@pafi-dev/core 0.3.0-beta.6 → 0.3.0-beta.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +257 -7
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +448 -2
- package/dist/index.d.ts +448 -2
- package/dist/index.js +250 -0
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.cts
CHANGED
|
@@ -5,7 +5,7 @@ export { erc20Abi, issuerRegistryAbi, mintingOracleAbi, permit2Abi, pointTokenAb
|
|
|
5
5
|
export { buildBurnRequestTypedData, buildDomain, buildMintRequestTypedData, buildReceiverConsentTypedData, signBurnRequest, signMintRequest, signReceiverConsent, verifyBurnRequest, verifyMintRequest, verifyReceiverConsent } from './eip712/index.cjs';
|
|
6
6
|
export { getIssuer, getMintRequestNonce, getPointTokenBalance, getPointTokenIssuer, getPointTokenIssuerAddress, getReceiverConsentNonce, getTokenName, isActiveIssuer, isMinter, verifyMintCap } from './contract/index.cjs';
|
|
7
7
|
export { buildAllPaths, combineRoutes, findBestQuote, quoteBestRoute, quoteExactInput, quoteExactInputSingle } from './quoting/index.cjs';
|
|
8
|
-
import {
|
|
8
|
+
import { P as PartialUserOperation, O as Operation, U as UserOperation, S as SwapSimulationResult } from './index-B7pGBych.cjs';
|
|
9
9
|
export { B as BuildSwapWithGasDeductionParams, E as ENTRY_POINT_V07, a as PaymasterFields, b as SETTLE_ALL, c as SWAP_EXACT_IN, T as TAKE_ALL, d as UserOpReceipt, V as V4_SWAP, Z as ZERO_VALUE, e as buildErc20ApprovalCalldata, f as buildPermit2ApprovalCalldata, g as buildSwapFromQuote, h as buildSwapWithGasDeduction, i as buildUniversalRouterExecuteArgs, j as buildV4SwapInput, k as checkAllowance, s as simulateSwap } from './index-B7pGBych.cjs';
|
|
10
10
|
import { LoginMessageParams } from './auth/index.cjs';
|
|
11
11
|
export { VerifyLoginResult, createLoginMessage, parseLoginMessage, verifyLoginMessage } from './auth/index.cjs';
|
|
@@ -87,6 +87,256 @@ declare class ApiError extends PafiSDKError {
|
|
|
87
87
|
constructor(message: string, status?: number | undefined);
|
|
88
88
|
}
|
|
89
89
|
|
|
90
|
+
/**
|
|
91
|
+
* Orderly Network Vault — entrypoint for **perp deposit** flow on
|
|
92
|
+
* Base mainnet (Scenario 3).
|
|
93
|
+
*
|
|
94
|
+
* Source of truth for addresses + integration:
|
|
95
|
+
* https://orderly.network/docs/build-on-omnichain/addresses#base
|
|
96
|
+
*
|
|
97
|
+
* ## Architecture
|
|
98
|
+
*
|
|
99
|
+
* User wallet (Base)
|
|
100
|
+
* │ 1. USDC.approve(vault, amount)
|
|
101
|
+
* │ 2. vault.deposit{value: layerZeroFee}({
|
|
102
|
+
* │ accountId, brokerHash, tokenHash, tokenAmount
|
|
103
|
+
* │ })
|
|
104
|
+
* ▼
|
|
105
|
+
* OrderlyVault (Base)
|
|
106
|
+
* │ — locks USDC, emits LayerZero message
|
|
107
|
+
* ▼
|
|
108
|
+
* Orderly chain (off-chain matching engine)
|
|
109
|
+
* │ — credits the user's perp account
|
|
110
|
+
* ▼
|
|
111
|
+
* User can now place perp orders via Orderly REST/WS API
|
|
112
|
+
*
|
|
113
|
+
* **Important:** `value` is required and is the LayerZero cross-chain
|
|
114
|
+
* fee (paid in native ETH on Base). Quote it via
|
|
115
|
+
* `vault.getDepositFee(user, data)` BEFORE calling deposit. Fees vary
|
|
116
|
+
* with destination chain congestion.
|
|
117
|
+
*
|
|
118
|
+
* ## Sponsored vs direct
|
|
119
|
+
*
|
|
120
|
+
* Coinbase Paymaster sponsors GAS, not `msg.value`. So even on the
|
|
121
|
+
* sponsored path the user MUST hold enough native ETH on Base to cover
|
|
122
|
+
* `getDepositFee()` (typically ~0.0002 ETH at quiet times).
|
|
123
|
+
*/
|
|
124
|
+
/** Orderly Vault on Base mainnet (EIP-55 checksum). */
|
|
125
|
+
declare const ORDERLY_VAULT_BASE_MAINNET: Address;
|
|
126
|
+
/**
|
|
127
|
+
* Per-chain registry of the Orderly Vault. Add chains here as Orderly
|
|
128
|
+
* deploys them.
|
|
129
|
+
*/
|
|
130
|
+
declare const ORDERLY_VAULT_ADDRESSES: Record<number, Address>;
|
|
131
|
+
/**
|
|
132
|
+
* Pre-computed broker hashes — `keccak256(abi.encodePacked(brokerId))`.
|
|
133
|
+
* Add new brokers as they launch.
|
|
134
|
+
*
|
|
135
|
+
* Reference: https://orderly.network/docs/build-on-omnichain/user-flows/accountId
|
|
136
|
+
*/
|
|
137
|
+
declare const BROKER_HASHES: {
|
|
138
|
+
/** Default partner broker on Base — most commonly whitelisted. */
|
|
139
|
+
readonly woofi_pro: `0x${string}`;
|
|
140
|
+
/** Orderly's own white-label broker. */
|
|
141
|
+
readonly orderly: `0x${string}`;
|
|
142
|
+
/** LogX. */
|
|
143
|
+
readonly logx: `0x${string}`;
|
|
144
|
+
};
|
|
145
|
+
/**
|
|
146
|
+
* Pre-computed token hashes — `keccak256(abi.encodePacked(tokenSymbol))`.
|
|
147
|
+
* The hash maps to the actual ERC-20 address on each chain via
|
|
148
|
+
* `vault.getAllowedToken(tokenHash)`.
|
|
149
|
+
*
|
|
150
|
+
* Note: Orderly canonicalises by symbol (USDC, not "USD Coin").
|
|
151
|
+
*/
|
|
152
|
+
declare const TOKEN_HASHES: {
|
|
153
|
+
readonly USDC: `0x${string}`;
|
|
154
|
+
};
|
|
155
|
+
/**
|
|
156
|
+
* Compute Orderly's `accountId` — uniquely identifies a user+broker
|
|
157
|
+
* tuple. Matches the off-chain formula used by the Orderly SDK so
|
|
158
|
+
* deposits + future REST API calls reference the same account.
|
|
159
|
+
*
|
|
160
|
+
* accountId = keccak256(abi.encode(user, brokerHash))
|
|
161
|
+
*
|
|
162
|
+
* Note `abi.encode` (not `encodePacked`) — uses 32-byte left-padding.
|
|
163
|
+
*/
|
|
164
|
+
declare function computeAccountId(user: Address, brokerHash: Hex): Hex;
|
|
165
|
+
/**
|
|
166
|
+
* Minimal Orderly Vault ABI — just the functions PAFI needs for
|
|
167
|
+
* Scenario 3 (perp deposit). Full ABI is on Orderly's docs site.
|
|
168
|
+
*/
|
|
169
|
+
declare const ORDERLY_VAULT_ABI: readonly [{
|
|
170
|
+
readonly type: "function";
|
|
171
|
+
readonly name: "deposit";
|
|
172
|
+
readonly stateMutability: "payable";
|
|
173
|
+
readonly inputs: readonly [{
|
|
174
|
+
readonly name: "data";
|
|
175
|
+
readonly type: "tuple";
|
|
176
|
+
readonly components: readonly [{
|
|
177
|
+
readonly name: "accountId";
|
|
178
|
+
readonly type: "bytes32";
|
|
179
|
+
}, {
|
|
180
|
+
readonly name: "brokerHash";
|
|
181
|
+
readonly type: "bytes32";
|
|
182
|
+
}, {
|
|
183
|
+
readonly name: "tokenHash";
|
|
184
|
+
readonly type: "bytes32";
|
|
185
|
+
}, {
|
|
186
|
+
readonly name: "tokenAmount";
|
|
187
|
+
readonly type: "uint128";
|
|
188
|
+
}];
|
|
189
|
+
}];
|
|
190
|
+
readonly outputs: readonly [];
|
|
191
|
+
}, {
|
|
192
|
+
readonly type: "function";
|
|
193
|
+
readonly name: "getDepositFee";
|
|
194
|
+
readonly stateMutability: "view";
|
|
195
|
+
readonly inputs: readonly [{
|
|
196
|
+
readonly name: "user";
|
|
197
|
+
readonly type: "address";
|
|
198
|
+
}, {
|
|
199
|
+
readonly name: "data";
|
|
200
|
+
readonly type: "tuple";
|
|
201
|
+
readonly components: readonly [{
|
|
202
|
+
readonly name: "accountId";
|
|
203
|
+
readonly type: "bytes32";
|
|
204
|
+
}, {
|
|
205
|
+
readonly name: "brokerHash";
|
|
206
|
+
readonly type: "bytes32";
|
|
207
|
+
}, {
|
|
208
|
+
readonly name: "tokenHash";
|
|
209
|
+
readonly type: "bytes32";
|
|
210
|
+
}, {
|
|
211
|
+
readonly name: "tokenAmount";
|
|
212
|
+
readonly type: "uint128";
|
|
213
|
+
}];
|
|
214
|
+
}];
|
|
215
|
+
readonly outputs: readonly [{
|
|
216
|
+
readonly name: "";
|
|
217
|
+
readonly type: "uint256";
|
|
218
|
+
}];
|
|
219
|
+
}, {
|
|
220
|
+
readonly type: "function";
|
|
221
|
+
readonly name: "getAllowedBroker";
|
|
222
|
+
readonly stateMutability: "view";
|
|
223
|
+
readonly inputs: readonly [{
|
|
224
|
+
readonly name: "brokerHash";
|
|
225
|
+
readonly type: "bytes32";
|
|
226
|
+
}];
|
|
227
|
+
readonly outputs: readonly [{
|
|
228
|
+
readonly name: "";
|
|
229
|
+
readonly type: "bool";
|
|
230
|
+
}];
|
|
231
|
+
}, {
|
|
232
|
+
readonly type: "function";
|
|
233
|
+
readonly name: "getAllowedToken";
|
|
234
|
+
readonly stateMutability: "view";
|
|
235
|
+
readonly inputs: readonly [{
|
|
236
|
+
readonly name: "tokenHash";
|
|
237
|
+
readonly type: "bytes32";
|
|
238
|
+
}];
|
|
239
|
+
readonly outputs: readonly [{
|
|
240
|
+
readonly name: "";
|
|
241
|
+
readonly type: "address";
|
|
242
|
+
}];
|
|
243
|
+
}];
|
|
244
|
+
/** Struct mirror of `IOrderlyVault.VaultDepositFE` for type-safe builders. */
|
|
245
|
+
interface VaultDepositFE {
|
|
246
|
+
accountId: Hex;
|
|
247
|
+
brokerHash: Hex;
|
|
248
|
+
tokenHash: Hex;
|
|
249
|
+
/** uint128 — USDC has 6 decimals. */
|
|
250
|
+
tokenAmount: bigint;
|
|
251
|
+
}
|
|
252
|
+
|
|
253
|
+
/**
|
|
254
|
+
* v1.5 — Scenario 3: deposit USDC from the user's wallet into the
|
|
255
|
+
* Orderly perp Vault on Base mainnet.
|
|
256
|
+
*
|
|
257
|
+
* Builds a `PartialUserOperation` packaging the 2 inner calls:
|
|
258
|
+
*
|
|
259
|
+
* 1. `USDC.approve(orderlyVault, amount)` — let the Vault pull USDC
|
|
260
|
+
* 2. `OrderlyVault.deposit{value: layerZeroFee}(VaultDepositFE)` —
|
|
261
|
+
* transfer USDC into the Vault + emit a LayerZero message that
|
|
262
|
+
* credits the user's perp account on the Orderly chain
|
|
263
|
+
*
|
|
264
|
+
* ## ⚠️ Native ETH constraint
|
|
265
|
+
*
|
|
266
|
+
* Coinbase Paymaster sponsors GAS, **not `msg.value`**. The LayerZero
|
|
267
|
+
* cross-chain fee MUST come from the user's own native ETH balance on
|
|
268
|
+
* Base — even when the rest of the UserOp is sponsored.
|
|
269
|
+
*
|
|
270
|
+
* Quote the fee BEFORE calling this builder via:
|
|
271
|
+
*
|
|
272
|
+
* const fee = await client.readContract({
|
|
273
|
+
* address: orderlyVault,
|
|
274
|
+
* abi: ORDERLY_VAULT_ABI,
|
|
275
|
+
* functionName: 'getDepositFee',
|
|
276
|
+
* args: [user, depositData],
|
|
277
|
+
* });
|
|
278
|
+
*
|
|
279
|
+
* If `user.eth < fee`, surface this error to the FE so the user can
|
|
280
|
+
* top up before retrying — the Vault `deposit{value: 0}` call will
|
|
281
|
+
* revert otherwise.
|
|
282
|
+
*
|
|
283
|
+
* ## Why no PT/USDC fee deduction?
|
|
284
|
+
*
|
|
285
|
+
* Unlike Scenario 1/2/4 which deduct an operator fee in PT/USDC inside
|
|
286
|
+
* the batch, perp deposit doesn't append a fee transfer because:
|
|
287
|
+
*
|
|
288
|
+
* - User is paying Orderly's LayerZero fee directly via `msg.value`
|
|
289
|
+
* - There's no PAFI-specific operator cost on top — Orderly handles
|
|
290
|
+
* the off-chain accounting once the LayerZero message lands
|
|
291
|
+
*
|
|
292
|
+
* If we want to charge a PAFI service fee on top later, append a
|
|
293
|
+
* `USDC.transfer(feeRecipient, fee)` op — same pattern as the swap
|
|
294
|
+
* builder.
|
|
295
|
+
*/
|
|
296
|
+
interface BuildPerpDepositWithGasDeductionParams {
|
|
297
|
+
/** User EOA (will be `msg.sender` via EIP-7702 delegation). */
|
|
298
|
+
userAddress: Address;
|
|
299
|
+
/** ERC-4337 account nonce — fetched from EntryPoint by the caller. */
|
|
300
|
+
aaNonce: bigint;
|
|
301
|
+
/** Chain ID for Orderly Vault address resolution. */
|
|
302
|
+
chainId: number;
|
|
303
|
+
/**
|
|
304
|
+
* Override Orderly Vault address (e.g. for fork tests). Defaults to
|
|
305
|
+
* `ORDERLY_VAULT_ADDRESSES[chainId]`.
|
|
306
|
+
*/
|
|
307
|
+
vaultAddress?: Address;
|
|
308
|
+
/**
|
|
309
|
+
* USDC ERC-20 address — the actual token Orderly accepts. Caller
|
|
310
|
+
* resolves this via `vault.getAllowedToken(TOKEN_HASHES.USDC)` so we
|
|
311
|
+
* don't hardcode the wrong USDC variant (native vs bridged).
|
|
312
|
+
*/
|
|
313
|
+
usdcAddress: Address;
|
|
314
|
+
/** USDC amount to deposit (uint128, 6 decimals). */
|
|
315
|
+
amount: bigint;
|
|
316
|
+
/**
|
|
317
|
+
* Pre-built `VaultDepositFE` struct — caller computes accountId via
|
|
318
|
+
* `computeAccountId(user, brokerHash)` and supplies tokenHash.
|
|
319
|
+
*/
|
|
320
|
+
depositData: VaultDepositFE;
|
|
321
|
+
/**
|
|
322
|
+
* LayerZero fee in wei — from `vault.getDepositFee(user, data)`.
|
|
323
|
+
* Becomes the `msg.value` on the `deposit()` call. User MUST hold
|
|
324
|
+
* ≥ this much native ETH or the call reverts.
|
|
325
|
+
*/
|
|
326
|
+
layerZeroFee: bigint;
|
|
327
|
+
gasLimits?: {
|
|
328
|
+
callGasLimit?: bigint;
|
|
329
|
+
verificationGasLimit?: bigint;
|
|
330
|
+
preVerificationGas?: bigint;
|
|
331
|
+
};
|
|
332
|
+
}
|
|
333
|
+
/**
|
|
334
|
+
* Build an unsigned UserOp for Scenario 3. Returns a
|
|
335
|
+
* `PartialUserOperation` — caller attaches paymaster sponsorship for
|
|
336
|
+
* gas + the user's UserOp-hash signature, then submits to the Bundler.
|
|
337
|
+
*/
|
|
338
|
+
declare function buildPerpDepositWithGasDeduction(params: BuildPerpDepositWithGasDeductionParams): PartialUserOperation;
|
|
339
|
+
|
|
90
340
|
/**
|
|
91
341
|
* Build an ERC-20 `transfer(to, amount)` operation. Used inside a batch
|
|
92
342
|
* to move fee tokens from the user to the fee recipient atomically with
|
|
@@ -288,6 +538,202 @@ interface CheckEthAndBranchParams {
|
|
|
288
538
|
*/
|
|
289
539
|
declare function checkEthAndBranch(params: CheckEthAndBranchParams): Promise<SubmissionPath>;
|
|
290
540
|
|
|
541
|
+
/**
|
|
542
|
+
* Identifies the user-flow scenario the sponsorship covers. Used by
|
|
543
|
+
* sponsor-relayer for per-scenario rate limits + by Privy verifier
|
|
544
|
+
* to log sponsorship reason.
|
|
545
|
+
*
|
|
546
|
+
* Keep in sync with `SponsorshipScenario` in the paymaster module —
|
|
547
|
+
* SponsorAuth replaces the Coinbase paymaster flow but reuses the
|
|
548
|
+
* scenario taxonomy.
|
|
549
|
+
*/
|
|
550
|
+
type SponsorAuthScenario = "mint" | "burn" | "swap" | "perp_deposit";
|
|
551
|
+
/**
|
|
552
|
+
* Canonical SponsorAuth payload — the EIP-712 message that PAFI
|
|
553
|
+
* sponsor-relayer signs and Privy native verifies before funding gas.
|
|
554
|
+
*
|
|
555
|
+
* See `SPONSOR_AUTH_DESIGN.md` for full architecture.
|
|
556
|
+
*
|
|
557
|
+
* ## Replay protection layers
|
|
558
|
+
*
|
|
559
|
+
* - `nonce` — per-(sender, scenario), allocated by sponsor-relayer
|
|
560
|
+
* - `expiresAt` — short window (60-120s recommended)
|
|
561
|
+
* - `callDataHash` — binds payload to ONE specific UserOp callData
|
|
562
|
+
* - `sender` — binds to one EOA
|
|
563
|
+
* - `chainId` — binds to one chain
|
|
564
|
+
*
|
|
565
|
+
* Mutation of any field invalidates the signature.
|
|
566
|
+
*/
|
|
567
|
+
interface SponsorAuthPayload {
|
|
568
|
+
chainId: number;
|
|
569
|
+
sender: Address;
|
|
570
|
+
/** keccak256(userOp.callData) — caller computes from the UserOp they intend to submit. */
|
|
571
|
+
callDataHash: Hex;
|
|
572
|
+
/** Per-(sender, scenario) monotonic counter from sponsor-relayer. */
|
|
573
|
+
nonce: bigint;
|
|
574
|
+
/** Unix seconds. After this, Privy verifier rejects. */
|
|
575
|
+
expiresAt: number;
|
|
576
|
+
scenario: SponsorAuthScenario;
|
|
577
|
+
/** Issuer that originated this sponsorship request (e.g. "gg56"). */
|
|
578
|
+
issuerId: string;
|
|
579
|
+
}
|
|
580
|
+
/**
|
|
581
|
+
* Optional extension fields — keep separate so the canonical payload
|
|
582
|
+
* stays minimal. Privy verifier may or may not enforce these depending
|
|
583
|
+
* on dashboard config.
|
|
584
|
+
*/
|
|
585
|
+
interface SponsorAuthPayloadExtended extends SponsorAuthPayload {
|
|
586
|
+
/** Max gas (units) sponsor-relayer pre-approved. */
|
|
587
|
+
maxGasLimit?: bigint;
|
|
588
|
+
/** Max gas price (wei) sponsor-relayer pre-approved. */
|
|
589
|
+
maxGasPrice?: bigint;
|
|
590
|
+
/** Audit metadata — surfaced in logs only, not used for verification. */
|
|
591
|
+
intent?: {
|
|
592
|
+
amount?: string;
|
|
593
|
+
pointToken?: Address;
|
|
594
|
+
targetContract?: Address;
|
|
595
|
+
};
|
|
596
|
+
}
|
|
597
|
+
/**
|
|
598
|
+
* EIP-712 domain for SponsorAuth signatures.
|
|
599
|
+
*
|
|
600
|
+
* `verifyingContract` is `0x0` because verification is OFF-CHAIN
|
|
601
|
+
* (Privy native verifier reads sig + payload, recovers signer,
|
|
602
|
+
* compares with PAFI public key registered in Privy dashboard).
|
|
603
|
+
* The domain is still EIP-712 to leverage existing tooling.
|
|
604
|
+
*/
|
|
605
|
+
declare const SPONSOR_AUTH_DOMAIN_NAME: "PAFI SponsorAuth";
|
|
606
|
+
declare const SPONSOR_AUTH_DOMAIN_VERSION: "1";
|
|
607
|
+
/** EIP-712 typed-data shape — matches `SponsorAuthPayload` field order. */
|
|
608
|
+
declare const SPONSOR_AUTH_TYPES: {
|
|
609
|
+
readonly SponsorAuth: readonly [{
|
|
610
|
+
readonly name: "chainId";
|
|
611
|
+
readonly type: "uint256";
|
|
612
|
+
}, {
|
|
613
|
+
readonly name: "sender";
|
|
614
|
+
readonly type: "address";
|
|
615
|
+
}, {
|
|
616
|
+
readonly name: "callDataHash";
|
|
617
|
+
readonly type: "bytes32";
|
|
618
|
+
}, {
|
|
619
|
+
readonly name: "nonce";
|
|
620
|
+
readonly type: "uint256";
|
|
621
|
+
}, {
|
|
622
|
+
readonly name: "expiresAt";
|
|
623
|
+
readonly type: "uint256";
|
|
624
|
+
}, {
|
|
625
|
+
readonly name: "scenario";
|
|
626
|
+
readonly type: "string";
|
|
627
|
+
}, {
|
|
628
|
+
readonly name: "issuerId";
|
|
629
|
+
readonly type: "string";
|
|
630
|
+
}];
|
|
631
|
+
};
|
|
632
|
+
/**
|
|
633
|
+
* Build the EIP-712 domain object Privy verifier expects. Same
|
|
634
|
+
* `chainId` as the SponsorAuth payload.
|
|
635
|
+
*/
|
|
636
|
+
declare function buildSponsorAuthDomain(chainId: number): {
|
|
637
|
+
readonly name: "PAFI SponsorAuth";
|
|
638
|
+
readonly version: "1";
|
|
639
|
+
readonly chainId: number;
|
|
640
|
+
readonly verifyingContract: Address;
|
|
641
|
+
};
|
|
642
|
+
|
|
643
|
+
/**
|
|
644
|
+
* Build the EIP-712 typed data object for a SponsorAuth payload.
|
|
645
|
+
* Returned shape is compatible with `walletClient.signTypedData()`,
|
|
646
|
+
* `viem.recoverTypedDataAddress()`, and any other EIP-712 tooling.
|
|
647
|
+
*
|
|
648
|
+
* Use this when you need the full typed-data object (e.g. to display
|
|
649
|
+
* to a hardware-wallet user, or to feed into an off-chain audit log).
|
|
650
|
+
* Most callers only need `signSponsorAuth` / `verifySponsorAuth` below.
|
|
651
|
+
*/
|
|
652
|
+
declare function buildSponsorAuthTypedData(payload: SponsorAuthPayload): {
|
|
653
|
+
domain: {
|
|
654
|
+
readonly name: "PAFI SponsorAuth";
|
|
655
|
+
readonly version: "1";
|
|
656
|
+
readonly chainId: number;
|
|
657
|
+
readonly verifyingContract: Address;
|
|
658
|
+
};
|
|
659
|
+
types: {
|
|
660
|
+
readonly SponsorAuth: readonly [{
|
|
661
|
+
readonly name: "chainId";
|
|
662
|
+
readonly type: "uint256";
|
|
663
|
+
}, {
|
|
664
|
+
readonly name: "sender";
|
|
665
|
+
readonly type: "address";
|
|
666
|
+
}, {
|
|
667
|
+
readonly name: "callDataHash";
|
|
668
|
+
readonly type: "bytes32";
|
|
669
|
+
}, {
|
|
670
|
+
readonly name: "nonce";
|
|
671
|
+
readonly type: "uint256";
|
|
672
|
+
}, {
|
|
673
|
+
readonly name: "expiresAt";
|
|
674
|
+
readonly type: "uint256";
|
|
675
|
+
}, {
|
|
676
|
+
readonly name: "scenario";
|
|
677
|
+
readonly type: "string";
|
|
678
|
+
}, {
|
|
679
|
+
readonly name: "issuerId";
|
|
680
|
+
readonly type: "string";
|
|
681
|
+
}];
|
|
682
|
+
};
|
|
683
|
+
primaryType: "SponsorAuth";
|
|
684
|
+
message: {
|
|
685
|
+
chainId: bigint;
|
|
686
|
+
sender: `0x${string}`;
|
|
687
|
+
callDataHash: `0x${string}`;
|
|
688
|
+
nonce: bigint;
|
|
689
|
+
expiresAt: bigint;
|
|
690
|
+
scenario: SponsorAuthScenario;
|
|
691
|
+
issuerId: string;
|
|
692
|
+
};
|
|
693
|
+
};
|
|
694
|
+
/**
|
|
695
|
+
* Sign a SponsorAuth payload using a viem `WalletClient`. Production
|
|
696
|
+
* sponsor-relayer should use a KMS-backed signer instead — this helper
|
|
697
|
+
* is for tests + local dev where you hold a raw private key.
|
|
698
|
+
*
|
|
699
|
+
* Returns the **serialized 65-byte signature** ready to put into
|
|
700
|
+
* `SponsorAuthResponse.sponsorAuth`.
|
|
701
|
+
*/
|
|
702
|
+
declare function signSponsorAuth(walletClient: WalletClient, payload: SponsorAuthPayload): Promise<Hex>;
|
|
703
|
+
/**
|
|
704
|
+
* Verify a SponsorAuth signature offline. Use to:
|
|
705
|
+
*
|
|
706
|
+
* - Smoke-test that sponsor-relayer's output is well-formed (FE)
|
|
707
|
+
* - Unit tests in SDK
|
|
708
|
+
* - Defense-in-depth check before submitting to Privy
|
|
709
|
+
*
|
|
710
|
+
* Privy verifier does the same check on their side — this is NOT a
|
|
711
|
+
* substitute for Privy verification. It exists so consumers can fail
|
|
712
|
+
* fast on a mangled sig before round-tripping through Privy.
|
|
713
|
+
*
|
|
714
|
+
* @param payload The exact payload PAFI BE returned
|
|
715
|
+
* @param signature The serialized signature (sponsorAuth field)
|
|
716
|
+
* @param expectedSigner PAFI's SponsorAuth signing-key address
|
|
717
|
+
* (registered in Privy dashboard)
|
|
718
|
+
*
|
|
719
|
+
* @returns `true` if signature recovers to `expectedSigner`,
|
|
720
|
+
* and the payload hasn't expired (`expiresAt > now`).
|
|
721
|
+
* Returns `false` on any failure — does NOT throw.
|
|
722
|
+
*/
|
|
723
|
+
declare function verifySponsorAuth(payload: SponsorAuthPayload, signature: Hex, expectedSigner: Address): Promise<{
|
|
724
|
+
ok: boolean;
|
|
725
|
+
reason?: "INVALID_SIGNER" | "EXPIRED" | "INVALID_SIGNATURE_FORMAT";
|
|
726
|
+
recoveredAddress?: Address;
|
|
727
|
+
}>;
|
|
728
|
+
/**
|
|
729
|
+
* Helper — compute `callDataHash` from a UserOperation's `callData`.
|
|
730
|
+
* Same hash function (`keccak256`) Privy verifier uses.
|
|
731
|
+
*
|
|
732
|
+
* Bind this hash into the SponsorAuth payload BEFORE signing, so the
|
|
733
|
+
* sig is invalid for any other UserOp.
|
|
734
|
+
*/
|
|
735
|
+
declare function computeCallDataHash(callData: Hex): Hex;
|
|
736
|
+
|
|
291
737
|
/**
|
|
292
738
|
* Real `PointToken` ABI — matches the contract deployed on Base mainnet
|
|
293
739
|
* (POINT at `0x7d25E7156E51F865D522fd3ef257a6B5DD41b97e`). Sourced from
|
|
@@ -1043,4 +1489,4 @@ declare class PafiSDK {
|
|
|
1043
1489
|
signLoginMessage(message: string): Promise<Hex>;
|
|
1044
1490
|
}
|
|
1045
1491
|
|
|
1046
|
-
export { ApiError, BATCH_EXECUTOR_ABI, BATCH_EXECUTOR_ADDRESS_BASE_MAINNET, BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA, BestQuote, type BuildPartialUserOpParams, COMMON_POOLS, COMMON_TOKENS, CONTRACT_ADDRESSES, ChainConfig, type CheckEthAndBranchParams, ConfigurationError, type ContractAddresses, EIP712Signature, LoginMessageParams, MintRequest, type ModalOpenOptions, Operation, POINT_TOKEN_FACTORY_ADDRESSES, POINT_TOKEN_IMPL_ADDRESSES, POINT_TOKEN_POOLS, POINT_TOKEN_ABI as POINT_TOKEN_V2_ABI, PafiSDK, PafiSDKConfig, PafiSDKError, type PafiWebModalAdapter, type PafiWebModalHandle, PartialUserOperation, type PaymasterConfig, PointTokenDomainConfig, PoolKey, QuoteResult, ReceiverConsent, SUPPORTED_CHAINS, type SignatureStruct, SignatureVerification, SigningError, SimulationError, type SponsorshipScenario, type SubmissionPath, SwapSimulationResult, UNIVERSAL_ROUTER_ADDRESSES, UserOperation, V4_QUOTER_ADDRESSES, _resetPaymasterConfigForTests, assembleUserOperation, buildPartialUserOperation, burnRequestTypes, checkEthAndBranch, encodeBatchExecute, erc20ApproveOp, erc20BurnOp, erc20TransferOp, getContractAddresses, getPafiWebModalAdapter, getPaymasterConfig, isPaymasterConfigured, mintRequestTypes, openPafiWebModal, openWebPopup, rawCallOp, receiverConsentTypes, setPafiWebModalAdapter, setPaymasterConfig, webPopupAdapter };
|
|
1492
|
+
export { ApiError, BATCH_EXECUTOR_ABI, BATCH_EXECUTOR_ADDRESS_BASE_MAINNET, BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA, BROKER_HASHES, BestQuote, type BuildPartialUserOpParams, type BuildPerpDepositWithGasDeductionParams, COMMON_POOLS, COMMON_TOKENS, CONTRACT_ADDRESSES, ChainConfig, type CheckEthAndBranchParams, ConfigurationError, type ContractAddresses, EIP712Signature, LoginMessageParams, MintRequest, type ModalOpenOptions, ORDERLY_VAULT_ABI, ORDERLY_VAULT_ADDRESSES, ORDERLY_VAULT_BASE_MAINNET, Operation, POINT_TOKEN_FACTORY_ADDRESSES, POINT_TOKEN_IMPL_ADDRESSES, POINT_TOKEN_POOLS, POINT_TOKEN_ABI as POINT_TOKEN_V2_ABI, PafiSDK, PafiSDKConfig, PafiSDKError, type PafiWebModalAdapter, type PafiWebModalHandle, PartialUserOperation, type PaymasterConfig, PointTokenDomainConfig, PoolKey, QuoteResult, ReceiverConsent, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_DOMAIN_VERSION, SPONSOR_AUTH_TYPES, SUPPORTED_CHAINS, type SignatureStruct, SignatureVerification, SigningError, SimulationError, type SponsorAuthPayload, type SponsorAuthPayloadExtended, type SponsorAuthScenario, type SponsorshipScenario, type SubmissionPath, SwapSimulationResult, TOKEN_HASHES, UNIVERSAL_ROUTER_ADDRESSES, UserOperation, V4_QUOTER_ADDRESSES, type VaultDepositFE, _resetPaymasterConfigForTests, assembleUserOperation, buildPartialUserOperation, buildPerpDepositWithGasDeduction, buildSponsorAuthDomain, buildSponsorAuthTypedData, burnRequestTypes, checkEthAndBranch, computeAccountId, computeCallDataHash, encodeBatchExecute, erc20ApproveOp, erc20BurnOp, erc20TransferOp, getContractAddresses, getPafiWebModalAdapter, getPaymasterConfig, isPaymasterConfigured, mintRequestTypes, openPafiWebModal, openWebPopup, rawCallOp, receiverConsentTypes, setPafiWebModalAdapter, setPaymasterConfig, signSponsorAuth, verifySponsorAuth, webPopupAdapter };
|