@ab-org/predicate-market-sdk 0.0.1

package/README.md

@@ -0,0 +1,246 @@
+# @ab-org/predicate-market-sdk
+
+Prediction-market specific helpers built on top of `@ab-org/sdk-core`.
+
+## Key features
+- Built-in wallet connection modal (social + plugin wallets)
+- Connection state via `createWalletConnectController()` and `createAccountController()` from `@ab-org/sdk-core`
+- Unified smart-wallet session metadata with capability policy support
+- High-level execution helpers via `createWalletExecutionController()`
+- Deposit / withdraw controllers with USD1-first defaults
+- **Dynamic token & chain lists** via `MarketDataProvider` (backend-driven, mock included)
+- **Quote / slippage API** — fetch real-time pricing before confirming deposit or withdraw
+- Predicate-market policy adapter for deposit / withdraw / trade flows
+
+## Installation
+```bash
+npm install @ab-org/sdk-core @ab-org/predicate-market-sdk
+```
+
+## Quick start
+```tsx
+import {
+  WalletConnector,
+  MetaMaskProvider,
+  createAccountController,
+  createWalletConnectController,
+  createWalletExecutionController,
+} from "@ab-org/sdk-core";
+import {
+  createDepositController,
+  createWithdrawController,
+  createMockMarketDataProvider,
+  createPredicateMarketPolicyAdapter,
+} from "@ab-org/predicate-market-sdk";
+
+const connector = new WalletConnector([
+  new MetaMaskProvider(),
+  // new CubistSocialProvider(cubistClient)
+]);
+
+const walletConnect = createWalletConnectController({ connector, defaultAdapterId: "metamask" });
+const account = createAccountController();
+const execution = createWalletExecutionController();
+
+// Use the mock provider until real backend endpoints are ready
+const marketData = createMockMarketDataProvider();
+
+const deposit = createDepositController(custodyAdapter, marketData);
+const withdraw = createWithdrawController(custodyAdapter, marketData);
+const policy = createPredicateMarketPolicyAdapter({
+  appId: "prediction-market",
+  origin: window.location.origin,
+});
+```
+
+## Connect wallet
+```tsx
+<button onClick={() => (walletConnect.isConnected ? walletConnect.disconnect() : walletConnect.openModal())}>
+  {walletConnect.isConnected ? "Disconnect" : "Connect Wallet"}
+</button>
+```
+
+## Configure SignInModal
+
+The SDK ships with **bundled auth config** (Google client id, Twitter client id, CubeSigner env/org) so you can call `initSDK` with only `signIn` (and optionally `twitterRedirectUri` for your origin). Override via env (`NEXT_PUBLIC_*`) or by passing options to `initSDK`.
+
+```tsx
+import { initSDK, SignInModal } from "@ab-org/predicate-market-sdk";
+
+initSDK({
+  // optional: override redirect for Twitter (origin-dependent)
+  twitterRedirectUri: typeof window !== "undefined" ? `${window.location.origin}/auth/twitter-callback` : undefined,
+  signIn: {
+    socialProviders: [
+      { id: "google", label: "Continue with Google" },
+      { id: "x", label: "Continue with X" },
+    ],
+    wallets: [
+      { id: "metamask", name: "MetaMask" },
+      { id: "okx", name: "OKX Wallet" },
+      { id: "phantom", name: "Phantom" },
+    ],
+    initialVisibleCount: 4,
+  },
+});
+
+<SignInModal />;
+```
+
+Rules:
+- `socialProviders: undefined` uses built-in defaults (`google`, `x`)
+- `socialProviders: []` hides all social buttons
+- known social ids like `google` and `x` automatically reuse built-in icons unless you override `icon`
+- `wallets: undefined` uses the built-in wallet registry
+- `wallets: []` hides all wallet buttons
+- known wallet ids automatically reuse built-in metadata like `installUrl` and detected `installed` state unless you override them
+- component props still override `initSDK({ signIn })` on a per-modal basis
+
+## Address & balance
+```tsx
+if (!account.isConnected) return <p>Please connect wallet</p>;
+return (
+  <div>
+    Address: {account.address?.slice(0, 6)}...{account.address?.slice(-4)}
+    <br />
+    Balance: {account.balance?.formatted} {account.balance?.symbol}
+  </div>
+);
+```
+
+## Market data — token / chain lists & quotes
+
+Both `deposit` and `withdraw` controllers expose market-data helpers
+that delegate to the injected `MarketDataProvider`:
+
+```ts
+// 1. Fetch available tokens
+const tokens = await deposit.fetchTokens();
+// → [{ symbol: "USDT", name: "Tether", decimals: 6, … }, …]
+
+// 2. After the user picks a token, fetch the chains it supports
+const chains = await deposit.fetchChains("USDT");
+// → [{ id: "ETH", name: "Ethereum", estimatedTime: "~15 min" }, …]
+
+// 3. After user picks token + chain, fetch the deposit address (backend-provided)
+const { address, minimumDeposit } = await deposit.fetchDepositAddress("USDT", "ETH");
+// QR code is generated client-side from the address — no backend QR needed
+
+// 4. After user enters amount, fetch a quote
+const quote = await deposit.fetchQuote("USDT", "ETH", "100");
+// → { quoteId, estimatedAmount, slippage, fee, feeToken, exchangeRate, expiresAt }
+```
+
+The same token / chain / quote API is available on the withdraw controller:
+
+```ts
+const tokens = await withdraw.fetchTokens();
+const chains = await withdraw.fetchChains("USDT");
+const quote  = await withdraw.fetchQuote("USDT", "ETH", "200");
+```
+
+### Implementing a real `MarketDataProvider`
+
+Replace `createMockMarketDataProvider()` with your own implementation:
+
+```ts
+import type { MarketDataProvider } from "@ab-org/predicate-market-sdk";
+
+const realMarketData: MarketDataProvider = {
+  async getSupportedTokens(direction) {
+    const res = await fetch(`/api/market/tokens?direction=${direction}`);
+    return res.json();
+  },
+  async getSupportedChains(token, direction) {
+    const res = await fetch(`/api/market/chains?token=${token}&direction=${direction}`);
+    return res.json();
+  },
+  async getQuote(request) {
+    const res = await fetch("/api/market/quote", {
+      method: "POST",
+      body: JSON.stringify(request),
+    });
+    return res.json();
+  },
+  async getDepositAddress(token, chain) {
+    const res = await fetch(`/api/market/deposit-address?token=${token}&chain=${chain}`);
+    return res.json();
+  },
+};
+```
+
+## Deposit modal
+```tsx
+<button
+  onClick={() =>
+    deposit.open({
+      preferredToken: "USDC",
+      preferredChain: "ETH",
+      onStatusChange: (status) => console.log("deposit status", status),
+    })
+  }
+>
+  Deposit
+</button>
+```
+
+## Smart-wallet session model
+Social login and injected wallets now converge on the same `WalletSession` shape.
+
+```ts
+const account = createAccountController();
+
+console.log(account.session?.walletType); // "injected" | "smart"
+console.log(account.chainContext?.walletChainDescriptor.label);
+console.log(account.capabilities); // provider capability matrix
+console.log(account.capabilityPolicy); // optional scoped session policy
+```
+
+## Trading helpers
+```ts
+import { encodeFunctionData, erc20Abi } from "viem";
+
+async function approveSpender(spender: string, value: bigint) {
+  if (!account.address) return;
+
+  const callData = encodeFunctionData({
+    abi: erc20Abi,
+    functionName: "approve",
+    args: [spender, value],
+  });
+
+  await execution.sendTransaction({
+    from: account.address,
+    to: tokenAddress,
+    data: callData,
+  });
+}
+```
+
+Use `execution.signTransaction()`, `execution.signMessage()`, and `execution.signTypedData()` instead of building raw EIP-1193 requests in app code.
+
+## Capability policies
+```ts
+const depositPolicy = policy.deposit("USDC", "ETH", "1000000");
+const withdrawPolicy = policy.withdraw("USD1", "AB_CORE", "500000");
+const tradePolicy = policy.trade("ETH", ["eth_sendTransaction", "eth_signTypedData_v4"]);
+```
+
+These policies can be passed into your smart-wallet authorization flow so app actions stay scoped by chain, method, token, and amount.
+
+## Withdraw modal
+```tsx
+<button
+  onClick={() =>
+    withdraw.open({
+      defaultToken: "USD1",
+      defaultChain: "AB_CORE",
+      targetAddress: "0x...",
+      defaultAmount: "100",
+      onStatusChange: (status) => console.log("withdraw", status),
+    })
+  }
+>
+  Withdraw
+</button>
+```

package/dist/auth/autoReconnect.d.ts

@@ -0,0 +1,11 @@
+import { type WalletSession } from "@ab-org/sdk-core";
+/**
+ * Attempt to silently reconnect a wallet whose session was restored
+ * from localStorage cache.  Creates a temporary `WalletConnector` with
+ * the default adapter registry (injected wallets + Cubist if configured)
+ * and delegates to `WalletConnector.tryAutoReconnect()`.
+ *
+ * Safe to call multiple times — concurrent calls share the same promise.
+ * Returns the fresh session on success, or `null` if reconnection failed.
+ */
+export declare function tryAutoReconnect(): Promise<WalletSession | null>;

package/dist/auth/autoReconnect.js

@@ -0,0 +1,36 @@
+import { sessionStore, WalletConnector, createDefaultInjectedWalletRegistry, CubistSocialProvider, } from "@ab-org/sdk-core";
+import { getSDKConfig } from "./config.js";
+let pending = null;
+/**
+ * Attempt to silently reconnect a wallet whose session was restored
+ * from localStorage cache.  Creates a temporary `WalletConnector` with
+ * the default adapter registry (injected wallets + Cubist if configured)
+ * and delegates to `WalletConnector.tryAutoReconnect()`.
+ *
+ * Safe to call multiple times — concurrent calls share the same promise.
+ * Returns the fresh session on success, or `null` if reconnection failed.
+ */
+export function tryAutoReconnect() {
+    const session = sessionStore.getState().session;
+    if (!session)
+        return Promise.resolve(null);
+    if (pending)
+        return pending;
+    pending = doAutoReconnect().finally(() => {
+        pending = null;
+    });
+    return pending;
+}
+async function doAutoReconnect() {
+    const config = getSDKConfig();
+    const registry = createDefaultInjectedWalletRegistry();
+    const adapters = [...registry.map((r) => r.provider)];
+    if (config.cubeSigner) {
+        adapters.push(new CubistSocialProvider({
+            ...config.cubeSigner,
+            defaultSessionPolicy: config.signIn?.sessionPolicy ?? config.cubeSigner.defaultSessionPolicy,
+        }));
+    }
+    const connector = new WalletConnector(adapters);
+    return connector.tryAutoReconnect();
+}

package/dist/auth/bundledConfig.d.ts

@@ -0,0 +1,2 @@
+import type { SDKConfig } from "./config.js";
+export declare const BUNDLED_AUTH_CONFIG: Partial<SDKConfig>;

package/dist/auth/bundledConfig.js

@@ -0,0 +1,19 @@
+import { getEnv } from "../utils/env.js";
+function readOptionalEnv(key) {
+    const value = getEnv(key);
+    return value === "" ? undefined : value;
+}
+const relayOrigin = readOptionalEnv("RELAY_ORIGIN");
+const cubeEnv = readOptionalEnv("CUBE_SIGNER_ENV");
+const cubeOrgId = readOptionalEnv("CUBE_SIGNER_ORG_ID");
+export const BUNDLED_AUTH_CONFIG = {
+    googleClientId: readOptionalEnv("GOOGLE_CLIENT_ID"),
+    twitterClientId: readOptionalEnv("X_CLIENT_ID"),
+    twitterRedirectUri: relayOrigin ? `${relayOrigin}/auth/twitter-callback` : undefined,
+    cubeSigner: cubeEnv && cubeOrgId
+        ? {
+            env: cubeEnv,
+            orgId: cubeOrgId,
+        }
+        : undefined,
+};

package/dist/auth/config.d.ts

@@ -0,0 +1,29 @@
+import type { CubeSignerConfig } from "@ab-org/sdk-core";
+import type { SignInUiConfig } from "../ui/signInTypes.js";
+export interface SDKConfig {
+    googleClientId?: string;
+    twitterClientId?: string;
+    twitterRedirectUri?: string;
+    cubeSigner?: CubeSignerConfig;
+    signIn?: SignInUiConfig;
+}
+/**
+ * Fixed auth config: built-in bundled defaults (see bundledConfig.ts) with optional
+ * overrides from environment (server / `NEXT_PUBLIC_*` client). Used as defaults in initSDK.
+ */
+export declare function getFixedAuthConfig(): Partial<SDKConfig>;
+/**
+ * Config for initializing the predicate SDK. Defaults come from bundled config
+ * (and env overrides); you may override any of them here. Optional top-level
+ * `registerUser` is merged into `cubeSigner.oidcLoginHooks` when cubeSigner is present.
+ */
+export interface PredicateSDKConfig extends Partial<SDKConfig> {
+    /**
+     * Optional hook to register the user on your backend when CubeSigner proof
+     * indicates the user is not initialized. Used when cubeSigner is available
+     * (from env or override).
+     */
+    registerUser?: (oidcToken: string) => Promise<void>;
+}
+export declare function initSDK(config?: PredicateSDKConfig): void;
+export declare function getSDKConfig(): Readonly<SDKConfig>;

package/dist/auth/config.js

@@ -0,0 +1,53 @@
+import { getEnv } from "../utils/env.js";
+import { BUNDLED_AUTH_CONFIG } from "./bundledConfig.js";
+import { tryAutoReconnect } from "./autoReconnect.js";
+let sdkConfig = {};
+function readOptionalEnv(key) {
+    const value = getEnv(key);
+    return value === "" ? undefined : value;
+}
+/**
+ * Fixed auth config: built-in bundled defaults (see bundledConfig.ts) with optional
+ * overrides from environment (server / `NEXT_PUBLIC_*` client). Used as defaults in initSDK.
+ */
+export function getFixedAuthConfig() {
+    const envGoogle = readOptionalEnv("GOOGLE_CLIENT_ID");
+    const envTwitter = readOptionalEnv("X_CLIENT_ID");
+    const relayOrigin = readOptionalEnv("RELAY_ORIGIN");
+    const envRedirect = relayOrigin ? `${relayOrigin}/auth/twitter-callback` : undefined;
+    const cubeEnv = readOptionalEnv("CUBE_SIGNER_ENV");
+    const cubeOrgId = readOptionalEnv("CUBE_SIGNER_ORG_ID");
+    const cubeSignerFromEnv = cubeEnv && cubeOrgId
+        ? { env: cubeEnv, orgId: cubeOrgId }
+        : undefined;
+    return {
+        googleClientId: envGoogle || BUNDLED_AUTH_CONFIG.googleClientId,
+        twitterClientId: envTwitter || BUNDLED_AUTH_CONFIG.twitterClientId,
+        twitterRedirectUri: envRedirect || BUNDLED_AUTH_CONFIG.twitterRedirectUri,
+        cubeSigner: cubeSignerFromEnv ?? BUNDLED_AUTH_CONFIG.cubeSigner,
+    };
+}
+export function initSDK(config = {}) {
+    const { registerUser, ...rest } = config;
+    const fixed = getFixedAuthConfig();
+    const merged = {
+        ...sdkConfig,
+        ...fixed,
+        ...rest,
+        cubeSigner: rest.cubeSigner ?? fixed.cubeSigner,
+    };
+    if (registerUser != null && merged.cubeSigner) {
+        merged.cubeSigner = {
+            ...merged.cubeSigner,
+            oidcLoginHooks: {
+                ...merged.cubeSigner.oidcLoginHooks,
+                registerUser,
+            },
+        };
+    }
+    sdkConfig = merged;
+    tryAutoReconnect().catch(() => { });
+}
+export function getSDKConfig() {
+    return sdkConfig;
+}

package/dist/auth/google.d.ts

@@ -0,0 +1,43 @@
+declare global {
+    interface Window {
+        google?: {
+            accounts: {
+                id: {
+                    initialize(config: GISInitConfig): void;
+                    prompt(momentListener?: (notification: GISPromptMoment) => void): void;
+                    renderButton(parent: HTMLElement, options: GISButtonConfig): void;
+                    revoke(hint: string, callback?: () => void): void;
+                };
+            };
+        };
+    }
+}
+interface GISInitConfig {
+    client_id: string;
+    callback: (response: GISCredentialResponse) => void;
+    auto_select?: boolean;
+    cancel_on_tap_outside?: boolean;
+    use_fedcm_for_prompt?: boolean;
+}
+interface GISCredentialResponse {
+    credential: string;
+}
+interface GISPromptMoment {
+    isSkippedMoment(): boolean;
+    isDismissedMoment(): boolean;
+    isNotDisplayed(): boolean;
+    getDismissedReason(): string;
+}
+interface GISButtonConfig {
+    type?: "standard" | "icon";
+    size?: "large" | "medium" | "small";
+}
+export interface GoogleCredential {
+    idToken: string;
+    email?: string;
+    name?: string;
+    picture?: string;
+}
+export declare function isFedCMSupported(): boolean;
+export declare function signInWithGoogle(clientId: string): Promise<GoogleCredential>;
+export {};

package/dist/auth/google.js

@@ -0,0 +1,147 @@
+const GIS_URL = "https://accounts.google.com/gsi/client";
+let loadPromise = null;
+let currentCredentialHandler = null;
+let initializedKey = null;
+function loadGIS() {
+    if (loadPromise)
+        return loadPromise;
+    if (window.google?.accounts?.id) {
+        loadPromise = Promise.resolve();
+        return loadPromise;
+    }
+    loadPromise = new Promise((resolve, reject) => {
+        const script = document.createElement("script");
+        script.src = GIS_URL;
+        script.async = true;
+        script.defer = true;
+        script.onload = () => resolve();
+        script.onerror = () => reject(new Error("Failed to load Google Identity Services"));
+        document.head.appendChild(script);
+    });
+    return loadPromise;
+}
+function decodeJwtPayload(token) {
+    const parts = token.split(".");
+    if (parts.length !== 3)
+        throw new Error("Invalid JWT");
+    const payload = parts[1];
+    if (!payload)
+        throw new Error("Invalid JWT payload");
+    let padded = payload.replace(/-/g, "+").replace(/_/g, "/");
+    while (padded.length % 4 !== 0)
+        padded += "=";
+    return JSON.parse(atob(padded));
+}
+export function isFedCMSupported() {
+    if (typeof window === "undefined" || typeof navigator === "undefined")
+        return false;
+    if (!window.isSecureContext)
+        return false;
+    return typeof navigator.credentials?.get === "function";
+}
+export async function signInWithGoogle(clientId) {
+    await loadGIS();
+    const gid = window.google?.accounts?.id;
+    if (!gid)
+        throw new Error("Google Identity Services not available");
+    const SIGN_IN_TIMEOUT_MS = 90000;
+    return new Promise((resolve, reject) => {
+        let settled = false;
+        let fallbackContainer = null;
+        const cleanupFallback = () => {
+            if (!fallbackContainer)
+                return;
+            fallbackContainer.remove();
+            fallbackContainer = null;
+        };
+        const finish = (fn) => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timeoutId);
+            cleanupFallback();
+            fn();
+        };
+        const timeoutId = setTimeout(() => {
+            finish(() => reject(new Error("Google sign-in timed out")));
+        }, SIGN_IN_TIMEOUT_MS);
+        const handleCredential = (response) => {
+            finish(() => {
+                try {
+                    const payload = decodeJwtPayload(response.credential);
+                    resolve({
+                        idToken: response.credential,
+                        email: payload.email,
+                        name: payload.name,
+                        picture: payload.picture,
+                    });
+                }
+                catch {
+                    resolve({ idToken: response.credential });
+                }
+            });
+        };
+        const useFedcmForPrompt = isFedCMSupported();
+        const initKey = `${clientId}\0${useFedcmForPrompt ? "1" : "0"}`;
+        currentCredentialHandler = handleCredential;
+        if (initializedKey !== initKey) {
+            initializedKey = initKey;
+            gid.initialize({
+                client_id: clientId,
+                callback: (response) => currentCredentialHandler?.(response),
+                auto_select: false,
+                cancel_on_tap_outside: true,
+                use_fedcm_for_prompt: useFedcmForPrompt,
+            });
+        }
+        const triggerFallback = () => {
+            if (settled)
+                return;
+            fallbackContainer = document.createElement("div");
+            Object.assign(fallbackContainer.style, {
+                position: "fixed",
+                top: "-9999px",
+                left: "-9999px",
+                opacity: "0",
+                pointerEvents: "none",
+            });
+            document.body.appendChild(fallbackContainer);
+            gid.renderButton(fallbackContainer, { type: "standard", size: "large" });
+            const tryClickButton = (attemptsLeft) => {
+                requestAnimationFrame(() => {
+                    const btn = fallbackContainer?.querySelector('[role="button"]') ??
+                        fallbackContainer?.querySelector("div[style]");
+                    if (btn) {
+                        Object.assign(fallbackContainer.style, { pointerEvents: "auto" });
+                        btn.click();
+                        return;
+                    }
+                    if (attemptsLeft > 0) {
+                        tryClickButton(attemptsLeft - 1);
+                        return;
+                    }
+                    finish(() => reject(new Error("Google sign-in unavailable")));
+                });
+            };
+            tryClickButton(8);
+        };
+        gid.prompt((moment) => {
+            if (settled)
+                return;
+            if (moment.isDismissedMoment()) {
+                const reason = moment.getDismissedReason();
+                if (reason === "credential_returned")
+                    return;
+                finish(() => reject(new Error(`Google sign-in dismissed: ${reason}`)));
+                return;
+            }
+            if (moment.isSkippedMoment()) {
+                triggerFallback();
+                return;
+            }
+            if (moment.isNotDisplayed()) {
+                triggerFallback();
+            }
+        });
+    });
+}

package/dist/auth/twitter.d.ts

@@ -0,0 +1,7 @@
+export interface TwitterAuthResult {
+    code: string;
+    codeVerifier: string;
+    state: string;
+}
+export declare function notifyTwitterCallback(): void;
+export declare function signInWithTwitter(clientId: string, redirectUri: string): Promise<TwitterAuthResult>;