@thru/wallet 0.2.25 → 0.2.28

package/dist/native.js

@@ -42,14 +42,20 @@ var ThruTransactionEncoding = {
 // src/protocol/postMessage.ts
 var POST_MESSAGE_REQUEST_TYPES = {
   CONNECT: "connect",
+  CREATE_ACCOUNT: "createAccount",
   DISCONNECT: "disconnect",
   SIGN_MESSAGE: "signMessage",
   SIGN_TRANSACTION: "signTransaction",
+  SIGN_PASSKEY_CHALLENGE: "signPasskeyChallenge",
   GET_ACCOUNTS: "getAccounts",
   GET_CONNECTION_STATE: "getConnectionState",
   GET_SIGNING_CONTEXT: "getSigningContext",
   SELECT_ACCOUNT: "selectAccount",
-  MANAGE_ACCOUNTS: "manageAccounts"
+  MANAGE_ACCOUNTS: "manageAccounts",
+  CREATE_SIGNING_SESSION: "createSigningSession",
+  CREATE_SIGNING_SESSION_INSTRUCTION: "createSigningSessionInstruction",
+  CONFIRM_SIGNING_SESSION: "confirmSigningSession",
+  REVOKE_SIGNING_SESSION: "revokeSigningSession"
 };
 var EMBEDDED_PROVIDER_EVENTS = {
   CONNECT_START: "connect_start",
@@ -91,12 +97,195 @@ function normalizeConnectionStateResult(result) {
   return normalizeWalletAccountResult(result);
 }
 
+// src/encoding.ts
+var BASE64_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+var BASE64_LOOKUP = new Map(
+  [...BASE64_ALPHABET].map((char, index) => [char, index])
+);
+function base64ToBytes(value) {
+  const normalized = value.replace(/\s+/g, "");
+  if (normalized.length === 0) return new Uint8Array();
+  if (normalized.length % 4 === 1) {
+    throw new Error("Invalid base64 data");
+  }
+  const padded = normalized.padEnd(
+    normalized.length + (4 - normalized.length % 4) % 4,
+    "="
+  );
+  const padding = padded.endsWith("==") ? 2 : padded.endsWith("=") ? 1 : 0;
+  const output = new Uint8Array(padded.length / 4 * 3 - padding);
+  let outIdx = 0;
+  for (let i = 0; i < padded.length; i += 4) {
+    const chars = padded.slice(i, i + 4);
+    const a = BASE64_LOOKUP.get(chars[0]);
+    const b = BASE64_LOOKUP.get(chars[1]);
+    const c = chars[2] === "=" ? 0 : BASE64_LOOKUP.get(chars[2]);
+    const d = chars[3] === "=" ? 0 : BASE64_LOOKUP.get(chars[3]);
+    if (a === void 0 || b === void 0 || c === void 0 || d === void 0) {
+      throw new Error("Invalid base64 data");
+    }
+    const chunk = a << 18 | b << 12 | c << 6 | d;
+    if (outIdx < output.length) output[outIdx++] = chunk >> 16 & 255;
+    if (outIdx < output.length) output[outIdx++] = chunk >> 8 & 255;
+    if (outIdx < output.length) output[outIdx++] = chunk & 255;
+  }
+  return output;
+}
+
+// src/signing-sessions.ts
+var STORAGE_VERSION = 1;
+var KEY_PREFIX = "thru.wallet.signing-sessions.v1";
+function encodeKeyPart(input) {
+  return encodeURIComponent(input).replace(
+    /[!'()*]/g,
+    (char) => `%${char.charCodeAt(0).toString(16).toUpperCase()}`
+  );
+}
+function nowSeconds() {
+  return Math.floor(Date.now() / 1e3);
+}
+function resolveSigningSessionStorageKey(params) {
+  if (params.storageKey) return params.storageKey;
+  return `${KEY_PREFIX}:${encodeKeyPart(params.walletOrigin)}:${encodeKeyPart(params.appOrigin)}`;
+}
+function normalizeExpiresAt(value, label = "expiresAt") {
+  if (value instanceof Date) {
+    const millis = value.getTime();
+    if (!Number.isFinite(millis)) throw new Error(`${label} must be a valid Date`);
+    return Math.floor(millis / 1e3);
+  }
+  if (typeof value === "bigint") {
+    if (value < 0n || value > BigInt(Number.MAX_SAFE_INTEGER)) {
+      throw new Error(`${label} must fit in a JavaScript safe integer`);
+    }
+    return Number(value);
+  }
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    if (!/^\d+$/.test(trimmed)) {
+      throw new Error(`${label} must be a Unix timestamp in seconds`);
+    }
+    return normalizeExpiresAt(BigInt(trimmed), label);
+  }
+  if (!Number.isFinite(value) || value < 0) {
+    throw new Error(`${label} must be a finite positive Unix timestamp`);
+  }
+  return Math.floor(value);
+}
+function resolveSessionExpirySeconds(options) {
+  const hasDuration = options.durationSeconds !== void 0;
+  const hasExpiresAt = options.expiresAt !== void 0;
+  if (hasDuration === hasExpiresAt) {
+    throw new Error("Provide exactly one of durationSeconds or expiresAt");
+  }
+  if (hasDuration) {
+    const duration = options.durationSeconds;
+    if (typeof duration !== "number" || !Number.isFinite(duration) || duration <= 0) {
+      throw new Error("durationSeconds must be a positive number");
+    }
+    return nowSeconds() + Math.floor(duration);
+  }
+  return normalizeExpiresAt(options.expiresAt, "expiresAt");
+}
+function assertSigningSessionWalletAccountIdx(walletAccountIdx) {
+  if (!Number.isInteger(walletAccountIdx) || walletAccountIdx < 2 || walletAccountIdx > 65535) {
+    throw new Error("walletAccountIdx must be an account index between 2 and 65535");
+  }
+}
+function normalizeDescriptor(descriptor) {
+  return {
+    id: descriptor.id,
+    walletAddress: descriptor.walletAddress,
+    publicKey: descriptor.publicKey,
+    authIdx: Number(descriptor.authIdx),
+    expiresAt: normalizeExpiresAt(descriptor.expiresAt, "descriptor.expiresAt"),
+    createdAt: normalizeExpiresAt(descriptor.createdAt, "descriptor.createdAt")
+  };
+}
+function isActive(descriptor) {
+  return nowSeconds() < descriptor.expiresAt;
+}
+var SigningSessionDescriptorStore = class {
+  constructor(storage, key) {
+    this.storage = storage;
+    this.key = key;
+  }
+  async list() {
+    const sessions = await this.read();
+    const active = sessions.filter(isActive);
+    if (active.length !== sessions.length) {
+      await this.write(active);
+    }
+    return active;
+  }
+  async get(id) {
+    const sessions = await this.list();
+    return sessions.find((session) => session.id === id) ?? null;
+  }
+  async save(descriptor) {
+    const normalized = normalizeDescriptor(descriptor);
+    const sessions = (await this.list()).filter((session) => session.id !== normalized.id);
+    sessions.push(normalized);
+    await this.write(sessions);
+  }
+  async saveReplacingWalletSessions(descriptor) {
+    const normalized = normalizeDescriptor(descriptor);
+    const sessions = (await this.list()).filter(
+      (session) => session.id === normalized.id || session.walletAddress !== normalized.walletAddress
+    );
+    const withoutCurrent = sessions.filter((session) => session.id !== normalized.id);
+    withoutCurrent.push(normalized);
+    await this.write(withoutCurrent);
+  }
+  async remove(id) {
+    const sessions = (await this.list()).filter((session) => session.id !== id);
+    if (sessions.length === 0) {
+      await this.storage.removeItem(this.key);
+      return;
+    }
+    await this.write(sessions);
+  }
+  async read() {
+    const raw = await this.storage.getItem(this.key);
+    if (!raw) return [];
+    try {
+      const parsed = JSON.parse(raw);
+      if (parsed.version !== STORAGE_VERSION || !Array.isArray(parsed.sessions)) {
+        await this.storage.removeItem(this.key);
+        return [];
+      }
+      return parsed.sessions.map(normalizeDescriptor);
+    } catch {
+      await this.storage.removeItem(this.key);
+      return [];
+    }
+  }
+  async write(sessions) {
+    const payload = {
+      version: STORAGE_VERSION,
+      sessions: sessions.map(normalizeDescriptor)
+    };
+    await this.storage.setItem(this.key, JSON.stringify(payload));
+  }
+};
+
 // src/native/provider/chains/ThruChain.ts
+function descriptorFromWire(session) {
+  return {
+    id: session.id,
+    walletAddress: session.walletAddress,
+    publicKey: session.publicKey,
+    authIdx: session.authIdx,
+    expiresAt: Number(BigInt(session.expiresAt)),
+    createdAt: Number(BigInt(session.createdAt))
+  };
+}
 var NativeThruChain = class {
-  constructor(bridge, provider, origin) {
+  constructor(bridge, provider, origin, signingSessions) {
     this.bridge = bridge;
     this.provider = provider;
     this.origin = origin;
+    this.signingSessions = signingSessions;
   }
   get connected() {
     return this.provider.isConnected();
@@ -114,7 +303,7 @@ var NativeThruChain = class {
     await this.provider.disconnect();
   }
   async getSigningContext() {
-    if (!this.provider.isConnected()) {
+    if (!this.provider.isConnected() && !this.provider.isTransparent()) {
       throw new Error("Wallet not connected");
     }
     const response = await this.bridge.sendMessage({
@@ -125,33 +314,179 @@ var NativeThruChain = class {
     return response.result.signingContext;
   }
   async signTransaction(transaction) {
-    if (!this.provider.isConnected()) {
+    const signingSessionId = transaction.signingSessionId;
+    if (!signingSessionId && !this.provider.isConnected() && !this.provider.isTransparent()) {
       throw new Error("Wallet not connected");
     }
-    this.provider.requestShow();
+    const session = signingSessionId ? await this.requireSigningSession(signingSessionId) : null;
+    const shouldShowWallet = !signingSessionId;
+    if (shouldShowWallet) {
+      await this.provider.requestShow();
+    }
     try {
       const response = await this.bridge.sendMessage({
         id: createRequestId(),
         type: POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION,
         payload: {
-          walletAddress: transaction.walletAddress,
+          walletAddress: transaction.walletAddress ?? session?.walletAddress,
           programAddress: transaction.programAddress,
           instructionData: transaction.instructionData,
           readWriteAddresses: transaction.readWriteAddresses,
           readOnlyAddresses: transaction.readOnlyAddresses,
-          review: transaction.review
+          review: transaction.review,
+          signingSessionId
         },
         origin: this.origin
       });
       return response.result.signedTransaction;
+    } finally {
+      if (shouldShowWallet) {
+        this.provider.requestHide();
+      }
+    }
+  }
+  async signPasskeyChallenge(challenge) {
+    if (!this.provider.isConnected() && !this.provider.isTransparent()) {
+      throw new Error("Wallet not connected");
+    }
+    await this.provider.requestShow();
+    try {
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE,
+        payload: {
+          challenge: challenge.challenge,
+          walletAddress: challenge.walletAddress
+        },
+        origin: this.origin
+      });
+      return response.result;
+    } finally {
+      this.provider.requestHide();
+    }
+  }
+  async createSigningSession(options) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const expiresAt = resolveSessionExpirySeconds(options);
+    await this.provider.requestShow();
+    try {
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION,
+        payload: {
+          walletAddress: options.walletAddress,
+          expiresAt: String(expiresAt),
+          review: options.review
+        },
+        origin: this.origin
+      });
+      const descriptor = descriptorFromWire(response.result.session);
+      await this.signingSessions.saveReplacingWalletSessions(descriptor);
+      return this.toSigningSession(descriptor);
     } finally {
       this.provider.requestHide();
     }
   }
+  async createSigningSessionInstruction(options) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const expiresAt = resolveSessionExpirySeconds(options);
+    assertSigningSessionWalletAccountIdx(options.walletAccountIdx);
+    const response = await this.bridge.sendMessage({
+      id: createRequestId(),
+      type: POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION,
+      payload: {
+        walletAddress: options.walletAddress,
+        expiresAt: String(expiresAt),
+        walletAccountIdx: options.walletAccountIdx
+      },
+      origin: this.origin
+    });
+    const descriptor = descriptorFromWire(response.result.session);
+    return {
+      session: this.toSigningSession(descriptor),
+      programAddress: response.result.programAddress,
+      instructionData: base64ToBytes(response.result.instructionData)
+    };
+  }
+  async confirmSigningSession(id) {
+    if (!this.provider.isConnected()) {
+      throw new Error("Wallet not connected");
+    }
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const response = await this.bridge.sendMessage({
+      id: createRequestId(),
+      type: POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION,
+      payload: { sessionId: id },
+      origin: this.origin
+    });
+    const descriptor = descriptorFromWire(response.result.session);
+    await this.signingSessions.saveReplacingWalletSessions(descriptor);
+    return this.toSigningSession(descriptor);
+  }
+  async getSigningSession(id) {
+    if (!this.signingSessions) return null;
+    const descriptor = await this.signingSessions.get(id);
+    return descriptor ? this.toSigningSession(descriptor) : null;
+  }
+  async getSigningSessions() {
+    if (!this.signingSessions) return [];
+    return (await this.signingSessions.list()).map(
+      (descriptor) => this.toSigningSession(descriptor)
+    );
+  }
+  async revokeSigningSession(id) {
+    try {
+      await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.REVOKE_SIGNING_SESSION,
+        payload: { sessionId: id },
+        origin: this.origin
+      });
+    } finally {
+      await this.signingSessions?.remove(id);
+    }
+  }
+  async requireSigningSession(id) {
+    if (!this.signingSessions) {
+      throw new Error("NativeSDKStorage is required for signing sessions");
+    }
+    const session = await this.signingSessions.get(id);
+    if (!session) {
+      throw new Error("Signing session is not known to this app");
+    }
+    return session;
+  }
+  toSigningSession(descriptor) {
+    return {
+      ...descriptor,
+      signTransaction: (transaction) => this.signTransaction({
+        ...transaction,
+        walletAddress: transaction.walletAddress ?? descriptor.walletAddress,
+        signingSessionId: descriptor.id
+      }),
+      revoke: () => this.revokeSigningSession(descriptor.id),
+      toJSON: () => ({ ...descriptor })
+    };
+  }
 };
 
 // src/native/provider/WebViewBridge.ts
-var PRODUCTION_WALLET_ORIGINS = ["https://wallet.thru.org"];
+var PRODUCTION_WALLET_ORIGINS = [
+  "https://wallet.thru.org",
+  "https://wallet.tid.sh"
+];
 function isDevelopmentBuild() {
   const runtime = globalThis;
   const devFlag = runtime.__DEV__;
@@ -189,14 +524,23 @@ function validateWalletOrigin(walletUrl) {
     );
   }
 }
+function isNativeEmbeddedWalletPath(pathname) {
+  const normalized = pathname.replace(/\/+$/, "") || "/";
+  return normalized === "/embedded/native" || normalized.startsWith("/embedded/native/");
+}
 var READY_TIMEOUT_MS = 1e4;
 var SLOW_REQUEST_TIMEOUT_MS = 5 * 60 * 1e3;
 var FAST_REQUEST_TIMEOUT_MS = 30 * 1e3;
 var SLOW_REQUEST_TYPES = /* @__PURE__ */ new Set([
   POST_MESSAGE_REQUEST_TYPES.CONNECT,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT,
   POST_MESSAGE_REQUEST_TYPES.SIGN_MESSAGE,
   POST_MESSAGE_REQUEST_TYPES.SIGN_TRANSACTION,
-  POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS
+  POST_MESSAGE_REQUEST_TYPES.SIGN_PASSKEY_CHALLENGE,
+  POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION,
+  POST_MESSAGE_REQUEST_TYPES.CREATE_SIGNING_SESSION_INSTRUCTION,
+  POST_MESSAGE_REQUEST_TYPES.CONFIRM_SIGNING_SESSION
 ]);
 var WebViewBridge = class {
   constructor(options) {
@@ -218,7 +562,7 @@ var WebViewBridge = class {
    */
   getIframeSrc() {
     const url = new URL(this.walletUrl);
-    if (!url.pathname.endsWith("/native")) {
+    if (!isNativeEmbeddedWalletPath(url.pathname)) {
       url.pathname = `${url.pathname.replace(/\/$/, "")}/native`;
     }
     url.searchParams.set("tn_frame_id", this.frameId);
@@ -298,14 +642,11 @@ var WebViewBridge = class {
         }
       });
       const script = `try {
-        var msg = ${JSON.stringify(request)};
+        var msg = ${JSON.stringify({ ...request, frameId: this.frameId })};
         if (window.__pushIn) {
           window.__pushIn(msg);
         } else {
-          window.dispatchEvent(new MessageEvent('message', {
-            data: msg,
-            origin: msg.origin || ''
-          }));
+          window.postMessage(msg, window.location.origin);
         }
       } catch (e) {} ; true;`;
       this.webView.injectJavaScript(script);
@@ -381,11 +722,13 @@ var WebViewBridge = class {
 // src/native/provider/NativeProvider.ts
 var DEFAULT_WALLET_URL = "https://wallet.thru.org/embedded/native";
 var DEFAULT_ORIGIN = "thru-mobile://app";
+var TRANSPARENT_FOCUS_SETTLE_MS = 500;
 var NativeProvider = class {
   constructor(config = {}) {
     this.connected = false;
     this.accounts = [];
     this.selectedAccount = null;
+    this.isSurfaceShown = false;
     this.eventListeners = /* @__PURE__ */ new Map();
     /** Pass through the WebView's `onMessage` event handler. */
     this.onMessage = (event) => {
@@ -393,8 +736,12 @@ var NativeProvider = class {
     };
     const walletUrl = config.walletUrl ?? DEFAULT_WALLET_URL;
     this.origin = config.origin ?? DEFAULT_ORIGIN;
+    this.transparent = config.walletExperience === "transparent";
     this.bridge = new WebViewBridge({ walletUrl });
     this.bridge.onEvent = (eventType, payload) => {
+      if (this.transparent && eventType === EMBEDDED_PROVIDER_EVENTS.UI_SHOW) {
+        return;
+      }
       this.emit(eventType, payload);
       if (eventType === EMBEDDED_PROVIDER_EVENTS.UI_SHOW) {
         this.requestShow();
@@ -412,7 +759,12 @@ var NativeProvider = class {
     };
     const addressTypes = config.addressTypes ?? [AddressType.THRU];
     if (addressTypes.includes(AddressType.THRU)) {
-      this._thruChain = new NativeThruChain(this.bridge, this, this.origin);
+      this._thruChain = new NativeThruChain(
+        this.bridge,
+        this,
+        this.origin,
+        config.signingSessions
+      );
     }
   }
   /** Hand the bridge a WebView ref. Required before connect/sign. */
@@ -437,12 +789,27 @@ var NativeProvider = class {
   async initialize() {
     await this.bridge.awaitReady();
   }
-  /** Open the wallet UI (called internally; also exposed for host). */
-  requestShow() {
+  /** Open or focus the wallet host surface. Transparent hosts use this
+      to give WKWebView a focused document for WebAuthn without showing
+      wallet UI. */
+  async requestShow() {
+    if (this.transparent) {
+      if (!this.isSurfaceShown) {
+        this.isSurfaceShown = true;
+        this.onShowRequested?.();
+      }
+      await new Promise(
+        (resolve) => setTimeout(resolve, TRANSPARENT_FOCUS_SETTLE_MS)
+      );
+      return;
+    }
+    if (this.isSurfaceShown) return;
+    this.isSurfaceShown = true;
     this.onShowRequested?.();
   }
   /** Close the wallet UI (called internally; also exposed for host). */
   requestHide() {
+    this.isSurfaceShown = false;
     this.onHideRequested?.();
   }
   /** Reject pending requests after a user-driven native sheet dismiss. */
@@ -452,7 +819,7 @@ var NativeProvider = class {
   async connect(options) {
     this.emit(EMBEDDED_PROVIDER_EVENTS.CONNECT_START, {});
     try {
-      this.requestShow();
+      await this.requestShow();
       const payload = {};
       if (options?.metadata) payload.metadata = options.metadata;
       if (options?.preferredAccountAddress) {
@@ -466,6 +833,9 @@ var NativeProvider = class {
         origin: this.origin
       });
       const result = normalizeWalletAccountResult(response.result);
+      if (!result.selectedAccount) {
+        throw new Error("Wallet did not return an account");
+      }
       this.connected = true;
       this.accounts = result.accounts;
       this.selectedAccount = result.selectedAccount;
@@ -478,6 +848,52 @@ var NativeProvider = class {
       throw error;
     }
   }
+  async createAccount(options) {
+    try {
+      await this.requestShow();
+      const payload = {};
+      if (options?.accountName) payload.accountName = options.accountName;
+      if (options?.metadata) payload.metadata = options.metadata;
+      const response = await this.bridge.sendMessage({
+        id: createRequestId(),
+        type: POST_MESSAGE_REQUEST_TYPES.CREATE_ACCOUNT,
+        payload,
+        origin: this.origin
+      });
+      const normalized = normalizeWalletAccountResult(
+        response.result,
+        response.result.selectedAccount ?? response.result.account
+      );
+      const selectedAccount = normalized.selectedAccount ?? response.result.account;
+      if (!selectedAccount) {
+        throw new Error("Wallet did not return a created account");
+      }
+      const result = {
+        ...response.result,
+        accounts: normalized.accounts,
+        selectedAccount,
+        account: selectedAccount
+      };
+      this.connected = true;
+      this.accounts = result.accounts;
+      this.selectedAccount = result.selectedAccount;
+      this.emit(EMBEDDED_PROVIDER_EVENTS.CONNECT, {
+        accounts: result.accounts,
+        selectedAccount: result.selectedAccount,
+        status: "completed",
+        metadata: options?.metadata
+      });
+      this.emit(EMBEDDED_PROVIDER_EVENTS.ACCOUNT_CHANGED, {
+        account: result.selectedAccount
+      });
+      this.requestHide();
+      return result;
+    } catch (error) {
+      this.requestHide();
+      this.emit(EMBEDDED_PROVIDER_EVENTS.ERROR, { error });
+      throw error;
+    }
+  }
   async getConnectionState(options) {
     const payload = {};
     if (options?.metadata) payload.metadata = options.metadata;
@@ -526,6 +942,9 @@ var NativeProvider = class {
   isConnected() {
     return this.connected;
   }
+  isTransparent() {
+    return this.transparent;
+  }
   hydrateConnection(result, selectedAccountAddress) {
     const selectedAccount = resolveWalletAccountByAddress(result.accounts, selectedAccountAddress) ?? result.selectedAccount ?? null;
     const normalized = normalizeWalletAccountResult(result, selectedAccount);
@@ -560,7 +979,7 @@ var NativeProvider = class {
   async manageAccounts() {
     if (!this.connected) throw new Error("Wallet not connected");
     try {
-      this.requestShow();
+      await this.requestShow();
       const response = await this.bridge.sendMessage({
         id: createRequestId(),
         type: POST_MESSAGE_REQUEST_TYPES.MANAGE_ACCOUNTS,
@@ -622,6 +1041,9 @@ var NativeProvider = class {
 };
 var DEFAULT_STORAGE_KEY = "thru.native-sdk.connection.v1";
 var SELECTED_ACCOUNT_STORAGE_KEY_SUFFIX = ".selected-account.v1";
+var SIGNING_SESSION_STORAGE_KEY_SUFFIX = ".signing-sessions.v1";
+var DEFAULT_NATIVE_WALLET_URL = "https://wallet.thru.org/embedded/native";
+var DEFAULT_TRANSPARENT_WALLET_URL = "https://wallet.thru.org/embedded/native/transparent";
 var CHECKING_WALLET_AVAILABILITY = {
   status: "checking",
   isAuthorized: false,
@@ -634,6 +1056,17 @@ var CHECKING_WALLET_AVAILABILITY = {
   metadata: null,
   error: null
 };
+function completeAppMetadata(metadata) {
+  if (!metadata?.appId || !metadata.appName || !metadata.appUrl) {
+    return void 0;
+  }
+  return {
+    appId: metadata.appId,
+    appName: metadata.appName,
+    appUrl: metadata.appUrl,
+    ...metadata.imageUrl ? { imageUrl: metadata.imageUrl } : {}
+  };
+}
 var NativeSDK = class {
   constructor(config = {}) {
     this.eventListeners = /* @__PURE__ */ new Map();
@@ -652,10 +1085,25 @@ var NativeSDK = class {
     this.storageKey = config.storageKey ?? DEFAULT_STORAGE_KEY;
     this.selectedAccountStorageKey = config.selectedAccountStorageKey ?? `${this.storageKey}${SELECTED_ACCOUNT_STORAGE_KEY_SUFFIX}`;
     this.iosWebViewMode = config.iosWebViewMode ?? "shell-iframe";
+    this.walletExperience = config.walletExperience ?? "standard";
+    this.defaultMetadata = config.metadata;
+    const walletUrl = config.walletUrl ?? (this.walletExperience === "transparent" ? DEFAULT_TRANSPARENT_WALLET_URL : DEFAULT_NATIVE_WALLET_URL);
+    const walletOrigin = new URL(walletUrl).origin;
+    const signingSessions = this.storage ? new SigningSessionDescriptorStore(
+      this.storage,
+      resolveSigningSessionStorageKey({
+        walletOrigin,
+        appOrigin: this.origin,
+        storageKey: config.signingSessionStorageKey ?? `${this.storageKey}${SIGNING_SESSION_STORAGE_KEY_SUFFIX}`
+      })
+    ) : void 0;
     this.provider = new NativeProvider({
-      walletUrl: config.walletUrl,
+      walletUrl,
       origin: this.origin,
-      addressTypes: config.addressTypes ?? [AddressType.THRU]
+      metadata: this.defaultMetadata ? this.resolveMetadata(this.defaultMetadata) : void 0,
+      addressTypes: config.addressTypes ?? [AddressType.THRU],
+      signingSessions,
+      walletExperience: this.walletExperience
     });
     this.setupEventForwarding();
   }
@@ -706,10 +1154,10 @@ var NativeSDK = class {
     this.emit("connect", { status: "connecting" });
     const inFlight = (async () => {
       try {
-        this.provider.requestShow();
+        await this.provider.requestShow();
         if (!this.initialized) await this.initialize();
         const metadata = this.resolveMetadata(options?.metadata);
-        const preferredAccountAddress = isAccountSwitch ? null : await this.readSelectedAccountAddress();
+        const preferredAccountAddress = isAccountSwitch ? null : options?.preferredAccountAddress ?? await this.readSelectedAccountAddress();
         const providerOptions = metadata || preferredAccountAddress || options?.intent ? {
           ...metadata ? { metadata } : {},
           ...preferredAccountAddress ? { preferredAccountAddress } : {},
@@ -762,11 +1210,52 @@ var NativeSDK = class {
       ...options.intent ? { intent: options.intent } : {}
     });
   }
+  async createAccount(options = {}) {
+    this.emit("connect", { status: "connecting" });
+    try {
+      await this.provider.requestShow();
+      if (!this.initialized) await this.initialize();
+      const metadata = this.resolveMetadata(options.metadata);
+      const result = await this.provider.createAccount({
+        ...options.accountName ? { accountName: options.accountName } : {},
+        ...metadata ? { metadata } : {}
+      });
+      const selectedAccount = result.selectedAccount ?? result.account;
+      const activeResult = {
+        ...result,
+        accounts: this.provider.getAccounts(),
+        selectedAccount,
+        account: selectedAccount
+      };
+      const completedResult = {
+        accounts: activeResult.accounts,
+        selectedAccount: activeResult.selectedAccount,
+        status: "completed",
+        metadata: completeAppMetadata(metadata)
+      };
+      this.lastConnectResult = completedResult;
+      await this.persistSelectedAccountAddress(
+        activeResult.selectedAccount.address
+      );
+      await this.clearPersistedConnection();
+      this.setWalletAvailability(
+        walletAvailabilityFromConnectResult(completedResult)
+      );
+      this.emit("connect", completedResult);
+      this.emit("accountChanged", activeResult.selectedAccount);
+      return activeResult;
+    } catch (error) {
+      this.provider.requestHide();
+      this.emit("error", error);
+      throw error;
+    }
+  }
   async disconnect() {
     try {
       await this.provider.disconnect();
       this.emit("disconnect", {});
       this.lastConnectResult = null;
+      await this.persistSelectedAccountAddress(null);
       await this.clearPersistedConnection();
       this.clearAuthorizedAvailability();
     } catch (error) {
@@ -911,9 +1400,9 @@ var NativeSDK = class {
   }
   async requestConnectionState(options) {
     if (!this.initialized) await this.initialize();
-    const metadata = options?.metadata ?? this.lastConnectResult?.metadata ?? void 0;
+    const metadata = options?.metadata ?? this.lastConnectResult?.metadata ?? this.defaultMetadata ?? void 0;
     const providerOptions = metadata ? { metadata: this.resolveMetadata(metadata) } : void 0;
-    const preferredAccountAddress = await this.readSelectedAccountAddress();
+    const preferredAccountAddress = options?.preferredAccountAddress ?? await this.readSelectedAccountAddress();
     const nextProviderOptions = providerOptions || preferredAccountAddress ? {
       ...providerOptions ?? {},
       ...preferredAccountAddress ? { preferredAccountAddress } : {}
@@ -966,15 +1455,16 @@ var NativeSDK = class {
     });
   }
   resolveMetadata(input) {
-    if (!input) {
+    const effectiveInput = input ?? this.defaultMetadata;
+    if (!effectiveInput) {
       return { appId: this.origin };
     }
     const metadata = {
-      appId: input.appId ?? this.origin
+      appId: effectiveInput.appId ?? this.origin
     };
-    if (input.appUrl) metadata.appUrl = input.appUrl;
-    if (input.appName) metadata.appName = input.appName;
-    if (input.imageUrl) metadata.imageUrl = input.imageUrl;
+    if (effectiveInput.appUrl) metadata.appUrl = effectiveInput.appUrl;
+    if (effectiveInput.appName) metadata.appName = effectiveInput.appName;
+    if (effectiveInput.imageUrl) metadata.imageUrl = effectiveInput.imageUrl;
     return metadata;
   }
   resolveSignInMetadata(options) {