tkhq · zkharit · Dec 20, 2024 · Dec 19, 2024 · Dec 19, 2024 · Dec 20, 2024
diff --git a/.changeset/red-carrots-carry.md b/.changeset/red-carrots-carry.md
@@ -0,0 +1,6 @@
+---
+"@turnkey/api-key-stamper": patch
+"@turnkey/sdk-browser": patch
+---
+
+Update error messaging around api key and target public key usage
diff --git a/packages/api-key-stamper/src/utils.ts b/packages/api-key-stamper/src/utils.ts
@@ -11,7 +11,14 @@ export function convertTurnkeyApiKeyToJwk(input: {
 }): JsonWebKey {
   const { uncompressedPrivateKeyHex, compressedPublicKeyHex } = input;
 
-  const jwk = pointDecode(uint8ArrayFromHexString(compressedPublicKeyHex));
+  let jwk;
+  try {
+    jwk = pointDecode(uint8ArrayFromHexString(compressedPublicKeyHex));
+  } catch (e) {
+    throw new Error(
+      `unable to load API key: invalid public key. Did you switch your public and private key?`
+    );
+  }
 
   // Ensure that d is sufficiently padded
   jwk.d = hexStringToBase64url(

diff --git a/packages/sdk-browser/src/utils.ts b/packages/sdk-browser/src/utils.ts
@@ -31,7 +31,16 @@ export const createEmbeddedAPIKey = async (
 
   // 3: import the targetPublicKey (i.e. passed in from the iframe)
   const targetKeyBytes = uint8ArrayFromHexString(targetPublicKey);
-  const jwk = pointDecode(targetKeyBytes);
+
+  let jwk;
+  try {
+    jwk = pointDecode(targetKeyBytes);
+  } catch (e) {
+    // provide more context about the error that is being thrown
+    throw new Error(
+      `target public key is not a valid compressed public key: ${targetPublicKey}`
+    );
+  }
 
   const targetKey = await crypto.subtle.importKey(
     "jwk",