Update WaaS client and API key handling

.github/workflows/claude-code-review.yml

@@ -2,15 +2,28 @@ name: Claude Code Review
 
 on:
   pull_request:
-    types: [opened, synchronize]
+    types: [opened]
+  issue_comment:
+    types: [created]
 
 jobs:
   claude-review:
-    if: github.event.pull_request.user.login != 'dependabot[bot]'
+    if: |
+      (
+        github.event_name == 'pull_request' &&
+        github.event.pull_request.user.login != 'dependabot[bot]'
+      ) ||
+      (
+        github.event_name == 'issue_comment' &&
+        github.event.issue.pull_request &&
+        github.event.issue.user.login != 'dependabot[bot]' &&
+        contains(github.event.comment.body, '@claude review')
+      )
     runs-on: ubuntu-latest
     permissions:
       contents: read
       pull-requests: write
+      issues: write
       id-token: write
     steps:
       - name: Checkout
@@ -21,6 +34,7 @@ jobs:
       - uses: anthropics/claude-code-action@beta
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY_GITHUB_ACTIONS }}
+          model: "claude-opus-4-8"
           direct_prompt: |
             Review this pull request. Focus on:
             - Correctness of SDK behavior changes (wallet auth, signing, transactions, indexer)

.github/workflows/pages.yml

@@ -47,21 +47,18 @@ jobs:
         env:
           GITHUB_PAGES: 'true'
           VITE_OMS_PUBLISHABLE_KEY: ${{ secrets.OMS_PUBLISHABLE_KEY }}
-          VITE_OMS_PROJECT_ID: ${{ secrets.OMS_PROJECT_ID }}
 
       - name: Build Trails Actions example
         run: pnpm build:trails-actions-example
         env:
           GITHUB_PAGES: 'true'
           VITE_OMS_PUBLISHABLE_KEY: ${{ secrets.OMS_PUBLISHABLE_KEY }}
-          VITE_OMS_PROJECT_ID: ${{ secrets.OMS_PROJECT_ID }}
 
       - name: Build Wagmi example
         run: pnpm build:wagmi-example
         env:
           GITHUB_PAGES: 'true'
           VITE_OMS_PUBLISHABLE_KEY: ${{ secrets.OMS_PUBLISHABLE_KEY }}
-          VITE_OMS_PROJECT_ID: ${{ secrets.OMS_PROJECT_ID }}
           VITE_TRAILS_API_KEY: ${{ secrets.VITE_TRAILS_API_KEY }}
 
       - name: Stage Pages artifact

.github/workflows/tests.yml

@@ -36,8 +36,6 @@ jobs:
         run: pnpm exec tsc --noEmit
 
       - name: Run tests
-        env:
-          OMS_PROJECT_ACCESS_KEY: ${{ secrets.OMS_PROJECT_ACCESS_KEY }}
         run: pnpm test
 
       - name: Build SDK
@@ -52,18 +50,15 @@ jobs:
       - name: Build React example
         run: pnpm build:example
         env:
-          VITE_OMS_PUBLISHABLE_KEY: ci-publishable-key
-          VITE_OMS_PROJECT_ID: ci-project-id
+          VITE_OMS_PUBLISHABLE_KEY: pk_ci_sdbx_ciproject_cikey
 
       - name: Build Trails Actions example
         run: pnpm build:trails-actions-example
         env:
-          VITE_OMS_PUBLISHABLE_KEY: ci-publishable-key
-          VITE_OMS_PROJECT_ID: ci-project-id
+          VITE_OMS_PUBLISHABLE_KEY: pk_ci_sdbx_ciproject_cikey
 
       - name: Build Wagmi example
         run: pnpm --filter wagmi-example build
         env:
-          VITE_OMS_PUBLISHABLE_KEY: ci-publishable-key
-          VITE_OMS_PROJECT_ID: ci-project-id
+          VITE_OMS_PUBLISHABLE_KEY: pk_ci_sdbx_ciproject_cikey
           VITE_TRAILS_API_KEY: ci-trails-key

AGENTS.md

@@ -163,10 +163,10 @@ execution commands.
 ## Security and Configuration
 
 - Do not commit real secrets. `.env.local` and `.env.*.local` files are ignored for local overrides.
-- The React example uses `examples/react/.env.example` for `VITE_OMS_PUBLISHABLE_KEY` and `VITE_OMS_PROJECT_ID`; keep local overrides in `examples/react/.env.local`.
-- The wagmi React example uses `examples/wagmi/.env.example` for `VITE_OMS_PUBLISHABLE_KEY` and `VITE_OMS_PROJECT_ID`; keep local overrides in `examples/wagmi/.env.local`.
+- The React example uses `examples/react/.env.example` for `VITE_OMS_PUBLISHABLE_KEY`; keep local overrides in `examples/react/.env.local`.
+- The wagmi React example uses `examples/wagmi/.env.example` for `VITE_OMS_PUBLISHABLE_KEY`; keep local overrides in `examples/wagmi/.env.local`.
 - Treat credential signing, nonce handling, OIDC redirect state cleanup, session persistence, transaction execution/status polling, and access revocation as high-risk paths. Prefer focused regression tests for changes in these areas.
-- GitHub Pages reads `OMS_PUBLISHABLE_KEY` and `OMS_PROJECT_ID` for deployed examples. The wagmi example also reads `VITE_TRAILS_API_KEY`. Do not require those secrets for ordinary local unit tests unless the test explicitly needs an external boundary.
+- GitHub Pages reads `OMS_PUBLISHABLE_KEY` for deployed examples. The wagmi example also reads `VITE_TRAILS_API_KEY`. Do not require those secrets for ordinary local unit tests unless the test explicitly needs an external boundary.
 
 ## Agent Workflow Rules