@worldcoin/idkit-core 4.0.1-dev.eebacb1 → 4.0.1-dev.fe98789

package/dist/index.d.cts

@@ -1,3 +1,9 @@
+/**
+ * Configuration types for IDKit
+ *
+ * Note: CredentialType, CredentialRequestType, and ConstraintNode are now
+ * re-exported from WASM (source of truth: rust/core/src/wasm_bindings.rs)
+ */
 declare const brand: unique symbol;
 type Brand<T, TBrand extends string> = T & {
     [brand]: TBrand;
@@ -6,32 +12,11 @@ type AbiEncodedValue = Brand<{
     types: string[];
     values: unknown[];
 }, "AbiEncodedValue">;
-type CredentialType = "orb" | "face" | "secure_document" | "document" | "device";
-/**
- * A single credential request item
- */
-interface CredentialRequestType {
-    /** The type of credential being requested */
-    type: CredentialType;
-    /** Optional signal string for cryptographic binding */
-    signal?: string;
-    /** Optional minimum genesis timestamp constraint */
-    genesis_issued_at_min?: number;
-}
-/**
- * Constraint node - can be a CredentialRequest or a combinator (any/all)
- */
-type ConstraintNode = CredentialRequestType | {
-    any: ConstraintNode[];
-} | {
-    all: ConstraintNode[];
-};
 /**
- * Relying Party context for protocol-level proof requests
+ * Relying Party context for IDKit requests
  *
- * Required for creating a verification session. Contains RP-specific data
- * needed to construct a ProofRequest. In production, this should be generated
- * and signed by your backend.
+ * Contains RP-specific data needed to construct a ProofRequest.
+ * This should be generated and signed by your backend.
  */
 type RpContext = {
     /** The registered RP ID (e.g., "rp_123456789abcdef0") */
@@ -59,46 +44,255 @@ type IDKitRequestConfig = {
     action_description?: string;
     /** URL to a third-party bridge to use when connecting to the World App. Optional. */
     bridge_url?: string;
+    /**
+     * Whether to accept legacy (v3) World ID proofs as fallback.
+     *
+     * - `true`: Accept both v3 and v4 proofs. Use during migration.
+     *   You must track both v3 and v4 nullifiers to prevent double-claims.
+     * - `false`: Only accept v4 proofs. Use after migration cutoff or for new apps.
+     */
+    allow_legacy_proofs: boolean;
+    /** Optional override for the connect base URL (e.g., for staging environments) */
+    override_connect_base_url?: string;
+    /** Optional environment override. Defaults to "production". */
+    environment?: "production" | "staging";
+};
+/**
+ * Configuration for IDKit.createSession() and IDKit.proveSession()
+ *
+ * Session requests don't have an action field - they're used for session-based
+ * authentication where the user proves they're the same person across visits.
+ *
+ * Sessions are always World ID v4 - there is no legacy (v3) session support.
+ */
+type IDKitSessionConfig = {
+    /** Unique identifier for the app verifying the session. This should be the app ID obtained from the Developer Portal. */
+    app_id: `app_${string}`;
+    /** RP context for protocol-level proof requests (required) */
+    rp_context: RpContext;
+    /** The description of the action (shown to users in World App). Optional. */
+    action_description?: string;
+    /** URL to a third-party bridge to use when connecting to the World App. Optional. */
+    bridge_url?: string;
+    /** Optional override for the connect base URL (e.g., for staging environments) */
+    override_connect_base_url?: string;
+    /** Optional environment override. Defaults to "production". */
+    environment?: "production" | "staging";
 };
 
-declare enum AppErrorCodes {
-    ConnectionFailed = "connection_failed",
-    VerificationRejected = "verification_rejected",
-    MaxVerificationsReached = "max_verifications_reached",
-    CredentialUnavailable = "credential_unavailable",
-    MalformedRequest = "malformed_request",
-    InvalidNetwork = "invalid_network",
-    InclusionProofFailed = "inclusion_proof_failed",
-    InclusionProofPending = "inclusion_proof_pending",
-    UnexpectedResponse = "unexpected_response",
-    FailedByHostApp = "failed_by_host_app",
-    GenericError = "generic_error"
+interface OrbLegacyPreset {
+    type: "OrbLegacy";
+    signal?: string;
 }
-declare enum VerificationState {
-    PreparingClient = "loading_widget",
-    WaitingForConnection = "awaiting_connection",
-    WaitingForApp = "awaiting_app",
-    Confirmed = "confirmed",
-    Failed = "failed"
+
+interface SecureDocumentLegacyPreset {
+    type: "SecureDocumentLegacy";
+    signal?: string;
 }
-declare enum ResponseStatus {
-    Retrieved = "retrieved",
-    Completed = "completed",
-    Initialized = "initialized"
+
+interface DocumentLegacyPreset {
+    type: "DocumentLegacy";
+    signal?: string;
 }
 
-interface ISuccessResult {
+type Preset = OrbLegacyPreset | SecureDocumentLegacyPreset | DocumentLegacyPreset;
+
+
+
+/** V4 response item for World ID v4 uniqueness proofs */
+interface ResponseItemV4 {
+    /** Credential identifier (e.g., "orb", "face", "document") */
+    identifier: string;
+    /** Signal hash (optional, included if signal was provided in request) */
+    signal_hash?: string;
+    /** Encoded World ID proof: first 4 elements are compressed Groth16 proof, 5th is Merkle root (hex strings). Compatible with WorldIDVerifier.sol */
+    proof: string[];
+    /** RP-scoped nullifier (hex) */
+    nullifier: string;
+    /** Credential issuer schema ID (1=orb, 2=face, 3=secure_document, 4=document, 5=device) */
+    issuer_schema_id: number;
+    /** Minimum expiration timestamp (unix seconds) */
+    expires_at_min: number;
+}
+
+/** V3 response item for World ID v3 (legacy format) */
+interface ResponseItemV3 {
+    /** Credential identifier (e.g., "orb", "face") */
+    identifier: string;
+    /** Signal hash (optional, included if signal was provided in request) */
+    signal_hash?: string;
+    /** ABI-encoded proof (hex) */
     proof: string;
+    /** Merkle root (hex) */
     merkle_root: string;
-    nullifier_hash: string;
-    /** The credential type used to generate the proof */
-    verification_level: CredentialType;
+    /** Nullifier (hex) */
+    nullifier: string;
+}
+
+/** Session response item for World ID v4 session proofs */
+interface ResponseItemSession {
+    /** Credential identifier (e.g., "orb", "face", "document") */
+    identifier: string;
+    /** Signal hash (optional, included if signal was provided in request) */
+    signal_hash?: string;
+    /** Encoded World ID proof: first 4 elements are compressed Groth16 proof, 5th is Merkle root (hex strings). Compatible with WorldIDVerifier.sol */
+    proof: string[];
+    /** Session nullifier: 1st element is the session nullifier, 2nd is the generated action (hex strings) */
+    session_nullifier: string[];
+    /** Credential issuer schema ID (1=orb, 2=face, 3=secure_document, 4=document, 5=device) */
+    issuer_schema_id: number;
+    /** Minimum expiration timestamp (unix seconds) */
+    expires_at_min: number;
+}
+
+/** V3 result (legacy format - no session support) */
+interface IDKitResultV3 {
+    /** Protocol version 3.0 */
+    protocol_version: "3.0";
+    /** Nonce used in the request */
+    nonce: string;
+    /** Action identifier (only for uniqueness proofs) */
+    action?: string;
+    /** Action description (only if provided in input) */
+    action_description?: string;
+    /** Array of V3 credential responses */
+    responses: ResponseItemV3[];
+    /** The environment used for this request ("production" or "staging") */
+    environment: string;
+}
+
+/** V4 result for uniqueness proofs */
+interface IDKitResultV4 {
+    /** Protocol version 4.0 */
+    protocol_version: "4.0";
+    /** Nonce used in the request */
+    nonce: string;
+    /** Action identifier (required for uniqueness proofs) */
+    action: string;
+    /** Action description (only if provided in input) */
+    action_description?: string;
+    /** Array of V4 credential responses */
+    responses: ResponseItemV4[];
+    /** The environment used for this request ("production" or "staging") */
+    environment: string;
+}
+
+/** V4 result for session proofs */
+interface IDKitResultSession {
+    /** Protocol version 4.0 */
+    protocol_version: "4.0";
+    /** Nonce used in the request */
+    nonce: string;
+    /** Action description (only if provided in input) */
+    action_description?: string;
+    /** Session ID returned by the World App */
+    session_id: string;
+    /** Array of session credential responses */
+    responses: ResponseItemSession[];
+    /** The environment used for this request ("production" or "staging") */
+    environment: string;
+}
+
+/**
+ * The unified result structure for all proof types.
+ * Check `session_id` to determine if this is a session proof:
+ * - session_id !== undefined → session proof
+ * - session_id === undefined → uniqueness proof
+ */
+type IDKitResult = IDKitResultV3 | IDKitResultV4 | IDKitResultSession;
+
+/** Error codes from World App (mirrors Rust AppError) */
+type IDKitErrorCode =
+    | "user_rejected"
+    | "verification_rejected"
+    | "credential_unavailable"
+    | "malformed_request"
+    | "invalid_network"
+    | "inclusion_proof_pending"
+    | "inclusion_proof_failed"
+    | "unexpected_response"
+    | "connection_failed"
+    | "max_verifications_reached"
+    | "failed_by_host_app"
+    | "generic_error";
+
+/** Status returned from pollForStatus() */
+type Status$1 =
+    | { type: "waiting_for_connection" }
+    | { type: "awaiting_confirmation" }
+    | { type: "confirmed"; result: IDKitResult }
+    | { type: "failed"; error: IDKitErrorCode };
+
+
+
+type CredentialType = "orb" | "face" | "secure_document" | "document" | "device";
+
+interface CredentialRequestType {
+    type: CredentialType;
+    /** Signal can be a string or raw bytes (Uint8Array) */
+    signal?: string | Uint8Array;
+    genesis_issued_at_min?: number;
+    expires_at_min?: number;
+}
+
+type ConstraintNode =
+    | CredentialRequestType
+    | { any: ConstraintNode[] }
+    | { all: ConstraintNode[] };
+/**
+ * Unified builder for creating `IDKit` requests and sessions (WASM)
+ */
+declare class IDKitBuilder$1 {
+  free(): void;
+  [Symbol.dispose](): void;
+  /**
+   * Creates a `BridgeConnection` with the given constraints
+   */
+  constraints(constraints_json: any): Promise<any>;
+  /**
+   * Creates a new builder for proving an existing session
+   */
+  static forProveSession(session_id: string, app_id: string, rp_context: RpContextWasm, action_description?: string | null, bridge_url?: string | null, override_connect_base_url?: string | null, environment?: string | null): IDKitBuilder$1;
+  /**
+   * Creates a new builder for creating a new session
+   */
+  static forCreateSession(app_id: string, rp_context: RpContextWasm, action_description?: string | null, bridge_url?: string | null, override_connect_base_url?: string | null, environment?: string | null): IDKitBuilder$1;
+  /**
+   * Creates a new builder for uniqueness requests
+   */
+  constructor(app_id: string, action: string, rp_context: RpContextWasm, action_description: string | null | undefined, bridge_url: string | null | undefined, allow_legacy_proofs: boolean, override_connect_base_url?: string | null, environment?: string | null);
+  /**
+   * Creates a `BridgeConnection` from a preset (works for all request types)
+   */
+  preset(preset_json: any): Promise<any>;
 }
-interface IErrorState {
-    code: AppErrorCodes;
-    message?: string;
+/**
+ * RP Context for protocol-level proof requests (WASM binding)
+ *
+ * Contains RP-specific data needed to construct a `ProofRequest`.
+ */
+declare class RpContextWasm {
+  free(): void;
+  [Symbol.dispose](): void;
+  /**
+   * Creates a new RP context
+   *
+   * # Arguments
+   * * `rp_id` - The registered RP ID (e.g., `"rp_123456789abcdef0"`)
+   * * `nonce` - Unique nonce for this proof request
+   * * `created_at` - Unix timestamp (seconds since epoch) when created
+   * * `expires_at` - Unix timestamp (seconds since epoch) when expires
+   * * `signature` - The RP's ECDSA signature of the `nonce` and `created_at` timestamp
+   *
+   * # Errors
+   *
+   * Returns an error if `rp_id` is not a valid RP ID (must start with `rp_`)
+   */
+  constructor(rp_id: string, nonce: string, created_at: bigint, expires_at: bigint, signature: string);
 }
 
+
+
 interface RpSignature {
     sig: string;
     nonce: string;
@@ -155,12 +349,40 @@ declare function initIDKit(): Promise<void>;
  */
 declare function initIDKitServer(): Promise<void>;
 
+/**
+ * Result types - re-exported from WASM bindings
+ *
+ * Source of truth: rust/core/src/wasm_bindings.rs (typescript_custom_section)
+ */
+
+/**
+ * IDKit error codes enum — runtime values for matching against errors.
+ * Values mirror Rust's AppError enum (snake_case via serde rename_all).
+ * Includes client-side codes (timeout, cancelled) not from World App.
+ */
+declare enum IDKitErrorCodes {
+    UserRejected = "user_rejected",
+    VerificationRejected = "verification_rejected",
+    CredentialUnavailable = "credential_unavailable",
+    MalformedRequest = "malformed_request",
+    InvalidNetwork = "invalid_network",
+    InclusionProofPending = "inclusion_proof_pending",
+    InclusionProofFailed = "inclusion_proof_failed",
+    UnexpectedResponse = "unexpected_response",
+    ConnectionFailed = "connection_failed",
+    MaxVerificationsReached = "max_verifications_reached",
+    FailedByHostApp = "failed_by_host_app",
+    GenericError = "generic_error",
+    Timeout = "timeout",
+    Cancelled = "cancelled"
+}
+
 /**
  * IDKit Request
  * Pure functional API for World ID verification - no dependencies
  */
 
-/** Options for pollForUpdates() */
+/** Options for pollUntilCompletion() */
 interface WaitOptions {
     /** Milliseconds between polls (default: 1000) */
     pollInterval?: number;
@@ -172,9 +394,17 @@ interface WaitOptions {
 /** Status returned from pollOnce() */
 interface Status {
     type: "waiting_for_connection" | "awaiting_confirmation" | "confirmed" | "failed";
-    proof?: ISuccessResult;
-    error?: AppErrorCodes;
+    result?: IDKitResult;
+    error?: IDKitErrorCodes;
 }
+/** Result from pollUntilCompletion() — discriminated union, never throws */
+type IDKitCompletionResult = {
+    success: true;
+    result: IDKitResult;
+} | {
+    success: false;
+    error: IDKitErrorCodes;
+};
 
 /**
  * A World ID verification request
@@ -190,24 +420,27 @@ interface IDKitRequest {
     /** Poll once for current status (for manual polling) */
     pollOnce(): Promise<Status>;
     /** Poll continuously until completion or timeout */
-    pollForUpdates(options?: WaitOptions): Promise<ISuccessResult>;
+    pollUntilCompletion(options?: WaitOptions): Promise<IDKitCompletionResult>;
 }
 /**
  * Creates a CredentialRequest for a credential type
  *
  * @param credential_type - The type of credential to request (e.g., 'orb', 'face')
- * @param options - Optional signal and genesis_issued_at_min
+ * @param options - Optional signal, genesis_issued_at_min, and expires_at_min
  * @returns A CredentialRequest object
  *
  * @example
  * ```typescript
  * const orb = CredentialRequest('orb', { signal: 'user-123' })
  * const face = CredentialRequest('face')
+ * // Require credential to be valid for at least one year
+ * const withExpiry = CredentialRequest('orb', { expires_at_min: Date.now() / 1000 + 60 * 60 * 60 * 24 * 365 })
  * ```
  */
 declare function CredentialRequest(credential_type: CredentialType, options?: {
     signal?: string;
     genesis_issued_at_min?: number;
+    expires_at_min?: number;
 }): CredentialRequestType;
 /**
  * Creates an OR constraint - at least one child must be satisfied
@@ -237,23 +470,11 @@ declare function any(...nodes: ConstraintNode[]): {
 declare function all(...nodes: ConstraintNode[]): {
     all: ConstraintNode[];
 };
-/**
- * OrbLegacy preset configuration
- */
-interface OrbLegacyPreset {
-    type: "OrbLegacy";
-    data: {
-        signal?: string;
-    };
-}
-/**
- * Preset types for simplified session creation
- */
-type Preset = OrbLegacyPreset;
+
 /**
  * Creates an OrbLegacy preset for World ID 3.0 legacy support
  *
- * This preset creates a session compatible with both World ID 4.0 and 3.0 protocols.
+ * This preset creates an IDKit request compatible with both World ID 4.0 and 3.0 protocols.
  * Use this when you need backward compatibility with older World App versions.
  *
  * @param opts - Optional configuration with signal
@@ -261,7 +482,7 @@ type Preset = OrbLegacyPreset;
  *
  * @example
  * ```typescript
- * const session = await verify({ app_id, action, rp_context })
+ * const request = await IDKit.request({ app_id, action, rp_context })
  *   .preset(orbLegacy({ signal: 'user-123' }))
  * ```
  */
@@ -269,11 +490,47 @@ declare function orbLegacy(opts?: {
     signal?: string;
 }): OrbLegacyPreset;
 /**
- * Builder for creating IDKit requests
+ * Creates a SecureDocumentLegacy preset for World ID 3.0 legacy support
+ *
+ * This preset creates an IDKit request compatible with both World ID 4.0 and 3.0 protocols.
+ * Use this when you need backward compatibility with older World App versions.
+ *
+ * @param opts - Optional configuration with signal
+ * @returns A SecureDocumentLegacy preset
+ *
+ * @example
+ * ```typescript
+ * const request = await IDKit.request({ app_id, action, rp_context })
+ *   .preset(secureDocumentLegacy({ signal: 'user-123' }))
+ * ```
+ */
+declare function secureDocumentLegacy(opts?: {
+    signal?: string;
+}): SecureDocumentLegacyPreset;
+/**
+ * Creates a DocumentLegacy preset for World ID 3.0 legacy support
+ *
+ * This preset creates an IDKit request compatible with both World ID 4.0 and 3.0 protocols.
+ * Use this when you need backward compatibility with older World App versions.
+ *
+ * @param opts - Optional configuration with signal
+ * @returns A DocumentLegacy preset
+ *
+ * @example
+ * ```typescript
+ * const request = await IDKit.request({ app_id, action, rp_context })
+ *   .preset(documentLegacy({ signal: 'user-123' }))
+ * ```
+ */
+declare function documentLegacy(opts?: {
+    signal?: string;
+}): DocumentLegacyPreset;
+/**
+ * Merged builder for IDKit requests
  */
-declare class IDKitRequestBuilder {
-    private config;
-    constructor(config: IDKitRequestConfig);
+declare class IDKitBuilder {
+    private wasmBuilder;
+    constructor(wasmBuilder: IDKitBuilder$1);
     /**
      * Creates an IDKit request with the given constraints
      *
@@ -282,25 +539,23 @@ declare class IDKitRequestBuilder {
      *
      * @example
      * ```typescript
-     * const request = await IDKit.request({ app_id, action, rp_context })
-     *   .constraints(any(CredentialRequest('orb'), CredentialRequest('face')))
+     * const builder = await IDKit.request({ app_id, action, rp_context });
+     * const request = await builder.constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
      * ```
      */
-    constraints(constraints: ConstraintNode): Promise<IDKitRequest>;
     /**
-     * Creates an IDKit request from a preset
+     * Creates an IDKit request from a preset (works for all request types)
      *
      * Presets provide a simplified way to create requests with predefined
-     * credential configurations. The preset is converted to both World ID 4.0
-     * constraints and World ID 3.0 legacy fields for backward compatibility.
+     * credential configurations.
      *
      * @param preset - A preset object from orbLegacy()
      * @returns A new IDKitRequest instance
      *
      * @example
      * ```typescript
-     * const request = await IDKit.request({ app_id, action, rp_context })
-     *   .preset(orbLegacy({ signal: 'user-123' }))
+     * const builder = await IDKit.request({ app_id, action, rp_context });
+     * const request = await builder.preset(orbLegacy({ signal: 'user-123' }));
      * ```
      */
     preset(preset: Preset): Promise<IDKitRequest>;
@@ -312,7 +567,7 @@ declare class IDKitRequestBuilder {
  * Use the builder pattern with constraints to specify which credentials to accept.
  *
  * @param config - Request configuration
- * @returns An IDKitRequestBuilder instance
+ * @returns IDKitBuilder - A builder instance
  *
  * @example
  * ```typescript
@@ -336,17 +591,71 @@ declare class IDKitRequestBuilder {
  *     expires_at: Math.floor(Date.now() / 1000) + 3600,
  *     signature: 'ecdsa-signature-from-backend',
  *   },
- * }).constraints(any(orb, face))
+ *   allow_legacy_proofs: false,
+ * }).constraints(any(orb, face));
  *
  * // Display QR code
  * console.log('Scan this:', request.connectorURI)
  *
  * // Wait for proof
- * const proof = await request.pollForUpdates()
+ * const proof = await request.pollUntilCompletion()
  * console.log('Success:', proof)
  * ```
  */
-declare function createRequest(config: IDKitRequestConfig): IDKitRequestBuilder;
+declare function createRequest(config: IDKitRequestConfig): IDKitBuilder;
+/**
+ * Creates a new session builder (no action, no existing session_id)
+ *
+ * Use this when creating a new session for a user who doesn't have one yet.
+ * The response will include a `session_id` that should be saved for future
+ * session proofs with `proveSession()`.
+ *
+ * @param config - Session configuration (no action field)
+ * @returns IDKitBuilder - A builder instance
+ *
+ * @example
+ * ```typescript
+ * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
+ *
+ * // Create a new session (user doesn't have session_id yet)
+ * const request = await IDKit.createSession({
+ *   app_id: 'app_staging_xxxxx',
+ *   rp_context: { ... },
+ * }).constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
+ *
+ * // Display QR, wait for proof
+ * const result = await request.pollUntilCompletion();
+ * // result.session_id -> save this for future sessions
+ * // result.responses[0].session_nullifier -> for session tracking
+ * ```
+ */
+declare function createSession(config: IDKitSessionConfig): IDKitBuilder;
+/**
+ * Creates a builder for proving an existing session (no action, has session_id)
+ *
+ * Use this when a returning user needs to prove they own an existing session.
+ * The `sessionId` should be a value previously returned from `createSession()`.
+ *
+ * @param sessionId - The session ID from a previous session creation
+ * @param config - Session configuration (no action field)
+ * @returns IDKitBuilder - A builder instance
+ *
+ * @example
+ * ```typescript
+ * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
+ *
+ * // Prove an existing session (user returns)
+ * const request = await IDKit.proveSession(savedSessionId, {
+ *   app_id: 'app_staging_xxxxx',
+ *   rp_context: { ... },
+ * }).constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
+ *
+ * const result = await request.pollUntilCompletion();
+ * // result.session_id -> same session
+ * // result.responses[0].session_nullifier -> should match for same user
+ * ```
+ */
+declare function proveSession(sessionId: string, config: IDKitSessionConfig): IDKitBuilder;
 /**
  * IDKit namespace providing the main API entry points
  *
@@ -366,7 +675,7 @@ declare function createRequest(config: IDKitRequestConfig): IDKitRequestBuilder;
  *
  * // Display QR and wait for proof
  * console.log(request.connectorURI)
- * const proof = await request.pollForUpdates()
+ * const proof = await request.pollUntilCompletion()
  * ```
  */
 declare const IDKit: {
@@ -376,6 +685,10 @@ declare const IDKit: {
     initServer: typeof initIDKitServer;
     /** Create a new verification request */
     request: typeof createRequest;
+    /** Create a new session (no action, no existing session_id) */
+    createSession: typeof createSession;
+    /** Prove an existing session (no action, has session_id) */
+    proveSession: typeof proveSession;
     /** Create a CredentialRequest for a credential type */
     CredentialRequest: typeof CredentialRequest;
     /** Create an OR constraint - at least one child must be satisfied */
@@ -384,6 +697,10 @@ declare const IDKit: {
     all: typeof all;
     /** Create an OrbLegacy preset for World ID 3.0 legacy support */
     orbLegacy: typeof orbLegacy;
+    /** Create a SecureDocumentLegacy preset for World ID 3.0 legacy support */
+    secureDocumentLegacy: typeof secureDocumentLegacy;
+    /** Create a DocumentLegacy preset for World ID 3.0 legacy support */
+    documentLegacy: typeof documentLegacy;
 };
 
 /**
@@ -434,4 +751,13 @@ declare const isNode: () => boolean;
  */
 declare function signRequest(action: string, signingKeyHex: string, ttlSeconds?: number): RpSignature;
 
-export { type AbiEncodedValue, AppErrorCodes, type ConstraintNode, CredentialRequest, type CredentialRequestType, type CredentialType, IDKit, type IDKitRequest, type IDKitRequestConfig, type IErrorState, type ISuccessResult, type OrbLegacyPreset, type Preset, ResponseStatus, type RpContext, RpSignature, type Status, VerificationState, type WaitOptions, all, any, isNode, isReactNative, isWeb, orbLegacy, signRequest };
+/**
+ * Hashes a Signal (string or Uint8Array) to its hash representation.
+ * This is the same hashing used internally when constructing proof requests.
+ *
+ * @param signal - The signal to hash (string or Uint8Array)
+ * @returns 0x-prefixed hex string representing the signal hash
+ */
+declare function hashSignal(signal: string | Uint8Array): string;
+
+export { type AbiEncodedValue, type ConstraintNode, CredentialRequest, type CredentialRequestType, type CredentialType, type DocumentLegacyPreset, IDKit, type IDKitCompletionResult, type IDKitErrorCode, IDKitErrorCodes, type IDKitRequest, type IDKitRequestConfig, type IDKitResult, type IDKitResultSession, type IDKitSessionConfig, type OrbLegacyPreset, type Preset, type ResponseItemSession, type ResponseItemV3, type ResponseItemV4, type RpContext, RpSignature, type SecureDocumentLegacyPreset, type Status$1 as Status, type WaitOptions, all, any, documentLegacy, hashSignal, isNode, isReactNative, isWeb, orbLegacy, secureDocumentLegacy, signRequest };