@pafi-dev/core 0.5.15 → 0.5.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +77 -1
- package/dist/index.cjs +22 -16
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +65 -15
- package/dist/index.d.ts +65 -15
- package/dist/index.js +21 -15
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -15,6 +15,10 @@ Core TypeScript SDK for the PAFI point token system. Covers EIP-712 signing, con
|
|
|
15
15
|
- TypeScript >= 5.0
|
|
16
16
|
- `viem` ^2.0.0 (peer dependency)
|
|
17
17
|
|
|
18
|
+
> **Latest:** `0.5.16` — ERC-4337 v0.8 hash + EIP-712 signing fixes for the
|
|
19
|
+
> EIP-7702 mobile flow. See [Changelog](#changelog) for the full breakdown
|
|
20
|
+
> of the AA24/AA23 bugs this release closes.
|
|
21
|
+
|
|
18
22
|
---
|
|
19
23
|
|
|
20
24
|
## Installation
|
|
@@ -62,11 +66,21 @@ POINT_TOKEN_FACTORY_ADDRESSES[8453] // "0x36c0BAb2faBE45EfA6d13001143e43A266Af67
|
|
|
62
66
|
Protocol constants (same on all EVM chains):
|
|
63
67
|
|
|
64
68
|
```ts
|
|
65
|
-
import {
|
|
69
|
+
import {
|
|
70
|
+
ENTRY_POINT_V07,
|
|
71
|
+
ENTRY_POINT_V08,
|
|
72
|
+
PERMIT2_ADDRESS,
|
|
73
|
+
} from "@pafi-dev/core";
|
|
66
74
|
// ENTRY_POINT_V07 "0x0000000071727De22E5E9d8BAf0edAc6f37da032"
|
|
75
|
+
// ENTRY_POINT_V08 "0x4337084d9e255ff0702461cf8895ce9e3b5ff108"
|
|
67
76
|
// PERMIT2_ADDRESS "0x000000000022D473030F116dDEE9F6B43aC78BA3"
|
|
68
77
|
```
|
|
69
78
|
|
|
79
|
+
For Pimlico's `Simple7702Account` (the EIP-7702 delegate target you get
|
|
80
|
+
when using Privy embedded wallets) you **must** use `ENTRY_POINT_V08`.
|
|
81
|
+
Mixing v0.7 with a v0.8 account reverts with `AA23 reverted account: not
|
|
82
|
+
from EntryPoint`.
|
|
83
|
+
|
|
70
84
|
---
|
|
71
85
|
|
|
72
86
|
## EIP-712 signing
|
|
@@ -255,6 +269,68 @@ const userOp = buildPerpDepositWithGasDeduction({
|
|
|
255
269
|
|
|
256
270
|
## Changelog
|
|
257
271
|
|
|
272
|
+
### 0.5.16
|
|
273
|
+
|
|
274
|
+
ERC-4337 v0.8 + EIP-7702 mobile flow correctness fixes.
|
|
275
|
+
|
|
276
|
+
**Why this release.** The mobile prepare/submit flow (issuer backend computes
|
|
277
|
+
the userOpHash, mobile client signs it, backend submits to the bundler)
|
|
278
|
+
was reverting on Pimlico with `AA24 signature error` even though the same
|
|
279
|
+
UserOp validated cleanly on the web flow via `permissionless`. Three
|
|
280
|
+
distinct bugs stacked on top of each other; this release fixes them.
|
|
281
|
+
|
|
282
|
+
**1. `computeUserOpHash` now produces the EIP-712 typed digest used by
|
|
283
|
+
EntryPoint v0.8.** Previous versions hashed via the v0.7 scheme
|
|
284
|
+
(`keccak256(packed userOp || entryPoint || chainId)`), which produces a
|
|
285
|
+
totally different hash than what Pimlico's `Simple7702Account` (impl
|
|
286
|
+
`0xe6Cae8…`, `entryPoint() = 0x4337084d…`) actually validates against.
|
|
287
|
+
Symptom: `AA24` on every mobile UserOp.
|
|
288
|
+
|
|
289
|
+
**2. `buildUserOpTypedData()` exposed for client-side signing.** The
|
|
290
|
+
deployed Pimlico `Simple7702Account` validates the user signature with
|
|
291
|
+
`SignatureCheckerLib.isValidSignatureNow(address(this), userOpHash, sig)`
|
|
292
|
+
— **no EIP-191 prefix wrapping.** That means
|
|
293
|
+
`personal_sign` / `signMessage({ raw: userOpHash })` produces a signature
|
|
294
|
+
that `ecrecover`s to the wrong address; AA24 again. The new helper returns
|
|
295
|
+
`{ domain, types, primaryType, message }` ready to pass straight into
|
|
296
|
+
`walletClient.signTypedData(...)`. Because `userOpHash` IS the EIP-712
|
|
297
|
+
digest of `PackedUserOperation`, signing the typed data yields a
|
|
298
|
+
signature that recovers the EOA from the raw userOpHash — which is what
|
|
299
|
+
the contract checks.
|
|
300
|
+
|
|
301
|
+
```ts
|
|
302
|
+
import { buildUserOpTypedData, computeUserOpHash } from "@pafi-dev/core";
|
|
303
|
+
|
|
304
|
+
// Backend (gg56-backend, claim/prepare):
|
|
305
|
+
const typedData = buildUserOpTypedData(userOpWithPaymaster, chainId);
|
|
306
|
+
const userOpHash = computeUserOpHash(userOpWithPaymaster, chainId);
|
|
307
|
+
return { lockId, userOpHash, typedData /* serialise bigints */ };
|
|
308
|
+
|
|
309
|
+
// Client (Privy embedded wallet):
|
|
310
|
+
const signature = await walletClient.signTypedData({
|
|
311
|
+
domain: typedData.domain,
|
|
312
|
+
types: typedData.types,
|
|
313
|
+
primaryType: typedData.primaryType,
|
|
314
|
+
message: typedData.message,
|
|
315
|
+
});
|
|
316
|
+
// Submit { lockId, signature } to /claim/submit. AA24 stays away.
|
|
317
|
+
```
|
|
318
|
+
|
|
319
|
+
**Do NOT use `signMessage({ raw })` or `personal_sign` to sign a v0.8
|
|
320
|
+
userOpHash for `Simple7702Account`** — that path is a foot-gun the SDK
|
|
321
|
+
intentionally no longer offers a helper for.
|
|
322
|
+
|
|
323
|
+
**3. `ENTRY_POINT_V08` constant added.** v0.7 EntryPoint
|
|
324
|
+
(`0x0000000071727De22E5E9d8BAf0edAc6f37da032`) is incompatible with
|
|
325
|
+
v0.8 accounts — calling `pm_sponsorUserOperation` with v0.7 reverts
|
|
326
|
+
inside `_validateUserOp` with `"AA23 reverted account: not from
|
|
327
|
+
EntryPoint"` because `msg.sender (v0.7 EP) ≠ account.entryPoint() (v0.8 EP)`.
|
|
328
|
+
|
|
329
|
+
```ts
|
|
330
|
+
import { ENTRY_POINT_V08 } from "@pafi-dev/core";
|
|
331
|
+
// 0x4337084d9e255ff0702461cf8895ce9e3b5ff108
|
|
332
|
+
```
|
|
333
|
+
|
|
258
334
|
### 0.4.0
|
|
259
335
|
- `sponsorAuth` module added — `signSponsorAuth`, `verifySponsorAuth`, `computeCallDataHash`
|
|
260
336
|
- `PERMIT2_ADDRESS` and `ENTRY_POINT_V07` centralised in `constants.ts`
|
package/dist/index.cjs
CHANGED
|
@@ -385,7 +385,19 @@ function serializeUserOpToJsonRpc(userOp, signature) {
|
|
|
385
385
|
|
|
386
386
|
|
|
387
387
|
|
|
388
|
-
|
|
388
|
+
var PACKED_USER_OPERATION_TYPES = {
|
|
389
|
+
PackedUserOperation: [
|
|
390
|
+
{ name: "sender", type: "address" },
|
|
391
|
+
{ name: "nonce", type: "uint256" },
|
|
392
|
+
{ name: "initCode", type: "bytes" },
|
|
393
|
+
{ name: "callData", type: "bytes" },
|
|
394
|
+
{ name: "accountGasLimits", type: "bytes32" },
|
|
395
|
+
{ name: "preVerificationGas", type: "uint256" },
|
|
396
|
+
{ name: "gasFees", type: "bytes32" },
|
|
397
|
+
{ name: "paymasterAndData", type: "bytes" }
|
|
398
|
+
]
|
|
399
|
+
};
|
|
400
|
+
function buildUserOpTypedData(userOp, chainId) {
|
|
389
401
|
const accountGasLimits = pack128(
|
|
390
402
|
userOp.verificationGasLimit,
|
|
391
403
|
userOp.callGasLimit
|
|
@@ -397,25 +409,14 @@ function computeUserOpHash(userOp, chainId) {
|
|
|
397
409
|
_viem.pad.call(void 0, _viem.toHex.call(void 0, _nullishCoalesce(userOp.paymasterPostOpGasLimit, () => ( 0n))), { size: 16 }),
|
|
398
410
|
_nullishCoalesce(userOp.paymasterData, () => ( "0x"))
|
|
399
411
|
]) : "0x";
|
|
400
|
-
return
|
|
412
|
+
return {
|
|
401
413
|
domain: {
|
|
402
414
|
name: "ERC4337",
|
|
403
415
|
version: "1",
|
|
404
416
|
chainId,
|
|
405
417
|
verifyingContract: _chunkX2JZFK4Ccjs.ENTRY_POINT_V08
|
|
406
418
|
},
|
|
407
|
-
types:
|
|
408
|
-
PackedUserOperation: [
|
|
409
|
-
{ name: "sender", type: "address" },
|
|
410
|
-
{ name: "nonce", type: "uint256" },
|
|
411
|
-
{ name: "initCode", type: "bytes" },
|
|
412
|
-
{ name: "callData", type: "bytes" },
|
|
413
|
-
{ name: "accountGasLimits", type: "bytes32" },
|
|
414
|
-
{ name: "preVerificationGas", type: "uint256" },
|
|
415
|
-
{ name: "gasFees", type: "bytes32" },
|
|
416
|
-
{ name: "paymasterAndData", type: "bytes" }
|
|
417
|
-
]
|
|
418
|
-
},
|
|
419
|
+
types: PACKED_USER_OPERATION_TYPES,
|
|
419
420
|
primaryType: "PackedUserOperation",
|
|
420
421
|
message: {
|
|
421
422
|
sender: userOp.sender,
|
|
@@ -427,7 +428,11 @@ function computeUserOpHash(userOp, chainId) {
|
|
|
427
428
|
gasFees,
|
|
428
429
|
paymasterAndData
|
|
429
430
|
}
|
|
430
|
-
}
|
|
431
|
+
};
|
|
432
|
+
}
|
|
433
|
+
function computeUserOpHash(userOp, chainId) {
|
|
434
|
+
const td = buildUserOpTypedData(userOp, chainId);
|
|
435
|
+
return _viem.hashTypedData.call(void 0, td);
|
|
431
436
|
}
|
|
432
437
|
function pack128(hi, lo) {
|
|
433
438
|
return `0x${(hi << 128n | lo).toString(16).padStart(64, "0")}`;
|
|
@@ -1217,5 +1222,6 @@ var PafiSDK = class {
|
|
|
1217
1222
|
|
|
1218
1223
|
|
|
1219
1224
|
|
|
1220
|
-
|
|
1225
|
+
|
|
1226
|
+
exports.ApiError = _chunkJJ2LGENOcjs.ApiError; exports.BATCH_EXECUTOR_7702_IMPL = BATCH_EXECUTOR_7702_IMPL; exports.BATCH_EXECUTOR_ABI = _chunkJJ2LGENOcjs.BATCH_EXECUTOR_ABI; exports.BATCH_EXECUTOR_ADDRESS_BASE_MAINNET = BATCH_EXECUTOR_ADDRESS_BASE_MAINNET; exports.BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA = BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA; exports.BROKER_HASHES = BROKER_HASHES; exports.COMMON_POOLS = _chunkX2JZFK4Ccjs.COMMON_POOLS; exports.COMMON_TOKENS = _chunkX2JZFK4Ccjs.COMMON_TOKENS; exports.CONTRACT_ADDRESSES = CONTRACT_ADDRESSES; exports.ConfigurationError = _chunkJJ2LGENOcjs.ConfigurationError; exports.DUMMY_SIGNATURE_V07 = DUMMY_SIGNATURE_V07; exports.ENTRY_POINT_V07 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V07; exports.ENTRY_POINT_V08 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V08; exports.ORDERLY_RELAY_ABI = ORDERLY_RELAY_ABI; exports.ORDERLY_VAULT_ABI = ORDERLY_VAULT_ABI; exports.ORDERLY_VAULT_ADDRESSES = ORDERLY_VAULT_ADDRESSES; exports.ORDERLY_VAULT_BASE_MAINNET = ORDERLY_VAULT_BASE_MAINNET; exports.PAFI_SUBGRAPH_URL = PAFI_SUBGRAPH_URL; exports.PERMIT2_ADDRESS = _chunkX2JZFK4Ccjs.PERMIT2_ADDRESS; exports.POINT_TOKEN_FACTORY_ADDRESSES = POINT_TOKEN_FACTORY_ADDRESSES; exports.POINT_TOKEN_IMPL_ADDRESSES = POINT_TOKEN_IMPL_ADDRESSES; exports.POINT_TOKEN_POOLS = _chunkX2JZFK4Ccjs.POINT_TOKEN_POOLS; exports.POINT_TOKEN_V2_ABI = _chunkLRHY7GORcjs.pointTokenAbi; exports.PafiSDK = PafiSDK; exports.PafiSDKError = _chunkJJ2LGENOcjs.PafiSDKError; exports.SETTLE_ALL = _chunkJJ2LGENOcjs.SETTLE_ALL; exports.SIMPLE_7702_IMPL_BASE_MAINNET = SIMPLE_7702_IMPL_BASE_MAINNET; exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkFNJZUNK3cjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkFNJZUNK3cjs.SPONSOR_AUTH_TYPES; exports.SUPPORTED_CHAINS = _chunkX2JZFK4Ccjs.SUPPORTED_CHAINS; exports.SWAP_EXACT_IN = _chunkJJ2LGENOcjs.SWAP_EXACT_IN; exports.SigningError = _chunkJJ2LGENOcjs.SigningError; exports.SimulationError = _chunkJJ2LGENOcjs.SimulationError; exports.TAKE_ALL = _chunkJJ2LGENOcjs.TAKE_ALL; exports.TOKEN_HASHES = TOKEN_HASHES; exports.UNIVERSAL_ROUTER_ADDRESSES = _chunkX2JZFK4Ccjs.UNIVERSAL_ROUTER_ADDRESSES; exports.V4_QUOTER_ADDRESSES = _chunkX2JZFK4Ccjs.V4_QUOTER_ADDRESSES; exports.V4_SWAP = _chunkJJ2LGENOcjs.V4_SWAP; exports.ZERO_VALUE = ZERO_VALUE; exports._resetPaymasterConfigForTests = _resetPaymasterConfigForTests; exports.assembleUserOperation = _chunkJJ2LGENOcjs.assembleUserOperation; exports.buildAllPaths = _chunkL5UHQQVCcjs.buildAllPaths; exports.buildBurnRequestTypedData = _chunkDX73FB4Pcjs.buildBurnRequestTypedData; exports.buildDelegationUserOp = buildDelegationUserOp; exports.buildDomain = _chunkDX73FB4Pcjs.buildDomain; exports.buildErc20ApprovalCalldata = _chunkJJ2LGENOcjs.buildErc20ApprovalCalldata; exports.buildMintRequestTypedData = _chunkDX73FB4Pcjs.buildMintRequestTypedData; exports.buildPartialUserOperation = _chunkJJ2LGENOcjs.buildPartialUserOperation; exports.buildPermit2ApprovalCalldata = _chunkJJ2LGENOcjs.buildPermit2ApprovalCalldata; exports.buildPerpDepositViaRelay = buildPerpDepositViaRelay; exports.buildPerpDepositWithGasDeduction = buildPerpDepositWithGasDeduction; exports.buildReceiverConsentTypedData = _chunkDX73FB4Pcjs.buildReceiverConsentTypedData; exports.buildSponsorAuthDomain = _chunkFNJZUNK3cjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkFNJZUNK3cjs.buildSponsorAuthTypedData; exports.buildSwapFromQuote = _chunkJJ2LGENOcjs.buildSwapFromQuote; exports.buildSwapWithGasDeduction = _chunkJJ2LGENOcjs.buildSwapWithGasDeduction; exports.buildUniversalRouterExecuteArgs = _chunkJJ2LGENOcjs.buildUniversalRouterExecuteArgs; exports.buildUserOpTypedData = buildUserOpTypedData; exports.buildV4SwapInput = _chunkJJ2LGENOcjs.buildV4SwapInput; exports.burnRequestTypes = _chunkX2JZFK4Ccjs.burnRequestTypes; exports.checkAllowance = _chunkJJ2LGENOcjs.checkAllowance; exports.checkDelegation = checkDelegation; exports.checkEthAndBranch = checkEthAndBranch; exports.combineRoutes = _chunkL5UHQQVCcjs.combineRoutes; exports.computeAccountId = computeAccountId; exports.computeAuthorizationHash = computeAuthorizationHash; exports.computeCallDataHash = _chunkFNJZUNK3cjs.computeCallDataHash; exports.computeUserOpHash = computeUserOpHash; exports.createLoginMessage = _chunkFNJZUNK3cjs.createLoginMessage; exports.createPafiProxyTransport = createPafiProxyTransport; exports.decodeBatchExecuteCalls = _chunkJJ2LGENOcjs.decodeBatchExecuteCalls; exports.detectDelegateImpl = detectDelegateImpl; exports.encodeBatchExecute = _chunkJJ2LGENOcjs.encodeBatchExecute; exports.erc20Abi = _chunkIPXARZ6Fcjs.erc20Abi; exports.erc20ApproveOp = _chunkJJ2LGENOcjs.erc20ApproveOp; exports.erc20BurnOp = _chunkJJ2LGENOcjs.erc20BurnOp; exports.erc20TransferOp = _chunkJJ2LGENOcjs.erc20TransferOp; exports.fetchPafiPools = fetchPafiPools; exports.findBestQuote = _chunkL5UHQQVCcjs.findBestQuote; exports.getAaNonce = getAaNonce; exports.getBurnRequestNonce = _chunkCLPRSQT2cjs.getBurnRequestNonce; exports.getContractAddresses = getContractAddresses; exports.getDummySignatureFor7702 = getDummySignatureFor7702; exports.getIssuer = _chunkCLPRSQT2cjs.getIssuer2; exports.getMintRequestNonce = _chunkCLPRSQT2cjs.getMintRequestNonce; exports.getPafiWebModalAdapter = getPafiWebModalAdapter; exports.getPaymasterConfig = getPaymasterConfig; exports.getPointTokenBalance = _chunkCLPRSQT2cjs.getPointTokenBalance; exports.getPointTokenIssuer = _chunkCLPRSQT2cjs.getPointTokenIssuer; exports.getPointTokenIssuerAddress = _chunkCLPRSQT2cjs.getIssuer; exports.getReceiverConsentNonce = _chunkCLPRSQT2cjs.getReceiverConsentNonce; exports.getTokenName = _chunkCLPRSQT2cjs.getTokenName; exports.isActiveIssuer = _chunkCLPRSQT2cjs.isActiveIssuer; exports.isDelegatedTo = isDelegatedTo; exports.isDelegatedToTarget = isDelegatedToTarget; exports.isMinter = _chunkCLPRSQT2cjs.isMinter; exports.isPaymasterConfigured = isPaymasterConfigured; exports.isPaymasterError = isPaymasterError; exports.issuerRegistryAbi = _chunkLRHY7GORcjs.issuerRegistryAbi; exports.issuerRegistryGetIssuerFlatAbi = _chunkCLPRSQT2cjs.issuerRegistryGetIssuerFlatAbi; exports.mintRequestTypes = _chunkX2JZFK4Ccjs.mintRequestTypes; exports.mintingOracleAbi = _chunkLRHY7GORcjs.mintingOracleAbi; exports.openPafiWebModal = openPafiWebModal; exports.openWebPopup = openWebPopup; exports.parseEip7702DelegatedAddress = parseEip7702DelegatedAddress; exports.parseLoginMessage = _chunkFNJZUNK3cjs.parseLoginMessage; exports.permit2Abi = _chunkIPXARZ6Fcjs.permit2Abi; exports.pointTokenAbi = _chunkLRHY7GORcjs.pointTokenAbi; exports.pointTokenFactoryAbi = _chunkR6OFGVMPcjs.pointTokenFactoryAbi; exports.quoteBestRoute = _chunkL5UHQQVCcjs.quoteBestRoute; exports.quoteExactInput = _chunkL5UHQQVCcjs.quoteExactInput; exports.quoteExactInputSingle = _chunkL5UHQQVCcjs.quoteExactInputSingle; exports.rawCallOp = _chunkJJ2LGENOcjs.rawCallOp; exports.receiverConsentTypes = _chunkX2JZFK4Ccjs.receiverConsentTypes; exports.sendWithPaymasterFallback = sendWithPaymasterFallback; exports.serializeUserOpToJsonRpc = serializeUserOpToJsonRpc; exports.setPafiWebModalAdapter = setPafiWebModalAdapter; exports.setPaymasterConfig = setPaymasterConfig; exports.signBurnRequest = _chunkDX73FB4Pcjs.signBurnRequest; exports.signMintRequest = _chunkDX73FB4Pcjs.signMintRequest; exports.signReceiverConsent = _chunkDX73FB4Pcjs.signReceiverConsent; exports.signSponsorAuth = _chunkFNJZUNK3cjs.signSponsorAuth; exports.simulateSwap = _chunkJJ2LGENOcjs.simulateSwap; exports.universalRouterAbi = _chunkIPXARZ6Fcjs.universalRouterAbi; exports.v4QuoterAbi = _chunkCL3QSI4Ocjs.v4QuoterAbi; exports.verifyBurnRequest = _chunkDX73FB4Pcjs.verifyBurnRequest; exports.verifyLoginMessage = _chunkFNJZUNK3cjs.verifyLoginMessage; exports.verifyMintCap = _chunkCLPRSQT2cjs.verifyMintCap; exports.verifyMintRequest = _chunkDX73FB4Pcjs.verifyMintRequest; exports.verifyReceiverConsent = _chunkDX73FB4Pcjs.verifyReceiverConsent; exports.verifySponsorAuth = _chunkFNJZUNK3cjs.verifySponsorAuth; exports.webPopupAdapter = webPopupAdapter;
|
|
1221
1227
|
//# sourceMappingURL=index.cjs.map
|