Upload 54 files

src/.claude/settings.local.json

@@ -0,0 +1,23 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(uv sync:*)",
+      "Bash(uv list:*)",
+      "Bash(uv pip:*)",
+      "Bash(uv run:*)",
+      "Bash(timeout 10s uv run streamlit run:*)",
+      "Bash(pip show:*)",
+      "Bash(pip install:*)",
+      "WebFetch(domain:github.com)",
+      "WebFetch(domain:api.aptos.dev)",
+      "WebFetch(domain:aptos.dev)",
+      "Bash(if [ -f \"/Volumes/N/1p/1p-wallet/requirements.txt\" ])",
+      "Bash(else echo \"File does not exist\")",
+      "Bash(fi)",
+      "Bash(find:*)",
+      "Bash(pkill:*)"
+    ],
+    "deny": [],
+    "ask": []
+  }
+}

src/.gitignore

@@ -0,0 +1,77 @@
+Sure! Here's an example of an ignore file (`.gitignore`) for a Python project, including the `.env` file:
+
+```
+# Ignore Python virtual environment files
+venv/
+ENV/
+bin/
+lib/
+share/
+include/
+pyvenv.cfg
+.venv
+
+# Ignore compiled Python files
+*.pyc
+*.pyo
+__pycache__/
+
+# Ignore environment-specific settings
+.env
+
+# Ignore editor files and directories
+.vscode/
+.idea/
+.run/
+
+# Ignore logs
+*.log
+
+# Ignore cache and temporary files
+*.cache/
+*.swp
+*.swo
+*~
+
+# Ignore package build files
+dist/
+build/
+*.egg-info/
+
+# Ignore database files
+*.db
+
+# Ignore compiled extensions
+*.so
+
+# Ignore system-specific files
+.DS_Store
+Thumbs.db
+
+# Jupyter Notebook
+.ipynb_checkpoints/
+etc/
+flagged/
+
+# pdf
+*.pdf
+You can modify this file as per your specific requirements.
+
+# Audio Buffer obj
+<_io.BytesIO object at*
+*.mp3
+
+.env.*
+
+*.sav
+
+#*.zip
+
+/samples/sample_v3/linear-regression.ipynb.html
+/samples/vehicle_solution/vehicle-dataset.html
+/log.html
+/output.xml
+/report.html
+/selenium-screenshot*.png
+
+tests/reports

src/.python-version

@@ -0,0 +1 @@
+3.13

src/.run/run.run.xml

@@ -0,0 +1,29 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="run" type="PythonConfigurationType" factoryName="Python">
+    <module name="timeout-user.streamlit.app" />
+    <option name="INTERPRETER_OPTIONS" value="-m streamlit run" />
+    <option name="PARENT_ENVS" value="true" />
+    <envs>
+      <env name="PYTHONUNBUFFERED" value="1" />
+    </envs>
+    <option name="SDK_HOME" value="" />
+    <option name="SDK_NAME" value="py311" />
+    <option name="WORKING_DIRECTORY" value="" />
+    <option name="IS_MODULE_SDK" value="false" />
+    <option name="ADD_CONTENT_ROOTS" value="true" />
+    <option name="ADD_SOURCE_ROOTS" value="true" />
+    <EXTENSION ID="PythonCoverageRunConfigurationExtension" runner="coverage.py" />
+    <EXTENSION ID="com.fapiko.jetbrains.plugins.better_direnv.runconfigs.PycharmRunConfigurationExtension">
+      <option name="DIRENV_ENABLED" value="false" />
+      <option name="DIRENV_TRUSTED" value="false" />
+    </EXTENSION>
+    <option name="SCRIPT_NAME" value="app.py" />
+    <option name="PARAMETERS" value="" />
+    <option name="SHOW_COMMAND_LINE" value="false" />
+    <option name="EMULATE_TERMINAL" value="false" />
+    <option name="MODULE_MODE" value="false" />
+    <option name="REDIRECT_INPUT" value="false" />
+    <option name="INPUT_FILE" value="" />
+    <method v="2" />
+  </configuration>
+</component>

src/.streamlit/config.toml

@@ -0,0 +1,40 @@
+# doc: https://docs.streamlit.io/library/advanced-features/theming
+
+[server]
+folderWatchBlacklist = [".idea", ".run"]
+runOnSave = true
+port = 8502
+cookieSecret = "a-random-key-appears-here"  # consider setting via an environment variable for production
+baseUrlPath = ""
+enableCORS = true
+enableXsrfProtection = false
+maxUploadSize = 1024                       # mb
+maxMessageSize = 200                       # mb
+enableWebsocketCompression = false
+
+enableStaticServing = true
+# served in ./static :=/app/static/filename.jpg
+
+[theme]
+primaryColor = "#fff"
+backgroundColor = "#000000"
+secondaryBackgroundColor = "#252B48"
+textColor = "#ffffff"
+font = "sans serif"
+
+[browser]
+serverAddress = "localhost"
+gatherUsageStats = true
+serverPort = 8502
+
+[mapbox]
+# Mapbox token: prefer setting the MAPBOX_API_KEY environment variable
+# or passing api_keys to pydeck. The token field is deprecated and will be
+# removed in future Streamlit versions.
+# token = ""
+
+# Removed deprecated/invalid options: Streamlit no longer recognizes several
+# of the [deprecation] and [runner] options. If you need similar behavior,
+# manage it from code or environment variables. Keeping this file minimal
+# avoids runtime warnings about invalid config keys.
+# avoids runtime warnings about invalid config keys.

src/Dockerfile

@@ -0,0 +1,27 @@
+FROM python:3.13.5-slim
+
+WORKDIR /app
+
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    curl \
+    git \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install uv (from Astral's official installation script)
+RUN curl -LsSf https://astral.sh/uv/install.sh | sh
+
+# Add uv to PATH (uv installs under ~/.local/bin by default)
+ENV PATH="/root/.local/bin:${PATH}"
+
+COPY requirements.txt ./
+COPY . .
+
+# Install dependencies with uv
+RUN uv pip install .
+
+EXPOSE 8501
+
+HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health
+
+ENTRYPOINT ["streamlit", "run", "src/streamlit_app.py", "--server.port=8501", "--server.address=0.0.0.0"]

src/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Hiro
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

src/Makefile

@@ -0,0 +1,5 @@
+setup:
+    uv pip install .
+
+run:
+	uv run streamlit run app.py

src/Readme.md

@@ -0,0 +1,40 @@
+# 1P Wallet
+
+A Streamlit app implementing a 2FA-like visual authentication for Aptos wallets.
+
+Quick start (dev/testnet):
+
+1. Create a virtualenv and install deps:
+
+```bash
+python -m venv .venv
+source .venv/bin/activate
+pip install -r requirements.txt
+```
+
+2. Set required environment variables (for full functionality):
+
+```bash
+export APTOS_ACCOUNT=0x...       # system wallet address
+export APTOS_PRIVATE_KEY=...     # system wallet private key (hex)
+```
+
+3. Run the app:
+
+```bash
+streamlit run app.py
+```
+
+Notes:
+
+- This project is for demonstration. Do not use the provided scripts in production without proper key management.
+- Use `scripts/verify_env.sh` to confirm environment variables are present.
+
+Notes from runtime:
+
+- Streamlit recommends installing `watchdog` for better file-change performance (`pip install watchdog`).
+- It is recommended that private keys are AIP-80 compliant: https://github.com/aptos-foundation/AIPs/blob/main/aips/aip-80.md
+- For the one-click browser localStorage save/restore feature, install `streamlit-javascript`:
+  ```bash
+  pip install streamlit-javascript
+  ```

src/app.py

@@ -0,0 +1,538 @@
+import logging
+import os
+from dataclasses import dataclass, field
+import time
+import string
+import secrets
+import hashlib
+from queue import Queue
+from typing import List, Dict, Optional
+
+import streamlit as st
+from aptos_sdk.async_client import RestClient
+from aptos_sdk.account import Account
+from aptos_sdk.transactions import EntryFunction
+from aptos_sdk.bcs import Serializer
+from ecdsa import SigningKey, VerifyingKey, SECP256k1
+from ecdsa.util import sigencode_der, sigdecode_der
+from collections import defaultdict
+from itertools import islice
+import random
+from dotenv import load_dotenv
+
+from pages import initApp
+
+# Load environment variables
+load_dotenv()
+
+# UTF-8 character domains for elegant password selection
+DOMAINS = {
+    'ascii': string.ascii_letters + string.digits,
+    'symbols': '!@#$%^&*()_+-=[]{}|;:,.<>?',
+    'emojis': "😀😂❤️👍🙏😍😭😅🎉🔥💯😎🤔🤦😴🤖👀✨✅🚀💎🌟⭐💫🎯🎨🎪🎸🎵🎶🏆🏅🎊🎈🎁🎀🌈🌸🌺🌻🌷🌹",
+    'hearts': "💖💝💘💗💓💕💞💜🧡💛💚💙🤍🖤🤎❣️💋",
+    'nature': "🌳🌲🌴🌿🍀🌾🌻🌺🌸🌷🌹🌼🌵🌱🍃🌿🦋🐝🐞🕷️",
+    'food': "🍎🍌🍇🍓🍈🍉🍊🍋🥭🍑🍒🥝🍍🥥🍅🥑🍆🥔🥕🌽",
+    'animals': "🐶🐱🐭🐹🐰🦊🐻🐼🐨🦁🐯🐮🐷🐸🐵🐔🐧🦆🦉🦅🐺🐗🐴",
+    'travel': "✈️🚆🚂🚄🚘🚲🛴🛵🏍️🚕🚖🚁🚀🛸🚢🚤🏝️🏖️🏔️⛰️🏕️🌋",
+    'sports': "⚽⚾🏀🏐🏈🏉🎾🏓🏸🥊🥋⛳🏌️‍♂️🏄‍♀️🏊‍♀️🧗‍♂️🚴‍♀️🏆🏅🥇🥈🥉",
+    'tech': "📱💻⌨️🖥️🖨️💾💿📷🔌📡🔋🔬🔭📚📝✏️🔍🔑🔒",
+    'music': "🎵🎶🎸🎹🎷🎺🎻🥁🎼🎤🎧📻🎙️🎚️🎛️",
+    'weather': "☀️🌤️⛅🌥️☁️🌦️🌧️⛈️🌩️🌨️❄️💨☃️⛄🌬️🌀🌈☔⚡",
+    'zodiac': "♈♉♊♋♌♍♎♏♐♑♒♓⛎",
+    'numbers': "0️⃣1️⃣2️⃣3️⃣4️⃣5️⃣6️⃣7️⃣8️⃣9️⃣🔟",
+    'japanese': "あいうえおかきくけこさしすせそたちつてとなにぬねのはひふへほまみむめもやゆよらりるれろわをん",
+    'korean': "ㄱㄴㄷㄹㅁㅂㅅㅇㅈㅊㅋㅌㅍㅎㅏㅑㅓㅕㅗㅛㅜㅠㅡㅣ",
+    'chinese': "的一是不了人我在有他这为之大来以个中上们",
+    'arabic': "ابتثجحخدذرزسشصضطظعغفقكلمنهوي",
+    'cyrillic': "абвгдеёжзийклмнопрстуфхцчшщъыьэюя",
+}
+
+COLORS = ["red", "green", "blue", "yellow"]
+DIRECTIONS = ["Up", "Down", "Left", "Right", "Skip"]
+DIRECTION_MAP = {
+    "Up": "U", "Down": "D", "Left": "L", "Right": "R", "Skip": "S"
+}
+
+# System configuration
+SYSTEM_WALLET_ADDRESS = os.getenv('APTOS_ACCOUNT') or "0xSYSTEM_WALLET_NOT_SET"
+SYSTEM_WALLET_PRIVATE_KEY = os.getenv('APTOS_PRIVATE_KEY')
+
+def generate_nonce() -> str:
+    return secrets.token_hex(32)
+
+def keccak256(data: str) -> str:
+    return hashlib.sha3_256(data.encode('utf-8')).hexdigest()
+
+def generate_entropy_layers(seed: str, layers: int) -> List[int]:
+    arr = []
+    cur = seed
+    for _ in range(layers):
+        random_bytes = secrets.token_bytes(2).hex()
+        h = keccak256(cur)
+        val = int(h[:8], 16)
+        arr.append(val)
+        cur = h + random_bytes
+    return arr
+
+@dataclass
+class SessionState:
+    failure_count: int = 0
+    first_failure_ts: Optional[float] = None
+    last_failure_ts: Optional[float] = None
+    d: int = 1
+    high_abuse: bool = False
+
+@dataclass
+class Transaction:
+    """Represents a single transaction in the system"""
+    txn_hash: str
+    sender: str
+    recipient: str
+    amount: float  # Amount in APT
+    timestamp: float  # Unix timestamp
+    is_credit: bool  # True if receiving funds, False if sending
+    status: str  # "completed", "pending", "failed"
+    description: str = ""  # Optional description
+
+@dataclass
+class App:
+    queue: Queue = field(default_factory=Queue)
+    wallet: Optional[Account] = None
+    client: RestClient = field(default_factory=lambda: RestClient("https://testnet.aptoslabs.com/v1"))
+    system_wallet: Optional[Account] = None
+    is_registered: bool = False
+    is_authenticated: bool = False
+    selected_secret: Optional[str] = None
+    direction_mapping: Dict[str, str] = field(default_factory=dict)
+    recent_characters: List[str] = field(default_factory=list)
+    favorite_characters: List[str] = field(default_factory=list)
+    transactions: List[Transaction] = field(default_factory=list)  # Track all transactions
+
+    async def get_account_balance(self, address):
+        """Get account balance in APT"""
+        if not self.wallet:
+            logging.error("No wallet connected; cannot fetch balance.")
+            return 0
+
+        try:
+            resources = await self.client.account_resources(address)
+            apt_balance = 0
+            for resource in resources:
+                if resource['type'] == '0x1::coin::CoinStore<0x1::aptos_coin::AptosCoin>':
+                    apt_balance = int(resource['data']['coin']['value']) / 100000000  # Convert from octas to APT
+                    break
+            logging.info("Fetch resources , got resources:", resources)
+            logging.info(f"Fetched balance for {address}: {apt_balance} APT")
+            return apt_balance
+        except Exception as e:
+            logging.error(f"Error fetching balance for {address}: {str(e)}")
+            raise Exception(f"Failed to check balance: {str(e)}")
+
+    def get_account_balance_sync(self, address):
+        """Synchronous wrapper for get_account_balance"""
+        try:
+            # Use our clean nest_asyncio implementation
+            # Important: Create a fresh coroutine each time, never reuse
+            from utils.nest_runner import async_to_sync
+            # We call the function directly to get a fresh coroutine
+            return async_to_sync(self.get_account_balance(address))
+        except ValueError as e:
+            logging.error(f"Coroutine error: {str(e)}")
+            # Try one more time with a new coroutine
+            return async_to_sync(self.get_account_balance(address))
+        except Exception as e:
+            logging.error(f"Error in get_account_balance_sync: {str(e)}")
+            # Return 0 for balance rather than crashing completely
+            return 0.0
+
+    def add_transaction(self, txn_hash, sender, recipient, amount, is_credit=None, status="completed", description=""):
+        """Add a transaction to the transaction history"""
+        if is_credit is None:
+            # Determine if this is a credit or debit based on sender/recipient
+            if self.wallet:
+                is_credit = recipient == str(self.wallet.address())
+            else:
+                is_credit = False
+
+        # Create new transaction record
+        txn = Transaction(
+            txn_hash=txn_hash,
+            sender=sender,
+            recipient=recipient,
+            amount=amount,
+            timestamp=time.time(),
+            is_credit=is_credit,
+            status=status,
+            description=description
+        )
+
+        # Add to transaction list
+        self.transactions.append(txn)
+        logging.info(f"Added transaction to history: {txn_hash} {'Credit' if is_credit else 'Debit'} {amount} APT")
+
+        return txn
+
+    async def fetch_account_transactions(self, address=None, limit=20):
+        """Fetch transaction history for the given address from the blockchain"""
+        if not address and self.wallet:
+            address = str(self.wallet.address())
+
+        if not address:
+            logging.error("No wallet address provided for transaction history")
+            return []
+
+        try:
+            # Use Aptos SDK to get account transactions
+            # We need to handle this differently since AsyncRestClient doesn't have get_account_transactions
+            from utils.aptos_sync import RestClientSync
+
+            # Create a sync client with the same URL as our async client
+            sync_client = RestClientSync(self.client.base_url)
+
+            # Use the sync client to get transactions
+            transactions = sync_client.get_account_transactions(address, limit=limit)
+
+            # Process transactions to identify credits and debits
+            processed_txns = []
+            for txn in transactions:
+                try:
+                    # Extract basic transaction data
+                    txn_hash = txn.get('hash', '')
+                    txn_version = txn.get('version', 0)
+                    sender = txn.get('sender', '')
+                    timestamp = txn.get('timestamp', 0) / 1000000  # Convert to seconds
+
+                    # Extract payload data to determine transaction type and amount
+                    payload = txn.get('payload', {})
+                    function = payload.get('function', '')
+
+                    # Only process coin transfers for now
+                    if '0x1::coin::transfer' in function:
+                        args = payload.get('arguments', [])
+                        if len(args) >= 2:
+                            recipient = args[0]
+                            amount_octas = int(args[1])
+                            amount_apt = amount_octas / 100000000  # Convert octas to APT
+
+                            # Determine if credit or debit
+                            is_credit = recipient == address
+
+                            # Create transaction object
+                            transaction = Transaction(
+                                txn_hash=txn_hash,
+                                sender=sender,
+                                recipient=recipient,
+                                amount=amount_apt,
+                                timestamp=timestamp,
+                                is_credit=is_credit,
+                                status="completed",
+                                description=f"Transaction {txn_version}"
+                            )
+
+                            processed_txns.append(transaction)
+
+                except Exception as e:
+                    logging.error(f"Error processing transaction: {str(e)}")
+                    continue
+
+            return processed_txns
+
+        except Exception as e:
+            logging.error(f"Error fetching transactions for {address}: {str(e)}")
+            return []
+
+    def fetch_account_transactions_sync(self, address=None, limit=20):
+        """Synchronous wrapper for fetch_account_transactions using nest_asyncio"""
+        if not address and self.wallet:
+            address = str(self.wallet.address())
+
+        if not address:
+            logging.error("No wallet address provided for transaction history")
+            return []
+
+        try:
+            # Use our clean nest_asyncio implementation
+            from utils.nest_runner import async_to_sync
+            return async_to_sync(self.fetch_account_transactions(address, limit=limit))
+        except Exception as e:
+            logging.error(f"Error fetching transactions synchronously: {str(e)}")
+            return []
+
+    def update_transaction_history(self):
+        """Update the transaction history from the blockchain"""
+        if not self.wallet:
+            logging.error("No wallet connected; cannot update transaction history")
+            return False
+
+        try:
+            # Fetch transactions from blockchain
+            new_txns = self.fetch_account_transactions_sync(str(self.wallet.address()))
+
+            # Add new transactions that aren't already in our list
+            existing_txn_hashes = {txn.txn_hash for txn in self.transactions}
+
+            for txn in new_txns:
+                if txn.txn_hash not in existing_txn_hashes:
+                    self.transactions.append(txn)
+
+            # Sort by timestamp, most recent first
+            self.transactions.sort(key=lambda x: x.timestamp, reverse=True)
+
+            return True
+        except Exception as e:
+            logging.error(f"Error updating transaction history: {str(e)}")
+            return False
+
+    def __post_init__(self):
+        # Initialize system wallet
+        if SYSTEM_WALLET_PRIVATE_KEY:
+            try:
+                # Create system wallet from private key hex
+                self.system_wallet = Account.load_key(SYSTEM_WALLET_PRIVATE_KEY)
+            except Exception as e:
+                st.error(f"Failed to initialize system wallet: {str(e)}")
+        else:
+            # Inform the operator that system wallet isn't configured
+            st.warning("System wallet private key not set (APTOS_PRIVATE_KEY). System-send and registration actions will be disabled until configured.")
+
+        # Sync any session-backed state (cached wallet, auth sessions, etc.) into this App instance
+        try:
+            self.load_from_session()
+        except Exception:
+            # Avoid crashing pages on import; failures here should not stop Streamlit page load
+            logging.exception("Failed to load session state into App during __post_init__")
+
+        # Persist this App object into Streamlit session_state for pages to access
+        try:
+            st.session_state['app'] = self
+        except Exception:
+            # Some Streamlit environments may not allow writing at import time; ignore
+            pass
+
+    # --- Session-backed helpers -------------------------------------------------
+    @property
+    def cached_wallet(self):
+        """Proxy property for st.session_state['cached_wallet']"""
+        return st.session_state.get('cached_wallet')
+
+    @cached_wallet.setter
+    def cached_wallet(self, value):
+        st.session_state['cached_wallet'] = value
+        # Keep the live App object in session as well
+        st.session_state['app'] = self
+
+    @property
+    def auth_session(self):
+        return st.session_state.get('auth_session')
+
+    @auth_session.setter
+    def auth_session(self, value):
+        st.session_state['auth_session'] = value
+        st.session_state['app'] = self
+
+    @property
+    def registration_auth(self):
+        return st.session_state.get('registration_auth')
+
+    @registration_auth.setter
+    def registration_auth(self, value):
+        st.session_state['registration_auth'] = value
+        st.session_state['app'] = self
+
+    def load_from_session(self):
+        """Load common session-backed keys into the App instance.
+
+        This ensures pages can safely rely on `app` fields even when navigating
+        directly to a page mid-session.
+        """
+        # Load cached wallet if present
+        cached = st.session_state.get('cached_wallet')
+        if cached and not self.wallet:
+            try:
+                pk = cached.get('private_key')
+                if pk:
+                    clean_pk = pk[2:] if pk.startswith('0x') else pk
+                    self.wallet = Account.load_key(clean_pk)
+            except Exception:
+                logging.exception("Failed to load cached wallet from session")
+
+        # Bring in boolean flags if present
+        self.is_registered = bool(st.session_state.get('is_registered', self.is_registered))
+        self.is_authenticated = bool(st.session_state.get('is_authenticated', self.is_authenticated))
+
+        # Load any other structured session items if present
+        if 'direction_mapping' in st.session_state and not self.direction_mapping:
+            self.direction_mapping = st.session_state.get('direction_mapping', self.direction_mapping)
+
+    def save_to_session(self):
+        """Persist useful App fields into Streamlit session_state.
+
+        Call this after mutating the App so pages and reruns see updated values.
+        """
+        try:
+            if self.wallet:
+                st.session_state['cached_wallet'] = {
+                    'address': str(self.wallet.address()),
+                    'private_key': self.wallet.private_key.hex()
+                }
+            st.session_state['is_registered'] = self.is_registered
+            st.session_state['is_authenticated'] = self.is_authenticated
+            st.session_state['direction_mapping'] = self.direction_mapping
+            st.session_state['app'] = self
+        except Exception:
+            logging.exception("Failed to save App state into session")
+
+app = initApp()
+# Page configuration
+st.set_page_config(
+    page_title="1P Wallet - 2FA for Web3",
+    page_icon="🔒",
+    layout="wide",
+    initial_sidebar_state="expanded"
+)
+
+# Sidebar navigation
+st.sidebar.title("🔒 1P Wallet")
+st.sidebar.markdown("---")
+
+# Navigation menu
+pages = {
+    "🏠 Home": "home",
+    "💳 Import/Generate Wallet": "wallet_setup",
+    "📝 Registration": "registration",
+    "🔐 Authentication": "authentication",
+    "👤 Account": "account",
+}
+
+# Show Transaction History once wallet is connected
+if app.wallet:
+    pages["📋 Transaction History"] = "transaction_history"
+
+# Only show Manage Wallet if authenticated
+if app.is_authenticated:
+    pages["💰 Manage Wallet"] = "manage_wallet"
+
+# Page selection
+selected_page = st.sidebar.selectbox(
+    "Navigate to:",
+    options=list(pages.keys()),
+    key=f"app_page_selector_{id(pages)}"
+)
+
+current_page = pages[selected_page]
+
+# Display current status in sidebar
+st.sidebar.markdown("---")
+st.sidebar.subheader("Status")
+if app.wallet:
+    st.sidebar.success("✅ Wallet Connected")
+    st.sidebar.text(f"Address: {str(app.wallet.address())[:10]}...")
+else:
+    st.sidebar.error("❌ No Wallet")
+
+if app.is_registered:
+    st.sidebar.success("✅ Registered")
+else:
+    st.sidebar.warning("⚠️ Not Registered")
+
+if app.is_authenticated:
+    st.sidebar.success("✅ Authenticated")
+else:
+    st.sidebar.warning("⚠️ Not Authenticated")
+
+# Main content area
+st.title("🔒 1P Wallet - 2FA for Web3")
+
+# Route to appropriate page
+if current_page == "home":
+    st.markdown("""
+    ## Welcome to 1P Wallet
+
+    A secure 2FA system for Web3 wallets using elegant UTF-8 character selection.
+
+    ### How it works:
+    1. **Import or Generate** an Aptos wallet
+    2. **Register** by selecting a single UTF-8 character as your secret
+    3. **Transfer funds** to our secure system wallet
+    4. **Authenticate** using the 1P visual grid system
+    5. **Manage** your wallet securely through our system
+
+    ### Features:
+    - 🎨 Elegant UTF-8 character selection (no keyboard typing!)
+    - 🔒 Secure backend wallet system
+    - 🌍 Multi-language support
+    - 🎯 Visual grid-based authentication
+    - 💯 No private key exposure after registration
+    """)
+
+    if not app.wallet:
+        st.info("👈 Start by setting up your wallet in the sidebar")
+    elif not app.is_registered:
+        st.info("👈 Next, register your 1P secret")
+    elif not app.is_authenticated:
+        st.info("👈 Authenticate to access wallet management")
+
+else:
+    # Import and execute the page module properly
+    import sys
+    import importlib.util
+
+    # Define variables that will be available to the page modules
+    page_globals = {
+        'st': st,
+        'app': app,
+        'DOMAINS': DOMAINS,
+        'COLORS': COLORS,
+        'DIRECTIONS': DIRECTIONS,
+        'SYSTEM_WALLET_ADDRESS': SYSTEM_WALLET_ADDRESS,
+        'DIRECTION_MAP': DIRECTION_MAP,
+        'Account': Account,
+        'EntryFunction': EntryFunction,
+        'Serializer': Serializer,
+    }
+
+    # Handle page routing
+    if current_page == "wallet_setup":
+        spec = importlib.util.spec_from_file_location("wallet_setup", "pages/wallet_setup.py")
+        page_module = importlib.util.module_from_spec(spec)
+        page_module.__dict__.update(page_globals)
+        spec.loader.exec_module(page_module)
+
+    elif current_page == "registration":
+        spec = importlib.util.spec_from_file_location("registration", "pages/registration.py")
+        page_module = importlib.util.module_from_spec(spec)
+        page_module.__dict__.update(page_globals)
+        spec.loader.exec_module(page_module)
+
+    elif current_page == "authentication":
+        spec = importlib.util.spec_from_file_location("authentication", "pages/authentication.py")
+        page_module = importlib.util.module_from_spec(spec)
+        page_module.__dict__.update(page_globals)
+        spec.loader.exec_module(page_module)
+
+    elif current_page == "manage_wallet":
+        if app.is_authenticated:
+            spec = importlib.util.spec_from_file_location("manage_wallet", "pages/manage_wallet.py")
+            page_module = importlib.util.module_from_spec(spec)
+            page_module.__dict__.update(page_globals)
+            spec.loader.exec_module(page_module)
+        else:
+            st.error("Please authenticate first to access wallet management.")
+            st.info("👈 Use the Authentication page to verify your 1P secret")
+
+    elif current_page == "account":
+        spec = importlib.util.spec_from_file_location("account", "pages/account.py")
+        page_module = importlib.util.module_from_spec(spec)
+        page_module.__dict__.update(page_globals)
+        spec.loader.exec_module(page_module)
+
+    elif current_page == "transaction_history":
+        spec = importlib.util.spec_from_file_location("transaction_history", "pages/transaction_history.py")
+        page_module = importlib.util.module_from_spec(spec)
+        page_module.__dict__.update(page_globals)
+        spec.loader.exec_module(page_module)
+
+# Footer
+st.sidebar.markdown("---")
+st.sidebar.markdown("Made with ❤️ using Streamlit")

src/components/__init__.py

@@ -0,0 +1 @@
+# This file makes the components directory a Python package

src/components/auth_component.py

@@ -0,0 +1,121 @@
+import streamlit as st
+from typing import Dict, List, Callable, Optional
+
+from utils.auth_utils import run_one_round_authentication
+
+def one_round_auth(
+    secret: str,
+    direction_mapping: Dict[str, str],
+    colors: List[str],
+    direction_map: Dict[str, str],
+    domains: Dict[str, Dict],
+    session_key: str = "one_round_auth",
+    on_success: Optional[Callable] = None,
+    on_failure: Optional[Callable] = None,
+    show_reference: bool = True
+) -> bool:
+    """
+    Streamlit component for one-round 1P authentication.
+
+    Args:
+        secret: The user's secret character
+        direction_mapping: Mapping of colors to directions
+        colors: List of available colors
+        direction_map: Mapping of direction names to codes
+        domains: Available character domains
+        session_key: Unique key for session state
+        on_success: Optional callback function when auth succeeds
+        on_failure: Optional callback function when auth fails
+        show_reference: Whether to show direction mapping reference
+
+    Returns:
+        True if authentication is completed successfully, False otherwise
+    """
+    # Initialize session state for this component
+    if session_key not in st.session_state:
+        st.session_state[session_key] = {
+            'started': False,
+            'completed': False,
+            'success': False,
+            'grid_html': None,
+            'expected': None
+        }
+
+    sess = st.session_state[session_key]
+
+    # If not started yet, show start button
+    if not sess['started']:
+        st.info("Click 'Authenticate' to verify your identity")
+        if st.button("🔐 Authenticate", type="primary", key=f"{session_key}_start_btn"):
+            # Generate challenge
+            grid_html, expected = run_one_round_authentication(
+                secret, direction_mapping, colors, direction_map, domains
+            )
+
+            # Update session state
+            sess['started'] = True
+            sess['grid_html'] = grid_html
+            sess['expected'] = expected
+            st.rerun()
+        return False
+
+    # If already completed, return result
+    if sess['completed']:
+        return sess['success']
+
+    # Display the challenge grid
+    st.markdown(sess['grid_html'], unsafe_allow_html=True)
+
+    # Show direction mapping as reference if requested
+    if show_reference:
+        with st.expander("🧭 Your Direction Mapping Reference"):
+            col1, col2 = st.columns(2)
+            with col1:
+                for color in colors[:len(colors)//2]:
+                    direction = direction_mapping.get(color, "Skip")
+                    emoji_map = {"Up": "⬆️", "Down": "⬇️", "Left": "⬅️", "Right": "➡️", "Skip": "⏭️"}
+                    st.markdown(f"**{color.title()}**: {direction} {emoji_map[direction]}")
+            with col2:
+                for color in colors[len(colors)//2:]:
+                    direction = direction_mapping.get(color, "Skip")
+                    emoji_map = {"Up": "⬆️", "Down": "⬇️", "Left": "⬅️", "Right": "➡️", "Skip": "⏭️"}
+                    st.markdown(f"**{color.title()}**: {direction} {emoji_map[direction]}")
+
+    # Input for the direction
+    col1, col2 = st.columns([3, 1])
+    with col1:
+        user_input = st.radio(
+            "What direction do you see?",
+            options=["⬆️ Up", "⬇️ Down", "⬅️ Left", "➡️ Right", "⏭️ Skip"],
+            key=f"{session_key}_input",
+            horizontal=True
+        )
+
+    with col2:
+        st.markdown("<br>", unsafe_allow_html=True)  # Spacing
+        if st.button("Submit", type="primary", key=f"{session_key}_submit_btn"):
+            # Map emoji selection to direction code
+            direction_code = {
+                "⬆️ Up": "U",
+                "⬇️ Down": "D",
+                "⬅️ Left": "L",
+                "➡️ Right": "R",
+                "⏭️ Skip": "S"
+            }[user_input]
+
+            # Check if the answer is correct
+            success = direction_code == sess['expected']
+
+            # Update session state
+            sess['completed'] = True
+            sess['success'] = success
+
+            # Call callbacks if provided
+            if success and on_success is not None:
+                on_success()
+            elif not success and on_failure is not None:
+                on_failure()
+
+            st.rerun()
+
+    return False

src/justfile

@@ -0,0 +1,17 @@
+set shell := ["sh", "-c"]
+set windows-shell := ["powershell.exe", "-NoLogo", "-Command"]
+#set allow-duplicate-recipe
+#set positional-arguments
+set dotenv-filename := ".env"
+set export
+
+import? "local.justfile"
+
+setup:
+    uv pip install .
+
+run:
+	uv run streamlit run app.py
+
+
+

src/pages/__init__.py

@@ -0,0 +1,24 @@
+import streamlit as st
+
+
+
+
+def initApp():
+    # Import here to avoid top-level circular import issues with Streamlit
+    from app import App
+
+    # If an App instance exists in session, reuse it. Otherwise create a fresh one.
+    if 'app' not in st.session_state:
+        st.session_state.app = App()
+    else:
+        # Ensure the session-backed fields are synchronized into the live App
+        try:
+            st.session_state.app.load_from_session()
+        except Exception:
+            # If loading fails, recreate a fresh App to avoid stale state
+            st.session_state.app = App()
+
+    return st.session_state.app
+
+
+app = initApp()

src/pages/account.py

@@ -0,0 +1,31 @@
+# Account Page - basic account details and reset
+import streamlit as st
+
+st.header("👤 Account")
+
+from pages import app
+
+if not app.wallet:
+    st.error("❌ No wallet connected")
+    st.info("Go to 'Import/Generate Wallet' to connect a wallet")
+    st.stop()
+
+st.markdown("**Wallet Address:**")
+st.code(str(app.wallet.address()))
+
+st.markdown("**Selected Secret:**")
+if app.selected_secret:
+    st.code(f"{app.selected_secret} (U+{ord(app.selected_secret):04X})")
+else:
+    st.info("No secret selected yet")
+
+st.markdown("---")
+if st.button("🔄 Reset App State", type="secondary"):
+    # Minimal reset: clear registration/authentication and selected secret
+    app.is_registered = False
+    app.is_authenticated = False
+    app.selected_secret = None
+    app.direction_mapping = {}
+    st.session_state.app = app
+    st.success("App state reset. Please re-register or re-import wallet.")
+    st.rerun()

src/pages/authentication.py

@@ -0,0 +1,244 @@
+import streamlit as st
+
+# Authentication Page
+st.header("🔐 Authentication")
+
+from pages import app
+
+if not app.wallet:
+    st.error("❌ Please connect a wallet first")
+    st.info("👈 Go to 'Import/Generate Wallet' to get started")
+    st.stop()
+
+if not app.is_registered:
+    st.error("❌ Please register first")
+    st.info("👈 Go to 'Registration' to set up your 1P secret")
+    st.stop()
+
+if app.is_authenticated:
+    st.success("✅ You are already authenticated!")
+    st.info("👈 Go to 'Manage Wallet' to access wallet functions")
+
+    if st.button("🔄 Re-authenticate", type="secondary"):
+        app.is_authenticated = False
+        app.save_to_session()
+        st.rerun()
+    st.stop()
+
+st.markdown("""
+### 1P Authentication Process:
+1. **Visual Grid Challenge** - Find your secret character in the colored grid
+2. **Direction Input** - Enter the direction based on your character's color
+3. **Multiple Rounds** - Complete several rounds for security
+4. **Verification** - System verifies your responses
+""")
+
+# Initialize 1P verifier and solver components
+class OnePVerifier:
+    def __init__(self, secret: str, public_key_hex: str):
+        self.secret = secret
+        self.public_key = public_key_hex
+        self.session_state = SessionState()
+        self.nonce = None
+        self.entropy_layers = []
+        self.offsets = []
+        self.rotateds = []
+        self.color_maps = []
+        self.expected_solutions = []
+        self.skip_rounds = []
+
+    def start_session(self) -> tuple[str, List[str], int]:
+        self.nonce = generate_nonce()
+        difficulty = self.session_state.d
+        total_rounds = difficulty + (difficulty // 2)
+        self.entropy_layers = generate_entropy_layers(self.nonce, total_rounds)
+        rounds_range = list(range(total_rounds))
+        self.skip_rounds = sorted(random.sample(rounds_range, k=total_rounds - difficulty))
+
+        self.offsets = []
+        self.rotateds = []
+        self.color_maps = []
+        self.expected_solutions = []
+        grids = []
+
+        # Build combined alphabet from all selected domains
+        alphabet = ""
+        for domain_chars in DOMAINS.values():
+            alphabet += domain_chars
+        alphabet = ''.join(set(alphabet))  # Remove duplicates
+
+        for idx in range(total_rounds):
+            offset = self.entropy_layers[idx] % len(alphabet)
+            self.offsets.append(offset)
+            rotated = alphabet[offset:] + alphabet[:offset]
+            self.rotateds.append(rotated)
+            color_map = {rotated[i]: COLORS[i % 4] for i in range(len(rotated))}
+            self.color_maps.append(color_map)
+
+            if idx in self.skip_rounds:
+                expected = "S"
+            else:
+                assigned_color = color_map.get(self.secret, None)
+                if assigned_color is None:
+                    expected = "S"
+                else:
+                    direction = app.direction_mapping.get(assigned_color, "Skip")
+                    expected = DIRECTION_MAP[direction]
+
+            self.expected_solutions.append(expected)
+            grids.append(self.display_grid(idx))
+
+        return self.nonce, grids, total_rounds
+
+    def display_grid(self, idx: int) -> str:
+        chars_by_color = defaultdict(list)
+        for ch, color in self.color_maps[idx].items():
+            chars_by_color[color].append(ch)
+
+        grid_html = f"""
+        <div style="border: 2px solid #333; padding: 15px; margin: 10px; background: #f8f9fa; border-radius: 8px;">
+        <h4>🎯 Round {idx + 1}</h4>
+        <p><strong>Find your secret character and note its color!</strong></p>
+        """
+
+        color_hex_map = {"red": "#FF0000", "green": "#00AA00", "blue": "#0066FF", "yellow": "#FFD700"}
+
+        for color in COLORS:
+            chars = chars_by_color[color]
+            if chars:
+                grid_html += f'<div style="margin: 8px 0;"><strong style="color: {color_hex_map[color]};">{color.upper()}:</strong> '
+                for char in chars:
+                    grid_html += f'<span style="color: {color_hex_map[color]}; font-size: 18px; margin: 2px; padding: 4px; background: white; border-radius: 4px;">{char}</span> '
+                grid_html += '</div>'
+
+        grid_html += '</div>'
+        return grid_html
+
+    def verify_solution(self, candidates: List[str]) -> bool:
+        allowed_skips = len(self.skip_rounds)
+        input_skips = candidates.count('S')
+
+        if input_skips > allowed_skips:
+            return False
+
+        for idx, expected in enumerate(self.expected_solutions):
+            if expected == "S":
+                if candidates[idx] != "S":
+                    return False
+            else:
+                if candidates[idx] == "S":
+                    continue
+                if candidates[idx].upper() != expected:
+                    return False
+
+        return True
+
+# Start authentication session
+st.markdown("---")
+st.subheader("🎯 1P Challenge")
+
+if app.auth_session is None:
+    st.info("Click 'Start Authentication' to begin the challenge")
+
+    if st.button("🚀 Start Authentication", type="primary"):
+        try:
+            # Create verifier with user's secret and public key
+            public_key_hex = app.wallet.public_key().to_bytes()[1:].hex()
+            verifier = OnePVerifier(app.selected_secret, public_key_hex)
+            nonce, grids, total_rounds = verifier.start_session()
+
+            app.auth_session = {
+                'verifier': verifier,
+                'grids': grids,
+                'total_rounds': total_rounds,
+                'current_round': 0,
+                'solutions': [],
+                'nonce': nonce
+            }
+            app.save_to_session()
+            st.rerun()
+        except Exception as e:
+            st.error(f"Failed to start authentication: {str(e)}")
+
+else:
+    session = app.auth_session
+    current_round = session['current_round']
+    total_rounds = session['total_rounds']
+
+    if current_round < total_rounds:
+        st.progress((current_round) / total_rounds, f"Round {current_round + 1} of {total_rounds}")
+
+        # Display current grid
+        st.markdown(session['grids'][current_round], unsafe_allow_html=True)
+
+        # Show direction mapping as reference
+        with st.expander("🧭 Your Direction Mapping Reference"):
+            col1, col2 = st.columns(2)
+            with col1:
+                for color in COLORS[:2]:
+                    direction = app.direction_mapping.get(color, "Skip")
+                    emoji_map = {"Up": "⬆️", "Down": "⬇️", "Left": "⬅️", "Right": "➡️", "Skip": "⏭️"}
+                    st.markdown(f"**{color.title()}**: {direction} {emoji_map[direction]}")
+            with col2:
+                for color in COLORS[2:]:
+                    direction = app.direction_mapping.get(color, "Skip")
+                    emoji_map = {"Up": "⬆️", "Down": "⬇️", "Left": "⬅️", "Right": "➡️", "Skip": "⏭️"}
+                    st.markdown(f"**{color.title()}**: {direction} {emoji_map[direction]}")
+
+        # Input for current round
+        col1, col2 = st.columns([3, 1])
+        with col1:
+            user_input = st.radio(
+                f"What direction for Round {current_round + 1}?",
+                options=["⬆️ Up", "⬇️ Down", "⬅️ Left", "➡️ Right", "⏭️ Skip"],
+                key=f"round_{current_round}",
+                horizontal=True
+            )
+
+        with col2:
+            st.markdown("<br>", unsafe_allow_html=True)  # Spacing
+            if st.button("Next Round ▶️", type="primary"):
+                # Map emoji selection to direction code
+                direction_code = {
+                    "⬆️ Up": "U",
+                    "⬇️ Down": "D",
+                    "⬅️ Left": "L",
+                    "➡️ Right": "R",
+                    "⏭️ Skip": "S"
+                }[user_input]
+
+                session['solutions'].append(direction_code)
+                session['current_round'] += 1
+                app.auth_session = session
+                app.save_to_session()
+                st.rerun()
+
+    else:
+        # Authentication complete - verify solutions
+        st.success("🎉 All rounds completed!")
+        st.info("Verifying your responses...")
+
+        verifier = session['verifier']
+        solutions = session['solutions']
+
+        if verifier.verify_solution(solutions):
+            app.is_authenticated = True
+            app.auth_session = None  # Clear session
+            app.save_to_session()
+
+            st.success("✅ Authentication successful!")
+            st.success("🎉 Welcome to your secure 1P wallet!")
+            st.balloons()
+
+            st.info("👈 Go to 'Manage Wallet' to access your wallet functions")
+            st.rerun()
+
+        else:
+            st.error("❌ Authentication failed!")
+            st.error("Your responses don't match the expected pattern.")
+            st.warning("Please try again or check your secret character and direction mapping.")
+
+            if st.button("🔄 Try Again", type="secondary"):
+                app.auth_session = None
+                app.save_to_session()
+                st.rerun()

src/pages/manage_wallet.py

@@ -0,0 +1,231 @@
+import streamlit as st
+
+# Manage Wallet Page
+st.header("💰 Manage Wallet")
+import streamlit as st
+
+
+# Manage Wallet Page
+st.header("💰 Manage Wallet")
+
+from pages import app
+
+if not app.is_authenticated:
+    st.error("❌ Authentication required")
+    st.info("Please authenticate first to access wallet management")
+    st.stop()
+
+st.success("🔐 Authenticated Session Active")
+st.markdown(f"**Your Wallet Address:** `{str(app.wallet.address())[:20]}...`")
+
+# Display wallet balance
+st.markdown("---")
+st.subheader("💰 Your Wallet Balance")
+
+# Automatically check user balance
+with st.spinner("Checking your wallet balance..."):
+    try:
+        # Use the sync helper method
+        apt_balance = app.get_account_balance_sync(app.wallet.address())
+
+        # Show the balance
+        st.metric("Current Balance", f"{apt_balance} APT")
+
+        # Add a refresh button
+        if st.button("🔄 Refresh Balance", type="secondary"):
+            st.rerun()
+
+    except Exception as e:
+        st.error(f"Error checking balance: {str(e)}")
+        st.info("Try refreshing the page if this persists.")
+
+# Transaction functionality
+st.markdown("---")
+st.subheader("💸 Send Transaction")
+st.info("💡 **Secure Transactions:** Send APT directly from your authenticated wallet")
+
+if not app.system_wallet:
+    st.error("Wallet service not configured. Sending transactions is disabled.")
+    st.info("Please try again later when the service is available.")
+else:
+    with st.form("send_transaction"):
+        recipient_address = st.text_input(
+            "Recipient Address",
+            placeholder="0x1234abcd...",
+            help="Enter the Aptos address to send funds to"
+        )
+
+        amount = st.number_input(
+            "Amount (APT)",
+            min_value=0.00000001,
+            max_value=100.0,
+            value=0.1,
+            step=0.01,
+            format="%.8f"
+        )
+
+        st.markdown("**Transaction Preview:**")
+        st.markdown(f"""
+        - **From:** Your Authenticated Wallet
+        - **To:** `{recipient_address[:20] + '...' if len(recipient_address) > 20 else recipient_address}`
+        - **Amount:** {amount} APT
+        - **Fee:** ~0.001 APT (estimated)
+        """)
+
+        send_transaction = st.form_submit_button("🚀 Send Transaction", type="primary")
+
+    if send_transaction:
+        if not recipient_address:
+            st.error("Please enter a recipient address")
+        elif len(recipient_address) < 10:
+            st.error("Invalid recipient address")
+        else:
+            with st.spinner("Processing transaction through system wallet..."):
+                try:
+                    # Create transaction from system wallet
+                    amount_in_octas = int(amount * 100000000)
+
+                    # Create BCS serializer for the amount
+                    serializer = Serializer()
+                    serializer.u64(amount_in_octas)
+                    serialized_amount = serializer.output()
+
+                    # Make the transaction process more robust
+                    try:
+                        payload = EntryFunction.natural(
+                            "0x1::coin",
+                            "transfer",
+                            ["0x1::aptos_coin::AptosCoin"],
+                            [recipient_address, serialized_amount]
+                        )
+
+                        # Create and submit transaction - handling potential async issues
+                        from utils.aptos_sync import RestClientSync
+                        # Use the sync wrapper to ensure compatibility with streamlit
+                        sync_client = RestClientSync("https://testnet.aptoslabs.com/v1")
+
+                        # Create and process the transaction
+                        with st.spinner("Creating transaction..."):
+                            txn = sync_client.create_transaction(app.system_wallet.address(), payload)
+
+                        with st.spinner("Signing transaction..."):
+                            signed_txn = app.system_wallet.sign_transaction(txn)
+
+                        with st.spinner("Submitting transaction..."):
+                            txn_hash = sync_client.submit_transaction(signed_txn)
+
+                        with st.spinner("Waiting for confirmation..."):
+                            sync_client.wait_for_transaction(txn_hash, timeout=30)
+
+                    except Exception as e:
+                        st.error(f"Transaction failed: {str(e)}")
+                        st.warning("Please try again later.")
+                        return
+
+                    # Record transaction in our history
+                    app.add_transaction(
+                        txn_hash=txn_hash,
+                        sender=str(app.system_wallet.address()),
+                        recipient=recipient_address,
+                        amount=amount,
+                        is_credit=False,
+                        status="completed",
+                        description=f"Transfer to {recipient_address[:10]}..."
+                    )
+
+                    st.session_state.app = app
+                        app.save_to_session()
+
+                    st.success("✅ Transaction sent successfully!")
+                    st.success(f"📋 Transaction Hash: `{txn_hash}`")
+                    st.markdown("📋 You can view this transaction in your **Transaction History** page")
+
+                    # Show transaction details
+                    with st.expander("Transaction Details", expanded=True):
+                        st.markdown(f"""
+                        - **Hash:** `{txn_hash}`
+                        - **From:** Your Authenticated Wallet
+                        - **To:** `{recipient_address}`
+                        - **Amount:** {amount} APT
+                        - **Status:** Confirmed ✅
+                        """)
+
+                except Exception as e:
+                    st.error(f"❌ Transaction failed: {str(e)}")
+
+# Message signing
+st.markdown("---")
+st.subheader("✍️ Sign Message")
+st.info("💡 **Secure signing:** Messages are signed using your authenticated session")
+
+with st.form("sign_message"):
+    message_to_sign = st.text_area(
+        "Message to Sign",
+        placeholder="Enter your message here...",
+        height=100
+    )
+
+    sign_message = st.form_submit_button("✍️ Sign Message", type="secondary")
+
+    if sign_message:
+        if not message_to_sign:
+            st.error("Please enter a message to sign")
+        else:
+            try:
+                # Sign with original wallet for authenticity
+                signature = app.wallet.sign(message_to_sign.encode())
+                signature_hex = signature.hex()
+
+                st.success("✅ Message signed successfully!")
+
+                with st.expander("Signature Details", expanded=True):
+                    st.markdown("**Original Message:**")
+                    st.code(message_to_sign)
+                    st.markdown("**Signature:**")
+                    st.code(signature_hex)
+                    st.markdown("**Signer Address:**")
+                    st.code(str(app.wallet.address()))
+
+            except Exception as e:
+                st.error(f"❌ Signing failed: {str(e)}")
+
+# Account management
+st.markdown("---")
+st.subheader("⚙️ Account Management")
+
+col1, col2 = st.columns(2)
+
+with col1:
+    st.markdown("**Session Control:**")
+    if st.button("🔄 Refresh Authentication", type="secondary"):
+        st.info("Session refreshed successfully")
+        st.rerun()
+
+    if st.button("🚪 Logout", type="secondary"):
+        app.is_authenticated = False
+        app.save_to_session()
+        st.success("Logged out successfully")
+        st.info("👈 Go to Authentication to login again")
+        st.rerun()
+
+with col2:
+    st.markdown("**Account Info:**")
+    with st.expander("View Account Details"):
+        st.markdown(f"""
+        **Wallet Address:** `{app.wallet.address()}`
+
+        **Selected Secret:** {app.selected_secret} (U+{ord(app.selected_secret):04X})
+
+        **Registration Status:** ✅ Registered
+
+        **Authentication Status:** ✅ Active
+        """)
+
+# Recent transactions (placeholder)
+st.markdown("---")
+st.subheader("📋 Recent Activity")
+st.info("Transaction history feature coming soon...")
+
+# Security notice
+st.markdown("---")
+st.warning("🔒 **Security Notice:** Your private key is securely managed by the 1P system. Never share your secret character or direction mapping with anyone.")

src/pages/registration.py

@@ -0,0 +1,433 @@
+
+import streamlit as st
+from utils.transfer_utils import transfer_apt_sync
+from components.auth_component import one_round_auth
+
+from pages import app
+
+# Registration Page
+st.header("📝 Registration")
+
+if not app.wallet:
+    st.error("❌ Please connect a wallet first")
+    st.info("👈 Go to 'Import/Generate Wallet' to get started")
+    st.stop()
+
+if app.is_registered:
+    st.success("✅ You are already registered!")
+    st.info("👈 Go to 'Authentication' to verify your 1P secret")
+    st.stop()
+
+st.markdown("""
+### Registration Process:
+1. **Select your 1P secret** - Choose one UTF-8 character elegantly
+2. **Configure direction mapping** - Set your color-to-direction preferences
+3. **Authenticate yourself** - Verify your 1P secret with a quick challenge
+4. **Transfer minimum 1 APT** - Funds will be held in our secure system wallet
+5. **Complete registration** - Your wallet will be registered for 1P authentication
+""")
+
+# Step 1: UTF-8 Character Selection
+st.markdown("---")
+st.subheader("🎨 Step 1: Select Your 1P Secret")
+st.markdown("Choose **one character** that will be your secret. No keyboard typing required!")
+
+# Language/Category filters
+col1, col2 = st.columns(2)
+with col1:
+    category_type = st.selectbox(
+        "Category Type",
+        options=["Emojis & Symbols", "Languages", "All Categories"],
+        index=0,
+        help="Filter by type of character categories"
+    )
+
+    # Dynamically set options based on category type
+    if category_type == "Emojis & Symbols":
+        category_options = ['emojis', 'hearts', 'nature', 'food', 'animals', 'travel', 'sports', 'tech', 'music', 'weather', 'zodiac', 'numbers', 'symbols', 'ascii']
+    elif category_type == "Languages":
+        category_options = ['japanese', 'korean', 'chinese', 'arabic', 'cyrillic', 'ascii']
+    else:
+        category_options = list(DOMAINS.keys())
+
+    selected_categories = st.multiselect(
+        "Character Categories",
+        options=category_options,
+        default=['emojis'] if category_type == "Emojis & Symbols" else ['ascii'] if category_type == "Languages" else ['emojis'],
+        help="Select which types of characters to show"
+    )
+
+with col2:
+    col2_1, col2_2 = st.columns(2)
+    with col2_1:
+        chars_per_row = st.slider("Characters per row", 5, 20, 10)
+    with col2_2:
+        show_unicode = st.checkbox("Show Unicode codes", False)
+
+    search_term = st.text_input("Search (emoji description or character)", "",
+                               placeholder="heart, food, smile, etc.",
+                               help="Filter characters by description")
+
+# Build character set based on selection
+available_chars = ""
+for category in selected_categories:
+    available_chars += DOMAINS[category]
+
+if not available_chars:
+    st.warning("Please select at least one character category")
+    st.stop()
+
+# Apply search filter if provided
+chars_list = list(set(available_chars))  # Remove duplicates
+
+if search_term:
+    # Simple filtering mechanism
+    search_term = search_term.lower()
+
+    # Define some common emoji descriptions for better search
+    emoji_descriptions = {
+        'smile': '😀😃😄😁😆',
+        'laugh': '😂🤣',
+        'heart': '❤️💖💝💘💗💓💕💞💜🧡💛💚💙',
+        'food': '🍎🍌🍇🍓🍈🍉🍊🍋🥭🍑🍒🥝🍍🥥🍅🥑🍆🥔🥕🌽',
+        'animal': '🐶🐱🐭🐹🐰🦊🐻🐼🐨🦁🐯🐮🐷🐸🐵🐔',
+        'flower': '🌸🌺🌻🌷🌹🌼',
+        'star': '⭐🌟💫✨',
+        'face': '😀😃😄😁😆😅😂🤣😊😇🙂🙃😉😌😍',
+        'hand': '👍👎👌✌️🤞🤟🤘👊✊🤛🤜👏',
+        'music': '🎵🎶🎸🎹🎷🎺🎻🥁🎼',
+        'sport': '⚽⚾🏀🏐🏈🏉🎾🏓🏸',
+        'travel': '✈️🚆🚂🚄🚘🚲',
+        'weather': '☀️🌤️⛅🌥️☁️🌦️🌧️⛈️'
+    }
+
+    filtered_chars = []
+    for char in chars_list:
+        # Check if char is in any of the emoji description groups that match the search term
+        in_description = False
+        for desc, emoji_group in emoji_descriptions.items():
+            if desc.lower().find(search_term) >= 0 and char in emoji_group:
+                in_description = True
+                break
+
+        # Add char if it matches search
+        if in_description or char.lower() == search_term.lower():
+            filtered_chars.append(char)
+
+    chars_list = filtered_chars if filtered_chars else chars_list
+
+# Sort the characters
+chars_list.sort()
+
+# Create a pagination system for large character sets
+chars_per_page = chars_per_row * 5  # 5 rows per page
+total_chars = len(chars_list)
+total_pages = (total_chars + chars_per_page - 1) // chars_per_page  # Ceiling division
+
+# Only show pagination if needed
+if total_pages > 1:
+    col1, col2, col3 = st.columns([1, 3, 1])
+    with col2:
+        page_num = st.select_slider("Page", options=list(range(1, total_pages + 1)), value=1)
+else:
+    page_num = 1
+
+start_idx = (page_num - 1) * chars_per_page
+end_idx = min(start_idx + chars_per_page, total_chars)
+
+# Display character selection grid
+st.markdown(f"**Available Characters:** ({total_chars} characters found)")
+visible_chars = chars_list[start_idx:end_idx]
+
+# Create grid display
+rows = [visible_chars[i:i + chars_per_row] for i in range(0, len(visible_chars), chars_per_row)]
+
+selected_secret = None
+for row_idx, row in enumerate(rows):
+    cols = st.columns(len(row))
+    for col_idx, char in enumerate(row):
+        with cols[col_idx]:
+            unicode_info = f"\\nU+{ord(char):04X}" if show_unicode else ""
+            if st.button(f"{char}{unicode_info}",
+                         key=f"char_{row_idx}_{col_idx}_p{page_num}",
+                         use_container_width=True):
+                selected_secret = char
+                app.selected_secret = char
+                app.save_to_session()
+                st.rerun()
+
+# Show recently used characters for quick selection
+if not app.selected_secret and (app.recent_characters or app.favorite_characters):
+    st.markdown("---")
+    st.subheader("⭐ Quick Selection")
+
+    # Show favorites if available
+    if app.favorite_characters:
+        st.markdown("**Favorite Characters:**")
+        fav_cols = st.columns(min(10, len(app.favorite_characters)))
+        for idx, char in enumerate(app.favorite_characters):
+            with fav_cols[idx % len(fav_cols)]:
+                if st.button(f"{char}",
+                             key=f"fav_{idx}",
+                             use_container_width=True):
+                    app.selected_secret = char
+                    app.save_to_session()
+                    st.rerun()
+
+    # Show recent characters if available
+    if app.recent_characters:
+        st.markdown("**Recently Used:**")
+        recent_cols = st.columns(min(10, len(app.recent_characters)))
+        for idx, char in enumerate(app.recent_characters):
+            with recent_cols[idx % len(recent_cols)]:
+                if st.button(f"{char}",
+                             key=f"recent_{idx}",
+                             use_container_width=True):
+                    app.selected_secret = char
+
+                    # Add to favorites
+                    with recent_cols[idx % len(recent_cols)]:
+                        if st.button("⭐", key=f"fav_add_{idx}", help="Add to favorites"):
+                            if char not in app.favorite_characters:
+                                app.favorite_characters.append(char)
+                                if len(app.favorite_characters) > 10:
+                                    app.favorite_characters.pop(0)  # Remove oldest if over limit
+
+                    app.save_to_session()
+                    st.rerun()
+
+# Show selected secret
+if app.selected_secret:
+    st.success(f"✅ Selected secret: **{app.selected_secret}** (U+{ord(app.selected_secret):04X})")
+
+    # Add selected character to recent list if not already there
+    if app.selected_secret not in app.recent_characters:
+        app.recent_characters.append(app.selected_secret)
+        # Keep only the last 10 characters
+        if len(app.recent_characters) > 10:
+            app.recent_characters.pop(0)
+        app.save_to_session()
+
+    # Option to add to favorites
+    col1, col2 = st.columns([3, 1])
+    with col2:
+        if app.selected_secret not in app.favorite_characters:
+                if st.button("⭐ Add to Favorites"):
+                    app.favorite_characters.append(app.selected_secret)
+                    if len(app.favorite_characters) > 10:
+                        app.favorite_characters.pop(0)  # Remove oldest if over limit
+                    app.save_to_session()
+                    st.rerun()
+        else:
+                if st.button("❌ Remove from Favorites"):
+                    app.favorite_characters.remove(app.selected_secret)
+                    app.save_to_session()
+                    st.rerun()
+
+# Step 2: Direction Mapping Configuration
+if app.selected_secret:
+    st.markdown("---")
+    st.subheader("🧭 Step 2: Configure Direction Mapping")
+    st.markdown("Set your preferred directions for each color. This will be used during authentication.")
+
+    col1, col2 = st.columns(2)
+
+    direction_mapping = {}
+    with col1:
+        st.markdown("**Color → Direction Mapping:**")
+        for color in COLORS:
+            direction_mapping[color] = st.selectbox(
+                f"{color.title()} →",
+                options=DIRECTIONS,
+                key=f"direction_{color}",
+                index=DIRECTIONS.index(DIRECTIONS[COLORS.index(color)])  # Default mapping
+            )
+
+    with col2:
+        st.markdown("**Preview:**")
+        for color, direction in direction_mapping.items():
+            emoji_map = {"Up": "⬆️", "Down": "⬇️", "Left": "⬅️", "Right": "➡️", "Skip": "⏭️"}
+            st.text(f"{color.title()}: {direction} {emoji_map[direction]}")
+
+    app.direction_mapping = direction_mapping
+    app.save_to_session()
+
+# Step 3: Authentication
+if app.selected_secret and app.direction_mapping:
+    st.markdown("---")
+    st.subheader("🔐 Step 3: Authenticate Yourself")
+
+    st.markdown("""Verify your identity using the 1P visual grid system. This ensures you remember your secret
+    character and color-to-direction mapping before proceeding with fund transfer.""")
+
+    # Show authentication challenge using the component
+    auth_success = one_round_auth(
+        secret=app.selected_secret,
+        direction_mapping=app.direction_mapping,
+        colors=COLORS,
+        direction_map=DIRECTION_MAP,
+        domains=DOMAINS,
+        session_key="registration_auth"
+    )
+
+    if not auth_success:
+        # If auth is not completed or failed, stop here
+        if app.registration_auth and app.registration_auth.get("completed"):
+            if not app.registration_auth.get("success"):
+                st.error("❌ Authentication failed! Please try again.")
+                if st.button("🔄 Try Again", key="auth_retry"):
+                    # Reset auth state
+                    app.registration_auth = {
+                        'started': False,
+                        'completed': False,
+                        'success': False,
+                        'grid_html': None,
+                        'expected': None
+                    }
+                    app.save_to_session()
+                    st.rerun()
+        st.stop()
+
+    st.success("✅ Authentication successful!")
+
+# Step 4: Balance Transfer
+if app.selected_secret and app.direction_mapping and app.registration_auth and app.registration_auth.get("completed") and app.registration_auth.get("success"):
+    st.markdown("---")
+    st.subheader("💰 Step 4: Transfer Funds for Registration")
+
+    st.markdown("**Why transfer funds?**")
+    st.markdown("""
+    - Transfers 1 APT minimum to register for the 1P system
+    - Your funds are held securely in our system wallet
+    - Transactions are processed through our secure backend
+    - Your private key is never exposed after registration
+    """)
+
+    # Check current balance automatically
+    with st.spinner("Checking wallet balance..."):
+        try:
+            # Try to use the sync helper method
+            apt_balance = app.get_account_balance_sync(app.wallet.address())
+
+            # Display balance with colorful metric
+            col1, col2 = st.columns(2)
+            with col1:
+                st.metric("Current Wallet Balance", f"{apt_balance} APT")
+            with col2:
+                if apt_balance >= 1.0:
+                    st.success("✅ Sufficient balance for registration")
+                else:
+                    st.error("❌ Insufficient balance. Need at least 1 APT.")
+                    st.warning("Please use the faucet in the wallet setup page.")
+                    st.stop()
+
+            # Add refresh button
+            if st.button("🔄 Refresh Balance", type="secondary"):
+                st.rerun()
+
+        except Exception as e:
+            st.error(f"Balance check error: {str(e)}")
+            st.warning("Unable to check balance automatically. You can proceed if you know you have sufficient funds (at least 1 APT).")
+
+            # Add manual balance check option
+            if st.button("Try Again", type="secondary"):
+                st.rerun()
+
+            # Provide option to continue anyway
+            st.info("If you're certain you have at least 1 APT, you can continue with the registration.")
+
+            # Option to proceed anyway
+            if not st.checkbox("I understand the risks and want to proceed anyway"):
+                st.stop()
+
+    # Transfer amount selection
+    col1, col2 = st.columns(2)
+    with col1:
+        transfer_amount = st.number_input(
+            "Transfer Amount (APT)",
+            min_value=1.0,
+            max_value=100.0,
+            value=1.0,
+            step=0.1,
+            help="Minimum 1 APT required"
+        )
+
+    with col2:
+        st.markdown("<br>", unsafe_allow_html=True)  # Spacing
+        leave_for_gas = st.checkbox("Leave 0.1 APT for gas fees", value=True)
+
+    # Step 5: Complete Registration
+    st.markdown("---")
+    st.subheader("✅ Step 5: Complete Registration")
+
+    st.warning("⚠️ **Final Check:**")
+    st.markdown(f"""
+    - **Secret Character:** {app.selected_secret}
+    - **Direction Mapping:** {len(app.direction_mapping)} colors configured
+    - **Transfer Amount:** {transfer_amount} APT
+    - **From Wallet:** `{app.wallet.address()[:10]}...`
+    """)
+
+    st.error("🔒 **Important:** After registration, your wallet's private key will be securely handled by our system. Make sure you're ready to proceed.")
+
+    confirm_registration = st.checkbox("I understand and want to proceed with registration")
+
+    if confirm_registration and st.button("🚀 Complete Registration", type="primary"):
+        with st.spinner("Processing registration..."):
+            try:
+                # Check user wallet balance first
+                apt_balance = app.get_account_balance_sync(app.wallet.address())
+
+                if apt_balance < transfer_amount:
+                    st.error(f"❌ Insufficient balance: You have {apt_balance} APT but are trying to transfer {transfer_amount} APT")
+                    st.warning("Please get more APT from the faucet or reduce the transfer amount.")
+                    st.stop()
+
+                # Use our abstracted transfer function
+                with st.spinner("Creating and processing transaction..."):
+                    success, txn_hash, error_msg = transfer_apt_sync(
+                        sender_account=app.wallet,
+                        recipient_address=SYSTEM_WALLET_ADDRESS,
+                        amount_apt=transfer_amount
+                    )
+
+                    if not success:
+                        st.error(f"Transaction failed: {error_msg}")
+                        st.warning("Please check your balance and try again.")
+                        st.stop()
+
+                # Mark as registered and record the transaction
+                app.is_registered = True
+
+                # Record transaction in our history
+                app.add_transaction(
+                    txn_hash=txn_hash,
+                    sender=str(app.wallet.address()),
+                    recipient=SYSTEM_WALLET_ADDRESS,
+                    amount=transfer_amount,
+                    is_credit=False,
+                    status="completed",
+                    description="1P Wallet Registration"
+                )
+
+                # Persist changes to session
+                app.save_to_session()
+
+                st.success("🎉 Registration completed successfully!")
+                st.success(f"✅ Transaction Hash: `{txn_hash}`")
+                st.info("**Next:** Go to 'Authentication' to verify your 1P secret")
+                st.markdown("📋 You can view this transaction in your **Transaction History** page")
+
+                # Show registration summary
+                with st.expander("Registration Summary", expanded=True):
+                    st.markdown(f"""
+                    - **Wallet:** `{app.wallet.address()}`
+                    - **Secret:** {app.selected_secret} (U+{ord(app.selected_secret):04X})
+                    - **Amount Transferred:** {transfer_amount} APT
+                    - **Transaction:** `{txn_hash}`
+                    - **System Wallet:** `{SYSTEM_WALLET_ADDRESS}`
+                    """)
+
+            except Exception as e:
+                st.error(f"❌ Registration failed: {str(e)}")
+                st.error("Please check your balance and try again")

src/pages/transaction_history.py

@@ -0,0 +1,149 @@
+# Transaction History Page
+# This page displays the user's transaction history, showing credits and debits
+
+import streamlit as st
+
+from pages import app
+
+
+st.header("📋 Transaction History")
+
+if not app.wallet:
+    st.error("❌ Please connect a wallet first")
+    st.info("👈 Go to 'Import/Generate Wallet' to get started")
+    st.stop()
+
+# Button to refresh transaction history
+col1, col2 = st.columns([3, 1])
+with col1:
+    st.markdown("View your transaction history, including credits and debits")
+with col2:
+    if st.button("🔄 Refresh History", type="secondary"):
+        with st.spinner("Updating transaction history..."):
+            success = app.update_transaction_history()
+            if success:
+                st.success("Transaction history updated!")
+            else:
+                st.error("Failed to update transaction history")
+        st.rerun()
+
+# If we don't have any transactions yet, try to fetch them
+if not app.transactions:
+    with st.spinner("Fetching your transaction history..."):
+        app.update_transaction_history()
+        st.session_state.app = app
+
+# Show transaction summary
+st.markdown("---")
+st.subheader("💰 Balance Summary")
+
+# Calculate summary statistics
+if app.transactions:
+    total_credits = sum(txn.amount for txn in app.transactions if txn.is_credit and txn.status == "completed")
+    total_debits = sum(txn.amount for txn in app.transactions if not txn.is_credit and txn.status == "completed")
+    net_balance = total_credits - total_debits
+
+    # Display summary
+    col1, col2, col3 = st.columns(3)
+    with col1:
+        st.metric("Total Credits", f"{total_credits:.4f} APT", delta=f"{total_credits:.2f}")
+    with col2:
+        st.metric("Total Debits", f"{total_debits:.4f} APT", delta=f"-{total_debits:.2f}", delta_color="inverse")
+    with col3:
+        st.metric("Net Balance", f"{net_balance:.4f} APT")
+
+    # Display current blockchain balance
+    st.markdown("---")
+    with st.spinner("Checking current blockchain balance..."):
+        try:
+            current_balance = app.get_account_balance_sync(app.wallet.address())
+            st.info(f"Current blockchain balance: **{current_balance:.4f} APT**")
+        except Exception as e:
+            st.warning(f"Could not fetch current balance: {str(e)}")
+else:
+    st.info("No transactions found. Your transaction history will appear here once you make transfers.")
+
+# Display transaction list
+st.markdown("---")
+st.subheader("📝 Transaction List")
+
+if app.transactions:
+    # Create tabs for all/credits/debits
+    tab1, tab2, tab3 = st.tabs(["All Transactions", "Credits (Received)", "Debits (Sent)"])
+
+    with tab1:
+        # All transactions
+        for idx, txn in enumerate(app.transactions):
+            with st.expander(
+                f"{'↘️ Received' if txn.is_credit else '↗️ Sent'} {txn.amount:.4f} APT - {time.strftime('%Y-%m-%d %H:%M', time.localtime(txn.timestamp))}",
+                expanded=(idx == 0)  # Only expand first one by default
+            ):
+                st.markdown(f"""
+                **Transaction:** `{txn.txn_hash[:10]}...{txn.txn_hash[-6:]}`
+                **From:** `{txn.sender[:10]}...{txn.sender[-6:]}`
+                **To:** `{txn.recipient[:10]}...{txn.recipient[-6:]}`
+                **Amount:** {txn.amount:.8f} APT
+                **Status:** {txn.status.title()}
+                **Date:** {time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(txn.timestamp))}
+                """)
+
+                # Add link to explorer
+                st.markdown(f"[View on Explorer](https://explorer.aptoslabs.com/txn/{txn.txn_hash}?network=testnet)")
+
+    with tab2:
+        # Credits only
+        credits = [txn for txn in app.transactions if txn.is_credit]
+        if credits:
+            for idx, txn in enumerate(credits):
+                with st.expander(
+                    f"↘️ Received {txn.amount:.4f} APT - {time.strftime('%Y-%m-%d %H:%M', time.localtime(txn.timestamp))}",
+                    expanded=(idx == 0)
+                ):
+                    st.markdown(f"""
+                    **Transaction:** `{txn.txn_hash[:10]}...{txn.txn_hash[-6:]}`
+                    **From:** `{txn.sender[:10]}...{txn.sender[-6:]}`
+                    **To:** `{txn.recipient[:10]}...{txn.recipient[-6:]}`
+                    **Amount:** {txn.amount:.8f} APT
+                    **Status:** {txn.status.title()}
+                    **Date:** {time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(txn.timestamp))}
+                    """)
+
+                    # Add link to explorer
+                    st.markdown(f"[View on Explorer](https://explorer.aptoslabs.com/txn/{txn.txn_hash}?network=testnet)")
+        else:
+            st.info("No credits (received funds) found in transaction history.")
+
+    with tab3:
+        # Debits only
+        debits = [txn for txn in app.transactions if not txn.is_credit]
+        if debits:
+            for idx, txn in enumerate(debits):
+                with st.expander(
+                    f"↗️ Sent {txn.amount:.4f} APT - {time.strftime('%Y-%m-%d %H:%M', time.localtime(txn.timestamp))}",
+                    expanded=(idx == 0)
+                ):
+                    st.markdown(f"""
+                    **Transaction:** `{txn.txn_hash[:10]}...{txn.txn_hash[-6:]}`
+                    **From:** `{txn.sender[:10]}...{txn.sender[-6:]}`
+                    **To:** `{txn.recipient[:10]}...{txn.recipient[-6:]}`
+                    **Amount:** {txn.amount:.8f} APT
+                    **Status:** {txn.status.title()}
+                    **Date:** {time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(txn.timestamp))}
+                    """)
+
+                    # Add link to explorer
+                    st.markdown(f"[View on Explorer](https://explorer.aptoslabs.com/txn/{txn.txn_hash}?network=testnet)")
+        else:
+            st.info("No debits (sent funds) found in transaction history.")
+else:
+    st.info("No transactions found. Your transactions will appear here once you make transfers.")
+
+# Add tips for transaction history
+st.markdown("---")
+st.markdown("""
+### 📊 About Transaction Tracking
+- **Credits**: Funds received by your wallet
+- **Debits**: Funds sent from your wallet
+- **Blockchain Validation**: All transactions are verified and stored on the Aptos blockchain
+- **History**: Transaction history is cached locally during your session
+""")

src/pages/wallet_setup.py

@@ -0,0 +1,264 @@
+# Wallet Setup Page
+# Note: This file is executed in the context of app.py, so all imports are available
+
+import streamlit as st
+
+st.header("💳 Import/Generate Wallet")
+from aptos_sdk.account import Account
+
+
+from pages import app
+
+# Attempt automatic restore from browser localStorage if streamlit_javascript is available
+has_streamlit_js = False
+try:
+    from streamlit_javascript import st_javascript
+    has_streamlit_js = True
+except Exception:
+    has_streamlit_js = False
+
+# Try to restore stored wallet from browser localStorage (opt-in)
+if has_streamlit_js and not app.wallet:
+    try:
+        stored = st_javascript("localStorage.getItem('1p_wallet')")
+        if stored:
+            import json
+            try:
+                data = json.loads(stored)
+                pk = data.get('private_key')
+                if pk:
+                    clean_pk = pk[2:] if pk.startswith('0x') else pk
+                    app.wallet = Account.load_key(clean_pk)
+                    # Persist wallet into session via App helper
+                    app.save_to_session()
+                    st.success('✅ Wallet restored from browser localStorage')
+                    st.experimental_rerun()
+            except Exception:
+                # ignore malformed JSON
+                pass
+    except Exception:
+        # If JS bridge fails, ignore and continue
+        pass
+
+col1, col2 = st.columns(2)
+
+with col1:
+    st.subheader("🎲 Generate New Wallet")
+    st.markdown("Create a brand new Aptos SECP256k1 wallet")
+
+    if st.button("Generate New Wallet", type="primary"):
+        with st.spinner("Generating wallet..."):
+            try:
+                app.wallet = Account.generate_secp256k1_ecdsa()
+                # Cache in session_state so the wallet persists during this browser session
+                # Persist wallet to session
+                app.save_to_session()
+                st.success("✅ Wallet generated successfully!")
+                st.info("**⚠️ Important:** Save your private key securely before proceeding!")
+
+                with st.expander("Wallet Details", expanded=True):
+                    st.text(f"Address: {app.wallet.address()}")
+                    st.text(f"Private Key: {app.wallet.private_key.hex()}")
+                    st.warning("🔐 Keep your private key secure and never share it!")
+
+            except Exception as e:
+                st.error(f"Failed to generate wallet: {str(e)}")
+
+with col2:
+    st.subheader("📥 Import Existing Wallet")
+    st.markdown("Import your existing Aptos wallet using private key")
+
+    private_key_input = st.text_input(
+        "Private Key (hex format)",
+        type="password",
+        placeholder="0x1234abcd...",
+        help="Enter your Aptos wallet private key in hex format"
+    )
+
+    if st.button("Import Wallet", type="secondary"):
+        if private_key_input:
+            try:
+                # Clean the private key input
+                clean_private_key = private_key_input.strip()
+                if clean_private_key.startswith('0x'):
+                    clean_private_key = clean_private_key[2:]
+
+                # Create account from private key hex
+                app.wallet = Account.load_key(clean_private_key)
+                # Persist wallet to session
+                app.save_to_session()
+
+                st.success("✅ Wallet imported successfully!")
+                st.info(f"**Address:** {app.wallet.address()}")
+
+            except ValueError as e:
+                st.error("❌ Invalid private key format. Please check your input.")
+            except Exception as e:
+                st.error(f"❌ Failed to import wallet: {str(e)}")
+        else:
+            st.warning("Please enter a private key to import")
+
+# Faucet section (only show if wallet is connected)
+if app.wallet:
+    st.markdown("---")
+    st.subheader("🚰 Testnet Faucet")
+    st.markdown("Get free APT tokens for testing on Aptos testnet")
+
+    col1, col2 = st.columns([2, 1])
+    with col1:
+        st.info(f"**Your Address:** `{app.wallet.address()}`")
+
+    with col2:
+        if st.button("Request Testnet APT", type="secondary"):
+            with st.spinner("🔄 Requesting tokens from faucet..."):
+                try:
+                    # Try to request tokens directly from Aptos testnet faucet
+                    import requests
+                    import json
+
+                    # Default faucet URL for Aptos testnet
+                    faucet_url = "https://faucet.testnet.aptoslabs.com/v1/fund"
+
+                    # Prepare the request payload
+                    payload = {
+                        "address": str(app.wallet.address()),
+                        "amount": 100000000,  # 1 APT in octas
+                    }
+
+                    # Make the request to the faucet
+                    response = requests.post(
+                        faucet_url,
+                        json=payload,
+                        headers={"Content-Type": "application/json"}
+                    )
+
+                    if response.status_code == 200:
+                        result = response.json()
+                        txn_hash = result.get('txn_hash', 'Unknown')
+                        st.success(f"✅ Successfully requested tokens!")
+                        st.info(f"Transaction hash: `{txn_hash}`")
+
+                        # Record the faucet transaction in our history
+                        app.add_transaction(
+                            txn_hash=txn_hash,
+                            sender="Aptos Faucet",
+                            recipient=str(app.wallet.address()),
+                            amount=1.0,  # Faucet typically sends 1 APT
+                            is_credit=True,
+                            status="completed",
+                            description="Testnet Faucet Claim"
+                        )
+                        app.save_to_session()
+                        st.markdown("📋 You can view this transaction in your **Transaction History** page")
+
+                        # Add refresh button to check balance
+                        if st.button("Check Updated Balance"):
+                            st.rerun()
+                    else:
+                        st.error(f"Failed to request tokens: {response.text}")
+                        st.info("Try using the manual faucet option below")
+
+                        # Provide manual instructions as fallback
+                        st.markdown("""
+                        **Manual Faucet Options:**
+                        1. Visit [Aptos Testnet Faucet](https://www.aptosfaucet.com/)
+                        2. Paste your address: `{}`
+                        3. Click "Submit" to receive test APT
+                        """.format(app.wallet.address()))
+
+                except Exception as e:
+                    st.error(f"Error requesting tokens: {str(e)}")
+                    # Provide manual instructions as fallback
+                    st.markdown("""
+                    **Manual Faucet Options:**
+                    1. Visit [Aptos Testnet Faucet](https://www.aptosfaucet.com/)
+                    2. Paste your address: `{}`
+                    3. Click "Submit" to receive test APT
+                    """.format(app.wallet.address()))
+
+# Balance checker
+if app.wallet:
+    st.markdown("---")
+    st.subheader("💰 Account Balance")
+
+    if st.button("Check Balance", type="secondary"):
+        with st.spinner("Checking balance..."):
+            try:
+                # Get APT balance using the sync helper method
+                apt_balance = app.get_account_balance_sync(app.wallet.address())
+
+                st.success(f"💰 Balance: **{apt_balance} APT**")
+
+                if apt_balance >= 1.0:
+                    st.success("✅ Sufficient balance for registration (≥1 APT required)")
+                else:
+                    st.warning("⚠️ Insufficient balance for registration. Please use the faucet to get at least 1 APT.")
+
+            except Exception as e:
+                st.error(f"❌ Failed to check balance: {str(e)}")
+                st.info("This might happen if the account hasn't been funded yet. Try using the faucet first.")
+
+# Next steps
+if app.wallet:
+    st.markdown("---")
+    st.success("🎉 Wallet is ready!")
+    st.info("**Next Steps:** Navigate to the Registration page to set up your 1P secret and transfer funds to the secure system.")
+
+    # Backup and persistence options
+    st.markdown("---")
+    st.subheader("🔐 Backup & Persistence")
+    st.markdown("It's recommended you back up your private key securely. Storing private keys in browser localStorage is insecure — only do this if you understand the risk.")
+
+    cached = app.cached_wallet
+    if cached:
+        # Prepare JSON for download
+        import json
+
+        backup_json = json.dumps(cached)
+
+        st.download_button(
+            label="Download Backup (wallet.json)",
+            data=backup_json,
+            file_name="wallet_backup.json",
+            mime="application/json",
+        )
+
+        # Save to browser localStorage via JS bridge if available
+        if has_streamlit_js:
+            try:
+                if st.button("💾 Save to browser localStorage (one-click)"):
+                    # Use the JS bridge to set the item
+                    st_javascript(f"localStorage.setItem('1p_wallet', JSON.stringify({backup_json})); 'saved';")
+                    st.success("Saved to localStorage")
+            except Exception:
+                st.warning("Unable to access browser localStorage via streamlit_javascript.")
+                st.markdown("**Persist in browser localStorage (manual)**")
+                st.markdown("Copy the JavaScript snippet below and paste it into your browser console on this site to store the wallet in localStorage.")
+                js_snippet = f"localStorage.setItem('1p_wallet', JSON.stringify({backup_json})); console.log('1p_wallet saved to localStorage');"
+                st.code(js_snippet)
+        else:
+            st.markdown("**Persist in browser localStorage (manual)**")
+            st.markdown("Copy the JavaScript snippet below and paste it into your browser console on this site to store the wallet in localStorage.")
+            js_snippet = f"localStorage.setItem('1p_wallet', JSON.stringify({backup_json})); console.log('1p_wallet saved to localStorage');"
+            st.code(js_snippet)
+
+        st.markdown("**Restore from a backup file**")
+        uploaded = st.file_uploader("Upload wallet_backup.json to restore", type=["json"])
+        if uploaded:
+            try:
+                data = json.load(uploaded)
+                pk = data.get('private_key')
+                if pk:
+                    # Load wallet and update app state
+                    clean_pk = pk
+                    if clean_pk.startswith('0x'):
+                        clean_pk = clean_pk[2:]
+                    app.wallet = Account.load_key(clean_pk)
+                    app.save_to_session()
+                    
+                    st.success("✅ Wallet restored from backup and loaded into session")
+                    st.experimental_rerun()
+                else:
+                    st.error("Uploaded file doesn't contain a private_key field")
+            except Exception as e:
+                st.error(f"Failed to restore backup: {str(e)}")

src/pyproject.toml

@@ -0,0 +1,46 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "1p-wallet"
+version = "0.1.0"
+description = "2FA for web3 wallets"
+authors = [{ name = "Nasfame", email = "laciferin@gmail.com" }]
+requires-python = "~=3.13"
+readme = "README.md"
+license = "MIT"
+keywords = ["streamlit", "web3", "2fa"]
+
+dependencies = [
+    "streamlit>=1.49.0,<2",
+    "dataclasses-json>=0.6.7,<0.7",
+    "web3>=6.0.0,<7", # For Web3 interactions
+    "python-dotenv>=1.0.0,<2", # For managing environment variables
+    "pyotp>=2.0.0,<3", # For Time-based One-Time Password algorithm (2FA)
+    "aptos-sdk>=0.11.0",
+    "ecdsa>=0.19.1",
+    "streamlit-javascript>=0.1.5",
+    "nest-asyncio>=1.6.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0.0,<8", # For testing
+]
+
+[project.urls]
+Homepage = "https://1p-wallet.streamlit.app"
+# Repository = ""
+# Documentation = ""
+# "Bug Tracker" = ""
+
+[tool.hatch.build.targets.wheel]
+include = [
+    "app.py",
+    "pages/**",
+    "utils/**",
+    "static/**",
+    "Readme.md",
+    "LICENSE",
+]

src/requirements.txt

@@ -0,0 +1,7 @@
+streamlit>=1.49.0,<2
+python-dotenv>=1.0.0,<2
+aptos-sdk>=0.11.0
+ecdsa>=0.20.0
+streamlit-javascript>=0.0.6
+nest_asyncio>=1.5.6
+requests>=2.31.0

src/scripts/verify_env.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+# Simple script to check required env vars for 1p-wallet
+
+required=(APTOS_ACCOUNT APTOS_PRIVATE_KEY)
+missing=()
+
+for v in "${required[@]}"; do
+  if [ -z "${!v}" ]; then
+    missing+=("$v")
+  fi
+done
+
+if [ ${#missing[@]} -eq 0 ]; then
+  echo "All required env vars are set"
+  exit 0
+else
+  echo "Missing required env vars: ${missing[*]}"
+  echo "Please set them (e.g. export APTOS_ACCOUNT=0x... )"
+  exit 1
+fi

src/static/timeout.js

@@ -0,0 +1,22 @@
+const TIMEOUT_MS = 3000; //this constant is replaced in v0-app
+    function timeoutHandler() {
+        alert("User inactive for too long");
+        console.log("User inactivity timed out");
+        //call the equivalent function
+    }
+
+    // Set up the timer
+let timeoutTimer;
+
+function resetTimer() {
+    clearTimeout(timeoutTimer);
+    timeoutTimer = setTimeout(timeoutHandler, TIMEOUT_MS);
+    console.log("timeout user: reset")
+}
+
+//document.removeEventListener("mousemove", resetTimer);
+//document.removeEventListener("keypress", resetTimer);
+
+document.addEventListener("mousemove", resetTimer);
+document.addEventListener("keypress", resetTimer);
+resetTimer();

src/tests/test_helpers.py

@@ -0,0 +1,20 @@
+from utils.helpers import generate_nonce, keccak256, generate_entropy_layers
+
+
+def test_generate_nonce_length():
+    n = generate_nonce()
+    assert isinstance(n, str)
+    assert len(n) == 64  # 32 bytes hex
+
+
+def test_keccak256_known():
+    h = keccak256('abc')
+    assert isinstance(h, str)
+    assert len(h) == 64
+
+
+def test_generate_entropy_layers_consistent():
+    arr1 = generate_entropy_layers('seed', 3)
+    arr2 = generate_entropy_layers('seed', 3)
+    assert arr1 == arr2
+    assert len(arr1) == 3

src/todo.1.md

@@ -0,0 +1 @@
+UI. - use caesar's UI

src/todo.current.md

@@ -0,0 +1,38 @@
+Yes, it is possible to use the Aptos Python SDK to check all transactions, including credits and debits, between an Aptos account and another account. The Aptos Python SDK enables retrieval of transaction history for a specific account address by interacting with the Aptos blockchain's API endpoints.[2][10]
+
+### How It Works
+
+- The Python SDK supports querying an account's transactional history, retrieving data on all transactions affecting a specified account address.
+- This data can be filtered and parsed to determine which transactions are credits (incoming funds) and debits (outgoing funds) by inspecting sender and recipient addresses in each transaction payload.[1][6]
+- You can use the account resource functions in the SDK to check balances, and use transaction history to track credit and debit flows, as the data includes transaction direction and value.[5]
+
+### Key Functions and Methods
+
+- Historical transactions can be retrieved using GraphQL queries or by directly using SDK client methods to fetch account transactions.[1][2]
+- Each transaction includes details such as sender, recipient, amount, and transaction type, which allow differentiation between credits (incoming) and debits (outgoing).[7]
+
+### Example
+
+Typically, you would:
+
+- Use `client.get_account_transactions(address)` or a similar function to fetch all transactions for the account.
+- Check, for each transaction, if your account is the sender (debit) or receiver (credit) and extract the corresponding amount.
+
+This enables comprehensive tracking of all credits and debits for an Aptos account using the Python SDK.[10][2]
+
+[1](https://aptos.dev/build/indexer/indexer-api/account-transactions)
+[2](https://aptos.dev/build/sdks/python-sdk)
+[3](https://www.youtube.com/watch?v=7Br6TAfabfg)
+[4](https://aptos.guide/en/build/sdks)
+[5](https://stackoverflow.com/questions/74133381/how-do-you-define-and-query-a-read-function-in-a-move-module-on-aptos-blockchain)
+[6](https://aptos.dev/build/cli/trying-things-on-chain/looking-up-account-info)
+[7](https://aptos-labs.github.io/ts-sdk-doc/classes/Types.TransactionsService.html)
+[8](https://www.youtube.com/watch?v=mUYtwV3SgiA)
+[9](https://docs.fordefi.com/developers/transaction-types/aptos-payload-transaction)
+[10](https://github.com/aptos-labs/aptos-python-sdk)
+[11](https://stackoverflow.com/questions/74177609/aptos-sdk-transaction-argument)
+[12](https://www.tokenmetrics.com/blog/upcoming-crypto-airdrops?0fad35da_page=2&74e29fd5_page=128)
+[13](https://business.fiu.edu/biz/conf-irm/pdf/Conf-IRM-2020-Proceedings.pdf)
+[14](https://planet.debian.org)
+[15](https://www.scribd.com/document/648865649/FTI-2023-Trend-Report)
+[16](https://br.saintleo.edu/pt/info/academic-catalog/672-slubr_posgrados.pdf)

src/todo.md

@@ -0,0 +1,30 @@
+Users won't use they keyboards to input password for setup password, they would just choose the utf-8 character elegantly from our list of utf-8 chars with fitlerns based on language , emojis and so on.
+
+- WE don't need 2FA to sign Txs, this is what we do:
+
+We have very strongly held backend wallet that will never be hacked.
+
+Users empty their aptos account to our system wallet post registration of 1P (2FA protocol) ,session state.
+
+We should ideally have in sidebar :
+
+1. Import wallet or generate a new wallet
+2. ANd Faucet to claim funds
+3. Bind the wallet to session
+
+To register (Should have imported or generated new wallet with sufficient balance):
+
+0. EMpty the balance of the account (min 1 APT) to the 1p system account (process.env.APTOS_ACCOUNT)
+1. 1 Letter password (any utf-8 character)
+2. Choose the direction mapping for colors.
+3. Never remmber the password in the frontend, but the setup , directions would be binded to tthe cache
+
+Now what next...
+
+Sidebar another page - Authenticate
+
+- to authenticate 1P after importing wallet
+
+Sidebar another page - Manage wallet (only if 1P autheticated)
+
+Send tx flow and the transfer actually happens via the backend through process.env.APTOS_PRIVATE_KEY (our system wallet) - to the input address ...

src/todo.next.md

@@ -0,0 +1 @@
+Create a small testable module and 3 unit tests for helper functions (generate_nonce, keccak256, generate_entropy_layers). This is low-risk and will provide initial automated checks. If you want that, I'll implement the tests and run them here

src/utils/__init__.py

@@ -0,0 +1 @@
+# This file makes the utils directory a Python package

src/utils/aptos_sync.py

@@ -0,0 +1,86 @@
+import requests
+import logging
+from typing import Any, Dict, List, Optional
+
+from aptos_sdk.async_client import RestClient as AsyncRestClient
+from utils.nest_runner import run_async, run_coroutine, async_to_sync
+
+
+def _run_coro_sync(coro):
+    """Run coroutine synchronously, using the clean nest_asyncio implementation.
+
+    This function is kept for backward compatibility and delegates to the more
+    clean and robust nest_runner utilities.
+    """
+    return async_to_sync(coro)
+
+
+class RestClientSync:
+    """A tiny sync wrapper around aptos_sdk.async_client.RestClient.
+
+    This runs async calls via a safe sync runner to provide a synchronous API
+    suitable for Streamlit scripts. Add more proxy methods as needed.
+    """
+
+    def __init__(self, node_url: str):
+        self._client = AsyncRestClient(node_url)
+
+    def account(self, address: str) -> Any:
+        return _run_coro_sync(self._client.account(address))
+
+    def account_resources(self, address: str) -> Any:
+        # Use a completely fresh call each time to avoid event loop issues
+        try:
+            return _run_coro_sync(self._client.account_resources(address))
+        except Exception as e:
+            if "Event loop is closed" in str(e):
+                # If we get the specific error, recreate client and retry
+                self._client = AsyncRestClient(self._client.base_url)
+                return _run_coro_sync(self._client.account_resources(address))
+            raise
+
+    def create_transaction(self, sender: str, payload: Any) -> Any:
+        return _run_coro_sync(self._client.create_transaction(sender, payload))
+
+    def submit_transaction(self, signed_txn: Any) -> Any:
+        return _run_coro_sync(self._client.submit_transaction(signed_txn))
+
+    def wait_for_transaction(self, txn_hash: str, timeout: int = 30) -> Any:
+        return _run_coro_sync(self._client.wait_for_transaction(txn_hash, timeout))
+
+    def get_account_transactions(self, address: str, limit: int = 20) -> List[Dict[str, Any]]:
+        """Fetch transaction history for an account
+
+        This method makes a direct HTTP request since AsyncRestClient doesn't have this method.
+        """
+        try:
+            # Extract base URL from client
+            base_url = self._client.base_url
+            if base_url.endswith('/'):
+                base_url = base_url[:-1]
+
+            # Construct the API endpoint URL
+            url = f"{base_url}/accounts/{address}/transactions"
+
+            # Set up query parameters
+            params = {
+                'limit': limit
+            }
+
+            # Make the HTTP request
+            response = requests.get(url, params=params)
+
+            # Check if the request was successful
+            if response.status_code == 200:
+                return response.json()
+            else:
+                logging.error(f"Error fetching transactions: HTTP {response.status_code}: {response.text}")
+                return []
+
+        except Exception as e:
+            logging.error(f"Error in get_account_transactions: {str(e)}")
+            return []
+
+    def __getattr__(self, name: str):
+        # Fallback to underlying client attributes if needed
+        return getattr(self._client, name)

src/utils/auth_utils.py

@@ -0,0 +1,112 @@
+from collections import defaultdict
+from typing import List, Dict, Tuple
+
+from utils.helpers import generate_nonce, generate_entropy_layers
+
+class OneRoundVerifier:
+    """
+    A simplified, one-round version of the 1P authentication system.
+    Use this for quick challenges where a full multi-round authentication is not needed.
+    """
+    def __init__(self, secret: str, direction_mapping: Dict[str, str],
+                 colors: List[str], direction_map: Dict[str, str], domains: Dict[str, str]):
+        self.secret = secret
+        self.direction_mapping = direction_mapping
+        self.colors = colors
+        self.direction_map = direction_map
+        self.domains = domains
+        self.nonce = None
+        self.color_map = {}
+
+    def generate_challenge(self) -> Tuple[str, str]:
+        """
+        Generates a one-round challenge grid.
+
+        Returns:
+            Tuple containing (grid_html, expected_direction_code)
+        """
+        self.nonce = generate_nonce()
+        entropy = generate_entropy_layers(self.nonce, 1)[0]
+
+        # Build combined alphabet from all domains
+        alphabet = ""
+        for domain_chars in self.domains.values():
+            alphabet += domain_chars
+        alphabet = ''.join(set(alphabet))  # Remove duplicates
+
+        # Create rotated alphabet based on entropy
+        offset = entropy % len(alphabet)
+        rotated = alphabet[offset:] + alphabet[:offset]
+
+        # Create color mapping
+        self.color_map = {rotated[i]: self.colors[i % len(self.colors)] for i in range(len(rotated))}
+
+        # Determine expected solution
+        assigned_color = self.color_map.get(self.secret, None)
+        if assigned_color is None:
+            expected = "S"  # Skip if secret character not in grid
+        else:
+            direction = self.direction_mapping.get(assigned_color, "Skip")
+            expected = self.direction_map[direction]
+
+        # Generate the grid HTML
+        grid_html = self._generate_grid_html()
+
+        return grid_html, expected
+
+    def _generate_grid_html(self) -> str:
+        """Generate HTML for the challenge grid."""
+        chars_by_color = defaultdict(list)
+        for ch, color in self.color_map.items():
+            chars_by_color[color].append(ch)
+
+        grid_html = """
+        <div style="border: 2px solid #333; padding: 15px; margin: 10px; background: #f8f9fa; border-radius: 8px;">
+        <h4>🎯 One-Round Authentication</h4>
+        <p><strong>Find your secret character and note its color!</strong></p>
+        """
+
+        color_hex_map = {"red": "#FF0000", "green": "#00AA00", "blue": "#0066FF", "yellow": "#FFD700"}
+
+        for color in self.colors:
+            chars = chars_by_color[color]
+            if chars:
+                grid_html += f'<div style="margin: 8px 0;"><strong style="color: {color_hex_map[color]};">{color.upper()}:</strong> '
+                for char in chars:
+                    grid_html += f'<span style="color: {color_hex_map[color]}; font-size: 18px; margin: 2px; padding: 4px; background: white; border-radius: 4px;">{char}</span> '
+                grid_html += '</div>'
+
+        grid_html += '</div>'
+        return grid_html
+
+    def verify_solution(self, user_input: str, expected: str) -> bool:
+        """
+        Verify if the user's solution matches the expected direction.
+
+        Args:
+            user_input: User's input direction code ("U", "D", "L", "R", "S")
+            expected: Expected direction code
+
+        Returns:
+            True if the authentication is successful, False otherwise
+        """
+        return user_input == expected
+
+def run_one_round_authentication(secret: str, direction_mapping: Dict[str, str],
+                               colors: List[str], direction_map: Dict[str, str],
+                               domains: Dict[str, str]) -> Tuple[str, str]:
+    """
+    Helper function to run a single round of authentication.
+
+    Args:
+        secret: The user's secret character
+        direction_mapping: Mapping of colors to directions
+        colors: List of available colors
+        direction_map: Mapping of direction names to codes
+        domains: Available character domains
+
+    Returns:
+        Tuple containing (grid_html, expected_direction_code)
+    """
+    verifier = OneRoundVerifier(secret, direction_mapping, colors, direction_map, domains)
+    return verifier.generate_challenge()

src/utils/helpers.py

@@ -0,0 +1,22 @@
+import secrets
+import hashlib
+from typing import List
+
+
+def generate_nonce() -> str:
+    return secrets.token_hex(32)
+
+
+def keccak256(data: str) -> str:
+    return hashlib.sha3_256(data.encode('utf-8')).hexdigest()
+
+
+def generate_entropy_layers(seed: str, layers: int) -> List[int]:
+    arr = []
+    cur = seed
+    for _ in range(layers):
+        h = keccak256(cur)
+        val = int(h[:8], 16)
+        arr.append(val)
+        cur = h
+    return arr

src/utils/nest_runner.py

@@ -0,0 +1,100 @@
+"""
+Clean implementation of asyncio with nest_asyncio for Streamlit applications.
+
+This module provides a simple and clean way to run async functions in a Streamlit
+environment, where event loops can sometimes cause issues.
+"""
+
+import asyncio
+import functools
+import logging
+import nest_asyncio
+from typing import Any, Callable, TypeVar, Awaitable, cast
+
+T = TypeVar('T')
+
+# Apply nest_asyncio at module import time to enable nested event loops
+try:
+    nest_asyncio.apply()
+    logging.info("nest_asyncio successfully applied")
+except Exception as e:
+    logging.warning(f"Failed to apply nest_asyncio: {e}")
+
+def run_async(func):
+    """
+    A clean decorator to make async functions callable synchronously.
+
+    This decorator properly handles async functions in Streamlit, preventing
+    "Event loop is closed" errors by using nest_asyncio.
+
+    Args:
+        func: The async function to decorate
+
+    Returns:
+        A synchronous wrapper function
+
+    Example:
+        @run_async
+        async def fetch_data(address):
+            # Your async code here
+            return result
+
+        # Call it normally:
+        result = fetch_data("0x123")
+    """
+    @functools.wraps(func)
+    def wrapper(*args, **kwargs):
+        return run_coroutine(func(*args, **kwargs))
+    return wrapper
+
+def run_coroutine(coro: Awaitable[T]) -> T:
+    """
+    Run a coroutine object safely with nest_asyncio.
+
+    Args:
+        coro: A coroutine object to run
+
+    Returns:
+        The result of the coroutine
+    """
+    try:
+        # Get the current event loop, or create one if it doesn't exist
+        try:
+            loop = asyncio.get_event_loop()
+            if loop.is_closed():
+                loop = asyncio.new_event_loop()
+                asyncio.set_event_loop(loop)
+        except RuntimeError:
+            # "There is no current event loop in thread"
+            loop = asyncio.new_event_loop()
+            asyncio.set_event_loop(loop)
+
+        # Run the coroutine and return the result
+        return loop.run_until_complete(coro)
+    except Exception as e:
+        if "cannot reuse already awaited coroutine" in str(e):
+            # This is a fatal error, we can't reuse the coroutine
+            logging.error(f"Cannot reuse coroutine: {e}")
+            raise ValueError("Cannot reuse the same coroutine object. Create a fresh coroutine for each call.")
+        else:
+            # If all else fails, create a new event loop and try again
+            logging.warning(f"Error in run_coroutine, retrying with new event loop: {e}")
+            loop = asyncio.new_event_loop()
+            asyncio.set_event_loop(loop)
+            return loop.run_until_complete(coro)
+
+# Convenience function for one-off coroutine runs
+def async_to_sync(coro: Awaitable[T]) -> T:
+    """
+    Run an async coroutine synchronously and return the result.
+
+    Args:
+        coro: The coroutine to run
+
+    Returns:
+        The result of the coroutine
+
+    Example:
+        result = async_to_sync(client.get_balance("0x123"))
+    """
+    return run_coroutine(coro)