3.0.0-beta.12 by Dargon789 · Pull Request #265 · Dargon789/sequence.js

Dargon789 · 2026-02-03T18:59:38Z

Summary by Sourcery

Add new userdata service APIs for wallet preferences, signers, sessions, contacts, watched wallets, discover data, and token favorites, introduce caching of recently signed calls in the dapp client to avoid redundant signing, and publish the 3.0.0-beta.12 patch release with updated versions and changelogs across wallet and services packages.

New Features:

Expose new userdata client methods and schema types for managing wallet preferences, signers, sessions, contacts, watched wallets, discover favorites and history, and token favorites.

Enhancements:

Add short-lived caching of the last signed call in ChainSessionManager to reuse identical call signatures when relaying transactions.
Update package versions and changelogs across services, wallet, and utility packages for the 3.0.0-beta.12 beta release with dapp connector fixes.

Build:

Add changeset entries to drive 3.0.0-beta.12 patch version bumps across multiple packages.

…ked pop up

codesandbox · 2026-02-03T18:59:42Z

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

bolt-new-by-stackblitz · 2026-02-03T18:59:42Z

Run & review this pull request in StackBlitz Codeflow.

vercel · 2026-02-03T18:59:45Z

@taylanpince is attempting to deploy a commit to the Foundry development Team on Vercel.

A member of the Team first needs to authorize it.

sourcery-ai · 2026-02-03T18:59:45Z

Reviewer's Guide

Adds new userdata service RPC methods and types, introduces caching of recently signed calls in the dapp ChainSessionManager to avoid redundant signing, and bumps multiple packages to 3.0.0-beta.12 with corresponding changelog and changeset updates for a beta release with dapp connector fixes.

Sequence diagram for ChainSessionManager cached signed call reuse on relay

sequenceDiagram
  actor Dapp
  participant ChainSessionManager
  participant Relayer

  Dapp->>ChainSessionManager: sendTransaction(transactions)
  ChainSessionManager->>ChainSessionManager: build callsToSend from transactions
  ChainSessionManager->>ChainSessionManager: cached = _getCachedSignedCall(callsToSend)
  alt cache hit and not expired
    ChainSessionManager-->>ChainSessionManager: use cached.signedCall
  else cache miss or expired or fingerprint mismatch
    ChainSessionManager->>ChainSessionManager: signedCalls = _buildAndSignCalls(callsToSend)
    ChainSessionManager->>ChainSessionManager: fingerprint = _fingerprintCalls(callsToSend)
    ChainSessionManager->>ChainSessionManager: lastSignedCallCache = { fingerprint, signedCall, createdAtMs }
  end
  ChainSessionManager->>Relayer: relay(signedCalls.to, signedCalls.data, chainId)
  Relayer-->>ChainSessionManager: hash
  ChainSessionManager->>Relayer: waitForTransactionReceipt(hash.opHash, chainId)
  Relayer-->>ChainSessionManager: status
  ChainSessionManager-->>Dapp: transaction result based on status

ER diagram for wallet userdata entities introduced in userdata service

erDiagram
  Wallet {
    string address PK
    number ecosystem
    string updatedAt
    string createdAt
  }

  WalletPreferences {
    string walletAddress FK
    boolean manualSigning
    boolean hideUnlistedTokens
    boolean includeTestnets
    string currency
  }

  WalletSigner {
    string walletAddress FK
    string signerAddress
    string kind
    string email
    string updatedAt
    string createdAt
  }

  Session {
    string walletAddress FK
    string sessionAddress
    string appUrl
    string updatedAt
    string createdAt
  }

  Contact {
    string walletAddress FK
    string contactAddress
    string nickname
    string updatedAt
    string createdAt
  }

  WatchedWallet {
    string walletAddress FK
    string watchedAddress
    string nickname
    string updatedAt
    string createdAt
  }

  DiscoverFavorite {
    string walletAddress FK
    int id
    string dappId
    string createdAt
  }

  DiscoverHistory {
    string walletAddress FK
    int id
    string dappId
    string accessedAt
  }

  TokenFavorite {
    string walletAddress FK
    int id
    string chainId
    string contractAddress
    string tokenId
    string createdAt
  }

  Wallet ||--|| WalletPreferences : has
  Wallet ||--o{ WalletSigner : has
  Wallet ||--o{ Session : has
  Wallet ||--o{ Contact : has
  Wallet ||--o{ WatchedWallet : has
  Wallet ||--o{ DiscoverFavorite : has
  Wallet ||--o{ DiscoverHistory : has
  Wallet ||--o{ TokenFavorite : has

Class diagram for new userdata service RPC types and client

classDiagram
  class UserDataClient {
    <<interface>>
    +getCapabilities(headers, signal) GetCapabilitiesResponse
    +getAccessToken(req, headers, signal) GetAccessTokenResponse
    +getIdentityToken(req, headers, signal) GetIdentityTokenResponse
    +getWalletPreferences(req, headers, signal) GetWalletPreferencesResponse
    +putWalletPreferences(req, headers, signal) PutWalletPreferencesResponse
    +listWalletSigners(req, headers, signal) ListWalletSignersResponse
    +putWalletSigner(req, headers, signal) PutWalletSignerResponse
    +deleteWalletSigner(req, headers, signal) DeleteWalletSignerResponse
    +listSessions(req, headers, signal) ListSessionsResponse
    +putSession(req, headers, signal) PutSessionResponse
    +deleteSession(req, headers, signal) DeleteSessionResponse
    +listContacts(req, headers, signal) ListContactsResponse
    +putContact(req, headers, signal) PutContactResponse
    +deleteContact(req, headers, signal) DeleteContactResponse
    +listWatchedWallets(req, headers, signal) ListWatchedWalletsResponse
    +putWatchedWallet(req, headers, signal) PutWatchedWalletResponse
    +deleteWatchedWallet(req, headers, signal) DeleteWatchedWalletResponse
    +listDiscoverFavorites(req, headers, signal) ListDiscoverFavoritesResponse
    +putDiscoverFavorite(req, headers, signal) PutDiscoverFavoriteResponse
    +deleteDiscoverFavorite(req, headers, signal) DeleteDiscoverFavoriteResponse
    +listDiscoverHistory(req, headers, signal) ListDiscoverHistoryResponse
    +putDiscoverHistory(req, headers, signal) PutDiscoverHistoryResponse
    +deleteDiscoverHistory(req, headers, signal) DeleteDiscoverHistoryResponse
    +listTokenFavorites(req, headers, signal) ListTokenFavoritesResponse
    +putTokenFavorite(req, headers, signal) PutTokenFavoriteResponse
    +deleteTokenFavorite(req, headers, signal) DeleteTokenFavoriteResponse
  }

  class UserData {
    -fetch
    -url
    +getCapabilities(headers, signal) GetCapabilitiesResponse
    +getAccessToken(req, headers, signal) GetAccessTokenResponse
    +getIdentityToken(req, headers, signal) GetIdentityTokenResponse
    +getWalletPreferences(req, headers, signal) GetWalletPreferencesResponse
    +putWalletPreferences(req, headers, signal) PutWalletPreferencesResponse
    +listWalletSigners(req, headers, signal) ListWalletSignersResponse
    +putWalletSigner(req, headers, signal) PutWalletSignerResponse
    +deleteWalletSigner(req, headers, signal) DeleteWalletSignerResponse
    +listSessions(req, headers, signal) ListSessionsResponse
    +putSession(req, headers, signal) PutSessionResponse
    +deleteSession(req, headers, signal) DeleteSessionResponse
    +listContacts(req, headers, signal) ListContactsResponse
    +putContact(req, headers, signal) PutContactResponse
    +deleteContact(req, headers, signal) DeleteContactResponse
    +listWatchedWallets(req, headers, signal) ListWatchedWalletsResponse
    +putWatchedWallet(req, headers, signal) PutWatchedWalletResponse
    +deleteWatchedWallet(req, headers, signal) DeleteWatchedWalletResponse
    +listDiscoverFavorites(req, headers, signal) ListDiscoverFavoritesResponse
    +putDiscoverFavorite(req, headers, signal) PutDiscoverFavoriteResponse
    +deleteDiscoverFavorite(req, headers, signal) DeleteDiscoverFavoriteResponse
    +listDiscoverHistory(req, headers, signal) ListDiscoverHistoryResponse
    +putDiscoverHistory(req, headers, signal) PutDiscoverHistoryResponse
    +deleteDiscoverHistory(req, headers, signal) DeleteDiscoverHistoryResponse
    +listTokenFavorites(req, headers, signal) ListTokenFavoritesResponse
    +putTokenFavorite(req, headers, signal) PutTokenFavoriteResponse
    +deleteTokenFavorite(req, headers, signal) DeleteTokenFavoriteResponse
  }

  UserDataClient <|.. UserData

  class Wallet {
    +string address
    +number ecosystem
    +WalletPreferences preferences
    +string updatedAt
    +string createdAt
  }

  class WalletPreferences {
    +boolean manualSigning
    +boolean hideUnlistedTokens
    +boolean includeTestnets
    +string currency
  }

  class WalletSigner {
    +string walletAddress
    +string signerAddress
    +string kind
    +string email
    +string updatedAt
    +string createdAt
  }

  class WalletSignerProps {
    +string address
    +string kind
    +string email
  }

  class Session {
    +string walletAddress
    +string sessionAddress
    +string appUrl
    +string updatedAt
    +string createdAt
  }

  class SessionProps {
    +string address
    +string appUrl
  }

  class Contact {
    +string walletAddress
    +string contactAddress
    +string nickname
    +string updatedAt
    +string createdAt
  }

  class ContactProps {
    +string address
    +string nickname
  }

  class WatchedWallet {
    +string walletAddress
    +string watchedAddress
    +string nickname
    +string updatedAt
    +string createdAt
  }

  class WatchedWalletProps {
    +string watchedAddress
    +string nickname
  }

  class DiscoverFavorite {
    +string walletAddress
    +number id
    +string dappId
    +string createdAt
  }

  class DiscoverHistory {
    +string walletAddress
    +number id
    +string dappId
    +string accessedAt
  }

  class DiscoverProps {
    +string dappId
  }

  class TokenFavorite {
    +string walletAddress
    +number id
    +string chainId
    +string contractAddress
    +string tokenId
    +string createdAt
  }

  class TokenFavoriteProps {
    +string chainId
    +string contractAddress
    +string tokenId
  }

  class GetWalletPreferencesRequest {
    +string wallet
  }

  class GetWalletPreferencesResponse {
    +WalletPreferences preferences
  }

  class PutWalletPreferencesRequest {
    +string wallet
    +WalletPreferences preferences
  }

  class PutWalletPreferencesResponse {
  }

  class ListWalletSignersRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListWalletSignersResponse {
    +WalletSigner[] signers
    +string nextCursor
  }

  class PutWalletSignerRequest {
    +string wallet
    +WalletSignerProps signer
  }

  class PutWalletSignerResponse {
    +WalletSigner signer
  }

  class DeleteWalletSignerRequest {
    +string wallet
    +string signer
  }

  class DeleteWalletSignerResponse {
  }

  class ListSessionsRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListSessionsResponse {
    +Session[] sessions
    +string nextCursor
  }

  class PutSessionRequest {
    +string wallet
    +SessionProps session
  }

  class PutSessionResponse {
    +Session session
  }

  class DeleteSessionRequest {
    +string wallet
    +string session
  }

  class DeleteSessionResponse {
  }

  class ListContactsRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListContactsResponse {
    +Contact[] contacts
    +string nextCursor
  }

  class PutContactRequest {
    +string wallet
    +ContactProps contact
  }

  class PutContactResponse {
    +Contact contact
  }

  class DeleteContactRequest {
    +string wallet
    +string contact
  }

  class DeleteContactResponse {
  }

  class ListWatchedWalletsRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListWatchedWalletsResponse {
    +WatchedWallet[] watchedWallets
    +string nextCursor
  }

  class PutWatchedWalletRequest {
    +string wallet
    +WatchedWalletProps watchedWallet
  }

  class PutWatchedWalletResponse {
    +WatchedWallet watchedWallet
  }

  class DeleteWatchedWalletRequest {
    +string wallet
    +string watchedWallet
  }

  class DeleteWatchedWalletResponse {
  }

  class ListDiscoverFavoritesRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListDiscoverFavoritesResponse {
    +DiscoverFavorite[] favorites
    +string nextCursor
  }

  class PutDiscoverFavoriteRequest {
    +string wallet
    +DiscoverProps favorite
  }

  class PutDiscoverFavoriteResponse {
    +DiscoverFavorite favorite
  }

  class DeleteDiscoverFavoriteRequest {
    +string wallet
    +number id
  }

  class DeleteDiscoverFavoriteResponse {
  }

  class ListDiscoverHistoryRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListDiscoverHistoryResponse {
    +DiscoverHistory[] history
    +string nextCursor
  }

  class PutDiscoverHistoryRequest {
    +string wallet
    +DiscoverProps history
  }

  class PutDiscoverHistoryResponse {
    +DiscoverHistory history
  }

  class DeleteDiscoverHistoryRequest {
    +string wallet
    +number id
  }

  class DeleteDiscoverHistoryResponse {
  }

  class ListTokenFavoritesRequest {
    +string wallet
    +number pageSize
    +string cursor
  }

  class ListTokenFavoritesResponse {
    +TokenFavorite[] favorites
    +string nextCursor
  }

  class PutTokenFavoriteRequest {
    +string wallet
    +TokenFavoriteProps favorite
  }

  class PutTokenFavoriteResponse {
    +TokenFavorite favorite
  }

  class DeleteTokenFavoriteRequest {
    +string wallet
    +number id
  }

  class DeleteTokenFavoriteResponse {
  }

  UserData --> GetWalletPreferencesRequest
  UserData --> GetWalletPreferencesResponse
  UserData --> PutWalletPreferencesRequest
  UserData --> PutWalletPreferencesResponse
  UserData --> ListWalletSignersRequest
  UserData --> ListWalletSignersResponse
  UserData --> PutWalletSignerRequest
  UserData --> PutWalletSignerResponse
  UserData --> DeleteWalletSignerRequest
  UserData --> DeleteWalletSignerResponse
  UserData --> ListSessionsRequest
  UserData --> ListSessionsResponse
  UserData --> PutSessionRequest
  UserData --> PutSessionResponse
  UserData --> DeleteSessionRequest
  UserData --> DeleteSessionResponse
  UserData --> ListContactsRequest
  UserData --> ListContactsResponse
  UserData --> PutContactRequest
  UserData --> PutContactResponse
  UserData --> DeleteContactRequest
  UserData --> DeleteContactResponse
  UserData --> ListWatchedWalletsRequest
  UserData --> ListWatchedWalletsResponse
  UserData --> PutWatchedWalletRequest
  UserData --> PutWatchedWalletResponse
  UserData --> DeleteWatchedWalletRequest
  UserData --> DeleteWatchedWalletResponse
  UserData --> ListDiscoverFavoritesRequest
  UserData --> ListDiscoverFavoritesResponse
  UserData --> PutDiscoverFavoriteRequest
  UserData --> PutDiscoverFavoriteResponse
  UserData --> DeleteDiscoverFavoriteRequest
  UserData --> DeleteDiscoverFavoriteResponse
  UserData --> ListDiscoverHistoryRequest
  UserData --> ListDiscoverHistoryResponse
  UserData --> PutDiscoverHistoryRequest
  UserData --> PutDiscoverHistoryResponse
  UserData --> DeleteDiscoverHistoryRequest
  UserData --> DeleteDiscoverHistoryResponse
  UserData --> ListTokenFavoritesRequest
  UserData --> ListTokenFavoritesResponse
  UserData --> PutTokenFavoriteRequest
  UserData --> PutTokenFavoriteResponse
  UserData --> DeleteTokenFavoriteRequest
  UserData --> DeleteTokenFavoriteResponse

  Wallet --> WalletPreferences

File-Level Changes

Change	Details	Files
Expand userdata WebRPC schema, client interface, and TypeScript types to support wallet preferences, signers, sessions, contacts, watched wallets, discover data, and token favorites.	Update generated schema metadata hash to match new RIDL schema Extend UserDataClient with CRUD-style methods for wallet preferences, wallet signers, sessions, contacts, watched wallets, discover favorites/history, and token favorites Introduce new schema types and props (Version, RuntimeStatus, WalletPreferences, WalletSigner, Contact, WatchedWallet, DiscoverFavorite/History, TokenFavorite, and related *Props interfaces) Define request/response interfaces for the new RPC methods Add corresponding UserData class methods that encode requests, call fetch with appropriate method names, and decode responses	`packages/services/userdata/src/userdata.gen.ts`
Optimize dapp-client transaction handling by caching the last signed call and reusing it when identical calls are sent shortly after, while simplifying permission error handling.	Add lastSignedCallCache state to ChainSessionManager to store fingerprinted calls, signed payload, and creation timestamp Remove special-case retry logic for expired signer errors in hasPermission, now treating signer resolution failures as permission failures Cache signed calls in getTransactionsFeeOptions using a call fingerprint, with a short TTL, before querying relayer fee options Reuse cached signed call in sendTransact when the call set matches the cached fingerprint, otherwise rebuild and sign Implement _getCachedSignedCall with TTL-based invalidation and fingerprint equality check Implement _fingerprintCalls to JSON-stringify normalized call fields (to, value, data, gasLimit, delegateCall, onlyFallback, behaviorOnError) with error handling	`packages/wallet/dapp-client/src/ChainSessionManager.ts`
Publish 3.0.0-beta.12 across core, wallet, services, and utils packages with notes about dapp connector fixes and dependency bumps.	Add 3.0.0-beta.11 and 3.0.0-beta.12 entries to multiple package CHANGELOGs describing beta and dapp connector fixes Bump package.json versions for services, wallet, and abi-related packages from 3.0.0-beta.10 to 3.0.0-beta.12 Add new changeset files describing patch releases for all affected packages (3.0.0 beta and beta.12 with dapp connector fixes)	`packages/wallet/wdk/CHANGELOG.md` `packages/wallet/dapp-client/CHANGELOG.md` `packages/wallet/core/CHANGELOG.md` `packages/services/relayer/CHANGELOG.md` `packages/services/api/CHANGELOG.md` `packages/services/builder/CHANGELOG.md` `packages/services/guard/CHANGELOG.md` `packages/services/identity-instrument/CHANGELOG.md` `packages/services/indexer/CHANGELOG.md` `packages/services/marketplace/CHANGELOG.md` `packages/services/metadata/CHANGELOG.md` `packages/services/userdata/CHANGELOG.md` `packages/utils/abi/CHANGELOG.md` `packages/wallet/primitives/CHANGELOG.md` `packages/services/api/package.json` `packages/services/builder/package.json` `packages/services/guard/package.json` `packages/services/identity-instrument/package.json` `packages/services/indexer/package.json` `packages/services/marketplace/package.json` `packages/services/metadata/package.json` `packages/services/relayer/package.json` `packages/services/userdata/package.json` `packages/utils/abi/package.json` `packages/wallet/core/package.json` `packages/wallet/dapp-client/package.json` `packages/wallet/primitives/package.json` `packages/wallet/wdk/package.json` `.changeset/bright-pots-hope.md` `.changeset/free-tips-switch.md`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

gemini-code-assist · 2026-02-03T19:00:19Z

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request marks the release of version 3.0.0-beta.12 for the @0xsequence package ecosystem. The update delivers general enhancements for dapp connectors, a substantial expansion of the user data service API to support more comprehensive wallet and user-specific data management, and an optimization within the dapp client to cache signed calls, which will reduce unnecessary transaction signing.

Highlights

Version Bump: All @0xsequence packages have been updated to version 3.0.0-beta.12, reflecting a new beta release.
Dapp Connector Fixes: This release includes general fixes and improvements related to dapp connectors across various packages.
Expanded User Data Service: The userdata service has been significantly enhanced with new RPC methods and data structures to manage wallet preferences, signers, sessions, contacts, watched wallets, and user-specific favorites and history for discover and tokens.
Dapp Client Optimization: The ChainSessionManager in the dapp-client now incorporates a caching mechanism for signed calls, preventing redundant signing operations for identical calls within a 30-second window, thereby improving efficiency.

Changelog

.changeset/bright-pots-hope.md
- Added a new changeset file indicating 'Beta release with dapp connector fixes'.
.changeset/free-tips-switch.md
- Added a new changeset file indicating '3.0.0 beta'.
.changeset/pre.json
- Updated initial versions of @0xsequence packages from 3.0.0-beta.9 to 3.0.0-beta.11.
- Added new changeset entries for 'bright-pots-hope' and 'free-tips-switch'.
packages/services/api/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/api/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/builder/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/builder/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/guard/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/guard/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/identity-instrument/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/identity-instrument/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/indexer/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/indexer/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/marketplace/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/marketplace/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/metadata/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/metadata/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/relayer/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes', updated wallet-primitives dependency).
- Added changelog entries for 3.0.0-beta.11 ('3.0.0 beta', updated wallet-primitives dependency).
packages/services/relayer/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/userdata/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/services/userdata/package.json
- Version bumped to 3.0.0-beta.12.
packages/services/userdata/src/userdata.gen.ts
- Updated WebrpcSchemaHash to reflect schema changes.
- Expanded UserDataClient interface with new RPC methods for managing wallet preferences, signers, sessions, contacts, watched wallets, discover favorites/history, and token favorites.
- Introduced new schema types including Version, RuntimeStatus, WalletPreferences, Contact, WatchedWallet, DiscoverFavorite, DiscoverHistory, and TokenFavorite.
- Modified existing schema types Wallet and WalletSigner to include additional fields and make ecosystem optional in Wallet.
- Implemented the newly added RPC methods within the UserData class.
packages/utils/abi/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/utils/abi/package.json
- Version bumped to 3.0.0-beta.12.
packages/wallet/core/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes', updated dependencies).
- Added changelog entries for 3.0.0-beta.11 ('3.0.0 beta', updated dependencies).
packages/wallet/core/package.json
- Version bumped to 3.0.0-beta.12.
packages/wallet/dapp-client/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes', updated dependencies).
- Added changelog entries for 3.0.0-beta.11 ('3.0.0 beta', updated dependencies).
packages/wallet/dapp-client/package.json
- Version bumped to 3.0.0-beta.12.
packages/wallet/dapp-client/src/ChainSessionManager.ts
- Removed previous logic for retrying permission checks when a signer is expired.
- Introduced lastSignedCallCache to store a signed call and its fingerprint for a short duration.
- Added _getCachedSignedCall method to retrieve a cached signed call if it matches the current calls and is within a 30-second time-to-live (TTL).
- Implemented _fingerprintCalls to generate a consistent string representation of call arrays for caching and comparison.
packages/wallet/primitives/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes') and 3.0.0-beta.11 ('3.0.0 beta').
packages/wallet/primitives/package.json
- Version bumped to 3.0.0-beta.12.
packages/wallet/wdk/CHANGELOG.md
- Added changelog entries for 3.0.0-beta.12 ('Beta release with dapp connector fixes', updated dependencies).
- Added changelog entries for 3.0.0-beta.11 ('3.0.0 beta', updated dependencies).
packages/wallet/wdk/package.json
- Version bumped to 3.0.0-beta.12.

Activity

No human activity (comments, reviews) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

vercel · 2026-02-03T19:00:30Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
sequence.js	Canceled		Feb 3, 2026 7:01pm

sourcery-ai

Hey - I've left some high level feedback:

Consider clearing lastSignedCallCache in lifecycle methods that materially change authentication/authorization context (e.g. clearSessions, logout, wallet change) so that cached signatures cannot be accidentally reused across different sessions or users.
The removal of the expired-signer auto-refresh logic in hasPermission changes behavior for expired signers; if this is intentional, it may be worth centralizing the refresh behavior elsewhere to keep permission checks resilient without duplicating logic.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Consider clearing `lastSignedCallCache` in lifecycle methods that materially change authentication/authorization context (e.g. `clearSessions`, logout, wallet change) so that cached signatures cannot be accidentally reused across different sessions or users.
- The removal of the expired-signer auto-refresh logic in `hasPermission` changes behavior for expired signers; if this is intentional, it may be worth centralizing the refresh behavior elsewhere to keep permission checks resilient without duplicating logic.

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

snyk-io · 2026-02-03T19:02:19Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

gemini-code-assist

Code Review

This pull request primarily focuses on releasing version 3.0.0-beta.12, introducing new APIs to the userdata service for managing wallet preferences, signers, and sessions, and enhancing the dapp-client with a caching mechanism for recently signed calls to prevent redundant signing operations. However, a critical security vulnerability was identified where the cache is not properly invalidated during session resets, which could lead to cross-session transaction reuse on shared devices. Additionally, a potential regression was noted due to the removal of session auto-refresh logic, which might impact user experience with expired sessions. A minor maintainability improvement opportunity regarding a hardcoded value was also identified.

I am having trouble creating individual review comments. Click here to see my feedback.

packages/wallet/dapp-client/src/ChainSessionManager.ts (814-826)

The logic to automatically refresh an expired session and retry the permission check within hasPermission has been removed. This appears to be a potential regression, as it could lead to failures for users with expired sessions, where previously the system would attempt to recover gracefully. Was this removal intentional? If not, please consider restoring this functionality to maintain a smoother user experience.

packages/wallet/dapp-client/src/ChainSessionManager.ts (1109)

The cache TTL is hardcoded as 30_000. This magic number should be extracted into a named constant to improve readability and maintainability.

Consider defining it as a static class member:

private static readonly LAST_SIGNED_CALL_CACHE_TTL_MS = 30_000;

And then use it in the method:

if (Date.now() - this.lastSignedCallCache.createdAtMs > ChainSessionManager.LAST_SIGNED_CALL_CACHE_TTL_MS) {
  // ...
}

* Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (0xsequence#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (0xsequence#885) * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (0xsequence#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (0xsequence#921) * Remove publish-dists.yml github action (0xsequence#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (0xsequence#926) * Add support for custom auth providers (authcode & authcode-pkce only) (0xsequence#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (0xsequence#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (0xsequence#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (0xsequence#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (0xsequence#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (0xsequence#933) * Add rc5 and set it as default (0xsequence#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (0xsequence#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (0xsequence#940) * Skip LocalDevice identity signers not on current device (0xsequence#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9, reversing changes made to cba7894. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (0xsequence#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (0xsequence#947) * Include repo and extras in syncpack config to ensure deps are synced (0xsequence#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (0xsequence#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 3.0.0-beta.12 (#265) * feat(dapp-client): cache signed calls from fee options * Add new userdata client (0xsequence#954) * Fix build error * 3.0.0-beta.10 * fix(dapp-client): remove _refreshExplicitSession use that causes blocked pop up * 3.0.0-beta.12 --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> * fix: extras/web/package.json to reduce vulnerabilities (#264) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#263) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * 3.0.0 --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>

* Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (0xsequence#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (0xsequence#885) * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (0xsequence#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (0xsequence#921) * Remove publish-dists.yml github action (0xsequence#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (0xsequence#926) * Add support for custom auth providers (authcode & authcode-pkce only) (0xsequence#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (0xsequence#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (0xsequence#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (0xsequence#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (0xsequence#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (0xsequence#933) * Add rc5 and set it as default (0xsequence#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (0xsequence#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (0xsequence#940) * Skip LocalDevice identity signers not on current device (0xsequence#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9, reversing changes made to cba7894. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (0xsequence#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (0xsequence#947) * Include repo and extras in syncpack config to ensure deps are synced (0xsequence#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (0xsequence#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 3.0.0-beta.12 (#265) * feat(dapp-client): cache signed calls from fee options * Add new userdata client (0xsequence#954) * Fix build error * 3.0.0-beta.10 * fix(dapp-client): remove _refreshExplicitSession use that causes blocked pop up * 3.0.0-beta.12 --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> * fix: extras/web/package.json to reduce vulnerabilities (#264) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#263) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 107: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (0xsequence#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (0xsequence#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (0xsequence#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (0xsequence#885) * add getFeeTokens to dapp client (0xsequence#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (0xsequence#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (0xsequence#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (0xsequence#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (0xsequence#896) * Refactor relayer package & update dependant packages (0xsequence#891) * refactor exports for relayer (0xsequence#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (0xsequence#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (0xsequence#906) * Pass request to PromptCodeHandler in guard registerUI (0xsequence#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (0xsequence#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (0xsequence#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (0xsequence#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (0xsequence#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (0xsequence#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (0xsequence#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (0xsequence#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (0xsequence#921) * Remove publish-dists.yml github action (0xsequence#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (0xsequence#926) * Add support for custom auth providers (authcode & authcode-pkce only) (0xsequence#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (0xsequence#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (0xsequence#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (0xsequence#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (0xsequence#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (0xsequence#933) * Add rc5 and set it as default (0xsequence#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (0xsequence#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (0xsequence#940) * Skip LocalDevice identity signers not on current device (0xsequence#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9, reversing changes made to cba7894. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (0xsequence#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (0xsequence#947) * Include repo and extras in syncpack config to ensure deps are synced (0xsequence#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (0xsequence#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 3.0.0-beta.12 (#265) * feat(dapp-client): cache signed calls from fee options * Add new userdata client (0xsequence#954) * Fix build error * 3.0.0-beta.10 * fix(dapp-client): remove _refreshExplicitSession use that causes blocked pop up * 3.0.0-beta.12 --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> * fix: extras/web/package.json to reduce vulnerabilities (#264) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#263) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>

* Updating DefaultGuest address * Update tests.yml (#51) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update tests.yml (#52) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update tests.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update tests.yml (#55) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update tests.yml (#56) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update tests.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * 0xsequence/sequence.js/master (#166) * Pin foundry to v1.5.0 instead of nightly (0xsequence#947) (#134) * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Riley <corbanbrook@gmail.com> Co-authored-by: Agusx1211 <agusgit@pm.me> * Update packages/wallet/wdk/test/wallets.test.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/wdk/test/wallets.test.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Riley <corbanbrook@gmail.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#438) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 3.0.0-beta.12 (#265) * feat(dapp-client): cache signed calls from fee options * Add new userdata client (#954) * Fix build error * 3.0.0-beta.10 * fix(dapp-client): remove _refreshExplicitSession use that causes blocked pop up * 3.0.0-beta.12 --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> * fix: extras/web/package.json to reduce vulnerabilities (#264) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#263) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 107: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Master ceb95d4 (#449) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 3.0.0-beta.12 (#265) * feat(dapp-client): cache signed calls from fee options * Add new userdata client (#954) * Fix build error * 3.0.0-beta.10 * fix(dapp-client): remove _refreshExplicitSession use that causes blocked pop up * 3.0.0-beta.12 --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> * fix: extras/web/package.json to reduce vulnerabilities (#264) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#263) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15104645 - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 107: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: Ahmet Buğra Yiğiter <yigiterahmetbugra@gmail.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#428) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 - https://snyk.io/vuln/SNYK-JS-NEXT-15674556 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * V3 dapp (#460) Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com> * Pin foundry to v1.5.0 instead of nightly (0xsequence#947) (#134) (#466) * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Riley <corbanbrook@gmail.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com> * Delete packages/wallet-contracts directory (#471) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#427) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-15105315 - https://snyk.io/vuln/SNYK-JS-NEXT-15674556 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 4 directories with 11 updates (#476) Bumps the npm_and_yarn group with 2 updates in the / directory: [next](https://github.com/vercel/next.js) and [uuid](https://github.com/uuidjs/uuid). Bumps the npm_and_yarn group with 4 updates in the /lib/signals-implicit-mode/lib/sequence-v3/lib/account-abstraction directory: [flatted](https://github.com/WebReflection/flatted), [handlebars](https://github.com/handlebars-lang/handlebars.js), [picomatch](https://github.com/micromatch/picomatch) and [follow-redirects](https://github.com/follow-redirects/follow-redirects). Bumps the npm_and_yarn group with 6 updates in the /lib/signals-implicit-mode/lib/sequence-v3/lib/openzeppelin-contracts directory: | Package | From | To | | --- | --- | --- | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.1.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `5.0.4` | `5.0.5` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` | | [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` | | [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` | | [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` | | [axios](https://github.com/axios/axios) | `1.7.4` | `1.15.2` | Bumps the npm_and_yarn group with 6 updates in the /packages/wallet/wallet-contracts directory: | Package | From | To | | --- | --- | --- | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.1.0` | | [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` | | [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` | | [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` | | [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.2.5` | `5.7.1` | Updates `next` from 15.5.14 to 15.5.15 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.14...v15.5.15) Updates `uuid` from 13.0.0 to 14.0.0 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0) Updates `basic-ftp` from 5.0.5 to 5.3.0 - [Release notes](https://github.com/patrickjuchli/basic-ftp/releases) - [Changelog](https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md) - [Commits](https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.0) Updates `brace-expansion` from 1.1.12 to 1.1.14 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14) Updates `flatted` from 3.3.3 to 3.4.2 - [Commits](https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2) Updates `lodash` from 4.17.21 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1) Updates `picomatch` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) Updates `flatted` from 3.2.9 to 3.4.2 - [Commits](https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2) Updates `handlebars` from 4.7.8 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9) Updates `picomatch` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) Updates `follow-redirects` from 1.15.3 to 1.16.0 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.3...v1.16.0) Updates `brace-expansion` from 1.1.11 to 1.1.14 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14) Updates `brace-expansion` from 2.0.2 to 2.1.0 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14) Updates `brace-expansion` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14) Updates `brace-expansion` from 2.0.1 to 2.1.0 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14) Updates `flatted` from 3.3.1 to 3.4.2 - [Commits](https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2) Updates `handlebars` from 4.7.8 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9) Updates `lodash` from 4.17.23 to 4.18.1 - [Release notes](https://git…

tolgahan-arikan and others added 6 commits January 29, 2026 17:16

feat(dapp-client): cache signed calls from fee options

549871b

Add new userdata client (#954)

11b3bb4

Fix build error

1a060ea

3.0.0-beta.10

30e1f1a

fix(dapp-client): remove _refreshExplicitSession use that causes bloc…

fc6d552

…ked pop up

3.0.0-beta.12

3411232

vercel Bot temporarily deployed to Preview – sequence.js February 3, 2026 19:00 Inactive

sourcery-ai Bot reviewed Feb 3, 2026

View reviewed changes

gemini-code-assist Bot reviewed Feb 3, 2026

View reviewed changes

Dargon789 merged commit 4cd4165 into Dargon789:master-ceb95d4 Feb 3, 2026
8 of 12 checks passed

Dargon789 mentioned this pull request Feb 3, 2026

# Sequence diagram for ChainSessionManager cached signed call reuse on relay #266

Open

This was linked to issues Feb 3, 2026

[vc]: #clean-circleci-directory-#267 #268

Open

ChainSessionManager signed call caching and relay #277

Open

Dargon789 added this to web3-Defi-Gamefi Feb 9, 2026

github-project-automation Bot moved this to Todo in web3-Defi-Gamefi Feb 9, 2026

github-project-automation Bot moved this from Todo to Done in web3-Defi-Gamefi Feb 9, 2026

Dargon789 mentioned this pull request May 2, 2026

Master (#497) #511

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

3.0.0-beta.12#265

3.0.0-beta.12#265
Dargon789 merged 6 commits into
Dargon789:master-ceb95d4from
0xsequence:master

Dargon789 commented Feb 3, 2026 •

edited by sourcery-ai Bot

Loading

Uh oh!

codesandbox Bot commented Feb 3, 2026

Uh oh!

bolt-new-by-stackblitz Bot commented Feb 3, 2026

Uh oh!

vercel Bot commented Feb 3, 2026

Uh oh!

sourcery-ai Bot commented Feb 3, 2026 •

edited

Loading

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

gemini-code-assist Bot commented Feb 3, 2026

Uh oh!

vercel Bot commented Feb 3, 2026 •

edited

Loading

Uh oh!

sourcery-ai Bot left a comment

Uh oh!

snyk-io Bot commented Feb 3, 2026

Uh oh!

gemini-code-assist Bot left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

Dargon789 commented Feb 3, 2026 • edited by sourcery-ai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary by Sourcery

Uh oh!

codesandbox Bot commented Feb 3, 2026

Review or Edit in CodeSandbox

Uh oh!

bolt-new-by-stackblitz Bot commented Feb 3, 2026

Uh oh!

vercel Bot commented Feb 3, 2026

Uh oh!

sourcery-ai Bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Reviewer's Guide

Sequence diagram for ChainSessionManager cached signed call reuse on relay

ER diagram for wallet userdata entities introduced in userdata service

Class diagram for new userdata service RPC types and client

File-Level Changes

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

gemini-code-assist Bot commented Feb 3, 2026

Summary of Changes

Highlights

Footnotes

Uh oh!

vercel Bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

sourcery-ai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

snyk-io Bot commented Feb 3, 2026

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

Code Review

packages/wallet/dapp-client/src/ChainSessionManager.ts (814-826)

packages/wallet/dapp-client/src/ChainSessionManager.ts (1109)

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Dargon789 commented Feb 3, 2026 •

edited by sourcery-ai Bot

Loading

sourcery-ai Bot commented Feb 3, 2026 •

edited

Loading

vercel Bot commented Feb 3, 2026 •

edited

Loading