@alchemy/smart-accounts 5.0.0-beta.26 → 5.0.0-beta.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/esm/ma-v2/permissionBuilder.js +38 -20
  2. package/dist/esm/ma-v2/permissionBuilder.js.map +1 -1
  3. package/dist/esm/version.d.ts +1 -1
  4. package/dist/esm/version.js +1 -1
  5. package/dist/esm/version.js.map +1 -1
  6. package/dist/types/ma-v2/permissionBuilder.d.ts.map +1 -1
  7. package/dist/types/version.d.ts +1 -1
  8. package/package.json +4 -4
  9. package/src/ma-v2/permissionBuilder.ts +44 -25
  10. package/src/version.ts +1 -1
package/dist/esm/ma-v2/permissionBuilder.js CHANGED
@@ -17,6 +17,39 @@ const ACCOUNT_EXECUTE_SELECTOR = "0xb61d27f6";
17
17
  const ACCOUNT_EXECUTEBATCH_SELECTOR = "0x34fcd5be";
18
18
  const ACCOUNT_PERFORM_CREATE_SELECTOR = "0x5998db5c";
19
19
  const ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR = "0xf2680c0f";
20
+ const ACCOUNT_INSTALL_VALIDATION_SELECTOR = "0x1bbf564c";
21
+ const ACCOUNT_UNINSTALL_VALIDATION_SELECTOR = "0xb6b1ccfe";
22
+ const ACCOUNT_INSTALL_EXECUTION_SELECTOR = "0x1d37e7d6";
23
+ const ACCOUNT_UNINSTALL_EXECUTION_SELECTOR = "0x0b7cad71";
24
+ const ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR = "0x4f1ef286";
25
+ // Wrapped native functions that must not be added to a session key's selector allowlist.
26
+ const PRIVILEGED_SELECTORS = {
27
+ [ACCOUNT_PERFORM_CREATE_SELECTOR]: "performCreate",
28
+ [ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR]: "executeWithRuntimeValidation",
29
+ [ACCOUNT_INSTALL_VALIDATION_SELECTOR]: "installValidation",
30
+ [ACCOUNT_UNINSTALL_VALIDATION_SELECTOR]: "uninstallValidation",
31
+ [ACCOUNT_INSTALL_EXECUTION_SELECTOR]: "installExecution",
32
+ [ACCOUNT_UNINSTALL_EXECUTION_SELECTOR]: "uninstallExecution",
33
+ [ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR]: "upgradeToAndCall",
34
+ };
35
+ // Auto-added by translatePermissions when a PREVAL_ALLOWLIST hook exists.
36
+ // Blocked from manual addition to ensure they're only added with proper hook context.
37
+ const SYSTEM_MANAGED_SELECTORS = {
38
+ [ACCOUNT_EXECUTE_SELECTOR]: "execute",
39
+ [ACCOUNT_EXECUTEBATCH_SELECTOR]: "executeBatch",
40
+ };
41
+ function assertNotForbiddenSelector(selector) {
42
+ const normalized = selector.toLowerCase();
43
+ const match = PRIVILEGED_SELECTORS[normalized] ?? SYSTEM_MANAGED_SELECTORS[normalized];
44
+ if (match != null) {
45
+ throw new SelectorNotAllowed(match);
46
+ }
47
+ }
48
+ function assertNoForbiddenSelectors(selectors) {
49
+ for (const selector of selectors) {
50
+ assertNotForbiddenSelector(selector);
51
+ }
52
+ }
20
53
  /**
21
54
  * A pseudo-enum for permission types.
22
55
  */
@@ -130,8 +163,10 @@ export class PermissionBuilder {
130
163
  signer: key.publicKey,
131
164
  });
132
165
  this.nonce = nonce;
133
- if (selectors)
166
+ if (selectors) {
167
+ assertNoForbiddenSelectors(selectors);
134
168
  this.selectors = selectors;
169
+ }
135
170
  if (hooks)
136
171
  this.hooks = hooks;
137
172
  if (deadline)
@@ -144,12 +179,7 @@ export class PermissionBuilder {
144
179
  * @returns {this} The permission builder instance.
145
180
  */
146
181
  addSelector({ selector }) {
147
- if (selector === ACCOUNT_PERFORM_CREATE_SELECTOR) {
148
- throw new SelectorNotAllowed("performCreate");
149
- }
150
- if (selector === ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR) {
151
- throw new SelectorNotAllowed("executeWithRuntimeValidation");
152
- }
182
+ assertNotForbiddenSelector(selector);
153
183
  this.selectors.push(selector);
154
184
  return this;
155
185
  }
@@ -201,19 +231,7 @@ export class PermissionBuilder {
201
231
  if (permission.data.functions.length === 0) {
202
232
  throw new NoFunctionsProvidedError(permission);
203
233
  }
204
- // Explicitly disallow adding execute, executeBatch, performCreate, and executeWithRuntimeValidation
205
- if (permission.data.functions.includes(ACCOUNT_EXECUTE_SELECTOR)) {
206
- throw new SelectorNotAllowed("execute");
207
- }
208
- else if (permission.data.functions.includes(ACCOUNT_EXECUTEBATCH_SELECTOR)) {
209
- throw new SelectorNotAllowed("executeBatch");
210
- }
211
- else if (permission.data.functions.includes(ACCOUNT_PERFORM_CREATE_SELECTOR)) {
212
- throw new SelectorNotAllowed("performCreate");
213
- }
214
- else if (permission.data.functions.includes(ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR)) {
215
- throw new SelectorNotAllowed("executeWithRuntimeValidation");
216
- }
234
+ assertNoForbiddenSelectors(permission.data.functions);
217
235
  this.selectors = [...this.selectors, ...permission.data.functions];
218
236
  }
219
237
  this.permissions.push(permission);
package/dist/esm/ma-v2/permissionBuilder.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"permissionBuilder.js","sourceRoot":"","sources":["../../../src/ma-v2/permissionBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,KAAK,EACL,WAAW,GAMZ,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,sBAAsB,EAAE,MAAM,+CAA+C,CAAC;AACvF,OAAO,EAAE,4BAA4B,EAAE,MAAM,8CAA8C,CAAC;AAC5F,OAAO,EAAE,eAAe,EAAE,MAAM,sCAAsC,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AACxE,OAAO,EAAE,QAAQ,EAA0C,MAAM,YAAY,CAAC;AAC9E,OAAO,EACL,eAAe,GAEhB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,wBAAwB,GAEzB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACpE,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,2BAA2B,EAC3B,oBAAoB,EACpB,qBAAqB,EACrB,gCAAgC,EAChC,wBAAwB,EACxB,uBAAuB,EACvB,kBAAkB,EAClB,0BAA0B,EAC1B,gBAAgB,GACjB,MAAM,sCAAsC,CAAC;AAE9C,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAE9E,uDAAuD;AACvD,MAAM,WAAW,GAAG,UAAU,CAAC;AAC/B,MAAM,sBAAsB,GAAG,YAAY,CAAC;AAC5C,MAAM,uBAAuB,GAAG,YAAY,CAAC;AAC7C,MAAM,wBAAwB,GAAG,YAAY,CAAC;AAC9C,MAAM,6BAA6B,GAAG,YAAY,CAAC;AACnD,MAAM,+BAA+B,GAAG,YAAY,CAAC;AACrD,MAAM,gDAAgD,GAAG,YAAY,CAAC;AAEtE;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,qBAAqB,EAAE,uBAAuB;IAC9C,oBAAoB,EAAE,sBAAsB;IAC5C,oEAAoE;IACpE,sEAAsE;IACtE,SAAS,EAAE,WAAW;IACtB,6CAA6C;IAC7C,6CAA6C;IAC7C,eAAe,EAAE,iBAAiB;IAClC,iBAAiB,EAAE,mBAAmB;IACtC,0BAA0B,EAAE,4BAA4B;IACxD,qBAAqB,EAAE,uBAAuB;IAC9C,IAAI,EAAE,MAAM;CACJ,CAAC;AAMX;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,qBAAqB,EAAE,uBAAuB;IAC9C,oBAAoB,EAAE,sBAAsB;IAC5C,SAAS,EAAE,WAAW;IACtB,gBAAgB,EAAE,kBAAkB,EAAE,qGAAqG;CACnI,CAAC;AA8IX;;GAEG;AACH,MAAM,OAAO,iBAAiB;IAiB5B;;;;OAIG;IACH,YAAY,EACV,MAAM,EACN,GAAG,EACH,QAAQ,EACR,KAAK,EACL,SAAS,EACT,KAAK,EACL,QAAQ,GAST;QArCO;;;;;WAA+C;QAC/C;;;;mBAAqC;gBAC3C,aAAa,EAAE,WAAW;gBAC1B,QAAQ,EAAE,CAAC,EAAE,SAAS;gBACtB,QAAQ,EAAE,KAAK;gBACf,qBAAqB,EAAE,KAAK;gBAC5B,kBAAkB,EAAE,KAAK;aAC1B;WAAC;QACM;;;;mBAAmB,EAAE;WAAC;QACtB;;;;mBAAmB,IAAI;WAAC;QACxB;;;;mBAA4B,EAAE;WAAC;QAC/B;;;;mBAAgB,EAAE;WAAC;QACnB;;;;mBAAgB,EAAE;WAAC;QACnB;;;;mBAAkC,KAAK;WAAC;QACxC;;;;mBAAmB,CAAC;WAAC;QAwB3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,gBAAgB,GAAG;YACtB,aAAa,EAAE,oBAAoB,CAAC,wBAAwB;YAC5D,QAAQ;YACR,kBAAkB,EAAE,IAAI;YACxB,QAAQ,EAAE,KAAK;YACf,qBAAqB,EAAE,KAAK;SAC7B,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,4BAA4B,CAAC,mBAAmB,CAAC;YAClE,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,GAAG,CAAC,SAAS;SACtB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,SAAS;YAAE,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC1C,IAAI,KAAK;YAAE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QAC9B,IAAI,QAAQ;YAAE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACH,WAAW,CAAC,EAAE,QAAQ,EAAqB;QACzC,IAAI,QAAQ,KAAK,+BAA+B,EAAE,CAAC;YACjD,MAAM,IAAI,kBAAkB,CAAC,eAAe,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,QAAQ,KAAK,gDAAgD,EAAE,CAAC;YAClE,MAAM,IAAI,kBAAkB,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACH,aAAa,CAAC,EAAE,UAAU,EAA8B;QACtD,qEAAqE;QACrE,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,MAAM,IAAI,uBAAuB,CAAC,UAAU,CAAC,CAAC;YAChD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAClC,uBAAuB;YACvB,IAAI,CAAC,gBAAgB,CAAC,QAAQ,GAAG,IAAI,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,8FAA8F;QAC9F,iDAAiD;QACjD,sGAAsG;QACtG,6CAA6C;QAC7C,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACjE,MAAM,IAAI,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC;QAED,iIAAiI;QACjI,IACE,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;YAClD,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,qBAAqB,EACxD,CAAC;YACD,8GAA8G;YAC9G,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC5D,MAAM,IAAI,2BAA2B,CAAC,UAAU,CAAC,CAAC;YACpD,CAAC;YAED,oFAAoF;YACpF,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC;YAC9C,MAAM,iCAAiC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAC7D,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;gBACxC,SAAS,IAAI,CAAC,CAAC,IAAI;gBACnB,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,aAAa,CAAC;gBACnC,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,qBAAqB;oBAC9C,SAAS,IAAI,CAAC,CAAC,IAAI;oBACnB,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,aAAa,CAAC,CACtC,CAAC;YAEF,IAAI,iCAAiC,EAAE,CAAC;gBACtC,MAAM,IAAI,2BAA2B,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB,EAAE,CAAC;YACzD,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACjD,CAAC;YACD,oGAAoG;YACpG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAC1C,CAAC;iBAAM,IACL,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EACjE,CAAC;gBACD,MAAM,IAAI,kBAAkB,CAAC,cAAc,CAAC,CAAC;YAC/C,CAAC;iBAAM,IACL,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,+BAA+B,CAAC,EACnE,CAAC;gBACD,MAAM,IAAI,kBAAkB,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC;iBAAM,IACL,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAChC,gDAAgD,CACjD,EACD,CAAC;gBACD,MAAM,IAAI,kBAAkB,CAAC,8BAA8B,CAAC,CAAC;YAC/D,CAAC;YACD,IAAI,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACH,cAAc,CAAC,EAAE,WAAW,EAAiC;QAC3D,iFAAiF;QACjF,gEAAgE;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACjC,IAAI,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe;QAInB,wCAAwC;QACxC,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;YACxB,IAAI,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;gBACtC,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,GAAG,SAAS,EAAE,CAAC;gBAC9B,MAAM,IAAI,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClD,CAAC;YAED,IAAI,CAAC,KAAK,CAAC,IAAI,CACb,eAAe,CAAC,SAAS,CACvB;gBACE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACxC,UAAU,EAAE,IAAI,CAAC,QAAQ;gBACzB,UAAU,EAAE,CAAC;aACd,EACD,oBAAoB,CAAC,UAAU,CAChC,CACF,CAAC;QACJ,CAAC;QAED,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAEtD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CACzC,IAAI,CAAC,MAAM,CACZ,CAAC,mCAAmC,CAAC;YACpC,QAAQ,EAAE,qBAAqB;YAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,MAAM,mBAAmB,GAAG,eAAe,CACzC,IAAI,CAAC,MAAM,CACZ,CAAC,sCAAsC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;QAExD,wEAAwE;QACxE,MAAM,qCAAqC,GAAkB,MAC3D,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GACtC,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YACnB,IAAI,EAAE,EAAE;SACT,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAE7C,OAAO;YACL,SAAS;YACT,qCAAqC;SACtC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;QACpC,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,iDAAiD;QACjD,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CACxC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAC/B,CAAC;YACF,0CAA0C;YAC1C,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC;QACD,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAE7B,OAAO,MAAM,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,uBAAuB,CAAC;YACzE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB;QACtB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;QACpC,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAE7B,OAAO;YACL,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,OAAO;SACR,CAAC;IACJ,CAAC;IAEO,qBAAqB;QAC3B,IACE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,KAAK,KAAK;YACxC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAC3B,CAAC;YACD,MAAM,IAAI,0BAA0B,EAAE,CAAC;QACzC,CAAC;IACH,CAAC;IAED,sEAAsE;IACtE,8CAA8C;IACtC,oBAAoB,CAAC,QAAgB;QAC3C,MAAM,QAAQ,GAAa;YACzB,CAAC,cAAc,CAAC,qBAAqB,CAAC,EAAE,SAAS;YACjD,CAAC,cAAc,CAAC,oBAAoB,CAAC,EAAE,SAAS;YAChD,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,SAAS;YACrC,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,SAAS;SAC7C,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACtC,QAAQ,UAAU,CAAC,IAAI,EAAE,CAAC;gBACxB,KAAK,cAAc,CAAC,qBAAqB;oBACvC,gEAAgE;oBAChE,IAAI,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,KAAK,SAAS,EAAE,CAAC;wBACjE,MAAM,IAAI,gCAAgC,CAAC,UAAU,CAAC,CAAC;oBACzD,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,GAAG;wBAC/C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,kBAAkB;4BAChD,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,SAAS;4BAC5B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;yBAC9C;qBACF,CAAC;oBACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;oBACnC,MAAM;gBACR,KAAK,cAAc,CAAC,oBAAoB;oBACtC,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,GAAG;wBAC9C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ,EAAE,QAAQ,GAAG,WAAW;4BAChC,QAAQ,EAAE,QAAQ,CAAC,SAAS;4BAC5B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ,EAAE,QAAQ,GAAG,WAAW;4BAChC,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,EAAE,QAAQ;qCACxD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,IAAI;oCACxB,eAAe,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;oCAClD,SAAS,EAAE,EAAE;iCACd;6BACF;yBACF;qBACF,CAAC;oBACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;oBACnC,oDAAoD;oBACpD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,IAAI;oCAC1B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,CAAC,sBAAsB,EAAE,uBAAuB,CAAC,EAAE,oBAAoB;iCACnF;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,SAAS;oBAC3B,oEAAoE;oBACpE,IAAI,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,KAAK,SAAS,EAAE,CAAC;wBACrD,MAAM,IAAI,qBAAqB,CAAC,UAAU,CAAC,CAAC;oBAC9C,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;wBACnC,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,kBAAkB;4BAChD,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;yBAC1C;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,eAAe;oBACjC,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,EAAE;iCACd;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,iBAAiB;oBACnC,qCAAqC;oBACrC,MAAM;gBACR,KAAK,cAAc,CAAC,0BAA0B;oBAC5C,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;oBACjD,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,WAAW;oCACnB,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;iCACrC;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,qBAAqB;oBACvC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;oBACjD,CAAC;oBACD,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,IAAI;oCAC1B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;iCACrC;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,IAAI;oBACtB,2CAA2C;oBAC3C,MAAM;gBACR;oBACE,OAAO,WAAW,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAC;YACjE,CAAC;YAED,6EAA6E;YAC7E,uFAAuF;YACvF,IAAI,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC5D,MAAM,cAAc,GAAoB;oBACtC,wBAAwB;oBACxB,6BAA6B;iBAC9B,CAAC,CAAC,wBAAwB;gBAE3B,kEAAkE;gBAClE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CACxC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACjD,CAAC;gBAEF,IAAI,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,YAAY,CAAC,CAAC;YACxD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,QAAQ,CAAC,QAAkB;QACjC,MAAM,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC;QAC3D,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,QAAQ,EAAE,sBAAsB,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC;aACnE,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,CAAC;QAC5D,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,QAAQ,EAAE,eAAe,CAAC,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,EAAE,GAAG,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,EAAE,CAAC,UAAU;gBACzB,QAAQ,EAAE,sBAAsB,CAAC,mBAAmB,CAAC,EAAE,CAAC,QAAQ,CAAC;aAClE,CAAC,CAAC;QACL,CAAC;QAED,MAAM,SAAS,GAAG,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC5D,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,SAAS,CAAC,UAAU;gBAChC,QAAQ,EAAE,eAAe,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;CACF","sourcesContent":["import {\n maxUint48,\n toHex,\n zeroAddress,\n type Address,\n type Chain,\n type Client,\n type Hex,\n type Transport,\n} from \"viem\";\nimport { NativeTokenLimitModule } from \"./modules/native-token-limit-module/module.js\";\nimport { SingleSignerValidationModule } from \"./modules/single-signer-validation/module.js\";\nimport { AllowlistModule } from \"./modules/allowlist-module/module.js\";\nimport { TimeRangeModule } from \"./modules/time-range-module/module.js\";\nimport { HookType, type HookConfig, type ValidationConfig } from \"./types.js\";\nimport {\n deferralActions,\n type DeferredActionTypedData,\n} from \"./decorators/deferralActions.js\";\nimport {\n installValidationActions,\n type InstallValidationParams,\n} from \"./decorators/installValidation.js\";\nimport { assertNever, AccountNotFoundError } from \"@alchemy/common\";\nimport {\n AccountAddressAsTargetError,\n DeadlineOverLimitError,\n DuplicateTargetAddressError,\n ExpiredDeadlineError,\n MultipleGasLimitError,\n MultipleNativeTokenTransferError,\n NoFunctionsProvidedError,\n RootPermissionOnlyError,\n SelectorNotAllowed,\n ValidationConfigUnsetError,\n ZeroAddressError,\n} from \"../errors/permissionBuilderErrors.js\";\nimport type { SmartAccount } from \"viem/account-abstraction\";\nimport { DefaultModuleAddress, isModularAccountV2 } from \"./utils/account.js\";\n\n// We use this to offset the ERC20 spend limit entityId\nconst HALF_UINT32 = 2147483647;\nconst ERC20_APPROVE_SELECTOR = \"0x095ea7b3\";\nconst ERC20_TRANSFER_SELECTOR = \"0xa9059cbb\";\nconst ACCOUNT_EXECUTE_SELECTOR = \"0xb61d27f6\";\nconst ACCOUNT_EXECUTEBATCH_SELECTOR = \"0x34fcd5be\";\nconst ACCOUNT_PERFORM_CREATE_SELECTOR = \"0x5998db5c\";\nconst ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR = \"0xf2680c0f\";\n\n/**\n * A pseudo-enum for permission types.\n */\nexport const PermissionType = {\n NATIVE_TOKEN_TRANSFER: \"native-token-transfer\",\n ERC20_TOKEN_TRANSFER: \"erc20-token-transfer\",\n // ERC721_TOKEN_TRANSFER : \"erc721-token-transfer\", // Unimplemented\n // ERC1155_TOKEN_TRANSFER : \"erc1155-token-transfer\", // Unimplemented\n GAS_LIMIT: \"gas-limit\",\n // CALL_LIMIT : \"call-limit\", //Unimplemented\n // RATE_LIMIT : \"rate-limit\", //Unimplemented\n CONTRACT_ACCESS: \"contract-access\",\n ACCOUNT_FUNCTIONS: \"account-functions\",\n FUNCTIONS_ON_ALL_CONTRACTS: \"functions-on-all-contracts\",\n FUNCTIONS_ON_CONTRACT: \"functions-on-contract\",\n ROOT: \"root\",\n} as const;\n\n// eslint-disable-next-line @typescript-eslint/no-redeclare\nexport type PermissionType =\n (typeof PermissionType)[keyof typeof PermissionType];\n\n/**\n * A pseudo-enum for hook identifiers.\n */\nexport const HookIdentifier = {\n NATIVE_TOKEN_TRANSFER: \"native-token-transfer\",\n ERC20_TOKEN_TRANSFER: \"erc20-token-transfer\",\n GAS_LIMIT: \"gas-limit\",\n PREVAL_ALLOWLIST: \"preval-allowlist\", // aggregate of CONTRACT_ACCESS, ACCOUNT_FUNCTIONS, FUNCTIONS_ON_ALL_CONTRACTS, FUNCTIONS_ON_CONTRACT\n} as const;\n\n// eslint-disable-next-line @typescript-eslint/no-redeclare\nexport type HookIdentifier =\n (typeof HookIdentifier)[keyof typeof HookIdentifier];\n\ntype PreExecutionHookConfig = {\n address: Address;\n entityId: number;\n hookType: typeof HookType.EXECUTION;\n hasPreHooks: true;\n hasPostHooks: false;\n};\n\ntype PreValidationHookConfig = {\n address: Address;\n entityId: number;\n hookType: typeof HookType.VALIDATION;\n hasPreHooks: true;\n hasPostHooks: false;\n};\n\ntype RawHooks = {\n [HookIdentifier.NATIVE_TOKEN_TRANSFER]:\n | {\n hookConfig: PreExecutionHookConfig;\n initData: {\n entityId: number;\n spendLimit: bigint;\n };\n }\n | undefined;\n [HookIdentifier.ERC20_TOKEN_TRANSFER]:\n | {\n hookConfig: PreExecutionHookConfig;\n initData: {\n entityId: number;\n inputs: Array<{\n target: Address;\n hasSelectorAllowlist: boolean;\n hasERC20SpendLimit: boolean;\n erc20SpendLimit: bigint;\n selectors: Array<Hex>;\n }>;\n };\n }\n | undefined;\n [HookIdentifier.GAS_LIMIT]:\n | {\n hookConfig: PreValidationHookConfig;\n initData: {\n entityId: number;\n spendLimit: bigint;\n };\n }\n | undefined;\n [HookIdentifier.PREVAL_ALLOWLIST]:\n | {\n hookConfig: PreValidationHookConfig;\n\n initData: {\n entityId: number;\n inputs: Array<{\n target: Address;\n hasSelectorAllowlist: boolean;\n hasERC20SpendLimit: boolean;\n erc20SpendLimit: bigint;\n selectors: Array<Hex>;\n }>;\n };\n }\n | undefined;\n};\n\ntype Key = {\n publicKey: Hex;\n type: \"secp256k1\" | \"contract\";\n};\n\nexport type Permission =\n | {\n // this permission allows transfer of native tokens from the account\n type: typeof PermissionType.NATIVE_TOKEN_TRANSFER;\n data: {\n allowance: Hex;\n };\n }\n | {\n // this permission allows transfer or approval of erc20 tokens from the account\n type: typeof PermissionType.ERC20_TOKEN_TRANSFER;\n data: {\n address: Address; // erc20 token contract address\n allowance: Hex;\n };\n }\n | {\n // this permissions allows the key to spend gas for UOs\n type: typeof PermissionType.GAS_LIMIT;\n data: {\n limit: Hex;\n };\n }\n | {\n // this permission grants access to all functions in a contract\n type: typeof PermissionType.CONTRACT_ACCESS;\n data: {\n address: Address;\n };\n }\n | {\n // this permission grants access to functions in the account\n type: typeof PermissionType.ACCOUNT_FUNCTIONS;\n data: {\n functions: Hex[]; // function signatures\n };\n }\n | {\n // this permission grants access to a function selector in any address or contract\n type: typeof PermissionType.FUNCTIONS_ON_ALL_CONTRACTS;\n data: {\n functions: Hex[]; // function signatures\n };\n }\n | {\n // this permission grants access to specified functions on a specific contract\n type: typeof PermissionType.FUNCTIONS_ON_CONTRACT;\n data: {\n address: Address;\n functions: Hex[];\n };\n }\n | {\n // this permission grants full access to everything\n type: typeof PermissionType.ROOT;\n data?: never;\n };\n\ntype Hook = {\n hookConfig: HookConfig;\n initData: Hex;\n};\n\n/**\n * A builder for constructing a Permission object.\n */\nexport class PermissionBuilder {\n private client: Client<Transport, Chain, SmartAccount>;\n private validationConfig: ValidationConfig = {\n moduleAddress: zeroAddress,\n entityId: 0, // uint32\n isGlobal: false,\n isSignatureValidation: false,\n isUserOpValidation: false,\n };\n private selectors: Hex[] = [];\n private installData: Hex = \"0x\";\n private permissions: Permission[] = [];\n private hooks: Hook[] = [];\n private nonce: bigint = 0n;\n private hasAssociatedExecHooks: boolean = false;\n private deadline: number = 0;\n\n /**\n * Creates a PermissionBuilder instance.\n *\n * @param {PermissionBuilderParams} params - The parameters for creating a PermissionBuilder instance.\n */\n constructor({\n client,\n key,\n entityId,\n nonce,\n selectors,\n hooks,\n deadline,\n }: {\n client: Client<Transport, Chain, SmartAccount>;\n key: Key;\n entityId: number;\n nonce: bigint;\n selectors?: Hex[];\n hooks?: Hook[];\n deadline?: number;\n }) {\n const account = client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n this.client = client;\n this.validationConfig = {\n moduleAddress: DefaultModuleAddress.SINGLE_SIGNER_VALIDATION,\n entityId,\n isUserOpValidation: true,\n isGlobal: false,\n isSignatureValidation: false,\n };\n this.installData = SingleSignerValidationModule.encodeOnInstallData({\n entityId: entityId,\n signer: key.publicKey,\n });\n this.nonce = nonce;\n if (selectors) this.selectors = selectors;\n if (hooks) this.hooks = hooks;\n if (deadline) this.deadline = deadline;\n }\n\n /**\n * Adds a selector to the permission builder.\n *\n * @param {Hex} selector - The selector to add.\n * @returns {this} The permission builder instance.\n */\n addSelector({ selector }: { selector: Hex }): this {\n if (selector === ACCOUNT_PERFORM_CREATE_SELECTOR) {\n throw new SelectorNotAllowed(\"performCreate\");\n }\n if (selector === ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR) {\n throw new SelectorNotAllowed(\"executeWithRuntimeValidation\");\n }\n this.selectors.push(selector);\n return this;\n }\n\n /**\n * Adds a permission to the permission builder.\n *\n * @param {Permission} permission - The permission to add.\n * @returns {this} The permission builder instance.\n */\n addPermission({ permission }: { permission: Permission }): this {\n // Check 1: If we're adding root, we can't have any other permissions\n if (permission.type === PermissionType.ROOT) {\n if (this.permissions.length !== 0) {\n throw new RootPermissionOnlyError(permission);\n }\n this.permissions.push(permission);\n // Set isGlobal to true\n this.validationConfig.isGlobal = true;\n return this;\n }\n\n // Check 2: If the permission is NOT ROOT (guaranteed), ensure there is no ROOT permission set\n // Will resolve to undefined if ROOT is not found\n // NOTE: Technically this could be replaced by checking permissions[0] since it should not be possible\n // to have >1 permission with root among them\n if (this.permissions.find((p) => p.type === PermissionType.ROOT)) {\n throw new RootPermissionOnlyError(permission);\n }\n\n // Check 3: If the permission is either CONTRACT_ACCESS or FUNCTIONS_ON_CONTRACT, ensure it doesn't collide with another like it.\n if (\n permission.type === PermissionType.CONTRACT_ACCESS ||\n permission.type === PermissionType.FUNCTIONS_ON_CONTRACT\n ) {\n // Check 3.1: address must not be the account address, or the user should use the ACCOUNT_FUNCTIONS permission\n if (permission.data.address === this.client.account.address) {\n throw new AccountAddressAsTargetError(permission);\n }\n\n // Check 3.2: there must not be an existing permission with this address as a target\n const targetAddress = permission.data.address;\n const existingPermissionWithSameAddress = this.permissions.find(\n (p) =>\n (p.type === PermissionType.CONTRACT_ACCESS &&\n \"address\" in p.data &&\n p.data.address === targetAddress) ||\n (p.type === PermissionType.FUNCTIONS_ON_CONTRACT &&\n \"address\" in p.data &&\n p.data.address === targetAddress),\n );\n\n if (existingPermissionWithSameAddress) {\n throw new DuplicateTargetAddressError(permission, targetAddress);\n }\n }\n\n // Check 4: If the permission is ACCOUNT_FUNCTIONS, add selectors\n if (permission.type === PermissionType.ACCOUNT_FUNCTIONS) {\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n // Explicitly disallow adding execute, executeBatch, performCreate, and executeWithRuntimeValidation\n if (permission.data.functions.includes(ACCOUNT_EXECUTE_SELECTOR)) {\n throw new SelectorNotAllowed(\"execute\");\n } else if (\n permission.data.functions.includes(ACCOUNT_EXECUTEBATCH_SELECTOR)\n ) {\n throw new SelectorNotAllowed(\"executeBatch\");\n } else if (\n permission.data.functions.includes(ACCOUNT_PERFORM_CREATE_SELECTOR)\n ) {\n throw new SelectorNotAllowed(\"performCreate\");\n } else if (\n permission.data.functions.includes(\n ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR,\n )\n ) {\n throw new SelectorNotAllowed(\"executeWithRuntimeValidation\");\n }\n this.selectors = [...this.selectors, ...permission.data.functions];\n }\n\n this.permissions.push(permission);\n return this;\n }\n\n /**\n * Adds multiple permissions to the permission builder.\n *\n * @param {Permission[]} permissions - The permissions to add.\n * @returns {this} The permission builder instance.\n */\n addPermissions({ permissions }: { permissions: Permission[] }): this {\n // We could validate each permission here, but for simplicity we'll just add them\n // A better approach would be to call addPermission for each one\n permissions.forEach((permission) => {\n this.addPermission({ permission });\n });\n return this;\n }\n\n /**\n * Compiles the deferred action typed data to sign.\n *\n * @returns {Promise<{typedData: DeferredActionTypedData, fullPreSignatureDeferredActionPayload: Hex}>} The deferred action typed data and the full pre-signature deferred action payload.\n */\n async compileDeferred(): Promise<{\n typedData: DeferredActionTypedData;\n fullPreSignatureDeferredActionPayload: Hex;\n }> {\n // Add time range module hook via expiry\n if (this.deadline !== 0) {\n if (this.deadline < Date.now() / 1000) {\n throw new ExpiredDeadlineError(this.deadline, Date.now() / 1000);\n }\n if (this.deadline > maxUint48) {\n throw new DeadlineOverLimitError(this.deadline);\n }\n\n this.hooks.push(\n TimeRangeModule.buildHook(\n {\n entityId: this.validationConfig.entityId,\n validUntil: this.deadline,\n validAfter: 0,\n },\n DefaultModuleAddress.TIME_RANGE,\n ),\n );\n }\n\n const installValidationCall = await this.compileRaw();\n\n const { typedData } = await deferralActions(\n this.client,\n ).createDeferredActionTypedDataObject({\n callData: installValidationCall,\n deadline: this.deadline,\n nonce: this.nonce,\n });\n\n const preSignaturePayload = deferralActions(\n this.client,\n ).buildPreSignatureDeferredActionPayload({ typedData });\n\n // Encode additional information to build the full pre-signature payload\n const fullPreSignatureDeferredActionPayload: `0x${string}` = `0x0${\n this.hasAssociatedExecHooks ? \"1\" : \"0\"\n }${toHex(this.nonce, {\n size: 32,\n }).slice(2)}${preSignaturePayload.slice(2)}`;\n\n return {\n typedData,\n fullPreSignatureDeferredActionPayload,\n };\n }\n\n /**\n * Compiles the raw install arguments for the installValidation function.\n *\n * @returns {Promise<Hex>} The raw install arguments.\n */\n async compileRaw(): Promise<Hex> {\n const account = this.client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n // Translate all permissions into raw hooks if >0\n if (this.permissions.length > 0) {\n const rawHooks = this.translatePermissions(\n this.validationConfig.entityId,\n );\n // Add the translated permissions as hooks\n this.addHooks(rawHooks);\n }\n this.validateConfiguration();\n\n return await installValidationActions(this.client).encodeInstallValidation({\n validationConfig: this.validationConfig,\n selectors: this.selectors,\n installData: this.installData,\n hooks: this.hooks,\n account,\n });\n }\n\n /**\n * Compiles the install arguments for the installValidation function.\n *\n * @returns {Promise<InstallValidationParams>} The install arguments.\n */\n async compileInstallArgs(): Promise<InstallValidationParams> {\n const account = this.client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n this.validateConfiguration();\n\n return {\n validationConfig: this.validationConfig,\n selectors: this.selectors,\n installData: this.installData,\n hooks: this.hooks,\n account,\n };\n }\n\n private validateConfiguration(): void {\n if (\n this.validationConfig.isGlobal === false &&\n this.selectors.length === 0\n ) {\n throw new ValidationConfigUnsetError();\n }\n }\n\n // Used to translate consolidated permissions into raw unencoded hooks\n // Note entityId will be a member object later\n private translatePermissions(entityId: number): RawHooks {\n const rawHooks: RawHooks = {\n [HookIdentifier.NATIVE_TOKEN_TRANSFER]: undefined,\n [HookIdentifier.ERC20_TOKEN_TRANSFER]: undefined,\n [HookIdentifier.GAS_LIMIT]: undefined,\n [HookIdentifier.PREVAL_ALLOWLIST]: undefined,\n };\n\n this.permissions.forEach((permission) => {\n switch (permission.type) {\n case PermissionType.NATIVE_TOKEN_TRANSFER:\n // Should never be added twice, check is on addPermission(s) too\n if (rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER] !== undefined) {\n throw new MultipleNativeTokenTransferError(permission);\n }\n rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER] = {\n hookConfig: {\n address: DefaultModuleAddress.NATIVE_TOKEN_LIMIT,\n entityId,\n hookType: HookType.EXECUTION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n spendLimit: BigInt(permission.data.allowance),\n },\n };\n this.hasAssociatedExecHooks = true;\n break;\n case PermissionType.ERC20_TOKEN_TRANSFER:\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId: entityId + HALF_UINT32,\n hookType: HookType.EXECUTION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId: entityId + HALF_UINT32,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: true,\n erc20SpendLimit: BigInt(permission.data.allowance),\n selectors: [],\n },\n ],\n },\n };\n this.hasAssociatedExecHooks = true;\n // Also allow `approve` and `transfer` for the erc20\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: true,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: [ERC20_APPROVE_SELECTOR, ERC20_TRANSFER_SELECTOR], // approve, transfer\n },\n ],\n },\n };\n break;\n case PermissionType.GAS_LIMIT:\n // Should only ever be added once, check is also on addPermission(s)\n if (rawHooks[HookIdentifier.GAS_LIMIT] !== undefined) {\n throw new MultipleGasLimitError(permission);\n }\n rawHooks[HookIdentifier.GAS_LIMIT] = {\n hookConfig: {\n address: DefaultModuleAddress.NATIVE_TOKEN_LIMIT,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n spendLimit: BigInt(permission.data.limit),\n },\n };\n break;\n case PermissionType.CONTRACT_ACCESS:\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: [],\n },\n ],\n },\n };\n break;\n case PermissionType.ACCOUNT_FUNCTIONS:\n // This is handled in add permissions\n break;\n case PermissionType.FUNCTIONS_ON_ALL_CONTRACTS:\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: zeroAddress,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: permission.data.functions,\n },\n ],\n },\n };\n break;\n case PermissionType.FUNCTIONS_ON_CONTRACT:\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: true,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: permission.data.functions,\n },\n ],\n },\n };\n break;\n case PermissionType.ROOT:\n // Root permission handled in addPermission\n break;\n default:\n return assertNever(permission, \"Unexpected permission type\");\n }\n\n // isGlobal guaranteed to be false since it's only set with root permissions,\n // we must add access to execute & executeBatch if there's a preVal allowlist hook set.\n if (rawHooks[HookIdentifier.PREVAL_ALLOWLIST] !== undefined) {\n const selectorsToAdd: `0x${string}`[] = [\n ACCOUNT_EXECUTE_SELECTOR,\n ACCOUNT_EXECUTEBATCH_SELECTOR,\n ]; // execute, executeBatch\n\n // Only add the selectors if they aren't already in this.selectors\n const newSelectors = selectorsToAdd.filter(\n (selector) => !this.selectors.includes(selector),\n );\n\n this.selectors = [...this.selectors, ...newSelectors];\n }\n });\n\n return rawHooks;\n }\n\n private addHooks(rawHooks: RawHooks) {\n const ntt = rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER];\n if (ntt) {\n this.hooks.push({\n hookConfig: ntt.hookConfig,\n initData: NativeTokenLimitModule.encodeOnInstallData(ntt.initData),\n });\n }\n\n const erc20 = rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER];\n if (erc20) {\n this.hooks.push({\n hookConfig: erc20.hookConfig,\n initData: AllowlistModule.encodeOnInstallData(erc20.initData),\n });\n }\n\n const gl = rawHooks[HookIdentifier.GAS_LIMIT];\n if (gl) {\n this.hooks.push({\n hookConfig: gl.hookConfig,\n initData: NativeTokenLimitModule.encodeOnInstallData(gl.initData),\n });\n }\n\n const allowlist = rawHooks[HookIdentifier.PREVAL_ALLOWLIST];\n if (allowlist) {\n this.hooks.push({\n hookConfig: allowlist.hookConfig,\n initData: AllowlistModule.encodeOnInstallData(allowlist.initData),\n });\n }\n }\n}\n"]}
1
+ {"version":3,"file":"permissionBuilder.js","sourceRoot":"","sources":["../../../src/ma-v2/permissionBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,KAAK,EACL,WAAW,GAMZ,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,sBAAsB,EAAE,MAAM,+CAA+C,CAAC;AACvF,OAAO,EAAE,4BAA4B,EAAE,MAAM,8CAA8C,CAAC;AAC5F,OAAO,EAAE,eAAe,EAAE,MAAM,sCAAsC,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AACxE,OAAO,EAAE,QAAQ,EAA0C,MAAM,YAAY,CAAC;AAC9E,OAAO,EACL,eAAe,GAEhB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,wBAAwB,GAEzB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACpE,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,2BAA2B,EAC3B,oBAAoB,EACpB,qBAAqB,EACrB,gCAAgC,EAChC,wBAAwB,EACxB,uBAAuB,EACvB,kBAAkB,EAClB,0BAA0B,EAC1B,gBAAgB,GACjB,MAAM,sCAAsC,CAAC;AAE9C,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAE9E,uDAAuD;AACvD,MAAM,WAAW,GAAG,UAAU,CAAC;AAC/B,MAAM,sBAAsB,GAAG,YAAY,CAAC;AAC5C,MAAM,uBAAuB,GAAG,YAAY,CAAC;AAC7C,MAAM,wBAAwB,GAAG,YAAY,CAAC;AAC9C,MAAM,6BAA6B,GAAG,YAAY,CAAC;AACnD,MAAM,+BAA+B,GAAG,YAAY,CAAC;AACrD,MAAM,gDAAgD,GAAG,YAAY,CAAC;AACtE,MAAM,mCAAmC,GAAG,YAAY,CAAC;AACzD,MAAM,qCAAqC,GAAG,YAAY,CAAC;AAC3D,MAAM,kCAAkC,GAAG,YAAY,CAAC;AACxD,MAAM,oCAAoC,GAAG,YAAY,CAAC;AAC1D,MAAM,oCAAoC,GAAG,YAAY,CAAC;AAC1D,yFAAyF;AACzF,MAAM,oBAAoB,GAA2B;IACnD,CAAC,+BAA+B,CAAC,EAAE,eAAe;IAClD,CAAC,gDAAgD,CAAC,EAChD,8BAA8B;IAChC,CAAC,mCAAmC,CAAC,EAAE,mBAAmB;IAC1D,CAAC,qCAAqC,CAAC,EAAE,qBAAqB;IAC9D,CAAC,kCAAkC,CAAC,EAAE,kBAAkB;IACxD,CAAC,oCAAoC,CAAC,EAAE,oBAAoB;IAC5D,CAAC,oCAAoC,CAAC,EAAE,kBAAkB;CAC3D,CAAC;AAEF,0EAA0E;AAC1E,sFAAsF;AACtF,MAAM,wBAAwB,GAA2B;IACvD,CAAC,wBAAwB,CAAC,EAAE,SAAS;IACrC,CAAC,6BAA6B,CAAC,EAAE,cAAc;CAChD,CAAC;AAEF,SAAS,0BAA0B,CAAC,QAAa;IAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAC1C,MAAM,KAAK,GACT,oBAAoB,CAAC,UAAU,CAAC,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;IAC3E,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,MAAM,IAAI,kBAAkB,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,0BAA0B,CAAC,SAAgB;IAClD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,0BAA0B,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,qBAAqB,EAAE,uBAAuB;IAC9C,oBAAoB,EAAE,sBAAsB;IAC5C,oEAAoE;IACpE,sEAAsE;IACtE,SAAS,EAAE,WAAW;IACtB,6CAA6C;IAC7C,6CAA6C;IAC7C,eAAe,EAAE,iBAAiB;IAClC,iBAAiB,EAAE,mBAAmB;IACtC,0BAA0B,EAAE,4BAA4B;IACxD,qBAAqB,EAAE,uBAAuB;IAC9C,IAAI,EAAE,MAAM;CACJ,CAAC;AAMX;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,qBAAqB,EAAE,uBAAuB;IAC9C,oBAAoB,EAAE,sBAAsB;IAC5C,SAAS,EAAE,WAAW;IACtB,gBAAgB,EAAE,kBAAkB,EAAE,qGAAqG;CACnI,CAAC;AA8IX;;GAEG;AACH,MAAM,OAAO,iBAAiB;IAiB5B;;;;OAIG;IACH,YAAY,EACV,MAAM,EACN,GAAG,EACH,QAAQ,EACR,KAAK,EACL,SAAS,EACT,KAAK,EACL,QAAQ,GAST;QArCO;;;;;WAA+C;QAC/C;;;;mBAAqC;gBAC3C,aAAa,EAAE,WAAW;gBAC1B,QAAQ,EAAE,CAAC,EAAE,SAAS;gBACtB,QAAQ,EAAE,KAAK;gBACf,qBAAqB,EAAE,KAAK;gBAC5B,kBAAkB,EAAE,KAAK;aAC1B;WAAC;QACM;;;;mBAAmB,EAAE;WAAC;QACtB;;;;mBAAmB,IAAI;WAAC;QACxB;;;;mBAA4B,EAAE;WAAC;QAC/B;;;;mBAAgB,EAAE;WAAC;QACnB;;;;mBAAgB,EAAE;WAAC;QACnB;;;;mBAAkC,KAAK;WAAC;QACxC;;;;mBAAmB,CAAC;WAAC;QAwB3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,gBAAgB,GAAG;YACtB,aAAa,EAAE,oBAAoB,CAAC,wBAAwB;YAC5D,QAAQ;YACR,kBAAkB,EAAE,IAAI;YACxB,QAAQ,EAAE,KAAK;YACf,qBAAqB,EAAE,KAAK;SAC7B,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,4BAA4B,CAAC,mBAAmB,CAAC;YAClE,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,GAAG,CAAC,SAAS;SACtB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,SAAS,EAAE,CAAC;YACd,0BAA0B,CAAC,SAAS,CAAC,CAAC;YACtC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC7B,CAAC;QACD,IAAI,KAAK;YAAE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QAC9B,IAAI,QAAQ;YAAE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACH,WAAW,CAAC,EAAE,QAAQ,EAAqB;QACzC,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACH,aAAa,CAAC,EAAE,UAAU,EAA8B;QACtD,qEAAqE;QACrE,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,MAAM,IAAI,uBAAuB,CAAC,UAAU,CAAC,CAAC;YAChD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAClC,uBAAuB;YACvB,IAAI,CAAC,gBAAgB,CAAC,QAAQ,GAAG,IAAI,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,8FAA8F;QAC9F,iDAAiD;QACjD,sGAAsG;QACtG,6CAA6C;QAC7C,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACjE,MAAM,IAAI,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC;QAED,iIAAiI;QACjI,IACE,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;YAClD,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,qBAAqB,EACxD,CAAC;YACD,8GAA8G;YAC9G,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC5D,MAAM,IAAI,2BAA2B,CAAC,UAAU,CAAC,CAAC;YACpD,CAAC;YAED,oFAAoF;YACpF,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC;YAC9C,MAAM,iCAAiC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAC7D,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,eAAe;gBACxC,SAAS,IAAI,CAAC,CAAC,IAAI;gBACnB,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,aAAa,CAAC;gBACnC,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,qBAAqB;oBAC9C,SAAS,IAAI,CAAC,CAAC,IAAI;oBACnB,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,aAAa,CAAC,CACtC,CAAC;YAEF,IAAI,iCAAiC,EAAE,CAAC;gBACtC,MAAM,IAAI,2BAA2B,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,UAAU,CAAC,IAAI,KAAK,cAAc,CAAC,iBAAiB,EAAE,CAAC;YACzD,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACjD,CAAC;YACD,0BAA0B,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACtD,IAAI,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACH,cAAc,CAAC,EAAE,WAAW,EAAiC;QAC3D,iFAAiF;QACjF,gEAAgE;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACjC,IAAI,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe;QAInB,wCAAwC;QACxC,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;YACxB,IAAI,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;gBACtC,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,GAAG,SAAS,EAAE,CAAC;gBAC9B,MAAM,IAAI,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClD,CAAC;YAED,IAAI,CAAC,KAAK,CAAC,IAAI,CACb,eAAe,CAAC,SAAS,CACvB;gBACE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACxC,UAAU,EAAE,IAAI,CAAC,QAAQ;gBACzB,UAAU,EAAE,CAAC;aACd,EACD,oBAAoB,CAAC,UAAU,CAChC,CACF,CAAC;QACJ,CAAC;QAED,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAEtD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CACzC,IAAI,CAAC,MAAM,CACZ,CAAC,mCAAmC,CAAC;YACpC,QAAQ,EAAE,qBAAqB;YAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,MAAM,mBAAmB,GAAG,eAAe,CACzC,IAAI,CAAC,MAAM,CACZ,CAAC,sCAAsC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;QAExD,wEAAwE;QACxE,MAAM,qCAAqC,GAAkB,MAC3D,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GACtC,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YACnB,IAAI,EAAE,EAAE;SACT,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAE7C,OAAO;YACL,SAAS;YACT,qCAAqC;SACtC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;QACpC,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,iDAAiD;QACjD,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CACxC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAC/B,CAAC;YACF,0CAA0C;YAC1C,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC;QACD,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAE7B,OAAO,MAAM,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,uBAAuB,CAAC;YACzE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB;QACtB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;QACpC,IAAI,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAE7B,OAAO;YACL,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,OAAO;SACR,CAAC;IACJ,CAAC;IAEO,qBAAqB;QAC3B,IACE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,KAAK,KAAK;YACxC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAC3B,CAAC;YACD,MAAM,IAAI,0BAA0B,EAAE,CAAC;QACzC,CAAC;IACH,CAAC;IAED,sEAAsE;IACtE,8CAA8C;IACtC,oBAAoB,CAAC,QAAgB;QAC3C,MAAM,QAAQ,GAAa;YACzB,CAAC,cAAc,CAAC,qBAAqB,CAAC,EAAE,SAAS;YACjD,CAAC,cAAc,CAAC,oBAAoB,CAAC,EAAE,SAAS;YAChD,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,SAAS;YACrC,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,SAAS;SAC7C,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACtC,QAAQ,UAAU,CAAC,IAAI,EAAE,CAAC;gBACxB,KAAK,cAAc,CAAC,qBAAqB;oBACvC,gEAAgE;oBAChE,IAAI,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,KAAK,SAAS,EAAE,CAAC;wBACjE,MAAM,IAAI,gCAAgC,CAAC,UAAU,CAAC,CAAC;oBACzD,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,GAAG;wBAC/C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,kBAAkB;4BAChD,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,SAAS;4BAC5B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;yBAC9C;qBACF,CAAC;oBACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;oBACnC,MAAM;gBACR,KAAK,cAAc,CAAC,oBAAoB;oBACtC,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,GAAG;wBAC9C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ,EAAE,QAAQ,GAAG,WAAW;4BAChC,QAAQ,EAAE,QAAQ,CAAC,SAAS;4BAC5B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ,EAAE,QAAQ,GAAG,WAAW;4BAChC,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,EAAE,QAAQ;qCACxD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,IAAI;oCACxB,eAAe,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;oCAClD,SAAS,EAAE,EAAE;iCACd;6BACF;yBACF;qBACF,CAAC;oBACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;oBACnC,oDAAoD;oBACpD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,IAAI;oCAC1B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,CAAC,sBAAsB,EAAE,uBAAuB,CAAC,EAAE,oBAAoB;iCACnF;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,SAAS;oBAC3B,oEAAoE;oBACpE,IAAI,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,KAAK,SAAS,EAAE,CAAC;wBACrD,MAAM,IAAI,qBAAqB,CAAC,UAAU,CAAC,CAAC;oBAC9C,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;wBACnC,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,kBAAkB;4BAChD,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;yBAC1C;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,eAAe;oBACjC,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,EAAE;iCACd;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,iBAAiB;oBACnC,qCAAqC;oBACrC,MAAM;gBACR,KAAK,cAAc,CAAC,0BAA0B;oBAC5C,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;oBACjD,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,WAAW;oCACnB,oBAAoB,EAAE,KAAK;oCAC3B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;iCACrC;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,qBAAqB;oBACvC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC3C,MAAM,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;oBACjD,CAAC;oBACD,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;wBAC5C,MAAM,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;oBACD,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;wBAC1C,UAAU,EAAE;4BACV,OAAO,EAAE,oBAAoB,CAAC,SAAS;4BACvC,QAAQ;4BACR,QAAQ,EAAE,QAAQ,CAAC,UAAU;4BAC7B,WAAW,EAAE,IAAI;4BACjB,YAAY,EAAE,KAAK;yBACpB;wBACD,QAAQ,EAAE;4BACR,QAAQ;4BACR,MAAM,EAAE;gCACN,oCAAoC;gCACpC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,QAAQ;qCACpD,MAAM,IAAI,EAAE,CAAC;gCAChB;oCACE,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,OAAO;oCAC/B,oBAAoB,EAAE,IAAI;oCAC1B,kBAAkB,EAAE,KAAK;oCACzB,eAAe,EAAE,EAAE;oCACnB,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;iCACrC;6BACF;yBACF;qBACF,CAAC;oBACF,MAAM;gBACR,KAAK,cAAc,CAAC,IAAI;oBACtB,2CAA2C;oBAC3C,MAAM;gBACR;oBACE,OAAO,WAAW,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAC;YACjE,CAAC;YAED,6EAA6E;YAC7E,uFAAuF;YACvF,IAAI,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC5D,MAAM,cAAc,GAAoB;oBACtC,wBAAwB;oBACxB,6BAA6B;iBAC9B,CAAC,CAAC,wBAAwB;gBAE3B,kEAAkE;gBAClE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CACxC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACjD,CAAC;gBAEF,IAAI,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,YAAY,CAAC,CAAC;YACxD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,QAAQ,CAAC,QAAkB;QACjC,MAAM,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC;QAC3D,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,QAAQ,EAAE,sBAAsB,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC;aACnE,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,cAAc,CAAC,oBAAoB,CAAC,CAAC;QAC5D,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,QAAQ,EAAE,eAAe,CAAC,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,EAAE,GAAG,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,EAAE,CAAC,UAAU;gBACzB,QAAQ,EAAE,sBAAsB,CAAC,mBAAmB,CAAC,EAAE,CAAC,QAAQ,CAAC;aAClE,CAAC,CAAC;QACL,CAAC;QAED,MAAM,SAAS,GAAG,QAAQ,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC5D,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBACd,UAAU,EAAE,SAAS,CAAC,UAAU;gBAChC,QAAQ,EAAE,eAAe,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;CACF","sourcesContent":["import {\n maxUint48,\n toHex,\n zeroAddress,\n type Address,\n type Chain,\n type Client,\n type Hex,\n type Transport,\n} from \"viem\";\nimport { NativeTokenLimitModule } from \"./modules/native-token-limit-module/module.js\";\nimport { SingleSignerValidationModule } from \"./modules/single-signer-validation/module.js\";\nimport { AllowlistModule } from \"./modules/allowlist-module/module.js\";\nimport { TimeRangeModule } from \"./modules/time-range-module/module.js\";\nimport { HookType, type HookConfig, type ValidationConfig } from \"./types.js\";\nimport {\n deferralActions,\n type DeferredActionTypedData,\n} from \"./decorators/deferralActions.js\";\nimport {\n installValidationActions,\n type InstallValidationParams,\n} from \"./decorators/installValidation.js\";\nimport { assertNever, AccountNotFoundError } from \"@alchemy/common\";\nimport {\n AccountAddressAsTargetError,\n DeadlineOverLimitError,\n DuplicateTargetAddressError,\n ExpiredDeadlineError,\n MultipleGasLimitError,\n MultipleNativeTokenTransferError,\n NoFunctionsProvidedError,\n RootPermissionOnlyError,\n SelectorNotAllowed,\n ValidationConfigUnsetError,\n ZeroAddressError,\n} from \"../errors/permissionBuilderErrors.js\";\nimport type { SmartAccount } from \"viem/account-abstraction\";\nimport { DefaultModuleAddress, isModularAccountV2 } from \"./utils/account.js\";\n\n// We use this to offset the ERC20 spend limit entityId\nconst HALF_UINT32 = 2147483647;\nconst ERC20_APPROVE_SELECTOR = \"0x095ea7b3\";\nconst ERC20_TRANSFER_SELECTOR = \"0xa9059cbb\";\nconst ACCOUNT_EXECUTE_SELECTOR = \"0xb61d27f6\";\nconst ACCOUNT_EXECUTEBATCH_SELECTOR = \"0x34fcd5be\";\nconst ACCOUNT_PERFORM_CREATE_SELECTOR = \"0x5998db5c\";\nconst ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR = \"0xf2680c0f\";\nconst ACCOUNT_INSTALL_VALIDATION_SELECTOR = \"0x1bbf564c\";\nconst ACCOUNT_UNINSTALL_VALIDATION_SELECTOR = \"0xb6b1ccfe\";\nconst ACCOUNT_INSTALL_EXECUTION_SELECTOR = \"0x1d37e7d6\";\nconst ACCOUNT_UNINSTALL_EXECUTION_SELECTOR = \"0x0b7cad71\";\nconst ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR = \"0x4f1ef286\";\n// Wrapped native functions that must not be added to a session key's selector allowlist.\nconst PRIVILEGED_SELECTORS: Record<string, string> = {\n [ACCOUNT_PERFORM_CREATE_SELECTOR]: \"performCreate\",\n [ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR]:\n \"executeWithRuntimeValidation\",\n [ACCOUNT_INSTALL_VALIDATION_SELECTOR]: \"installValidation\",\n [ACCOUNT_UNINSTALL_VALIDATION_SELECTOR]: \"uninstallValidation\",\n [ACCOUNT_INSTALL_EXECUTION_SELECTOR]: \"installExecution\",\n [ACCOUNT_UNINSTALL_EXECUTION_SELECTOR]: \"uninstallExecution\",\n [ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR]: \"upgradeToAndCall\",\n};\n\n// Auto-added by translatePermissions when a PREVAL_ALLOWLIST hook exists.\n// Blocked from manual addition to ensure they're only added with proper hook context.\nconst SYSTEM_MANAGED_SELECTORS: Record<string, string> = {\n [ACCOUNT_EXECUTE_SELECTOR]: \"execute\",\n [ACCOUNT_EXECUTEBATCH_SELECTOR]: \"executeBatch\",\n};\n\nfunction assertNotForbiddenSelector(selector: Hex): void {\n const normalized = selector.toLowerCase();\n const match =\n PRIVILEGED_SELECTORS[normalized] ?? SYSTEM_MANAGED_SELECTORS[normalized];\n if (match != null) {\n throw new SelectorNotAllowed(match);\n }\n}\n\nfunction assertNoForbiddenSelectors(selectors: Hex[]): void {\n for (const selector of selectors) {\n assertNotForbiddenSelector(selector);\n }\n}\n\n/**\n * A pseudo-enum for permission types.\n */\nexport const PermissionType = {\n NATIVE_TOKEN_TRANSFER: \"native-token-transfer\",\n ERC20_TOKEN_TRANSFER: \"erc20-token-transfer\",\n // ERC721_TOKEN_TRANSFER : \"erc721-token-transfer\", // Unimplemented\n // ERC1155_TOKEN_TRANSFER : \"erc1155-token-transfer\", // Unimplemented\n GAS_LIMIT: \"gas-limit\",\n // CALL_LIMIT : \"call-limit\", //Unimplemented\n // RATE_LIMIT : \"rate-limit\", //Unimplemented\n CONTRACT_ACCESS: \"contract-access\",\n ACCOUNT_FUNCTIONS: \"account-functions\",\n FUNCTIONS_ON_ALL_CONTRACTS: \"functions-on-all-contracts\",\n FUNCTIONS_ON_CONTRACT: \"functions-on-contract\",\n ROOT: \"root\",\n} as const;\n\n// eslint-disable-next-line @typescript-eslint/no-redeclare\nexport type PermissionType =\n (typeof PermissionType)[keyof typeof PermissionType];\n\n/**\n * A pseudo-enum for hook identifiers.\n */\nexport const HookIdentifier = {\n NATIVE_TOKEN_TRANSFER: \"native-token-transfer\",\n ERC20_TOKEN_TRANSFER: \"erc20-token-transfer\",\n GAS_LIMIT: \"gas-limit\",\n PREVAL_ALLOWLIST: \"preval-allowlist\", // aggregate of CONTRACT_ACCESS, ACCOUNT_FUNCTIONS, FUNCTIONS_ON_ALL_CONTRACTS, FUNCTIONS_ON_CONTRACT\n} as const;\n\n// eslint-disable-next-line @typescript-eslint/no-redeclare\nexport type HookIdentifier =\n (typeof HookIdentifier)[keyof typeof HookIdentifier];\n\ntype PreExecutionHookConfig = {\n address: Address;\n entityId: number;\n hookType: typeof HookType.EXECUTION;\n hasPreHooks: true;\n hasPostHooks: false;\n};\n\ntype PreValidationHookConfig = {\n address: Address;\n entityId: number;\n hookType: typeof HookType.VALIDATION;\n hasPreHooks: true;\n hasPostHooks: false;\n};\n\ntype RawHooks = {\n [HookIdentifier.NATIVE_TOKEN_TRANSFER]:\n | {\n hookConfig: PreExecutionHookConfig;\n initData: {\n entityId: number;\n spendLimit: bigint;\n };\n }\n | undefined;\n [HookIdentifier.ERC20_TOKEN_TRANSFER]:\n | {\n hookConfig: PreExecutionHookConfig;\n initData: {\n entityId: number;\n inputs: Array<{\n target: Address;\n hasSelectorAllowlist: boolean;\n hasERC20SpendLimit: boolean;\n erc20SpendLimit: bigint;\n selectors: Array<Hex>;\n }>;\n };\n }\n | undefined;\n [HookIdentifier.GAS_LIMIT]:\n | {\n hookConfig: PreValidationHookConfig;\n initData: {\n entityId: number;\n spendLimit: bigint;\n };\n }\n | undefined;\n [HookIdentifier.PREVAL_ALLOWLIST]:\n | {\n hookConfig: PreValidationHookConfig;\n\n initData: {\n entityId: number;\n inputs: Array<{\n target: Address;\n hasSelectorAllowlist: boolean;\n hasERC20SpendLimit: boolean;\n erc20SpendLimit: bigint;\n selectors: Array<Hex>;\n }>;\n };\n }\n | undefined;\n};\n\ntype Key = {\n publicKey: Hex;\n type: \"secp256k1\" | \"contract\";\n};\n\nexport type Permission =\n | {\n // this permission allows transfer of native tokens from the account\n type: typeof PermissionType.NATIVE_TOKEN_TRANSFER;\n data: {\n allowance: Hex;\n };\n }\n | {\n // this permission allows transfer or approval of erc20 tokens from the account\n type: typeof PermissionType.ERC20_TOKEN_TRANSFER;\n data: {\n address: Address; // erc20 token contract address\n allowance: Hex;\n };\n }\n | {\n // this permissions allows the key to spend gas for UOs\n type: typeof PermissionType.GAS_LIMIT;\n data: {\n limit: Hex;\n };\n }\n | {\n // this permission grants access to all functions in a contract\n type: typeof PermissionType.CONTRACT_ACCESS;\n data: {\n address: Address;\n };\n }\n | {\n // this permission grants access to functions in the account\n type: typeof PermissionType.ACCOUNT_FUNCTIONS;\n data: {\n functions: Hex[]; // function signatures\n };\n }\n | {\n // this permission grants access to a function selector in any address or contract\n type: typeof PermissionType.FUNCTIONS_ON_ALL_CONTRACTS;\n data: {\n functions: Hex[]; // function signatures\n };\n }\n | {\n // this permission grants access to specified functions on a specific contract\n type: typeof PermissionType.FUNCTIONS_ON_CONTRACT;\n data: {\n address: Address;\n functions: Hex[];\n };\n }\n | {\n // this permission grants full access to everything\n type: typeof PermissionType.ROOT;\n data?: never;\n };\n\ntype Hook = {\n hookConfig: HookConfig;\n initData: Hex;\n};\n\n/**\n * A builder for constructing a Permission object.\n */\nexport class PermissionBuilder {\n private client: Client<Transport, Chain, SmartAccount>;\n private validationConfig: ValidationConfig = {\n moduleAddress: zeroAddress,\n entityId: 0, // uint32\n isGlobal: false,\n isSignatureValidation: false,\n isUserOpValidation: false,\n };\n private selectors: Hex[] = [];\n private installData: Hex = \"0x\";\n private permissions: Permission[] = [];\n private hooks: Hook[] = [];\n private nonce: bigint = 0n;\n private hasAssociatedExecHooks: boolean = false;\n private deadline: number = 0;\n\n /**\n * Creates a PermissionBuilder instance.\n *\n * @param {PermissionBuilderParams} params - The parameters for creating a PermissionBuilder instance.\n */\n constructor({\n client,\n key,\n entityId,\n nonce,\n selectors,\n hooks,\n deadline,\n }: {\n client: Client<Transport, Chain, SmartAccount>;\n key: Key;\n entityId: number;\n nonce: bigint;\n selectors?: Hex[];\n hooks?: Hook[];\n deadline?: number;\n }) {\n const account = client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n this.client = client;\n this.validationConfig = {\n moduleAddress: DefaultModuleAddress.SINGLE_SIGNER_VALIDATION,\n entityId,\n isUserOpValidation: true,\n isGlobal: false,\n isSignatureValidation: false,\n };\n this.installData = SingleSignerValidationModule.encodeOnInstallData({\n entityId: entityId,\n signer: key.publicKey,\n });\n this.nonce = nonce;\n if (selectors) {\n assertNoForbiddenSelectors(selectors);\n this.selectors = selectors;\n }\n if (hooks) this.hooks = hooks;\n if (deadline) this.deadline = deadline;\n }\n\n /**\n * Adds a selector to the permission builder.\n *\n * @param {Hex} selector - The selector to add.\n * @returns {this} The permission builder instance.\n */\n addSelector({ selector }: { selector: Hex }): this {\n assertNotForbiddenSelector(selector);\n this.selectors.push(selector);\n return this;\n }\n\n /**\n * Adds a permission to the permission builder.\n *\n * @param {Permission} permission - The permission to add.\n * @returns {this} The permission builder instance.\n */\n addPermission({ permission }: { permission: Permission }): this {\n // Check 1: If we're adding root, we can't have any other permissions\n if (permission.type === PermissionType.ROOT) {\n if (this.permissions.length !== 0) {\n throw new RootPermissionOnlyError(permission);\n }\n this.permissions.push(permission);\n // Set isGlobal to true\n this.validationConfig.isGlobal = true;\n return this;\n }\n\n // Check 2: If the permission is NOT ROOT (guaranteed), ensure there is no ROOT permission set\n // Will resolve to undefined if ROOT is not found\n // NOTE: Technically this could be replaced by checking permissions[0] since it should not be possible\n // to have >1 permission with root among them\n if (this.permissions.find((p) => p.type === PermissionType.ROOT)) {\n throw new RootPermissionOnlyError(permission);\n }\n\n // Check 3: If the permission is either CONTRACT_ACCESS or FUNCTIONS_ON_CONTRACT, ensure it doesn't collide with another like it.\n if (\n permission.type === PermissionType.CONTRACT_ACCESS ||\n permission.type === PermissionType.FUNCTIONS_ON_CONTRACT\n ) {\n // Check 3.1: address must not be the account address, or the user should use the ACCOUNT_FUNCTIONS permission\n if (permission.data.address === this.client.account.address) {\n throw new AccountAddressAsTargetError(permission);\n }\n\n // Check 3.2: there must not be an existing permission with this address as a target\n const targetAddress = permission.data.address;\n const existingPermissionWithSameAddress = this.permissions.find(\n (p) =>\n (p.type === PermissionType.CONTRACT_ACCESS &&\n \"address\" in p.data &&\n p.data.address === targetAddress) ||\n (p.type === PermissionType.FUNCTIONS_ON_CONTRACT &&\n \"address\" in p.data &&\n p.data.address === targetAddress),\n );\n\n if (existingPermissionWithSameAddress) {\n throw new DuplicateTargetAddressError(permission, targetAddress);\n }\n }\n\n // Check 4: If the permission is ACCOUNT_FUNCTIONS, add selectors\n if (permission.type === PermissionType.ACCOUNT_FUNCTIONS) {\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n assertNoForbiddenSelectors(permission.data.functions);\n this.selectors = [...this.selectors, ...permission.data.functions];\n }\n\n this.permissions.push(permission);\n return this;\n }\n\n /**\n * Adds multiple permissions to the permission builder.\n *\n * @param {Permission[]} permissions - The permissions to add.\n * @returns {this} The permission builder instance.\n */\n addPermissions({ permissions }: { permissions: Permission[] }): this {\n // We could validate each permission here, but for simplicity we'll just add them\n // A better approach would be to call addPermission for each one\n permissions.forEach((permission) => {\n this.addPermission({ permission });\n });\n return this;\n }\n\n /**\n * Compiles the deferred action typed data to sign.\n *\n * @returns {Promise<{typedData: DeferredActionTypedData, fullPreSignatureDeferredActionPayload: Hex}>} The deferred action typed data and the full pre-signature deferred action payload.\n */\n async compileDeferred(): Promise<{\n typedData: DeferredActionTypedData;\n fullPreSignatureDeferredActionPayload: Hex;\n }> {\n // Add time range module hook via expiry\n if (this.deadline !== 0) {\n if (this.deadline < Date.now() / 1000) {\n throw new ExpiredDeadlineError(this.deadline, Date.now() / 1000);\n }\n if (this.deadline > maxUint48) {\n throw new DeadlineOverLimitError(this.deadline);\n }\n\n this.hooks.push(\n TimeRangeModule.buildHook(\n {\n entityId: this.validationConfig.entityId,\n validUntil: this.deadline,\n validAfter: 0,\n },\n DefaultModuleAddress.TIME_RANGE,\n ),\n );\n }\n\n const installValidationCall = await this.compileRaw();\n\n const { typedData } = await deferralActions(\n this.client,\n ).createDeferredActionTypedDataObject({\n callData: installValidationCall,\n deadline: this.deadline,\n nonce: this.nonce,\n });\n\n const preSignaturePayload = deferralActions(\n this.client,\n ).buildPreSignatureDeferredActionPayload({ typedData });\n\n // Encode additional information to build the full pre-signature payload\n const fullPreSignatureDeferredActionPayload: `0x${string}` = `0x0${\n this.hasAssociatedExecHooks ? \"1\" : \"0\"\n }${toHex(this.nonce, {\n size: 32,\n }).slice(2)}${preSignaturePayload.slice(2)}`;\n\n return {\n typedData,\n fullPreSignatureDeferredActionPayload,\n };\n }\n\n /**\n * Compiles the raw install arguments for the installValidation function.\n *\n * @returns {Promise<Hex>} The raw install arguments.\n */\n async compileRaw(): Promise<Hex> {\n const account = this.client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n // Translate all permissions into raw hooks if >0\n if (this.permissions.length > 0) {\n const rawHooks = this.translatePermissions(\n this.validationConfig.entityId,\n );\n // Add the translated permissions as hooks\n this.addHooks(rawHooks);\n }\n this.validateConfiguration();\n\n return await installValidationActions(this.client).encodeInstallValidation({\n validationConfig: this.validationConfig,\n selectors: this.selectors,\n installData: this.installData,\n hooks: this.hooks,\n account,\n });\n }\n\n /**\n * Compiles the install arguments for the installValidation function.\n *\n * @returns {Promise<InstallValidationParams>} The install arguments.\n */\n async compileInstallArgs(): Promise<InstallValidationParams> {\n const account = this.client.account;\n if (!account || !isModularAccountV2(account)) {\n throw new AccountNotFoundError();\n }\n\n this.validateConfiguration();\n\n return {\n validationConfig: this.validationConfig,\n selectors: this.selectors,\n installData: this.installData,\n hooks: this.hooks,\n account,\n };\n }\n\n private validateConfiguration(): void {\n if (\n this.validationConfig.isGlobal === false &&\n this.selectors.length === 0\n ) {\n throw new ValidationConfigUnsetError();\n }\n }\n\n // Used to translate consolidated permissions into raw unencoded hooks\n // Note entityId will be a member object later\n private translatePermissions(entityId: number): RawHooks {\n const rawHooks: RawHooks = {\n [HookIdentifier.NATIVE_TOKEN_TRANSFER]: undefined,\n [HookIdentifier.ERC20_TOKEN_TRANSFER]: undefined,\n [HookIdentifier.GAS_LIMIT]: undefined,\n [HookIdentifier.PREVAL_ALLOWLIST]: undefined,\n };\n\n this.permissions.forEach((permission) => {\n switch (permission.type) {\n case PermissionType.NATIVE_TOKEN_TRANSFER:\n // Should never be added twice, check is on addPermission(s) too\n if (rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER] !== undefined) {\n throw new MultipleNativeTokenTransferError(permission);\n }\n rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER] = {\n hookConfig: {\n address: DefaultModuleAddress.NATIVE_TOKEN_LIMIT,\n entityId,\n hookType: HookType.EXECUTION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n spendLimit: BigInt(permission.data.allowance),\n },\n };\n this.hasAssociatedExecHooks = true;\n break;\n case PermissionType.ERC20_TOKEN_TRANSFER:\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId: entityId + HALF_UINT32,\n hookType: HookType.EXECUTION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId: entityId + HALF_UINT32,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: true,\n erc20SpendLimit: BigInt(permission.data.allowance),\n selectors: [],\n },\n ],\n },\n };\n this.hasAssociatedExecHooks = true;\n // Also allow `approve` and `transfer` for the erc20\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: true,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: [ERC20_APPROVE_SELECTOR, ERC20_TRANSFER_SELECTOR], // approve, transfer\n },\n ],\n },\n };\n break;\n case PermissionType.GAS_LIMIT:\n // Should only ever be added once, check is also on addPermission(s)\n if (rawHooks[HookIdentifier.GAS_LIMIT] !== undefined) {\n throw new MultipleGasLimitError(permission);\n }\n rawHooks[HookIdentifier.GAS_LIMIT] = {\n hookConfig: {\n address: DefaultModuleAddress.NATIVE_TOKEN_LIMIT,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n spendLimit: BigInt(permission.data.limit),\n },\n };\n break;\n case PermissionType.CONTRACT_ACCESS:\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: [],\n },\n ],\n },\n };\n break;\n case PermissionType.ACCOUNT_FUNCTIONS:\n // This is handled in add permissions\n break;\n case PermissionType.FUNCTIONS_ON_ALL_CONTRACTS:\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: zeroAddress,\n hasSelectorAllowlist: false,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: permission.data.functions,\n },\n ],\n },\n };\n break;\n case PermissionType.FUNCTIONS_ON_CONTRACT:\n if (permission.data.functions.length === 0) {\n throw new NoFunctionsProvidedError(permission);\n }\n if (permission.data.address === zeroAddress) {\n throw new ZeroAddressError(permission);\n }\n rawHooks[HookIdentifier.PREVAL_ALLOWLIST] = {\n hookConfig: {\n address: DefaultModuleAddress.ALLOWLIST,\n entityId,\n hookType: HookType.VALIDATION,\n hasPreHooks: true,\n hasPostHooks: false,\n },\n initData: {\n entityId,\n inputs: [\n // Add previous inputs if they exist\n ...(rawHooks[HookIdentifier.PREVAL_ALLOWLIST]?.initData\n .inputs || []),\n {\n target: permission.data.address,\n hasSelectorAllowlist: true,\n hasERC20SpendLimit: false,\n erc20SpendLimit: 0n,\n selectors: permission.data.functions,\n },\n ],\n },\n };\n break;\n case PermissionType.ROOT:\n // Root permission handled in addPermission\n break;\n default:\n return assertNever(permission, \"Unexpected permission type\");\n }\n\n // isGlobal guaranteed to be false since it's only set with root permissions,\n // we must add access to execute & executeBatch if there's a preVal allowlist hook set.\n if (rawHooks[HookIdentifier.PREVAL_ALLOWLIST] !== undefined) {\n const selectorsToAdd: `0x${string}`[] = [\n ACCOUNT_EXECUTE_SELECTOR,\n ACCOUNT_EXECUTEBATCH_SELECTOR,\n ]; // execute, executeBatch\n\n // Only add the selectors if they aren't already in this.selectors\n const newSelectors = selectorsToAdd.filter(\n (selector) => !this.selectors.includes(selector),\n );\n\n this.selectors = [...this.selectors, ...newSelectors];\n }\n });\n\n return rawHooks;\n }\n\n private addHooks(rawHooks: RawHooks) {\n const ntt = rawHooks[HookIdentifier.NATIVE_TOKEN_TRANSFER];\n if (ntt) {\n this.hooks.push({\n hookConfig: ntt.hookConfig,\n initData: NativeTokenLimitModule.encodeOnInstallData(ntt.initData),\n });\n }\n\n const erc20 = rawHooks[HookIdentifier.ERC20_TOKEN_TRANSFER];\n if (erc20) {\n this.hooks.push({\n hookConfig: erc20.hookConfig,\n initData: AllowlistModule.encodeOnInstallData(erc20.initData),\n });\n }\n\n const gl = rawHooks[HookIdentifier.GAS_LIMIT];\n if (gl) {\n this.hooks.push({\n hookConfig: gl.hookConfig,\n initData: NativeTokenLimitModule.encodeOnInstallData(gl.initData),\n });\n }\n\n const allowlist = rawHooks[HookIdentifier.PREVAL_ALLOWLIST];\n if (allowlist) {\n this.hooks.push({\n hookConfig: allowlist.hookConfig,\n initData: AllowlistModule.encodeOnInstallData(allowlist.initData),\n });\n }\n }\n}\n"]}
package/dist/esm/version.d.ts CHANGED
@@ -1 +1 @@
1
- export declare const VERSION = "5.0.0-beta.25";
1
+ export declare const VERSION = "5.0.0-beta.26";
package/dist/esm/version.js CHANGED
@@ -1,4 +1,4 @@
1
1
  // This file is autogenerated by inject-version.ts. Any changes will be
2
2
  // overwritten on commit!
3
- export const VERSION = "5.0.0-beta.25";
3
+ export const VERSION = "5.0.0-beta.26";
4
4
  //# sourceMappingURL=version.js.map
package/dist/esm/version.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,yBAAyB;AACzB,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC","sourcesContent":["// This file is autogenerated by inject-version.ts. Any changes will be\n// overwritten on commit!\nexport const VERSION = \"5.0.0-beta.25\";\n"]}
1
+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,yBAAyB;AACzB,MAAM,CAAC,MAAM,OAAO,GAAG,eAAe,CAAC","sourcesContent":["// This file is autogenerated by inject-version.ts. Any changes will be\n// overwritten on commit!\nexport const VERSION = \"5.0.0-beta.26\";\n"]}
package/dist/types/ma-v2/permissionBuilder.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"permissionBuilder.d.ts","sourceRoot":"","sources":["../../../src/ma-v2/permissionBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,OAAO,EACZ,KAAK,KAAK,EACV,KAAK,MAAM,EACX,KAAK,GAAG,EACR,KAAK,SAAS,EACf,MAAM,MAAM,CAAC;AAKd,OAAO,EAAY,KAAK,UAAU,EAAyB,MAAM,YAAY,CAAC;AAC9E,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,mCAAmC,CAAC;AAe3C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAY7D;;GAEG;AACH,eAAO,MAAM,cAAc;;;;;;;;;CAajB,CAAC;AAGX,MAAM,MAAM,cAAc,GACxB,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAEvD;;GAEG;AACH,eAAO,MAAM,cAAc;;;;;CAKjB,CAAC;AAGX,MAAM,MAAM,cAAc,GACxB,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAsEvD,KAAK,GAAG,GAAG;IACT,SAAS,EAAE,GAAG,CAAC;IACf,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,UAAU,GAClB;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,qBAAqB,CAAC;IAClD,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,CAAC;KAChB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,oBAAoB,CAAC;IACjD,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,GAAG,CAAC;KAChB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,SAAS,CAAC;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,GAAG,CAAC;KACZ,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,eAAe,CAAC;IAC5C,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,iBAAiB,CAAC;IAC9C,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,0BAA0B,CAAC;IACvD,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,qBAAqB,CAAC;IAClD,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,IAAI,CAAC;IACjC,IAAI,CAAC,EAAE,KAAK,CAAC;CACd,CAAC;AAEN,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,UAAU,CAAC;IACvB,QAAQ,EAAE,GAAG,CAAC;CACf,CAAC;AAEF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,gBAAgB,CAMtB;IACF,OAAO,CAAC,SAAS,CAAa;IAC9B,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,sBAAsB,CAAkB;IAChD,OAAO,CAAC,QAAQ,CAAa;IAE7B;;;;OAIG;gBACS,EACV,MAAM,EACN,GAAG,EACH,QAAQ,EACR,KAAK,EACL,SAAS,EACT,KAAK,EACL,QAAQ,GACT,EAAE;QACD,MAAM,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;QAC/C,GAAG,EAAE,GAAG,CAAC;QACT,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC;QACf,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IAwBD;;;;;OAKG;IACH,WAAW,CAAC,EAAE,QAAQ,EAAE,EAAE;QAAE,QAAQ,EAAE,GAAG,CAAA;KAAE,GAAG,IAAI;IAWlD;;;;;OAKG;IACH,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE;QAAE,UAAU,EAAE,UAAU,CAAA;KAAE,GAAG,IAAI;IA6E/D;;;;;OAKG;IACH,cAAc,CAAC,EAAE,WAAW,EAAE,EAAE;QAAE,WAAW,EAAE,UAAU,EAAE,CAAA;KAAE,GAAG,IAAI;IASpE;;;;OAIG;IACG,eAAe,IAAI,OAAO,CAAC;QAC/B,SAAS,EAAE,uBAAuB,CAAC;QACnC,qCAAqC,EAAE,GAAG,CAAC;KAC5C,CAAC;IAiDF;;;;OAIG;IACG,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC;IAyBhC;;;;OAIG;IACG,kBAAkB,IAAI,OAAO,CAAC,uBAAuB,CAAC;IAiB5D,OAAO,CAAC,qBAAqB;IAW7B,OAAO,CAAC,oBAAoB;IAgO5B,OAAO,CAAC,QAAQ;CAiCjB"}
1
+ {"version":3,"file":"permissionBuilder.d.ts","sourceRoot":"","sources":["../../../src/ma-v2/permissionBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,OAAO,EACZ,KAAK,KAAK,EACV,KAAK,MAAM,EACX,KAAK,GAAG,EACR,KAAK,SAAS,EACf,MAAM,MAAM,CAAC;AAKd,OAAO,EAAY,KAAK,UAAU,EAAyB,MAAM,YAAY,CAAC;AAC9E,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,mCAAmC,CAAC;AAe3C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAkD7D;;GAEG;AACH,eAAO,MAAM,cAAc;;;;;;;;;CAajB,CAAC;AAGX,MAAM,MAAM,cAAc,GACxB,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAEvD;;GAEG;AACH,eAAO,MAAM,cAAc;;;;;CAKjB,CAAC;AAGX,MAAM,MAAM,cAAc,GACxB,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAsEvD,KAAK,GAAG,GAAG;IACT,SAAS,EAAE,GAAG,CAAC;IACf,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,UAAU,GAClB;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,qBAAqB,CAAC;IAClD,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,CAAC;KAChB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,oBAAoB,CAAC;IACjD,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,GAAG,CAAC;KAChB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,SAAS,CAAC;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,GAAG,CAAC;KACZ,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,eAAe,CAAC;IAC5C,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,iBAAiB,CAAC;IAC9C,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,0BAA0B,CAAC;IACvD,IAAI,EAAE;QACJ,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,qBAAqB,CAAC;IAClD,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,GAAG,EAAE,CAAC;KAClB,CAAC;CACH,GACD;IAEE,IAAI,EAAE,OAAO,cAAc,CAAC,IAAI,CAAC;IACjC,IAAI,CAAC,EAAE,KAAK,CAAC;CACd,CAAC;AAEN,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,UAAU,CAAC;IACvB,QAAQ,EAAE,GAAG,CAAC;CACf,CAAC;AAEF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,gBAAgB,CAMtB;IACF,OAAO,CAAC,SAAS,CAAa;IAC9B,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,sBAAsB,CAAkB;IAChD,OAAO,CAAC,QAAQ,CAAa;IAE7B;;;;OAIG;gBACS,EACV,MAAM,EACN,GAAG,EACH,QAAQ,EACR,KAAK,EACL,SAAS,EACT,KAAK,EACL,QAAQ,GACT,EAAE;QACD,MAAM,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;QAC/C,GAAG,EAAE,GAAG,CAAC;QACT,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC;QACf,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IA2BD;;;;;OAKG;IACH,WAAW,CAAC,EAAE,QAAQ,EAAE,EAAE;QAAE,QAAQ,EAAE,GAAG,CAAA;KAAE,GAAG,IAAI;IAMlD;;;;;OAKG;IACH,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE;QAAE,UAAU,EAAE,UAAU,CAAA;KAAE,GAAG,IAAI;IA4D/D;;;;;OAKG;IACH,cAAc,CAAC,EAAE,WAAW,EAAE,EAAE;QAAE,WAAW,EAAE,UAAU,EAAE,CAAA;KAAE,GAAG,IAAI;IASpE;;;;OAIG;IACG,eAAe,IAAI,OAAO,CAAC;QAC/B,SAAS,EAAE,uBAAuB,CAAC;QACnC,qCAAqC,EAAE,GAAG,CAAC;KAC5C,CAAC;IAiDF;;;;OAIG;IACG,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC;IAyBhC;;;;OAIG;IACG,kBAAkB,IAAI,OAAO,CAAC,uBAAuB,CAAC;IAiB5D,OAAO,CAAC,qBAAqB;IAW7B,OAAO,CAAC,oBAAoB;IAgO5B,OAAO,CAAC,QAAQ;CAiCjB"}
package/dist/types/version.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare const VERSION = "5.0.0-beta.25";
1
+ export declare const VERSION = "5.0.0-beta.26";
2
2
  //# sourceMappingURL=version.d.ts.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@alchemy/smart-accounts",
3
- "version": "5.0.0-beta.26",
3
+ "version": "5.0.0-beta.27",
4
4
  "description": "This package contains all of the viem interfaces for Alchemy's Smart Contract Accounts",
5
5
  "author": "Alchemy",
6
6
  "license": "MIT",
@@ -39,12 +39,12 @@
39
39
  "test:run": "vitest run"
40
40
  },
41
41
  "devDependencies": {
42
- "@alchemy/aa-infra": "5.0.0-beta.26",
42
+ "@alchemy/aa-infra": "5.0.0-beta.27",
43
43
  "typescript-template": "workspace:*",
44
44
  "viem": "^2.45.0"
45
45
  },
46
46
  "dependencies": {
47
- "@alchemy/common": "5.0.0-beta.26"
47
+ "@alchemy/common": "5.0.0-beta.27"
48
48
  },
49
49
  "peerDependencies": {
50
50
  "viem": "^2.45.0"
@@ -61,5 +61,5 @@
61
61
  "url": "https://github.com/alchemyplatform/aa-sdk/issues"
62
62
  },
63
63
  "homepage": "https://github.com/alchemyplatform/aa-sdk#readme",
64
- "gitHead": "f250979fa0141a06cd343c36d129c3faf838a9be"
64
+ "gitHead": "890706a0df785e32c2dc139d31f247d49d7780c7"
65
65
  }
package/src/ma-v2/permissionBuilder.ts CHANGED
@@ -46,6 +46,44 @@ const ACCOUNT_EXECUTE_SELECTOR = "0xb61d27f6";
46
46
  const ACCOUNT_EXECUTEBATCH_SELECTOR = "0x34fcd5be";
47
47
  const ACCOUNT_PERFORM_CREATE_SELECTOR = "0x5998db5c";
48
48
  const ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR = "0xf2680c0f";
49
+ const ACCOUNT_INSTALL_VALIDATION_SELECTOR = "0x1bbf564c";
50
+ const ACCOUNT_UNINSTALL_VALIDATION_SELECTOR = "0xb6b1ccfe";
51
+ const ACCOUNT_INSTALL_EXECUTION_SELECTOR = "0x1d37e7d6";
52
+ const ACCOUNT_UNINSTALL_EXECUTION_SELECTOR = "0x0b7cad71";
53
+ const ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR = "0x4f1ef286";
54
+ // Wrapped native functions that must not be added to a session key's selector allowlist.
55
+ const PRIVILEGED_SELECTORS: Record<string, string> = {
56
+ [ACCOUNT_PERFORM_CREATE_SELECTOR]: "performCreate",
57
+ [ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR]:
58
+ "executeWithRuntimeValidation",
59
+ [ACCOUNT_INSTALL_VALIDATION_SELECTOR]: "installValidation",
60
+ [ACCOUNT_UNINSTALL_VALIDATION_SELECTOR]: "uninstallValidation",
61
+ [ACCOUNT_INSTALL_EXECUTION_SELECTOR]: "installExecution",
62
+ [ACCOUNT_UNINSTALL_EXECUTION_SELECTOR]: "uninstallExecution",
63
+ [ACCOUNT_UPGRADE_TO_AND_CALL_SELECTOR]: "upgradeToAndCall",
64
+ };
65
+
66
+ // Auto-added by translatePermissions when a PREVAL_ALLOWLIST hook exists.
67
+ // Blocked from manual addition to ensure they're only added with proper hook context.
68
+ const SYSTEM_MANAGED_SELECTORS: Record<string, string> = {
69
+ [ACCOUNT_EXECUTE_SELECTOR]: "execute",
70
+ [ACCOUNT_EXECUTEBATCH_SELECTOR]: "executeBatch",
71
+ };
72
+
73
+ function assertNotForbiddenSelector(selector: Hex): void {
74
+ const normalized = selector.toLowerCase();
75
+ const match =
76
+ PRIVILEGED_SELECTORS[normalized] ?? SYSTEM_MANAGED_SELECTORS[normalized];
77
+ if (match != null) {
78
+ throw new SelectorNotAllowed(match);
79
+ }
80
+ }
81
+
82
+ function assertNoForbiddenSelectors(selectors: Hex[]): void {
83
+ for (const selector of selectors) {
84
+ assertNotForbiddenSelector(selector);
85
+ }
86
+ }
49
87
 
50
88
  /**
51
89
  * A pseudo-enum for permission types.
@@ -279,7 +317,10 @@ export class PermissionBuilder {
279
317
  signer: key.publicKey,
280
318
  });
281
319
  this.nonce = nonce;
282
- if (selectors) this.selectors = selectors;
320
+ if (selectors) {
321
+ assertNoForbiddenSelectors(selectors);
322
+ this.selectors = selectors;
323
+ }
283
324
  if (hooks) this.hooks = hooks;
284
325
  if (deadline) this.deadline = deadline;
285
326
  }
@@ -291,12 +332,7 @@ export class PermissionBuilder {
291
332
  * @returns {this} The permission builder instance.
292
333
  */
293
334
  addSelector({ selector }: { selector: Hex }): this {
294
- if (selector === ACCOUNT_PERFORM_CREATE_SELECTOR) {
295
- throw new SelectorNotAllowed("performCreate");
296
- }
297
- if (selector === ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR) {
298
- throw new SelectorNotAllowed("executeWithRuntimeValidation");
299
- }
335
+ assertNotForbiddenSelector(selector);
300
336
  this.selectors.push(selector);
301
337
  return this;
302
338
  }
@@ -359,24 +395,7 @@ export class PermissionBuilder {
359
395
  if (permission.data.functions.length === 0) {
360
396
  throw new NoFunctionsProvidedError(permission);
361
397
  }
362
- // Explicitly disallow adding execute, executeBatch, performCreate, and executeWithRuntimeValidation
363
- if (permission.data.functions.includes(ACCOUNT_EXECUTE_SELECTOR)) {
364
- throw new SelectorNotAllowed("execute");
365
- } else if (
366
- permission.data.functions.includes(ACCOUNT_EXECUTEBATCH_SELECTOR)
367
- ) {
368
- throw new SelectorNotAllowed("executeBatch");
369
- } else if (
370
- permission.data.functions.includes(ACCOUNT_PERFORM_CREATE_SELECTOR)
371
- ) {
372
- throw new SelectorNotAllowed("performCreate");
373
- } else if (
374
- permission.data.functions.includes(
375
- ACCOUNT_EXECUTE_WITH_RUNTIME_VALIDATION_SELECTOR,
376
- )
377
- ) {
378
- throw new SelectorNotAllowed("executeWithRuntimeValidation");
379
- }
398
+ assertNoForbiddenSelectors(permission.data.functions);
380
399
  this.selectors = [...this.selectors, ...permission.data.functions];
381
400
  }
382
401
 
package/src/version.ts CHANGED
@@ -1,3 +1,3 @@
1
1
  // This file is autogenerated by inject-version.ts. Any changes will be
2
2
  // overwritten on commit!
3
- export const VERSION = "5.0.0-beta.26";
3
+ export const VERSION = "5.0.0-beta.27";