ({ ...descriptor })
+    };
+  }
 };
 
 // src/native/provider/WebViewBridge.ts
-var PRODUCTION_WALLET_ORIGINS = ["https://wallet.thru.org"];
+var PRODUCTION_WALLET_ORIGINS = [
+  "https://wallet.thru.org",
+  "https://wallet.tid.sh"
+];
 function isDevelopmentBuild() {
   const runtime = globalThis;
   const devFlag = runtime.__DEV__;
@@ -184,14 +519,23 @@ function validateWalletOrigin(walletUrl) {
     );
   }
 }
+function isNativeEmbeddedWalletPath(pathname) {
+  const normalized = pathname.replace(/\/+$/, "") || "/";
+  return normalized === "/embedded/native" || normalized.startsWith("/embedded/native/");
+}
 var READY_TIMEOUT_MS = 1e4;
 var SLOW_REQUEST_TIMEOUT_MS = 5 * 60 * 1e3;
 var FAST_REQUEST_TIMEOUT_MS = 30 * 1e3;
 var SLOW_REQUEST_TYPES = /* @__PURE__ */ new Set([
   POST_MESSAGE_REQUEST_TYPES.CONNECT,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT,
   POST_MESSAGE_REQUEST_TYPES.SIGN_MESSAGE,
   POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION,
-  POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS
+  POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE,
+  POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION,
+  POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION
 ]);
 var WebViewBridge = class {
   constructor(options) {
@@ -213,7 +557,7 @@ var WebViewBridge = class {
    */
   getIframeSrc() {
     const url = new URL(this.walletUrl);
-    if (!url.pathname.endsWith("/native")) {
+    if (!isNativeEmbeddedWalletPath(url.pathname)) {
       url.pathname = `${url.pathname.replace(/\/$/, "")}/native`;
     }
     url.searchParams.set("tn_frame_id", this.frameId);
@@ -293,14 +637,11 @@ var WebViewBridge = class {
         }
       });
       const script = `try {
-        var msg = ${JSON.stringify(request)};
+        var msg = ${JSON.stringify({ ...request, frameId: this.frameId })};
         if (window.__pushIn) {
           window.__pushIn(msg);
         } else {
-          window.dispatchEvent(new MessageEvent('message', {
-            data: msg,
-            origin: msg.origin || ''
-          }));
+          window.postMessage(msg, window.location.origin);
         }
       } catch (e) {} ; true;`;
       this.webView.injectJavaScript(script);
@@ -376,11 +717,13 @@ var WebViewBridge = class {
 // src/native/provider/NativeProvider.ts
 var DEFAULT_WALLET_URL = "https://wallet.thru.org/embedded/native";
 var DEFAULT_ORIGIN = "thru-mobile://app";
+var TRANSPARENT_FOCUS_SETTLE_MS = 500;
 var NativeProvider = class {
   constructor(config = {}) {
     this.connected = false;
     this.accounts = [];
     this.selectedAccount = null;
+    this.isSurfaceShown = false;
     this.eventListeners = /* @__PURE__ */ new Map();
     /** Pass through the WebView's `onMessage` event handler. */
     this.onMessage = (event) => {
@@ -388,8 +731,12 @@ var NativeProvider = class {
     };
     const walletUrl = config.walletUrl ?? DEFAULT_WALLET_URL;
     this.origin = config.origin ?? DEFAULT_ORIGIN;
+    this.transparent = config.walletExperience === "transparent";
     this.bridge = new WebViewBridge({ walletUrl });
     this.bridge.onEvent = (eventType, payload) => {
+      if (this.transparent && eventType === EMBEDDED_PROVIDER_EVENTS.UI_SHOW) {
+        return;
+      }
       this.emit(eventType, payload);
       if (eventType === EMBEDDED_PROVIDER_EVENTS.UI_SHOW) {
         this.requestShow();
@@ -407,7 +754,12 @@ var NativeProvider = class {
     };
     const addressTypes = config.addressTypes ?? [AddressType.THRU];
     if (addressTypes.includes(AddressType.THRU)) {
-      this._thruChain = new NativeThruChain(this.bridge, this, this.origin);
+      this._thruChain = new NativeThruChain(
+        this.bridge,
+        this,
+        this.origin,
+        config.signingSessions
+      );
     }
   }
   /** Hand the bridge a WebView ref. Required before connect/sign. */
@@ -432,12 +784,27 @@ var NativeProvider = class {
   async initialize() {
     await this.bridge.awaitReady();
   }
-  /** Open the wallet UI (called internally; also exposed for host). */
-  requestShow() {
+  /** Open or focus the wallet host surface. Transparent hosts use this
+      to give WKWebView a focused document for WebAuthn without showing
+      wallet UI. */
+  async requestShow() {
+    if (this.transparent) {
+      if (!this.isSurfaceShown) {
+        this.isSurfaceShown = true;
+        this.onShowRequested?.();
+      }
+      await new Promise(
+        (resolve) => setTimeout(resolve, TRANSPARENT_FOCUS_SETTLE_MS)
+      );
+      return;
+    }
+    if (this.isSurfaceShown) return;
+    this.isSurfaceShown = true;
     this.onShowRequested?.();
   }
   /** Close the wallet UI (called internally; also exposed for host). */
   requestHide() {
+    this.isSurfaceShown = false;
     this.onHideRequested?.();
   }
   /** Reject pending requests after a user-driven native sheet dismiss. */
@@ -447,7 +814,7 @@ var NativeProvider = class {
   async connect(options) {
     this.emit(EMBEDDED_PROVIDER_EVENTS.CONNECT_START, {});
     try {
-      this.requestShow();
+      await this.requestShow();
       const payload = {};
       if (options?.metadata) payload.metadata = options.metadata;
       if (options?.preferredAccountAddress) {
@@ -461,6 +828,9 @@ var NativeProvider = class {
         origin: this.origin
       });
       const result = normalizeWalletAccountResult(response.result);
+      if (!result.selectedAccount) {
+        throw new Error("Wallet did not return an account");
+      }
       this.connected = true;
       this.accounts = result.accounts;
       this.selectedAccount = result.selectedAccount;
@@ -473,6 +843,52 @@ var NativeProvider = class {
       throw error;
     }
   }
+  async createAccount(options) {
+    try {
+      await this.requestShow();
+      const payload = {};
+      if (options?.accountName) payload.accountName = options.accountName;
+      if (options?.metadata) payload.metadata = options.metadata;
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT,
+        payload,
+        origin: this.origin
+      });
+      const normalized = normalizeWalletAccountResult(
+        response.result,
+        response.result.selectedAccount ?? response.result.account
+      );
+      const selectedAccount = normalized.selectedAccount ?? response.result.account;
+      if (!selectedAccount) {
+        throw new Error("Wallet did not return a created account");
+      }
+      const result = {
+        ...response.result,
+        accounts: normalized.accounts,
+        selectedAccount,
+        account: selectedAccount
+      };
+      this.connected = true;
+      this.accounts = result.accounts;
+      this.selectedAccount = result.selectedAccount;
+      this.emit(EMBEDDED_PROVIDER_EVENTS.CONNECT, {
+        accounts: result.accounts,
+        selectedAccount: result.selectedAccount,
+        status: "completed",
+        metadata: options?.metadata
+      });
+      this.emit(EMBEDDED_PROVIDER_EVENTS.ACCOUNT_CHANGED, {
+        account: result.selectedAccount
+      });
+      this.requestHide();
+      return result;
+    } catch (error) {
+      this.requestHide();
+      this.emit(EMBEDDED_PROVIDER_EVENTS.ERROR, { error });
+      throw error;
+    }
+  }
   async getConnectionState(options) {
     const payload = {};
     if (options?.metadata) payload.metadata = options.metadata;
@@ -521,6 +937,9 @@ var NativeProvider = class {
   isConnected() {
     return this.connected;
   }
+  isTransparent() {
+    return this.transparent;
+  }
   hydrateConnection(result, selectedAccountAddress) {
     const selectedAccount = resolveWalletAccountByAddress(result.accounts, selectedAccountAddress) ?? result.selectedAccount ?? null;
     const normalized = normalizeWalletAccountResult(result, selectedAccount);
@@ -555,7 +974,7 @@ var NativeProvider = class {
   async manageAccounts() {
     if (!this.connected) throw new Error("Wallet not connected");
     try {
-      this.requestShow();
+      await this.requestShow();
       const response = await this.bridge.sendMessage({
         id: createRequestId(),
         type: POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS,
@@ -617,6 +1036,9 @@ var NativeProvider = class {
 };
 var DEFAULT_STORAGE_KEY = "thru.native-sdk.connection.v1";
 var SELECTED_ACCOUNT_STORAGE_KEY_SUFFIX = ".selected-account.v1";
+var SIGNING_SESSION_STORAGE_KEY_SUFFIX = ".signing-sessions.v1";
+var DEFAULT_NATIVE_WALLET_URL = "https://wallet.thru.org/embedded/native";
+var DEFAULT_TRANSPARENT_WALLET_URL = "https://wallet.thru.org/embedded/native/transparent";
 var CHECKING_WALLET_AVAILABILITY = {
   status: "checking",
   isAuthorized: false,
@@ -629,6 +1051,17 @@ var CHECKING_WALLET_AVAILABILITY = {
   metadata: null,
   error: null
 };
+function completeAppMetadata(metadata) {
+  if (!metadata?.appId || !metadata.appName || !metadata.appUrl) {
+    return void 0;
+  }
+  return {
+    appId: metadata.appId,
+    appName: metadata.appName,
+    appUrl: metadata.appUrl,
+    ...metadata.imageUrl ? { imageUrl: metadata.imageUrl } : {}
+  };
+}
 var NativeSDK = class {
   constructor(config = {}) {
     this.eventListeners = /* @__PURE__ */ new Map();
@@ -647,10 +1080,25 @@ var NativeSDK = class {
     this.storageKey = config.storageKey ?? DEFAULT_STORAGE_KEY;
     this.selectedAccountStorageKey = config.selectedAccountStorageKey ?? `${this.storageKey}${SELECTED_ACCOUNT_STORAGE_KEY_SUFFIX}`;
     this.iosWebViewMode = config.iosWebViewMode ?? "shell-iframe";
+    this.walletExperience = config.walletExperience ?? "standard";
+    this.defaultMetadata = config.metadata;
+    const walletUrl = config.walletUrl ?? (this.walletExperience === "transparent" ? DEFAULT_TRANSPARENT_WALLET_URL : DEFAULT_NATIVE_WALLET_URL);
+    const walletOrigin = new URL(walletUrl).origin;
+    const signingSessions = this.storage ? new SigningSessionDescriptorStore(
+      this.storage,
+      resolveSigningSessionStorageKey({
+        walletOrigin,
+        appOrigin: this.origin,
+        storageKey: config.signingSessionStorageKey ?? `${this.storageKey}${SIGNING_SESSION_STORAGE_KEY_SUFFIX}`
+      })
+    ) : void 0;
     this.provider = new NativeProvider({
-      walletUrl: config.walletUrl,
+      walletUrl,
       origin: this.origin,
-      addressTypes: config.addressTypes ?? [AddressType.THRU]
+      metadata: this.defaultMetadata ? this.resolveMetadata(this.defaultMetadata) : void 0,
+      addressTypes: config.addressTypes ?? [AddressType.THRU],
+      signingSessions,
+      walletExperience: this.walletExperience
     });
     this.setupEventForwarding();
   }
@@ -701,10 +1149,10 @@ var NativeSDK = class {
     this.emit("connect", { status: "connecting" });
     const inFlight = (async () => {
       try {
-        this.provider.requestShow();
+        await this.provider.requestShow();
         if (!this.initialized) await this.initialize();
         const metadata = this.resolveMetadata(options?.metadata);
-        const preferredAccountAddress = isAccountSwitch ? null : await this.readSelectedAccountAddress();
+        const preferredAccountAddress = isAccountSwitch ? null : options?.preferredAccountAddress ?? await this.readSelectedAccountAddress();
         const providerOptions = metadata || preferredAccountAddress || options?.intent ? {
           ...metadata ? { metadata } : {},
           ...preferredAccountAddress ? { preferredAccountAddress } : {},
@@ -757,11 +1205,52 @@ var NativeSDK = class {
       ...options.intent ? { intent: options.intent } : {}
     });
   }
+  async createAccount(options = {}) {
+    this.emit("connect", { status: "connecting" });
+    try {
+      await this.provider.requestShow();
+      if (!this.initialized) await this.initialize();
+      const metadata = this.resolveMetadata(options.metadata);
+      const result = await this.provider.createAccount({
+        ...options.accountName ? { accountName: options.accountName } : {},
+        ...metadata ? { metadata } : {}
+      });
+      const selectedAccount = result.selectedAccount ?? result.account;
+      const activeResult = {
+        ...result,
+        accounts: this.provider.getAccounts(),
+        selectedAccount,
+        account: selectedAccount
+      };
+      const completedResult = {
+        accounts: activeResult.accounts,
+        selectedAccount: activeResult.selectedAccount,
+        status: "completed",
+        metadata: completeAppMetadata(metadata)
+      };
+      this.lastConnectResult = completedResult;
+      await this.persistSelectedAccountAddress(
+        activeResult.selectedAccount.address
+      );
+      await this.clearPersistedConnection();
+      this.setWalletAvailability(
+        walletAvailabilityFromConnectResult(completedResult)
+      );
+      this.emit("connect", completedResult);
+      this.emit("accountChanged", activeResult.selectedAccount);
+      return activeResult;
+    } catch (error) {
+      this.provider.requestHide();
+      this.emit("error", error);
+      throw error;
+    }
+  }
   async disconnect() {
     try {
       await this.provider.disconnect();
       this.emit("disconnect", {});
       this.lastConnectResult = null;
+      await this.persistSelectedAccountAddress(null);
       await this.clearPersistedConnection();
       this.clearAuthorizedAvailability();
     } catch (error) {
@@ -906,9 +1395,9 @@ var NativeSDK = class {
   }
   async requestConnectionState(options) {
     if (!this.initialized) await this.initialize();
-    const metadata = options?.metadata ?? this.lastConnectResult?.metadata ?? void 0;
+    const metadata = options?.metadata ?? this.lastConnectResult?.metadata ?? this.defaultMetadata ?? void 0;
     const providerOptions = metadata ? { metadata: this.resolveMetadata(metadata) } : void 0;
-    const preferredAccountAddress = await this.readSelectedAccountAddress();
+    const preferredAccountAddress = options?.preferredAccountAddress ?? await this.readSelectedAccountAddress();
     const nextProviderOptions = providerOptions || preferredAccountAddress ? {
       ...providerOptions ?? {},
       ...preferredAccountAddress ? { preferredAccountAddress } : {}
@@ -961,15 +1450,16 @@ var NativeSDK = class {
     });
   }
   resolveMetadata(input) {
-    if (!input) {
+    const effectiveInput = input ?? this.defaultMetadata;
+    if (!effectiveInput) {
       return { appId: this.origin };
     }
     const metadata = {
-      appId: input.appId ?? this.origin
+      appId: effectiveInput.appId ?? this.origin
     };
-    if (input.appUrl) metadata.appUrl = input.appUrl;
-    if (input.appName) metadata.appName = input.appName;
-    if (input.imageUrl) metadata.imageUrl = input.imageUrl;
+    if (effectiveInput.appUrl) metadata.appUrl = effectiveInput.appUrl;
+    if (effectiveInput.appName) metadata.appName = effectiveInput.appName;
+    if (effectiveInput.imageUrl) metadata.imageUrl = effectiveInput.imageUrl;
     return metadata;
   }
   resolveSignInMetadata(options) {
@@ -1230,6 +1720,27 @@ function ThruProvider({ children, config }) {
       throw err;
     }
   }, [sdk]);
+  const createAccount = useCallback(
+    async (options) => {
+      if (!sdk) throw new Error("NativeSDK not initialized");
+      try {
+        const result = await sdk.createAccount(options);
+        setSelectedAccount(result.selectedAccount);
+        setAccounts(result.accounts);
+        setIsConnected(true);
+        setIsConnecting(false);
+        setWalletAvailability(sdk.getWalletAvailability());
+        return result;
+      } catch (err) {
+        setError(
+          err instanceof Error ? err : new Error("createAccount failed")
+        );
+        setIsConnecting(false);
+        throw err;
+      }
+    },
+    [sdk]
+  );
   return /* @__PURE__ */ jsx(
     ThruContext.Provider,
     {
@@ -1243,6 +1754,7 @@ function ThruProvider({ children, config }) {
         selectedAccount,
         walletAvailability,
         selectAccount,
+        createAccount,
         manageAccounts
       },
       children
@@ -2266,6 +2778,219 @@ var styles = StyleSheet.create({
   },
   webview: { flex: 1, backgroundColor: "transparent" }
 });
+function ThruTransparentWalletBridge({
+  wallet: walletProp,
+  style,
+  webViewProps
+}) {
+  const thruContext = useContext(ThruContext);
+  const wallet = walletProp ?? thruContext?.wallet ?? null;
+  const webViewRef = useRef(null);
+  const webViewNativeTagRef = useRef(null);
+  const didRefreshWalletAvailabilityRef = useRef(false);
+  const [isFocusSurfaceActive, setIsFocusSurfaceActive] = useState(false);
+  const attachIfReady = useCallback(() => {
+    if (!wallet || !webViewRef.current) return;
+    const ref = {
+      injectJavaScript: (script) => {
+        webViewRef.current?.injectJavaScript(script);
+      }
+    };
+    wallet.attachWebView(ref);
+  }, [wallet]);
+  const enableAndroidWebAuthnIfNeeded = useCallback(async () => {
+    if (Platform.OS !== "android") return false;
+    const enabled = await enableWebAuthnSupport(webViewNativeTagRef.current);
+    webViewRef.current?.injectJavaScript(
+      "window.dispatchEvent(new Event('thru:native-webauthn-ready')); true;"
+    );
+    return enabled;
+  }, []);
+  const focusWebViewDocument = useCallback(() => {
+    const webView = webViewRef.current;
+    webView?.requestFocus?.();
+    webViewRef.current?.injectJavaScript(
+      "try { window.focus(); document.body && document.body.focus && document.body.focus(); } catch (_) {} true;"
+    );
+  }, []);
+  const refreshWalletAvailabilityIfReady = useCallback(() => {
+    if (!wallet || didRefreshWalletAvailabilityRef.current) return;
+    didRefreshWalletAvailabilityRef.current = true;
+    void wallet.refreshWalletAvailability();
+  }, [wallet]);
+  useEffect(() => {
+    if (!wallet) return;
+    wallet.setUiHandlers({
+      onShowRequested: () => {
+        setIsFocusSurfaceActive(true);
+      },
+      onHideRequested: () => {
+        setIsFocusSurfaceActive(false);
+      }
+    });
+    return () => {
+      wallet.clearUiHandlers();
+    };
+  }, [focusWebViewDocument, wallet]);
+  useEffect(() => {
+    if (!isFocusSurfaceActive) return;
+    const timers = [0, 50, 120, 250, 500].map(
+      (delay) => setTimeout(focusWebViewDocument, delay)
+    );
+    return () => {
+      timers.forEach(clearTimeout);
+    };
+  }, [focusWebViewDocument, isFocusSurfaceActive]);
+  const webViewSource = useMemo(() => {
+    if (!wallet) return null;
+    if (Platform.OS === "ios" && wallet.getIosWebViewMode() === "direct") {
+      return { uri: wallet.getIframeSrc() };
+    }
+    return {
+      html: getShellHtml({
+        walletUrl: wallet.getIframeSrc(),
+        walletOrigin: wallet.getWalletOrigin()
+      }),
+      baseUrl: wallet.getWalletOrigin()
+    };
+  }, [wallet]);
+  const isDirectWalletSource = Boolean(
+    wallet && Platform.OS === "ios" && wallet.getIosWebViewMode() === "direct"
+  );
+  useEffect(() => {
+    didRefreshWalletAvailabilityRef.current = false;
+  }, [webViewSource]);
+  const handleWebViewLayout = useCallback(
+    (event) => {
+      const target = event.nativeEvent.target;
+      webViewNativeTagRef.current = typeof target === "number" ? target : webViewNativeTagRef.current;
+      void enableAndroidWebAuthnIfNeeded();
+      webViewProps?.onLayout?.(event);
+    },
+    [enableAndroidWebAuthnIfNeeded, webViewProps]
+  );
+  const handleLoadEnd = useCallback(
+    (event) => {
+      attachIfReady();
+      if (isDirectWalletSource) {
+        void enableAndroidWebAuthnIfNeeded().finally(
+          refreshWalletAvailabilityIfReady
+        );
+      } else {
+        void enableAndroidWebAuthnIfNeeded();
+      }
+      webViewProps?.onLoadEnd?.(event);
+    },
+    [
+      attachIfReady,
+      enableAndroidWebAuthnIfNeeded,
+      isDirectWalletSource,
+      refreshWalletAvailabilityIfReady,
+      webViewProps
+    ]
+  );
+  const handleMessage = useCallback(
+    (event) => {
+      let shouldRefreshAfterBridgeReady = false;
+      let shouldCollapseFocusSurface = false;
+      try {
+        const data = JSON.parse(event.nativeEvent.data);
+        shouldRefreshAfterBridgeReady = data.type === "iframe:ready";
+        shouldCollapseFocusSurface = typeof data.id === "string" && typeof data.success === "boolean";
+      } catch {
+      }
+      if (shouldCollapseFocusSurface) {
+        setIsFocusSurfaceActive(false);
+      }
+      wallet?.onMessage({
+        nativeEvent: { data: event.nativeEvent.data }
+      });
+      webViewProps?.onMessage?.(event);
+      if (shouldRefreshAfterBridgeReady) {
+        void enableAndroidWebAuthnIfNeeded().finally(
+          refreshWalletAvailabilityIfReady
+        );
+      }
+    },
+    [
+      enableAndroidWebAuthnIfNeeded,
+      refreshWalletAvailabilityIfReady,
+      wallet,
+      webViewProps
+    ]
+  );
+  if (!webViewSource) return null;
+  return /* @__PURE__ */ jsx(
+    View,
+    {
+      collapsable: false,
+      pointerEvents: isFocusSurfaceActive ? "auto" : "none",
+      style: [
+        styles2.container,
+        isFocusSurfaceActive ? styles2.activeContainer : null,
+        style
+      ],
+      children: /* @__PURE__ */ jsx(
+        WebView,
+        {
+          ...webViewProps,
+          ref: webViewRef,
+          source: webViewSource,
+          originWhitelist: ["*"],
+          javaScriptEnabled: true,
+          domStorageEnabled: true,
+          webviewDebuggingEnabled: __DEV__,
+          sharedCookiesEnabled: true,
+          allowsInlineMediaPlayback: true,
+          mediaPlaybackRequiresUserAction: false,
+          limitsNavigationsToAppBoundDomains: isDirectWalletSource,
+          onLoadStart: (event) => {
+            attachIfReady();
+            void enableAndroidWebAuthnIfNeeded();
+            webViewProps?.onLoadStart?.(event);
+          },
+          onLoadEnd: handleLoadEnd,
+          onLayout: handleWebViewLayout,
+          onMessage: handleMessage,
+          style: [
+            styles2.webview,
+            isFocusSurfaceActive ? styles2.activeWebview : null,
+            webViewProps?.style
+          ]
+        }
+      )
+    }
+  );
+}
+var styles2 = StyleSheet.create({
+  container: {
+    height: 1,
+    left: 0,
+    opacity: 0,
+    overflow: "hidden",
+    position: "absolute",
+    top: 0,
+    width: 1
+  },
+  activeContainer: {
+    bottom: 0,
+    height: "100%",
+    opacity: 1,
+    right: 0,
+    width: "100%",
+    zIndex: 2147483647
+  },
+  webview: {
+    backgroundColor: "transparent",
+    height: 1,
+    width: 1
+  },
+  activeWebview: {
+    flex: 1,
+    height: "100%",
+    width: "100%"
+  }
+});
 
 // src/native/react/hooks/waitForWallet.ts
 function waitForWallet(getWallet, timeout = 5e3, interval = 100) {
@@ -2307,6 +3032,13 @@ function useWallet() {
     const ready = walletRef.current ?? await waitForWallet(() => walletRef.current);
     return ready.signIn(options);
   }, []);
+  const createTransparentAccount = useCallback(
+    async (options) => {
+      const ready = walletRef.current ?? await waitForWallet(() => walletRef.current);
+      return ready.createAccount(options);
+    },
+    []
+  );
   const disconnect = useCallback(async () => {
     const ready = walletRef.current ?? await waitForWallet(() => walletRef.current);
     await ready.disconnect();
@@ -2321,6 +3053,7 @@ function useWallet() {
     accounts,
     connect,
     signIn,
+    createAccount: createTransparentAccount,
     disconnect,
     isConnected: isConnected && !!wallet,
     isConnecting,
@@ -2376,6 +3109,6 @@ function useAccounts({ onAccountSelect } = {}) {
   };
 }
 
-export { ThruContext, ThruProvider, ThruWalletSheet, enableWebAuthnSupport, useAccounts, useThru, useWallet, useWalletAvailability };
+export { ThruContext, ThruProvider, ThruTransparentWalletBridge, ThruWalletSheet, enableWebAuthnSupport, useAccounts, useThru, useWallet, useWalletAvailability };
 //# sourceMappingURL=react.js.map
 //# sourceMappingURL=react.js.map