fix(wallets): throw typed KeyExportError when export-signer TEE call fails

[devin-ai-integration]

Description

When _exportPrivateKey receives an error response from the TEE export-signer call, it threw new Error(response.error || "Failed to export private key") — a generic Error with no typed class and no error code. Consumers couldn't distinguish a key export failure from any other error.

Same masking pattern fixed for OTP validation (#1886) and get-status (#1896). Now _exportPrivateKey throws a typed KeyExportError(message, code) that:

• Preserves the TEE error message and code
• Adds structured logging for the failure
• Is exported from @crossmint/wallets-sdk so consumers can instanceof-check it

Test plan

• Existing test suite passes (337 tests)
• Lint passes

Package updates

• @crossmint/wallets-sdk — patch changeset added (fix-export-signer-typed-error.md)

Link to Devin session: https://crossmint.devinenterprise.com/sessions/7bd8230602444a8a94498384e0aac02d
Requested by: @xmint-guille

[devin-ai-integration]

Original prompt from Guille

@skills:cse spotpay reported the following, investigate when this could happen and how should we improve our error client side:
During wallet recovery, complete-onboarding returns OTP validation failed, but the app surfaces it as:
"Crossmint signer returned an internal error"

This happens in the wallet recovery/addSigner path, likely when registering the device signer after auth is required. Logs show:

• wallet.recover.start
• complete-onboarding request
• complete-onboarding: OTP validation failed
• wallet.addSigner threw
• wallet.recover threw
• Error in verifyOtp
• Crossmint signer returned an internal error

The SDK should preserve the underlying auth/OTP failure reason instead of collapsing it into an internal signer error. Also distinguish true user cancellation from failed OTP / recovery errors.
ATTACHMENT:"https://crossmint.devinenterprise.com/attachments/76cc8351-35a7-4370-9a64-206aa1191469/CleanShot+2026-06-02+at+14.08.27%402x.png"

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR that start with 'DevinAI' or '@devin'.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment, CI, and merge conflict monitoring

[changeset-bot]

🦋 Changeset detected

Latest commit: 80b56fe

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 9 packages

Name	Type
@crossmint/wallets-sdk	Patch
@crossmint/wallets-quickstart-devkit	Patch
@crossmint/wallets-playground-react	Patch
@crossmint/client-sdk-react-base	Patch
@crossmint/client-sdk-react-native-ui	Patch
@crossmint/client-sdk-react-ui	Patch
@crossmint/wallets-playground-expo	Patch
@crossmint/auth-ssr-nextjs-demo	Patch
@crossmint/client-sdk-nextjs-starter	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[greptile-apps]

_{Reviews (1): Last reviewed commit: "fix(wallets): throw typed KeyExportError..." | Re-trigger Greptile}