@pafi-dev/core 0.24.0 → 0.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Address, Hex, TypedDataDomain, PublicClient, WalletClient, TransactionReceipt, HttpTransport } from 'viem';
1
+ import { Address, Hex, PublicClient, WalletClient, TransactionReceipt, HttpTransport } from 'viem';
2
2
  import { P as PoolKey, C as ChainConfig, V as V3Path, a as PafiSDKConfig, b as PointTokenDomainConfig, M as MintRequest, E as EIP712Signature, S as SignatureVerifyOptions, c as SignatureVerification } from './types-Hn1zUPTt.js';
3
3
  export { B as BestQuote, d as BlackoutWindow, e as BurnRequest, f as ExactOutputBestQuote, g as ExactOutputQuoteResult, I as Issuer, Q as QuoteResult, R as Recipient, h as RedemptionDecision, i as RedemptionDenial, j as RedemptionDenialCode, k as RedemptionPolicy, l as RedemptionPolicySource, m as RedemptionPreview, n as SignatureVerificationFailReason, o as Source } from './types-Hn1zUPTt.js';
4
4
  export { erc20Abi, issuerRegistryAbi, mintFeeWrapperAbi, mintingOracleAbi, permit2Abi, pointModuleCoreAbi, pointTokenAbi, pointTokenFactoryAbi, settlementVaultAbi, tokenRegistryAbi, universalRouterAbi, v3QuoterV2Abi, vaultFactoryAbi, vaultRegistryAbi } from './abi/index.js';
@@ -802,58 +802,71 @@ declare function erc20BurnOp(token: Address, amount: bigint): Operation;
802
802
  declare function rawCallOp(target: Address, data: `0x${string}`, value?: bigint): Operation;
803
803
 
804
804
  /**
805
- * Standard BatchExecutor ABI a contract that takes an array of calls
806
- * and invokes each one in sequence, reverting all if any fail.
805
+ * ZeroDev Kernel v3.3 execution ABI (ERC-7579).
807
806
  *
808
- * Function name is `executeBatch` (selector `0x34fcd5be`) to match
809
- * Pimlico's `Simple7702Account` the EIP-7702 delegate impl PAFI
810
- * pins on Base mainnet. The shorter `execute(Call[])` (selector
811
- * `0x3f707e6b`) only exists on standalone batch executor contracts;
812
- * calling it on a 7702 delegated EOA falls through to the fallback
813
- * function and reverts with "account: not from EntryPoint" (AA23).
807
+ * Kernel exposes `execute(bytes32 execMode, bytes executionCalldata)`
808
+ * (selector `0xe9ae5c53`). The `execMode` packs a CallType in its first
809
+ * byte (single / batch / delegatecall); `executionCalldata` is encoded
810
+ * differently per CallType (see below). This replaces the old
811
+ * Simple7702Account `executeBatch((address,uint256,bytes)[])` path.
814
812
  */
815
- declare const BATCH_EXECUTOR_ABI: readonly [{
816
- readonly name: "executeBatch";
813
+ declare const KERNEL_EXECUTE_ABI: readonly [{
814
+ readonly name: "execute";
817
815
  readonly type: "function";
818
816
  readonly stateMutability: "nonpayable";
819
817
  readonly inputs: readonly [{
820
- readonly type: "tuple[]";
821
- readonly components: readonly [{
822
- readonly type: "address";
823
- readonly name: "target";
824
- }, {
825
- readonly type: "uint256";
826
- readonly name: "value";
827
- }, {
828
- readonly type: "bytes";
829
- readonly name: "data";
830
- }];
831
- readonly name: "calls";
818
+ readonly type: "bytes32";
819
+ readonly name: "execMode";
820
+ }, {
821
+ readonly type: "bytes";
822
+ readonly name: "executionCalldata";
832
823
  }];
833
824
  readonly outputs: readonly [];
834
825
  }];
826
+ /** `execute(bytes32,bytes)` selector. */
827
+ declare const KERNEL_EXECUTE_SELECTOR: "0xe9ae5c53";
835
828
  /**
836
- * Encode a batch of operations into calldata for
837
- * `BatchExecutor.executeBatch((address,uint256,bytes)[])`. The
838
- * resulting calldata goes into `UserOperation.callData`.
829
+ * `executeUserOp(PackedUserOperation,bytes32)` selector. When a Kernel
830
+ * hook is installed, the callData is prefixed with this selector followed
831
+ * by the full `execute(...)` encoding. Decoders must strip it.
832
+ */
833
+ declare const KERNEL_EXECUTE_USEROP_SELECTOR: "0x8dd7712f";
834
+ /**
835
+ * Encode a batch of operations into `Kernel.execute(execMode,
836
+ * executionCalldata)` calldata (ERC-7579). Goes into
837
+ * `UserOperation.callData`.
839
838
  *
840
- * When the EOA has an EIP-7702 delegation to a BatchExecutor, calling
841
- * this calldata against the EOA runs all operations with
842
- * `msg.sender = EOA` for each inner call.
839
+ * - 1 operation -> CallType SINGLE, executionCalldata =
840
+ * abi.encodePacked(target[20], value[32], data)
841
+ * - N operations -> CallType BATCH, executionCalldata =
842
+ * abi.encode(Execution[]{target,value,callData})
843
843
  *
844
- * @param operations batch of calls, in execution order
845
- * @returns calldata bytes for `executeBatch((address,uint256,bytes)[])`
844
+ * Matches ZeroDev `@zerodev/sdk` `encodeExecuteSingleCall` /
845
+ * `encodeExecuteBatchCall` for Kernel v3.x — verified by round-trip
846
+ * against the SDK's own `account.encodeCalls()` output.
846
847
  */
847
- declare function encodeBatchExecute(operations: Operation[]): Hex;
848
+ declare function encodeKernelExecute(operations: Operation[]): Hex;
848
849
  /**
849
- * Decode `BatchExecutor.executeBatch(calls[])` callData back into
850
- * individual `{ to, data, value }` objects.
850
+ * Decode Kernel `execute(execMode, executionCalldata)` callData back into
851
+ * `Operation[]`. Handles the SINGLE and BATCH CallTypes and the optional
852
+ * `executeUserOp` hook prefix. Returns `null` when the callData is not a
853
+ * recognised Kernel execute (fail-closed) so callers can refuse rather
854
+ * than silently pass an unknown shape.
851
855
  *
852
- * Used by issuer backends to convert a `PartialUserOperation.callData`
853
- * into the `calls[]` array returned to web/FE clients (which submit via
854
- * `permissionless.sendTransaction({ calls })`).
856
+ * DELEGATECALL (CallType `0xff`) is deliberately NOT decoded — it returns
857
+ * `null`. A delegatecall executes arbitrary code in the account's own
858
+ * context, so surfacing it as a plain `Operation[]` would let it
859
+ * masquerade as a normal call past target-allowlist checks (e.g. in the
860
+ * sponsor-relayer's intent gate). Fail closed instead.
861
+ */
862
+ declare function decodeKernelExecute(callData: Hex): Operation[] | null;
863
+ /**
864
+ * Decode Kernel execute callData into the `{ to, data, value }` string
865
+ * shape returned to web/FE clients (which submit via
866
+ * `sendTransaction({ calls })`). Convenience wrapper over
867
+ * {@link decodeKernelExecute}. Throws if the callData is not decodable.
855
868
  */
856
- declare function decodeBatchExecuteCalls(callData: Hex): Array<{
869
+ declare function decodeKernelExecuteCalls(callData: Hex): Array<{
857
870
  to: string;
858
871
  data: string;
859
872
  value: string;
@@ -888,7 +901,7 @@ declare function serializeUserOpToJsonRpc(userOp: {
888
901
  interface BuildPartialUserOpParams {
889
902
  /** User's EOA (with EIP-7702 delegation). */
890
903
  sender: Address;
891
- /** Batch of operations — encoded into callData via `encodeBatchExecute`. */
904
+ /** Batch of operations — encoded into callData via `encodeKernelExecute`. */
892
905
  operations: Operation[];
893
906
  /** EntryPoint nonce for this sender. Caller fetches from the EntryPoint contract. */
894
907
  nonce: bigint;
@@ -926,67 +939,24 @@ declare function assembleUserOperation(partial: PartialUserOperation, paymaster:
926
939
  paymasterPostOpGasLimit: bigint;
927
940
  }, signature: `0x${string}`): UserOperation;
928
941
 
929
- declare const PACKED_USER_OPERATION_TYPES: {
930
- readonly PackedUserOperation: readonly [{
931
- readonly name: "sender";
932
- readonly type: "address";
933
- }, {
934
- readonly name: "nonce";
935
- readonly type: "uint256";
936
- }, {
937
- readonly name: "initCode";
938
- readonly type: "bytes";
939
- }, {
940
- readonly name: "callData";
941
- readonly type: "bytes";
942
- }, {
943
- readonly name: "accountGasLimits";
944
- readonly type: "bytes32";
945
- }, {
946
- readonly name: "preVerificationGas";
947
- readonly type: "uint256";
948
- }, {
949
- readonly name: "gasFees";
950
- readonly type: "bytes32";
951
- }, {
952
- readonly name: "paymasterAndData";
953
- readonly type: "bytes";
954
- }];
955
- };
956
- type PackedUserOperationMessage = {
957
- sender: Address;
958
- nonce: bigint;
959
- initCode: Hex;
960
- callData: Hex;
961
- accountGasLimits: Hex;
962
- preVerificationGas: bigint;
963
- gasFees: Hex;
964
- paymasterAndData: Hex;
965
- };
966
- type UserOpTypedData = {
967
- domain: TypedDataDomain;
968
- types: typeof PACKED_USER_OPERATION_TYPES;
969
- primaryType: "PackedUserOperation";
970
- message: PackedUserOperationMessage;
971
- };
972
942
  /**
973
- * Build the EIP-712 typed-data payload for an ERC-4337 v0.8 UserOp.
943
+ * Compute the ERC-4337 v0.7 `userOpHash` for a UserOp targeting a ZeroDev
944
+ * Kernel v3.3 account (EntryPoint v0.7). Equals on-chain
945
+ * `EntryPoint.getUserOpHash(userOp)`.
974
946
  *
975
- * The deployed Pimlico `Simple7702Account` (impl `0xe6Cae8...`) validates
976
- * the user's signature by calling `SignatureCheckerLib.isValidSignatureNow`
977
- * with the **raw** userOpHash (no EIP-191 prefix). For an EOA signer this
978
- * means `ecrecover(userOpHash, sig)` must equal the EOA address.
947
+ * ## What the user signs
979
948
  *
980
- * Because `userOpHash` is itself the EIP-712 typed digest of the
981
- * `PackedUserOperation` struct, signing the typed data with
982
- * `eth_signTypedData_v4` produces a signature whose recover-from-raw-digest
983
- * == the userOpHash. That matches what the contract expects.
949
+ * Kernel's 7702 root ECDSA validator accepts a **`personal_sign`** of this
950
+ * hash — i.e. `signMessage({ message: { raw: userOpHash } })` (EIP-191
951
+ * prefixed), NOT `signTypedData` and NOT a raw `ecrecover(userOpHash)`.
952
+ * (Verified on-chain: a `personal_sign(userOpHash)` signature passed
953
+ * Kernel `validateUserOp` on Base mainnet.)
984
954
  *
985
- * Do NOT sign with `personal_sign` / `signMessage({ raw })` — that adds the
986
- * EIP-191 prefix, which the contract does not undo, so recovery returns a
987
- * different address and the bundler reverts with `AA24 signature error`.
955
+ * This differs from the retired Simple7702Account path, which used the
956
+ * EntryPoint-v0.8 EIP-712 userOpHash signed via `eth_signTypedData_v4`.
957
+ * The mobile signer must switch to `personal_sign` accordingly.
988
958
  */
989
- declare function buildUserOpTypedData(userOp: {
959
+ declare function computeUserOpHash(userOp: {
990
960
  sender: Address;
991
961
  nonce: bigint;
992
962
  callData: Hex;
@@ -999,68 +969,43 @@ declare function buildUserOpTypedData(userOp: {
999
969
  paymasterVerificationGasLimit?: bigint;
1000
970
  paymasterPostOpGasLimit?: bigint;
1001
971
  paymasterData?: Hex;
1002
- }, chainId: number): UserOpTypedData;
1003
- /**
1004
- * EIP-712 typed digest of an ERC-4337 v0.8 UserOp. Equals on-chain
1005
- * `EntryPoint.getUserOpHash(userOp)`.
1006
- */
1007
- declare function computeUserOpHash(userOp: Parameters<typeof buildUserOpTypedData>[0], chainId: number): Hex;
972
+ }, chainId: number): Hex;
1008
973
 
1009
974
  /**
1010
- * EIP-7702 delegate impls supported by the PAFI mobile prepare/submit
1011
- * flow. Each impl exposes `executeBatch((address,uint256,bytes)[])`
1012
- * (selector `0x34fcd5be`) so callData encoding is identical, but each
1013
- * may use a slightly different dummy-signature pattern that Pimlico's
1014
- * `pm_sponsorUserOperation` simulation accepts.
1015
- *
1016
- * Current primary impl is `simple7702` (Pimlico's `Simple7702Account`).
1017
- * `batchExecutor` is retained for back-compat with EOAs that delegated
1018
- * to an earlier Coinbase Smart Wallet v2 BatchExecutor — Pimlico is
1019
- * the canonical impl now (the Coinbase SignatureWrapper format caused
1020
- * AA23 0x3c10b94e during validateUserOp).
1021
- */
1022
- type DelegateImpl = "simple7702" | "batchExecutor" | "unknown";
1023
- /**
1024
- * Pimlico's `Simple7702Account` implementation address on Base mainnet —
1025
- * the canonical PAFI delegation target. Used by
1026
- * `permissionless.to7702SimpleSmartAccount`.
975
+ * EIP-7702 delegate impls supported by the PAFI flow. Only the ZeroDev
976
+ * Kernel v3.3 account is accepted; anything else is `unknown` and the
977
+ * sponsor-relayer refuses to sponsor it.
1027
978
  */
1028
- declare const SIMPLE_7702_IMPL_BASE_MAINNET: Address;
979
+ type DelegateImpl = "kernel" | "unknown";
1029
980
  /**
1030
- * Legacy Coinbase Smart Wallet v2 BatchExecutoran earlier PAFI
1031
- * delegation target. Same on Base mainnet + Base Sepolia. Detected here
1032
- * so EOAs that delegated to this address still pass the impl check;
1033
- * new delegations should target {@link SIMPLE_7702_IMPL_BASE_MAINNET}.
981
+ * ZeroDev Kernel v3.3 account implementation addressthe canonical PAFI
982
+ * EIP-7702 delegation target. CREATE2-deterministic, so the same address
983
+ * is used on every chain. Mirrors `getContractAddresses(chainId).kernel`
984
+ * (kept as a literal here so `detectDelegateImpl` needs no chain lookup).
985
+ *
986
+ * Source: `KernelVersionToAddressesMap[KERNEL_V3_3].accountImplementationAddress`
987
+ * from `@zerodev/sdk/constants` (verified on-chain on Base mainnet).
1034
988
  */
1035
- declare const BATCH_EXECUTOR_7702_IMPL: Address;
989
+ declare const KERNEL_V3_3_IMPL: Address;
1036
990
  /**
1037
- * Standard ERC-4337 v0.7 ECDSA dummy signature — 65 bytes that
1038
- * are well-formed (so signature recovery doesn't crash) but
1039
- * obviously invalid (so they can't accidentally authorize a real
1040
- * tx). Both Simple7702 and BatchExecutor accept this pattern as
1041
- * the "estimating" signature during paymaster simulation.
1042
- *
1043
- * Source: viem-account-abstraction's default; matches what
1044
- * `permissionless.toSimpleSmartAccount` and `to7702SimpleSmartAccount`
1045
- * use for `getStubSignature()`.
991
+ * Standard ERC-4337 v0.7 ECDSA dummy signature — 65 well-formed bytes
992
+ * (so signature recovery doesn't crash) that are obviously invalid (so
993
+ * they can't authorize a real tx). Kernel's 7702 root ECDSA validator
994
+ * accepts this pattern as the "estimating" signature during paymaster
995
+ * simulation. Matches `@zerodev/sdk`'s `DUMMY_ECDSA_SIG`.
1046
996
  */
1047
997
  declare const DUMMY_SIGNATURE_V07: Hex;
1048
998
  /**
1049
999
  * Map an EIP-7702 delegate target address to its `DelegateImpl` kind.
1050
- * Returns `'unknown'` when the address isn't a recognised PAFI-supported
1051
- * impl caller should reject or fall back to a default behaviour.
1000
+ * Returns `'unknown'` for anything that isn't the Kernel v3.3 impl —
1001
+ * callers must reject unknown delegates (sponsoring a UserOp against an
1002
+ * unverified impl runs inner calls with the user EOA's authority).
1052
1003
  */
1053
1004
  declare function detectDelegateImpl(delegate: Address | null | undefined): DelegateImpl;
1054
1005
  /**
1055
- * Return a dummy signature appropriate for a given delegate impl. Used
1056
- * by sponsor-relayer's `pm_sponsorUserOperation` forwarding so Pimlico
1057
- * can simulate validateUserOp without the user's actual signature
1058
- * (which is supplied later via `personal_sign(userOpHash)`).
1059
- *
1060
- * Currently both Simple7702 and BatchExecutor use the same v0.7 ECDSA
1061
- * dummy. Kept impl-keyed so future impls (Safe, Kernel, Biconomy) can
1062
- * supply their own pattern (e.g. ERC-1271 stubs) without forcing a
1063
- * sponsor-relayer redeploy.
1006
+ * Dummy signature for paymaster simulation of a Kernel UserOp. Kept
1007
+ * impl-keyed so a future impl could supply its own stub without a
1008
+ * sponsor-relayer redeploy; today Kernel uses the standard v0.7 ECDSA stub.
1064
1009
  */
1065
1010
  declare function getDummySignatureFor7702(impl: DelegateImpl): Hex;
1066
1011
 
@@ -1216,61 +1161,11 @@ declare function checkDelegation(client: PublicClient, address: Address): Promis
1216
1161
  */
1217
1162
  declare function isDelegatedTo(client: PublicClient, address: Address, target: Address): Promise<boolean>;
1218
1163
 
1219
- /**
1220
- * Parameters for building a delegation-only UserOperation.
1221
- *
1222
- * This UserOp carries no calldata — its sole purpose is to anchor the
1223
- * EIP-7702 authorization (signed externally via `signAuthorization`) into
1224
- * a sponsored transaction so the user doesn't need native ETH to delegate.
1225
- */
1226
- interface BuildDelegationUserOpParams {
1227
- /** User EOA to delegate. */
1228
- userAddress: Address;
1229
- /** ERC-4337 account nonce — fetched from EntryPoint. Pass 0n on first ever op. */
1230
- aaNonce: bigint;
1231
- gasLimits?: {
1232
- callGasLimit?: bigint;
1233
- verificationGasLimit?: bigint;
1234
- preVerificationGas?: bigint;
1235
- };
1236
- }
1237
- /**
1238
- * Build the minimal `PartialUserOperation` used to sponsor the one-time
1239
- * EIP-7702 delegation.
1240
- *
1241
- * The caller must:
1242
- * 1. Sign the EIP-7702 authorization via `signAuthorization()` (Privy hook).
1243
- * 2. Pass the authorization as `authorization` alongside `calls` (or alone)
1244
- * to `smartClient.sendTransaction()`.
1245
- *
1246
- * The permissionless SDK + Pimlico bundler handle the rest: they detect the
1247
- * `authorization` field and submit an EIP-7702 type-4 transaction that sets
1248
- * the EOA's bytecode to `0xef0100<batchExecutorAddress>`.
1249
- *
1250
- * This builder is a convenience wrapper — in practice you can also pass
1251
- * `{ to: userAddress, value: 0n, data: '0x', authorization }` directly to
1252
- * `smartClient.sendTransaction()` without calling this function at all.
1253
- * Use it when you need a `PartialUserOperation` struct for inspection or
1254
- * custom paymaster flows.
1255
- *
1256
- * @example
1257
- * // Typical flow — no need to call this builder directly:
1258
- * const nonce = await publicClient.getTransactionCount({ address, blockTag: 'pending' });
1259
- * const authorization = await signAuthorization({ contractAddress: BATCH_EXECUTOR, chainId: 8453, nonce });
1260
- * const txHash = await smartClient.sendTransaction({
1261
- * to: address,
1262
- * value: 0n,
1263
- * data: '0x',
1264
- * authorization,
1265
- * paymasterContext: { sponsorshipPolicyId },
1266
- * });
1267
- */
1268
- declare function buildDelegationUserOp(params: BuildDelegationUserOpParams): PartialUserOperation;
1269
1164
  /**
1270
1165
  * Fetch the AA nonce for a user EOA from the EntryPoint v0.7.
1271
1166
  *
1272
1167
  * Convenience helper so callers don't need to import the EntryPoint ABI
1273
- * themselves when building the delegation UserOp.
1168
+ * themselves when building a sponsored UserOp.
1274
1169
  *
1275
1170
  * @param client - viem PublicClient
1276
1171
  * @param userAddress - EOA to query
@@ -1400,9 +1295,8 @@ interface DelegateDirectParams {
1400
1295
  signAuthorization: SignAuthorizationFn;
1401
1296
  /**
1402
1297
  * Override the impl the EOA delegates to. Defaults to
1403
- * `getContractAddresses(chainId).batchExecutor` (Pimlico
1404
- * Simple7702Account on Base mainnet — the canonical PAFI delegate
1405
- * target).
1298
+ * `getContractAddresses(chainId).kernel` (ZeroDev Kernel v3.3 — the
1299
+ * canonical PAFI delegate target).
1406
1300
  */
1407
1301
  contractAddress?: Address;
1408
1302
  /**
@@ -2321,8 +2215,8 @@ declare const POINT_TOKEN_ABI: readonly [{
2321
2215
  }];
2322
2216
  }];
2323
2217
 
2324
- declare const BATCH_EXECUTOR_ADDRESS_BASE_MAINNET: `0x${string}`;
2325
- declare const BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA: `0x${string}`;
2218
+ declare const KERNEL_ADDRESS_BASE_MAINNET: `0x${string}`;
2219
+ declare const KERNEL_ADDRESS_BASE_SEPOLIA: `0x${string}`;
2326
2220
 
2327
2221
  /**
2328
2222
  * Per-chain deployed contract addresses.
@@ -2334,7 +2228,7 @@ declare const BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA: `0x${string}`;
2334
2228
  *
2335
2229
  * ## What lives where
2336
2230
  *
2337
- * batchExecutor — EIP-7702 delegation target (Pimlico Simple7702Account)
2231
+ * kernel — EIP-7702 delegation target (ZeroDev Kernel v3.3 impl)
2338
2232
  * usdt — Stablecoin used by Uniswap pools (6 decimals)
2339
2233
  * usdc — Stablecoin used as the perp-deposit fee token and
2340
2234
  * Orderly settlement asset (6 decimals). Optional —
@@ -2356,7 +2250,13 @@ declare const BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA: `0x${string}`;
2356
2250
  * hook-free (`hooks = address(0)`).
2357
2251
  */
2358
2252
  interface ContractAddresses {
2359
- batchExecutor: Address;
2253
+ /**
2254
+ * EIP-7702 delegation target — the ZeroDev Kernel v3.3 account
2255
+ * implementation. CREATE2-deterministic, so the same address is used
2256
+ * on every chain. Whitelisted by sponsor-relayer as the only
2257
+ * acceptable `eip7702Auth.address`.
2258
+ */
2259
+ kernel: Address;
2360
2260
  usdt: Address;
2361
2261
  /**
2362
2262
  * Canonical USDC (6 decimals) on this chain — the fee token used by
@@ -2492,8 +2392,6 @@ interface PafiServiceUrls {
2492
2392
  * once the deploy targets are finalized. SDK version bump captures
2493
2393
  * the change.
2494
2394
  *
2495
- * Audit PACI5-17 — production deployments SHOULD pass explicit
2496
- * `overrides` to `getPafiServiceUrls(chainId, overrides)` (sourced from
2497
2395
  * env vars like `PAFI_SPONSOR_RELAYER_URL`, `PAFI_ISSUER_API_URL`)
2498
2396
  * instead of relying on these defaults. The SDK ship-default is a
2499
2397
  * convenience for dev/test; relying on it for production means an SDK
@@ -2505,7 +2403,6 @@ declare const PAFI_SERVICE_URLS: Record<number, PafiServiceUrls>;
2505
2403
  * `overrides` to point at a different environment (production,
2506
2404
  * staging, local mock) without bumping the SDK.
2507
2405
  *
2508
- * Audit PACI5-17 — production issuer backends MUST surface the URL
2509
2406
  * via env vars and pass them through here so the deployed binary
2510
2407
  * does not depend on hardcoded ship-defaults that may target dev
2511
2408
  * infrastructure. Example:
@@ -2542,16 +2439,11 @@ declare function getPafiServiceUrls(chainId: number, overrides?: Partial<PafiSer
2542
2439
  * (canonical name; not version-suffixed
2543
2440
  * so future Uniswap fork bumps don't
2544
2441
  * collide with PointToken internals)
2545
- * - `BATCH_EXECUTOR_*` — EIP-7702 delegation target (ABI real,
2546
- * address still placeholder on all
2547
- * chains until SC delivers)
2548
- * - `CONTRACT_ADDRESSES` — per-chain map (real on 8453 except
2549
- * `batchExecutor` — pending SC)
2442
+ * - `KERNEL_*` — EIP-7702 delegation target (ZeroDev
2443
+ * Kernel v3.3 impl + ERC-7579 execute ABI)
2444
+ * - `CONTRACT_ADDRESSES` — per-chain map (real on 8453)
2550
2445
  * - `POINT_TOKEN_FACTORY_ADDRESSES`, `POINT_TOKEN_IMPL_ADDRESSES`
2551
2446
  * — provisioning / observability helpers
2552
- *
2553
- * Status: all real except BatchExecutor address (single remaining
2554
- * placeholder, flagged inline in `real/addresses.ts`).
2555
2447
  */
2556
2448
 
2557
2449
  /**
@@ -2851,4 +2743,4 @@ declare class PafiSDK {
2851
2743
  signLoginMessage(message: string): Promise<Hex>;
2852
2744
  }
2853
2745
 
2854
- export { ApiError, type AttachDelegationIfNeededParams, BATCH_EXECUTOR_7702_IMPL, BATCH_EXECUTOR_ABI, BATCH_EXECUTOR_ADDRESS_BASE_MAINNET, BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA, BROKER_HASHES, type BuildDelegationUserOpParams, type BuildErc20TransferParams, type BuildPartialUserOpParams, type BuildPerpDepositViaRelayParams, type BuildPerpDepositWithGasDeductionParams, COMMON_POOLS, COMMON_TOKENS, CONTRACT_ADDRESSES, ChainConfig, type CheckEthAndBranchParams, ConfigurationError, type ContractAddresses, DUMMY_SIGNATURE_V07, type DelegateDirectParams, type DelegateDirectResult, type DelegateImpl, EIP712Signature, ENTRY_POINT_V07, ENTRY_POINT_V08, type Eip7702AuthorizationJsonRpc, type FallbackInfo, type FeeScenario, LoginMessageParams, MintRequest, type ModalOpenOptions, ORDERLY_RELAY_ABI, ORDERLY_VAULT_ABI, ORDERLY_VAULT_ADDRESSES, ORDERLY_VAULT_BASE_MAINNET, type Operation, OracleStaleError, type OrderlyRelayDepositRequest, PAFI_SERVICE_URLS, PAFI_SUBGRAPH_URL, PERMIT2_ADDRESS, POINT_TOKEN_ABI, POINT_TOKEN_BEACON_ADDRESSES, POINT_TOKEN_BURN_SIG_ABI, POINT_TOKEN_FACTORY_ADDRESSES, POINT_TOKEN_IMPL_ADDRESSES, POINT_TOKEN_MINT_SIG_ABI, POINT_TOKEN_POOLS, type PackedUserOperationMessage, type PafiErrorType, type PafiProxyTransportParams, PafiSDK, PafiSDKConfig, PafiSdkError, type PafiServiceUrls, type PafiWebModalAdapter, type PafiWebModalHandle, type PartialUserOperation, type PaymasterConfig, type PaymasterFields, PointTokenDomainConfig, PoolKey, QUOTER_V2_ADDRESSES, type QuoteOperatorFeeForTransferConfig, type QuoteOperatorFeePtConfig, type QuoteOperatorFeeUsdtConfig, SCENARIO_GAS_UNITS, SDK_ERROR_HTTP_STATUS_CODE, SIMPLE_7702_IMPL_BASE_MAINNET, SUPPORTED_CHAINS, type SdkErrorHttpStatus, type SendWithPaymasterFallbackParams, type SignAuthorizationFn, type SignatureStruct, SignatureVerification, SignatureVerifyOptions, type SignedAuthorization, SigningError, SimulationError, type SmartAccountSender, type SponsorshipScenario, type SubmissionPath, TOKEN_HASHES, UNIVERSAL_ROUTER_ADDRESSES, type UserOpReceipt, type UserOpTypedData, type UserOperation, V3Path, V3_FACTORY_ADDRESSES, V3_POOL_INIT_CODE_HASH, V3_SWAP_ROUTER_ADDRESSES, VAULT_BEACON_ADDRESSES, ValidationError, type VaultDepositFE, ZERO_VALUE, assembleUserOperation, attachDelegationIfNeeded, buildDelegationUserOp, buildEip7702Authorization, buildErc20TransferUserOp, buildPartialUserOperation, buildPerpDepositViaRelay, buildPerpDepositWithGasDeduction, buildUserOpTypedData, burnRequestTypes, checkDelegation, checkEthAndBranch, computeAccountId, computeAuthorizationHash, computeUserOpHash, computeV3PoolAddress, createPafiProxyTransport, decodeBatchExecuteCalls, defaultErrorTypeForStatus, delegateDirect, detectDelegateImpl, encodeBatchExecute, encodeV3Path, encodeV3PathReversed, erc20ApproveOp, erc20BurnOp, erc20TransferOp, fetchPafiPools, getAaNonce, getContractAddresses, getDummySignatureFor7702, getPafiServiceUrls, getPafiWebModalAdapter, isDelegatedTo, isDelegatedToTarget, isPaymasterError, mintRequestTypes, openPafiWebModal, openWebPopup, parseEip7702DelegatedAddress, quoteOperatorFeeForTransfer, quoteOperatorFeePt, quoteOperatorFeeUsdt, rawCallOp, sendWithPaymasterFallback, serializeUserOpToJsonRpc, setPafiWebModalAdapter, splitAuthorizationSig, webPopupAdapter };
2746
+ export { ApiError, type AttachDelegationIfNeededParams, BROKER_HASHES, type BuildErc20TransferParams, type BuildPartialUserOpParams, type BuildPerpDepositViaRelayParams, type BuildPerpDepositWithGasDeductionParams, COMMON_POOLS, COMMON_TOKENS, CONTRACT_ADDRESSES, ChainConfig, type CheckEthAndBranchParams, ConfigurationError, type ContractAddresses, DUMMY_SIGNATURE_V07, type DelegateDirectParams, type DelegateDirectResult, type DelegateImpl, EIP712Signature, ENTRY_POINT_V07, ENTRY_POINT_V08, type Eip7702AuthorizationJsonRpc, type FallbackInfo, type FeeScenario, KERNEL_ADDRESS_BASE_MAINNET, KERNEL_ADDRESS_BASE_SEPOLIA, KERNEL_EXECUTE_ABI, KERNEL_EXECUTE_SELECTOR, KERNEL_EXECUTE_USEROP_SELECTOR, KERNEL_V3_3_IMPL, LoginMessageParams, MintRequest, type ModalOpenOptions, ORDERLY_RELAY_ABI, ORDERLY_VAULT_ABI, ORDERLY_VAULT_ADDRESSES, ORDERLY_VAULT_BASE_MAINNET, type Operation, OracleStaleError, type OrderlyRelayDepositRequest, PAFI_SERVICE_URLS, PAFI_SUBGRAPH_URL, PERMIT2_ADDRESS, POINT_TOKEN_ABI, POINT_TOKEN_BEACON_ADDRESSES, POINT_TOKEN_BURN_SIG_ABI, POINT_TOKEN_FACTORY_ADDRESSES, POINT_TOKEN_IMPL_ADDRESSES, POINT_TOKEN_MINT_SIG_ABI, POINT_TOKEN_POOLS, type PafiErrorType, type PafiProxyTransportParams, PafiSDK, PafiSDKConfig, PafiSdkError, type PafiServiceUrls, type PafiWebModalAdapter, type PafiWebModalHandle, type PartialUserOperation, type PaymasterConfig, type PaymasterFields, PointTokenDomainConfig, PoolKey, QUOTER_V2_ADDRESSES, type QuoteOperatorFeeForTransferConfig, type QuoteOperatorFeePtConfig, type QuoteOperatorFeeUsdtConfig, SCENARIO_GAS_UNITS, SDK_ERROR_HTTP_STATUS_CODE, SUPPORTED_CHAINS, type SdkErrorHttpStatus, type SendWithPaymasterFallbackParams, type SignAuthorizationFn, type SignatureStruct, SignatureVerification, SignatureVerifyOptions, type SignedAuthorization, SigningError, SimulationError, type SmartAccountSender, type SponsorshipScenario, type SubmissionPath, TOKEN_HASHES, UNIVERSAL_ROUTER_ADDRESSES, type UserOpReceipt, type UserOperation, V3Path, V3_FACTORY_ADDRESSES, V3_POOL_INIT_CODE_HASH, V3_SWAP_ROUTER_ADDRESSES, VAULT_BEACON_ADDRESSES, ValidationError, type VaultDepositFE, ZERO_VALUE, assembleUserOperation, attachDelegationIfNeeded, buildEip7702Authorization, buildErc20TransferUserOp, buildPartialUserOperation, buildPerpDepositViaRelay, buildPerpDepositWithGasDeduction, burnRequestTypes, checkDelegation, checkEthAndBranch, computeAccountId, computeAuthorizationHash, computeUserOpHash, computeV3PoolAddress, createPafiProxyTransport, decodeKernelExecute, decodeKernelExecuteCalls, defaultErrorTypeForStatus, delegateDirect, detectDelegateImpl, encodeKernelExecute, encodeV3Path, encodeV3PathReversed, erc20ApproveOp, erc20BurnOp, erc20TransferOp, fetchPafiPools, getAaNonce, getContractAddresses, getDummySignatureFor7702, getPafiServiceUrls, getPafiWebModalAdapter, isDelegatedTo, isDelegatedToTarget, isPaymasterError, mintRequestTypes, openPafiWebModal, openWebPopup, parseEip7702DelegatedAddress, quoteOperatorFeeForTransfer, quoteOperatorFeePt, quoteOperatorFeeUsdt, rawCallOp, sendWithPaymasterFallback, serializeUserOpToJsonRpc, setPafiWebModalAdapter, splitAuthorizationSig, webPopupAdapter };