@volr/sdk-core 0.1.111 → 0.1.112

package/dist/index.d.cts

@@ -117,40 +117,58 @@ type WrapKey = Uint8Array & {
 type MasterSeed = Uint8Array & {
     readonly __brand: 'MasterSeed';
 };
+/**
+ * Opaque type for Entropy (32 bytes = 256 bits)
+ * Used for BIP-39 mnemonic generation (24 words)
+ * This is a type-level marker to prevent accidental misuse
+ */
+type Entropy = Uint8Array & {
+    readonly __brand: 'Entropy';
+};
 
 /**
- * Opaque handle to master seed
- * Provides controlled access and ensures cleanup via destroy()
+ * Handle to master key material
+ * Provides controlled access to entropy and seed, with secure cleanup
  */
-type MasterSeedHandle = {
-    /** Read-only access to master seed bytes */
-    readonly bytes: MasterSeed;
-    /** Destroy the handle and zeroize the seed */
+type MasterKeyHandle = {
+    /** 32-byte entropy for BIP-39 mnemonic generation */
+    readonly entropy: Entropy;
+    /** 32-byte seed for BIP-32 key derivation */
+    readonly seed: MasterSeed;
+    /**
+     * Get mnemonic phrase for export (24 words)
+     *
+     * WARNING: Returned string cannot be zeroized.
+     * Only call this when user explicitly requests wallet export.
+     * Minimize retention time of the returned string.
+     */
+    getMnemonic(): string;
+    /** Destroy the handle and zeroize all sensitive data */
     destroy(): void;
 };
 /**
  * Master key provider interface
- * Handles generation and unsealing of master seeds
+ * Handles generation and unsealing of master keys
  */
 interface MasterKeyProvider {
     /**
-     * Unseal master seed from encrypted blob
+     * Unseal entropy from encrypted blob and derive seed
      *
      * @param blob - Encrypted blob containing ciphertext, nonce, and AAD
      * @param wrapKey - Wrap key for decryption
-     * @returns Handle to unsealed master seed
+     * @returns Handle to unsealed master key
      */
     unsealFromBlob(blob: {
         cipher: Uint8Array;
         nonce: Uint8Array;
         aad: Uint8Array;
-    }, wrapKey: WrapKey): Promise<MasterSeedHandle>;
+    }, wrapKey: WrapKey): Promise<MasterKeyHandle>;
     /**
-     * Generate a new master seed
+     * Generate a new master key (entropy + derived seed)
      *
-     * @returns Handle to newly generated master seed
+     * @returns Handle to newly generated master key
      */
-    generate(): Promise<MasterSeedHandle>;
+    generate(): Promise<MasterKeyHandle>;
 }
 /**
  * Create a master key provider instance
@@ -161,8 +179,15 @@ interface MasterKeyProvider {
  * ```ts
  * const provider = createMasterKeyProvider();
  * const handle = await provider.generate();
- * // Use handle.bytes for key derivation
- * handle.destroy(); // Cleanup
+ *
+ * // Use handle.seed for key derivation
+ * const keypair = deriveEvmKey({ masterSeed: handle.seed });
+ *
+ * // Export mnemonic when user requests (only for backup/migration)
+ * const mnemonic = handle.getMnemonic();
+ *
+ * // Cleanup
+ * handle.destroy();
  * ```
  */
 declare function createMasterKeyProvider(): MasterKeyProvider;
@@ -250,6 +275,69 @@ type PrfInput = {
  */
 declare function deriveWrapKey(input: PrfInput): WrapKey;
 
+/**
+ * BIP-39 Mnemonic utilities
+ *
+ * Provides functions to generate entropy, convert to/from mnemonic strings,
+ * and derive seeds for key generation.
+ *
+ * Security Note:
+ * - Entropy (Uint8Array) can be zeroized after use
+ * - Mnemonic strings cannot be zeroized (JavaScript strings are immutable)
+ * - Only convert to mnemonic string when absolutely necessary (e.g., export)
+ */
+
+/**
+ * Generate random entropy for BIP-39 mnemonic (256 bits = 24 words)
+ *
+ * @returns 32-byte entropy that can be converted to a 24-word mnemonic
+ *
+ * @example
+ * ```ts
+ * const entropy = generateEntropy();
+ * const mnemonic = entropyToMnemonicString(entropy);
+ * // ... use mnemonic for export
+ * zeroize(entropy);
+ * ```
+ */
+declare function generateEntropy(): Entropy;
+/**
+ * Validate entropy has correct length for 24-word mnemonic
+ *
+ * @param entropy - Entropy to validate
+ * @returns true if entropy is valid (32 bytes)
+ */
+declare function validateEntropy(entropy: Entropy): boolean;
+/**
+ * Convert entropy to BIP-39 mnemonic string (24 words)
+ *
+ * WARNING: Returned string cannot be zeroized. Minimize retention time.
+ * Only call this function when the user explicitly requests to export their wallet.
+ *
+ * @param entropy - 32-byte entropy
+ * @returns 24-word mnemonic phrase (space-separated)
+ */
+declare function entropyToMnemonicString(entropy: Entropy): string;
+/**
+ * Convert BIP-39 mnemonic string back to entropy
+ *
+ * @param mnemonic - 24-word mnemonic phrase (space-separated)
+ * @returns 32-byte entropy
+ * @throws Error if mnemonic is invalid
+ */
+declare function mnemonicStringToEntropy(mnemonic: string): Entropy;
+/**
+ * Derive BIP-39 seed from entropy
+ *
+ * This function internally converts entropy to a mnemonic string (temporarily),
+ * then uses PBKDF2 to derive the seed. The mnemonic string exists only within
+ * this function's scope.
+ *
+ * @param entropy - 32-byte entropy
+ * @returns 32-byte master seed for BIP-32 key derivation
+ */
+declare function entropyToSeed(entropy: Entropy): Promise<MasterSeed>;
+
 /**
  * Default BIP-32 derivation path for Ethereum
  * m / purpose' / coin_type' / account' / change / address_index
@@ -1404,4 +1492,4 @@ type SelectSignerContext = {
  */
 declare function selectSigner(ctx: SelectSignerContext): Promise<SignerPort>;
 
-export { type AesGcmParams, type AuthorizationTuple, type Call, ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, type DeriveArgs, EIP1193ErrorCode, type EIP1193Provider, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, type EvmKeypair, type ExtendedRPCClient, ExternalWalletSigner, type KeyStorageType, type Sig$1 as LegacySig, type MasterKeyProvider, type MasterSeed, type MasterSeedHandle, type MpcTransport, PasskeyP256Signer, type PasskeyProviderOptions, type PasskeyProviderPort, type PrecheckInput, type PrecheckQuote, type PrfInput, type RelayInput, type RelayMode, type RelayResult, RequestPendingError, type RpcLike, Secp256k1SoftwareSigner, type SelectSignerContext, type SessionAuth, type Sig, type SignerContext, type SignerKind, type SignerPort, TYPES, type TypedDataDomain, type TypedDataField, type TypedDataInput, type TypedDataTypes, UnauthorizedError, UnsupportedMethodError, type UploadBlobOptions, type UploadViaPresignOptions, UserRejectedError, VolrError, WalletError, type WalletProviderPort, type WrapKey, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, evmSign, evmVerify, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner$1 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, zeroize };
+export { type AesGcmParams, type AuthorizationTuple, type Call, ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, type DeriveArgs, EIP1193ErrorCode, type EIP1193Provider, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, type Entropy, type EvmKeypair, type ExtendedRPCClient, ExternalWalletSigner, type KeyStorageType, type Sig$1 as LegacySig, type MasterKeyHandle, type MasterKeyProvider, type MasterSeed, type MpcTransport, PasskeyP256Signer, type PasskeyProviderOptions, type PasskeyProviderPort, type PrecheckInput, type PrecheckQuote, type PrfInput, type RelayInput, type RelayMode, type RelayResult, RequestPendingError, type RpcLike, Secp256k1SoftwareSigner, type SelectSignerContext, type SessionAuth, type Sig, type SignerContext, type SignerKind, type SignerPort, TYPES, type TypedDataDomain, type TypedDataField, type TypedDataInput, type TypedDataTypes, UnauthorizedError, UnsupportedMethodError, type UploadBlobOptions, type UploadViaPresignOptions, UserRejectedError, VolrError, WalletError, type WalletProviderPort, type WrapKey, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, entropyToMnemonicString, entropyToSeed, evmSign, evmVerify, generateEntropy, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, mnemonicStringToEntropy, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner$1 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, validateEntropy, zeroize };

package/dist/index.d.ts

@@ -117,40 +117,58 @@ type WrapKey = Uint8Array & {
 type MasterSeed = Uint8Array & {
     readonly __brand: 'MasterSeed';
 };
+/**
+ * Opaque type for Entropy (32 bytes = 256 bits)
+ * Used for BIP-39 mnemonic generation (24 words)
+ * This is a type-level marker to prevent accidental misuse
+ */
+type Entropy = Uint8Array & {
+    readonly __brand: 'Entropy';
+};
 
 /**
- * Opaque handle to master seed
- * Provides controlled access and ensures cleanup via destroy()
+ * Handle to master key material
+ * Provides controlled access to entropy and seed, with secure cleanup
  */
-type MasterSeedHandle = {
-    /** Read-only access to master seed bytes */
-    readonly bytes: MasterSeed;
-    /** Destroy the handle and zeroize the seed */
+type MasterKeyHandle = {
+    /** 32-byte entropy for BIP-39 mnemonic generation */
+    readonly entropy: Entropy;
+    /** 32-byte seed for BIP-32 key derivation */
+    readonly seed: MasterSeed;
+    /**
+     * Get mnemonic phrase for export (24 words)
+     *
+     * WARNING: Returned string cannot be zeroized.
+     * Only call this when user explicitly requests wallet export.
+     * Minimize retention time of the returned string.
+     */
+    getMnemonic(): string;
+    /** Destroy the handle and zeroize all sensitive data */
     destroy(): void;
 };
 /**
  * Master key provider interface
- * Handles generation and unsealing of master seeds
+ * Handles generation and unsealing of master keys
  */
 interface MasterKeyProvider {
     /**
-     * Unseal master seed from encrypted blob
+     * Unseal entropy from encrypted blob and derive seed
      *
      * @param blob - Encrypted blob containing ciphertext, nonce, and AAD
      * @param wrapKey - Wrap key for decryption
-     * @returns Handle to unsealed master seed
+     * @returns Handle to unsealed master key
      */
     unsealFromBlob(blob: {
         cipher: Uint8Array;
         nonce: Uint8Array;
         aad: Uint8Array;
-    }, wrapKey: WrapKey): Promise<MasterSeedHandle>;
+    }, wrapKey: WrapKey): Promise<MasterKeyHandle>;
     /**
-     * Generate a new master seed
+     * Generate a new master key (entropy + derived seed)
      *
-     * @returns Handle to newly generated master seed
+     * @returns Handle to newly generated master key
      */
-    generate(): Promise<MasterSeedHandle>;
+    generate(): Promise<MasterKeyHandle>;
 }
 /**
  * Create a master key provider instance
@@ -161,8 +179,15 @@ interface MasterKeyProvider {
  * ```ts
  * const provider = createMasterKeyProvider();
  * const handle = await provider.generate();
- * // Use handle.bytes for key derivation
- * handle.destroy(); // Cleanup
+ *
+ * // Use handle.seed for key derivation
+ * const keypair = deriveEvmKey({ masterSeed: handle.seed });
+ *
+ * // Export mnemonic when user requests (only for backup/migration)
+ * const mnemonic = handle.getMnemonic();
+ *
+ * // Cleanup
+ * handle.destroy();
  * ```
  */
 declare function createMasterKeyProvider(): MasterKeyProvider;
@@ -250,6 +275,69 @@ type PrfInput = {
  */
 declare function deriveWrapKey(input: PrfInput): WrapKey;
 
+/**
+ * BIP-39 Mnemonic utilities
+ *
+ * Provides functions to generate entropy, convert to/from mnemonic strings,
+ * and derive seeds for key generation.
+ *
+ * Security Note:
+ * - Entropy (Uint8Array) can be zeroized after use
+ * - Mnemonic strings cannot be zeroized (JavaScript strings are immutable)
+ * - Only convert to mnemonic string when absolutely necessary (e.g., export)
+ */
+
+/**
+ * Generate random entropy for BIP-39 mnemonic (256 bits = 24 words)
+ *
+ * @returns 32-byte entropy that can be converted to a 24-word mnemonic
+ *
+ * @example
+ * ```ts
+ * const entropy = generateEntropy();
+ * const mnemonic = entropyToMnemonicString(entropy);
+ * // ... use mnemonic for export
+ * zeroize(entropy);
+ * ```
+ */
+declare function generateEntropy(): Entropy;
+/**
+ * Validate entropy has correct length for 24-word mnemonic
+ *
+ * @param entropy - Entropy to validate
+ * @returns true if entropy is valid (32 bytes)
+ */
+declare function validateEntropy(entropy: Entropy): boolean;
+/**
+ * Convert entropy to BIP-39 mnemonic string (24 words)
+ *
+ * WARNING: Returned string cannot be zeroized. Minimize retention time.
+ * Only call this function when the user explicitly requests to export their wallet.
+ *
+ * @param entropy - 32-byte entropy
+ * @returns 24-word mnemonic phrase (space-separated)
+ */
+declare function entropyToMnemonicString(entropy: Entropy): string;
+/**
+ * Convert BIP-39 mnemonic string back to entropy
+ *
+ * @param mnemonic - 24-word mnemonic phrase (space-separated)
+ * @returns 32-byte entropy
+ * @throws Error if mnemonic is invalid
+ */
+declare function mnemonicStringToEntropy(mnemonic: string): Entropy;
+/**
+ * Derive BIP-39 seed from entropy
+ *
+ * This function internally converts entropy to a mnemonic string (temporarily),
+ * then uses PBKDF2 to derive the seed. The mnemonic string exists only within
+ * this function's scope.
+ *
+ * @param entropy - 32-byte entropy
+ * @returns 32-byte master seed for BIP-32 key derivation
+ */
+declare function entropyToSeed(entropy: Entropy): Promise<MasterSeed>;
+
 /**
  * Default BIP-32 derivation path for Ethereum
  * m / purpose' / coin_type' / account' / change / address_index
@@ -1404,4 +1492,4 @@ type SelectSignerContext = {
  */
 declare function selectSigner(ctx: SelectSignerContext): Promise<SignerPort>;
 
-export { type AesGcmParams, type AuthorizationTuple, type Call, ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, type DeriveArgs, EIP1193ErrorCode, type EIP1193Provider, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, type EvmKeypair, type ExtendedRPCClient, ExternalWalletSigner, type KeyStorageType, type Sig$1 as LegacySig, type MasterKeyProvider, type MasterSeed, type MasterSeedHandle, type MpcTransport, PasskeyP256Signer, type PasskeyProviderOptions, type PasskeyProviderPort, type PrecheckInput, type PrecheckQuote, type PrfInput, type RelayInput, type RelayMode, type RelayResult, RequestPendingError, type RpcLike, Secp256k1SoftwareSigner, type SelectSignerContext, type SessionAuth, type Sig, type SignerContext, type SignerKind, type SignerPort, TYPES, type TypedDataDomain, type TypedDataField, type TypedDataInput, type TypedDataTypes, UnauthorizedError, UnsupportedMethodError, type UploadBlobOptions, type UploadViaPresignOptions, UserRejectedError, VolrError, WalletError, type WalletProviderPort, type WrapKey, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, evmSign, evmVerify, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner$1 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, zeroize };
+export { type AesGcmParams, type AuthorizationTuple, type Call, ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, type DeriveArgs, EIP1193ErrorCode, type EIP1193Provider, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, type Entropy, type EvmKeypair, type ExtendedRPCClient, ExternalWalletSigner, type KeyStorageType, type Sig$1 as LegacySig, type MasterKeyHandle, type MasterKeyProvider, type MasterSeed, type MpcTransport, PasskeyP256Signer, type PasskeyProviderOptions, type PasskeyProviderPort, type PrecheckInput, type PrecheckQuote, type PrfInput, type RelayInput, type RelayMode, type RelayResult, RequestPendingError, type RpcLike, Secp256k1SoftwareSigner, type SelectSignerContext, type SessionAuth, type Sig, type SignerContext, type SignerKind, type SignerPort, TYPES, type TypedDataDomain, type TypedDataField, type TypedDataInput, type TypedDataTypes, UnauthorizedError, UnsupportedMethodError, type UploadBlobOptions, type UploadViaPresignOptions, UserRejectedError, VolrError, WalletError, type WalletProviderPort, type WrapKey, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, entropyToMnemonicString, entropyToSeed, evmSign, evmVerify, generateEntropy, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, mnemonicStringToEntropy, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner$1 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, validateEntropy, zeroize };

package/dist/index.js

@@ -1,5 +1,7 @@
 import { hkdf } from '@noble/hashes/hkdf';
 import { sha256 } from '@noble/hashes/sha256';
+import { entropyToMnemonic, validateMnemonic, mnemonicToEntropy, mnemonicToSeed } from '@scure/bip39';
+import { wordlist } from '@scure/bip39/wordlists/english';
 import { HDKey } from '@scure/bip32';
 import { secp256k1 } from '@noble/curves/secp256k1';
 import { keccak_256 } from '@noble/hashes/sha3';
@@ -193,32 +195,56 @@ async function unsealMasterSeed(cipher, wrapKey, aad, nonce) {
   const decrypted = await aesGcmDecrypt(cipher, { key: wrapKey, aad, nonce });
   return decrypted;
 }
+function generateEntropy() {
+  return getRandomBytes(32);
+}
+function validateEntropy(entropy) {
+  return entropy instanceof Uint8Array && entropy.length === 32;
+}
+function entropyToMnemonicString(entropy) {
+  return entropyToMnemonic(entropy, wordlist);
+}
+function mnemonicStringToEntropy(mnemonic) {
+  if (!validateMnemonic(mnemonic, wordlist)) {
+    throw new Error("Invalid mnemonic phrase");
+  }
+  return mnemonicToEntropy(mnemonic, wordlist);
+}
+async function entropyToSeed(entropy) {
+  const mnemonic = entropyToMnemonic(entropy, wordlist);
+  const seed = await mnemonicToSeed(mnemonic);
+  return seed.slice(0, 32);
+}
 
 // src/master-key/provider.ts
+async function createHandle(entropy) {
+  const seed = await entropyToSeed(entropy);
+  return {
+    entropy,
+    seed,
+    getMnemonic() {
+      return entropyToMnemonicString(entropy);
+    },
+    destroy() {
+      zeroize(entropy);
+      zeroize(seed);
+    }
+  };
+}
 function createMasterKeyProvider() {
   return {
     async unsealFromBlob(blob, wrapKey) {
-      const masterSeed = await unsealMasterSeed(
+      const entropy = await unsealMasterSeed(
         blob.cipher,
         wrapKey,
         blob.aad,
         blob.nonce
       );
-      return {
-        bytes: masterSeed,
-        destroy() {
-          zeroize(masterSeed);
-        }
-      };
+      return createHandle(entropy);
     },
     async generate() {
-      const masterSeed = getRandomBytes(32);
-      return {
-        bytes: masterSeed,
-        destroy() {
-          zeroize(masterSeed);
-        }
-      };
+      const entropy = generateEntropy();
+      return createHandle(entropy);
     }
   };
 }
@@ -1290,6 +1316,6 @@ async function selectSigner2(ctx) {
   );
 }
 
-export { ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, EIP1193ErrorCode, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, ExternalWalletSigner, PasskeyP256Signer, RequestPendingError, Secp256k1SoftwareSigner, TYPES, UnauthorizedError, UnsupportedMethodError, UserRejectedError, VolrError, WalletError, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, evmSign, evmVerify, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner2 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, zeroize };
+export { ChainNotAddedError, DEFAULT_EVM_PATH, DOMAIN, EIP1193ErrorCode, EIP712_DOMAIN, ERR_AAD_MISMATCH, ERR_CHAIN_MISMATCH, ERR_CRYPTO_FAIL, ERR_INVALID_PARAM, ERR_LOW_ENTROPY, ERR_NONCE_SIZE, ExternalWalletSigner, PasskeyP256Signer, RequestPendingError, Secp256k1SoftwareSigner, TYPES, UnauthorizedError, UnsupportedMethodError, UserRejectedError, VolrError, WalletError, WrongNetworkError, ZERO_ADDRESS, ZERO_HASH, aesGcmDecrypt, aesGcmEncrypt, buildSignedBatchMessage, computeCallsHash, createMasterKeyProvider, createMpcProvider, createPasskeyProvider, deriveEvmKey, deriveWrapKey, entropyToMnemonicString, entropyToSeed, evmSign, evmVerify, generateEntropy, generateNonce, getAuthNonce, getRandomBytes, hkdfSha256, mnemonicStringToEntropy, normalizeWalletError, sealMasterSeed, selectSigner, selectSigner2 as selectSignerLegacy, signAuthorization, signSession, toChecksumAddress, unsealMasterSeed, uploadBlob, uploadBlobViaPresign, validateEntropy, zeroize };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map