@zerodev/wallet-core 0.0.1-alpha.17 → 0.0.1-alpha.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (155) hide show
  1. package/dist/_cjs/actions/auth/getOAuthLoginUrl.js +18 -0
  2. package/dist/_cjs/actions/auth/getOAuthLoginUrl.js.map +1 -0
  3. package/dist/_cjs/actions/auth/getWhoami.js +2 -2
  4. package/dist/_cjs/actions/auth/getWhoami.js.map +1 -1
  5. package/dist/_cjs/actions/auth/index.js +3 -1
  6. package/dist/_cjs/actions/auth/index.js.map +1 -1
  7. package/dist/_cjs/actions/auth/loginWithStamp.js +5 -5
  8. package/dist/_cjs/actions/auth/loginWithStamp.js.map +1 -1
  9. package/dist/_cjs/actions/auth/registerWithOTP.js.map +1 -1
  10. package/dist/_cjs/actions/index.js +2 -1
  11. package/dist/_cjs/actions/index.js.map +1 -1
  12. package/dist/_cjs/actions/wallet/signingUtils.js +2 -2
  13. package/dist/_cjs/actions/wallet/signingUtils.js.map +1 -1
  14. package/dist/_cjs/client/authProxy.js +1 -1
  15. package/dist/_cjs/client/authProxy.js.map +1 -1
  16. package/dist/_cjs/client/createClient.js +5 -5
  17. package/dist/_cjs/client/createClient.js.map +1 -1
  18. package/dist/_cjs/client/decorators/client.js +1 -0
  19. package/dist/_cjs/client/decorators/client.js.map +1 -1
  20. package/dist/_cjs/client/transports/createTransport.js +5 -5
  21. package/dist/_cjs/client/transports/createTransport.js.map +1 -1
  22. package/dist/_cjs/client/transports/rest.js +5 -5
  23. package/dist/_cjs/client/transports/rest.js.map +1 -1
  24. package/dist/_cjs/constants.js +2 -1
  25. package/dist/_cjs/constants.js.map +1 -1
  26. package/dist/_cjs/core/createZeroDevWallet.js +38 -64
  27. package/dist/_cjs/core/createZeroDevWallet.js.map +1 -1
  28. package/dist/_cjs/index.js.map +1 -1
  29. package/dist/_cjs/stampers/indexedDbStamper.js +17 -2
  30. package/dist/_cjs/stampers/indexedDbStamper.js.map +1 -1
  31. package/dist/_cjs/stampers/webauthnStamper.js +23 -3
  32. package/dist/_cjs/stampers/webauthnStamper.js.map +1 -1
  33. package/dist/_cjs/utils/encryptOtpAttempt.js +57 -0
  34. package/dist/_cjs/utils/encryptOtpAttempt.js.map +1 -0
  35. package/dist/_cjs/utils/exportPrivateKey.js +1 -1
  36. package/dist/_cjs/utils/exportPrivateKey.js.map +1 -1
  37. package/dist/_cjs/utils/exportWallet.js +2 -6
  38. package/dist/_cjs/utils/exportWallet.js.map +1 -1
  39. package/dist/_cjs/utils/hpke.js +78 -0
  40. package/dist/_cjs/utils/hpke.js.map +1 -0
  41. package/dist/_cjs/utils/utils.js +5 -6
  42. package/dist/_cjs/utils/utils.js.map +1 -1
  43. package/dist/_esm/actions/auth/getOAuthLoginUrl.js +23 -0
  44. package/dist/_esm/actions/auth/getOAuthLoginUrl.js.map +1 -0
  45. package/dist/_esm/actions/auth/getWhoami.js +2 -2
  46. package/dist/_esm/actions/auth/getWhoami.js.map +1 -1
  47. package/dist/_esm/actions/auth/index.js +1 -0
  48. package/dist/_esm/actions/auth/index.js.map +1 -1
  49. package/dist/_esm/actions/auth/loginWithStamp.js +5 -5
  50. package/dist/_esm/actions/auth/loginWithStamp.js.map +1 -1
  51. package/dist/_esm/actions/auth/registerWithOTP.js.map +1 -1
  52. package/dist/_esm/actions/index.js +1 -1
  53. package/dist/_esm/actions/index.js.map +1 -1
  54. package/dist/_esm/actions/wallet/signingUtils.js +2 -2
  55. package/dist/_esm/actions/wallet/signingUtils.js.map +1 -1
  56. package/dist/_esm/client/authProxy.js +9 -4
  57. package/dist/_esm/client/authProxy.js.map +1 -1
  58. package/dist/_esm/client/createClient.js +5 -5
  59. package/dist/_esm/client/createClient.js.map +1 -1
  60. package/dist/_esm/client/decorators/client.js +2 -1
  61. package/dist/_esm/client/decorators/client.js.map +1 -1
  62. package/dist/_esm/client/transports/createTransport.js +5 -5
  63. package/dist/_esm/client/transports/createTransport.js.map +1 -1
  64. package/dist/_esm/client/transports/rest.js +5 -5
  65. package/dist/_esm/client/transports/rest.js.map +1 -1
  66. package/dist/_esm/constants.js +6 -0
  67. package/dist/_esm/constants.js.map +1 -1
  68. package/dist/_esm/core/createZeroDevWallet.js +42 -66
  69. package/dist/_esm/core/createZeroDevWallet.js.map +1 -1
  70. package/dist/_esm/index.js.map +1 -1
  71. package/dist/_esm/stampers/indexedDbStamper.js +17 -2
  72. package/dist/_esm/stampers/indexedDbStamper.js.map +1 -1
  73. package/dist/_esm/stampers/webauthnStamper.js +23 -4
  74. package/dist/_esm/stampers/webauthnStamper.js.map +1 -1
  75. package/dist/_esm/utils/encryptOtpAttempt.js +81 -0
  76. package/dist/_esm/utils/encryptOtpAttempt.js.map +1 -0
  77. package/dist/_esm/utils/exportPrivateKey.js +1 -1
  78. package/dist/_esm/utils/exportPrivateKey.js.map +1 -1
  79. package/dist/_esm/utils/exportWallet.js +2 -6
  80. package/dist/_esm/utils/exportWallet.js.map +1 -1
  81. package/dist/_esm/utils/hpke.js +119 -0
  82. package/dist/_esm/utils/hpke.js.map +1 -0
  83. package/dist/_esm/utils/utils.js +5 -6
  84. package/dist/_esm/utils/utils.js.map +1 -1
  85. package/dist/_types/actions/auth/getOAuthLoginUrl.d.ts +30 -0
  86. package/dist/_types/actions/auth/getOAuthLoginUrl.d.ts.map +1 -0
  87. package/dist/_types/actions/auth/index.d.ts +1 -0
  88. package/dist/_types/actions/auth/index.d.ts.map +1 -1
  89. package/dist/_types/actions/auth/loginWithStamp.d.ts +2 -1
  90. package/dist/_types/actions/auth/loginWithStamp.d.ts.map +1 -1
  91. package/dist/_types/actions/auth/registerWithOTP.d.ts +6 -0
  92. package/dist/_types/actions/auth/registerWithOTP.d.ts.map +1 -1
  93. package/dist/_types/actions/index.d.ts +1 -1
  94. package/dist/_types/actions/index.d.ts.map +1 -1
  95. package/dist/_types/client/authProxy.d.ts +13 -7
  96. package/dist/_types/client/authProxy.d.ts.map +1 -1
  97. package/dist/_types/client/decorators/client.d.ts +7 -1
  98. package/dist/_types/client/decorators/client.d.ts.map +1 -1
  99. package/dist/_types/client/transports/rest.d.ts +5 -4
  100. package/dist/_types/client/transports/rest.d.ts.map +1 -1
  101. package/dist/_types/client/types.d.ts +9 -9
  102. package/dist/_types/client/types.d.ts.map +1 -1
  103. package/dist/_types/constants.d.ts +1 -0
  104. package/dist/_types/constants.d.ts.map +1 -1
  105. package/dist/_types/core/createZeroDevWallet.d.ts +13 -0
  106. package/dist/_types/core/createZeroDevWallet.d.ts.map +1 -1
  107. package/dist/_types/index.d.ts +1 -1
  108. package/dist/_types/index.d.ts.map +1 -1
  109. package/dist/_types/stampers/index.d.ts +1 -1
  110. package/dist/_types/stampers/index.d.ts.map +1 -1
  111. package/dist/_types/stampers/indexedDbStamper.d.ts +2 -2
  112. package/dist/_types/stampers/indexedDbStamper.d.ts.map +1 -1
  113. package/dist/_types/stampers/types.d.ts +31 -5
  114. package/dist/_types/stampers/types.d.ts.map +1 -1
  115. package/dist/_types/stampers/webauthnStamper.d.ts +2 -2
  116. package/dist/_types/stampers/webauthnStamper.d.ts.map +1 -1
  117. package/dist/_types/types/session.d.ts +2 -3
  118. package/dist/_types/types/session.d.ts.map +1 -1
  119. package/dist/_types/utils/buildClientSignature.d.ts +3 -3
  120. package/dist/_types/utils/buildClientSignature.d.ts.map +1 -1
  121. package/dist/_types/utils/encryptOtpAttempt.d.ts +40 -0
  122. package/dist/_types/utils/encryptOtpAttempt.d.ts.map +1 -0
  123. package/dist/_types/utils/exportWallet.d.ts.map +1 -1
  124. package/dist/_types/utils/hpke.d.ts +38 -0
  125. package/dist/_types/utils/hpke.d.ts.map +1 -0
  126. package/dist/_types/utils/utils.d.ts.map +1 -1
  127. package/dist/tsconfig.build.tsbuildinfo +1 -1
  128. package/package.json +5 -1
  129. package/src/actions/auth/getOAuthLoginUrl.ts +48 -0
  130. package/src/actions/auth/getWhoami.ts +2 -2
  131. package/src/actions/auth/index.ts +5 -0
  132. package/src/actions/auth/loginWithStamp.ts +7 -6
  133. package/src/actions/auth/registerWithOTP.ts +6 -0
  134. package/src/actions/index.ts +3 -0
  135. package/src/actions/wallet/signingUtils.ts +2 -2
  136. package/src/client/authProxy.ts +14 -8
  137. package/src/client/createClient.ts +6 -6
  138. package/src/client/decorators/client.ts +13 -0
  139. package/src/client/transports/createTransport.ts +5 -5
  140. package/src/client/transports/rest.ts +11 -10
  141. package/src/client/types.ts +9 -9
  142. package/src/constants.ts +8 -0
  143. package/src/core/createZeroDevWallet.ts +58 -81
  144. package/src/index.ts +5 -2
  145. package/src/stampers/index.ts +2 -2
  146. package/src/stampers/indexedDbStamper.ts +24 -4
  147. package/src/stampers/types.ts +33 -5
  148. package/src/stampers/webauthnStamper.ts +27 -6
  149. package/src/types/session.ts +2 -3
  150. package/src/utils/buildClientSignature.ts +3 -3
  151. package/src/utils/encryptOtpAttempt.ts +142 -0
  152. package/src/utils/exportPrivateKey.ts +1 -1
  153. package/src/utils/exportWallet.ts +2 -6
  154. package/src/utils/hpke.ts +219 -0
  155. package/src/utils/utils.ts +5 -6
package/dist/_types/constants.d.ts CHANGED
@@ -3,4 +3,5 @@ export declare const DEFAULT_IFRAME_CONTAINER_ID = "turnkey-auth-iframe-containe
3
3
  export declare const DEFAULT_IFRAME_ELEMENT_ID = "turnkey-default-iframe-element-id";
4
4
  export declare const DEFAULT_ORGANIZATION_ID = "0d98e826-dd8f-44ca-a585-3afcd27d4002";
5
5
  export declare const KMS_SERVER_URL = "https://kms.staging.zerodev.app";
6
+ export declare const TURNKEY_TLS_FETCHER_SIGN_PUBLIC_KEY = "046b4f88421f76b6ba418afc2ea1d8ced671337d7db6b80478a60d8531bf8f17fa9a512f0fef96fc0c9b4cd9dff70b34992e520ce04c79d931f6ff6296b547d201";
6
7
  //# sourceMappingURL=constants.d.ts.map
package/dist/_types/constants.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qCAAqC,QAAQ,CAAA;AAC1D,eAAO,MAAM,2BAA2B,qCAAqC,CAAA;AAC7E,eAAO,MAAM,yBAAyB,sCAAsC,CAAA;AAC5E,eAAO,MAAM,uBAAuB,yCAAyC,CAAA;AAC7E,eAAO,MAAM,cAAc,oCAAoC,CAAA"}
1
+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qCAAqC,QAAQ,CAAA;AAC1D,eAAO,MAAM,2BAA2B,qCAAqC,CAAA;AAC7E,eAAO,MAAM,yBAAyB,sCAAsC,CAAA;AAC5E,eAAO,MAAM,uBAAuB,yCAAyC,CAAA;AAC7E,eAAO,MAAM,cAAc,oCAAoC,CAAA;AAO/D,eAAO,MAAM,mCAAmC,uIACsF,CAAA"}
package/dist/_types/core/createZeroDevWallet.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import type { LocalAccount } from 'viem/accounts';
2
2
  import type { EmailCustomization, OtpCodeCustomization } from '../actions/auth/index.js';
3
3
  import { type ZeroDevWalletClient } from '../client/index.js';
4
+ import type { ApiKeyStamper, PasskeyStamper } from '../stampers/types.js';
4
5
  import { type StorageAdapter } from '../storage/manager.js';
5
6
  import { type ZeroDevWalletSession } from '../types/session.js';
6
7
  export interface ZeroDevWalletConfig {
@@ -9,6 +10,8 @@ export interface ZeroDevWalletConfig {
9
10
  projectId: string;
10
11
  sessionStorage?: StorageAdapter;
11
12
  rpId?: string;
13
+ apiKeyStamper?: ApiKeyStamper;
14
+ passkeyStamper?: PasskeyStamper;
12
15
  }
13
16
  export type { EmailCustomization } from '../actions/auth/index.js';
14
17
  export type { StorageAdapter, StorageManager } from '../storage/manager.js';
@@ -35,6 +38,11 @@ export type AuthParams = {
35
38
  mode: 'verifyOtp';
36
39
  otpId: string;
37
40
  otpCode: string;
41
+ /**
42
+ * The encryption target bundle returned by the matching `sendOtp` call.
43
+ * Required — used to HPKE-encrypt the OTP attempt to the enclave.
44
+ */
45
+ otpEncryptionTargetBundle: string;
38
46
  } | {
39
47
  type: 'magicLink';
40
48
  mode: 'send';
@@ -46,6 +54,11 @@ export type AuthParams = {
46
54
  mode: 'verify';
47
55
  otpId: string;
48
56
  code: string;
57
+ /**
58
+ * The encryption target bundle returned by the matching `sendMagicLink`
59
+ * (a.k.a. magicLink `send`) call. Required for the encrypted-OTP flow.
60
+ */
61
+ otpEncryptionTargetBundle: string;
49
62
  };
50
63
  export interface ZeroDevWalletSDK {
51
64
  client: ZeroDevWalletClient;
package/dist/_types/core/createZeroDevWallet.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createZeroDevWallet.d.ts","sourceRoot":"","sources":["../../../src/core/createZeroDevWallet.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AACjD,OAAO,KAAK,EACV,kBAAkB,EAClB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAEjC,OAAO,EAGL,KAAK,mBAAmB,EAEzB,MAAM,oBAAoB,CAAA;AAS3B,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EAAe,KAAK,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAS5E,MAAM,WAAW,mBAAmB;IAClC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,cAAc,CAAA;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAA;CACd;AAGD,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAClE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAE3E,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAE5E,MAAM,MAAM,UAAU,GAClB;IACE,IAAI,EAAE,OAAO,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB,GACD;IACE,IAAI,EAAE,SAAS,CAAA;IACf,IAAI,EAAE,UAAU,GAAG,OAAO,CAAA;CAC3B,GACD;IACE,IAAI,EAAE,KAAK,CAAA;IACX,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE;QACP,IAAI,EAAE,OAAO,GAAG,KAAK,CAAA;QACrB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;IACD,kBAAkB,CAAC,EAAE,kBAAkB,CAAA;IACvC,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;CAC5C,GACD;IACE,IAAI,EAAE,KAAK,CAAA;IACX,IAAI,EAAE,WAAW,CAAA;IACjB,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;CAChB,GACD;IACE,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,EAAE,MAAM,CAAA;IACnB,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;CAC5C,GACD;IACE,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAEL,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,mBAAmB,CAAA;IAC3B,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;IAE1C,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAA;IAE1C,UAAU,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAC3D,cAAc,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAA;IACnE,aAAa,EAAE,CACb,SAAS,EAAE,MAAM,KACd,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAC9C,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAClD,gBAAgB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACrC,cAAc,EAAE,CACd,SAAS,CAAC,EAAE,MAAM,KACf,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAE9C,MAAM,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAA;IAE9B,SAAS,EAAE,MAAM,OAAO,CAAC,YAAY,CAAC,CAAA;CACvC;AAED,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,mBAAmB,GAC1B,OAAO,CAAC,gBAAgB,CAAC,CA2X3B"}
1
+ {"version":3,"file":"createZeroDevWallet.d.ts","sourceRoot":"","sources":["../../../src/core/createZeroDevWallet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AACjD,OAAO,KAAK,EACV,kBAAkB,EAClB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAEjC,OAAO,EAGL,KAAK,mBAAmB,EAEzB,MAAM,oBAAoB,CAAA;AAO3B,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAGzE,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EAAe,KAAK,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAI5E,MAAM,WAAW,mBAAmB;IAClC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,cAAc,CAAA;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,cAAc,CAAC,EAAE,cAAc,CAAA;CAChC;AAGD,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAClE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAE3E,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAE5E,MAAM,MAAM,UAAU,GAClB;IACE,IAAI,EAAE,OAAO,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB,GACD;IACE,IAAI,EAAE,SAAS,CAAA;IACf,IAAI,EAAE,UAAU,GAAG,OAAO,CAAA;CAC3B,GACD;IACE,IAAI,EAAE,KAAK,CAAA;IACX,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE;QACP,IAAI,EAAE,OAAO,GAAG,KAAK,CAAA;QACrB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;IACD,kBAAkB,CAAC,EAAE,kBAAkB,CAAA;IACvC,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;CAC5C,GACD;IACE,IAAI,EAAE,KAAK,CAAA;IACX,IAAI,EAAE,WAAW,CAAA;IACjB,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;IACf;;;OAGG;IACH,yBAAyB,EAAE,MAAM,CAAA;CAClC,GACD;IACE,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,EAAE,MAAM,CAAA;IACnB,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;CAC5C,GACD;IACE,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ;;;OAGG;IACH,yBAAyB,EAAE,MAAM,CAAA;CAClC,CAAA;AAEL,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,mBAAmB,CAAA;IAC3B,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;IAE1C,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAA;IAE1C,UAAU,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAC3D,cAAc,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAA;IACnE,aAAa,EAAE,CACb,SAAS,EAAE,MAAM,KACd,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAC9C,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAClD,gBAAgB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACrC,cAAc,EAAE,CACd,SAAS,CAAC,EAAE,MAAM,KACf,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAA;IAE9C,MAAM,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAA;IAE9B,SAAS,EAAE,MAAM,OAAO,CAAC,YAAY,CAAC,CAAA;CACvC;AAED,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,mBAAmB,GAC1B,OAAO,CAAC,gBAAgB,CAAC,CA6V3B"}
package/dist/_types/index.d.ts CHANGED
@@ -10,7 +10,7 @@ export { KMS_SERVER_URL } from './constants.js';
10
10
  export type { AuthParams, ZeroDevWalletConfig, ZeroDevWalletSDK, } from './core/createZeroDevWallet.js';
11
11
  export { createZeroDevWallet } from './core/createZeroDevWallet.js';
12
12
  export { createIframeStamper, createIndexedDbStamper, createWebauthnStamper, } from './stampers/index.js';
13
- export type { IframeStamper, IndexedDbStamper, WebauthnStamper, } from './stampers/types.js';
13
+ export type { ApiKeyStamper, Attestation, IframeStamper, PasskeyRegistrationOptions, PasskeyRegistrationResult, PasskeyStamper, } from './stampers/types.js';
14
14
  export type { StorageAdapter, StorageManager } from './storage/manager.js';
15
15
  export type { StamperType, ZeroDevWalletSession } from './types/session.js';
16
16
  export type { KeyFormat } from './utils/exportPrivateKey.js';
package/dist/_types/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAEV,mBAAmB,EACnB,+BAA+B,EAC/B,+BAA+B,EAC/B,+BAA+B,EAC/B,+BAA+B,EAC/B,YAAY,EACZ,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAE3B,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,UAAU,EACV,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,+BAA+B,EAC/B,+BAA+B,EAC/B,qBAAqB,EACrB,qBAAqB,EACrB,yBAAyB,EACzB,yBAAyB,EACzB,yBAAyB,EACzB,yBAAyB,EACzB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,oBAAoB,CAAA;AAG3B,OAAO,EAEL,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EAEjB,aAAa,EACb,SAAS,EACT,YAAY,EACZ,eAAe,EACf,qBAAqB,EACrB,WAAW,EACX,eAAe,EACf,eAAe,EACf,iBAAiB,GAClB,MAAM,oBAAoB,CAAA;AAC3B,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAClD,YAAY,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAA;AAEzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAA;AACpE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAExE,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,KAAK,mBAAmB,EACxB,sBAAsB,GACvB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAC/C,YAAY,EACV,UAAU,EACV,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,+BAA+B,CAAA;AAEtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAA;AAEnE,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,qBAAqB,CAAA;AAC5B,YAAY,EACV,aAAa,EACb,gBAAgB,EAChB,eAAe,GAChB,MAAM,qBAAqB,CAAA;AAE5B,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAE1E,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAC3E,YAAY,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAA;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAA;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAA;AAEtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAEV,mBAAmB,EACnB,+BAA+B,EAC/B,+BAA+B,EAC/B,+BAA+B,EAC/B,+BAA+B,EAC/B,YAAY,EACZ,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAE3B,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,UAAU,EACV,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,+BAA+B,EAC/B,+BAA+B,EAC/B,qBAAqB,EACrB,qBAAqB,EACrB,yBAAyB,EACzB,yBAAyB,EACzB,yBAAyB,EACzB,yBAAyB,EACzB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,oBAAoB,CAAA;AAG3B,OAAO,EAEL,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EAEjB,aAAa,EACb,SAAS,EACT,YAAY,EACZ,eAAe,EACf,qBAAqB,EACrB,WAAW,EACX,eAAe,EACf,eAAe,EACf,iBAAiB,GAClB,MAAM,oBAAoB,CAAA;AAC3B,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAClD,YAAY,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAA;AAEzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAA;AACpE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAExE,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,KAAK,mBAAmB,EACxB,sBAAsB,GACvB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAC/C,YAAY,EACV,UAAU,EACV,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,+BAA+B,CAAA;AAEtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAA;AAEnE,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,qBAAqB,CAAA;AAC5B,YAAY,EACV,aAAa,EACb,WAAW,EACX,aAAa,EACb,0BAA0B,EAC1B,yBAAyB,EACzB,cAAc,GACf,MAAM,qBAAqB,CAAA;AAE5B,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAE1E,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAC3E,YAAY,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAA;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAA;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAA;AAEtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAA"}
package/dist/_types/stampers/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  export { createIframeStamper } from './iframeStamper.js';
2
2
  export { createIndexedDbStamper } from './indexedDbStamper.js';
3
- export type { IframeStamper, IndexedDbStamper, WebauthnStamper, } from './types.js';
3
+ export type { ApiKeyStamper, IframeStamper, PasskeyStamper, } from './types.js';
4
4
  export { createWebauthnStamper } from './webauthnStamper.js';
5
5
  //# sourceMappingURL=index.d.ts.map
package/dist/_types/stampers/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/stampers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AACxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAA;AAC9D,YAAY,EACV,aAAa,EACb,gBAAgB,EAChB,eAAe,GAChB,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/stampers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AACxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAA;AAC9D,YAAY,EACV,aAAa,EACb,aAAa,EACb,cAAc,GACf,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAA"}
package/dist/_types/stampers/indexedDbStamper.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- import type { IndexedDbStamper } from './types.js';
2
- export declare function createIndexedDbStamper(): Promise<IndexedDbStamper>;
1
+ import type { ApiKeyStamper } from './types.js';
2
+ export declare function createIndexedDbStamper(): Promise<ApiKeyStamper>;
3
3
  //# sourceMappingURL=indexedDbStamper.d.ts.map
package/dist/_types/stampers/indexedDbStamper.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"indexedDbStamper.d.ts","sourceRoot":"","sources":["../../../src/stampers/indexedDbStamper.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAkBxE"}
1
+ {"version":3,"file":"indexedDbStamper.d.ts","sourceRoot":"","sources":["../../../src/stampers/indexedDbStamper.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAE/C,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,aAAa,CAAC,CAqCrE"}
package/dist/_types/stampers/types.d.ts CHANGED
@@ -4,8 +4,6 @@ export type Stamp = {
4
4
  stampHeaderValue: string;
5
5
  };
6
6
  export type Stamper = {
7
- /** retrieve public key compressed or otherwise as per the stamper */
8
- getPublicKey: () => Promise<string | null>;
9
7
  /** produce Turnkey header value for a given request body */
10
8
  stamp: (payload: string) => Promise<Stamp>;
11
9
  /** clear local state (embedded key, IDB keypair, etc.) */
@@ -13,6 +11,8 @@ export type Stamper = {
13
11
  };
14
12
  export type KeyFormat = 'Hexadecimal' | 'Solana';
15
13
  export type IframeStamper = Stamper & {
14
+ /** retrieve public key compressed or otherwise as per the stamper */
15
+ getPublicKey: () => Promise<string | null>;
16
16
  init(): Promise<string>;
17
17
  injectCredentialBundle(bundle: string): Promise<boolean>;
18
18
  injectWalletExportBundle(bundle: string, organizationId: string): Promise<boolean>;
@@ -21,8 +21,34 @@ export type IframeStamper = Stamper & {
21
21
  styles?: Record<string, string>;
22
22
  }): Promise<boolean>;
23
23
  };
24
- export type IndexedDbStamper = Stamper & {
25
- resetKeyPair: (externalKeyPair?: CryptoKeyPair) => Promise<void>;
24
+ export type ApiKeyStamper = Stamper & {
25
+ /** retrieve public key compressed or otherwise as per the stamper */
26
+ getPublicKey: () => Promise<string | null>;
27
+ /** Generate + activate a new key pair immediately (simple cases: login init, logout). */
28
+ resetKeyPair: () => Promise<void>;
29
+ /** Generate a new key pair internally, return its compressed public key, but keep the OLD key active for stamp(). */
30
+ prepareKeyRotation: () => Promise<string>;
31
+ /** Promote the pending key to active. Call after the server accepts the new key. */
32
+ commitKeyRotation: () => Promise<void>;
33
+ };
34
+ export type Attestation = {
35
+ attestationObject: string;
36
+ clientDataJson: string;
37
+ credentialId: string;
38
+ };
39
+ export type PasskeyRegistrationOptions = {
40
+ rp: {
41
+ id: string;
42
+ name: string;
43
+ };
44
+ userName: string;
45
+ };
46
+ export type PasskeyRegistrationResult = {
47
+ attestation: Attestation;
48
+ encodedChallenge: string;
49
+ };
50
+ export type PasskeyStamper = Stamper & {
51
+ /** Create a new passkey credential. Owns challenge and user ID generation internally. */
52
+ register: (options: PasskeyRegistrationOptions) => Promise<PasskeyRegistrationResult>;
26
53
  };
27
- export type WebauthnStamper = Stamper;
28
54
  //# sourceMappingURL=types.d.ts.map
package/dist/_types/stampers/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/stampers/types.ts"],"names":[],"mappings":"AAAA,6CAA6C;AAC7C,MAAM,MAAM,KAAK,GAAG;IAClB,eAAe,EAAE,MAAM,CAAA;IACvB,gBAAgB,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,qEAAqE;IACrE,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAA;IAC1C,4DAA4D;IAC5D,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,CAAC,CAAA;IAC1C,0DAA0D;IAC1D,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC3B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,QAAQ,CAAA;AAEhD,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG;IACpC,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAA;IACvB,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IACxD,wBAAwB,CACtB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAAA;IACnB,qBAAqB,CACnB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,EACtB,SAAS,CAAC,EAAE,SAAS,GACpB,OAAO,CAAC,OAAO,CAAC,CAAA;IACnB,aAAa,CAAC,QAAQ,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/E,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG;IACvC,YAAY,EAAE,CAAC,eAAe,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CACjE,CAAA;AACD,MAAM,MAAM,eAAe,GAAG,OAAO,CAAA"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/stampers/types.ts"],"names":[],"mappings":"AAAA,6CAA6C;AAC7C,MAAM,MAAM,KAAK,GAAG;IAClB,eAAe,EAAE,MAAM,CAAA;IACvB,gBAAgB,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,4DAA4D;IAC5D,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,KAAK,CAAC,CAAA;IAC1C,0DAA0D;IAC1D,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC3B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,QAAQ,CAAA;AAEhD,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG;IACpC,qEAAqE;IACrE,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAA;IAC1C,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAA;IACvB,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IACxD,wBAAwB,CACtB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAAA;IACnB,qBAAqB,CACnB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,EACtB,SAAS,CAAC,EAAE,SAAS,GACpB,OAAO,CAAC,OAAO,CAAC,CAAA;IACnB,aAAa,CAAC,QAAQ,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/E,CAAA;AAED,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG;IACpC,qEAAqE;IACrE,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAA;IAC1C,yFAAyF;IACzF,YAAY,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACjC,qHAAqH;IACrH,kBAAkB,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAA;IACzC,oFAAoF;IACpF,iBAAiB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CACvC,CAAA;AACD,MAAM,MAAM,WAAW,GAAG;IACxB,iBAAiB,EAAE,MAAM,CAAA;IACzB,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,EAAE,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;IAChC,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG;IACtC,WAAW,EAAE,WAAW,CAAA;IACxB,gBAAgB,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG;IACrC,yFAAyF;IACzF,QAAQ,EAAE,CACR,OAAO,EAAE,0BAA0B,KAChC,OAAO,CAAC,yBAAyB,CAAC,CAAA;CACxC,CAAA"}
package/dist/_types/stampers/webauthnStamper.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import type { WebauthnStamper } from './types.js';
1
+ import type { PasskeyStamper } from './types.js';
2
2
  export declare function createWebauthnStamper({ rpId, }: {
3
3
  rpId: string;
4
- }): Promise<WebauthnStamper>;
4
+ }): Promise<PasskeyStamper>;
5
5
  //# sourceMappingURL=webauthnStamper.d.ts.map
package/dist/_types/stampers/webauthnStamper.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webauthnStamper.d.ts","sourceRoot":"","sources":["../../../src/stampers/webauthnStamper.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAEjD,wBAAsB,qBAAqB,CAAC,EAC1C,IAAI,GACL,EAAE;IACD,IAAI,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,eAAe,CAAC,CAa3B"}
1
+ {"version":3,"file":"webauthnStamper.d.ts","sourceRoot":"","sources":["../../../src/stampers/webauthnStamper.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAA8B,cAAc,EAAE,MAAM,YAAY,CAAA;AAE5E,wBAAsB,qBAAqB,CAAC,EAC1C,IAAI,GACL,EAAE;IACD,IAAI,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,cAAc,CAAC,CAgC1B"}
package/dist/_types/types/session.d.ts CHANGED
@@ -2,15 +2,14 @@ export declare enum SessionType {
2
2
  READ_ONLY = "SESSION_TYPE_READ_ONLY",
3
3
  READ_WRITE = "SESSION_TYPE_READ_WRITE"
4
4
  }
5
- export type StamperType = 'iframe' | 'indexedDb' | 'passkey';
5
+ export type StamperType = 'apiKey' | 'passkey';
6
6
  export type ZeroDevWalletSession = {
7
7
  id: string;
8
8
  userId: string;
9
9
  organizationId: string;
10
10
  stamperType: StamperType;
11
11
  sessionType?: SessionType;
12
- token?: string;
13
- publicKey?: string;
12
+ token: string;
14
13
  expiry: number;
15
14
  createdAt: number;
16
15
  };
package/dist/_types/types/session.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../src/types/session.ts"],"names":[],"mappings":"AAAA,oBAAY,WAAW;IACrB,SAAS,2BAA2B;IACpC,UAAU,4BAA4B;CACvC;AAED,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,SAAS,CAAA;AAE5D,MAAM,MAAM,oBAAoB,GAAG;IACjC,EAAE,EAAE,MAAM,CAAA;IACV,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,WAAW,CAAA;IACxB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA"}
1
+ {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../src/types/session.ts"],"names":[],"mappings":"AAAA,oBAAY,WAAW;IACrB,SAAS,2BAA2B;IACpC,UAAU,4BAA4B;CACvC;AAED,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAA;AAE9C,MAAM,MAAM,oBAAoB,GAAG;IACjC,EAAE,EAAE,MAAM,CAAA;IACV,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,WAAW,CAAA;IACxB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA"}
package/dist/_types/utils/buildClientSignature.d.ts CHANGED
@@ -1,11 +1,11 @@
1
- import type { IndexedDbStamper } from '../stampers/types.js';
1
+ import type { ApiKeyStamper } from '../stampers/types.js';
2
2
  export type BuildClientSignatureParams = {
3
3
  /** The verification token JWT from Auth Proxy's verifyOtp */
4
4
  verificationToken: string;
5
5
  /** The compressed public key hex */
6
6
  publicKey: string;
7
- /** The IndexedDB stamper for signing */
8
- stamper: IndexedDbStamper;
7
+ /** The API key stamper for signing */
8
+ stamper: ApiKeyStamper;
9
9
  };
10
10
  /**
11
11
  * Builds a client signature for OTP login.
package/dist/_types/utils/buildClientSignature.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"buildClientSignature.d.ts","sourceRoot":"","sources":["../../../src/utils/buildClientSignature.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAG5D,MAAM,MAAM,0BAA0B,GAAG;IACvC,6DAA6D;IAC7D,iBAAiB,EAAE,MAAM,CAAA;IACzB,oCAAoC;IACpC,SAAS,EAAE,MAAM,CAAA;IACjB,wCAAwC;IACxC,OAAO,EAAE,gBAAgB,CAAA;CAC1B,CAAA;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,0BAA0B,GACjC,OAAO,CAAC,MAAM,CAAC,CA2BjB"}
1
+ {"version":3,"file":"buildClientSignature.d.ts","sourceRoot":"","sources":["../../../src/utils/buildClientSignature.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AAGzD,MAAM,MAAM,0BAA0B,GAAG;IACvC,6DAA6D;IAC7D,iBAAiB,EAAE,MAAM,CAAA;IACzB,oCAAoC;IACpC,SAAS,EAAE,MAAM,CAAA;IACjB,sCAAsC;IACtC,OAAO,EAAE,aAAa,CAAA;CACvB,CAAA;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,0BAA0B,GACjC,OAAO,CAAC,MAAM,CAAC,CA2BjB"}
package/dist/_types/utils/encryptOtpAttempt.d.ts ADDED
@@ -0,0 +1,40 @@
1
+ /**
2
+ * Wraps the OTP code + client public key in a Turnkey-compatible HPKE bundle
3
+ * for the `/v1/otp_verify_v2` auth-proxy endpoint.
4
+ *
5
+ * Bundle flow (RFC 9180 mode_base over Turnkey's TLS Fetcher enclave):
6
+ * 1. The backend's /init/otp returns a signed envelope that contains an
7
+ * ephemeral HPKE public key (`targetPublic`) generated fresh by the
8
+ * enclave for this OTP attempt.
9
+ * 2. We verify the envelope's ECDSA signature against a pinned production
10
+ * key (`TURNKEY_TLS_FETCHER_SIGN_PUBLIC_KEY`) so a compromised proxy
11
+ * cannot substitute its own ephemeral key.
12
+ * 3. We HPKE-seal `{otp_code, public_key}` to `targetPublic`. The auth proxy
13
+ * forwards the ciphertext to the enclave; only the enclave can decrypt
14
+ * it. The enclave then issues a `verificationToken` bound to the public
15
+ * key embedded in the plaintext.
16
+ *
17
+ * See: tkhq/go-sdk `examples/email_otp` and `pkg/enclave_encrypt`.
18
+ */
19
+ export type EncryptOtpAttemptParams = {
20
+ /** The OTP code the user entered. */
21
+ otpCode: string;
22
+ /**
23
+ * The client's session public key (compressed P-256 hex). The enclave binds
24
+ * this key into the `verificationToken` it issues.
25
+ */
26
+ publicKey: string;
27
+ /** The signed envelope returned by `/auth/init/otp`. */
28
+ encryptionTargetBundle: string;
29
+ /**
30
+ * Test-only override for the pinned signing key. Production callers should
31
+ * leave this undefined; it exists so tests don't have to use the real key.
32
+ */
33
+ dangerouslyOverrideSignerPublicKey?: string;
34
+ };
35
+ /**
36
+ * Returns a JSON string ready to be sent as `encryptedOtpBundle` on
37
+ * `POST /v1/otp_verify_v2`.
38
+ */
39
+ export declare function encryptOtpAttempt({ otpCode, publicKey, encryptionTargetBundle, dangerouslyOverrideSignerPublicKey, }: EncryptOtpAttemptParams): Promise<string>;
40
+ //# sourceMappingURL=encryptOtpAttempt.d.ts.map
package/dist/_types/utils/encryptOtpAttempt.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"encryptOtpAttempt.d.ts","sourceRoot":"","sources":["../../../src/utils/encryptOtpAttempt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAyBH,MAAM,MAAM,uBAAuB,GAAG;IACpC,qCAAqC;IACrC,OAAO,EAAE,MAAM,CAAA;IACf;;;OAGG;IACH,SAAS,EAAE,MAAM,CAAA;IACjB,wDAAwD;IACxD,sBAAsB,EAAE,MAAM,CAAA;IAC9B;;;OAGG;IACH,kCAAkC,CAAC,EAAE,MAAM,CAAA;CAC5C,CAAA;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EACP,SAAS,EACT,sBAAsB,EACtB,kCAAkC,GACnC,EAAE,uBAAuB,GAAG,OAAO,CAAC,MAAM,CAAC,CAyE3C"}
package/dist/_types/utils/exportWallet.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"exportWallet.d.ts","sourceRoot":"","sources":["../../../src/utils/exportWallet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AAEtE,MAAM,MAAM,sBAAsB,GAAG;IACnC,mCAAmC;IACnC,MAAM,EAAE,gBAAgB,CAAA;IACxB,0DAA0D;IAC1D,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAsB,YAAY,CAChC,MAAM,EAAE,sBAAsB,GAC7B,OAAO,CAAC;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CAuF7E"}
1
+ {"version":3,"file":"exportWallet.d.ts","sourceRoot":"","sources":["../../../src/utils/exportWallet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AAEtE,MAAM,MAAM,sBAAsB,GAAG;IACnC,mCAAmC;IACnC,MAAM,EAAE,gBAAgB,CAAA;IACxB,0DAA0D;IAC1D,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAsB,YAAY,CAChC,MAAM,EAAE,sBAAsB,GAC7B,OAAO,CAAC;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CAmF7E"}
package/dist/_types/utils/hpke.d.ts ADDED
@@ -0,0 +1,38 @@
1
+ /**
2
+ * HPKE (RFC 9180) seal for Turnkey enclave-encrypted requests.
3
+ *
4
+ * Suite: DHKEM(P-256, HKDF-SHA256) / HKDF-SHA256 / AES-256-GCM
5
+ * - KEM ID = 0x0010 (DHKEM-P256-HKDF-SHA256)
6
+ * - KDF ID = 0x0001 (HKDF-SHA256)
7
+ * - AEAD ID = 0x0002 (AES-256-GCM)
8
+ *
9
+ * Wire format and AAD construction match Turnkey's enclave_encrypt Go package:
10
+ * info = "turnkey_hpke"
11
+ * aad = enc || pkR (both 65-byte uncompressed P-256 points)
12
+ *
13
+ * References:
14
+ * - RFC 9180 §4 / §5
15
+ * - tkhq/go-sdk/pkg/enclave_encrypt
16
+ */
17
+ export type HpkeSealResult = {
18
+ /** Ephemeral sender public key (uncompressed P-256, 65 bytes). */
19
+ encappedPublic: Uint8Array;
20
+ /** AES-256-GCM ciphertext with a 16-byte authentication tag appended. */
21
+ ciphertext: Uint8Array;
22
+ };
23
+ /**
24
+ * Single-shot HPKE seal in mode_base for Turnkey's TLS Fetcher enclave.
25
+ *
26
+ * Uses the fixed Turnkey `info = "turnkey_hpke"` and the AAD shape
27
+ * `enc || receiverPublicKey` so the resulting bundle is decryptable by
28
+ * `enclave_encrypt.EnclaveEncryptServer.Decrypt`.
29
+ *
30
+ * @param receiverPublicKey - The enclave's ephemeral target public key
31
+ * (uncompressed P-256, 65 bytes), extracted from the encryption target bundle.
32
+ * @param plaintext - The bytes to encrypt (e.g. the JSON-encoded OTP attempt).
33
+ */
34
+ export declare function hpkeSealP256({ receiverPublicKey, plaintext, }: {
35
+ receiverPublicKey: Uint8Array;
36
+ plaintext: Uint8Array;
37
+ }): Promise<HpkeSealResult>;
38
+ //# sourceMappingURL=hpke.d.ts.map
package/dist/_types/utils/hpke.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"hpke.d.ts","sourceRoot":"","sources":["../../../src/utils/hpke.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAoKH,MAAM,MAAM,cAAc,GAAG;IAC3B,kEAAkE;IAClE,cAAc,EAAE,UAAU,CAAA;IAC1B,yEAAyE;IACzE,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,YAAY,CAAC,EACjC,iBAAiB,EACjB,SAAS,GACV,EAAE;IACD,iBAAiB,EAAE,UAAU,CAAA;IAC7B,SAAS,EAAE,UAAU,CAAA;CACtB,GAAG,OAAO,CAAC,cAAc,CAAC,CAe1B"}
package/dist/_types/utils/utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/utils/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,MAAM,CAAA;AACrC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAE/D;;;;;GAKG;AACH,wBAAgB,YAAY,CAC1B,KAAK,EAAE,MAAM,GAAG,oBAAoB,GACnC,SAAS,CAAC,oBAAoB,EAAE,WAAW,GAAG,IAAI,GAAG,aAAa,CAAC,CA6BrE;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE5D;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,QAAO,WAIvC,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAAI,WAAW,WAAW,KAAG,MAMxD,CAAA;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,UAAU,GAAG,UAAU,CAkBvD;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAK/D;AAED;;;;GAIG;AACH,wBAAsB,sCAAsC,CAC1D,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,MAAM,CAAC,CAOjB;AAED,eAAO,MAAM,qBAAqB,QAAO,MAExC,CAAA"}
1
+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/utils/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,MAAM,CAAA;AACrC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAE/D;;;;;GAKG;AACH,wBAAgB,YAAY,CAC1B,KAAK,EAAE,MAAM,GAAG,oBAAoB,GACnC,SAAS,CAAC,oBAAoB,EAAE,WAAW,GAAG,IAAI,GAAG,aAAa,CAAC,CA8BrE;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE5D;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,QAAO,WAIvC,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAAI,WAAW,WAAW,KAAG,MAIxD,CAAA;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,UAAU,GAAG,UAAU,CAkBvD;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAK/D;AAED;;;;GAIG;AACH,wBAAsB,sCAAsC,CAC1D,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,MAAM,CAAC,CAOjB;AAED,eAAO,MAAM,qBAAqB,QAAO,MAExC,CAAA"}