@hfunlabs/hypurr-connect 0.1.11 → 0.1.13

package/src/HypurrConnectProvider.tsx

@@ -4,8 +4,8 @@ import {
   type IRequestTransport,
 } from "@hfunlabs/hyperliquid";
 import {
-  PrivateKeySigner,
   signUserSignedAction,
+  type AbstractViemLocalAccount,
 } from "@hfunlabs/hyperliquid/signing";
 import type { RpcOptions } from "@protobuf-ts/runtime-rpc";
 import type { TelegramUserResponse } from "hypurr-grpc/ts/hypurr/telegram/telegram_service";
@@ -36,9 +36,12 @@ import {
 } from "./agent";
 import { createStaticClient, createTelegramClient } from "./grpc";
 import { GrpcExchangeTransport } from "./GrpcExchangeTransport";
+import { PrivateKeySigner } from "./privateKeySigner";
 import type {
   AuthMethod,
   EoaSigner,
+  EvmTransactionRequest,
+  Hex,
   HypurrConnectConfig,
   HypurrConnectState,
   HypurrUser,
@@ -49,8 +52,6 @@ import type {
 /** @internal context value — extends the public type with fields used only by library internals */
 interface InternalConnectState extends HypurrConnectState {
   loginTelegram: () => void;
-  botUsername: string;
-  useWidget: boolean;
 }
 
 const TELEGRAM_STORAGE_KEY = "hypurr-connect-tg-jwt";
@@ -59,6 +60,8 @@ const TELEGRAM_AUTH_STATE_KEY = "hypurr-connect-auth-state";
 const TELEGRAM_AUTH_MESSAGE = "hypurr-connect:telegram-auth";
 const DEFAULT_AUTH_HUB_URL = "https://auth.hypurr.fun/login";
 const DEFAULT_MEDIA_URL = "https://media.hypurr.fun";
+const IGNORED_EXTERNAL_SIGNATURE =
+  "0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b" as const;
 const DEFAULT_TELEGRAM_SCOPES = [
   "telegram:user:read",
   "telegram:wallet:read",
@@ -68,8 +71,20 @@ const DEFAULT_TELEGRAM_SCOPES = [
   "telegram:cabal:read",
   "telegram:cabal:write",
   "telegram:agent:write",
+  "telegram:support:read",
+  "telegram:support:write",
 ];
 
+function createExternalSigningWallet(address: Hex): AbstractViemLocalAccount {
+  return {
+    address,
+    signTypedData(params) {
+      void params;
+      return Promise.resolve(IGNORED_EXTERNAL_SIGNATURE);
+    },
+  };
+}
+
 function isInvalidTelegramAuthError(err: unknown): boolean {
   const msg =
     err instanceof Error
@@ -86,6 +101,60 @@ function normalizeMediaUrl(mediaUrl?: string): string {
   return (mediaUrl?.trim() || DEFAULT_MEDIA_URL).replace(/\/+$/, "");
 }
 
+function isAddress(value?: string | null): value is Hex {
+  return !!value && /^0x[a-fA-F0-9]{40}$/.test(value);
+}
+
+function getRawSignedTransaction(result: unknown): Hex | null {
+  if (typeof result === "string" && result.startsWith("0x")) {
+    return result as Hex;
+  }
+  if (!result || typeof result !== "object") return null;
+
+  const record = result as Record<string, unknown>;
+  const candidates = [
+    record.raw,
+    record.rawTransaction,
+    record.signedTransaction,
+    record.serializedTransaction,
+    record.result,
+  ];
+  const raw = candidates.find(
+    (value): value is string =>
+      typeof value === "string" && value.startsWith("0x"),
+  );
+  return raw ? (raw as Hex) : null;
+}
+
+function decodeJsonBytes(bytes: Uint8Array): unknown {
+  const text = new TextDecoder().decode(bytes);
+  if (!text) return null;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return text;
+  }
+}
+
+function encodeJsonBytes(value: unknown): Uint8Array {
+  return new TextEncoder().encode(JSON.stringify(value));
+}
+
+function withExpectedFrom(
+  transaction: EvmTransactionRequest,
+  address: Hex,
+): EvmTransactionRequest {
+  if (
+    transaction.from &&
+    transaction.from.toLowerCase() !== address.toLowerCase()
+  ) {
+    throw new Error(
+      "[HypurrConnect] EVM transaction `from` does not match the connected wallet.",
+    );
+  }
+  return transaction.from ? transaction : { ...transaction, from: address };
+}
+
 function currentReturnTo(): string {
   const url = new URL(window.location.href);
   for (const param of [
@@ -113,9 +182,7 @@ function normalizeScopes(scope?: string | string[]): string {
   return scope?.trim() || DEFAULT_TELEGRAM_SCOPES.join(" ");
 }
 
-function isTelegramAuthMessage(
-  data: unknown,
-): data is {
+function isTelegramAuthMessage(data: unknown): data is {
   type: typeof TELEGRAM_AUTH_MESSAGE;
   token: string;
   state: string;
@@ -435,9 +502,12 @@ export function HypurrConnectProvider({
         displayName: tgUser.telegramUsername
           ? `@${tgUser.telegramUsername}`
           : `Telegram ${tgUser.telegramId}`,
-        photoUrl: tgUser.pictureFileId
-          ? `${mediaUrl}/${tgUser.pictureFileId}`
-          : undefined,
+        photoUrl: (() => {
+          // `pictureFileId` is read at runtime; the schema may not type it.
+          const fileId = (tgUser as unknown as { pictureFileId?: string })
+            .pictureFileId;
+          return fileId ? `${mediaUrl}/${fileId}` : undefined;
+        })(),
         authMethod: "telegram",
         telegramId: String(tgUser.telegramId),
         hfunScore: tgUser?.reputation?.hfunScore,
@@ -463,7 +533,7 @@ export function HypurrConnectProvider({
   ]);
 
   // ── Exchange client ──────────────────────────────────────────
-  // Telegram: GrpcExchangeTransport → HyperliquidCoreAction (server signs)
+  // Telegram: dummy local wallet → GrpcExchangeTransport → HyperliquidCoreAction (server signs)
   // EOA: dual wallet — agent key for L1 actions, master signer for user-signed
   //   actions (transfers, withdrawals, etc.). The dual wallet inspects the
   //   EIP-712 domain name to decide which key signs each request.
@@ -509,8 +579,7 @@ export function HypurrConnectProvider({
       });
       return new ExchangeClient({
         transport,
-        externalSigning: true,
-        userAddress: user.address as `0x${string}`,
+        wallet: createExternalSigningWallet(user.address as Hex),
       });
     }
 
@@ -530,8 +599,7 @@ export function HypurrConnectProvider({
         };
         return new ExchangeClient({
           transport: noAgentTransport,
-          externalSigning: true,
-          userAddress: eoaAddress,
+          wallet: createExternalSigningWallet(eoaAddress),
         });
       }
 
@@ -671,20 +739,9 @@ export function HypurrConnectProvider({
       // Dual wallet: routes signing based on the EIP-712 domain.
       // "Exchange" domain → L1 action → agent key signs (auto-provisions if needed).
       // "HyperliquidSignTransaction" domain → user-signed → master wallet (popup).
-      const dualWallet = {
+      const dualWallet: AbstractViemLocalAccount = {
         address: ownerAddress,
-        async signTypedData(params: {
-          domain: {
-            name?: string;
-            version?: string;
-            chainId?: number;
-            verifyingContract?: `0x${string}`;
-            salt?: `0x${string}`;
-          };
-          types: Record<string, { name: string; type: string }[]>;
-          primaryType: string;
-          message: Record<string, unknown>;
-        }): Promise<`0x${string}`> {
+        async signTypedData(params): Promise<`0x${string}`> {
           if (params.domain.name === "HyperliquidSignTransaction") {
             const signer = signerRef.current;
             if (!signer) {
@@ -731,6 +788,95 @@ export function HypurrConnectProvider({
     }
   }, [eoaAddress]);
 
+  const signEvmTransaction = useCallback(
+    async (transaction: EvmTransactionRequest): Promise<Hex> => {
+      if (authMethod === "eoa") {
+        if (!eoaAddress) {
+          throw new Error("[HypurrConnect] No EOA wallet connected.");
+        }
+
+        const signer = eoaSignerRef.current;
+        if (!signer) {
+          throw new Error(
+            "[HypurrConnect] No EOA signer available. Pass a signer to connectEoa(address, signer).",
+          );
+        }
+
+        const tx = withExpectedFrom(transaction, eoaAddress);
+        const result = signer.signTransaction
+          ? await signer.signTransaction(tx)
+          : signer.request
+            ? await signer.request({
+                method: "eth_signTransaction",
+                params: [tx],
+              })
+            : null;
+        const rawTransaction = getRawSignedTransaction(result);
+        if (!rawTransaction) {
+          throw new Error(
+            "[HypurrConnect] EOA signer did not return a raw transaction.",
+          );
+        }
+        return rawTransaction;
+      }
+
+      if (authMethod === "telegram") {
+        if (!telegramRpcOptions) {
+          throw new Error("[HypurrConnect] No Telegram RPC session available.");
+        }
+        if (!selectedWallet) {
+          throw new Error("[HypurrConnect] No Telegram wallet selected.");
+        }
+        if (
+          selectedWallet.id <= 0 ||
+          selectedWallet.isReadOnly ||
+          selectedWallet.isAgent
+        ) {
+          throw new Error(
+            "[HypurrConnect] Select a Telegram private-key wallet to sign EVM transactions.",
+          );
+        }
+        if (!isAddress(selectedWallet.ethereumAddress)) {
+          throw new Error(
+            "[HypurrConnect] Selected Telegram wallet does not have a valid EVM address.",
+          );
+        }
+
+        const tx = withExpectedFrom(
+          transaction,
+          selectedWallet.ethereumAddress,
+        );
+        try {
+          const signResponse = await tgClient.eVMSignTransaction(
+            {
+              authData: {},
+              walletId: selectedWallet.id,
+              params: encodeJsonBytes(tx),
+            },
+            telegramRpcOptions,
+          );
+          const rawTransaction = getRawSignedTransaction(
+            decodeJsonBytes(signResponse.response.result),
+          );
+          if (!rawTransaction) {
+            throw new Error(
+              "[HypurrConnect] Telegram signer did not return a raw transaction.",
+            );
+          }
+          return rawTransaction;
+        } catch (err) {
+          if (isInvalidTelegramAuthError(err)) {
+            onInvalidAuthRef.current?.();
+          }
+          throw err;
+        }
+      }
+
+      throw new Error("[HypurrConnect] No wallet connected.");
+    },
+    [authMethod, eoaAddress, selectedWallet, telegramRpcOptions, tgClient],
+  );
+
   // ── Wallet management (Telegram only) ───────────────────────
   const createWallet = useCallback(
     async (name: string): Promise<HyperliquidWallet> => {
@@ -767,6 +913,21 @@ export function HypurrConnectProvider({
     [tgClient, telegramRpcOptions, selectedWalletId, wallets, refreshWallets],
   );
 
+  const renameWallet = useCallback(
+    async (walletId: number, name: string): Promise<void> => {
+      await tgClient.hyperliquidWalletUpdate(
+        {
+          authData: {},
+          walletId,
+          name,
+        },
+        telegramRpcOptions,
+      );
+      refreshWallets();
+    },
+    [tgClient, telegramRpcOptions, refreshWallets],
+  );
+
   const createWalletPack = useCallback(
     async (name: string): Promise<number> => {
       const { response } = await tgClient.telegramChatWalletPackCreate(
@@ -988,16 +1149,16 @@ export function HypurrConnectProvider({
     const state = randomState();
     sessionStorage.setItem(TELEGRAM_AUTH_STATE_KEY, state);
 
-    const configuredReturnTo = config.telegram.returnTo;
+    const configuredReturnTo = config.telegram?.returnTo;
     const returnTo =
       typeof configuredReturnTo === "function"
         ? configuredReturnTo()
         : configuredReturnTo || currentReturnTo();
 
-    const authUrl = new URL(config.telegram.authHubUrl || DEFAULT_AUTH_HUB_URL);
+    const authUrl = new URL(config.telegram?.authHubUrl || DEFAULT_AUTH_HUB_URL);
     authUrl.searchParams.set("return_to", returnTo);
     authUrl.searchParams.set("state", state);
-    authUrl.searchParams.set("scope", normalizeScopes(config.telegram.scope));
+    authUrl.searchParams.set("scope", normalizeScopes(config.telegram?.scope));
 
     const width = 520;
     const height = 720;
@@ -1023,9 +1184,9 @@ export function HypurrConnectProvider({
 
     window.location.assign(authUrl.toString());
   }, [
-    config.telegram.authHubUrl,
-    config.telegram.returnTo,
-    config.telegram.scope,
+    config.telegram?.authHubUrl,
+    config.telegram?.returnTo,
+    config.telegram?.scope,
   ]);
 
   const connectEoa = useCallback(
@@ -1058,7 +1219,13 @@ export function HypurrConnectProvider({
         );
       }
 
-      eoaSignerRef.current = { signTypedData: signTypedDataAsync, chainId };
+      const currentSigner = eoaSignerRef.current;
+      eoaSignerRef.current = {
+        signTypedData: signTypedDataAsync,
+        signTransaction: currentSigner?.signTransaction,
+        request: currentSigner?.request,
+        chainId,
+      };
 
       setEoaLoading(true);
       setEoaError(null);
@@ -1182,6 +1349,7 @@ export function HypurrConnectProvider({
 
       createWallet,
       deleteWallet,
+      renameWallet,
       refreshWallets,
 
       packs,
@@ -1203,6 +1371,7 @@ export function HypurrConnectProvider({
 
       loginTelegram,
       connectEoa,
+      signEvmTransaction,
       approveAgent: approveAgentFn,
       logout,
 
@@ -1210,10 +1379,6 @@ export function HypurrConnectProvider({
       agentReady,
       clearAgent: handleClearAgent,
 
-      botId: config.telegram?.botId ?? "",
-      botUsername: config.telegram?.botUsername ?? "",
-      useWidget: config.telegram?.useWidget ?? false,
-
       authDataMap,
       authToken: tgAuthToken,
       telegramRpcOptions,
@@ -1233,6 +1398,7 @@ export function HypurrConnectProvider({
       selectWallet,
       createWallet,
       deleteWallet,
+      renameWallet,
       refreshWallets,
       packs,
       createWalletPack,
@@ -1249,14 +1415,12 @@ export function HypurrConnectProvider({
       closeLoginModal,
       loginTelegram,
       connectEoa,
+      signEvmTransaction,
       approveAgentFn,
       logout,
       agent,
       agentReady,
       handleClearAgent,
-      config.telegram?.botId,
-      config.telegram?.botUsername,
-      config.telegram?.useWidget,
       authDataMap,
       tgAuthToken,
       telegramRpcOptions,