@weblock-wallet/sdk 0.1.70 → 0.1.71

package/dist/index.cjs

@@ -104156,8 +104156,14 @@ var STORAGE_KEYS = {
   walletAddress: (orgHost) => `${orgHost}:walletAddress`,
   share2: (orgHost) => `${orgHost}:share2`,
   encryptedShare2: (orgHost) => `${orgHost}:encryptedShare2`,
-  encryptedShare2Device: (orgHost) => `${orgHost}:encryptedShare2_device`,
-  deviceSecret: (orgHost) => `${orgHost}:deviceSecret`,
+  // User-scoped keys to prevent cross-account mixing on the same device.
+  deviceId: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:deviceId`,
+  encryptedShare2Device: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:encryptedShare2_device`,
+  deviceSecret: (orgHost, firebaseId) => `${orgHost}:${firebaseId}:deviceSecret`,
+  // Legacy keys (kept for migration / cleanup)
+  encryptedShare2DeviceLegacy: (orgHost) => `${orgHost}:encryptedShare2_device`,
+  deviceSecretLegacy: (orgHost) => `${orgHost}:deviceSecret`,
+  deviceIdLegacy: (orgHost) => `${orgHost}:deviceId`,
   firebaseId: (orgHost) => `${orgHost}:firebaseId`,
   accessToken: (orgHost) => `${orgHost}:accessToken`,
   isNewUser: (orgHost) => `${orgHost}:isNewUser`
@@ -104189,28 +104195,76 @@ var WalletService = class {
   isSixDigitPin(pin) {
     return /^[0-9]{6}$/.test(pin);
   }
+  normalizeAddr(v5) {
+    const s5 = String(v5 ?? "").trim();
+    return s5 ? s5.toLowerCase() : "";
+  }
+  addressesMismatch(a5, b4) {
+    return !!a5 && !!b4 && a5.toLowerCase() !== b4.toLowerCase();
+  }
+  /**
+   * deviceId: stable identifier for the current device/browser profile.
+   * Used to store/fetch server-side device recovery backup.
+   */
+  async getOrCreateDeviceId(firebaseId) {
+    const scopedKey = STORAGE_KEYS.deviceId(this.orgHost, firebaseId);
+    const existing = await LocalForage.get(scopedKey);
+    if (existing) return existing;
+    const legacy = await LocalForage.get(
+      STORAGE_KEYS.deviceIdLegacy(this.orgHost)
+    );
+    if (legacy) {
+      await LocalForage.save(scopedKey, legacy);
+      return legacy;
+    }
+    const id = randomBytes(16).toString("hex");
+    await LocalForage.save(scopedKey, id);
+    return id;
+  }
   /**
-   * deviceSecret: local-only secret for device recovery material.
-   * This must never be sent to server.
+   * deviceSecret: device recovery secret. In the original SDK this was local-only.
+   * To enable PIN reset after local storage wipe, we back it up to the server
+   * (server should encrypt-at-rest; transport is TLS).
    */
-  async getOrCreateDeviceSecret() {
-    const key = STORAGE_KEYS.deviceSecret(this.orgHost);
-    const existing = await LocalForage.get(key);
+  async getOrCreateDeviceSecret(firebaseId) {
+    const scopedKey = STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId);
+    const existing = await LocalForage.get(scopedKey);
     if (existing) return existing;
+    const legacy = await LocalForage.get(
+      STORAGE_KEYS.deviceSecretLegacy(this.orgHost)
+    );
+    if (legacy) {
+      await LocalForage.save(scopedKey, legacy);
+      return legacy;
+    }
     const secret = randomBytes(32).toString("hex");
-    await LocalForage.save(key, secret);
+    await LocalForage.save(scopedKey, secret);
     return secret;
   }
   /**
-   * PATCH APPLIED:
    * Always overwrite encryptedShare2_device when we have a fresh share2.
-   * Keeping an old device share causes (share1 new + share2 old) => different derived wallet.
+   * Also upsert to server so that PIN reset can work after local storage wipe.
+   *
+   * Note: Server backup is best-effort; we do not fail the main flow if backup fails.
    */
   async ensureDeviceEncryptedShare2(share2Plain, firebaseId) {
-    const encryptedKey = STORAGE_KEYS.encryptedShare2Device(this.orgHost);
-    const deviceSecret = await this.getOrCreateDeviceSecret();
+    const deviceId = await this.getOrCreateDeviceId(firebaseId);
+    const deviceSecret = await this.getOrCreateDeviceSecret(firebaseId);
+    const encryptedKey = STORAGE_KEYS.encryptedShare2Device(
+      this.orgHost,
+      firebaseId
+    );
     const encrypted = Crypto.encryptShare(share2Plain, deviceSecret, firebaseId);
     await LocalForage.save(encryptedKey, encrypted);
+    try {
+      await this.walletClient.upsertDeviceRecovery({
+        deviceId,
+        encryptedShare2Device: encrypted,
+        deviceSecret
+      });
+    } catch (e7) {
+      console.warn("[WalletService] device recovery backup upsert failed", e7);
+    }
   }
   async getAddress() {
     try {
@@ -104299,69 +104353,106 @@ var WalletService = class {
       );
     }
   }
-  // client/src/core/services/wallet.ts
-  // Full version of retrieveWallet() with the address-mismatch guard added.
-  // Assumes existing imports/types in this file:
-  // - SDKError, SDKErrorCode
-  // - LocalForage
-  // - STORAGE_KEYS
-  // - Crypto (encryptShare/decryptShare)
-  // - Secrets (combine)
-  // - Wallet (ethers Wallet or equivalent)
-  // - this.walletClient.getWallet()
-  // - this.orgHost, this.walletAddress
-  // - this.isSixDigitPin(password)
   async retrieveWallet(password) {
     try {
+      const accessToken = await LocalForage.get(
+        STORAGE_KEYS.accessToken(this.orgHost)
+      );
+      if (!accessToken) {
+        throw new SDKError("Access token not found", "AUTH_REQUIRED" /* AUTH_REQUIRED */);
+      }
       const firebaseId = await LocalForage.get(
         STORAGE_KEYS.firebaseId(this.orgHost)
       );
       if (!firebaseId) {
         throw new SDKError("Not logged in", "AUTH_REQUIRED" /* AUTH_REQUIRED */);
       }
-      if (!password || !this.isSixDigitPin(password)) {
+      if (!this.isSixDigitPin(password)) {
         throw new SDKError(
           "PIN must be a 6-digit number",
           "INVALID_PARAMS" /* INVALID_PARAMS */
         );
       }
+      const decryptShareOrThrow = (encryptedShare) => {
+        try {
+          return Crypto.decryptShare(encryptedShare, password, firebaseId);
+        } catch (e7) {
+          if (this.isInvalidPasswordError(e7)) {
+            throw new SDKError(
+              "Incorrect PIN code",
+              "INVALID_PASSWORD" /* INVALID_PASSWORD */,
+              e7
+            );
+          }
+          throw e7;
+        }
+      };
       const walletInfo = await this.walletClient.getWallet();
-      const share1 = walletInfo.share1;
-      const serverAddr = walletInfo.address?.toLowerCase?.() ?? "";
-      if (!share1) {
-        throw new SDKError(
-          "Wallet is not initialized on the server",
-          "WALLET_NOT_FOUND" /* WALLET_NOT_FOUND */
-        );
-      }
-      const encryptedShare2 = await LocalForage.get(
-        STORAGE_KEYS.encryptedShare2(this.orgHost)
+      const serverAddr = this.normalizeAddr(walletInfo?.address);
+      let share2 = await LocalForage.get(
+        STORAGE_KEYS.share2(this.orgHost)
       );
-      if (!encryptedShare2) {
-        throw new SDKError(
-          "Local recovery material is missing on this device",
-          "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
-        );
-      }
-      let share2;
-      try {
-        share2 = Crypto.decryptShare(encryptedShare2, password, firebaseId);
-      } catch (e7) {
-        throw new SDKError(
-          "Invalid PIN or corrupted local recovery material",
-          "INVALID_PIN" /* INVALID_PIN */,
-          e7
+      if (!share2) {
+        const encryptedShare2 = await LocalForage.get(
+          STORAGE_KEYS.encryptedShare2(this.orgHost)
         );
+        if (encryptedShare2) {
+          share2 = decryptShareOrThrow(encryptedShare2);
+          await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), share2);
+        } else {
+          const share3 = decryptShareOrThrow(
+            walletInfo.encryptedShare3
+          );
+          const privateKey2 = await Secrets.combine([
+            walletInfo.share1,
+            share3
+          ]);
+          const wallet2 = new import_ethers2.Wallet(privateKey2);
+          const derivedAddr2 = this.normalizeAddr(wallet2.address);
+          if (this.addressesMismatch(serverAddr, derivedAddr2)) {
+            throw new SDKError(
+              `Recovered wallet address mismatch. server=${serverAddr} derived=${derivedAddr2}`,
+              "WALLET_RECOVERY_FAILED" /* WALLET_RECOVERY_FAILED */
+            );
+          }
+          const newShares = await Secrets.split(wallet2.privateKey, 3, 2);
+          const [newShare1, newShare2, newShare3] = newShares;
+          await this.walletClient.updateWalletKey({
+            share1: newShare1,
+            encryptedShare3: Crypto.encryptShare(
+              newShare3,
+              password,
+              firebaseId
+            )
+          });
+          await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), newShare2);
+          await LocalForage.save(
+            STORAGE_KEYS.encryptedShare2(this.orgHost),
+            Crypto.encryptShare(newShare2, password, firebaseId)
+          );
+          await this.ensureDeviceEncryptedShare2(newShare2, firebaseId);
+          this.walletAddress = wallet2.address;
+          await LocalForage.save(
+            STORAGE_KEYS.walletAddress(this.orgHost),
+            wallet2.address
+          );
+          await LocalForage.delete(STORAGE_KEYS.share2(this.orgHost));
+          return wallet2.address;
+        }
       }
-      const privateKey = await Secrets.combine([share1, share2]);
+      const privateKey = await Secrets.combine([
+        walletInfo.share1,
+        share2
+      ]);
       const wallet = new import_ethers2.Wallet(privateKey);
-      const derivedAddr = wallet.address.toLowerCase();
-      if (serverAddr && derivedAddr !== serverAddr) {
+      const derivedAddr = this.normalizeAddr(wallet.address);
+      if (this.addressesMismatch(serverAddr, derivedAddr)) {
         throw new SDKError(
           `Recovered wallet address mismatch. server=${serverAddr} derived=${derivedAddr}`,
           "WALLET_RECOVERY_FAILED" /* WALLET_RECOVERY_FAILED */
         );
       }
+      await this.ensureDeviceEncryptedShare2(share2, firebaseId);
       this.walletAddress = wallet.address;
       await LocalForage.save(
         STORAGE_KEYS.walletAddress(this.orgHost),
@@ -104370,6 +104461,8 @@ var WalletService = class {
       await LocalForage.delete(STORAGE_KEYS.share2(this.orgHost));
       return wallet.address;
     } catch (error) {
+      this.walletAddress = null;
+      await LocalForage.delete(STORAGE_KEYS.share2(this.orgHost));
       if (error instanceof SDKError) throw error;
       throw new SDKError(
         "Failed to retrieve wallet",
@@ -104379,7 +104472,8 @@ var WalletService = class {
     }
   }
   /**
-   * PIN reset (same private key/address) using encryptedShare2_device.
+   * PIN reset (same private key/address) using device recovery material.
+   * If local recovery material is missing, it attempts to restore it from server backup.
    */
   async resetPin(newPassword) {
     try {
@@ -104401,42 +104495,71 @@ var WalletService = class {
           "INVALID_PARAMS" /* INVALID_PARAMS */
         );
       }
-      const encryptedDevice = await LocalForage.get(
-        STORAGE_KEYS.encryptedShare2Device(this.orgHost)
+      let encryptedDevice = await LocalForage.get(
+        STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
       );
-      const deviceSecret = await LocalForage.get(
-        STORAGE_KEYS.deviceSecret(this.orgHost)
+      let deviceSecret = await LocalForage.get(
+        STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
       );
       if (!encryptedDevice || !deviceSecret) {
-        throw new SDKError(
-          "PIN reset is not available on this device",
-          "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
+        let backup;
+        try {
+          backup = await this.walletClient.getDeviceRecovery(void 0);
+        } catch (e7) {
+          throw new SDKError(
+            "PIN reset is not available on this device",
+            "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */,
+            e7
+          );
+        }
+        if (!backup?.found || !backup?.encryptedShare2Device || !backup?.deviceSecret) {
+          throw new SDKError(
+            "PIN reset is not available. No device recovery backup found for this user.",
+            "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
+          );
+        }
+        encryptedDevice = backup.encryptedShare2Device;
+        deviceSecret = backup.deviceSecret;
+        await LocalForage.save(
+          STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId),
+          encryptedDevice
+        );
+        await LocalForage.save(
+          STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId),
+          deviceSecret
         );
+        if (backup?.deviceId) {
+          await LocalForage.save(
+            STORAGE_KEYS.deviceId(this.orgHost, firebaseId),
+            backup.deviceId
+          );
+        }
       }
       let share2;
       try {
-        share2 = Crypto.decryptShare(encryptedDevice, deviceSecret, firebaseId);
+        share2 = Crypto.decryptShare(
+          encryptedDevice,
+          deviceSecret,
+          firebaseId
+        );
       } catch (e7) {
         throw new SDKError(
-          "PIN reset is not available on this device",
+          "PIN reset is not available. Recovery material cannot be decrypted.",
           "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */,
           e7
         );
       }
       const walletInfo = await this.walletClient.getWallet();
+      const serverAddr = this.normalizeAddr(walletInfo?.address);
       const privateKey = await Secrets.combine([
         walletInfo.share1,
         share2
       ]);
       const wallet = new import_ethers2.Wallet(privateKey);
-      const serverAddr = walletInfo.address?.toLowerCase?.() ?? "";
-      const derivedAddr = wallet.address.toLowerCase();
-      const cachedAddr = await LocalForage.get(
-        STORAGE_KEYS.walletAddress(this.orgHost)
-      ) ?? null;
-      if (serverAddr && derivedAddr !== serverAddr) {
+      const derivedAddr = this.normalizeAddr(wallet.address);
+      if (this.addressesMismatch(serverAddr, derivedAddr)) {
         throw new SDKError(
-          `Device recovery material does not match server wallet. server=${serverAddr} derived=${derivedAddr} cached=${cachedAddr ?? "null"}`,
+          `Device recovery does not match server wallet. server=${serverAddr} derived=${derivedAddr}`,
           "RECOVERY_NOT_AVAILABLE" /* RECOVERY_NOT_AVAILABLE */
         );
       }
@@ -104476,8 +104599,23 @@ var WalletService = class {
     await LocalForage.delete(STORAGE_KEYS.walletAddress(this.orgHost));
     await LocalForage.delete(STORAGE_KEYS.share2(this.orgHost));
     await LocalForage.delete(STORAGE_KEYS.encryptedShare2(this.orgHost));
-    await LocalForage.delete(STORAGE_KEYS.encryptedShare2Device(this.orgHost));
-    await LocalForage.delete(STORAGE_KEYS.deviceSecret(this.orgHost));
+    const firebaseId = await LocalForage.get(
+      STORAGE_KEYS.firebaseId(this.orgHost)
+    );
+    if (firebaseId) {
+      await LocalForage.delete(
+        STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
+      );
+      await LocalForage.delete(
+        STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
+      );
+      await LocalForage.delete(STORAGE_KEYS.deviceId(this.orgHost, firebaseId));
+    }
+    await LocalForage.delete(
+      STORAGE_KEYS.encryptedShare2DeviceLegacy(this.orgHost)
+    );
+    await LocalForage.delete(STORAGE_KEYS.deviceSecretLegacy(this.orgHost));
+    await LocalForage.delete(STORAGE_KEYS.deviceIdLegacy(this.orgHost));
   }
   async getBalance(address, chainId) {
     const response = await this.rpcClient.sendRpc({
@@ -104614,7 +104752,7 @@ var WalletService = class {
     }
   }
   /**
-   * PATCH APPLIED (critical):
+   * Critical safety:
    * - Never overwrite cached walletAddress with derived signer address.
    * - If server/cached address != derived address => throw WALLET_RECOVERY_FAILED.
    */
@@ -104642,19 +104780,21 @@ var WalletService = class {
           const firebaseId = await LocalForage.get(
             STORAGE_KEYS.firebaseId(this.orgHost)
           );
-          const encryptedDevice = await LocalForage.get(
-            STORAGE_KEYS.encryptedShare2Device(this.orgHost)
-          );
-          const deviceSecret = await LocalForage.get(
-            STORAGE_KEYS.deviceSecret(this.orgHost)
-          );
-          if (firebaseId && encryptedDevice && deviceSecret) {
-            share2 = Crypto.decryptShare(
-              encryptedDevice,
-              deviceSecret,
-              firebaseId
+          if (firebaseId) {
+            const encryptedDevice = await LocalForage.get(
+              STORAGE_KEYS.encryptedShare2Device(this.orgHost, firebaseId)
             );
-            await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), share2);
+            const deviceSecret = await LocalForage.get(
+              STORAGE_KEYS.deviceSecret(this.orgHost, firebaseId)
+            );
+            if (encryptedDevice && deviceSecret) {
+              share2 = Crypto.decryptShare(
+                encryptedDevice,
+                deviceSecret,
+                firebaseId
+              );
+              await LocalForage.save(STORAGE_KEYS.share2(this.orgHost), share2);
+            }
           }
         } catch {
         }
@@ -105243,6 +105383,38 @@ var WalletClient = class {
       needsAccessToken: true
     });
   }
+  async getDeviceShare2Backup() {
+    try {
+      return await this.client.get(
+        "/api/v1/wallet/device-share2",
+        { needsAccessToken: true }
+      );
+    } catch (e7) {
+      if (e7?.details?.status === 404 || String(e7?.message || "").includes("404"))
+        return null;
+      throw e7;
+    }
+  }
+  async upsertDeviceShare2Backup(body) {
+    await this.client.put("/api/v1/wallet/device-share2", body, {
+      needsAccessToken: true
+    });
+  }
+  async upsertDeviceRecovery(req) {
+    await this.client.put(`${this.baseUrl}/device-recovery`, req, {
+      needsAccessToken: true
+    });
+  }
+  /**
+   * If deviceId is omitted, server returns latest.
+   * Returns { found:false } if no backup exists.
+   */
+  async getDeviceRecovery(deviceId) {
+    const qs = deviceId ? `?deviceId=${encodeURIComponent(deviceId)}` : "";
+    return this.client.get(`${this.baseUrl}/device-recovery${qs}`, {
+      needsAccessToken: true
+    });
+  }
 };
 
 // src/clients/api/rpcs.ts