@worldcoin/idkit-core 4.1.3 → 4.1.5

package/dist/index.js

@@ -13,6 +13,8 @@ var IDKitErrorCodes = /* @__PURE__ */ ((IDKitErrorCodes2) => {
   IDKitErrorCodes2["UserRejected"] = "user_rejected";
   IDKitErrorCodes2["VerificationRejected"] = "verification_rejected";
   IDKitErrorCodes2["CredentialUnavailable"] = "credential_unavailable";
+  IDKitErrorCodes2["WorldId4NotAvailable"] = "world_id_4_not_available";
+  IDKitErrorCodes2["WorldId3NotAvailable"] = "world_id_3_not_available";
   IDKitErrorCodes2["MalformedRequest"] = "malformed_request";
   IDKitErrorCodes2["InvalidNetwork"] = "invalid_network";
   IDKitErrorCodes2["InclusionProofPending"] = "inclusion_proof_pending";
@@ -21,7 +23,18 @@ var IDKitErrorCodes = /* @__PURE__ */ ((IDKitErrorCodes2) => {
   IDKitErrorCodes2["ConnectionFailed"] = "connection_failed";
   IDKitErrorCodes2["MaxVerificationsReached"] = "max_verifications_reached";
   IDKitErrorCodes2["FailedByHostApp"] = "failed_by_host_app";
+  IDKitErrorCodes2["InvalidRpSignature"] = "invalid_rp_signature";
+  IDKitErrorCodes2["NullifierReplayed"] = "nullifier_replayed";
+  IDKitErrorCodes2["DuplicateNonce"] = "duplicate_nonce";
+  IDKitErrorCodes2["UnknownRp"] = "unknown_rp";
+  IDKitErrorCodes2["InactiveRp"] = "inactive_rp";
+  IDKitErrorCodes2["TimestampTooOld"] = "timestamp_too_old";
+  IDKitErrorCodes2["TimestampTooFarInFuture"] = "timestamp_too_far_in_future";
+  IDKitErrorCodes2["InvalidTimestamp"] = "invalid_timestamp";
+  IDKitErrorCodes2["RpSignatureExpired"] = "rp_signature_expired";
+  IDKitErrorCodes2["IdentityAttributesNotMatched"] = "identity_attributes_not_matched";
   IDKitErrorCodes2["GenericError"] = "generic_error";
+  IDKitErrorCodes2["InvalidRpIdFormat"] = "invalid_rp_id_format";
   IDKitErrorCodes2["Timeout"] = "timeout";
   IDKitErrorCodes2["Cancelled"] = "cancelled";
   return IDKitErrorCodes2;
@@ -33,6 +46,7 @@ __export(idkit_wasm_exports, {
   BridgeEncryption: () => BridgeEncryption,
   CredentialRequestWasm: () => CredentialRequestWasm,
   IDKitBuilder: () => IDKitBuilder,
+  IDKitInviteCodeRequest: () => IDKitInviteCodeRequest,
   IDKitProof: () => IDKitProof,
   IDKitRequest: () => IDKitRequest,
   RpContextWasm: () => RpContextWasm,
@@ -45,6 +59,7 @@ __export(idkit_wasm_exports, {
   hashSignal: () => hashSignal,
   initSync: () => initSync,
   init_wasm: () => init_wasm,
+  proofResponseToIDKitResult: () => proofResponseToIDKitResult,
   proveSession: () => proveSession,
   request: () => request,
   signRequest: () => signRequest
@@ -412,6 +427,16 @@ var IDKitBuilder = class _IDKitBuilder {
     const ret = wasm.idkitbuilder_constraints(ptr, addHeapObject(constraints_json));
     return takeObject(ret);
   }
+  /**
+   * Creates an invite-code mode `BridgeConnection` with the given constraints (WDP-73).
+   * @param {any} constraints_json
+   * @returns {Promise<any>}
+   */
+  constraintsWithInviteCode(constraints_json) {
+    const ptr = this.__destroy_into_raw();
+    const ret = wasm.idkitbuilder_constraintsWithInviteCode(ptr, addHeapObject(constraints_json));
+    return takeObject(ret);
+  }
   /**
    * Creates a new builder for creating a new session
    * @param {string} app_id
@@ -602,8 +627,147 @@ var IDKitBuilder = class _IDKitBuilder {
     const ret = wasm.idkitbuilder_preset(ptr, addHeapObject(preset_json));
     return takeObject(ret);
   }
+  /**
+   * Creates an invite-code mode `BridgeConnection` from a preset (WDP-73).
+   * @param {any} preset_json
+   * @returns {Promise<any>}
+   */
+  presetWithInviteCode(preset_json) {
+    const ptr = this.__destroy_into_raw();
+    const ret = wasm.idkitbuilder_presetWithInviteCode(ptr, addHeapObject(preset_json));
+    return takeObject(ret);
+  }
 };
 if (Symbol.dispose) IDKitBuilder.prototype[Symbol.dispose] = IDKitBuilder.prototype.free;
+var IDKitInviteCodeRequest = class _IDKitInviteCodeRequest {
+  static __wrap(ptr) {
+    ptr = ptr >>> 0;
+    const obj = Object.create(_IDKitInviteCodeRequest.prototype);
+    obj.__wbg_ptr = ptr;
+    IDKitInviteCodeRequestFinalization.register(obj, obj.__wbg_ptr, obj);
+    return obj;
+  }
+  __destroy_into_raw() {
+    const ptr = this.__wbg_ptr;
+    this.__wbg_ptr = 0;
+    IDKitInviteCodeRequestFinalization.unregister(this);
+    return ptr;
+  }
+  free() {
+    const ptr = this.__destroy_into_raw();
+    wasm.__wbg_idkitinvitecoderequest_free(ptr, 0);
+  }
+  /**
+   * Returns the connector URL the RP should display to the user.
+   *
+   * This is the same URL shape the URL/QR mode produces, with two extra
+   * query params (`c=<canonical_code>`, `a=<app_id>`) the `world.org/verify`
+   * landing page uses to render an invite-code-aware view.
+   *
+   * # Errors
+   *
+   * Returns an error if the request has been closed.
+   * @returns {string}
+   */
+  connectUrl() {
+    let deferred2_0;
+    let deferred2_1;
+    try {
+      const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+      wasm.idkitinvitecoderequest_connectUrl(retptr, this.__wbg_ptr);
+      var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+      var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+      var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+      var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
+      var ptr1 = r0;
+      var len1 = r1;
+      if (r3) {
+        ptr1 = 0;
+        len1 = 0;
+        throw takeObject(r2);
+      }
+      deferred2_0 = ptr1;
+      deferred2_1 = len1;
+      return getStringFromWasm0(ptr1, len1);
+    } finally {
+      wasm.__wbindgen_add_to_stack_pointer(16);
+      wasm.__wbindgen_export4(deferred2_0, deferred2_1, 1);
+    }
+  }
+  /**
+   * Unix-seconds expiry of the unredeemed code.
+   *
+   * # Errors
+   *
+   * Returns an error if the request has been closed.
+   * @returns {number}
+   */
+  expiresAt() {
+    try {
+      const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+      wasm.idkitinvitecoderequest_expiresAt(retptr, this.__wbg_ptr);
+      var r0 = getDataViewMemory0().getFloat64(retptr + 8 * 0, true);
+      var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+      var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
+      if (r3) {
+        throw takeObject(r2);
+      }
+      return r0;
+    } finally {
+      wasm.__wbindgen_add_to_stack_pointer(16);
+    }
+  }
+  /**
+   * Polls the bridge for the current status (non-blocking).
+   *
+   * Mirrors `IDKitRequest::pollForStatus` exactly — same status shape,
+   * same close semantics. Adopters use the same poll loop they wrote for
+   * URL mode.
+   *
+   * # Errors
+   *
+   * Returns an error if the request has been closed or the poll fails.
+   * @returns {Promise<any>}
+   */
+  pollForStatus() {
+    const ret = wasm.idkitinvitecoderequest_pollForStatus(this.__wbg_ptr);
+    return takeObject(ret);
+  }
+  /**
+   * Returns the request ID for this request.
+   *
+   * # Errors
+   *
+   * Returns an error if the request has been closed.
+   * @returns {string}
+   */
+  requestId() {
+    let deferred2_0;
+    let deferred2_1;
+    try {
+      const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+      wasm.idkitinvitecoderequest_requestId(retptr, this.__wbg_ptr);
+      var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+      var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+      var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+      var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
+      var ptr1 = r0;
+      var len1 = r1;
+      if (r3) {
+        ptr1 = 0;
+        len1 = 0;
+        throw takeObject(r2);
+      }
+      deferred2_0 = ptr1;
+      deferred2_1 = len1;
+      return getStringFromWasm0(ptr1, len1);
+    } finally {
+      wasm.__wbindgen_add_to_stack_pointer(16);
+      wasm.__wbindgen_export4(deferred2_0, deferred2_1, 1);
+    }
+  }
+};
+if (Symbol.dispose) IDKitInviteCodeRequest.prototype[Symbol.dispose] = IDKitInviteCodeRequest.prototype.free;
 var IDKitProof = class {
   __destroy_into_raw() {
     const ptr = this.__wbg_ptr;
@@ -1040,6 +1204,21 @@ function hashSignal(signal) {
 function init_wasm() {
   wasm.init_wasm();
 }
+function proofResponseToIDKitResult(proof_response, options) {
+  try {
+    const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+    wasm.proofResponseToIDKitResult(retptr, addHeapObject(proof_response), addHeapObject(options));
+    var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+    var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+    var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+    if (r2) {
+      throw takeObject(r1);
+    }
+    return takeObject(r0);
+  } finally {
+    wasm.__wbindgen_add_to_stack_pointer(16);
+  }
+}
 function proveSession(session_id, app_id, rp_context, action_description, bridge_url, override_connect_base_url, return_to, environment) {
   const ptr0 = passStringToWasm0(session_id, wasm.__wbindgen_export, wasm.__wbindgen_export2);
   const len0 = WASM_VECTOR_LEN;
@@ -1106,6 +1285,10 @@ function __wbg_get_imports() {
       const ret = Error(getStringFromWasm0(arg0, arg1));
       return addHeapObject(ret);
     },
+    __wbg_Number_a5a435bd7bbec835: function(arg0) {
+      const ret = Number(getObject(arg0));
+      return ret;
+    },
     __wbg_String_8564e559799eccda: function(arg0, arg1) {
       const ret = String(getObject(arg1));
       const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_export, wasm.__wbindgen_export2);
@@ -1272,6 +1455,10 @@ function __wbg_get_imports() {
       const ret = getObject(arg0)[arg1 >>> 0];
       return addHeapObject(ret);
     },
+    __wbg_get_with_ref_key_6412cf3094599694: function(arg0, arg1) {
+      const ret = getObject(arg0)[getObject(arg1)];
+      return addHeapObject(ret);
+    },
     __wbg_has_926ef2ff40b308cf: function() {
       return handleError(function(arg0, arg1) {
         const ret = Reflect.has(getObject(arg0), getObject(arg1));
@@ -1282,6 +1469,10 @@ function __wbg_get_imports() {
       const ret = getObject(arg0).headers;
       return addHeapObject(ret);
     },
+    __wbg_idkitinvitecoderequest_new: function(arg0) {
+      const ret = IDKitInviteCodeRequest.__wrap(arg0);
+      return addHeapObject(ret);
+    },
     __wbg_idkitrequest_new: function(arg0) {
       const ret = IDKitRequest.__wrap(arg0);
       return addHeapObject(ret);
@@ -1393,7 +1584,7 @@ function __wbg_get_imports() {
           const a = state0.a;
           state0.a = 0;
           try {
-            return __wasm_bindgen_func_elem_1443(a, state0.b, arg02, arg12);
+            return __wasm_bindgen_func_elem_1544(a, state0.b, arg02, arg12);
           } finally {
             state0.a = a;
           }
@@ -1573,11 +1764,11 @@ function __wbg_get_imports() {
       return addHeapObject(ret);
     },
     __wbindgen_cast_0000000000000001: function(arg0, arg1) {
-      const ret = makeMutClosure(arg0, arg1, wasm.__wasm_bindgen_func_elem_661, __wasm_bindgen_func_elem_662);
+      const ret = makeMutClosure(arg0, arg1, wasm.__wasm_bindgen_func_elem_751, __wasm_bindgen_func_elem_752);
       return addHeapObject(ret);
     },
     __wbindgen_cast_0000000000000002: function(arg0, arg1) {
-      const ret = makeMutClosure(arg0, arg1, wasm.__wasm_bindgen_func_elem_989, __wasm_bindgen_func_elem_990);
+      const ret = makeMutClosure(arg0, arg1, wasm.__wasm_bindgen_func_elem_1079, __wasm_bindgen_func_elem_1080);
       return addHeapObject(ret);
     },
     __wbindgen_cast_0000000000000003: function(arg0) {
@@ -1613,13 +1804,13 @@ function __wbg_get_imports() {
     "./idkit_wasm_bg.js": import0
   };
 }
-function __wasm_bindgen_func_elem_662(arg0, arg1) {
-  wasm.__wasm_bindgen_func_elem_662(arg0, arg1);
+function __wasm_bindgen_func_elem_752(arg0, arg1) {
+  wasm.__wasm_bindgen_func_elem_752(arg0, arg1);
 }
-function __wasm_bindgen_func_elem_990(arg0, arg1, arg2) {
+function __wasm_bindgen_func_elem_1080(arg0, arg1, arg2) {
   try {
     const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-    wasm.__wasm_bindgen_func_elem_990(retptr, arg0, arg1, addHeapObject(arg2));
+    wasm.__wasm_bindgen_func_elem_1080(retptr, arg0, arg1, addHeapObject(arg2));
     var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
     var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
     if (r1) {
@@ -1629,8 +1820,8 @@ function __wasm_bindgen_func_elem_990(arg0, arg1, arg2) {
     wasm.__wbindgen_add_to_stack_pointer(16);
   }
 }
-function __wasm_bindgen_func_elem_1443(arg0, arg1, arg2, arg3) {
-  wasm.__wasm_bindgen_func_elem_1443(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
+function __wasm_bindgen_func_elem_1544(arg0, arg1, arg2, arg3) {
+  wasm.__wasm_bindgen_func_elem_1544(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
 }
 var __wbindgen_enum_RequestCache = ["default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached"];
 var __wbindgen_enum_RequestCredentials = ["omit", "same-origin", "include"];
@@ -1644,6 +1835,9 @@ var CredentialRequestWasmFinalization = typeof FinalizationRegistry === "undefin
 var IDKitBuilderFinalization = typeof FinalizationRegistry === "undefined" ? { register: () => {
 }, unregister: () => {
 } } : new FinalizationRegistry((ptr) => wasm.__wbg_idkitbuilder_free(ptr >>> 0, 1));
+var IDKitInviteCodeRequestFinalization = typeof FinalizationRegistry === "undefined" ? { register: () => {
+}, unregister: () => {
+} } : new FinalizationRegistry((ptr) => wasm.__wbg_idkitinvitecoderequest_free(ptr >>> 0, 1));
 var IDKitProofFinalization = typeof FinalizationRegistry === "undefined" ? { register: () => {
 }, unregister: () => {
 } } : new FinalizationRegistry((ptr) => wasm.__wbg_idkitproof_free(ptr >>> 0, 1));
@@ -1971,6 +2165,10 @@ function setDebug(enabled) {
 
 // src/transports/native.ts
 var MINIAPP_VERIFY_ACTION = "miniapp-verify-action";
+function toNativeErrorCode(error) {
+  const code = error instanceof Error ? error.message : String(error);
+  return Object.values(IDKitErrorCodes).includes(code) ? code : "generic_error" /* GenericError */;
+}
 function isInWorldApp() {
   return typeof window !== "undefined" && Boolean(window.WorldApp);
 }
@@ -2013,6 +2211,8 @@ var NativeIDKitRequest = class {
       this.resolveFn = resolve;
       const handleIncomingPayload = (responsePayload) => {
         if (this.completionResult) return;
+        if (isDebug())
+          console.debug("[IDKit] Native: received response", responsePayload);
         if (responsePayload?.status === "error") {
           if (isDebug())
             console.warn(
@@ -2025,15 +2225,27 @@ var NativeIDKitRequest = class {
           });
           return;
         }
-        this.complete({
-          success: true,
-          result: nativeResultToIDKitResult(
+        try {
+          const result = nativeResultToIDKitResult(
             responsePayload,
             config,
             signalHashes,
             legacySignalHash
-          )
-        });
+          );
+          if (isDebug())
+            console.debug(
+              "[IDKit] Native: mapped response",
+              result.protocol_version
+            );
+          this.complete({ success: true, result });
+        } catch (error) {
+          if (isDebug())
+            console.warn("[IDKit] Native: failed to map response", error);
+          this.complete({
+            success: false,
+            error: toNativeErrorCode(error)
+          });
+        }
       };
       const handler = (event) => {
         const data = event.data;
@@ -2066,13 +2278,15 @@ var NativeIDKitRequest = class {
         if (w.webkit?.messageHandlers?.minikit) {
           if (isDebug())
             console.debug(
-              `[IDKit] Native: sending verify command (version=${version}, platform=ios)`
+              `[IDKit] Native: sending verify command (version=${version}, platform=ios)`,
+              sendPayload
             );
           w.webkit.messageHandlers.minikit.postMessage(sendPayload);
         } else if (w.Android) {
           if (isDebug())
             console.debug(
-              `[IDKit] Native: sending verify command (version=${version}, platform=android)`
+              `[IDKit] Native: sending verify command (version=${version}, platform=android)`,
+              sendPayload
             );
           w.Android.postMessage(JSON.stringify(sendPayload));
         } else {
@@ -2100,7 +2314,7 @@ var NativeIDKitRequest = class {
     if (isDebug())
       console.debug(
         "[IDKit] Native: request completed",
-        result.success ? "success" : `error=${result.error}`
+        result.success === true ? "success" : `error=${result.error}`
       );
     this.completionResult = result;
     this.cleanup();
@@ -2132,13 +2346,14 @@ var NativeIDKitRequest = class {
     return this.completionResult === null;
   }
   async pollOnce() {
-    if (!this.completionResult) {
+    const completionResult = this.completionResult;
+    if (!completionResult) {
       return { type: "awaiting_confirmation" };
     }
-    if (this.completionResult.success) {
-      return { type: "confirmed", result: this.completionResult.result };
+    if (completionResult.success === true) {
+      return { type: "confirmed", result: completionResult.result };
     }
-    return { type: "failed", error: this.completionResult.error };
+    return { type: "failed", error: completionResult.error };
   }
   async pollUntilCompletion(options) {
     const timeout = options?.timeout ?? 9e5;
@@ -2176,39 +2391,24 @@ function nativeResultToIDKitResult(payload, config, signalHashes, legacySignalHa
   const rpNonce = config.rp_context?.nonce ?? "";
   if ("proof_response" in p && p.proof_response != null) {
     const proof_response = p.proof_response;
-    const items = proof_response.responses ?? [];
-    if (proof_response.session_id) {
-      return {
-        protocol_version: "4.0",
-        nonce: proof_response.nonce ?? rpNonce,
-        action_description: proof_response.action_description,
-        session_id: proof_response.session_id,
-        responses: items.map((item) => ({
-          identifier: item.identifier,
-          signal_hash: signalHashes[item.identifier],
-          proof: item.proof,
-          session_nullifier: item.session_nullifier,
-          issuer_schema_id: item.issuer_schema_id,
-          expires_at_min: item.expires_at_min
-        })),
-        environment: config.environment ?? "production"
-      };
-    }
-    return {
-      protocol_version: "4.0",
-      nonce: proof_response.nonce ?? rpNonce,
-      action: proof_response.action ?? config.action ?? "",
-      action_description: proof_response.action_description,
-      responses: items.map((item) => ({
-        identifier: item.identifier,
-        signal_hash: signalHashes[item.identifier],
-        proof: item.proof,
-        nullifier: item.nullifier,
-        issuer_schema_id: item.issuer_schema_id,
-        expires_at_min: item.expires_at_min
-      })),
-      environment: config.environment ?? "production"
-    };
+    if (isDebug())
+      console.debug("[IDKit] Native: mapping wrapped v4 proof_response", {
+        responseCount: proof_response.responses?.length,
+        responseIdentifiers: proof_response.responses?.map(
+          (item) => item.identifier
+        )
+      });
+    return idkit_wasm_exports.proofResponseToIDKitResult(proof_response, {
+      nonce: rpNonce,
+      action: config.action,
+      action_description: config.action_description,
+      environment: config.environment ?? "production",
+      signal_hashes: signalHashes,
+      identity_attested: p.identity_attested
+    });
+  }
+  if (Array.isArray(p.responses) && ("id" in p || "version" in p || "error" in p)) {
+    throw new Error("unexpected_response" /* UnexpectedResponse */);
   }
   if ("verifications" in p && Array.isArray(p.verifications)) {
     const verifications = p.verifications;
@@ -2245,6 +2445,30 @@ function nativeResultToIDKitResult(payload, config, signalHashes, legacySignalHa
 
 // src/request.ts
 var SESSION_ID_PATTERN = /^session_[0-9a-fA-F]{128}$/;
+async function pollUntilCompletionLoop(pollOnce, options) {
+  const pollInterval = options?.pollInterval ?? 1e3;
+  const timeout = options?.timeout ?? 9e5;
+  const startTime = Date.now();
+  while (true) {
+    if (options?.signal?.aborted) {
+      return { success: false, error: "cancelled" /* Cancelled */ };
+    }
+    if (Date.now() - startTime > timeout) {
+      return { success: false, error: "timeout" /* Timeout */ };
+    }
+    const status = await pollOnce();
+    if (status.type === "confirmed" && status.result) {
+      return { success: true, result: status.result };
+    }
+    if (status.type === "failed") {
+      return {
+        success: false,
+        error: status.error ?? "generic_error" /* GenericError */
+      };
+    }
+    await new Promise((resolve) => setTimeout(resolve, pollInterval));
+  }
+}
 var IDKitRequestImpl = class {
   constructor(wasmRequest) {
     this.wasmRequest = wasmRequest;
@@ -2260,29 +2484,31 @@ var IDKitRequestImpl = class {
   async pollOnce() {
     return await this.wasmRequest.pollForStatus();
   }
-  async pollUntilCompletion(options) {
-    const pollInterval = options?.pollInterval ?? 1e3;
-    const timeout = options?.timeout ?? 9e5;
-    const startTime = Date.now();
-    while (true) {
-      if (options?.signal?.aborted) {
-        return { success: false, error: "cancelled" /* Cancelled */ };
-      }
-      if (Date.now() - startTime > timeout) {
-        return { success: false, error: "timeout" /* Timeout */ };
-      }
-      const status = await this.pollOnce();
-      if (status.type === "confirmed" && status.result) {
-        return { success: true, result: status.result };
-      }
-      if (status.type === "failed") {
-        return {
-          success: false,
-          error: status.error ?? "generic_error" /* GenericError */
-        };
-      }
-      await new Promise((resolve) => setTimeout(resolve, pollInterval));
-    }
+  pollUntilCompletion(options) {
+    return pollUntilCompletionLoop(() => this.pollOnce(), options);
+  }
+};
+var IDKitInviteCodeRequestImpl = class {
+  constructor(wasmRequest) {
+    this.wasmRequest = wasmRequest;
+    this._connectorURI = wasmRequest.connectUrl();
+    this._expiresAt = wasmRequest.expiresAt();
+    this._requestId = wasmRequest.requestId();
+  }
+  get connectorURI() {
+    return this._connectorURI;
+  }
+  get expiresAt() {
+    return this._expiresAt;
+  }
+  get requestId() {
+    return this._requestId;
+  }
+  async pollOnce() {
+    return await this.wasmRequest.pollForStatus();
+  }
+  pollUntilCompletion(options) {
+    return pollUntilCompletionLoop(() => this.pollOnce(), options);
   }
 };
 function CredentialRequest(credential_type, options) {
@@ -2465,6 +2691,51 @@ var IDKitBuilder2 = class {
     return new IDKitRequestImpl(wasmRequest);
   }
 };
+var IDKitInviteCodeBuilder = class {
+  constructor(config) {
+    this.config = config;
+  }
+  /**
+   * Creates an invite-code mode IDKit request with the given constraints.
+   *
+   * @param constraints - Constraint tree (CredentialRequest or any/all/enumerate combinators)
+   * @returns A new IDKitInviteCodeRequest instance
+   *
+   * @example
+   * ```typescript
+   * const request = await IDKit.requestWithInviteCode({ app_id, action, rp_context, allow_legacy_proofs: false })
+   *   .constraints(any(CredentialRequest('proof_of_human'), CredentialRequest('face')));
+   * displayLink(request.connectorURI);
+   * ```
+   */
+  async constraints(constraints) {
+    await initIDKit();
+    const wasmBuilder = createWasmBuilderFromConfig(this.config);
+    const wasmRequest = await wasmBuilder.constraintsWithInviteCode(
+      constraints
+    );
+    return new IDKitInviteCodeRequestImpl(wasmRequest);
+  }
+  /**
+   * Creates an invite-code mode IDKit request from a preset.
+   *
+   * @param preset - A preset object from orbLegacy(), secureDocumentLegacy(), documentLegacy(), selfieCheckLegacy(), or deviceLegacy()
+   * @returns A new IDKitInviteCodeRequest instance
+   */
+  async preset(preset) {
+    if (this.config.type === "createSession" || this.config.type === "proveSession") {
+      throw new Error(
+        "Presets are not supported for session flows. Use .constraints() instead."
+      );
+    }
+    await initIDKit();
+    const wasmBuilder = createWasmBuilderFromConfig(this.config);
+    const wasmRequest = await wasmBuilder.presetWithInviteCode(
+      preset
+    );
+    return new IDKitInviteCodeRequestImpl(wasmRequest);
+  }
+};
 function createRequest(config) {
   if (!config.app_id) {
     throw new Error("app_id is required");
@@ -2495,6 +2766,36 @@ function createRequest(config) {
     environment: config.environment
   });
 }
+function createRequestWithInviteCode(config) {
+  if (!config.app_id) {
+    throw new Error("app_id is required");
+  }
+  if (!config.action) {
+    throw new Error("action is required");
+  }
+  if (!config.rp_context) {
+    throw new Error(
+      "rp_context is required. Generate it on your backend using signRequest()."
+    );
+  }
+  if (typeof config.allow_legacy_proofs !== "boolean") {
+    throw new Error(
+      "allow_legacy_proofs is required. Set to true to accept v3 proofs during migration, or false to only accept v4 proofs."
+    );
+  }
+  return new IDKitInviteCodeBuilder({
+    type: "request",
+    app_id: config.app_id,
+    action: String(config.action),
+    rp_context: config.rp_context,
+    action_description: config.action_description,
+    bridge_url: config.bridge_url,
+    return_to: config.return_to,
+    allow_legacy_proofs: config.allow_legacy_proofs,
+    override_connect_base_url: config.override_connect_base_url,
+    environment: config.environment
+  });
+}
 function createSession2(config) {
   if (!config.app_id) {
     throw new Error("app_id is required");
@@ -2547,6 +2848,8 @@ function proveSession2(sessionId, config) {
 var IDKit = {
   /** Create a new verification request */
   request: createRequest,
+  /** Create a new invite-code mode verification request (WDP-73) */
+  requestWithInviteCode: createRequestWithInviteCode,
   /** Create a new session (no action, no existing session_id) */
   createSession: createSession2,
   /** Prove an existing session (no action, has session_id) */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@worldcoin/idkit-core",
-  "version": "4.1.3",
+  "version": "4.1.5",
   "description": "Core IDKit SDK for World ID - Pure TypeScript, no dependencies",
   "type": "module",
   "main": "./dist/index.cjs",