@bloxchain/contracts 1.0.0-alpha.2 → 1.0.0-alpha.20

package/core/execution/interface/IGuardController.sol

@@ -1,120 +1,146 @@
-// SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
-
-import "../../lib/EngineBlox.sol";
-
-/**
- * @title IGuardController
- * @dev Interface for GuardController contract that GuardianSafeV3 and other contracts delegate to
- * @notice This interface defines only GuardController-specific methods
- * @notice Functions from BaseStateMachine (createMetaTxParams, generateUnsignedMetaTransaction*, getTransaction, functionSchemaExists, owner, getBroadcaster, getRecovery) should be accessed via IBaseStateMachine
- * @notice Functions from RuntimeRBAC (registerFunction, unregisterFunction, getFunctionSchema, createNewRole, addWalletToRole, revokeWallet) should be accessed via IRuntimeRBAC
- * @custom:security-contact security@particlecrypto.com
- */
-interface IGuardController {
-    /**
-     * @notice Initializer to initialize GuardController
-     * @param initialOwner The initial owner address
-     * @param broadcaster The broadcaster address
-     * @param recovery The recovery address
-     * @param timeLockPeriodSec The timelock period in seconds
-     * @param eventForwarder The event forwarder address
-     */
-    function initialize(
-        address initialOwner,
-        address broadcaster,
-        address recovery,
-        uint256 timeLockPeriodSec,
-        address eventForwarder
-    ) external;
-
-    /**
-     * @dev Requests a time-locked execution via EngineBlox workflow
-     * @param target The address of the target contract
-     * @param value The ETH value to send (0 for standard function calls)
-     * @param functionSelector The function selector to execute (0x00000000 for simple ETH transfers)
-     * @param params The encoded parameters for the function (empty for simple ETH transfers)
-     * @param gasLimit The gas limit for execution
-     * @param operationType The operation type hash
-     * @return txId The transaction ID for the requested operation
-     * @notice Creates a time-locked transaction that must be approved after the timelock period
-     * @notice Requires EXECUTE_TIME_DELAY_REQUEST permission for the function selector
-     * @notice For standard function calls: value=0, functionSelector=non-zero, params=encoded data
-     * @notice For simple ETH transfers: value>0, functionSelector=0x00000000, params=""
-     */
-    function executeWithTimeLock(
-        address target,
-        uint256 value,
-        bytes4 functionSelector,
-        bytes memory params,
-        uint256 gasLimit,
-        bytes32 operationType
-    ) external returns (uint256 txId);
-
-    /**
-     * @dev Approves and executes a time-locked transaction
-     * @param txId The transaction ID
-     * @param expectedOperationType The expected operation type for validation
-     * @return result The execution result
-     * @notice Requires STANDARD execution type and EXECUTE_TIME_DELAY_APPROVE permission for the execution function
-     */
-    function approveTimeLockExecution(
-        uint256 txId,
-        bytes32 expectedOperationType
-    ) external returns (bytes memory result);
-
-    /**
-     * @dev Cancels a time-locked transaction
-     * @param txId The transaction ID
-     * @param expectedOperationType The expected operation type for validation
-     * @return The updated transaction record
-     * @notice Requires STANDARD execution type and EXECUTE_TIME_DELAY_CANCEL permission for the execution function
-     */
-    function cancelTimeLockExecution(
-        uint256 txId,
-        bytes32 expectedOperationType
-    ) external returns (EngineBlox.TxRecord memory);
-
-    /**
-     * @dev Approves a time-locked transaction using a meta-transaction
-     * @param metaTx The meta-transaction containing the transaction record and signature
-     * @param expectedOperationType The expected operation type for validation
-     * @param requiredSelector The handler selector for validation
-     * @return The updated transaction record
-     * @notice Requires STANDARD execution type and EXECUTE_META_APPROVE permission for the execution function
-     */
-    function approveTimeLockExecutionWithMetaTx(
-        EngineBlox.MetaTransaction memory metaTx,
-        bytes32 expectedOperationType,
-        bytes4 requiredSelector
-    ) external returns (EngineBlox.TxRecord memory);
-
-    /**
-     * @dev Cancels a time-locked transaction using a meta-transaction
-     * @param metaTx The meta-transaction containing the transaction record and signature
-     * @param expectedOperationType The expected operation type for validation
-     * @param requiredSelector The handler selector for validation
-     * @return The updated transaction record
-     * @notice Requires STANDARD execution type and EXECUTE_META_CANCEL permission for the execution function
-     */
-    function cancelTimeLockExecutionWithMetaTx(
-        EngineBlox.MetaTransaction memory metaTx,
-        bytes32 expectedOperationType,
-        bytes4 requiredSelector
-    ) external returns (EngineBlox.TxRecord memory);
-
-    /**
-     * @dev Requests and approves a transaction in one step using a meta-transaction
-     * @param metaTx The meta-transaction containing the transaction record and signature
-     * @param requiredSelector The handler selector for validation
-     * @return The transaction record after request and approval
-     * @notice Requires STANDARD execution type
-     * @notice Validates function schema and permissions for the execution function (same as executeWithTimeLock)
-     * @notice Requires EXECUTE_META_REQUEST_AND_APPROVE permission for the execution function selector
-     */
-    function requestAndApproveExecution(
-        EngineBlox.MetaTransaction memory metaTx,
-        bytes4 requiredSelector
-    ) external returns (EngineBlox.TxRecord memory);
-}
-
+// SPDX-License-Identifier: MPL-2.0
+pragma solidity 0.8.34;
+
+import "../../lib/EngineBlox.sol";
+
+/**
+ * @title IGuardController
+ * @dev Interface for GuardController contract that AccountBlox and other contracts delegate to
+ * @notice This interface defines only GuardController-specific methods
+ * @notice Functions from BaseStateMachine (createMetaTxParams, generateUnsignedMetaTransaction*, getTransaction, getFunctionSchema, owner, getBroadcasters, getRecovery) should be accessed via IBaseStateMachine
+ * @notice Functions from RuntimeRBAC (role management: createNewRole, addWalletToRole, revokeWallet, etc.) should be accessed via IRuntimeRBAC. Function schema registration is performed via GuardController (guard config batch), not RuntimeRBAC.
+ * @custom:security-contact security@particlecrypto.com
+ */
+interface IGuardController {
+    /**
+     * @dev Action types for batched Guard configuration
+     */
+    enum GuardConfigActionType {
+        ADD_TARGET_TO_WHITELIST,
+        REMOVE_TARGET_FROM_WHITELIST,
+        REGISTER_FUNCTION,
+        UNREGISTER_FUNCTION
+    }
+
+    /**
+     * @dev Encodes a single Guard configuration action in a batch
+     */
+    struct GuardConfigAction {
+        GuardConfigActionType actionType;
+        bytes data;
+    }
+
+    /**
+     * @notice Initializer to initialize GuardController
+     * @param initialOwner The initial owner address
+     * @param broadcaster The broadcaster address
+     * @param recovery The recovery address
+     * @param timeLockPeriodSec The timelock period in seconds
+     * @param eventForwarder The event forwarder address
+     */
+    function initialize(
+        address initialOwner,
+        address broadcaster,
+        address recovery,
+        uint256 timeLockPeriodSec,
+        address eventForwarder
+    ) external;
+
+    /**
+     * @dev Requests a time-locked execution via EngineBlox workflow
+     * @param target The address of the target contract
+     * @param value The ETH value to send (0 for standard function calls)
+     * @param functionSelector The function selector to execute (0x00000000 for simple ETH transfers)
+     * @param params The encoded parameters for the function (empty for simple ETH transfers)
+     * @param gasLimit The gas limit for execution
+     * @param operationType The operation type hash
+     * @return txId The transaction ID for the requested operation
+     * @notice Creates a time-locked transaction that must be approved after the timelock period
+     * @notice Requires EXECUTE_TIME_DELAY_REQUEST permission for the function selector
+     * @notice For standard function calls: value=0, functionSelector=non-zero, params=encoded data
+     * @notice For simple ETH transfers: value>0, functionSelector=0x00000000, params=""
+     */
+    function executeWithTimeLock(
+        address target,
+        uint256 value,
+        bytes4 functionSelector,
+        bytes memory params,
+        uint256 gasLimit,
+        bytes32 operationType
+    ) external returns (uint256 txId);
+
+    /**
+     * @dev Requests a time-locked execution with payment details attached (same permissions as executeWithTimeLock)
+     * @param target The address of the target contract
+     * @param value The ETH value to send (0 for standard function calls)
+     * @param functionSelector The function selector to execute (NATIVE_TRANSFER_SELECTOR for simple native token transfers)
+     * @param params The encoded parameters for the function (empty for simple native token transfers)
+     * @param gasLimit The gas limit for execution
+     * @param operationType The operation type hash
+     * @param paymentDetails The payment details to attach to the transaction
+     * @return txId The transaction ID for the requested operation (use getTransaction(txId) for full record)
+     * @notice Reuses EXECUTE_TIME_DELAY_REQUEST permission; approval/cancel same as executeWithTimeLock
+     */
+    function executeWithPayment(
+        address target,
+        uint256 value,
+        bytes4 functionSelector,
+        bytes memory params,
+        uint256 gasLimit,
+        bytes32 operationType,
+        EngineBlox.PaymentDetails memory paymentDetails
+    ) external returns (uint256 txId);
+
+    /**
+     * @dev Approves and executes a time-locked transaction
+     * @param txId The transaction ID
+     * @return txId The transaction ID (use getTransaction(txId) for full record and result)
+     * @notice Requires STANDARD execution type and EXECUTE_TIME_DELAY_APPROVE permission for the execution function
+     */
+    function approveTimeLockExecution(
+        uint256 txId
+    ) external returns (uint256);
+
+    /**
+     * @dev Cancels a time-locked transaction
+     * @param txId The transaction ID
+     * @return txId The transaction ID (use getTransaction(txId) for full record)
+     * @notice Requires STANDARD execution type and EXECUTE_TIME_DELAY_CANCEL permission for the execution function
+     */
+    function cancelTimeLockExecution(
+        uint256 txId
+    ) external returns (uint256);
+
+    /**
+     * @dev Approves a time-locked transaction using a meta-transaction
+     * @param metaTx The meta-transaction containing the transaction record and signature
+     * @return The transaction ID (use getTransaction(txId) for full record)
+     * @notice Requires STANDARD execution type and EXECUTE_META_APPROVE permission for the execution function
+     */
+    function approveTimeLockExecutionWithMetaTx(
+        EngineBlox.MetaTransaction memory metaTx
+    ) external returns (uint256);
+
+    /**
+     * @dev Cancels a time-locked transaction using a meta-transaction
+     * @param metaTx The meta-transaction containing the transaction record and signature
+     * @return The transaction ID (use getTransaction(txId) for full record)
+     * @notice Requires STANDARD execution type and EXECUTE_META_CANCEL permission for the execution function
+     */
+    function cancelTimeLockExecutionWithMetaTx(
+        EngineBlox.MetaTransaction memory metaTx
+    ) external returns (uint256);
+
+    /**
+     * @dev Requests and approves a transaction in one step using a meta-transaction
+     * @param metaTx The meta-transaction containing the transaction record and signature
+     * @return The transaction ID (use getTransaction(txId) for full record)
+     * @notice Requires STANDARD execution type
+     * @notice Validates function schema and permissions for the execution function (same as executeWithTimeLock)
+     * @notice Requires EXECUTE_META_REQUEST_AND_APPROVE permission for the execution function selector
+     */
+    function requestAndApproveExecution(
+        EngineBlox.MetaTransaction memory metaTx
+    ) external returns (uint256);
+}
+

package/core/execution/lib/definitions/GuardControllerDefinitions.sol

@@ -1,9 +1,10 @@
 // SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
+pragma solidity 0.8.34;
 
 import "@openzeppelin/contracts/utils/introspection/IERC165.sol";
 import "../../../lib/EngineBlox.sol";
-import "../../../../interfaces/IDefinition.sol";
+import "../../../lib/interfaces/IDefinition.sol";
+import "../../interface/IGuardController.sol";
 
 /**
  * @title GuardControllerDefinitions
@@ -15,7 +16,7 @@ import "../../../../interfaces/IDefinition.sol";
  * and role permissions for GuardController's public execution functions.
  * 
  * Key Features:
- * - Registers all 6 GuardController public execution functions
+ * - Registers all 9 GuardController public execution functions plus 3 attached-payment policy schemas
  * - Defines role permissions for OWNER_ROLE and BROADCASTER_ROLE
  * - Supports time-delay and meta-transaction workflows
  * - Matches EngineBloxDefinitions pattern for consistency
@@ -32,10 +33,15 @@ library GuardControllerDefinitions {
     
     // Operation Type Constants
     bytes32 public constant CONTROLLER_OPERATION = keccak256("CONTROLLER_OPERATION");
+    // Guard config batch only (whitelist / register-unregister function); distinct execution operation type bitmap.
+    bytes32 public constant CONTROLLER_CONFIG_BATCH = keccak256("CONTROLLER_CONFIG_BATCH");
     
     // Function Selector Constants
-    // GuardController: executeWithTimeLock(address,bytes4,bytes,uint256,bytes32)
-    bytes4 public constant EXECUTE_WITH_TIMELOCK_SELECTOR = bytes4(keccak256("executeWithTimeLock(address,bytes4,bytes,uint256,bytes32)"));
+    // GuardController: executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)
+    bytes4 public constant EXECUTE_WITH_TIMELOCK_SELECTOR = bytes4(keccak256("executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)"));
+    
+    // GuardController: executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))
+    bytes4 public constant EXECUTE_WITH_PAYMENT_SELECTOR = bytes4(keccak256("executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))"));
     
     // GuardController: approveTimeLockExecution(uint256)
     bytes4 public constant APPROVE_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("approveTimeLockExecution(uint256)"));
@@ -43,14 +49,27 @@ library GuardControllerDefinitions {
     // GuardController: cancelTimeLockExecution(uint256)
     bytes4 public constant CANCEL_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("cancelTimeLockExecution(uint256)"));
     
-    // GuardController: approveTimeLockExecutionWithMetaTx(...)
-    bytes4 public constant APPROVE_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(keccak256("approveTimeLockExecutionWithMetaTx((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"));
+ 
+    // GuardController: approveTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
+    bytes4 public constant APPROVE_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
+        keccak256(
+            "approveTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
+        )
+    );
     
-    // GuardController: cancelTimeLockExecutionWithMetaTx(...)
-    bytes4 public constant CANCEL_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(keccak256("cancelTimeLockExecutionWithMetaTx((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"));
+    // GuardController: cancelTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
+    bytes4 public constant CANCEL_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
+        keccak256(
+            "cancelTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
+        )
+    );
     
-    // GuardController: requestAndApproveExecution(...)
-    bytes4 public constant REQUEST_AND_APPROVE_EXECUTION_SELECTOR = bytes4(keccak256("requestAndApproveExecution((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"));
+    // GuardController: requestAndApproveExecution(EngineBlox.MetaTransaction)
+    bytes4 public constant REQUEST_AND_APPROVE_EXECUTION_SELECTOR = bytes4(
+        keccak256(
+            "requestAndApproveExecution(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
+        )
+    );
 
     // GuardController: guardConfigBatchRequestAndApprove(...)
     bytes4 public constant GUARD_CONFIG_BATCH_META_SELECTOR = bytes4(
@@ -64,30 +83,12 @@ library GuardControllerDefinitions {
         bytes4(keccak256("executeGuardConfigBatch((uint8,bytes)[])"));
 
     /**
-     * @dev Action types for batched Guard configuration (matches GuardController for encoding)
-     */
-    enum GuardConfigActionType {
-        ADD_TARGET_TO_WHITELIST,
-        REMOVE_TARGET_FROM_WHITELIST,
-        REGISTER_FUNCTION,
-        UNREGISTER_FUNCTION
-    }
-
-    /**
-     * @dev Encodes a single Guard configuration action in a batch (matches GuardController for encoding)
-     */
-    struct GuardConfigAction {
-        GuardConfigActionType actionType;
-        bytes data;
-    }
-
-    /**
-     * @dev Returns predefined function schemas for GuardController execution functions
-     * @return Array of function schema definitions
+     * @dev Returns predefined function schemas for GuardController execution functions and attached-payment policy keys
+     * @return Array of function schema definitions (12 entries: 9 controller surfaces + 3 payment whitelist selectors)
      * 
      * Function schemas define:
      * - GuardController public execution functions
-     * - What operation types they belong to (CONTROLLER_OPERATION)
+     * - What operation types they belong to (CONTROLLER_OPERATION vs CONTROLLER_CONFIG_BATCH)
      * - What actions are supported (time-delay request/approve/cancel, meta-tx approve/cancel/request-and-approve)
      * - Whether they are protected
      * 
@@ -97,7 +98,7 @@ library GuardControllerDefinitions {
      * - Role permissions are defined in getRolePermissions() matching EngineBloxDefinitions pattern
      */
     function getFunctionSchemas() public pure returns (EngineBlox.FunctionSchema[] memory) {
-        EngineBlox.FunctionSchema[] memory schemas = new EngineBlox.FunctionSchema[](8);
+        EngineBlox.FunctionSchema[] memory schemas = new EngineBlox.FunctionSchema[](12);
         
         // ============ TIME-DELAY WORKFLOW ACTIONS ============
         // Request action for executeWithTimeLock
@@ -145,6 +146,9 @@ library GuardControllerDefinitions {
         requestAndApproveExecutionHandlerForSelectors[0] = REQUEST_AND_APPROVE_EXECUTION_SELECTOR;
         bytes4[] memory guardConfigBatchExecuteHandlerForSelectors = new bytes4[](1);
         guardConfigBatchExecuteHandlerForSelectors[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
+
+        bytes4[] memory executeWithPaymentHandlerForSelectors = new bytes4[](1);
+        executeWithPaymentHandlerForSelectors[0] = EXECUTE_WITH_PAYMENT_SELECTOR;
         
         // Handler selectors point to execution selectors
         bytes4[] memory guardConfigHandlerForSelectors = new bytes4[](1);
@@ -152,11 +156,12 @@ library GuardControllerDefinitions {
         
         // Schema 0: GuardController.executeWithTimeLock
         schemas[0] = EngineBlox.FunctionSchema({
-            functionSignature: "executeWithTimeLock(address,bytes4,bytes,uint256,bytes32)",
+            functionSignature: "executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)",
             functionSelector: EXECUTE_WITH_TIMELOCK_SELECTOR,
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayRequestActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: executeWithTimeLockHandlerForSelectors
         });
@@ -168,6 +173,7 @@ library GuardControllerDefinitions {
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayApproveActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: approveTimeLockExecutionHandlerForSelectors
         });
@@ -179,39 +185,43 @@ library GuardControllerDefinitions {
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayCancelActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: cancelTimeLockExecutionHandlerForSelectors
         });
         
         // Schema 3: GuardController.approveTimeLockExecutionWithMetaTx
         schemas[3] = EngineBlox.FunctionSchema({
-            functionSignature: "approveTimeLockExecutionWithMetaTx((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
+            functionSignature: "approveTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
             functionSelector: APPROVE_TIMELOCK_EXECUTION_META_SELECTOR,
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxApproveActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: approveTimeLockExecutionMetaHandlerForSelectors
         });
         
         // Schema 4: GuardController.cancelTimeLockExecutionWithMetaTx
         schemas[4] = EngineBlox.FunctionSchema({
-            functionSignature: "cancelTimeLockExecutionWithMetaTx((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
+            functionSignature: "cancelTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
             functionSelector: CANCEL_TIMELOCK_EXECUTION_META_SELECTOR,
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxCancelActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: cancelTimeLockExecutionMetaHandlerForSelectors
         });
         
         // Schema 5: GuardController.requestAndApproveExecution
         schemas[5] = EngineBlox.FunctionSchema({
-            functionSignature: "requestAndApproveExecution((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
+            functionSignature: "requestAndApproveExecution(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
             functionSelector: REQUEST_AND_APPROVE_EXECUTION_SELECTOR,
             operationType: CONTROLLER_OPERATION,
             operationName: "CONTROLLER_OPERATION",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxRequestApproveActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: requestAndApproveExecutionHandlerForSelectors
         });
@@ -220,9 +230,10 @@ library GuardControllerDefinitions {
         schemas[6] = EngineBlox.FunctionSchema({
             functionSignature: "guardConfigBatchRequestAndApprove(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
             functionSelector: GUARD_CONFIG_BATCH_META_SELECTOR,
-            operationType: CONTROLLER_OPERATION,
-            operationName: "CONTROLLER_OPERATION",
+            operationType: CONTROLLER_CONFIG_BATCH,
+            operationName: "CONTROLLER_CONFIG_BATCH",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxRequestApproveActions),
+            enforceHandlerRelations: true,
             isProtected: true,
             handlerForSelectors: guardConfigHandlerForSelectors
         });
@@ -235,13 +246,84 @@ library GuardControllerDefinitions {
         schemas[7] = EngineBlox.FunctionSchema({
             functionSignature: "executeGuardConfigBatch((uint8,bytes)[])",
             functionSelector: GUARD_CONFIG_BATCH_EXECUTE_SELECTOR,
-            operationType: CONTROLLER_OPERATION,
-            operationName: "CONTROLLER_OPERATION",
+            operationType: CONTROLLER_CONFIG_BATCH,
+            operationName: "CONTROLLER_CONFIG_BATCH",
             supportedActionsBitmap: EngineBlox.createBitmapFromActions(guardConfigExecutionActions),
+            enforceHandlerRelations: false,
             isProtected: true,
             handlerForSelectors: guardConfigBatchExecuteHandlerForSelectors
         });
 
+        // Schema 8: GuardController.executeWithPayment (same time-delay request action as executeWithTimeLock).
+        // Default definitions intentionally omit an OWNER_ROLE FunctionPermission for this selector (minimal surface).
+        // `getGuardConfigActionSpecs()` only exposes whitelist add/remove, REGISTER_FUNCTION, and UNREGISTER_FUNCTION —
+        // there is no guard-config action to attach `executeWithPayment` to a role. Deployments that need owner-driven
+        // `executeWithPayment` must add the FunctionPermission via an RBAC batch (`ADD_FUNCTION_TO_ROLE` / encoders in
+        // `RuntimeRBACDefinitions.sol`), following that file's ordering and action constraints and the handler/schema
+        // rules in this `GuardControllerDefinitions.sol` bundle.
+        schemas[8] = EngineBlox.FunctionSchema({
+            functionSignature: "executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))",
+            functionSelector: EXECUTE_WITH_PAYMENT_SELECTOR,
+            operationType: CONTROLLER_OPERATION,
+            operationName: "CONTROLLER_OPERATION",
+            supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayRequestActions),
+            enforceHandlerRelations: false,
+            isProtected: true,
+            handlerForSelectors: executeWithPaymentHandlerForSelectors
+        });
+
+        // Policy-only schemas for `executeWithPayment` whitelist keys; bitmap = all TxActions so roles may grant any action if needed.
+        EngineBlox.TxAction[] memory allTxActions = new EngineBlox.TxAction[](9);
+        allTxActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
+        allTxActions[1] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
+        allTxActions[2] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
+        allTxActions[3] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
+        allTxActions[4] = EngineBlox.TxAction.SIGN_META_APPROVE;
+        allTxActions[5] = EngineBlox.TxAction.SIGN_META_CANCEL;
+        allTxActions[6] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
+        allTxActions[7] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
+        allTxActions[8] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
+        uint16 allActionsBitmap = EngineBlox.createBitmapFromActions(allTxActions);
+
+        bytes4[] memory attachedPaymentRecipientHandlers = new bytes4[](1);
+        attachedPaymentRecipientHandlers[0] = EngineBlox.ATTACHED_PAYMENT_RECIPIENT_SELECTOR;
+        schemas[9] = EngineBlox.FunctionSchema({
+            functionSignature: "__bloxchain_attached_payment_recipient__()",
+            functionSelector: EngineBlox.ATTACHED_PAYMENT_RECIPIENT_SELECTOR,
+            operationType: keccak256(bytes("ATTACHED_PAYMENT_RECIPIENT")),
+            operationName: "ATTACHED_PAYMENT_RECIPIENT",
+            supportedActionsBitmap: allActionsBitmap,
+            enforceHandlerRelations: false,
+            isProtected: true,
+            handlerForSelectors: attachedPaymentRecipientHandlers
+        });
+
+        bytes4[] memory nativeTransferHandlers = new bytes4[](1);
+        nativeTransferHandlers[0] = EngineBlox.NATIVE_TRANSFER_SELECTOR;
+        schemas[10] = EngineBlox.FunctionSchema({
+            functionSignature: "__bloxchain_native_transfer__()",
+            functionSelector: EngineBlox.NATIVE_TRANSFER_SELECTOR,
+            operationType: keccak256(bytes("NATIVE_TRANSFER")),
+            operationName: "NATIVE_TRANSFER",
+            supportedActionsBitmap: allActionsBitmap,
+            enforceHandlerRelations: false,
+            isProtected: true,
+            handlerForSelectors: nativeTransferHandlers
+        });
+
+        bytes4[] memory erc20TransferHandlers = new bytes4[](1);
+        erc20TransferHandlers[0] = EngineBlox.ERC20_TRANSFER_SELECTOR;
+        schemas[11] = EngineBlox.FunctionSchema({
+            functionSignature: "transfer(address,uint256)",
+            functionSelector: EngineBlox.ERC20_TRANSFER_SELECTOR,
+            operationType: keccak256(bytes("ERC20_TRANSFER")),
+            operationName: "ERC20_TRANSFER",
+            supportedActionsBitmap: allActionsBitmap,
+            enforceHandlerRelations: false,
+            isProtected: true,
+            handlerForSelectors: erc20TransferHandlers
+        });
+
         return schemas;
     }
     
@@ -418,13 +500,81 @@ library GuardControllerDefinitions {
         });
     }
 
+    /**
+     * @dev Returns all available GuardConfig action types and their decode formats for discovery.
+     * @return actionNames Human-readable action names (same order as GuardConfigActionType enum)
+     * @return formats ABI decode format for each action's data, e.g. "(bytes4 functionSelector, address target)"
+     * @notice Use with GuardConfigActionType enum: actionNames[i] and formats[i] describe enum value i
+     */
+    function getGuardConfigActionSpecs() public pure returns (string[] memory actionNames, string[] memory formats) {
+        actionNames = new string[](4);
+        formats = new string[](4);
+
+        actionNames[0] = "ADD_TARGET_TO_WHITELIST";
+        formats[0] = "(bytes4 functionSelector, address target)";
+
+        actionNames[1] = "REMOVE_TARGET_FROM_WHITELIST";
+        formats[1] = "(bytes4 functionSelector, address target)";
+
+        actionNames[2] = "REGISTER_FUNCTION";
+        formats[2] = "(string functionSignature, string operationName, TxAction[] supportedActions)";
+
+        actionNames[3] = "UNREGISTER_FUNCTION";
+        formats[3] = "(bytes4 functionSelector, bool safeRemoval)";
+    }
+
+    // ============ GUARD CONFIG ACTION DATA ENCODERS ============
+    // Use these helpers to build action.data for each GuardConfigActionType without reading the contract.
+    // Each encoder returns bytes suitable for GuardConfigAction(actionType, data).
+
+    /**
+     * @dev Encodes data for ADD_TARGET_TO_WHITELIST. Use with GuardConfigActionType.ADD_TARGET_TO_WHITELIST.
+     * @param functionSelector Function whose whitelist is updated
+     * @param target Address to add to the whitelist
+     */
+    function encodeAddTargetToWhitelist(bytes4 functionSelector, address target) public pure returns (bytes memory) {
+        return abi.encode(functionSelector, target);
+    }
+
+    /**
+     * @dev Encodes data for REMOVE_TARGET_FROM_WHITELIST. Use with GuardConfigActionType.REMOVE_TARGET_FROM_WHITELIST.
+     * @param functionSelector Function whose whitelist is updated
+     * @param target Address to remove from the whitelist
+     */
+    function encodeRemoveTargetFromWhitelist(bytes4 functionSelector, address target) public pure returns (bytes memory) {
+        return abi.encode(functionSelector, target);
+    }
+
+    /**
+     * @dev Encodes data for REGISTER_FUNCTION. Use with GuardConfigActionType.REGISTER_FUNCTION.
+     * @param functionSignature Full function signature string (e.g. "executeWithTimeLock(address,bytes4,bytes,uint256,bytes32)")
+     * @param operationName Human-readable operation name
+     * @param supportedActions TxActions supported by this function (e.g. EXECUTE_TIME_DELAY_REQUEST)
+     */
+    function encodeRegisterFunction(
+        string memory functionSignature,
+        string memory operationName,
+        EngineBlox.TxAction[] memory supportedActions
+    ) public pure returns (bytes memory) {
+        return abi.encode(functionSignature, operationName, supportedActions);
+    }
+
+    /**
+     * @dev Encodes data for UNREGISTER_FUNCTION. Use with GuardConfigActionType.UNREGISTER_FUNCTION.
+     * @param functionSelector Selector of the function to unregister
+     * @param safeRemoval If true, `EngineBlox.unregisterFunction` reverts when **any role** still lists this selector (not a whitelist-emptiness check; whitelist/hook entries may remain).
+     */
+    function encodeUnregisterFunction(bytes4 functionSelector, bool safeRemoval) public pure returns (bytes memory) {
+        return abi.encode(functionSelector, safeRemoval);
+    }
+
     /**
      * @dev Creates execution params for a Guard configuration batch (pure helper for EngineBlox).
-     * @param actions Encoded guard configuration actions (same layout as GuardControllerDefinitions.GuardConfigAction[])
+     * @param actions Encoded guard configuration actions (same layout as IGuardController.GuardConfigAction[])
      * @return The execution params for EngineBlox
      */
     function guardConfigBatchExecutionParams(
-        GuardConfigAction[] memory actions
+        IGuardController.GuardConfigAction[] memory actions
     ) public pure returns (bytes memory) {
         return abi.encode(actions);
     }