npm - @naba-finance/uaepass - Versions diffs - 0.1.0 - Mend

@naba-finance/uaepass 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/LICENSE +21 -0
package/README.md +129 -0
package/contracts/ICredential.sol +63 -0
package/deployments/addresses.json +17 -0
package/package.json +33 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Naba Finance
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,129 @@
+# @naba-finance/uaepass
+Solidity interfaces and deployment addresses for integrating **UAE Pass on-chain identity**.
+Use this package to gate your contracts on UAE Pass *provenance* — for example, a token that only addresses created by an official UAE Pass account can hold or receive.
+> This is the public **integration** package. It ships interfaces + addresses only; the implementation contracts, validator, and ZK circuit live in a separate repository.
+## What it provides
+- [`ICredential`](contracts/ICredential.sol) — interface to the UAE Pass `Credential` contract. The key method is:
+  ```solidity
+  function wasCreatedByUAEPass(address account) external view returns (bool);
+  ```
+  It returns `true` iff `account` was deployed through one of the currently trusted UAE Pass account factories.
+- [`deployments/addresses.json`](deployments/addresses.json) — canonical contract addresses.
+### What `wasCreatedByUAEPass` means (and doesn't)
+It is a **provenance** check: "was this address created by an official UAE Pass factory." It does **not** assert real-time control of the account, KYC/identity status, or that any particular validator is still installed. Gate on it when "is this one of our accounts" is the question you're answering.
+## Deployed addresses
+All contracts use a **same-address deployment**: the address is identical on every supported chain (CREATE2 via Arachnid's deterministic deployment proxy).
+| Contract        | Address                                      |
+| --------------- | -------------------------------------------- |
+| `Credential`    | `0x8bA9eB1FF63DEd9145d341f316758e6Ca132Cb0e` |
+| `Registry`      | `0x9B66841644a49187b34660fEb05d057f7f4a3C4E` |
+| `Validator`     | `0x07656Fb863E3181664014124604f6fE5A2836206` |
+| `AccountFactory`| `0x3B56036FeE71527879E8a423DDcF327e08aD00A8` |
+| `Verifier`      | `0xDe29EFC7d5E21308a8AE2f95fE0946D96581427f` |
+| `KernelFactory` | `0xaac5D4240AF87249B3f71BC8E4A2cae074A3E419` |
+| Chain         | Chain ID | Network |
+| ------------- | -------- | ------- |
+| Polygon PoS   | 137      | mainnet |
+| Polygon Amoy  | 80002    | testnet |
+| ADI           | 36900    | mainnet |
+| ADI           | 99999    | testnet |
+For most integrations you only need **`Credential`**.
+## Install
+```bash
+npm install @naba-finance/uaepass
+```
+### Hardhat
+Import directly from `node_modules`:
+```solidity
+import {ICredential} from "@naba-finance/uaepass/contracts/ICredential.sol";
+```
+### Foundry
+Foundry resolves `node_modules`. Add a remapping (see [`remappings.txt`](remappings.txt)):
+```
+@naba-finance/uaepass/=node_modules/@naba-finance/uaepass/
+```
+then import the same way:
+```solidity
+import {ICredential} from "@naba-finance/uaepass/contracts/ICredential.sol";
+```
+## Usage — gating a token
+```solidity
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.24;
+import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+import {ICredential} from "@naba-finance/uaepass/contracts/ICredential.sol";
+/// @notice ERC-20 holdable only by UAE Pass accounts.
+contract GatedToken is ERC20 {
+    ICredential public immutable credential;
+    error NotUAEPassAccount(address account);
+    constructor(ICredential _credential) ERC20("Gated", "GATE") {
+        credential = _credential; // 0x8bA9eB1FF63DEd9145d341f316758e6Ca132Cb0e
+    }
+    // OZ v5 transfer hook — runs on mint, transfer, and burn.
+    function _update(address from, address to, uint256 value) internal override {
+        // Allow burns (to == address(0)); gate every recipient otherwise.
+        if (to != address(0) && !credential.wasCreatedByUAEPass(to)) {
+            revert NotUAEPassAccount(to);
+        }
+        super._update(from, to, value);
+    }
+}
+```
+Reading the predicate off-chain (viem):
+```ts
+import { createPublicClient, http } from "viem";
+import { polygon } from "viem/chains";
+const client = createPublicClient({ chain: polygon, transport: http() });
+const isUAEPass = await client.readContract({
+  address: "0x8bA9eB1FF63DEd9145d341f316758e6Ca132Cb0e",
+  abi: [{
+    type: "function",
+    name: "wasCreatedByUAEPass",
+    stateMutability: "view",
+    inputs: [{ name: "account", type: "address" }],
+    outputs: [{ type: "bool" }],
+  }],
+  functionName: "wasCreatedByUAEPass",
+  args: [userAddress],
+});
+```
+## License
+MIT — see [LICENSE](LICENSE).

package/contracts/ICredential.sol ADDED Viewed

@@ -0,0 +1,63 @@
+// SPDX-License-Identifier: MIT
+pragma solidity >=0.8.4;
+/// @title ICredential
+/// @author Naba Finance
+/// @notice Public, dependency-free interface to the UAE Pass `Credential` contract.
+///         Integrators use this to gate functionality on UAE Pass provenance —
+///         i.e. "was this address created by an official UAE Pass account factory".
+///
+/// @dev    The canonical predicate is {wasCreatedByUAEPass}. It is a pure
+///         provenance check: it returns true iff `account` was deployed through
+///         one of the currently trusted UAE Pass account factories. It does NOT
+///         attest to real-time control, KYC status, or that any particular
+///         validator is still installed on the account.
+///
+///         Deployed at the same address on every supported chain (CREATE2
+///         same-address scheme). See deployments/addresses.json / the README.
+///
+///         Ownership/admin functions (owner, transferOwnership, acceptOwnership)
+///         come from OpenZeppelin's Ownable2Step and are intentionally omitted
+///         here; integrators only need the read surface below.
+interface ICredential {
+    /// @notice Emitted when a factory is added to the trusted list.
+    /// @param factory The factory address that was trusted.
+    /// @param by      The owner account that performed the change.
+    event FactoryAdded(address indexed factory, address indexed by);
+    /// @notice Emitted when a factory is removed from the trusted list.
+    /// @param factory The factory address that was untrusted.
+    /// @param by      The owner account that performed the change.
+    event FactoryRemoved(address indexed factory, address indexed by);
+    /// @notice Address of the UAE Pass validator associated with this contract.
+    /// @dev    This is the `UAEPassValidator` — an ERC-7579 validator module
+    ///         installed as the root validator on the ZeroDev Kernel (v3.1)
+    ///         accounts that UAE Pass deploys. Returned as a plain `address`;
+    ///         cast it to the validator's own interface if you need to call it.
+    ///         Informational: {wasCreatedByUAEPass} is a factory-provenance
+    ///         check and does NOT depend on this validator still being at root.
+    /// @return The validator module address (immutable, same on every chain).
+    function validator() external view returns (address);
+    /// @notice Whether `factory` is currently in the trusted list.
+    /// @param factory The factory address to query.
+    /// @return True if the factory is trusted.
+    function isTrustedFactory(address factory) external view returns (bool);
+    /// @notice The full list of currently trusted factories.
+    /// @return The trusted factory addresses.
+    function getFactories() external view returns (address[] memory);
+    /// @notice Number of trusted factories (for paginated reads).
+    /// @return The count of trusted factories.
+    function factoriesLength() external view returns (uint256);
+    /// @notice Whether `account` was created through a currently trusted UAE
+    ///         Pass account factory.
+    /// @dev    Provenance check only — see the interface-level notes. Returns
+    ///         false for any address not deployed by a trusted factory.
+    /// @param account The address to check.
+    /// @return True if the account is of UAE Pass provenance.
+    function wasCreatedByUAEPass(address account) external view returns (bool);
+}

package/deployments/addresses.json ADDED Viewed

@@ -0,0 +1,17 @@
+{
+  "note": "Same-address deployment: every contract lives at the SAME address on every supported chain (CREATE2 via Arachnid's deterministic deployment proxy). The chain list below shares the single address set in `contracts`.",
+  "contracts": {
+    "credential": "0x8bA9eB1FF63DEd9145d341f316758e6Ca132Cb0e",
+    "registry": "0x9B66841644a49187b34660fEb05d057f7f4a3C4E",
+    "validator": "0x07656Fb863E3181664014124604f6fE5A2836206",
+    "factory": "0x3B56036FeE71527879E8a423DDcF327e08aD00A8",
+    "verifier": "0xDe29EFC7d5E21308a8AE2f95fE0946D96581427f",
+    "kernelFactory": "0xaac5D4240AF87249B3f71BC8E4A2cae074A3E419"
+  },
+  "chains": {
+    "137": { "name": "Polygon PoS", "network": "mainnet" },
+    "80002": { "name": "Polygon Amoy", "network": "testnet" },
+    "36900": { "name": "ADI", "network": "mainnet" },
+    "99999": { "name": "ADI", "network": "testnet" }
+  }
+}

package/package.json ADDED Viewed

@@ -0,0 +1,33 @@
+{
+  "name": "@naba-finance/uaepass",
+  "version": "0.1.0",
+  "description": "Solidity interfaces and deployment addresses for integrating UAE Pass on-chain identity (gate functionality on UAE Pass provenance).",
+  "license": "MIT",
+  "homepage": "https://github.com/Naba-Finance/uaepass-sdk#readme",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Naba-Finance/uaepass-sdk.git"
+  },
+  "bugs": {
+    "url": "https://github.com/Naba-Finance/uaepass-sdk/issues"
+  },
+  "keywords": [
+    "uaepass",
+    "solidity",
+    "ethereum",
+    "polygon",
+    "identity",
+    "account-abstraction",
+    "erc-4337",
+    "token-gating"
+  ],
+  "files": [
+    "contracts/**/*.sol",
+    "deployments/*.json",
+    "README.md",
+    "LICENSE"
+  ],
+  "publishConfig": {
+    "access": "public"
+  }
+}