Add a way to reset 2fa when using a backup code (#911)

patrislav · web-flow · commit ec60b5bb6ca6 · 2025-11-04T17:45:00.000+01:00
* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props
diff --git a/packages/services/guard/src/client/guard.gen.ts b/packages/services/guard/src/client/guard.gen.ts
@@ -1,22 +1,22 @@
 /* eslint-disable */
-// sequence-guard v0.4.0 b62e755c3f81d6b5a8e7462abc063a57a744cdef
+// sequence-guard v0.5.0 910e01c32ffb24b42386d4ca6be119b0acc55c5f
 // --
 // Code generated by webrpc-gen@v0.25.3 with typescript generator. DO NOT EDIT.
 //
 // webrpc-gen -schema=guard.ridl -target=typescript -client -out=./clients/guard.gen.ts
 
 export const WebrpcHeader = 'Webrpc'
 
-export const WebrpcHeaderValue = 'webrpc@v0.25.3;gen-typescript@v0.17.0;sequence-guard@v0.4.0'
+export const WebrpcHeaderValue = 'webrpc@v0.25.3;gen-typescript@v0.17.0;sequence-guard@v0.5.0'
 
 // WebRPC description and code-gen version
 export const WebRPCVersion = 'v1'
 
 // Schema version of your RIDL schema
-export const WebRPCSchemaVersion = 'v0.4.0'
+export const WebRPCSchemaVersion = 'v0.5.0'
 
 // Schema hash generated from your RIDL schema
-export const WebRPCSchemaHash = 'b62e755c3f81d6b5a8e7462abc063a57a744cdef'
+export const WebRPCSchemaHash = '910e01c32ffb24b42386d4ca6be119b0acc55c5f'
 
 type WebrpcGenVersions = {
   webrpcGenVersion: string
@@ -131,6 +131,7 @@ export interface OwnershipProof {
 export interface AuthToken {
   id: string
   token: string
+  resetAuth?: boolean
 }
 
 export interface RecoveryCode {
diff --git a/packages/wallet/core/src/signers/guard.ts b/packages/wallet/core/src/signers/guard.ts
@@ -3,9 +3,10 @@ import { Attestation, Payload } from '@0xsequence/wallet-primitives'
 import * as GuardService from '@0xsequence/guard'
 import * as Envelope from '../envelope.js'
 
-type GuardToken = {
+export type GuardToken = {
   id: 'TOTP' | 'PIN' | 'recovery'
   code: string
+  resetAuth?: boolean
 }
 
 export class Guard {
@@ -36,7 +37,7 @@ export class Guard {
       digest,
       message,
       previousSignatures,
-      token ? { id: token.id, token: token.code } : undefined,
+      token ? { id: token.id, token: token.code, resetAuth: token.resetAuth } : undefined,
     )
     return {
       address: this.guard.address,
diff --git a/packages/wallet/wdk/src/sequence/handlers/guard.ts b/packages/wallet/wdk/src/sequence/handlers/guard.ts
@@ -1,11 +1,12 @@
 import { Address, Hex } from 'ox'
 import * as Guard from '@0xsequence/guard'
+import { Signers } from '@0xsequence/wallet-core'
 import { Handler } from './handler.js'
 import { BaseSignatureRequest, SignerUnavailable, SignerReady, SignerActionable, Kinds } from '../types/index.js'
 import { Signatures } from '../signatures.js'
 import { Guards } from '../guards.js'
 
-type RespondFn = (id: 'TOTP' | 'PIN' | 'recovery', code: string) => Promise<void>
+type RespondFn = (token: Signers.GuardToken) => Promise<void>
 
 export type PromptCodeHandler = (
   request: BaseSignatureRequest,
@@ -94,9 +95,9 @@ export class GuardHandler implements Handler {
             resolve(true)
           } catch (e) {
             if (e instanceof Guard.AuthRequiredError) {
-              const respond: RespondFn = async (id, code) => {
+              const respond: RespondFn = async (token) => {
                 try {
-                  const signature = await guard.signEnvelope(request.envelope, { id, code })
+                  const signature = await guard.signEnvelope(request.envelope, token)
                   await this.signatures.addSignature(request.id, signature)
                   resolve(true)
                 } catch (e) {
