@metamask/smart-accounts-kit 1.5.0 → 1.6.0

package/dist/experimental/index.mjs

@@ -1,7 +1,20 @@
 import {
+  generateSalt
+} from "../chunk-IMO6XNDJ.mjs";
+import "../chunk-UJQ3JN3U.mjs";
+import {
+  getSmartAccountsEnvironment
+} from "../chunk-GMGJRC3D.mjs";
+import "../chunk-YVU66KSH.mjs";
+import {
+  createOpenDelegation,
+  decodeDelegations,
+  encodeDelegations,
   hashDelegation,
+  prepareSignDelegationTypedData,
+  resolveCaveats,
   trackSmartAccountsKitFunctionCall
-} from "../chunk-MV2KHN75.mjs";
+} from "../chunk-TNGQTVSY.mjs";
 
 // src/experimental/delegationStorage.ts
 import { toHex } from "viem";
@@ -168,8 +181,350 @@ var DelegationStorageClient = class {
     return responseData.delegationHash;
   }
 };
+
+// src/experimental/x402DelegationProviderUtils.ts
+import {
+  createAllowedCalldataTerms,
+  createRedeemerTerms,
+  createTimestampTerms,
+  decodeRedeemerTerms,
+  decodeTimestampTerms
+} from "@metamask/delegation-core";
+import { parseCaipChainId } from "@metamask/utils";
+import { pad } from "viem";
+async function resolveMaybeDeferred(maybeDeferred, requirements) {
+  if (typeof maybeDeferred === "function") {
+    const deferred = maybeDeferred;
+    return await deferred(requirements);
+  }
+  return maybeDeferred;
+}
+function parseEip155ChainId(network) {
+  const { namespace, reference } = parseCaipChainId(
+    network
+  );
+  if (namespace !== "eip155") {
+    throw new Error("Unsupported chain namespace");
+  }
+  const parsedChainId = Number(reference);
+  if (isNaN(parsedChainId)) {
+    throw new Error("Invalid chain id");
+  }
+  return parsedChainId;
+}
+var TRANSFER_PAYEE_INDEX = 4;
+var normalizeAddress = (address) => address.toLowerCase();
+var hasMatchingCaveats = (caveats, delegations, match) => {
+  for (const caveat of caveats) {
+    if (match(caveat)) {
+      return true;
+    }
+  }
+  for (const delegation of delegations) {
+    for (const caveat of delegation.caveats) {
+      if (match(caveat)) {
+        return true;
+      }
+    }
+  }
+  return false;
+};
+var ensureExpirySufficientlyConstrained = ({
+  timestampEnforcer,
+  caveats,
+  existingDelegations,
+  expirySeconds
+}) => {
+  if (expirySeconds < 0) {
+    throw new Error("Expiry seconds must be a positive number");
+  }
+  const beforeThreshold = Math.floor(Date.now() / 1e3) + expirySeconds;
+  const timestampEnforcerNormalized = normalizeAddress(timestampEnforcer);
+  const hasSupersedingTimestampConstraint = hasMatchingCaveats(
+    caveats,
+    existingDelegations,
+    (caveat) => {
+      if (normalizeAddress(caveat.enforcer) !== timestampEnforcerNormalized) {
+        return false;
+      }
+      const { beforeThreshold: existingBeforeThreshold } = decodeTimestampTerms(
+        caveat.terms
+      );
+      return existingBeforeThreshold !== 0 && existingBeforeThreshold <= beforeThreshold;
+    }
+  );
+  if (hasSupersedingTimestampConstraint) {
+    return caveats;
+  }
+  const timestampCaveat = {
+    enforcer: timestampEnforcer,
+    terms: createTimestampTerms({
+      afterThreshold: 0,
+      beforeThreshold
+    }),
+    args: "0x"
+  };
+  return [...caveats, timestampCaveat];
+};
+var ensureRedeemerSufficientlyConstrained = ({
+  redeemerEnforcer,
+  caveats,
+  existingDelegations,
+  redeemerAddresses,
+  requireRedeemers
+}) => {
+  const redeemerAddressNormalized = normalizeAddress(redeemerEnforcer);
+  if (redeemerAddresses.length === 0) {
+    if (!requireRedeemers) {
+      return caveats;
+    }
+    const hasExistingRedeemerCaveat = hasMatchingCaveats(
+      caveats,
+      existingDelegations,
+      ({ enforcer }) => normalizeAddress(enforcer) === redeemerAddressNormalized
+    );
+    if (!hasExistingRedeemerCaveat) {
+      throw new Error(
+        "Redeemer must be constrained, either in the specified `caveats`, `parentPermissionContext`, or the `PaymentRequirements` as `extra.facilitatorAddresses`."
+      );
+    }
+    return caveats;
+  }
+  const redeemerAddressesNormalized = redeemerAddresses.map(normalizeAddress);
+  const redeemerAddressesSet = new Set(redeemerAddressesNormalized);
+  const hasSupersedingRedeemerCaveat = hasMatchingCaveats(
+    caveats,
+    existingDelegations,
+    (caveat) => {
+      if (normalizeAddress(caveat.enforcer) !== redeemerAddressNormalized) {
+        return false;
+      }
+      const allowedRedeemerAddresses = decodeRedeemerTerms(
+        caveat.terms
+      ).redeemers.map(normalizeAddress);
+      return allowedRedeemerAddresses.every(
+        (item) => redeemerAddressesSet.has(item)
+      );
+    }
+  );
+  if (hasSupersedingRedeemerCaveat) {
+    return caveats;
+  }
+  const redeemerCaveat = {
+    enforcer: redeemerEnforcer,
+    terms: createRedeemerTerms({ redeemers: redeemerAddresses }),
+    args: "0x"
+  };
+  return [...caveats, redeemerCaveat];
+};
+var ensurePayeeSufficientlyConstrained = ({
+  allowedCalldataEnforcer,
+  caveats,
+  existingDelegations,
+  payee
+}) => {
+  const allowedCalldataTerms = createAllowedCalldataTerms({
+    startIndex: TRANSFER_PAYEE_INDEX,
+    value: pad(payee, { size: 32 })
+  });
+  const allowedCalldataEnforcerNormalized = normalizeAddress(
+    allowedCalldataEnforcer
+  );
+  const lowercaseCalldataTerms = allowedCalldataTerms.toLowerCase();
+  const hasSupersedingAllowedCalldataConstraint = hasMatchingCaveats(
+    caveats,
+    existingDelegations,
+    ({ enforcer, terms }) => normalizeAddress(enforcer) === allowedCalldataEnforcerNormalized && terms.toLowerCase() === lowercaseCalldataTerms
+  );
+  if (hasSupersedingAllowedCalldataConstraint) {
+    return caveats;
+  }
+  const payeeCaveat = {
+    enforcer: allowedCalldataEnforcer,
+    terms: allowedCalldataTerms,
+    args: "0x"
+  };
+  return [...caveats, payeeCaveat];
+};
+var resolvex402DelegationCaveats = ({
+  environment,
+  caveatsConfig,
+  existingDelegations,
+  facilitatorAddresses,
+  payee,
+  expirySeconds,
+  requireRedeemers,
+  redeemerAddresses
+}) => {
+  const {
+    caveatEnforcers: {
+      RedeemerEnforcer: redeemerEnforcer,
+      AllowedCalldataEnforcer: allowedCalldataEnforcer,
+      TimestampEnforcer: timestampEnforcer
+    }
+  } = environment;
+  if (!redeemerEnforcer) {
+    throw new Error("RedeemerEnforcer not found in environment");
+  }
+  if (!allowedCalldataEnforcer) {
+    throw new Error("AllowedCalldataEnforcer not found in environment");
+  }
+  if (!timestampEnforcer) {
+    throw new Error("TimestampEnforcer not found in environment");
+  }
+  const initialCaveats = resolveCaveats({
+    environment,
+    caveats: caveatsConfig,
+    // Resolve caveats first so downstream constraint checks can append as needed.
+    // Scope is still attached later during delegation creation.
+    isScopeOptional: true
+  });
+  const allRedeemerAddresses = new Set(
+    [...facilitatorAddresses ?? [], ...redeemerAddresses ?? []].map(
+      normalizeAddress
+    )
+  );
+  const caveatsWithRedeemer = ensureRedeemerSufficientlyConstrained({
+    redeemerEnforcer,
+    caveats: initialCaveats,
+    existingDelegations,
+    redeemerAddresses: Array.from(allRedeemerAddresses),
+    requireRedeemers
+  });
+  const caveatsWithPayee = ensurePayeeSufficientlyConstrained({
+    allowedCalldataEnforcer,
+    caveats: caveatsWithRedeemer,
+    existingDelegations,
+    payee
+  });
+  if (expirySeconds === void 0) {
+    return caveatsWithPayee;
+  }
+  return ensureExpirySufficientlyConstrained({
+    timestampEnforcer,
+    caveats: caveatsWithPayee,
+    existingDelegations,
+    expirySeconds
+  });
+};
+var resolveDelegationCreationContext = async (config, requirements) => {
+  const account = await resolveMaybeDeferred(config.account, requirements);
+  const redeemersConfig = await resolveMaybeDeferred(
+    config.redeemers,
+    requirements
+  );
+  const requireRedeemers = redeemersConfig?.requireRedeemers ?? false;
+  const redeemerAddresses = await resolveMaybeDeferred(
+    redeemersConfig?.addresses,
+    requirements
+  );
+  const specifiedEnvironment = await resolveMaybeDeferred(
+    config.environment,
+    requirements
+  );
+  const environment = specifiedEnvironment ?? getSmartAccountsEnvironment(parseEip155ChainId(requirements.network));
+  const caveatsConfig = await resolveMaybeDeferred(
+    config.caveats,
+    requirements
+  );
+  const parentPermissionContext = await resolveMaybeDeferred(config.parentPermissionContext, requirements);
+  const expirySeconds = await resolveMaybeDeferred(
+    config.expirySeconds,
+    requirements
+  );
+  const from = await resolveMaybeDeferred(config.from, requirements) ?? account.address;
+  const salt = await resolveMaybeDeferred(config.salt, requirements) ?? generateSalt();
+  const scope = {
+    type: "erc20TransferAmount" /* Erc20TransferAmount */,
+    tokenAddress: requirements.asset,
+    maxAmount: BigInt(requirements.amount)
+  };
+  const facilitatorAddresses = requirements.extra?.facilitatorAddresses;
+  const existingDelegations = parentPermissionContext ? decodeDelegations(parentPermissionContext) : [];
+  const { DelegationManager: delegationManager } = environment;
+  const caveats = resolvex402DelegationCaveats({
+    environment,
+    caveatsConfig,
+    existingDelegations,
+    facilitatorAddresses,
+    payee: requirements.payTo,
+    expirySeconds,
+    requireRedeemers,
+    redeemerAddresses
+  });
+  let createDelegationConfig;
+  if (parentPermissionContext) {
+    const parentDelegation = existingDelegations[0];
+    if (!parentDelegation) {
+      throw new Error("Parent permission context is not a valid delegation");
+    }
+    createDelegationConfig = {
+      environment,
+      from,
+      caveats,
+      salt,
+      scope,
+      parentDelegation
+    };
+  } else {
+    createDelegationConfig = {
+      environment,
+      from,
+      caveats,
+      salt,
+      scope
+    };
+  }
+  const rootDelegator = existingDelegations[existingDelegations.length - 1]?.delegator ?? from;
+  return {
+    account,
+    createDelegationConfig,
+    delegationManager,
+    existingDelegations,
+    rootDelegator
+  };
+};
+
+// src/experimental/x402DelegationProvider.ts
+function createx402DelegationProvider(config) {
+  return async (requirements) => {
+    const {
+      account,
+      createDelegationConfig,
+      delegationManager,
+      existingDelegations,
+      rootDelegator
+    } = await resolveDelegationCreationContext(config, requirements);
+    const delegation = createOpenDelegation(createDelegationConfig);
+    const chainId = parseEip155ChainId(requirements.network);
+    const typedData = prepareSignDelegationTypedData({
+      delegationManager,
+      chainId,
+      delegation
+    });
+    if (!account.signTypedData) {
+      throw new Error("Account does not support signTypedData");
+    }
+    const signature = await account.signTypedData(typedData);
+    const signedDelegation = {
+      ...delegation,
+      signature
+    };
+    const permissionContext = encodeDelegations([
+      signedDelegation,
+      ...existingDelegations
+    ]);
+    return {
+      delegationManager,
+      permissionContext,
+      delegator: rootDelegator
+    };
+  };
+}
 export {
   DelegationStorageClient,
-  DelegationStorageEnvironment
+  DelegationStorageEnvironment,
+  createx402DelegationProvider,
+  parseEip155ChainId
 };
 //# sourceMappingURL=index.mjs.map

package/dist/experimental/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/experimental/delegationStorage.ts"],"sourcesContent":["import { type Hex, toHex } from 'viem';\n\nimport { trackSmartAccountsKitFunctionCall } from '../analytics';\nimport { hashDelegation } from '../delegation';\nimport type { Delegation } from '../types';\n\ntype ErrorResponse = {\n  error: string;\n  data?: any;\n};\n\nexport type APIStoreDelegationResponse = {\n  delegationHash: Hex;\n};\n\n/**\n * Represents the allowed filters when querying the data store for delegations.\n */\nexport enum DelegationStoreFilter {\n  Given = 'GIVEN',\n  Received = 'RECEIVED',\n  All = 'ALL',\n}\n\n/**\n * Public Delegation Storage Service environments. To be used in the\n * DeleGationStorageService config.\n */\nexport const DelegationStorageEnvironment: {\n  [K in 'dev' | 'prod']: Environment;\n} = {\n  dev: { apiUrl: 'https://passkeys.dev-api.cx.metamask.io' },\n  prod: { apiUrl: 'https://passkeys.api.cx.metamask.io' },\n};\n\n/**\n * Returns the DelegationStorageEnvironment ('dev' or 'prod') for a given apiUrl,\n * or 'custom' if the apiUrl does not match a known environment.\n *\n * @param apiUrl - The API URL to check.\n * @returns The environment key ('dev' or 'prod'), or 'custom'.\n */\nfunction getDelegationStorageEnvironment(\n  apiUrl: string,\n): 'dev' | 'prod' | 'custom' {\n  const matchingEnvironment = Object.entries(DelegationStorageEnvironment).find(\n    ([_, env]) => env.apiUrl === apiUrl,\n  ) as [keyof typeof DelegationStorageEnvironment, Environment] | undefined;\n\n  return matchingEnvironment ? matchingEnvironment[0] : 'custom';\n}\n\nexport type Environment = {\n  apiUrl: string;\n};\n\nexport type DelegationStorageConfig = {\n  apiKey: string;\n  apiKeyId: string;\n  environment: Environment;\n  fetcher?: typeof fetch;\n};\n\nexport class DelegationStorageClient {\n  readonly #apiVersionPrefix = 'api/v0';\n\n  readonly #config: DelegationStorageConfig;\n\n  readonly #fetcher: typeof fetch;\n\n  readonly #apiUrl: string;\n\n  constructor(config: DelegationStorageConfig) {\n    const { apiUrl } = config.environment;\n\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.constructor',\n      {\n        environment: getDelegationStorageEnvironment(apiUrl),\n      },\n    );\n\n    if (apiUrl.endsWith(this.#apiVersionPrefix)) {\n      this.#apiUrl = apiUrl;\n    } else {\n      const separator = apiUrl.endsWith('/') ? '' : '/';\n      this.#apiUrl = `${apiUrl}${separator}${this.#apiVersionPrefix}`;\n    }\n    this.#fetcher = this.#initializeFetcher(config);\n    this.#config = config;\n  }\n\n  /**\n   * Initializes the fetch function for HTTP requests.\n   *\n   * - Uses `config.fetcher` if provided.\n   * - Falls back to global `fetch` if available.\n   * - Throws an error if no fetch function is available.\n   *\n   * @param config - Configuration object that may include a custom fetch function.\n   * @returns The fetch function to be used for HTTP requests.\n   * @throws Error if no fetch function is available in the environment.\n   */\n  #initializeFetcher(config: DelegationStorageConfig): typeof fetch {\n    if (config.fetcher) {\n      return config.fetcher;\n    } else if (typeof globalThis?.fetch === 'function') {\n      return globalThis.fetch.bind(globalThis);\n    }\n    throw new Error(\n      'Fetch API is not available in this environment. Please provide a fetch function in the config.',\n    );\n  }\n\n  /**\n   * Fetches the delegation chain from the Delegation Storage Service, ending with\n   * the specified leaf delegation.\n   *\n   * @param leafDelegationOrDelegationHash - The leaf delegation, or the hash\n   * of the leaf delegation.\n   * @returns A promise that resolves to the delegation chain - empty array if the delegation\n   * is not found.\n   */\n  async getDelegationChain(\n    leafDelegationOrDelegationHash: Hex | Delegation,\n  ): Promise<Delegation[]> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.getDelegationChain',\n      {\n        inputKind:\n          typeof leafDelegationOrDelegationHash === 'string'\n            ? 'hash'\n            : 'delegation',\n      },\n    );\n    const leafDelegationHash =\n      typeof leafDelegationOrDelegationHash === 'string'\n        ? leafDelegationOrDelegationHash\n        : hashDelegation(leafDelegationOrDelegationHash);\n\n    const response = await this.#fetcher(\n      `${this.#apiUrl}/delegation/chain/${leafDelegationHash}`,\n      {\n        method: 'GET',\n        headers: {\n          Authorization: `Bearer ${this.#config.apiKey}`,\n          'x-api-key-id': this.#config.apiKeyId,\n        },\n      },\n    );\n\n    const responseData: Delegation[] | ErrorResponse = await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(\n        `Failed to fetch delegation chain: ${responseData.error}`,\n      );\n    }\n\n    return responseData;\n  }\n\n  /**\n   * Fetches the delegations from the Delegation Storage Service, either `Received`\n   * by, or `Given` by, (or both: `All`) the specified deleGatorAddress. Defaults\n   * to `Received`.\n   *\n   * @param deleGatorAddress - The deleGatorAddress to retrieve the delegations for.\n   * @param filterMode - The DelegationStoreFilter mode - defaults to Received.\n   * @returns A promise that resolves to the list of delegations received by the deleGatorAddress,\n   * empty array if the delegations are not found.\n   */\n  async fetchDelegations(\n    deleGatorAddress: Hex,\n    filterMode = DelegationStoreFilter.Received,\n  ): Promise<Delegation[]> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.fetchDelegations',\n      { filterMode },\n    );\n    const response = await this.#fetcher(\n      `${this.#apiUrl}/delegation/accounts/${deleGatorAddress}?filter=${filterMode}`,\n      {\n        method: 'GET',\n        headers: {\n          Authorization: `Bearer ${this.#config.apiKey}`,\n          'x-api-key-id': this.#config.apiKeyId,\n        },\n      },\n    );\n\n    const responseData: Delegation[] | ErrorResponse = await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(`Failed to fetch delegations: ${responseData.error}`);\n    }\n\n    return responseData;\n  }\n\n  /**\n   * Stores the specified delegation in the Delegation Storage Service.\n   *\n   * @param delegation - The delegation to store.\n   * @returns A promise that resolves to the delegation hash indicating successful storage.\n   */\n  async storeDelegation(delegation: Delegation): Promise<Hex> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.storeDelegation',\n      { caveatCount: delegation.caveats.length },\n    );\n    if (!delegation.signature || delegation.signature === '0x') {\n      throw new Error('Delegation must be signed to be stored');\n    }\n\n    const delegationHash = hashDelegation(delegation);\n\n    const body = JSON.stringify(\n      {\n        ...delegation,\n        metadata: [],\n      },\n      (_, value: any) =>\n        typeof value === 'bigint' || typeof value === 'number'\n          ? toHex(value)\n          : value,\n      2,\n    );\n\n    const response = await this.#fetcher(`${this.#apiUrl}/delegation/store`, {\n      method: 'POST',\n      headers: {\n        Authorization: `Bearer ${this.#config.apiKey}`,\n        'x-api-key-id': this.#config.apiKeyId,\n        'Content-Type': 'application/json',\n      },\n      body,\n    });\n\n    const responseData: APIStoreDelegationResponse | ErrorResponse =\n      await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(responseData.error);\n    }\n\n    if (responseData.delegationHash !== delegationHash) {\n      throw new Error(\n        'Failed to store the Delegation, the hash returned from the MM delegation storage API does not match the hash of the delegation',\n      );\n    }\n\n    return responseData.delegationHash;\n  }\n}\n"],"mappings":";;;;;;AAAA,SAAmB,aAAa;AA4BzB,IAAM,+BAET;AAAA,EACF,KAAK,EAAE,QAAQ,0CAA0C;AAAA,EACzD,MAAM,EAAE,QAAQ,sCAAsC;AACxD;AASA,SAAS,gCACP,QAC2B;AAC3B,QAAM,sBAAsB,OAAO,QAAQ,4BAA4B,EAAE;AAAA,IACvE,CAAC,CAAC,GAAG,GAAG,MAAM,IAAI,WAAW;AAAA,EAC/B;AAEA,SAAO,sBAAsB,oBAAoB,CAAC,IAAI;AACxD;AAaO,IAAM,0BAAN,MAA8B;AAAA,EAC1B,oBAAoB;AAAA,EAEpB;AAAA,EAEA;AAAA,EAEA;AAAA,EAET,YAAY,QAAiC;AAC3C,UAAM,EAAE,OAAO,IAAI,OAAO;AAE1B;AAAA,MACE;AAAA,MACA;AAAA,QACE,aAAa,gCAAgC,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,QAAI,OAAO,SAAS,KAAK,iBAAiB,GAAG;AAC3C,WAAK,UAAU;AAAA,IACjB,OAAO;AACL,YAAM,YAAY,OAAO,SAAS,GAAG,IAAI,KAAK;AAC9C,WAAK,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,KAAK,iBAAiB;AAAA,IAC/D;AACA,SAAK,WAAW,KAAK,mBAAmB,MAAM;AAC9C,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,mBAAmB,QAA+C;AAChE,QAAI,OAAO,SAAS;AAClB,aAAO,OAAO;AAAA,IAChB,WAAW,OAAO,YAAY,UAAU,YAAY;AAClD,aAAO,WAAW,MAAM,KAAK,UAAU;AAAA,IACzC;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,mBACJ,gCACuB;AACvB;AAAA,MACE;AAAA,MACA;AAAA,QACE,WACE,OAAO,mCAAmC,WACtC,SACA;AAAA,MACR;AAAA,IACF;AACA,UAAM,qBACJ,OAAO,mCAAmC,WACtC,iCACA,eAAe,8BAA8B;AAEnD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,GAAG,KAAK,OAAO,qBAAqB,kBAAkB;AAAA,MACtD;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,UAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,UAAM,eAA6C,MAAM,SAAS,KAAK;AAEvE,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI;AAAA,QACR,qCAAqC,aAAa,KAAK;AAAA,MACzD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBACJ,kBACA,aAAa,2BACU;AACvB;AAAA,MACE;AAAA,MACA,EAAE,WAAW;AAAA,IACf;AACA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,GAAG,KAAK,OAAO,wBAAwB,gBAAgB,WAAW,UAAU;AAAA,MAC5E;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,UAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,UAAM,eAA6C,MAAM,SAAS,KAAK;AAEvE,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI,MAAM,gCAAgC,aAAa,KAAK,EAAE;AAAA,IACtE;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,gBAAgB,YAAsC;AAC1D;AAAA,MACE;AAAA,MACA,EAAE,aAAa,WAAW,QAAQ,OAAO;AAAA,IAC3C;AACA,QAAI,CAAC,WAAW,aAAa,WAAW,cAAc,MAAM;AAC1D,YAAM,IAAI,MAAM,wCAAwC;AAAA,IAC1D;AAEA,UAAM,iBAAiB,eAAe,UAAU;AAEhD,UAAM,OAAO,KAAK;AAAA,MAChB;AAAA,QACE,GAAG;AAAA,QACH,UAAU,CAAC;AAAA,MACb;AAAA,MACA,CAAC,GAAG,UACF,OAAO,UAAU,YAAY,OAAO,UAAU,WAC1C,MAAM,KAAK,IACX;AAAA,MACN;AAAA,IACF;AAEA,UAAM,WAAW,MAAM,KAAK,SAAS,GAAG,KAAK,OAAO,qBAAqB;AAAA,MACvE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,QAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC7B,gBAAgB;AAAA,MAClB;AAAA,MACA;AAAA,IACF,CAAC;AAED,UAAM,eACJ,MAAM,SAAS,KAAK;AAEtB,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI,MAAM,aAAa,KAAK;AAAA,IACpC;AAEA,QAAI,aAAa,mBAAmB,gBAAgB;AAClD,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO,aAAa;AAAA,EACtB;AACF;","names":[]}
+{"version":3,"sources":["../../src/experimental/delegationStorage.ts","../../src/experimental/x402DelegationProviderUtils.ts","../../src/experimental/x402DelegationProvider.ts"],"sourcesContent":["import { type Hex, toHex } from 'viem';\n\nimport { trackSmartAccountsKitFunctionCall } from '../analytics';\nimport { hashDelegation } from '../delegation';\nimport type { Delegation } from '../types';\n\ntype ErrorResponse = {\n  error: string;\n  data?: any;\n};\n\nexport type APIStoreDelegationResponse = {\n  delegationHash: Hex;\n};\n\n/**\n * Represents the allowed filters when querying the data store for delegations.\n */\nexport enum DelegationStoreFilter {\n  Given = 'GIVEN',\n  Received = 'RECEIVED',\n  All = 'ALL',\n}\n\n/**\n * Public Delegation Storage Service environments. To be used in the\n * DeleGationStorageService config.\n */\nexport const DelegationStorageEnvironment: {\n  [K in 'dev' | 'prod']: Environment;\n} = {\n  dev: { apiUrl: 'https://passkeys.dev-api.cx.metamask.io' },\n  prod: { apiUrl: 'https://passkeys.api.cx.metamask.io' },\n};\n\n/**\n * Returns the DelegationStorageEnvironment ('dev' or 'prod') for a given apiUrl,\n * or 'custom' if the apiUrl does not match a known environment.\n *\n * @param apiUrl - The API URL to check.\n * @returns The environment key ('dev' or 'prod'), or 'custom'.\n */\nfunction getDelegationStorageEnvironment(\n  apiUrl: string,\n): 'dev' | 'prod' | 'custom' {\n  const matchingEnvironment = Object.entries(DelegationStorageEnvironment).find(\n    ([_, env]) => env.apiUrl === apiUrl,\n  ) as [keyof typeof DelegationStorageEnvironment, Environment] | undefined;\n\n  return matchingEnvironment ? matchingEnvironment[0] : 'custom';\n}\n\nexport type Environment = {\n  apiUrl: string;\n};\n\nexport type DelegationStorageConfig = {\n  apiKey: string;\n  apiKeyId: string;\n  environment: Environment;\n  fetcher?: typeof fetch;\n};\n\nexport class DelegationStorageClient {\n  readonly #apiVersionPrefix = 'api/v0';\n\n  readonly #config: DelegationStorageConfig;\n\n  readonly #fetcher: typeof fetch;\n\n  readonly #apiUrl: string;\n\n  constructor(config: DelegationStorageConfig) {\n    const { apiUrl } = config.environment;\n\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.constructor',\n      {\n        environment: getDelegationStorageEnvironment(apiUrl),\n      },\n    );\n\n    if (apiUrl.endsWith(this.#apiVersionPrefix)) {\n      this.#apiUrl = apiUrl;\n    } else {\n      const separator = apiUrl.endsWith('/') ? '' : '/';\n      this.#apiUrl = `${apiUrl}${separator}${this.#apiVersionPrefix}`;\n    }\n    this.#fetcher = this.#initializeFetcher(config);\n    this.#config = config;\n  }\n\n  /**\n   * Initializes the fetch function for HTTP requests.\n   *\n   * - Uses `config.fetcher` if provided.\n   * - Falls back to global `fetch` if available.\n   * - Throws an error if no fetch function is available.\n   *\n   * @param config - Configuration object that may include a custom fetch function.\n   * @returns The fetch function to be used for HTTP requests.\n   * @throws Error if no fetch function is available in the environment.\n   */\n  #initializeFetcher(config: DelegationStorageConfig): typeof fetch {\n    if (config.fetcher) {\n      return config.fetcher;\n    } else if (typeof globalThis?.fetch === 'function') {\n      return globalThis.fetch.bind(globalThis);\n    }\n    throw new Error(\n      'Fetch API is not available in this environment. Please provide a fetch function in the config.',\n    );\n  }\n\n  /**\n   * Fetches the delegation chain from the Delegation Storage Service, ending with\n   * the specified leaf delegation.\n   *\n   * @param leafDelegationOrDelegationHash - The leaf delegation, or the hash\n   * of the leaf delegation.\n   * @returns A promise that resolves to the delegation chain - empty array if the delegation\n   * is not found.\n   */\n  async getDelegationChain(\n    leafDelegationOrDelegationHash: Hex | Delegation,\n  ): Promise<Delegation[]> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.getDelegationChain',\n      {\n        inputKind:\n          typeof leafDelegationOrDelegationHash === 'string'\n            ? 'hash'\n            : 'delegation',\n      },\n    );\n    const leafDelegationHash =\n      typeof leafDelegationOrDelegationHash === 'string'\n        ? leafDelegationOrDelegationHash\n        : hashDelegation(leafDelegationOrDelegationHash);\n\n    const response = await this.#fetcher(\n      `${this.#apiUrl}/delegation/chain/${leafDelegationHash}`,\n      {\n        method: 'GET',\n        headers: {\n          Authorization: `Bearer ${this.#config.apiKey}`,\n          'x-api-key-id': this.#config.apiKeyId,\n        },\n      },\n    );\n\n    const responseData: Delegation[] | ErrorResponse = await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(\n        `Failed to fetch delegation chain: ${responseData.error}`,\n      );\n    }\n\n    return responseData;\n  }\n\n  /**\n   * Fetches the delegations from the Delegation Storage Service, either `Received`\n   * by, or `Given` by, (or both: `All`) the specified deleGatorAddress. Defaults\n   * to `Received`.\n   *\n   * @param deleGatorAddress - The deleGatorAddress to retrieve the delegations for.\n   * @param filterMode - The DelegationStoreFilter mode - defaults to Received.\n   * @returns A promise that resolves to the list of delegations received by the deleGatorAddress,\n   * empty array if the delegations are not found.\n   */\n  async fetchDelegations(\n    deleGatorAddress: Hex,\n    filterMode = DelegationStoreFilter.Received,\n  ): Promise<Delegation[]> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.fetchDelegations',\n      { filterMode },\n    );\n    const response = await this.#fetcher(\n      `${this.#apiUrl}/delegation/accounts/${deleGatorAddress}?filter=${filterMode}`,\n      {\n        method: 'GET',\n        headers: {\n          Authorization: `Bearer ${this.#config.apiKey}`,\n          'x-api-key-id': this.#config.apiKeyId,\n        },\n      },\n    );\n\n    const responseData: Delegation[] | ErrorResponse = await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(`Failed to fetch delegations: ${responseData.error}`);\n    }\n\n    return responseData;\n  }\n\n  /**\n   * Stores the specified delegation in the Delegation Storage Service.\n   *\n   * @param delegation - The delegation to store.\n   * @returns A promise that resolves to the delegation hash indicating successful storage.\n   */\n  async storeDelegation(delegation: Delegation): Promise<Hex> {\n    trackSmartAccountsKitFunctionCall(\n      'experimental.DelegationStorageClient.storeDelegation',\n      { caveatCount: delegation.caveats.length },\n    );\n    if (!delegation.signature || delegation.signature === '0x') {\n      throw new Error('Delegation must be signed to be stored');\n    }\n\n    const delegationHash = hashDelegation(delegation);\n\n    const body = JSON.stringify(\n      {\n        ...delegation,\n        metadata: [],\n      },\n      (_, value: any) =>\n        typeof value === 'bigint' || typeof value === 'number'\n          ? toHex(value)\n          : value,\n      2,\n    );\n\n    const response = await this.#fetcher(`${this.#apiUrl}/delegation/store`, {\n      method: 'POST',\n      headers: {\n        Authorization: `Bearer ${this.#config.apiKey}`,\n        'x-api-key-id': this.#config.apiKeyId,\n        'Content-Type': 'application/json',\n      },\n      body,\n    });\n\n    const responseData: APIStoreDelegationResponse | ErrorResponse =\n      await response.json();\n\n    if ('error' in responseData) {\n      throw new Error(responseData.error);\n    }\n\n    if (responseData.delegationHash !== delegationHash) {\n      throw new Error(\n        'Failed to store the Delegation, the hash returned from the MM delegation storage API does not match the hash of the delegation',\n      );\n    }\n\n    return responseData.delegationHash;\n  }\n}\n","import {\n  createAllowedCalldataTerms,\n  createRedeemerTerms,\n  createTimestampTerms,\n  decodeRedeemerTerms,\n  decodeTimestampTerms,\n} from '@metamask/delegation-core';\nimport { parseCaipChainId } from '@metamask/utils';\nimport { pad, type Account, type Address, type Hex } from 'viem';\n\nimport type { Caveats } from '../caveatBuilder';\nimport { resolveCaveats } from '../caveatBuilder';\nimport { ScopeType } from '../constants';\nimport type { createOpenDelegation } from '../delegation';\nimport { decodeDelegations } from '../delegation';\nimport { getSmartAccountsEnvironment } from '../smartAccountsEnvironment';\nimport type {\n  Caveat,\n  Delegation,\n  PermissionContext,\n  SmartAccountsEnvironment,\n} from '../types';\nimport type {\n  MaybeDeferred,\n  PaymentRequirements,\n  x402DelegationProviderConfig,\n} from './x402DelegationProviderTypes';\nimport { generateSalt } from '../utils/';\n\n/**\n * Inputs for redeemer constraint enforcement.\n */\ntype EnsureRedeemerSufficientlyConstrainedParams = {\n  redeemerEnforcer: Hex;\n  caveats: Caveat[];\n  existingDelegations: Delegation[];\n  redeemerAddresses: Hex[];\n  requireRedeemers: boolean;\n};\n\n/**\n * Inputs for payee constraint enforcement.\n */\ntype EnsurePayeeSufficientlyConstrainedParams = {\n  allowedCalldataEnforcer: Hex;\n  caveats: Caveat[];\n  existingDelegations: Delegation[];\n  payee: Hex;\n};\n\n/**\n * Inputs for expiry constraint enforcement.\n */\ntype EnsureExpirySufficientlyConstrainedParams = {\n  timestampEnforcer: Hex;\n  caveats: Caveat[];\n  existingDelegations: Delegation[];\n  expirySeconds: number;\n};\n\n/**\n * Resolved context required to build and sign an x402 delegation.\n */\nexport type DelegationCreationContext = {\n  account: Account;\n  createDelegationConfig: Parameters<typeof createOpenDelegation>[0];\n  delegationManager: Address;\n  existingDelegations: Delegation[];\n  rootDelegator: Address;\n};\n\n/**\n * Inputs for resolving delegation caveats with x402-specific constraints.\n */\nexport type Resolvex402DelegationCaveatsParams = {\n  environment: SmartAccountsEnvironment;\n  caveatsConfig: Caveats | undefined;\n  existingDelegations: Delegation[];\n  facilitatorAddresses: Hex[] | undefined;\n  payee: Hex;\n  expirySeconds?: number;\n  requireRedeemers: boolean;\n  redeemerAddresses: Address[] | undefined;\n};\n\n/**\n * Resolves eager or deferred values against payment requirements.\n *\n * @param maybeDeferred - Value or async resolver function.\n * @param requirements - Payment requirements passed to deferred resolvers.\n * @returns The resolved value, or undefined when no value is provided.\n */\nasync function resolveMaybeDeferred<TResult>(\n  maybeDeferred: MaybeDeferred<TResult>,\n  requirements: PaymentRequirements,\n): Promise<TResult> {\n  if (typeof maybeDeferred === 'function') {\n    const deferred = maybeDeferred as (\n      deferredRequirements: PaymentRequirements,\n    ) => Promise<TResult> | TResult;\n\n    return await deferred(requirements);\n  }\n\n  return maybeDeferred;\n}\n\n/**\n * Parses an EIP-155 CAIP network identifier into a numeric chain ID.\n *\n * @param network - CAIP network identifier (for example, `eip155:1`).\n * @returns Parsed numeric chain ID.\n * @throws If the CAIP namespace is not `eip155`.\n */\nexport function parseEip155ChainId(\n  network: PaymentRequirements['network'],\n): number {\n  const { namespace, reference } = parseCaipChainId(\n    network as `${string}:${string}`,\n  );\n\n  if (namespace !== 'eip155') {\n    throw new Error('Unsupported chain namespace');\n  }\n\n  const parsedChainId = Number(reference);\n\n  if (isNaN(parsedChainId)) {\n    throw new Error('Invalid chain id');\n  }\n\n  return parsedChainId;\n}\n\n/**\n * ERC-20 `transfer(address to, uint256 value)` calldata index for `to`.\n */\nconst TRANSFER_PAYEE_INDEX = 4;\n\n/**\n * Normalizes an address-like hex string for case-insensitive comparisons.\n *\n * @param address - Address value to normalize.\n * @returns Lowercased hex string.\n */\nconst normalizeAddress = (address: Address): Address =>\n  address.toLowerCase() as Address;\n\n/**\n * Returns whether any caveat in local or inherited delegations matches a predicate.\n *\n * @param caveats - Current caveat list.\n * @param delegations - Existing delegations whose caveats should also be searched.\n * @param match - Predicate used to match caveats.\n * @returns True when at least one caveat satisfies `match`.\n */\nconst hasMatchingCaveats = (\n  caveats: Caveat[],\n  delegations: Delegation[],\n  match: (caveat: Caveat) => boolean,\n): boolean => {\n  for (const caveat of caveats) {\n    if (match(caveat)) {\n      return true;\n    }\n  }\n\n  for (const delegation of delegations) {\n    for (const caveat of delegation.caveats) {\n      if (match(caveat)) {\n        return true;\n      }\n    }\n  }\n\n  return false;\n};\n\n/**\n * Ensures caveats include an expiry timestamp constraint when requested.\n *\n * If an existing timestamp caveat already enforces a tighter (earlier) or equal\n * `validBefore` threshold than requested, caveats are returned unchanged.\n * Otherwise a new timestamp caveat is appended with `afterThreshold = 0`.\n *\n * @param options0 - Expiry constraint evaluation inputs.\n * @param options0.timestampEnforcer - Address of the TimestampEnforcer caveat contract.\n * @param options0.caveats - Currently resolved caveats for the delegation being created.\n * @param options0.existingDelegations - Existing parent-chain delegations to inspect for inherited constraints.\n * @param options0.expirySeconds - Relative expiry from \"now\" in seconds.\n * @returns The original caveats when sufficiently constrained, otherwise caveats with a timestamp caveat appended.\n */\nexport const ensureExpirySufficientlyConstrained = ({\n  timestampEnforcer,\n  caveats,\n  existingDelegations,\n  expirySeconds,\n}: EnsureExpirySufficientlyConstrainedParams): Caveat[] => {\n  if (expirySeconds < 0) {\n    throw new Error('Expiry seconds must be a positive number');\n  }\n  const beforeThreshold = Math.floor(Date.now() / 1000) + expirySeconds;\n  const timestampEnforcerNormalized = normalizeAddress(timestampEnforcer);\n\n  const hasSupersedingTimestampConstraint = hasMatchingCaveats(\n    caveats,\n    existingDelegations,\n    (caveat) => {\n      if (normalizeAddress(caveat.enforcer) !== timestampEnforcerNormalized) {\n        return false;\n      }\n\n      const { beforeThreshold: existingBeforeThreshold } = decodeTimestampTerms(\n        caveat.terms,\n      );\n      return (\n        existingBeforeThreshold !== 0 &&\n        existingBeforeThreshold <= beforeThreshold\n      );\n    },\n  );\n\n  if (hasSupersedingTimestampConstraint) {\n    return caveats;\n  }\n\n  const timestampCaveat: Caveat = {\n    enforcer: timestampEnforcer,\n    terms: createTimestampTerms({\n      afterThreshold: 0,\n      beforeThreshold,\n    }),\n    args: '0x',\n  };\n\n  return [...caveats, timestampCaveat];\n};\n\n/**\n * Ensures caveats include a sufficiently strict redeemer constraint.\n *\n * Returns the caveat list unchanged when an existing redeemer caveat is already\n * strict enough, or appends a new redeemer caveat scoped to facilitator addresses.\n *\n * @param options0 - Redeemer constraint evaluation inputs.\n * @param options0.redeemerEnforcer - Address of the redeemer enforcer caveat contract.\n * @param options0.caveats - Currently resolved caveats for the delegation being created.\n * @param options0.existingDelegations - Existing parent-chain delegations to inspect for inherited constraints.\n * @param options0.redeemerAddresses - Optional addresses to which redemption should be constrained.\n * @param options0.requireRedeemers - Whether at least one redeemer constraint must exist when no redeemer addresses are supplied.\n * @returns The original caveats when sufficiently constrained, otherwise caveats with a redeemer caveat appended.\n * @throws If no facilitator addresses are provided and no redeemer constraint exists.\n */\nexport const ensureRedeemerSufficientlyConstrained = ({\n  redeemerEnforcer,\n  caveats,\n  existingDelegations,\n  redeemerAddresses,\n  requireRedeemers,\n}: EnsureRedeemerSufficientlyConstrainedParams): Caveat[] => {\n  const redeemerAddressNormalized = normalizeAddress(redeemerEnforcer);\n\n  if (redeemerAddresses.length === 0) {\n    if (!requireRedeemers) {\n      return caveats;\n    }\n\n    const hasExistingRedeemerCaveat = hasMatchingCaveats(\n      caveats,\n      existingDelegations,\n      ({ enforcer }) =>\n        normalizeAddress(enforcer) === redeemerAddressNormalized,\n    );\n\n    if (!hasExistingRedeemerCaveat) {\n      throw new Error(\n        'Redeemer must be constrained, either in the specified `caveats`, `parentPermissionContext`, or the `PaymentRequirements` as `extra.facilitatorAddresses`.',\n      );\n    }\n\n    return caveats;\n  }\n\n  const redeemerAddressesNormalized = redeemerAddresses.map(normalizeAddress);\n  const redeemerAddressesSet = new Set(redeemerAddressesNormalized);\n\n  const hasSupersedingRedeemerCaveat = hasMatchingCaveats(\n    caveats,\n    existingDelegations,\n    (caveat) => {\n      if (normalizeAddress(caveat.enforcer) !== redeemerAddressNormalized) {\n        return false;\n      }\n\n      const allowedRedeemerAddresses = decodeRedeemerTerms(\n        caveat.terms,\n      ).redeemers.map(normalizeAddress);\n\n      // If this redeemer caveat only allows facilitator addresses, it is sufficiently constrained.\n      return allowedRedeemerAddresses.every((item) =>\n        redeemerAddressesSet.has(item),\n      );\n    },\n  );\n\n  if (hasSupersedingRedeemerCaveat) {\n    return caveats;\n  }\n\n  const redeemerCaveat: Caveat = {\n    enforcer: redeemerEnforcer,\n    terms: createRedeemerTerms({ redeemers: redeemerAddresses }),\n    args: '0x',\n  };\n\n  return [...caveats, redeemerCaveat];\n};\n\n/**\n * Ensures caveats include an allowed-calldata constraint for the payment payee.\n *\n * Scans both the in-progress caveat list and parent delegation caveats for an\n * `AllowedCalldataEnforcer` caveat whose terms match the encoded payee calldata\n * constraint. If found, returns caveats unchanged; otherwise appends a payee caveat.\n *\n * @param options0 - Payee constraint evaluation inputs.\n * @param options0.allowedCalldataEnforcer - Address of the AllowedCalldataEnforcer caveat contract.\n * @param options0.caveats - Currently resolved caveats for the delegation being created.\n * @param options0.existingDelegations - Existing parent-chain delegations to inspect for inherited constraints.\n * @param options0.payee - Expected ERC-20 transfer recipient to enforce in calldata.\n * @returns The original caveats when an equivalent payee constraint exists, otherwise caveats with a payee caveat appended.\n */\nexport const ensurePayeeSufficientlyConstrained = ({\n  allowedCalldataEnforcer,\n  caveats,\n  existingDelegations,\n  payee,\n}: EnsurePayeeSufficientlyConstrainedParams): Caveat[] => {\n  const allowedCalldataTerms = createAllowedCalldataTerms({\n    startIndex: TRANSFER_PAYEE_INDEX,\n    value: pad(payee, { size: 32 }),\n  });\n\n  const allowedCalldataEnforcerNormalized = normalizeAddress(\n    allowedCalldataEnforcer,\n  );\n\n  const lowercaseCalldataTerms = allowedCalldataTerms.toLowerCase();\n\n  const hasSupersedingAllowedCalldataConstraint = hasMatchingCaveats(\n    caveats,\n    existingDelegations,\n    ({ enforcer, terms }) =>\n      normalizeAddress(enforcer) === allowedCalldataEnforcerNormalized &&\n      terms.toLowerCase() === lowercaseCalldataTerms,\n  );\n\n  if (hasSupersedingAllowedCalldataConstraint) {\n    return caveats;\n  }\n\n  const payeeCaveat: Caveat = {\n    enforcer: allowedCalldataEnforcer,\n    terms: allowedCalldataTerms,\n    args: '0x',\n  };\n\n  return [...caveats, payeeCaveat];\n};\n\n/**\n * Resolves caveats and applies x402-specific redeemer and payee constraints.\n *\n * @param options0 - Caveat resolution inputs.\n * @param options0.environment - Environment containing caveat enforcer addresses.\n * @param options0.caveatsConfig - Optional caveat builder config.\n * @param options0.existingDelegations - Existing parent-chain delegations.\n * @param options0.facilitatorAddresses - Optional facilitator addresses used for redeemer constraints.\n * @param options0.payee - Payee address used for allowed calldata constraints.\n * @param options0.expirySeconds - Optional relative expiry in seconds for adding timestamp constraints.\n * @param options0.requireRedeemers - Whether redeemer constraints are mandatory when no facilitator or configured redeemer addresses are present.\n * @param options0.redeemerAddresses - Optional redeemer addresses from provider config to merge with facilitator addresses.\n * @returns Caveats after redeemer and payee constraints are enforced.\n */\nexport const resolvex402DelegationCaveats = ({\n  environment,\n  caveatsConfig,\n  existingDelegations,\n  facilitatorAddresses,\n  payee,\n  expirySeconds,\n  requireRedeemers,\n  redeemerAddresses,\n}: Resolvex402DelegationCaveatsParams): Caveat[] => {\n  const {\n    caveatEnforcers: {\n      RedeemerEnforcer: redeemerEnforcer,\n      AllowedCalldataEnforcer: allowedCalldataEnforcer,\n      TimestampEnforcer: timestampEnforcer,\n    },\n  } = environment;\n\n  if (!redeemerEnforcer) {\n    throw new Error('RedeemerEnforcer not found in environment');\n  }\n\n  if (!allowedCalldataEnforcer) {\n    throw new Error('AllowedCalldataEnforcer not found in environment');\n  }\n\n  if (!timestampEnforcer) {\n    throw new Error('TimestampEnforcer not found in environment');\n  }\n\n  const initialCaveats = resolveCaveats({\n    environment,\n    caveats: caveatsConfig,\n    // Resolve caveats first so downstream constraint checks can append as needed.\n    // Scope is still attached later during delegation creation.\n    isScopeOptional: true,\n  });\n\n  const allRedeemerAddresses = new Set(\n    [...(facilitatorAddresses ?? []), ...(redeemerAddresses ?? [])].map(\n      normalizeAddress,\n    ),\n  );\n\n  const caveatsWithRedeemer = ensureRedeemerSufficientlyConstrained({\n    redeemerEnforcer,\n    caveats: initialCaveats,\n    existingDelegations,\n    redeemerAddresses: Array.from(allRedeemerAddresses),\n    requireRedeemers,\n  });\n\n  const caveatsWithPayee = ensurePayeeSufficientlyConstrained({\n    allowedCalldataEnforcer,\n    caveats: caveatsWithRedeemer,\n    existingDelegations,\n    payee,\n  });\n\n  if (expirySeconds === undefined) {\n    return caveatsWithPayee;\n  }\n\n  return ensureExpirySufficientlyConstrained({\n    timestampEnforcer,\n    caveats: caveatsWithPayee,\n    existingDelegations,\n    expirySeconds,\n  });\n};\n\n/**\n * Builds the delegation creation context from provider config and requirements.\n *\n * @param config - Delegation provider config for context construction.\n * @param requirements - Payment requirements used to scope caveats.\n * @returns The resolved context used to create and sign a delegation.\n */\nexport const resolveDelegationCreationContext = async (\n  config: x402DelegationProviderConfig,\n  requirements: PaymentRequirements,\n): Promise<DelegationCreationContext> => {\n  const account = await resolveMaybeDeferred(config.account, requirements);\n  const redeemersConfig = await resolveMaybeDeferred(\n    config.redeemers,\n    requirements,\n  );\n\n  const requireRedeemers = redeemersConfig?.requireRedeemers ?? false;\n  const redeemerAddresses = await resolveMaybeDeferred(\n    redeemersConfig?.addresses,\n    requirements,\n  );\n\n  const specifiedEnvironment = await resolveMaybeDeferred(\n    config.environment,\n    requirements,\n  );\n  const environment =\n    specifiedEnvironment ??\n    getSmartAccountsEnvironment(parseEip155ChainId(requirements.network));\n\n  const caveatsConfig: Caveats | undefined = await resolveMaybeDeferred(\n    config.caveats,\n    requirements,\n  );\n  const parentPermissionContext: PermissionContext | undefined =\n    await resolveMaybeDeferred(config.parentPermissionContext, requirements);\n  const expirySeconds = await resolveMaybeDeferred(\n    config.expirySeconds,\n    requirements,\n  );\n\n  const from =\n    (await resolveMaybeDeferred(config.from, requirements)) ?? account.address;\n  const salt =\n    (await resolveMaybeDeferred(config.salt, requirements)) ?? generateSalt();\n\n  const scope = {\n    type: ScopeType.Erc20TransferAmount,\n    tokenAddress: requirements.asset as Hex,\n    maxAmount: BigInt(requirements.amount),\n  } as const;\n\n  const facilitatorAddresses = requirements.extra?.facilitatorAddresses as\n    | Hex[]\n    | undefined;\n\n  const existingDelegations = parentPermissionContext\n    ? decodeDelegations(parentPermissionContext)\n    : [];\n\n  const { DelegationManager: delegationManager } = environment;\n  const caveats = resolvex402DelegationCaveats({\n    environment,\n    caveatsConfig,\n    existingDelegations,\n    facilitatorAddresses,\n    payee: requirements.payTo as Hex,\n    expirySeconds,\n    requireRedeemers,\n    redeemerAddresses,\n  });\n\n  let createDelegationConfig: Parameters<typeof createOpenDelegation>[0];\n\n  if (parentPermissionContext) {\n    const parentDelegation = existingDelegations[0];\n\n    if (!parentDelegation) {\n      throw new Error('Parent permission context is not a valid delegation');\n    }\n\n    createDelegationConfig = {\n      environment,\n      from,\n      caveats,\n      salt,\n      scope,\n      parentDelegation,\n    };\n  } else {\n    createDelegationConfig = {\n      environment,\n      from,\n      caveats,\n      salt,\n      scope,\n    };\n  }\n\n  const rootDelegator =\n    existingDelegations[existingDelegations.length - 1]?.delegator ?? from;\n\n  return {\n    account,\n    createDelegationConfig,\n    delegationManager,\n    existingDelegations,\n    rootDelegator,\n  };\n};\n","import {\n  createOpenDelegation,\n  encodeDelegations,\n  prepareSignDelegationTypedData,\n} from '../delegation';\nimport type {\n  PaymentRequirements,\n  x402DelegationProvider,\n  x402DelegationProviderConfig,\n  x402DelegationProviderPaymentPayload,\n} from './x402DelegationProviderTypes';\nimport {\n  parseEip155ChainId,\n  resolveDelegationCreationContext,\n} from './x402DelegationProviderUtils';\n\nexport type {\n  MaybeDeferred,\n  PaymentRequirements,\n  x402DelegationProvider,\n  x402DelegationProviderConfig,\n  x402DelegationProviderPaymentPayload,\n} from './x402DelegationProviderTypes';\n\nexport { parseEip155ChainId } from './x402DelegationProviderUtils';\n\n/**\n * Creates a delegation provider function for x402 payment requirements.\n *\n * The returned provider resolves deferred config values using incoming payment\n * requirements, creates an open delegation, signs it, and returns an encoded\n * permission context payload.\n *\n * @param config - Delegation creation and signing configuration.\n * @returns A provider that maps payment requirements to a signed delegation payload.\n */\nexport function createx402DelegationProvider(\n  config: x402DelegationProviderConfig,\n): x402DelegationProvider {\n  return async (\n    requirements: PaymentRequirements,\n  ): Promise<x402DelegationProviderPaymentPayload> => {\n    const {\n      account,\n      createDelegationConfig,\n      delegationManager,\n      existingDelegations,\n      rootDelegator,\n    } = await resolveDelegationCreationContext(config, requirements);\n\n    const delegation = createOpenDelegation(createDelegationConfig);\n\n    const chainId = parseEip155ChainId(requirements.network);\n\n    const typedData = prepareSignDelegationTypedData({\n      delegationManager,\n      chainId,\n      delegation,\n    });\n\n    if (!account.signTypedData) {\n      throw new Error('Account does not support signTypedData');\n    }\n\n    const signature = await account.signTypedData(typedData);\n\n    const signedDelegation = {\n      ...delegation,\n      signature,\n    };\n\n    const permissionContext = encodeDelegations([\n      signedDelegation,\n      ...existingDelegations,\n    ]);\n\n    return {\n      delegationManager,\n      permissionContext,\n      delegator: rootDelegator,\n    };\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,SAAmB,aAAa;AA4BzB,IAAM,+BAET;AAAA,EACF,KAAK,EAAE,QAAQ,0CAA0C;AAAA,EACzD,MAAM,EAAE,QAAQ,sCAAsC;AACxD;AASA,SAAS,gCACP,QAC2B;AAC3B,QAAM,sBAAsB,OAAO,QAAQ,4BAA4B,EAAE;AAAA,IACvE,CAAC,CAAC,GAAG,GAAG,MAAM,IAAI,WAAW;AAAA,EAC/B;AAEA,SAAO,sBAAsB,oBAAoB,CAAC,IAAI;AACxD;AAaO,IAAM,0BAAN,MAA8B;AAAA,EAC1B,oBAAoB;AAAA,EAEpB;AAAA,EAEA;AAAA,EAEA;AAAA,EAET,YAAY,QAAiC;AAC3C,UAAM,EAAE,OAAO,IAAI,OAAO;AAE1B;AAAA,MACE;AAAA,MACA;AAAA,QACE,aAAa,gCAAgC,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,QAAI,OAAO,SAAS,KAAK,iBAAiB,GAAG;AAC3C,WAAK,UAAU;AAAA,IACjB,OAAO;AACL,YAAM,YAAY,OAAO,SAAS,GAAG,IAAI,KAAK;AAC9C,WAAK,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,KAAK,iBAAiB;AAAA,IAC/D;AACA,SAAK,WAAW,KAAK,mBAAmB,MAAM;AAC9C,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,mBAAmB,QAA+C;AAChE,QAAI,OAAO,SAAS;AAClB,aAAO,OAAO;AAAA,IAChB,WAAW,OAAO,YAAY,UAAU,YAAY;AAClD,aAAO,WAAW,MAAM,KAAK,UAAU;AAAA,IACzC;AACA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,mBACJ,gCACuB;AACvB;AAAA,MACE;AAAA,MACA;AAAA,QACE,WACE,OAAO,mCAAmC,WACtC,SACA;AAAA,MACR;AAAA,IACF;AACA,UAAM,qBACJ,OAAO,mCAAmC,WACtC,iCACA,eAAe,8BAA8B;AAEnD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,GAAG,KAAK,OAAO,qBAAqB,kBAAkB;AAAA,MACtD;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,UAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,UAAM,eAA6C,MAAM,SAAS,KAAK;AAEvE,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI;AAAA,QACR,qCAAqC,aAAa,KAAK;AAAA,MACzD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBACJ,kBACA,aAAa,2BACU;AACvB;AAAA,MACE;AAAA,MACA,EAAE,WAAW;AAAA,IACf;AACA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,GAAG,KAAK,OAAO,wBAAwB,gBAAgB,WAAW,UAAU;AAAA,MAC5E;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,UAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,UAAM,eAA6C,MAAM,SAAS,KAAK;AAEvE,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI,MAAM,gCAAgC,aAAa,KAAK,EAAE;AAAA,IACtE;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,gBAAgB,YAAsC;AAC1D;AAAA,MACE;AAAA,MACA,EAAE,aAAa,WAAW,QAAQ,OAAO;AAAA,IAC3C;AACA,QAAI,CAAC,WAAW,aAAa,WAAW,cAAc,MAAM;AAC1D,YAAM,IAAI,MAAM,wCAAwC;AAAA,IAC1D;AAEA,UAAM,iBAAiB,eAAe,UAAU;AAEhD,UAAM,OAAO,KAAK;AAAA,MAChB;AAAA,QACE,GAAG;AAAA,QACH,UAAU,CAAC;AAAA,MACb;AAAA,MACA,CAAC,GAAG,UACF,OAAO,UAAU,YAAY,OAAO,UAAU,WAC1C,MAAM,KAAK,IACX;AAAA,MACN;AAAA,IACF;AAEA,UAAM,WAAW,MAAM,KAAK,SAAS,GAAG,KAAK,OAAO,qBAAqB;AAAA,MACvE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU,KAAK,QAAQ,MAAM;AAAA,QAC5C,gBAAgB,KAAK,QAAQ;AAAA,QAC7B,gBAAgB;AAAA,MAClB;AAAA,MACA;AAAA,IACF,CAAC;AAED,UAAM,eACJ,MAAM,SAAS,KAAK;AAEtB,QAAI,WAAW,cAAc;AAC3B,YAAM,IAAI,MAAM,aAAa,KAAK;AAAA,IACpC;AAEA,QAAI,aAAa,mBAAmB,gBAAgB;AAClD,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO,aAAa;AAAA,EACtB;AACF;;;AC9PA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,wBAAwB;AACjC,SAAS,WAAiD;AAoF1D,eAAe,qBACb,eACA,cACkB;AAClB,MAAI,OAAO,kBAAkB,YAAY;AACvC,UAAM,WAAW;AAIjB,WAAO,MAAM,SAAS,YAAY;AAAA,EACpC;AAEA,SAAO;AACT;AASO,SAAS,mBACd,SACQ;AACR,QAAM,EAAE,WAAW,UAAU,IAAI;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,cAAc,UAAU;AAC1B,UAAM,IAAI,MAAM,6BAA6B;AAAA,EAC/C;AAEA,QAAM,gBAAgB,OAAO,SAAS;AAEtC,MAAI,MAAM,aAAa,GAAG;AACxB,UAAM,IAAI,MAAM,kBAAkB;AAAA,EACpC;AAEA,SAAO;AACT;AAKA,IAAM,uBAAuB;AAQ7B,IAAM,mBAAmB,CAAC,YACxB,QAAQ,YAAY;AAUtB,IAAM,qBAAqB,CACzB,SACA,aACA,UACY;AACZ,aAAW,UAAU,SAAS;AAC5B,QAAI,MAAM,MAAM,GAAG;AACjB,aAAO;AAAA,IACT;AAAA,EACF;AAEA,aAAW,cAAc,aAAa;AACpC,eAAW,UAAU,WAAW,SAAS;AACvC,UAAI,MAAM,MAAM,GAAG;AACjB,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAgBO,IAAM,sCAAsC,CAAC;AAAA,EAClD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAA2D;AACzD,MAAI,gBAAgB,GAAG;AACrB,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,QAAM,kBAAkB,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,IAAI;AACxD,QAAM,8BAA8B,iBAAiB,iBAAiB;AAEtE,QAAM,oCAAoC;AAAA,IACxC;AAAA,IACA;AAAA,IACA,CAAC,WAAW;AACV,UAAI,iBAAiB,OAAO,QAAQ,MAAM,6BAA6B;AACrE,eAAO;AAAA,MACT;AAEA,YAAM,EAAE,iBAAiB,wBAAwB,IAAI;AAAA,QACnD,OAAO;AAAA,MACT;AACA,aACE,4BAA4B,KAC5B,2BAA2B;AAAA,IAE/B;AAAA,EACF;AAEA,MAAI,mCAAmC;AACrC,WAAO;AAAA,EACT;AAEA,QAAM,kBAA0B;AAAA,IAC9B,UAAU;AAAA,IACV,OAAO,qBAAqB;AAAA,MAC1B,gBAAgB;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,IACD,MAAM;AAAA,EACR;AAEA,SAAO,CAAC,GAAG,SAAS,eAAe;AACrC;AAiBO,IAAM,wCAAwC,CAAC;AAAA,EACpD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAA6D;AAC3D,QAAM,4BAA4B,iBAAiB,gBAAgB;AAEnE,MAAI,kBAAkB,WAAW,GAAG;AAClC,QAAI,CAAC,kBAAkB;AACrB,aAAO;AAAA,IACT;AAEA,UAAM,4BAA4B;AAAA,MAChC;AAAA,MACA;AAAA,MACA,CAAC,EAAE,SAAS,MACV,iBAAiB,QAAQ,MAAM;AAAA,IACnC;AAEA,QAAI,CAAC,2BAA2B;AAC9B,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAEA,QAAM,8BAA8B,kBAAkB,IAAI,gBAAgB;AAC1E,QAAM,uBAAuB,IAAI,IAAI,2BAA2B;AAEhE,QAAM,+BAA+B;AAAA,IACnC;AAAA,IACA;AAAA,IACA,CAAC,WAAW;AACV,UAAI,iBAAiB,OAAO,QAAQ,MAAM,2BAA2B;AACnE,eAAO;AAAA,MACT;AAEA,YAAM,2BAA2B;AAAA,QAC/B,OAAO;AAAA,MACT,EAAE,UAAU,IAAI,gBAAgB;AAGhC,aAAO,yBAAyB;AAAA,QAAM,CAAC,SACrC,qBAAqB,IAAI,IAAI;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAEA,MAAI,8BAA8B;AAChC,WAAO;AAAA,EACT;AAEA,QAAM,iBAAyB;AAAA,IAC7B,UAAU;AAAA,IACV,OAAO,oBAAoB,EAAE,WAAW,kBAAkB,CAAC;AAAA,IAC3D,MAAM;AAAA,EACR;AAEA,SAAO,CAAC,GAAG,SAAS,cAAc;AACpC;AAgBO,IAAM,qCAAqC,CAAC;AAAA,EACjD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAA0D;AACxD,QAAM,uBAAuB,2BAA2B;AAAA,IACtD,YAAY;AAAA,IACZ,OAAO,IAAI,OAAO,EAAE,MAAM,GAAG,CAAC;AAAA,EAChC,CAAC;AAED,QAAM,oCAAoC;AAAA,IACxC;AAAA,EACF;AAEA,QAAM,yBAAyB,qBAAqB,YAAY;AAEhE,QAAM,0CAA0C;AAAA,IAC9C;AAAA,IACA;AAAA,IACA,CAAC,EAAE,UAAU,MAAM,MACjB,iBAAiB,QAAQ,MAAM,qCAC/B,MAAM,YAAY,MAAM;AAAA,EAC5B;AAEA,MAAI,yCAAyC;AAC3C,WAAO;AAAA,EACT;AAEA,QAAM,cAAsB;AAAA,IAC1B,UAAU;AAAA,IACV,OAAO;AAAA,IACP,MAAM;AAAA,EACR;AAEA,SAAO,CAAC,GAAG,SAAS,WAAW;AACjC;AAgBO,IAAM,+BAA+B,CAAC;AAAA,EAC3C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAAoD;AAClD,QAAM;AAAA,IACJ,iBAAiB;AAAA,MACf,kBAAkB;AAAA,MAClB,yBAAyB;AAAA,MACzB,mBAAmB;AAAA,IACrB;AAAA,EACF,IAAI;AAEJ,MAAI,CAAC,kBAAkB;AACrB,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AAEA,MAAI,CAAC,yBAAyB;AAC5B,UAAM,IAAI,MAAM,kDAAkD;AAAA,EACpE;AAEA,MAAI,CAAC,mBAAmB;AACtB,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AAEA,QAAM,iBAAiB,eAAe;AAAA,IACpC;AAAA,IACA,SAAS;AAAA;AAAA;AAAA,IAGT,iBAAiB;AAAA,EACnB,CAAC;AAED,QAAM,uBAAuB,IAAI;AAAA,IAC/B,CAAC,GAAI,wBAAwB,CAAC,GAAI,GAAI,qBAAqB,CAAC,CAAE,EAAE;AAAA,MAC9D;AAAA,IACF;AAAA,EACF;AAEA,QAAM,sBAAsB,sCAAsC;AAAA,IAChE;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA,mBAAmB,MAAM,KAAK,oBAAoB;AAAA,IAClD;AAAA,EACF,CAAC;AAED,QAAM,mBAAmB,mCAAmC;AAAA,IAC1D;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA;AAAA,EACF,CAAC;AAED,MAAI,kBAAkB,QAAW;AAC/B,WAAO;AAAA,EACT;AAEA,SAAO,oCAAoC;AAAA,IACzC;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA;AAAA,EACF,CAAC;AACH;AASO,IAAM,mCAAmC,OAC9C,QACA,iBACuC;AACvC,QAAM,UAAU,MAAM,qBAAqB,OAAO,SAAS,YAAY;AACvE,QAAM,kBAAkB,MAAM;AAAA,IAC5B,OAAO;AAAA,IACP;AAAA,EACF;AAEA,QAAM,mBAAmB,iBAAiB,oBAAoB;AAC9D,QAAM,oBAAoB,MAAM;AAAA,IAC9B,iBAAiB;AAAA,IACjB;AAAA,EACF;AAEA,QAAM,uBAAuB,MAAM;AAAA,IACjC,OAAO;AAAA,IACP;AAAA,EACF;AACA,QAAM,cACJ,wBACA,4BAA4B,mBAAmB,aAAa,OAAO,CAAC;AAEtE,QAAM,gBAAqC,MAAM;AAAA,IAC/C,OAAO;AAAA,IACP;AAAA,EACF;AACA,QAAM,0BACJ,MAAM,qBAAqB,OAAO,yBAAyB,YAAY;AACzE,QAAM,gBAAgB,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP;AAAA,EACF;AAEA,QAAM,OACH,MAAM,qBAAqB,OAAO,MAAM,YAAY,KAAM,QAAQ;AACrE,QAAM,OACH,MAAM,qBAAqB,OAAO,MAAM,YAAY,KAAM,aAAa;AAE1E,QAAM,QAAQ;AAAA,IACZ;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,WAAW,OAAO,aAAa,MAAM;AAAA,EACvC;AAEA,QAAM,uBAAuB,aAAa,OAAO;AAIjD,QAAM,sBAAsB,0BACxB,kBAAkB,uBAAuB,IACzC,CAAC;AAEL,QAAM,EAAE,mBAAmB,kBAAkB,IAAI;AACjD,QAAM,UAAU,6BAA6B;AAAA,IAC3C;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,OAAO,aAAa;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,MAAI;AAEJ,MAAI,yBAAyB;AAC3B,UAAM,mBAAmB,oBAAoB,CAAC;AAE9C,QAAI,CAAC,kBAAkB;AACrB,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AAEA,6BAAyB;AAAA,MACvB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF,OAAO;AACL,6BAAyB;AAAA,MACvB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM,gBACJ,oBAAoB,oBAAoB,SAAS,CAAC,GAAG,aAAa;AAEpE,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;;;ACjhBO,SAAS,6BACd,QACwB;AACxB,SAAO,OACL,iBACkD;AAClD,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,IAAI,MAAM,iCAAiC,QAAQ,YAAY;AAE/D,UAAM,aAAa,qBAAqB,sBAAsB;AAE9D,UAAM,UAAU,mBAAmB,aAAa,OAAO;AAEvD,UAAM,YAAY,+BAA+B;AAAA,MAC/C;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAED,QAAI,CAAC,QAAQ,eAAe;AAC1B,YAAM,IAAI,MAAM,wCAAwC;AAAA,IAC1D;AAEA,UAAM,YAAY,MAAM,QAAQ,cAAc,SAAS;AAEvD,UAAM,mBAAmB;AAAA,MACvB,GAAG;AAAA,MACH;AAAA,IACF;AAEA,UAAM,oBAAoB,kBAAkB;AAAA,MAC1C;AAAA,MACA,GAAG;AAAA,IACL,CAAC;AAED,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,WAAW;AAAA,IACb;AAAA,EACF;AACF;","names":[]}

package/dist/index-B1Cmezvh.d.cts

@@ -0,0 +1,61 @@
+import { j as ScopeType, B as Erc20PeriodTransferBuilderConfig, F as Erc20StreamingBuilderConfig, G as Erc20TransferAmountBuilderConfig, J as Erc721TransferBuilderConfig, K as AllowedCalldataBuilderConfig, L as ExactCalldataBuilderConfig, V as ValueLteBuilderConfig, N as AllowedTargetsBuilderConfig, O as AllowedMethodsBuilderConfig, Q as NativeTokenPeriodTransferBuilderConfig, R as NativeTokenStreamingBuilderConfig, U as NativeTokenTransferAmountBuilderConfig, X as OwnershipTransferBuilderConfig } from './resolveCaveats-A9xC29l8.cjs';
+
+type Erc20PeriodicScopeConfig = {
+    type: ScopeType.Erc20PeriodTransfer;
+} & Erc20PeriodTransferBuilderConfig;
+
+type Erc20StreamingScopeConfig = {
+    type: ScopeType.Erc20Streaming;
+} & Erc20StreamingBuilderConfig;
+
+type Erc20TransferScopeConfig = {
+    type: ScopeType.Erc20TransferAmount;
+} & Erc20TransferAmountBuilderConfig;
+
+type Erc721ScopeBaseConfig = {
+    type: ScopeType.Erc721Transfer;
+};
+type Erc721ScopeConfig = Erc721ScopeBaseConfig & Erc721TransferBuilderConfig;
+
+type FunctionCallScopeBaseConfig = {
+    type: ScopeType.FunctionCall;
+    allowedCalldata?: AllowedCalldataBuilderConfig[];
+    exactCalldata?: ExactCalldataBuilderConfig;
+    valueLte?: ValueLteBuilderConfig;
+};
+type FunctionCallScopeConfig = FunctionCallScopeBaseConfig & AllowedTargetsBuilderConfig & AllowedMethodsBuilderConfig;
+
+type NativeTokenPeriodicScopeConfig = {
+    type: ScopeType.NativeTokenPeriodTransfer;
+    allowedCalldata?: AllowedCalldataBuilderConfig[];
+    exactCalldata?: ExactCalldataBuilderConfig;
+} & NativeTokenPeriodTransferBuilderConfig;
+
+type NativeTokenStreamingScopeConfig = {
+    type: ScopeType.NativeTokenStreaming;
+    allowedCalldata?: AllowedCalldataBuilderConfig[];
+    exactCalldata?: ExactCalldataBuilderConfig;
+} & NativeTokenStreamingBuilderConfig;
+
+type NativeTokenTransferScopeConfig = {
+    type: ScopeType.NativeTokenTransferAmount;
+    allowedCalldata?: AllowedCalldataBuilderConfig[];
+    exactCalldata?: ExactCalldataBuilderConfig;
+} & NativeTokenTransferAmountBuilderConfig;
+
+type OwnershipScopeBaseConfig = {
+    type: ScopeType.OwnershipTransfer;
+};
+type OwnershipScopeConfig = OwnershipScopeBaseConfig & OwnershipTransferBuilderConfig;
+
+type ConvertScopeConfigsToInputs<T extends {
+    type: ScopeType;
+}> = T extends {
+    type: ScopeType;
+} ? Omit<T, 'type'> & {
+    type: T['type'] | `${T['type']}`;
+} : never;
+type ScopeConfigBase = Erc20TransferScopeConfig | Erc20StreamingScopeConfig | Erc20PeriodicScopeConfig | NativeTokenTransferScopeConfig | NativeTokenStreamingScopeConfig | NativeTokenPeriodicScopeConfig | Erc721ScopeConfig | OwnershipScopeConfig | FunctionCallScopeConfig;
+type ScopeConfig = ConvertScopeConfigsToInputs<ScopeConfigBase>;
+
+export type { ScopeConfig as S };