@welshare/react 0.3.0 → 0.5.0

package/README.md

@@ -2,7 +2,7 @@
 
 ### Disclaimer, notes on maturity
 
-This library is in Alpha / demo state at this moment. We're using it to review the security aspects while data is in transfer and in rest. There's absolutely no guarantee or warrant that at this point any data is safe. All data can be lost at any time - even though we're using resources that puts decentralization and resilience values to the front. Be **very** careful if you're integrating this into user facing code. Welshare Health wallets are controlled by cryptographic material which _can_ be stored in non custodial / MPC environments (Privy). While that's considered very safe, we can't guarantee at this point that we've already got each aspect of inter application communication or key derivation features right, so don't connect wallets that store significant value with the welshare wallet yet.
+This library is in Alpha / demo state at this moment. We're using it to review the security aspects while data is in transfer and in rest. There's absolutely no guarantee or warrant that at this point any data is safe, even though we're using resources that prioritize decentralization and resilience. Welshare Health wallets are controlled by cryptographic material which _can_ be stored in non custodial / MPC environments (Privy). While that's considered very safe, we can't guarantee at this point that we've already got each aspect of inter application communication or key derivation features right, so don't connect wallets that store significant value with the welshare wallet yet.
 
 ## Purpose
 
@@ -32,9 +32,10 @@ If you want to submit questionnaire data, your application must first register a
 
 At the moment there are only two supported submission types: Fhir compatible QuestionnaireResponses and our custom "Reflex" app submissions. Both types are identified by schema uids that are accessible on the `Schemas` export.
 
-```
+```js
 export const Schemas = {
-  QuestionnaireResponse: "b14b538f-7de3-4767-ad77-464d755d78bd"
+  QuestionnaireResponse: "b14b538f-7de3-4767-ad77-464d755d78bd",
+  BinaryFile: "9d696baf-483f-4cc0-b748-23a22c1705f5",
 };
 ```
 
@@ -83,46 +84,40 @@ export function QuestionnaireForm() {
 
 ### Binary file uploads (e.g. images)
 
-binary file uploads require a lot of back and forth with the wallet dialog that we wrapped into one convenient upload API. If you want to include binary uploads into your questionnaires, you would typically hook into your own form, upload the file using the `uploadFile` function exposed by the `useWelshare` hook and use the response information to in the respective questionnaire form answer item.
+Before data hits any server, the SDK encrypts all files with a new random symmetric AES (GCM / 256 bits) key. Users request a presigned upload url and post the encrypted file to an S3 compatible API that's currently operated by Welshare. Ultimately, they encrypt the encryption key for a Nillion _owned_ BinaryData collection and store it across Nillion nodes (no single node can recover the key). At the time of insertion, they currently also grant ACL read rights for the application (Technically, this is the welshare builder keypair at the moment).
 
-Each download should contain a reference to the resource that initiated its upload. As Welshare right now is mostly about questionnaires, you should use a combination of the resource type (questionnaire), the questionnaire id and the answer item's id
+#### Upload via Wallet Dialog
 
 ```ts
-const reference = `questionnaire/${questionnaireId}/${answerItemId}`;
+const { isConnected, openWallet, uploadFile, submitData } = useWelshare({
+  applicationId: process.env.NEXT_PUBLIC_WELSHARE_APP_ID || "",
+});
+
+// Upload file (wallet dialog handles auth)
+const { url: uploadedFileUrl, binaryFileUid } = await uploadFile(
+  userFile,
+  `questionnaire/${questionnaireId}/${linkId}`
+);
+
+// Use in QuestionnaireResponse
+const responseItem = {
+  answer: [
+    {
+      valueAttachment: {
+        id: binaryFileUid,
+        contentType: userFile.type,
+        size: userFile.size,
+        title: userFile.name,
+        url: uploadedFileUrl,
+      },
+    },
+  ],
+};
 ```
 
-Binary files are addressed as items of type `valueAttachment` in Fhir. See https://www.hl7.org/fhir/questionnaireresponse.html 
-
-Before uploading, welshare encrypts all files with a new random symmetric AES (GCM / 256 bits) key. Users request a presigned upload url and post the encrypted file to an S3 compatible API of ours. Finally, they encrypt the encryption key on a user controlled Nillion *owned* collection for binary data and grant respective access rights for the application. The application a user used to upload the file is by default able to download the file again (Technically, that application is always welshare right now. This will change to the "builder" address of the respective app and the hpmp enclave keys, which allow AI access to the files)
+Binary files are addressed as `valueAttachment` items in FHIR. See https://www.hl7.org/fhir/questionnaireresponse.html
 
-Here's an example how to use it:   
-
-```ts
-  const { isConnected, openWallet, uploadFile, submitData } = useWelshare({
-    applicationId: process.env.NEXT_PUBLIC_WELSHARE_APP_ID || ""
-  })
-  //... let users select a file on their box
-
-  const { url: uploadedFileUrl, binaryFileUid } = await uploadFile(
-    userFile,
-    reference: `questionnaire/${questionnaireId}/<linkId>`
-  );
-
-  const responseItem = {
-    answer = [
-      {
-        valueAttachment: {
-          id: binaryFileUid,
-          contentType: userFile.type,
-          size: userFile.size,
-          title: userFile.name,
-          url: uploadedFileUrl,
-        },
-      },
-    ];
-  }
-  // insert the responseItem into your QuestionnaireResponse
-```
+For applications that manage storage keypairs directly and need more control over the upload process, see the [Binary File Uploads section in the SDK documentation](../welshare/README.md#binary-file-uploads).
 
 ## API
 
@@ -143,21 +138,15 @@ those are configured in the `useWelshare` options parameter and called back duri
 
 ## Security Notes
 
-No part of this application deals with a "blockchain" directly (Nillion nodes are validated by a custom chain but that's not a fact relevant for end users' security in this scope).
-
-The EVM addresses that control a user profile are (supposedly) never leaked to a third party.
-
-The key derivation mechanism that creates new storage keys that users use to sign messages is not guaranteed to be 100% sound. At this moment it's used as a cryptographic authenticator, but the derivation mechanism will change in the future, rendering already existing keys obsolete. We're not guaranteeing that your key material stays trivially derivable.
+No part of this application interacts with a "blockchain" (Nillion nodes are validated by a custom chain but that's relevant for end users' security or privacy).
 
-Data is stored on [nilDB (by Nillion)](https://docs.nillion.com/build/private-storage/quickstart), a system that can enforces access control, encryption at rest and storage redundancy. While technically possible, the current library does not MPC-encrypt any information. The data is sent to nilDB by a _user client_ that's controlled by the user's own key material. Welshare only delegates NUCs (access rights) to the users. Right now the welshare builder _can_ read any data users upload. This concept will eventually change - welshare's goal is to only make user originated information available inside trusted execution environments.
+The EVM addresses that control a user profile are never disclosed to third parties, hence they cannot correlate the wallet control keys with the keys that control the actual data.
 
-## Development
+The key derivation mechanism is used for creating self signed cryptographic authentication tokens, but the mechanism that keys are derived will very likely change in the future. Existing keys might render obsolete at that point which will require users to manually migrate their data. We don't guarantee that the current key derivation mechanism will be part of this SDK's exposed feature set forever. However, users will always be able to derive keys on their own, as long as they know the rules and don't lose the required secret inputs (e.g. signing keys or salts).
 
-This package is built using:
+Data is stored on [nilDB (by Nillion)](https://docs.nillion.com/build/private-storage/quickstart), a protocol that enforces access control lists, encrypts data at rest and stores records redundantly. Plain data documents are not generally encrypted at this point in time, however. Binary uploads are end to end encrypted in the way that's described above.
 
-- TypeScript
-- Tshy for build management
-- Vitest for testing
+All data that's sent to nilDB via _user client_ is exclusively controlled by the user's own key material. Welshare only delegates NUCs (access rights) to the users. Be aware that right now the welshare builder key _can_ read any data users upload. This will structurally improve once Nillion supports delegated reads for non builder grantees. Welshare's goal is to make user originated information available exclusively for code that runs in execution environments trusted by the users.
 
 ## License
 

package/dist/esm/components/connect-button.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"connect-button.d.ts","sourceRoot":"","sources":["../../../src/components/connect-button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,eAAO,MAAM,qBAAqB,UAAW;IAC3C,UAAU,EAAE,MAAM,IAAI,CAAC;IACvB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,4CAiGA,CAAC"}
+{"version":3,"file":"connect-button.d.ts","sourceRoot":"","sources":["../../../src/components/connect-button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,eAAO,MAAM,qBAAqB,UAAW;IAC3C,UAAU,EAAE,MAAM,IAAI,CAAC;IACvB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,4CA8FA,CAAC"}

package/dist/esm/components/connect-button.js

@@ -55,8 +55,5 @@ export const ConnectWelshareButton = (props) => {
     const handleBlur = (e) => {
         e.currentTarget.style.boxShadow = "0 2px 6px rgba(1, 152, 255, 0.2)";
     };
-    return (_jsx("button", { onClick: props.openWallet, style: buttonStyles, onMouseEnter: handleMouseEnter, onMouseLeave: handleMouseLeave, onMouseDown: handleMouseDown, onFocus: handleFocus, onBlur: handleBlur, type: "button", children: _jsx(_Fragment, { children: props.children || (_jsxs(_Fragment, { children: [_jsx("span", { className: "", children: _jsx(WelshareLogo, { width: 24, height: 18, style: {
-                                "marginRight": "4px",
-                                color: "#ffffff",
-                            } }) }), _jsx("span", { children: "Connect Welshare Profile" })] })) }) }));
+    return (_jsx("button", { onClick: props.openWallet, style: buttonStyles, onMouseEnter: handleMouseEnter, onMouseLeave: handleMouseLeave, onMouseDown: handleMouseDown, onFocus: handleFocus, onBlur: handleBlur, type: "button", children: _jsx(_Fragment, { children: props.children || (_jsxs(_Fragment, { children: [_jsx("span", { className: "", children: _jsx(WelshareLogo, { width: 24, height: 18, style: { marginRight: "4px", color: "#ffffff" } }) }), _jsx("span", { children: "Connect Welshare Profile" })] })) }) }));
 };

package/dist/esm/components/welshare-logo.d.ts

@@ -1,4 +1,4 @@
-import React from 'react';
+import React from "react";
 export interface WelshareLogoProps {
     className?: string;
     style?: React.CSSProperties;

package/dist/esm/hooks/use-welshare.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"use-welshare.d.ts","sourceRoot":"","sources":["../../../src/hooks/use-welshare.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,iBAAiB,EACjB,kBAAkB,EAElB,yBAAyB,EAC1B,MAAM,YAAY,CAAC;AAKpB,eAAO,MAAM,WAAW,UAAW,yBAAyB;;;;;uBAwLlD,IAAI,aACC,MAAM,KAChB,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;iBA0C9B,CAAC,YACT,kBAAkB,cAChB,iBAAiB,CAAC,CAAC,CAAC;;;CAqEnC,CAAC"}
+{"version":3,"file":"use-welshare.d.ts","sourceRoot":"","sources":["../../../src/hooks/use-welshare.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,iBAAiB,EACjB,kBAAkB,EAElB,yBAAyB,EAC1B,MAAM,YAAY,CAAC;AAQpB,eAAO,MAAM,WAAW,UAAW,yBAAyB;;;;;uBA8LlD,IAAI,aACC,MAAM,KAChB,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;iBAuC9B,CAAC,YACT,kBAAkB,cAChB,iBAAiB,CAAC,CAAC,CAAC;;;CAuEnC,CAAC"}

package/dist/esm/hooks/use-welshare.js

@@ -1,4 +1,4 @@
-import { getBaseUrl, WELSHARE_API_ENVIRONMENT } from "@welshare/sdk/environment";
+import { getBaseUrl, WELSHARE_API_ENVIRONMENT, } from "@welshare/sdk/environment";
 import { useEffect, useRef, useState } from "react";
 import { encryptAndUploadFile } from "../lib/uploads.js";
 export const useWelshare = (props) => {
@@ -13,7 +13,7 @@ export const useWelshare = (props) => {
     // Resolve the base URL from environment or apiBaseUrl
     const resolvedBaseUrl = props.environment
         ? getBaseUrl(props.environment)
-        : props.apiBaseUrl ?? getBaseUrl(WELSHARE_API_ENVIRONMENT.production);
+        : (props.apiBaseUrl ?? getBaseUrl(WELSHARE_API_ENVIRONMENT.production));
     const options = {
         ...props,
         apiBaseUrl: resolvedBaseUrl,
@@ -133,7 +133,13 @@ export const useWelshare = (props) => {
         return () => {
             window.removeEventListener("message", handleMessage);
         };
-    }, [WELSHARE_WALLET_URL, dialogWindow, messageIdCounter, options.applicationId, options.callbacks]);
+    }, [
+        WELSHARE_WALLET_URL,
+        dialogWindow,
+        messageIdCounter,
+        options.applicationId,
+        options.callbacks,
+    ]);
     /**
      * Starts a file upload and returns a promise that resolves with the uploaded file URL
      * @param file The file to upload
@@ -164,10 +170,7 @@ export const useWelshare = (props) => {
             const message = {
                 type: "REQUEST_UPLOAD_CREDENTIALS",
                 id: String(messageIdCounter),
-                payload: {
-                    ...payload,
-                    applicationId: options.applicationId,
-                },
+                payload: { ...payload, applicationId: options.applicationId },
             };
             dialogWindow.postMessage(message, WELSHARE_WALLET_URL);
             setMessageIdCounter((prev) => prev + 1);
@@ -212,7 +215,7 @@ export const useWelshare = (props) => {
                 .filter(([_, value]) => value !== undefined && value !== null)
                 .map(([key, value]) => `social.${key}=${encodeURIComponent(String(value))}`);
             if (socialEntries.length > 0) {
-                socialParams = `&${socialEntries.join('&')}`;
+                socialParams = `&${socialEntries.join("&")}`;
             }
         }
         const walletUrl = `${WELSHARE_WALLET_URL}?applicationId=${options.applicationId}${socialParams}`;

package/dist/esm/index.d.ts

@@ -2,8 +2,7 @@ export { ConnectWelshareButton } from "./components/connect-button.js";
 export { WelshareLogo } from "./components/welshare-logo.js";
 export { useWelshare } from "./hooks/use-welshare.js";
 export { WELSHARE_API_ENVIRONMENT, resolveEnvironment, getBaseUrl, type WelshareApiEnvironment, type WelshareEnvironmentName, type NillionClusterConfig, } from "@welshare/sdk/environment";
-export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey } from "./lib/encryption.js";
-export { decodeEncryptionKey, type EncryptionKey } from "./utils.js";
+export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey, decodeEncryptionKey, ALGORITHM, type EncryptionKey, type Algorithm, } from "@welshare/sdk";
 export { browserDownload, encryptAndUploadFile } from "./lib/uploads.js";
 export declare const Schemas: {
     QuestionnaireResponse: string;

package/dist/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,UAAU,EACV,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EACL,OAAO,EACP,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,mBAAmB,EAAE,KAAK,aAAa,EAAE,MAAM,YAAY,CAAC;AAErE,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGzE,eAAO,MAAM,OAAO;;;;CAInB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,UAAU,EACV,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EACL,OAAO,EACP,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,mBAAmB,EACnB,SAAS,EACT,KAAK,aAAa,EAClB,KAAK,SAAS,GACf,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGzE,eAAO,MAAM,OAAO;;;;CAInB,CAAC"}

package/dist/esm/index.js

@@ -5,9 +5,9 @@ export { WelshareLogo } from "./components/welshare-logo.js";
 export { useWelshare } from "./hooks/use-welshare.js";
 // ---- Environment (re-exported from @welshare/sdk) ----
 export { WELSHARE_API_ENVIRONMENT, resolveEnvironment, getBaseUrl, } from "@welshare/sdk/environment";
-// ---- Utils ----
-export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey } from "./lib/encryption.js";
-export { decodeEncryptionKey } from "./utils.js";
+// ---- Encryption utilities (re-exported from @welshare/sdk) ----
+export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey, decodeEncryptionKey, ALGORITHM, } from "@welshare/sdk";
+// ---- Upload utilities (local, for frame-based upload flow) ----
 export { browserDownload, encryptAndUploadFile } from "./lib/uploads.js";
 //todo: import them from the SDK
 export const Schemas = {

package/dist/esm/lib/uploads.d.ts

@@ -1,4 +1,4 @@
-import { EncryptionKey } from "@/utils.js";
+import { type EncryptionKey } from "@welshare/sdk";
 export declare const encryptAndUploadFile: (file: File, presignedUrl: string) => Promise<EncryptionKey>;
 export declare const browserDownload: (decryptedFile: File) => void;
 //# sourceMappingURL=uploads.d.ts.map

package/dist/esm/lib/uploads.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"uploads.d.ts","sourceRoot":"","sources":["../../../src/lib/uploads.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAO3C,eAAO,MAAM,oBAAoB,SACzB,IAAI,gBACI,MAAM,KACnB,OAAO,CAAC,aAAa,CAkBvB,CAAC;AAEF,eAAO,MAAM,eAAe,kBAAmB,IAAI,SASlD,CAAA"}
+{"version":3,"file":"uploads.d.ts","sourceRoot":"","sources":["../../../src/lib/uploads.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,aAAa,EAInB,MAAM,eAAe,CAAC;AAEvB,eAAO,MAAM,oBAAoB,SACzB,IAAI,gBACI,MAAM,KACnB,OAAO,CAAC,aAAa,CAgBvB,CAAC;AAEF,eAAO,MAAM,eAAe,kBAAmB,IAAI,SASlD,CAAC"}

package/dist/esm/lib/uploads.js

@@ -1,4 +1,4 @@
-import { encodeEncryptionKey, encryptFile, generateRandomAESKey, } from "./encryption.js";
+import { encodeEncryptionKey, encryptFile, generateRandomAESKey, } from "@welshare/sdk";
 export const encryptAndUploadFile = async (file, presignedUrl) => {
     const encryptionKey = await generateRandomAESKey();
     const { encryptedData, iv } = await encryptFile(file, encryptionKey);
@@ -6,9 +6,7 @@ export const encryptAndUploadFile = async (file, presignedUrl) => {
     const uploadResponse = await fetch(presignedUrl, {
         method: "PUT",
         body: encryptedData,
-        headers: {
-            "Content-Type": file.type,
-        },
+        headers: { "Content-Type": file.type },
     });
     if (!uploadResponse.ok) {
         throw new Error(`Failed to upload file ${uploadResponse.status}`);

package/dist/esm/types.d.ts

@@ -1,4 +1,4 @@
-import { EncryptionKey } from "./utils.js";
+import type { EncryptionKey } from "@welshare/sdk";
 import type { WelshareApiEnvironment, WelshareEnvironmentName } from "@welshare/sdk/environment";
 export interface DialogMessage {
     type: string;

package/dist/esm/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,KAAK,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAEjG,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAA;AAEvC,MAAM,WAAW,iBAAiB,CAAC,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,CAAC,CAAC;CACf;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAA;AAED,MAAM,WAAW,+BAA+B;IAC9C,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,2BAA4B,SAAQ,+BAA+B;IAClF,aAAa,EAAE,aAAa,CAAC;IAE7B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAkB,SAAQ,+BAA+B;IACxE,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,IAAI,EAAE,IAAI,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE;QACb,OAAO,EAAE,CAAC,MAAM,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,KAAK,IAAI,CAAC;QAClE,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,2BAA4B,SAAQ,aAAa;IAChE,OAAO,EACH,iBAAiB,CAAC,OAAO,CAAC,GAC1B,2BAA2B,GAC3B,+BAA+B,CAAC;CACrC;AAED,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAA;IACD;;;;OAIG;IACH,WAAW,CAAC,EAAE,sBAAsB,GAAG,uBAAuB,CAAC;IAC/D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE;QACT,cAAc,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAC5D,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC;QAC3D,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,cAAc,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,IAAI,CAAC;QACjD,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;QAC7B,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;KAC5B,CAAC;CACH"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EACV,sBAAsB,EACtB,uBAAuB,EACxB,MAAM,2BAA2B,CAAC;AAEnC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAExC,MAAM,WAAW,iBAAiB,CAAC,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,CAAC,CAAC;CACf;AAED,MAAM,MAAM,iBAAiB,GAAG;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC;AAE5E,MAAM,WAAW,+BAA+B;IAC9C,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,2BACf,SAAQ,+BAA+B;IACvC,aAAa,EAAE,aAAa,CAAC;IAE7B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAkB,SAAQ,+BAA+B;IACxE,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,IAAI,EAAE,IAAI,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE;QACb,OAAO,EAAE,CAAC,MAAM,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,KAAK,IAAI,CAAC;QAClE,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,2BAA4B,SAAQ,aAAa;IAChE,OAAO,EACH,iBAAiB,CAAC,OAAO,CAAC,GAC1B,2BAA2B,GAC3B,+BAA+B,CAAC;CACrC;AAED,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;IACF;;;;OAIG;IACH,WAAW,CAAC,EAAE,sBAAsB,GAAG,uBAAuB,CAAC;IAC/D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE;QACT,cAAc,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAC5D,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC;QAC3D,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,cAAc,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,IAAI,CAAC;QACjD,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;QAC7B,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;KAC5B,CAAC;CACH"}

package/dist/node_modules/@welshare/react/.turbo/turbo-lint.log

@@ -0,0 +1,14 @@
+
+> @welshare/react@0.4.0 lint /Users/stadolf/work/welshare/workspace/surveys-monorepo/packages/welshare-react
+> eslint . --max-warnings 25
+
+
+/Users/stadolf/work/welshare/workspace/surveys-monorepo/packages/welshare-react/src/hooks/use-welshare.ts
+  110:11  warning  Unexpected lexical declaration in case block  no-case-declarations
+  290:19  warning  '_' is defined but never used                 @typescript-eslint/no-unused-vars
+
+/Users/stadolf/work/welshare/workspace/surveys-monorepo/packages/welshare-react/src/types.ts
+  9:13  warning  Unexpected any. Specify a different type  @typescript-eslint/no-explicit-any
+
+✖ 3 problems (0 errors, 3 warnings)
+

package/dist/node_modules/@welshare/react/README.md

@@ -2,7 +2,7 @@
 
 ### Disclaimer, notes on maturity
 
-This library is in Alpha / demo state at this moment. We're using it to review the security aspects while data is in transfer and in rest. There's absolutely no guarantee or warrant that at this point any data is safe. All data can be lost at any time - even though we're using resources that puts decentralization and resilience values to the front. Be **very** careful if you're integrating this into user facing code. Welshare Health wallets are controlled by cryptographic material which _can_ be stored in non custodial / MPC environments (Privy). While that's considered very safe, we can't guarantee at this point that we've already got each aspect of inter application communication or key derivation features right, so don't connect wallets that store significant value with the welshare wallet yet.
+This library is in Alpha / demo state at this moment. We're using it to review the security aspects while data is in transfer and in rest. There's absolutely no guarantee or warrant that at this point any data is safe, even though we're using resources that prioritize decentralization and resilience. Welshare Health wallets are controlled by cryptographic material which _can_ be stored in non custodial / MPC environments (Privy). While that's considered very safe, we can't guarantee at this point that we've already got each aspect of inter application communication or key derivation features right, so don't connect wallets that store significant value with the welshare wallet yet.
 
 ## Purpose
 
@@ -32,9 +32,10 @@ If you want to submit questionnaire data, your application must first register a
 
 At the moment there are only two supported submission types: Fhir compatible QuestionnaireResponses and our custom "Reflex" app submissions. Both types are identified by schema uids that are accessible on the `Schemas` export.
 
-```
+```js
 export const Schemas = {
-  QuestionnaireResponse: "b14b538f-7de3-4767-ad77-464d755d78bd"
+  QuestionnaireResponse: "b14b538f-7de3-4767-ad77-464d755d78bd",
+  BinaryFile: "9d696baf-483f-4cc0-b748-23a22c1705f5",
 };
 ```
 
@@ -83,46 +84,40 @@ export function QuestionnaireForm() {
 
 ### Binary file uploads (e.g. images)
 
-binary file uploads require a lot of back and forth with the wallet dialog that we wrapped into one convenient upload API. If you want to include binary uploads into your questionnaires, you would typically hook into your own form, upload the file using the `uploadFile` function exposed by the `useWelshare` hook and use the response information to in the respective questionnaire form answer item.
+Before data hits any server, the SDK encrypts all files with a new random symmetric AES (GCM / 256 bits) key. Users request a presigned upload url and post the encrypted file to an S3 compatible API that's currently operated by Welshare. Ultimately, they encrypt the encryption key for a Nillion _owned_ BinaryData collection and store it across Nillion nodes (no single node can recover the key). At the time of insertion, they currently also grant ACL read rights for the application (Technically, this is the welshare builder keypair at the moment).
 
-Each download should contain a reference to the resource that initiated its upload. As Welshare right now is mostly about questionnaires, you should use a combination of the resource type (questionnaire), the questionnaire id and the answer item's id
+#### Upload via Wallet Dialog
 
 ```ts
-const reference = `questionnaire/${questionnaireId}/${answerItemId}`;
+const { isConnected, openWallet, uploadFile, submitData } = useWelshare({
+  applicationId: process.env.NEXT_PUBLIC_WELSHARE_APP_ID || "",
+});
+
+// Upload file (wallet dialog handles auth)
+const { url: uploadedFileUrl, binaryFileUid } = await uploadFile(
+  userFile,
+  `questionnaire/${questionnaireId}/${linkId}`
+);
+
+// Use in QuestionnaireResponse
+const responseItem = {
+  answer: [
+    {
+      valueAttachment: {
+        id: binaryFileUid,
+        contentType: userFile.type,
+        size: userFile.size,
+        title: userFile.name,
+        url: uploadedFileUrl,
+      },
+    },
+  ],
+};
 ```
 
-Binary files are addressed as items of type `valueAttachment` in Fhir. See https://www.hl7.org/fhir/questionnaireresponse.html 
-
-Before uploading, welshare encrypts all files with a new random symmetric AES (GCM / 256 bits) key. Users request a presigned upload url and post the encrypted file to an S3 compatible API of ours. Finally, they encrypt the encryption key on a user controlled Nillion *owned* collection for binary data and grant respective access rights for the application. The application a user used to upload the file is by default able to download the file again (Technically, that application is always welshare right now. This will change to the "builder" address of the respective app and the hpmp enclave keys, which allow AI access to the files)
+Binary files are addressed as `valueAttachment` items in FHIR. See https://www.hl7.org/fhir/questionnaireresponse.html
 
-Here's an example how to use it:   
-
-```ts
-  const { isConnected, openWallet, uploadFile, submitData } = useWelshare({
-    applicationId: process.env.NEXT_PUBLIC_WELSHARE_APP_ID || ""
-  })
-  //... let users select a file on their box
-
-  const { url: uploadedFileUrl, binaryFileUid } = await uploadFile(
-    userFile,
-    reference: `questionnaire/${questionnaireId}/<linkId>`
-  );
-
-  const responseItem = {
-    answer = [
-      {
-        valueAttachment: {
-          id: binaryFileUid,
-          contentType: userFile.type,
-          size: userFile.size,
-          title: userFile.name,
-          url: uploadedFileUrl,
-        },
-      },
-    ];
-  }
-  // insert the responseItem into your QuestionnaireResponse
-```
+For applications that manage storage keypairs directly and need more control over the upload process, see the [Binary File Uploads section in the SDK documentation](../welshare/README.md#binary-file-uploads).
 
 ## API
 
@@ -143,21 +138,15 @@ those are configured in the `useWelshare` options parameter and called back duri
 
 ## Security Notes
 
-No part of this application deals with a "blockchain" directly (Nillion nodes are validated by a custom chain but that's not a fact relevant for end users' security in this scope).
-
-The EVM addresses that control a user profile are (supposedly) never leaked to a third party.
-
-The key derivation mechanism that creates new storage keys that users use to sign messages is not guaranteed to be 100% sound. At this moment it's used as a cryptographic authenticator, but the derivation mechanism will change in the future, rendering already existing keys obsolete. We're not guaranteeing that your key material stays trivially derivable.
+No part of this application interacts with a "blockchain" (Nillion nodes are validated by a custom chain but that's relevant for end users' security or privacy).
 
-Data is stored on [nilDB (by Nillion)](https://docs.nillion.com/build/private-storage/quickstart), a system that can enforces access control, encryption at rest and storage redundancy. While technically possible, the current library does not MPC-encrypt any information. The data is sent to nilDB by a _user client_ that's controlled by the user's own key material. Welshare only delegates NUCs (access rights) to the users. Right now the welshare builder _can_ read any data users upload. This concept will eventually change - welshare's goal is to only make user originated information available inside trusted execution environments.
+The EVM addresses that control a user profile are never disclosed to third parties, hence they cannot correlate the wallet control keys with the keys that control the actual data.
 
-## Development
+The key derivation mechanism is used for creating self signed cryptographic authentication tokens, but the mechanism that keys are derived will very likely change in the future. Existing keys might render obsolete at that point which will require users to manually migrate their data. We don't guarantee that the current key derivation mechanism will be part of this SDK's exposed feature set forever. However, users will always be able to derive keys on their own, as long as they know the rules and don't lose the required secret inputs (e.g. signing keys or salts).
 
-This package is built using:
+Data is stored on [nilDB (by Nillion)](https://docs.nillion.com/build/private-storage/quickstart), a protocol that enforces access control lists, encrypts data at rest and stores records redundantly. Plain data documents are not generally encrypted at this point in time, however. Binary uploads are end to end encrypted in the way that's described above.
 
-- TypeScript
-- Tshy for build management
-- Vitest for testing
+All data that's sent to nilDB via _user client_ is exclusively controlled by the user's own key material. Welshare only delegates NUCs (access rights) to the users. Be aware that right now the welshare builder key _can_ read any data users upload. This will structurally improve once Nillion supports delegated reads for non builder grantees. Welshare's goal is to make user originated information available exclusively for code that runs in execution environments trusted by the users.
 
 ## License
 

package/dist/node_modules/@welshare/react/dist/esm/components/connect-button.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"connect-button.d.ts","sourceRoot":"","sources":["../../../src/components/connect-button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,eAAO,MAAM,qBAAqB,UAAW;IAC3C,UAAU,EAAE,MAAM,IAAI,CAAC;IACvB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,4CAiGA,CAAC"}
+{"version":3,"file":"connect-button.d.ts","sourceRoot":"","sources":["../../../src/components/connect-button.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,eAAO,MAAM,qBAAqB,UAAW;IAC3C,UAAU,EAAE,MAAM,IAAI,CAAC;IACvB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;CAC5B,4CA8FA,CAAC"}

package/dist/node_modules/@welshare/react/dist/esm/components/connect-button.js

@@ -55,8 +55,5 @@ export const ConnectWelshareButton = (props) => {
     const handleBlur = (e) => {
         e.currentTarget.style.boxShadow = "0 2px 6px rgba(1, 152, 255, 0.2)";
     };
-    return (_jsx("button", { onClick: props.openWallet, style: buttonStyles, onMouseEnter: handleMouseEnter, onMouseLeave: handleMouseLeave, onMouseDown: handleMouseDown, onFocus: handleFocus, onBlur: handleBlur, type: "button", children: _jsx(_Fragment, { children: props.children || (_jsxs(_Fragment, { children: [_jsx("span", { className: "", children: _jsx(WelshareLogo, { width: 24, height: 18, style: {
-                                "marginRight": "4px",
-                                color: "#ffffff",
-                            } }) }), _jsx("span", { children: "Connect Welshare Profile" })] })) }) }));
+    return (_jsx("button", { onClick: props.openWallet, style: buttonStyles, onMouseEnter: handleMouseEnter, onMouseLeave: handleMouseLeave, onMouseDown: handleMouseDown, onFocus: handleFocus, onBlur: handleBlur, type: "button", children: _jsx(_Fragment, { children: props.children || (_jsxs(_Fragment, { children: [_jsx("span", { className: "", children: _jsx(WelshareLogo, { width: 24, height: 18, style: { marginRight: "4px", color: "#ffffff" } }) }), _jsx("span", { children: "Connect Welshare Profile" })] })) }) }));
 };

package/dist/node_modules/@welshare/react/dist/esm/components/welshare-logo.d.ts

@@ -1,4 +1,4 @@
-import React from 'react';
+import React from "react";
 export interface WelshareLogoProps {
     className?: string;
     style?: React.CSSProperties;

package/dist/node_modules/@welshare/react/dist/esm/hooks/use-welshare.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"use-welshare.d.ts","sourceRoot":"","sources":["../../../src/hooks/use-welshare.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,iBAAiB,EACjB,kBAAkB,EAElB,yBAAyB,EAC1B,MAAM,YAAY,CAAC;AAKpB,eAAO,MAAM,WAAW,UAAW,yBAAyB;;;;;uBAwLlD,IAAI,aACC,MAAM,KAChB,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;iBA0C9B,CAAC,YACT,kBAAkB,cAChB,iBAAiB,CAAC,CAAC,CAAC;;;CAqEnC,CAAC"}
+{"version":3,"file":"use-welshare.d.ts","sourceRoot":"","sources":["../../../src/hooks/use-welshare.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,iBAAiB,EACjB,kBAAkB,EAElB,yBAAyB,EAC1B,MAAM,YAAY,CAAC;AAQpB,eAAO,MAAM,WAAW,UAAW,yBAAyB;;;;;uBA8LlD,IAAI,aACC,MAAM,KAChB,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;iBAuC9B,CAAC,YACT,kBAAkB,cAChB,iBAAiB,CAAC,CAAC,CAAC;;;CAuEnC,CAAC"}

package/dist/node_modules/@welshare/react/dist/esm/hooks/use-welshare.js

@@ -1,4 +1,4 @@
-import { getBaseUrl, WELSHARE_API_ENVIRONMENT } from "@welshare/sdk/environment";
+import { getBaseUrl, WELSHARE_API_ENVIRONMENT, } from "@welshare/sdk/environment";
 import { useEffect, useRef, useState } from "react";
 import { encryptAndUploadFile } from "../lib/uploads.js";
 export const useWelshare = (props) => {
@@ -13,7 +13,7 @@ export const useWelshare = (props) => {
     // Resolve the base URL from environment or apiBaseUrl
     const resolvedBaseUrl = props.environment
         ? getBaseUrl(props.environment)
-        : props.apiBaseUrl ?? getBaseUrl(WELSHARE_API_ENVIRONMENT.production);
+        : (props.apiBaseUrl ?? getBaseUrl(WELSHARE_API_ENVIRONMENT.production));
     const options = {
         ...props,
         apiBaseUrl: resolvedBaseUrl,
@@ -133,7 +133,13 @@ export const useWelshare = (props) => {
         return () => {
             window.removeEventListener("message", handleMessage);
         };
-    }, [WELSHARE_WALLET_URL, dialogWindow, messageIdCounter, options.applicationId, options.callbacks]);
+    }, [
+        WELSHARE_WALLET_URL,
+        dialogWindow,
+        messageIdCounter,
+        options.applicationId,
+        options.callbacks,
+    ]);
     /**
      * Starts a file upload and returns a promise that resolves with the uploaded file URL
      * @param file The file to upload
@@ -164,10 +170,7 @@ export const useWelshare = (props) => {
             const message = {
                 type: "REQUEST_UPLOAD_CREDENTIALS",
                 id: String(messageIdCounter),
-                payload: {
-                    ...payload,
-                    applicationId: options.applicationId,
-                },
+                payload: { ...payload, applicationId: options.applicationId },
             };
             dialogWindow.postMessage(message, WELSHARE_WALLET_URL);
             setMessageIdCounter((prev) => prev + 1);
@@ -212,7 +215,7 @@ export const useWelshare = (props) => {
                 .filter(([_, value]) => value !== undefined && value !== null)
                 .map(([key, value]) => `social.${key}=${encodeURIComponent(String(value))}`);
             if (socialEntries.length > 0) {
-                socialParams = `&${socialEntries.join('&')}`;
+                socialParams = `&${socialEntries.join("&")}`;
             }
         }
         const walletUrl = `${WELSHARE_WALLET_URL}?applicationId=${options.applicationId}${socialParams}`;

package/dist/node_modules/@welshare/react/dist/esm/index.d.ts

@@ -2,8 +2,7 @@ export { ConnectWelshareButton } from "./components/connect-button.js";
 export { WelshareLogo } from "./components/welshare-logo.js";
 export { useWelshare } from "./hooks/use-welshare.js";
 export { WELSHARE_API_ENVIRONMENT, resolveEnvironment, getBaseUrl, type WelshareApiEnvironment, type WelshareEnvironmentName, type NillionClusterConfig, } from "@welshare/sdk/environment";
-export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey } from "./lib/encryption.js";
-export { decodeEncryptionKey, type EncryptionKey } from "./utils.js";
+export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey, decodeEncryptionKey, ALGORITHM, type EncryptionKey, type Algorithm, } from "@welshare/sdk";
 export { browserDownload, encryptAndUploadFile } from "./lib/uploads.js";
 export declare const Schemas: {
     QuestionnaireResponse: string;

package/dist/node_modules/@welshare/react/dist/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,UAAU,EACV,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EACL,OAAO,EACP,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,mBAAmB,EAAE,KAAK,aAAa,EAAE,MAAM,YAAY,CAAC;AAErE,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGzE,eAAO,MAAM,OAAO;;;;CAInB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGtD,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,UAAU,EACV,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EACL,OAAO,EACP,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,mBAAmB,EACnB,SAAS,EACT,KAAK,aAAa,EAClB,KAAK,SAAS,GACf,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGzE,eAAO,MAAM,OAAO;;;;CAInB,CAAC"}

package/dist/node_modules/@welshare/react/dist/esm/index.js

@@ -5,9 +5,9 @@ export { WelshareLogo } from "./components/welshare-logo.js";
 export { useWelshare } from "./hooks/use-welshare.js";
 // ---- Environment (re-exported from @welshare/sdk) ----
 export { WELSHARE_API_ENVIRONMENT, resolveEnvironment, getBaseUrl, } from "@welshare/sdk/environment";
-// ---- Utils ----
-export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey } from "./lib/encryption.js";
-export { decodeEncryptionKey } from "./utils.js";
+// ---- Encryption utilities (re-exported from @welshare/sdk) ----
+export { decrypt, encodeEncryptionKey, encryptFile, generateRandomAESKey, decodeEncryptionKey, ALGORITHM, } from "@welshare/sdk";
+// ---- Upload utilities (local, for frame-based upload flow) ----
 export { browserDownload, encryptAndUploadFile } from "./lib/uploads.js";
 //todo: import them from the SDK
 export const Schemas = {

package/dist/node_modules/@welshare/react/dist/esm/lib/uploads.d.ts

@@ -1,4 +1,4 @@
-import { EncryptionKey } from "@/utils.js";
+import { type EncryptionKey } from "@welshare/sdk";
 export declare const encryptAndUploadFile: (file: File, presignedUrl: string) => Promise<EncryptionKey>;
 export declare const browserDownload: (decryptedFile: File) => void;
 //# sourceMappingURL=uploads.d.ts.map

package/dist/node_modules/@welshare/react/dist/esm/lib/uploads.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"uploads.d.ts","sourceRoot":"","sources":["../../../src/lib/uploads.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAO3C,eAAO,MAAM,oBAAoB,SACzB,IAAI,gBACI,MAAM,KACnB,OAAO,CAAC,aAAa,CAkBvB,CAAC;AAEF,eAAO,MAAM,eAAe,kBAAmB,IAAI,SASlD,CAAA"}
+{"version":3,"file":"uploads.d.ts","sourceRoot":"","sources":["../../../src/lib/uploads.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,aAAa,EAInB,MAAM,eAAe,CAAC;AAEvB,eAAO,MAAM,oBAAoB,SACzB,IAAI,gBACI,MAAM,KACnB,OAAO,CAAC,aAAa,CAgBvB,CAAC;AAEF,eAAO,MAAM,eAAe,kBAAmB,IAAI,SASlD,CAAC"}

package/dist/node_modules/@welshare/react/dist/esm/lib/uploads.js

@@ -1,4 +1,4 @@
-import { encodeEncryptionKey, encryptFile, generateRandomAESKey, } from "./encryption.js";
+import { encodeEncryptionKey, encryptFile, generateRandomAESKey, } from "@welshare/sdk";
 export const encryptAndUploadFile = async (file, presignedUrl) => {
     const encryptionKey = await generateRandomAESKey();
     const { encryptedData, iv } = await encryptFile(file, encryptionKey);
@@ -6,9 +6,7 @@ export const encryptAndUploadFile = async (file, presignedUrl) => {
     const uploadResponse = await fetch(presignedUrl, {
         method: "PUT",
         body: encryptedData,
-        headers: {
-            "Content-Type": file.type,
-        },
+        headers: { "Content-Type": file.type },
     });
     if (!uploadResponse.ok) {
         throw new Error(`Failed to upload file ${uploadResponse.status}`);

package/dist/node_modules/@welshare/react/dist/esm/types.d.ts

@@ -1,4 +1,4 @@
-import { EncryptionKey } from "./utils.js";
+import type { EncryptionKey } from "@welshare/sdk";
 import type { WelshareApiEnvironment, WelshareEnvironmentName } from "@welshare/sdk/environment";
 export interface DialogMessage {
     type: string;

package/dist/node_modules/@welshare/react/dist/esm/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,KAAK,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAEjG,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAA;AAEvC,MAAM,WAAW,iBAAiB,CAAC,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,CAAC,CAAC;CACf;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAA;AAED,MAAM,WAAW,+BAA+B;IAC9C,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,2BAA4B,SAAQ,+BAA+B;IAClF,aAAa,EAAE,aAAa,CAAC;IAE7B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAkB,SAAQ,+BAA+B;IACxE,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,IAAI,EAAE,IAAI,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE;QACb,OAAO,EAAE,CAAC,MAAM,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,KAAK,IAAI,CAAC;QAClE,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,2BAA4B,SAAQ,aAAa;IAChE,OAAO,EACH,iBAAiB,CAAC,OAAO,CAAC,GAC1B,2BAA2B,GAC3B,+BAA+B,CAAC;CACrC;AAED,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAA;IACD;;;;OAIG;IACH,WAAW,CAAC,EAAE,sBAAsB,GAAG,uBAAuB,CAAC;IAC/D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE;QACT,cAAc,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAC5D,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC;QAC3D,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,cAAc,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,IAAI,CAAC;QACjD,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;QAC7B,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;KAC5B,CAAC;CACH"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EACV,sBAAsB,EACtB,uBAAuB,EACxB,MAAM,2BAA2B,CAAC;AAEnC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAExC,MAAM,WAAW,iBAAiB,CAAC,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,CAAC,CAAC;CACf;AAED,MAAM,MAAM,iBAAiB,GAAG;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC;AAE5E,MAAM,WAAW,+BAA+B;IAC9C,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,2BACf,SAAQ,+BAA+B;IACvC,aAAa,EAAE,aAAa,CAAC;IAE7B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAkB,SAAQ,+BAA+B;IACxE,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,IAAI,EAAE,IAAI,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE;QACb,OAAO,EAAE,CAAC,MAAM,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,KAAK,IAAI,CAAC;QAClE,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,2BAA4B,SAAQ,aAAa;IAChE,OAAO,EACH,iBAAiB,CAAC,OAAO,CAAC,GAC1B,2BAA2B,GAC3B,+BAA+B,CAAC;CACrC;AAED,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;IACF;;;;OAIG;IACH,WAAW,CAAC,EAAE,sBAAsB,GAAG,uBAAuB,CAAC;IAC/D;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE;QACT,cAAc,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAC5D,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC;QAC3D,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,cAAc,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,IAAI,CAAC;QACjD,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;QAC7B,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;KAC5B,CAAC;CACH"}