From 3fa3039eccb108460e1b71d32144cf6407cef138 Mon Sep 17 00:00:00 2001
From: srinjoyc <srinjoyc@users.noreply.github.com>
Date: Tue, 16 Jun 2026 07:26:34 -0700
Subject: [PATCH] Refresh wallet docs

---
 docs/pages/wallets/api-reference.mdx          | 232 ++++++++++++++++++
 docs/pages/wallets/auth/email-otp.mdx         |  22 +-
 docs/pages/wallets/auth/google-oauth.mdx      |  16 +-
 docs/pages/wallets/auth/index.mdx             |  65 +++++
 docs/pages/wallets/auth/magic-link.mdx        |  29 ++-
 docs/pages/wallets/auth/passkeys.mdx          |   5 +
 docs/pages/wallets/export.mdx                 |  78 ++++--
 .../wallets/hooks/use-authenticate-oauth.mdx  |  12 +-
 .../wallets/hooks/use-authenticators.mdx      |  70 ++++++
 .../wallets/hooks/use-get-user-email.mdx      |  48 +---
 .../wallets/hooks/use-send-magic-link.mdx     |  20 +-
 docs/pages/wallets/hooks/use-send-otp.mdx     |  16 +-
 .../wallets/hooks/use-verify-magic-link.mdx   |  23 +-
 docs/pages/wallets/hooks/use-verify-otp.mdx   |  26 +-
 docs/pages/wallets/index.mdx                  |  31 ++-
 docs/pages/wallets/overview.mdx               |  75 ++++++
 docs/pages/wallets/quickstart.mdx             | 135 +++++++++-
 docs/pages/wallets/wallet-api/index.mdx       |  42 ++++
 .../wallets/wallet-api/send-transaction.mdx   |  24 +-
 .../pages/wallets/wallet-api/sign-message.mdx |  12 +-
 .../wallets/wallet-api/sign-typed-message.mdx |  15 +-
 vocs.config.tsx                               |  99 +++++---
 22 files changed, 937 insertions(+), 158 deletions(-)
 create mode 100644 docs/pages/wallets/api-reference.mdx
 create mode 100644 docs/pages/wallets/auth/index.mdx
 create mode 100644 docs/pages/wallets/hooks/use-authenticators.mdx
 create mode 100644 docs/pages/wallets/overview.mdx
 create mode 100644 docs/pages/wallets/wallet-api/index.mdx

diff --git a/docs/pages/wallets/api-reference.mdx b/docs/pages/wallets/api-reference.mdx
new file mode 100644
index 0000000..d75a28f
--- /dev/null
+++ b/docs/pages/wallets/api-reference.mdx
@@ -0,0 +1,232 @@
+# Public API Reference [Current package exports]
+
+:::danger[IMPORTANT]
+**USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
+:::
+
+This page tracks the public exports from the current ZeroDev Wallet SDK packages.
+
+## @zerodev/wallet-react
+
+### Dashboard configuration
+
+The SDK enforces project security settings from the ZeroDev dashboard:
+
+- Allowlist every app origin in the access control list, including local development ports.
+- Allowlist OAuth and magic-link redirect URLs before using those auth methods.
+- Disable any auth method you do not want to support. Email, Google, and passkey auth methods are enabled by default for new projects.
+
+### Wallet operation credits
+
+ZeroDev Wallet operations consume the Credits included in your existing ZeroDev plan.
+
+| Wallet operation | Credit cost | Notes |
+|------------------|-------------|-------|
+| Signature | 10 credits | Any wallet signature, including `personal_sign`, EIP-712 typed data, and UserOperation signatures. |
+| Bundler broadcast | 20 credits | Same pricing as the core ZeroDev Account Abstraction service for sending a UserOperation through the bundler. |
+
+A standalone message or typed-data signature costs **10 credits**. A transaction sent in `7702` or `4337` mode costs **30 credits total**: **10 credits** for the wallet signature plus **20 credits** for the bundler broadcast that sends the UserOperation to the network.
+
+### zeroDevWallet
+
+```ts
+import { zeroDevWallet } from '@zerodev/wallet-react'
+```
+
+Wagmi connector factory for ZeroDev Wallet.
+
+```ts
+zeroDevWallet({
+  projectId: 'YOUR_ZERODEV_PROJECT_ID',
+  chains: [sepolia],
+  mode: '7702',
+})
+```
+
+| Option | Type | Description |
+|--------|------|-------------|
+| `projectId` | `string` | Required. ZeroDev project ID. |
+| `chains` | `readonly Chain[]` | Required. Chains supported by this connector. |
+| `organizationId` | `string` | Optional Turnkey organization ID override. |
+| `proxyBaseUrl` | `string` | Optional KMS proxy URL. |
+| `aaUrl` | `string` | Optional bundler/paymaster URL override. |
+| `rpId` | `string` | Optional WebAuthn relying party ID. Defaults to the current hostname on web. |
+| `sessionStorage` | `StorageAdapter` | Optional storage for wallet sessions. |
+| `persistStorage` | `StateStorage` | Optional Zustand persistence storage for connector state. |
+| `apiKeyStamper` | `ApiKeyStamper \| Promise<ApiKeyStamper>` | Optional API-key stamper override. |
+| `passkeyStamper` | `PasskeyStamper \| Promise<PasskeyStamper>` | Optional passkey stamper override. |
+| `autoRefreshSession` | `boolean` | Defaults to `true`. Set to `false` to disable automatic refresh. |
+| `sessionWarningThreshold` | `number` | Milliseconds before expiry to refresh. Defaults to `60000`. |
+| `mode` | `'7702' \| '4337'` | Account mode. Defaults to `'7702'`. |
+| `autoInitialize` | `boolean \| (() => boolean)` | Controls whether connector setup initializes immediately. |
+
+`fetchOptions` is available on the lower-level `zeroDevWalletCore`, but intentionally omitted from the web `zeroDevWallet` export because browsers ignore custom `Origin` overrides.
+
+### Account modes
+
+| Mode | Address exposed to Wagmi | Transaction path |
+|------|--------------------------|------------------|
+| `'7702'` | Wallet address | Kernel account via EIP-7702 UserOperations submitted through a bundler. |
+| `'4337'` | Counterfactual Kernel smart account address | ERC-4337 UserOperations submitted through a bundler. |
+
+### Auth hooks
+
+| Export | Purpose |
+|--------|---------|
+| `useRegisterPasskey` | Register a new passkey and connect the wallet. |
+| `useLoginPasskey` | Login with an existing passkey and connect the wallet. |
+| `useAuthenticateOAuth` | Authenticate with Google OAuth. The web export opens a popup and accepts optional `timeoutMs`. |
+| `useSendOTP` | Send an email OTP. Returns `otpId` and `otpEncryptionTargetBundle`. |
+| `useVerifyOTP` | Verify an email OTP. Requires `code`, `otpId`, and `otpEncryptionTargetBundle`. |
+| `useSendMagicLink` | Send a magic link. Returns `otpId` and `otpEncryptionTargetBundle`. |
+| `useVerifyMagicLink` | Verify a magic link. Requires `code`, `otpId`, and `otpEncryptionTargetBundle`. |
+
+### Session and account hooks
+
+| Export | Purpose |
+|--------|---------|
+| `useRefreshSession` | Manually refresh the active session. |
+| `useAuthenticators` | Query OAuth providers, passkeys, email contacts, and API keys for the current user. |
+| `useExportWallet` | Render a secure Turnkey iframe for wallet seed phrase export. |
+| `useExportPrivateKey` | Render a secure Turnkey iframe for private key export. |
+
+### Actions and helpers
+
+| Export | Purpose |
+|--------|---------|
+| `getZeroDevConnector(config)` | Find the ZeroDev connector in a Wagmi config. Throws if it is not configured. |
+| `getZeroDevStore(connector)` | Get the connector's ZeroDev store. |
+| `getZeroDevWallet(store)` | Get the initialized core wallet SDK from the store. Throws if initialization has not completed. |
+| `createZeroDevWalletStore(options?)` | Create the connector state store. Advanced usage only. |
+| `NotAuthenticatedError` | Error thrown when wallet operations require an authenticated session. |
+| `OAUTH_PROVIDERS` | OAuth provider constants. Currently `{ GOOGLE: 'google' }`. |
+| `generateOAuthNonce(publicKey)` | Compute the Google OIDC nonce bound to the wallet public key. |
+| `verifyGoogleLoginUrl(loginUrl, publicKey)` | Validate Google OAuth login URL host and nonce before starting OAuth. |
+
+## Wallet provider methods
+
+The connector exposes an EIP-1193 provider. Supported `request` methods are:
+
+| Method | Description |
+|--------|-------------|
+| `eth_accounts` | Returns the active wallet address. |
+| `eth_requestAccounts` | Returns the active wallet address or throws `NotAuthenticatedError`. |
+| `eth_chainId` | Returns the active chain ID as hex. |
+| `eth_sendTransaction` | Sends a transaction. Uses UserOperations in `7702` and `4337` mode. |
+| `wallet_sendTransaction` | Same transaction path as `eth_sendTransaction`. |
+| `personal_sign` | Signs a message with the wallet signer for the configured mode. |
+| `eth_signTypedData_v4` | Signs EIP-712 typed data with the wallet signer for the configured mode. |
+| `wallet_switchEthereumChain` | Updates the active chain and emits `chainChanged`. |
+
+## @zerodev/wallet-core
+
+Use `@zerodev/wallet-core` directly when you need lower-level control without Wagmi.
+
+### createZeroDevWallet
+
+```ts
+import { createZeroDevWallet } from '@zerodev/wallet-core'
+
+const wallet = await createZeroDevWallet({
+  projectId: 'YOUR_ZERODEV_PROJECT_ID',
+})
+```
+
+On web, `rpId`, `sessionStorage`, `apiKeyStamper`, and `passkeyStamper` have browser defaults. React Native consumers should import from the React Native subpath and provide native storage/stamper adapters.
+
+### ZeroDevWalletSDK
+
+```ts
+type ZeroDevWalletSDK = {
+  client: ZeroDevWalletClient
+  auth: (params: AuthParams) => Promise<any>
+  getPublicKey: () => Promise<string | null>
+  getSession: () => Promise<ZeroDevWalletSession | undefined>
+  getAllSessions: () => Promise<Record<string, ZeroDevWalletSession>>
+  switchSession: (sessionId: string) => Promise<ZeroDevWalletSession | undefined>
+  clearSession: (sessionId: string) => Promise<void>
+  clearAllSessions: () => Promise<void>
+  refreshSession: (sessionId?: string) => Promise<ZeroDevWalletSession | undefined>
+  logout: () => Promise<boolean>
+  toAccount: () => Promise<LocalAccount>
+}
+```
+
+`auth` supports `oauth`, passkey `register`/`login`, OTP `sendOtp`/`verifyOtp`, and magic-link `send`/`verify`. OTP and magic-link verify calls require the `otpEncryptionTargetBundle` returned by the matching send call.
+
+### Core utilities
+
+| Export | Purpose |
+|--------|---------|
+| `toViemAccount` | Convert an authenticated wallet client/session into a viem `LocalAccount`. |
+| `createClient`, `createBaseClient`, `zeroDevWalletTransport` | Low-level client/transport primitives. |
+| `zeroDevWalletActions` | Client decorator for wallet actions. |
+| `createIframeStamper` | Create a Turnkey iframe stamper for secure export flows. |
+| `exportWallet` | Build a wallet export bundle for iframe injection. |
+| `exportPrivateKey` | Build a private-key export bundle for iframe injection. |
+| `normalizeTimestamp` | Normalize session expiry timestamps. |
+| `KMS_SERVER_URL` | Default KMS server URL. |
+
+### Root action exports
+
+These actions are exported from `@zerodev/wallet-core` and are also available through the decorated `wallet.client`.
+
+| Export | Purpose |
+|--------|---------|
+| `authenticateWithEmail` | Authenticate with an email-based session. |
+| `authenticateWithOAuth` | Authenticate with an OAuth session ID. |
+| `getAuthenticators` | Fetch OAuth authenticators, passkeys, email contacts, and API keys. |
+| `getUserWallet` | Fetch wallet addresses for the authenticated user. |
+| `getWhoami` | Fetch identity/session metadata for the current token. |
+| `loginWithOTP` | Login with an OTP attempt. |
+| `registerWithOTP` | Register an OTP contact and send an OTP. |
+| `sign7702Authorization` | Sign an EIP-7702 authorization. |
+| `signMessage` | Sign a message with a wallet key. |
+| `signTransaction` | Sign a serialized transaction. |
+| `signTypedDataV4` | Sign EIP-712 typed data. |
+| `signUserOperation` | Sign an ERC-4337 UserOperation. |
+
+### Actions subpath
+
+```ts
+import { getOAuthLoginUrl } from '@zerodev/wallet-core/actions'
+```
+
+The `@zerodev/wallet-core/actions` subpath exports the root actions above plus lower-level actions used by the React SDK:
+
+| Export | Purpose |
+|--------|---------|
+| `getAuthProxyConfigId` | Fetch the auth proxy config ID. |
+| `getOAuthLoginUrl` | Build the OAuth login URL for a provider and return URL. |
+| `loginWithStamp` | Login using an existing stamper. |
+| `registerWithPasskey` | Register a passkey credential. |
+
+## @zerodev/wallet-react-kit
+
+Use `@zerodev/wallet-react-kit` if you want prebuilt auth and signing UI.
+
+| Export | Purpose |
+|--------|---------|
+| `zeroDevWallet` | Enhanced connector wrapping `@zerodev/wallet-react` with optional auth/signing UI. |
+| `AuthFlow` | Prebuilt authentication flow component. |
+| `useAuth` | Access the kit auth state and navigation actions. |
+| `SignatureRequest` | Prebuilt request confirmation UI. |
+| `usePendingRequest` | Get the current pending signing request. |
+| `usePendingRequests` | Get all pending signing requests. |
+
+The kit connector accepts the same connector options as `@zerodev/wallet-react`, plus:
+
+```ts
+type ZeroDevKitConfig = {
+  signing?: { mode: 'background' } | { mode: 'prompt'; methods?: RequestMethod[] }
+  auth?: {
+    magicLinkBaseUrl: string
+    enabledMethods: ('email' | 'google' | 'passkey')[]
+    emailAuthMethod?: 'magicLink' | 'otp'
+    termsAndConditionsUrl?: string
+    privacyPolicyUrl?: string
+    onSuccess?: () => void
+    onError?: (error: unknown) => void
+  }
+}
+```
diff --git a/docs/pages/wallets/auth/email-otp.mdx b/docs/pages/wallets/auth/email-otp.mdx
index c7aaf37..3d99ab6 100644
--- a/docs/pages/wallets/auth/email-otp.mdx
+++ b/docs/pages/wallets/auth/email-otp.mdx
@@ -6,6 +6,11 @@
 
 Email OTP is a two-step flow: send a verification code to the user's email, then verify the code they enter.
 
+## Dashboard requirements
+
+- Allowlist your app origin in the dashboard access control list, including the local development port.
+- Email auth is enabled by default for new projects. If you do not want users to authenticate with email, explicitly disable email auth in the dashboard.
+
 ## Hooks
 
 - [`useSendOTP`](/wallets/hooks/use-send-otp) — Send a one-time code to an email address
@@ -22,6 +27,8 @@ function EmailOTPAuth() {
   const [email, setEmail] = useState('')
   const [code, setCode] = useState('')
   const [otpId, setOtpId] = useState<string | null>(null)
+  const [otpEncryptionTargetBundle, setOtpEncryptionTargetBundle] =
+    useState<string | null>(null)
 
   const { address, isConnected } = useAccount()
   const { disconnectAsync } = useDisconnect()
@@ -50,6 +57,7 @@ function EmailOTPAuth() {
           onClick={async () => {
             const result = await sendOTP.mutateAsync({ email })
             setOtpId(result.otpId)
+            setOtpEncryptionTargetBundle(result.otpEncryptionTargetBundle)
           }}
           disabled={sendOTP.isPending || !email}
         >
@@ -60,6 +68,8 @@ function EmailOTPAuth() {
     )
   }
 
+  if (!otpEncryptionTargetBundle) return null
+
   return (
     <div>
       <p>Code sent to {email}</p>
@@ -70,7 +80,13 @@ function EmailOTPAuth() {
         onChange={(e) => setCode(e.target.value)}
       />
       <button
-        onClick={() => verifyOTP.mutateAsync({ code, otpId })}
+        onClick={() =>
+          verifyOTP.mutateAsync({
+            code,
+            otpId,
+            otpEncryptionTargetBundle,
+          })
+        }
         disabled={verifyOTP.isPending || !code}
       >
         {verifyOTP.isPending ? 'Verifying...' : 'Verify Code'}
@@ -83,8 +99,8 @@ function EmailOTPAuth() {
 
 ## How it works
 
-1. **Send code**: `useSendOTP` sends a one-time verification code to the provided email address. It returns an `otpId` that identifies this verification attempt.
+1. **Send code**: `useSendOTP` sends a one-time verification code to the provided email address. It returns an `otpId` and `otpEncryptionTargetBundle` for this verification attempt.
 
-2. **Verify code**: `useVerifyOTP` takes the `otpId` and the code the user entered. If the code is valid, the SDK authenticates and creates a session.
+2. **Verify code**: `useVerifyOTP` takes the `otpId`, `otpEncryptionTargetBundle`, and the code the user entered. If the code is valid, the SDK authenticates and creates a session.
 
 After verification, the Wagmi connector is connected and the user's address is available via `useAccount`.
diff --git a/docs/pages/wallets/auth/google-oauth.mdx b/docs/pages/wallets/auth/google-oauth.mdx
index 03be8e3..d638929 100644
--- a/docs/pages/wallets/auth/google-oauth.mdx
+++ b/docs/pages/wallets/auth/google-oauth.mdx
@@ -6,9 +6,21 @@
 
 Google OAuth lets users sign in with their Google account using a popup-based flow. The SDK handles the popup, redirect, and session creation automatically.
 
-By default, the Google OAuth flow uses a Zerodev-managed Google account for authentication. This allows you to get started quickly without any additional configuration. You can customize the OAuth flow by providing your own Google OAuth client ID and secret in the developer dashboard.
+By default, the Google OAuth flow uses ZeroDev-managed Google credentials. This lets you get started quickly without creating a Google OAuth client first.
 
-> **Important:** Using custom credentials requires creating a new project with no wallets already created. You cannot switch an existing project from the default Zerodev-managed OAuth setup to a custom client configuration.
+You can customize the OAuth flow by providing your own Google OAuth client ID and secret in the developer dashboard.
+
+:::warning[Choose OAuth credentials before onboarding users]
+If you switch from ZeroDev-managed credentials to your own Google credentials, create a new project and use a new project ID. Existing users from the old OAuth credential setup will not be able to log in to the new setup. A migration path is planned, but for now we recommend deciding this before users create wallets.
+:::
+
+## Dashboard requirements
+
+- Enable Google auth in the dashboard.
+- Allowlist your app origin in the dashboard access control list, including the local development port.
+- Allowlist the OAuth redirect URL used by your app. The SDK rejects redirect URLs that are not configured for the project.
+
+Google auth is enabled by default for new projects. If you do not want users to authenticate with Google, explicitly disable it in the dashboard.
 
 ## Hook
 
diff --git a/docs/pages/wallets/auth/index.mdx b/docs/pages/wallets/auth/index.mdx
new file mode 100644
index 0000000..2b1ba61
--- /dev/null
+++ b/docs/pages/wallets/auth/index.mdx
@@ -0,0 +1,65 @@
+# Authentication [Login methods and dashboard controls]
+
+:::danger[IMPORTANT]
+**USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
+:::
+
+ZeroDev Wallet supports email OTP, magic links, Google OAuth, and passkeys. You can use the prebuilt `AuthFlow` from `@zerodev/wallet-react-kit`, or build your own screens with the lower-level hooks from `@zerodev/wallet-react`.
+
+| UI path | Best for |
+|---------|----------|
+| Prebuilt `AuthFlow` | Fast POCs, standard embedded-wallet onboarding, and teams that want a complete auth flow without designing every screen first. |
+| Custom hooks | Production apps with strict design-system, copy, routing, analytics, or compliance requirements around each auth step. |
+
+## Dashboard requirements
+
+Authentication is gated by dashboard configuration, not only frontend code:
+
+- Allowlist the exact app origin in the access control list, including the local development port.
+- Allowlist OAuth and magic-link redirect URLs before testing those flows.
+- Disable any auth method you do not want available. Email, Google, and passkeys are enabled by default.
+
+These controls exist because a technical user can inspect or modify frontend code. Treat dashboard auth-method configuration as the source of truth for what your project allows.
+
+## Pick a login path
+
+| Method | Use when | Notes |
+|--------|----------|-------|
+| [Passkeys](/wallets/auth/passkeys) | You want device-native authentication with strong phishing resistance. | Requires browser/platform passkey support and correct relying-party behavior. |
+| [Email OTP](/wallets/auth/email-otp) | You want a familiar code-based login flow. | The verify call needs the `otpEncryptionTargetBundle` returned by the send call. |
+| [Magic Link](/wallets/auth/magic-link) | You want email links that complete auth on a redirect URL. | The redirect URL must match the dashboard allowlist and your `magicLinkBaseUrl`. |
+| [Google OAuth](/wallets/auth/google-oauth) | You want social login. | ZeroDev-managed credentials work out of the box; bring-your-own Google credentials should be decided before onboarding users. |
+
+## Prebuilt UI path
+
+Use `AuthFlow` when you want the fastest complete auth flow. `AuthFlow` is paired with the React Kit connector from `@zerodev/wallet-react-kit`; the connector opens the flow when Wagmi `connect` runs and no session is available.
+
+```tsx
+import { AuthFlow } from '@zerodev/wallet-react-kit'
+
+export function LoginPage() {
+  return <AuthFlow />
+}
+```
+
+Render the same component on your magic-link verify URL:
+
+```tsx
+import { AuthFlow } from '@zerodev/wallet-react-kit'
+
+export default function VerifyPage() {
+  return <AuthFlow />
+}
+```
+
+## Custom UI path
+
+Use the lower-level hooks when your app needs custom onboarding copy, layout, or auth-method selection. In this path, import `zeroDevWallet` from `@zerodev/wallet-react` and build each screen yourself.
+
+- `useRegisterPasskey` and `useLoginPasskey`
+- `useSendOTP` and `useVerifyOTP`
+- `useSendMagicLink` and `useVerifyMagicLink`
+- `useAuthenticateOAuth`
+- `useAuthenticators`
+
+See the [public API reference](/wallets/api-reference) for current exports.
diff --git a/docs/pages/wallets/auth/magic-link.mdx b/docs/pages/wallets/auth/magic-link.mdx
index 8bd808c..c89ba4d 100644
--- a/docs/pages/wallets/auth/magic-link.mdx
+++ b/docs/pages/wallets/auth/magic-link.mdx
@@ -6,6 +6,12 @@
 
 Magic links let users authenticate by clicking a link in their email. The link redirects to your app where the SDK completes the verification.
 
+## Dashboard requirements
+
+- Allowlist your app origin in the dashboard access control list, including the local development port.
+- Allowlist every magic-link redirect URL you plan to use, such as `http://localhost:3000/verify` for local development.
+- Email auth is enabled by default for new projects. If you do not want users to authenticate with email or magic links, explicitly disable email auth in the dashboard.
+
 ## Hooks
 
 - [`useSendMagicLink`](/wallets/hooks/use-send-magic-link) — Send a magic link to an email address
@@ -37,8 +43,12 @@ function MagicLinkLogin() {
             email,
             redirectURL: `${window.location.origin}/verify`,
           })
-          // Store otpId for the verify page
+          // Store both values for the verify page
           sessionStorage.setItem('magicLinkOtpId', result.otpId)
+          sessionStorage.setItem(
+            'magicLinkOtpEncryptionTargetBundle',
+            result.otpEncryptionTargetBundle,
+          )
         }}
         disabled={sendMagicLink.isPending || !email}
       >
@@ -74,9 +84,16 @@ function VerifyMagicLink() {
   useEffect(() => {
     const code = searchParams.get('code')
     const otpId = sessionStorage.getItem('magicLinkOtpId')
-
-    if (code && otpId && !isConnected) {
-      verifyMagicLink.mutateAsync({ otpId, code })
+    const otpEncryptionTargetBundle = sessionStorage.getItem(
+      'magicLinkOtpEncryptionTargetBundle',
+    )
+
+    if (code && otpId && otpEncryptionTargetBundle && !isConnected) {
+      verifyMagicLink.mutateAsync({
+        otpId,
+        code,
+        otpEncryptionTargetBundle,
+      })
     }
   }, [searchParams])
 
@@ -98,10 +115,10 @@ function VerifyMagicLink() {
 
 ## How it works
 
-1. **Send link**: `useSendMagicLink` sends an email with a magic link pointing to your `redirectURL`. It returns an `otpId` that you need for verification.
+1. **Send link**: `useSendMagicLink` sends an email with a magic link pointing to your `redirectURL`. It returns an `otpId` and `otpEncryptionTargetBundle` that you need for verification.
 
 2. **User clicks link**: The user clicks the link in their email, which redirects them to your app with a `code` query parameter.
 
-3. **Verify**: Your verify page calls `useVerifyMagicLink` with the `otpId` and `code`. If valid, the SDK authenticates and creates a session.
+3. **Verify**: Your verify page calls `useVerifyMagicLink` with the `otpId`, `code`, and `otpEncryptionTargetBundle`. If valid, the SDK authenticates and creates a session.
 
 After verification, the Wagmi connector is connected and the user's address is available via `useAccount`.
diff --git a/docs/pages/wallets/auth/passkeys.mdx b/docs/pages/wallets/auth/passkeys.mdx
index 2e9c525..d1c5a5a 100644
--- a/docs/pages/wallets/auth/passkeys.mdx
+++ b/docs/pages/wallets/auth/passkeys.mdx
@@ -6,6 +6,11 @@
 
 Passkeys use the [WebAuthn](https://webauthn.guide/) standard for passwordless authentication. Users authenticate with biometrics (Face ID, Touch ID, fingerprint) or a hardware security key.
 
+## Dashboard requirements
+
+- Allowlist your app origin in the dashboard access control list, including the local development port.
+- Passkey auth is enabled by default for new projects. If you do not want users to authenticate with passkeys, explicitly disable passkey auth in the dashboard.
+
 ## Configure RP ID (optional)
 
 Set `rpId` on the connector if you need a custom [relying party identifier](https://www.w3.org/TR/webauthn-2/#relying-party-identifier) (defaults to the current hostname):
diff --git a/docs/pages/wallets/export.mdx b/docs/pages/wallets/export.mdx
index 256f62f..71701db 100644
--- a/docs/pages/wallets/export.mdx
+++ b/docs/pages/wallets/export.mdx
@@ -4,7 +4,9 @@
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
 :::
 
-The SDK supports exporting the user's wallet as a seed phrase or private key. The key material is displayed inside a secure iframe and never touches your application code.
+The SDK supports exporting the user's wallet as a seed phrase or private key. The key material is displayed inside a secure Turnkey iframe and never touches your application code.
+
+Only show export controls behind an explicit user action, and warn users before rendering the iframe. Anyone with the exported seed phrase or private key can control the wallet.
 
 ## Hooks
 
@@ -19,9 +21,43 @@ import { useExportWallet, useExportPrivateKey } from '@zerodev/wallet-react'
 
 function ExportModal() {
   const [showExport, setShowExport] = useState(false)
+  const [exporting, setExporting] = useState(false)
   const exportWallet = useExportWallet()
   const exportPrivateKey = useExportPrivateKey()
 
+  const iframeContainerId = 'export-container'
+
+  const showSeedPhrase = async () => {
+    setExporting(true)
+    await exportWallet.mutateAsync({
+      iframeContainerId,
+      iframeStyles: {
+        backgroundColor: '#ffffff',
+        color: '#1a1a1a',
+        fontFamily: 'monospace',
+        fontSize: '14px',
+        padding: '16px',
+        width: '100%',
+      },
+    })
+  }
+
+  const showPrivateKey = async () => {
+    setExporting(true)
+    await exportPrivateKey.mutateAsync({
+      iframeContainerId,
+      keyFormat: 'Hexadecimal',
+      iframeStyles: {
+        backgroundColor: '#ffffff',
+        color: '#1a1a1a',
+        fontFamily: 'monospace',
+        fontSize: '14px',
+        padding: '16px',
+        width: '100%',
+      },
+    })
+  }
+
   return (
     <div>
       <button onClick={() => setShowExport(true)}>
@@ -31,44 +67,36 @@ function ExportModal() {
       {showExport && (
         <div className="modal">
           <h3>Export Options</h3>
+          <p>
+            Never share your seed phrase or private key. Make sure no one is
+            watching your screen before continuing.
+          </p>
 
           {/* Container where the export iframe will render */}
-          <div id="export-container" style={{ minHeight: '200px' }} />
+          <div id={iframeContainerId} style={{ minHeight: '200px' }} />
 
           <button
-            onClick={() =>
-              exportWallet.mutateAsync({
-                iframeContainerId: 'export-container',
-                iframeStyles: {
-                  width: '400px',
-                  height: '200px',
-                  border: 'none',
-                },
-              })
-            }
+            onClick={showSeedPhrase}
             disabled={exportWallet.isPending}
           >
             {exportWallet.isPending ? 'Exporting...' : 'Show Seed Phrase'}
           </button>
 
           <button
-            onClick={() =>
-              exportPrivateKey.mutateAsync({
-                iframeContainerId: 'export-container',
-                keyFormat: 'Hexadecimal',
-                iframeStyles: {
-                  width: '400px',
-                  height: '100px',
-                  border: 'none',
-                },
-              })
-            }
+            onClick={showPrivateKey}
             disabled={exportPrivateKey.isPending}
           >
             {exportPrivateKey.isPending ? 'Exporting...' : 'Show Private Key'}
           </button>
 
-          <button onClick={() => setShowExport(false)}>
+          {exporting && (
+            <p>Save the exported material before closing this window.</p>
+          )}
+
+          <button onClick={() => {
+            setShowExport(false)
+            setExporting(false)
+          }}>
             Close
           </button>
         </div>
@@ -81,7 +109,7 @@ function ExportModal() {
 ## How it works
 
 1. You provide a container element ID where the secure iframe will be rendered.
-2. The SDK initiates a secure export session.
+2. The SDK initiates a secure export session with Turnkey.
 3. The seed phrase or private key is rendered inside a secure iframe.
 4. The key material is displayed directly to the user — it never passes through your application.
 
diff --git a/docs/pages/wallets/hooks/use-authenticate-oauth.mdx b/docs/pages/wallets/hooks/use-authenticate-oauth.mdx
index a09ccc6..e0397de 100644
--- a/docs/pages/wallets/hooks/use-authenticate-oauth.mdx
+++ b/docs/pages/wallets/hooks/use-authenticate-oauth.mdx
@@ -22,7 +22,9 @@ import {
 import { useAccount } from 'wagmi'
 
 function OAuthLogin() {
-  const authenticateOAuth = useAuthenticateOAuth()
+  const authenticateOAuth = useAuthenticateOAuth({
+    timeoutMs: 5 * 60 * 1000,
+  })
   const { address, isConnected } = useAccount()
 
   if (isConnected) {
@@ -46,6 +48,14 @@ function OAuthLogin() {
 
 ## Parameters
 
+The web hook takes optional hook-level parameters, then `provider` as the mutation variable.
+
+### timeoutMs
+
+`number | undefined`
+
+Optional popup timeout in milliseconds. Defaults to 5 minutes.
+
 ### provider
 
 `OAuthProvider`
diff --git a/docs/pages/wallets/hooks/use-authenticators.mdx b/docs/pages/wallets/hooks/use-authenticators.mdx
new file mode 100644
index 0000000..f05f80d
--- /dev/null
+++ b/docs/pages/wallets/hooks/use-authenticators.mdx
@@ -0,0 +1,70 @@
+import QueryResult from '../shared/query-result.mdx'
+
+# useAuthenticators [Hook for listing the user's authenticators]
+
+:::danger[IMPORTANT]
+**USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
+:::
+
+## Import
+
+```tsx
+import { useAuthenticators } from '@zerodev/wallet-react'
+```
+
+## Usage
+
+```tsx
+import { useAuthenticators } from '@zerodev/wallet-react'
+import { useAccount } from 'wagmi'
+
+function Authenticators() {
+  const { isConnected } = useAccount()
+  const authenticators = useAuthenticators({
+    query: {
+      enabled: isConnected,
+    },
+  })
+
+  if (!isConnected) return null
+  if (authenticators.isLoading) return <p>Loading...</p>
+  if (authenticators.isError) {
+    return <p>Error: {authenticators.error.message}</p>
+  }
+
+  return (
+    <pre>
+      {JSON.stringify(authenticators.data, null, 2)}
+    </pre>
+  )
+}
+```
+
+## Parameters
+
+### query
+
+`Omit<UseQueryOptions<GetAuthenticatorsReturnType, Error>, 'queryKey' | 'queryFn'> | undefined`
+
+Optional TanStack Query options. The hook owns the `queryKey` and `queryFn`.
+
+## Return Types
+
+### data
+
+`GetAuthenticatorsReturnType | undefined`
+
+The authenticators linked to the current user in the connected project and sub-organization.
+
+```ts
+type GetAuthenticatorsReturnType = {
+  oauths: OAuthAuthenticator[] | null
+  passkeys: PasskeyAuthenticator[] | null
+  emailContacts: EmailContact[] | null
+  apiKeys: ApiKeyAuthenticator[] | null
+}
+```
+
+`emailContacts` includes email contacts linked by OTP or magic-link auth. `oauths` includes linked OAuth providers such as Google. `passkeys` includes WebAuthn credentials. `apiKeys` includes session/API-key authenticators.
+
+<QueryResult />
diff --git a/docs/pages/wallets/hooks/use-get-user-email.mdx b/docs/pages/wallets/hooks/use-get-user-email.mdx
index 6e92cc7..e62c658 100644
--- a/docs/pages/wallets/hooks/use-get-user-email.mdx
+++ b/docs/pages/wallets/hooks/use-get-user-email.mdx
@@ -1,56 +1,24 @@
 import QueryResult from '../shared/query-result.mdx'
 
-# useGetUserEmail [Hook for getting the authenticated user's email]
+# useGetUserEmail [Removed hook]
 
 :::danger[IMPORTANT]
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
 :::
 
-## Import
+`useGetUserEmail` is not exported by the current `@zerodev/wallet-react` package.
 
-```tsx
-import { useGetUserEmail } from '@zerodev/wallet-react'
-```
-
-## Usage
+Use [`useAuthenticators`](/wallets/hooks/use-authenticators) instead and read `data.emailContacts` for email contacts linked to the authenticated user.
 
 ```tsx
-import { useGetUserEmail } from '@zerodev/wallet-react'
-import { useAccount } from 'wagmi'
-
-function UserProfile() {
-  const { isConnected } = useAccount()
-  const { data: userEmail, isLoading } = useGetUserEmail({})
-
-  if (!isConnected) return null
+import { useAuthenticators } from '@zerodev/wallet-react'
 
-  if (isLoading) return <p>Loading email...</p>
+function UserEmail() {
+  const authenticators = useAuthenticators()
+  const email = authenticators.data?.emailContacts?.[0]?.email
 
-  return <p>Email: {userEmail?.email ?? 'Not available'}</p>
+  return <p>Email: {email ?? 'Not available'}</p>
 }
 ```
 
-## Parameters
-
-```tsx
-import { type UseGetUserEmailParameters } from '@zerodev/wallet-react'
-```
-
-This hook takes an empty object `{}` as its argument. No additional parameters are required.
-
-## Return Types
-
-### data
-
-`{ email: string } | undefined`
-
-- Defaults to `undefined`
-- The authenticated user's email address, if available.
-
-#### email
-
-`string`
-
-The user's email address. This is available when the user authenticated with Email OTP, Magic Link, or Google OAuth. It may not be available for passkey-only authentication.
-
 <QueryResult />
diff --git a/docs/pages/wallets/hooks/use-send-magic-link.mdx b/docs/pages/wallets/hooks/use-send-magic-link.mdx
index 1d2690b..8b08ab4 100644
--- a/docs/pages/wallets/hooks/use-send-magic-link.mdx
+++ b/docs/pages/wallets/hooks/use-send-magic-link.mdx
@@ -36,8 +36,12 @@ function SendMagicLink() {
             email,
             redirectURL: `${window.location.origin}/verify`,
           })
-          // Store otpId for the verify page
+          // Store both values for the verify page
           sessionStorage.setItem('magicLinkOtpId', result.otpId)
+          sessionStorage.setItem(
+            'magicLinkOtpEncryptionTargetBundle',
+            result.otpEncryptionTargetBundle,
+          )
         }}
         disabled={sendMagicLink.isPending || !email}
       >
@@ -66,7 +70,7 @@ function SendMagicLink() {
 
 ### otpCodeCustomization
 
-`{ length?: 6 | 7 | 8 | 9; alphanumeric?: boolean } | undefined`
+`{ length: 6 | 7 | 8 | 9; alphanumeric: boolean } | undefined`
 
 Optional customization for the generated verification code.
 
@@ -88,19 +92,19 @@ Whether to use alphanumeric characters instead of digits only. Defaults to `fals
 
 ### mutate
 
-`(variables: { email: string; redirectURL: string }) => void`
+`(variables: { email: string; redirectURL: string; otpCodeCustomization?: { length: 6 | 7 | 8 | 9; alphanumeric: boolean }; connector?: Connector }) => void`
 
 The mutation function to send the magic link.
 
 ### mutateAsync
 
-`(variables: { email: string; redirectURL: string }) => Promise<{ otpId: string }>`
+`(variables: { email: string; redirectURL: string; otpCodeCustomization?: { length: 6 | 7 | 8 | 9; alphanumeric: boolean }; connector?: Connector }) => Promise<{ otpId: string; otpEncryptionTargetBundle: string }>`
 
 Similar to [`mutate`](#mutate) but returns a promise.
 
 ### data
 
-`{ otpId: string } | undefined`
+`{ otpId: string; otpEncryptionTargetBundle: string } | undefined`
 
 - Defaults to `undefined`
 - The data returned from the mutation on success.
@@ -111,4 +115,10 @@ Similar to [`mutate`](#mutate) but returns a promise.
 
 The identifier for this magic link verification. Store this value and pass it to [`useVerifyMagicLink`](/wallets/hooks/use-verify-magic-link) on the redirect page.
 
+#### otpEncryptionTargetBundle
+
+`string`
+
+The encryption target bundle for this magic link attempt. Store it with the matching `otpId` and pass it to [`useVerifyMagicLink`](/wallets/hooks/use-verify-magic-link) on the redirect page.
+
 <MutationResult />
diff --git a/docs/pages/wallets/hooks/use-send-otp.mdx b/docs/pages/wallets/hooks/use-send-otp.mdx
index ffb2fb1..bcae717 100644
--- a/docs/pages/wallets/hooks/use-send-otp.mdx
+++ b/docs/pages/wallets/hooks/use-send-otp.mdx
@@ -34,7 +34,7 @@ function SendCode() {
         onClick={async () => {
           const result = await sendOTP.mutateAsync({ email })
           console.log('OTP ID:', result.otpId)
-          // Pass otpId to useVerifyOTP
+          // Pass otpId and otpEncryptionTargetBundle to useVerifyOTP
         }}
         disabled={sendOTP.isPending || !email}
       >
@@ -67,7 +67,7 @@ Custom template for the email content.
 
 ### otpCodeCustomization
 
-`{ length?: 6 | 7 | 8 | 9; alphanumeric?: boolean } | undefined`
+`{ length: 6 | 7 | 8 | 9; alphanumeric: boolean } | undefined`
 
 Optional customization for the generated OTP code.
 
@@ -89,19 +89,19 @@ Whether to use alphanumeric characters instead of digits only. Defaults to `fals
 
 ### mutate
 
-`(variables: { email: string; emailCustomization?: { magicLinkTemplate?: string } }) => void`
+`(variables: { email: string; emailCustomization?: { magicLinkTemplate?: string }; otpCodeCustomization?: { length: 6 | 7 | 8 | 9; alphanumeric: boolean }; connector?: Connector }) => void`
 
 The mutation function to send the OTP.
 
 ### mutateAsync
 
-`(variables: { email: string; emailCustomization?: { magicLinkTemplate?: string } }) => Promise<{ otpId: string }>`
+`(variables: { email: string; emailCustomization?: { magicLinkTemplate?: string }; otpCodeCustomization?: { length: 6 | 7 | 8 | 9; alphanumeric: boolean }; connector?: Connector }) => Promise<{ otpId: string; otpEncryptionTargetBundle: string }>`
 
 Similar to [`mutate`](#mutate) but returns a promise.
 
 ### data
 
-`{ otpId: string } | undefined`
+`{ otpId: string; otpEncryptionTargetBundle: string } | undefined`
 
 - Defaults to `undefined`
 - The data returned from the mutation on success.
@@ -112,4 +112,10 @@ Similar to [`mutate`](#mutate) but returns a promise.
 
 The identifier for this OTP verification attempt. Pass this to [`useVerifyOTP`](/wallets/hooks/use-verify-otp) to complete authentication.
 
+#### otpEncryptionTargetBundle
+
+`string`
+
+The encryption target bundle for this OTP attempt. Store it with the matching `otpId` and pass it to [`useVerifyOTP`](/wallets/hooks/use-verify-otp).
+
 <MutationResult />
diff --git a/docs/pages/wallets/hooks/use-verify-magic-link.mdx b/docs/pages/wallets/hooks/use-verify-magic-link.mdx
index 5810d1b..9dd7bf3 100644
--- a/docs/pages/wallets/hooks/use-verify-magic-link.mdx
+++ b/docs/pages/wallets/hooks/use-verify-magic-link.mdx
@@ -28,9 +28,16 @@ function VerifyPage() {
   useEffect(() => {
     const code = searchParams.get('code')
     const otpId = sessionStorage.getItem('magicLinkOtpId')
-
-    if (code && otpId && !isConnected) {
-      verifyMagicLink.mutateAsync({ otpId, code })
+    const otpEncryptionTargetBundle = sessionStorage.getItem(
+      'magicLinkOtpEncryptionTargetBundle',
+    )
+
+    if (code && otpId && otpEncryptionTargetBundle && !isConnected) {
+      verifyMagicLink.mutateAsync({
+        otpId,
+        code,
+        otpEncryptionTargetBundle,
+      })
     }
   }, [searchParams])
 
@@ -56,19 +63,25 @@ function VerifyPage() {
 
 **Required.** The verification code from the magic link URL query parameters.
 
+### otpEncryptionTargetBundle
+
+`string`
+
+**Required.** The encryption target bundle returned by the matching [`useSendMagicLink`](/wallets/hooks/use-send-magic-link) call.
+
 ## Return Types
 
 [TanStack Query mutation docs](https://tanstack.com/query/v5/docs/react/reference/useMutation)
 
 ### mutate
 
-`(variables: { otpId: string; code: string }) => void`
+`(variables: { otpId: string; code: string; otpEncryptionTargetBundle: string; connector?: Connector }) => void`
 
 The mutation function to verify the magic link.
 
 ### mutateAsync
 
-`(variables: { otpId: string; code: string }) => Promise<void>`
+`(variables: { otpId: string; code: string; otpEncryptionTargetBundle: string; connector?: Connector }) => Promise<void>`
 
 Similar to [`mutate`](#mutate) but returns a promise. Resolves when the magic link is verified and the wallet is connected.
 
diff --git a/docs/pages/wallets/hooks/use-verify-otp.mdx b/docs/pages/wallets/hooks/use-verify-otp.mdx
index 4ee8832..4e3f08d 100644
--- a/docs/pages/wallets/hooks/use-verify-otp.mdx
+++ b/docs/pages/wallets/hooks/use-verify-otp.mdx
@@ -19,7 +19,13 @@ import { useState } from 'react'
 import { useVerifyOTP } from '@zerodev/wallet-react'
 import { useAccount } from 'wagmi'
 
-function VerifyCode({ otpId }: { otpId: string }) {
+function VerifyCode({
+  otpId,
+  otpEncryptionTargetBundle,
+}: {
+  otpId: string
+  otpEncryptionTargetBundle: string
+}) {
   const [code, setCode] = useState('')
   const verifyOTP = useVerifyOTP()
   const { address, isConnected } = useAccount()
@@ -37,7 +43,13 @@ function VerifyCode({ otpId }: { otpId: string }) {
         placeholder="Enter verification code"
       />
       <button
-        onClick={() => verifyOTP.mutateAsync({ code, otpId })}
+        onClick={() =>
+          verifyOTP.mutateAsync({
+            code,
+            otpId,
+            otpEncryptionTargetBundle,
+          })
+        }
         disabled={verifyOTP.isPending || !code}
       >
         {verifyOTP.isPending ? 'Verifying...' : 'Verify'}
@@ -62,19 +74,25 @@ function VerifyCode({ otpId }: { otpId: string }) {
 
 **Required.** The OTP identifier returned by [`useSendOTP`](/wallets/hooks/use-send-otp).
 
+### otpEncryptionTargetBundle
+
+`string`
+
+**Required.** The encryption target bundle returned by the matching [`useSendOTP`](/wallets/hooks/use-send-otp) call.
+
 ## Return Types
 
 [TanStack Query mutation docs](https://tanstack.com/query/v5/docs/react/reference/useMutation)
 
 ### mutate
 
-`(variables: { code: string; otpId: string }) => void`
+`(variables: { code: string; otpId: string; otpEncryptionTargetBundle: string; connector?: Connector }) => void`
 
 The mutation function to verify the OTP.
 
 ### mutateAsync
 
-`(variables: { code: string; otpId: string }) => Promise<void>`
+`(variables: { code: string; otpId: string; otpEncryptionTargetBundle: string; connector?: Connector }) => Promise<void>`
 
 Similar to [`mutate`](#mutate) but returns a promise. Resolves when the code is verified and the wallet is connected.
 
diff --git a/docs/pages/wallets/index.mdx b/docs/pages/wallets/index.mdx
index 10fde54..a048cbd 100644
--- a/docs/pages/wallets/index.mdx
+++ b/docs/pages/wallets/index.mdx
@@ -6,15 +6,42 @@
 
 ZeroDev Wallet is the first **smart embedded wallet** -- an embedded wallet optimized for smart accounts.
 
+It combines embedded key management with Kernel smart accounts, so the wallet can use account-abstraction features as part of the default transaction path instead of adding smart accounts as a secondary layer later.
+
 ## Demo
 
 Check out [this demo](https://zerodev-signer-demo.vercel.app/) for a self-custodial wallet powered by social logins and gas sponsorship.
 
+The demo source is available on [GitHub](https://github.com/zerodevapp/zerodev-wallet-sdk/tree/main/apps/zerodev-signer-demo). It uses `@zerodev/wallet-react-kit` for `AuthFlow` and `SignatureRequest`, then uses standard Wagmi hooks for transactions, contract writes, and signing.
+
+## What it includes
+
+- Embedded authentication with email, Google OAuth, magic links, and passkeys
+- `7702` mode by default, with `4337` mode available when your product needs a counterfactual smart-account address
+- Bundler-backed transaction routing in `7702` and `4337` mode, including gas sponsorship through the ZeroDev dashboard
+- Wagmi-compatible account, transaction, contract write, and signature flows
+- Secure seed phrase and private key export through Turnkey iframes
+- Optional prebuilt UI through `@zerodev/wallet-react-kit`, plus lower-level hooks for custom onboarding
+
+## When to use it
+
+### You want embedded wallets and native smart-account behavior
+
+Use ZeroDev Wallet when your app needs an embedded wallet, but the transaction path should be account-abstraction native: sponsorship, batching, automation, permissions, and cross-chain execution should be first-class product primitives rather than a later migration.
+
+### You want to stay on Wagmi
+
+After authentication, your app uses the wallet through Wagmi hooks like `useAccount`, `useSendTransaction`, `useWriteContract`, `useSignMessage`, and `useSignTypedData`. In `7702` and `4337` mode, send/write calls go through the bundler-backed UserOperation path.
+
+### You need a clear smart-account story
+
+Start with `7702` for the default smart embedded wallet path. Use `4337` when the product should expose a counterfactual smart-account address.
+
 ## Why ZeroDev Wallet
 
 ### Smart by Default
 
-Most embedded wallets use EOAs by default, and only support smart accounts as a secondary option.  On the other hand, ZeroDev Wallet uses smart accounts *by default* through EIP-7702 and ERC-4337.
+Most embedded wallets start with key management and only support smart accounts as a secondary option. On the other hand, ZeroDev Wallet uses smart accounts *by default* through EIP-7702 and ERC-4337.
 
 As a result, smart account features such as gas sponsorship, transaction batching, transaction automation, and chain abstraction are available as native APIs with ZeroDev Wallet, while other embedded wallets typically only support a subset of these features.
 
@@ -34,4 +61,4 @@ On the other hand, ZeroDev Wallet is a complete embedded wallet solution that bu
 
 ## Getting Started
 
-Check out [the quickstart](/wallets/quickstart) to get started!
+If you are comparing embedded wallet options, start with the [overview](/wallets/overview). If you are ready to build, use the [quickstart](/wallets/quickstart), or review the [public API reference](/wallets/api-reference) if you are updating an existing integration.
diff --git a/docs/pages/wallets/overview.mdx b/docs/pages/wallets/overview.mdx
new file mode 100644
index 0000000..0e6a3b4
--- /dev/null
+++ b/docs/pages/wallets/overview.mdx
@@ -0,0 +1,75 @@
+# Overview [Why ZeroDev Wallet]
+
+:::danger[IMPORTANT]
+**USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
+:::
+
+ZeroDev Wallet is a smart embedded wallet for teams that want the smooth UX of embedded wallets with account-abstraction infrastructure built into the default transaction path.
+
+Most embedded wallet products start with key management and add smart accounts later. ZeroDev Wallet bundles embedded key management with Kernel smart accounts from day one, so sponsorship, batching, permissions, automation, and chain abstraction are part of the architecture instead of an integration project waiting for later.
+
+If you are comparing ZeroDev Wallet with embedded wallet providers like Privy, the main question is not just "can users log in without an extension?" It is whether the wallet stack is designed around smart-account execution from day one.
+
+## Why teams choose ZeroDev Wallet
+
+### Smart accounts by default
+
+ZeroDev Wallet is optimized for smart-account products, not just login. In `7702` and `4337` mode, transaction requests are routed through ZeroDev's bundler-backed account-abstraction infrastructure from the start.
+
+### Embedded auth without a separate wallet install
+
+Users can sign in with email OTP, magic links, Google OAuth, or passkeys. Your app can use the prebuilt `AuthFlow` from `@zerodev/wallet-react-kit`, or build a custom onboarding flow with lower-level React hooks.
+
+### Wagmi-compatible app code
+
+After authentication, your app uses familiar Wagmi hooks such as `useAccount`, `useSendTransaction`, `useWriteContract`, `useSignMessage`, and `useSignTypedData`.
+
+### Built for gasless and sponsored experiences
+
+In smart-account modes, transaction sends use the bundler path. If your project is configured for sponsorship, you can ship gasless product flows without stitching together a separate wallet vendor and smart-account stack.
+
+### User exit flows
+
+ZeroDev Wallet supports secure seed phrase and private key export through Turnkey iframe flows, so users are not locked into your frontend.
+
+## What you get
+
+| Capability | What it means for your app |
+|------------|----------------------------|
+| Embedded authentication | Email OTP, magic links, Google OAuth, and passkeys without requiring a browser extension. |
+| Smart-account execution | `7702` by default, with `4337` available when you need a counterfactual smart-account address. |
+| Bundler-backed transactions | In smart-account modes, transaction sends go through the UserOperation path. |
+| Gas sponsorship | Sponsored transaction flows can use the same account-abstraction infrastructure instead of a separate wallet workaround. |
+| Standard app integration | Wagmi hooks and an EIP-1193 provider for the operations most app teams already expect. |
+| Export support | Secure seed phrase and private key export through Turnkey iframe flows. |
+
+## Where to begin
+
+| If you are... | Start here |
+|---------------|------------|
+| Comparing embedded wallet providers | Read this page, run the [hosted demo](https://zerodev-signer-demo.vercel.app/), and inspect the [demo source](https://github.com/zerodevapp/zerodev-wallet-sdk/tree/main/apps/zerodev-signer-demo). |
+| Product or growth team | Review the value props above, then test the demo's login, gas sponsorship, signing, and export flows. |
+| Frontend engineer | Follow the [Quickstart](/wallets/quickstart) with `@zerodev/wallet-react-kit` and get a working embedded wallet flow quickly. |
+| Wallet/platform engineer | Read [Wallets](/wallets/wallet-api) for transaction and signing behavior, then review the [Public API Reference](/wallets/api-reference). |
+| Auth or security reviewer | Start with [Authentication](/wallets/auth), then review each login method and the dashboard requirements below. |
+
+## Before you build
+
+There are a few project settings that should be configured before local testing:
+
+- Allowlist your app origin in the dashboard access control list, including the local development port.
+- Allowlist redirect URLs for Google OAuth and magic links.
+- Decide early whether Google OAuth should use ZeroDev-managed credentials or your own Google credentials. If you switch to your own Google credentials later, use a new project ID because existing users from the old OAuth credential setup will not be able to log in.
+- Disable any auth methods you do not want to support. Email, Google, and passkeys are enabled by default for new projects.
+
+## Cost model
+
+Wallet operations consume the Credits included in your existing ZeroDev plan:
+
+| Operation | Credits |
+|-----------|---------|
+| Wallet signature | 10 credits |
+| Bundler broadcast | 20 credits |
+| Transaction in `7702` or `4337` mode | 30 credits total |
+
+A standalone message or typed-data signature is one wallet signature. A smart-account transaction signs the UserOperation and then broadcasts it through the bundler, so it uses both credit events.
diff --git a/docs/pages/wallets/quickstart.mdx b/docs/pages/wallets/quickstart.mdx
index b1c1f17..33ad1ad 100644
--- a/docs/pages/wallets/quickstart.mdx
+++ b/docs/pages/wallets/quickstart.mdx
@@ -1,4 +1,4 @@
-# Quickstart [Get up and running in 5 minutes]
+# Quickstart [Set up ZeroDev Wallet]
 
 :::danger[IMPORTANT]
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
@@ -9,31 +9,52 @@
 :::code-group
 
 ```bash [npm]
-npm i @zerodev/wallet-react @zerodev/sdk wagmi viem @tanstack/react-query
+npm i @zerodev/wallet-react @zerodev/wallet-react-kit @zerodev/wallet-core @zerodev/sdk wagmi viem @tanstack/react-query
 ```
 
 ```bash [yarn]
-yarn add @zerodev/wallet-react @zerodev/sdk wagmi viem @tanstack/react-query
+yarn add @zerodev/wallet-react @zerodev/wallet-react-kit @zerodev/wallet-core @zerodev/sdk wagmi viem @tanstack/react-query
 ```
 
 ```bash [pnpm]
-pnpm i @zerodev/wallet-react @zerodev/sdk wagmi viem @tanstack/react-query
+pnpm i @zerodev/wallet-react @zerodev/wallet-react-kit @zerodev/wallet-core @zerodev/sdk wagmi viem @tanstack/react-query
 ```
 
 ```bash [bun]
-bun add @zerodev/wallet-react @zerodev/sdk wagmi viem @tanstack/react-query
+bun add @zerodev/wallet-react @zerodev/wallet-react-kit @zerodev/wallet-core @zerodev/sdk wagmi viem @tanstack/react-query
 ```
 
 :::
 
-## 1. Configure Wagmi
+## 1. Configure the dashboard
 
-Create a Wagmi config with the `zeroDevWallet` connector:
+Before running the SDK locally, configure your ZeroDev project in the dashboard:
+
+- **Access control list**: allowlist your app origin, including the port. For local development this usually looks like `http://localhost:3000` or `http://localhost:5174`.
+- **Redirect URLs**: if you use Google OAuth or magic links, allowlist the exact redirect URLs that can complete auth, such as `http://localhost:3000/verify`.
+- **Auth methods**: email, Google, and passkey auth methods are enabled by default. Disable any method you do not want to support from the dashboard, even if the frontend does not show it.
+
+These dashboard checks are required for security. The SDK will reject requests from origins or redirect URLs that are not allowlisted.
+
+## 2. Configure Wagmi
+
+Create a Wagmi config with the `zeroDevWallet` connector.
+
+ZeroDev Wallet supports two UI paths:
+
+| Path | Use when |
+|------|----------|
+| Prebuilt UI with `@zerodev/wallet-react-kit` | You want the fastest path to a working embedded wallet with `AuthFlow` and `SignatureRequest`. |
+| Custom UI with `@zerodev/wallet-react` | You want to own every auth screen and request prompt in your product design system. |
+
+This quickstart uses the React Kit path, which is the fastest way to get a working embedded wallet flow in front of your team. The demo app uses the same approach.
 
 ```tsx
 import { createConfig, http } from 'wagmi'
 import { sepolia } from 'wagmi/chains'
-import { zeroDevWallet } from '@zerodev/wallet-react'
+import { zeroDevWallet } from '@zerodev/wallet-react-kit'
+
+const appUrl = process.env.NEXT_PUBLIC_APP_URL ?? 'http://localhost:3000'
 
 export const config = createConfig({
   chains: [sepolia],
@@ -41,6 +62,14 @@ export const config = createConfig({
     zeroDevWallet({
       projectId: 'YOUR_ZERODEV_PROJECT_ID',
       chains: [sepolia],
+      mode: '7702',
+      config: {
+        auth: {
+          magicLinkBaseUrl: `${appUrl}/verify`,
+          enabledMethods: ['email', 'google', 'passkey'],
+          emailAuthMethod: 'otp',
+        },
+      },
     }),
   ],
   transports: {
@@ -51,7 +80,16 @@ export const config = createConfig({
 
 Get your project ID from the [ZeroDev Dashboard](https://dashboard.zerodev.app/).
 
-## 2. Wrap your app
+If you do not need the prebuilt UI, import `zeroDevWallet` from `@zerodev/wallet-react` and use the individual auth hooks documented in the [reference](/wallets/api-reference).
+
+`mode` controls the account exposed through Wagmi:
+
+| Mode | Description |
+|------|-------------|
+| `'7702'` | Default. Uses EIP-7702 with Kernel smart-account execution. Transactions are sent to a bundler as UserOperations and can be sponsored. |
+| `'4337'` | Exposes a counterfactual Kernel smart account address. Transactions are sent to a bundler as ERC-4337 UserOperations, and the account is deployed on the first UserOperation. |
+
+## 3. Wrap your app
 
 Wrap your application with `WagmiProvider` and `QueryClientProvider`:
 
@@ -73,7 +111,61 @@ export default function App({ children }: { children: React.ReactNode }) {
 }
 ```
 
-## 3. Add authentication
+## 4. Add prebuilt authentication UI
+
+The fastest path is the React Kit `AuthFlow` component. Call Wagmi's `connect` with the ZeroDev connector to start the flow; if a session already exists, the connector reconnects without showing the auth UI.
+
+```tsx
+import { AuthFlow, useAuth } from '@zerodev/wallet-react-kit'
+import { useAccount, useConnect } from 'wagmi'
+
+function AuthPage() {
+  const { isConnected } = useAccount()
+  const { connect, connectors } = useConnect()
+  const { step } = useAuth()
+
+  if (isConnected) {
+    return <p>Wallet connected</p>
+  }
+
+  return (
+    <div>
+      <AuthFlow />
+      {step === null && (
+        <button onClick={() => connectors[0] && connect({ connector: connectors[0] })}>
+          Continue
+        </button>
+      )}
+    </div>
+  )
+}
+```
+
+For magic link auth, render `AuthFlow` on the URL you configured as `magicLinkBaseUrl`:
+
+```tsx
+import { AuthFlow } from '@zerodev/wallet-react-kit'
+
+export default function VerifyPage() {
+  return <AuthFlow />
+}
+```
+
+After authentication, the user's wallet is available through standard Wagmi hooks like `useAccount`, `useSendTransaction`, `useWriteContract`, `useSignMessage`, and `useSignTypedData`.
+
+## 5. Optional: build a custom auth UI
+
+Use the lower-level React hooks when you want to control every auth screen yourself. Import the connector from `@zerodev/wallet-react` instead of `@zerodev/wallet-react-kit`, and keep UI configuration in your own components instead of `config.auth`.
+
+```tsx
+import { zeroDevWallet } from '@zerodev/wallet-react'
+
+zeroDevWallet({
+  projectId: 'YOUR_ZERODEV_PROJECT_ID',
+  chains: [sepolia],
+  mode: '7702',
+})
+```
 
 Here's a basic example with passkey registration and login:
 
@@ -118,7 +210,26 @@ function AuthPage() {
 }
 ```
 
-After authentication, the user's wallet is available through standard Wagmi hooks like `useAccount`, `useSendTransaction`, and `useSignMessage`.
+The email OTP and magic-link hooks require the `otpEncryptionTargetBundle` returned by the matching send call. See [Email OTP](/wallets/auth/email-otp) and [Magic Link](/wallets/auth/magic-link) for complete examples.
+
+## 6. Optional: request confirmation UI
+
+Mount `SignatureRequest` when you want the React Kit to ask users to review signing and transaction requests:
+
+```tsx
+import { SignatureRequest } from '@zerodev/wallet-react-kit'
+
+function AppShell() {
+  return (
+    <>
+      <SignatureRequest />
+      {/* your app */}
+    </>
+  )
+}
+```
+
+For background signing, omit `SignatureRequest` or configure the kit connector's signing mode. See the [public API reference](/wallets/api-reference) for the kit config type.
 
 ## Next Steps
 
@@ -127,4 +238,6 @@ After authentication, the user's wallet is available through standard Wagmi hook
 - [Google OAuth](/wallets/auth/google-oauth) — Social login with Google
 - [Send Transactions](/wallets/wallet-api/send-transaction) — Send gasless transactions
 - [Sign Messages](/wallets/wallet-api/sign-message) — Sign messages with the wallet
+- [Export Wallet](/wallets/export) — Let users export seed phrases or private keys
+- [Public API Reference](/wallets/api-reference) — Current package exports
 - [Session Management](/wallets/session-management) — Session lifecycle and refresh
diff --git a/docs/pages/wallets/wallet-api/index.mdx b/docs/pages/wallets/wallet-api/index.mdx
new file mode 100644
index 0000000..487a434
--- /dev/null
+++ b/docs/pages/wallets/wallet-api/index.mdx
@@ -0,0 +1,42 @@
+# Wallets [Transactions, signing, and export]
+
+:::danger[IMPORTANT]
+**USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
+:::
+
+After authentication, ZeroDev Wallet exposes a Wagmi-compatible account. Your app can use normal Wagmi hooks for transactions, contract writes, message signatures, and typed-data signatures.
+
+The important implementation detail is the account mode:
+
+| Mode | Transaction path |
+|------|------------------|
+| `7702` | Wagmi send/write calls are routed through a Kernel smart account and broadcast by the bundler as UserOperations. |
+| `4337` | Wagmi send/write calls are routed through a counterfactual Kernel smart account and broadcast by the bundler as UserOperations. |
+
+## Common wallet operations
+
+| Task | Guide | Credits |
+|------|-------|---------|
+| Send ETH, call contracts, or use Wagmi writes | [Send a transaction](/wallets/wallet-api/send-transaction) | 30 credits total in `7702` or `4337`: 10 for the signature and 20 for the bundler broadcast. |
+| Sign `personal_sign` messages | [Sign a message](/wallets/wallet-api/sign-message) | 10 credits per wallet signature. |
+| Sign EIP-712 typed data | [Sign typed data](/wallets/wallet-api/sign-typed-message) | 10 credits per wallet signature. |
+| Let users export wallet material | [Export wallet](/wallets/export) | Uses secure Turnkey iframe flows. |
+
+## Request confirmation UI
+
+If you use `@zerodev/wallet-react-kit`, mount `SignatureRequest` to show prebuilt approval UI for signing and transaction requests:
+
+```tsx
+import { SignatureRequest } from '@zerodev/wallet-react-kit'
+
+export function AppShell({ children }: { children: React.ReactNode }) {
+  return (
+    <>
+      <SignatureRequest />
+      {children}
+    </>
+  )
+}
+```
+
+If you omit `SignatureRequest`, make sure your own product flow still gives users appropriate context before signing messages or sending transactions.
diff --git a/docs/pages/wallets/wallet-api/send-transaction.mdx b/docs/pages/wallets/wallet-api/send-transaction.mdx
index e77368a..c278fbc 100644
--- a/docs/pages/wallets/wallet-api/send-transaction.mdx
+++ b/docs/pages/wallets/wallet-api/send-transaction.mdx
@@ -4,25 +4,27 @@
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
 :::
 
-Use standard Wagmi hooks to send transactions. The ZeroDev connector turns transactions into user operations (AA transactions) behind the scenes, achieving gas abstraction automatically so long as you have enabled it on the ZeroDev dashboard.
+Use standard Wagmi hooks to send transactions after the user authenticates. In `7702` and `4337` mode, the ZeroDev connector turns transaction requests into UserOperations behind the scenes and submits them through a bundler. Sponsorship applies automatically when it is enabled on the ZeroDev dashboard.
+
+The [demo app](https://github.com/zerodevapp/zerodev-wallet-sdk/tree/main/apps/zerodev-signer-demo) uses this same pattern with `useSendTransaction` for ETH transfers and `useWriteContract` for NFT minting.
 
 ## `useSendTransaction`
 
 ```tsx
 import { useState } from "react";
-import { parseEther } from "viem";
+import { isAddress, parseEther, type Address } from "viem";
 import { useAccount, useSendTransaction } from "wagmi";
 
 export function SendEth() {
   const { address, isConnected } = useAccount();
-  const { sendTransaction, data, isPending } = useSendTransaction();
+  const { sendTransaction, data, isPending, error } = useSendTransaction();
   const [to, setTo] = useState("0x...");
   const [amount, setAmount] = useState("0.001");
 
   const handleSend = () => {
-    if (!isConnected) return;
+    if (!isConnected || !isAddress(to)) return;
     sendTransaction({
-      to,
+      to: to as Address,
       value: parseEther(amount),
     });
   };
@@ -36,6 +38,7 @@ export function SendEth() {
         {isPending ? "Sending..." : "Send"}
       </button>
       {data && <p>Tx hash: {data}</p>}
+      {error && <p>Transaction failed: {error.message}</p>}
     </div>
   );
 }
@@ -45,13 +48,13 @@ export function SendEth() {
 
 ```tsx
 import { useWriteContract } from "wagmi";
-import { parseAbi } from "viem";
+import { parseAbi, type Address } from "viem";
 
 const NFT_ABI = parseAbi([
   "function mint(address _to) public",
 ]);
 
-export function MintNftGasless({ recipient }: { recipient: `0x${string}` }) {
+export function MintNftGasless({ recipient }: { recipient: Address }) {
   const { writeContract, data, isPending, error } = useWriteContract();
 
   const mint = () =>
@@ -73,3 +76,10 @@ export function MintNftGasless({ recipient }: { recipient: `0x${string}` }) {
   );
 }
 ```
+
+## Notes
+
+- `useSendTransaction` and `useWriteContract` return the submitted transaction hash.
+- In `7702` and `4337` mode, your app is interacting with bundler-backed smart-account infrastructure by default.
+- In `7702` and `4337` mode, sending a transaction costs 30 credits total: 10 credits for the wallet signature and 20 credits for the bundler broadcast.
+- If you mount `SignatureRequest` from `@zerodev/wallet-react-kit`, the kit can prompt the user to review supported signing and transaction requests.
diff --git a/docs/pages/wallets/wallet-api/sign-message.mdx b/docs/pages/wallets/wallet-api/sign-message.mdx
index c053948..db48834 100644
--- a/docs/pages/wallets/wallet-api/sign-message.mdx
+++ b/docs/pages/wallets/wallet-api/sign-message.mdx
@@ -4,12 +4,13 @@
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
 :::
 
-To sign a message, use Wagmi's `useSignMessage` hook:
+To sign a message, use Wagmi's `useSignMessage` hook after the user authenticates. The connector routes the signing request to the correct signer for the configured account mode.
 
 ```tsx
-import { useSignMessage } from "wagmi";
+import { useAccount, useSignMessage } from "wagmi";
 
 export function SignMessage() {
+  const { address } = useAccount();
   const { signMessage, data, isPending, error } = useSignMessage();
 
   const handleSign = () =>
@@ -19,7 +20,8 @@ export function SignMessage() {
 
   return (
     <div>
-      <button onClick={handleSign} disabled={isPending}>
+      <p>Signer: {address}</p>
+      <button onClick={handleSign} disabled={isPending || !address}>
         {isPending ? "Signing..." : "Sign message"}
       </button>
 
@@ -29,3 +31,7 @@ export function SignMessage() {
   );
 }
 ```
+
+Mount `SignatureRequest` from `@zerodev/wallet-react-kit` if you want the user to review signing requests in a prebuilt confirmation UI. Otherwise, signing can run in the background.
+
+Each wallet signature costs 10 credits from your existing ZeroDev plan credits.
diff --git a/docs/pages/wallets/wallet-api/sign-typed-message.mdx b/docs/pages/wallets/wallet-api/sign-typed-message.mdx
index 75af00f..b1d5308 100644
--- a/docs/pages/wallets/wallet-api/sign-typed-message.mdx
+++ b/docs/pages/wallets/wallet-api/sign-typed-message.mdx
@@ -4,16 +4,17 @@
 **USE FOR INTERNAL TESTING PURPOSES ONLY.** You may use these features solely for internal evaluation purposes on supported testnets. DO NOT use for production use or share with your users. Wallets created during this preview ("Alpha Wallets") will be discontinued. Any tokens remaining within Alpha Wallets will be permanently lost upon discontinuance. Any mainnet tokens sent to an Alpha Wallet will not be deposited and will be permanently lost when discontinued. We are unable to help recover any lost funds from Alpha Wallets. We provide all previews on an "as is" basis without warranty of any kind, and we may terminate or suspend the availability of any preview at any time.
 :::
 
-EIP-712 typed data signing works through Wagmi's `useSignTypedData`.
+EIP-712 typed data signing works through Wagmi's `useSignTypedData`. The connector signs with the wallet signer required by the configured account mode.
 
 ```tsx
-import { useSignTypedData } from "wagmi";
+import { useAccount, useSignTypedData } from "wagmi";
+import { sepolia } from "wagmi/chains";
 
 const typedData = {
   domain: {
     name: "Ether Mail",
     version: "1",
-    chainId: 1,
+    chainId: sepolia.id,
     verifyingContract: "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC",
   },
   types: {
@@ -42,13 +43,15 @@ const typedData = {
 } as const;
 
 export function SignTypedData() {
+  const { address } = useAccount();
   const { signTypedData, data, isPending, error } = useSignTypedData();
 
   const handleSign = () => signTypedData(typedData);
 
   return (
     <div>
-      <button onClick={handleSign} disabled={isPending}>
+      <p>Signer: {address}</p>
+      <button onClick={handleSign} disabled={isPending || !address}>
         {isPending ? "Signing..." : "Sign typed data"}
       </button>
 
@@ -58,3 +61,7 @@ export function SignTypedData() {
   );
 }
 ```
+
+If users should approve typed-data signatures in your UI, mount `SignatureRequest` from `@zerodev/wallet-react-kit`.
+
+Each wallet signature costs 10 credits from your existing ZeroDev plan credits.
diff --git a/vocs.config.tsx b/vocs.config.tsx
index d1d155a..657050b 100644
--- a/vocs.config.tsx
+++ b/vocs.config.tsx
@@ -142,6 +142,7 @@ const REDIRECTS: Record<string, string> = {
   "/global-address": "/onramp/smart-routing-address",
 
   // Embedded Wallet docs live at /wallets/* (alpha — unlisted in sidebars).
+  "/wallets/evaluate": "/wallets/overview",
 
   // React WaaS hooks → Advanced › React Hooks (legacy)
   "/react/getting-started": "/advanced/react-hooks/getting-started",
@@ -741,13 +742,17 @@ export default defineConfig({
     // Lives at /wallets/* and is only navigable for users who know the URL.
     "/wallets": [
       {
-        text: "Embedded Wallet",
+        text: "Embedded Wallets",
         collapsed: false,
         items: [
           {
             text: "Introduction",
             link: "/wallets",
           },
+          {
+            text: "Overview",
+            link: "/wallets/overview",
+          },
           {
             text: "Quickstart",
             link: "/wallets/quickstart",
@@ -758,62 +763,86 @@ export default defineConfig({
           },
           {
             text: "Authentication",
-            collapsed: true,
+            collapsed: false,
             items: [
               {
-                text: "Passkeys",
-                link: "/wallets/auth/passkeys",
-              },
-              {
-                text: "Email OTP",
-                link: "/wallets/auth/email-otp",
-              },
-              {
-                text: "Magic Link",
-                link: "/wallets/auth/magic-link",
+                text: "Overview",
+                link: "/wallets/auth",
               },
               {
-                text: "Google OAuth",
-                link: "/wallets/auth/google-oauth",
+                text: "Login",
+                collapsed: true,
+                items: [
+                  {
+                    text: "Passkeys",
+                    link: "/wallets/auth/passkeys",
+                  },
+                  {
+                    text: "Email OTP",
+                    link: "/wallets/auth/email-otp",
+                  },
+                  {
+                    text: "Magic Link",
+                    link: "/wallets/auth/magic-link",
+                  },
+                  {
+                    text: "Google OAuth",
+                    link: "/wallets/auth/google-oauth",
+                  },
+                ],
               },
-            ],
-          },
-          {
-            text: "Features",
-            collapsed: true,
-            items: [
               {
                 text: "Session Management",
                 link: "/wallets/session-management",
               },
-              {
-                text: "Export Wallet",
-                link: "/wallets/export",
-              },
             ],
           },
           {
-            text: "Wallet API",
-            collapsed: true,
+            text: "Wallets",
+            collapsed: false,
             items: [
               {
-                text: "Send a Transaction",
-                link: "/wallets/wallet-api/send-transaction",
+                text: "Overview",
+                link: "/wallets/wallet-api",
               },
               {
-                text: "Sign a Message",
-                link: "/wallets/wallet-api/sign-message",
+                text: "Features",
+                collapsed: true,
+                items: [
+                  {
+                    text: "Send a Transaction",
+                    link: "/wallets/wallet-api/send-transaction",
+                  },
+                  {
+                    text: "Sign a Message",
+                    link: "/wallets/wallet-api/sign-message",
+                  },
+                  {
+                    text: "Sign a Typed Message",
+                    link: "/wallets/wallet-api/sign-typed-message",
+                  },
+                ],
               },
               {
-                text: "Sign a Typed Message",
-                link: "/wallets/wallet-api/sign-typed-message",
+                text: "Security",
+                collapsed: true,
+                items: [
+                  {
+                    text: "Export Wallet",
+                    link: "/wallets/export",
+                  },
+                ],
               },
             ],
           },
           {
-            text: "Hooks",
+            text: "Reference",
             collapsed: true,
             items: [
+              {
+                text: "Public API Reference",
+                link: "/wallets/api-reference",
+              },
               {
                 text: "useRegisterPasskey",
                 link: "/wallets/hooks/use-register-passkey",
@@ -843,8 +872,8 @@ export default defineConfig({
                 link: "/wallets/hooks/use-verify-magic-link",
               },
               {
-                text: "useGetUserEmail",
-                link: "/wallets/hooks/use-get-user-email",
+                text: "useAuthenticators",
+                link: "/wallets/hooks/use-authenticators",
               },
               {
                 text: "useRefreshSession",