@inco/lightning 0.4.0 → 0.5.1

package/src/libs/incoLightning_testnet_v1_938327937.sol

@@ -0,0 +1,451 @@
+// AUTOGENERATED FILE. DO NOT EDIT.
+// This file was generated by the IncoLightning library generator.
+// The original template is located at Lib.template.sol
+
+/// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import { IncoLightning } from "../IncoLightning.sol";
+import { ebool, euint256, eaddress, ETypes } from "../Types.sol";
+
+IncoLightning constant inco = IncoLightning(0xFb0Bd1a97DD2ECA4c7560b2a35d56474593f3Bab);
+address constant deployedBy = 0x1804c8AB1F12E6bbf3894d4083f33e07309d1f38;
+
+function typeOf(bytes32 handle) pure returns (ETypes) {
+    return ETypes(uint8(uint256(handle) >> 8));
+}
+
+library e {
+    function sanitize(euint256 a) internal returns (euint256) {
+        if (euint256.unwrap(a) == bytes32(0)) {
+            return asEuint256(0);
+        }
+        return a;
+    }
+
+    function sanitize(ebool a) internal returns (ebool) {
+        if (ebool.unwrap(a) == bytes32(0)) {
+            return asEbool(false);
+        }
+        return a;
+    }
+
+    function sanitize(eaddress a) internal returns (eaddress) {
+        if (eaddress.unwrap(a) == bytes32(0)) {
+            return asEaddress(address(0));
+        }
+        return a;
+    }
+
+    function s(euint256 a) internal returns (euint256) {
+        return sanitize(a);
+    }
+
+    function s(ebool a) internal returns (ebool) {
+        return sanitize(a);
+    }
+
+    function s(eaddress a) internal returns (eaddress) {
+        return sanitize(a);
+    }
+
+    function add(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), s(b));
+    }
+
+    function add(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), asEuint256(b));
+    }
+
+    function add(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(asEuint256(a), s(b));
+    }
+
+    function sub(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), s(b));
+    }
+
+    function sub(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), asEuint256(b));
+    }
+
+    function sub(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(asEuint256(a), s(b));
+    }
+
+    function mul(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), s(b));
+    }
+
+    function mul(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), asEuint256(b));
+    }
+
+    function mul(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(asEuint256(a), s(b));
+    }
+
+    function div(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), s(b));
+    }
+
+    function div(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), asEuint256(b));
+    }
+
+    function div(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(asEuint256(a), s(b));
+    }
+
+    function rem(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), s(b));
+    }
+
+    function rem(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), asEuint256(b));
+    }
+
+    function rem(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(asEuint256(a), s(b));
+    }
+
+    function and(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function and(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function and(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function and(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function or(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function or(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function xor(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function xor(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function shl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), s(b));
+    }
+
+    function shl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), asEuint256(b));
+    }
+
+    function shl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(asEuint256(a), s(b));
+    }
+
+    function shr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), s(b));
+    }
+
+    function shr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), asEuint256(b));
+    }
+
+    function shr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(asEuint256(a), s(b));
+    }
+
+    function rotl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), s(b));
+    }
+
+    function rotl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), asEuint256(b));
+    }
+
+    function rotl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(asEuint256(a), s(b));
+    }
+
+    function rotr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), s(b));
+    }
+
+    function rotr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), asEuint256(b));
+    }
+
+    function rotr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(asEuint256(a), s(b));
+    }
+
+    function eq(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(euint256.unwrap(s(a)), euint256.unwrap(s(b)));
+    }
+
+    function eq(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eEq(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b)));
+    }
+
+    function eq(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b)));
+    }
+
+    function eq(eaddress a, address b) internal returns (ebool) {
+        return inco.eEq(eaddress.unwrap(s(a)), eaddress.unwrap(asEaddress(b)));
+    }
+
+    function eq(eaddress a, eaddress b) internal returns (ebool) {
+        return inco.eEq(eaddress.unwrap(s(a)), eaddress.unwrap(s(b)));
+    }
+
+    function eq(address a, eaddress b) internal returns (ebool) {
+        return inco.eEq(eaddress.unwrap(asEaddress(a)), eaddress.unwrap(s(b)));
+    }
+
+    function ne(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(euint256.unwrap(s(a)), euint256.unwrap(s(b)));
+    }
+
+    function ne(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eNe(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b)));
+    }
+
+    function ne(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b)));
+    }
+
+    function ne(eaddress a, eaddress b) internal returns (ebool) {
+        return inco.eNe(eaddress.unwrap(s(a)), eaddress.unwrap(s(b)));
+    }
+
+    function ne(eaddress a, address b) internal returns (ebool) {
+        return inco.eNe(eaddress.unwrap(s(a)), eaddress.unwrap(asEaddress(b)));
+    }
+
+    function ne(address a, eaddress b) internal returns (ebool) {
+        return inco.eNe(eaddress.unwrap(asEaddress(a)), eaddress.unwrap(s(b)));
+    }
+
+    function ge(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), s(b));
+    }
+
+    function ge(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), asEuint256(b));
+    }
+
+    function ge(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(asEuint256(a), s(b));
+    }
+
+    function gt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), s(b));
+    }
+
+    function gt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), asEuint256(b));
+    }
+
+    function gt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(asEuint256(a), s(b));
+    }
+
+    function le(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), s(b));
+    }
+
+    function le(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), asEuint256(b));
+    }
+
+    function le(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(asEuint256(a), s(b));
+    }
+
+    function lt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), s(b));
+    }
+
+    function lt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), asEuint256(b));
+    }
+
+    function lt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(asEuint256(a), s(b));
+    }
+
+    function min(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), s(b));
+    }
+
+    function min(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), asEuint256(b));
+    }
+
+    function min(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(asEuint256(a), s(b));
+    }
+
+    function max(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), s(b));
+    }
+
+    function max(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), asEuint256(b));
+    }
+
+    function max(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(asEuint256(a), s(b));
+    }
+
+    function not(ebool a) internal returns (ebool) {
+        return inco.eNot(s(a));
+    }
+
+    function rand() internal returns (euint256) {
+        return euint256.wrap(inco.eRand(ETypes.Uint256));
+    }
+
+    function randBounded(uint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(asEuint256(upperBound)), ETypes.Uint256));
+    }
+
+    function randBounded(euint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(s(upperBound)), ETypes.Uint256));
+    }
+
+    function asEuint256(uint256 a) internal returns (euint256) {
+        return inco.asEuint256(a);
+    }
+
+    function asEbool(bool a) internal returns (ebool) {
+        return inco.asEbool(a);
+    }
+
+    function asEaddress(address a) internal returns (eaddress) {
+        return inco.asEaddress(a);
+    }
+
+    function asEbool(euint256 a) internal returns (ebool) {
+        return ebool.wrap(inco.eCast(euint256.unwrap(a), ETypes.Bool));
+    }
+
+    function asEuint256(ebool a) internal returns (euint256) {
+        return euint256.wrap(inco.eCast(ebool.unwrap(a), ETypes.Uint256));
+    }
+
+    function newEuint256(bytes memory ciphertext, address user) internal returns (euint256) {
+        return inco.newEuint256(ciphertext, user);
+    }
+
+    function newEbool(bytes memory ciphertext, address user) internal returns (ebool) {
+        return inco.newEbool(ciphertext, user);
+    }
+
+    function newEaddress(bytes memory ciphertext, address user) internal returns (eaddress) {
+        return inco.newEaddress(ciphertext, user);
+    }
+
+    function allow(euint256 a, address to) internal {
+        inco.allow(euint256.unwrap(a), to);
+    }
+
+    function allow(ebool a, address to) internal {
+        inco.allow(ebool.unwrap(a), to);
+    }
+
+    function allow(eaddress a, address to) internal {
+        inco.allow(eaddress.unwrap(a), to);
+    }
+
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
+    function allowThis(euint256 a) internal {
+        allow(a, address(this));
+    }
+
+    function allowThis(ebool a) internal {
+        allow(a, address(this));
+    }
+
+    function allowThis(eaddress a) internal {
+        allow(a, address(this));
+    }
+
+    function isAllowed(address user, euint256 a) internal view returns (bool) {
+        return inco.isAllowed(euint256.unwrap(a), user);
+    }
+
+    function select(ebool control, euint256 ifTrue, euint256 ifFalse) internal returns (euint256) {
+        return euint256.wrap(inco.eIfThenElse(s(control), euint256.unwrap(s(ifTrue)), euint256.unwrap(s(ifFalse))));
+    }
+
+    function select(ebool control, ebool ifTrue, ebool ifFalse) internal returns (ebool) {
+        return ebool.wrap(inco.eIfThenElse(s(control), ebool.unwrap(s(ifTrue)), ebool.unwrap(s(ifFalse))));
+    }
+
+    function select(ebool control, eaddress ifTrue, eaddress ifFalse) internal returns (eaddress) {
+        return eaddress.wrap(inco.eIfThenElse(s(control), eaddress.unwrap(s(ifTrue)), eaddress.unwrap(s(ifFalse))));
+    }
+}

package/src/lightning-parts/AccessControl/AdvancedAccessControl.sol

@@ -0,0 +1,133 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {AllowanceVoucher, AllowanceProof} from "./AdvancedAccessControl.types.sol";
+import {ALLOWANCE_GRANTED_MAGIC_VALUE} from "../../Types.sol";
+import {EIP712Upgradeable} from "@openzeppelin/contracts-upgradeable/utils/cryptography/EIP712Upgradeable.sol";
+import {IAdvancedAccessControl, IVoucherEip712Checker} from "./interfaces/IAdvancedAccessControl.sol";
+import {SharerNotAllowedForHandle} from "../../Types.sol";
+import {SignatureChecker} from "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
+import {IBaseAccessControlList} from "./interfaces/IBaseAccessControlList.sol";
+import {LightningAddressGetter} from "../primitives/LightningAddressGetter.sol";
+
+abstract contract AdvancedAccessControlStorage {
+    struct AACStorage {
+        mapping(address => bytes32) activeVouchersSessionNonce; // initial session nonce is 0
+    }
+
+    bytes32 private constant AACStorageLocation =
+        keccak256("inco.storage.AdvancedAccessControl");
+
+    function getAACStorage() internal pure returns (AACStorage storage $) {
+        bytes32 loc = AACStorageLocation;
+        assembly {
+            $.slot := loc
+        }
+    }
+}
+ 
+abstract contract VoucherEip712Checker is IVoucherEip712Checker, EIP712Upgradeable {
+    bytes32 constant AllowanceVoucherStructHash =
+        keccak256(
+            "AllowanceVoucher(bytes32 sessionNonce,address verifyingContract,bytes4 callFunction,bytes sharerArgData)"
+        );
+
+    function allowanceVoucherDigest(
+        AllowanceVoucher memory voucher
+    ) public view returns (bytes32) {
+        return
+            _hashTypedDataV4(
+                keccak256(
+                    abi.encode(
+                        AllowanceVoucherStructHash,
+                        voucher.sessionNonce,
+                        voucher.verifyingContract,
+                        voucher.callFunction,
+                        keccak256(voucher.sharerArgData)
+                    )
+                )
+            );
+    }
+}
+
+abstract contract AdvancedAccessControl is
+    IAdvancedAccessControl,
+    AdvancedAccessControlStorage,
+    VoucherEip712Checker,
+    LightningAddressGetter
+{
+    using SignatureChecker for address;
+
+    error InvalidVoucherSignature(
+        address signer,
+        bytes32 digest,
+        bytes signature
+    );
+    error InvalidVoucherSessionNonce(
+        bytes32 providedSessionNonce,
+        bytes32 activeSessionNonce
+    );
+
+    /// @dev meant to for simulation, can't be a view function as it calls other contracts
+    /// @dev returns true if the account is allowed to access the handle, false or reverts otherwise
+    function isAllowedWithProof(
+        bytes32 handle,
+        address account,
+        AllowanceProof memory proof
+    ) public returns (bool) {
+        require(
+            IBaseAccessControlList(incoLightningAddress).isAllowed(handle, proof.sharer),
+            SharerNotAllowedForHandle(handle, proof.sharer)
+        );
+        bytes32 voucherDigest = allowanceVoucherDigest(proof.voucher);
+        require(
+            proof.sharer.isValidSignatureNow(
+                voucherDigest,
+                proof.voucherSignature
+            ),
+            InvalidVoucherSignature(
+                proof.sharer,
+                voucherDigest,
+                proof.voucherSignature
+            )
+        );
+        bytes32 sharerActiveVouchersSessionNonce = getActiveVouchersSessionNonce(
+                proof.sharer
+            );
+        require(
+            proof.voucher.sessionNonce == sharerActiveVouchersSessionNonce,
+            InvalidVoucherSessionNonce(
+                proof.voucher.sessionNonce,
+                sharerActiveVouchersSessionNonce
+            )
+        );
+        (bool success, bytes memory result) = proof
+            .voucher
+            .verifyingContract
+            .call(
+                abi.encodeWithSelector(
+                    proof.voucher.callFunction,
+                    handle,
+                    account,
+                    proof.voucher.sharerArgData,
+                    proof.requesterArgData
+                )
+            );
+        return (success &&
+            result.length >= 32 &&
+            abi.decode(result, (bytes32)) == ALLOWANCE_GRANTED_MAGIC_VALUE);
+    }
+
+    function getActiveVouchersSessionNonce(
+        address account
+    ) public view returns (bytes32) {
+        return getAACStorage().activeVouchersSessionNonce[account];
+    }
+
+    /// @notice invalidates all previously signed vouchers
+    function updateActiveVouchersSessionNonce() external {
+        getAACStorage().activeVouchersSessionNonce[msg.sender] = keccak256(
+            abi.encodePacked(msg.sender, block.prevrandao)
+        );
+    }
+}

package/src/lightning-parts/AccessControl/AdvancedAccessControl.types.sol

@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+// can be for arbitrary handles to arbitrary accounts
+// signed by the account sharing its read access
+struct AllowanceVoucher {
+    bytes32 sessionNonce;
+    address verifyingContract;
+    bytes4 callFunction;
+    bytes sharerArgData;
+}
+
+struct AllowanceProof {
+    address sharer;
+    AllowanceVoucher voucher;
+    bytes voucherSignature;
+    bytes requesterArgData;
+}

package/src/lightning-parts/AccessControl/BaseAccessControlList.sol

@@ -2,7 +2,9 @@
 pragma solidity ^0.8;
 
 import {SenderNotAllowedForHandle} from "../../Types.sol";
-import {IBaseAccessControlListGen} from "./BaseAccessControlList.gen.sol";
+import {IBaseAccessControlList} from "./interfaces/IBaseAccessControlList.sol";
+import {VerifierAddressGetter} from "../primitives/VerifierAddressGetter.sol";
+import {AllowanceProof} from "../AccessControl/AdvancedAccessControl.types.sol";
 
 contract AccessControlListStorage {
     struct ACLStorage {
@@ -21,7 +23,13 @@ contract AccessControlListStorage {
 }
 
 // todo should add allowance events ?
-contract BaseAccessControlList is IBaseAccessControlListGen, AccessControlListStorage {
+abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControlListStorage, VerifierAddressGetter {
+    error ProofVerificationFailed(
+        address verifyingContract,
+        bytes4 callFunction,
+        bytes argData
+    );
+    
     /// @dev persistent
     function allow(bytes32 handle, address account) public {
         require(
@@ -98,6 +106,18 @@ contract BaseAccessControlList is IBaseAccessControlListGen, AccessControlListSt
         }
     }
 
+    function claimHandle(bytes32 handle, AllowanceProof memory proof) public {
+        require(
+            incoVerifier.isAllowedWithProof(handle, msg.sender, proof),
+            ProofVerificationFailed(
+                proof.voucher.verifyingContract,
+                proof.voucher.callFunction,
+                proof.voucher.sharerArgData
+            )
+        );
+        allowInternal(handle, msg.sender);
+    }
+
     function persistAllowed(
         bytes32 handle,
         address account

package/src/lightning-parts/AccessControl/interfaces/IAdvancedAccessControl.sol

@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {
+    AllowanceProof,
+    AllowanceVoucher
+} from "../AdvancedAccessControl.types.sol";
+
+interface IVoucherEip712Checker {
+    function allowanceVoucherDigest(
+        AllowanceVoucher memory voucher
+    ) external view returns (bytes32);
+}
+
+interface IAdvancedAccessControl is IVoucherEip712Checker {
+    function isAllowedWithProof(
+        bytes32 handle,
+        address account,
+        AllowanceProof memory proof
+    ) external returns (bool);
+    function getActiveVouchersSessionNonce(
+        address account
+    ) external view returns (bytes32);
+    function updateActiveVouchersSessionNonce() external;
+}

package/src/lightning-parts/AccessControl/interfaces/IBaseAccessControlList.sol

@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {IVerifierAddressGetter} from "../../primitives/interfaces/IVerifierAddressGetter.sol";
+import {AllowanceProof} from "../AdvancedAccessControl.types.sol";
+
+interface IBaseAccessControlList is IVerifierAddressGetter {
+    function allow(bytes32 handle, address account) external;
+    function allowTransient(bytes32 handle, address account) external;
+    function allowedTransient(
+        bytes32 handle,
+        address account
+    ) external view returns (bool);
+    function cleanTransientStorage() external;
+    function persistAllowed(
+        bytes32 handle,
+        address account
+    ) external view returns (bool);
+    function isAllowed(
+        bytes32 handle,
+        address account
+    ) external view returns (bool);
+    function claimHandle(bytes32 handle, AllowanceProof memory proof) external;
+}