@account-kit/smart-contracts 4.41.0 → 4.42.0

package/src/ma-v2/account/modularAccountV2.ts

@@ -7,6 +7,8 @@ import {
   getEntryPoint,
   EntityIdOverrideError,
   InvalidModularAccountV2Mode,
+  createBundlerClient,
+  getAccountAddress,
 } from "@aa-sdk/core";
 import {
   concatHex,
@@ -25,9 +27,17 @@ import {
   type SignerEntity,
   type ModularAccountV2,
   createMAv2Base,
+  type WebauthnModularAccountV2,
 } from "./common/modularAccountV2Base.js";
 import { DEFAULT_OWNER_ENTITY_ID } from "../utils.js";
 import { predictModularAccountV2Address } from "./predictAddress.js";
+import type { ToWebAuthnAccountParameters } from "viem/account-abstraction";
+import { parsePublicKey } from "webauthn-p256";
+import {
+  SignerRequiredFor7702Error,
+  SignerRequiredForDefaultError,
+  WebauthnCredentialsRequiredError,
+} from "../errors.js";
 
 export type CreateModularAccountV2Params<
   TTransport extends Transport = Transport,
@@ -54,6 +64,24 @@ export type CreateModularAccountV2Params<
       }
   );
 
+export type CreateWebauthnModularAccountV2Params<
+  TTransport extends Transport = Transport,
+> = Pick<
+  ToSmartContractAccountParams<"ModularAccountV2", TTransport, Chain, "0.7.0">,
+  "transport" | "chain" | "accountAddress"
+> & {
+  mode: "webauthn";
+  credential: ToWebAuthnAccountParameters["credential"];
+  getFn?: ToWebAuthnAccountParameters["getFn"] | undefined;
+  rpId?: ToWebAuthnAccountParameters["rpId"] | undefined;
+  entryPoint?: EntryPointDef<"0.7.0", Chain>;
+  deferredAction?: Hex;
+  signerEntity?: SignerEntity;
+  salt?: bigint;
+  factoryAddress?: Address;
+  initCode?: Hex;
+};
+
 export async function createModularAccountV2<
   TTransport extends Transport = Transport,
   TSigner extends SmartAccountSigner = SmartAccountSigner,
@@ -61,6 +89,12 @@ export async function createModularAccountV2<
   config: CreateModularAccountV2Params<TTransport, TSigner>,
 ): Promise<ModularAccountV2<TSigner>>;
 
+export async function createModularAccountV2<
+  TTransport extends Transport = Transport,
+>(
+  config: CreateWebauthnModularAccountV2Params<TTransport>,
+): Promise<WebauthnModularAccountV2>;
+
 /**
  * Creates a ModularAccount V2 account, with the mode depending on the provided "mode" field.
  * Possible modes include: "default", which is SMA Bytecode, and "7702", which is SMA 7702.
@@ -90,16 +124,20 @@ export async function createModularAccountV2<
  * });
  * ```
  *
- * @param {CreateModularAccountV2Params} config Configuration parameters for creating a Modular Account V2.
- * @returns {Promise<ModularAccountV2>} A promise that resolves to an `ModularAccountV2` providing methods for nonce retrieval, transaction execution, and more.
+ * @param {CreateModularAccountV2Params | CreateWebauthnModularAccountV2Params} config Configuration parameters for creating a Modular Account V2.
+ * @returns {Promise<ModularAccountV2 | WebauthnModularAccountV2>} A promise that resolves to an `ModularAccountV2` providing methods for nonce retrieval, transaction execution, and more.
  */
-export async function createModularAccountV2(
-  config: CreateModularAccountV2Params,
-): Promise<ModularAccountV2> {
+export async function createModularAccountV2<
+  TTransport extends Transport = Transport,
+  TSigner extends SmartAccountSigner = SmartAccountSigner,
+>(
+  config:
+    | CreateModularAccountV2Params<TTransport, TSigner>
+    | CreateWebauthnModularAccountV2Params<TTransport>,
+): Promise<ModularAccountV2<TSigner> | WebauthnModularAccountV2> {
   const {
     transport,
     chain,
-    signer,
     accountAddress: _accountAddress,
     entryPoint = getEntryPoint(chain, { version: "0.7.0" }),
     signerEntity = {
@@ -110,12 +148,63 @@ export async function createModularAccountV2(
     deferredAction,
   } = config;
 
+  const signer = "signer" in config ? config.signer : undefined;
+
+  const credential = "credential" in config ? config.credential : undefined;
+
+  const getFn = "getFn" in config ? config.getFn : undefined;
+
+  const rpId = "rpId" in config ? config.rpId : undefined;
+
+  const client = createBundlerClient({
+    transport,
+    chain,
+  });
+
   const accountFunctions = await (async () => {
     switch (config.mode) {
+      case "webauthn": {
+        if (!credential) throw new WebauthnCredentialsRequiredError();
+        const publicKey = credential.publicKey;
+        const { x, y } = parsePublicKey(publicKey);
+        const {
+          salt = 0n,
+          factoryAddress = getDefaultMAV2FactoryAddress(chain),
+          initCode,
+        } = config;
+
+        const getAccountInitCode = async () => {
+          if (initCode) {
+            return initCode;
+          }
+
+          return concatHex([
+            factoryAddress,
+            encodeFunctionData({
+              abi: accountFactoryAbi,
+              functionName: "createWebAuthnAccount",
+              args: [x, y, salt, entityId],
+            }),
+          ]);
+        };
+
+        const accountAddress = await getAccountAddress({
+          client,
+          entryPoint,
+          accountAddress: _accountAddress,
+          getAccountInitCode,
+        });
+
+        return {
+          getAccountInitCode,
+          accountAddress,
+        };
+      }
       case "7702": {
         const getAccountInitCode = async (): Promise<Hex> => {
           return "0x";
         };
+        if (!signer) throw new SignerRequiredFor7702Error();
         const signerAddress = await signer.getAddress();
         const accountAddress = _accountAddress ?? signerAddress;
         if (
@@ -138,6 +227,7 @@ export async function createModularAccountV2(
       }
       case "default":
       case undefined: {
+        if (!signer) throw new SignerRequiredForDefaultError();
         const {
           salt = 0n,
           factoryAddress = getDefaultMAV2FactoryAddress(chain),
@@ -157,7 +247,7 @@ export async function createModularAccountV2(
             encodeFunctionData({
               abi: accountFactoryAbi,
               functionName: "createSemiModularAccount",
-              args: [signerAddress, salt],
+              args: [await signer.getAddress(), salt],
             }),
           ]);
         };
@@ -182,8 +272,24 @@ export async function createModularAccountV2(
     }
   })();
 
-  return createMAv2Base({
-    source: "ModularAccountV2",
+  if (!signer) {
+    if (!credential) throw new WebauthnCredentialsRequiredError();
+    return await createMAv2Base({
+      source: "ModularAccountV2", // TO DO: remove need to pass in source?
+      transport,
+      chain,
+      entryPoint,
+      signerEntity,
+      deferredAction,
+      credential,
+      getFn,
+      rpId,
+      ...accountFunctions,
+    });
+  }
+
+  return await createMAv2Base({
+    source: "ModularAccountV2", // TO DO: remove need to pass in source?
     transport,
     chain,
     signer,

package/src/ma-v2/client/client.ts

@@ -1,17 +1,18 @@
 import {
-  type SmartAccountClient,
-  type SmartAccountSigner,
-  type SmartAccountClientConfig,
-  type NotType,
   createSmartAccountClient,
   default7702GasEstimator,
   default7702UserOpSigner,
+  webauthnGasEstimator,
+  type SmartAccountClient,
+  type SmartAccountClientConfig,
+  type SmartAccountSigner,
 } from "@aa-sdk/core";
 import { type Chain, type Transport } from "viem";
 
 import {
   createModularAccountV2,
   type CreateModularAccountV2Params,
+  type CreateWebauthnModularAccountV2Params,
 } from "../account/modularAccountV2.js";
 
 import {
@@ -23,24 +24,54 @@ import {
 } from "@account-kit/infra";
 import type { LightAccount } from "../../light-account/accounts/account.js";
 
-import type { ModularAccountV2 } from "../account/common/modularAccountV2Base.js";
+import type { ToWebAuthnAccountParameters } from "viem/account-abstraction";
+import type {
+  ModularAccountV2,
+  WebauthnModularAccountV2,
+} from "../account/common/modularAccountV2Base.js";
 
 export type ModularAccountV2Client<
   TSigner extends SmartAccountSigner = SmartAccountSigner,
   TChain extends Chain = Chain,
   TTransport extends Transport | AlchemyTransport = Transport,
-> = SmartAccountClient<TTransport, TChain, ModularAccountV2<TSigner>>;
+> = TTransport extends AlchemyTransport
+  ? AlchemySmartAccountClient<TChain, ModularAccountV2<TSigner>>
+  : SmartAccountClient<TTransport, TChain, ModularAccountV2<TSigner>>;
+
+export type WebauthnModularAccountV2Client<
+  TChain extends Chain = Chain,
+  TTransport extends Transport | AlchemyTransport = Transport,
+> = TTransport extends AlchemyTransport
+  ? AlchemySmartAccountClient<TChain, WebauthnModularAccountV2>
+  : SmartAccountClient<TTransport, TChain, WebauthnModularAccountV2>;
 
 export type CreateModularAccountV2ClientParams<
-  TTransport extends Transport = Transport,
+  TTransport extends Transport | AlchemyTransport = Transport,
   TChain extends Chain = Chain,
   TSigner extends SmartAccountSigner = SmartAccountSigner,
 > = CreateModularAccountV2Params<TTransport, TSigner> &
   Omit<
-    SmartAccountClientConfig<TTransport, TChain>,
+    TTransport extends AlchemyTransport
+      ? AlchemySmartAccountClientConfig<TChain>
+      : SmartAccountClientConfig<TTransport, TChain>,
     "transport" | "account" | "chain"
   >;
 
+export type CreateWebauthnModularAccountV2ClientParams<
+  TTransport extends Transport | AlchemyTransport = Transport,
+  TChain extends Chain = Chain,
+> = CreateWebauthnModularAccountV2Params<TTransport> &
+  Omit<
+    TTransport extends AlchemyTransport
+      ? AlchemySmartAccountClientConfig<TChain>
+      : SmartAccountClientConfig<TTransport, TChain>,
+    "transport" | "account" | "chain"
+  > & {
+    credential: ToWebAuthnAccountParameters["credential"];
+    getFn?: ToWebAuthnAccountParameters["getFn"];
+    rpId?: ToWebAuthnAccountParameters["rpId"];
+  };
+
 export type CreateModularAccountV2AlchemyClientParams<
   TTransport extends Transport = Transport,
   TChain extends Chain = Chain,
@@ -70,10 +101,15 @@ export function createModularAccountV2Client<
   TChain extends Chain = Chain,
   TSigner extends SmartAccountSigner = SmartAccountSigner,
 >(
-  args: CreateModularAccountV2ClientParams<TTransport, TChain, TSigner> &
-    NotType<TTransport, AlchemyTransport>,
-): Promise<ModularAccountV2Client<TSigner, TChain>>;
+  args: CreateModularAccountV2ClientParams<TTransport, TChain, TSigner>,
+): Promise<ModularAccountV2Client<TSigner, TChain, TTransport>>;
 
+export function createModularAccountV2Client<
+  TTransport extends Transport = Transport,
+  TChain extends Chain = Chain,
+>(
+  args: CreateWebauthnModularAccountV2ClientParams<TTransport, TChain>,
+): Promise<WebauthnModularAccountV2Client<TChain, TTransport>>;
 /**
  * Creates a Modular Account V2 client using the provided configuration parameters.
  *
@@ -108,19 +144,39 @@ export function createModularAccountV2Client<
 export async function createModularAccountV2Client(
   config:
     | CreateModularAccountV2ClientParams
+    | CreateWebauthnModularAccountV2ClientParams
     | CreateModularAccountV2AlchemyClientParams,
 ): Promise<SmartAccountClient | AlchemySmartAccountClient> {
   const { transport, chain } = config;
 
-  const account = await createModularAccountV2(config);
+  let account;
+
+  if (config.mode === "webauthn") {
+    account = await createModularAccountV2(
+      config as CreateWebauthnModularAccountV2Params<Transport>,
+    );
+  } else {
+    account = await createModularAccountV2(
+      config as CreateModularAccountV2Params,
+    );
+  }
 
-  const middlewareToAppend =
-    config.mode === "7702"
-      ? {
+  const middlewareToAppend = await (async () => {
+    switch (config.mode) {
+      case "7702":
+        return {
           gasEstimator: default7702GasEstimator(config.gasEstimator),
           signUserOperation: default7702UserOpSigner(config.signUserOperation),
-        }
-      : {};
+        };
+      case "webauthn":
+        return {
+          gasEstimator: webauthnGasEstimator(config.gasEstimator),
+        };
+      case "default":
+      default:
+        return {};
+    }
+  })();
 
   if (isAlchemyTransport(transport, chain)) {
     return createAlchemySmartAccountClient({

package/src/ma-v2/errors.ts

@@ -0,0 +1,33 @@
+import { BaseError } from "@aa-sdk/core";
+
+/**
+ * Error when Webauthn credentials are not passed to Webauthn Modular Account V2
+ */
+export class WebauthnCredentialsRequiredError extends BaseError {
+  override name = "WebauthnCredentialsRequiredError";
+  constructor() {
+    super(
+      "Webauthn credentials are required to create a Webauthn Modular Account V2",
+    );
+  }
+}
+
+/**
+ * Error when a signer is not passed to 7702 version of Modular Account V2
+ */
+export class SignerRequiredFor7702Error extends BaseError {
+  override name = "SignerRequiredFor7702Error";
+  constructor() {
+    super("A signer is required to create a 7702 Modular Account V2");
+  }
+}
+
+/**
+ * Error when a signer is not passed to default Modular Account V2
+ */
+export class SignerRequiredForDefaultError extends BaseError {
+  override name = "SignerRequiredForDefaultError";
+  constructor() {
+    super("A signer is required to create a default Modular Account V2");
+  }
+}

package/src/ma-v2/index.ts

@@ -46,3 +46,4 @@ export { SingleSignerValidationModule } from "./modules/single-signer-validation
 export { timeRangeModuleAbi } from "./modules/time-range-module/abis/timeRangeModuleAbi.js";
 export { TimeRangeModule } from "./modules/time-range-module/module.js";
 export { webauthnValidationModuleAbi } from "./modules/webauthn-validation/abis/webauthnValidationAbi.js";
+export { WebAuthnValidationModule } from "./modules/webauthn-validation/module.js";

package/src/ma-v2/modules/webauthn-validation/signingMethods.ts

@@ -0,0 +1,158 @@
+import * as WebAuthnP256 from "ox/WebAuthnP256";
+import {
+  type Address,
+  type Chain,
+  concatHex,
+  encodeAbiParameters,
+  hashMessage,
+  hashTypedData,
+  type Hex,
+  type SignableMessage,
+  type TypedData,
+  type TypedDataDefinition,
+} from "viem";
+import { type ToWebAuthnAccountParameters } from "viem/account-abstraction";
+import { pack1271Signature } from "../../utils.js";
+import { getDefaultWebauthnValidationModuleAddress } from "../utils.js";
+
+/**
+ * Creates an object with methods for generating a dummy signature, signing user operation hashes, signing messages, and signing typed data.
+ *
+ * @example 
+ 
+ * ```ts
+ * import { webauthnSigningFunctions } from "@account-kit/smart-contracts";
+ * import { LocalAccountSigner } from "@aa-sdk/core";
+ *
+ * const messageSigner = webauthnSigningFunctions(credential, getFn, rpId, chain, account.address, account.signerEntity.entityId);
+ * ```
+ *
+ * @param {ToWebAuthnAccountParameters} credential the Webauthn public key credential object
+ * @param {ToWebAuthnAccountParameters["getFn"]} getFn function to retrieve the WebAuthn credential
+ * @param {ToWebAuthnAccountParameters["rpId"]} rpId the relying party ID for the WebAuthn credential
+ * @param {Chain} chain Chain object for the signer
+ * @param {Address} accountAddress address of the smart account using this signer
+ * @param {number} entityId the entity id of the signing validation
+ * @param {Hex} deferredActionData optional deferred action data to prepend to the uo signatures
+ * @returns {object} an object with methods for signing operations and managing signatures
+ */
+export const webauthnSigningFunctions = (
+  credential: ToWebAuthnAccountParameters["credential"],
+  getFn: ToWebAuthnAccountParameters["getFn"],
+  rpId: ToWebAuthnAccountParameters["rpId"],
+  chain: Chain,
+  accountAddress: Address,
+  entityId: number,
+  deferredActionData?: Hex,
+) => {
+  const { id, publicKey } = credential;
+
+  const sign = async ({ hash }: { hash: Hex }) => {
+    const { metadata, signature } = await WebAuthnP256.sign({
+      credentialId: id,
+      getFn,
+      challenge: hash,
+      rpId,
+    });
+
+    return encodeAbiParameters(
+      [
+        {
+          name: "params",
+          type: "tuple",
+          components: [
+            { name: "authenticatorData", type: "bytes" },
+            { name: "clientDataJSON", type: "string" },
+            { name: "challengeIndex", type: "uint256" },
+            { name: "typeIndex", type: "uint256" },
+            { name: "r", type: "uint256" },
+            { name: "s", type: "uint256" },
+          ],
+        },
+      ],
+      [
+        {
+          authenticatorData: metadata.authenticatorData,
+          clientDataJSON: metadata.clientDataJSON,
+          challengeIndex: BigInt(metadata.challengeIndex),
+          typeIndex: BigInt(metadata.typeIndex),
+          r: signature.r,
+          s: signature.s,
+        },
+      ],
+    );
+  };
+
+  return {
+    id,
+    publicKey,
+    getDummySignature: (): Hex =>
+      "0xff000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000c0000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000001949fc7c88032b9fcb5f6efc7a7b8c63668eae9871b765e23123bb473ff57aa831a7c0d9276168ebcc29f2875a0239cffdf2a9cd1c2007c5c77c071db9264df1d000000000000000000000000000000000000000000000000000000000000002549960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97630500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a7b2274797065223a22776562617574686e2e676574222c226368616c6c656e6765223a2273496a396e6164474850596759334b7156384f7a4a666c726275504b474f716d59576f4d57516869467773222c226f726967696e223a2268747470733a2f2f7369676e2e636f696e626173652e636f6d222c2263726f73734f726967696e223a66616c73657d00000000000000000000000000000000000000000000",
+    sign,
+    signUserOperationHash: async (uoHash: Hex): Promise<Hex> => {
+      let sig = await sign({ hash: hashMessage({ raw: uoHash }) });
+      if (deferredActionData) {
+        sig = concatHex([deferredActionData, sig]);
+        deferredActionData = undefined;
+      }
+
+      return concatHex(["0xff", sig]);
+    },
+
+    async signMessage({ message }: { message: SignableMessage }): Promise<Hex> {
+      const hash = hashTypedData({
+        domain: {
+          chainId: Number(chain.id),
+          verifyingContract: getDefaultWebauthnValidationModuleAddress(chain),
+          salt: concatHex([`0x${"00".repeat(12)}`, accountAddress]),
+        },
+        types: {
+          ReplaySafeHash: [{ name: "hash", type: "bytes32" }],
+        },
+        message: {
+          hash: hashMessage(message),
+        },
+        primaryType: "ReplaySafeHash",
+      });
+
+      return pack1271Signature({
+        validationSignature: await sign({ hash }),
+        entityId,
+      });
+    },
+
+    signTypedData: async <
+      const typedData extends TypedData | Record<string, unknown>,
+      primaryType extends keyof typedData | "EIP712Domain" = keyof typedData,
+    >(
+      typedDataDefinition: TypedDataDefinition<typedData, primaryType>,
+    ): Promise<Hex> => {
+      const isDeferredAction =
+        typedDataDefinition?.primaryType === "DeferredAction" &&
+        // @ts-expect-error the domain type I think changed in viem, so this is not working correctly (TODO: fix this)
+        "verifyingContract" in typedDataDefinition.domain &&
+        typedDataDefinition.domain.verifyingContract === accountAddress;
+
+      const hash = await hashTypedData({
+        domain: {
+          chainId: Number(chain.id),
+          verifyingContract: getDefaultWebauthnValidationModuleAddress(chain),
+          salt: concatHex([`0x${"00".repeat(12)}`, accountAddress]),
+        },
+        types: {
+          ReplaySafeHash: [{ name: "hash", type: "bytes32" }],
+        },
+        message: {
+          hash: hashTypedData(typedDataDefinition),
+        },
+        primaryType: "ReplaySafeHash",
+      });
+
+      const validationSignature = await sign({ hash });
+
+      return isDeferredAction
+        ? pack1271Signature({ validationSignature, entityId })
+        : validationSignature;
+    },
+  };
+};