tkhq · amircheikh · Sep 19, 2025 · Sep 19, 2025
diff --git a/.changeset/plenty-waves-check.md b/.changeset/plenty-waves-check.md
@@ -0,0 +1,9 @@
+---
+"@turnkey/sdk-browser": patch
+"@turnkey/sdk-server": patch
+"@turnkey/sdk-types": patch
+"@turnkey/core": patch
+"@turnkey/http": patch
+---
+
+- Synced api with mono
diff --git a/.changeset/polite-candles-lick.md b/.changeset/polite-candles-lick.md
@@ -0,0 +1,5 @@
+---
+"@turnkey/react-wallet-kit": patch
+---
+
+- otpLength and alphanumeric settings now properly apply from dashboard
diff --git a/packages/core/src/__generated__/sdk-client-base.ts b/packages/core/src/__generated__/sdk-client-base.ts
diff --git a/packages/core/src/__inputs__/auth_proxy.swagger.json b/packages/core/src/__inputs__/auth_proxy.swagger.json
@@ -490,6 +490,12 @@
           "type": "string",
           "description": "OAuth redirect URL to be used for social login flows.",
           "title": "OAuth Redirect URL"
+        },
+        "otpAlphanumeric": {
+          "type": "boolean"
+        },
+        "otpLength": {
+          "type": "string"
         }
       },
       "required": [
@@ -582,6 +588,10 @@
         "invalidateExisting": {
           "type": "boolean",
           "description": "Invalidate all other previously generated Login API keys"
+        },
+        "organizationId": {
+          "type": "string",
+          "description": "Unique identifier for a given Organization. If provided, this organization id will be used directly. If omitted, uses the OIDC token to look up the associated organization id."
         }
       },
       "required": ["oidcToken", "publicKey"]
@@ -628,6 +638,14 @@
         "invalidateExisting": {
           "type": "boolean",
           "description": "Invalidate all other previously generated Login API keys"
+        },
+        "organizationId": {
+          "type": "string",
+          "description": "Unique identifier for a given Organization. If provided, this organization id will be used directly. If omitted, uses the verification token to look up the verified sub-organization based on the contact and verification type."
+        },
+        "clientSignature": {
+          "type": "string",
+          "description": "Optional signature associated with the public key passed into the verification step. This must be a hex-encoded ECDSA signature over the verification token. Only required if a public key was provided during the verification step."
         }
       },
       "required": ["verificationToken", "publicKey"]
@@ -703,9 +721,19 @@
       "properties": {
         "organizationId": {
           "type": "string"
+        },
+        "wallet": {
+          "$ref": "#/definitions/v1WalletResult",
+          "description": "Wallet created for the sub-organization, if provided in the request",
+          "title": "Wallet"
+        },
+        "userId": {
+          "type": "string",
+          "description": "Root user ID created for this sub-organization",
+          "title": "User ID"
         }
       },
-      "required": ["organizationId"]
+      "required": ["organizationId", "userId"]
     },
     "v1VerifyOtpRequest": {
       "type": "object",
@@ -717,6 +745,10 @@
         "otpCode": {
           "type": "string",
           "description": "OTP sent out to a user's contact (email or SMS)"
+        },
+        "publicKey": {
+          "type": "string",
+          "description": "Client-side public key generated by the user, which will be added to the JWT response and verified in subsequent requests via a client proof signature"
         }
       },
       "required": ["otpId", "otpCode"]
@@ -775,6 +807,22 @@
         }
       },
       "required": ["walletName", "accounts"]
+    },
+    "v1WalletResult": {
+      "type": "object",
+      "properties": {
+        "walletId": {
+          "type": "string"
+        },
+        "addresses": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "A list of account addresses."
+        }
+      },
+      "required": ["walletId", "addresses"]
     }
   }
 }
diff --git a/packages/core/src/__inputs__/public_api.swagger.json b/packages/core/src/__inputs__/public_api.swagger.json
@@ -708,6 +708,38 @@
         "tags": ["Activities"]
       }
     },
+    "/public/v1/query/list_app_proofs": {
+      "post": {
+        "summary": "List app proofs for an activity",
+        "description": "List the app proofs for the given activity.",
+        "operationId": "PublicApiService_GetAppProofs",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/v1GetAppProofsResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/rpcStatus"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/v1GetAppProofsRequest"
+            }
+          }
+        ],
+        "tags": ["App Proof"]
+      }
+    },
     "/public/v1/query/list_oauth2_credentials": {
       "post": {
         "summary": "List OAuth 2.0 Credentials",
@@ -3709,6 +3741,14 @@
           },
           "description": "A list of objects representing a particular User's approval or rejection of a Consensus request, including all relevant metadata."
         },
+        "appProofs": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1AppProof"
+          },
+          "description": "A list of app proofs generated by enclaves during activity execution, providing verifiable attestations of performed operations."
+        },
         "fingerprint": {
           "type": "string",
           "description": "An artifact verifying a User's action."
@@ -4007,6 +4047,28 @@
       },
       "required": ["userName", "userTags", "apiKeys"]
     },
+    "v1AppProof": {
+      "type": "object",
+      "properties": {
+        "scheme": {
+          "$ref": "#/definitions/v1SignatureScheme",
+          "description": "Scheme of signing key."
+        },
+        "publicKey": {
+          "type": "string",
+          "description": "Ephemeral public key."
+        },
+        "proofPayload": {
+          "type": "string",
+          "description": "JSON serialized AppProofPayload."
+        },
+        "signature": {
+          "type": "string",
+          "description": "Signature over hashed proof_payload."
+        }
+      },
+      "required": ["scheme", "publicKey", "proofPayload", "signature"]
+    },
     "v1ApproveActivityIntent": {
       "type": "object",
       "properties": {
@@ -7023,6 +7085,33 @@
       },
       "required": ["apiKeys"]
     },
+    "v1GetAppProofsRequest": {
+      "type": "object",
+      "properties": {
+        "organizationId": {
+          "type": "string",
+          "description": "Unique identifier for a given Organization."
+        },
+        "activityId": {
+          "type": "string",
+          "description": "Unique identifier for a given activity."
+        }
+      },
+      "required": ["organizationId", "activityId"]
+    },
+    "v1GetAppProofsResponse": {
+      "type": "object",
+      "properties": {
+        "appProofs": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1AppProof"
+          }
+        }
+      },
+      "required": ["appProofs"]
+    },
     "v1GetAttestationDocumentRequest": {
       "type": "object",
       "properties": {
@@ -9189,6 +9278,10 @@
         "invalidateExisting": {
           "type": "boolean",
           "description": "Invalidate all other previously generated Login API keys"
+        },
+        "clientSignature": {
+          "type": "string",
+          "description": "Optional signature associated with the public key passed into the verification step. This must be a hex-encoded ECDSA signature over the verification token. Only required if a public key was provided during the verification step."
         }
       },
       "required": ["verificationToken", "publicKey"]
@@ -10267,6 +10360,10 @@
       },
       "required": ["signedTransaction"]
     },
+    "v1SignatureScheme": {
+      "type": "string",
+      "enum": ["SIGNATURE_SCHEME_EPHEMERAL_KEY_P256"]
+    },
     "v1SimpleClientExtensionResults": {
       "type": "object",
       "properties": {
@@ -11328,6 +11425,10 @@
         "expirationSeconds": {
           "type": "string",
           "description": "Expiration window (in seconds) indicating how long the verification token is valid for. If not provided, a default of 1 hour will be used. Maximum value is 86400 seconds (24 hours)"
+        },
+        "publicKey": {
+          "type": "string",
+          "description": "Client-side public key generated by the user, which will be added to the JWT response and verified in subsequent requests via a client proof signature"
         }
       },
       "required": ["otpId", "otpCode"]