@burnt-labs/account-management 0.0.1 → 1.0.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. package/.eslintrc.js +7 -0
  2. package/.turbo/turbo-build.log +21 -0
  3. package/CHANGELOG.md +13 -0
  4. package/README.md +137 -0
  5. package/dist/index.d.ts +1308 -0
  6. package/dist/index.js +2252 -0
  7. package/dist/index.js.map +1 -0
  8. package/dist/index.mjs +2186 -0
  9. package/dist/index.mjs.map +1 -0
  10. package/package.json +47 -13
  11. package/src/accounts/__tests__/discovery.test.ts +533 -0
  12. package/src/accounts/discovery.ts +77 -0
  13. package/src/accounts/index.ts +23 -0
  14. package/src/accounts/strategies/__tests__/account-composite-strategy.test.ts +245 -0
  15. package/src/accounts/strategies/__tests__/account-empty-strategy.test.ts +90 -0
  16. package/src/accounts/strategies/__tests__/account-numia-strategy.test.ts +309 -0
  17. package/src/accounts/strategies/__tests__/account-rpc-strategy.test.ts +296 -0
  18. package/src/accounts/strategies/__tests__/account-subquery-strategy.test.ts +124 -0
  19. package/src/accounts/strategies/__tests__/factory.test.ts +183 -0
  20. package/src/accounts/strategies/account-composite-strategy.ts +72 -0
  21. package/src/accounts/strategies/account-empty-strategy.ts +32 -0
  22. package/src/accounts/strategies/account-numia-strategy.ts +96 -0
  23. package/src/accounts/strategies/account-rpc-strategy.ts +212 -0
  24. package/src/accounts/strategies/account-subquery-strategy.ts +117 -0
  25. package/src/accounts/strategies/factory.ts +85 -0
  26. package/src/accounts/strategies/indexerConfigUtils.ts +75 -0
  27. package/src/authenticators/__tests__/utils.test.ts +281 -0
  28. package/src/authenticators/index.ts +6 -0
  29. package/src/authenticators/interfaces.ts +113 -0
  30. package/src/authenticators/jwt.ts +13 -0
  31. package/src/authenticators/utils.ts +86 -0
  32. package/src/grants/__tests__/construction.test.ts +1554 -0
  33. package/src/grants/__tests__/discovery.test.ts +384 -0
  34. package/src/grants/construction.ts +401 -0
  35. package/src/grants/discovery.ts +104 -0
  36. package/src/grants/index.ts +22 -0
  37. package/src/grants/strategies/__tests__/createCompositeTreasuryStrategy.test.ts +165 -0
  38. package/src/grants/strategies/__tests__/treasury-composite-strategy.test.ts +240 -0
  39. package/src/grants/strategies/__tests__/treasury-daodao-strategy.test.ts +226 -0
  40. package/src/grants/strategies/__tests__/treasury-direct-query-strategy.test.ts +281 -0
  41. package/src/grants/strategies/createCompositeTreasuryStrategy.ts +63 -0
  42. package/src/grants/strategies/index.ts +15 -0
  43. package/src/grants/strategies/treasury-composite-strategy.ts +72 -0
  44. package/src/grants/strategies/treasury-daodao-strategy.ts +242 -0
  45. package/src/grants/strategies/treasury-direct-query-strategy.ts +120 -0
  46. package/src/grants/utils/__tests__/authz.test.ts +354 -0
  47. package/src/grants/utils/__tests__/contract-validation.test.ts +441 -0
  48. package/src/grants/utils/__tests__/feegrant.test.ts +932 -0
  49. package/src/grants/utils/__tests__/format-permissions.test.ts +999 -0
  50. package/src/grants/utils/authz.ts +147 -0
  51. package/src/grants/utils/contract-validation.ts +247 -0
  52. package/src/grants/utils/feegrant.ts +321 -0
  53. package/src/grants/utils/format-permissions.ts +318 -0
  54. package/src/grants/utils/index.ts +8 -0
  55. package/src/index.ts +33 -0
  56. package/src/orchestrator/__tests__/orchestrator.test.ts +422 -0
  57. package/src/orchestrator/flow/__tests__/README.md +82 -0
  58. package/src/orchestrator/flow/__tests__/accountConnection.test.ts +458 -0
  59. package/src/orchestrator/flow/__tests__/grantCreation.test.ts +595 -0
  60. package/src/orchestrator/flow/__tests__/redirectFlow.test.ts +229 -0
  61. package/src/orchestrator/flow/__tests__/sessionRestoration.test.ts +493 -0
  62. package/src/orchestrator/flow/accountConnection.ts +189 -0
  63. package/src/orchestrator/flow/grantCreation.ts +338 -0
  64. package/src/orchestrator/flow/redirectFlow.ts +77 -0
  65. package/src/orchestrator/flow/sessionRestoration.ts +102 -0
  66. package/src/orchestrator/index.ts +10 -0
  67. package/src/orchestrator/orchestrator.ts +263 -0
  68. package/src/orchestrator/types.ts +128 -0
  69. package/src/state/__tests__/accountState.test.ts +978 -0
  70. package/src/state/accountState.ts +204 -0
  71. package/src/types/authenticator.ts +42 -0
  72. package/src/types/grants.ts +74 -0
  73. package/src/types/index.ts +39 -0
  74. package/src/types/indexer.ts +37 -0
  75. package/src/types/treasury.ts +70 -0
  76. package/tsconfig.json +15 -0
  77. package/tsup.config.ts +11 -0
  78. package/vitest.config.integration.ts +28 -0
  79. package/vitest.config.ts +24 -0
  80. package/vitest.setup.ts +16 -0
@@ -0,0 +1,1308 @@
1
+ import { AuthenticatorInfo, SmartAccount as SmartAccount$2, AuthenticatorType } from '@burnt-labs/signers';
2
+ import { Coin } from 'cosmjs-types/cosmos/base/v1beta1/coin';
3
+ import { DecodedReadableAuthorization, SignArbSecp256k1HdWallet, GranteeSignerClient, ConnectorConnectionResult, StorageStrategy, Connector } from '@burnt-labs/abstraxion-core';
4
+ export { AuthorizationTypes, DecodedReadableAuthorization, HumanContractExecAuth } from '@burnt-labs/abstraxion-core';
5
+ import { EncodeObject } from '@cosmjs/proto-signing';
6
+ import { PeriodicAllowance, AllowedMsgAllowance } from 'cosmjs-types/cosmos/feegrant/v1beta1/feegrant';
7
+
8
+ /**
9
+ * Account-management specific type extensions
10
+ * These extend the base types from @burnt-labs/signers with additional fields
11
+ * needed for account management operations
12
+ */
13
+
14
+ /**
15
+ * Authenticator with required authenticatorIndex
16
+ * Extends base AuthenticatorInfo with required index field
17
+ */
18
+ interface Authenticator extends Omit<AuthenticatorInfo, "authenticatorIndex"> {
19
+ authenticatorIndex: number;
20
+ }
21
+ /**
22
+ * Basic smart account (re-export base type)
23
+ */
24
+ type SmartAccount$1 = SmartAccount$2;
25
+ /**
26
+ * Smart account with required code ID
27
+ * Extends base SmartAccount with required codeId field
28
+ */
29
+ interface SmartAccountWithCodeId extends Omit<SmartAccount$2, "codeId"> {
30
+ codeId: number;
31
+ authenticators: Authenticator[];
32
+ }
33
+ /**
34
+ * Smart account with current authenticator selection
35
+ * Used for operations that need to know which authenticator is active
36
+ */
37
+ interface SelectedSmartAccount extends SmartAccountWithCodeId {
38
+ currentAuthenticatorIndex: number;
39
+ }
40
+
41
+ /**
42
+ * Checks if an authenticator already exists in the list
43
+ * @param authenticators - List of existing authenticators
44
+ * @param identifier - The authenticator identifier to check (e.g., "aud.sub" for JWT)
45
+ * @param type - The type of authenticator (e.g., "Jwt")
46
+ * @returns true if a duplicate exists, false otherwise
47
+ */
48
+ declare function isDuplicateAuthenticator(authenticators: Authenticator[], identifier: string, type: string): boolean;
49
+ /**
50
+ * Deduplicates accounts by their ID
51
+ * @param accounts - List of accounts that may contain duplicates
52
+ * @returns List of unique accounts
53
+ */
54
+ declare function deduplicateAccountsById(accounts: SmartAccountWithCodeId[] | undefined): SmartAccountWithCodeId[];
55
+ /**
56
+ * Finds the best matching authenticator from a list
57
+ * When multiple authenticators match, returns the one with the lowest index
58
+ * @param authenticators - List of authenticators to search
59
+ * @param loginAuthenticator - The authenticator identifier to match
60
+ * @returns The best matching authenticator or null if none found
61
+ */
62
+ declare function findBestMatchingAuthenticator(authenticators: Authenticator[], loginAuthenticator: string): Authenticator | null;
63
+ /**
64
+ * Validates if a new authenticator can be added
65
+ * @param authenticators - List of existing authenticators
66
+ * @param identifier - The new authenticator identifier
67
+ * @param type - The type of authenticator
68
+ * @returns Object with isValid flag and error message if invalid
69
+ */
70
+ declare function validateNewAuthenticator(authenticators: Authenticator[], identifier: string, type: string): {
71
+ isValid: boolean;
72
+ errorMessage?: string;
73
+ };
74
+
75
+ /**
76
+ * Creates a JWT authenticator identifier from audience and subject
77
+ * @param aud - The audience claim from JWT
78
+ * @param sub - The subject claim from JWT
79
+ * @returns Formatted authenticator identifier
80
+ */
81
+ declare function createJwtAuthenticatorIdentifier(aud: string | string[] | undefined, sub: string | undefined): string;
82
+
83
+ /**
84
+ * Treasury parameters returned from treasury contract
85
+ * Matches the Params struct in contracts/contracts/treasury/src/state.rs
86
+ */
87
+ interface TreasuryParams {
88
+ redirect_url: string;
89
+ icon_url: string;
90
+ metadata: string;
91
+ }
92
+ interface Any {
93
+ type_url: string;
94
+ value: string;
95
+ }
96
+ /**
97
+ * Grant configuration with additional fields for UI display
98
+ * Extended from TreasuryGrantConfig with extra fields like allowance for fee grants
99
+ */
100
+ interface GrantConfigByTypeUrl {
101
+ authorization: Any;
102
+ description: string;
103
+ optional: boolean;
104
+ allowance?: Any;
105
+ maxDuration?: number;
106
+ }
107
+ /**
108
+ * Represents the complete treasury configuration including grant configs and parameters
109
+ */
110
+ interface TreasuryConfig {
111
+ grantConfigs: GrantConfigByTypeUrl[];
112
+ params: TreasuryParams;
113
+ }
114
+ /**
115
+ * Strategy interface for fetching treasury configurations
116
+ * Different strategies can fetch from different sources (indexer, direct query, etc.)
117
+ */
118
+ interface TreasuryStrategy {
119
+ /**
120
+ * Fetch treasury configuration for a given contract address
121
+ * @param treasuryAddress The treasury contract address
122
+ * @param client The Cosmos client for querying chain data (must have queryContractSmart method)
123
+ * @returns Treasury configuration or null if not found/failed
124
+ */
125
+ fetchTreasuryConfig(treasuryAddress: string, client: any): Promise<TreasuryConfig | null>;
126
+ }
127
+
128
+ /**
129
+ * Permission formatting utilities for treasury contracts
130
+ * Extracted from dashboard utils/query-treasury-contract.ts
131
+ */
132
+
133
+ declare const DENOM_DECIMALS: {
134
+ readonly xion: 6;
135
+ readonly usdc: 6;
136
+ };
137
+ declare const DENOM_DISPLAY_MAP: {
138
+ readonly xion: "XION";
139
+ readonly usdc: "USDC";
140
+ };
141
+ /**
142
+ * Parses a coin string (e.g., "1000000uxion" or "1000000uxion,2000000usdc") into denom and amount
143
+ */
144
+ declare function parseCoinString(coinStr: string): Coin[];
145
+ /**
146
+ * Formats an array of Coin objects into a comma-separated string
147
+ */
148
+ declare function formatCoinArray(coins: Coin[]): string;
149
+ /**
150
+ * Formats a coin string (e.g. "1000000uxion") into a human readable format (e.g. "1 XION")
151
+ * Can handle multiple coins separated by commas
152
+ * @param coinStr The coin string to format
153
+ * @param usdcDenom Optional USDC denom to use for formatting (network-specific)
154
+ * @returns Formatted string of coins
155
+ */
156
+ declare function formatCoins(coinStr: string, usdcDenom?: string): string;
157
+ /**
158
+ * Formats a XION amount with its denom
159
+ */
160
+ declare function formatXionAmount(amount: string, denom: string): string;
161
+ /**
162
+ * Mapping of Cosmos message types to human-readable permission descriptions
163
+ */
164
+ declare const CosmosAuthzPermission: {
165
+ [key: string]: string;
166
+ };
167
+ /**
168
+ * Permission description for display to users
169
+ */
170
+ interface PermissionDescription {
171
+ authorizationDescription: string;
172
+ dappDescription?: string;
173
+ contracts?: (string | undefined)[];
174
+ }
175
+ /**
176
+ * Generate human-readable permission descriptions from decoded grants
177
+ * @param decodedGrants Array of decoded authorizations with dapp descriptions
178
+ * @param account User's account address (to validate contract grants)
179
+ * @param usdcDenom Optional USDC denom for formatting (network-specific)
180
+ * @returns Array of permission descriptions
181
+ */
182
+ declare function generatePermissionDescriptions(decodedGrants: (DecodedReadableAuthorization & {
183
+ dappDescription: string;
184
+ })[], account: string, usdcDenom?: string): PermissionDescription[];
185
+
186
+ /**
187
+ * Treasury discovery utilities
188
+ * Queries treasury contracts to discover and format permissions for display
189
+ * Similar pattern to accounts/discovery.ts
190
+ */
191
+
192
+ /**
193
+ * Minimal interface for blockchain client with smart contract query capability
194
+ * This avoids circular dependency with @burnt-labs/signers
195
+ */
196
+ interface ContractQueryClient {
197
+ queryContractSmart(address: string, queryMsg: Record<string, unknown>): Promise<unknown>;
198
+ getChainId(): Promise<string>;
199
+ }
200
+ interface TreasuryContractResponse {
201
+ permissionDescriptions: PermissionDescription[];
202
+ params: {
203
+ redirect_url: string;
204
+ icon_url: string;
205
+ metadata: string;
206
+ };
207
+ }
208
+ /**
209
+ * Queries the DAPP treasury contract to parse and display requested permissions to end user
210
+ * @param contractAddress - The address for the deployed treasury contract instance
211
+ * @param client - Client to query RPC (must have queryContractSmart method)
212
+ * @param account - Users account address
213
+ * @param strategy - Treasury strategy to use for querying
214
+ * @param usdcDenom - Optional USDC denom for formatting (network-specific)
215
+ * @returns The human-readable permission descriptions and treasury parameters
216
+ */
217
+ declare function queryTreasuryContractWithPermissions(contractAddress: string, client: ContractQueryClient, account: string, strategy: TreasuryStrategy, usdcDenom?: string): Promise<TreasuryContractResponse>;
218
+
219
+ type SpendLimit = {
220
+ denom: string;
221
+ amount: string;
222
+ };
223
+ type ContractGrantDescription = string | {
224
+ address: string;
225
+ amounts: SpendLimit[];
226
+ };
227
+ interface BaseAllowance {
228
+ "@type": string;
229
+ }
230
+ interface ContractsAllowance extends BaseAllowance {
231
+ "@type": "/xion.v1.ContractsAllowance";
232
+ allowance: PeriodicAllowance | BaseAllowance;
233
+ contractAddresses: string[];
234
+ }
235
+ interface MultiAnyAllowance extends BaseAllowance {
236
+ "@type": "/xion.v1.MultiAnyAllowance";
237
+ allowances: (ContractsAllowance | AllowedMsgAllowance | BaseAllowance)[];
238
+ }
239
+ type Allowance = PeriodicAllowance | AllowedMsgAllowance | ContractsAllowance | MultiAnyAllowance | BaseAllowance;
240
+ interface AllowanceResponse {
241
+ allowance: {
242
+ granter: string;
243
+ grantee: string;
244
+ allowance: Allowance;
245
+ };
246
+ }
247
+ /**
248
+ * Grant creation configuration
249
+ * Used for configuring authorization grants from smart account to session keypair
250
+ */
251
+ interface GrantConfig {
252
+ /** Treasury contract address (if using treasury-based grants) */
253
+ treasury?: string;
254
+ /** Manual contract grant descriptions */
255
+ contracts?: Array<string | {
256
+ address: string;
257
+ amounts: Array<{
258
+ denom: string;
259
+ amount: string;
260
+ }>;
261
+ }>;
262
+ /** Bank spend limits */
263
+ bank?: Array<{
264
+ denom: string;
265
+ amount: string;
266
+ }>;
267
+ /** Enable staking permissions */
268
+ stake?: boolean;
269
+ /** Fee granter address */
270
+ feeGranter?: string;
271
+ /** DaoDao indexer URL for treasury queries */
272
+ daodaoIndexerUrl?: string;
273
+ }
274
+
275
+ /**
276
+ * Grant message construction utilities
277
+ * Builds grant messages from treasury contracts or manual configurations
278
+ */
279
+
280
+ /**
281
+ * Generate authz grant messages from treasury contract using strategy
282
+ *
283
+ * @param contractAddress - The address for the deployed treasury contract instance
284
+ * @param client - Client to query RPC (must have queryContractSmart method)
285
+ * @param granter - The granter address (smart account)
286
+ * @param grantee - The grantee address (temp keypair or user wallet)
287
+ * @param strategy - Treasury strategy to use for fetching configs
288
+ * @param expiration - Grant expiration timestamp (default: 3 months from now)
289
+ * @returns Array of authz grant messages to pass into transaction
290
+ */
291
+ declare function generateTreasuryGrants(contractAddress: string, client: any, // AAClient from @burnt-labs/signers
292
+ granter: string, grantee: string, strategy: TreasuryStrategy, expiration?: bigint): Promise<EncodeObject[]>;
293
+ /**
294
+ * Generate bank (send) authorization grant
295
+ */
296
+ declare function generateBankGrant(expiration: bigint, grantee: string, granter: string, bank: SpendLimit[]): EncodeObject;
297
+ /**
298
+ * Generate contract execution authorization grant
299
+ */
300
+ declare function generateContractGrant(expiration: bigint, grantee: string, granter: string, contracts: ContractGrantDescription[]): EncodeObject;
301
+ /**
302
+ * Generate stake and governance authorization grants with fee grant
303
+ * Based on dashboard's generateStakeAndGovGrant
304
+ */
305
+ declare function generateStakeAndGovGrant(expiration: bigint, grantee: string, granter: string): EncodeObject[];
306
+ /**
307
+ * Build all grant messages based on user configuration
308
+ */
309
+ declare function buildGrantMessages(params: {
310
+ granter: string;
311
+ grantee: string;
312
+ expiration: bigint;
313
+ contracts?: ContractGrantDescription[];
314
+ bank?: SpendLimit[];
315
+ stake?: boolean;
316
+ }): EncodeObject[];
317
+
318
+ /**
319
+ * Error for invalid contract grant configuration
320
+ */
321
+ declare class InvalidContractGrantError extends Error {
322
+ constructor(message: string);
323
+ }
324
+ /**
325
+ * Checks if any of the contract grant configurations are the current smart account (granter)
326
+ * Address comparison is case-insensitive (bech32 addresses are case-insensitive in encoding).
327
+ *
328
+ * @param {ContractGrantDescription[]} contracts - An array of contract descriptions.
329
+ * @param {SelectedSmartAccount} account - The selected smart account (granter in this case)
330
+ * @returns {boolean} - Returns `true` if none of the contracts are the selected smart account, otherwise `false`.
331
+ * @throws {InvalidContractGrantError} - For malformed contract grant data
332
+ */
333
+ declare const isContractGrantConfigValid: (contracts: ContractGrantDescription[], account: SelectedSmartAccount) => boolean;
334
+
335
+ /**
336
+ * Error types for fee grant validation
337
+ */
338
+ declare class FeeGrantValidationError extends Error {
339
+ readonly code: "NETWORK_ERROR" | "HTTP_ERROR" | "INVALID_RESPONSE" | "NO_ALLOWANCE" | "INVALID_ALLOWANCE";
340
+ readonly statusCode?: number | undefined;
341
+ constructor(message: string, code: "NETWORK_ERROR" | "HTTP_ERROR" | "INVALID_RESPONSE" | "NO_ALLOWANCE" | "INVALID_ALLOWANCE", statusCode?: number | undefined);
342
+ }
343
+ /**
344
+ * Result type for fee grant validation
345
+ */
346
+ type FeeGrantValidationResult = {
347
+ valid: true;
348
+ } | {
349
+ valid: false;
350
+ error: FeeGrantValidationError;
351
+ };
352
+ /**
353
+ * Validates if a requested set of actions are permitted under a fee grant between a granter and grantee.
354
+ *
355
+ * @async
356
+ * @function
357
+ * @param {string} restUrl - The base URL of the Cosmos REST API.
358
+ * @param {string} feeGranter - The address of the fee granter (the account providing the allowance).
359
+ * @param {string} granter - The address of the grantee (the account receiving the allowance).
360
+ * @param {string[]} requestedActions - The array of specific actions to validate, e.g., ["/cosmos.authz.v1beta1.MsgGrant", ...].
361
+ * @param {string} [userAddress] - (Optional) The user's smart contract account address to validate against `ContractsAllowance`.
362
+ * @returns {Promise<FeeGrantValidationResult>} - Result indicating if actions are permitted, with detailed error if not.
363
+ *
364
+ * @throws {FeeGrantValidationError} - For network errors, HTTP errors, or invalid responses.
365
+ */
366
+ declare function validateFeeGrant(restUrl: string, feeGranter: string, granter: string, requestedActions: string[], userAddress?: string): Promise<FeeGrantValidationResult>;
367
+ /**
368
+ * Error for invalid allowance structure
369
+ */
370
+ declare class InvalidAllowanceError extends Error {
371
+ constructor(message: string);
372
+ }
373
+ /**
374
+ * Validates if requested actions are permitted by an allowance.
375
+ * Message type URLs are case-sensitive (protocol buffer type URLs).
376
+ *
377
+ * @param actions - Array of action type URLs to validate
378
+ * @param allowance - The allowance to check against
379
+ * @param userAddress - Optional user address for ContractsAllowance validation
380
+ * @returns true if all actions are permitted, false if actions are not permitted
381
+ * @throws {InvalidAllowanceError} - For malformed allowance structures
382
+ */
383
+ declare function validateActions(actions: string[], allowance: Allowance, userAddress?: string): boolean;
384
+
385
+ /**
386
+ * Contract address validation utilities
387
+ * Uses @burnt-labs/signers crypto utilities for consistent address validation
388
+ */
389
+
390
+ interface AddressValidationError {
391
+ index: number;
392
+ address: string;
393
+ error: string;
394
+ }
395
+ interface ContractValidationResult {
396
+ valid: boolean;
397
+ errors: AddressValidationError[];
398
+ }
399
+ /**
400
+ * Extracts address from contract grant description
401
+ *
402
+ * @returns The contract address, or undefined if missing (for object form without address)
403
+ */
404
+ declare function getContractAddress(contract: ContractGrantDescription): string | undefined;
405
+ /**
406
+ * Checks if a contract address is self-referential (same as granter address)
407
+ * Uses case-insensitive comparison for bech32 addresses
408
+ *
409
+ * @param contractAddress - The contract address to check
410
+ * @param granterAddress - The granter address (smart account)
411
+ * @returns true if addresses match (self-referential), false otherwise
412
+ */
413
+ declare function isSelfReferentialGrant(contractAddress: string, granterAddress: string): boolean;
414
+ /**
415
+ * Validates a single contract address format
416
+ *
417
+ * @param address - Contract address to validate
418
+ * @param expectedPrefix - Expected bech32 prefix (e.g., "xion")
419
+ * @returns Error message if invalid, undefined if valid
420
+ */
421
+ declare function validateContractAddressFormat(address: string, expectedPrefix: string): string | undefined;
422
+ /**
423
+ * Verifies a contract exists on-chain
424
+ *
425
+ * @param address - Contract address to verify
426
+ * @param rpcUrl - RPC URL for chain queries
427
+ * @returns Error message if contract doesn't exist, undefined if valid
428
+ */
429
+ declare function verifyContractExists(address: string, rpcUrl: string): Promise<string | undefined>;
430
+ /**
431
+ * Validates array of contract grant descriptions
432
+ *
433
+ * Performs the following validations:
434
+ * 1. Bech32 format and prefix validation
435
+ * 2. Contract address != granter address
436
+ * 3. Contract exists on-chain (if rpcUrl provided)
437
+ *
438
+ * @param contracts - Array of contract grant descriptions
439
+ * @param granterAddress - The granter address (smart account)
440
+ * @param options - Validation options
441
+ * @returns Validation result with all errors
442
+ */
443
+ declare function validateContractGrants(contracts: ContractGrantDescription[], granterAddress: string, options: {
444
+ expectedPrefix: string;
445
+ rpcUrl?: string;
446
+ skipOnChainVerification?: boolean;
447
+ }): Promise<ContractValidationResult>;
448
+ /**
449
+ * Formats validation errors into a human-readable message
450
+ *
451
+ * @param errors - Array of validation errors
452
+ * @returns Formatted error message
453
+ */
454
+ declare function formatValidationErrors(errors: AddressValidationError[]): string;
455
+ /**
456
+ * Validates contracts and throws with formatted error message if invalid
457
+ *
458
+ * Convenience function for use in grant creation flow.
459
+ *
460
+ * @throws {Error} If validation fails
461
+ */
462
+ declare function validateContractGrantsOrThrow(contracts: ContractGrantDescription[], granterAddress: string, options: {
463
+ expectedPrefix: string;
464
+ rpcUrl?: string;
465
+ skipOnChainVerification?: boolean;
466
+ }): Promise<void>;
467
+
468
+ /**
469
+ * DaoDao Treasury Indexer Strategy
470
+ * Fetches treasury configurations from the DaoDao indexer API
471
+ * This is the fastest approach when the indexer is available
472
+ *
473
+ * How it works:
474
+ * 1. Queries DaoDao indexer API at /{chainId}/contract/{address}/xion/treasury/all
475
+ * 2. Transforms indexer response to standard TreasuryConfig format
476
+ * 3. Validates all data for security (URLs, structure)
477
+ *
478
+ * Based on dashboard's src/treasury-strategies/daodao-treasury-strategy.ts
479
+ */
480
+
481
+ interface DaoDaoTreasuryStrategyConfig {
482
+ /** DaoDao indexer base URL (e.g., "https://daodaoindexer.burnt.com") */
483
+ indexerUrl: string;
484
+ /** Request timeout in milliseconds (default: 30000) */
485
+ timeout?: number;
486
+ }
487
+ /**
488
+ * DaoDao Treasury Indexer Strategy
489
+ * Queries DaoDao indexer API for treasury configurations (fast, requires indexer)
490
+ *
491
+ */
492
+ declare class DaoDaoTreasuryStrategy implements TreasuryStrategy {
493
+ private config;
494
+ constructor(config: DaoDaoTreasuryStrategyConfig);
495
+ fetchTreasuryConfig(treasuryAddress: string, client: ContractQueryClient): Promise<TreasuryConfig | null>;
496
+ /**
497
+ * Validates the /all endpoint response structure
498
+ */
499
+ private validateAllResponse;
500
+ /**
501
+ * Transform grant configs from /all response to standard format
502
+ */
503
+ private transformAllResponseGrants;
504
+ }
505
+
506
+ /**
507
+ * Direct Query Treasury Strategy
508
+ * Fetches treasury configurations directly from the smart contract via RPC
509
+ * This is the fallback approach when indexers are unavailable
510
+ *
511
+ * Based on dashboard's src/treasury-strategies/direct-query-treasury-strategy.ts
512
+ */
513
+
514
+ /**
515
+ * Direct Query Treasury Strategy
516
+ * Queries treasury contract directly via RPC (no indexer needed)
517
+ */
518
+ declare class DirectQueryTreasuryStrategy implements TreasuryStrategy {
519
+ fetchTreasuryConfig(treasuryAddress: string, client: ContractQueryClient): Promise<TreasuryConfig | null>;
520
+ /**
521
+ * Fetch treasury params directly from contract
522
+ */
523
+ private fetchTreasuryParams;
524
+ }
525
+
526
+ /**
527
+ * Composite Treasury Strategy
528
+ * Tries multiple strategies in order until one succeeds
529
+ * Implements the Strategy pattern with fallback behavior
530
+ *
531
+ * Based on dashboard's src/treasury-strategies/composite-treasury-strategy.ts
532
+ */
533
+
534
+ /**
535
+ * Composite Treasury Strategy
536
+ * Tries multiple treasury strategies in order, returning the first successful result
537
+ *
538
+ */
539
+ declare class CompositeTreasuryStrategy implements TreasuryStrategy {
540
+ private readonly strategies;
541
+ constructor(...strategies: TreasuryStrategy[]);
542
+ fetchTreasuryConfig(treasuryAddress: string, client: ContractQueryClient): Promise<TreasuryConfig | null>;
543
+ }
544
+
545
+ /**
546
+ * Factory function for creating a CompositeTreasuryStrategy with common fallback chain
547
+ * Provides a convenient way to create a treasury strategy without manually instantiating each one
548
+ */
549
+
550
+ interface CreateCompositeTreasuryStrategyConfig {
551
+ /**
552
+ * DaoDao indexer configuration for fast treasury lookups
553
+ * If provided, DaoDaoTreasuryStrategy will be used as the first strategy
554
+ */
555
+ daodao?: {
556
+ indexerUrl: string;
557
+ };
558
+ /**
559
+ * Whether to include direct query strategy as fallback
560
+ * Defaults to true - recommended for production reliability
561
+ */
562
+ includeDirectQuery?: boolean;
563
+ }
564
+ /**
565
+ * Creates a CompositeTreasuryStrategy with automatic fallback chain:
566
+ * 1. DaoDaoTreasuryStrategy (if daodao config provided) - Fast indexer queries
567
+ * 2. DirectQueryTreasuryStrategy (if includeDirectQuery is true) - Reliable on-chain queries
568
+ *
569
+ * @param config - Configuration for the strategies to include
570
+ * @returns CompositeTreasuryStrategy with configured fallback chain
571
+ *
572
+ */
573
+ declare function createCompositeTreasuryStrategy(config?: CreateCompositeTreasuryStrategyConfig): CompositeTreasuryStrategy;
574
+
575
+ interface IndexerStrategy {
576
+ /**
577
+ * Fetch smart accounts for a given authenticator
578
+ *
579
+ * @param loginAuthenticator - The authenticator string (address, pubkey, JWT, etc.)
580
+ * @param authenticatorType - Authenticator type. Required because the type is always known from context
581
+ * (wallet connection, signer config, etc.) when checking for accounts.
582
+ */
583
+ fetchSmartAccounts(loginAuthenticator: string, authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
584
+ }
585
+ /**
586
+ * User-facing indexer configuration
587
+ * Used by developers when configuring account discovery
588
+ * For Subquery, codeId is derived from smartAccountContract, not provided by user
589
+ */
590
+ type UserIndexerConfig = {
591
+ type?: "numia";
592
+ url: string;
593
+ authToken?: string;
594
+ } | {
595
+ type: "subquery";
596
+ url: string;
597
+ };
598
+ /**
599
+ * Internal indexer configuration for account strategies
600
+ * Used internally by account discovery strategies
601
+ * For Subquery, codeId is required (derived from smartAccountContract during conversion)
602
+ */
603
+ type AccountIndexerConfig = {
604
+ type?: "numia";
605
+ url: string;
606
+ authToken?: string;
607
+ } | {
608
+ type: "subquery";
609
+ url: string;
610
+ codeId: number;
611
+ };
612
+
613
+ /**
614
+ * Numia indexer strategy for querying smart accounts
615
+ * Based on dashboard's src/indexer-strategies/numia-indexer-strategy.ts
616
+ */
617
+
618
+ declare class NumiaAccountStrategy implements IndexerStrategy {
619
+ private readonly authToken?;
620
+ private baseURL;
621
+ constructor(baseURL: string, authToken?: string | undefined);
622
+ fetchSmartAccounts(loginAuthenticator: string, _authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
623
+ }
624
+
625
+ /**
626
+ * Subquery indexer strategy for querying smart accounts
627
+ * Based on dashboard's src/indexer-strategies/subquery-indexer-strategy.ts
628
+ *
629
+ * Subquery provides account addresses and authenticators but not code_id,
630
+ * so code_id must be configured (same pattern as RPC and Numia strategies)
631
+ */
632
+
633
+ interface SmartAccountAuthenticator {
634
+ id: string;
635
+ type: string;
636
+ authenticator: string;
637
+ authenticatorIndex: number;
638
+ version: string;
639
+ __typename: string;
640
+ }
641
+ interface SmartAccountAuthenticatorsConnection {
642
+ nodes: SmartAccountAuthenticator[];
643
+ __typename: string;
644
+ }
645
+ interface SmartAccount {
646
+ id: string;
647
+ authenticators: SmartAccountAuthenticatorsConnection;
648
+ __typename: string;
649
+ }
650
+ interface SmartAccountsConnection {
651
+ nodes: SmartAccount[];
652
+ __typename: string;
653
+ }
654
+ interface AllSmartWalletQueryResponse {
655
+ smartAccounts: SmartAccountsConnection;
656
+ }
657
+ declare class SubqueryAccountStrategy implements IndexerStrategy {
658
+ private readonly indexerUrl;
659
+ private readonly codeId;
660
+ constructor(indexerUrl: string, codeId: number);
661
+ fetchSmartAccounts(loginAuthenticator: string, _authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
662
+ }
663
+
664
+ /**
665
+ * Direct Chain Indexer Strategy
666
+ * Queries the chain directly to find existing smart accounts
667
+ * This is a fallback when indexers are unavailable
668
+ *
669
+ * How it works:
670
+ * 1. Calculate predicted instantiate2 address from authenticator (using crypto utilities)
671
+ * 2. Check if contract exists at that address via RPC
672
+ * 3. If exists, query contract state for authenticators
673
+ * 4. Return account info
674
+ */
675
+
676
+ interface RpcAccountStrategyConfig {
677
+ /** RPC URL for querying the chain */
678
+ rpcUrl: string;
679
+ /** Contract checksum (hex) for instantiate2 calculation */
680
+ checksum: string;
681
+ /** Creator/fee granter address */
682
+ creator: string;
683
+ /** Address prefix (e.g., "xion") */
684
+ prefix: string;
685
+ /** Code ID of the smart account contract */
686
+ codeId: number;
687
+ }
688
+ /**
689
+ * Direct Chain Indexer Strategy
690
+ * Calculates predicted address and queries chain directly (no indexer needed)
691
+ *
692
+ * TODO / NOTE : This strategy might not work for more complex scenarios like
693
+ * meta accounts where the authenticator in question has been removed or added to other accounts.
694
+ *
695
+ * Only to be used as a backup, indexers are the preferred way to find accounts.
696
+ */
697
+ declare class RpcAccountStrategy implements IndexerStrategy {
698
+ private config;
699
+ constructor(config: RpcAccountStrategyConfig);
700
+ fetchSmartAccounts(loginAuthenticator: string, authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
701
+ /**
702
+ * Query authenticators from smart account contract
703
+ *
704
+ * Contract query schema:
705
+ * 1. Get authenticator IDs: {"authenticator_i_ds":{}} → [0, 1, 2, ...]
706
+ * 2. Get specific authenticator: {"authenticator_by_i_d":{"id":0}} → base64-encoded authenticator data
707
+ *
708
+ * Returns empty array if contract doesn't exist or query fails
709
+ */
710
+ private queryAuthenticators;
711
+ }
712
+
713
+ /**
714
+ * Empty Indexer Strategy
715
+ * Returns an empty array, indicating no existing accounts found
716
+ * This is the fallback strategy when no indexer is available
717
+ *
718
+ * When this strategy is used, the system will create a new smart account
719
+ * instead of trying to find an existing one.
720
+ */
721
+
722
+ /**
723
+ * Empty Indexer Strategy
724
+ * Always returns an empty array (no accounts found)
725
+ *
726
+ * Use this as a fallback when:
727
+ * - No indexer is configured
728
+ * - Indexer is unavailable
729
+ * - You want to force creation of a new account
730
+ */
731
+ declare class EmptyAccountStrategy implements IndexerStrategy {
732
+ fetchSmartAccounts(_loginAuthenticator: string, _authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
733
+ }
734
+
735
+ /**
736
+ * Composite Indexer Strategy
737
+ * Tries multiple indexer strategies in order until one succeeds
738
+ * Implements the Strategy pattern with fallback behavior
739
+ */
740
+
741
+ /**
742
+ * Composite Indexer Strategy
743
+ * Tries multiple indexer strategies in order, returning the first successful result
744
+ */
745
+ declare class CompositeAccountStrategy implements IndexerStrategy {
746
+ private readonly strategies;
747
+ constructor(...strategies: IndexerStrategy[]);
748
+ fetchSmartAccounts(loginAuthenticator: string, authenticatorType: AuthenticatorType): Promise<SmartAccountWithCodeId[]>;
749
+ }
750
+
751
+ /**
752
+ * Factory function for creating a CompositeAccountStrategy with common fallback chain
753
+ * Provides a convenient way to create a strategy without manually instantiating each one
754
+ */
755
+
756
+ interface CreateCompositeAccountStrategyConfig {
757
+ /**
758
+ * Indexer configuration for fast account lookups
759
+ * Supports both Numia and Subquery indexers
760
+ *
761
+ * For Numia: { type: 'numia', url: string, authToken?: string }
762
+ * For Subquery: { type: 'subquery', url: string, codeId: number }
763
+ *
764
+ * If type is not specified, defaults to Numia for backward compatibility
765
+ */
766
+ indexer?: AccountIndexerConfig;
767
+ /**
768
+ * RPC configuration for reliable on-chain account lookups
769
+ * If provided, RpcAccountStrategy will be used as a fallback
770
+ */
771
+ rpc?: RpcAccountStrategyConfig;
772
+ }
773
+ /**
774
+ * Creates a CompositeAccountStrategy with automatic fallback chain:
775
+ * 1. Indexer strategy (Numia or Subquery, if configured) - Fast indexer queries
776
+ * 2. RpcAccountStrategy (if RPC config provided) - Reliable on-chain queries
777
+ * 3. EmptyAccountStrategy (always included) - Returns empty for new accounts
778
+ *
779
+ * @param config - Configuration for the strategies to include
780
+ * @returns CompositeAccountStrategy with configured fallback chain
781
+ *
782
+ */
783
+ declare function createCompositeAccountStrategy(config: CreateCompositeAccountStrategyConfig): CompositeAccountStrategy;
784
+
785
+ /**
786
+ * Type definitions for account management
787
+ *
788
+ */
789
+
790
+ /**
791
+ * Smart account contract configuration
792
+ * Required for creating new smart accounts in signer mode
793
+ */
794
+ interface SmartAccountContractConfig {
795
+ /** Contract code ID for smart account creation */
796
+ codeId: number;
797
+ /** Contract checksum as hex string */
798
+ checksum: string;
799
+ /** Address prefix (e.g., "xion") */
800
+ addressPrefix: string;
801
+ }
802
+ /**
803
+ * Account creation configuration
804
+ * Required for creating new smart accounts when they don't exist
805
+ * Aligned with the grouped config structure used in signer mode
806
+ */
807
+ interface AccountCreationConfig {
808
+ /** AA API URL for account creation */
809
+ aaApiUrl: string;
810
+ /** Smart account contract configuration */
811
+ smartAccountContract: SmartAccountContractConfig;
812
+ /** Fee granter address (creator) */
813
+ feeGranter: string;
814
+ }
815
+
816
+ /**
817
+ * Utilities for converting user-facing indexer configs to AccountIndexerConfig
818
+ *
819
+ * These utilities are generic and work with any user-facing indexer config type
820
+ * that matches the shape of the discriminated union (Numia or Subquery).
821
+ */
822
+
823
+ /**
824
+ * Extract authentication token from indexer config
825
+ * Only available for Numia indexers
826
+ *
827
+ * @param indexerConfig - User-facing indexer configuration
828
+ * @returns Authentication token if Numia indexer, undefined otherwise
829
+ */
830
+ declare function extractIndexerAuthToken(indexerConfig?: UserIndexerConfig): string | undefined;
831
+ /**
832
+ * Convert user-facing indexer config to internal AccountIndexerConfig
833
+ * Handles type conversion and derives codeId from smartAccountContract for Subquery indexers
834
+ *
835
+ * @param indexerConfig - User-facing indexer configuration
836
+ * @param smartAccountContract - Smart account contract config (required for Subquery codeId)
837
+ * @returns AccountIndexerConfig for use with account strategies, or undefined if no indexer config
838
+ * @throws Error if Subquery indexer is used without codeId in smartAccountContract
839
+ */
840
+ declare function convertIndexerConfig(indexerConfig: UserIndexerConfig | undefined, smartAccountContract?: SmartAccountContractConfig): AccountIndexerConfig | undefined;
841
+
842
+ /**
843
+ * Account discovery utilities
844
+ * Functions for checking if smart accounts exist
845
+ */
846
+
847
+ /**
848
+ * Result of account existence check
849
+ */
850
+ interface AccountExistenceResult {
851
+ exists: boolean;
852
+ accounts: any[];
853
+ smartAccountAddress?: string;
854
+ codeId?: number;
855
+ authenticatorIndex?: number;
856
+ error?: string;
857
+ }
858
+ /**
859
+ * Check if account exists using the account strategy
860
+ * Returns account details if found
861
+ *
862
+ * @param accountStrategy - The account strategy to use for discovery
863
+ * @param authenticator - The authenticator string (address, pubkey, JWT, etc.)
864
+ * @param authenticatorType - Authenticator type. Required because the type is always known from context
865
+ * (wallet connection, signer config, etc.) when checking for accounts.
866
+ */
867
+ declare function checkAccountExists(accountStrategy: CompositeAccountStrategy, authenticator: string, authenticatorType: AuthenticatorType): Promise<AccountExistenceResult>;
868
+
869
+ /**
870
+ * Account state machine types
871
+ * Defines the lifecycle states for account connection and management
872
+ * Shared between @abstraxion and @abstraxion-react-native
873
+ */
874
+
875
+ /**
876
+ * Account information when connected
877
+ */
878
+ interface AccountInfo {
879
+ /** The session keypair (grantee) */
880
+ keypair: SignArbSecp256k1HdWallet;
881
+ /** The smart account address (granter) */
882
+ granterAddress: string;
883
+ /** The grantee address (session key address) */
884
+ granteeAddress: string;
885
+ }
886
+ /**
887
+ * Account state machine states
888
+ * Represents the lifecycle: idle → initializing → redirecting → connecting → configuring-permissions → connected
889
+ *
890
+ * Note: The 'configuring-permissions' status represents setting up session permissions/authorization,
891
+ * not creating the session key itself (which happens during connecting).
892
+ */
893
+ type AccountState = {
894
+ status: "idle";
895
+ } | {
896
+ status: "initializing";
897
+ } | {
898
+ status: "redirecting";
899
+ dashboardUrl: string;
900
+ } | {
901
+ status: "connecting";
902
+ connectorId?: string;
903
+ } | {
904
+ status: "configuring-permissions";
905
+ smartAccountAddress: string;
906
+ } | {
907
+ status: "connected";
908
+ account: AccountInfo;
909
+ signingClient: GranteeSignerClient;
910
+ } | {
911
+ status: "error";
912
+ error: string;
913
+ };
914
+ /**
915
+ * State transition actions
916
+ */
917
+ type AccountStateAction = {
918
+ type: "INITIALIZE";
919
+ } | {
920
+ type: "START_REDIRECT";
921
+ dashboardUrl: string;
922
+ } | {
923
+ type: "START_CONNECT";
924
+ connectorId?: string;
925
+ } | {
926
+ type: "START_CONFIGURING_PERMISSIONS";
927
+ smartAccountAddress: string;
928
+ } | {
929
+ type: "SET_CONNECTED";
930
+ account: AccountInfo;
931
+ signingClient: GranteeSignerClient;
932
+ } | {
933
+ type: "SET_ERROR";
934
+ error: string;
935
+ } | {
936
+ type: "RESET";
937
+ };
938
+ /**
939
+ * State transition guard functions
940
+ */
941
+ declare const AccountStateGuards: {
942
+ /** Check if state is idle */
943
+ isIdle: (state: AccountState) => state is {
944
+ status: "idle";
945
+ };
946
+ /** Check if state is initializing */
947
+ isInitializing: (state: AccountState) => state is {
948
+ status: "initializing";
949
+ };
950
+ /** Check if state is redirecting */
951
+ isRedirecting: (state: AccountState) => state is {
952
+ status: "redirecting";
953
+ dashboardUrl: string;
954
+ };
955
+ /** Check if state is connecting */
956
+ isConnecting: (state: AccountState) => state is {
957
+ status: "connecting";
958
+ connectorId?: string;
959
+ };
960
+ /** Check if state is configuring permissions for the session */
961
+ isConfiguringPermissions: (state: AccountState) => state is {
962
+ status: "configuring-permissions";
963
+ smartAccountAddress: string;
964
+ };
965
+ /** Check if state is connected (ready to use) */
966
+ isConnected: (state: AccountState) => state is {
967
+ status: "connected";
968
+ account: AccountInfo;
969
+ signingClient: GranteeSignerClient;
970
+ };
971
+ /** Check if state is error */
972
+ isError: (state: AccountState) => state is {
973
+ status: "error";
974
+ error: string;
975
+ };
976
+ };
977
+ /**
978
+ * State reducer function
979
+ * Handles state transitions based on actions
980
+ */
981
+ declare function accountStateReducer(state: AccountState, action: AccountStateAction): AccountState;
982
+ /**
983
+ * Helper to check if a transition is valid
984
+ */
985
+ declare function isValidTransition(from: AccountState, to: AccountStateAction["type"]): boolean;
986
+
987
+ /**
988
+ * Types for connection orchestrator
989
+ */
990
+
991
+ /**
992
+ * Session management interface
993
+ * Abstracts session keypair and granter storage/retrieval
994
+ */
995
+ interface SessionManager {
996
+ /** Get stored session keypair */
997
+ getLocalKeypair(): Promise<SignArbSecp256k1HdWallet | undefined>;
998
+ /** Generate and store a new session keypair */
999
+ generateAndStoreTempAccount(): Promise<SignArbSecp256k1HdWallet>;
1000
+ /** Get stored granter address */
1001
+ getGranter(): Promise<string | undefined>;
1002
+ /** Set granter address */
1003
+ setGranter(granter: string): Promise<void>;
1004
+ /** Verify grants exist on-chain (authenticate) */
1005
+ authenticate(): Promise<void>;
1006
+ /** Clean up session (logout) */
1007
+ logout(): Promise<void>;
1008
+ /** Redirect to dashboard (optional, for redirect flow) */
1009
+ redirectToDashboard?(): Promise<void>;
1010
+ /** Complete login after redirect callback (optional, for redirect flow)
1011
+ * Returns { keypair, granter } when login completes successfully, or undefined when redirecting
1012
+ */
1013
+ completeLogin?(): Promise<{
1014
+ keypair: SignArbSecp256k1HdWallet;
1015
+ granter: string;
1016
+ } | undefined>;
1017
+ /** Get signing client (optional, for redirect flow) */
1018
+ getSigner?(): Promise<GranteeSignerClient>;
1019
+ /** Subscribe to auth state changes (optional, for redirect flow) */
1020
+ subscribeToAuthStateChange?(callback: (isLoggedIn: boolean) => void): () => void;
1021
+ }
1022
+ /**
1023
+ * Connection result
1024
+ * Return type from orchestrator connection operations
1025
+ */
1026
+ interface ConnectionResult {
1027
+ /** Smart account address (granter) */
1028
+ smartAccountAddress: string;
1029
+ /** Connection info from connector */
1030
+ connectionInfo: ConnectorConnectionResult;
1031
+ /** Session keypair (grantee) */
1032
+ sessionKeypair: SignArbSecp256k1HdWallet;
1033
+ /** Grantee address */
1034
+ granteeAddress: string;
1035
+ /** Signing client (if grants were created) */
1036
+ signingClient?: GranteeSignerClient;
1037
+ }
1038
+ /**
1039
+ * Session restoration result
1040
+ * Uses AccountInfo when restored successfully to avoid duplication
1041
+ */
1042
+ type SessionRestorationResult = {
1043
+ restored: false;
1044
+ error?: string;
1045
+ } | ({
1046
+ restored: true;
1047
+ } & AccountInfo & {
1048
+ signingClient?: GranteeSignerClient;
1049
+ });
1050
+ /**
1051
+ * Type guard to check if session restoration was successful
1052
+ */
1053
+ declare function isSessionRestored(result: SessionRestorationResult): result is {
1054
+ restored: true;
1055
+ } & AccountInfo & {
1056
+ signingClient?: GranteeSignerClient;
1057
+ };
1058
+ /**
1059
+ * Type guard to check if session restoration failed with an error
1060
+ */
1061
+ declare function isSessionRestorationError(result: SessionRestorationResult): result is {
1062
+ restored: false;
1063
+ error: string;
1064
+ };
1065
+ /**
1066
+ * Extract AccountInfo from a restored session result
1067
+ * Throws if session was not restored
1068
+ */
1069
+ declare function getAccountInfoFromRestored(result: SessionRestorationResult): AccountInfo;
1070
+
1071
+ /**
1072
+ * Session restoration logic
1073
+ * Extracted from AbstraxionContext restoreDirectModeSession function
1074
+ */
1075
+
1076
+ /**
1077
+ * Configuration for creating a signing client during session restoration
1078
+ */
1079
+ interface SigningClientConfig {
1080
+ rpcUrl: string;
1081
+ gasPrice: string;
1082
+ treasuryAddress?: string;
1083
+ }
1084
+ /**
1085
+ * Restore an existing session if valid
1086
+ * Checks for stored keypair and granter, then verifies grants on-chain
1087
+ * Optionally creates a signing client if config is provided
1088
+ *
1089
+ * @param sessionManager - Session management interface
1090
+ * @param signingClientConfig - Optional config for creating signing client
1091
+ * @returns Session restoration result with `restored: false` if no valid session exists,
1092
+ * or `restored: true` with `keypair`, `granterAddress`, and optionally `signingClient` if session was restored successfully
1093
+ */
1094
+ declare function restoreSession(sessionManager: SessionManager, signingClientConfig?: SigningClientConfig): Promise<SessionRestorationResult>;
1095
+
1096
+ /**
1097
+ * Redirect flow logic
1098
+ * Handles OAuth redirect flow using AbstraxionAuth methods
1099
+ */
1100
+
1101
+ /**
1102
+ * Initiate redirect flow
1103
+ * Requires SessionManager with redirectToDashboard() method
1104
+ *
1105
+ * @param sessionManager - Session manager that supports redirect flow
1106
+ * @param rpcUrl - RPC URL for fetching dashboard URL from network config
1107
+ * @returns Dashboard URL for state dispatch
1108
+ */
1109
+ declare function initiateRedirect(sessionManager: SessionManager, rpcUrl: string): Promise<{
1110
+ dashboardUrl: string;
1111
+ }>;
1112
+ /**
1113
+ * Complete redirect flow after callback
1114
+ * Requires SessionManager with completeLogin() and getSigner() methods
1115
+ */
1116
+ declare function completeRedirect(sessionManager: SessionManager): Promise<SessionRestorationResult>;
1117
+
1118
+ /**
1119
+ * Grant creation logic
1120
+ * Handles creating authorization grants from smart account to session keypair
1121
+ */
1122
+
1123
+ /**
1124
+ * Result of grant creation operation
1125
+ */
1126
+ type GrantCreationResult = {
1127
+ success: true;
1128
+ } | {
1129
+ success: false;
1130
+ error: string;
1131
+ };
1132
+ /**
1133
+ * Parameters for grant creation
1134
+ */
1135
+ interface GrantCreationParams {
1136
+ /** Smart account address (granter) */
1137
+ smartAccountAddress: string;
1138
+ /** Connection result from connector */
1139
+ connectionResult: ConnectorConnectionResult;
1140
+ /** Session key address (grantee) */
1141
+ granteeAddress: string;
1142
+ /** Grant configuration */
1143
+ grantConfig: GrantConfig;
1144
+ /** Storage strategy for accessing stored values */
1145
+ storageStrategy: StorageStrategy;
1146
+ /** RPC URL */
1147
+ rpcUrl: string;
1148
+ /** Gas price (e.g., "0.001uxion") */
1149
+ gasPrice: string;
1150
+ }
1151
+ /**
1152
+ * Check if grants exist in storage for a given smart account
1153
+ * Uses StorageStrategy to support both web (localStorage) and React Native (AsyncStorage)
1154
+ *
1155
+ * @param smartAccountAddress - The smart account address to check
1156
+ * @param storageStrategy - Storage strategy for accessing stored values
1157
+ * @returns Object with grantsExist flag and stored values
1158
+ */
1159
+ declare function checkStorageGrants(smartAccountAddress: string, storageStrategy: StorageStrategy): Promise<{
1160
+ grantsExist: boolean;
1161
+ storedGranter: string | null;
1162
+ storedTempAccount: string | null;
1163
+ }>;
1164
+ /**
1165
+ * Create grants for a connected account
1166
+ * Extracted from useGrantsFlow hook
1167
+ *
1168
+ * @param params - Grant creation parameters
1169
+ * @returns Result indicating success or failure. On success, grants are created/verified.
1170
+ * Signing client should be created by the caller using the session keypair.
1171
+ */
1172
+ declare function createGrants(params: GrantCreationParams): Promise<GrantCreationResult>;
1173
+
1174
+ /**
1175
+ * Connection Flow Orchestrator
1176
+ * Coordinates the complete connection flow by combining:
1177
+ * - accountConnection.ts: Connector connection & account discovery/creation
1178
+ * - grantCreation.ts: Authorization grant creation
1179
+ * - sessionRestoration.ts: Session restoration logic
1180
+ *
1181
+ * This orchestrator unifies all connector flows: session restoration, grant creation, account discovery
1182
+ * It delegates implementation to the separate flow modules while coordinating the overall sequence.
1183
+ */
1184
+
1185
+ /**
1186
+ * Configuration for ConnectionOrchestrator
1187
+ */
1188
+ interface ConnectionOrchestratorConfig {
1189
+ /** Session manager for keypair and granter storage */
1190
+ sessionManager: SessionManager;
1191
+ /** Storage strategy for accessing stored values (web: localStorage, React Native: AsyncStorage) */
1192
+ storageStrategy: StorageStrategy;
1193
+ /** Account discovery strategy (CompositeAccountStrategy from @burnt-labs/account-management) */
1194
+ accountStrategy?: CompositeAccountStrategy;
1195
+ /** Grant configuration */
1196
+ grantConfig?: GrantConfig;
1197
+ /** Account creation configuration (required if accounts need to be created) */
1198
+ accountCreationConfig?: AccountCreationConfig;
1199
+ /** Chain ID */
1200
+ chainId: string;
1201
+ /** RPC URL */
1202
+ rpcUrl: string;
1203
+ /** Gas price (e.g., "0.001uxion") */
1204
+ gasPrice: string;
1205
+ }
1206
+ /**
1207
+ * Connection Orchestrator
1208
+ * Coordinates the full connection flow: connect → discover account → create grants → ready
1209
+ */
1210
+ declare class ConnectionOrchestrator {
1211
+ private config;
1212
+ constructor(config: ConnectionOrchestratorConfig);
1213
+ /**
1214
+ * Restore an existing session if valid
1215
+ * Checks for stored keypair and granter, then verifies grants on-chain
1216
+ * Optionally creates a signing client if createSigningClient is true
1217
+ *
1218
+ * @param createSigningClient - If true, creates signing client for restored session
1219
+ */
1220
+ restoreSession(createSigningClient?: boolean): Promise<SessionRestorationResult>;
1221
+ /**
1222
+ * Check if grants exist in storage for a given smart account
1223
+ * Uses StorageStrategy to support both web and React Native
1224
+ */
1225
+ checkStorageGrants(smartAccountAddress: string): Promise<{
1226
+ grantsExist: boolean;
1227
+ storedGranter: string | null;
1228
+ storedTempAccount: string | null;
1229
+ }>;
1230
+ /**
1231
+ * Connect via a connector and discover/create smart account
1232
+ *
1233
+ * @param connector - The connector to use
1234
+ * @param authenticator - Optional authenticator string (if already known)
1235
+ * @returns Connection result with smart account address and connection info
1236
+ */
1237
+ connect(connector: Connector, authenticator?: string): Promise<ConnectionResult>;
1238
+ /**
1239
+ * Create grants for a connected account
1240
+ *
1241
+ * @param smartAccountAddress - Smart account address (granter)
1242
+ * @param connectionResult - Connection result from connector
1243
+ * @param granteeAddress - Session key address (grantee)
1244
+ * @returns Result indicating success or failure
1245
+ */
1246
+ createGrants(smartAccountAddress: string, connectionResult: ConnectorConnectionResult, granteeAddress: string): Promise<GrantCreationResult>;
1247
+ /**
1248
+ * Complete connection flow: connect → discover → create grants → ready
1249
+ */
1250
+ connectAndSetup(connector: Connector, authenticator?: string): Promise<ConnectionResult>;
1251
+ /**
1252
+ * Initiate redirect flow
1253
+ * Uses AbstraxionAuth.redirectToDashboard() if available
1254
+ *
1255
+ * @returns Dashboard URL for state dispatch
1256
+ */
1257
+ initiateRedirect(): Promise<{
1258
+ dashboardUrl: string;
1259
+ }>;
1260
+ /**
1261
+ * Complete redirect flow after callback
1262
+ * Uses AbstraxionAuth.login() if available
1263
+ */
1264
+ completeRedirect(): Promise<SessionRestorationResult>;
1265
+ /**
1266
+ * Create signing client for grantee using session keypair
1267
+ * Used when grants already exist or after grants are created
1268
+ */
1269
+ private createSigningClient;
1270
+ /**
1271
+ * Cleanup resources
1272
+ */
1273
+ destroy(): void;
1274
+ }
1275
+
1276
+ /**
1277
+ * Account connection logic
1278
+ * Handles connecting via connector and discovering/creating smart accounts
1279
+ */
1280
+
1281
+ /**
1282
+ * Parameters for account connection
1283
+ */
1284
+ interface AccountConnectionParams {
1285
+ /** The connector to use */
1286
+ connector: Connector;
1287
+ /** Optional authenticator string (if already known) */
1288
+ authenticator?: string;
1289
+ /** Chain ID */
1290
+ chainId: string;
1291
+ /** RPC URL for transaction confirmation */
1292
+ rpcUrl: string;
1293
+ /** Account discovery strategy */
1294
+ accountStrategy: CompositeAccountStrategy;
1295
+ /** Account creation configuration (required if accounts need to be created) */
1296
+ accountCreationConfig?: AccountCreationConfig;
1297
+ /** Session manager for keypair management */
1298
+ sessionManager: SessionManager;
1299
+ }
1300
+ /**
1301
+ * Connect via a connector and discover/create smart account
1302
+ *
1303
+ * @param params - Connection parameters
1304
+ * @returns Connection result with smart account address and connection info
1305
+ */
1306
+ declare function connectAccount(params: AccountConnectionParams): Promise<ConnectionResult>;
1307
+
1308
+ export { AccountConnectionParams, AccountCreationConfig, AccountExistenceResult, AccountIndexerConfig, AccountInfo, AccountState, AccountStateAction, AccountStateGuards, AddressValidationError, AllSmartWalletQueryResponse, Allowance, AllowanceResponse, Authenticator, BaseAllowance, CompositeAccountStrategy, CompositeTreasuryStrategy, ConnectionOrchestrator, ConnectionOrchestratorConfig, ConnectionResult, ContractGrantDescription, ContractValidationResult, ContractsAllowance, CosmosAuthzPermission, CreateCompositeAccountStrategyConfig, CreateCompositeTreasuryStrategyConfig, DENOM_DECIMALS, DENOM_DISPLAY_MAP, DaoDaoTreasuryStrategy, DaoDaoTreasuryStrategyConfig, DirectQueryTreasuryStrategy, EmptyAccountStrategy, FeeGrantValidationError, FeeGrantValidationResult, GrantConfig, GrantCreationParams, GrantCreationResult, IndexerStrategy, InvalidAllowanceError, InvalidContractGrantError, MultiAnyAllowance, NumiaAccountStrategy, PermissionDescription, RpcAccountStrategy, RpcAccountStrategyConfig, SelectedSmartAccount, SessionManager, SessionRestorationResult, SigningClientConfig, SmartAccount$1 as SmartAccount, SmartAccountContractConfig, SmartAccountWithCodeId, SpendLimit, SubqueryAccountStrategy, TreasuryContractResponse, UserIndexerConfig, accountStateReducer, buildGrantMessages, checkAccountExists, checkStorageGrants, completeRedirect, connectAccount, convertIndexerConfig, createCompositeAccountStrategy, createCompositeTreasuryStrategy, createGrants, createJwtAuthenticatorIdentifier, deduplicateAccountsById, extractIndexerAuthToken, findBestMatchingAuthenticator, formatCoinArray, formatCoins, formatValidationErrors, formatXionAmount, generateBankGrant, generateContractGrant, generatePermissionDescriptions, generateStakeAndGovGrant, generateTreasuryGrants, getAccountInfoFromRestored, getContractAddress, initiateRedirect, isContractGrantConfigValid, isDuplicateAuthenticator, isSelfReferentialGrant, isSessionRestorationError, isSessionRestored, isValidTransition, parseCoinString, queryTreasuryContractWithPermissions, restoreSession, validateActions, validateContractAddressFormat, validateContractGrants, validateContractGrantsOrThrow, validateFeeGrant, validateNewAuthenticator, verifyContractExists };