@azeth/sdk 0.2.0

package/dist/account/deposit.d.ts

@@ -0,0 +1,34 @@
+import { type PublicClient, type WalletClient, type Chain, type Transport, type Account } from 'viem';
+import { type AzethContractAddresses } from '@azeth/common';
+export interface DepositParams {
+    /** The smart account to deposit into (must be owned by the caller) */
+    to: `0x${string}`;
+    /** Amount to deposit (in smallest unit) */
+    amount: bigint;
+    /** ERC-20 token address. Omit for native ETH deposit. */
+    token?: `0x${string}`;
+}
+export interface DepositResult {
+    txHash: `0x${string}`;
+    from: `0x${string}`;
+    to: `0x${string}`;
+    amount: bigint;
+    token: `0x${string}` | 'ETH';
+}
+/** Validate that a target address is an Azeth smart account owned by the depositor.
+ *
+ *  SECURITY CRITICAL: Both checks are on-chain reads and cannot be spoofed.
+ *  1. factory.isAzethAccount(target) — confirms it's a real Azeth account
+ *  2. factory.getOwnerOf(target) == depositor — confirms ownership
+ *
+ *  No TOCTOU risk: AzethAccount has no transferOwnership(), so ownership is immutable.
+ */
+export declare function validateDepositTarget(publicClient: PublicClient<Transport, Chain>, addresses: AzethContractAddresses, depositor: `0x${string}`, target: `0x${string}`): Promise<void>;
+/** Deposit ETH or ERC-20 tokens from the EOA to a self-owned smart account.
+ *
+ *  SECURITY: Validates on-chain that the target is:
+ *  1. A real Azeth smart account (via factory.isAzethAccount)
+ *  2. Owned by the depositor (via factory.getOwnerOf)
+ */
+export declare function deposit(publicClient: PublicClient<Transport, Chain>, walletClient: WalletClient<Transport, Chain, Account>, addresses: AzethContractAddresses, depositor: `0x${string}`, params: DepositParams): Promise<DepositResult>;
+//# sourceMappingURL=deposit.d.ts.map

package/dist/account/deposit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deposit.d.ts","sourceRoot":"","sources":["../../src/account/deposit.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,YAAY,EACjB,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,SAAS,EACd,KAAK,OAAO,EAEb,MAAM,MAAM,CAAC;AACd,OAAO,EAAc,KAAK,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAKxE,MAAM,WAAW,aAAa;IAC5B,sEAAsE;IACtE,EAAE,EAAE,KAAK,MAAM,EAAE,CAAC;IAClB,2CAA2C;IAC3C,MAAM,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,KAAK,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,KAAK,MAAM,EAAE,CAAC;IACtB,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,EAAE,EAAE,KAAK,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,KAAK,MAAM,EAAE,GAAG,KAAK,CAAC;CAC9B;AAED;;;;;;;GAOG;AACH,wBAAsB,qBAAqB,CACzC,YAAY,EAAE,YAAY,CAAC,SAAS,EAAE,KAAK,CAAC,EAC5C,SAAS,EAAE,sBAAsB,EACjC,SAAS,EAAE,KAAK,MAAM,EAAE,EACxB,MAAM,EAAE,KAAK,MAAM,EAAE,GACpB,OAAO,CAAC,IAAI,CAAC,CAkCf;AAED;;;;;GAKG;AACH,wBAAsB,OAAO,CAC3B,YAAY,EAAE,YAAY,CAAC,SAAS,EAAE,KAAK,CAAC,EAC5C,YAAY,EAAE,YAAY,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,EACrD,SAAS,EAAE,sBAAsB,EACjC,SAAS,EAAE,KAAK,MAAM,EAAE,EACxB,MAAM,EAAE,aAAa,GACpB,OAAO,CAAC,aAAa,CAAC,CAmDxB"}

package/dist/account/deposit.js

@@ -0,0 +1,88 @@
+import { erc20Abi, } from 'viem';
+import { AzethError } from '@azeth/common';
+import { AzethFactoryAbi } from '@azeth/common/abis';
+import { requireAddress } from '../utils/addresses.js';
+import { withRetry } from '../utils/retry.js';
+/** Validate that a target address is an Azeth smart account owned by the depositor.
+ *
+ *  SECURITY CRITICAL: Both checks are on-chain reads and cannot be spoofed.
+ *  1. factory.isAzethAccount(target) — confirms it's a real Azeth account
+ *  2. factory.getOwnerOf(target) == depositor — confirms ownership
+ *
+ *  No TOCTOU risk: AzethAccount has no transferOwnership(), so ownership is immutable.
+ */
+export async function validateDepositTarget(publicClient, addresses, depositor, target) {
+    const factoryAddress = requireAddress(addresses, 'factory');
+    // Check 1: Is this a real Azeth account?
+    const isAzethAccount = await withRetry(() => publicClient.readContract({
+        address: factoryAddress,
+        abi: AzethFactoryAbi,
+        functionName: 'isAzethAccount',
+        args: [target],
+    }));
+    if (!isAzethAccount) {
+        throw new AzethError('Target is not a valid Azeth smart account', 'INVALID_INPUT', { target, factory: factoryAddress });
+    }
+    // Check 2: Does the depositor own this account?
+    const owner = await withRetry(() => publicClient.readContract({
+        address: factoryAddress,
+        abi: AzethFactoryAbi,
+        functionName: 'getOwnerOf',
+        args: [target],
+    }));
+    if (owner.toLowerCase() !== depositor.toLowerCase()) {
+        throw new AzethError('Cannot deposit to a smart account you do not own', 'UNAUTHORIZED', { target, owner, depositor });
+    }
+}
+/** Deposit ETH or ERC-20 tokens from the EOA to a self-owned smart account.
+ *
+ *  SECURITY: Validates on-chain that the target is:
+ *  1. A real Azeth smart account (via factory.isAzethAccount)
+ *  2. Owned by the depositor (via factory.getOwnerOf)
+ */
+export async function deposit(publicClient, walletClient, addresses, depositor, params) {
+    if (params.amount <= 0n) {
+        throw new AzethError('Deposit amount must be positive', 'INVALID_INPUT', { field: 'amount' });
+    }
+    // SECURITY: On-chain ownership verification
+    await validateDepositTarget(publicClient, addresses, depositor, params.to);
+    let txHash;
+    try {
+        if (!params.token) {
+            // ETH deposit: simple value transfer to the smart account
+            txHash = await walletClient.sendTransaction({
+                to: params.to,
+                value: params.amount,
+            });
+        }
+        else {
+            // ERC-20 deposit: transfer tokens to the smart account
+            txHash = await walletClient.writeContract({
+                address: params.token,
+                abi: erc20Abi,
+                functionName: 'transfer',
+                args: [params.to, params.amount],
+            });
+        }
+    }
+    catch (err) {
+        if (err instanceof AzethError)
+            throw err;
+        const message = err instanceof Error ? err.message : 'Deposit failed';
+        const isInsufficientFunds = message.toLowerCase().includes('insufficient') ||
+            message.toLowerCase().includes('exceeds balance');
+        throw new AzethError(message, isInsufficientFunds ? 'INSUFFICIENT_BALANCE' : 'NETWORK_ERROR', { originalError: err instanceof Error ? err.name : undefined });
+    }
+    const receipt = await publicClient.waitForTransactionReceipt({ hash: txHash, timeout: 120_000 });
+    if (receipt.status === 'reverted') {
+        throw new AzethError('Deposit transaction reverted', 'NETWORK_ERROR', { txHash });
+    }
+    return {
+        txHash,
+        from: depositor,
+        to: params.to,
+        amount: params.amount,
+        token: params.token ?? 'ETH',
+    };
+}
+//# sourceMappingURL=deposit.js.map

package/dist/account/deposit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deposit.js","sourceRoot":"","sources":["../../src/account/deposit.ts"],"names":[],"mappings":"AAAA,OAAO,EAML,QAAQ,GACT,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,UAAU,EAA+B,MAAM,eAAe,CAAC;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAmB9C;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,YAA4C,EAC5C,SAAiC,EACjC,SAAwB,EACxB,MAAqB;IAErB,MAAM,cAAc,GAAG,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAE5D,yCAAyC;IACzC,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC;QACrE,OAAO,EAAE,cAAc;QACvB,GAAG,EAAE,eAAe;QACpB,YAAY,EAAE,gBAAgB;QAC9B,IAAI,EAAE,CAAC,MAAM,CAAC;KACf,CAAC,CAAC,CAAC;IAEJ,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,UAAU,CAClB,2CAA2C,EAC3C,eAAe,EACf,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,CACpC,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC;QAC5D,OAAO,EAAE,cAAc;QACvB,GAAG,EAAE,eAAe;QACpB,YAAY,EAAE,YAAY;QAC1B,IAAI,EAAE,CAAC,MAAM,CAAC;KACf,CAAC,CAAC,CAAC;IAEJ,IAAI,KAAK,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;QACpD,MAAM,IAAI,UAAU,CAClB,kDAAkD,EAClD,cAAc,EACd,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,CAC7B,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,YAA4C,EAC5C,YAAqD,EACrD,SAAiC,EACjC,SAAwB,EACxB,MAAqB;IAErB,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QACxB,MAAM,IAAI,UAAU,CAAC,iCAAiC,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IAChG,CAAC;IAED,4CAA4C;IAC5C,MAAM,qBAAqB,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IAE3E,IAAI,MAAqB,CAAC;IAE1B,IAAI,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,0DAA0D;YAC1D,MAAM,GAAG,MAAM,YAAY,CAAC,eAAe,CAAC;gBAC1C,EAAE,EAAE,MAAM,CAAC,EAAE;gBACb,KAAK,EAAE,MAAM,CAAC,MAAM;aACrB,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,uDAAuD;YACvD,MAAM,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC;gBACxC,OAAO,EAAE,MAAM,CAAC,KAAK;gBACrB,GAAG,EAAE,QAAQ;gBACb,YAAY,EAAE,UAAU;gBACxB,IAAI,EAAE,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,YAAY,UAAU;YAAE,MAAM,GAAG,CAAC;QACzC,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC;QACtE,MAAM,mBAAmB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;YACxE,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QACpD,MAAM,IAAI,UAAU,CAClB,OAAO,EACP,mBAAmB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,eAAe,EAC9D,EAAE,aAAa,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,EAAE,CAC/D,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,yBAAyB,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAEjG,IAAI,OAAO,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,IAAI,UAAU,CAAC,8BAA8B,EAAE,eAAe,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,OAAO;QACL,MAAM;QACN,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;KAC7B,CAAC;AACJ,CAAC"}

package/dist/account/guardian-approval.d.ts

@@ -0,0 +1,111 @@
+import type { XMTPClient } from '../messaging/xmtp.js';
+/** Structured XMTP message sent from agent to guardian requesting co-signature */
+export interface GuardianApprovalRequest {
+    type: 'azeth:guardian_request';
+    version: '1.0';
+    requestId: string;
+    chainId: number;
+    account: `0x${string}`;
+    userOpHash: `0x${string}`;
+    operation: {
+        type: 'transfer' | 'whitelist_add' | 'agreement' | 'payment' | 'other';
+        description: string;
+        to?: string;
+        amount?: string;
+        usdValue?: string;
+    };
+    reason: string;
+    limits: {
+        maxTxAmountUSD: string;
+        dailySpendLimitUSD: string;
+        guardianMaxTxAmountUSD: string;
+        guardianDailySpendLimitUSD: string;
+        dailySpentUSD: string;
+    };
+    expiresAt: string;
+}
+/** Structured XMTP message sent from guardian back to agent with decision */
+export interface GuardianApprovalResponse {
+    type: 'azeth:guardian_response';
+    version: '1.0';
+    requestId: string;
+    decision: 'approved' | 'rejected';
+    signature?: `0x${string}`;
+    reason?: string;
+}
+/** In-memory record of a pending guardian approval request */
+export interface PendingApproval {
+    requestId: string;
+    userOpHash: `0x${string}`;
+    ownerSignature: `0x${string}`;
+    guardianAddress: `0x${string}`;
+    operation: GuardianApprovalRequest['operation'];
+    reason: string;
+    status: 'pending' | 'approved' | 'rejected' | 'expired';
+    guardianSignature?: `0x${string}`;
+    rejectionReason?: string;
+    createdAt: number;
+    expiresAt: number;
+}
+/** Result of a guardian approval request */
+export type GuardianApprovalResult = {
+    status: 'approved';
+    signature: `0x${string}`;
+    combinedSignature: `0x${string}`;
+} | {
+    status: 'rejected';
+    reason?: string;
+} | {
+    status: 'timeout';
+    requestId: string;
+} | {
+    status: 'error';
+    message: string;
+};
+/** Retrieve a pending approval by request ID. Auto-expires if past deadline. */
+export declare function getPendingApproval(requestId: string): PendingApproval | undefined;
+/** Get all non-expired pending approvals. */
+export declare function getAllPendingApprovals(): PendingApproval[];
+/** Remove all expired approvals from the store. */
+export declare function clearExpiredApprovals(): void;
+/**
+ * Send a guardian approval request via XMTP and poll for the response.
+ *
+ * The agent sends a structured JSON message to the guardian's address,
+ * then polls XMTP for a response until timeout. On approval, the guardian's
+ * signature is combined with the owner's signature (owner 65 bytes + guardian 65 bytes).
+ *
+ * @param xmtpClient - Initialized XMTPClient instance
+ * @param guardianAddress - Ethereum address of the guardian
+ * @param userOpHash - The UserOperation hash that needs co-signing
+ * @param ownerSignature - The owner's EIP-191 signature of the userOpHash
+ * @param chainId - The chain ID for the operation
+ * @param account - The smart account address
+ * @param operation - Human-readable operation details
+ * @param reason - Why guardian approval is needed (e.g., EXCEEDS_TX_LIMIT)
+ * @param limits - Current guardrail limits for context
+ * @param options - Polling options (timeoutMs, pollIntervalMs)
+ * @returns The approval result with combined signature, rejection reason, or timeout
+ */
+export declare function requestGuardianApproval(xmtpClient: XMTPClient, guardianAddress: `0x${string}`, userOpHash: `0x${string}`, ownerSignature: `0x${string}`, chainId: number, account: `0x${string}`, operation: GuardianApprovalRequest['operation'], reason: string, limits: GuardianApprovalRequest['limits'], options?: {
+    timeoutMs?: number;
+    pollIntervalMs?: number;
+}): Promise<GuardianApprovalResult>;
+/**
+ * Check XMTP messages from the guardian for a response to a specific request.
+ *
+ * Reads recent messages from the guardian's conversation and looks for a
+ * matching `azeth:guardian_response` message.
+ *
+ * @param xmtpClient - Initialized XMTPClient instance
+ * @param guardianAddress - Guardian's Ethereum address
+ * @param requestId - The approval request ID to match
+ * @param afterTimestamp - Only consider messages after this timestamp (ms)
+ * @returns The parsed response, or null if no matching response found
+ */
+export declare function checkForGuardianResponse(xmtpClient: XMTPClient, guardianAddress: `0x${string}`, requestId: string, afterTimestamp?: number): Promise<GuardianApprovalResponse | null>;
+/** Try to parse a message string as a GuardianApprovalResponse. Returns null if not a valid response. */
+export declare function tryParseGuardianResponse(content: string): GuardianApprovalResponse | null;
+/** Try to parse a message string as a GuardianApprovalRequest. Returns null if not a valid request. */
+export declare function tryParseGuardianRequest(content: string): GuardianApprovalRequest | null;
+//# sourceMappingURL=guardian-approval.d.ts.map

package/dist/account/guardian-approval.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian-approval.d.ts","sourceRoot":"","sources":["../../src/account/guardian-approval.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIvD,kFAAkF;AAClF,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,wBAAwB,CAAC;IAC/B,OAAO,EAAE,KAAK,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;IACvB,UAAU,EAAE,KAAK,MAAM,EAAE,CAAC;IAC1B,SAAS,EAAE;QACT,IAAI,EAAE,UAAU,GAAG,eAAe,GAAG,WAAW,GAAG,SAAS,GAAG,OAAO,CAAC;QACvE,WAAW,EAAE,MAAM,CAAC;QACpB,EAAE,CAAC,EAAE,MAAM,CAAC;QACZ,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE;QACN,cAAc,EAAE,MAAM,CAAC;QACvB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,sBAAsB,EAAE,MAAM,CAAC;QAC/B,0BAA0B,EAAE,MAAM,CAAC;QACnC,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,6EAA6E;AAC7E,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,yBAAyB,CAAC;IAChC,OAAO,EAAE,KAAK,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,UAAU,GAAG,UAAU,CAAC;IAClC,SAAS,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,8DAA8D;AAC9D,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,KAAK,MAAM,EAAE,CAAC;IAC1B,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;IAC9B,eAAe,EAAE,KAAK,MAAM,EAAE,CAAC;IAC/B,SAAS,EAAE,uBAAuB,CAAC,WAAW,CAAC,CAAC;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,GAAG,SAAS,CAAC;IACxD,iBAAiB,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,4CAA4C;AAC5C,MAAM,MAAM,sBAAsB,GAC9B;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IAAC,iBAAiB,EAAE,KAAK,MAAM,EAAE,CAAA;CAAE,GAClF;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GACvC;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,GACxC;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AASzC,gFAAgF;AAChF,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAMjF;AAED,6CAA6C;AAC7C,wBAAgB,sBAAsB,IAAI,eAAe,EAAE,CAO1D;AAED,mDAAmD;AACnD,wBAAgB,qBAAqB,IAAI,IAAI,CAI5C;AAID;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,uBAAuB,CAC3C,UAAU,EAAE,UAAU,EACtB,eAAe,EAAE,KAAK,MAAM,EAAE,EAC9B,UAAU,EAAE,KAAK,MAAM,EAAE,EACzB,cAAc,EAAE,KAAK,MAAM,EAAE,EAC7B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,KAAK,MAAM,EAAE,EACtB,SAAS,EAAE,uBAAuB,CAAC,WAAW,CAAC,EAC/C,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,uBAAuB,CAAC,QAAQ,CAAC,EACzC,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,GACxD,OAAO,CAAC,sBAAsB,CAAC,CAsFjC;AAID;;;;;;;;;;;GAWG;AACH,wBAAsB,wBAAwB,CAC5C,UAAU,EAAE,UAAU,EACtB,eAAe,EAAE,KAAK,MAAM,EAAE,EAC9B,SAAS,EAAE,MAAM,EACjB,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAkB1C;AAID,yGAAyG;AACzG,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,wBAAwB,GAAG,IAAI,CAsBzF;AAID,uGAAuG;AACvG,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,uBAAuB,GAAG,IAAI,CAkBvF"}

package/dist/account/guardian-approval.js

@@ -0,0 +1,223 @@
+import crypto from 'node:crypto';
+import { AzethError } from '@azeth/common';
+// ── Pending Approvals Store (in-memory, per-process) ──
+/** Audit #13 M-11 fix: Cap pending approvals to prevent unbounded memory growth */
+const MAX_PENDING_APPROVALS = 1000;
+const pendingApprovals = new Map();
+/** Retrieve a pending approval by request ID. Auto-expires if past deadline. */
+export function getPendingApproval(requestId) {
+    const approval = pendingApprovals.get(requestId);
+    if (approval && approval.status === 'pending' && Date.now() > approval.expiresAt) {
+        approval.status = 'expired';
+    }
+    return approval;
+}
+/** Get all non-expired pending approvals. */
+export function getAllPendingApprovals() {
+    return Array.from(pendingApprovals.values())
+        .map(a => {
+        if (a.status === 'pending' && Date.now() > a.expiresAt)
+            a.status = 'expired';
+        return a;
+    })
+        .filter(a => a.status === 'pending');
+}
+/** Remove all expired approvals from the store. */
+export function clearExpiredApprovals() {
+    for (const [id, approval] of pendingApprovals) {
+        if (Date.now() > approval.expiresAt)
+            pendingApprovals.delete(id);
+    }
+}
+// ── Request Guardian Approval ──────────────────────────
+/**
+ * Send a guardian approval request via XMTP and poll for the response.
+ *
+ * The agent sends a structured JSON message to the guardian's address,
+ * then polls XMTP for a response until timeout. On approval, the guardian's
+ * signature is combined with the owner's signature (owner 65 bytes + guardian 65 bytes).
+ *
+ * @param xmtpClient - Initialized XMTPClient instance
+ * @param guardianAddress - Ethereum address of the guardian
+ * @param userOpHash - The UserOperation hash that needs co-signing
+ * @param ownerSignature - The owner's EIP-191 signature of the userOpHash
+ * @param chainId - The chain ID for the operation
+ * @param account - The smart account address
+ * @param operation - Human-readable operation details
+ * @param reason - Why guardian approval is needed (e.g., EXCEEDS_TX_LIMIT)
+ * @param limits - Current guardrail limits for context
+ * @param options - Polling options (timeoutMs, pollIntervalMs)
+ * @returns The approval result with combined signature, rejection reason, or timeout
+ */
+export async function requestGuardianApproval(xmtpClient, guardianAddress, userOpHash, ownerSignature, chainId, account, operation, reason, limits, options) {
+    const timeoutMs = options?.timeoutMs ?? 30_000;
+    const pollIntervalMs = options?.pollIntervalMs ?? 2_000;
+    const requestId = crypto.randomUUID();
+    const expiresAt = Date.now() + 5 * 60 * 1000; // 5 min expiry
+    // Audit #13 M-11 fix: Auto-cleanup expired entries and enforce size cap
+    clearExpiredApprovals();
+    if (pendingApprovals.size >= MAX_PENDING_APPROVALS) {
+        // Evict oldest entries (Map iterates in insertion order)
+        const evictCount = Math.ceil(MAX_PENDING_APPROVALS * 0.1);
+        let removed = 0;
+        for (const key of pendingApprovals.keys()) {
+            if (removed >= evictCount)
+                break;
+            pendingApprovals.delete(key);
+            removed++;
+        }
+    }
+    // Store pending approval
+    const pending = {
+        requestId,
+        userOpHash,
+        ownerSignature,
+        guardianAddress,
+        operation,
+        reason,
+        status: 'pending',
+        createdAt: Date.now(),
+        expiresAt,
+    };
+    pendingApprovals.set(requestId, pending);
+    // Build request message
+    const request = {
+        type: 'azeth:guardian_request',
+        version: '1.0',
+        requestId,
+        chainId,
+        account,
+        userOpHash,
+        operation,
+        reason,
+        limits,
+        expiresAt: new Date(expiresAt).toISOString(),
+    };
+    // Send via XMTP
+    try {
+        await xmtpClient.sendMessage({
+            to: guardianAddress,
+            content: JSON.stringify(request),
+        });
+    }
+    catch (err) {
+        pendingApprovals.delete(requestId);
+        throw new AzethError(`Failed to send guardian approval request via XMTP: ${err instanceof Error ? err.message : String(err)}`, 'NETWORK_ERROR');
+    }
+    // Poll for response
+    const startTime = Date.now();
+    const deadline = startTime + timeoutMs;
+    while (Date.now() < deadline) {
+        await new Promise(resolve => setTimeout(resolve, pollIntervalMs));
+        const result = await checkForGuardianResponse(xmtpClient, guardianAddress, requestId, startTime);
+        if (result) {
+            if (result.decision === 'approved' && result.signature) {
+                pending.status = 'approved';
+                pending.guardianSignature = result.signature;
+                // Combine: owner signature (65 bytes) + guardian signature (65 bytes)
+                const combinedSignature = (ownerSignature + result.signature.slice(2));
+                return { status: 'approved', signature: result.signature, combinedSignature };
+            }
+            else {
+                pending.status = 'rejected';
+                pending.rejectionReason = result.reason;
+                return { status: 'rejected', reason: result.reason };
+            }
+        }
+    }
+    // Timeout — approval stays pending for later retrieval via azeth_guardian_status
+    return { status: 'timeout', requestId };
+}
+// ── Check for Response ─────────────────────────────────
+/**
+ * Check XMTP messages from the guardian for a response to a specific request.
+ *
+ * Reads recent messages from the guardian's conversation and looks for a
+ * matching `azeth:guardian_response` message.
+ *
+ * @param xmtpClient - Initialized XMTPClient instance
+ * @param guardianAddress - Guardian's Ethereum address
+ * @param requestId - The approval request ID to match
+ * @param afterTimestamp - Only consider messages after this timestamp (ms)
+ * @returns The parsed response, or null if no matching response found
+ */
+export async function checkForGuardianResponse(xmtpClient, guardianAddress, requestId, afterTimestamp) {
+    try {
+        // Use getMessagesByPeer to read messages from the guardian
+        const messages = await xmtpClient.getMessagesByPeer(guardianAddress, 20);
+        for (const msg of messages) {
+            // Skip messages from before our request
+            if (afterTimestamp && msg.timestamp < afterTimestamp)
+                continue;
+            const parsed = tryParseGuardianResponse(msg.content);
+            if (parsed && parsed.requestId === requestId) {
+                return parsed;
+            }
+        }
+    }
+    catch {
+        // XMTP read failure — non-fatal, will retry on next poll
+    }
+    return null;
+}
+// ── Parse Guardian Response ────────────────────────────
+/** Try to parse a message string as a GuardianApprovalResponse. Returns null if not a valid response. */
+export function tryParseGuardianResponse(content) {
+    try {
+        const parsed = JSON.parse(content);
+        if (parsed.type !== 'azeth:guardian_response')
+            return null;
+        if (parsed.version !== '1.0')
+            return null;
+        if (typeof parsed.requestId !== 'string')
+            return null;
+        if (parsed.decision !== 'approved' && parsed.decision !== 'rejected')
+            return null;
+        return {
+            type: 'azeth:guardian_response',
+            version: '1.0',
+            requestId: parsed.requestId,
+            decision: parsed.decision,
+            // Audit #13 H-6 fix: Validate signature format (0x + 130 hex chars = 65 bytes)
+            signature: (typeof parsed.signature === 'string'
+                && /^0x[0-9a-fA-F]{130}$/.test(parsed.signature))
+                ? parsed.signature : undefined,
+            reason: typeof parsed.reason === 'string' ? parsed.reason : undefined,
+        };
+    }
+    catch {
+        return null;
+    }
+}
+// ── Parse Guardian Request ─────────────────────────────
+/** Try to parse a message string as a GuardianApprovalRequest. Returns null if not a valid request. */
+export function tryParseGuardianRequest(content) {
+    try {
+        const parsed = JSON.parse(content);
+        if (parsed.type !== 'azeth:guardian_request')
+            return null;
+        if (parsed.version !== '1.0')
+            return null;
+        if (typeof parsed.requestId !== 'string')
+            return null;
+        if (typeof parsed.userOpHash !== 'string')
+            return null;
+        if (typeof parsed.chainId !== 'number')
+            return null;
+        if (typeof parsed.account !== 'string')
+            return null;
+        if (typeof parsed.operation !== 'object' || parsed.operation === null)
+            return null;
+        if (typeof parsed.reason !== 'string')
+            return null;
+        if (typeof parsed.limits !== 'object' || parsed.limits === null)
+            return null;
+        if (typeof parsed.expiresAt !== 'string')
+            return null;
+        return parsed;
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=guardian-approval.js.map

package/dist/account/guardian-approval.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian-approval.js","sourceRoot":"","sources":["../../src/account/guardian-approval.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AA+D3C,yDAAyD;AAEzD,mFAAmF;AACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC;AAEnC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAA2B,CAAC;AAE5D,gFAAgF;AAChF,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC;QACjF,QAAQ,CAAC,MAAM,GAAG,SAAS,CAAC;IAC9B,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,sBAAsB;IACpC,OAAO,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC;SACzC,GAAG,CAAC,CAAC,CAAC,EAAE;QACP,IAAI,CAAC,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,SAAS;YAAE,CAAC,CAAC,MAAM,GAAG,SAAS,CAAC;QAC7E,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;AACzC,CAAC;AAED,mDAAmD;AACnD,MAAM,UAAU,qBAAqB;IACnC,KAAK,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,IAAI,gBAAgB,EAAE,CAAC;QAC9C,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS;YAAE,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,UAAsB,EACtB,eAA8B,EAC9B,UAAyB,EACzB,cAA6B,EAC7B,OAAe,EACf,OAAsB,EACtB,SAA+C,EAC/C,MAAc,EACd,MAAyC,EACzC,OAAyD;IAEzD,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,MAAM,CAAC;IAC/C,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,KAAK,CAAC;IACxD,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IACtC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,eAAe;IAE7D,wEAAwE;IACxE,qBAAqB,EAAE,CAAC;IACxB,IAAI,gBAAgB,CAAC,IAAI,IAAI,qBAAqB,EAAE,CAAC;QACnD,yDAAyD;QACzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,CAAC;QAC1D,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,KAAK,MAAM,GAAG,IAAI,gBAAgB,CAAC,IAAI,EAAE,EAAE,CAAC;YAC1C,IAAI,OAAO,IAAI,UAAU;gBAAE,MAAM;YACjC,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,MAAM,OAAO,GAAoB;QAC/B,SAAS;QACT,UAAU;QACV,cAAc;QACd,eAAe;QACf,SAAS;QACT,MAAM;QACN,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;QACrB,SAAS;KACV,CAAC;IACF,gBAAgB,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAEzC,wBAAwB;IACxB,MAAM,OAAO,GAA4B;QACvC,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,KAAK;QACd,SAAS;QACT,OAAO;QACP,OAAO;QACP,UAAU;QACV,SAAS;QACT,MAAM;QACN,MAAM;QACN,SAAS,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;KAC7C,CAAC;IAEF,gBAAgB;IAChB,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,WAAW,CAAC;YAC3B,EAAE,EAAE,eAAe;YACnB,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,gBAAgB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,IAAI,UAAU,CAClB,sDAAsD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACxG,eAAe,CAChB,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;IAEvC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAAC,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QACjG,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,CAAC,QAAQ,KAAK,UAAU,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACvD,OAAO,CAAC,MAAM,GAAG,UAAU,CAAC;gBAC5B,OAAO,CAAC,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC;gBAC7C,sEAAsE;gBACtE,MAAM,iBAAiB,GAAG,CAAC,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAkB,CAAC;gBACxF,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,iBAAiB,EAAE,CAAC;YAChF,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,GAAG,UAAU,CAAC;gBAC5B,OAAO,CAAC,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;gBACxC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AAC1C,CAAC;AAED,0DAA0D;AAE1D;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,UAAsB,EACtB,eAA8B,EAC9B,SAAiB,EACjB,cAAuB;IAEvB,IAAI,CAAC;QACH,2DAA2D;QAC3D,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,iBAAiB,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;QAEzE,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,wCAAwC;YACxC,IAAI,cAAc,IAAI,GAAG,CAAC,SAAS,GAAG,cAAc;gBAAE,SAAS;YAE/D,MAAM,MAAM,GAAG,wBAAwB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACrD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC7C,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,yDAAyD;IAC3D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,0DAA0D;AAE1D,yGAAyG;AACzG,MAAM,UAAU,wBAAwB,CAAC,OAAe;IACtD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QAC9D,IAAI,MAAM,CAAC,IAAI,KAAK,yBAAyB;YAAE,OAAO,IAAI,CAAC;QAC3D,IAAI,MAAM,CAAC,OAAO,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC;QAC1C,IAAI,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACtD,IAAI,MAAM,CAAC,QAAQ,KAAK,UAAU,IAAI,MAAM,CAAC,QAAQ,KAAK,UAAU;YAAE,OAAO,IAAI,CAAC;QAElF,OAAO;YACL,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,+EAA+E;YAC/E,SAAS,EAAE,CAAC,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;mBAC3C,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;gBACjD,CAAC,CAAC,MAAM,CAAC,SAA0B,CAAC,CAAC,CAAC,SAAS;YACjD,MAAM,EAAE,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;SACtE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D,uGAAuG;AACvG,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QAC9D,IAAI,MAAM,CAAC,IAAI,KAAK,wBAAwB;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,MAAM,CAAC,OAAO,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC;QAC1C,IAAI,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACtD,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACvD,IAAI,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACpD,IAAI,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACpD,IAAI,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QACnF,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAC7E,IAAI,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEtD,OAAO,MAA4C,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/account/guardian.d.ts

@@ -0,0 +1,27 @@
+import { type AzethContractAddresses } from '@azeth/common';
+import type { AzethSmartAccountClient } from '../utils/userop.js';
+/** Update the token whitelist on the GuardianModule via ERC-4337 UserOperation.
+ *
+ *  Tokens must be whitelisted for executor-module operations (e.g., PaymentAgreementModule)
+ *  to succeed. Owner-signed transfers bypass the whitelist.
+ *
+ *  @param smartAccountClient - ERC-4337 smart account client for the caller
+ *  @param addresses - Contract addresses containing guardianModule
+ *  @param token - Token address to whitelist/delist (use address(0) for native ETH)
+ *  @param allowed - true to whitelist, false to remove from whitelist
+ *  @returns Transaction hash
+ */
+export declare function setTokenWhitelist(smartAccountClient: AzethSmartAccountClient, addresses: AzethContractAddresses, token: `0x${string}`, allowed: boolean): Promise<`0x${string}`>;
+/** Update the protocol whitelist on the GuardianModule via ERC-4337 UserOperation.
+ *
+ *  Protocols (contract addresses) must be whitelisted for executor-module operations
+ *  that interact with external contracts.
+ *
+ *  @param smartAccountClient - ERC-4337 smart account client for the caller
+ *  @param addresses - Contract addresses containing guardianModule
+ *  @param protocol - Protocol/contract address to whitelist/delist
+ *  @param allowed - true to whitelist, false to remove from whitelist
+ *  @returns Transaction hash
+ */
+export declare function setProtocolWhitelist(smartAccountClient: AzethSmartAccountClient, addresses: AzethContractAddresses, protocol: `0x${string}`, allowed: boolean): Promise<`0x${string}`>;
+//# sourceMappingURL=guardian.d.ts.map

package/dist/account/guardian.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian.d.ts","sourceRoot":"","sources":["../../src/account/guardian.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,KAAK,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAExE,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;;;;GAUG;AACH,wBAAsB,iBAAiB,CACrC,kBAAkB,EAAE,uBAAuB,EAC3C,SAAS,EAAE,sBAAsB,EACjC,KAAK,EAAE,KAAK,MAAM,EAAE,EACpB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAsBxB;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,oBAAoB,CACxC,kBAAkB,EAAE,uBAAuB,EAC3C,SAAS,EAAE,sBAAsB,EACjC,QAAQ,EAAE,KAAK,MAAM,EAAE,EACvB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAsBxB"}

package/dist/account/guardian.js

@@ -0,0 +1,67 @@
+import { encodeFunctionData } from 'viem';
+import { GuardianModuleAbi } from '@azeth/common/abis';
+import { AzethError } from '@azeth/common';
+import { requireAddress } from '../utils/addresses.js';
+/** Update the token whitelist on the GuardianModule via ERC-4337 UserOperation.
+ *
+ *  Tokens must be whitelisted for executor-module operations (e.g., PaymentAgreementModule)
+ *  to succeed. Owner-signed transfers bypass the whitelist.
+ *
+ *  @param smartAccountClient - ERC-4337 smart account client for the caller
+ *  @param addresses - Contract addresses containing guardianModule
+ *  @param token - Token address to whitelist/delist (use address(0) for native ETH)
+ *  @param allowed - true to whitelist, false to remove from whitelist
+ *  @returns Transaction hash
+ */
+export async function setTokenWhitelist(smartAccountClient, addresses, token, allowed) {
+    const guardianAddress = requireAddress(addresses, 'guardianModule');
+    try {
+        const data = encodeFunctionData({
+            abi: GuardianModuleAbi,
+            functionName: 'setTokenWhitelist',
+            args: [token, allowed],
+        });
+        return await smartAccountClient.sendTransaction({
+            to: guardianAddress,
+            value: 0n,
+            data,
+        });
+    }
+    catch (err) {
+        if (err instanceof AzethError)
+            throw err;
+        throw new AzethError(err instanceof Error ? err.message : 'Failed to update token whitelist', 'CONTRACT_ERROR', { originalError: err instanceof Error ? err.name : undefined });
+    }
+}
+/** Update the protocol whitelist on the GuardianModule via ERC-4337 UserOperation.
+ *
+ *  Protocols (contract addresses) must be whitelisted for executor-module operations
+ *  that interact with external contracts.
+ *
+ *  @param smartAccountClient - ERC-4337 smart account client for the caller
+ *  @param addresses - Contract addresses containing guardianModule
+ *  @param protocol - Protocol/contract address to whitelist/delist
+ *  @param allowed - true to whitelist, false to remove from whitelist
+ *  @returns Transaction hash
+ */
+export async function setProtocolWhitelist(smartAccountClient, addresses, protocol, allowed) {
+    const guardianAddress = requireAddress(addresses, 'guardianModule');
+    try {
+        const data = encodeFunctionData({
+            abi: GuardianModuleAbi,
+            functionName: 'setProtocolWhitelist',
+            args: [protocol, allowed],
+        });
+        return await smartAccountClient.sendTransaction({
+            to: guardianAddress,
+            value: 0n,
+            data,
+        });
+    }
+    catch (err) {
+        if (err instanceof AzethError)
+            throw err;
+        throw new AzethError(err instanceof Error ? err.message : 'Failed to update protocol whitelist', 'CONTRACT_ERROR', { originalError: err instanceof Error ? err.name : undefined });
+    }
+}
+//# sourceMappingURL=guardian.js.map

package/dist/account/guardian.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian.js","sourceRoot":"","sources":["../../src/account/guardian.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,MAAM,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,UAAU,EAA+B,MAAM,eAAe,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAGvD;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,kBAA2C,EAC3C,SAAiC,EACjC,KAAoB,EACpB,OAAgB;IAEhB,MAAM,eAAe,GAAG,cAAc,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAEpE,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,kBAAkB,CAAC;YAC9B,GAAG,EAAE,iBAAiB;YACtB,YAAY,EAAE,mBAAmB;YACjC,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,CAAC;SACvB,CAAC,CAAC;QACH,OAAO,MAAM,kBAAkB,CAAC,eAAe,CAAC;YAC9C,EAAE,EAAE,eAAe;YACnB,KAAK,EAAE,EAAE;YACT,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,YAAY,UAAU;YAAE,MAAM,GAAG,CAAC;QACzC,MAAM,IAAI,UAAU,CAClB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,kCAAkC,EACvE,gBAAgB,EAChB,EAAE,aAAa,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,EAAE,CAC/D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,kBAA2C,EAC3C,SAAiC,EACjC,QAAuB,EACvB,OAAgB;IAEhB,MAAM,eAAe,GAAG,cAAc,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAEpE,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,kBAAkB,CAAC;YAC9B,GAAG,EAAE,iBAAiB;YACtB,YAAY,EAAE,sBAAsB;YACpC,IAAI,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC;SAC1B,CAAC,CAAC;QACH,OAAO,MAAM,kBAAkB,CAAC,eAAe,CAAC;YAC9C,EAAE,EAAE,eAAe;YACnB,KAAK,EAAE,EAAE;YACT,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,YAAY,UAAU;YAAE,MAAM,GAAG,CAAC;QACzC,MAAM,IAAI,UAAU,CAClB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qCAAqC,EAC1E,gBAAgB,EAChB,EAAE,aAAa,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,EAAE,CAC/D,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/account/history.d.ts

@@ -0,0 +1,22 @@
+import { type PublicClient, type Chain, type Transport } from 'viem';
+export interface HistoryParams {
+    limit?: number;
+    offset?: number;
+    fromBlock?: bigint;
+}
+export interface TransactionRecord {
+    hash: `0x${string}`;
+    from: `0x${string}`;
+    to: `0x${string}` | null;
+    value: bigint;
+    /** Token contract address (null for native ETH, 0x0...0 for ETH recorded by ReputationModule) */
+    token: `0x${string}` | null;
+    blockNumber: bigint;
+    timestamp: number;
+}
+/** Get transaction history for an account
+ *  Tries server API first, then falls back to on-chain TransferRecorded events
+ *  from the ReputationModule (last ~1000 blocks).
+ */
+export declare function getHistory(publicClient: PublicClient<Transport, Chain>, account: `0x${string}`, serverUrl?: string, params?: HistoryParams, reputationModuleAddress?: `0x${string}`, tokenAddresses?: `0x${string}`[]): Promise<TransactionRecord[]>;
+//# sourceMappingURL=history.d.ts.map

package/dist/account/history.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"history.d.ts","sourceRoot":"","sources":["../../src/account/history.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,SAAS,EACf,MAAM,MAAM,CAAC;AAKd,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,EAAE,EAAE,KAAK,MAAM,EAAE,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,iGAAiG;IACjG,KAAK,EAAE,KAAK,MAAM,EAAE,GAAG,IAAI,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAOD;;;GAGG;AACH,wBAAsB,UAAU,CAC9B,YAAY,EAAE,YAAY,CAAC,SAAS,EAAE,KAAK,CAAC,EAC5C,OAAO,EAAE,KAAK,MAAM,EAAE,EACtB,SAAS,CAAC,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,aAAa,EACtB,uBAAuB,CAAC,EAAE,KAAK,MAAM,EAAE,EACvC,cAAc,CAAC,EAAE,KAAK,MAAM,EAAE,EAAE,GAC/B,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAiJ9B"}