chalabi/fix passwordless

packages/docs/pages/integrating-wallets/web3auth.mdx

@@ -1,7 +1,5 @@
 # How to Add Web3Auth Wallet to CosmosKit
 
-> ### Note! This package is still on progress. it doesn't work on mobile yet and it's pretty vulnerable to XSS attacks.
-
 There is one package for web3auth
 
 - `@cosmos-kit/web3auth`

wallets/web3auth/package.json

@@ -60,12 +60,12 @@
     "@cosmos-kit/core": "^2.15.0",
     "@solana/web3.js": "^1.77.3",
     "@toruslabs/eccrypto": "^2.1.1",
-    "@web3auth/base": "^7.2.1",
-    "@web3auth/base-provider": "^7.2.1",
-    "@web3auth/ethereum-provider": "^7.2.1",
-    "@web3auth/no-modal": "^7.2.1",
-    "@web3auth/openlogin-adapter": "^7.2.1",
-    "@web3auth/solana-provider": "^7.2.1",
+    "@web3auth/base": "^8.12.4",
+    "@web3auth/base-provider": "^8.12.4",
+    "@web3auth/ethereum-provider": "^8.12.4",
+    "@web3auth/no-modal": "^8.12.4",
+    "@web3auth/openlogin-adapter": "^8.12.4",
+    "@web3auth/solana-provider": "^8.12.4",
     "ethereum-cryptography": "^2.1.2",
     "url": "^0.11.1"
   },

wallets/web3auth/src/extension/client.ts

@@ -5,6 +5,7 @@ import { DappEnv, WalletClient } from '@cosmos-kit/core';
 import { makeADR36AminoSignDoc } from '@keplr-wallet/cosmos';
 import eccrypto from '@toruslabs/eccrypto';
 import { UserInfo } from '@web3auth/base';
+import { LOGIN_PROVIDER } from '@web3auth/openlogin-adapter';
 
 import { Web3AuthSigner } from './signer';
 import { Web3AuthClientOptions } from './types';
@@ -34,6 +35,8 @@ export class Web3AuthClient implements WalletClient {
 
   ready = false;
 
+  #loginHint?: string;
+
   constructor(
     env: DappEnv,
     options: Web3AuthClientOptions,
@@ -44,11 +47,29 @@ export class Web3AuthClient implements WalletClient {
     this.getChain = getChain;
   }
 
+  setLoginHint(hint: string) {
+    this.#loginHint = hint;
+  }
+
+  getLoginHint() {
+    return this.#loginHint;
+  }
+
   async ensureSetup(): Promise<void> {
     if (this.ready) {
       return;
     }
 
+    if (
+      (this.#options?.loginProvider === LOGIN_PROVIDER.EMAIL_PASSWORDLESS ||
+        this.#options?.loginProvider === LOGIN_PROVIDER.SMS_PASSWORDLESS) &&
+      this.#options.loginHint === undefined
+    ) {
+      throw new Error(
+        'Login hint is required for email/sms passwordless login'
+      );
+    }
+
     if (!this.#options) {
       throw new Error('Web3Auth client not initialized');
     }
@@ -60,7 +81,10 @@ export class Web3AuthClient implements WalletClient {
     // provider will be destroyed by the garbage collector, hopefully ASAP.
     const { client, provider } = await connectClientAndProvider(
       this.env.device === 'mobile',
-      this.#options
+      {
+        ...this.#options,
+        getLoginHint: () => this.#loginHint,
+      }
     );
 
     // Get connected user info.

wallets/web3auth/src/extension/main-wallet.ts

@@ -93,4 +93,10 @@ export class Web3AuthWallet extends MainWalletBase {
       this.initClientError(error);
     }
   }
+
+  setLoginHint(hint: string) {
+    if (this.client instanceof Web3AuthClient) {
+      this.client.setLoginHint(hint);
+    }
+  }
 }

wallets/web3auth/src/extension/signer.ts

@@ -46,7 +46,7 @@ export class Web3AuthSigner implements OfflineDirectSigner, OfflineAminoSigner {
         type: 'request_accounts',
         payload: {
           id,
-          chainBech32Prefix: this.chain.bech32_prefix,
+          chainBech32Prefix: this.chain.bech32_prefix || '',
         },
       },
       async (data) => {
@@ -100,7 +100,7 @@ export class Web3AuthSigner implements OfflineDirectSigner, OfflineAminoSigner {
       payload: {
         id,
         signerAddress,
-        chainBech32Prefix: this.chain.bech32_prefix,
+        chainBech32Prefix: this.chain.bech32_prefix || '',
         data: signData,
       },
       signature: new Uint8Array(),
@@ -166,7 +166,7 @@ export class Web3AuthSigner implements OfflineDirectSigner, OfflineAminoSigner {
       payload: {
         id,
         signerAddress,
-        chainBech32Prefix: this.chain.bech32_prefix,
+        chainBech32Prefix: this.chain.bech32_prefix || '',
         data: signData,
       },
       signature: new Uint8Array(),

wallets/web3auth/src/extension/types.ts

@@ -2,7 +2,7 @@ import { AminoSignResponse, StdSignDoc } from '@cosmjs/amino';
 import { AccountData, DirectSignResponse } from '@cosmjs/proto-signing';
 import { Wallet } from '@cosmos-kit/core';
 import { Ecies } from '@toruslabs/eccrypto';
-import { Web3AuthNoModalOptions } from '@web3auth/no-modal';
+import { Web3AuthNoModalOptions } from '@web3auth/base';
 import {
   LOGIN_PROVIDER_TYPE,
   OPENLOGIN_NETWORK_TYPE,
@@ -19,6 +19,8 @@ export type Web3AuthLoginMethod = {
 
 export type Web3AuthClientOptions = {
   loginProvider: LOGIN_PROVIDER_TYPE;
+  loginHint?: string;
+  getLoginHint?: () => string | undefined;
 
   // Web3Auth client options.
   client: {

wallets/web3auth/src/extension/utils.ts

@@ -49,7 +49,6 @@ export const listenOnce = (
     try {
       remove = await callback(data);
     } catch (error) {
-      console.error(error);
       remove = true;
     }
 
@@ -118,12 +117,7 @@ export const hashObject = (object: any) => {
 export const connectClientAndProvider = async (
   isMobile: boolean,
   options: Web3AuthClientOptions,
-  {
-    // If no login provider already connected (cached), don't attempt to login
-    // by showing the popup auth flow. This is useful for connecting just to
-    // logout of the session, not prompting to login if already logged out.
-    dontAttemptLogin = false,
-  } = {}
+  { dontAttemptLogin = false } = {}
 ): Promise<{
   client: Web3AuthNoModal;
   provider: SafeEventEmitterProvider | null;
@@ -132,7 +126,6 @@ export const connectClientAndProvider = async (
     chainId: 'other',
     rpcTarget: 'other',
     displayName: 'other',
-    blockExplorer: 'other',
     ticker: 'other',
     tickerName: 'other',
     ...options.client.chainConfig,
@@ -177,23 +170,12 @@ export const connectClientAndProvider = async (
 
   let provider = client.connected ? client.provider : null;
   if (!client.connected && !dontAttemptLogin) {
-    try {
-      provider = await client.connectTo(WALLET_ADAPTERS.OPENLOGIN, {
-        loginProvider: options.loginProvider,
-      } as OpenloginLoginParams);
-    } catch (err) {
-      // Unnecessary error thrown during redirect, so log and ignore it.
-      if (
-        usingRedirect &&
-        err instanceof Error &&
-        err.message.includes('null')
-      ) {
-        console.error(err);
-      } else {
-        // Rethrow all other relevant errors.
-        throw err;
-      }
-    }
+    const loginHint = options.getLoginHint?.();
+
+    provider = await client.connectTo(WALLET_ADAPTERS.OPENLOGIN, {
+      loginProvider: options.loginProvider,
+      login_hint: loginHint,
+    } as OpenloginLoginParams);
   }
 
   if (usingRedirect) {
@@ -211,8 +193,5 @@ export const connectClientAndProvider = async (
     }
   }
 
-  return {
-    client,
-    provider,
-  };
+  return { client, provider };
 };