@veridex/sdk 1.0.0-beta.1

package/dist/index.d.ts

@@ -0,0 +1,3101 @@
+import { c as WalletManagerConfig, P as PasskeyCredential, U as UnifiedIdentity, d as ChainAddress, B as BridgeParams, a as ChainConfig, e as VAA, f as VeridexPayload, g as PreparedTransfer, h as PreparedBridge, i as VeridexConfig, C as ChainClient, T as TransferParams, E as ExecuteParams, D as DispatchResult, j as BridgeResult, k as TransferResult, l as ReceiveAddress, m as VaultInfo, V as VaultCreationResult, I as IdentityState, A as AuthorizedKey, n as AddBackupKeyResult, o as RemoveKeyResult } from './types-ChIsqCiw.js';
+export { u as ActionPayload, r as BridgeAction, t as ConfigAction, p as ConfigParams, y as CrossChainFees, s as ExecuteAction, w as TestResult, x as TransactionHistoryEntry, q as TransferAction, v as VAASignature, W as WebAuthnSignature } from './types-ChIsqCiw.js';
+import { P as PasskeyManager } from './index-0NXfbk0z.js';
+export { E as EVMHubClientAdapter, H as HubClient, S as SessionManager } from './index-0NXfbk0z.js';
+import { ethers } from 'ethers';
+import { BridgeParams as BridgeParams$1, ChainConfig as ChainConfig$1 } from './types.js';
+export { AddGuardianResult, ApproveRecoveryResult, CancelRecoveryResult, ExecuteRecoveryResult, ExecutionPath, GuardianConfig, InitiateRecoveryResult, QueryProof, QuerySubmissionResult, RecoveryStatus, RegisterSessionParams, RemoveGuardianResult, RevokeSessionParams, SessionKey, SessionValidationResult, SetupGuardiansResult } from './types.js';
+import { a as SessionStorage, S as SessionKey } from './types-FJL7j6gQ.js';
+export { A as ActionParams, b as SessionConfig, i as SessionError, h as SessionErrorCode, e as SessionEvent, f as SessionEventCallback, d as SessionManagerConfig, c as SessionSignature, g as SessionSignedAction } from './types-FJL7j6gQ.js';
+export { ACTION_BRIDGE, ACTION_CONFIG, ACTION_EXECUTE, ACTION_TRANSFER, ACTION_TYPES, HUB_ABI, MAINNET_CHAINS, PROTOCOL_VERSION, TESTNET_CHAINS, VAULT_ABI, VAULT_FACTORY_ABI, WORMHOLE_API, WORMHOLE_CHAIN_IDS, WORMHOLE_CHAIN_IDS_FLAT } from './constants.js';
+export { base64URLDecode, base64URLEncode, computeKeyHash, encodeSignatureForSolidity, getAddressExplorerUrl, getChainByEvmId, getChainByWormholeId, getTxExplorerUrl, isEvmChain, isValidBytes32, isValidEvmAddress, isValidWormholeChainId, parseDERSignature, retryWithBackoff } from './utils.js';
+export { buildChallenge, buildGaslessChallenge, createGaslessMessageHash, createMessageHash, decodeActionPayload, decodeBridgeAction, decodeExecuteAction, decodeTransferAction, encodeAptosTransferAction, encodeBridgeAction, encodeConfigAction, encodeExecuteAction, encodeSolanaTransferAction, encodeSuiTransferAction, encodeTransferAction, encodeVeridexPayload, formatAmount, generateNonce, padTo32Bytes, parseAmount, solanaAddressToBytes32, trimTo20Bytes } from './payload.js';
+export { HubStateQuery, HubStateResult, PortfolioChainErrorCode, PortfolioChainResult, PortfolioQuery, PortfolioResult, QueryConfig, QueryHubStateError, QueryHubStateErrorCode, QueryHubStateNetwork, QueryHubStateOptions, QueryNetwork, QueryOperation, QueryOperationType, QueryPortfolioError, QueryPortfolioErrorCode, QueryPortfolioNetwork, QueryPortfolioOptions, QueryRequest, QueryResponse, WORMHOLE_QUERY_CHAIN_IDS, WORMHOLE_QUERY_PROXY_URLS, WORMHOLE_QUERY_RATE_LIMIT_PER_SECOND, queryHubState, queryPortfolio } from './queries/index.js';
+export { CONSISTENCY_LEVELS, FetchVAAOptions, GUARDIAN_CONFIG, WaitForSignaturesOptions, emitterToEvmAddress, encodeVAAForSolana, encodeVAAToBytes, evmAddressToBytes32, fetchVAA, fetchVAAByTxHash, fetchVAAByTxHashFallback, getSequenceFromTxReceipt, getWormholeCoreBridge, getWormholeRelayer, getWormholeTokenBridge, hasQuorum, normalizeEmitterAddress, parseVAA, parseVAABytes, parseVeridexPayload, supportsRelayer, validateEmitter, waitForGuardianSignatures } from './wormhole.js';
+import '@wormhole-foundation/wormhole-query-sdk';
+
+/**
+ * Veridex Protocol SDK - Wallet Manager
+ *
+ * Manages deterministic wallet addresses across multiple chains.
+ * Vault addresses are computed using CREATE2 on EVM chains and chain-specific
+ * derivation on non-EVM chains, all based on the user's passkey public key.
+ */
+
+/**
+ * Manages wallet address derivation and storage for Veridex Protocol
+ *
+ * @example
+ * ```typescript
+ * const manager = new WalletManager();
+ *
+ * // Compute vault address for a credential
+ * const address = await manager.computeVaultAddress(
+ *   credential.keyHash,
+ *   factoryAddress,
+ *   implementationAddress
+ * );
+ *
+ * // Get unified identity with addresses on all chains
+ * const identity = await manager.getUnifiedIdentity(credential, chainConfigs);
+ * ```
+ */
+declare class WalletManager {
+    private config;
+    private addressCache;
+    constructor(config?: WalletManagerConfig);
+    /**
+     * Compute the deterministic vault address for an EVM chain
+     *
+     * Uses CREATE2 with EIP-1167 minimal proxy pattern:
+     * - Salt = keccak256(factoryAddress, ownerKeyHash)
+     * - InitCode = EIP-1167 proxy bytecode with implementation address
+     *
+     * @param keyHash - The owner's key hash (keccak256 of public key coordinates)
+     * @param factoryAddress - The vault factory contract address
+     * @param implementationAddress - The vault implementation contract address
+     * @returns The deterministic vault address
+     */
+    computeVaultAddress(keyHash: string, factoryAddress: string, implementationAddress: string): string;
+    /**
+     * Compute vault address from public key coordinates
+     *
+     * @param publicKeyX - P-256 public key X coordinate
+     * @param publicKeyY - P-256 public key Y coordinate
+     * @param factoryAddress - The vault factory contract address
+     * @param implementationAddress - The vault implementation contract address
+     * @returns The deterministic vault address
+     */
+    computeVaultAddressFromPublicKey(publicKeyX: bigint, publicKeyY: bigint, factoryAddress: string, implementationAddress: string): string;
+    /**
+     * Build EIP-1167 minimal proxy initcode
+     */
+    private buildProxyInitCode;
+    /**
+     * Get unified identity with addresses across all configured chains
+     *
+     * @param credential - The passkey credential
+     * @param chainConfigs - Map of chain configurations with factory/implementation addresses
+     * @returns Unified identity with addresses on each chain
+     */
+    getUnifiedIdentity(credential: PasskeyCredential, chainConfigs: Map<number, ChainAddressConfig>): Promise<UnifiedIdentity>;
+    /**
+     * Derive address for a specific chain
+     */
+    private deriveAddressForChain;
+    /**
+     * Derive address for non-EVM chains
+     *
+     * Each chain has its own address format:
+     * - Solana: Base58 encoded public key hash
+     * - Aptos: 32-byte hex address
+     * - Sui: 32-byte hex address with 0x prefix
+     */
+    private deriveNonEvmAddress;
+    /**
+     * Get cached address for a chain
+     */
+    getAddressForChain(keyHash: string, wormholeChainId: number): ChainAddress | undefined;
+    /**
+     * Get all cached addresses for a key hash
+     */
+    getAddresses(keyHash: string): ChainAddress[];
+    /**
+     * Update deployment status for an address
+     */
+    updateDeploymentStatus(keyHash: string, wormholeChainId: number, deployed: boolean, deploymentTxHash?: string): void;
+    /**
+     * Load addresses from localStorage
+     */
+    private loadFromStorage;
+    /**
+     * Save identity to localStorage
+     */
+    private saveToStorage;
+    /**
+     * Save addresses to localStorage
+     */
+    private saveAddressesToStorage;
+    /**
+     * Clear all cached data
+     */
+    clearCache(): void;
+    /**
+     * Load identity from storage
+     */
+    loadIdentityFromStorage(keyHash: string): UnifiedIdentity | null;
+}
+interface ChainAddressConfig {
+    chainName: string;
+    isEvm: boolean;
+    factoryAddress?: string;
+    implementationAddress?: string;
+}
+
+/**
+ * Veridex Protocol SDK - Token Constants
+ *
+ * Known tokens per chain for balance fetching and transfers
+ */
+interface TokenInfo$1 {
+    /** Token symbol (e.g., 'USDC', 'ETH') */
+    symbol: string;
+    /** Token name (e.g., 'USD Coin') */
+    name: string;
+    /** Token address (use 'native' for native token) */
+    address: string;
+    /** Number of decimals */
+    decimals: number;
+    /** Optional logo URL */
+    logoUrl?: string;
+    /** Whether this is the native token */
+    isNative: boolean;
+    /** Wormhole-wrapped token address on other chains (by wormhole chain ID) */
+    wrappedAddresses?: Record<number, string>;
+}
+interface ChainTokenList {
+    /** Wormhole chain ID */
+    wormholeChainId: number;
+    /** Chain name */
+    chainName: string;
+    /** Native token info */
+    nativeToken: TokenInfo$1;
+    /** ERC20/SPL/etc tokens */
+    tokens: TokenInfo$1[];
+}
+/**
+ * Native token address constant
+ */
+declare const NATIVE_TOKEN_ADDRESS = "native";
+/**
+ * Zero address for EVM chains
+ */
+declare const EVM_ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
+declare const BASE_SEPOLIA_TOKENS: ChainTokenList;
+declare const OPTIMISM_SEPOLIA_TOKENS: ChainTokenList;
+declare const ARBITRUM_SEPOLIA_TOKENS: ChainTokenList;
+/**
+ * All token lists indexed by Wormhole chain ID
+ */
+declare const TOKEN_REGISTRY: Record<number, ChainTokenList>;
+/**
+ * Get token list for a chain
+ */
+declare function getTokenList(wormholeChainId: number): ChainTokenList | null;
+/**
+ * Get all tokens for a chain (native + ERC20)
+ */
+declare function getAllTokens(wormholeChainId: number): TokenInfo$1[];
+/**
+ * Get token info by symbol
+ */
+declare function getTokenBySymbol(wormholeChainId: number, symbol: string): TokenInfo$1 | null;
+/**
+ * Get token info by address
+ */
+declare function getTokenByAddress(wormholeChainId: number, address: string): TokenInfo$1 | null;
+/**
+ * Check if an address is the native token
+ */
+declare function isNativeToken(address: string): boolean;
+/**
+ * Get supported chain IDs
+ */
+declare function getSupportedChainIds(): number[];
+/**
+ * Get chain name by Wormhole chain ID
+ */
+declare function getChainName(wormholeChainId: number): string | null;
+
+/**
+ * Veridex Protocol SDK - Balance Manager
+ *
+ * Manages balance fetching for native tokens and ERC20s across chains
+ */
+
+interface TokenBalance {
+    /** Token information */
+    token: TokenInfo$1;
+    /** Raw balance in smallest units */
+    balance: bigint;
+    /** Formatted balance with decimals */
+    formatted: string;
+    /** USD value (if price available) */
+    usdValue?: number;
+}
+interface PortfolioBalance {
+    /** Wormhole chain ID */
+    wormholeChainId: number;
+    /** Chain name */
+    chainName: string;
+    /** Address being queried */
+    address: string;
+    /** Individual token balances */
+    tokens: TokenBalance[];
+    /** Total USD value (if prices available) */
+    totalUsdValue?: number;
+    /** Timestamp of last update */
+    lastUpdated: number;
+}
+interface BalanceManagerConfig {
+    /** Whether to cache balances */
+    cacheBalances?: boolean;
+    /** Cache TTL in milliseconds */
+    cacheTtl?: number;
+    /** Custom RPC URLs by chain ID */
+    customRpcUrls?: Record<number, string>;
+}
+declare class BalanceManager {
+    private config;
+    private providers;
+    private cache;
+    constructor(config?: BalanceManagerConfig);
+    /**
+     * Get balance for a specific token on a chain
+     *
+     * @param wormholeChainId - The Wormhole chain ID
+     * @param address - The address to check balance for
+     * @param tokenAddress - Token address or 'native' for native token
+     * @returns TokenBalance with raw and formatted amounts
+     */
+    getBalance(wormholeChainId: number, address: string, tokenAddress: string): Promise<TokenBalance>;
+    /**
+     * Get all token balances for an address on a chain
+     *
+     * @param wormholeChainId - The Wormhole chain ID
+     * @param address - The address to check balances for
+     * @param includeZeroBalances - Whether to include tokens with 0 balance
+     * @returns PortfolioBalance with all token balances
+     */
+    getPortfolioBalance(wormholeChainId: number, address: string, includeZeroBalances?: boolean): Promise<PortfolioBalance>;
+    /**
+     * Get native token balance
+     *
+     * @param wormholeChainId - The Wormhole chain ID
+     * @param address - The address to check
+     * @returns TokenBalance for native token
+     */
+    getNativeBalance(wormholeChainId: number, address: string): Promise<TokenBalance>;
+    /**
+     * Get balances across multiple chains for an address
+     *
+     * @param address - The address to check
+     * @param chainIds - Array of Wormhole chain IDs to check
+     * @returns Array of PortfolioBalance for each chain
+     */
+    getMultiChainBalances(address: string, chainIds: number[]): Promise<PortfolioBalance[]>;
+    /**
+     * Clear the balance cache
+     */
+    clearCache(): void;
+    /**
+     * Invalidate cache for a specific address
+     */
+    invalidateCache(wormholeChainId: number, address: string): void;
+    /**
+     * Add or update RPC URL for a chain
+     */
+    setRpcUrl(wormholeChainId: number, rpcUrl: string): void;
+    /**
+     * Get or create a provider for a chain
+     */
+    private getProvider;
+    /**
+     * Fetch balance for a token
+     */
+    private fetchBalance;
+    /**
+     * Fetch token info from contract
+     */
+    private fetchTokenInfo;
+}
+
+/**
+ * Veridex Protocol SDK - Transaction Tracker
+ *
+ * Tracks transaction status from pending to confirmed
+ */
+type TransactionStatus = 'pending' | 'submitted' | 'confirming' | 'confirmed' | 'failed' | 'dropped';
+interface TransactionState {
+    /** Transaction hash */
+    hash: string;
+    /** Current status */
+    status: TransactionStatus;
+    /** Wormhole chain ID where transaction was sent */
+    wormholeChainId: number;
+    /** Block number when confirmed */
+    blockNumber?: number;
+    /** Number of confirmations */
+    confirmations: number;
+    /** Required confirmations for finality */
+    requiredConfirmations: number;
+    /** Gas used (after confirmation) */
+    gasUsed?: bigint;
+    /** Effective gas price */
+    effectiveGasPrice?: bigint;
+    /** Error message if failed */
+    error?: string;
+    /** Timestamp when transaction was submitted */
+    submittedAt: number;
+    /** Timestamp when transaction was confirmed */
+    confirmedAt?: number;
+    /** VAA sequence number (for cross-chain txs) */
+    vaaSequence?: bigint;
+}
+interface TrackerConfig {
+    /** Polling interval in ms (default: 2000) */
+    pollingInterval?: number;
+    /** Required confirmations for finality (default: 1) */
+    requiredConfirmations?: number;
+    /** Timeout in ms before marking as dropped (default: 300000 - 5 min) */
+    timeout?: number;
+    /** Custom RPC URLs by chain ID */
+    customRpcUrls?: Record<number, string>;
+}
+type TransactionCallback = (state: TransactionState) => void;
+declare class TransactionTracker {
+    private config;
+    private providers;
+    private trackedTransactions;
+    private callbacks;
+    private pollingIntervals;
+    constructor(config?: TrackerConfig);
+    /**
+     * Track a transaction and receive status updates
+     *
+     * @param hash - Transaction hash
+     * @param wormholeChainId - Chain where transaction was sent
+     * @param callback - Optional callback for status updates
+     * @param vaaSequence - Optional VAA sequence for cross-chain transactions
+     * @returns Initial transaction state
+     */
+    track(hash: string, wormholeChainId: number, callback?: TransactionCallback, vaaSequence?: bigint): TransactionState;
+    /**
+     * Add a callback for transaction updates
+     */
+    addCallback(hash: string, callback: TransactionCallback): void;
+    /**
+     * Remove a callback
+     */
+    removeCallback(hash: string, callback: TransactionCallback): void;
+    /**
+     * Get current state of a tracked transaction
+     */
+    getState(hash: string): TransactionState | null;
+    /**
+     * Wait for a transaction to reach confirmed status
+     *
+     * @param hash - Transaction hash
+     * @param wormholeChainId - Chain where transaction was sent
+     * @returns Promise that resolves when confirmed or rejects on failure
+     */
+    waitForConfirmation(hash: string, wormholeChainId: number): Promise<TransactionState>;
+    /**
+     * Stop tracking a transaction
+     */
+    stopTracking(hash: string): void;
+    /**
+     * Stop tracking all transactions
+     */
+    stopAll(): void;
+    /**
+     * Get all tracked transactions
+     */
+    getAllTracked(): TransactionState[];
+    /**
+     * Get pending transactions
+     */
+    getPending(): TransactionState[];
+    /**
+     * Get or create provider for a chain
+     */
+    private getProvider;
+    /**
+     * Start polling for transaction status
+     */
+    private startPolling;
+    /**
+     * Check transaction status
+     */
+    private checkTransaction;
+    /**
+     * Update transaction state and notify callbacks
+     */
+    private updateState;
+}
+/**
+ * Create a formatted transaction explorer URL
+ */
+declare function getExplorerUrl(wormholeChainId: number, hash: string): string | null;
+/**
+ * Format transaction state for display
+ */
+declare function formatTransactionState(state: TransactionState): string;
+
+/**
+ * Veridex Protocol SDK - Cross-Chain Manager
+ *
+ * Orchestrates cross-chain transfers including:
+ * - VAA fetching and parsing
+ * - Fee estimation (message + relayer fees)
+ * - Transaction status tracking across chains
+ * - Lifecycle callbacks for UI updates
+ */
+
+/**
+ * Cross-chain transfer lifecycle states
+ */
+type CrossChainStatus = 'preparing' | 'signing' | 'dispatching' | 'waiting_confirmations' | 'waiting_guardians' | 'vaa_ready' | 'relaying' | 'executing' | 'completed' | 'failed';
+/**
+ * Progress callback for cross-chain operations
+ */
+interface CrossChainProgress {
+    status: CrossChainStatus;
+    step: number;
+    totalSteps: number;
+    message: string;
+    details?: {
+        txHash?: string;
+        sequence?: bigint;
+        guardianSignatures?: number;
+        requiredSignatures?: number;
+        vaaReady?: boolean;
+        destinationTxHash?: string;
+    };
+}
+/**
+ * Cross-chain transfer result
+ */
+interface CrossChainResult {
+    /** Source chain transaction hash */
+    sourceTxHash: string;
+    /** Wormhole message sequence number */
+    sequence: bigint;
+    /** Emitter address (Hub contract) */
+    emitterAddress: string;
+    /** Source chain Wormhole ID */
+    sourceChain: number;
+    /** Destination chain Wormhole ID */
+    destinationChain: number;
+    /** VAA base64 (once ready) */
+    vaa?: string;
+    /** Parsed VAA */
+    parsedVaa?: VAA;
+    /** Destination chain transaction hash */
+    destinationTxHash?: string;
+    /** Total time taken in ms */
+    duration: number;
+    /** Final status */
+    status: CrossChainStatus;
+    /** Error message if failed */
+    error?: string;
+}
+/**
+ * Fee breakdown for cross-chain transfers
+ */
+interface CrossChainFees {
+    /** Gas cost on source chain */
+    sourceGas: bigint;
+    /** Wormhole message fee */
+    messageFee: bigint;
+    /** Relayer fee (if using automatic relay) */
+    relayerFee: bigint;
+    /** Total estimated cost in source chain native token */
+    totalCost: bigint;
+    /** Formatted total cost */
+    formattedTotal: string;
+    /** Currency symbol */
+    currency: string;
+}
+/**
+ * Configuration for CrossChainManager
+ */
+interface CrossChainConfig {
+    /** Use testnet APIs (default: true) */
+    testnet?: boolean;
+    /** Relayer service URL (optional) */
+    relayerUrl?: string;
+    /** Max time to wait for VAA (ms) */
+    vaaTimeoutMs?: number;
+    /** Interval to poll for VAA (ms) */
+    vaaPollingIntervalMs?: number;
+    /** Required block confirmations before fetching VAA */
+    confirmationsRequired?: number;
+    /** Auto-relay VAA to destination (requires relayer) */
+    autoRelay?: boolean;
+}
+/**
+ * Callback type for progress updates
+ */
+type CrossChainProgressCallback = (progress: CrossChainProgress) => void;
+/**
+ * Manages cross-chain transfer lifecycle
+ */
+declare class CrossChainManager {
+    private config;
+    private pendingTransfers;
+    constructor(config?: CrossChainConfig);
+    /**
+     * Update configuration
+     */
+    setConfig(config: Partial<CrossChainConfig>): void;
+    /**
+     * Get current configuration
+     */
+    getConfig(): CrossChainConfig;
+    /**
+     * Estimate fees for a cross-chain transfer
+     */
+    estimateFees(params: BridgeParams, sourceChainConfig: ChainConfig, provider: ethers.Provider): Promise<CrossChainFees>;
+    /**
+     * Fetch relayer fee from relayer service
+     */
+    private fetchRelayerFee;
+    /**
+     * Fetch VAA by sequence number
+     */
+    fetchVAA(emitterChain: number, emitterAddress: string, sequence: bigint, onProgress?: CrossChainProgressCallback): Promise<string>;
+    /**
+     * Fetch VAA by transaction hash (more reliable)
+     */
+    fetchVAAByTxHash(txHash: string, onProgress?: CrossChainProgressCallback): Promise<string>;
+    /**
+     * Wait for guardians to sign a message with progress tracking
+     */
+    waitForGuardians(emitterChain: number, emitterAddress: string, sequence: bigint, onProgress?: CrossChainProgressCallback): Promise<VAA>;
+    /**
+     * Parse a VAA and extract Veridex payload
+     */
+    parseVAA(vaaBase64: string): {
+        vaa: VAA;
+        payload: VeridexPayload;
+    };
+    /**
+     * Encode VAA for on-chain submission
+     */
+    encodeVAAForSubmission(vaaBase64: string): string;
+    /**
+     * Track a cross-chain transfer
+     */
+    trackTransfer(sourceTxHash: string, sourceChain: number, destinationChain: number, sequence: bigint, emitterAddress: string): CrossChainResult;
+    /**
+     * Get pending transfer by source tx hash
+     */
+    getPendingTransfer(sourceTxHash: string): CrossChainResult | undefined;
+    /**
+     * Get all pending transfers
+     */
+    getAllPendingTransfers(): CrossChainResult[];
+    /**
+     * Update transfer status
+     */
+    updateTransfer(sourceTxHash: string, updates: Partial<CrossChainResult>): CrossChainResult | undefined;
+    /**
+     * Complete transfer with VAA
+     */
+    completeTransfer(sourceTxHash: string, vaa: string, destinationTxHash?: string): CrossChainResult | undefined;
+    /**
+     * Mark transfer as failed
+     */
+    failTransfer(sourceTxHash: string, error: string): CrossChainResult | undefined;
+    /**
+     * Clear completed/failed transfers
+     */
+    clearFinishedTransfers(): void;
+    /**
+     * Extract sequence from transaction receipt
+     */
+    getSequenceFromTx(provider: ethers.Provider, txHash: string, wormholeCoreBridge: string): Promise<bigint>;
+    /**
+     * Normalize address to emitter format
+     */
+    normalizeAddress(address: string): string;
+    /**
+     * Get explorer URL for a cross-chain transfer
+     */
+    getExplorerUrl(txHash: string, _chain: 'source' | 'destination', explorerBaseUrl: string): string;
+    /**
+     * Get Wormholescan URL for VAA
+     */
+    getWormholeExplorerUrl(emitterChain: number, emitterAddress: string, sequence: bigint): string;
+    /**
+     * Format wei to human-readable string
+     */
+    private formatWei;
+}
+declare const crossChainManager: CrossChainManager;
+
+/**
+ * Veridex Protocol SDK - Transaction Summary Types
+ *
+ * Human-readable transaction summary types for security and UX (Issue #26)
+ *
+ * These types enable users to understand what they're signing before
+ * providing biometric authentication, preventing phishing and social engineering.
+ */
+/**
+ * Human-readable action type
+ */
+type ActionDisplayType = 'transfer' | 'bridge' | 'config' | 'execute' | 'unknown';
+/**
+ * Token display information
+ */
+interface TokenDisplay {
+    /** Token symbol (e.g., "ETH", "USDC") */
+    symbol: string;
+    /** Human-readable amount (e.g., "1.5") */
+    amount: string;
+    /** Raw amount in smallest unit */
+    rawAmount: bigint;
+    /** Token contract address */
+    address: string;
+    /** Number of decimals */
+    decimals: number;
+    /** Estimated USD value (if available) */
+    usdValue?: string;
+    /** Whether this is the native token */
+    isNative: boolean;
+}
+/**
+ * Recipient display information
+ */
+interface RecipientDisplay {
+    /** Raw address (hex) */
+    address: string;
+    /** ENS name (if resolved) */
+    ens?: string;
+    /** Truncated address for display (e.g., "0x1234...5678") */
+    truncated: string;
+    /** Whether this is a contract address */
+    isContract?: boolean;
+    /** Whether this is a new recipient (never sent to before) */
+    isNewRecipient?: boolean;
+    /** Label if known (e.g., "My Wallet", "Exchange") */
+    label?: string;
+}
+/**
+ * Chain display information
+ */
+interface ChainDisplay {
+    /** Wormhole chain ID */
+    id: number;
+    /** Human-readable chain name */
+    name: string;
+    /** Chain icon URL (optional) */
+    iconUrl?: string;
+    /** Whether this is a testnet */
+    isTestnet: boolean;
+}
+/**
+ * Risk level for warnings
+ */
+type RiskLevel = 'info' | 'warning' | 'high' | 'critical';
+/**
+ * Risk warning with message and metadata
+ */
+interface RiskWarning {
+    /** Severity level */
+    level: RiskLevel;
+    /** Human-readable warning message */
+    message: string;
+    /** Warning type for programmatic handling */
+    type: RiskWarningType;
+    /** Additional context/details */
+    details?: string;
+}
+/**
+ * Types of risk warnings
+ */
+type RiskWarningType = 'large_transaction' | 'new_recipient' | 'contract_interaction' | 'full_balance' | 'high_gas' | 'unknown_token' | 'cross_chain' | 'config_change' | 'all_tokens' | 'irreversible';
+/**
+ * Transfer-specific details
+ */
+interface TransferDetails {
+    token: TokenDisplay;
+    recipient: RecipientDisplay;
+    chain: ChainDisplay;
+}
+/**
+ * Bridge-specific details
+ */
+interface BridgeDetails {
+    token: TokenDisplay;
+    sourceChain: ChainDisplay;
+    destinationChain: ChainDisplay;
+    recipient: RecipientDisplay;
+    /** Estimated bridge fee */
+    bridgeFee?: string;
+    /** Estimated arrival time */
+    estimatedTime?: string;
+}
+/**
+ * Execute (contract call) details
+ */
+interface ExecuteDetails {
+    target: RecipientDisplay;
+    value: TokenDisplay;
+    chain: ChainDisplay;
+    /** Function signature if decodable */
+    functionName?: string;
+    /** Decoded function arguments if available */
+    decodedArgs?: Record<string, unknown>;
+    /** Raw calldata (hex) */
+    calldata: string;
+}
+/**
+ * Config change details
+ */
+interface ConfigDetails {
+    configType: number;
+    configTypeName: string;
+    description: string;
+    changes: Array<{
+        field: string;
+        oldValue?: string;
+        newValue: string;
+    }>;
+}
+/**
+ * Union type for all action-specific details
+ */
+type ActionDetails = TransferDetails | BridgeDetails | ExecuteDetails | ConfigDetails;
+/**
+ * Complete transaction summary for display
+ */
+interface TransactionSummary {
+    /** Action type for display */
+    action: ActionDisplayType;
+    /** Human-readable title (e.g., "Send ETH", "Bridge USDC") */
+    title: string;
+    /** Human-readable description */
+    description: string;
+    /** Action-specific details */
+    details: TransferDetails | BridgeDetails | ExecuteDetails | ConfigDetails | null;
+    /** Source vault information */
+    vault: {
+        address: string;
+        truncated: string;
+        chain: ChainDisplay;
+    };
+    /** Fee information */
+    fee: {
+        /** Estimated gas fee */
+        gas: string;
+        /** Gas in USD (if available) */
+        gasUsd?: string;
+        /** Whether fee is paid by relayer */
+        paidByRelayer: boolean;
+        /** Relayer fee (if applicable) */
+        relayerFee?: string;
+        /** Total fee */
+        total: string;
+    };
+    /** Risk warnings */
+    warnings: RiskWarning[];
+    /** Raw technical details for advanced users */
+    raw: {
+        actionType: number;
+        actionPayload: string;
+        nonce: bigint;
+        challenge: string;
+        chainId: number;
+        /** Expiration timestamp */
+        expiresAt: number;
+        /** Time until expiration in human readable form */
+        expiresIn: string;
+    };
+    /** Timestamp when summary was generated */
+    generatedAt: number;
+}
+/**
+ * Configuration for the transaction parser
+ */
+interface TransactionParserConfig {
+    /** Default chain ID for vault operations */
+    defaultChainId?: number;
+    /** Known token registry (address -> info) */
+    knownTokens?: Map<string, TokenInfo>;
+    /** Known recipient labels (address -> label) */
+    knownRecipients?: Map<string, string>;
+    /** ENS resolver function */
+    ensResolver?: (address: string) => Promise<string | null>;
+    /** Contract detector function */
+    contractDetector?: (address: string) => Promise<boolean>;
+    /** Price oracle for USD values */
+    priceOracle?: (tokenAddress: string) => Promise<number | null>;
+    /** User's transaction history for new recipient detection */
+    transactionHistory?: Set<string>;
+    /** User's average transaction value for large tx detection */
+    averageTransactionValue?: bigint;
+}
+/**
+ * Token info for registry
+ */
+interface TokenInfo {
+    symbol: string;
+    name: string;
+    decimals: number;
+    logoUrl?: string;
+    verified: boolean;
+}
+/**
+ * Get chain display info from Wormhole chain ID
+ */
+declare const CHAIN_DISPLAY_INFO: Record<number, Omit<ChainDisplay, 'id'>>;
+/**
+ * Get chain display info with fallback
+ */
+declare function getChainDisplay(chainId: number): ChainDisplay;
+/**
+ * Get config type name with fallback
+ */
+declare function getConfigTypeName(configType: number): string;
+
+/**
+ * Veridex Protocol SDK - Transaction Parser
+ *
+ * Parses transaction payloads into human-readable summaries (Issue #26)
+ *
+ * Security-critical: This module MUST accurately represent what users are signing.
+ * Any mismatch between displayed information and actual transaction is a security vulnerability.
+ */
+
+/**
+ * Parses prepared transactions into human-readable summaries
+ */
+declare class TransactionParser {
+    private config;
+    private tokenRegistry;
+    constructor(config?: TransactionParserConfig);
+    /**
+     * Main entry point: parse a prepared transfer into a human-readable summary
+     *
+     * This method determines the action type from the payload and delegates
+     * to the appropriate specialized parser.
+     *
+     * @param prepared - PreparedTransfer or PreparedBridge object from SDK
+     * @param vaultAddress - Optional vault address (uses default if not provided)
+     * @param vaultChainId - Optional vault chain ID (uses config default if not provided)
+     */
+    parse(prepared: PreparedTransfer | PreparedBridge, vaultAddress?: string, vaultChainId?: number): Promise<TransactionSummary>;
+    /**
+     * Detect action type from payload
+     */
+    private detectActionType;
+    /**
+     * Parse bridge action from PreparedTransfer
+     */
+    private parseBridgeFromPrepared;
+    /**
+     * Parse execute action from payload
+     */
+    private parseExecuteFromPayload;
+    /**
+     * Parse config action from payload
+     */
+    private parseConfigFromPayload;
+    /**
+     * Create a fallback summary for unknown action types
+     */
+    private createUnknownActionSummary;
+    /**
+     * Parse a prepared transfer into a human-readable summary
+     */
+    parseTransfer(prepared: PreparedTransfer, vaultAddress: string, vaultChainId: number): Promise<TransactionSummary>;
+    /**
+     * Parse a bridge operation into a human-readable summary
+     */
+    parseBridge(params: BridgeParams$1, actionPayload: string, nonce: bigint, challenge: Uint8Array, vaultAddress: string, vaultChainId: number, expiresAt: number, formattedCost: string): Promise<TransactionSummary>;
+    /**
+     * Parse an execute (contract call) operation into a human-readable summary
+     */
+    parseExecute(target: string, value: bigint, calldata: string, chainId: number, nonce: bigint, challenge: Uint8Array, vaultAddress: string, expiresAt: number, formattedCost: string): Promise<TransactionSummary>;
+    /**
+     * Parse a config change operation
+     */
+    parseConfig(configType: number, configData: string, chainId: number, nonce: bigint, challenge: Uint8Array, vaultAddress: string, expiresAt: number, formattedCost: string): Promise<TransactionSummary>;
+    /**
+     * Resolve token address to display info
+     */
+    private resolveToken;
+    /**
+     * Resolve recipient address to display info
+     */
+    private resolveRecipient;
+    /**
+     * Assess risks for a transfer transaction
+     */
+    private assessTransferRisks;
+    /**
+     * Assess risks for a bridge transaction
+     */
+    private assessBridgeRisks;
+    /**
+     * Assess risks for an execute transaction
+     */
+    private assessExecuteRisks;
+    /**
+     * Estimate bridge completion time
+     */
+    private estimateBridgeTime;
+    /**
+     * Try to decode a function call from calldata
+     */
+    private decodeFunctionCall;
+    /**
+     * Describe a config change in human-readable terms
+     */
+    private describeConfigChange;
+    /**
+     * Parse config changes into structured format
+     */
+    private parseConfigChanges;
+    /**
+     * Update parser configuration
+     */
+    updateConfig(config: Partial<TransactionParserConfig>): void;
+    /**
+     * Add a known token to the registry
+     */
+    addKnownToken(address: string, info: TokenInfo): void;
+    /**
+     * Add a known recipient label
+     */
+    addKnownRecipient(address: string, label: string): void;
+}
+/**
+ * Audit log entry for transaction summaries
+ * Used for security audits and debugging
+ */
+interface TransactionAuditEntry {
+    /** Unique identifier matching the TransactionSummary.id */
+    summaryId: string;
+    /** ISO timestamp when summary was generated */
+    timestamp: string;
+    /** Action type that was parsed */
+    actionType: string;
+    /** Human-readable title shown to user */
+    titleDisplayed: string;
+    /** Human-readable description shown to user */
+    descriptionDisplayed: string;
+    /** Number of risk warnings shown */
+    riskWarningCount: number;
+    /** Highest risk level in warnings */
+    highestRiskLevel: string | null;
+    /** Whether technical details were available */
+    hasTechnicalDetails: boolean;
+    /** Hash of the raw payload for verification */
+    payloadHash: string;
+    /** Expiration time shown */
+    expiresAt: number;
+    /** Chain ID of the transaction */
+    targetChain: number;
+    /** Gas cost formatted as shown to user */
+    gasCostDisplayed: string;
+}
+/**
+ * Create an audit log entry from a transaction summary
+ *
+ * @param summary - The transaction summary that was displayed
+ * @returns Audit entry for logging
+ */
+declare function createAuditEntry(summary: TransactionSummary): TransactionAuditEntry;
+/**
+ * Log a transaction summary for audit purposes
+ *
+ * @param summary - The transaction summary to log
+ * @param logger - Optional custom logger (defaults to console.info)
+ */
+declare function logTransactionSummary(summary: TransactionSummary, logger?: (entry: TransactionAuditEntry) => void): TransactionAuditEntry;
+/**
+ * Create a transaction parser with optional configuration
+ */
+declare function createTransactionParser(config?: TransactionParserConfig): TransactionParser;
+
+/**
+ * Veridex Protocol SDK - Spending Limits Type Definitions (Issue #27)
+ *
+ * Types for configuring, viewing, and enforcing spending limits on vaults.
+ * Spending limits provide an additional security layer against:
+ * - Compromised passkeys draining entire vault
+ * - Accidental large transactions
+ * - Malicious session key abuse
+ *
+ * Security Model:
+ * - Limits are enforced on-chain by the vault contract
+ * - Limit changes require passkey signature (Hub authentication)
+ * - Circuit breaker auto-pauses vault on limit violation
+ * - Daily limits reset 24 hours from first spend
+ */
+/**
+ * Current spending limits and usage for a vault
+ */
+interface SpendingLimits {
+    /** Daily spending limit (0 = unlimited) */
+    dailyLimit: bigint;
+    /** Amount spent in current 24-hour period */
+    dailySpent: bigint;
+    /** Remaining daily allowance */
+    dailyRemaining: bigint;
+    /** When the daily counter resets (UTC timestamp) */
+    dayResetTime: Date;
+    /** Time remaining until daily reset (milliseconds) */
+    timeUntilReset: number;
+    /** Per-transaction limit (0 = unlimited) */
+    transactionLimit: bigint;
+    /** Whether the vault is currently paused */
+    isPaused: boolean;
+    /** Last updated timestamp */
+    lastUpdated: Date;
+    /** Chain where these limits are enforced */
+    chainId: number;
+}
+/**
+ * Formatted spending limits for UI display
+ */
+interface FormattedSpendingLimits {
+    /** Daily limit as human-readable string (e.g., "1,000 USDC") */
+    dailyLimit: string;
+    /** Daily limit as raw number for calculations */
+    dailyLimitValue: number;
+    /** Amount spent today as human-readable string */
+    dailySpent: string;
+    /** Amount spent as raw number */
+    dailySpentValue: number;
+    /** Remaining daily allowance as human-readable string */
+    dailyRemaining: string;
+    /** Remaining as raw number */
+    dailyRemainingValue: number;
+    /** Percentage of daily limit used (0-100) */
+    dailyUsedPercentage: number;
+    /** Time until reset as human-readable string (e.g., "6h 23m") */
+    timeUntilReset: string;
+    /** Transaction limit as human-readable string */
+    transactionLimit: string;
+    /** Transaction limit as raw number */
+    transactionLimitValue: number;
+    /** Whether the vault is paused */
+    isPaused: boolean;
+    /** Whether daily limit is set (false = unlimited) */
+    hasDailyLimit: boolean;
+    /** Whether transaction limit is set (false = unlimited) */
+    hasTransactionLimit: boolean;
+}
+/**
+ * Spending limit configuration during vault creation
+ */
+interface SpendingLimitConfig {
+    /** Daily spending limit (optional, 0 = unlimited) */
+    dailyLimit?: bigint;
+    /** Per-transaction limit (optional, 0 = unlimited) */
+    transactionLimit?: bigint;
+    /** Whether to require 2FA for transactions above threshold */
+    requireMultiSigAbove?: bigint;
+    /** Whitelisted recipients (unlimited transfers allowed) */
+    whitelistedRecipients?: string[];
+}
+/**
+ * Parameters for setting daily limit
+ */
+interface SetDailyLimitParams {
+    /** New daily limit in wei/lamports/base units */
+    limit: bigint;
+    /** Optional chain to configure (defaults to current chain) */
+    chainId?: number;
+}
+/**
+ * Parameters for setting transaction limit
+ */
+interface SetTransactionLimitParams {
+    /** New transaction limit in wei/lamports/base units */
+    limit: bigint;
+    /** Optional chain to configure (defaults to current chain) */
+    chainId?: number;
+}
+/**
+ * Result of checking if a transaction is within limits
+ */
+interface LimitCheckResult {
+    /** Whether the transaction is allowed */
+    allowed: boolean;
+    /** Reason code if not allowed */
+    reason?: LimitViolationType;
+    /** Human-readable message */
+    message: string;
+    /** Amount that would be allowed (if partially allowed) */
+    allowedAmount?: bigint;
+    /** Amount that exceeds limit */
+    excessAmount?: bigint;
+    /** Time to wait if daily limit reached */
+    waitTime?: number;
+    /** Suggested actions for the user */
+    suggestions?: LimitViolationSuggestion[];
+}
+/**
+ * Types of limit violations
+ */
+type LimitViolationType = 'daily_limit_exceeded' | 'transaction_limit_exceeded' | 'vault_paused' | 'insufficient_balance' | 'daily_limit_would_exceed';
+/**
+ * Suggestion for resolving a limit violation
+ */
+interface LimitViolationSuggestion {
+    /** Action type */
+    action: 'send_partial' | 'increase_limit' | 'wait_for_reset' | 'unpause_vault';
+    /** Human-readable label */
+    label: string;
+    /** Additional data for the action */
+    data?: {
+        amount?: bigint;
+        waitTimeMs?: number;
+        newLimit?: bigint;
+    };
+}
+/**
+ * A spending transaction in the history
+ */
+interface SpendingTransaction {
+    /** Transaction hash */
+    hash: string;
+    /** Amount spent (in wei/lamports) */
+    amount: bigint;
+    /** Human-readable amount */
+    formattedAmount: string;
+    /** Token symbol */
+    tokenSymbol: string;
+    /** Recipient address */
+    recipient: string;
+    /** Recipient display name (ENS, label, or truncated) */
+    recipientDisplay: string;
+    /** When the transaction occurred */
+    timestamp: Date;
+    /** Relative time (e.g., "2h ago") */
+    relativeTime: string;
+    /** Transaction type */
+    type: 'transfer' | 'bridge' | 'execute';
+    /** Whether this counted against daily limit */
+    countedAgainstLimit: boolean;
+}
+/**
+ * Daily spending summary
+ */
+interface DailySpendingSummary {
+    /** Date for this summary */
+    date: Date;
+    /** Total amount spent */
+    totalSpent: bigint;
+    /** Formatted total */
+    formattedTotal: string;
+    /** Number of transactions */
+    transactionCount: number;
+    /** Individual transactions */
+    transactions: SpendingTransaction[];
+}
+/**
+ * Config types matching VeridexVault.sol
+ */
+declare const CONFIG_TYPE: {
+    /** Update daily limit */
+    readonly DAILY_LIMIT: 1;
+    /** Pause/unpause vault */
+    readonly PAUSE: 2;
+    /** Update guardians */
+    readonly GUARDIANS: 3;
+    /** Register sender */
+    readonly REGISTER_SENDER: 4;
+    /** Allow source chain */
+    readonly ALLOW_CHAIN: 5;
+    /** Set query verifier */
+    readonly QUERY_VERIFIER: 6;
+};
+/**
+ * Event emitted when spending limits change
+ */
+interface SpendingLimitChangedEvent {
+    /** Event type */
+    type: 'daily_limit_changed' | 'transaction_limit_changed' | 'vault_paused' | 'vault_unpaused';
+    /** Previous value */
+    previousValue: bigint | boolean;
+    /** New value */
+    newValue: bigint | boolean;
+    /** Transaction hash */
+    txHash: string;
+    /** Block timestamp */
+    timestamp: Date;
+}
+/**
+ * Callback for spending limit events
+ */
+type SpendingLimitEventCallback = (event: SpendingLimitChangedEvent) => void;
+/**
+ * Predefined spending limit configurations
+ */
+interface LimitPreset {
+    /** Preset identifier */
+    id: string;
+    /** Display name */
+    name: string;
+    /** Description */
+    description: string;
+    /** Daily limit suggestion (in USD equivalent) */
+    dailyLimitUsd: number;
+    /** Transaction limit suggestion (in USD equivalent) */
+    transactionLimitUsd: number;
+    /** Icon for UI */
+    icon: string;
+    /** Recommended for user type */
+    recommendedFor: string;
+}
+/**
+ * Standard limit presets
+ */
+declare const LIMIT_PRESETS: LimitPreset[];
+/**
+ * Duration display for reset countdown
+ */
+interface DurationDisplay {
+    hours: number;
+    minutes: number;
+    seconds: number;
+    formatted: string;
+}
+/**
+ * Calculate duration display from milliseconds
+ */
+declare function formatDuration(ms: number): DurationDisplay;
+/**
+ * Calculate percentage safely (handles zero division)
+ */
+declare function calculatePercentage(spent: bigint, limit: bigint): number;
+/**
+ * Format large numbers with appropriate units
+ */
+declare function formatLargeAmount(amount: bigint, decimals?: number, symbol?: string): string;
+
+/**
+ * Veridex Protocol SDK - Spending Limits Manager (Issue #27)
+ *
+ * Manages vault spending limits including:
+ * - Reading current limits and usage from on-chain state
+ * - Preparing limit update transactions (requires passkey signature)
+ * - Checking transactions against limits before signing
+ * - Formatting limits for UI display
+ *
+ * Security Considerations:
+ * - All limit changes require Hub authentication (passkey signature)
+ * - Changes are propagated via VAA to spoke chains
+ * - Local checks are advisory; on-chain enforcement is authoritative
+ */
+
+interface SpendingLimitsManagerConfig {
+    /** Default token decimals for formatting */
+    defaultDecimals?: number;
+    /** Default token symbol for formatting */
+    defaultSymbol?: string;
+    /** Custom RPC URLs by chain ID */
+    rpcUrls?: Record<number, string>;
+    /** Cache TTL in milliseconds */
+    cacheTtl?: number;
+    /** Event callback for limit changes */
+    onLimitChange?: SpendingLimitEventCallback;
+}
+declare class SpendingLimitsManager {
+    private config;
+    private cache;
+    private eventListeners;
+    constructor(config?: SpendingLimitsManagerConfig);
+    /**
+     * Get current spending limits for a vault
+     * @param vaultAddress - Vault contract address
+     * @param chainId - Chain ID where the vault is deployed
+     * @param rpcUrl - Optional RPC URL override
+     */
+    getSpendingLimits(vaultAddress: string, chainId: number, rpcUrl?: string): Promise<SpendingLimits>;
+    /**
+     * Get spending limits formatted for UI display
+     */
+    getFormattedSpendingLimits(vaultAddress: string, chainId: number, options?: {
+        rpcUrl?: string;
+        decimals?: number;
+        symbol?: string;
+    }): Promise<FormattedSpendingLimits>;
+    /**
+     * Format raw limits for display
+     */
+    formatLimits(limits: SpendingLimits, decimals?: number, symbol?: string): FormattedSpendingLimits;
+    /**
+     * Check if a transaction amount is within limits
+     * @param vaultAddress - Vault to check
+     * @param chainId - Chain ID
+     * @param amount - Amount to transfer (in base units)
+     * @returns Result indicating if transfer is allowed
+     */
+    checkTransactionLimit(vaultAddress: string, chainId: number, amount: bigint, options?: {
+        rpcUrl?: string;
+    }): Promise<LimitCheckResult>;
+    /**
+     * Prepare a transaction to update the daily spending limit
+     * Returns the config action payload that needs to be signed via passkey
+     *
+     * @param newLimit - New daily limit in base units (0 = unlimited)
+     * @returns Config action payload for signing
+     */
+    prepareDailyLimitUpdate(newLimit: bigint): string;
+    /**
+     * Prepare a transaction to pause the vault
+     * @returns Config action payload for signing
+     */
+    preparePauseVault(): string;
+    /**
+     * Prepare a transaction to unpause the vault
+     * @returns Config action payload for signing
+     */
+    prepareUnpauseVault(): string;
+    /**
+     * Get the full spending limit configuration encoded as config payload
+     * Used during vault creation to set initial limits
+     */
+    encodeInitialLimits(config: SpendingLimitConfig): string;
+    /**
+     * Get recent spending transactions for a vault
+     * Note: This requires indexer integration for full history
+     * @param vaultAddress - Vault to query
+     * @param chainId - Chain ID
+     * @param limit - Maximum number of transactions to return
+     */
+    getRecentTransactions(vaultAddress: string, chainId: number, limit?: number): Promise<SpendingTransaction[]>;
+    /**
+     * Get daily spending summary
+     */
+    getDailySpendingSummary(vaultAddress: string, chainId: number, date?: Date): Promise<DailySpendingSummary>;
+    /**
+     * Subscribe to spending limit change events
+     */
+    onLimitChange(callback: SpendingLimitEventCallback): () => void;
+    /**
+     * Notify listeners of a limit change event
+     * Call this after a successful limit update transaction
+     */
+    notifyLimitChange(event: SpendingLimitChangedEvent): void;
+    /**
+     * Get a live countdown to daily limit reset
+     * Returns an object with current time remaining that updates
+     */
+    getResetCountdown(vaultAddress: string, chainId: number, options?: {
+        rpcUrl?: string;
+    }): Promise<{
+        getCurrentTimeRemaining: () => DurationDisplay;
+        timeUntilResetMs: number;
+        resetTime: Date;
+    }>;
+    /**
+     * Clear the cache for a specific vault or all vaults
+     */
+    clearCache(vaultAddress?: string, chainId?: number): void;
+    /**
+     * Invalidate cache after a limit change
+     */
+    invalidateCacheAfterChange(vaultAddress: string, chainId: number): void;
+    /**
+     * Get a provider for the specified chain
+     */
+    private getProvider;
+}
+/**
+ * Create a SpendingLimitsManager instance
+ */
+declare function createSpendingLimitsManager(config?: SpendingLimitsManagerConfig): SpendingLimitsManager;
+
+/**
+ * Gas Sponsor Module
+ *
+ * Handles sponsored (gasless) vault creation for Veridex users.
+ * Uses a Veridex-owned wallet to pay gas fees on behalf of users.
+ *
+ * This is a temporary solution until the full relayer is built.
+ * In the future, this will be handled by:
+ * - ERC-4337 Account Abstraction with Paymasters
+ * - Dedicated Relayer service
+ */
+interface ChainDeploymentConfig {
+    name: string;
+    chainId: number;
+    wormholeChainId: number;
+    rpcUrl: string;
+    vaultFactory?: string;
+    hubAddress?: string;
+    isHub?: boolean;
+}
+interface SponsoredVaultResult {
+    success: boolean;
+    chain: string;
+    wormholeChainId: number;
+    vaultAddress?: string;
+    transactionHash?: string;
+    error?: string;
+    alreadyExists?: boolean;
+}
+interface MultiChainVaultResult {
+    keyHash: string;
+    results: SponsoredVaultResult[];
+    allSuccessful: boolean;
+    vaultAddresses: Record<number, string>;
+}
+interface GasSponsorConfig {
+    /**
+     * Private key for the sponsor wallet (from env or secure storage)
+     * This is the fallback when relayer is not available
+     */
+    sponsorPrivateKey?: string;
+    /**
+     * Integrator-provided sponsor key (for platforms using Veridex SDK)
+     * Takes priority over Veridex default sponsorship
+     */
+    integratorSponsorKey?: string;
+    /**
+     * Relayer API endpoint for remote sponsorship (primary method)
+     * When available, this takes priority over local wallet sponsorship
+     */
+    relayerUrl?: string;
+    /** API key for relayer service authentication */
+    relayerApiKey?: string;
+    /** @deprecated Use relayerUrl instead */
+    sponsorApiUrl?: string;
+    /** @deprecated Use relayerApiKey instead */
+    sponsorApiKey?: string;
+    /** Whether to use testnet configurations */
+    testnet?: boolean;
+    /** Custom RPC URLs by wormhole chain ID */
+    customRpcUrls?: Record<number, string>;
+}
+/** Sponsorship source type */
+type SponsorshipSource = 'relayer' | 'integrator' | 'veridex' | 'none';
+/**
+ * Gas Sponsorship with layered fallback:
+ * 1. Relayer (primary) - Remote relayer service handles gas
+ * 2. Integrator wallet - Platform using SDK provides their own sponsor key
+ * 3. Veridex wallet (fallback) - Veridex's default sponsor wallet
+ */
+declare class GasSponsor {
+    private config;
+    private sponsorWallet?;
+    private integratorWallet?;
+    private chains;
+    constructor(config?: GasSponsorConfig);
+    /**
+     * Determine which sponsorship source is available
+     * Priority: Relayer > Integrator > Veridex > None
+     */
+    getSponsorshipSource(): SponsorshipSource;
+    /**
+     * Get the active sponsor wallet (integrator takes priority)
+     */
+    private getActiveWallet;
+    /**
+     * Get supported chains for vault deployment
+     */
+    getSupportedChains(): ChainDeploymentConfig[];
+    /**
+     * Get the hub chain configuration
+     */
+    getHubChain(): ChainDeploymentConfig | undefined;
+    /**
+     * Check if sponsor is configured (has relayer, integrator key, or Veridex key)
+     */
+    isConfigured(): boolean;
+    /**
+     * Get sponsor wallet balance on a specific chain
+     */
+    getSponsorBalance(wormholeChainId: number): Promise<bigint>;
+    /**
+     * Check if a vault exists for a given key hash on a chain
+     */
+    checkVaultExists(keyHash: string, wormholeChainId: number): Promise<{
+        exists: boolean;
+        address: string;
+    }>;
+    /**
+     * Get predicted vault address for a key hash on a chain
+     */
+    computeVaultAddress(keyHash: string, wormholeChainId: number): Promise<string | null>;
+    /**
+     * Create a vault on a specific chain (sponsored)
+     *
+     * Sponsorship priority:
+     * 1. Relayer API (future - not yet implemented)
+     * 2. Integrator wallet (if provided)
+     * 3. Veridex sponsor wallet (fallback)
+     */
+    createVaultOnChain(keyHash: string, wormholeChainId: number): Promise<SponsoredVaultResult>;
+    /**
+     * Create vault via relayer service (future primary method)
+     *
+     * The relayer handles:
+     * - Gas payment on behalf of users
+     * - Transaction submission and monitoring
+     * - Rate limiting and abuse prevention
+     */
+    private createVaultViaRelayer;
+    /**
+     * Create vault with a specific wallet (internal helper)
+     */
+    private createVaultWithWallet;
+    /**
+     * Create vaults on all supported chains (sponsored)
+     */
+    createVaultsOnAllChains(keyHash: string): Promise<MultiChainVaultResult>;
+    /**
+     * Check vault status on all chains
+     */
+    checkVaultsOnAllChains(keyHash: string): Promise<Record<number, {
+        exists: boolean;
+        address: string;
+    }>>;
+}
+/**
+ * Create a GasSponsor instance
+ *
+ * @example
+ * ```ts
+ * // With environment variable
+ * const sponsor = createGasSponsor({
+ *   sponsorPrivateKey: process.env.VERIDEX_SPONSOR_KEY,
+ *   testnet: true,
+ * });
+ *
+ * // Create vaults for a user
+ * const result = await sponsor.createVaultsOnAllChains(userKeyHash);
+ * ```
+ */
+declare function createGasSponsor(config?: GasSponsorConfig): GasSponsor;
+
+declare class VeridexSDK {
+    readonly passkey: PasskeyManager;
+    readonly wallet: WalletManager;
+    readonly balance: BalanceManager;
+    readonly transactions: TransactionTracker;
+    readonly crossChain: CrossChainManager;
+    readonly sponsor: GasSponsor;
+    readonly transactionParser: TransactionParser;
+    readonly spendingLimits: SpendingLimitsManager;
+    private readonly chain;
+    private readonly relayer?;
+    private readonly queryApiKey?;
+    private readonly testnet;
+    private readonly sponsorPrivateKey?;
+    private readonly chainRpcUrls?;
+    private readonly chainDetector;
+    private unifiedIdentity;
+    constructor(config: VeridexConfig);
+    getChainConfig(): ChainConfig;
+    getChainClient(): ChainClient;
+    getNonce(): Promise<bigint>;
+    getMessageFee(): Promise<bigint>;
+    buildTransferPayload(params: TransferParams): Promise<string>;
+    buildExecutePayload(params: ExecuteParams): Promise<string>;
+    buildBridgePayload(params: BridgeParams): Promise<string>;
+    transfer(params: TransferParams, signer: any): Promise<DispatchResult>;
+    execute(params: ExecuteParams, signer: any): Promise<DispatchResult>;
+    bridge(params: BridgeParams, signer: any): Promise<DispatchResult>;
+    /**
+     * Prepare a bridge/cross-chain transfer with fee estimation
+     *
+     * @param params - Bridge parameters
+     * @returns PreparedBridge with fee estimates
+     */
+    prepareBridge(params: BridgeParams): Promise<PreparedBridge>;
+    /**
+     * Execute a prepared bridge with full cross-chain tracking
+     *
+     * @param prepared - PreparedBridge from prepareBridge()
+     * @param signer - Signer to pay for gas
+     * @param onProgress - Optional callback for progress updates
+     * @returns BridgeResult with cross-chain tracking info
+     */
+    executeBridge(prepared: PreparedBridge, signer: any, onProgress?: CrossChainProgressCallback): Promise<BridgeResult>;
+    /**
+     * Execute a gasless bridge using the relayer
+     *
+     * The relayer pays for the Hub transaction (and Wormhole fee), then observes
+     * the resulting Dispatch event and relays the VAA to the destination spoke.
+     */
+    bridgeViaRelayer(params: BridgeParams, onProgress?: CrossChainProgressCallback): Promise<BridgeResult>;
+    /**
+     * Execute a full bridge with automatic preparation
+     *
+     * @param params - Bridge parameters
+     * @param signer - Signer to pay for gas
+     * @param onProgress - Optional callback for progress updates
+     * @returns BridgeResult with cross-chain tracking info
+     */
+    bridgeWithTracking(params: BridgeParams, signer: any, onProgress?: CrossChainProgressCallback): Promise<BridgeResult>;
+    /**
+     * Fetch VAA for a completed transaction
+     * Use this if VAA fetch failed during bridge execution
+     *
+     * @param txHash - Source chain transaction hash
+     * @returns VAA base64 string
+     */
+    fetchVAAForTransaction(txHash: string): Promise<string>;
+    /**
+     * Get cross-chain transfer fees
+     *
+     * @param params - Bridge parameters
+     * @returns CrossChainFees with breakdown
+     */
+    getBridgeFees(params: BridgeParams): Promise<CrossChainFees>;
+    /**
+     * Get all pending cross-chain transfers
+     */
+    getPendingBridges(): CrossChainResult[];
+    /**
+     * Get Wormholescan explorer URL for a cross-chain transfer
+     */
+    getWormholeExplorerUrl(sequence: bigint): string;
+    /**
+     * Prepare a transfer with gas estimation
+     * Call this before transfer() to show user the cost
+     *
+     * @param params - Transfer parameters
+     * @returns PreparedTransfer with gas estimates and challenge
+     */
+    prepareTransfer(params: TransferParams): Promise<PreparedTransfer>;
+    /**
+     * Get a human-readable summary of a prepared transfer (Issue #26)
+     *
+     * Use this to show users what they're signing before biometric authentication.
+     * The summary includes:
+     * - Action type (transfer, bridge, execute, config)
+     * - Human-readable amounts (not wei)
+     * - Recipient display (truncated address, ENS if available)
+     * - Chain information
+     * - Risk warnings for unusual transactions
+     * - Gas cost breakdown
+     * - Expiration countdown
+     *
+     * @example
+     * ```typescript
+     * const prepared = await sdk.prepareTransfer({
+     *   recipient: '0x123...',
+     *   amount: '1000000000000000000', // 1 ETH in wei
+     *   tokenAddress: NATIVE_TOKEN_ADDRESS,
+     *   targetChain: 10004, // Base Sepolia
+     * });
+     *
+     * const summary = await sdk.getTransactionSummary(prepared);
+     * console.log(summary.title); // "Transfer"
+     * console.log(summary.description); // "Send 1.0 ETH to 0x123...abc"
+     * console.log(summary.details.formattedAmount); // "1.0"
+     * console.log(summary.risks); // [{ type: 'large_transaction', level: 'high', ... }]
+     * ```
+     *
+     * @param prepared - PreparedTransfer or PreparedBridge from prepare methods
+     * @returns Promise<TransactionSummary> with human-readable details
+     */
+    getTransactionSummary(prepared: PreparedTransfer | PreparedBridge): Promise<TransactionSummary>;
+    /**
+     * Get current spending limits for your vault
+     *
+     * @example
+     * ```typescript
+     * const limits = await sdk.getSpendingLimits();
+     * console.log(`Daily remaining: ${limits.dailyRemaining}`);
+     * console.log(`Resets in: ${limits.timeUntilReset}ms`);
+     * ```
+     *
+     * @param chainId - Optional chain ID (defaults to current chain)
+     * @returns Promise<SpendingLimits> with current limits and usage
+     */
+    getSpendingLimits(chainId?: number): Promise<SpendingLimits>;
+    /**
+     * Get spending limits formatted for UI display
+     *
+     * @example
+     * ```typescript
+     * const formatted = await sdk.getFormattedSpendingLimits();
+     * console.log(`${formatted.dailyUsedPercentage}% of daily limit used`);
+     * console.log(`Resets in: ${formatted.timeUntilReset}`);
+     * ```
+     */
+    getFormattedSpendingLimits(chainId?: number): Promise<FormattedSpendingLimits>;
+    /**
+     * Check if a transaction amount is within spending limits
+     *
+     * @example
+     * ```typescript
+     * const check = await sdk.checkSpendingLimit(ethers.parseEther("1.0"));
+     * if (!check.allowed) {
+     *   console.log(check.message);
+     *   console.log('Suggestions:', check.suggestions);
+     * }
+     * ```
+     *
+     * @param amount - Amount to check (in wei/base units)
+     * @param chainId - Optional chain ID
+     * @returns LimitCheckResult with allowed status and suggestions
+     */
+    checkSpendingLimit(amount: bigint, chainId?: number): Promise<LimitCheckResult>;
+    /**
+     * Prepare a transaction to update the daily spending limit
+     * Returns a PreparedTransfer that can be signed and executed
+     *
+     * @example
+     * ```typescript
+     * // Set daily limit to 5 ETH
+     * const prepared = await sdk.prepareSetDailyLimit(ethers.parseEther("5.0"));
+     * const result = await sdk.executeTransfer(prepared, signer);
+     * ```
+     *
+     * @param newLimit - New daily limit (0 = unlimited)
+     * @returns PreparedTransfer for signing
+     */
+    prepareSetDailyLimit(newLimit: bigint): Promise<PreparedTransfer>;
+    /**
+     * Prepare a transaction to pause the vault (emergency stop)
+     * Pausing prevents all withdrawals until unpaused
+     *
+     * @example
+     * ```typescript
+     * const prepared = await sdk.preparePauseVault();
+     * const result = await sdk.executeTransfer(prepared, signer);
+     * ```
+     */
+    preparePauseVault(): Promise<PreparedTransfer>;
+    /**
+     * Prepare a transaction to unpause the vault
+     *
+     * @example
+     * ```typescript
+     * const prepared = await sdk.prepareUnpauseVault();
+     * const result = await sdk.executeTransfer(prepared, signer);
+     * ```
+     */
+    prepareUnpauseVault(): Promise<PreparedTransfer>;
+    /**
+     * Execute a prepared transfer
+     * Use this after prepareTransfer() for better UX
+     *
+     * @param prepared - PreparedTransfer from prepareTransfer()
+     * @param signer - Signer to pay for gas
+     * @returns TransferResult with tracking info
+     */
+    executeTransfer(prepared: PreparedTransfer, signer: any): Promise<TransferResult>;
+    /**
+     * Enhanced transfer with automatic tracking
+     *
+     * @param params - Transfer parameters
+     * @param signer - Signer to pay for gas
+     * @param onStatusChange - Optional callback for transaction status updates
+     * @returns TransferResult with tracking info
+     */
+    transferWithTracking(params: TransferParams, signer: any, onStatusChange?: TransactionCallback): Promise<TransferResult>;
+    /**
+     * Execute a gasless transfer using the relayer
+     *
+     * This method allows users to send funds without paying gas themselves.
+     * The relayer service submits the transaction to the Hub and pays the gas.
+     * The relayer then automatically relays the VAA to the destination spoke chain.
+     *
+     * @param params - Transfer parameters (to, amount, token, targetChain)
+     * @param onStatusChange - Optional callback for transaction status updates
+     * @returns TransferResult with Hub tx hash and tracking info
+     */
+    transferViaRelayer(params: TransferParams, onStatusChange?: TransactionCallback): Promise<TransferResult>;
+    /**
+     * Wait for a transaction to confirm
+     *
+     * @param hash - Transaction hash
+     * @returns TransactionState when confirmed
+     */
+    waitForTransaction(hash: string): Promise<TransactionState>;
+    /**
+     * Get native token balance for the current vault
+     *
+     * @returns TokenBalance with native token balance
+     */
+    getVaultNativeBalance(): Promise<TokenBalance>;
+    /**
+     * Get all token balances for the current vault
+     *
+     * @param includeZeroBalances - Whether to include tokens with 0 balance
+     * @returns PortfolioBalance with all token balances
+     */
+    getVaultBalances(includeZeroBalances?: boolean): Promise<PortfolioBalance>;
+    /**
+     * Get token balance for a specific token
+     *
+     * @param tokenAddress - Token contract address or 'native'
+     * @returns TokenBalance for the specified token
+     */
+    getVaultTokenBalance(tokenAddress: string): Promise<TokenBalance>;
+    /**
+     * Get balances across multiple chains
+     *
+     * @param chainIds - Array of Wormhole chain IDs to check
+     * @returns Array of PortfolioBalance for each chain
+     */
+    getMultiChainBalances(chainIds: number[]): Promise<PortfolioBalance[]>;
+    /**
+     * Get token list for a chain
+     */
+    getTokenList(wormholeChainId?: number): TokenInfo$1[];
+    /**
+     * Get token by symbol
+     */
+    getTokenBySymbol(symbol: string, wormholeChainId?: number): TokenInfo$1 | null;
+    /**
+     * Get receive address information for sharing
+     * Use this to generate QR codes or share your vault address
+     *
+     * @returns ReceiveAddress with address and sharing info
+     */
+    getReceiveAddress(): ReceiveAddress;
+    /**
+     * Generate receive address with amount (for payment requests)
+     *
+     * @param amount - Amount to request
+     * @param tokenAddress - Token address or 'native'
+     * @param tokenDecimals - Token decimals
+     * @returns ReceiveAddress with payment request info
+     */
+    getPaymentRequest(amount: bigint, tokenAddress?: string, tokenDecimals?: number): ReceiveAddress;
+    /**
+     * Format wei to ether string
+     */
+    private formatWei;
+    /**
+     * Format units based on decimals
+     */
+    private formatUnits;
+    getVaultInfo(targetChainId?: number): Promise<VaultInfo | null>;
+    /**
+     * Get the deterministic vault address for the current credential
+     * This computes the address off-chain without requiring the vault to exist
+     *
+     * @returns The vault address that will be used when vault is created
+     */
+    getVaultAddress(): string;
+    /**
+     * Get the vault address for a specific key hash
+     *
+     * @param keyHash - The user's key hash
+     * @returns The deterministic vault address
+     */
+    getVaultAddressForKeyHash(keyHash: string): string;
+    /**
+     * Get unified identity with addresses across chains
+     *
+     * @returns UnifiedIdentity containing credential info and chain addresses
+     */
+    getUnifiedIdentity(): Promise<UnifiedIdentity>;
+    /**
+     * Get the current chain address from unified identity
+     */
+    getCurrentChainAddress(): Promise<ChainAddress | null>;
+    /**
+     * Update deployment status for cached identity
+     */
+    private updateDeploymentStatus;
+    /**
+     * Add a chain address to the unified identity
+     * Used when configuring multiple chains
+     */
+    addChainAddress(address: ChainAddress): void;
+    /**
+     * Create a vault for the current credential
+     *
+     * @param signer - The signer to pay for gas
+     * @returns VaultCreationResult with address and transaction details
+     */
+    createVault(signer: any): Promise<VaultCreationResult>;
+    /**
+     * Create a vault with sponsored gas (Veridex pays for gas)
+     *
+     * Uses the sponsor wallet configured in SDK initialization.
+     * If no sponsor is configured, throws an error.
+     *
+     * @param wormholeChainId - Optional chain ID for multi-chain creation
+     * @returns VaultCreationResult with address and transaction details
+     */
+    createVaultSponsored(wormholeChainId?: number): Promise<VaultCreationResult>;
+    /**
+     * Check if sponsored vault creation is available
+     */
+    hasSponsoredVaultCreation(): boolean;
+    /**
+     * Ensure vault exists, creating with sponsor if available
+     * Falls back to requiring a signer if no sponsor configured
+     *
+     * @param signer - Optional signer (only required if no sponsor configured)
+     * @returns The vault address
+     */
+    ensureVaultAuto(signer?: any): Promise<string>;
+    /**
+     * Ensure vault exists, creating if necessary
+     *
+     * @param signer - The signer to pay for gas (only used if creation needed)
+     * @returns The vault address
+     */
+    ensureVault(signer: any): Promise<string>;
+    /**
+     * Estimate gas for vault creation
+     */
+    estimateVaultCreationGas(): Promise<bigint>;
+    vaultExists(): Promise<boolean>;
+    /**
+     * Check if gas sponsorship is configured
+     *
+     * @returns true if a sponsor is configured (relayer, integrator, or Veridex)
+     */
+    isSponsorshipAvailable(): boolean;
+    /**
+     * Get the active sponsorship source
+     *
+     * Priority order:
+     * 1. 'relayer' - Remote relayer service (future primary)
+     * 2. 'integrator' - Platform-provided sponsor key
+     * 3. 'veridex' - Veridex default sponsor (fallback)
+     * 4. 'none' - No sponsorship available
+     *
+     * @returns The active sponsorship source
+     */
+    getSponsorshipSource(): 'relayer' | 'integrator' | 'veridex' | 'none';
+    /**
+     * Get supported chains for sponsored vault creation
+     *
+     * @returns Array of chain configurations
+     */
+    getSponsoredChains(): ChainDeploymentConfig[];
+    /**
+     * Create a vault on a specific chain using gas sponsorship
+     * User doesn't need to pay gas - Veridex pays
+     *
+     * @param wormholeChainId - The Wormhole chain ID to create vault on
+     * @returns Result with vault address
+     */
+    createSponsoredVault(wormholeChainId: number): Promise<SponsoredVaultResult>;
+    /**
+     * Create vaults on all supported chains using gas sponsorship
+     * User doesn't need to pay gas - Veridex pays
+     *
+     * @returns Multi-chain result with all vault addresses
+     */
+    createSponsoredVaultsOnAllChains(): Promise<MultiChainVaultResult>;
+    /**
+     * Check if vaults exist on all supported chains
+     *
+     * @returns Map of chain ID to vault status
+     */
+    checkVaultsOnAllChains(): Promise<Record<number, {
+        exists: boolean;
+        address: string;
+    }>>;
+    /**
+     * Ensure vaults exist on all chains, creating if necessary (sponsored)
+     *
+     * @returns Result with all vault addresses
+     */
+    ensureSponsoredVaultsOnAllChains(): Promise<MultiChainVaultResult>;
+    /**
+     * Get the identity state for the current passkey
+     * Returns information about the identity including key count and root status
+     *
+     * @returns Identity state or null if no credential set
+     */
+    getIdentityState(): Promise<IdentityState | null>;
+    /**
+     * Get all authorized passkeys for the current identity
+     *
+     * @returns Array of authorized keys with root status, or null if no credential
+     */
+    listAuthorizedPasskeys(): Promise<AuthorizedKey[] | null>;
+    /**
+     * Check if the current identity has backup passkeys registered
+     * Returns false if only one passkey (the root) is registered
+     *
+     * @returns True if backup passkeys exist, false otherwise
+     */
+    hasBackupPasskeys(): Promise<boolean>;
+    /**
+     * Register a backup passkey for the current identity
+     * The backup passkey can be used to recover access if the primary is lost
+     *
+     * @param newCredential The new passkey credential to add as backup
+     * @param signer Ethereum signer to pay gas (optional, uses relayer if not provided)
+     * @returns Result with transaction hash and sequence for cross-chain sync
+     */
+    addBackupPasskey(newCredential: PasskeyCredential, signer?: any): Promise<AddBackupKeyResult>;
+    /**
+     * Remove a passkey from the current identity
+     * Cannot remove the last remaining passkey
+     *
+     * @param keyToRemove Hash of the passkey to remove
+     * @param signer Ethereum signer to pay gas
+     * @returns Result with transaction hash and sequence for cross-chain sync
+     */
+    removePasskey(keyToRemove: string, signer: any): Promise<RemoveKeyResult>;
+    /**
+     * Check if a specific passkey is authorized for the current identity
+     *
+     * @param keyHash Hash of the passkey to check
+     * @returns True if authorized, false otherwise
+     */
+    isPasskeyAuthorized(keyHash: string): Promise<boolean>;
+    /**
+     * Get the identity hash for the current passkey
+     * This is the keyHash of the first/root passkey registered
+     *
+     * @returns Identity hash or null if no credential/identity
+     */
+    getIdentity(): Promise<string | null>;
+    getCredential(): PasskeyCredential | null;
+    setCredential(credential: PasskeyCredential): void;
+    hasCredential(): boolean;
+    clearCredential(): void;
+}
+
+/**
+ * Veridex Protocol SDK - Chain Presets
+ *
+ * Pre-configured chain settings for easy SDK initialization.
+ * Developers only need to specify chain name and network type.
+ *
+ * @example
+ * ```typescript
+ * import { createSDK } from '@veridex/sdk';
+ *
+ * // Simple initialization - testnet by default
+ * const sdk = await createSDK('base');
+ *
+ * // Or specify mainnet
+ * const mainnetSdk = await createSDK('base', { network: 'mainnet' });
+ * ```
+ */
+
+/**
+ * All supported chain names for easy reference
+ */
+declare const CHAIN_NAMES: {
+    readonly BASE: "base";
+    readonly OPTIMISM: "optimism";
+    readonly ARBITRUM: "arbitrum";
+    readonly SCROLL: "scroll";
+    readonly BLAST: "blast";
+    readonly MANTLE: "mantle";
+    readonly ETHEREUM: "ethereum";
+    readonly POLYGON: "polygon";
+    readonly BSC: "bsc";
+    readonly AVALANCHE: "avalanche";
+    readonly FANTOM: "fantom";
+    readonly CELO: "celo";
+    readonly MOONBEAM: "moonbeam";
+    readonly SOLANA: "solana";
+    readonly APTOS: "aptos";
+    readonly SUI: "sui";
+    readonly STARKNET: "starknet";
+    readonly NEAR: "near";
+    readonly SEI: "sei";
+};
+type ChainName = typeof CHAIN_NAMES[keyof typeof CHAIN_NAMES];
+type NetworkType = 'mainnet' | 'testnet';
+interface ChainPreset {
+    /** Human-readable chain name */
+    displayName: string;
+    /** Chain type for client selection */
+    type: 'evm' | 'solana' | 'aptos' | 'sui' | 'starknet' | 'near' | 'cosmos';
+    /** Whether this chain can be a hub */
+    canBeHub: boolean;
+    /** Testnet configuration */
+    testnet: ChainConfig$1;
+    /** Mainnet configuration */
+    mainnet: ChainConfig$1;
+}
+declare const CHAIN_PRESETS: Record<ChainName, ChainPreset>;
+/**
+ * Get chain configuration by name and network
+ */
+declare function getChainConfig(chain: ChainName, network?: NetworkType): ChainConfig$1;
+/**
+ * Get chain preset by name
+ */
+declare function getChainPreset(chain: ChainName): ChainPreset;
+/**
+ * Get all supported chain names
+ */
+declare function getSupportedChains(): ChainName[];
+/**
+ * Get hub-capable chains
+ */
+declare function getHubChains(): ChainName[];
+/**
+ * Check if chain is supported
+ */
+declare function isChainSupported(chain: string): chain is ChainName;
+/**
+ * Get default hub chain
+ */
+declare function getDefaultHub(network?: NetworkType): ChainConfig$1;
+
+/**
+ * Veridex Protocol SDK - Simplified Initialization
+ *
+ * Factory functions for easy SDK creation with minimal configuration.
+ *
+ * @example
+ * ```typescript
+ * import { createSDK } from '@veridex/sdk';
+ *
+ * // Simplest usage - testnet by default
+ * const sdk = await createSDK('base');
+ *
+ * // Register passkey and start using
+ * await sdk.passkey.register('user@example.com', 'My Wallet');
+ * const vault = await sdk.getVaultAddress();
+ * ```
+ */
+
+/**
+ * Simplified SDK configuration
+ * Only specify what you need - everything else has sensible defaults
+ */
+interface SimpleSDKConfig {
+    /**
+     * Network to connect to
+     * @default 'testnet'
+     */
+    network?: NetworkType;
+    /**
+     * Custom RPC URL (optional - defaults to public endpoints)
+     */
+    rpcUrl?: string;
+    /**
+     * Relayer URL for gasless transactions (optional)
+     */
+    relayerUrl?: string;
+    /**
+     * Relayer API key (optional)
+     */
+    relayerApiKey?: string;
+    /**
+     * Sponsor private key for gasless vault creation (optional)
+     * If not provided, users pay their own gas
+     */
+    sponsorPrivateKey?: string;
+    /**
+     * Integrator sponsor key (optional)
+     * Allows platforms to pay for their users' transactions
+     */
+    integratorSponsorKey?: string;
+    /**
+     * Additional RPC URLs for multi-chain operations
+     * Maps chain name to RPC URL
+     */
+    rpcUrls?: Partial<Record<ChainName, string>>;
+}
+/**
+ * Session-specific configuration
+ */
+interface SessionConfig {
+    /**
+     * Chain to use for sessions
+     */
+    chain: ChainName;
+    /**
+     * Network to connect to
+     * @default 'testnet'
+     */
+    network?: NetworkType;
+    /**
+     * Session duration in seconds
+     * @default 3600 (1 hour)
+     */
+    duration?: number;
+    /**
+     * Maximum value per transaction
+     * @default BigInt(1e18) (1 token)
+     */
+    maxValue?: bigint;
+    /**
+     * Require user verification for session creation
+     * @default true
+     */
+    requireUV?: boolean;
+}
+/**
+ * Create a Veridex SDK instance with minimal configuration
+ *
+ * @param chain - Chain name (e.g., 'base', 'optimism', 'solana')
+ * @param config - Optional configuration overrides
+ * @returns Configured VeridexSDK instance
+ *
+ * @example
+ * ```typescript
+ * // Simplest usage - testnet by default
+ * const sdk = await createSDK('base');
+ *
+ * // Use mainnet
+ * const mainnetSdk = await createSDK('base', { network: 'mainnet' });
+ *
+ * // With custom RPC
+ * const customSdk = await createSDK('base', {
+ *   rpcUrl: 'https://my-rpc.example.com'
+ * });
+ *
+ * // With relayer for gasless transactions
+ * const gaslessSdk = await createSDK('base', {
+ *   relayerUrl: 'https://relayer.veridex.io',
+ *   relayerApiKey: 'your-api-key',
+ * });
+ * ```
+ */
+declare function createSDK(chain: ChainName, config?: SimpleSDKConfig): VeridexSDK;
+/**
+ * Create SDK for the default hub chain (Base)
+ *
+ * @param config - Optional configuration
+ * @returns SDK configured for Base hub chain
+ *
+ * @example
+ * ```typescript
+ * const sdk = createHubSDK();
+ * await sdk.passkey.register('user', 'My Wallet');
+ * ```
+ */
+declare function createHubSDK(config?: SimpleSDKConfig): VeridexSDK;
+/**
+ * Create SDK for testnet (convenience function)
+ *
+ * @param chain - Chain name
+ * @param config - Optional configuration (network is forced to testnet)
+ * @returns SDK configured for testnet
+ */
+declare function createTestnetSDK(chain?: ChainName, config?: Omit<SimpleSDKConfig, 'network'>): VeridexSDK;
+/**
+ * Create SDK for mainnet (convenience function)
+ *
+ * @param chain - Chain name
+ * @param config - Optional configuration (network is forced to mainnet)
+ * @returns SDK configured for mainnet
+ */
+declare function createMainnetSDK(chain?: ChainName, config?: Omit<SimpleSDKConfig, 'network'>): VeridexSDK;
+/**
+ * Create a session-enabled SDK
+ *
+ * @param chain - Chain name
+ * @param config - Session configuration
+ * @returns SDK configured for session key usage
+ *
+ * @example
+ * ```typescript
+ * import { createSessionSDK, SessionManager } from '@veridex/sdk';
+ *
+ * const sdk = createSessionSDK('base');
+ * const sessionManager = new SessionManager({ sdk });
+ *
+ * // Create a session (one passkey auth)
+ * const session = await sessionManager.createSession({
+ *   duration: 3600,
+ *   maxValue: BigInt(1e18),
+ * });
+ *
+ * // Execute multiple transactions without prompts
+ * await sessionManager.executeWithSession(params, session);
+ * ```
+ */
+declare function createSessionSDK(chain?: ChainName, config?: SimpleSDKConfig): VeridexSDK;
+
+/**
+ * Veridex Protocol SDK - Chain Detector
+ *
+ * Phase 4: Multi-chain client support helper.
+ *
+ * Provides:
+ * - Chain config lookup (testnet/mainnet)
+ * - Auto-configuration for non-EVM ChainClient instances
+ */
+
+interface ChainDetectorConfig {
+    testnet?: boolean;
+    rpcUrls?: Record<number, string>;
+}
+interface NativeBalanceCapable {
+    getNativeBalance(address: string): Promise<bigint>;
+}
+declare class ChainDetector {
+    private readonly testnet;
+    private readonly rpcUrls;
+    private readonly walletManager;
+    constructor(config?: ChainDetectorConfig);
+    getChainConfig(wormholeChainId: number): ChainConfig | undefined;
+    /**
+     * Create a chain client for non-EVM chains using repo constants.
+     * For EVM, callers should instantiate EVMClient directly (Hub-driven).
+     */
+    createClient(wormholeChainId: number): ChainClient;
+    /**
+     * Derive a best-effort vault address for a chain from the passkey credential.
+     *
+     * - EVM chains: requires vaultFactory/vaultImplementation in constants.
+     * - Non-EVM chains: uses WalletManager chain-specific derivation.
+     */
+    deriveVaultAddress(credential: PasskeyCredential, wormholeChainId: number): ChainAddress | null;
+    getNonEvmNativeTokenMeta(wormholeChainId: number): {
+        symbol: string;
+        name: string;
+        decimals: number;
+    } | null;
+    private normalizeSuiAddress;
+}
+declare function createChainDetector(config?: ChainDetectorConfig): ChainDetector;
+
+/**
+ * Veridex Protocol SDK - Relayer Client
+ *
+ * Client for interacting with the Veridex relayer service.
+ * The relayer automatically submits VAAs to destination chains.
+ *
+ * Features:
+ * - Submit VAA for relay
+ * - Check relay status
+ * - Get supported routes
+ * - Fee estimation
+ */
+/**
+ * Relay request status
+ */
+type RelayStatus = 'pending' | 'processing' | 'submitted' | 'confirmed' | 'failed';
+/**
+ * Relay request result
+ */
+interface RelayRequest {
+    /** Unique relay request ID */
+    id: string;
+    /** VAA sequence number */
+    sequence: bigint;
+    /** Source chain Wormhole ID */
+    sourceChain: number;
+    /** Destination chain Wormhole ID */
+    destinationChain: number;
+    /** Relay status */
+    status: RelayStatus;
+    /** Source transaction hash */
+    sourceTxHash: string;
+    /** Destination transaction hash (when completed) */
+    destinationTxHash?: string;
+    /** Timestamp when request was created */
+    createdAt: number;
+    /** Timestamp when request was last updated */
+    updatedAt: number;
+    /** Error message if failed */
+    error?: string;
+    /** Gas used on destination chain */
+    gasUsed?: bigint;
+    /** Fee paid */
+    feePaid?: bigint;
+}
+/**
+ * Supported route information
+ */
+interface RelayRoute {
+    /** Source chain Wormhole ID */
+    sourceChain: number;
+    /** Destination chain Wormhole ID */
+    destinationChain: number;
+    /** Whether the route is active */
+    active: boolean;
+    /** Estimated relay time in seconds */
+    estimatedTimeSeconds: number;
+    /** Base fee in destination chain native token */
+    baseFee: bigint;
+    /** Fee per gas unit */
+    gasPrice: bigint;
+    /** Maximum gas limit */
+    maxGas: bigint;
+}
+/**
+ * Relayer service info
+ */
+interface RelayerInfo {
+    /** Relayer name/identifier */
+    name: string;
+    /** Relayer version */
+    version: string;
+    /** Supported chains */
+    supportedChains: number[];
+    /** Available routes */
+    routes: RelayRoute[];
+    /** Whether the relayer is online */
+    online: boolean;
+    /** Current queue depth */
+    queueDepth: number;
+}
+/**
+ * Request body for submitting a signed action to the relayer (gasless)
+ * Uses full WebAuthn data for authenticateAndDispatch
+ */
+interface SubmitSignedActionRequest {
+    /** WebAuthn authenticatorData (hex) */
+    authenticatorData: string;
+    /** WebAuthn clientDataJSON (raw string) */
+    clientDataJSON: string;
+    /** Index of "challenge":"..." in clientDataJSON */
+    challengeIndex: number;
+    /** Index of "type":"..." in clientDataJSON */
+    typeIndex: number;
+    /** P-256 signature r component (hex) */
+    r: string;
+    /** P-256 signature s component (hex) */
+    s: string;
+    /** P-256 public key X coordinate (hex) */
+    publicKeyX: string;
+    /** P-256 public key Y coordinate (hex) */
+    publicKeyY: string;
+    /** Target chain Wormhole ID */
+    targetChain: number;
+    /** Action payload (hex) */
+    actionPayload: string;
+    /** User nonce */
+    nonce: number;
+}
+/**
+ * Response from submitting a signed action
+ */
+interface SubmitActionResult {
+    /** Whether the submission was successful */
+    success: boolean;
+    /** Transaction hash on Hub chain */
+    txHash?: string;
+    /** Wormhole sequence number */
+    sequence?: string;
+    /** Error message if failed */
+    error?: string;
+    /** Human-readable message */
+    message?: string;
+}
+/**
+ * Query submission request (Issue #11/#12)
+ * For optimistic execution via Wormhole Query proofs (~5-7s vs ~120s)
+ */
+interface SubmitQueryRequest {
+    /** Target spoke chain Wormhole ID */
+    targetChain: number;
+    /** User's key hash */
+    userKeyHash: string;
+    /** Serialized transaction for spoke chain */
+    serializedTx: string;
+    /** Query proof with Guardian signatures */
+    queryProof: {
+        /** Raw query response bytes */
+        queryResponse: string;
+        /** Guardian signatures */
+        signatures: string;
+    };
+    /** Whether to fallback to VAA if Query fails */
+    fallbackToVaa?: boolean;
+    /** Optional metadata */
+    metadata?: {
+        /** User's preferred execution path */
+        preferredPath?: 'query' | 'vaa';
+        /** Transaction value in USD (for routing decisions) */
+        estimatedValueUSD?: number;
+    };
+}
+/**
+ * Query submission result (Issue #11/#12)
+ */
+interface SubmitQueryResult {
+    /** Whether submission succeeded */
+    success: boolean;
+    /** Transaction hash on spoke chain */
+    txHash?: string;
+    /** Execution path used */
+    path: 'query' | 'vaa';
+    /** Latency in milliseconds */
+    latencyMs?: number;
+    /** Error message if failed */
+    error?: string;
+    /** Whether fallback to VAA occurred */
+    fellBack?: boolean;
+}
+/**
+ * Fee quote for a relay
+ */
+interface RelayFeeQuote {
+    /** Source chain Wormhole ID */
+    sourceChain: number;
+    /** Destination chain Wormhole ID */
+    destinationChain: number;
+    /** Estimated fee in source chain native token */
+    feeInSourceToken: bigint;
+    /** Estimated fee in destination chain native token */
+    feeInDestinationToken: bigint;
+    /** Estimated gas on destination */
+    estimatedGas: bigint;
+    /** Quote expiration timestamp */
+    expiresAt: number;
+    /** Quote ID for submission */
+    quoteId: string;
+}
+/**
+ * Configuration for RelayerClient
+ */
+interface RelayerClientConfig {
+    /** Base URL of the relayer service */
+    baseUrl: string;
+    /** API key for authentication (optional) */
+    apiKey?: string;
+    /** Timeout for requests in ms */
+    timeoutMs?: number;
+    /** Max retries for failed requests */
+    maxRetries?: number;
+}
+/**
+ * Client for the Veridex relayer service
+ */
+declare class RelayerClient {
+    private baseUrl;
+    private config;
+    constructor(config: RelayerClientConfig);
+    /**
+     * Submit a VAA for relay to destination chain
+     */
+    submitRelay(vaaBase64: string, sourceChain: number, destinationChain: number, sourceTxHash: string, sequence: bigint, feeQuoteId?: string): Promise<RelayRequest>;
+    /**
+     * Submit a signed action to the relayer for gasless execution
+     *
+     * This allows users to execute transfers without paying gas themselves.
+     * The relayer will submit the transaction to the Hub chain and pay the gas.
+     * The relayer then automatically relays the VAA to the destination spoke chain.
+     *
+     * @param request - The signed action request with passkey signature
+     * @returns Result including Hub tx hash and Wormhole sequence
+     */
+    submitSignedAction(request: SubmitSignedActionRequest): Promise<SubmitActionResult>;
+    /**
+     * Submit a Query-based transaction for optimistic execution (Issue #11/#12)
+     *
+     * Uses Wormhole Cross-Chain Queries (CCQ) to achieve ~5-7 second latency
+     * vs ~120+ seconds for traditional VAA flow.
+     *
+     * Flow:
+     * 1. Client fetches Hub state via queryHubState() from SDK
+     * 2. Client constructs and signs transaction
+     * 3. Client submits Query proof + tx to this endpoint
+     * 4. Relayer validates format and submits to spoke chain
+     * 5. Spoke chain verifies Guardian signatures on-chain
+     *
+     * @param request - Query submission with Guardian-signed proof
+     * @returns Result including spoke tx hash and execution path
+     */
+    submitQuery(request: SubmitQueryRequest): Promise<SubmitQueryResult>;
+    /**
+     * Get relay request status
+     */
+    getRelayStatus(requestId: string): Promise<RelayRequest>;
+    /**
+     * Get relay status by source transaction hash
+     */
+    getRelayBySourceTx(sourceTxHash: string): Promise<RelayRequest | null>;
+    /**
+     * Get relay status by sequence number
+     */
+    getRelayBySequence(sourceChain: number, sequence: bigint): Promise<RelayRequest | null>;
+    /**
+     * Cancel a pending relay request
+     */
+    cancelRelay(requestId: string): Promise<boolean>;
+    /**
+     * Poll for relay completion
+     */
+    waitForRelay(requestId: string, timeoutMs?: number, pollingIntervalMs?: number, onProgress?: (status: RelayStatus) => void): Promise<RelayRequest>;
+    /**
+     * Get fee quote for a relay
+     */
+    getFeeQuote(sourceChain: number, destinationChain: number, estimatedGas?: bigint): Promise<RelayFeeQuote>;
+    /**
+     * Get relayer service info
+     */
+    getInfo(): Promise<RelayerInfo>;
+    /**
+     * Get supported routes
+     */
+    getRoutes(): Promise<RelayRoute[]>;
+    /**
+     * Check if a route is supported
+     */
+    isRouteSupported(sourceChain: number, destinationChain: number): Promise<boolean>;
+    /**
+     * Check relayer health
+     */
+    healthCheck(): Promise<boolean>;
+    /**
+     * Get all pending relay requests for a user
+     */
+    getPendingRelays(userKeyHash: string): Promise<RelayRequest[]>;
+    /**
+     * Get relay history for a user
+     */
+    getRelayHistory(userKeyHash: string, limit?: number, offset?: number): Promise<RelayRequest[]>;
+    /**
+     * Make an HTTP request to the relayer
+     */
+    private fetch;
+    /**
+     * Sleep helper
+     */
+    private sleep;
+}
+/**
+ * Create a RelayerClient instance
+ */
+declare function createRelayerClient(config: RelayerClientConfig): RelayerClient;
+
+/**
+ * Veridex Protocol SDK - Session Cryptography Utilities
+ *
+ * Provides cryptographic operations for session key management:
+ * - secp256k1 key generation (NOT secp256r1 - sessions are software-backed)
+ * - ECDSA signing with session keys
+ * - Key hash derivation (keccak256)
+ * - Secure random generation
+ */
+/** Maximum session duration enforced on-chain (24 hours) */
+declare const MAX_SESSION_DURATION = 86400;
+/** Minimum session duration (60 seconds) */
+declare const MIN_SESSION_DURATION = 60;
+/** Default session duration (1 hour) */
+declare const DEFAULT_SESSION_DURATION = 3600;
+/** Default refresh buffer (5 minutes before expiry) */
+declare const DEFAULT_REFRESH_BUFFER = 300;
+/**
+ * Key pair for secp256k1 session keys
+ */
+interface KeyPair {
+    publicKey: Uint8Array;
+    privateKey: Uint8Array;
+    address: string;
+}
+/**
+ * Generate a new secp256k1 key pair for session key
+ *
+ * Security:
+ * - Uses cryptographically secure random (ethers.Wallet.createRandom)
+ * - Returns uncompressed public key (65 bytes)
+ * - Private key is 32 bytes
+ *
+ * @returns KeyPair with public/private keys and derived address
+ */
+declare function generateSecp256k1KeyPair(): KeyPair;
+/**
+ * Compute keccak256 hash of public key (session key identifier)
+ *
+ * This hash is used as the on-chain identifier for the session.
+ * It matches the Solidity keccak256(publicKey) computation.
+ *
+ * @param publicKey Uncompressed public key (65 bytes)
+ * @returns Hex string of keccak256 hash (0x...)
+ */
+declare function computeSessionKeyHash(publicKey: Uint8Array): string;
+/**
+ * Sign a message hash with a session key (secp256k1 ECDSA)
+ *
+ * @param privateKey Session private key (32 bytes)
+ * @param messageHash Message hash to sign (32 bytes)
+ * @returns Signature with r, s, v components
+ */
+declare function signWithSessionKey(privateKey: Uint8Array, messageHash: Uint8Array | string): {
+    r: string;
+    s: string;
+    v: number;
+    signature: Uint8Array;
+};
+/**
+ * Hash an action for signing
+ *
+ * Creates a deterministic hash of action parameters that can be
+ * signed with a session key and verified on-chain.
+ *
+ * Hash format: keccak256(abi.encodePacked(
+ *   action, targetChain, value, keccak256(payload), nonce, deadline
+ * ))
+ *
+ * @param params Action parameters
+ * @returns Message hash (32 bytes)
+ */
+declare function hashAction(params: {
+    action: string;
+    targetChain: number;
+    value: bigint;
+    payload: Uint8Array;
+    nonce: number;
+    deadline?: number;
+}): Uint8Array;
+/**
+ * Verify a session key signature
+ *
+ * Used for testing and client-side validation before submission.
+ * On-chain verification is handled by Spoke contracts via CCQ.
+ *
+ * @param messageHash Message that was signed
+ * @param signature Signature to verify
+ * @param expectedPublicKey Expected public key of signer
+ * @returns True if signature is valid
+ */
+declare function verifySessionSignature(messageHash: Uint8Array | string, signature: Uint8Array, expectedPublicKey: Uint8Array): boolean;
+/**
+ * Derive an AES-GCM encryption key for session storage
+ *
+ * Uses PBKDF2 to derive a key from a user-specific seed.
+ * The seed should be derived from the user's Passkey credential ID.
+ *
+ * Security considerations:
+ * - Uses 100,000 iterations (OWASP minimum)
+ * - Salt is derived from credential ID (unique per user)
+ * - Key is bound to specific browser/device via extractable: false
+ *
+ * @param credentialId User's Passkey credential ID (unique identifier)
+ * @returns AES-GCM encryption key
+ */
+declare function deriveEncryptionKey(credentialId: string): Promise<CryptoKey>;
+/**
+ * Encrypt data with AES-GCM
+ *
+ * @param data Data to encrypt
+ * @param key AES-GCM encryption key
+ * @returns Encrypted data with IV prepended
+ */
+declare function encrypt(data: Uint8Array, key: CryptoKey): Promise<Uint8Array>;
+/**
+ * Decrypt data with AES-GCM
+ *
+ * @param encryptedData Data with IV prepended
+ * @param key AES-GCM encryption key
+ * @returns Decrypted data
+ */
+declare function decrypt(encryptedData: Uint8Array, key: CryptoKey): Promise<Uint8Array>;
+/**
+ * Validate session configuration
+ *
+ * @param config Session configuration to validate
+ * @throws SessionError if configuration is invalid
+ */
+declare function validateSessionConfig(config: {
+    duration: number;
+    maxValue: bigint;
+}): void;
+
+/**
+ * Veridex Protocol SDK - Secure Session Storage
+ *
+ * Provides encrypted storage for session keys using IndexedDB or LocalStorage.
+ * Private keys are ALWAYS encrypted at rest using AES-GCM.
+ *
+ * Security guarantees:
+ * - Private keys never stored in plaintext
+ * - Encryption keys derived from Passkey credential ID (user-bound)
+ * - Keys are non-extractable (remain in browser's crypto subsystem)
+ * - Automatic cleanup on revocation or expiry
+ */
+
+/**
+ * IndexedDB-based session storage with encryption
+ *
+ * Preferred storage backend because:
+ * - Larger storage quota (~50MB vs ~10MB)
+ * - Structured storage (no serialization overhead)
+ * - Better performance for binary data
+ * - Non-blocking async API
+ */
+declare class IndexedDBSessionStorage implements SessionStorage {
+    private db;
+    private encryptionKey;
+    private credentialId;
+    /**
+     * @param credentialId User's Passkey credential ID (for key derivation)
+     */
+    constructor(credentialId: string);
+    /**
+     * Initialize database connection
+     */
+    private initialize;
+    /**
+     * Get or derive encryption key
+     */
+    private getEncryptionKey;
+    /**
+     * Save a session (encrypts private key)
+     */
+    save(session: SessionKey): Promise<void>;
+    /**
+     * Load the active session (decrypts private key)
+     */
+    load(): Promise<SessionKey | null>;
+    /**
+     * Get all stored sessions (internal helper)
+     */
+    private getAllSessions;
+    /**
+     * Clear all sessions
+     */
+    clear(): Promise<void>;
+    /**
+     * Check if any session exists
+     */
+    exists(): Promise<boolean>;
+    /**
+     * Close database connection
+     */
+    close(): void;
+}
+/**
+ * LocalStorage-based session storage with encryption
+ *
+ * Fallback storage backend when IndexedDB is unavailable.
+ *
+ * Limitations:
+ * - Smaller storage quota (~10MB)
+ * - Synchronous API (blocks main thread)
+ * - String-based storage (requires serialization)
+ */
+declare class LocalStorageSessionStorage implements SessionStorage {
+    private encryptionKey;
+    private credentialId;
+    private storageKey;
+    /**
+     * @param credentialId User's Passkey credential ID (for key derivation)
+     */
+    constructor(credentialId: string);
+    /**
+     * Get or derive encryption key
+     */
+    private getEncryptionKey;
+    /**
+     * Save a session (encrypts private key)
+     */
+    save(session: SessionKey): Promise<void>;
+    /**
+     * Load the active session (decrypts private key)
+     */
+    load(): Promise<SessionKey | null>;
+    /**
+     * Clear all sessions
+     */
+    clear(): Promise<void>;
+    /**
+     * Check if any session exists
+     */
+    exists(): Promise<boolean>;
+}
+/**
+ * Create appropriate session storage based on environment
+ *
+ * @param credentialId User's Passkey credential ID
+ * @param preferredBackend Preferred storage backend ('indexeddb' or 'localstorage')
+ * @returns Session storage implementation
+ */
+declare function createSessionStorage(credentialId: string, preferredBackend?: 'indexeddb' | 'localstorage'): SessionStorage;
+
+/**
+ * Veridex Solana Program Error Codes
+ *
+ * Error code constants for parsing and handling Veridex program errors.
+ * These codes map directly to the Anchor error enum variants in the
+ * Solana program.
+ *
+ * @packageDocumentation
+ */
+/**
+ * Error code range boundaries.
+ * Use these to categorize errors programmatically.
+ */
+declare const ERROR_RANGES: {
+    /** Core protocol errors (paused, unauthorized, limits, etc.) */
+    readonly CORE: {
+        readonly min: 6000;
+        readonly max: 6099;
+    };
+    /** Query execution errors */
+    readonly QUERY_EXECUTION: {
+        readonly min: 6100;
+        readonly max: 6149;
+    };
+    /** ABI decoding errors */
+    readonly ABI: {
+        readonly min: 6150;
+        readonly max: 6199;
+    };
+    /** Query parsing/validation errors */
+    readonly QUERY_PARSING: {
+        readonly min: 6200;
+        readonly max: 6299;
+    };
+};
+declare const VERIDEX_ERRORS: {
+    /** Protocol is globally paused */
+    readonly PROTOCOL_PAUSED: 6000;
+    /** Vault is paused */
+    readonly VAULT_PAUSED: 6001;
+    /** VAA already processed (replay protection) */
+    readonly VAA_ALREADY_PROCESSED: 6002;
+    /** Invalid emitter chain */
+    readonly INVALID_EMITTER_CHAIN: 6003;
+    /** Invalid emitter address */
+    readonly INVALID_EMITTER: 6004;
+    /** Invalid owner */
+    readonly INVALID_OWNER: 6005;
+    /** Invalid target chain */
+    readonly INVALID_TARGET_CHAIN: 6006;
+    /** Invalid payload version */
+    readonly INVALID_PAYLOAD_VERSION: 6007;
+    /** Invalid action payload */
+    readonly INVALID_ACTION_PAYLOAD: 6008;
+    /** Invalid action type */
+    readonly INVALID_ACTION_TYPE: 6009;
+    /** Daily limit exceeded */
+    readonly DAILY_LIMIT_EXCEEDED: 6010;
+    /** Insufficient funds */
+    readonly INSUFFICIENT_FUNDS: 6011;
+    /** Unauthorized */
+    readonly UNAUTHORIZED: 6012;
+    /** Invalid VAA */
+    readonly INVALID_VAA: 6013;
+    /** Token bridge not configured */
+    readonly TOKEN_BRIDGE_NOT_CONFIGURED: 6014;
+    /** Invalid bridge parameters */
+    readonly INVALID_BRIDGE_PARAMS: 6015;
+    /** Invalid query response format */
+    readonly INVALID_QUERY_RESPONSE: 6100;
+    /** Query response expired (> 60 seconds old) */
+    readonly QUERY_EXPIRED: 6101;
+    /** Query signature verification failed */
+    readonly QUERY_INVALID: 6102;
+    /** Query result doesn't match expected state */
+    readonly QUERY_MISMATCH: 6103;
+    /** Query block time is in the future */
+    readonly QUERY_FUTURE_BLOCK: 6104;
+    /** Invalid nonce in query response */
+    readonly INVALID_QUERY_NONCE: 6105;
+    /** Secp256k1 verification instruction missing */
+    readonly SECP256K1_INSTRUCTION_MISSING: 6106;
+    /** Invalid secp256k1 instruction format */
+    readonly INVALID_SECP256K1_INSTRUCTION: 6107;
+    /** Insufficient Guardian signatures on query */
+    readonly INSUFFICIENT_SIGNATURES: 6108;
+    /** Chain ID mismatch in query response */
+    readonly CHAIN_ID_MISMATCH: 6109;
+    /** Query result not found */
+    readonly QUERY_RESULT_NOT_FOUND: 6110;
+    /** ABI decoding: insufficient data */
+    readonly ABI_INSUFFICIENT_DATA: 6150;
+    /** ABI decoding: value overflow */
+    readonly ABI_OVERFLOW: 6151;
+    /** ABI decoding: invalid encoding */
+    readonly ABI_INVALID_ENCODING: 6152;
+    /** ABI decoding: general failure */
+    readonly ABI_DECODING_FAILED: 6153;
+    /** Invalid query response format (parsing) */
+    readonly QUERY_PARSE_INVALID_RESPONSE: 6200;
+    /** Invalid query version */
+    readonly QUERY_PARSE_INVALID_VERSION: 6201;
+    /** Unsupported query type */
+    readonly QUERY_PARSE_UNSUPPORTED_TYPE: 6202;
+    /** Query response is stale (parsing) */
+    readonly QUERY_PARSE_STALE: 6203;
+    /** Query block time is in the future (parsing) */
+    readonly QUERY_PARSE_FUTURE_BLOCK: 6204;
+    /** Invalid Hub state data */
+    readonly QUERY_PARSE_INVALID_HUB_STATE: 6205;
+    /** Invalid nonce (parsing) */
+    readonly QUERY_PARSE_INVALID_NONCE: 6206;
+    /** Query result doesn't match expected (parsing) */
+    readonly QUERY_PARSE_MISMATCH: 6207;
+    /** Secp256k1 instruction not found (parsing) */
+    readonly QUERY_PARSE_SECP256K1_MISSING: 6208;
+    /** Invalid Secp256k1 instruction (parsing) */
+    readonly QUERY_PARSE_INVALID_SECP256K1: 6209;
+    /** Insufficient Guardian signatures (parsing) */
+    readonly QUERY_PARSE_INSUFFICIENT_SIGS: 6210;
+    /** Invalid Guardian signature (parsing) */
+    readonly QUERY_PARSE_INVALID_GUARDIAN_SIG: 6211;
+    /** Chain ID mismatch (parsing) */
+    readonly QUERY_PARSE_CHAIN_ID_MISMATCH: 6212;
+    /** Guardian index out of range */
+    readonly QUERY_PARSE_GUARDIAN_INDEX_OOB: 6213;
+    /** Non-increasing Guardian index */
+    readonly QUERY_PARSE_NON_INCREASING_INDEX: 6214;
+    /** Query signature verification failed (parsing) */
+    readonly QUERY_PARSE_INVALID_SIGNATURE: 6215;
+    /** ABI decoding failed (parsing) */
+    readonly QUERY_PARSE_ABI_FAILED: 6216;
+};
+type VeridexErrorCode = (typeof VERIDEX_ERRORS)[keyof typeof VERIDEX_ERRORS];
+/**
+ * Human-readable error messages for each error code.
+ */
+declare const ERROR_MESSAGES: Record<VeridexErrorCode, string>;
+/**
+ * Check if an error code is in the core protocol range.
+ */
+declare function isCoreError(code: number): boolean;
+/**
+ * Check if an error code is a query execution error.
+ */
+declare function isQueryExecutionError(code: number): boolean;
+/**
+ * Check if an error code is an ABI decoding error.
+ */
+declare function isAbiError(code: number): boolean;
+/**
+ * Check if an error code is a query parsing error.
+ */
+declare function isQueryParsingError(code: number): boolean;
+/**
+ * Check if an error is related to query operations (execution or parsing).
+ */
+declare function isQueryError(code: number): boolean;
+/**
+ * Get the error category as a human-readable string.
+ */
+declare function getErrorCategory(code: number): string;
+/**
+ * Get the human-readable message for an error code.
+ */
+declare function getErrorMessage(code: number): string;
+/**
+ * Parse an Anchor program error to extract the Veridex error code.
+ *
+ * @param error - The error object from a failed transaction
+ * @returns The error code if found, undefined otherwise
+ */
+declare function parseVeridexError(error: unknown): VeridexErrorCode | undefined;
+/**
+ * Check if the error is a retryable error (e.g., expired query can be refreshed).
+ */
+declare function isRetryableError(code: number): boolean;
+/**
+ * Suggested user action for common errors.
+ */
+declare function getSuggestedAction(code: number): string;
+
+type AuthenticateAndPrepareParams = {
+    credential: PasskeyCredential;
+    action?: TransferParams | ExecuteParams | BridgeParams;
+    /** Pre-encoded Hub action payload (hex string). If provided, `action` is ignored. */
+    actionPayload?: string;
+    targetChain: number;
+};
+type AuthenticateAndPrepareResult = {
+    serializedTx: Uint8Array;
+    queryProof: Uint8Array<ArrayBufferLike>;
+    estimatedLatency: number;
+    fallbackAvailable: boolean;
+};
+/**
+ * Client-first authentication preparation:
+ * - user signs locally (FaceID/TouchID)
+ * - client queries Wormhole Query Proxy for Guardian-attested nonce/state
+ * - client returns a ready-to-submit relayer payload (JSON bytes)
+ * - falls back to RPC nonce if Queries fails
+ */
+declare function authenticateAndPrepare(userParams: AuthenticateAndPrepareParams, apiKey: string): Promise<AuthenticateAndPrepareResult>;
+
+export { ARBITRUM_SEPOLIA_TOKENS, type ActionDetails, type ActionDisplayType, AddBackupKeyResult, type AuthenticateAndPrepareParams, type AuthenticateAndPrepareResult, AuthorizedKey, BASE_SEPOLIA_TOKENS, BalanceManager, type BalanceManagerConfig, type BridgeDetails, BridgeParams, BridgeResult, CHAIN_DISPLAY_INFO, CHAIN_NAMES, CHAIN_PRESETS, CONFIG_TYPE, ChainAddress, type ChainAddressConfig, ChainClient, ChainConfig, type ChainDeploymentConfig, ChainDetector, type ChainDetectorConfig, type ChainDisplay, type ChainName, type ChainTokenList, type ConfigDetails, type CrossChainConfig, CrossChainManager, type CrossChainProgress, type CrossChainProgressCallback, type CrossChainResult, type CrossChainStatus, DEFAULT_REFRESH_BUFFER, DEFAULT_SESSION_DURATION, type DailySpendingSummary, DispatchResult, type DurationDisplay, ERROR_MESSAGES, ERROR_RANGES, EVM_ZERO_ADDRESS, type ExecuteDetails, ExecuteParams, type FormattedSpendingLimits, GasSponsor, type GasSponsorConfig, IdentityState, IndexedDBSessionStorage, type KeyPair, LIMIT_PRESETS, type LimitCheckResult, type LimitPreset, type LimitViolationSuggestion, type LimitViolationType, LocalStorageSessionStorage, MAX_SESSION_DURATION, MIN_SESSION_DURATION, type MultiChainVaultResult, NATIVE_TOKEN_ADDRESS, type NativeBalanceCapable, type NetworkType, OPTIMISM_SEPOLIA_TOKENS, PasskeyCredential, PasskeyManager, type PortfolioBalance, PreparedBridge, PreparedTransfer, ReceiveAddress, type RecipientDisplay, type RelayFeeQuote, type RelayRequest, type RelayRoute, type RelayStatus, RelayerClient, type RelayerClientConfig, type RelayerInfo, RemoveKeyResult, type RiskLevel, type RiskWarning, type RiskWarningType, SessionStorage, type SetDailyLimitParams, type SetTransactionLimitParams, type SimpleSDKConfig, type SessionConfig as SimpleSessionConfig, type SpendingLimitChangedEvent, type SpendingLimitConfig, type SpendingLimitEventCallback, type SpendingLimits, SpendingLimitsManager, type SpendingLimitsManagerConfig, type SpendingTransaction, type SponsoredVaultResult, type SponsorshipSource, type SubmitActionResult, type SubmitQueryRequest, type SubmitQueryResult, type SubmitSignedActionRequest, TOKEN_REGISTRY, type TokenBalance, type TokenDisplay, type TokenInfo$1 as TokenInfo, type TrackerConfig, type TransactionAuditEntry, type TransactionCallback, TransactionParser, type TransactionParserConfig, type TransactionState, type TransactionStatus, type TransactionSummary, TransactionTracker, type TransferDetails, TransferParams, TransferResult, UnifiedIdentity, VAA, VERIDEX_ERRORS, VaultCreationResult, VaultInfo, VeridexConfig, type VeridexErrorCode, VeridexPayload, VeridexSDK, WalletManager, WalletManagerConfig, authenticateAndPrepare, calculatePercentage, computeSessionKeyHash, createAuditEntry, createChainDetector, createGasSponsor, createHubSDK, createMainnetSDK, createRelayerClient, createSDK, createSessionSDK, createSessionStorage, createSpendingLimitsManager, createTestnetSDK, createTransactionParser, crossChainManager, decrypt, VeridexSDK as default, deriveEncryptionKey, encrypt, formatDuration, formatLargeAmount, formatTransactionState, generateSecp256k1KeyPair, getAllTokens, getChainConfig, getChainDisplay, getChainName, getChainPreset, getConfigTypeName, getDefaultHub, getErrorCategory, getErrorMessage, getExplorerUrl, getHubChains, getSuggestedAction, getSupportedChainIds, getSupportedChains, getTokenByAddress, getTokenBySymbol, getTokenList, hashAction, isAbiError, isChainSupported, isCoreError, isNativeToken, isQueryError, isQueryExecutionError, isQueryParsingError, isRetryableError, logTransactionSummary, parseVeridexError, signWithSessionKey, validateSessionConfig, verifySessionSignature };