@agentlayer.tech/wallet 0.1.17 → 0.1.18

package/agent-wallet/agent_wallet/wallet_layer/wdk_evm.py

@@ -440,6 +440,36 @@ class WdkEvmLocalWalletBackend(AgentWalletBackend):
         self.address = address
         return address
 
+    def sign_x402_evm_exact_typed_data(
+        self,
+        *,
+        domain: dict[str, Any],
+        types: dict[str, Any],
+        primary_type: str,
+        message: dict[str, Any],
+    ) -> bytes:
+        data = self.client.post_sync(
+            "/v1/evm/x402/exact/sign",
+            {
+                "walletId": self.wallet_id,
+                "accountIndex": self.account_index,
+                "network": self.network,
+                "domain": domain,
+                "types": types,
+                "primaryType": primary_type,
+                "message": message,
+            },
+        )
+        signature = str(data.get("signature") or "").strip()
+        if not signature:
+            raise WalletBackendError("wdk-evm-wallet did not return an x402 EVM signature.")
+        if signature.startswith("0x"):
+            signature = signature[2:]
+        try:
+            return bytes.fromhex(signature)
+        except ValueError as exc:
+            raise WalletBackendError("wdk-evm-wallet returned an invalid x402 EVM signature.") from exc
+
     async def get_balance(self, address: str | None = None) -> dict[str, Any]:
         resolved_address = await self.get_address()
         if address is not None and address.strip() and address.strip() != resolved_address:

package/agent-wallet/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "openclaw-agent-wallet"
-version = "0.1.17"
+version = "0.1.18"
 description = "Plugin-friendly wallet backend for OpenClaw agents"
 requires-python = ">=3.10"
 dependencies = [
@@ -15,6 +15,7 @@ dependencies = [
     "python-dotenv>=1.0.0",
     "solana>=0.36.0",
     "solders>=0.27.0",
+    "x402[httpx,svm,evm]>=2.10.0",
 ]
 
 [project.optional-dependencies]

package/agent-wallet/scripts/install_openclaw_local_config.py

@@ -58,6 +58,13 @@ PAY_BRIDGE_TOOLS = [
     "pay_api_request",
 ]
 
+X402_TOOLS = [
+    "x402_search_services",
+    "x402_get_service_details",
+    "x402_preview_request",
+    "x402_pay_request",
+]
+
 
 def _default_config_path() -> Path:
     return Path(os.path.expanduser("~/.openclaw/openclaw.json"))
@@ -329,7 +336,7 @@ def main() -> None:
 
     tools = data.setdefault("tools", {})
     also_allow = tools.setdefault("alsoAllow", [])
-    for tool_name in OPTIONAL_TOOLS + PAY_BRIDGE_TOOLS:
+    for tool_name in OPTIONAL_TOOLS + PAY_BRIDGE_TOOLS + X402_TOOLS:
         if tool_name not in also_allow:
             also_allow.append(tool_name)
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentlayer.tech/wallet",
-  "version": "0.1.17",
+  "version": "0.1.18",
   "description": "NPM installer for the OpenClaw Agent Wallet local runtime.",
   "type": "module",
   "repository": {

package/wdk-evm-wallet/src/server.js

@@ -554,6 +554,12 @@ async function handleRequest(request, response) {
       return sendJson(response, 200, { ok: true, data });
     }
 
+    if (method === "POST" && url.pathname === "/v1/evm/x402/exact/sign") {
+      const body = await withResolvedNetwork(await withResolvedSeed(await readJsonBody(request)));
+      const data = await service.signX402ExactTypedData(body);
+      return sendJson(response, 200, { ok: true, data });
+    }
+
     return notFound(response);
   } catch (error) {
     const shaped = toErrorResponse(error, new URL(request.url || "/", "http://localhost").pathname, 400);

package/wdk-evm-wallet/src/wdk_evm_wallet.js

@@ -149,6 +149,14 @@ function assertPositiveBigIntString(value, fieldName) {
   return parsed;
 }
 
+function assertNonNegativeBigIntString(value, fieldName) {
+  const normalized = String(value ?? "").trim();
+  if (!/^[0-9]+$/.test(normalized)) {
+    throw new Error(`${fieldName} must be a non-negative base-10 integer string.`);
+  }
+  return normalized;
+}
+
 function normalizeAddress(value, fieldName) {
   const address = assertNonEmptyString(value, fieldName);
   if (!/^0x[a-fA-F0-9]{40}$/.test(address)) {
@@ -305,6 +313,71 @@ function mergeBridgeLists(...values) {
   return items.length > 0 ? items.join(",") : null;
 }
 
+function assertPlainObject(value, fieldName) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    throw new Error(`${fieldName} must be an object.`);
+  }
+  return value;
+}
+
+function normalizeX402ExactTypedData({ domain, types, primaryType, message }, runtimeConfig) {
+  const normalizedPrimaryType = assertNonEmptyString(primaryType, "primaryType");
+  if (normalizedPrimaryType !== "TransferWithAuthorization") {
+    throw new Error("primaryType must be TransferWithAuthorization for x402 exact EVM payments.");
+  }
+
+  const domainObject = assertPlainObject(domain, "domain");
+  const domainChainId = assertNonNegativeInteger(domainObject.chainId, "domain.chainId");
+  if (domainChainId !== runtimeConfig.chainId) {
+    throw new Error("domain.chainId must match the active network chain id.");
+  }
+  const normalizedDomain = {
+    name: assertNonEmptyString(domainObject.name, "domain.name"),
+    version: assertNonEmptyString(domainObject.version, "domain.version"),
+    chainId: domainChainId,
+    verifyingContract: normalizeAddress(domainObject.verifyingContract, "domain.verifyingContract"),
+  };
+
+  const typesObject = assertPlainObject(types, "types");
+  const primaryFields = typesObject[normalizedPrimaryType];
+  if (!Array.isArray(primaryFields) || primaryFields.length === 0) {
+    throw new Error(`types.${normalizedPrimaryType} must be a non-empty array.`);
+  }
+  const normalizedTypes = {};
+  for (const [typeName, fields] of Object.entries(typesObject)) {
+    if (!Array.isArray(fields) || fields.length === 0) {
+      throw new Error(`types.${typeName} must be a non-empty array.`);
+    }
+    normalizedTypes[typeName] = fields.map((field, index) => {
+      const normalizedField = assertPlainObject(field, `types.${typeName}[${index}]`);
+      return {
+        name: assertNonEmptyString(normalizedField.name, `types.${typeName}[${index}].name`),
+        type: assertNonEmptyString(normalizedField.type, `types.${typeName}[${index}].type`),
+      };
+    });
+  }
+
+  const messageObject = assertPlainObject(message, "message");
+  const normalizedMessage = {
+    from: normalizeAddress(messageObject.from, "message.from"),
+    to: normalizeAddress(messageObject.to, "message.to"),
+    value: assertPositiveBigIntString(messageObject.value, "message.value").toString(),
+    validAfter: assertNonNegativeBigIntString(messageObject.validAfter, "message.validAfter"),
+    validBefore: assertPositiveBigIntString(messageObject.validBefore, "message.validBefore").toString(),
+    nonce: assertNonEmptyString(messageObject.nonce, "message.nonce"),
+  };
+  if (!/^0x[a-fA-F0-9]{64}$/.test(normalizedMessage.nonce)) {
+    throw new Error("message.nonce must be a 32-byte hex string.");
+  }
+
+  return {
+    domain: normalizedDomain,
+    types: normalizedTypes,
+    primaryType: normalizedPrimaryType,
+    message: normalizedMessage,
+  };
+}
+
 function buildSwapRequest({ tokenIn, tokenOut, tokenInAmount }) {
   const swapRequest = {
     tokenIn: normalizeAddress(tokenIn, "tokenIn"),
@@ -2335,6 +2408,41 @@ export class WdkEvmWalletService {
     });
   }
 
+  async signX402ExactTypedData({
+    seedPhrase,
+    accountIndex = 0,
+    network,
+    domain,
+    types,
+    primaryType,
+    message,
+  }) {
+    return this.#withAccount({ seedPhrase, accountIndex, network }, async (account, runtimeConfig) => {
+      const typedData = normalizeX402ExactTypedData(
+        { domain, types, primaryType, message },
+        runtimeConfig
+      );
+      const signerAddress = normalizeAddress(await account.getAddress(), "accountAddress");
+      if (typedData.message.from.toLowerCase() !== signerAddress.toLowerCase()) {
+        throw new Error("message.from must match the active wallet account address.");
+      }
+      const signature = await account.signTypedData({
+        domain: typedData.domain,
+        types: typedData.types,
+        message: typedData.message,
+      });
+      return {
+        network: runtimeConfig.network,
+        chainId: runtimeConfig.chainId,
+        accountIndex,
+        address: signerAddress,
+        primaryType: typedData.primaryType,
+        signature,
+        source: "wdk-wallet-evm",
+      };
+    });
+  }
+
   #resolveRuntimeConfig(networkOverride) {
     const network = assertValidNetwork(networkOverride) || this.config.network;
     const profile = this.config.networkProfiles?.[network];