import type { Logger } from '@iota-big3/sdk-types'; import type { Result } from '@iota-big3/sdk-patterns'; export type MFAMethod = 'totp' | 'sms' | 'email' | 'backup'; export interface MFAConfig { issuer: string; otpWindow?: number; backupCodeCount?: number; smsProvider?: SMSProvider; emailProvider?: EmailProvider; trustedDeviceExpiry?: number; } export interface SMSProvider { send(phone: string, code: string): Promise; } export interface EmailProvider { send(email: string, code: string): Promise; } export interface MFASetup { method: MFAMethod; secret?: string; qrCode?: string; backupCodes?: string[]; } export interface MFAChallenge { challengeId: string; method: MFAMethod; expiresAt: Date; attempts: number; maxAttempts: number; } export interface TrustedDevice { id: string; name: string; fingerprint: string; trustedAt: Date; expiresAt: Date; lastUsedAt: Date; } export declare class MFAService { private config; private logger?; private challenges; private userSecrets; private trustedDevices; constructor(config: MFAConfig, logger?: Logger); setupMFAAsync(userId: string, method: MFAMethod): Promise; private setupTOTPAsync; private setupBackupCodesAsync; createChallengeAsync(userId: string, method: MFAMethod): Promise>; verifyChallengeAsync(userId: string, challengeId: string, code: string): Promise; private verifyTOTP; private verifyCode; private verifyBackupCodeAsync; isDeviceTrusted(userId: string, deviceFingerprint: string): boolean; trustDevice(userId: string, deviceName: string, deviceFingerprint: string): TrustedDevice; removeTrustedDevice(): void; getTrustedDevices(userId: string): TrustedDevice[]; private storeUserSecret; private getUserSecret; private clearUserSecret; private generateVerificationCode; private generateBackupCode; private hashBackupCode; private generateChallengeId; private generateDeviceId; private createMockSMSProvider; private createMockEmailProvider; } //# sourceMappingURL=mfa-service.d.ts.map