sphere-connect 1.0.1

package/dist/index.js

@@ -0,0 +1,1407 @@
+'use strict';
+
+var tsSdk = require('@cedra-labs/ts-sdk');
+var jose = require('jose');
+var CryptoJS2 = require('crypto-js');
+var react = require('react');
+var jsxRuntime = require('react/jsx-runtime');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var CryptoJS2__default = /*#__PURE__*/_interopDefault(CryptoJS2);
+
+// src/core/EventEmitter.ts
+var EventEmitter = class {
+  constructor() {
+    this.listeners = /* @__PURE__ */ new Map();
+  }
+  on(event, listener) {
+    if (!this.listeners.has(event)) {
+      this.listeners.set(event, []);
+    }
+    this.listeners.get(event).push(listener);
+    return this;
+  }
+  off(event, listener) {
+    const eventListeners = this.listeners.get(event);
+    if (eventListeners) {
+      const index = eventListeners.indexOf(listener);
+      if (index !== -1) {
+        eventListeners.splice(index, 1);
+      }
+    }
+    return this;
+  }
+  emit(event, ...args) {
+    const eventListeners = this.listeners.get(event);
+    if (eventListeners && eventListeners.length > 0) {
+      eventListeners.forEach((listener) => listener(...args));
+      return true;
+    }
+    return false;
+  }
+  removeAllListeners(event) {
+    if (event) {
+      this.listeners.delete(event);
+    } else {
+      this.listeners.clear();
+    }
+    return this;
+  }
+};
+
+// src/types/index.ts
+var ErrorCode = /* @__PURE__ */ ((ErrorCode2) => {
+  ErrorCode2["AUTHENTICATION_FAILED"] = "AUTHENTICATION_FAILED";
+  ErrorCode2["WALLET_CREATION_FAILED"] = "WALLET_CREATION_FAILED";
+  ErrorCode2["TRANSACTION_FAILED"] = "TRANSACTION_FAILED";
+  ErrorCode2["INSUFFICIENT_BALANCE"] = "INSUFFICIENT_BALANCE";
+  ErrorCode2["NETWORK_ERROR"] = "NETWORK_ERROR";
+  ErrorCode2["INVALID_ADDRESS"] = "INVALID_ADDRESS";
+  ErrorCode2["SESSION_EXPIRED"] = "SESSION_EXPIRED";
+  ErrorCode2["STORAGE_ERROR"] = "STORAGE_ERROR";
+  ErrorCode2["KEY_DERIVATION_FAILED"] = "KEY_DERIVATION_FAILED";
+  ErrorCode2["TRANSACTION_ABORTED"] = "TRANSACTION_ABORTED";
+  ErrorCode2["DISCARDED_TRANSACTION"] = "DISCARDED_TRANSACTION";
+  ErrorCode2["INVALID_CONFIG"] = "INVALID_CONFIG";
+  return ErrorCode2;
+})(ErrorCode || {});
+var SphereSDKError = class extends Error {
+  constructor(code, message, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "SphereSDKError";
+  }
+};
+
+// src/wallet/SphereWallet.ts
+var SphereWallet = class {
+  constructor(clientOrKey, privateKeyOrNetwork, networkOrEndpoint, rpcEndpoint, indexerUrl) {
+    this.keylessConfig = null;
+    this._indexerUrl = null;
+    try {
+      if (clientOrKey instanceof tsSdk.Cedra) {
+        this.client = clientOrKey;
+        this.privateKeyHex = privateKeyOrNetwork;
+        const net = networkOrEndpoint;
+        this.network = this.mapNetwork(net || "testnet");
+        this._indexerUrl = rpcEndpoint || null;
+        const formattedKey = tsSdk.PrivateKey.formatPrivateKey(this.privateKeyHex, tsSdk.PrivateKeyVariants.Ed25519);
+        const privateKey = new tsSdk.Ed25519PrivateKey(formattedKey);
+        this.account = tsSdk.Account.fromPrivateKey({ privateKey });
+      } else {
+        this.privateKeyHex = clientOrKey;
+        const net = privateKeyOrNetwork;
+        this.network = this.mapNetwork(net || "testnet");
+        const endpoint = rpcEndpoint || networkOrEndpoint;
+        const config = new tsSdk.CedraConfig({
+          network: this.network,
+          fullnode: endpoint
+        });
+        this.client = new tsSdk.Cedra(config);
+        this._indexerUrl = indexerUrl || null;
+        const formattedKey = tsSdk.PrivateKey.formatPrivateKey(this.privateKeyHex, tsSdk.PrivateKeyVariants.Ed25519);
+        const privateKey = new tsSdk.Ed25519PrivateKey(formattedKey);
+        this.account = tsSdk.Account.fromPrivateKey({ privateKey });
+      }
+    } catch (error) {
+      throw new SphereSDKError(
+        "WALLET_CREATION_FAILED" /* WALLET_CREATION_FAILED */,
+        "Failed to create wallet",
+        error
+      );
+    }
+  }
+  getAddress() {
+    return this.account.accountAddress.toString();
+  }
+  getPublicKey() {
+    return this.account.publicKey.toString();
+  }
+  getIndexerUrl() {
+    return this._indexerUrl;
+  }
+  async existsOnChain() {
+    try {
+      await this.client.getAccountInfo({
+        accountAddress: this.account.accountAddress
+      });
+      return true;
+    } catch (error) {
+      return false;
+    }
+  }
+  async getBalance(coinType) {
+    const defaultCoinType = "0x1::cedra_coin::CedraCoin";
+    const targetCoinType = coinType || defaultCoinType;
+    try {
+      if (targetCoinType.startsWith("0x") && !targetCoinType.includes("::")) {
+        const [balance] = await this.client.view({
+          payload: {
+            function: "0x1::primary_fungible_store::balance",
+            typeArguments: ["0x1::fungible_asset::Metadata"],
+            functionArguments: [this.getAddress(), targetCoinType]
+          }
+        });
+        const [decimals] = await this.client.view({
+          payload: {
+            function: "0x1::fungible_asset::decimals",
+            typeArguments: ["0x1::fungible_asset::Metadata"],
+            functionArguments: [targetCoinType]
+          }
+        });
+        const amountVal = balance?.toString() || "0";
+        const decimalsVal = decimals ? Number(decimals) : 8;
+        return {
+          coinType: targetCoinType,
+          amount: amountVal,
+          decimals: decimalsVal,
+          formatted: (Number(amountVal) / Math.pow(10, decimalsVal)).toFixed(Math.min(decimalsVal, 8))
+        };
+      }
+      const amount = await this.client.getAccountCoinAmount({
+        accountAddress: this.account.accountAddress,
+        coinType: targetCoinType
+      });
+      return {
+        coinType: targetCoinType,
+        amount: amount.toString(),
+        decimals: 8,
+        formatted: (Number(amount) / 1e8).toFixed(8)
+      };
+    } catch (error) {
+      return {
+        coinType: targetCoinType,
+        amount: "0",
+        decimals: 8,
+        formatted: "0.00000000"
+      };
+    }
+  }
+  async getAllBalances() {
+    return [await this.getBalance()];
+  }
+  async sendTransaction(options, simulate = true) {
+    try {
+      const { to, amount, coinType, maxGasAmount, gasUnitPrice } = options;
+      const transaction = await this.client.transaction.build.simple({
+        sender: this.account.accountAddress,
+        data: {
+          function: coinType?.startsWith("0x") && !coinType.includes("::") ? "0x1::primary_fungible_store::transfer" : "0x1::cedra_account::transfer",
+          typeArguments: coinType?.startsWith("0x") && !coinType.includes("::") ? ["0x1::fungible_asset::Metadata"] : [],
+          functionArguments: coinType?.startsWith("0x") && !coinType.includes("::") ? [coinType, to, amount] : [to, amount]
+        },
+        options: {
+          maxGasAmount: maxGasAmount || 2e4,
+          gasUnitPrice
+        }
+      });
+      if (simulate) {
+        const [sim] = await this.client.transaction.simulate.simple({
+          signerPublicKey: this.account.publicKey,
+          transaction
+        });
+        if (!sim.success) throw new Error(`Simulation failed: ${sim.vm_status}`);
+      }
+      const authenticator = await this.client.transaction.sign({
+        signer: this.account,
+        transaction
+      });
+      const pending = await this.client.transaction.submit.simple({
+        transaction,
+        senderAuthenticator: authenticator
+      });
+      return await this.waitForTransaction(pending.hash);
+    } catch (error) {
+      throw new SphereSDKError("TRANSACTION_FAILED" /* TRANSACTION_FAILED */, error.message, error);
+    }
+  }
+  async waitForTransaction(hash) {
+    const tx = await this.client.waitForTransaction({ transactionHash: hash });
+    return {
+      hash,
+      success: tx.success,
+      vmStatus: tx.vm_status,
+      gasUsed: tx.gas_used,
+      version: tx.version
+    };
+  }
+  async getGasPrice() {
+    const res = await this.client.getGasPriceEstimation();
+    return res.gas_estimate;
+  }
+  async getTransactionHistory() {
+    const txs = await this.client.getAccountTransactions({
+      accountAddress: this.account.accountAddress
+    });
+    return txs.map((tx) => ({
+      hash: tx.hash,
+      success: tx.success,
+      type: tx.type,
+      sender: tx.sender,
+      receiver: tx.payload?.functionArguments?.[0],
+      amount: tx.payload?.functionArguments?.[1],
+      timestamp: parseInt(tx.timestamp || "0") / 1e3,
+      version: tx.version
+    }));
+  }
+  async simulateTransaction(options) {
+    const { to, amount, maxGasAmount, gasUnitPrice } = options;
+    const transaction = await this.client.transaction.build.simple({
+      sender: this.account.accountAddress,
+      data: {
+        function: "0x1::cedra_account::transfer",
+        functionArguments: [to, amount]
+      },
+      options: {
+        maxGasAmount: maxGasAmount || 2e4,
+        gasUnitPrice
+      }
+    });
+    const [res] = await this.client.transaction.simulate.simple({
+      signerPublicKey: this.account.publicKey,
+      transaction
+    });
+    return {
+      success: res.success,
+      gasUsed: res.gas_used,
+      gasUnitPrice: res.gas_unit_price,
+      totalGasCost: Number(res.gas_used) * Number(res.gas_unit_price),
+      vmStatus: res.vm_status
+    };
+  }
+  async signMessage(message) {
+    const sig = this.account.sign(new TextEncoder().encode(message));
+    return sig.toString();
+  }
+  async getAccountInfo() {
+    const info = await this.client.getAccountInfo({ accountAddress: this.account.accountAddress });
+    return {
+      address: this.getAddress(),
+      publicKey: this.getPublicKey(),
+      existsOnChain: true,
+      sequenceNumber: info.sequence_number,
+      authKey: info.authentication_key
+    };
+  }
+  async disconnect() {
+    this.account = null;
+  }
+  updateNetwork(network, rpcEndpoint) {
+    this.network = this.mapNetwork(network);
+    this.client = new tsSdk.Cedra(new tsSdk.CedraConfig({ network: this.network, fullnode: rpcEndpoint }));
+  }
+  mapNetwork(network) {
+    switch (network.toLowerCase()) {
+      case "mainnet":
+        return tsSdk.Network.MAINNET;
+      case "testnet":
+        return tsSdk.Network.TESTNET;
+      case "devnet":
+        return tsSdk.Network.DEVNET;
+      default:
+        return tsSdk.Network.TESTNET;
+    }
+  }
+  getAccount() {
+    return this.account;
+  }
+  getClient() {
+    return this.client;
+  }
+  getPrivateKeyHex() {
+    return this.privateKeyHex;
+  }
+  setKeylessConfig(config) {
+    this.keylessConfig = config;
+  }
+  isKeyless() {
+    return !!this.keylessConfig;
+  }
+};
+var GoogleAuthProvider = class {
+  constructor(config) {
+    this.clientId = config.clientId;
+    this.redirectUri = config.redirectUri;
+  }
+  /**
+   * Initiate Google OAuth login flow
+   * Opens Google Sign-In popup
+   * @param nonce Optional OIDC nonce for keyless binding
+   */
+  async login(nonce) {
+    try {
+      if (typeof window === "undefined") {
+        throw new SphereSDKError(
+          "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+          "Google OAuth requires a browser environment"
+        );
+      }
+      return new Promise((resolve, reject) => {
+        this.loadGoogleIdentityScript().then(() => {
+          const uxMode = this.redirectUri ? "redirect" : "popup";
+          if (uxMode === "redirect") {
+            const nonce2 = Math.random().toString(36).substring(2) + Date.now().toString(36);
+            const params = new URLSearchParams({
+              client_id: this.clientId,
+              redirect_uri: this.redirectUri,
+              response_type: "id_token",
+              scope: "openid email profile",
+              nonce: nonce2,
+              prompt: "select_account"
+            });
+            const authUrl = `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
+            window.location.href = authUrl;
+          } else {
+            const client = google.accounts.oauth2.initTokenClient({
+              client_id: this.clientId,
+              scope: "email profile openid",
+              nonce,
+              // Bind the ephemeral key pair via nonce
+              callback: async (tokenResponse) => {
+                if (tokenResponse.error) {
+                  reject(new SphereSDKError(
+                    "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+                    `Google login failed: ${tokenResponse.error_description || tokenResponse.error}`
+                  ));
+                  return;
+                }
+                if (tokenResponse && tokenResponse.access_token) {
+                  try {
+                    const userInfoResponse = await fetch("https://www.googleapis.com/oauth2/v3/userinfo", {
+                      headers: {
+                        "Authorization": `Bearer ${tokenResponse.access_token}`
+                      }
+                    });
+                    if (!userInfoResponse.ok) {
+                      throw new Error("Failed to fetch user info from Google");
+                    }
+                    const payload = await userInfoResponse.json();
+                    const authResponse = {
+                      idToken: tokenResponse.access_token,
+                      // Use access token
+                      email: payload.email,
+                      name: payload.name,
+                      picture: payload.picture,
+                      sub: payload.sub
+                    };
+                    resolve(authResponse);
+                  } catch (error) {
+                    reject(new SphereSDKError(
+                      "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+                      "Failed to retrieve user profile after login",
+                      error
+                    ));
+                  }
+                }
+              }
+            });
+            client.requestAccessToken();
+          }
+        }).catch(reject);
+      });
+    } catch (error) {
+      if (error instanceof SphereSDKError) {
+        throw error;
+      }
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        "Failed to initiate Google login",
+        error
+      );
+    }
+  }
+  /**
+   * Initialize Google Identity Services
+   * @param callback Credential handler
+   * @param nonce Optional OIDC nonce for binding
+   */
+  async initialize(callback, nonce) {
+    await this.loadGoogleIdentityScript();
+    google.accounts.id.initialize({
+      client_id: this.clientId,
+      callback,
+      nonce
+    });
+  }
+  /**
+   * Handle the credential response from Google
+   */
+  async handleCredentialResponse(credential) {
+    try {
+      const payload = jose.decodeJwt(credential);
+      const authResponse = {
+        idToken: credential,
+        email: payload.email,
+        name: payload.name,
+        picture: payload.picture,
+        sub: payload.sub
+      };
+      if (!authResponse.email || !authResponse.sub) {
+        throw new SphereSDKError(
+          "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+          "Invalid Google credential: missing required fields"
+        );
+      }
+      return authResponse;
+    } catch (error) {
+      if (error instanceof SphereSDKError) {
+        throw error;
+      }
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        "Failed to process Google credential",
+        error
+      );
+    }
+  }
+  /**
+   * Verify Google ID token (optional, for enhanced security)
+   * This should ideally be done server-side
+   */
+  async verifyToken(idToken) {
+    try {
+      const JWKS_URI = "https://www.googleapis.com/oauth2/v3/certs";
+      const response = await fetch(JWKS_URI);
+      const jwks = await response.json();
+      await jose.jwtVerify(idToken, async () => {
+        return jwks.keys[0];
+      });
+      return true;
+    } catch (error) {
+      console.error("Token verification failed:", error);
+      return false;
+    }
+  }
+  /**
+   * Load Google Identity Services script
+   */
+  loadGoogleIdentityScript() {
+    return new Promise((resolve, reject) => {
+      if (typeof google !== "undefined" && google.accounts) {
+        resolve();
+        return;
+      }
+      const script = document.createElement("script");
+      script.src = "https://accounts.google.com/gsi/client";
+      script.async = true;
+      script.defer = true;
+      script.onload = () => resolve();
+      script.onerror = () => reject(
+        new SphereSDKError(
+          "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+          "Failed to load Google Identity Services"
+        )
+      );
+      document.head.appendChild(script);
+    });
+  }
+  /**
+   * Sign out from Google
+   */
+  async logout() {
+    try {
+      if (typeof google !== "undefined" && google.accounts) {
+        google.accounts.id.disableAutoSelect();
+      }
+    } catch (error) {
+      console.error("Google logout error:", error);
+    }
+  }
+  /**
+   * Render Google Sign-In button
+   * @param elementId ID of the container element
+   * @param options Button customization options
+   * @param options Button customization options
+   */
+  async renderButton(elementId, options) {
+    await this.loadGoogleIdentityScript();
+    if (options?.callback) {
+      google.accounts.id.initialize({
+        client_id: this.clientId,
+        callback: options.callback,
+        nonce: options.nonce
+        // Pass nonce to button initialization
+      });
+    }
+    google.accounts.id.renderButton(document.getElementById(elementId), {
+      theme: options?.theme || "outline",
+      size: options?.size || "large",
+      text: options?.text || "signin_with",
+      shape: options?.shape || "rectangular",
+      width: options?.width
+      // Google API accepts pixels as number or string
+    });
+  }
+};
+var SecureStorage = class {
+  constructor(encryptionKey, storagePrefix = "cedra_sdk_") {
+    this.encryptionKey = encryptionKey || this.generateEncryptionKey();
+    this.storagePrefix = storagePrefix;
+  }
+  /**
+   * Get item from storage and decrypt
+   */
+  async getItem(key) {
+    try {
+      const fullKey = this.storagePrefix + key;
+      const encryptedData = localStorage.getItem(fullKey);
+      if (!encryptedData) {
+        return null;
+      }
+      const bytes = CryptoJS2__default.default.AES.decrypt(encryptedData, this.encryptionKey);
+      try {
+        const decrypted = bytes.toString(CryptoJS2__default.default.enc.Utf8);
+        if (!decrypted) return null;
+        return decrypted;
+      } catch (e) {
+        console.warn(`[SecureStorage] Failed to decrypt ${key}. Key might have changed.`);
+        return null;
+      }
+    } catch (error) {
+      console.error("Storage get error:", error);
+      return null;
+    }
+  }
+  /**
+   * Encrypt and store item
+   */
+  async setItem(key, value) {
+    try {
+      const fullKey = this.storagePrefix + key;
+      const encrypted = CryptoJS2__default.default.AES.encrypt(
+        value,
+        this.encryptionKey
+      ).toString();
+      localStorage.setItem(fullKey, encrypted);
+    } catch (error) {
+      console.error("Storage set error:", error);
+      throw new SphereSDKError(
+        "STORAGE_ERROR" /* STORAGE_ERROR */,
+        "Failed to store data",
+        error
+      );
+    }
+  }
+  /**
+   * Remove item from storage
+   */
+  async removeItem(key) {
+    try {
+      const fullKey = this.storagePrefix + key;
+      localStorage.removeItem(fullKey);
+    } catch (error) {
+      console.error("Storage remove error:", error);
+      throw new SphereSDKError(
+        "STORAGE_ERROR" /* STORAGE_ERROR */,
+        "Failed to remove data from storage",
+        error
+      );
+    }
+  }
+  /**
+   * Clear all SDK storage
+   */
+  async clear() {
+    try {
+      const keys = Object.keys(localStorage);
+      for (const key of keys) {
+        if (key.startsWith(this.storagePrefix)) {
+          localStorage.removeItem(key);
+        }
+      }
+    } catch (error) {
+      console.error("Storage clear error:", error);
+      throw new SphereSDKError(
+        "STORAGE_ERROR" /* STORAGE_ERROR */,
+        "Failed to clear storage",
+        error
+      );
+    }
+  }
+  /**
+   * Generate encryption key from browser fingerprint
+   * This provides basic encryption without requiring user input
+   * Note: Not cryptographically secure, but better than plaintext
+   */
+  generateEncryptionKey() {
+    const fingerprint = [
+      navigator.userAgent,
+      navigator.language,
+      (/* @__PURE__ */ new Date()).getTimezoneOffset(),
+      screen.width,
+      screen.height,
+      "cedra-sdk-v1"
+      // Version salt
+    ].join("|");
+    return CryptoJS2__default.default.SHA256(fingerprint).toString();
+  }
+  /**
+   * Check if storage is available
+   */
+  static isAvailable() {
+    try {
+      const test = "__storage_test__";
+      localStorage.setItem(test, test);
+      localStorage.removeItem(test);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+};
+var SessionManager = class {
+  constructor(storage, sessionDurationHours = 24) {
+    this.sessionKey = "current_session";
+    // in milliseconds
+    this.cachedSession = null;
+    this.storage = storage;
+    this.sessionDuration = sessionDurationHours * 60 * 60 * 1e3;
+  }
+  /**
+   * Get cached session data (synchronous)
+   */
+  getCachedSession() {
+    return this.cachedSession;
+  }
+  /**
+   * Save session data
+   */
+  async saveSession(data) {
+    try {
+      const sessionData = {
+        ...data,
+        expiresAt: Date.now() + this.sessionDuration
+      };
+      this.cachedSession = sessionData;
+      await this.storage.setItem(
+        this.sessionKey,
+        JSON.stringify(sessionData)
+      );
+    } catch (error) {
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        `Google authentication failed: ${error.message}`
+      );
+    }
+  }
+  /**
+   * Get current session
+   * Returns null if session doesn't exist or is expired
+   */
+  async getSession() {
+    try {
+      const sessionStr = await this.storage.getItem(this.sessionKey);
+      if (!sessionStr) {
+        return null;
+      }
+      const session = JSON.parse(sessionStr);
+      this.cachedSession = session;
+      if (Date.now() > session.expiresAt) {
+        await this.clearSession();
+        return null;
+      }
+      return session;
+    } catch (error) {
+      console.error("Failed to get session:", error);
+      return null;
+    }
+  }
+  /**
+   * Clear current session
+   */
+  async clearSession() {
+    this.cachedSession = null;
+    await this.storage.removeItem(this.sessionKey);
+  }
+  /**
+   * Check if session is valid
+   */
+  async isSessionValid() {
+    const session = await this.getSession();
+    return session !== null;
+  }
+  /**
+   * Refresh session expiration
+   */
+  async refreshSession() {
+    const session = await this.getSession();
+    if (session) {
+      await this.saveSession({
+        encryptedWallet: session.encryptedWallet,
+        userInfo: session.userInfo,
+        refreshToken: session.refreshToken
+      });
+    }
+  }
+  /**
+   * Get time until session expires (in milliseconds)
+   */
+  async getTimeUntilExpiration() {
+    const session = await this.getSession();
+    if (!session) {
+      return null;
+    }
+    const timeLeft = session.expiresAt - Date.now();
+    return timeLeft > 0 ? timeLeft : 0;
+  }
+};
+var KeyDerivation = class {
+  // 256 bits for Ed25519
+  /**
+   * Derive a private key from user ID and salt
+   * @param options Key derivation options
+   * @returns Hex-encoded private key (64 characters)
+   */
+  static derivePrivateKey(options) {
+    try {
+      const { userId, salt, iterations = this.DEFAULT_ITERATIONS } = options;
+      if (!userId || userId.length === 0) {
+        throw new SphereSDKError(
+          "KEY_DERIVATION_FAILED" /* KEY_DERIVATION_FAILED */,
+          "User ID is required for key derivation"
+        );
+      }
+      if (!salt || salt.length < 16) {
+        throw new SphereSDKError(
+          "KEY_DERIVATION_FAILED" /* KEY_DERIVATION_FAILED */,
+          "Salt must be at least 16 characters"
+        );
+      }
+      const derivedKey = CryptoJS2__default.default.PBKDF2(userId, salt, {
+        keySize: this.KEY_LENGTH / 4,
+        // CryptoJS uses 32-bit words
+        iterations,
+        hasher: CryptoJS2__default.default.algo.SHA256
+      });
+      const privateKeyHex = derivedKey.toString(CryptoJS2__default.default.enc.Hex);
+      if (privateKeyHex.length !== 64) {
+        throw new SphereSDKError(
+          "KEY_DERIVATION_FAILED" /* KEY_DERIVATION_FAILED */,
+          "Derived key has invalid length"
+        );
+      }
+      return privateKeyHex;
+    } catch (error) {
+      if (error instanceof SphereSDKError) {
+        throw error;
+      }
+      throw new SphereSDKError(
+        "KEY_DERIVATION_FAILED" /* KEY_DERIVATION_FAILED */,
+        "Failed to derive private key",
+        error
+      );
+    }
+  }
+  /**
+   * Generate a deterministic salt from app name and user email
+   * This ensures the same user gets the same wallet across devices
+   * @param appName Application name
+   * @param userEmail User's email address
+   * @returns Deterministic salt string
+   */
+  static generateDeterministicSalt(appName, userEmail) {
+    const normalizedApp = appName.trim().toLowerCase();
+    const normalizedEmail = userEmail.trim().toLowerCase();
+    const combined = `${normalizedApp}:${normalizedEmail}:sphere-wallet-v1`;
+    const hash = CryptoJS2__default.default.SHA256(combined);
+    return hash.toString(CryptoJS2__default.default.enc.Hex);
+  }
+  /**
+   * Validate a private key format
+   * @param privateKey Hex-encoded private key
+   * @returns True if valid
+   */
+  static isValidPrivateKey(privateKey) {
+    const hexRegex = /^[0-9a-fA-F]{64}$/;
+    return hexRegex.test(privateKey);
+  }
+  /**
+   * Securely clear sensitive data from memory
+   * @param data Sensitive string to clear
+   */
+  static clearSensitiveData(data) {
+    if (data) {
+      data = "0".repeat(data.length);
+    }
+  }
+  /**
+   * Generates a temporary ephemeral key pair for the session
+   * @returns A fresh Ed25519 account/keypair
+   */
+  static generateEphemeralKeyPair() {
+    return tsSdk.Account.generate();
+  }
+  /**
+   * Computes an OIDC-compliant nonce hash to bind the session key
+   * @param publicKey Ephemeral Public Key (hex or string)
+   * @param blinding A random blinding factor (hex)
+   * @param expiry Expiration timestamp (optional)
+   * @returns SHA256 hash of the nonce commitment
+   */
+  static computeNonce(publicKey, blinding, expiry = 0) {
+    const combined = `${publicKey}:${blinding}:${expiry}`;
+    const hash = CryptoJS2__default.default.SHA256(combined);
+    return hash.toString(CryptoJS2__default.default.enc.Hex);
+  }
+};
+KeyDerivation.DEFAULT_ITERATIONS = 1e5;
+KeyDerivation.KEY_LENGTH = 32;
+
+// src/core/constants.ts
+var DEFAULT_APP_NAME = "Sphere Connect";
+var DEFAULT_STORAGE_KEY = "sphere-connect-v1-secure-key";
+var SphereAccountAbstraction = class extends EventEmitter {
+  constructor(config) {
+    super();
+    this.currentWallet = null;
+    this.initialized = false;
+    this.appName = DEFAULT_APP_NAME;
+    this.storageKey = DEFAULT_STORAGE_KEY;
+    if (!config.googleClientId) {
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        "Google Client ID is required for initializing the Sphere SDK"
+      );
+    }
+    this.config = {
+      network: config.network || "testnet",
+      googleClientId: config.googleClientId,
+      rpcEndpoint: config.rpcEndpoint,
+      indexerUrl: config.indexerUrl,
+      redirectUri: config.redirectUri
+    };
+    const rpc = this.config.rpcEndpoint;
+    const cedraConfig = new tsSdk.CedraConfig({
+      network: this.config.network,
+      fullnode: rpc
+    });
+    this.cedra = new tsSdk.Cedra(cedraConfig);
+    this.authProvider = new GoogleAuthProvider({
+      clientId: this.config.googleClientId,
+      redirectUri: this.config.redirectUri
+    });
+    this.storage = new SecureStorage(this.storageKey);
+    this.sessionManager = new SessionManager(this.storage, 24);
+  }
+  async initialize() {
+    if (this.initialized) return;
+    try {
+      await this.restoreSession();
+      this.initialized = true;
+      this.emit("initialized");
+    } catch (error) {
+      console.error("Sphere SDK initialization error:", error);
+      this.initialized = true;
+    }
+  }
+  async loginWithGoogle() {
+    try {
+      if (!this.initialized) await this.initialize();
+      const googleUser = await this.authProvider.login();
+      if (!googleUser || !googleUser.sub || !googleUser.email) {
+        return null;
+      }
+      const salt = KeyDerivation.generateDeterministicSalt(this.appName, googleUser.email);
+      const privateKeyHex = KeyDerivation.derivePrivateKey({
+        userId: googleUser.sub,
+        salt,
+        iterations: 1e5
+      });
+      const wallet = new SphereWallet(
+        this.cedra,
+        privateKeyHex,
+        this.config.network,
+        this.config.rpcEndpoint,
+        this.config.indexerUrl
+      );
+      const encryptedWallet = this.encryptWalletData(privateKeyHex);
+      await this.sessionManager.saveSession({
+        encryptedWallet,
+        userInfo: {
+          email: googleUser.email,
+          name: googleUser.name,
+          picture: googleUser.picture
+        }
+      });
+      this.currentWallet = wallet;
+      this.emit("auth_success", { wallet, user: googleUser });
+      return wallet;
+    } catch (error) {
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        `Google authentication failed: ${error.message}`
+      );
+    }
+  }
+  async restoreSession() {
+    try {
+      const session = await this.sessionManager.getSession();
+      if (session && session.expiresAt > Date.now()) {
+        const privateKeyHex = this.decryptWalletData(session.encryptedWallet);
+        if (!privateKeyHex) return null;
+        const wallet = new SphereWallet(
+          this.cedra,
+          privateKeyHex,
+          this.config.network,
+          this.config.rpcEndpoint,
+          this.config.indexerUrl
+        );
+        this.currentWallet = wallet;
+        this.emit("auth_success", { wallet, method: "restored" });
+        return wallet;
+      }
+    } catch (error) {
+      console.error("Session restoration failed:", error);
+    }
+    return null;
+  }
+  async handleGoogleResponse(credential) {
+    try {
+      if (!this.initialized) await this.initialize();
+      const googleUser = await this.authProvider.handleCredentialResponse(credential);
+      const salt = KeyDerivation.generateDeterministicSalt(this.appName, googleUser.email);
+      const privateKeyHex = KeyDerivation.derivePrivateKey({
+        userId: googleUser.sub,
+        salt,
+        iterations: 1e5
+      });
+      const wallet = new SphereWallet(
+        this.cedra,
+        privateKeyHex,
+        this.config.network,
+        this.config.rpcEndpoint,
+        this.config.indexerUrl
+      );
+      const encryptedWallet = this.encryptWalletData(privateKeyHex);
+      await this.sessionManager.saveSession({
+        encryptedWallet,
+        userInfo: {
+          email: googleUser.email,
+          name: googleUser.name,
+          picture: googleUser.picture
+        }
+      });
+      this.currentWallet = wallet;
+      this.emit("auth_success", { wallet, user: googleUser });
+      return wallet;
+    } catch (error) {
+      throw new SphereSDKError(
+        "AUTHENTICATION_FAILED" /* AUTHENTICATION_FAILED */,
+        `Failed to handle Google response: ${error.message}`
+      );
+    }
+  }
+  async logout() {
+    await this.authProvider.logout();
+    await this.sessionManager.clearSession();
+    if (this.currentWallet) {
+      await this.currentWallet.disconnect();
+    }
+    this.currentWallet = null;
+    this.emit("logout");
+  }
+  isAuthenticated() {
+    return this.currentWallet !== null;
+  }
+  getCurrentWallet() {
+    return this.currentWallet;
+  }
+  getUserEmail() {
+    const session = this.sessionManager.getCachedSession();
+    return session?.userInfo.email || null;
+  }
+  getEphemeralPublicKey() {
+    return this.currentWallet?.getPublicKey() || null;
+  }
+  async updateNetwork(network, rpcEndpoint) {
+    this.config.network = network;
+    this.config.rpcEndpoint = rpcEndpoint;
+    const cedraConfig = new tsSdk.CedraConfig({
+      network,
+      fullnode: rpcEndpoint
+    });
+    this.cedra = new tsSdk.Cedra(cedraConfig);
+    if (this.currentWallet) {
+      this.currentWallet.updateNetwork(network, rpcEndpoint);
+    }
+    this.emit("network_changed", { network, rpcEndpoint });
+  }
+  getIndexerUrl() {
+    return this.config.indexerUrl;
+  }
+  // Internal helpers for encryption
+  encryptWalletData(privateKeyHex) {
+    return CryptoJS2__default.default.AES.encrypt(privateKeyHex, this.storageKey).toString();
+  }
+  decryptWalletData(encryptedData) {
+    try {
+      const bytes = CryptoJS2__default.default.AES.decrypt(encryptedData, this.storageKey);
+      return bytes.toString(CryptoJS2__default.default.enc.Utf8);
+    } catch (error) {
+      console.warn("[Sphere] Failed to decrypt wallet data");
+      return "";
+    }
+  }
+  // EventEmitter overrides to satisfy interface
+  on(event, listener) {
+    return super.on(event, listener);
+  }
+  off(event, listener) {
+    return super.off(event, listener);
+  }
+};
+var SphereContext = react.createContext(void 0);
+var SphereProvider = ({ children, config }) => {
+  const [sdk] = react.useState(() => new SphereAccountAbstraction(config));
+  const [wallet, setWallet] = react.useState(null);
+  const [walletInfo, setWalletInfo] = react.useState(null);
+  const [balance, setBalance] = react.useState(null);
+  const [email, setEmail] = react.useState(null);
+  const [isLoading, setIsLoading] = react.useState(true);
+  const [error, setError] = react.useState(null);
+  const refreshData = react.useCallback(async (activeWallet) => {
+    try {
+      const [info, bal] = await Promise.all([
+        activeWallet.getAccountInfo(),
+        activeWallet.getBalance()
+      ]);
+      setWalletInfo(info);
+      setBalance(bal);
+    } catch (err) {
+      console.error("Failed to refresh data:", err);
+    }
+  }, []);
+  react.useEffect(() => {
+    const onAuth = ({ wallet: wallet2 }) => {
+      setWallet(wallet2);
+      setEmail(sdk.getUserEmail());
+      refreshData(wallet2);
+    };
+    const onLogout = () => {
+      setWallet(null);
+      setEmail(null);
+      setWalletInfo(null);
+      setBalance(null);
+    };
+    sdk.on("auth_success", onAuth);
+    sdk.on("logout", onLogout);
+    const init = async () => {
+      try {
+        await sdk.initialize();
+        const restored = await sdk.restoreSession();
+        if (restored) {
+          setWallet(restored);
+          setEmail(sdk.getUserEmail());
+          await refreshData(restored);
+        }
+      } catch (err) {
+        console.error("SDK Init error:", err);
+        setError(err.message || "Initialization failed");
+      } finally {
+        setIsLoading(false);
+      }
+    };
+    init();
+    return () => {
+      sdk.off("auth_success", onAuth);
+      sdk.off("logout", onLogout);
+    };
+  }, [sdk, refreshData]);
+  react.useEffect(() => {
+    if (!wallet) return void 0;
+    const pollInterval = setInterval(() => {
+      refreshData(wallet);
+    }, 1e4);
+    return () => clearInterval(pollInterval);
+  }, [wallet, refreshData]);
+  const handleAuthSuccess = react.useCallback(async (newWallet) => {
+    setWallet(newWallet);
+    await refreshData(newWallet);
+  }, [refreshData]);
+  const login = async () => {
+    setError(null);
+    try {
+      await sdk.loginWithGoogle();
+    } catch (err) {
+      console.error("Sphere Login Error:", err);
+      setError(err.message || "Login failed");
+      throw err;
+    }
+  };
+  const logout = async () => {
+    try {
+      await sdk.logout();
+    } catch (err) {
+      setError(err.message || "Logout failed");
+      throw err;
+    }
+  };
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    SphereContext.Provider,
+    {
+      value: {
+        sdk,
+        wallet,
+        walletInfo,
+        balance,
+        email,
+        indexerUrl: sdk.getIndexerUrl(),
+        isAuthenticated: !!wallet,
+        isLoading,
+        error,
+        login,
+        logout,
+        setIsLoading,
+        refreshData: async () => {
+          if (wallet) await refreshData(wallet);
+        },
+        handleAuthSuccess
+      },
+      children
+    }
+  );
+};
+var useSphere = () => {
+  const context = react.useContext(SphereContext);
+  if (context === void 0) {
+    throw new Error("useSphere must be used within a SphereProvider");
+  }
+  return context;
+};
+var SphereModal = ({ isOpen, onClose }) => {
+  const { login, isAuthenticated, isLoading, error } = useSphere();
+  const [localLoading, setLocalLoading] = react.useState(false);
+  react.useEffect(() => {
+    if (isAuthenticated) {
+      onClose();
+    }
+  }, [isAuthenticated, onClose]);
+  const handleLogin = async () => {
+    try {
+      setLocalLoading(true);
+      await login();
+    } catch (err) {
+      console.error("Sphere Login Error:", err);
+    } finally {
+      setLocalLoading(false);
+    }
+  };
+  if (!isOpen) return null;
+  return /* @__PURE__ */ jsxRuntime.jsx("div", { style: styles.overlay, onClick: (e) => e.target === e.currentTarget && onClose(), children: /* @__PURE__ */ jsxRuntime.jsxs("div", { style: styles.modal, children: [
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { style: styles.header, children: [
+      /* @__PURE__ */ jsxRuntime.jsx("div", { style: { width: 32 } }),
+      " ",
+      /* @__PURE__ */ jsxRuntime.jsx("button", { style: styles.closeBtn, onClick: onClose, "aria-label": "Close", children: "\xD7" })
+    ] }),
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { style: styles.content, children: [
+      /* @__PURE__ */ jsxRuntime.jsx("h2", { style: styles.title, children: "Connect to Sphere" }),
+      /* @__PURE__ */ jsxRuntime.jsx("p", { style: styles.description, children: "Experience the next generation of account abstraction. Secure, fast, and effortless." }),
+      error && /* @__PURE__ */ jsxRuntime.jsx("div", { style: styles.errorBanner, children: error }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { style: styles.actionContainer, children: /* @__PURE__ */ jsxRuntime.jsxs(
+        "button",
+        {
+          style: {
+            ...styles.customButton,
+            opacity: isLoading || localLoading ? 0.7 : 1,
+            cursor: isLoading || localLoading ? "not-allowed" : "pointer"
+          },
+          onClick: handleLogin,
+          disabled: isLoading || localLoading,
+          children: [
+            isLoading || localLoading ? /* @__PURE__ */ jsxRuntime.jsx("div", { style: styles.spinner }) : /* @__PURE__ */ jsxRuntime.jsx(
+              "img",
+              {
+                src: "https://www.gstatic.com/images/branding/product/1x/gsa_512dp.png",
+                alt: "Google",
+                style: styles.googleIcon
+              }
+            ),
+            isLoading || localLoading ? "Connecting..." : "Continue with Google"
+          ]
+        }
+      ) }),
+      /* @__PURE__ */ jsxRuntime.jsx("style", { children: `
+                        @keyframes sphere-spin {
+                            0% { transform: rotate(0deg); }
+                            100% { transform: rotate(360deg); }
+                        }
+                    ` }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { style: styles.footer, children: [
+        "Securely powered by ",
+        /* @__PURE__ */ jsxRuntime.jsx("strong", { children: "Sphere SDK" })
+      ] })
+    ] })
+  ] }) });
+};
+var styles = {
+  overlay: {
+    position: "fixed",
+    top: 0,
+    left: 0,
+    right: 0,
+    bottom: 0,
+    backgroundColor: "transparent",
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    zIndex: 9999,
+    padding: "20px"
+  },
+  modal: {
+    backgroundColor: "#0c0c0c",
+    color: "#ffffff",
+    width: "90%",
+    maxWidth: "400px",
+    aspectRatio: "1/1",
+    borderRadius: "0",
+    position: "relative",
+    boxShadow: "0 0 0 1px #222, 0 25px 60px rgba(0, 0, 0, 0.7)",
+    overflow: "hidden",
+    fontFamily: "Inter, -apple-system, system-ui, sans-serif",
+    display: "flex",
+    flexDirection: "column"
+  },
+  header: {
+    display: "flex",
+    justifyContent: "space-between",
+    alignItems: "center",
+    padding: "24px 24px 0 24px"
+  },
+  closeBtn: {
+    background: "rgba(255, 255, 255, 0.05)",
+    border: "none",
+    color: "#888",
+    fontSize: "24px",
+    cursor: "pointer",
+    lineHeight: 1,
+    width: "32px",
+    height: "32px",
+    borderRadius: "50%",
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    transition: "all 0.2s"
+  },
+  content: {
+    display: "flex",
+    flexDirection: "column",
+    padding: "20px",
+    alignItems: "center",
+    flex: 1,
+    justifyContent: "center",
+    width: "100%",
+    boxSizing: "border-box"
+  },
+  title: {
+    fontSize: "1.5rem",
+    fontWeight: "700",
+    color: "#ffffff",
+    textAlign: "center",
+    marginBottom: "10px",
+    margin: 0
+  },
+  description: {
+    fontSize: "0.7rem",
+    color: "#94a3b8",
+    textAlign: "center",
+    lineHeight: "1.5",
+    marginBottom: "32px",
+    margin: 0
+  },
+  errorBanner: {
+    backgroundColor: "rgba(239, 68, 68, 0.1)",
+    border: "1px solid rgba(239, 68, 68, 0.2)",
+    color: "#f87171",
+    padding: "12px 16px",
+    borderRadius: "16px",
+    fontSize: "13px",
+    marginBottom: "24px",
+    textAlign: "center",
+    width: "100%"
+  },
+  actionContainer: {
+    display: "flex",
+    flexDirection: "column",
+    width: "100%"
+  },
+  customButton: {
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    gap: "12px",
+    width: "100%",
+    height: "52px",
+    backgroundColor: "#0c0c0c",
+    border: "1px solid #333",
+    borderRadius: "0",
+    cursor: "pointer",
+    fontSize: "15px",
+    fontWeight: "600",
+    color: "#ffffff",
+    transition: "transform 0.1s, opacity 0.2s",
+    boxSizing: "border-box"
+  },
+  googleIcon: {
+    width: "20px",
+    height: "20px"
+  },
+  spinner: {
+    width: "20px",
+    height: "20px",
+    border: "2px solid rgba(255, 255, 255, 0.1)",
+    borderTop: "2px solid #ffffff",
+    borderRadius: "50%",
+    animation: "sphere-spin 0.8s linear infinite"
+  },
+  footer: {
+    marginTop: "32px",
+    textAlign: "center",
+    fontSize: "11px",
+    color: "#475569",
+    letterSpacing: "0.5px"
+  }
+};
+
+Object.defineProperty(exports, "Account", {
+  enumerable: true,
+  get: function () { return tsSdk.Account; }
+});
+Object.defineProperty(exports, "Cedra", {
+  enumerable: true,
+  get: function () { return tsSdk.Cedra; }
+});
+Object.defineProperty(exports, "CedraConfig", {
+  enumerable: true,
+  get: function () { return tsSdk.CedraConfig; }
+});
+Object.defineProperty(exports, "CedraNetwork", {
+  enumerable: true,
+  get: function () { return tsSdk.Network; }
+});
+Object.defineProperty(exports, "Ed25519PrivateKey", {
+  enumerable: true,
+  get: function () { return tsSdk.Ed25519PrivateKey; }
+});
+Object.defineProperty(exports, "PrivateKey", {
+  enumerable: true,
+  get: function () { return tsSdk.PrivateKey; }
+});
+Object.defineProperty(exports, "PrivateKeyVariants", {
+  enumerable: true,
+  get: function () { return tsSdk.PrivateKeyVariants; }
+});
+exports.ErrorCode = ErrorCode;
+exports.GoogleAuthProvider = GoogleAuthProvider;
+exports.KeyDerivation = KeyDerivation;
+exports.SecureStorage = SecureStorage;
+exports.SessionManager = SessionManager;
+exports.SphereAccountAbstraction = SphereAccountAbstraction;
+exports.SphereModal = SphereModal;
+exports.SphereProvider = SphereProvider;
+exports.SphereSDKError = SphereSDKError;
+exports.SphereWallet = SphereWallet;
+exports.useSphere = useSphere;
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map