@weblock-wallet/sdk 0.1.69 → 0.1.71

package/dist/index.cjs

@@ -104109,6 +104109,7 @@ var SDKErrorCode = /* @__PURE__ */ ((SDKErrorCode2) => {
   SDKErrorCode2["NOT_LOGGED_IN"] = "NOT_LOGGED_IN";
   SDKErrorCode2["NETWORK_SWITCH_FAILED"] = "NETWORK_SWITCH_FAILED";
   SDKErrorCode2["TRANSACTION_FAILED"] = "TRANSACTION_FAILED";
+  SDKErrorCode2["INVALID_PIN"] = "INVALID_PIN";
   return SDKErrorCode2;
 })(SDKErrorCode || {});
 var SDKError = class extends Error {
@@ -104155,8 +104156,14 @@ var STORAGE_KEYS = {
   walletAddress: (orgHost) => `${orgHost}:walletAddress`,
   share2: (orgHost) => `${orgHost}:share2`,
   encryptedShare2: (orgHost) => `${orgHost}:encryptedShare2`,
-  encryptedShare2Device: (orgHost) => `${orgHost}:encryptedShare2_device`,
-  deviceSecret: (orgHost) => `${orgHost}:deviceSecret`,
+  // User-scoped keys to prevent cross-account mixing on the same device.
+  deviceId: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:deviceId`,
+  encryptedShare2Device: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:encryptedShare2_device`,
+  deviceSecret: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:deviceSecret`,
+  // Legacy keys (kept for migration / cleanup)
+  encryptedShare2DeviceLegacy: (orgHost) => `${orgHost}:encryptedShare2_device`,
+  deviceSecretLegacy: (orgHost) => `${orgHost}:deviceSecret`,
+  deviceIdLegacy: (orgHost) => `${orgHost}:deviceId`,
   firebaseId: (orgHost) => `${orgHost}:firebaseId`,
   accessToken: (orgHost) => `${orgHost}:accessToken`,
   isNewUser: (orgHost) => `${orgHost}:isNewUser`
@@ -104188,28 +104195,76 @@ var WalletService = class {
   isSixDigitPin(pin) {
     return /^[0-9]{6}$/.test(pin);
   }
+  normalizeAddr(v5) {
+    const s5 = String(v5 ?? "").trim();
+    return s5 ? s5.toLowerCase() : "";
+  }
+  addressesMismatch(a5, b4) {
+    return !!a5 && !!b4 && a5.toLowerCase() !== b4.toLowerCase();
+  }
+  /**
+   * deviceId: stable identifier for the current device/browser profile.
+   * Used to store/fetch server-side device recovery backup.
+   */
+  async getOrCreateDeviceId(firebaseId) {
+    const scopedKey = STORAGE_KEYS.deviceId(this.orgHost, firebaseId);
+    const existing = await LocalForage.get(scopedKey);
+    if (existing) return existing;
+    const legacy = await LocalForage.get(
+      STORAGE_KEYS.deviceIdLegacy(this.orgHost)
+    );
+    if (legacy) {
+      await LocalForage.save(scopedKey, legacy);
+      return legacy;
+    }
+    const id = randomBytes(16).toString("hex");
+    await LocalForage.save(scopedKey, id);
+    return id;
+  }
   /**
-   * deviceSecret: local-only secret for device recovery material.
-   * This must never be sent to server.
+   * deviceSecret: device recovery secret. In the original SDK this was local-only.
+   * To enable PIN reset after local storage wipe, we back it up to the server
+   * (server should encrypt-at-rest; transport is TLS).
    */
-  async getOrCreateDeviceSecret() {
-    const key = STORAGE_KEYS.deviceSecret(this.orgHost);
-    const existing = await LocalForage.get(key);
+  async getOrCreateDeviceSecret(firebaseId) {
+    const scopedKey = STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId);
+    const existing = await LocalForage.get(scopedKey);
     if (existing) return existing;
+    const legacy = await LocalForage.get(
+      STORAGE_KEYS.deviceSecretLegacy(this.orgHost)
+    );
+    if (legacy) {
+      await LocalForage.save(scopedKey, legacy);
+      return legacy;
+    }
     const secret = randomBytes(32).toString("hex");
-    await LocalForage.save(key, secret);
+    await LocalForage.save(scopedKey, secret);
     return secret;
   }
   /**
-   * PATCH APPLIED:
    * Always overwrite encryptedShare2_device when we have a fresh share2.
-   * Keeping an old device share causes (share1 new + share2 old) => different derived wallet.
+   * Also upsert to server so that PIN reset can work after local storage wipe.
+   *
+   * Note: Server backup is best-effort; we do not fail the main flow if backup fails.
    */
   async ensureDeviceEncryptedShare2(share2Plain, firebaseId) {
-    const encryptedKey = STORAGE_KEYS.encryptedShare2Device(this.orgHost);
-    const deviceSecret = await this.getOrCreateDeviceSecret();
+    const deviceId = await this.getOrCreateDeviceId(firebaseId);
+    const deviceSecret = await this.getOrCreateDeviceSecret(firebaseId);
+    const encryptedKey = STORAGE_KEYS.encryptedShare2Device(
+      this.orgHost,
+      firebaseId
+    );
     const encrypted = Crypto.encryptShare(share2Plain, deviceSecret, firebaseId);
     await LocalForage.save(encryptedKey, encrypted);
+    try {
+      await this.walletClient.upsertDeviceRecovery({
+        deviceId,
+        encryptedShare2Device: encrypted,
+        deviceSecret
+      });
+    } catch (e7) {
+      console.warn("[WalletService] device recovery backup upsert failed", e7);
+    }
   }
   async getAddress() {
     try {
@@ -104333,6 +104388,7 @@ var WalletService = class {
         }
       };
       const walletInfo = await this.walletClient.getWallet();
+      const serverAddr = this.normalizeAddr(walletInfo?.address);
       let share2 = await LocalForage.get(
         STORAGE_KEYS.share2(this.orgHost)
       );
@@ -104352,6 +104408,13 @@ var WalletService = class {
             share3
           ]);
           const wallet2 = new import_ethers2.Wallet(privateKey2);
+          const derivedAddr2 = this.normalizeAddr(wallet2.address);
+          if (this.addressesMismatch(serverAddr, derivedAddr2)) {
+            throw new SDKError(
+              `Recovered wallet address mismatch. server=${serverAddr} derived=${derivedAddr2}`,
+              "WALLET_RECOVERY_FAILED" /* WALLET_RECOVERY_FAILED */
+            );
+          }
           const newShares = await Secrets.split(wallet2.privateKey, 3, 2);
           const [newShare1, newShare2, newShare3] = newShares;
           await this.walletClient.updateWalletKey({
@@ -104382,6 +104445,13 @@ var WalletService = class {
         share2
       ]);
       const wallet = new import_ethers2.Wallet(privateKey);
+      const derivedAddr = this.normalizeAddr(wallet.address);
+      if (this.addressesMismatch(serverAddr, derivedAddr)) {
+        throw new SDKError(
+          `Recovered wallet address mismatch. server=${serverAddr} derived=${derivedAddr}`,
+          "WALLET_RECOVERY_FAILED" /* WALLET_RECOVERY_FAILED */
+        );
+      }
       await this.ensureDeviceEncryptedShare2(share2, firebaseId);
       this.walletAddress = wallet.address;
       await LocalForage.save(
@@ -104402,7 +104472,8 @@ var WalletService = class {
     }
   }
   /**
-   * PIN reset (same private key/address) using encryptedShare2_device.
+   * PIN reset (same private key/address) using device recovery material.
+   * If local recovery material is missing, it attempts to restore it from server backup.
    */
   async resetPin(newPassword) {
     try {
@@ -104424,34 +104495,74 @@ var WalletService = class {
           "INVALID_PARAMS" /* INVALID_PARAMS */
         );
       }
-      const encryptedDevice = await LocalForage.get(
-        STORAGE_KEYS.encryptedShare2Device(this.orgHost)
+      let encryptedDevice = await LocalForage.get(
+        STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
       );
-      const deviceSecret = await LocalForage.get(
-        STORAGE_KEYS.deviceSecret(this.orgHost)
+      let deviceSecret = await LocalForage.get(
+        STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
       );
       if (!encryptedDevice || !deviceSecret) {
-        throw new SDKError(
-          "PIN reset is not available on this device",
-          "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
+        let backup;
+        try {
+          backup = await this.walletClient.getDeviceRecovery(void 0);
+        } catch (e7) {
+          throw new SDKError(
+            "PIN reset is not available on this device",
+            "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */,
+            e7
+          );
+        }
+        if (!backup?.found || !backup?.encryptedShare2Device || !backup?.deviceSecret) {
+          throw new SDKError(
+            "PIN reset is not available. No device recovery backup found for this user.",
+            "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
+          );
+        }
+        encryptedDevice = backup.encryptedShare2Device;
+        deviceSecret = backup.deviceSecret;
+        await LocalForage.save(
+          STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId),
+          encryptedDevice
+        );
+        await LocalForage.save(
+          STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId),
+          deviceSecret
         );
+        if (backup?.deviceId) {
+          await LocalForage.save(
+            STORAGE_KEYS.deviceId(this.orgHost, firebaseId),
+            backup.deviceId
+          );
+        }
       }
       let share2;
       try {
-        share2 = Crypto.decryptShare(encryptedDevice, deviceSecret, firebaseId);
+        share2 = Crypto.decryptShare(
+          encryptedDevice,
+          deviceSecret,
+          firebaseId
+        );
       } catch (e7) {
         throw new SDKError(
-          "PIN reset is not available on this device",
+          "PIN reset is not available. Recovery material cannot be decrypted.",
           "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */,
           e7
         );
       }
       const walletInfo = await this.walletClient.getWallet();
+      const serverAddr = this.normalizeAddr(walletInfo?.address);
       const privateKey = await Secrets.combine([
         walletInfo.share1,
         share2
       ]);
       const wallet = new import_ethers2.Wallet(privateKey);
+      const derivedAddr = this.normalizeAddr(wallet.address);
+      if (this.addressesMismatch(serverAddr, derivedAddr)) {
+        throw new SDKError(
+          `Device recovery does not match server wallet. server=${serverAddr} derived=${derivedAddr}`,
+          "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
+        );
+      }
       const newShares = await Secrets.split(wallet.privateKey, 3, 2);
       const [newShare1, newShare2, newShare3] = newShares;
       await this.walletClient.updateWalletKey({
@@ -104488,8 +104599,23 @@ var WalletService = class {
     await LocalForage.delete(STORAGE_KEYS.walletAddress(this.orgHost));
     await LocalForage.delete(STORAGE_KEYS.share2(this.orgHost));
     await LocalForage.delete(STORAGE_KEYS.encryptedShare2(this.orgHost));
-    await LocalForage.delete(STORAGE_KEYS.encryptedShare2Device(this.orgHost));
-    await LocalForage.delete(STORAGE_KEYS.deviceSecret(this.orgHost));
+    const firebaseId = await LocalForage.get(
+      STORAGE_KEYS.firebaseId(this.orgHost)
+    );
+    if (firebaseId) {
+      await LocalForage.delete(
+        STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
+      );
+      await LocalForage.delete(
+        STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
+      );
+      await LocalForage.delete(STORAGE_KEYS.deviceId(this.orgHost, firebaseId));
+    }
+    await LocalForage.delete(
+      STORAGE_KEYS.encryptedShare2DeviceLegacy(this.orgHost)
+    );
+    await LocalForage.delete(STORAGE_KEYS.deviceSecretLegacy(this.orgHost));
+    await LocalForage.delete(STORAGE_KEYS.deviceIdLegacy(this.orgHost));
   }
   async getBalance(address, chainId) {
     const response = await this.rpcClient.sendRpc({
@@ -104626,7 +104752,7 @@ var WalletService = class {
     }
   }
   /**
-   * PATCH APPLIED (critical):
+   * Critical safety:
    * - Never overwrite cached walletAddress with derived signer address.
    * - If server/cached address != derived address => throw WALLET_RECOVERY_FAILED.
    */
@@ -104654,19 +104780,21 @@ var WalletService = class {
           const firebaseId = await LocalForage.get(
             STORAGE_KEYS.firebaseId(this.orgHost)
           );
-          const encryptedDevice = await LocalForage.get(
-            STORAGE_KEYS.encryptedShare2Device(this.orgHost)
-          );
-          const deviceSecret = await LocalForage.get(
-            STORAGE_KEYS.deviceSecret(this.orgHost)
-          );
-          if (firebaseId && encryptedDevice && deviceSecret) {
-            share2 = Crypto.decryptShare(
-              encryptedDevice,
-              deviceSecret,
-              firebaseId
+          if (firebaseId) {
+            const encryptedDevice = await LocalForage.get(
+              STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
             );
-            await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), share2);
+            const deviceSecret = await LocalForage.get(
+              STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
+            );
+            if (encryptedDevice && deviceSecret) {
+              share2 = Crypto.decryptShare(
+                encryptedDevice,
+                deviceSecret,
+                firebaseId
+              );
+              await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), share2);
+            }
           }
         } catch {
         }
@@ -105255,6 +105383,38 @@ var WalletClient = class {
       needsAccessToken: true
     });
   }
+  async getDeviceShare2Backup() {
+    try {
+      return await this.client.get(
+        "/api/v1/wallet/device-share2",
+        { needsAccessToken: true }
+      );
+    } catch (e7) {
+      if (e7?.details?.status === 404 || String(e7?.message || "").includes("404"))
+        return null;
+      throw e7;
+    }
+  }
+  async upsertDeviceShare2Backup(body) {
+    await this.client.put("/api/v1/wallet/device-share2", body, {
+      needsAccessToken: true
+    });
+  }
+  async upsertDeviceRecovery(req) {
+    await this.client.put(`${this.baseUrl}/device-recovery`, req, {
+      needsAccessToken: true
+    });
+  }
+  /**
+   * If deviceId is omitted, server returns latest.
+   * Returns { found:false } if no backup exists.
+   */
+  async getDeviceRecovery(deviceId) {
+    const qs = deviceId ? `?deviceId=${encodeURIComponent(deviceId)}` : "";
+    return this.client.get(`${this.baseUrl}/device-recovery${qs}`, {
+      needsAccessToken: true
+    });
+  }
 };
 
 // src/clients/api/rpcs.ts