@aastar/sdk 0.22.0 → 0.24.0

package/dist/{chunk-OVNOSAL3.cjs → chunk-Y5U7URNZ.cjs}

@@ -1,6 +1,7 @@
 'use strict';
 
 var chunkXQROKLZI_cjs = require('./chunk-XQROKLZI.cjs');
+var chunkMOJJ7QF6_cjs = require('./chunk-MOJJ7QF6.cjs');
 var chunkMXJEULSE_cjs = require('./chunk-MXJEULSE.cjs');
 var viem = require('viem');
 var axios = require('axios');
@@ -196,8 +197,8 @@ var AIRACCOUNT_ABI = [
 ];
 var AIRACCOUNT_FACTORY_ABI = [
   // Full config creation
-  "function createAccount(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint256 tier1Limit, uint256 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external returns (address)",
-  "function getAddress(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint256 tier1Limit, uint256 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external view returns (address)",
+  "function createAccount(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint128 tier1Limit, uint128 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external returns (address)",
+  "function getAddress(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint128 tier1Limit, uint128 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external view returns (address)",
   // Default guardian setup (requires guardian acceptance sigs — M5.3+)
   "function createAccountWithDefaults(address owner, uint256 salt, address guardian1, bytes guardian1Sig, address guardian2, bytes guardian2Sig, uint256 dailyLimit) external returns (address)",
   "function getAddressWithDefaults(address owner, uint256 salt, address guardian1, address guardian2, uint256 dailyLimit) external view returns (address)",
@@ -214,7 +215,7 @@ var AIRACCOUNT_FACTORY_ABI = [
   "function defaultHookModule() external view returns (address)",
   // M7.4 ERC-7828 chain-qualified address helpers
   "function getChainQualifiedAddress(address account) external view returns (bytes32)",
-  "function getAddressWithChainId(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint256 tier1Limit, uint256 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external view returns (address account, bytes32 chainQualified)",
+  "function getAddressWithChainId(address owner, uint256 salt, (address[3] guardians, bytes32[3] guardianP256X, bytes32[3] guardianP256Y, uint256 dailyLimit, uint8[] approvedAlgIds, uint256 minDailyLimit, address[] initialTokens, (uint128 tier1Limit, uint128 tier2Limit, uint256 dailyLimit)[] initialTokenConfigs) config) external view returns (address account, bytes32 chainQualified)",
   // Events
   "event AccountCreated(address indexed account, address indexed owner, uint256 salt)"
 ];
@@ -470,6 +471,10 @@ var EthereumProvider = class {
   getBundlerProvider() {
     return this.bundlerProvider;
   }
+  /** EVM chain id from the validated ServerConfig (deterministic — no RPC round-trip). */
+  getChainId() {
+    return this.config.chainId;
+  }
   /**
    * Raw bundler JSON-RPC call. The bundler exposes non-standard methods
    * (eth_sendUserOperation, pimlico_getUserOperationGasPrice, ...) that are not in
@@ -715,6 +720,55 @@ function readBuildP256GrantHash(validator, account, keyX, keyY, cfg) {
   return readFn(validator, "buildP256GrantHash")([account, keyX, keyY, cfg]);
 }
 
+// ../airaccount/src/server/services/account-init-config.ts
+function toGuardianSpecs(p) {
+  const specs = [];
+  for (const e of p.ecdsaGuardians ?? []) specs.push({ ecdsa: e });
+  for (const k of p.p256Guardians) specs.push({ p256: { x: k.x, y: k.y } });
+  return specs;
+}
+function buildFullInitConfig(p) {
+  return chunkMOJJ7QF6_cjs.buildInitConfig({
+    guardians: toGuardianSpecs(p),
+    dailyLimit: p.dailyLimit,
+    ...p.approvedAlgIds ? { approvedAlgIds: p.approvedAlgIds } : {},
+    ...p.minDailyLimit !== void 0 ? { minDailyLimit: p.minDailyLimit } : {}
+  });
+}
+function initConfigToTuple(c) {
+  return [
+    c.guardians,
+    c.guardianP256X,
+    c.guardianP256Y,
+    c.dailyLimit,
+    c.approvedAlgIds,
+    c.minDailyLimit,
+    c.initialTokens,
+    c.initialTokenConfigs.map((t) => [t.tier1Limit, t.tier2Limit, t.dailyLimit])
+  ];
+}
+function serializeGuardianSpecs(specs) {
+  return specs.map(
+    (s) => s.p256 ? { p256: { x: s.p256.x, y: s.p256.y } } : { ecdsa: s.ecdsa }
+  );
+}
+function initConfigFromRecord(record) {
+  if (!record.guardianSpecs || record.guardianSpecs.length === 0) {
+    throw new Error(
+      "initConfigFromRecord: record has no guardianSpecs (not a full-config / P-256 account)"
+    );
+  }
+  const guardians = record.guardianSpecs.map(
+    (s) => "p256" in s ? { p256: { x: s.p256.x, y: s.p256.y } } : { ecdsa: s.ecdsa }
+  );
+  return chunkMOJJ7QF6_cjs.buildInitConfig({
+    guardians,
+    dailyLimit: record.dailyLimit ? BigInt(record.dailyLimit) : 0n,
+    ...record.approvedAlgIds ? { approvedAlgIds: record.approvedAlgIds } : {},
+    ...record.minDailyLimit !== void 0 ? { minDailyLimit: BigInt(record.minDailyLimit) } : {}
+  });
+}
+
 // ../airaccount/src/server/services/account-manager.ts
 var ZERO32 = "0x" + "0".repeat(64);
 var EMPTY_P256 = [ZERO32, ZERO32, ZERO32];
@@ -727,6 +781,17 @@ var AccountManager = class {
   }
   logger;
   async createAccount(userId, options) {
+    if (options?.p256Guardians && options.p256Guardians.length > 0) {
+      return this.createAccountWithP256Guardians(userId, {
+        p256Guardians: options.p256Guardians,
+        ecdsaGuardians: options.ecdsaGuardians,
+        dailyLimit: options.dailyLimit ?? 0n,
+        approvedAlgIds: options.approvedAlgIds,
+        minDailyLimit: options.minDailyLimit,
+        salt: options.salt,
+        entryPointVersion: options.entryPointVersion
+      });
+    }
     const version = options?.entryPointVersion ?? this.ethereum.getDefaultVersion();
     const versionStr = version;
     const existingAccounts = await this.storage.getAccounts();
@@ -943,6 +1008,183 @@ var AccountManager = class {
     this.logger.log(`[AccountManager] account created with guardians: ${accountAddress}`);
     return account;
   }
+  /**
+   * Create an AirAccount with one or more P-256 (WebAuthn passkey) guardians installed at
+   * DEPLOY time — the server-client path #118 adds for KMS-custodied / counterfactual accounts
+   * (e.g. YAA) that cannot drive the viem extension layer for account creation.
+   *
+   * Uses the factory's full-config `createAccount(owner, salt, config)` path because it is the
+   * ONLY entrypoint that accepts an 8-field `InitConfig` (and therefore `guardianP256X/Y`). The
+   * 8-field config is built by the core `buildInitConfig` (0.22.0) — never hand-rolled — and the
+   * address is predicted via the factory's full-config `getAddress(owner, salt, config)` (NOT
+   * `getAddressWithDefaults`), binding the address to `keccak256(config)`.
+   *
+   * ### Acceptance-signature semantics (verified against AAStarAirAccountFactoryV7.sol)
+   * On this path the contract performs NO guardian-acceptance signature check — for P-256 OR ECDSA
+   * guardians. Front-run protection comes from `_getSalt(owner, salt, _getConfigHash(config))`:
+   * any change to the guardian set (or any other config field) yields a different CREATE2 address,
+   * so an attacker cannot collide on the victim's counterfactual address with a weaker config.
+   * P-256 guardians are an owner-bootstrap (single guardian can't form a recovery quorum), so no
+   * acceptance ceremony exists for them by design (#110④). This is why optional ECDSA guardians may
+   * also be passed here WITHOUT signatures — distinct from createAccountWithGuardians(), which uses
+   * the owner-only-salt `createAccountWithDefaults` path and DOES require ECDSA acceptance sigs.
+   *
+   * The deploy UserOp is still signed by the existing KMS owner-key path (unchanged): this method
+   * only predicts the address and persists the full config; transfer-manager rebuilds the
+   * byte-identical initCode (via {@link initConfigFromRecord}) at first-UserOp deploy time.
+   *
+   * @throws if no P-256 guardian is supplied, dailyLimit <= 0, or EntryPoint is v0.6.
+   */
+  async createAccountWithP256Guardians(userId, params) {
+    if (!params.p256Guardians || params.p256Guardians.length === 0) {
+      throw new Error("createAccountWithP256Guardians requires at least one P-256 guardian");
+    }
+    if (params.dailyLimit <= 0n) {
+      throw new Error(
+        "P-256 guardian accounts require dailyLimit > 0 (a guardian set enables the on-chain guard)"
+      );
+    }
+    const version = params.entryPointVersion ?? this.ethereum.getDefaultVersion();
+    if (version === "0.6" /* V0_6 */) {
+      throw new Error(
+        "createAccountWithP256Guardians requires EntryPoint v0.7 or v0.8; the v0.6 factory does not support the full-config createAccount(InitConfig) path"
+      );
+    }
+    const versionStr = version;
+    const fullParams = {
+      p256Guardians: params.p256Guardians,
+      ecdsaGuardians: params.ecdsaGuardians,
+      dailyLimit: params.dailyLimit,
+      approvedAlgIds: params.approvedAlgIds,
+      minDailyLimit: params.minDailyLimit
+    };
+    const specs = toGuardianSpecs(fullParams);
+    const config = buildFullInitConfig(fullParams);
+    const existingAccounts = await this.storage.getAccounts();
+    const existing = existingAccounts.find(
+      (a) => a.userId === userId && a.entryPointVersion === versionStr && !!a.guardianSpecs && a.guardianSpecs.length > 0
+    );
+    if (existing) return existing;
+    const { address: signerAddress } = await this.signer.ensureSigner(userId);
+    if (typeof params.salt === "number" && !Number.isSafeInteger(params.salt)) {
+      throw new Error(
+        `salt value ${params.salt} exceeds Number.MAX_SAFE_INTEGER; pass it as a bigint to avoid precision loss`
+      );
+    }
+    const saltBig = BigInt(params.salt ?? Math.floor(Math.random() * 1e6));
+    const factory = this.ethereum.getFactoryContract(version);
+    const factoryAddress = factory.address ?? this.ethereum.getFactoryAddress(version);
+    const accountAddress = await readPredictedAddress(
+      factory,
+      signerAddress,
+      saltBig,
+      initConfigToTuple(config)
+    );
+    let deployed = false;
+    try {
+      const code = await this.ethereum.getProvider().getCode({ address: accountAddress });
+      deployed = !!code && code !== "0x";
+    } catch {
+    }
+    const validatorAddress = this.ethereum.getValidatorAddress(version);
+    const account = {
+      userId,
+      address: accountAddress,
+      signerAddress,
+      // Persist as a lossless decimal string (#118 M2); transfer-manager rebuilds via BigInt(account.salt).
+      salt: saltBig.toString(),
+      deployed,
+      deploymentTxHash: null,
+      validatorAddress,
+      entryPointVersion: versionStr,
+      factoryAddress,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+      dailyLimit: params.dailyLimit.toString(),
+      // Persist the RESOLVED config so transfer-manager rebuilds byte-identical initCode at deploy.
+      guardianSpecs: serializeGuardianSpecs(specs),
+      approvedAlgIds: [...config.approvedAlgIds],
+      minDailyLimit: config.minDailyLimit.toString()
+    };
+    await this.storage.saveAccount(account);
+    this.logger.log(
+      `[AccountManager] account created with ${params.p256Guardians.length} P-256 guardian(s): ${accountAddress}`
+    );
+    if (chunkMOJJ7QF6_cjs.needsValidatorRouter(config.approvedAlgIds)) {
+      this.logger.log(
+        `[AccountManager] account ${accountAddress} approved a router-delegated algorithm (approvedAlgIds=[${config.approvedAlgIds.join(", ")}]); call ensureValidatorRouter(userId) AFTER the account is deployed to wire setValidator(router) \u2014 required for those algIds to validate.`
+      );
+    }
+    return account;
+  }
+  /**
+   * Gap B — wire the validator router for an account that approved a ROUTER-DELEGATED signature
+   * algorithm (BLS 0x01, cumulative T2 0x04, T3 0x05, weighted 0x07, session 0x08, ...). Such an
+   * account's `_validateTripleSignature` / `_callBLSValidator` return `1` (FAIL) while
+   * `validator() == address(0)`, so the algorithm is non-functional until the owner calls
+   * `setValidator(router)` (onlyOwner, SET-ONCE). Inline algIds (ECDSA 0x02, P256 0x03, COMBINED_T1
+   * 0x06) need no router and are a no-op here.
+   *
+   * MUST be called AFTER the account is deployed (setValidator is onlyOwner and needs code) — the
+   * lazy/counterfactual deploy path cannot setValidator at predict-time. Idempotent: re-running after
+   * the validator is set is a no-op (`reason: 'validator already set'`).
+   *
+   * On-chain access matches the rest of this package: reads via the EthereumProvider's PublicClient
+   * (`getAccountContract(...).read.validator()` and `getProvider().getCode()`); the state-changing
+   * `setValidator` is sent through a caller-supplied `WalletClient` whose account is the owner —
+   * the same convention used by `PaymasterManager.updatePrice` / `ForceExitService` (this manager's
+   * narrow `ISignerAdapter` only EIP-191 personal-signs and cannot send transactions).
+   *
+   * @param userId  the account owner's user id (storage key)
+   * @param opts.router        override the router address (defaults to the chain's canonical
+   *                           `aaStarValidator`); pass to target a non-canonical router
+   * @param opts.walletClient  viem WalletClient signing as the account OWNER — REQUIRED to send the tx
+   */
+  async ensureValidatorRouter(userId, opts) {
+    const account = await this.storage.findAccountByUserId(userId);
+    if (!account) throw new Error("Account not found");
+    const approvedAlgIds = account.approvedAlgIds;
+    if (!approvedAlgIds || approvedAlgIds.length === 0) {
+      return { set: false, reason: "no approvedAlgIds / not router-delegated" };
+    }
+    if (!chunkMOJJ7QF6_cjs.needsValidatorRouter(approvedAlgIds)) {
+      return { set: false, reason: "no router-delegated algorithm" };
+    }
+    const chainId = this.ethereum.getChainId();
+    const canonicalRouter = chunkMXJEULSE_cjs.getCanonicalAddresses(chainId)?.aaStarValidator;
+    const router = opts?.router ?? canonicalRouter;
+    if (!router || router.toLowerCase() === viem.zeroAddress) {
+      return { set: false, reason: `no canonical validator router for chain ${chainId}` };
+    }
+    let deployed = false;
+    try {
+      const code = await this.ethereum.getProvider().getCode({ address: account.address });
+      deployed = !!code && code !== "0x";
+    } catch {
+    }
+    if (!deployed) {
+      return { set: false, reason: "account not deployed yet \u2014 call after deploy" };
+    }
+    const current = await this.ethereum.getAccountContract(account.address).read.validator([]);
+    if (current && current.toLowerCase() !== viem.zeroAddress) {
+      return { set: false, reason: "validator already set" };
+    }
+    const walletClient = opts?.walletClient;
+    if (!walletClient || !walletClient.account) {
+      return {
+        set: false,
+        reason: "walletClient (account owner) required to send setValidator",
+        router
+      };
+    }
+    const tx = await chunkMOJJ7QF6_cjs.airAccountActions(account.address)(walletClient).setValidator({
+      validator: router,
+      account: walletClient.account
+    });
+    this.logger.log(
+      `[AccountManager] setValidator(${router}) sent for account ${account.address} (tx ${tx})`
+    );
+    return { set: true, tx, router };
+  }
 };
 var EXECUTE_USER_OP_SELECTOR = chunkXQROKLZI_cjs.selectorFromId(
   "executeUserOp((address,uint256,bytes,bytes,bytes32,uint256,bytes32,bytes,bytes),bytes32)"
@@ -1546,7 +1788,14 @@ var TransferManager = class {
         let deployCalldata;
         if (version === "0.7" /* V0_7 */ || version === "0.8" /* V0_8 */) {
           const storedDailyLimit = account.dailyLimit ? BigInt(account.dailyLimit) : 0n;
-          if (account.guardian1 && account.guardian2 && account.guardian1Sig && account.guardian2Sig) {
+          if (account.guardianSpecs && account.guardianSpecs.length > 0) {
+            const rebuilt = initConfigFromRecord(account);
+            deployCalldata = encodeFn(AIRACCOUNT_FACTORY_ABI_PARSED, "createAccount", [
+              account.signerAddress,
+              BigInt(account.salt),
+              initConfigToTuple(rebuilt)
+            ]);
+          } else if (account.guardian1 && account.guardian2 && account.guardian1Sig && account.guardian2Sig) {
             const sig1 = account.guardian1Sig.startsWith("0x") ? account.guardian1Sig : `0x${account.guardian1Sig}`;
             const sig2 = account.guardian2Sig.startsWith("0x") ? account.guardian2Sig : `0x${account.guardian2Sig}`;
             deployCalldata = encodeFn(AIRACCOUNT_FACTORY_ABI_PARSED, "createAccountWithDefaults", [
@@ -4776,12 +5025,15 @@ exports.beginGrantSessionChallenge = beginGrantSessionChallenge;
 exports.buildAuthenticationCredential = buildAuthenticationCredential;
 exports.buildAuthenticatorData = buildAuthenticatorData;
 exports.buildClientDataJSON = buildClientDataJSON;
+exports.buildFullInitConfig = buildFullInitConfig;
 exports.buildInstallModuleHash = buildInstallModuleHash;
 exports.buildUninstallModuleHash = buildUninstallModuleHash;
 exports.computeOapdSalt = computeOapdSalt;
 exports.erc8004AddressesForChain = erc8004AddressesForChain;
 exports.getOapdAddress = getOapdAddress;
 exports.getOapdAddressWithChainId = getOapdAddressWithChainId;
+exports.initConfigFromRecord = initConfigFromRecord;
+exports.initConfigToTuple = initConfigToTuple;
 exports.isExecuteUserOpWrapped = isExecuteUserOpWrapped;
 exports.isOapdDeployed = isOapdDeployed;
 exports.isPendingConfirmation = isPendingConfirmation;
@@ -4791,7 +5043,9 @@ exports.runAuthenticationCeremony = runAuthenticationCeremony;
 exports.runGrantSessionCeremony = runGrantSessionCeremony;
 exports.runWebAuthnCeremony = runWebAuthnCeremony;
 exports.sepoliaV07Config = sepoliaV07Config;
+exports.serializeGuardianSpecs = serializeGuardianSpecs;
+exports.toGuardianSpecs = toGuardianSpecs;
 exports.validateConfig = validateConfig;
 exports.wrapExecuteUserOp = wrapExecuteUserOp;
-//# sourceMappingURL=chunk-OVNOSAL3.cjs.map
-//# sourceMappingURL=chunk-OVNOSAL3.cjs.map
+//# sourceMappingURL=chunk-Y5U7URNZ.cjs.map
+//# sourceMappingURL=chunk-Y5U7URNZ.cjs.map