@zeroxyz/sdk 0.12.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -0
- package/README.md +20 -6
- package/dist/{chunk-O7424YAR.cjs → chunk-AM5RDERD.cjs} +259 -66
- package/dist/chunk-AM5RDERD.cjs.map +1 -0
- package/dist/{chunk-KDWESC42.js → chunk-FWHVWIO2.js} +259 -66
- package/dist/chunk-FWHVWIO2.js.map +1 -0
- package/dist/{client-DLwdMDSu.d.cts → client-DY7QGg57.d.cts} +31 -3
- package/dist/{client-DLwdMDSu.d.ts → client-DY7QGg57.d.ts} +31 -3
- package/dist/index.cjs +44 -44
- package/dist/index.d.cts +5 -3
- package/dist/index.d.ts +5 -3
- package/dist/index.js +2 -2
- package/dist/testing.cjs +2 -2
- package/dist/testing.d.cts +1 -1
- package/dist/testing.d.ts +1 -1
- package/dist/testing.js +1 -1
- package/package.json +1 -1
- package/dist/chunk-KDWESC42.js.map +0 -1
- package/dist/chunk-O7424YAR.cjs.map +0 -1
|
@@ -6,43 +6,46 @@ import { x402Client } from '@x402/core/client';
|
|
|
6
6
|
import { x402HTTPClient, decodePaymentResponseHeader, encodePaymentRequiredHeader } from '@x402/core/http';
|
|
7
7
|
import { registerExactEvmScheme } from '@x402/evm/exact/client';
|
|
8
8
|
import { createSIWxClientHook } from '@x402/extensions/sign-in-with-x';
|
|
9
|
-
import { wrapFetchWithPayment } from '@x402/fetch';
|
|
10
9
|
import { Receipt, Challenge } from 'mppx';
|
|
11
10
|
import { Mppx, tempo } from 'mppx/client';
|
|
12
11
|
import { createHash } from 'crypto';
|
|
13
12
|
import { z } from 'zod';
|
|
14
13
|
|
|
15
14
|
// src/auth/managed-account.ts
|
|
16
|
-
var createManagedAccount = (client, address) =>
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
15
|
+
var createManagedAccount = (client, address, opts = {}) => {
|
|
16
|
+
const signOptions = {
|
|
17
|
+
// expectedAddress pins verification to this adapter's frozen address.
|
|
18
|
+
expectedAddress: address,
|
|
19
|
+
...opts.explicitWallet ? { walletAddress: address } : {}
|
|
20
|
+
};
|
|
21
|
+
return toAccount({
|
|
22
|
+
address,
|
|
23
|
+
async signMessage({ message }) {
|
|
24
|
+
return await client.auth.signMessage({ message }, signOptions);
|
|
25
|
+
},
|
|
26
|
+
async signTypedData(typedData) {
|
|
27
|
+
const td = typedData;
|
|
28
|
+
return await client.auth.signTypedData(
|
|
29
|
+
{
|
|
30
|
+
domain: td.domain,
|
|
31
|
+
types: td.types,
|
|
32
|
+
primaryType: td.primaryType,
|
|
33
|
+
message: td.message
|
|
34
|
+
},
|
|
35
|
+
signOptions
|
|
36
|
+
);
|
|
37
|
+
},
|
|
38
|
+
async signTransaction(transaction, options) {
|
|
39
|
+
const serialize = options?.serializer ?? serializeTransaction;
|
|
40
|
+
const unsigned = await serialize(transaction);
|
|
41
|
+
const signature = await client.auth.signTransaction(
|
|
42
|
+
{ unsignedTransaction: unsigned },
|
|
43
|
+
signOptions
|
|
44
|
+
);
|
|
45
|
+
return await serialize(transaction, parseSignature(signature));
|
|
46
|
+
}
|
|
47
|
+
});
|
|
48
|
+
};
|
|
46
49
|
var USDC_BASE = "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913";
|
|
47
50
|
var USDC_TEMPO = "0x20c000000000000000000000b9537d11c60e8b50";
|
|
48
51
|
var TEMPO_CHAIN_ID = 4217;
|
|
@@ -639,12 +642,12 @@ var cancelBody = (response) => {
|
|
|
639
642
|
} catch {
|
|
640
643
|
}
|
|
641
644
|
};
|
|
642
|
-
var resolveAccount = async (client, overrideAccount, signal) => {
|
|
645
|
+
var resolveAccount = async (client, overrideAccount, signal, walletAddress) => {
|
|
643
646
|
if (overrideAccount) return overrideAccount;
|
|
644
647
|
const credentials = client.getCredentials();
|
|
645
648
|
if (credentials.kind === "account") return credentials.account;
|
|
646
649
|
if (credentials.kind === "session") {
|
|
647
|
-
return await client.resolveManagedAccount(signal);
|
|
650
|
+
return await client.resolveManagedAccount(signal, walletAddress);
|
|
648
651
|
}
|
|
649
652
|
throw new ZeroAuthError(
|
|
650
653
|
"auth_no_credentials",
|
|
@@ -690,9 +693,13 @@ var Payments = class {
|
|
|
690
693
|
const account = await resolveAccount(
|
|
691
694
|
this.client,
|
|
692
695
|
input.account,
|
|
693
|
-
input.signal
|
|
696
|
+
input.signal,
|
|
697
|
+
input.walletAddress
|
|
694
698
|
);
|
|
695
699
|
let capturedAmount = null;
|
|
700
|
+
let pendingAmountUnits = 0n;
|
|
701
|
+
let identityChallengeHandled = false;
|
|
702
|
+
let paidChallengeHandled = false;
|
|
696
703
|
let capturedNetwork;
|
|
697
704
|
let preflightError = null;
|
|
698
705
|
const x402 = registerExactEvmScheme(new x402Client(), { signer: account });
|
|
@@ -721,11 +728,25 @@ var Payments = class {
|
|
|
721
728
|
};
|
|
722
729
|
}
|
|
723
730
|
const rawAmountUnits = BigInt(rawAmount);
|
|
724
|
-
|
|
731
|
+
pendingAmountUnits = rawAmountUnits;
|
|
732
|
+
const challengeAmount = formatUnits(rawAmountUnits, 6);
|
|
733
|
+
if (rawAmountUnits === 0n) {
|
|
734
|
+
if (identityChallengeHandled || paidChallengeHandled) {
|
|
735
|
+
return {
|
|
736
|
+
abort: true,
|
|
737
|
+
reason: "Only one zero-value identity challenge is allowed, and it must precede payment."
|
|
738
|
+
};
|
|
739
|
+
}
|
|
740
|
+
} else if (paidChallengeHandled) {
|
|
741
|
+
return {
|
|
742
|
+
abort: true,
|
|
743
|
+
reason: "A positive-value x402 payment was already attempted for this fetch; refusing a second charge."
|
|
744
|
+
};
|
|
745
|
+
}
|
|
725
746
|
if (maxPayUnits !== null && rawAmountUnits > maxPayUnits) {
|
|
726
747
|
return {
|
|
727
748
|
abort: true,
|
|
728
|
-
reason: `Payment of ${
|
|
749
|
+
reason: `Payment of ${challengeAmount} USDC exceeds maxPay ${input.maxPay}`
|
|
729
750
|
};
|
|
730
751
|
}
|
|
731
752
|
const detected = networkToChain(capturedNetwork);
|
|
@@ -745,9 +766,10 @@ var Payments = class {
|
|
|
745
766
|
}
|
|
746
767
|
if (balance !== null && balance < rawAmountUnits) {
|
|
747
768
|
const have = formatUnits(balance, 6);
|
|
769
|
+
const requiredAmount = formatUnits(rawAmountUnits, 6);
|
|
748
770
|
preflightError = new ZeroInsufficientFundsError(
|
|
749
|
-
`wallet has ${have} USDC on Base, needs ${
|
|
750
|
-
{ have, need:
|
|
771
|
+
`wallet has ${have} USDC on Base, needs ${requiredAmount}.`,
|
|
772
|
+
{ have, need: requiredAmount }
|
|
751
773
|
);
|
|
752
774
|
return { abort: true, reason: preflightError.message };
|
|
753
775
|
}
|
|
@@ -758,18 +780,64 @@ var Payments = class {
|
|
|
758
780
|
const httpClient = new x402HTTPClient(x402).onPaymentRequired(
|
|
759
781
|
createSIWxClientHook(account)
|
|
760
782
|
);
|
|
761
|
-
const
|
|
762
|
-
withSynthesizedX402Header(configuredFetch),
|
|
763
|
-
httpClient
|
|
764
|
-
);
|
|
783
|
+
const paymentFetch = withSynthesizedX402Header(configuredFetch);
|
|
765
784
|
let response;
|
|
766
785
|
try {
|
|
767
|
-
|
|
786
|
+
const request2 = new Request(input.url, {
|
|
768
787
|
method: input.method ?? "GET",
|
|
769
788
|
headers: input.headers,
|
|
770
789
|
body: input.body,
|
|
771
790
|
signal: input.signal
|
|
772
791
|
});
|
|
792
|
+
response = await paymentFetch(request2.clone());
|
|
793
|
+
for (let paymentStage = 0; paymentStage < 2; paymentStage++) {
|
|
794
|
+
if (response.status !== 402) break;
|
|
795
|
+
const parseChallenge = async (challengeResponse) => {
|
|
796
|
+
let body;
|
|
797
|
+
try {
|
|
798
|
+
const text = await challengeResponse.clone().text();
|
|
799
|
+
if (text) body = JSON.parse(text);
|
|
800
|
+
} catch {
|
|
801
|
+
}
|
|
802
|
+
return httpClient.getPaymentRequiredResponse(
|
|
803
|
+
(name) => challengeResponse.headers.get(name),
|
|
804
|
+
body
|
|
805
|
+
);
|
|
806
|
+
};
|
|
807
|
+
let paymentRequired = await parseChallenge(response);
|
|
808
|
+
const hookHeaders = await httpClient.handlePaymentRequired(paymentRequired);
|
|
809
|
+
if (hookHeaders) {
|
|
810
|
+
const hookRequest = request2.clone();
|
|
811
|
+
for (const [key, value] of Object.entries(hookHeaders)) {
|
|
812
|
+
hookRequest.headers.set(key, value);
|
|
813
|
+
}
|
|
814
|
+
response = await paymentFetch(hookRequest);
|
|
815
|
+
if (response.status === 402) {
|
|
816
|
+
paymentRequired = await parseChallenge(response);
|
|
817
|
+
} else {
|
|
818
|
+
break;
|
|
819
|
+
}
|
|
820
|
+
}
|
|
821
|
+
pendingAmountUnits = 0n;
|
|
822
|
+
const paymentPayload = await x402.createPaymentPayload(paymentRequired);
|
|
823
|
+
if (pendingAmountUnits === 0n) {
|
|
824
|
+
identityChallengeHandled = true;
|
|
825
|
+
capturedAmount = "0";
|
|
826
|
+
} else {
|
|
827
|
+
paidChallengeHandled = true;
|
|
828
|
+
capturedAmount = formatUnits(pendingAmountUnits, 6);
|
|
829
|
+
}
|
|
830
|
+
const paymentHeaders = httpClient.encodePaymentSignatureHeader(paymentPayload);
|
|
831
|
+
const paidRequest = request2.clone();
|
|
832
|
+
for (const [key, value] of Object.entries(paymentHeaders)) {
|
|
833
|
+
paidRequest.headers.set(key, value);
|
|
834
|
+
}
|
|
835
|
+
paidRequest.headers.set(
|
|
836
|
+
"Access-Control-Expose-Headers",
|
|
837
|
+
"PAYMENT-RESPONSE,X-PAYMENT-RESPONSE"
|
|
838
|
+
);
|
|
839
|
+
response = await paymentFetch(paidRequest);
|
|
840
|
+
}
|
|
773
841
|
} catch (err) {
|
|
774
842
|
if (preflightError) throw preflightError;
|
|
775
843
|
if (err instanceof ZeroError) throw err;
|
|
@@ -825,7 +893,8 @@ var Payments = class {
|
|
|
825
893
|
const account = await resolveAccount(
|
|
826
894
|
this.client,
|
|
827
895
|
input.account,
|
|
828
|
-
input.signal
|
|
896
|
+
input.signal,
|
|
897
|
+
input.walletAddress
|
|
829
898
|
);
|
|
830
899
|
const configuredFetch = buildConfiguredFetch(this.client, {
|
|
831
900
|
timeoutMs: input.timeoutMs
|
|
@@ -1336,8 +1405,17 @@ var cancelBody2 = (response) => {
|
|
|
1336
1405
|
} catch {
|
|
1337
1406
|
}
|
|
1338
1407
|
};
|
|
1339
|
-
var detectPaymentRequirement = async (response) => {
|
|
1408
|
+
var detectPaymentRequirement = async (response, preferredProtocol) => {
|
|
1340
1409
|
if (response.status !== 402) return null;
|
|
1410
|
+
const wwwAuth = response.headers.get("www-authenticate");
|
|
1411
|
+
const advertisesMpp = wwwAuth ? splitWwwAuthenticateChallenges(wwwAuth).some((challenge) => {
|
|
1412
|
+
const scheme = challenge.trim().split(/\s+/)[0]?.toLowerCase() ?? "";
|
|
1413
|
+
return MPP_SCHEME_TOKENS.has(scheme);
|
|
1414
|
+
}) : false;
|
|
1415
|
+
if (preferredProtocol === "mpp") {
|
|
1416
|
+
cancelBody2(response);
|
|
1417
|
+
return advertisesMpp ? { protocol: "mpp", raw: { "www-authenticate": wwwAuth } } : { protocol: "unknown", raw: { requestedProtocol: "mpp" } };
|
|
1418
|
+
}
|
|
1341
1419
|
const x402Header = response.headers.get("payment-required") ?? response.headers.get("x-payment-required");
|
|
1342
1420
|
if (x402Header) {
|
|
1343
1421
|
cancelBody2(response);
|
|
@@ -1367,15 +1445,13 @@ var detectPaymentRequirement = async (response) => {
|
|
|
1367
1445
|
} catch {
|
|
1368
1446
|
}
|
|
1369
1447
|
}
|
|
1370
|
-
|
|
1371
|
-
|
|
1372
|
-
|
|
1373
|
-
|
|
1374
|
-
|
|
1375
|
-
|
|
1376
|
-
|
|
1377
|
-
return { protocol: "mpp", raw: { "www-authenticate": wwwAuth } };
|
|
1378
|
-
}
|
|
1448
|
+
if (preferredProtocol === "x402") {
|
|
1449
|
+
cancelBody2(response);
|
|
1450
|
+
return { protocol: "unknown", raw: { requestedProtocol: "x402" } };
|
|
1451
|
+
}
|
|
1452
|
+
if (advertisesMpp) {
|
|
1453
|
+
cancelBody2(response);
|
|
1454
|
+
return { protocol: "mpp", raw: { "www-authenticate": wwwAuth } };
|
|
1379
1455
|
}
|
|
1380
1456
|
cancelBody2(response);
|
|
1381
1457
|
return { protocol: "unknown", raw: {} };
|
|
@@ -1605,7 +1681,8 @@ var recordErrorFetchRun = async (client, opts, result, capabilityIdOverride) =>
|
|
|
1605
1681
|
...fetchOriginForRecord && { fetchOrigin: fetchOriginForRecord },
|
|
1606
1682
|
...result.status !== null && { status: result.status },
|
|
1607
1683
|
latencyMs: result.latencyMs,
|
|
1608
|
-
...opts.requestSchema && { requestSchema: opts.requestSchema }
|
|
1684
|
+
...opts.requestSchema && { requestSchema: opts.requestSchema },
|
|
1685
|
+
...opts.walletAddress && !opts.account && { walletAddress: opts.walletAddress }
|
|
1609
1686
|
});
|
|
1610
1687
|
result.runId = created.runId;
|
|
1611
1688
|
delete result.runTrackingSkipped;
|
|
@@ -1700,7 +1777,10 @@ var clientFetch = async (client, url, opts = {}) => {
|
|
|
1700
1777
|
return result2;
|
|
1701
1778
|
}
|
|
1702
1779
|
if (response.status === 402) {
|
|
1703
|
-
const requirement = await detectPaymentRequirement(
|
|
1780
|
+
const requirement = await detectPaymentRequirement(
|
|
1781
|
+
response,
|
|
1782
|
+
opts.paymentProtocol
|
|
1783
|
+
);
|
|
1704
1784
|
if (requirement?.protocol === "x402" || requirement?.protocol === "mpp") {
|
|
1705
1785
|
const payCall = requirement.protocol === "x402" ? client.payments.pay : client.payments.payMpp;
|
|
1706
1786
|
try {
|
|
@@ -1714,6 +1794,7 @@ var clientFetch = async (client, url, opts = {}) => {
|
|
|
1714
1794
|
body: requestBody,
|
|
1715
1795
|
maxPay: opts.maxPay,
|
|
1716
1796
|
account: opts.account,
|
|
1797
|
+
...opts.walletAddress && { walletAddress: opts.walletAddress },
|
|
1717
1798
|
signal: opts.signal,
|
|
1718
1799
|
timeoutMs: opts.timeoutMs,
|
|
1719
1800
|
...opts.displayCostAmount && {
|
|
@@ -1771,7 +1852,7 @@ var clientFetch = async (client, url, opts = {}) => {
|
|
|
1771
1852
|
} else if (requirement?.protocol === "unknown") {
|
|
1772
1853
|
const result2 = errorFetchResult(
|
|
1773
1854
|
startedAt,
|
|
1774
|
-
"Capability returned 402 with an unrecognized payment protocol. Neither x402 nor MPP markers were detected in the response headers or body.",
|
|
1855
|
+
opts.paymentProtocol ? `Capability did not advertise the requested ${opts.paymentProtocol} payment protocol.` : "Capability returned 402 with an unrecognized payment protocol. Neither x402 nor MPP markers were detected in the response headers or body.",
|
|
1775
1856
|
"unrecognized_402_protocol",
|
|
1776
1857
|
capabilityIdRequested,
|
|
1777
1858
|
"payment_failed",
|
|
@@ -1886,6 +1967,10 @@ var clientFetch = async (client, url, opts = {}) => {
|
|
|
1886
1967
|
...opts.capabilityId === void 0 ? { fetchOrigin: "direct_url" } : opts.fetchOrigin && { fetchOrigin: opts.fetchOrigin },
|
|
1887
1968
|
status: response.status,
|
|
1888
1969
|
latencyMs,
|
|
1970
|
+
// Attribute to the selected wallet in session mode. Skipped when a
|
|
1971
|
+
// per-call `account` override records the run — that account's own
|
|
1972
|
+
// EIP-191 identity is the attribution.
|
|
1973
|
+
...opts.walletAddress && !opts.account && { walletAddress: opts.walletAddress },
|
|
1889
1974
|
...opts.requestSchema && { requestSchema: opts.requestSchema },
|
|
1890
1975
|
...derived?.responseSchema && {
|
|
1891
1976
|
responseSchema: derived.responseSchema
|
|
@@ -1951,7 +2036,7 @@ var clientFetch = async (client, url, opts = {}) => {
|
|
|
1951
2036
|
|
|
1952
2037
|
// package.json
|
|
1953
2038
|
var package_default = {
|
|
1954
|
-
version: "0.
|
|
2039
|
+
version: "0.14.0"};
|
|
1955
2040
|
|
|
1956
2041
|
// src/version.ts
|
|
1957
2042
|
var SDK_VERSION = package_default.version;
|
|
@@ -2441,6 +2526,9 @@ var userWalletDtoSchema = z.object({
|
|
|
2441
2526
|
walletAddress: z.string(),
|
|
2442
2527
|
source: z.enum(["self_custody", "privy_embedded"]),
|
|
2443
2528
|
isPrimary: z.boolean(),
|
|
2529
|
+
// Owner-chosen display name; null/absent = unnamed (show the address).
|
|
2530
|
+
// Optional so the SDK tolerates servers that predate nicknames.
|
|
2531
|
+
nickname: z.string().nullable().optional(),
|
|
2444
2532
|
linkedAt: z.union([z.string(), z.date()]).nullable().optional(),
|
|
2445
2533
|
importedAt: z.union([z.string(), z.date()]).nullable().optional(),
|
|
2446
2534
|
delegationGranted: z.boolean(),
|
|
@@ -2658,7 +2746,10 @@ var Auth = class {
|
|
|
2658
2746
|
{
|
|
2659
2747
|
method: "POST",
|
|
2660
2748
|
path: "/v1/users/me/sign-message",
|
|
2661
|
-
body: {
|
|
2749
|
+
body: {
|
|
2750
|
+
message: normalizeMessage(input.message),
|
|
2751
|
+
...opts.walletAddress ? { walletAddress: opts.walletAddress } : {}
|
|
2752
|
+
}
|
|
2662
2753
|
},
|
|
2663
2754
|
signResponseSchema
|
|
2664
2755
|
);
|
|
@@ -2683,7 +2774,10 @@ var Auth = class {
|
|
|
2683
2774
|
{
|
|
2684
2775
|
method: "POST",
|
|
2685
2776
|
path: "/v1/users/me/sign-transaction",
|
|
2686
|
-
body: {
|
|
2777
|
+
body: {
|
|
2778
|
+
unsignedTransaction: input.unsignedTransaction,
|
|
2779
|
+
...opts.walletAddress ? { walletAddress: opts.walletAddress } : {}
|
|
2780
|
+
}
|
|
2687
2781
|
},
|
|
2688
2782
|
signResponseSchema
|
|
2689
2783
|
);
|
|
@@ -2722,7 +2816,10 @@ var Auth = class {
|
|
|
2722
2816
|
{
|
|
2723
2817
|
method: "POST",
|
|
2724
2818
|
path: "/v1/users/me/sign-typed-data",
|
|
2725
|
-
body: {
|
|
2819
|
+
body: {
|
|
2820
|
+
typedData: input,
|
|
2821
|
+
...opts.walletAddress ? { walletAddress: opts.walletAddress } : {}
|
|
2822
|
+
}
|
|
2726
2823
|
},
|
|
2727
2824
|
signResponseSchema
|
|
2728
2825
|
);
|
|
@@ -3099,6 +3196,9 @@ var Runs = class {
|
|
|
3099
3196
|
if (params.unreviewed !== void 0) query.unreviewed = params.unreviewed;
|
|
3100
3197
|
if (params.limit !== void 0) query.limit = params.limit;
|
|
3101
3198
|
if (params.cursor !== void 0) query.cursor = params.cursor;
|
|
3199
|
+
if (params.walletAddress !== void 0) {
|
|
3200
|
+
query.walletAddress = Array.isArray(params.walletAddress) ? params.walletAddress.join(",") : params.walletAddress;
|
|
3201
|
+
}
|
|
3102
3202
|
return request(
|
|
3103
3203
|
this.client,
|
|
3104
3204
|
{
|
|
@@ -3234,6 +3334,50 @@ var Wallet = class {
|
|
|
3234
3334
|
},
|
|
3235
3335
|
userWalletDtoSchema
|
|
3236
3336
|
);
|
|
3337
|
+
// Re-stamp Zero's signing delegation on a profile wallet (default: the
|
|
3338
|
+
// primary). Session-only. Naming a wallet re-authorizes THAT wallet and
|
|
3339
|
+
// never provisions; the server 404s an address not on the profile.
|
|
3340
|
+
reauthorizeDelegation = (opts = {}) => request(
|
|
3341
|
+
this.client,
|
|
3342
|
+
{
|
|
3343
|
+
method: "POST",
|
|
3344
|
+
path: "/v1/users/me/wallets/provision",
|
|
3345
|
+
...opts.walletAddress ? { body: { walletAddress: opts.walletAddress } } : {},
|
|
3346
|
+
signal: opts.signal
|
|
3347
|
+
},
|
|
3348
|
+
userWalletDtoSchema
|
|
3349
|
+
);
|
|
3350
|
+
// Revoke Zero's signing delegation on a profile wallet (default: the
|
|
3351
|
+
// primary). Session-only. Managed signing on that wallet 403s until it is
|
|
3352
|
+
// re-authorized. Note: this stamps the server-side gate — removing Zero's
|
|
3353
|
+
// signer cryptographically is owner-authorized and happens in the user's
|
|
3354
|
+
// Privy session (the web profile page does both).
|
|
3355
|
+
revokeDelegation = (opts = {}) => request(
|
|
3356
|
+
this.client,
|
|
3357
|
+
{
|
|
3358
|
+
method: "DELETE",
|
|
3359
|
+
path: "/v1/users/me/wallets/delegation",
|
|
3360
|
+
...opts.walletAddress ? { query: { walletAddress: opts.walletAddress } } : {},
|
|
3361
|
+
signal: opts.signal
|
|
3362
|
+
},
|
|
3363
|
+
userWalletDtoSchema
|
|
3364
|
+
);
|
|
3365
|
+
// Set, change, or clear (null / empty string) the owner-chosen nickname on
|
|
3366
|
+
// a profile wallet. Session-only. Nicknames are private to the
|
|
3367
|
+
// authenticated user — they never appear on reviews or public surfaces.
|
|
3368
|
+
setNickname = (opts) => request(
|
|
3369
|
+
this.client,
|
|
3370
|
+
{
|
|
3371
|
+
method: "PATCH",
|
|
3372
|
+
path: "/v1/users/me/wallets/nickname",
|
|
3373
|
+
body: {
|
|
3374
|
+
walletAddress: opts.walletAddress,
|
|
3375
|
+
nickname: opts.nickname
|
|
3376
|
+
},
|
|
3377
|
+
signal: opts.signal
|
|
3378
|
+
},
|
|
3379
|
+
userWalletDtoSchema
|
|
3380
|
+
);
|
|
3237
3381
|
// Link an existing self-custody wallet to the session user by private key.
|
|
3238
3382
|
// Session-only. 409s when the wallet is already linked (to this or another
|
|
3239
3383
|
// profile — the error message says which).
|
|
@@ -3244,7 +3388,8 @@ var Wallet = class {
|
|
|
3244
3388
|
path: "/v1/users/me/wallets/import",
|
|
3245
3389
|
body: {
|
|
3246
3390
|
privateKey: opts.privateKey,
|
|
3247
|
-
...opts.makePrimary !== void 0 ? { makePrimary: opts.makePrimary } : {}
|
|
3391
|
+
...opts.makePrimary !== void 0 ? { makePrimary: opts.makePrimary } : {},
|
|
3392
|
+
...opts.nickname !== void 0 ? { nickname: opts.nickname } : {}
|
|
3248
3393
|
},
|
|
3249
3394
|
signal: opts.signal
|
|
3250
3395
|
},
|
|
@@ -3447,6 +3592,9 @@ var ZeroClient = class _ZeroClient {
|
|
|
3447
3592
|
managedAccountInFlight = null;
|
|
3448
3593
|
managedAccountAC = null;
|
|
3449
3594
|
managedAccountGen = 0;
|
|
3595
|
+
// Explicitly-selected (non-default) managed wallets, keyed by lowercased
|
|
3596
|
+
// address. Same lifecycle as managedAccount: cleared on clearManagedAccount.
|
|
3597
|
+
managedAccountByAddress = /* @__PURE__ */ new Map();
|
|
3450
3598
|
// Multi-tenant servers calling `client.fetch(url, { account: tenantAccount })`
|
|
3451
3599
|
// on every request would otherwise construct a new ZeroClient (with
|
|
3452
3600
|
// five namespace instances) per call. Keyed by lowercased account
|
|
@@ -3668,8 +3816,16 @@ var ZeroClient = class _ZeroClient {
|
|
|
3668
3816
|
}
|
|
3669
3817
|
this.withAccountCache.clear();
|
|
3670
3818
|
};
|
|
3671
|
-
/**
|
|
3672
|
-
|
|
3819
|
+
/**
|
|
3820
|
+
* @internal — used by payments.pay() in session mode. Cached, dedupes
|
|
3821
|
+
* concurrent lookups. Pass `walletAddress` to sign as a specific profile
|
|
3822
|
+
* wallet instead of the primary; explicit wallets are cached per address
|
|
3823
|
+
* and their sign requests carry the address so intent and signer agree.
|
|
3824
|
+
*/
|
|
3825
|
+
resolveManagedAccount = (signal, walletAddress) => {
|
|
3826
|
+
if (walletAddress) {
|
|
3827
|
+
return this.resolveManagedAccountByAddress(walletAddress, signal);
|
|
3828
|
+
}
|
|
3673
3829
|
if (this.managedAccount) return Promise.resolve(this.managedAccount);
|
|
3674
3830
|
if (this.managedAccountInFlight) {
|
|
3675
3831
|
return this.raceWithSignal(this.managedAccountInFlight, signal);
|
|
@@ -3711,6 +3867,42 @@ var ZeroClient = class _ZeroClient {
|
|
|
3711
3867
|
});
|
|
3712
3868
|
return this.raceWithSignal(this.managedAccountInFlight, signal);
|
|
3713
3869
|
};
|
|
3870
|
+
// Explicit-wallet variant of resolveManagedAccount. No in-flight dedupe:
|
|
3871
|
+
// this is the rare path (per-wallet pay), the resolution is idempotent, and
|
|
3872
|
+
// the per-address cache absorbs repeat calls.
|
|
3873
|
+
resolveManagedAccountByAddress = async (walletAddress, signal) => {
|
|
3874
|
+
if (this.credentials.kind !== "session") {
|
|
3875
|
+
throw new ZeroAuthError(
|
|
3876
|
+
"auth_no_credentials",
|
|
3877
|
+
"resolveManagedAccount() requires session credentials."
|
|
3878
|
+
);
|
|
3879
|
+
}
|
|
3880
|
+
const canonical = getAddress(walletAddress);
|
|
3881
|
+
const cached = this.managedAccountByAddress.get(canonical.toLowerCase());
|
|
3882
|
+
if (cached) return cached;
|
|
3883
|
+
const startedAtGen = this.managedAccountGen;
|
|
3884
|
+
const wallets = await this.auth.wallets({ signal });
|
|
3885
|
+
const match = wallets.find(
|
|
3886
|
+
(w) => w.walletAddress.toLowerCase() === canonical.toLowerCase()
|
|
3887
|
+
);
|
|
3888
|
+
if (!match || match.source !== "privy_embedded") {
|
|
3889
|
+
throw new ZeroAuthError(
|
|
3890
|
+
"auth_error",
|
|
3891
|
+
`Wallet ${canonical} is not a Privy-embedded wallet on this profile. Managed signing can only use profile wallets (see client.wallet.list()).`
|
|
3892
|
+
);
|
|
3893
|
+
}
|
|
3894
|
+
if (this.managedAccountGen !== startedAtGen) {
|
|
3895
|
+
throw new ZeroAuthError(
|
|
3896
|
+
"auth_session_expired",
|
|
3897
|
+
"Session cleared during managed-account resolution. Retry to rebuild against the current session."
|
|
3898
|
+
);
|
|
3899
|
+
}
|
|
3900
|
+
const acc = createManagedAccount(this, canonical, {
|
|
3901
|
+
explicitWallet: true
|
|
3902
|
+
});
|
|
3903
|
+
this.managedAccountByAddress.set(canonical.toLowerCase(), acc);
|
|
3904
|
+
return acc;
|
|
3905
|
+
};
|
|
3714
3906
|
// Per-caller signal gate: each caller can reject on their own abort
|
|
3715
3907
|
// without cancelling the shared underlying promise.
|
|
3716
3908
|
raceWithSignal = (p, signal) => {
|
|
@@ -3741,6 +3933,7 @@ var ZeroClient = class _ZeroClient {
|
|
|
3741
3933
|
this.managedAccountAC?.abort();
|
|
3742
3934
|
this.managedAccountInFlight = null;
|
|
3743
3935
|
this.managedAccountAC = null;
|
|
3936
|
+
this.managedAccountByAddress.clear();
|
|
3744
3937
|
this.managedAccountGen++;
|
|
3745
3938
|
};
|
|
3746
3939
|
/** @internal — Read cached managed account without triggering resolution. */
|
|
@@ -3794,5 +3987,5 @@ var ZeroClient = class _ZeroClient {
|
|
|
3794
3987
|
};
|
|
3795
3988
|
|
|
3796
3989
|
export { Auth, AuthAgent, AuthDevice, BUG_REPORT_CATEGORIES, BugReports, Capabilities, DEFAULT_BASE_URL, DEFAULT_MAX_RETRIES, DEFAULT_TIMEOUT_MS, FETCH_SKIP_REASONS, FETCH_WARNINGS, Payments, Runs, SDK_VERSION, TEMPO_CHAIN_ID2 as TEMPO_CHAIN_ID, TEMPO_TESTNET_CHAIN_ID, USDC_BASE, USDC_DECIMALS, USDC_TEMPO, Wallet, ZeroAgentAuthError, ZeroApiError, ZeroAuthError, ZeroClient, ZeroConfigurationError, ZeroError, ZeroPaymentError, ZeroSessionCloseFailedError, ZeroTimeoutError, ZeroValidationError, ZeroWalletError, asSchemaNode, coerceTempoChainId, createManagedAccount, extractInputEnvelope, isShortToken, normalizeTransportEnvelopeRequest, paymentHasAnchor, tempoChainLabelFromId, unwrapTransportEnvelope };
|
|
3797
|
-
//# sourceMappingURL=chunk-
|
|
3798
|
-
//# sourceMappingURL=chunk-
|
|
3990
|
+
//# sourceMappingURL=chunk-FWHVWIO2.js.map
|
|
3991
|
+
//# sourceMappingURL=chunk-FWHVWIO2.js.map
|