@muhaven/mcp 0.2.3 → 0.2.4

package/CHANGELOG.md

@@ -7,6 +7,38 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.2.4] — 2026-05-23
+
+### Fixed
+
+- **Paymaster RPC method + param shape**:
+  `pm_sponsorUserOperation` → `zd_sponsorUserOperation`. ZeroDev v3
+  endpoints route paymaster RPCs through Alchemy infrastructure, which
+  exposes only ERC-7677 (`pm_getPaymasterStubData` / `pm_getPaymasterData`)
+  and ZeroDev-prefixed (`zd_sponsorUserOperation`) — the legacy
+  `pm_sponsorUserOperation` returns `"Unsupported method"` from
+  Alchemy. The MCP server's `attemptPathD` failed at
+  `pathDFallbackReason: paymaster_rejected` on every Path D autonomous
+  buy. Fix: switch method name + change request shape from positional
+  `[userOp, entryPoint]` to wrapped
+  `[{chainId, userOp, entryPointAddress, shouldOverrideFee, shouldConsume}]`.
+  Matches `@zerodev/sdk@5.5.10`'s `paymaster/sponsorUserOperation.js`
+  byte-for-byte. Verified 2026-05-23 via direct curl reproduction
+  against the prod bundler URL (bare → "Unsupported method"; correct
+  shape → simulation result with AA23 from synthetic UserOp, proving
+  the method works).
+
+  `sponsorUserOp` now requires `expectedChainId` in `BundlerClientOptions`
+  (throws `BundlerClientError(config)` when missing) — the chainId is
+  part of the request envelope. Defaults conservative placeholder gas
+  limits on the userOp when the caller omits them (ZeroDev's Zod
+  validator requires the gas fields in the request even though
+  simulation recomputes them).
+
+  Added 3 regression tests pinning the new method name, the wrapped
+  envelope, the gas-default behaviour + a `config`-error case when
+  expectedChainId is missing.
+
 ## [0.2.3] — 2026-05-23
 
 ### Fixed

package/dist/broker.cjs

@@ -2783,7 +2783,7 @@ function printUsage() {
 }
 function getBrokerPackageVersion() {
   {
-    return "0.2.3";
+    return "0.2.4";
   }
 }
 function printVersion() {

package/dist/broker.js

@@ -2785,7 +2785,7 @@ function printUsage() {
 }
 function getBrokerPackageVersion() {
   {
-    return "0.2.3";
+    return "0.2.4";
   }
 }
 function printVersion() {

package/dist/index.cjs

@@ -1071,7 +1071,28 @@ var BundlerClient = class {
    * `estimateUserOpGas` round-trip on the happy path).
    */
   async sponsorUserOp(userOp, entryPoint) {
-    const result = await this.rpc("pm_sponsorUserOperation", [userOp, entryPoint]);
+    if (this.options.expectedChainId === void 0) {
+      throw new BundlerClientError(
+        "config",
+        "sponsorUserOp requires expectedChainId in BundlerClientOptions \u2014 ZeroDev paymaster needs it in the request envelope"
+      );
+    }
+    const userOpWithGas = {
+      ...userOp,
+      callGasLimit: userOp.callGasLimit ?? "0x100000",
+      // 1_048_576
+      verificationGasLimit: userOp.verificationGasLimit ?? "0x100000",
+      preVerificationGas: userOp.preVerificationGas ?? "0x100000"
+    };
+    const result = await this.rpc("zd_sponsorUserOperation", [
+      {
+        chainId: this.options.expectedChainId,
+        userOp: userOpWithGas,
+        entryPointAddress: entryPoint,
+        shouldOverrideFee: false,
+        shouldConsume: true
+      }
+    ]);
     return parseSponsoredFields(result);
   }
   /**
@@ -3032,7 +3053,7 @@ var SERVER_NAME = "@muhaven/mcp";
 var SERVER_VERSION = resolveServerVersion();
 function resolveServerVersion() {
   {
-    return "0.2.3";
+    return "0.2.4";
   }
 }
 function toJsonInputSchema(schema) {

package/dist/index.d.cts

@@ -708,6 +708,17 @@ interface PartialUserOpForSponsorship {
     readonly maxPriorityFeePerGas: `0x${string}`;
     /** Worst-case placeholder so paymaster simulates realistic gas. */
     readonly signature: `0x${string}`;
+    /**
+     * Optional pre-estimated gas fields. ZeroDev's `zd_sponsorUserOperation`
+     * does its own simulation + recomputes these in the response, so
+     * passing placeholders is OK — but the upstream Zod validator
+     * REQUIRES the fields to be present. `sponsorUserOp` defaults them
+     * to safe placeholders when omitted (the response carries the real
+     * values for the caller to use).
+     */
+    readonly callGasLimit?: `0x${string}`;
+    readonly verificationGasLimit?: `0x${string}`;
+    readonly preVerificationGas?: `0x${string}`;
 }
 interface SponsoredUserOpFields {
     readonly paymaster: `0x${string}`;

package/dist/index.d.ts

@@ -708,6 +708,17 @@ interface PartialUserOpForSponsorship {
     readonly maxPriorityFeePerGas: `0x${string}`;
     /** Worst-case placeholder so paymaster simulates realistic gas. */
     readonly signature: `0x${string}`;
+    /**
+     * Optional pre-estimated gas fields. ZeroDev's `zd_sponsorUserOperation`
+     * does its own simulation + recomputes these in the response, so
+     * passing placeholders is OK — but the upstream Zod validator
+     * REQUIRES the fields to be present. `sponsorUserOp` defaults them
+     * to safe placeholders when omitted (the response carries the real
+     * values for the caller to use).
+     */
+    readonly callGasLimit?: `0x${string}`;
+    readonly verificationGasLimit?: `0x${string}`;
+    readonly preVerificationGas?: `0x${string}`;
 }
 interface SponsoredUserOpFields {
     readonly paymaster: `0x${string}`;

package/dist/index.js

@@ -1067,7 +1067,28 @@ var BundlerClient = class {
    * `estimateUserOpGas` round-trip on the happy path).
    */
   async sponsorUserOp(userOp, entryPoint) {
-    const result = await this.rpc("pm_sponsorUserOperation", [userOp, entryPoint]);
+    if (this.options.expectedChainId === void 0) {
+      throw new BundlerClientError(
+        "config",
+        "sponsorUserOp requires expectedChainId in BundlerClientOptions \u2014 ZeroDev paymaster needs it in the request envelope"
+      );
+    }
+    const userOpWithGas = {
+      ...userOp,
+      callGasLimit: userOp.callGasLimit ?? "0x100000",
+      // 1_048_576
+      verificationGasLimit: userOp.verificationGasLimit ?? "0x100000",
+      preVerificationGas: userOp.preVerificationGas ?? "0x100000"
+    };
+    const result = await this.rpc("zd_sponsorUserOperation", [
+      {
+        chainId: this.options.expectedChainId,
+        userOp: userOpWithGas,
+        entryPointAddress: entryPoint,
+        shouldOverrideFee: false,
+        shouldConsume: true
+      }
+    ]);
     return parseSponsoredFields(result);
   }
   /**
@@ -3028,7 +3049,7 @@ var SERVER_NAME = "@muhaven/mcp";
 var SERVER_VERSION = resolveServerVersion();
 function resolveServerVersion() {
   {
-    return "0.2.3";
+    return "0.2.4";
   }
 }
 function toJsonInputSchema(schema) {

package/manifest.json

@@ -3,7 +3,7 @@
   "manifest_version": "0.2",
   "name": "muhaven-mcp",
   "display_name": "MuHaven (RWA portfolio)",
-  "version": "0.2.3",
+  "version": "0.2.4",
   "description": "Confidential RWA portfolio management on Fhenix CoFHE. Read your encrypted balances, propose yield claims and policy changes — all signing happens in a sibling broker daemon, the LLM never sees your private key.",
   "long_description": "MuHaven MCP exposes 24 tools across read.* / position.* / policy.* / issuer.* / governance.* groups for managing real-world asset (RWA) tokens with FHE-encrypted balances. Authentication uses a one-time device-code ceremony (run `muhaven-broker login`); subsequent tool calls fetch the JWT from the broker over a Unix socket. Position / governance tools deep-link to the dashboard for passkey signing — they NEVER auto-submit to a bundler. The companion `muhaven-broker` daemon must be running before tools can be invoked. See README for setup.",
   "author": {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@muhaven/mcp",
-  "version": "0.2.3",
+  "version": "0.2.4",
   "description": "MuHaven MCP server — read/position/policy toolsets bridging Claude Desktop / Cursor / Claude Code to the MuHaven backend, with a sibling muhaven-broker daemon holding the session-key private half over a local IPC socket",
   "type": "module",
   "repository": {