@cartridge/controller 0.7.14-alpha.2 → 0.8.0

package/dist/types.d.ts

@@ -76,7 +76,7 @@ type CartridgeID = string;
 export type ControllerAccounts = Record<ContractAddress, CartridgeID>;
 export interface Keychain {
     probe(rpcUrl: string): Promise<ProbeReply | ConnectError>;
-    connect(policies: SessionPolicies, rpcUrl: string, signupOptions?: AuthOptions): Promise<ConnectReply | ConnectError>;
+    connect(policies: SessionPolicies, rpcUrl: string, signupOptions?: AuthOptions, version?: string): Promise<ConnectReply | ConnectError>;
     disconnect(): void;
     reset(): void;
     revoke(origin: string): void;
@@ -122,8 +122,8 @@ export type Chain = {
     rpcUrl: string;
 };
 export type ProviderOptions = {
-    defaultChainId: ChainId;
-    chains: Chain[];
+    defaultChainId?: ChainId;
+    chains?: Chain[];
 };
 export type KeychainOptions = IFrameOptions & {
     policies?: SessionPolicies;
@@ -137,6 +137,8 @@ export type KeychainOptions = IFrameOptions & {
     feeSource?: FeeSource;
     /** Signup options (the order of the options is reflected in the UI. It's recommended to group socials and wallets together ) */
     signupOptions?: AuthOptions;
+    /** When true, manually provided policies will override preset policies. Default is false. */
+    shouldOverridePresetPolicies?: boolean;
 };
 export type ProfileOptions = IFrameOptions & {
     /** The URL of profile. Mainly for internal development purpose */
@@ -147,11 +149,10 @@ export type ProfileOptions = IFrameOptions & {
     namespace?: string;
     /** The tokens to be listed on Inventory modal */
     tokens?: Tokens;
-    /** The policies to use for the profile */
-    policies?: SessionPolicies;
 };
 export type ProfileContextTypeVariant = "inventory" | "trophies" | "achievements" | "leaderboard" | "activity";
+export type Token = "eth" | "strk" | "lords" | "usdc" | "usdt";
 export type Tokens = {
-    erc20?: string[];
+    erc20?: Token[];
 };
 export {};

package/dist/utils.d.ts

@@ -1,5 +1,5 @@
 import { Call } from 'starknet';
-import { default as wasm } from '@cartridge/account-wasm/controller';
+import { Policy } from '@cartridge/controller-wasm/controller';
 import { Policies, SessionPolicies } from '@cartridge/presets';
 import { ChainId } from '@starknet-io/types-js';
 import { ParsedSessionPolicies } from './policies';
@@ -9,7 +9,7 @@ export declare function normalizeCalls(calls: Call | Call[]): {
     calldata: import('starknet').HexCalldata;
 }[];
 export declare function toSessionPolicies(policies: Policies): SessionPolicies;
-export declare function toWasmPolicies(policies: ParsedSessionPolicies): wasm.Policy[];
+export declare function toWasmPolicies(policies: ParsedSessionPolicies): Policy[];
 export declare function toArray<T>(val: T | T[]): T[];
 export declare function humanizeString(str: string): string;
-export declare function parseChainId(url: URL): Promise<ChainId>;
+export declare function parseChainId(url: URL): ChainId;

package/dist/wallets/index.d.ts

@@ -3,6 +3,4 @@ export * from './bridge';
 export * from './metamask';
 export * from './phantom';
 export * from './rabby';
-export * from './turnkey';
 export * from './types';
-export * from './wallet-connect';

package/jest.config.ts

@@ -8,6 +8,8 @@ const config: Config = {
   transform: {
     '^.+\\.tsx?$': 'ts-jest',
   },
+  setupFilesAfterEnv: ['<rootDir>/src/__tests__/setup.ts'],
+  testTimeout: 10000,
 };
 
 export default config;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cartridge/controller",
-  "version": "0.7.14-alpha.2",
+  "version": "0.8.0",
   "description": "Cartridge Controller",
   "module": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -28,6 +28,7 @@
     "starknetkit": "^2.6.1"
   },
   "dependencies": {
+    "@cartridge/controller-wasm": "0.1.7",
     "@cartridge/penpal": "^6.2.4",
     "ethers": "^6.13.5",
     "@starknet-io/types-js": "^0.7.7",
@@ -35,12 +36,11 @@
     "@turnkey/sdk-browser": "^4.0.0",
     "cbor-x": "^1.5.0",
     "mipd": "^0.0.7",
-    "@walletconnect/ethereum-provider": "^2.20.0",
-    "@cartridge/account-wasm": "0.7.14-alpha.2",
-    "@cartridge/utils": "0.7.14-alpha.2"
+    "@walletconnect/ethereum-provider": "^2.20.0"
   },
   "devDependencies": {
     "@types/jest": "^29.5.14",
+    "@types/mocha": "^10.0.10",
     "@types/node": "^18.0.6",
     "jest": "^29.7.0",
     "prettier": "^3.4.2",
@@ -53,7 +53,7 @@
     "vite-plugin-node-polyfills": "^0.22.0",
     "vite-plugin-top-level-await": "^1.4.4",
     "vite-plugin-wasm": "^3.4.1",
-    "@cartridge/tsconfig": "0.7.14-alpha.2"
+    "@cartridge/tsconfig": "0.8.0"
   },
   "scripts": {
     "build:deps": "pnpm build",

package/src/__tests__/controllerDefaults.test.ts

@@ -0,0 +1,80 @@
+import { constants } from "starknet";
+import ControllerProvider from "../controller";
+
+describe("ControllerProvider defaults", () => {
+  let originalConsoleError: any;
+  let originalConsoleWarn: any;
+
+  beforeEach(() => {
+    // Mock console methods to suppress expected errors/warnings
+    originalConsoleError = console.error;
+    originalConsoleWarn = console.warn;
+    console.error = jest.fn();
+    console.warn = jest.fn();
+  });
+
+  afterEach(() => {
+    console.error = originalConsoleError;
+    console.warn = originalConsoleWarn;
+  });
+
+  test("should use default chains and chainId when not provided", () => {
+    const controller = new ControllerProvider({});
+
+    expect(controller.rpcUrl()).toBe(
+      "https://api.cartridge.gg/x/starknet/mainnet",
+    );
+  });
+
+  test("should use custom chains when provided", () => {
+    const customChains = [
+      { rpcUrl: "https://api.cartridge.gg/x/starknet/sepolia" },
+    ];
+
+    const controller = new ControllerProvider({
+      chains: customChains,
+      defaultChainId: constants.StarknetChainId.SN_SEPOLIA,
+    });
+
+    expect(controller.rpcUrl()).toBe(
+      "https://api.cartridge.gg/x/starknet/sepolia",
+    );
+  });
+
+  test("should throw error when using non-Cartridge RPC for mainnet", async () => {
+    const invalidChains = [
+      { rpcUrl: "https://some-other-provider.com/starknet/mainnet" },
+    ];
+
+    expect(() => {
+      new ControllerProvider({
+        chains: invalidChains,
+        defaultChainId: constants.StarknetChainId.SN_MAIN,
+      });
+    }).toThrow("Only Cartridge RPC providers are allowed for mainnet");
+  });
+
+  test("should throw error when using non-Cartridge RPC for sepolia", async () => {
+    const invalidChains = [
+      { rpcUrl: "https://some-other-provider.com/starknet/sepolia" },
+    ];
+
+    expect(() => {
+      new ControllerProvider({
+        chains: invalidChains,
+        defaultChainId: constants.StarknetChainId.SN_SEPOLIA,
+      });
+    }).toThrow("Only Cartridge RPC providers are allowed for sepolia");
+  });
+
+  test("should allow non-Cartridge RPC for custom chains", () => {
+    const customChains = [{ rpcUrl: "http://localhost:5050" }];
+
+    // This should not throw
+    expect(() => {
+      new ControllerProvider({
+        chains: customChains,
+      });
+    }).not.toThrow();
+  });
+});

package/src/__tests__/parseChainId.test.ts

@@ -23,12 +23,6 @@ describe("parseChainId", () => {
       ).toBe(shortString.encodeShortString("WP_SLOT"));
     });
 
-    test("identifies slot chain on localhost", () => {
-      expect(parseChainId(new URL("http://localhost:8001/x/slot/katana"))).toBe(
-        shortString.encodeShortString("WP_SLOT"),
-      );
-    });
-
     test("identifies slot chain with hyphenated name", () => {
       expect(
         parseChainId(

package/src/__tests__/setup.ts

@@ -0,0 +1,29 @@
+// Jest setup file to handle cleanup of timers and open handles
+
+// Mock starknetkit to prevent it from creating timers
+jest.mock("starknetkit", () => ({
+  connect: jest.fn(),
+  StarknetWindowObject: {},
+}));
+
+jest.mock("starknetkit/injected", () => ({
+  InjectedConnector: jest.fn(),
+}));
+
+// Clean up any remaining timers after each test
+afterEach(() => {
+  jest.clearAllTimers();
+  jest.useRealTimers();
+});
+
+// Force cleanup after all tests
+afterAll(() => {
+  // Clear any remaining timers
+  jest.clearAllTimers();
+  jest.useRealTimers();
+
+  // Force garbage collection if available
+  if (global.gc) {
+    global.gc();
+  }
+});

package/src/controller.ts

@@ -1,28 +1,29 @@
 import { AsyncMethodReturns } from "@cartridge/penpal";
 
+import { Policy } from "@cartridge/presets";
+import {
+  AddInvokeTransactionResult,
+  AddStarknetChainParameters,
+  ChainId,
+} from "@starknet-io/types-js";
+import { constants, shortString, WalletAccount } from "starknet";
+import { version } from "../package.json";
 import ControllerAccount from "./account";
-import { KeychainIFrame, ProfileIFrame } from "./iframe";
 import { NotReadyToConnect } from "./errors";
+import { KeychainIFrame, ProfileIFrame } from "./iframe";
+import BaseProvider from "./provider";
 import {
-  Keychain,
-  ResponseCodes,
+  Chain,
+  ConnectError,
   ConnectReply,
-  ProbeReply,
   ControllerOptions,
-  ConnectError,
-  Profile,
   IFrames,
+  Keychain,
+  ProbeReply,
+  Profile,
   ProfileContextTypeVariant,
-  Chain,
+  ResponseCodes,
 } from "./types";
-import BaseProvider from "./provider";
-import { shortString, WalletAccount } from "starknet";
-import { Policy } from "@cartridge/presets";
-import {
-  AddInvokeTransactionResult,
-  AddStarknetChainParameters,
-  ChainId,
-} from "@starknet-io/types-js";
 import { parseChainId } from "./utils";
 
 export default class ControllerProvider extends BaseProvider {
@@ -33,10 +34,26 @@ export default class ControllerProvider extends BaseProvider {
   private selectedChain: ChainId;
   private chains: Map<ChainId, Chain>;
 
+  isReady(): boolean {
+    return !!this.keychain;
+  }
+
   constructor(options: ControllerOptions) {
     super();
 
-    this.selectedChain = options.defaultChainId;
+    // Default Cartridge chains that are always available
+    const cartridgeChains: Chain[] = [
+      { rpcUrl: "https://api.cartridge.gg/x/starknet/sepolia" },
+      { rpcUrl: "https://api.cartridge.gg/x/starknet/mainnet" },
+    ];
+
+    // Merge user chains with default chains
+    // User chains take precedence if they specify the same network
+    const chains = [...cartridgeChains, ...(options.chains || [])];
+    const defaultChainId =
+      options.defaultChainId || constants.StarknetChainId.SN_MAIN;
+
+    this.selectedChain = defaultChainId;
     this.chains = new Map<ChainId, Chain>();
 
     this.iframes = {
@@ -49,15 +66,48 @@ export default class ControllerProvider extends BaseProvider {
       }),
     };
 
-    this.options = options;
+    this.options = { ...options, chains, defaultChainId };
 
-    this.validateChains(options.chains);
+    this.initializeChains(chains);
 
     if (typeof window !== "undefined") {
       (window as any).starknet_controller = this;
     }
   }
 
+  async logout() {
+    if (!this.keychain) {
+      console.error(new NotReadyToConnect().message);
+      return;
+    }
+
+    try {
+      // Disconnect the controller/keychain first
+      await this.disconnect();
+
+      // Close all controller iframes
+      const iframes = document.querySelectorAll('iframe[id^="controller-"]');
+      iframes.forEach((iframe) => {
+        const container = iframe.parentElement;
+        if (container) {
+          container.style.visibility = "hidden";
+          container.style.opacity = "0";
+        }
+      });
+
+      // Reset body overflow
+      if (document.body) {
+        document.body.style.overflow = "auto";
+      }
+
+      // Reload the page to complete logout
+      window.location.reload();
+    } catch (err) {
+      console.error("Logout failed:", err);
+      throw err;
+    }
+  }
+
   async probe(): Promise<WalletAccount | undefined> {
     try {
       await this.waitForKeychain();
@@ -96,6 +146,7 @@ export default class ControllerProvider extends BaseProvider {
           openSettings: () => this.openSettings.bind(this),
           openPurchaseCredits: () => this.openPurchaseCredits.bind(this),
           openExecute: () => this.openExecute.bind(this),
+          logout: () => this.logout.bind(this),
         },
         rpcUrl: this.rpcUrl(),
         username,
@@ -127,9 +178,18 @@ export default class ControllerProvider extends BaseProvider {
 
     try {
       let response = await this.keychain.connect(
-        this.options.policies || {},
+        // Policy precedence logic:
+        // 1. If shouldOverridePresetPolicies is true and policies are provided, use policies
+        // 2. Otherwise, if preset is defined, use empty object (let preset take precedence)
+        // 3. Otherwise, use provided policies or empty object
+        this.options.shouldOverridePresetPolicies && this.options.policies
+          ? this.options.policies
+          : this.options.preset
+            ? {}
+            : this.options.policies || {},
         this.rpcUrl(),
         this.options.signupOptions,
+        version,
       );
       if (response.code !== ResponseCodes.SUCCESS) {
         throw new Error(response.message);
@@ -368,14 +428,30 @@ export default class ControllerProvider extends BaseProvider {
     return await this.keychain.delegateAccount();
   }
 
-  private async validateChains(chains: Chain[]) {
+  private initializeChains(chains: Chain[]) {
     for (const chain of chains) {
       try {
         const url = new URL(chain.rpcUrl);
-        const chainId = await parseChainId(url);
+        const chainId = parseChainId(url);
+
+        // Validate that mainnet and sepolia must use Cartridge RPC
+        const isMainnet = chainId === constants.StarknetChainId.SN_MAIN;
+        const isSepolia = chainId === constants.StarknetChainId.SN_SEPOLIA;
+        const isCartridgeRpc = url.hostname === "api.cartridge.gg";
+        const isLocalhost =
+          url.hostname === "localhost" || url.hostname === "127.0.0.1";
+
+        if ((isMainnet || isSepolia) && !(isCartridgeRpc || isLocalhost)) {
+          throw new Error(
+            `Only Cartridge RPC providers are allowed for ${isMainnet ? "mainnet" : "sepolia"}. ` +
+              `Please use: https://api.cartridge.gg/x/starknet/${isMainnet ? "mainnet" : "sepolia"}`,
+          );
+        }
+
         this.chains.set(chainId, chain);
       } catch (error) {
         console.error(`Failed to parse chainId for ${chain.rpcUrl}:`, error);
+        throw error; // Re-throw to ensure invalid chains fail fast
       }
     }
 

package/src/iframe/base.ts

@@ -14,6 +14,7 @@ export class IFrame<CallSender extends {}> implements Modal {
   private iframe?: HTMLIFrameElement;
   private container?: HTMLDivElement;
   private onClose?: () => void;
+  private child?: AsyncMethodReturns<CallSender>;
 
   constructor({
     id,
@@ -72,6 +73,20 @@ export class IFrame<CallSender extends {}> implements Modal {
     container.style.pointerEvents = "auto";
     container.appendChild(iframe);
 
+    // Add click event listener to close iframe when clicking outside
+    container.addEventListener("click", (e) => {
+      if (e.target === container) {
+        // Attempting to reset(clear context) for keychain iframe (identified by ID)
+        if (id === "controller-keychain" && this.child) {
+          // Type assertion for keychain child only
+          (this.child as any)
+            .reset?.()
+            .catch((e: any) => console.error("Error resetting context:", e));
+        }
+        this.close();
+      }
+    });
+
     this.iframe = iframe;
     this.container = container;
 
@@ -98,7 +113,10 @@ export class IFrame<CallSender extends {}> implements Modal {
         reload: (_origin: string) => () => window.location.reload(),
         ...methods,
       },
-    }).promise.then(onConnect);
+    }).promise.then((child) => {
+      this.child = child;
+      onConnect(child);
+    });
 
     this.resize();
     window.addEventListener("resize", () => this.resize());

package/src/iframe/profile.ts

@@ -20,7 +20,6 @@ export class ProfileIFrame extends IFrame<Profile> {
     slot,
     namespace,
     tokens,
-    policies,
     ...iframeOptions
   }: ProfileIFrameOptions) {
     const _profileUrl = (profileUrl || PROFILE_URL).replace(/\/$/, "");
@@ -51,16 +50,6 @@ export class ProfileIFrame extends IFrame<Profile> {
       );
     }
 
-    if (policies?.contracts) {
-      const methods = Object.values(policies.contracts).flatMap(
-        (contract) => contract.methods,
-      );
-      _url.searchParams.set(
-        "methods",
-        encodeURIComponent(JSON.stringify(methods)),
-      );
-    }
-
     super({
       ...iframeOptions,
       id: "controller-profile",

package/src/node/account.ts

@@ -1,5 +1,5 @@
-import { Policy } from "@cartridge/account-wasm";
-import { CartridgeSessionAccount } from "@cartridge/account-wasm/session";
+import { Policy } from "@cartridge/controller-wasm";
+import { CartridgeSessionAccount } from "@cartridge/controller-wasm/session";
 import { Call, InvokeFunctionResponse, WalletAccount } from "starknet";
 
 import { normalizeCalls } from "../utils";

package/src/session/account.ts

@@ -1,5 +1,5 @@
-import { Policy } from "@cartridge/account-wasm";
-import { CartridgeSessionAccount } from "@cartridge/account-wasm/session";
+import { Policy } from "@cartridge/controller-wasm";
+import { CartridgeSessionAccount } from "@cartridge/controller-wasm/session";
 import { Call, InvokeFunctionResponse, WalletAccount } from "starknet";
 
 import { normalizeCalls } from "../utils";

package/src/types.ts

@@ -118,6 +118,7 @@ export interface Keychain {
     policies: SessionPolicies,
     rpcUrl: string,
     signupOptions?: AuthOptions,
+    version?: string,
   ): Promise<ConnectReply | ConnectError>;
   disconnect(): void;
 
@@ -200,8 +201,8 @@ export type Chain = {
 };
 
 export type ProviderOptions = {
-  defaultChainId: ChainId;
-  chains: Chain[];
+  defaultChainId?: ChainId;
+  chains?: Chain[];
 };
 
 export type KeychainOptions = IFrameOptions & {
@@ -216,6 +217,8 @@ export type KeychainOptions = IFrameOptions & {
   feeSource?: FeeSource;
   /** Signup options (the order of the options is reflected in the UI. It's recommended to group socials and wallets together ) */
   signupOptions?: AuthOptions;
+  /** When true, manually provided policies will override preset policies. Default is false. */
+  shouldOverridePresetPolicies?: boolean;
 };
 
 export type ProfileOptions = IFrameOptions & {
@@ -227,8 +230,6 @@ export type ProfileOptions = IFrameOptions & {
   namespace?: string;
   /** The tokens to be listed on Inventory modal */
   tokens?: Tokens;
-  /** The policies to use for the profile */
-  policies?: SessionPolicies;
 };
 
 export type ProfileContextTypeVariant =
@@ -238,6 +239,8 @@ export type ProfileContextTypeVariant =
   | "leaderboard"
   | "activity";
 
+export type Token = "eth" | "strk" | "lords" | "usdc" | "usdt";
+
 export type Tokens = {
-  erc20?: string[];
+  erc20?: Token[];
 };

package/src/utils.ts

@@ -5,12 +5,11 @@ import {
   constants,
   getChecksumAddress,
   hash,
-  Provider,
   shortString,
   typedData,
   TypedDataRevision,
 } from "starknet";
-import wasm from "@cartridge/account-wasm/controller";
+import { Policy } from "@cartridge/controller-wasm/controller";
 import { Policies, SessionPolicies } from "@cartridge/presets";
 import { ChainId } from "@starknet-io/types-js";
 import { ParsedSessionPolicies } from "./policies";
@@ -28,8 +27,6 @@ const ALLOWED_PROPERTIES = new Set([
   "primaryType",
 ]);
 
-const LOCAL_HOSTNAMES = ["localhost", "127.0.0.1", "0.0.0.0"];
-
 function validatePropertyName(prop: string): void {
   if (!ALLOWED_PROPERTIES.has(prop)) {
     throw new Error(`Invalid property name: ${prop}`);
@@ -92,7 +89,7 @@ export function toSessionPolicies(policies: Policies): SessionPolicies {
     : policies;
 }
 
-export function toWasmPolicies(policies: ParsedSessionPolicies): wasm.Policy[] {
+export function toWasmPolicies(policies: ParsedSessionPolicies): Policy[] {
   return [
     ...Object.entries(policies.contracts ?? {}).flatMap(
       ([target, { methods }]) =>
@@ -139,9 +136,55 @@ export function humanizeString(str: string): string {
   );
 }
 
-export async function parseChainId(url: URL): Promise<ChainId> {
+export function parseChainId(url: URL): ChainId {
   const parts = url.pathname.split("/");
 
+  // Handle localhost URLs by making a synchronous call to getChainId
+  if (
+    url.hostname === "localhost" ||
+    url.hostname === "127.0.0.1" ||
+    url.hostname === "0.0.0.0"
+  ) {
+    // Check if we're in a browser environment
+    if (typeof XMLHttpRequest === "undefined") {
+      // In Node.js environment (like tests), we can't make synchronous HTTP calls
+      // For now, we'll use a placeholder chainId for localhost in tests
+      console.warn(
+        `Cannot make synchronous HTTP call in Node.js environment for ${url.toString()}`,
+      );
+      return shortString.encodeShortString("LOCALHOST") as ChainId;
+    }
+
+    // Use a synchronous XMLHttpRequest to get the chain ID
+    const xhr = new XMLHttpRequest();
+    xhr.open("POST", url.toString(), false); // false makes it synchronous
+    xhr.setRequestHeader("Content-Type", "application/json");
+
+    const requestBody = JSON.stringify({
+      jsonrpc: "2.0",
+      method: "starknet_chainId",
+      params: [],
+      id: 1,
+    });
+
+    try {
+      xhr.send(requestBody);
+
+      if (xhr.status === 200) {
+        const response = JSON.parse(xhr.responseText);
+        if (response.result) {
+          return response.result as ChainId;
+        }
+      }
+
+      throw new Error(
+        `Failed to get chain ID from ${url.toString()}: ${xhr.status} ${xhr.statusText}`,
+      );
+    } catch (error) {
+      throw new Error(`Failed to connect to ${url.toString()}: ${error}`);
+    }
+  }
+
   if (parts.includes("starknet")) {
     if (parts.includes("mainnet")) {
       return constants.StarknetChainId.SN_MAIN;
@@ -161,12 +204,5 @@ export async function parseChainId(url: URL): Promise<ChainId> {
     }
   }
 
-  if (LOCAL_HOSTNAMES.includes(url.hostname)) {
-    const provider = new Provider({
-      nodeUrl: url.toString(),
-    });
-    return await provider.getChainId();
-  }
-
   throw new Error(`Chain ${url.toString()} not supported`);
 }