feat: add jwt as auth method

[archit2407]

Pull Request Checklist

• Did you add new tests and confirm existing tests pass? (yarn test)
• Did you update relevant docs? (docs are found in the site folder, and guidelines for updating/adding docs can be found in the contribution guide)
• Do your commits follow the Conventional Commits standard?
• Does your PR title also follow the Conventional Commits standard?
• If you have a breaking change, is it correctly reflected in your commit message? (e.g. feat!: breaking change)
• Did you run lint (yarn lint:check) and fix any issues? (yarn lint:write)
• Did you follow the contribution guidelines?

---

PR-Codex overview

This PR updates the version of multiple packages to 4.18.0-alpha.4 and introduces a new authentication method using JWT in the AlchemySignerWebClient. It also expands type definitions and enhances session management.

Detailed summary

• Updated version from 4.17.0 to 4.18.0-alpha.4 across multiple packages.
• Added submitJwt method to AlchemySignerWebClient for JWT authentication.
• Introduced JwtParams and JwtResponse types for the new authentication method.
• Expanded Session type to include custom-jwt.
• Enhanced session management with JWT support in SessionManager.
• Updated changelogs for all affected packages.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

[vercel]

@archit2407 is attempting to deploy a commit to the Alchemy Team on Vercel.

A member of the Team first needs to authorize it.

[graphite-app]

How to use the Graphite Merge Queue

Add the label graphite-merge-queue to this PR to add it to the merge queue.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
aa-sdk-site	❌ Failed (Inspect)			Mar 24, 2025 7:38pm
aa-sdk-ui-demo	❌ Failed (Inspect)			Mar 24, 2025 7:38pm

[dphilipson]

Looks good to me.

[dphilipson]

This isn't necessarily a problem to solve in this PR, but I'm feeling there's a fair bit of code duplication between the react native and web signer clients. The implementation of submitJwt here in the web client is identical to the implementation in the react native client, except for changing this.stamper.init() to this.initIFrameStamper(), and this holds for some of the other methods in these files as well. Could be a good cleanup to do later. cc @moldy530 in case I'm missing something about this.

[archit2407]

This is absolutely true. A lot of room for creating helpers in base and use it both places. But as you said lets tackle that in a separate PR so we're able to do it for all other methods too