@pafi-dev/core 0.5.16 → 0.5.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +77 -1
- package/package.json +12 -12
package/README.md
CHANGED
|
@@ -15,6 +15,10 @@ Core TypeScript SDK for the PAFI point token system. Covers EIP-712 signing, con
|
|
|
15
15
|
- TypeScript >= 5.0
|
|
16
16
|
- `viem` ^2.0.0 (peer dependency)
|
|
17
17
|
|
|
18
|
+
> **Latest:** `0.5.16` — ERC-4337 v0.8 hash + EIP-712 signing fixes for the
|
|
19
|
+
> EIP-7702 mobile flow. See [Changelog](#changelog) for the full breakdown
|
|
20
|
+
> of the AA24/AA23 bugs this release closes.
|
|
21
|
+
|
|
18
22
|
---
|
|
19
23
|
|
|
20
24
|
## Installation
|
|
@@ -62,11 +66,21 @@ POINT_TOKEN_FACTORY_ADDRESSES[8453] // "0x36c0BAb2faBE45EfA6d13001143e43A266Af67
|
|
|
62
66
|
Protocol constants (same on all EVM chains):
|
|
63
67
|
|
|
64
68
|
```ts
|
|
65
|
-
import {
|
|
69
|
+
import {
|
|
70
|
+
ENTRY_POINT_V07,
|
|
71
|
+
ENTRY_POINT_V08,
|
|
72
|
+
PERMIT2_ADDRESS,
|
|
73
|
+
} from "@pafi-dev/core";
|
|
66
74
|
// ENTRY_POINT_V07 "0x0000000071727De22E5E9d8BAf0edAc6f37da032"
|
|
75
|
+
// ENTRY_POINT_V08 "0x4337084d9e255ff0702461cf8895ce9e3b5ff108"
|
|
67
76
|
// PERMIT2_ADDRESS "0x000000000022D473030F116dDEE9F6B43aC78BA3"
|
|
68
77
|
```
|
|
69
78
|
|
|
79
|
+
For Pimlico's `Simple7702Account` (the EIP-7702 delegate target you get
|
|
80
|
+
when using Privy embedded wallets) you **must** use `ENTRY_POINT_V08`.
|
|
81
|
+
Mixing v0.7 with a v0.8 account reverts with `AA23 reverted account: not
|
|
82
|
+
from EntryPoint`.
|
|
83
|
+
|
|
70
84
|
---
|
|
71
85
|
|
|
72
86
|
## EIP-712 signing
|
|
@@ -255,6 +269,68 @@ const userOp = buildPerpDepositWithGasDeduction({
|
|
|
255
269
|
|
|
256
270
|
## Changelog
|
|
257
271
|
|
|
272
|
+
### 0.5.16
|
|
273
|
+
|
|
274
|
+
ERC-4337 v0.8 + EIP-7702 mobile flow correctness fixes.
|
|
275
|
+
|
|
276
|
+
**Why this release.** The mobile prepare/submit flow (issuer backend computes
|
|
277
|
+
the userOpHash, mobile client signs it, backend submits to the bundler)
|
|
278
|
+
was reverting on Pimlico with `AA24 signature error` even though the same
|
|
279
|
+
UserOp validated cleanly on the web flow via `permissionless`. Three
|
|
280
|
+
distinct bugs stacked on top of each other; this release fixes them.
|
|
281
|
+
|
|
282
|
+
**1. `computeUserOpHash` now produces the EIP-712 typed digest used by
|
|
283
|
+
EntryPoint v0.8.** Previous versions hashed via the v0.7 scheme
|
|
284
|
+
(`keccak256(packed userOp || entryPoint || chainId)`), which produces a
|
|
285
|
+
totally different hash than what Pimlico's `Simple7702Account` (impl
|
|
286
|
+
`0xe6Cae8…`, `entryPoint() = 0x4337084d…`) actually validates against.
|
|
287
|
+
Symptom: `AA24` on every mobile UserOp.
|
|
288
|
+
|
|
289
|
+
**2. `buildUserOpTypedData()` exposed for client-side signing.** The
|
|
290
|
+
deployed Pimlico `Simple7702Account` validates the user signature with
|
|
291
|
+
`SignatureCheckerLib.isValidSignatureNow(address(this), userOpHash, sig)`
|
|
292
|
+
— **no EIP-191 prefix wrapping.** That means
|
|
293
|
+
`personal_sign` / `signMessage({ raw: userOpHash })` produces a signature
|
|
294
|
+
that `ecrecover`s to the wrong address; AA24 again. The new helper returns
|
|
295
|
+
`{ domain, types, primaryType, message }` ready to pass straight into
|
|
296
|
+
`walletClient.signTypedData(...)`. Because `userOpHash` IS the EIP-712
|
|
297
|
+
digest of `PackedUserOperation`, signing the typed data yields a
|
|
298
|
+
signature that recovers the EOA from the raw userOpHash — which is what
|
|
299
|
+
the contract checks.
|
|
300
|
+
|
|
301
|
+
```ts
|
|
302
|
+
import { buildUserOpTypedData, computeUserOpHash } from "@pafi-dev/core";
|
|
303
|
+
|
|
304
|
+
// Backend (gg56-backend, claim/prepare):
|
|
305
|
+
const typedData = buildUserOpTypedData(userOpWithPaymaster, chainId);
|
|
306
|
+
const userOpHash = computeUserOpHash(userOpWithPaymaster, chainId);
|
|
307
|
+
return { lockId, userOpHash, typedData /* serialise bigints */ };
|
|
308
|
+
|
|
309
|
+
// Client (Privy embedded wallet):
|
|
310
|
+
const signature = await walletClient.signTypedData({
|
|
311
|
+
domain: typedData.domain,
|
|
312
|
+
types: typedData.types,
|
|
313
|
+
primaryType: typedData.primaryType,
|
|
314
|
+
message: typedData.message,
|
|
315
|
+
});
|
|
316
|
+
// Submit { lockId, signature } to /claim/submit. AA24 stays away.
|
|
317
|
+
```
|
|
318
|
+
|
|
319
|
+
**Do NOT use `signMessage({ raw })` or `personal_sign` to sign a v0.8
|
|
320
|
+
userOpHash for `Simple7702Account`** — that path is a foot-gun the SDK
|
|
321
|
+
intentionally no longer offers a helper for.
|
|
322
|
+
|
|
323
|
+
**3. `ENTRY_POINT_V08` constant added.** v0.7 EntryPoint
|
|
324
|
+
(`0x0000000071727De22E5E9d8BAf0edAc6f37da032`) is incompatible with
|
|
325
|
+
v0.8 accounts — calling `pm_sponsorUserOperation` with v0.7 reverts
|
|
326
|
+
inside `_validateUserOp` with `"AA23 reverted account: not from
|
|
327
|
+
EntryPoint"` because `msg.sender (v0.7 EP) ≠ account.entryPoint() (v0.8 EP)`.
|
|
328
|
+
|
|
329
|
+
```ts
|
|
330
|
+
import { ENTRY_POINT_V08 } from "@pafi-dev/core";
|
|
331
|
+
// 0x4337084d9e255ff0702461cf8895ce9e3b5ff108
|
|
332
|
+
```
|
|
333
|
+
|
|
258
334
|
### 0.4.0
|
|
259
335
|
- `sponsorAuth` module added — `signSponsorAuth`, `verifySponsorAuth`, `computeCallDataHash`
|
|
260
336
|
- `PERMIT2_ADDRESS` and `ENTRY_POINT_V07` centralised in `constants.ts`
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pafi-dev/core",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.17",
|
|
4
4
|
"description": "EIP-712 signing, contract interaction, and Relay calldata for the PAFI point token system",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.cjs",
|
|
@@ -91,15 +91,6 @@
|
|
|
91
91
|
"files": [
|
|
92
92
|
"dist"
|
|
93
93
|
],
|
|
94
|
-
"scripts": {
|
|
95
|
-
"generate": "tsx scripts/generate-abis.ts",
|
|
96
|
-
"build": "tsup",
|
|
97
|
-
"test": "vitest run",
|
|
98
|
-
"test:watch": "vitest",
|
|
99
|
-
"test:integration": "vitest run --config vitest.integration.config.ts",
|
|
100
|
-
"test:fork": "vitest run --config vitest.fork.config.ts",
|
|
101
|
-
"typecheck": "tsc --noEmit"
|
|
102
|
-
},
|
|
103
94
|
"peerDependencies": {
|
|
104
95
|
"viem": "^2.0.0"
|
|
105
96
|
},
|
|
@@ -110,5 +101,14 @@
|
|
|
110
101
|
"tsup": "^8.0.0",
|
|
111
102
|
"vitest": "^2.0.0"
|
|
112
103
|
},
|
|
113
|
-
"license": "Apache-2.0"
|
|
114
|
-
|
|
104
|
+
"license": "Apache-2.0",
|
|
105
|
+
"scripts": {
|
|
106
|
+
"generate": "tsx scripts/generate-abis.ts",
|
|
107
|
+
"build": "tsup",
|
|
108
|
+
"test": "vitest run",
|
|
109
|
+
"test:watch": "vitest",
|
|
110
|
+
"test:integration": "vitest run --config vitest.integration.config.ts",
|
|
111
|
+
"test:fork": "vitest run --config vitest.fork.config.ts",
|
|
112
|
+
"typecheck": "tsc --noEmit"
|
|
113
|
+
}
|
|
114
|
+
}
|