@newton-xyz/policy-pack-blockaid 0.2.0 → 1.0.0

package/README.md

@@ -14,6 +14,8 @@ pnpm add @newton-xyz/policy-pack-blockaid
 
 | Export | Source | Purpose |
 |---|---|---|
+| `blockaid` (`PolicyPack<Params, WasmArgs, Secrets>`) | `pack.ts` | Canonical pack object; pass to `createShield(...)` from `@newton-xyz/newton-shield-sdk`. |
+| `prepareQuery`, `PrepareQueryOptions` | `prepare-query.ts` | Derives Blockaid `chain` from `publicClient.chain.id`; reads `from`/`to`/`value`/`data` from the SDK options bag. |
 | `WasmArgsSchema` (zod) + `WasmArgs` (type) | `wasm_args_schema.json` | Inputs the pack's WASM receives at evaluation time. |
 | `SecretsSchema` (zod) + `Secrets` (type) | `secrets_schema.json` | API credentials uploaded before run/sim. |
 | `ParamsSchema` (zod) + `Params` (type) | `params_schema.json` | Configuration thresholds, set at policy upload time. |
@@ -22,22 +24,7 @@ pnpm add @newton-xyz/policy-pack-blockaid
 
 ## Regeneration
 
-The `src/*` files are generated. Edit the upstream JSON schemas under [`/blockaid/`](../../blockaid/) and run `pnpm gen:bindings` from the repo root to regenerate.
+The generated `src/*` files (everything except `pack.ts` and `prepare-query.ts`) are emitted from the upstream JSON schemas. Edit the schemas under [`/blockaid/`](../../blockaid/) and run `pnpm gen:bindings` from the repo root to regenerate.
 
-The `package.json`, `tsconfig.json`, `tsup.config.ts`, and this README are scaffolded once and not overwritten on regen — you can hand-tune them.
-
-## Limitations
-
-This package ships **typed bindings only** — `params`, `wasmArgs`, `secrets`, and `deployments`. It does **not** export a canonical `PolicyPack` object yet, so it can't be passed to `createShield(...)` from `@newton-xyz/newton-shield-sdk`.
-
-Curators using this pack today thread the bindings through `NewtonShield.guardedCall` directly:
-
-```ts
-import { ParamsSchema, WasmArgsSchema, deployments } from '@newton-xyz/policy-pack-blockaid';
-
-const wasmArgs = WasmArgsSchema.parse({ /* ... */ });
-await shield.guardedCall({ to, data, functionSignature, wasmArgs });
-```
-
-A hand-written `pack.ts` exporting a typed `PolicyPack<Params, WasmArgs, Secrets>` will land when the pack's ABI tuple shape is coordinated with the AVS-side host that decodes `policyParams`. Track per-pack progress in the [`newton-policy-packs` issues](https://github.com/newt-foundation/newton-policy-packs/issues).
+The hand-written files, `package.json`, `tsconfig.json`, `tsup.config.ts`, and this README survive regen — you can hand-tune them.
 

package/dist/index.cjs

@@ -28,19 +28,21 @@ __export(index_exports, {
   ParamsSchema: () => ParamsSchema,
   SecretsSchema: () => SecretsSchema,
   WasmArgsSchema: () => WasmArgsSchema,
-  deployments: () => deployments
+  blockaid: () => blockaid,
+  deployments: () => deployments,
+  prepareQuery: () => prepareQuery
 });
 module.exports = __toCommonJS(index_exports);
 
 // src/deployments.ts
 var deployments = {
   "11155111": {
-    policy: "0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB",
-    policyData: "0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd",
-    wasmCid: "bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu",
-    policyCodeHash: "0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b",
-    deployedAt: "2026-06-09",
-    notes: "host-secrets fix; current"
+    policy: "0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3",
+    policyData: "0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6",
+    wasmCid: "bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va",
+    policyCodeHash: "0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273",
+    deployedAt: "2026-06-12",
+    notes: "round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync"
   }
 };
 
@@ -63,7 +65,47 @@ var ParamsSchema = import_zod.z.object({
   require_received_shares: import_zod.z.boolean().describe(
     "Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts."
   )
-}).describe("Thresholds for the Blockaid transaction-time exploit gate");
+}).describe("Thresholds for the Blockaid transaction-time exploit gate").strict();
+
+// src/prepare-query.ts
+var CHAIN_BY_ID = {
+  1: "ethereum",
+  8453: "base",
+  42161: "arbitrum",
+  10: "optimism",
+  137: "polygon",
+  56: "bsc",
+  11155111: "sepolia",
+  84532: "base-sepolia"
+};
+async function prepareQuery({ publicClient }, options) {
+  const chainId = publicClient.chain?.id;
+  if (chainId === void 0) {
+    throw new Error(
+      "policy-pack-blockaid: publicClient.chain is undefined. Pass a chain to viem's createPublicClient."
+    );
+  }
+  const chain = CHAIN_BY_ID[chainId];
+  if (!chain) {
+    throw new Error(
+      `policy-pack-blockaid: chain id ${chainId} is not in the Blockaid chain map. Add it to CHAIN_BY_ID before using this pack on this chain.`
+    );
+  }
+  if (!options?.from || !options?.to) {
+    throw new Error(
+      "policy-pack-blockaid: prepareQuery requires `from` and `to` in the options bag \u2014 these mirror the on-chain transaction the depositor is about to submit."
+    );
+  }
+  return {
+    wasmArgs: {
+      chain,
+      from: options.from,
+      to: options.to,
+      value: options.value,
+      data: options.data
+    }
+  };
+}
 
 // src/secrets.ts
 var import_zod2 = require("zod");
@@ -80,4 +122,21 @@ var WasmArgsSchema = import_zod3.z.object({
   ).optional(),
   data: import_zod3.z.string().describe("Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.").optional()
 }).describe("Inputs passed to the Blockaid policy WASM at evaluation time");
+
+// src/pack.ts
+var blockaid = {
+  id: `${PACK_NAME}/transaction-scan/v1`,
+  paramsSchema: ParamsSchema,
+  wasmArgsSchema: WasmArgsSchema,
+  secretsSchema: SecretsSchema,
+  prepareQuery,
+  deployments,
+  metadata: {
+    name: PACK_NAME,
+    version: PACK_VERSION,
+    description: PACK_DESCRIPTION,
+    author: PACK_AUTHOR || void 0,
+    link: PACK_LINK || void 0
+  }
+};
 //# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/index.ts","../src/deployments.ts","../src/metadata.ts","../src/params.ts","../src/secrets.ts","../src/wasm-args.ts"],"sourcesContent":["// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n\nexport * from \"./deployments\";\nexport * from \"./metadata\";\nexport * from \"./params\";\nexport * from \"./secrets\";\nexport * from \"./wasm-args\";\n// (no `pack.ts` yet — this pack ships generated bindings only. Add a hand-written `pack.ts`\n// exporting a `PolicyPack` from `@newton-xyz/policy-pack-shared` to make it usable with createShield.)\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nimport type { ChainId, Deployment } from \"@newton-xyz/policy-pack-shared\";\n\nexport const deployments = {\n\t\"11155111\": {\n\t\tpolicy: \"0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB\",\n\t\tpolicyData: \"0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd\",\n\t\twasmCid: \"bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu\",\n\t\tpolicyCodeHash: \"0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b\",\n\t\tdeployedAt: \"2026-06-09\",\n\t\tnotes: \"host-secrets fix; current\",\n\t},\n} as const satisfies Readonly<Partial<Record<ChainId, Deployment>>>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nexport const PACK_NAME = \"blockaid\" as const;\nexport const PACK_VERSION = \"0.0.1\" as const;\nexport const PACK_DESCRIPTION =\n\t\"Gates vault deposits at transaction-submission time using Blockaid's EVM transaction scan (validation + simulation) to catch malicious calldata, frontend-redirect attacks, and value-skim simulations\" as const;\nexport const PACK_LINK = \"https://www.blockaid.io\" as const;\nexport const PACK_AUTHOR = \"\" as const;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/params_schema.json\nimport { z } from \"zod\";\n\nexport const ParamsSchema = z\n\t.object({\n\t\tdeny_features: z\n\t\t\t.array(z.string())\n\t\t\t.describe(\n\t\t\t\t\"Blockaid feature ids that, if present on a Warning-classified transaction, deny the deposit (e.g. ['unbounded_approval','honeypot','phishing'])\",\n\t\t\t),\n\t\tmax_outbound_inbound_ratio: z\n\t\t\t.number()\n\t\t\t.describe(\n\t\t\t\t\"Maximum allowed simulated outbound-to-inbound USD value ratio. Above this, the transaction is treated as a value-skim and denied.\",\n\t\t\t),\n\t\trequire_received_shares: z\n\t\t\t.boolean()\n\t\t\t.describe(\n\t\t\t\t\"Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts.\",\n\t\t\t),\n\t})\n\t.describe(\"Thresholds for the Blockaid transaction-time exploit gate\");\n\nexport type Params = z.infer<typeof ParamsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/secrets_schema.json\nimport { z } from \"zod\";\n\nexport const SecretsSchema = z.object({ BLOCKAID_API_KEY: z.string().min(1) }).strict();\n\nexport type Secrets = z.infer<typeof SecretsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/wasm_args_schema.json\nimport { z } from \"zod\";\n\nexport const WasmArgsSchema = z\n\t.object({\n\t\tchain: z.string().describe(\"Blockaid chain identifier (e.g. 'ethereum', 'base', 'arbitrum').\"),\n\t\tfrom: z.string().describe(\"Sender / account address (0x-prefixed 20-byte address).\"),\n\t\tto: z.string().describe(\"Recipient or contract address being called (0x-prefixed).\"),\n\t\tvalue: z\n\t\t\t.string()\n\t\t\t.describe(\n\t\t\t\t\"Transaction value in wei as a 0x-prefixed hex string. Defaults to '0x0' when omitted.\",\n\t\t\t)\n\t\t\t.optional(),\n\t\tdata: z\n\t\t\t.string()\n\t\t\t.describe(\"Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.\")\n\t\t\t.optional(),\n\t})\n\t.describe(\"Inputs passed to the Blockaid policy WASM at evaluation time\");\n\nexport type WasmArgs = z.infer<typeof WasmArgsSchema>;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACIO,IAAM,cAAc;AAAA,EAC1B,YAAY;AAAA,IACX,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ,OAAO;AAAA,EACR;AACD;;;ACXO,IAAM,YAAY;AAClB,IAAM,eAAe;AACrB,IAAM,mBACZ;AACM,IAAM,YAAY;AAClB,IAAM,cAAc;;;ACJ3B,iBAAkB;AAEX,IAAM,eAAe,aAC1B,OAAO;AAAA,EACP,eAAe,aACb,MAAM,aAAE,OAAO,CAAC,EAChB;AAAA,IACA;AAAA,EACD;AAAA,EACD,4BAA4B,aAC1B,OAAO,EACP;AAAA,IACA;AAAA,EACD;AAAA,EACD,yBAAyB,aACvB,QAAQ,EACR;AAAA,IACA;AAAA,EACD;AACF,CAAC,EACA,SAAS,2DAA2D;;;ACpBtE,IAAAA,cAAkB;AAEX,IAAM,gBAAgB,cAAE,OAAO,EAAE,kBAAkB,cAAE,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,OAAO;;;ACFtF,IAAAC,cAAkB;AAEX,IAAM,iBAAiB,cAC5B,OAAO;AAAA,EACP,OAAO,cAAE,OAAO,EAAE,SAAS,kEAAkE;AAAA,EAC7F,MAAM,cAAE,OAAO,EAAE,SAAS,yDAAyD;AAAA,EACnF,IAAI,cAAE,OAAO,EAAE,SAAS,2DAA2D;AAAA,EACnF,OAAO,cACL,OAAO,EACP;AAAA,IACA;AAAA,EACD,EACC,SAAS;AAAA,EACX,MAAM,cACJ,OAAO,EACP,SAAS,kFAAkF,EAC3F,SAAS;AACZ,CAAC,EACA,SAAS,8DAA8D;","names":["import_zod","import_zod"]}
+{"version":3,"sources":["../src/index.ts","../src/deployments.ts","../src/metadata.ts","../src/params.ts","../src/prepare-query.ts","../src/secrets.ts","../src/wasm-args.ts","../src/pack.ts"],"sourcesContent":["// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n\nexport * from \"./deployments\";\nexport * from \"./metadata\";\nexport * from \"./pack\";\nexport * from \"./params\";\nexport * from \"./secrets\";\nexport * from \"./wasm-args\";\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nimport type { ChainId, Deployment } from \"@newton-xyz/policy-pack-shared\";\n\nexport const deployments = {\n\t\"11155111\": {\n\t\tpolicy: \"0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3\",\n\t\tpolicyData: \"0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6\",\n\t\twasmCid: \"bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va\",\n\t\tpolicyCodeHash: \"0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273\",\n\t\tdeployedAt: \"2026-06-12\",\n\t\tnotes: \"round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync\",\n\t},\n} as const satisfies Readonly<Partial<Record<ChainId, Deployment>>>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nexport const PACK_NAME = \"blockaid\" as const;\nexport const PACK_VERSION = \"0.0.1\" as const;\nexport const PACK_DESCRIPTION =\n\t\"Gates vault deposits at transaction-submission time using Blockaid's EVM transaction scan (validation + simulation) to catch malicious calldata, frontend-redirect attacks, and value-skim simulations\" as const;\nexport const PACK_LINK = \"https://www.blockaid.io\" as const;\nexport const PACK_AUTHOR = \"\" as const;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/params_schema.json\nimport { z } from \"zod\";\n\nexport const ParamsSchema = z\n\t.object({\n\t\tdeny_features: z\n\t\t\t.array(z.string())\n\t\t\t.describe(\n\t\t\t\t\"Blockaid feature ids that, if present on a Warning-classified transaction, deny the deposit (e.g. ['unbounded_approval','honeypot','phishing'])\",\n\t\t\t),\n\t\tmax_outbound_inbound_ratio: z\n\t\t\t.number()\n\t\t\t.describe(\n\t\t\t\t\"Maximum allowed simulated outbound-to-inbound USD value ratio. Above this, the transaction is treated as a value-skim and denied.\",\n\t\t\t),\n\t\trequire_received_shares: z\n\t\t\t.boolean()\n\t\t\t.describe(\n\t\t\t\t\"Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts.\",\n\t\t\t),\n\t})\n\t.describe(\"Thresholds for the Blockaid transaction-time exploit gate\")\n\t.strict();\n\nexport type Params = z.infer<typeof ParamsSchema>;\n","import type { PrepareQueryArgs, PrepareQueryResult } from \"@newton-xyz/policy-pack-shared\";\nimport type { WasmArgs } from \"./wasm-args\";\n\n/**\n * Blockaid maps EVM chain id → its own chain identifier slug. Keep this\n * aligned with whatever the AVS-side `policy.js` posts to Blockaid; if you\n * extend it, extend both sides together.\n */\nconst CHAIN_BY_ID: Readonly<Record<number, string>> = {\n\t1: \"ethereum\",\n\t8453: \"base\",\n\t42161: \"arbitrum\",\n\t10: \"optimism\",\n\t137: \"polygon\",\n\t56: \"bsc\",\n\t11155111: \"sepolia\",\n\t84532: \"base-sepolia\",\n};\n\n/**\n * Per-call inputs for Blockaid: every wasmArg (`from`, `to`, `value`, `data`)\n * mirrors the on-chain transaction the depositor is about to submit, so it\n * has to come from the SDK's intent context — `PrepareQueryArgs` (which only\n * carries `publicClient` + `vault`) doesn't have any of it. The SDK forwards\n * these via `prepareQuery`'s second `options` arg (introduced in NEWT-1499).\n *\n * `chain` is derived from `publicClient.chain.id` so curators don't have to\n * keep the Blockaid slug list in sync separately.\n */\nexport interface PrepareQueryOptions {\n\treadonly from: string;\n\treadonly to: string;\n\treadonly value?: string;\n\treadonly data?: string;\n}\n\nexport async function prepareQuery(\n\t{ publicClient }: PrepareQueryArgs,\n\toptions?: PrepareQueryOptions,\n): Promise<PrepareQueryResult<WasmArgs>> {\n\tconst chainId = publicClient.chain?.id;\n\tif (chainId === undefined) {\n\t\tthrow new Error(\n\t\t\t\"policy-pack-blockaid: publicClient.chain is undefined. Pass a chain to viem's createPublicClient.\",\n\t\t);\n\t}\n\tconst chain = CHAIN_BY_ID[chainId];\n\tif (!chain) {\n\t\tthrow new Error(\n\t\t\t`policy-pack-blockaid: chain id ${chainId} is not in the Blockaid chain map. Add it to CHAIN_BY_ID before using this pack on this chain.`,\n\t\t);\n\t}\n\tif (!options?.from || !options?.to) {\n\t\tthrow new Error(\n\t\t\t\"policy-pack-blockaid: prepareQuery requires `from` and `to` in the options bag — these mirror the on-chain transaction the depositor is about to submit.\",\n\t\t);\n\t}\n\n\treturn {\n\t\twasmArgs: {\n\t\t\tchain,\n\t\t\tfrom: options.from,\n\t\t\tto: options.to,\n\t\t\tvalue: options.value,\n\t\t\tdata: options.data,\n\t\t},\n\t};\n}\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/secrets_schema.json\nimport { z } from \"zod\";\n\nexport const SecretsSchema = z.object({ BLOCKAID_API_KEY: z.string().min(1) }).strict();\n\nexport type Secrets = z.infer<typeof SecretsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/wasm_args_schema.json\nimport { z } from \"zod\";\n\nexport const WasmArgsSchema = z\n\t.object({\n\t\tchain: z.string().describe(\"Blockaid chain identifier (e.g. 'ethereum', 'base', 'arbitrum').\"),\n\t\tfrom: z.string().describe(\"Sender / account address (0x-prefixed 20-byte address).\"),\n\t\tto: z.string().describe(\"Recipient or contract address being called (0x-prefixed).\"),\n\t\tvalue: z\n\t\t\t.string()\n\t\t\t.describe(\n\t\t\t\t\"Transaction value in wei as a 0x-prefixed hex string. Defaults to '0x0' when omitted.\",\n\t\t\t)\n\t\t\t.optional(),\n\t\tdata: z\n\t\t\t.string()\n\t\t\t.describe(\"Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.\")\n\t\t\t.optional(),\n\t})\n\t.describe(\"Inputs passed to the Blockaid policy WASM at evaluation time\");\n\nexport type WasmArgs = z.infer<typeof WasmArgsSchema>;\n","// Hand-written canonical export — survives `pnpm gen:bindings` regen.\n// The generated `index.ts` re-exports `pack.ts` when present.\nimport type { PolicyPack } from \"@newton-xyz/policy-pack-shared\";\nimport { deployments } from \"./deployments\";\nimport { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION } from \"./metadata\";\nimport { type Params, ParamsSchema } from \"./params\";\nimport { prepareQuery } from \"./prepare-query\";\nimport { type Secrets, SecretsSchema } from \"./secrets\";\nimport { type WasmArgs, WasmArgsSchema } from \"./wasm-args\";\n\nexport { type PrepareQueryOptions, prepareQuery } from \"./prepare-query\";\n\n/**\n * The Blockaid transaction-scan `PolicyPack`.\n *\n * Pass to `createShield(...)` from `@newton-xyz/newton-shield-sdk`. Encoding\n * for the on-chain `policyParams` blob is handled by `encodePolicyParams` /\n * `decodePolicyParams` in `@newton-xyz/policy-pack-shared` (UTF-8 JSON,\n * sorted keys) — not per-pack.\n *\n * `prepareQuery` derives the Blockaid `chain` slug from `publicClient.chain.id`\n * and reads `from`/`to`/`value`/`data` from the SDK's per-call options bag —\n * these mirror the on-chain transaction the depositor is about to submit, so\n * they can't be inferred from `PrepareQueryArgs` alone.\n */\nexport const blockaid: PolicyPack<Params, WasmArgs, Secrets> = {\n\tid: `${PACK_NAME}/transaction-scan/v1`,\n\tparamsSchema: ParamsSchema,\n\twasmArgsSchema: WasmArgsSchema,\n\tsecretsSchema: SecretsSchema,\n\tprepareQuery,\n\tdeployments,\n\tmetadata: {\n\t\tname: PACK_NAME,\n\t\tversion: PACK_VERSION,\n\t\tdescription: PACK_DESCRIPTION,\n\t\tauthor: PACK_AUTHOR || undefined,\n\t\tlink: PACK_LINK || undefined,\n\t},\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACIO,IAAM,cAAc;AAAA,EAC1B,YAAY;AAAA,IACX,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ,OAAO;AAAA,EACR;AACD;;;ACXO,IAAM,YAAY;AAClB,IAAM,eAAe;AACrB,IAAM,mBACZ;AACM,IAAM,YAAY;AAClB,IAAM,cAAc;;;ACJ3B,iBAAkB;AAEX,IAAM,eAAe,aAC1B,OAAO;AAAA,EACP,eAAe,aACb,MAAM,aAAE,OAAO,CAAC,EAChB;AAAA,IACA;AAAA,EACD;AAAA,EACD,4BAA4B,aAC1B,OAAO,EACP;AAAA,IACA;AAAA,EACD;AAAA,EACD,yBAAyB,aACvB,QAAQ,EACR;AAAA,IACA;AAAA,EACD;AACF,CAAC,EACA,SAAS,2DAA2D,EACpE,OAAO;;;AChBT,IAAM,cAAgD;AAAA,EACrD,GAAG;AAAA,EACH,MAAM;AAAA,EACN,OAAO;AAAA,EACP,IAAI;AAAA,EACJ,KAAK;AAAA,EACL,IAAI;AAAA,EACJ,UAAU;AAAA,EACV,OAAO;AACR;AAmBA,eAAsB,aACrB,EAAE,aAAa,GACf,SACwC;AACxC,QAAM,UAAU,aAAa,OAAO;AACpC,MAAI,YAAY,QAAW;AAC1B,UAAM,IAAI;AAAA,MACT;AAAA,IACD;AAAA,EACD;AACA,QAAM,QAAQ,YAAY,OAAO;AACjC,MAAI,CAAC,OAAO;AACX,UAAM,IAAI;AAAA,MACT,kCAAkC,OAAO;AAAA,IAC1C;AAAA,EACD;AACA,MAAI,CAAC,SAAS,QAAQ,CAAC,SAAS,IAAI;AACnC,UAAM,IAAI;AAAA,MACT;AAAA,IACD;AAAA,EACD;AAEA,SAAO;AAAA,IACN,UAAU;AAAA,MACT;AAAA,MACA,MAAM,QAAQ;AAAA,MACd,IAAI,QAAQ;AAAA,MACZ,OAAO,QAAQ;AAAA,MACf,MAAM,QAAQ;AAAA,IACf;AAAA,EACD;AACD;;;AChEA,IAAAA,cAAkB;AAEX,IAAM,gBAAgB,cAAE,OAAO,EAAE,kBAAkB,cAAE,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,OAAO;;;ACFtF,IAAAC,cAAkB;AAEX,IAAM,iBAAiB,cAC5B,OAAO;AAAA,EACP,OAAO,cAAE,OAAO,EAAE,SAAS,kEAAkE;AAAA,EAC7F,MAAM,cAAE,OAAO,EAAE,SAAS,yDAAyD;AAAA,EACnF,IAAI,cAAE,OAAO,EAAE,SAAS,2DAA2D;AAAA,EACnF,OAAO,cACL,OAAO,EACP;AAAA,IACA;AAAA,EACD,EACC,SAAS;AAAA,EACX,MAAM,cACJ,OAAO,EACP,SAAS,kFAAkF,EAC3F,SAAS;AACZ,CAAC,EACA,SAAS,8DAA8D;;;ACIlE,IAAM,WAAkD;AAAA,EAC9D,IAAI,GAAG,SAAS;AAAA,EAChB,cAAc;AAAA,EACd,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf;AAAA,EACA;AAAA,EACA,UAAU;AAAA,IACT,MAAM;AAAA,IACN,SAAS;AAAA,IACT,aAAa;AAAA,IACb,QAAQ,eAAe;AAAA,IACvB,MAAM,aAAa;AAAA,EACpB;AACD;","names":["import_zod","import_zod"]}

package/dist/index.d.cts

@@ -1,13 +1,14 @@
+import { PrepareQueryArgs, PrepareQueryResult, PolicyPack } from '@newton-xyz/policy-pack-shared';
 import { z } from 'zod';
 
 declare const deployments: {
     readonly "11155111": {
-        readonly policy: "0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB";
-        readonly policyData: "0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd";
-        readonly wasmCid: "bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu";
-        readonly policyCodeHash: "0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b";
-        readonly deployedAt: "2026-06-09";
-        readonly notes: "host-secrets fix; current";
+        readonly policy: "0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3";
+        readonly policyData: "0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6";
+        readonly wasmCid: "bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va";
+        readonly policyCodeHash: "0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273";
+        readonly deployedAt: "2026-06-12";
+        readonly notes: "round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync";
     };
 };
 
@@ -21,7 +22,7 @@ declare const ParamsSchema: z.ZodObject<{
     deny_features: z.ZodArray<z.ZodString, "many">;
     max_outbound_inbound_ratio: z.ZodNumber;
     require_received_shares: z.ZodBoolean;
-}, "strip", z.ZodTypeAny, {
+}, "strict", z.ZodTypeAny, {
     deny_features: string[];
     max_outbound_inbound_ratio: number;
     require_received_shares: boolean;
@@ -62,4 +63,37 @@ declare const WasmArgsSchema: z.ZodObject<{
 }>;
 type WasmArgs = z.infer<typeof WasmArgsSchema>;
 
-export { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION, type Params, ParamsSchema, type Secrets, SecretsSchema, type WasmArgs, WasmArgsSchema, deployments };
+/**
+ * Per-call inputs for Blockaid: every wasmArg (`from`, `to`, `value`, `data`)
+ * mirrors the on-chain transaction the depositor is about to submit, so it
+ * has to come from the SDK's intent context — `PrepareQueryArgs` (which only
+ * carries `publicClient` + `vault`) doesn't have any of it. The SDK forwards
+ * these via `prepareQuery`'s second `options` arg (introduced in NEWT-1499).
+ *
+ * `chain` is derived from `publicClient.chain.id` so curators don't have to
+ * keep the Blockaid slug list in sync separately.
+ */
+interface PrepareQueryOptions {
+    readonly from: string;
+    readonly to: string;
+    readonly value?: string;
+    readonly data?: string;
+}
+declare function prepareQuery({ publicClient }: PrepareQueryArgs, options?: PrepareQueryOptions): Promise<PrepareQueryResult<WasmArgs>>;
+
+/**
+ * The Blockaid transaction-scan `PolicyPack`.
+ *
+ * Pass to `createShield(...)` from `@newton-xyz/newton-shield-sdk`. Encoding
+ * for the on-chain `policyParams` blob is handled by `encodePolicyParams` /
+ * `decodePolicyParams` in `@newton-xyz/policy-pack-shared` (UTF-8 JSON,
+ * sorted keys) — not per-pack.
+ *
+ * `prepareQuery` derives the Blockaid `chain` slug from `publicClient.chain.id`
+ * and reads `from`/`to`/`value`/`data` from the SDK's per-call options bag —
+ * these mirror the on-chain transaction the depositor is about to submit, so
+ * they can't be inferred from `PrepareQueryArgs` alone.
+ */
+declare const blockaid: PolicyPack<Params, WasmArgs, Secrets>;
+
+export { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION, type Params, ParamsSchema, type PrepareQueryOptions, type Secrets, SecretsSchema, type WasmArgs, WasmArgsSchema, blockaid, deployments, prepareQuery };

package/dist/index.d.ts

@@ -1,13 +1,14 @@
+import { PrepareQueryArgs, PrepareQueryResult, PolicyPack } from '@newton-xyz/policy-pack-shared';
 import { z } from 'zod';
 
 declare const deployments: {
     readonly "11155111": {
-        readonly policy: "0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB";
-        readonly policyData: "0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd";
-        readonly wasmCid: "bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu";
-        readonly policyCodeHash: "0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b";
-        readonly deployedAt: "2026-06-09";
-        readonly notes: "host-secrets fix; current";
+        readonly policy: "0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3";
+        readonly policyData: "0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6";
+        readonly wasmCid: "bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va";
+        readonly policyCodeHash: "0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273";
+        readonly deployedAt: "2026-06-12";
+        readonly notes: "round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync";
     };
 };
 
@@ -21,7 +22,7 @@ declare const ParamsSchema: z.ZodObject<{
     deny_features: z.ZodArray<z.ZodString, "many">;
     max_outbound_inbound_ratio: z.ZodNumber;
     require_received_shares: z.ZodBoolean;
-}, "strip", z.ZodTypeAny, {
+}, "strict", z.ZodTypeAny, {
     deny_features: string[];
     max_outbound_inbound_ratio: number;
     require_received_shares: boolean;
@@ -62,4 +63,37 @@ declare const WasmArgsSchema: z.ZodObject<{
 }>;
 type WasmArgs = z.infer<typeof WasmArgsSchema>;
 
-export { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION, type Params, ParamsSchema, type Secrets, SecretsSchema, type WasmArgs, WasmArgsSchema, deployments };
+/**
+ * Per-call inputs for Blockaid: every wasmArg (`from`, `to`, `value`, `data`)
+ * mirrors the on-chain transaction the depositor is about to submit, so it
+ * has to come from the SDK's intent context — `PrepareQueryArgs` (which only
+ * carries `publicClient` + `vault`) doesn't have any of it. The SDK forwards
+ * these via `prepareQuery`'s second `options` arg (introduced in NEWT-1499).
+ *
+ * `chain` is derived from `publicClient.chain.id` so curators don't have to
+ * keep the Blockaid slug list in sync separately.
+ */
+interface PrepareQueryOptions {
+    readonly from: string;
+    readonly to: string;
+    readonly value?: string;
+    readonly data?: string;
+}
+declare function prepareQuery({ publicClient }: PrepareQueryArgs, options?: PrepareQueryOptions): Promise<PrepareQueryResult<WasmArgs>>;
+
+/**
+ * The Blockaid transaction-scan `PolicyPack`.
+ *
+ * Pass to `createShield(...)` from `@newton-xyz/newton-shield-sdk`. Encoding
+ * for the on-chain `policyParams` blob is handled by `encodePolicyParams` /
+ * `decodePolicyParams` in `@newton-xyz/policy-pack-shared` (UTF-8 JSON,
+ * sorted keys) — not per-pack.
+ *
+ * `prepareQuery` derives the Blockaid `chain` slug from `publicClient.chain.id`
+ * and reads `from`/`to`/`value`/`data` from the SDK's per-call options bag —
+ * these mirror the on-chain transaction the depositor is about to submit, so
+ * they can't be inferred from `PrepareQueryArgs` alone.
+ */
+declare const blockaid: PolicyPack<Params, WasmArgs, Secrets>;
+
+export { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION, type Params, ParamsSchema, type PrepareQueryOptions, type Secrets, SecretsSchema, type WasmArgs, WasmArgsSchema, blockaid, deployments, prepareQuery };

package/dist/index.js

@@ -1,12 +1,12 @@
 // src/deployments.ts
 var deployments = {
   "11155111": {
-    policy: "0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB",
-    policyData: "0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd",
-    wasmCid: "bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu",
-    policyCodeHash: "0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b",
-    deployedAt: "2026-06-09",
-    notes: "host-secrets fix; current"
+    policy: "0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3",
+    policyData: "0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6",
+    wasmCid: "bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va",
+    policyCodeHash: "0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273",
+    deployedAt: "2026-06-12",
+    notes: "round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync"
   }
 };
 
@@ -29,7 +29,47 @@ var ParamsSchema = z.object({
   require_received_shares: z.boolean().describe(
     "Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts."
   )
-}).describe("Thresholds for the Blockaid transaction-time exploit gate");
+}).describe("Thresholds for the Blockaid transaction-time exploit gate").strict();
+
+// src/prepare-query.ts
+var CHAIN_BY_ID = {
+  1: "ethereum",
+  8453: "base",
+  42161: "arbitrum",
+  10: "optimism",
+  137: "polygon",
+  56: "bsc",
+  11155111: "sepolia",
+  84532: "base-sepolia"
+};
+async function prepareQuery({ publicClient }, options) {
+  const chainId = publicClient.chain?.id;
+  if (chainId === void 0) {
+    throw new Error(
+      "policy-pack-blockaid: publicClient.chain is undefined. Pass a chain to viem's createPublicClient."
+    );
+  }
+  const chain = CHAIN_BY_ID[chainId];
+  if (!chain) {
+    throw new Error(
+      `policy-pack-blockaid: chain id ${chainId} is not in the Blockaid chain map. Add it to CHAIN_BY_ID before using this pack on this chain.`
+    );
+  }
+  if (!options?.from || !options?.to) {
+    throw new Error(
+      "policy-pack-blockaid: prepareQuery requires `from` and `to` in the options bag \u2014 these mirror the on-chain transaction the depositor is about to submit."
+    );
+  }
+  return {
+    wasmArgs: {
+      chain,
+      from: options.from,
+      to: options.to,
+      value: options.value,
+      data: options.data
+    }
+  };
+}
 
 // src/secrets.ts
 import { z as z2 } from "zod";
@@ -46,6 +86,23 @@ var WasmArgsSchema = z3.object({
   ).optional(),
   data: z3.string().describe("Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.").optional()
 }).describe("Inputs passed to the Blockaid policy WASM at evaluation time");
+
+// src/pack.ts
+var blockaid = {
+  id: `${PACK_NAME}/transaction-scan/v1`,
+  paramsSchema: ParamsSchema,
+  wasmArgsSchema: WasmArgsSchema,
+  secretsSchema: SecretsSchema,
+  prepareQuery,
+  deployments,
+  metadata: {
+    name: PACK_NAME,
+    version: PACK_VERSION,
+    description: PACK_DESCRIPTION,
+    author: PACK_AUTHOR || void 0,
+    link: PACK_LINK || void 0
+  }
+};
 export {
   PACK_AUTHOR,
   PACK_DESCRIPTION,
@@ -55,6 +112,8 @@ export {
   ParamsSchema,
   SecretsSchema,
   WasmArgsSchema,
-  deployments
+  blockaid,
+  deployments,
+  prepareQuery
 };
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/deployments.ts","../src/metadata.ts","../src/params.ts","../src/secrets.ts","../src/wasm-args.ts"],"sourcesContent":["// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nimport type { ChainId, Deployment } from \"@newton-xyz/policy-pack-shared\";\n\nexport const deployments = {\n\t\"11155111\": {\n\t\tpolicy: \"0xDAE3CE926e840c37df4B22760C914Ebf28b6AAeB\",\n\t\tpolicyData: \"0x6e78B8B9C85af4bf55669542ed2EC06708E050Dd\",\n\t\twasmCid: \"bafybeieptmlitpdrbhwfnrp4xvtndn27w62yf65m6bl76smchupa5lkplu\",\n\t\tpolicyCodeHash: \"0xff9d1dc67037ee072f6a0fa32854f61352156c2c61473aae7e94864c737d266b\",\n\t\tdeployedAt: \"2026-06-09\",\n\t\tnotes: \"host-secrets fix; current\",\n\t},\n} as const satisfies Readonly<Partial<Record<ChainId, Deployment>>>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nexport const PACK_NAME = \"blockaid\" as const;\nexport const PACK_VERSION = \"0.0.1\" as const;\nexport const PACK_DESCRIPTION =\n\t\"Gates vault deposits at transaction-submission time using Blockaid's EVM transaction scan (validation + simulation) to catch malicious calldata, frontend-redirect attacks, and value-skim simulations\" as const;\nexport const PACK_LINK = \"https://www.blockaid.io\" as const;\nexport const PACK_AUTHOR = \"\" as const;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/params_schema.json\nimport { z } from \"zod\";\n\nexport const ParamsSchema = z\n\t.object({\n\t\tdeny_features: z\n\t\t\t.array(z.string())\n\t\t\t.describe(\n\t\t\t\t\"Blockaid feature ids that, if present on a Warning-classified transaction, deny the deposit (e.g. ['unbounded_approval','honeypot','phishing'])\",\n\t\t\t),\n\t\tmax_outbound_inbound_ratio: z\n\t\t\t.number()\n\t\t\t.describe(\n\t\t\t\t\"Maximum allowed simulated outbound-to-inbound USD value ratio. Above this, the transaction is treated as a value-skim and denied.\",\n\t\t\t),\n\t\trequire_received_shares: z\n\t\t\t.boolean()\n\t\t\t.describe(\n\t\t\t\t\"Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts.\",\n\t\t\t),\n\t})\n\t.describe(\"Thresholds for the Blockaid transaction-time exploit gate\");\n\nexport type Params = z.infer<typeof ParamsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/secrets_schema.json\nimport { z } from \"zod\";\n\nexport const SecretsSchema = z.object({ BLOCKAID_API_KEY: z.string().min(1) }).strict();\n\nexport type Secrets = z.infer<typeof SecretsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/wasm_args_schema.json\nimport { z } from \"zod\";\n\nexport const WasmArgsSchema = z\n\t.object({\n\t\tchain: z.string().describe(\"Blockaid chain identifier (e.g. 'ethereum', 'base', 'arbitrum').\"),\n\t\tfrom: z.string().describe(\"Sender / account address (0x-prefixed 20-byte address).\"),\n\t\tto: z.string().describe(\"Recipient or contract address being called (0x-prefixed).\"),\n\t\tvalue: z\n\t\t\t.string()\n\t\t\t.describe(\n\t\t\t\t\"Transaction value in wei as a 0x-prefixed hex string. Defaults to '0x0' when omitted.\",\n\t\t\t)\n\t\t\t.optional(),\n\t\tdata: z\n\t\t\t.string()\n\t\t\t.describe(\"Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.\")\n\t\t\t.optional(),\n\t})\n\t.describe(\"Inputs passed to the Blockaid policy WASM at evaluation time\");\n\nexport type WasmArgs = z.infer<typeof WasmArgsSchema>;\n"],"mappings":";AAIO,IAAM,cAAc;AAAA,EAC1B,YAAY;AAAA,IACX,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ,OAAO;AAAA,EACR;AACD;;;ACXO,IAAM,YAAY;AAClB,IAAM,eAAe;AACrB,IAAM,mBACZ;AACM,IAAM,YAAY;AAClB,IAAM,cAAc;;;ACJ3B,SAAS,SAAS;AAEX,IAAM,eAAe,EAC1B,OAAO;AAAA,EACP,eAAe,EACb,MAAM,EAAE,OAAO,CAAC,EAChB;AAAA,IACA;AAAA,EACD;AAAA,EACD,4BAA4B,EAC1B,OAAO,EACP;AAAA,IACA;AAAA,EACD;AAAA,EACD,yBAAyB,EACvB,QAAQ,EACR;AAAA,IACA;AAAA,EACD;AACF,CAAC,EACA,SAAS,2DAA2D;;;ACpBtE,SAAS,KAAAA,UAAS;AAEX,IAAM,gBAAgBA,GAAE,OAAO,EAAE,kBAAkBA,GAAE,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,OAAO;;;ACFtF,SAAS,KAAAC,UAAS;AAEX,IAAM,iBAAiBA,GAC5B,OAAO;AAAA,EACP,OAAOA,GAAE,OAAO,EAAE,SAAS,kEAAkE;AAAA,EAC7F,MAAMA,GAAE,OAAO,EAAE,SAAS,yDAAyD;AAAA,EACnF,IAAIA,GAAE,OAAO,EAAE,SAAS,2DAA2D;AAAA,EACnF,OAAOA,GACL,OAAO,EACP;AAAA,IACA;AAAA,EACD,EACC,SAAS;AAAA,EACX,MAAMA,GACJ,OAAO,EACP,SAAS,kFAAkF,EAC3F,SAAS;AACZ,CAAC,EACA,SAAS,8DAA8D;","names":["z","z"]}
+{"version":3,"sources":["../src/deployments.ts","../src/metadata.ts","../src/params.ts","../src/prepare-query.ts","../src/secrets.ts","../src/wasm-args.ts","../src/pack.ts"],"sourcesContent":["// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nimport type { ChainId, Deployment } from \"@newton-xyz/policy-pack-shared\";\n\nexport const deployments = {\n\t\"11155111\": {\n\t\tpolicy: \"0x389ADa033D00dA6b59d9aF6aBe2b2DBcDD0DDBb3\",\n\t\tpolicyData: \"0xFEA8a5bC90c01ca26C9b49B9288774eBbd4b06a6\",\n\t\twasmCid: \"bafybeief35ucfgdhqek62hsrvc2ndms3qrbguuntbxs2hg4ialgu5ly7va\",\n\t\tpolicyCodeHash: \"0xc40c81729d42f6c642532f354aeddcb7ca950905c3a213d0449f7cf5063bc273\",\n\t\tdeployedAt: \"2026-06-12\",\n\t\tnotes: \"round 2: tightened blockaid/guardrail/webacy allow rules; source-of-truth dist sync\",\n\t},\n} as const satisfies Readonly<Partial<Record<ChainId, Deployment>>>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\nexport const PACK_NAME = \"blockaid\" as const;\nexport const PACK_VERSION = \"0.0.1\" as const;\nexport const PACK_DESCRIPTION =\n\t\"Gates vault deposits at transaction-submission time using Blockaid's EVM transaction scan (validation + simulation) to catch malicious calldata, frontend-redirect attacks, and value-skim simulations\" as const;\nexport const PACK_LINK = \"https://www.blockaid.io\" as const;\nexport const PACK_AUTHOR = \"\" as const;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/params_schema.json\nimport { z } from \"zod\";\n\nexport const ParamsSchema = z\n\t.object({\n\t\tdeny_features: z\n\t\t\t.array(z.string())\n\t\t\t.describe(\n\t\t\t\t\"Blockaid feature ids that, if present on a Warning-classified transaction, deny the deposit (e.g. ['unbounded_approval','honeypot','phishing'])\",\n\t\t\t),\n\t\tmax_outbound_inbound_ratio: z\n\t\t\t.number()\n\t\t\t.describe(\n\t\t\t\t\"Maximum allowed simulated outbound-to-inbound USD value ratio. Above this, the transaction is treated as a value-skim and denied.\",\n\t\t\t),\n\t\trequire_received_shares: z\n\t\t\t.boolean()\n\t\t\t.describe(\n\t\t\t\t\"Deny if the simulated state-diff shows the depositor receives no inbound asset (vault shares). Catches contracts that take funds without minting receipts.\",\n\t\t\t),\n\t})\n\t.describe(\"Thresholds for the Blockaid transaction-time exploit gate\")\n\t.strict();\n\nexport type Params = z.infer<typeof ParamsSchema>;\n","import type { PrepareQueryArgs, PrepareQueryResult } from \"@newton-xyz/policy-pack-shared\";\nimport type { WasmArgs } from \"./wasm-args\";\n\n/**\n * Blockaid maps EVM chain id → its own chain identifier slug. Keep this\n * aligned with whatever the AVS-side `policy.js` posts to Blockaid; if you\n * extend it, extend both sides together.\n */\nconst CHAIN_BY_ID: Readonly<Record<number, string>> = {\n\t1: \"ethereum\",\n\t8453: \"base\",\n\t42161: \"arbitrum\",\n\t10: \"optimism\",\n\t137: \"polygon\",\n\t56: \"bsc\",\n\t11155111: \"sepolia\",\n\t84532: \"base-sepolia\",\n};\n\n/**\n * Per-call inputs for Blockaid: every wasmArg (`from`, `to`, `value`, `data`)\n * mirrors the on-chain transaction the depositor is about to submit, so it\n * has to come from the SDK's intent context — `PrepareQueryArgs` (which only\n * carries `publicClient` + `vault`) doesn't have any of it. The SDK forwards\n * these via `prepareQuery`'s second `options` arg (introduced in NEWT-1499).\n *\n * `chain` is derived from `publicClient.chain.id` so curators don't have to\n * keep the Blockaid slug list in sync separately.\n */\nexport interface PrepareQueryOptions {\n\treadonly from: string;\n\treadonly to: string;\n\treadonly value?: string;\n\treadonly data?: string;\n}\n\nexport async function prepareQuery(\n\t{ publicClient }: PrepareQueryArgs,\n\toptions?: PrepareQueryOptions,\n): Promise<PrepareQueryResult<WasmArgs>> {\n\tconst chainId = publicClient.chain?.id;\n\tif (chainId === undefined) {\n\t\tthrow new Error(\n\t\t\t\"policy-pack-blockaid: publicClient.chain is undefined. Pass a chain to viem's createPublicClient.\",\n\t\t);\n\t}\n\tconst chain = CHAIN_BY_ID[chainId];\n\tif (!chain) {\n\t\tthrow new Error(\n\t\t\t`policy-pack-blockaid: chain id ${chainId} is not in the Blockaid chain map. Add it to CHAIN_BY_ID before using this pack on this chain.`,\n\t\t);\n\t}\n\tif (!options?.from || !options?.to) {\n\t\tthrow new Error(\n\t\t\t\"policy-pack-blockaid: prepareQuery requires `from` and `to` in the options bag — these mirror the on-chain transaction the depositor is about to submit.\",\n\t\t);\n\t}\n\n\treturn {\n\t\twasmArgs: {\n\t\t\tchain,\n\t\t\tfrom: options.from,\n\t\t\tto: options.to,\n\t\t\tvalue: options.value,\n\t\t\tdata: options.data,\n\t\t},\n\t};\n}\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/secrets_schema.json\nimport { z } from \"zod\";\n\nexport const SecretsSchema = z.object({ BLOCKAID_API_KEY: z.string().min(1) }).strict();\n\nexport type Secrets = z.infer<typeof SecretsSchema>;\n","// AUTO-GENERATED by scripts/generate-bindings.ts — DO NOT EDIT.\n// Source: AVS-side artifacts in this repo (run `pnpm gen:bindings` to regenerate).\n// Source schema: blockaid/wasm_args_schema.json\nimport { z } from \"zod\";\n\nexport const WasmArgsSchema = z\n\t.object({\n\t\tchain: z.string().describe(\"Blockaid chain identifier (e.g. 'ethereum', 'base', 'arbitrum').\"),\n\t\tfrom: z.string().describe(\"Sender / account address (0x-prefixed 20-byte address).\"),\n\t\tto: z.string().describe(\"Recipient or contract address being called (0x-prefixed).\"),\n\t\tvalue: z\n\t\t\t.string()\n\t\t\t.describe(\n\t\t\t\t\"Transaction value in wei as a 0x-prefixed hex string. Defaults to '0x0' when omitted.\",\n\t\t\t)\n\t\t\t.optional(),\n\t\tdata: z\n\t\t\t.string()\n\t\t\t.describe(\"Transaction calldata as a 0x-prefixed hex string. Defaults to '0x' when omitted.\")\n\t\t\t.optional(),\n\t})\n\t.describe(\"Inputs passed to the Blockaid policy WASM at evaluation time\");\n\nexport type WasmArgs = z.infer<typeof WasmArgsSchema>;\n","// Hand-written canonical export — survives `pnpm gen:bindings` regen.\n// The generated `index.ts` re-exports `pack.ts` when present.\nimport type { PolicyPack } from \"@newton-xyz/policy-pack-shared\";\nimport { deployments } from \"./deployments\";\nimport { PACK_AUTHOR, PACK_DESCRIPTION, PACK_LINK, PACK_NAME, PACK_VERSION } from \"./metadata\";\nimport { type Params, ParamsSchema } from \"./params\";\nimport { prepareQuery } from \"./prepare-query\";\nimport { type Secrets, SecretsSchema } from \"./secrets\";\nimport { type WasmArgs, WasmArgsSchema } from \"./wasm-args\";\n\nexport { type PrepareQueryOptions, prepareQuery } from \"./prepare-query\";\n\n/**\n * The Blockaid transaction-scan `PolicyPack`.\n *\n * Pass to `createShield(...)` from `@newton-xyz/newton-shield-sdk`. Encoding\n * for the on-chain `policyParams` blob is handled by `encodePolicyParams` /\n * `decodePolicyParams` in `@newton-xyz/policy-pack-shared` (UTF-8 JSON,\n * sorted keys) — not per-pack.\n *\n * `prepareQuery` derives the Blockaid `chain` slug from `publicClient.chain.id`\n * and reads `from`/`to`/`value`/`data` from the SDK's per-call options bag —\n * these mirror the on-chain transaction the depositor is about to submit, so\n * they can't be inferred from `PrepareQueryArgs` alone.\n */\nexport const blockaid: PolicyPack<Params, WasmArgs, Secrets> = {\n\tid: `${PACK_NAME}/transaction-scan/v1`,\n\tparamsSchema: ParamsSchema,\n\twasmArgsSchema: WasmArgsSchema,\n\tsecretsSchema: SecretsSchema,\n\tprepareQuery,\n\tdeployments,\n\tmetadata: {\n\t\tname: PACK_NAME,\n\t\tversion: PACK_VERSION,\n\t\tdescription: PACK_DESCRIPTION,\n\t\tauthor: PACK_AUTHOR || undefined,\n\t\tlink: PACK_LINK || undefined,\n\t},\n};\n"],"mappings":";AAIO,IAAM,cAAc;AAAA,EAC1B,YAAY;AAAA,IACX,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ,OAAO;AAAA,EACR;AACD;;;ACXO,IAAM,YAAY;AAClB,IAAM,eAAe;AACrB,IAAM,mBACZ;AACM,IAAM,YAAY;AAClB,IAAM,cAAc;;;ACJ3B,SAAS,SAAS;AAEX,IAAM,eAAe,EAC1B,OAAO;AAAA,EACP,eAAe,EACb,MAAM,EAAE,OAAO,CAAC,EAChB;AAAA,IACA;AAAA,EACD;AAAA,EACD,4BAA4B,EAC1B,OAAO,EACP;AAAA,IACA;AAAA,EACD;AAAA,EACD,yBAAyB,EACvB,QAAQ,EACR;AAAA,IACA;AAAA,EACD;AACF,CAAC,EACA,SAAS,2DAA2D,EACpE,OAAO;;;AChBT,IAAM,cAAgD;AAAA,EACrD,GAAG;AAAA,EACH,MAAM;AAAA,EACN,OAAO;AAAA,EACP,IAAI;AAAA,EACJ,KAAK;AAAA,EACL,IAAI;AAAA,EACJ,UAAU;AAAA,EACV,OAAO;AACR;AAmBA,eAAsB,aACrB,EAAE,aAAa,GACf,SACwC;AACxC,QAAM,UAAU,aAAa,OAAO;AACpC,MAAI,YAAY,QAAW;AAC1B,UAAM,IAAI;AAAA,MACT;AAAA,IACD;AAAA,EACD;AACA,QAAM,QAAQ,YAAY,OAAO;AACjC,MAAI,CAAC,OAAO;AACX,UAAM,IAAI;AAAA,MACT,kCAAkC,OAAO;AAAA,IAC1C;AAAA,EACD;AACA,MAAI,CAAC,SAAS,QAAQ,CAAC,SAAS,IAAI;AACnC,UAAM,IAAI;AAAA,MACT;AAAA,IACD;AAAA,EACD;AAEA,SAAO;AAAA,IACN,UAAU;AAAA,MACT;AAAA,MACA,MAAM,QAAQ;AAAA,MACd,IAAI,QAAQ;AAAA,MACZ,OAAO,QAAQ;AAAA,MACf,MAAM,QAAQ;AAAA,IACf;AAAA,EACD;AACD;;;AChEA,SAAS,KAAAA,UAAS;AAEX,IAAM,gBAAgBA,GAAE,OAAO,EAAE,kBAAkBA,GAAE,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,OAAO;;;ACFtF,SAAS,KAAAC,UAAS;AAEX,IAAM,iBAAiBA,GAC5B,OAAO;AAAA,EACP,OAAOA,GAAE,OAAO,EAAE,SAAS,kEAAkE;AAAA,EAC7F,MAAMA,GAAE,OAAO,EAAE,SAAS,yDAAyD;AAAA,EACnF,IAAIA,GAAE,OAAO,EAAE,SAAS,2DAA2D;AAAA,EACnF,OAAOA,GACL,OAAO,EACP;AAAA,IACA;AAAA,EACD,EACC,SAAS;AAAA,EACX,MAAMA,GACJ,OAAO,EACP,SAAS,kFAAkF,EAC3F,SAAS;AACZ,CAAC,EACA,SAAS,8DAA8D;;;ACIlE,IAAM,WAAkD;AAAA,EAC9D,IAAI,GAAG,SAAS;AAAA,EAChB,cAAc;AAAA,EACd,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf;AAAA,EACA;AAAA,EACA,UAAU;AAAA,IACT,MAAM;AAAA,IACN,SAAS;AAAA,IACT,aAAa;AAAA,IACb,QAAQ,eAAe;AAAA,IACvB,MAAM,aAAa;AAAA,EACpB;AACD;","names":["z","z"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@newton-xyz/policy-pack-blockaid",
-  "version": "0.2.0",
+  "version": "1.0.0",
   "description": "Bindings-only Newton blockaid policy pack (zod schemas + deployments). No PolicyPack export yet — use with NewtonShield.guardedCall until pack.ts lands.",
   "license": "Apache-2.0",
   "author": "Newton Protocol <https://x.com/newton_xyz> (https://newton.xyz)",
@@ -41,7 +41,7 @@
     "LICENSE"
   ],
   "peerDependencies": {
-    "@newton-xyz/policy-pack-shared": "^0.1.1",
+    "@newton-xyz/policy-pack-shared": "^0.2.0",
     "viem": "^2.0.0",
     "zod": "^3.0.0"
   },
@@ -50,7 +50,7 @@
     "typescript": "^5.5.0",
     "viem": "^2.0.0",
     "zod": "^3.23.0",
-    "@newton-xyz/policy-pack-shared": "0.1.1"
+    "@newton-xyz/policy-pack-shared": "0.2.0"
   },
   "scripts": {
     "build": "tsup",