@exodus/ethereum-api 8.65.0 → 8.67.0

package/CHANGELOG.md

@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [8.67.0](https://github.com/ExodusMovement/assets/compare/@exodus/ethereum-api@8.66.0...@exodus/ethereum-api@8.67.0) (2026-03-09)
+
+
+### Features
+
+
+* feat: add hasLostPermission api method to asset plugins (#7524)
+
+
+### Bug Fixes
+
+
+* fix: queued/invalid Ethereum transactions being offered for RBF acceleration (#7463)
+
+
+
+## [8.66.0](https://github.com/ExodusMovement/assets/compare/@exodus/ethereum-api@8.65.0...@exodus/ethereum-api@8.66.0) (2026-03-04)
+
+
+### Features
+
+
+* feat: add USDT blacklist status APIs for ETH and TRX and expose TRX raw account (#7444)
+
+
+
 ## [8.65.0](https://github.com/ExodusMovement/assets/compare/@exodus/ethereum-api@8.64.5...@exodus/ethereum-api@8.65.0) (2026-03-03)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@exodus/ethereum-api",
-  "version": "8.65.0",
+  "version": "8.67.0",
   "description": "Transaction monitors, fee monitors, RPC with the blockchain node, and other networking code for Ethereum and EVM-based blockchains",
   "type": "module",
   "main": "src/index.js",
@@ -23,7 +23,7 @@
   },
   "dependencies": {
     "@exodus/asset": "^2.0.4",
-    "@exodus/asset-lib": "^5.3.0",
+    "@exodus/asset-lib": "^5.8.0",
     "@exodus/assets": "^11.4.0",
     "@exodus/basic-utils": "^3.0.1",
     "@exodus/bip44-constants": "^195.0.0",
@@ -33,6 +33,7 @@
     "@exodus/ethereum-meta": "^2.9.1",
     "@exodus/ethereumholesky-meta": "^2.0.5",
     "@exodus/ethereumjs": "^1.8.0",
+    "@exodus/ethersproject-abi": "^5.4.2-exodus.2",
     "@exodus/fetch": "^1.3.0",
     "@exodus/models": "^12.13.0",
     "@exodus/safe-string": "^1.4.0",
@@ -68,5 +69,5 @@
     "type": "git",
     "url": "git+https://github.com/ExodusMovement/assets.git"
   },
-  "gitHead": "98c4dc4e2cd52781dadc2af4fae2b80ecc276626"
+  "gitHead": "f27651709a0a2c70f3c0867afc543fcfa5cfd5c2"
 }

package/src/create-asset-utils.js

@@ -1,13 +1,17 @@
+import { BlacklistCheckTypes } from '@exodus/asset-lib'
+import { defaultAbiCoder } from '@exodus/ethersproject-abi'
+import { safeString } from '@exodus/safe-string'
 import assert from 'minimalistic-assert'
 import ms from 'ms'
 
+import { EVM_ERROR_REASONS, withErrorReason } from './error-wrapper.js'
 import { createEvmServer, createWsGateway, ValidMonitorTypes } from './exodus-eth-server/index.js'
 import { createEthereumHooks } from './hooks/index.js'
 import { ClarityMonitor } from './tx-log/clarity-monitor.js'
 import { ClarityMonitorV2 } from './tx-log/clarity-monitor-v2.js'
 import { EthereumMonitor } from './tx-log/ethereum-monitor.js'
 import { EthereumNoHistoryMonitor } from './tx-log/ethereum-no-history-monitor.js'
-import { BLOCK_TAG_PENDING, resolveNonce } from './tx-send/nonce-utils.js'
+import { BLOCK_TAG_LATEST, BLOCK_TAG_PENDING, resolveNonce } from './tx-send/nonce-utils.js'
 
 // Determines the appropriate `monitorType`, `serverUrl` and `monitorInterval`
 // to use for a given config.
@@ -245,3 +249,64 @@ export const getNonceFactory = ({ assetClientInterface, useAbsoluteBalanceAndNon
 
   return { getNonce }
 }
+
+// Creates a contract-based blacklist check function.
+// async ({ address }) => boolean
+export const createContractBlackListCheck = ({ contractAddress, selector, server }) => {
+  assert(contractAddress, 'expected contractAddress')
+  assert(selector, 'expected selector')
+  assert(server, 'expected server')
+
+  return async ({ address }) => {
+    const tag = BLOCK_TAG_LATEST
+    const encodedAddress = address.slice(2).toLowerCase().padStart(64, '0')
+    const data = selector + encodedAddress
+    const result = await withErrorReason({
+      promise: server.ethCall({ to: contractAddress, data }, tag),
+      errorReasonInfo: EVM_ERROR_REASONS.ethCallErc20Failed,
+      hint: safeString`getBlackListStatus:ethCall`,
+      baseAssetName: server.baseAssetName,
+    })
+
+    if (typeof result !== 'string' || result.length === 0) {
+      throw new Error('getBlackListStatus got invalid ethCall response')
+    }
+
+    let isBlacklisted
+    try {
+      ;[isBlacklisted] = defaultAbiCoder.decode(['bool'], result)
+    } catch (err) {
+      throw new Error(`getBlackListStatus got invalid ABI bool result: ${err.message}`)
+    }
+
+    return isBlacklisted
+  }
+}
+
+// Composes blacklist check factories into a single getBlackListStatus.
+// Returns undefined if no checks are provided.
+// Returns { isBlacklisted: true } if ANY check returns true.
+// NOTE: blacklistChecks defaults to [] as a convenience, but it is the asset's responsibility
+// to be properly configured with the appropriate checks. An empty array means no blacklist
+// checks are run, which implies EIP-7702 is effectively enabled on that network with no whitelist.
+export const createGetBlackListStatus = ({ address: addressApi, blacklistChecks = [], server }) => {
+  if (blacklistChecks.length === 0) return
+
+  assert(addressApi, 'expected address')
+
+  // Extend here to support additional blacklist sources (e.g. an internal database query).
+  const checks = blacklistChecks.map((factory) => {
+    if (factory.type === BlacklistCheckTypes.CONTRACT_CALL) {
+      assert(server, 'expected server for CONTRACT_CALL blacklist check')
+      return factory({ server })
+    }
+
+    throw new Error(`Unknown blacklist check type: ${factory.type}`)
+  })
+
+  return async ({ address }) => {
+    assert(addressApi.validate(address), 'getBlackListStatus requires a valid Ethereum address')
+    const results = await Promise.all(checks.map((check) => check({ address })))
+    return { isBlacklisted: results.some(Boolean) }
+  }
+}

package/src/create-asset.js

@@ -22,6 +22,7 @@ import assert from 'minimalistic-assert'
 
 import { addressHasHistoryFactory } from './address-has-history.js'
 import {
+  createGetBlackListStatus,
   createHistoryMonitorFactory,
   createTransactionPrivacyFactory,
   getNonceFactory,
@@ -68,6 +69,7 @@ export const createAssetFactory = ({
   useEip1191ChainIdChecksum = false,
   forceGasLimitEstimation = false,
   rpcBalanceAssetNames = [],
+  blacklistChecks = [],
   supportsCustomFees: defaultSupportsCustomFees = false,
   useAbsoluteBalanceAndNonce = false,
   delisted = false,
@@ -264,10 +266,17 @@ export const createAssetFactory = ({
 
     const { getNonce } = getNonceFactory({ assetClientInterface, useAbsoluteBalanceAndNonce })
 
+    const getBlackListStatus = createGetBlackListStatus({ server, address, blacklistChecks })
+
     const api = {
       addressHasHistory,
       broadcastTx: (...args) => server.sendRawTransaction(...args),
       createAccountState: () => accountStateClass,
+      hasLostPermission: ({ accountState }) => {
+        if (!eip7702Supported) return false
+        const delegation = accountState?.eip7702Delegation
+        return Boolean(delegation?.isDelegated) && !delegation?.isWhitelisted
+      },
       createFeeMonitor,
       createHistoryMonitor,
       createToken,
@@ -279,6 +288,7 @@ export const createAssetFactory = ({
       getActivityTxs,
       getBalances,
       getBalanceForAddress: createGetBalanceForAddress({ asset, server }),
+      ...(getBlackListStatus && { getBlackListStatus }),
       getConfirmationsNumber: () => confirmationsNumber,
       getDefaultAddressPath: () => defaultAddressPath,
       getFeeAsync: createTx, // createTx alias, remove me when possible

package/src/index.js

@@ -100,6 +100,8 @@ export { txSendFactory } from './tx-send/index.js'
 
 export { createAssetFactory } from './create-asset.js'
 
+export { createContractBlackListCheck } from './create-asset-utils.js'
+
 export {
   createAssetPluginFactory,
   fromAddEthereumChainParameterToFactoryParams,

package/src/tx-create.js

@@ -159,6 +159,63 @@ const resolveTxFactoryGasPrices = async ({
   }
 }
 
+// Pre-broadcast safety check for RBF replacements.
+//
+// Clarity can lag behind the node: it may still report a tx as pending after
+// the node has evicted it, or show a queued (gapped) tx as acceleratable.
+// Broadcasting an RBF for a gapped tx — one whose predecessor slot is empty in
+// the node's mempool — produces ErrFutureReplacePending.
+//
+// This check is best-effort: if either RPC call fails (network error, unsupported
+// endpoint, etc.) we fall through and let the broadcast surface the error.
+async function verifyBumpTxCanReplace({ baseAsset, bumpTxId, fromAddress, nonce }) {
+  let rpcTx, pendingNonceHex
+
+  try {
+    ;[rpcTx, pendingNonceHex] = await Promise.all([
+      baseAsset.server.getTransactionByHash(bumpTxId),
+      baseAsset.server.getTransactionCount(fromAddress, 'pending'),
+    ])
+  } catch (err) {
+    console.warn(
+      `verifyBumpTxCanReplace: pre-broadcast RPC check failed for ${bumpTxId}, falling through`,
+      err.message
+    )
+    return
+  }
+
+  if (!rpcTx) {
+    // The tx was dropped from the node's mempool — Clarity hasn't caught up yet.
+    // TODO: eagerly mark this tx as dropped in the tx log so the UI updates
+    // immediately instead of waiting for Clarity's next polling cycle.
+    throw new Error(
+      `ERR_BUMP_TX_DROPPED: Cannot bump transaction ${bumpTxId}: transaction was dropped from the network`
+    )
+  }
+
+  // pendingNonce = 4
+  // [0][1][2][3]{4}{5}{6}...
+  //              ^--- next empty slot (pendingNonce)
+  //
+  // Nonce to replace must be < pendingNonce (i.e. slot is already accounted for).
+  // If nonce >= pendingNonce, the slot is empty or gapped — not safe to replace.
+  const pendingNonce = parseInt(pendingNonceHex, 16)
+  if (pendingNonce <= nonce) {
+    // A predecessor tx was dropped by the node, leaving a gap below this tx.
+    // The tx itself is still in the node's queued pool but can't execute until
+    // the missing nonce slot is filled.
+    // TODO: identify the dropped predecessor (scan nonces from pendingNonce to
+    // nonce - 1), mark it as dropped in the tx log, and surface a clear message
+    // to the user: "a previous transaction was dropped — send a new transaction
+    // first, then you'll be able to accelerate this one."
+    throw new Error(
+      `ERR_BUMP_TX_NONCE_GAP: Cannot bump transaction ${bumpTxId}: nonce gap detected — ` +
+        `node's pending nonce (${pendingNonce}) ≤ tx nonce (${nonce}), ` +
+        `broadcasting would produce ErrFutureReplacePending`
+    )
+  }
+}
+
 const createBumpUnsignedTx = async ({
   fromAddress,
   chainId,
@@ -223,6 +280,8 @@ const createBumpUnsignedTx = async ({
 
   const nonce = maybeProvidedNonce ?? replacedTxNonce
 
+  await verifyBumpTxCanReplace({ baseAsset, bumpTxId, fromAddress, nonce })
+
   const resolvedTxAttributes = await resolveTxAttributesByTxType({
     asset,
     assetClientInterface,