fix: update to stacks.js 4.0.0 (removes username checking)

[janniks]

Try out this version of the Hiro Wallet - download extension builds.

scope

• updates stacks.js deps to 4.0.0
• fixes test issues and switches to node test environment

[vercel]

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/blockstack/stacks-wallet-web/ES6gaTMMoU8WKJrBpXMfYxS2vTzB
✅ Preview: https://stacks-wallet-web-git-remove-username-checking-blockstack.vercel.app

[markmhendrickson]

@kantai @larrysalibra @hstove @kyranjamie I'd be curious whether any of you see any immediate dangers to removing BNS-related queries from authentication in general per this PR.

@janniks is working on this approach as a way to resolve a variety of BNS-related issues that have cropped up, especially regarding expired, renewed and "legacy" Stacks 1.0 names. And this seems like a possibly efficient way to resolve them all at once.

[kyranjamie]

Where can we see the changes made to auth?

I can't think of any immediate dangers. Auth does a lot so if we can decouple any BNS features of it, then great. I don't fully understand why auth needs to look up/match BNS names in the first place.

[aulneau]

I agree that name resolution should be decoupled from authentication. It's easy enough to expose functions to resolve names to addresses, I personally don't think it needs to be included in an authentication response.

[pradel]

It's happening 🔥 can't wait to see this one merged so we can finally add Hiro wallet support to Sigle!

[kyranjamie]

LGTM 🥳

[markmhendrickson]

[janniks]

in 0f3a2b9 I had to skip a test (not sure why this fails), if somebody wants to look into it. may be related to switching to node as a test environment.

in 0f3a2b9 I also added --forceExit to jest, because some tests are leaking (traceable w/ --detectOpenHandles, after updating jest to latest)

---

handing back off to #userx, feel free to merge, or just use as a test-app for 4.0.0 stacks.js w/ connect.
(needed for arbitrary message signing)

[hstove]

Yeah, I do like this! In general I'm a fan of supporting a more "virtual" auth flow. On ETH there are no auth checks, so you can "log in" as any address you want to an app. This has some nice benefits - like I can login to an app using my vault address while on my phone, which doesn't have that key. If an app wants to strictly verify ownership (which is a more edge use-case, like gating premium features) they can always use other APIs for that.

[kyranjamie]

Before we merge, can we rebase this PR into 1 (or a few) commits 🙏🏼