@burnt-labs/account-management 0.0.1 → 1.0.0-alpha.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.js +7 -0
- package/.turbo/turbo-build.log +21 -0
- package/CHANGELOG.md +198 -0
- package/README.md +137 -0
- package/dist/index.d.ts +1416 -0
- package/dist/index.js +2401 -0
- package/dist/index.js.map +1 -0
- package/dist/index.mjs +2332 -0
- package/dist/index.mjs.map +1 -0
- package/package.json +54 -13
- package/src/accounts/__tests__/discovery.test.ts +533 -0
- package/src/accounts/discovery.ts +77 -0
- package/src/accounts/index.ts +23 -0
- package/src/accounts/strategies/__tests__/account-aa-api-strategy.test.ts +231 -0
- package/src/accounts/strategies/__tests__/account-composite-strategy.test.ts +245 -0
- package/src/accounts/strategies/__tests__/account-empty-strategy.test.ts +90 -0
- package/src/accounts/strategies/__tests__/account-numia-strategy.test.ts +309 -0
- package/src/accounts/strategies/__tests__/account-rpc-strategy.test.ts +296 -0
- package/src/accounts/strategies/__tests__/account-subquery-strategy.test.ts +124 -0
- package/src/accounts/strategies/__tests__/factory.test.ts +320 -0
- package/src/accounts/strategies/account-aa-api-strategy.ts +128 -0
- package/src/accounts/strategies/account-composite-strategy.ts +72 -0
- package/src/accounts/strategies/account-empty-strategy.ts +32 -0
- package/src/accounts/strategies/account-numia-strategy.ts +96 -0
- package/src/accounts/strategies/account-rpc-strategy.ts +212 -0
- package/src/accounts/strategies/account-subquery-strategy.ts +117 -0
- package/src/accounts/strategies/factory.ts +106 -0
- package/src/accounts/strategies/indexerConfigUtils.ts +75 -0
- package/src/authenticators/__tests__/utils.test.ts +281 -0
- package/src/authenticators/index.ts +6 -0
- package/src/authenticators/interfaces.ts +113 -0
- package/src/authenticators/jwt.ts +13 -0
- package/src/authenticators/utils.ts +86 -0
- package/src/grants/__tests__/construction.test.ts +1685 -0
- package/src/grants/__tests__/discovery.test.ts +365 -0
- package/src/grants/construction.ts +406 -0
- package/src/grants/discovery.ts +98 -0
- package/src/grants/index.ts +22 -0
- package/src/grants/strategies/__tests__/createCompositeTreasuryStrategy.test.ts +192 -0
- package/src/grants/strategies/__tests__/treasury-composite-strategy.test.ts +331 -0
- package/src/grants/strategies/__tests__/treasury-daodao-strategy.test.ts +226 -0
- package/src/grants/strategies/__tests__/treasury-direct-query-strategy.test.ts +283 -0
- package/src/grants/strategies/createCompositeTreasuryStrategy.ts +72 -0
- package/src/grants/strategies/index.ts +15 -0
- package/src/grants/strategies/treasury-composite-strategy.ts +115 -0
- package/src/grants/strategies/treasury-daodao-strategy.ts +210 -0
- package/src/grants/strategies/treasury-direct-query-strategy.ts +141 -0
- package/src/grants/utils/__tests__/authz.test.ts +354 -0
- package/src/grants/utils/__tests__/contract-validation.test.ts +441 -0
- package/src/grants/utils/__tests__/feegrant.test.ts +932 -0
- package/src/grants/utils/__tests__/format-permissions.test.ts +999 -0
- package/src/grants/utils/authz.ts +147 -0
- package/src/grants/utils/contract-validation.ts +247 -0
- package/src/grants/utils/feegrant.ts +321 -0
- package/src/grants/utils/format-permissions.ts +280 -0
- package/src/grants/utils/index.ts +8 -0
- package/src/index.ts +37 -0
- package/src/orchestrator/__tests__/orchestrator.test.ts +421 -0
- package/src/orchestrator/flow/__tests__/README.md +82 -0
- package/src/orchestrator/flow/__tests__/accountConnection.test.ts +461 -0
- package/src/orchestrator/flow/__tests__/grantCreation.test.ts +593 -0
- package/src/orchestrator/flow/__tests__/redirectFlow.test.ts +229 -0
- package/src/orchestrator/flow/__tests__/sessionRestoration.test.ts +489 -0
- package/src/orchestrator/flow/accountConnection.ts +189 -0
- package/src/orchestrator/flow/grantCreation.ts +339 -0
- package/src/orchestrator/flow/redirectFlow.ts +77 -0
- package/src/orchestrator/flow/sessionRestoration.ts +102 -0
- package/src/orchestrator/index.ts +10 -0
- package/src/orchestrator/orchestrator.ts +263 -0
- package/src/orchestrator/types.ts +128 -0
- package/src/state/__tests__/accountState.test.ts +1087 -0
- package/src/state/accountState.ts +224 -0
- package/src/types/authenticator.ts +46 -0
- package/src/types/grants.ts +71 -0
- package/src/types/index.ts +40 -0
- package/src/types/indexer.ts +37 -0
- package/src/types/treasury.ts +71 -0
- package/src/utils/url.ts +149 -0
- package/tsconfig.json +15 -0
- package/tsup.config.ts +11 -0
- package/vitest.config.integration.ts +28 -0
- package/vitest.config.ts +24 -0
- package/vitest.setup.ts +16 -0
package/.eslintrc.js
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
|
|
2
|
+
> @burnt-labs/account-management@1.0.0-alpha.10 build /home/runner/work/xion.js/xion.js/packages/account-management
|
|
3
|
+
> tsup
|
|
4
|
+
|
|
5
|
+
[34mCLI[39m Building entry: src/index.ts
|
|
6
|
+
[34mCLI[39m Using tsconfig: tsconfig.json
|
|
7
|
+
[34mCLI[39m tsup v6.7.0
|
|
8
|
+
[34mCLI[39m Using tsup config: /home/runner/work/xion.js/xion.js/packages/account-management/tsup.config.ts
|
|
9
|
+
[34mCLI[39m Target: es2020
|
|
10
|
+
[34mCLI[39m Cleaning output folder
|
|
11
|
+
[34mCJS[39m Build start
|
|
12
|
+
[34mESM[39m Build start
|
|
13
|
+
[34mDTS[39m Build start
|
|
14
|
+
[32mESM[39m [1mdist/index.mjs [22m[32m75.14 KB[39m
|
|
15
|
+
[32mESM[39m [1mdist/index.mjs.map [22m[32m183.96 KB[39m
|
|
16
|
+
[32mESM[39m ⚡️ Build success in 624ms
|
|
17
|
+
[32mCJS[39m [1mdist/index.js [22m[32m77.36 KB[39m
|
|
18
|
+
[32mCJS[39m [1mdist/index.js.map [22m[32m183.96 KB[39m
|
|
19
|
+
[32mCJS[39m ⚡️ Build success in 625ms
|
|
20
|
+
[32mDTS[39m ⚡️ Build success in 3507ms
|
|
21
|
+
[32mDTS[39m [1mdist/index.d.ts [22m[32m52.29 KB[39m
|
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,198 @@
|
|
|
1
|
+
# @burnt-labs/account-management
|
|
2
|
+
|
|
3
|
+
## 1.0.0-alpha.10
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- [#355](https://github.com/burnt-labs/xion.js/pull/355) [`e466751`](https://github.com/burnt-labs/xion.js/commit/e46675174d71aabd6ff24cc59016713938168ea2) Thanks [@ertemann](https://github.com/ertemann)! - Adopt `@burnt-labs/xion-types` as the source of truth for protobuf and contract types, consolidate the popup/redirect/iframe signing clients into a single `RequireSigningClient`, expose the manage-authenticators flow through the SDK, and tighten the SDK ↔ Dashboard message contract.
|
|
8
|
+
|
|
9
|
+
## Breaking changes (`@burnt-labs/abstraxion-core`)
|
|
10
|
+
- **`IframeMessageType.ADD_AUTHENTICATORS`** and the `DashboardMessageType.ADD_AUTHENTICATORS_*` enum values have been **renamed** to `MANAGE_AUTHENTICATORS` / `MANAGE_AUTHENTICATORS_*` with no backward-compat aliases. These enums are the wire contract between the SDK and the Abstraxion Dashboard; the dashboard bundle on testnet/mainnet must be redeployed before this SDK version is published. The contract probe in `packages/abstraxion/tests/integration/message-contract.integration.test.ts` is the canonical pre-release gate.
|
|
11
|
+
- **`PopupSigningClient`, `RedirectSigningClient`, and `IframeSigningClient` have been removed** and replaced by a single `RequireSigningClient` that handles all three transports behind one interface, including proper transaction simulation. Consumers that imported the per-mode clients directly must switch to `RequireSigningClient`.
|
|
12
|
+
- **Protobuf types are no longer vendored.** All manually generated/kept protobuf and contract types have been removed in favor of `@burnt-labs/xion-types`. Consumers importing protobuf message types from `abstraxion-core` internals must import from `@burnt-labs/xion-types` instead.
|
|
13
|
+
|
|
14
|
+
## Migration to `@burnt-labs/xion-types`
|
|
15
|
+
- `@burnt-labs/xion-types` is pinned to `29.0.0-rc1` across all packages (pnpm override + per-package `dependencies`).
|
|
16
|
+
- `@burnt-labs/signers`: imports `AbstractAccount` and `MsgRegisterAccount` from `xion-types` subpaths; `uint64FromProto` widened to accept `Long | bigint` for cross-boundary compat.
|
|
17
|
+
- `@burnt-labs/account-management`: `GrantConfigByTypeUrl` now extends `GrantConfig` from `xion-types`; the local `Any` interface has been removed and `TreasuryAny` from `xion-types` is used instead. `Params` is re-exported as `TreasuryParamsV2` for forward-compat with the upcoming chain upgrade.
|
|
18
|
+
- `@burnt-labs/abstraxion-core`: adds a `ChainGrant` interface and uses `import type` for authz types from `xion-types`.
|
|
19
|
+
|
|
20
|
+
## New public API — Manage Authenticators flow (`@burnt-labs/abstraxion`)
|
|
21
|
+
- **`useManageAuthenticators()`** — new hook that opens the dashboard manage-authenticators flow (add or remove) in popup, iframe (embedded), and redirect modes. Returns `{ manageAuthenticators, isSupported, manageAuthResult, clearManageAuthResult }`.
|
|
22
|
+
- **`ManageAuthResult`** — exported type for the redirect-mode result (`{ success: true } | { success: false; error: string }`).
|
|
23
|
+
- **`UseManageAuthenticatorsReturn`** — type export for the hook's return shape.
|
|
24
|
+
|
|
25
|
+
## SDK internals (`@burnt-labs/abstraxion-core`)
|
|
26
|
+
- `PopupController.promptManageAuthenticators(signerAddress)` — opens a popup to the dashboard `manage-authenticators` view; resolves on `MANAGE_AUTHENTICATORS_SUCCESS`, rejects on cancel/error. Timeout: 10 min.
|
|
27
|
+
- `IframeController.promptManageAuthenticators(signerAddress)` — sends `MANAGE_AUTHENTICATORS` via `MessageChannelManager` to the embedded iframe; resolves when the user completes the flow.
|
|
28
|
+
- `RedirectController.promptManageAuthenticators(signerAddress)` — navigates to the dashboard manage-auth page; result available via `manageAuthResult` store after return.
|
|
29
|
+
- `RedirectController.manageAuthResult` — new `ResultStore<ManageAuthResult>` (parallel to `signResult`). Subscribe, snapshot, and clear follow the same `useSyncExternalStore`-compatible pattern.
|
|
30
|
+
- `waitForPopupMessage<T>` — shared private helper in `PopupController` that eliminates duplicated popup-message-waiting boilerplate across sign and manage-auth flows.
|
|
31
|
+
- `DashboardMessageType` — three new enum values: `MANAGE_AUTHENTICATORS_SUCCESS`, `MANAGE_AUTHENTICATORS_REJECTED`, `MANAGE_AUTHENTICATORS_ERROR`.
|
|
32
|
+
|
|
33
|
+
## Direct grant decoding pipeline (`@burnt-labs/abstraxion-core`)
|
|
34
|
+
- `fetchChainGrantsDecoded()` decodes chain grants directly from protobuf, eliminating the REST intermediate step that caused multiple session-invalidation bugs (#290, #336).
|
|
35
|
+
- `compareChainGrantsToTreasuryGrants` now returns a typed `GrantComparisonResult` with reasons (`grant_missing`, `grant_mismatch`, `decode_error`); `decode_error` is non-fatal — session is preserved and a warning is logged.
|
|
36
|
+
- Unknown limit/filter type URLs preserve raw bytes and fall back to byte-level comparison instead of returning `false`.
|
|
37
|
+
- `decodeAuthorization` is wrapped in try/catch — corrupted bytes return `Unsupported` instead of throwing, preventing malformed treasury data from crashing session restore.
|
|
38
|
+
|
|
39
|
+
## TX payload utilities (`@burnt-labs/signers`)
|
|
40
|
+
- **`validateTxPayload(payload, context)`** — pre-flight validation for transaction payloads before encoding/transport; logs issues without throwing so dev mistakes surface early.
|
|
41
|
+
- **`normalizeMessages(messages)`** — dashboard-side normalization that converts post-JSON-transport CosmWasm `msg` fields from plain objects back to `Uint8Array` for protobuf encoding.
|
|
42
|
+
- **`TxTransportPayload`** — shared type for the wire format used by popup, redirect, and iframe signing flows.
|
|
43
|
+
- **`getTreasuryParamsMetadata(params)`** — backward-compat helper that returns `metadata` with fallback to `display_url` for pre-upgrade indexer responses.
|
|
44
|
+
- Coins are sorted in grant encoding for deterministic comparison.
|
|
45
|
+
- `NilPubKey` protobuf encoding fixed.
|
|
46
|
+
- `AAClient` upgraded from `Tendermint37Client` to `Comet38Client` for consistency with `GranteeSignerClient`/`rpcClient` and proper CometBFT 0.38+ support.
|
|
47
|
+
- `MsgInstantiateContract2` validation fixed.
|
|
48
|
+
|
|
49
|
+
## DaoDAO indexer typing (`@burnt-labs/signers`)
|
|
50
|
+
- Generated typed API paths from the DaoDAO indexer OpenAPI spec.
|
|
51
|
+
- Manually maintained response types with runtime type guards.
|
|
52
|
+
- `xion-types` compatibility test for bigint boundary validation.
|
|
53
|
+
- New scripts: `generate:daodao-indexer-types`, `generate:daodao-indexer-types:local`.
|
|
54
|
+
|
|
55
|
+
## Treasury strategy improvements (`@burnt-labs/account-management`)
|
|
56
|
+
- `CompositeTreasuryStrategy` gains a racing mode (`Promise.any()` parallel execution) that resolves on first success, eliminating waits for slow DAODAO indexer timeouts. Constructor signature changed to `(strategies[], options)`.
|
|
57
|
+
- DAODAO indexer treasury strategy is end-to-end typed against the generated indexer schema.
|
|
58
|
+
|
|
59
|
+
## Refactors
|
|
60
|
+
- `resolveAuthAppUrl` and `buildDashboardUrl` extracted to `controllers/utils.ts`; used by both `PopupController` and `RedirectController`, removing duplicated `fetchConfig` call sites.
|
|
61
|
+
- `ResultStore<T>` in `RedirectController` replaces the bespoke `signResult_` / `signResultSubscribers_` pattern, making both sign and manage-auth results consistent.
|
|
62
|
+
|
|
63
|
+
## Constants (`@burnt-labs/constants`)
|
|
64
|
+
- Mainnet dashboard / iframe URL changed from `https://settings.mainnet.burnt.com` to `https://settings.burnt.com`.
|
|
65
|
+
|
|
66
|
+
### Patch Changes
|
|
67
|
+
|
|
68
|
+
- Updated dependencies [[`e466751`](https://github.com/burnt-labs/xion.js/commit/e46675174d71aabd6ff24cc59016713938168ea2)]:
|
|
69
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.69
|
|
70
|
+
- @burnt-labs/signers@1.0.0-alpha.8
|
|
71
|
+
|
|
72
|
+
## 1.0.0-alpha.9
|
|
73
|
+
|
|
74
|
+
### Patch Changes
|
|
75
|
+
|
|
76
|
+
- [#340](https://github.com/burnt-labs/xion.js/pull/340) [`1a387ca`](https://github.com/burnt-labs/xion.js/commit/1a387cabe46a20c6a88fc32e51c8f88f99ccddf1) Thanks [@ertemann](https://github.com/ertemann)! - Add embedded wallets with popup, auto, and embedded authentication modes. Also add direct signing (`requireAuth`) for transactions that need meta-account authorization instead of session keys.
|
|
77
|
+
|
|
78
|
+
## What's new
|
|
79
|
+
- **Popup mode** — opens auth app in a popup window; user stays on the dApp page, popup closes on success
|
|
80
|
+
- **Auto mode** — automatically picks popup (desktop) or redirect (mobile/PWA) based on device detection
|
|
81
|
+
- **Embedded mode** (`type: "embedded"`) — embeds dashboard inside your page via `MessageChannel`-based communication. New `<AbstraxionEmbed>` drop-in component handles all wiring — just place it in your layout and use hooks like any other mode
|
|
82
|
+
- **Direct signing (`requireAuth: true`)** — meta-account signs transactions directly instead of using session keys; user pays gas from their XION balance. For txs that won't be secure using session keys, like big transfers, smart account management etc.
|
|
83
|
+
- **`isDisconnected` flag** — `useAbstraxionAccount` now returns `isDisconnected: boolean`, true only after an explicit user logout. Prevents `<AbstraxionEmbed autoConnect>` from silently re-authenticating after logout
|
|
84
|
+
- **`isAwaitingApproval` flag** — context exposes `isAwaitingApproval: boolean`, true while a `requireAuth` signing request is pending and the iframe needs to be visible
|
|
85
|
+
|
|
86
|
+
Non user facing:
|
|
87
|
+
- **Signing clients per auth mode** — `PopupSigningClient`, `RedirectSigningClient`, `IframeSigningClient` for direct signing in each mode
|
|
88
|
+
- **`resolveAutoAuth` utility** — mobile/standalone detection heuristic (user-agent, touch, viewport, orientation, PWA)
|
|
89
|
+
- **Wrong-wallet signing guard** — prevents signing from a wallet that doesn't match the connected account
|
|
90
|
+
- **UTF-8-safe base64 encoding** — `toBase64`/`fromBase64` in `@burnt-labs/signers` for safe encoding of Unicode payloads (emoji, non-Latin scripts)
|
|
91
|
+
- **Treasury grant restoration fix** — handles ABCI REST format change that broke session restoration (`decodeRestFormatAuthorization` in abstraxion-core)
|
|
92
|
+
- **Embedded URL constants** — `getIframeUrl(chainId)` added to `@burnt-labs/constants` for per-chain dashboard URLs
|
|
93
|
+
- **New core exports** — `MessageChannelManager`, `TypedEventEmitter`, `IframeMessageType`, `MessageTarget` from abstraxion-core; `AAClient`, `IframeController` from abstraxion
|
|
94
|
+
- **`disconnected` state in account state machine** — new `AccountState` status distinct from `idle`, set only after an explicit logout. New `EXPLICITLY_DISCONNECTED` action and `AccountStateGuards.isDisconnected()` type guard. All four controllers dispatch this instead of `RESET` on disconnect
|
|
95
|
+
- **`authMode` derived from controller instance** — `AbstraxionProvider` now derives `authMode` from the live controller type instead of re-running `resolveAutoAuth` on every render, preventing SSR/client hydration mismatches and viewport-resize flips
|
|
96
|
+
|
|
97
|
+
## AbstraxionEmbed redesign
|
|
98
|
+
|
|
99
|
+
`<AbstraxionEmbed>` has been redesigned with full lifecycle control props replacing the single `autoConnect` boolean:
|
|
100
|
+
- **`idleView`** (`"button" | "fullview" | "hidden"`, default `"button"`) — what to show before the user logs in
|
|
101
|
+
- **`disconnectedView`** (same options, default: same as `idleView`) — what to show after an explicit logout
|
|
102
|
+
- **`connectedView`** (`"hidden" | "visible"`, default `"hidden"`) — whether to keep the iframe visible after connecting
|
|
103
|
+
- **`approvalView`** (`"modal" | "inline"`, default `"modal"`) — how to display the iframe when a `requireAuth` signing request is pending
|
|
104
|
+
- **`loginLabel`**, **`loginButtonClassName`**, **`loginButtonStyle`** — customise the login button
|
|
105
|
+
- **`modalClassName`**, **`modalStyle`** — customise the approval modal wrapper
|
|
106
|
+
|
|
107
|
+
## Dashboard changes (xion-dashboard-app `feat/embedded-wallets`)
|
|
108
|
+
|
|
109
|
+
These dashboard changes are required for the new SDK modes to work:
|
|
110
|
+
- **Popup mode support** — dashboard can now run inside a popup window opened by the SDK, communicating auth results back via `postMessage` and closing automatically on success
|
|
111
|
+
- **Redirect-within-popup for OAuth** — when using popup mode, OAuth providers (Stytch) redirect inside the popup instead of opening yet another popup
|
|
112
|
+
- **SignTransactionView** — new view for approving individual transactions sent via `requireAuth` / direct signing (popup, redirect, and embedded modes)
|
|
113
|
+
- **Embedded mode** — dashboard renders inside an iframe with transparent background; old `IframeApp/` components removed in favor of the main app with `?iframe=true` search param
|
|
114
|
+
- **LoginConnectConfirm** — new approval screen for no-grant-config flows (empty treasury or direct-signing-only grantee); shows app branding and "Connect / Deny / Use a different account"
|
|
115
|
+
- **Empty treasury support** — treasury address present but no grant configs no longer throws; dashboard routes to `LoginConnectConfirm` instead of `LoginGrantApproval`
|
|
116
|
+
- **SDK-only disconnect** — disconnect from the SDK side sends `HARD_DISCONNECT` and tears down the iframe; "Use a different account" stays within the iframe (no parent notification) so the user can re-login without a white-screen flash
|
|
117
|
+
- **`switchAccount()`** hook function — new export from `useXionDisconnect`; clears session locally without notifying parent, used by "Use a different account" buttons
|
|
118
|
+
- **Origin validation on callbacks** — `postMessage` origin checks upgraded for security in embedded/popup communication
|
|
119
|
+
- **Wrong-address signing guard** — dashboard rejects signing requests if the requested signer doesn't match the logged-in account
|
|
120
|
+
|
|
121
|
+
## Packages changed
|
|
122
|
+
- **`@burnt-labs/abstraxion`** — new `<AbstraxionEmbed>` component (redesigned), new controllers (`PopupController`, `IframeController`), signing clients, auto mode resolution, expanded `useAbstraxionSigningClient` with `requireAuth` support, `isDisconnected`/`isAwaitingApproval` context values, `authMode` derived from controller instance, new type exports (`EmbeddedAuthentication`, `PopupAuthentication`, `AutoAuthentication`, `SignResult`, `SigningClient`)
|
|
123
|
+
- **`@burnt-labs/abstraxion-core`** — `MessageChannelManager`, `TypedEventEmitter`, iframe message types, `decodeRestFormatAuthorization` grant decoding, treasury grant restoration fix
|
|
124
|
+
- **`@burnt-labs/account-management`** — `disconnected` account state, `EXPLICITLY_DISCONNECTED` action, `AccountStateGuards.isDisconnected()` type guard
|
|
125
|
+
- **`@burnt-labs/constants`** — `getIframeUrl(chainId)`, per-chain dashboard URL constants for mainnet/testnet
|
|
126
|
+
- **`@burnt-labs/signers`** — `toBase64`/`fromBase64` encoding utils, `ZKEmail` authenticator type support
|
|
127
|
+
- **`demo-app`** — new demos: `popup-demo/`, `embedded-dynamic/`, `embedded-inline/`, `direct-signing-demo/` (with MetaMask via `useMetamask` hook); removed old `inline-demo/`
|
|
128
|
+
|
|
129
|
+
For full details, usage examples, and migration guide see [`LATEST_VERSION_OVERVIEW.md`](../LATEST_VERSION_OVERVIEW.md) and the demo apps in [`apps/demo-app/`](../apps/demo-app/).
|
|
130
|
+
|
|
131
|
+
- Updated dependencies [[`1a387ca`](https://github.com/burnt-labs/xion.js/commit/1a387cabe46a20c6a88fc32e51c8f88f99ccddf1)]:
|
|
132
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.68
|
|
133
|
+
- @burnt-labs/signers@1.0.0-alpha.7
|
|
134
|
+
|
|
135
|
+
## 1.0.0-alpha.8
|
|
136
|
+
|
|
137
|
+
### Patch Changes
|
|
138
|
+
|
|
139
|
+
- [#348](https://github.com/burnt-labs/xion.js/pull/348) [`00ac279`](https://github.com/burnt-labs/xion.js/commit/00ac279a15f1845f62d63507ceb02ec70e5c5dc1) Thanks [@justinbarry](https://github.com/justinbarry)! - Fix treasury queries failing for contracts with no grant configs. `DirectQueryTreasuryStrategy` now returns empty `grantConfigs` instead of throwing "Treasury config not found".
|
|
140
|
+
|
|
141
|
+
## 1.0.0-alpha.7
|
|
142
|
+
|
|
143
|
+
### Patch Changes
|
|
144
|
+
|
|
145
|
+
- Updated dependencies []:
|
|
146
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.67
|
|
147
|
+
- @burnt-labs/signers@1.0.0-alpha.6
|
|
148
|
+
|
|
149
|
+
## 1.0.0-alpha.6
|
|
150
|
+
|
|
151
|
+
### Patch Changes
|
|
152
|
+
|
|
153
|
+
- [#335](https://github.com/burnt-labs/xion.js/pull/335) [`6bf65b7`](https://github.com/burnt-labs/xion.js/commit/6bf65b758e6c6064d591e6ff694431b497b3e114) Thanks [@ertemann](https://github.com/ertemann)! - Consolidate some more code, add cache for treasury to better serve dashboard
|
|
154
|
+
|
|
155
|
+
- Updated dependencies [[`6bf65b7`](https://github.com/burnt-labs/xion.js/commit/6bf65b758e6c6064d591e6ff694431b497b3e114), [`70481a8`](https://github.com/burnt-labs/xion.js/commit/70481a85beba828767f71f6b7eb1374e2ceee0bc)]:
|
|
156
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.66
|
|
157
|
+
- @burnt-labs/signers@1.0.0-alpha.5
|
|
158
|
+
|
|
159
|
+
## 1.0.0-alpha.5
|
|
160
|
+
|
|
161
|
+
### Patch Changes
|
|
162
|
+
|
|
163
|
+
- Updated dependencies [[`00fb815`](https://github.com/burnt-labs/xion.js/commit/00fb815df96b5707714dfd4bfe9f39d636c8b5b1)]:
|
|
164
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.65
|
|
165
|
+
|
|
166
|
+
## 1.0.0-alpha.4
|
|
167
|
+
|
|
168
|
+
### Patch Changes
|
|
169
|
+
|
|
170
|
+
- [#332](https://github.com/burnt-labs/xion.js/pull/332) [`4b572f0`](https://github.com/burnt-labs/xion.js/commit/4b572f0937ce567ea40868b6b63987d933f6ca9a) Thanks [@ertemann](https://github.com/ertemann)! - Additions and cleanup from dashboard migration
|
|
171
|
+
|
|
172
|
+
- Updated dependencies [[`4b572f0`](https://github.com/burnt-labs/xion.js/commit/4b572f0937ce567ea40868b6b63987d933f6ca9a)]:
|
|
173
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.64
|
|
174
|
+
- @burnt-labs/signers@1.0.0-alpha.4
|
|
175
|
+
|
|
176
|
+
## 1.0.0-alpha.3
|
|
177
|
+
|
|
178
|
+
### Minor Changes
|
|
179
|
+
|
|
180
|
+
- [#326](https://github.com/burnt-labs/xion.js/pull/326) [`45e3a7b`](https://github.com/burnt-labs/xion.js/commit/45e3a7b6cb83b5fb812a382e09073285f32303d5) Thanks [@ertemann](https://github.com/ertemann)! - expose extra type and add ADR wrap to secpk1 verifcation so to allow signers like keplr/okx
|
|
181
|
+
|
|
182
|
+
### Patch Changes
|
|
183
|
+
|
|
184
|
+
- Updated dependencies [[`45e3a7b`](https://github.com/burnt-labs/xion.js/commit/45e3a7b6cb83b5fb812a382e09073285f32303d5)]:
|
|
185
|
+
- @burnt-labs/signers@1.0.0-alpha.3
|
|
186
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.63
|
|
187
|
+
|
|
188
|
+
## 1.0.0-alpha.2
|
|
189
|
+
|
|
190
|
+
### Minor Changes
|
|
191
|
+
|
|
192
|
+
- [#314](https://github.com/burnt-labs/xion.js/pull/314) [`f7359df`](https://github.com/burnt-labs/xion.js/commit/f7359dfdb0d3de55f51b7d8abcfa2e3c7baeb8e9) Thanks [@ertemann](https://github.com/ertemann)! - This release introduces **Signer Mode**, allowing users to connect with external wallets (MetaMask, Keplr, OKX, Turnkey, etc.) without requiring dashboard redirects. We've also refactored Abstraxion with a new connector-based architecture for better flexibility and extensibility. The release includes automatic configuration defaults (rpcUrl, restUrl, gasPrice are now inferred from chainId), migration to AA API V2, and two new packages: `@burnt-labs/account-management` and `@burnt-labs/signers`. Indexer support has been added for fast account discovery using Numia, Subquery, and DaoDao indexers. The Direct Signer Mode has been removed in favor of the new Signer Mode. Existing redirect mode users require no changes, while signer mode users need to add an `authentication` config with `type: "signer"`, `aaApiUrl`, `getSignerConfig()`, and `smartAccountContract` settings.
|
|
193
|
+
|
|
194
|
+
### Patch Changes
|
|
195
|
+
|
|
196
|
+
- Updated dependencies [[`f7359df`](https://github.com/burnt-labs/xion.js/commit/f7359dfdb0d3de55f51b7d8abcfa2e3c7baeb8e9)]:
|
|
197
|
+
- @burnt-labs/abstraxion-core@1.0.0-alpha.62
|
|
198
|
+
- @burnt-labs/signers@1.0.0-alpha.2
|
package/README.md
ADDED
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
# @burnt-labs/account-management
|
|
2
|
+
|
|
3
|
+
Smart account management utilities for XION blockchain.
|
|
4
|
+
|
|
5
|
+
## Overview
|
|
6
|
+
|
|
7
|
+
This package provides comprehensive account and grant management for XION's smart accounts, supporting multiple discovery strategies and treasury integrations.
|
|
8
|
+
|
|
9
|
+
## Features
|
|
10
|
+
|
|
11
|
+
- **Account Discovery**: Multiple strategies for finding smart accounts
|
|
12
|
+
- Numia indexer integration
|
|
13
|
+
- Subquery indexer integration
|
|
14
|
+
- Direct RPC queries
|
|
15
|
+
- Composite fallback chains
|
|
16
|
+
|
|
17
|
+
- **Treasury Management**: Flexible treasury configuration retrieval
|
|
18
|
+
- Direct contract queries
|
|
19
|
+
- DAO DAO indexer integration
|
|
20
|
+
- Composite strategy support
|
|
21
|
+
|
|
22
|
+
- **Connection Orchestration**: High-level API for managing account connections, grants, and redirects
|
|
23
|
+
|
|
24
|
+
## Testing
|
|
25
|
+
|
|
26
|
+
### Test Structure
|
|
27
|
+
|
|
28
|
+
The package uses a comprehensive unit testing approach with Vitest:
|
|
29
|
+
|
|
30
|
+
- **Unit Tests**: Located in `src/**/__tests__/` directories alongside source code
|
|
31
|
+
- **Integration Tests**: Located in `tests/integration/` (requires live RPC endpoints)
|
|
32
|
+
|
|
33
|
+
### Running Tests
|
|
34
|
+
|
|
35
|
+
```bash
|
|
36
|
+
# Run all tests in watch mode
|
|
37
|
+
pnpm test
|
|
38
|
+
|
|
39
|
+
# Run unit tests once
|
|
40
|
+
pnpm test:unit
|
|
41
|
+
|
|
42
|
+
# Run unit tests with coverage report
|
|
43
|
+
pnpm test:coverage
|
|
44
|
+
|
|
45
|
+
# Run integration tests (requires .env.test configuration)
|
|
46
|
+
pnpm test:integration
|
|
47
|
+
|
|
48
|
+
# Run integration tests in watch mode
|
|
49
|
+
pnpm test:integration:watch
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
### Coverage Requirements
|
|
53
|
+
|
|
54
|
+
The unit tests target 70%+ coverage for core modules:
|
|
55
|
+
|
|
56
|
+
- **Account Strategies**: 86.56% coverage
|
|
57
|
+
- EmptyAccountStrategy: 100%
|
|
58
|
+
- CompositeAccountStrategy: 100%
|
|
59
|
+
- NumiaAccountStrategy: 100%
|
|
60
|
+
- RpcAccountStrategy: 93.75%
|
|
61
|
+
- SubqueryAccountStrategy: 96.58%
|
|
62
|
+
- Factory: 100%
|
|
63
|
+
|
|
64
|
+
- **Treasury Strategies**: 93% coverage
|
|
65
|
+
- CompositeTreasuryStrategy: 100%
|
|
66
|
+
- DirectQueryTreasuryStrategy: 100%
|
|
67
|
+
- DaoDaoTreasuryStrategy: 91.32%
|
|
68
|
+
- createCompositeTreasuryStrategy: 100%
|
|
69
|
+
|
|
70
|
+
- **Orchestrator**: 66.17% coverage
|
|
71
|
+
- orchestrator.ts: 100%
|
|
72
|
+
- redirectFlow.ts: 100%
|
|
73
|
+
|
|
74
|
+
### Test Organization
|
|
75
|
+
|
|
76
|
+
Tests are organized by module:
|
|
77
|
+
|
|
78
|
+
```
|
|
79
|
+
src/
|
|
80
|
+
├── accounts/
|
|
81
|
+
│ └── strategies/
|
|
82
|
+
│ └── __tests__/
|
|
83
|
+
│ ├── account-empty-strategy.test.ts
|
|
84
|
+
│ ├── account-composite-strategy.test.ts
|
|
85
|
+
│ ├── account-numia-strategy.test.ts
|
|
86
|
+
│ ├── account-rpc-strategy.test.ts
|
|
87
|
+
│ ├── account-subquery-strategy.test.ts
|
|
88
|
+
│ └── factory.test.ts
|
|
89
|
+
├── grants/
|
|
90
|
+
│ └── strategies/
|
|
91
|
+
│ └── __tests__/
|
|
92
|
+
│ ├── treasury-composite-strategy.test.ts
|
|
93
|
+
│ ├── treasury-daodao-strategy.test.ts
|
|
94
|
+
│ ├── treasury-direct-query-strategy.test.ts
|
|
95
|
+
│ └── createCompositeTreasuryStrategy.test.ts
|
|
96
|
+
└── orchestrator/
|
|
97
|
+
├── __tests__/
|
|
98
|
+
│ └── orchestrator.test.ts
|
|
99
|
+
└── flow/
|
|
100
|
+
└── __tests__/
|
|
101
|
+
└── redirectFlow.test.ts
|
|
102
|
+
```
|
|
103
|
+
|
|
104
|
+
### Integration Testing
|
|
105
|
+
|
|
106
|
+
Integration tests require a live XION RPC endpoint. Configure by creating [.env.test](.env.test):
|
|
107
|
+
|
|
108
|
+
```env
|
|
109
|
+
XION_RPC_URL=https://rpc.xion-testnet-1.burnt.com:443
|
|
110
|
+
XION_CHAIN_ID=xion-testnet-1
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
See [vitest.config.integration.ts](vitest.config.integration.ts) for integration test configuration.
|
|
114
|
+
|
|
115
|
+
### Mocking Strategy
|
|
116
|
+
|
|
117
|
+
The tests use Vitest's mocking capabilities:
|
|
118
|
+
|
|
119
|
+
- **External APIs**: Mocked with `vi.fn()` and `global.fetch`
|
|
120
|
+
- **CosmJS**: Mocked CosmWasmClient for RPC interactions
|
|
121
|
+
- **WebAuthn**: Globally mocked in the signers package to avoid Node.js compatibility issues
|
|
122
|
+
|
|
123
|
+
## Development
|
|
124
|
+
|
|
125
|
+
```bash
|
|
126
|
+
# Build the package
|
|
127
|
+
pnpm build
|
|
128
|
+
|
|
129
|
+
# Run in development mode (watch)
|
|
130
|
+
pnpm dev
|
|
131
|
+
|
|
132
|
+
# Type checking
|
|
133
|
+
pnpm check-types
|
|
134
|
+
|
|
135
|
+
# Linting
|
|
136
|
+
pnpm lint
|
|
137
|
+
```
|