@zerodev/wallet-core 0.0.1-alpha.18 → 0.0.1-alpha.19

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zerodev/wallet-core",
-  "version": "0.0.1-alpha.18",
+  "version": "0.0.1-alpha.19",
   "description": "ZeroDev Wallet SDK built on Turnkey",
   "main": "./dist/_cjs/index.js",
   "module": "./dist/_esm/index.js",
@@ -49,6 +49,7 @@
   ],
   "license": "MIT",
   "dependencies": {
+    "@noble/ciphers": "^2.2.0",
     "@noble/curves": "^2.2.0",
     "@noble/hashes": "^2.2.0",
     "@turnkey/http": "^3.12.1",

package/src/actions/auth/getOAuthLoginUrl.ts

@@ -0,0 +1,48 @@
+import type { Client } from '../../client/types.js'
+
+export type GetOAuthLoginUrlParameters = {
+  /** OAuth provider — currently only `'google'` is supported. */
+  provider: 'google'
+  /** The project ID for the request. */
+  projectId: string
+  /**
+   * The session public key (compressed P-256 hex, lowercase, with or
+   * without `0x` prefix). The backend embeds `sha256(utf8(hex))` as the
+   * OIDC `nonce` so the SDK can verify the URL was minted for this key.
+   */
+  publicKey: string
+  /**
+   * Where the popup should land after the OAuth round-trip
+   * (e.g. `https://app.example.com/dashboard?oauth_success=true`).
+   * Must be on the project's whitelist.
+   */
+  returnTo: string
+}
+
+export type GetOAuthLoginUrlReturnType = string
+
+/**
+ * Fetches the Google OAuth authorization URL from the backend.
+ *
+ * The SDK must verify the returned URL's `nonce` against
+ * `sha256(utf8(publicKey))` (and the host is `accounts.google.com`)
+ * before opening it in a popup — the backend is not a trusted party.
+ * See audit finding TOB-KMS-1.
+ */
+export async function getOAuthLoginUrl(
+  client: Client,
+  params: GetOAuthLoginUrlParameters,
+): Promise<GetOAuthLoginUrlReturnType> {
+  if (params.provider !== 'google') {
+    throw new Error(`Unsupported OAuth provider: ${params.provider}`)
+  }
+  const query = new URLSearchParams({
+    project_id: params.projectId,
+    pub_key: params.publicKey.replace(/^0x/, '').toLowerCase(),
+    return_to: params.returnTo,
+  })
+  return await client.request<string>({
+    path: `oauth/google/login-url?${query.toString()}`,
+    method: 'GET',
+  })
+}

package/src/actions/auth/getWhoami.ts

@@ -51,7 +51,7 @@ export async function getWhoami(
   // Step 1: Inner stamp over the payload (for Turnkey verification)
   const innerBody = { organizationId }
   const innerBodyString = canonicalizeEx(innerBody)
-  const innerStamp = await client.indexedDbStamper.stamp(innerBodyString)
+  const innerStamp = await client.apiKeyStamper.stamp(innerBodyString)
 
   // Step 2: Build full body with inner stamp embedded
   const fullBody = {
@@ -64,7 +64,7 @@ export async function getWhoami(
 
   // Step 3: Outer stamp over full body (for KMS middleware)
   const fullBodyString = canonicalizeEx(fullBody)
-  const outerStamp = await client.indexedDbStamper.stamp(fullBodyString)
+  const outerStamp = await client.apiKeyStamper.stamp(fullBodyString)
 
   return await client.request({
     path: `${projectId}/whoami`,

package/src/actions/auth/index.ts

@@ -23,6 +23,11 @@ export {
   type GetAuthProxyConfigIdReturnType,
   getAuthProxyConfigId,
 } from './getAuthProxyConfigId.js'
+export {
+  type GetOAuthLoginUrlParameters,
+  type GetOAuthLoginUrlReturnType,
+  getOAuthLoginUrl,
+} from './getOAuthLoginUrl.js'
 export {
   type GetWhoamiParameters,
   type GetWhoamiReturnType,

package/src/actions/auth/loginWithStamp.ts

@@ -1,6 +1,7 @@
 import { canonicalizeEx } from 'json-canonicalize'
 import type { Client } from '../../client/types.js'
 import type { Stamp } from '../../stampers/types.js'
+import type { StamperType } from '../../types/session.js'
 
 export type EmailCustomization = {
   /** A template for the URL to be used in a magic link button, e.g. `https://dapp.xyz/%s`. The auth bundle will be interpolated into the `%s`. */
@@ -15,7 +16,7 @@ export type LoginWithStampParameters = {
   /** The encoded public key for the request */
   targetPublicKey: string
   /** The stamper type for the request */
-  stampWith?: 'indexedDb' | 'webauthn'
+  stampWith?: StamperType
 }
 
 export type LoginWithStampReturnType = {
@@ -58,12 +59,12 @@ export async function loginWithStamp(
     type: 'ACTIVITY_TYPE_STAMP_LOGIN',
   })
   let stamp: Stamp
-  if (stampWith === 'indexedDb') {
-    stamp = await client.indexedDbStamper.stamp(stampPayload)
-  } else if (stampWith === 'webauthn') {
-    stamp = await client.webauthnStamper.stamp(stampPayload)
+  if (stampWith === 'apiKey') {
+    stamp = await client.apiKeyStamper.stamp(stampPayload)
+  } else if (stampWith === 'passkey') {
+    stamp = await client.passkeyStamper.stamp(stampPayload)
   } else {
-    stamp = await client.indexedDbStamper.stamp(stampPayload)
+    stamp = await client.apiKeyStamper.stamp(stampPayload)
   }
 
   return client.request({

package/src/actions/index.ts

@@ -12,10 +12,13 @@ export {
   type GetAuthenticatorsParameters,
   type GetAuthenticatorsReturnType,
   type GetAuthProxyConfigIdReturnType,
+  type GetOAuthLoginUrlParameters,
+  type GetOAuthLoginUrlReturnType,
   type GetWhoamiParameters,
   type GetWhoamiReturnType,
   getAuthenticators,
   getAuthProxyConfigId,
+  getOAuthLoginUrl,
   getWhoami,
   type LoginWithOTPParameters,
   type LoginWithOTPReturnType,

package/src/actions/wallet/signingUtils.ts

@@ -47,7 +47,7 @@ export async function sendSigningRequest(
 
   // Inner stamp over the Turnkey payload (for Turnkey verification)
   const innerBodyString = canonicalizeEx(turnkeyPayload)
-  const innerStamp = await client.indexedDbStamper.stamp(innerBodyString)
+  const innerStamp = await client.apiKeyStamper.stamp(innerBodyString)
 
   // Build full body with inner stamp embedded
   const fullBody = {
@@ -61,7 +61,7 @@ export async function sendSigningRequest(
 
   // Outer stamp over full body (for KMS middleware)
   const fullBodyString = canonicalizeEx(fullBody)
-  const outerStamp = await client.indexedDbStamper.stamp(fullBodyString)
+  const outerStamp = await client.apiKeyStamper.stamp(fullBodyString)
 
   const { signature } = await client.request({
     path: `${projectId}/${path}`,

package/src/client/createClient.ts

@@ -16,8 +16,8 @@ export function createBaseClient<
 >(config: ClientConfig): Client<extended> {
   const {
     transport,
-    indexedDbStamper,
-    webauthnStamper,
+    apiKeyStamper,
+    passkeyStamper,
     organizationId,
     key = 'zeroDevWallet',
     name = 'ZeroDev Wallet Client',
@@ -29,8 +29,8 @@ export function createBaseClient<
     request,
     value,
   } = transport({
-    indexedDbStamper,
-    webauthnStamper,
+    apiKeyStamper,
+    passkeyStamper,
   })
   const transportInstance = { ...transportConfig, ...value }
 
@@ -39,8 +39,8 @@ export function createBaseClient<
   const client = {
     transport: transportInstance,
     request,
-    indexedDbStamper,
-    webauthnStamper,
+    apiKeyStamper,
+    passkeyStamper,
     organizationId,
     key,
     name,

package/src/client/decorators/client.ts

@@ -13,12 +13,15 @@ import {
   type GetAuthenticatorsParameters,
   type GetAuthenticatorsReturnType,
   type GetAuthProxyConfigIdReturnType,
+  type GetOAuthLoginUrlParameters,
+  type GetOAuthLoginUrlReturnType,
   type GetUserWalletParameters,
   type GetUserWalletReturnType,
   type GetWhoamiParameters,
   type GetWhoamiReturnType,
   getAuthenticators,
   getAuthProxyConfigId,
+  getOAuthLoginUrl,
   getUserWallet,
   getWhoami,
   type LoginWithOTPParameters,
@@ -153,6 +156,15 @@ export type ZeroDevWalletActions = {
    * Gets the auth proxy config ID from the backend
    */
   getAuthProxyConfigId: () => Promise<GetAuthProxyConfigIdReturnType>
+
+  /**
+   * Fetches the Google OAuth authorization URL from the backend.
+   * The caller must verify the URL's `nonce` against `sha256(utf8(publicKey))`
+   * before opening it (audit finding TOB-KMS-1).
+   */
+  getOAuthLoginUrl: (
+    params: GetOAuthLoginUrlParameters,
+  ) => Promise<GetOAuthLoginUrlReturnType>
 }
 
 /**
@@ -197,5 +209,6 @@ export function zeroDevWalletActions(client: Client): ZeroDevWalletActions {
     registerWithOTP: (params) => registerWithOTP(client, params),
     loginWithOTP: (params) => loginWithOTP(client, params),
     getAuthProxyConfigId: () => getAuthProxyConfigId(client),
+    getOAuthLoginUrl: (params) => getOAuthLoginUrl(client, params),
   }
 }

package/src/client/transports/createTransport.ts

@@ -26,14 +26,14 @@ export function zeroDevWalletTransport(
     name = 'ZeroDev Wallet Transport',
   } = options
 
-  return ({ indexedDbStamper, webauthnStamper }) => {
+  return ({ apiKeyStamper, passkeyStamper }) => {
     // Create REST transport with stamper
     const transport = rest(baseUrl, {
       timeoutMs,
       key,
       name,
-      indexedDbStamper,
-      webauthnStamper,
+      apiKeyStamper,
+      passkeyStamper,
     })
 
     return {
@@ -46,8 +46,8 @@ export function zeroDevWalletTransport(
       },
       request: transport.request,
       value: {
-        indexedDbStamper,
-        webauthnStamper,
+        apiKeyStamper,
+        passkeyStamper,
       },
     }
   }

package/src/client/transports/rest.ts

@@ -1,6 +1,7 @@
 import { canonicalizeEx } from 'json-canonicalize'
 import { RestRequestError, RestTimeoutError } from '../../errors/request.js'
-import type { IndexedDbStamper, WebauthnStamper } from '../../stampers/types.js'
+import type { ApiKeyStamper, PasskeyStamper } from '../../stampers/types.js'
+import type { StamperType } from '../../types/session.js'
 
 export type RestRequestArgs = {
   path: string
@@ -8,7 +9,7 @@ export type RestRequestArgs = {
   body?: any
   headers?: Record<string, string>
   stamp?: boolean
-  stampWith?: 'indexedDb' | 'webAuthn'
+  stampWith?: StamperType
   stampPostion?: 'body' | 'headers'
   /** Include credentials (cookies) in the request */
   credentials?: RequestCredentials
@@ -32,8 +33,8 @@ export type RestTransportConfig = {
   timeoutMs?: number
   key?: string
   name?: string
-  indexedDbStamper: IndexedDbStamper
-  webauthnStamper: WebauthnStamper
+  apiKeyStamper: ApiKeyStamper
+  passkeyStamper: PasskeyStamper
 }
 
 export function rest(url: string, cfg: RestTransportConfig): RestTransport {
@@ -56,13 +57,13 @@ export function rest(url: string, cfg: RestTransportConfig): RestTransport {
 
       // Handle stamping if requested
       if (args.stamp) {
-        let stamper: IndexedDbStamper | WebauthnStamper
-        if (args.stampWith === 'indexedDb') {
-          stamper = cfg.indexedDbStamper
-        } else if (args.stampWith === 'webAuthn') {
-          stamper = cfg.webauthnStamper
+        let stamper: ApiKeyStamper | PasskeyStamper
+        if (args.stampWith === 'apiKey') {
+          stamper = cfg.apiKeyStamper
+        } else if (args.stampWith === 'passkey') {
+          stamper = cfg.passkeyStamper
         } else {
-          stamper = cfg.indexedDbStamper
+          stamper = cfg.apiKeyStamper
         }
         const { body, apiUrl } = args.body
         const bodyString = canonicalizeEx(body ?? args.body)

package/src/client/types.ts

@@ -1,4 +1,4 @@
-import type { IndexedDbStamper, WebauthnStamper } from '../stampers/types.js'
+import type { ApiKeyStamper, PasskeyStamper } from '../stampers/types.js'
 import type { RestRequestFn } from './transports/rest.js'
 
 export type TransportConfig = {
@@ -17,8 +17,8 @@ export type TransportConfig = {
 }
 
 export type Transport = (options: {
-  indexedDbStamper: IndexedDbStamper
-  webauthnStamper: WebauthnStamper
+  apiKeyStamper: ApiKeyStamper
+  passkeyStamper: PasskeyStamper
 }) => {
   config: TransportConfig
   request: RestRequestFn
@@ -27,8 +27,8 @@ export type Transport = (options: {
 
 export type ClientConfig = {
   transport: Transport
-  indexedDbStamper: IndexedDbStamper
-  webauthnStamper: WebauthnStamper
+  apiKeyStamper: ApiKeyStamper
+  passkeyStamper: PasskeyStamper
   organizationId?: string
   key?: string
   name?: string
@@ -39,10 +39,10 @@ export type Client<extended extends Extended | undefined = undefined> = {
   transport: TransportConfig & Record<string, unknown>
   /** Request function from transport */
   request: RestRequestFn
-  /** IndexedDB Stamper for authenticated requests */
-  indexedDbStamper: IndexedDbStamper
-  /** WebAuthn Stamper for authenticated requests */
-  webauthnStamper: WebauthnStamper
+  /** API Key Stamper for authenticated requests */
+  apiKeyStamper: ApiKeyStamper
+  /** Passkey Stamper for authenticated requests */
+  passkeyStamper: PasskeyStamper
   /** Organization ID */
   organizationId?: string
   /** A key for the client */

package/src/core/createZeroDevWallet.ts

@@ -1,4 +1,3 @@
-import { getWebAuthnAttestation } from '@turnkey/http'
 import type { LocalAccount } from 'viem/accounts'
 import type {
   EmailCustomization,
@@ -17,6 +16,7 @@ import {
   KMS_SERVER_URL,
 } from '../constants.js'
 import { createIndexedDbStamper } from '../stampers/indexedDbStamper.js'
+import type { ApiKeyStamper, PasskeyStamper } from '../stampers/types.js'
 import { createWebauthnStamper } from '../stampers/webauthnStamper.js'
 import { createWebStorageAdapter } from '../storage/adapters.js'
 import {
@@ -26,19 +26,15 @@ import {
 import { SessionType, type ZeroDevWalletSession } from '../types/session.js'
 import { buildClientSignature } from '../utils/buildClientSignature.js'
 import { encryptOtpAttempt } from '../utils/encryptOtpAttempt.js'
-import {
-  base64UrlEncode,
-  generateCompressedPublicKeyFromKeyPair,
-  generateRandomBuffer,
-  humanReadableDateTime,
-  parseSession,
-} from '../utils/utils.js'
+import { humanReadableDateTime, parseSession } from '../utils/utils.js'
 export interface ZeroDevWalletConfig {
   organizationId?: string
   proxyBaseUrl?: string
   projectId: string
   sessionStorage?: StorageAdapter
   rpId?: string
+  apiKeyStamper?: ApiKeyStamper
+  passkeyStamper?: PasskeyStamper
 }
 
 // Re-export EmailCustomization for convenience
@@ -134,13 +130,14 @@ export async function createZeroDevWallet(
     sessionStorage || createWebStorageAdapter(),
   )
 
-  const indexedDbStamper = await createIndexedDbStamper()
+  const apiKeyStamper = config.apiKeyStamper ?? (await createIndexedDbStamper())
 
-  const webauthnStamper = await createWebauthnStamper({ rpId })
+  const passkeyStamper =
+    config.passkeyStamper ?? (await createWebauthnStamper({ rpId }))
 
   const client = createClient({
-    indexedDbStamper,
-    webauthnStamper,
+    apiKeyStamper,
+    passkeyStamper,
     transport: zeroDevWalletTransport({
       baseUrl: config.proxyBaseUrl || `${KMS_SERVER_URL}/api/v1`,
     }),
@@ -151,8 +148,8 @@ export async function createZeroDevWallet(
   return {
     client,
     async getPublicKey() {
-      await client.indexedDbStamper.resetKeyPair()
-      const compressedPublicKey = await client.indexedDbStamper.getPublicKey()
+      await client.apiKeyStamper.resetKeyPair()
+      const compressedPublicKey = await client.apiKeyStamper.getPublicKey()
       return compressedPublicKey
     },
 
@@ -191,30 +188,22 @@ export async function createZeroDevWallet(
       if (!activeSession) {
         throw new Error('No active session')
       }
-      if (activeSession.stamperType === 'indexedDb') {
-        const newKeyPair = await crypto.subtle.generateKey(
-          {
-            name: 'ECDSA',
-            namedCurve: 'P-256',
-          },
-          false,
-          ['sign', 'verify'],
-        )
+      if (activeSession.stamperType === 'apiKey') {
         const compressedPublicKeyHex =
-          await generateCompressedPublicKeyFromKeyPair(newKeyPair)
+          await client.apiKeyStamper.prepareKeyRotation()
         const data = await client.loginWithStamp({
           targetPublicKey: compressedPublicKeyHex,
           projectId,
           organizationId: activeSession.organizationId,
-          stampWith: 'indexedDb',
+          stampWith: 'apiKey',
         })
-        await client.indexedDbStamper.resetKeyPair(newKeyPair)
+        await client.apiKeyStamper.commitKeyRotation()
         const parsedSession = parseSession(data.session)
         const session: ZeroDevWalletSession = {
           id: `session_indexedDb_${Date.now()}`,
           userId: parsedSession.userId,
           organizationId: parsedSession.organizationId,
-          stamperType: 'indexedDb',
+          stamperType: 'apiKey',
           sessionType: SessionType.READ_WRITE,
           token: data.session,
           expiry: parsedSession.expiry,
@@ -240,17 +229,15 @@ export async function createZeroDevWallet(
           if (data.session) {
             // Parse the JWT to get session data
             const parsedSession = parseSession(data.session)
-            const publicKey = await client.indexedDbStamper.getPublicKey()
             const session: ZeroDevWalletSession = {
               id: `session_oauth_${Date.now()}`,
               userId: parsedSession.userId,
               organizationId: parsedSession.organizationId,
-              stamperType: 'indexedDb',
+              stamperType: 'apiKey',
               sessionType: parsedSession.sessionType || SessionType.READ_WRITE,
               token: data.session,
               expiry: parsedSession.expiry,
               createdAt: Date.now(),
-              publicKey: publicKey || '',
             }
             await sessionStorageManager.storeSession(session, session.id)
           }
@@ -263,62 +250,35 @@ export async function createZeroDevWallet(
             'mode' in params &&
             params.mode === 'register'
           ) {
-            await client.indexedDbStamper.resetKeyPair()
-            const tempPublicKey = await client.indexedDbStamper.getPublicKey()
+            await client.apiKeyStamper.resetKeyPair()
+            const tempPublicKey = await client.apiKeyStamper.getPublicKey()
             if (!tempPublicKey) {
               throw new Error('Failed to get public key')
             }
-            const challenge = generateRandomBuffer()
-            const encodedChallenge = base64UrlEncode(challenge)
-            const authenticatorUserId = generateRandomBuffer()
             const name = `ZeroDevWallet-${humanReadableDateTime()}`
-            const attestation = await getWebAuthnAttestation({
-              publicKey: {
+            const { attestation, encodedChallenge } =
+              await passkeyStamper.register({
                 rp: { id: rpId, name: '' },
-                challenge,
-                pubKeyCredParams: [
-                  {
-                    type: 'public-key',
-                    alg: -7,
-                  },
-                  {
-                    type: 'public-key',
-                    alg: -257,
-                  },
-                ],
-                user: {
-                  id: authenticatorUserId,
-                  name,
-                  displayName: name,
-                },
-              },
-            })
+                userName: name,
+              })
             const data = await client.registerWithPasskey({
               attestation,
               challenge: encodedChallenge,
               projectId,
               encodedPublicKey: tempPublicKey,
             })
-            const newKeyPair = await crypto.subtle.generateKey(
-              {
-                name: 'ECDSA',
-                namedCurve: 'P-256',
-              },
-              false,
-              ['sign', 'verify'],
-            )
             const compressedPublicKeyHex =
-              await generateCompressedPublicKeyFromKeyPair(newKeyPair)
+              await client.apiKeyStamper.prepareKeyRotation()
             const loginData = await client.loginWithStamp({
               projectId,
               targetPublicKey: compressedPublicKeyHex,
               organizationId: data.subOrganizationId,
             })
-            await client.indexedDbStamper.resetKeyPair(newKeyPair)
+            await client.apiKeyStamper.commitKeyRotation()
             const parsedSession = parseSession(loginData.session)
             const session: ZeroDevWalletSession = {
               id: `session_indexedDb_${Date.now()}`,
-              stamperType: 'indexedDb',
+              stamperType: 'apiKey',
               createdAt: Date.now(),
               sessionType: SessionType.READ_WRITE,
               userId: parsedSession.userId,
@@ -336,9 +296,8 @@ export async function createZeroDevWallet(
             'mode' in params &&
             params.mode === 'login'
           ) {
-            await client.indexedDbStamper.resetKeyPair()
-            const generatedPublicKey =
-              await client.indexedDbStamper.getPublicKey()
+            await client.apiKeyStamper.resetKeyPair()
+            const generatedPublicKey = await client.apiKeyStamper.getPublicKey()
             if (!generatedPublicKey) {
               throw new Error('Failed to get public key')
             }
@@ -346,12 +305,12 @@ export async function createZeroDevWallet(
               targetPublicKey: generatedPublicKey,
               projectId,
               organizationId,
-              stampWith: 'webauthn',
+              stampWith: 'passkey',
             })
             const parsedSession = parseSession(loginData.session)
             const session: ZeroDevWalletSession = {
               id: `session_indexedDb_${Date.now()}`,
-              stamperType: 'indexedDb',
+              stamperType: 'apiKey',
               createdAt: Date.now(),
               sessionType: SessionType.READ_WRITE,
               userId: parsedSession.userId,
@@ -416,8 +375,8 @@ export async function createZeroDevWallet(
             const { otpId, otpCode, otpEncryptionTargetBundle } = otpParams
 
             // Step 1: Generate new key pair
-            await client.indexedDbStamper.resetKeyPair()
-            const targetPublicKey = await client.indexedDbStamper.getPublicKey()
+            await client.apiKeyStamper.resetKeyPair()
+            const targetPublicKey = await client.apiKeyStamper.getPublicKey()
 
             if (!targetPublicKey) {
               throw new Error('Failed to get public key')
@@ -449,7 +408,7 @@ export async function createZeroDevWallet(
             const clientSignature = await buildClientSignature({
               verificationToken,
               publicKey: targetPublicKey,
-              stamper: client.indexedDbStamper,
+              stamper: client.apiKeyStamper,
             })
 
             // Step 4: Login via backend (not Auth Proxy!)
@@ -466,13 +425,12 @@ export async function createZeroDevWallet(
                 id: `session_otp_${Date.now()}`,
                 userId: parsedSession.userId,
                 organizationId: parsedSession.organizationId,
-                stamperType: 'indexedDb',
+                stamperType: 'apiKey',
                 sessionType:
                   parsedSession.sessionType || SessionType.READ_WRITE,
                 token: data.session,
                 expiry: parsedSession.expiry,
                 createdAt: Date.now(),
-                publicKey: targetPublicKey,
               }
               await sessionStorageManager.storeSession(session, session.id)
             }
@@ -488,7 +446,7 @@ export async function createZeroDevWallet(
 
     async logout() {
       await sessionStorageManager.clearAllSessions()
-      await client.indexedDbStamper.resetKeyPair()
+      await client.apiKeyStamper.resetKeyPair()
       return true
     },
 

package/src/index.ts

@@ -80,9 +80,12 @@ export {
   createWebauthnStamper,
 } from './stampers/index.js'
 export type {
+  ApiKeyStamper,
+  Attestation,
   IframeStamper,
-  IndexedDbStamper,
-  WebauthnStamper,
+  PasskeyRegistrationOptions,
+  PasskeyRegistrationResult,
+  PasskeyStamper,
 } from './stampers/types.js'
 // Storage
 export type { StorageAdapter, StorageManager } from './storage/manager.js'

package/src/stampers/index.ts

@@ -1,8 +1,8 @@
 export { createIframeStamper } from './iframeStamper.js'
 export { createIndexedDbStamper } from './indexedDbStamper.js'
 export type {
+  ApiKeyStamper,
   IframeStamper,
-  IndexedDbStamper,
-  WebauthnStamper,
+  PasskeyStamper,
 } from './types.js'
 export { createWebauthnStamper } from './webauthnStamper.js'