@aastar/sdk 0.22.0 → 0.24.0

package/dist/kms.d.cts

@@ -1,7 +1,8 @@
 import { y as UserOperation, P as PackedUserOperation, j as BLSSignatureData, w as TierLevel$1, T as TierConfig, p as GuardStatus, v as PreCheckResult } from './tier-router-DeeVg69O.cjs';
 export { A as ALG_BLS, a as ALG_CUMULATIVE_T2, b as ALG_CUMULATIVE_T3, c as ALG_ECDSA, d as ALG_P256, e as AirAccountClient, f as AirAccountConfig, g as AlgId, B as BLSConfig, h as BLSManager, i as BLSNode, k as BeginAuthenticationResponse, l as BeginRegistrationResponse, m as BeginTransactionVerificationResponse, C as CryptoUtil, n as CumulativeT2SignatureData, o as CumulativeT3SignatureData, D as DEFAULT_PASSKEY_ROUTES, E as ERC4337Utils, G as GasEstimate, q as PasskeyAuthenticationParams, r as PasskeyInfo, s as PasskeyManager, t as PasskeyRegistrationParams, u as PasskeyRoutes, x as TransactionVerificationParams, U as UserOpBuilder, Y as YAAAClient, z as YAAAConfig, F as algIdForTier, H as resolveTier } from './tier-router-DeeVg69O.cjs';
 import { AxiosRequestConfig } from 'axios';
-import { PublicClient, Address, Abi, WalletClient, Hex } from 'viem';
+import { PublicClient, Address, Abi, Hex, WalletClient, Hash } from 'viem';
+import { I as InitConfig, G as GuardianSpec } from './initConfig-D8jgrcDb.cjs';
 
 /**
  * Account record stored by the SDK.
@@ -10,7 +11,15 @@ interface AccountRecord {
     userId: string;
     address: string;
     signerAddress: string;
-    salt: number | bigint;
+    /**
+     * CREATE2 salt. Canonically persisted as a DECIMAL STRING (lossless, like dailyLimit) — the
+     * full-config / P-256 path (#118 M2) writes it this way so a large salt (> 2^53) neither truncates
+     * as a JS number nor fails JSON serialization as a bigint. The deploy-time rebuild reconstructs it
+     * with `BigInt(account.salt)`, which MUST match the salt used to predict the address
+     * (`_getSalt(owner, salt, configHash)`) or funds sent to the predicted address are stranded.
+     * `number | bigint` retained for back-compat with the legacy create paths.
+     */
+    salt: string | number | bigint;
     deployed: boolean;
     deploymentTxHash: string | null;
     validatorAddress: string;
@@ -32,6 +41,31 @@ interface AccountRecord {
     guardian1Sig?: string;
     guardian2?: string;
     guardian2Sig?: string;
+    /**
+     * Full-config (8-field InitConfig) guardian slots — each is either an ECDSA address or a
+     * P-256 (passkey) public key (x, y). Present ONLY for accounts created via
+     * createAccountWithP256Guardians() (the factory's createAccount(owner, salt, config) path).
+     * transfer-manager rebuilds the byte-identical InitConfig from these at first-UserOp deploy
+     * time so the deployed CREATE2 address matches the create-time prediction.
+     */
+    guardianSpecs?: Array<{
+        ecdsa: string;
+    } | {
+        p256: {
+            x: string;
+            y: string;
+        };
+    }>;
+    /**
+     * Resolved approvedAlgIds written into the init config (full-config path). Persisted so the
+     * deploy-time InitConfig is reconstructed EXACTLY (no re-defaulting). Paired with guardianSpecs.
+     */
+    approvedAlgIds?: number[];
+    /**
+     * minDailyLimit floor (wei, decimal string) written into the init config (full-config path).
+     * Paired with guardianSpecs for exact deploy-time reconstruction.
+     */
+    minDailyLimit?: string;
 }
 /**
  * Transfer record stored by the SDK.
@@ -1009,6 +1043,8 @@ declare class EthereumProvider {
     getProvider(): PublicClient;
     /** Returns the viem PublicClient bound to the bundler RPC (raw .request only). */
     getBundlerProvider(): PublicClient;
+    /** EVM chain id from the validated ServerConfig (deterministic — no RPC round-trip). */
+    getChainId(): number;
     /**
      * Raw bundler JSON-RPC call. The bundler exposes non-standard methods
      * (eth_sendUserOperation, pimlico_getUserOperationGasPrice, ...) that are not in
@@ -1047,6 +1083,110 @@ declare class EthereumProvider {
     }>;
 }
 
+/**
+ * Shared helpers for the FULL-config (8-field `InitConfig`) account-creation path —
+ * the only factory path that can install P-256 (passkey) guardian keys at deploy time
+ * (airaccount-contract v0.20.0 / #120, #118).
+ *
+ * ## Why a dedicated path (not `createAccountWithDefaults`)
+ * The factory exposes two account-creation entrypoints with DIFFERENT salt + acceptance
+ * semantics (verified against `AAStarAirAccountFactoryV7.sol`):
+ *
+ *   - `createAccountWithDefaults(owner, salt, g1, g1Sig, g2, g2Sig, dailyLimit)` — ECDSA-only.
+ *     CREATE2 salt = `keccak256(owner, salt)` (does NOT bind the config), so the contract
+ *     REQUIRES each ECDSA guardian's `ACCEPT_GUARDIAN` acceptance signature to stop a
+ *     front-runner from seizing the counterfactual address with different guardians. This is
+ *     the existing `AccountManager.createAccountWithGuardians` path; it has no InitConfig and
+ *     thus no way to set `guardianP256X/Y`.
+ *
+ *   - `createAccount(owner, salt, config)` — full 8-field `InitConfig`. CREATE2 salt =
+ *     `keccak256(owner, salt, keccak256(InitConfig))` (`_getSalt` over `_getConfigHash`),
+ *     so the address is BOUND to the exact config. Because any config change yields a
+ *     different address, the contract performs NO guardian-acceptance check on this path —
+ *     for either ECDSA or P-256 guardians (`_initAccount` installs every slot directly).
+ *     P-256 guardian bootstrap is owner-only and acceptance-sig-free by design (#110④):
+ *     a single guardian cannot form a recovery quorum, so no consent ceremony is needed.
+ *
+ * Consequence: the deploy-time initCode MUST embed the BYTE-IDENTICAL `InitConfig` used to
+ * predict the address, or the deployed account lands at a different CREATE2 address. These
+ * helpers build the config once (via the core `buildInitConfig`) and reconstruct it
+ * deterministically from the persisted record at first-UserOp deploy time so the two match.
+ */
+/** A P-256 (passkey) guardian public key — SEC1 affine coordinates, each a 32-byte hex word. */
+interface P256GuardianKey {
+    x: Hex;
+    y: Hex;
+}
+/** Inputs for the full-config (8-field `InitConfig`) account-creation path. */
+interface FullConfigGuardianParams {
+    /** P-256 (passkey) guardians installed at deploy time. Owner-bootstrap — NO acceptance sig. */
+    p256Guardians: P256GuardianKey[];
+    /**
+     * Optional ECDSA guardians, installed via the SAME full-config path. NOTE: on this path the
+     * contract does not verify ECDSA acceptance signatures (the config-hash-in-salt binding stands
+     * in for them), so none are required or accepted here.
+     */
+    ecdsaGuardians?: Address[];
+    /** Daily spend limit (wei). MUST be > 0 — a guardian set enables the on-chain GUARD. */
+    dailyLimit: bigint;
+    /** Validator algorithm ids approved at init. Defaults (in buildInitConfig) to ECDSA (+P-256). */
+    approvedAlgIds?: number[];
+    /** Floor the daily limit may be lowered to via the guard. Defaults to 0. */
+    minDailyLimit?: bigint;
+}
+/** A guardian slot serialized for JSON persistence on the {@link AccountRecord}. */
+type SerializedGuardianSpec = {
+    ecdsa: string;
+} | {
+    p256: {
+        x: string;
+        y: string;
+    };
+};
+/**
+ * Map the public params to core {@link GuardianSpec}s in a DETERMINISTIC order
+ * (ECDSA slots first, then P-256). Order is consensus-critical: it determines both the
+ * predicted CREATE2 address and the guardian slot index each key occupies on-chain.
+ */
+declare function toGuardianSpecs(p: FullConfigGuardianParams): GuardianSpec[];
+/**
+ * Build the full 8-field `InitConfig` for the create path. Delegates to the core
+ * `buildInitConfig` (the 0.22.0 builder) so the P-256 slots, sentinel handling, and
+ * approvedAlgId defaulting are produced by ONE audited implementation — never hand-rolled.
+ */
+declare function buildFullInitConfig(p: FullConfigGuardianParams): InitConfig;
+/**
+ * Flatten a typed {@link InitConfig} into the POSITIONAL tuple the local human-readable
+ * factory ABI (`AIRACCOUNT_FACTORY_ABI`, fed through viem `parseAbi`) expects as the
+ * `config` argument of `getAddress` / `createAccount`. Field order is consensus-critical
+ * and matches `AAStarAirAccountBase.InitConfig` exactly.
+ */
+declare function initConfigToTuple(c: InitConfig): readonly unknown[];
+/** Serialize core {@link GuardianSpec}s for JSON storage on the account record. */
+declare function serializeGuardianSpecs(specs: readonly GuardianSpec[]): SerializedGuardianSpec[];
+/**
+ * Reconstruct the BYTE-IDENTICAL `InitConfig` from a persisted record at deploy time.
+ *
+ * Re-derivation is exact because the record persists the RESOLVED `approvedAlgIds`,
+ * `minDailyLimit`, and `dailyLimit` (not just the create-time inputs), and `buildInitConfig`
+ * is a pure function of its arguments. The resulting config therefore hashes to the same
+ * `_getConfigHash`, yielding the same CREATE2 address that was predicted at create time.
+ *
+ * @throws if the record carries no `guardianSpecs` (i.e. it is not a full-config account).
+ */
+declare function initConfigFromRecord(record: AccountRecord): InitConfig;
+
+/**
+ * Result of {@link AccountManager.ensureValidatorRouter}.
+ * `set: true` only when an on-chain `setValidator(router)` tx was actually sent (`tx`
+ * carries the hash). `set: false` is a no-op with a `reason` explaining the decision.
+ */
+interface EnsureValidatorRouterResult {
+    set: boolean;
+    reason?: string;
+    tx?: Hash;
+    router?: Address;
+}
 /**
  * Account manager — extracted from NestJS AccountService.
  * Creates and retrieves smart accounts without framework dependencies.
@@ -1062,6 +1202,18 @@ declare class AccountManager {
         salt?: number | bigint;
         /** Daily transfer limit in wei. When > 0 the account is created with on-chain guard enforcement. */
         dailyLimit?: bigint;
+        /**
+         * P-256 (passkey) guardians to install at deploy time. When present, the account is created
+         * via the full-config createAccount(owner, salt, config) path (delegates to
+         * {@link createAccountWithP256Guardians}); `dailyLimit` MUST be > 0 (guardians enable the guard).
+         */
+        p256Guardians?: P256GuardianKey[];
+        /** Optional ECDSA guardians installed via the same full-config path (no acceptance sig required). */
+        ecdsaGuardians?: Address[];
+        /** Validator algorithm ids approved at init (full-config path). Defaults to ECDSA (+P-256). */
+        approvedAlgIds?: number[];
+        /** Floor the daily limit may be lowered to via the guard (full-config path). Defaults to 0. */
+        minDailyLimit?: bigint;
     }): Promise<AccountRecord>;
     getAccount(userId: string): Promise<(AccountRecord & {
         balance: string;
@@ -1128,6 +1280,74 @@ declare class AccountManager {
         salt?: number | bigint;
         entryPointVersion?: EntryPointVersion;
     }): Promise<AccountRecord>;
+    /**
+     * Create an AirAccount with one or more P-256 (WebAuthn passkey) guardians installed at
+     * DEPLOY time — the server-client path #118 adds for KMS-custodied / counterfactual accounts
+     * (e.g. YAA) that cannot drive the viem extension layer for account creation.
+     *
+     * Uses the factory's full-config `createAccount(owner, salt, config)` path because it is the
+     * ONLY entrypoint that accepts an 8-field `InitConfig` (and therefore `guardianP256X/Y`). The
+     * 8-field config is built by the core `buildInitConfig` (0.22.0) — never hand-rolled — and the
+     * address is predicted via the factory's full-config `getAddress(owner, salt, config)` (NOT
+     * `getAddressWithDefaults`), binding the address to `keccak256(config)`.
+     *
+     * ### Acceptance-signature semantics (verified against AAStarAirAccountFactoryV7.sol)
+     * On this path the contract performs NO guardian-acceptance signature check — for P-256 OR ECDSA
+     * guardians. Front-run protection comes from `_getSalt(owner, salt, _getConfigHash(config))`:
+     * any change to the guardian set (or any other config field) yields a different CREATE2 address,
+     * so an attacker cannot collide on the victim's counterfactual address with a weaker config.
+     * P-256 guardians are an owner-bootstrap (single guardian can't form a recovery quorum), so no
+     * acceptance ceremony exists for them by design (#110④). This is why optional ECDSA guardians may
+     * also be passed here WITHOUT signatures — distinct from createAccountWithGuardians(), which uses
+     * the owner-only-salt `createAccountWithDefaults` path and DOES require ECDSA acceptance sigs.
+     *
+     * The deploy UserOp is still signed by the existing KMS owner-key path (unchanged): this method
+     * only predicts the address and persists the full config; transfer-manager rebuilds the
+     * byte-identical initCode (via {@link initConfigFromRecord}) at first-UserOp deploy time.
+     *
+     * @throws if no P-256 guardian is supplied, dailyLimit <= 0, or EntryPoint is v0.6.
+     */
+    createAccountWithP256Guardians(userId: string, params: {
+        /** P-256 (passkey) guardian public keys to install at deploy time (at least one required). */
+        p256Guardians: P256GuardianKey[];
+        /** Optional ECDSA guardians installed via the same full-config path (no acceptance sig). */
+        ecdsaGuardians?: Address[];
+        /** Daily spend limit in wei. MUST be > 0 — a guardian set enables the on-chain guard. */
+        dailyLimit: bigint;
+        /** Validator algorithm ids approved at init. Defaults to ECDSA (+P-256 when a passkey is present). */
+        approvedAlgIds?: number[];
+        /** Floor the daily limit may be lowered to via the guard. Defaults to 0. */
+        minDailyLimit?: bigint;
+        salt?: number | bigint;
+        entryPointVersion?: EntryPointVersion;
+    }): Promise<AccountRecord>;
+    /**
+     * Gap B — wire the validator router for an account that approved a ROUTER-DELEGATED signature
+     * algorithm (BLS 0x01, cumulative T2 0x04, T3 0x05, weighted 0x07, session 0x08, ...). Such an
+     * account's `_validateTripleSignature` / `_callBLSValidator` return `1` (FAIL) while
+     * `validator() == address(0)`, so the algorithm is non-functional until the owner calls
+     * `setValidator(router)` (onlyOwner, SET-ONCE). Inline algIds (ECDSA 0x02, P256 0x03, COMBINED_T1
+     * 0x06) need no router and are a no-op here.
+     *
+     * MUST be called AFTER the account is deployed (setValidator is onlyOwner and needs code) — the
+     * lazy/counterfactual deploy path cannot setValidator at predict-time. Idempotent: re-running after
+     * the validator is set is a no-op (`reason: 'validator already set'`).
+     *
+     * On-chain access matches the rest of this package: reads via the EthereumProvider's PublicClient
+     * (`getAccountContract(...).read.validator()` and `getProvider().getCode()`); the state-changing
+     * `setValidator` is sent through a caller-supplied `WalletClient` whose account is the owner —
+     * the same convention used by `PaymasterManager.updatePrice` / `ForceExitService` (this manager's
+     * narrow `ISignerAdapter` only EIP-191 personal-signs and cannot send transactions).
+     *
+     * @param userId  the account owner's user id (storage key)
+     * @param opts.router        override the router address (defaults to the chain's canonical
+     *                           `aaStarValidator`); pass to target a non-canonical router
+     * @param opts.walletClient  viem WalletClient signing as the account OWNER — REQUIRED to send the tx
+     */
+    ensureValidatorRouter(userId: string, opts?: {
+        router?: Address;
+        walletClient?: WalletClient;
+    }): Promise<EnsureValidatorRouterResult>;
 }
 
 /**
@@ -3101,4 +3321,4 @@ declare class LocalWalletSigner implements ISignerAdapter {
     }>;
 }
 
-export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, type AccountRecord, type ActiveRecovery, AgentRegistryService, type AgentReputationSummary, type AgentSessionConfig, type AgentSessionInfo, AirAccountServerClient, type AirAccountVersion, BLSSignatureData, BLSSignatureService, type BeginCeremonyResponse, type BindERC8004AgentWalletParams, type BlsConfigRecord, type BuildCredentialOptions, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, type CreateAgentAccountParams, type CreateP256SessionKeyRequest, type CreateP256SessionKeyResponse, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, type DelegateInitParams, DvtPendingConfirmationError, type EIP7702Authorization, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, type EntryPointConfig, EntryPointVersion, type EntryPointVersionConfig, type EstimateGasParams, EthereumProvider, type ExecuteTransferParams, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, GLOBAL_GUARD_ABI, type GrantP256SessionParams, type GrantSessionParams, GuardChecker, type GuardState, GuardStateReader, GuardStatus, type ILogger, type ISignerAdapter, type IStorageAdapter, type InstallModuleParams, KmsAgentService, type KmsAttestationManifestResponse, type KmsAttestationProofResponse, type KmsAttestationResponse, type KmsBeginAuthenticationRequest, type KmsBeginAuthenticationResponse, type KmsBeginGrantSessionAuthRequest, type KmsBeginGrantSessionAuthResponse, type KmsBeginRegistrationRequest, type KmsBeginRegistrationResponse, type KmsChangePasskeyResponse, type KmsCompleteRegistrationRequest, type KmsCompleteRegistrationResponse, type KmsCreateAgentKeyRequest, type KmsCreateAgentKeyResponse, type KmsCreateKeyRequest, type KmsCreateKeyResponse, type KmsDeleteKeyResponse, type KmsDeriveAddressResponse, type KmsDescribeKeyResponse, type KmsEip712Domain, type KmsEip712FieldValue, type KmsEip712TypeDef, type KmsEthereumTransaction, type KmsGetPublicKeyResponse, type KmsHealthResponse, KmsHttpClient, type KmsHttpClientOptions, type KmsKeyStatusResponse, type KmsListKeysResponse, KmsManager, KmsMonitorService, type KmsPaymentAuth, type KmsPaymentSignatureResponse, KmsPaymentSigner, type KmsPurgeKeyResponse, type KmsQueueStatusResponse, type KmsRefreshAgentCredentialRequest, type KmsRefreshAgentCredentialResponse, type KmsRevokeAgentCredentialRequest, type KmsRevokeAgentCredentialResponse, type KmsRollbackCounterResponse, KmsSessionService, type KmsSignAgentRequest, type KmsSignAgentResponse, type KmsSignGTokenAuthorizationRequest, type KmsSignGrantSessionRequest, type KmsSignGrantSessionResponse, type KmsSignHashResponse, type KmsSignMicropaymentVoucherRequest, type KmsSignP256GrantSessionRequest, type KmsSignRequest, type KmsSignResponse, type KmsSignTypedDataRequest, type KmsSignTypedDataResponse, type KmsSignX402PaymentRequest, KmsSigner, type KmsStatsResponse, type KmsVersionResponse, type L2Type, L2_TYPE, type LegacyPasskeyAssertion, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, type MintAgentIdentityParams, ModuleManager, type ModuleTypeId, type OapdConfig, P256PasskeySigner, PackedUserOperation, type PasskeyAssertionContext, type PasskeyCeremonySigner, PaymasterManager, PaymasterPriceStalenessError, type PaymasterRecord, type PendingExit, type PendingWeightChange, PreCheckResult, type QueryAgentReputationParams, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, type RevokeP256SessionKeyRequest, type RevokeP256SessionKeyResponse, type RunCeremonyOptions, SESSION_KEY_VALIDATOR_ABI, type ServerConfig, type SessionInfo, SessionKeyService, type SetAgentWalletParams, type SignP256UserOpRequest, type SignP256UserOpResponse, SilentLogger, type SubmitAgentReputationParams, TIER_GUARD_HOOK_ABI, TierConfig, TierLevel$1 as TierLevel, type TokenBalance, type TokenGuardState, type TokenInfo, TokenService, TransferManager, type TransferRecord, type TransferResult, type UninstallModuleParams, UserOperation, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, type WebAuthnAssertion, type WebAuthnAuthenticationCredential, type WeightConfig, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, validateConfig, wrapExecuteUserOp };
+export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, type AccountRecord, type ActiveRecovery, AgentRegistryService, type AgentReputationSummary, type AgentSessionConfig, type AgentSessionInfo, AirAccountServerClient, type AirAccountVersion, BLSSignatureData, BLSSignatureService, type BeginCeremonyResponse, type BindERC8004AgentWalletParams, type BlsConfigRecord, type BuildCredentialOptions, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, type CreateAgentAccountParams, type CreateP256SessionKeyRequest, type CreateP256SessionKeyResponse, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, type DelegateInitParams, DvtPendingConfirmationError, type EIP7702Authorization, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, type EntryPointConfig, EntryPointVersion, type EntryPointVersionConfig, type EstimateGasParams, EthereumProvider, type ExecuteTransferParams, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, type FullConfigGuardianParams, GLOBAL_GUARD_ABI, type GrantP256SessionParams, type GrantSessionParams, GuardChecker, type GuardState, GuardStateReader, GuardStatus, type ILogger, type ISignerAdapter, type IStorageAdapter, type InstallModuleParams, KmsAgentService, type KmsAttestationManifestResponse, type KmsAttestationProofResponse, type KmsAttestationResponse, type KmsBeginAuthenticationRequest, type KmsBeginAuthenticationResponse, type KmsBeginGrantSessionAuthRequest, type KmsBeginGrantSessionAuthResponse, type KmsBeginRegistrationRequest, type KmsBeginRegistrationResponse, type KmsChangePasskeyResponse, type KmsCompleteRegistrationRequest, type KmsCompleteRegistrationResponse, type KmsCreateAgentKeyRequest, type KmsCreateAgentKeyResponse, type KmsCreateKeyRequest, type KmsCreateKeyResponse, type KmsDeleteKeyResponse, type KmsDeriveAddressResponse, type KmsDescribeKeyResponse, type KmsEip712Domain, type KmsEip712FieldValue, type KmsEip712TypeDef, type KmsEthereumTransaction, type KmsGetPublicKeyResponse, type KmsHealthResponse, KmsHttpClient, type KmsHttpClientOptions, type KmsKeyStatusResponse, type KmsListKeysResponse, KmsManager, KmsMonitorService, type KmsPaymentAuth, type KmsPaymentSignatureResponse, KmsPaymentSigner, type KmsPurgeKeyResponse, type KmsQueueStatusResponse, type KmsRefreshAgentCredentialRequest, type KmsRefreshAgentCredentialResponse, type KmsRevokeAgentCredentialRequest, type KmsRevokeAgentCredentialResponse, type KmsRollbackCounterResponse, KmsSessionService, type KmsSignAgentRequest, type KmsSignAgentResponse, type KmsSignGTokenAuthorizationRequest, type KmsSignGrantSessionRequest, type KmsSignGrantSessionResponse, type KmsSignHashResponse, type KmsSignMicropaymentVoucherRequest, type KmsSignP256GrantSessionRequest, type KmsSignRequest, type KmsSignResponse, type KmsSignTypedDataRequest, type KmsSignTypedDataResponse, type KmsSignX402PaymentRequest, KmsSigner, type KmsStatsResponse, type KmsVersionResponse, type L2Type, L2_TYPE, type LegacyPasskeyAssertion, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, type MintAgentIdentityParams, ModuleManager, type ModuleTypeId, type OapdConfig, type P256GuardianKey, P256PasskeySigner, PackedUserOperation, type PasskeyAssertionContext, type PasskeyCeremonySigner, PaymasterManager, PaymasterPriceStalenessError, type PaymasterRecord, type PendingExit, type PendingWeightChange, PreCheckResult, type QueryAgentReputationParams, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, type RevokeP256SessionKeyRequest, type RevokeP256SessionKeyResponse, type RunCeremonyOptions, SESSION_KEY_VALIDATOR_ABI, type SerializedGuardianSpec, type ServerConfig, type SessionInfo, SessionKeyService, type SetAgentWalletParams, type SignP256UserOpRequest, type SignP256UserOpResponse, SilentLogger, type SubmitAgentReputationParams, TIER_GUARD_HOOK_ABI, TierConfig, TierLevel$1 as TierLevel, type TokenBalance, type TokenGuardState, type TokenInfo, TokenService, TransferManager, type TransferRecord, type TransferResult, type UninstallModuleParams, UserOperation, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, type WebAuthnAssertion, type WebAuthnAuthenticationCredential, type WeightConfig, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildFullInitConfig, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, initConfigFromRecord, initConfigToTuple, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, serializeGuardianSpecs, toGuardianSpecs, validateConfig, wrapExecuteUserOp };

package/dist/kms.d.ts

@@ -1,7 +1,8 @@
 import { y as UserOperation, P as PackedUserOperation, j as BLSSignatureData, w as TierLevel$1, T as TierConfig, p as GuardStatus, v as PreCheckResult } from './tier-router-DeeVg69O.js';
 export { A as ALG_BLS, a as ALG_CUMULATIVE_T2, b as ALG_CUMULATIVE_T3, c as ALG_ECDSA, d as ALG_P256, e as AirAccountClient, f as AirAccountConfig, g as AlgId, B as BLSConfig, h as BLSManager, i as BLSNode, k as BeginAuthenticationResponse, l as BeginRegistrationResponse, m as BeginTransactionVerificationResponse, C as CryptoUtil, n as CumulativeT2SignatureData, o as CumulativeT3SignatureData, D as DEFAULT_PASSKEY_ROUTES, E as ERC4337Utils, G as GasEstimate, q as PasskeyAuthenticationParams, r as PasskeyInfo, s as PasskeyManager, t as PasskeyRegistrationParams, u as PasskeyRoutes, x as TransactionVerificationParams, U as UserOpBuilder, Y as YAAAClient, z as YAAAConfig, F as algIdForTier, H as resolveTier } from './tier-router-DeeVg69O.js';
 import { AxiosRequestConfig } from 'axios';
-import { PublicClient, Address, Abi, WalletClient, Hex } from 'viem';
+import { PublicClient, Address, Abi, Hex, WalletClient, Hash } from 'viem';
+import { I as InitConfig, G as GuardianSpec } from './initConfig-D8jgrcDb.js';
 
 /**
  * Account record stored by the SDK.
@@ -10,7 +11,15 @@ interface AccountRecord {
     userId: string;
     address: string;
     signerAddress: string;
-    salt: number | bigint;
+    /**
+     * CREATE2 salt. Canonically persisted as a DECIMAL STRING (lossless, like dailyLimit) — the
+     * full-config / P-256 path (#118 M2) writes it this way so a large salt (> 2^53) neither truncates
+     * as a JS number nor fails JSON serialization as a bigint. The deploy-time rebuild reconstructs it
+     * with `BigInt(account.salt)`, which MUST match the salt used to predict the address
+     * (`_getSalt(owner, salt, configHash)`) or funds sent to the predicted address are stranded.
+     * `number | bigint` retained for back-compat with the legacy create paths.
+     */
+    salt: string | number | bigint;
     deployed: boolean;
     deploymentTxHash: string | null;
     validatorAddress: string;
@@ -32,6 +41,31 @@ interface AccountRecord {
     guardian1Sig?: string;
     guardian2?: string;
     guardian2Sig?: string;
+    /**
+     * Full-config (8-field InitConfig) guardian slots — each is either an ECDSA address or a
+     * P-256 (passkey) public key (x, y). Present ONLY for accounts created via
+     * createAccountWithP256Guardians() (the factory's createAccount(owner, salt, config) path).
+     * transfer-manager rebuilds the byte-identical InitConfig from these at first-UserOp deploy
+     * time so the deployed CREATE2 address matches the create-time prediction.
+     */
+    guardianSpecs?: Array<{
+        ecdsa: string;
+    } | {
+        p256: {
+            x: string;
+            y: string;
+        };
+    }>;
+    /**
+     * Resolved approvedAlgIds written into the init config (full-config path). Persisted so the
+     * deploy-time InitConfig is reconstructed EXACTLY (no re-defaulting). Paired with guardianSpecs.
+     */
+    approvedAlgIds?: number[];
+    /**
+     * minDailyLimit floor (wei, decimal string) written into the init config (full-config path).
+     * Paired with guardianSpecs for exact deploy-time reconstruction.
+     */
+    minDailyLimit?: string;
 }
 /**
  * Transfer record stored by the SDK.
@@ -1009,6 +1043,8 @@ declare class EthereumProvider {
     getProvider(): PublicClient;
     /** Returns the viem PublicClient bound to the bundler RPC (raw .request only). */
     getBundlerProvider(): PublicClient;
+    /** EVM chain id from the validated ServerConfig (deterministic — no RPC round-trip). */
+    getChainId(): number;
     /**
      * Raw bundler JSON-RPC call. The bundler exposes non-standard methods
      * (eth_sendUserOperation, pimlico_getUserOperationGasPrice, ...) that are not in
@@ -1047,6 +1083,110 @@ declare class EthereumProvider {
     }>;
 }
 
+/**
+ * Shared helpers for the FULL-config (8-field `InitConfig`) account-creation path —
+ * the only factory path that can install P-256 (passkey) guardian keys at deploy time
+ * (airaccount-contract v0.20.0 / #120, #118).
+ *
+ * ## Why a dedicated path (not `createAccountWithDefaults`)
+ * The factory exposes two account-creation entrypoints with DIFFERENT salt + acceptance
+ * semantics (verified against `AAStarAirAccountFactoryV7.sol`):
+ *
+ *   - `createAccountWithDefaults(owner, salt, g1, g1Sig, g2, g2Sig, dailyLimit)` — ECDSA-only.
+ *     CREATE2 salt = `keccak256(owner, salt)` (does NOT bind the config), so the contract
+ *     REQUIRES each ECDSA guardian's `ACCEPT_GUARDIAN` acceptance signature to stop a
+ *     front-runner from seizing the counterfactual address with different guardians. This is
+ *     the existing `AccountManager.createAccountWithGuardians` path; it has no InitConfig and
+ *     thus no way to set `guardianP256X/Y`.
+ *
+ *   - `createAccount(owner, salt, config)` — full 8-field `InitConfig`. CREATE2 salt =
+ *     `keccak256(owner, salt, keccak256(InitConfig))` (`_getSalt` over `_getConfigHash`),
+ *     so the address is BOUND to the exact config. Because any config change yields a
+ *     different address, the contract performs NO guardian-acceptance check on this path —
+ *     for either ECDSA or P-256 guardians (`_initAccount` installs every slot directly).
+ *     P-256 guardian bootstrap is owner-only and acceptance-sig-free by design (#110④):
+ *     a single guardian cannot form a recovery quorum, so no consent ceremony is needed.
+ *
+ * Consequence: the deploy-time initCode MUST embed the BYTE-IDENTICAL `InitConfig` used to
+ * predict the address, or the deployed account lands at a different CREATE2 address. These
+ * helpers build the config once (via the core `buildInitConfig`) and reconstruct it
+ * deterministically from the persisted record at first-UserOp deploy time so the two match.
+ */
+/** A P-256 (passkey) guardian public key — SEC1 affine coordinates, each a 32-byte hex word. */
+interface P256GuardianKey {
+    x: Hex;
+    y: Hex;
+}
+/** Inputs for the full-config (8-field `InitConfig`) account-creation path. */
+interface FullConfigGuardianParams {
+    /** P-256 (passkey) guardians installed at deploy time. Owner-bootstrap — NO acceptance sig. */
+    p256Guardians: P256GuardianKey[];
+    /**
+     * Optional ECDSA guardians, installed via the SAME full-config path. NOTE: on this path the
+     * contract does not verify ECDSA acceptance signatures (the config-hash-in-salt binding stands
+     * in for them), so none are required or accepted here.
+     */
+    ecdsaGuardians?: Address[];
+    /** Daily spend limit (wei). MUST be > 0 — a guardian set enables the on-chain GUARD. */
+    dailyLimit: bigint;
+    /** Validator algorithm ids approved at init. Defaults (in buildInitConfig) to ECDSA (+P-256). */
+    approvedAlgIds?: number[];
+    /** Floor the daily limit may be lowered to via the guard. Defaults to 0. */
+    minDailyLimit?: bigint;
+}
+/** A guardian slot serialized for JSON persistence on the {@link AccountRecord}. */
+type SerializedGuardianSpec = {
+    ecdsa: string;
+} | {
+    p256: {
+        x: string;
+        y: string;
+    };
+};
+/**
+ * Map the public params to core {@link GuardianSpec}s in a DETERMINISTIC order
+ * (ECDSA slots first, then P-256). Order is consensus-critical: it determines both the
+ * predicted CREATE2 address and the guardian slot index each key occupies on-chain.
+ */
+declare function toGuardianSpecs(p: FullConfigGuardianParams): GuardianSpec[];
+/**
+ * Build the full 8-field `InitConfig` for the create path. Delegates to the core
+ * `buildInitConfig` (the 0.22.0 builder) so the P-256 slots, sentinel handling, and
+ * approvedAlgId defaulting are produced by ONE audited implementation — never hand-rolled.
+ */
+declare function buildFullInitConfig(p: FullConfigGuardianParams): InitConfig;
+/**
+ * Flatten a typed {@link InitConfig} into the POSITIONAL tuple the local human-readable
+ * factory ABI (`AIRACCOUNT_FACTORY_ABI`, fed through viem `parseAbi`) expects as the
+ * `config` argument of `getAddress` / `createAccount`. Field order is consensus-critical
+ * and matches `AAStarAirAccountBase.InitConfig` exactly.
+ */
+declare function initConfigToTuple(c: InitConfig): readonly unknown[];
+/** Serialize core {@link GuardianSpec}s for JSON storage on the account record. */
+declare function serializeGuardianSpecs(specs: readonly GuardianSpec[]): SerializedGuardianSpec[];
+/**
+ * Reconstruct the BYTE-IDENTICAL `InitConfig` from a persisted record at deploy time.
+ *
+ * Re-derivation is exact because the record persists the RESOLVED `approvedAlgIds`,
+ * `minDailyLimit`, and `dailyLimit` (not just the create-time inputs), and `buildInitConfig`
+ * is a pure function of its arguments. The resulting config therefore hashes to the same
+ * `_getConfigHash`, yielding the same CREATE2 address that was predicted at create time.
+ *
+ * @throws if the record carries no `guardianSpecs` (i.e. it is not a full-config account).
+ */
+declare function initConfigFromRecord(record: AccountRecord): InitConfig;
+
+/**
+ * Result of {@link AccountManager.ensureValidatorRouter}.
+ * `set: true` only when an on-chain `setValidator(router)` tx was actually sent (`tx`
+ * carries the hash). `set: false` is a no-op with a `reason` explaining the decision.
+ */
+interface EnsureValidatorRouterResult {
+    set: boolean;
+    reason?: string;
+    tx?: Hash;
+    router?: Address;
+}
 /**
  * Account manager — extracted from NestJS AccountService.
  * Creates and retrieves smart accounts without framework dependencies.
@@ -1062,6 +1202,18 @@ declare class AccountManager {
         salt?: number | bigint;
         /** Daily transfer limit in wei. When > 0 the account is created with on-chain guard enforcement. */
         dailyLimit?: bigint;
+        /**
+         * P-256 (passkey) guardians to install at deploy time. When present, the account is created
+         * via the full-config createAccount(owner, salt, config) path (delegates to
+         * {@link createAccountWithP256Guardians}); `dailyLimit` MUST be > 0 (guardians enable the guard).
+         */
+        p256Guardians?: P256GuardianKey[];
+        /** Optional ECDSA guardians installed via the same full-config path (no acceptance sig required). */
+        ecdsaGuardians?: Address[];
+        /** Validator algorithm ids approved at init (full-config path). Defaults to ECDSA (+P-256). */
+        approvedAlgIds?: number[];
+        /** Floor the daily limit may be lowered to via the guard (full-config path). Defaults to 0. */
+        minDailyLimit?: bigint;
     }): Promise<AccountRecord>;
     getAccount(userId: string): Promise<(AccountRecord & {
         balance: string;
@@ -1128,6 +1280,74 @@ declare class AccountManager {
         salt?: number | bigint;
         entryPointVersion?: EntryPointVersion;
     }): Promise<AccountRecord>;
+    /**
+     * Create an AirAccount with one or more P-256 (WebAuthn passkey) guardians installed at
+     * DEPLOY time — the server-client path #118 adds for KMS-custodied / counterfactual accounts
+     * (e.g. YAA) that cannot drive the viem extension layer for account creation.
+     *
+     * Uses the factory's full-config `createAccount(owner, salt, config)` path because it is the
+     * ONLY entrypoint that accepts an 8-field `InitConfig` (and therefore `guardianP256X/Y`). The
+     * 8-field config is built by the core `buildInitConfig` (0.22.0) — never hand-rolled — and the
+     * address is predicted via the factory's full-config `getAddress(owner, salt, config)` (NOT
+     * `getAddressWithDefaults`), binding the address to `keccak256(config)`.
+     *
+     * ### Acceptance-signature semantics (verified against AAStarAirAccountFactoryV7.sol)
+     * On this path the contract performs NO guardian-acceptance signature check — for P-256 OR ECDSA
+     * guardians. Front-run protection comes from `_getSalt(owner, salt, _getConfigHash(config))`:
+     * any change to the guardian set (or any other config field) yields a different CREATE2 address,
+     * so an attacker cannot collide on the victim's counterfactual address with a weaker config.
+     * P-256 guardians are an owner-bootstrap (single guardian can't form a recovery quorum), so no
+     * acceptance ceremony exists for them by design (#110④). This is why optional ECDSA guardians may
+     * also be passed here WITHOUT signatures — distinct from createAccountWithGuardians(), which uses
+     * the owner-only-salt `createAccountWithDefaults` path and DOES require ECDSA acceptance sigs.
+     *
+     * The deploy UserOp is still signed by the existing KMS owner-key path (unchanged): this method
+     * only predicts the address and persists the full config; transfer-manager rebuilds the
+     * byte-identical initCode (via {@link initConfigFromRecord}) at first-UserOp deploy time.
+     *
+     * @throws if no P-256 guardian is supplied, dailyLimit <= 0, or EntryPoint is v0.6.
+     */
+    createAccountWithP256Guardians(userId: string, params: {
+        /** P-256 (passkey) guardian public keys to install at deploy time (at least one required). */
+        p256Guardians: P256GuardianKey[];
+        /** Optional ECDSA guardians installed via the same full-config path (no acceptance sig). */
+        ecdsaGuardians?: Address[];
+        /** Daily spend limit in wei. MUST be > 0 — a guardian set enables the on-chain guard. */
+        dailyLimit: bigint;
+        /** Validator algorithm ids approved at init. Defaults to ECDSA (+P-256 when a passkey is present). */
+        approvedAlgIds?: number[];
+        /** Floor the daily limit may be lowered to via the guard. Defaults to 0. */
+        minDailyLimit?: bigint;
+        salt?: number | bigint;
+        entryPointVersion?: EntryPointVersion;
+    }): Promise<AccountRecord>;
+    /**
+     * Gap B — wire the validator router for an account that approved a ROUTER-DELEGATED signature
+     * algorithm (BLS 0x01, cumulative T2 0x04, T3 0x05, weighted 0x07, session 0x08, ...). Such an
+     * account's `_validateTripleSignature` / `_callBLSValidator` return `1` (FAIL) while
+     * `validator() == address(0)`, so the algorithm is non-functional until the owner calls
+     * `setValidator(router)` (onlyOwner, SET-ONCE). Inline algIds (ECDSA 0x02, P256 0x03, COMBINED_T1
+     * 0x06) need no router and are a no-op here.
+     *
+     * MUST be called AFTER the account is deployed (setValidator is onlyOwner and needs code) — the
+     * lazy/counterfactual deploy path cannot setValidator at predict-time. Idempotent: re-running after
+     * the validator is set is a no-op (`reason: 'validator already set'`).
+     *
+     * On-chain access matches the rest of this package: reads via the EthereumProvider's PublicClient
+     * (`getAccountContract(...).read.validator()` and `getProvider().getCode()`); the state-changing
+     * `setValidator` is sent through a caller-supplied `WalletClient` whose account is the owner —
+     * the same convention used by `PaymasterManager.updatePrice` / `ForceExitService` (this manager's
+     * narrow `ISignerAdapter` only EIP-191 personal-signs and cannot send transactions).
+     *
+     * @param userId  the account owner's user id (storage key)
+     * @param opts.router        override the router address (defaults to the chain's canonical
+     *                           `aaStarValidator`); pass to target a non-canonical router
+     * @param opts.walletClient  viem WalletClient signing as the account OWNER — REQUIRED to send the tx
+     */
+    ensureValidatorRouter(userId: string, opts?: {
+        router?: Address;
+        walletClient?: WalletClient;
+    }): Promise<EnsureValidatorRouterResult>;
 }
 
 /**
@@ -3101,4 +3321,4 @@ declare class LocalWalletSigner implements ISignerAdapter {
     }>;
 }
 
-export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, type AccountRecord, type ActiveRecovery, AgentRegistryService, type AgentReputationSummary, type AgentSessionConfig, type AgentSessionInfo, AirAccountServerClient, type AirAccountVersion, BLSSignatureData, BLSSignatureService, type BeginCeremonyResponse, type BindERC8004AgentWalletParams, type BlsConfigRecord, type BuildCredentialOptions, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, type CreateAgentAccountParams, type CreateP256SessionKeyRequest, type CreateP256SessionKeyResponse, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, type DelegateInitParams, DvtPendingConfirmationError, type EIP7702Authorization, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, type EntryPointConfig, EntryPointVersion, type EntryPointVersionConfig, type EstimateGasParams, EthereumProvider, type ExecuteTransferParams, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, GLOBAL_GUARD_ABI, type GrantP256SessionParams, type GrantSessionParams, GuardChecker, type GuardState, GuardStateReader, GuardStatus, type ILogger, type ISignerAdapter, type IStorageAdapter, type InstallModuleParams, KmsAgentService, type KmsAttestationManifestResponse, type KmsAttestationProofResponse, type KmsAttestationResponse, type KmsBeginAuthenticationRequest, type KmsBeginAuthenticationResponse, type KmsBeginGrantSessionAuthRequest, type KmsBeginGrantSessionAuthResponse, type KmsBeginRegistrationRequest, type KmsBeginRegistrationResponse, type KmsChangePasskeyResponse, type KmsCompleteRegistrationRequest, type KmsCompleteRegistrationResponse, type KmsCreateAgentKeyRequest, type KmsCreateAgentKeyResponse, type KmsCreateKeyRequest, type KmsCreateKeyResponse, type KmsDeleteKeyResponse, type KmsDeriveAddressResponse, type KmsDescribeKeyResponse, type KmsEip712Domain, type KmsEip712FieldValue, type KmsEip712TypeDef, type KmsEthereumTransaction, type KmsGetPublicKeyResponse, type KmsHealthResponse, KmsHttpClient, type KmsHttpClientOptions, type KmsKeyStatusResponse, type KmsListKeysResponse, KmsManager, KmsMonitorService, type KmsPaymentAuth, type KmsPaymentSignatureResponse, KmsPaymentSigner, type KmsPurgeKeyResponse, type KmsQueueStatusResponse, type KmsRefreshAgentCredentialRequest, type KmsRefreshAgentCredentialResponse, type KmsRevokeAgentCredentialRequest, type KmsRevokeAgentCredentialResponse, type KmsRollbackCounterResponse, KmsSessionService, type KmsSignAgentRequest, type KmsSignAgentResponse, type KmsSignGTokenAuthorizationRequest, type KmsSignGrantSessionRequest, type KmsSignGrantSessionResponse, type KmsSignHashResponse, type KmsSignMicropaymentVoucherRequest, type KmsSignP256GrantSessionRequest, type KmsSignRequest, type KmsSignResponse, type KmsSignTypedDataRequest, type KmsSignTypedDataResponse, type KmsSignX402PaymentRequest, KmsSigner, type KmsStatsResponse, type KmsVersionResponse, type L2Type, L2_TYPE, type LegacyPasskeyAssertion, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, type MintAgentIdentityParams, ModuleManager, type ModuleTypeId, type OapdConfig, P256PasskeySigner, PackedUserOperation, type PasskeyAssertionContext, type PasskeyCeremonySigner, PaymasterManager, PaymasterPriceStalenessError, type PaymasterRecord, type PendingExit, type PendingWeightChange, PreCheckResult, type QueryAgentReputationParams, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, type RevokeP256SessionKeyRequest, type RevokeP256SessionKeyResponse, type RunCeremonyOptions, SESSION_KEY_VALIDATOR_ABI, type ServerConfig, type SessionInfo, SessionKeyService, type SetAgentWalletParams, type SignP256UserOpRequest, type SignP256UserOpResponse, SilentLogger, type SubmitAgentReputationParams, TIER_GUARD_HOOK_ABI, TierConfig, TierLevel$1 as TierLevel, type TokenBalance, type TokenGuardState, type TokenInfo, TokenService, TransferManager, type TransferRecord, type TransferResult, type UninstallModuleParams, UserOperation, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, type WebAuthnAssertion, type WebAuthnAuthenticationCredential, type WeightConfig, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, validateConfig, wrapExecuteUserOp };
+export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, type AccountRecord, type ActiveRecovery, AgentRegistryService, type AgentReputationSummary, type AgentSessionConfig, type AgentSessionInfo, AirAccountServerClient, type AirAccountVersion, BLSSignatureData, BLSSignatureService, type BeginCeremonyResponse, type BindERC8004AgentWalletParams, type BlsConfigRecord, type BuildCredentialOptions, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, type CreateAgentAccountParams, type CreateP256SessionKeyRequest, type CreateP256SessionKeyResponse, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, type DelegateInitParams, DvtPendingConfirmationError, type EIP7702Authorization, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, type EntryPointConfig, EntryPointVersion, type EntryPointVersionConfig, type EstimateGasParams, EthereumProvider, type ExecuteTransferParams, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, type FullConfigGuardianParams, GLOBAL_GUARD_ABI, type GrantP256SessionParams, type GrantSessionParams, GuardChecker, type GuardState, GuardStateReader, GuardStatus, type ILogger, type ISignerAdapter, type IStorageAdapter, type InstallModuleParams, KmsAgentService, type KmsAttestationManifestResponse, type KmsAttestationProofResponse, type KmsAttestationResponse, type KmsBeginAuthenticationRequest, type KmsBeginAuthenticationResponse, type KmsBeginGrantSessionAuthRequest, type KmsBeginGrantSessionAuthResponse, type KmsBeginRegistrationRequest, type KmsBeginRegistrationResponse, type KmsChangePasskeyResponse, type KmsCompleteRegistrationRequest, type KmsCompleteRegistrationResponse, type KmsCreateAgentKeyRequest, type KmsCreateAgentKeyResponse, type KmsCreateKeyRequest, type KmsCreateKeyResponse, type KmsDeleteKeyResponse, type KmsDeriveAddressResponse, type KmsDescribeKeyResponse, type KmsEip712Domain, type KmsEip712FieldValue, type KmsEip712TypeDef, type KmsEthereumTransaction, type KmsGetPublicKeyResponse, type KmsHealthResponse, KmsHttpClient, type KmsHttpClientOptions, type KmsKeyStatusResponse, type KmsListKeysResponse, KmsManager, KmsMonitorService, type KmsPaymentAuth, type KmsPaymentSignatureResponse, KmsPaymentSigner, type KmsPurgeKeyResponse, type KmsQueueStatusResponse, type KmsRefreshAgentCredentialRequest, type KmsRefreshAgentCredentialResponse, type KmsRevokeAgentCredentialRequest, type KmsRevokeAgentCredentialResponse, type KmsRollbackCounterResponse, KmsSessionService, type KmsSignAgentRequest, type KmsSignAgentResponse, type KmsSignGTokenAuthorizationRequest, type KmsSignGrantSessionRequest, type KmsSignGrantSessionResponse, type KmsSignHashResponse, type KmsSignMicropaymentVoucherRequest, type KmsSignP256GrantSessionRequest, type KmsSignRequest, type KmsSignResponse, type KmsSignTypedDataRequest, type KmsSignTypedDataResponse, type KmsSignX402PaymentRequest, KmsSigner, type KmsStatsResponse, type KmsVersionResponse, type L2Type, L2_TYPE, type LegacyPasskeyAssertion, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, type MintAgentIdentityParams, ModuleManager, type ModuleTypeId, type OapdConfig, type P256GuardianKey, P256PasskeySigner, PackedUserOperation, type PasskeyAssertionContext, type PasskeyCeremonySigner, PaymasterManager, PaymasterPriceStalenessError, type PaymasterRecord, type PendingExit, type PendingWeightChange, PreCheckResult, type QueryAgentReputationParams, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, type RevokeP256SessionKeyRequest, type RevokeP256SessionKeyResponse, type RunCeremonyOptions, SESSION_KEY_VALIDATOR_ABI, type SerializedGuardianSpec, type ServerConfig, type SessionInfo, SessionKeyService, type SetAgentWalletParams, type SignP256UserOpRequest, type SignP256UserOpResponse, SilentLogger, type SubmitAgentReputationParams, TIER_GUARD_HOOK_ABI, TierConfig, TierLevel$1 as TierLevel, type TokenBalance, type TokenGuardState, type TokenInfo, TokenService, TransferManager, type TransferRecord, type TransferResult, type UninstallModuleParams, UserOperation, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, type WebAuthnAssertion, type WebAuthnAuthenticationCredential, type WeightConfig, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildFullInitConfig, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, initConfigFromRecord, initConfigToTuple, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, serializeGuardianSpecs, toGuardianSpecs, validateConfig, wrapExecuteUserOp };

package/dist/kms.js

@@ -1,6 +1,6 @@
-export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, AgentRegistryService, AirAccountServerClient, BLSSignatureService, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, DvtPendingConfirmationError, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, EntryPointVersion, EthereumProvider, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, GLOBAL_GUARD_ABI, GuardChecker, GuardStateReader, KmsAgentService, KmsHttpClient, KmsManager, KmsMonitorService, KmsPaymentSigner, KmsSessionService, KmsSigner, L2_TYPE, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, ModuleManager, P256PasskeySigner, PaymasterManager, PaymasterPriceStalenessError, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, SESSION_KEY_VALIDATOR_ABI, SessionKeyService, SilentLogger, TIER_GUARD_HOOK_ABI, TokenService, TransferManager, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, validateConfig, wrapExecuteUserOp } from './chunk-6OWZOTE7.js';
+export { ACCOUNT_ABI, AGENT_SESSION_KEY_VALIDATOR_ABI, AIRACCOUNT_ABI, AIRACCOUNT_ADDRESSES, AIRACCOUNT_FACTORY_ABI, AIR_ACCOUNT_COMPOSITE_VALIDATOR_ABI, AIR_ACCOUNT_DELEGATE_ABI, AIR_ACCOUNT_DELEGATE_ADDRESS, ALG_ID, AccountManager, AgentRegistryService, AirAccountServerClient, BLSSignatureService, CALLDATA_PARSER_REGISTRY_ABI, ConsoleLogger, DEFAULT_CREDENTIAL_ID, DEFAULT_KMS_ENDPOINT, DEFAULT_ORIGIN, DEFAULT_RP_ID, DvtPendingConfirmationError, EIP7702DelegateService, ENTRYPOINT_ABI_V6, ENTRYPOINT_ABI_V7_V8, ENTRYPOINT_ADDRESSES, ERC20_ABI, ERC8004Service, ERC8004_ADDRESSES, EXECUTE_BATCH_SELECTOR, EXECUTE_SELECTOR, EXECUTE_USER_OP_SELECTOR, EntryPointVersion, EthereumProvider, FACTORY_ABI_V6, FACTORY_ABI_V7_V8, FORCE_EXIT_MODULE_ABI, ForceExitService, GLOBAL_GUARD_ABI, GuardChecker, GuardStateReader, KmsAgentService, KmsHttpClient, KmsManager, KmsMonitorService, KmsPaymentSigner, KmsSessionService, KmsSigner, L2_TYPE, LocalWalletSigner, MAX_GUARDIANS, MODULE_TYPE, MemoryStorage, ModuleManager, P256PasskeySigner, PaymasterManager, PaymasterPriceStalenessError, RECOVERY_THRESHOLD, RECOVERY_TIMELOCK_SECONDS, RecoveryService, SESSION_KEY_VALIDATOR_ABI, SessionKeyService, SilentLogger, TIER_GUARD_HOOK_ABI, TokenService, TransferManager, VALIDATOR_ABI, WEIGHT_CHANGE_EXPIRY_SECONDS, WEIGHT_CHANGE_THRESHOLD, WEIGHT_CHANGE_TIMELOCK_SECONDS, WalletManager, WeightedSignatureService, YAAAServerClient, base64UrlDecode, base64UrlEncode, beginAuthenticationChallenge, beginGrantSessionChallenge, buildAuthenticationCredential, buildAuthenticatorData, buildClientDataJSON, buildFullInitConfig, buildInstallModuleHash, buildUninstallModuleHash, computeOapdSalt, erc8004AddressesForChain, getOapdAddress, getOapdAddressWithChainId, initConfigFromRecord, initConfigToTuple, isExecuteUserOpWrapped, isOapdDeployed, isPendingConfirmation, packP256SessionSignature, packSecp256k1SessionSignature, runAuthenticationCeremony, runGrantSessionCeremony, runWebAuthnCeremony, sepoliaV07Config, serializeGuardianSpecs, toGuardianSpecs, validateConfig, wrapExecuteUserOp } from './chunk-YUFQIYLR.js';
 export { ALG_BLS, ALG_CUMULATIVE_T2, ALG_CUMULATIVE_T3, ALG_ECDSA, ALG_P256, AirAccountClient, BLSManager, CryptoUtil, DEFAULT_PASSKEY_ROUTES, ERC4337Utils, PasskeyManager, UserOpBuilder, YAAAClient, algIdForTier, resolveTier } from './chunk-X3AMH53O.js';
-import './chunk-2TS6T2WY.js';
+import './chunk-BYVG7MO7.js';
 import './chunk-UCLK6LTB.js';
 import './chunk-PZ5AY32C.js';
 //# sourceMappingURL=kms.js.map

package/dist/operator.cjs

@@ -1,7 +1,7 @@
 'use strict';
 
-var chunk7HO4IUHZ_cjs = require('./chunk-7HO4IUHZ.cjs');
-require('./chunk-TS5CXRNI.cjs');
+var chunkVHY6R2PI_cjs = require('./chunk-VHY6R2PI.cjs');
+require('./chunk-MOJJ7QF6.cjs');
 require('./chunk-MXJEULSE.cjs');
 require('./chunk-Q7SFCCGT.cjs');
 
@@ -9,19 +9,19 @@ require('./chunk-Q7SFCCGT.cjs');
 
 Object.defineProperty(exports, "OperatorLifecycle", {
   enumerable: true,
-  get: function () { return chunk7HO4IUHZ_cjs.OperatorLifecycle; }
+  get: function () { return chunkVHY6R2PI_cjs.OperatorLifecycle; }
 });
 Object.defineProperty(exports, "PaymasterOperatorClient", {
   enumerable: true,
-  get: function () { return chunk7HO4IUHZ_cjs.PaymasterOperatorClient; }
+  get: function () { return chunkVHY6R2PI_cjs.PaymasterOperatorClient; }
 });
 Object.defineProperty(exports, "ProposalState", {
   enumerable: true,
-  get: function () { return chunk7HO4IUHZ_cjs.ProposalState; }
+  get: function () { return chunkVHY6R2PI_cjs.ProposalState; }
 });
 Object.defineProperty(exports, "ProtocolClient", {
   enumerable: true,
-  get: function () { return chunk7HO4IUHZ_cjs.ProtocolClient; }
+  get: function () { return chunkVHY6R2PI_cjs.ProtocolClient; }
 });
 //# sourceMappingURL=operator.cjs.map
 //# sourceMappingURL=operator.cjs.map