@pafi-dev/core 0.5.19 → 0.5.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -9,8 +9,8 @@
9
9
 
10
10
 
11
11
 
12
- var _chunkFNJZUNK3cjs = require('../chunk-FNJZUNK3.cjs');
13
12
 
13
+ var _chunkRZDG6SRRcjs = require('../chunk-RZDG6SRR.cjs');
14
14
 
15
15
 
16
16
 
@@ -21,5 +21,7 @@ var _chunkFNJZUNK3cjs = require('../chunk-FNJZUNK3.cjs');
21
21
 
22
22
 
23
23
 
24
- exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkFNJZUNK3cjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkFNJZUNK3cjs.SPONSOR_AUTH_TYPES; exports.buildSponsorAuthDomain = _chunkFNJZUNK3cjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkFNJZUNK3cjs.buildSponsorAuthTypedData; exports.computeCallDataHash = _chunkFNJZUNK3cjs.computeCallDataHash; exports.createLoginMessage = _chunkFNJZUNK3cjs.createLoginMessage; exports.parseLoginMessage = _chunkFNJZUNK3cjs.parseLoginMessage; exports.signSponsorAuth = _chunkFNJZUNK3cjs.signSponsorAuth; exports.verifyLoginMessage = _chunkFNJZUNK3cjs.verifyLoginMessage; exports.verifySponsorAuth = _chunkFNJZUNK3cjs.verifySponsorAuth;
24
+
25
+
26
+ exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkRZDG6SRRcjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkRZDG6SRRcjs.SPONSOR_AUTH_TYPES; exports.buildAndSignSponsorAuth = _chunkRZDG6SRRcjs.buildAndSignSponsorAuth; exports.buildSponsorAuthDomain = _chunkRZDG6SRRcjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkRZDG6SRRcjs.buildSponsorAuthTypedData; exports.computeCallDataHash = _chunkRZDG6SRRcjs.computeCallDataHash; exports.createLoginMessage = _chunkRZDG6SRRcjs.createLoginMessage; exports.parseLoginMessage = _chunkRZDG6SRRcjs.parseLoginMessage; exports.signSponsorAuth = _chunkRZDG6SRRcjs.signSponsorAuth; exports.verifyLoginMessage = _chunkRZDG6SRRcjs.verifyLoginMessage; exports.verifySponsorAuth = _chunkRZDG6SRRcjs.verifySponsorAuth;
25
27
  //# sourceMappingURL=index.cjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,urBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"}
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,owBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"}
@@ -146,6 +146,63 @@ declare function buildSponsorAuthTypedData(payload: SponsorAuthPayload): {
146
146
  };
147
147
  declare function computeCallDataHash(callData: Hex): Hex;
148
148
  declare function signSponsorAuth(wallet: WalletClient, payload: SponsorAuthPayload): Promise<Hex>;
149
+ interface BuiltSponsorAuth {
150
+ sig: Hex;
151
+ chainId: number;
152
+ sender: Address;
153
+ callDataHash: Hex;
154
+ /** Decimal-string for JSON transport (bigint not safely serializable). */
155
+ nonce: string;
156
+ expiresAt: number;
157
+ scenario: string;
158
+ issuerId: string;
159
+ }
160
+ interface BuildSponsorAuthParams {
161
+ /** User EOA the sponsorship is for. */
162
+ userAddress: Address;
163
+ /** UserOp `callData` to bind the auth to (hashed via keccak256). */
164
+ callData: Hex;
165
+ /** Chain id the UserOp will execute on. */
166
+ chainId: number;
167
+ /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */
168
+ scenario: string;
169
+ /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */
170
+ issuerId: string;
171
+ /** Issuer signer wallet (HSM/KMS-backed in production). */
172
+ issuerSignerWallet: WalletClient;
173
+ /** Validity window in seconds. Default 600 (10 min). */
174
+ expiresInSeconds?: number;
175
+ /**
176
+ * Optional explicit nonce. When omitted, defaults to a unique
177
+ * `Date.now() * 1e6 + random` — matches the gg56 reference impl.
178
+ * Override for test fixtures or when chaining replay-protection.
179
+ */
180
+ nonce?: bigint;
181
+ }
182
+ /**
183
+ * Build, sign, and serialize a `SponsorAuth` payload in one call.
184
+ * Replaces the ~30 LoC private `buildSponsorAuth` helper that every
185
+ * issuer would otherwise reimplement on each sponsored endpoint.
186
+ *
187
+ * Output is JSON-safe (`nonce` as decimal string) and matches the
188
+ * shape sponsor-relayer's `/paymaster/sponsor` accepts as the
189
+ * `sponsorAuth` field.
190
+ *
191
+ * Issuer typically calls this from each sponsored controller route:
192
+ *
193
+ * ```ts
194
+ * const sponsorAuth = await buildAndSignSponsorAuth({
195
+ * userAddress: user.userAddress,
196
+ * callData: userOp.callData,
197
+ * chainId,
198
+ * scenario: 'mint',
199
+ * issuerId: this.config.get('PAFI_ISSUER_ID'),
200
+ * issuerSignerWallet: this.issuerSignerWallet,
201
+ * });
202
+ * return { ...response, sponsorAuth };
203
+ * ```
204
+ */
205
+ declare function buildAndSignSponsorAuth(params: BuildSponsorAuthParams): Promise<BuiltSponsorAuth>;
149
206
  declare function verifySponsorAuth(payload: SponsorAuthPayload, signature: Hex, expectedSigner: Address): Promise<SponsorAuthVerifyResult>;
150
207
 
151
- export { type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
208
+ export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
@@ -146,6 +146,63 @@ declare function buildSponsorAuthTypedData(payload: SponsorAuthPayload): {
146
146
  };
147
147
  declare function computeCallDataHash(callData: Hex): Hex;
148
148
  declare function signSponsorAuth(wallet: WalletClient, payload: SponsorAuthPayload): Promise<Hex>;
149
+ interface BuiltSponsorAuth {
150
+ sig: Hex;
151
+ chainId: number;
152
+ sender: Address;
153
+ callDataHash: Hex;
154
+ /** Decimal-string for JSON transport (bigint not safely serializable). */
155
+ nonce: string;
156
+ expiresAt: number;
157
+ scenario: string;
158
+ issuerId: string;
159
+ }
160
+ interface BuildSponsorAuthParams {
161
+ /** User EOA the sponsorship is for. */
162
+ userAddress: Address;
163
+ /** UserOp `callData` to bind the auth to (hashed via keccak256). */
164
+ callData: Hex;
165
+ /** Chain id the UserOp will execute on. */
166
+ chainId: number;
167
+ /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */
168
+ scenario: string;
169
+ /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */
170
+ issuerId: string;
171
+ /** Issuer signer wallet (HSM/KMS-backed in production). */
172
+ issuerSignerWallet: WalletClient;
173
+ /** Validity window in seconds. Default 600 (10 min). */
174
+ expiresInSeconds?: number;
175
+ /**
176
+ * Optional explicit nonce. When omitted, defaults to a unique
177
+ * `Date.now() * 1e6 + random` — matches the gg56 reference impl.
178
+ * Override for test fixtures or when chaining replay-protection.
179
+ */
180
+ nonce?: bigint;
181
+ }
182
+ /**
183
+ * Build, sign, and serialize a `SponsorAuth` payload in one call.
184
+ * Replaces the ~30 LoC private `buildSponsorAuth` helper that every
185
+ * issuer would otherwise reimplement on each sponsored endpoint.
186
+ *
187
+ * Output is JSON-safe (`nonce` as decimal string) and matches the
188
+ * shape sponsor-relayer's `/paymaster/sponsor` accepts as the
189
+ * `sponsorAuth` field.
190
+ *
191
+ * Issuer typically calls this from each sponsored controller route:
192
+ *
193
+ * ```ts
194
+ * const sponsorAuth = await buildAndSignSponsorAuth({
195
+ * userAddress: user.userAddress,
196
+ * callData: userOp.callData,
197
+ * chainId,
198
+ * scenario: 'mint',
199
+ * issuerId: this.config.get('PAFI_ISSUER_ID'),
200
+ * issuerSignerWallet: this.issuerSignerWallet,
201
+ * });
202
+ * return { ...response, sponsorAuth };
203
+ * ```
204
+ */
205
+ declare function buildAndSignSponsorAuth(params: BuildSponsorAuthParams): Promise<BuiltSponsorAuth>;
149
206
  declare function verifySponsorAuth(payload: SponsorAuthPayload, signature: Hex, expectedSigner: Address): Promise<SponsorAuthVerifyResult>;
150
207
 
151
- export { type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
208
+ export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
@@ -1,6 +1,7 @@
1
1
  import {
2
2
  SPONSOR_AUTH_DOMAIN_NAME,
3
3
  SPONSOR_AUTH_TYPES,
4
+ buildAndSignSponsorAuth,
4
5
  buildSponsorAuthDomain,
5
6
  buildSponsorAuthTypedData,
6
7
  computeCallDataHash,
@@ -9,10 +10,11 @@ import {
9
10
  signSponsorAuth,
10
11
  verifyLoginMessage,
11
12
  verifySponsorAuth
12
- } from "../chunk-W6VULMCO.js";
13
+ } from "../chunk-QGXJLLKF.js";
13
14
  export {
14
15
  SPONSOR_AUTH_DOMAIN_NAME,
15
16
  SPONSOR_AUTH_TYPES,
17
+ buildAndSignSponsorAuth,
16
18
  buildSponsorAuthDomain,
17
19
  buildSponsorAuthTypedData,
18
20
  computeCallDataHash,
@@ -209,6 +209,30 @@ async function signSponsorAuth(wallet, payload) {
209
209
  message
210
210
  });
211
211
  }
212
+ async function buildAndSignSponsorAuth(params) {
213
+ const expiresAt = Math.floor(Date.now() / 1e3) + (params.expiresInSeconds ?? 600);
214
+ const nonce = params.nonce ?? BigInt(Date.now()) * 1000000n + BigInt(Math.floor(Math.random() * 1e6));
215
+ const payload = {
216
+ chainId: params.chainId,
217
+ sender: params.userAddress,
218
+ callDataHash: computeCallDataHash(params.callData),
219
+ nonce,
220
+ expiresAt,
221
+ scenario: params.scenario,
222
+ issuerId: params.issuerId
223
+ };
224
+ const sig = await signSponsorAuth(params.issuerSignerWallet, payload);
225
+ return {
226
+ sig,
227
+ chainId: payload.chainId,
228
+ sender: payload.sender,
229
+ callDataHash: payload.callDataHash,
230
+ nonce: payload.nonce.toString(),
231
+ expiresAt: payload.expiresAt,
232
+ scenario: payload.scenario,
233
+ issuerId: payload.issuerId
234
+ };
235
+ }
212
236
  async function verifySponsorAuth(payload, signature, expectedSigner) {
213
237
  const nowSec = Math.floor(Date.now() / 1e3);
214
238
  if (payload.expiresAt < nowSec) {
@@ -246,6 +270,7 @@ export {
246
270
  buildSponsorAuthTypedData,
247
271
  computeCallDataHash,
248
272
  signSponsorAuth,
273
+ buildAndSignSponsorAuth,
249
274
  verifySponsorAuth
250
275
  };
251
- //# sourceMappingURL=chunk-W6VULMCO.js.map
276
+ //# sourceMappingURL=chunk-QGXJLLKF.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/auth/loginMessage.ts","../src/auth/sponsorAuth.ts"],"sourcesContent":["import { getAddress, verifyMessage, recoverMessageAddress } from \"viem\";\nimport type { Address, Hex } from \"viem\";\nimport type { LoginMessageParams, VerifyLoginResult } from \"./types\";\n\nconst DEFAULT_VERSION = \"1\";\nconst DEFAULT_STATEMENT = \"Sign in with Ethereum to PAFI.\";\n\n/**\n * Build an EIP-4361 login message string.\n *\n * The output is a deterministic plain-text message that the wallet signs via\n * `personal_sign`. The same message can be parsed back with\n * {@link parseLoginMessage} and verified with {@link verifyLoginMessage}.\n */\nexport function createLoginMessage(params: LoginMessageParams): string {\n const {\n domain,\n address,\n chainId,\n nonce,\n uri,\n statement = DEFAULT_STATEMENT,\n version = DEFAULT_VERSION,\n issuedAt = new Date(),\n expirationTime,\n notBefore,\n requestId,\n } = params;\n\n if (!domain) throw new Error(\"createLoginMessage: domain required\");\n if (!nonce) throw new Error(\"createLoginMessage: nonce required\");\n if (!uri) throw new Error(\"createLoginMessage: uri required\");\n\n const checksummed = getAddress(address);\n\n const lines: string[] = [];\n lines.push(`${domain} wants you to sign in with your Ethereum account:`);\n lines.push(checksummed);\n lines.push(\"\");\n if (statement) {\n lines.push(statement);\n lines.push(\"\");\n }\n lines.push(`URI: ${uri}`);\n lines.push(`Version: ${version}`);\n lines.push(`Chain ID: ${chainId}`);\n lines.push(`Nonce: ${nonce}`);\n lines.push(`Issued At: ${issuedAt.toISOString()}`);\n if (expirationTime) {\n lines.push(`Expiration Time: ${expirationTime.toISOString()}`);\n }\n if (notBefore) {\n lines.push(`Not Before: ${notBefore.toISOString()}`);\n }\n if (requestId) {\n lines.push(`Request ID: ${requestId}`);\n }\n\n return lines.join(\"\\n\");\n}\n\n/**\n * Parse a login message string built by {@link createLoginMessage} back into\n * its structured fields. Throws if the message does not match the expected\n * EIP-4361 layout.\n */\nexport function parseLoginMessage(message: string): LoginMessageParams {\n const lines = message.split(\"\\n\");\n if (lines.length < 7) {\n throw new Error(\"parseLoginMessage: message too short\");\n }\n\n const headerLine = lines[0] ?? \"\";\n const headerMatch = headerLine.match(\n /^(?<domain>.+) wants you to sign in with your Ethereum account:$/,\n );\n if (!headerMatch || !headerMatch.groups) {\n throw new Error(\"parseLoginMessage: invalid header line\");\n }\n const domain = headerMatch.groups[\"domain\"]!;\n\n const addressLine = lines[1] ?? \"\";\n if (!/^0x[0-9a-fA-F]{40}$/.test(addressLine)) {\n throw new Error(\"parseLoginMessage: invalid address line\");\n }\n const address = getAddress(addressLine);\n\n // After address: blank line, optional statement + blank line, then key:value lines.\n let cursor = 2;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after address\");\n }\n cursor++;\n\n let statement: string | undefined;\n // Statement is present if the next line is not a known key.\n if (cursor < lines.length && !looksLikeKeyValue(lines[cursor]!)) {\n statement = lines[cursor];\n cursor++;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after statement\");\n }\n cursor++;\n }\n\n const fields = new Map<string, string>();\n for (; cursor < lines.length; cursor++) {\n const line = lines[cursor]!;\n if (line === \"\") continue;\n const idx = line.indexOf(\": \");\n if (idx === -1) {\n throw new Error(`parseLoginMessage: malformed field line: \"${line}\"`);\n }\n const key = line.slice(0, idx);\n const value = line.slice(idx + 2);\n fields.set(key, value);\n }\n\n const uri = requireField(fields, \"URI\");\n const version = requireField(fields, \"Version\");\n const chainId = Number(requireField(fields, \"Chain ID\"));\n if (!Number.isInteger(chainId)) {\n throw new Error(\"parseLoginMessage: Chain ID is not an integer\");\n }\n const nonce = requireField(fields, \"Nonce\");\n const issuedAt = new Date(requireField(fields, \"Issued At\"));\n const expirationTime = optionalDate(fields, \"Expiration Time\");\n const notBefore = optionalDate(fields, \"Not Before\");\n const requestId = fields.get(\"Request ID\");\n\n const result: LoginMessageParams = {\n domain,\n address,\n chainId,\n nonce,\n uri,\n version,\n issuedAt,\n };\n if (statement !== undefined) result.statement = statement;\n if (expirationTime !== undefined) result.expirationTime = expirationTime;\n if (notBefore !== undefined) result.notBefore = notBefore;\n if (requestId !== undefined) result.requestId = requestId;\n return result;\n}\n\n/**\n * Verify that a login message was signed by the address embedded in the\n * message. Returns `{ valid, address }` where `address` is the recovered\n * signer (checksummed). Does NOT check expiration / not-before / nonce\n * consumption — those are the AuthService's responsibility.\n */\nexport async function verifyLoginMessage(\n message: string,\n signature: Hex,\n): Promise<VerifyLoginResult> {\n const parsed = parseLoginMessage(message);\n const valid = await verifyMessage({\n address: parsed.address,\n message,\n signature,\n });\n if (valid) {\n return { valid: true, address: parsed.address };\n }\n // Recover anyway so callers can log the mismatch.\n const recovered = await recoverMessageAddress({ message, signature });\n return { valid: false, address: getAddress(recovered) as Address };\n}\n\n// -------------------------------------------------------------------------\n// helpers\n// -------------------------------------------------------------------------\n\nconst KNOWN_KEYS = new Set([\n \"URI\",\n \"Version\",\n \"Chain ID\",\n \"Nonce\",\n \"Issued At\",\n \"Expiration Time\",\n \"Not Before\",\n \"Request ID\",\n]);\n\nfunction looksLikeKeyValue(line: string): boolean {\n const idx = line.indexOf(\": \");\n if (idx === -1) return false;\n return KNOWN_KEYS.has(line.slice(0, idx));\n}\n\nfunction requireField(fields: Map<string, string>, key: string): string {\n const value = fields.get(key);\n if (value === undefined) {\n throw new Error(`parseLoginMessage: missing required field \"${key}\"`);\n }\n return value;\n}\n\nfunction optionalDate(\n fields: Map<string, string>,\n key: string,\n): Date | undefined {\n const raw = fields.get(key);\n if (raw === undefined) return undefined;\n return new Date(raw);\n}\n","import { keccak256, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\n\nexport const SPONSOR_AUTH_DOMAIN_NAME = \"PafiSponsorAuth\";\n\nexport const SPONSOR_AUTH_TYPES = {\n SponsorAuth: [\n { name: \"chainId\", type: \"uint256\" },\n { name: \"sender\", type: \"address\" },\n { name: \"callDataHash\", type: \"bytes32\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"expiresAt\", type: \"uint256\" },\n { name: \"scenario\", type: \"string\" },\n { name: \"issuerId\", type: \"string\" },\n ],\n} as const;\n\nexport interface SponsorAuthPayload {\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n nonce: bigint;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface SponsorAuthVerifyResult {\n ok: boolean;\n recoveredAddress?: Address;\n reason?: \"EXPIRED\" | \"INVALID_SIGNER\" | \"INVALID_SIGNATURE_FORMAT\";\n}\n\nexport function buildSponsorAuthDomain(chainId: number) {\n return {\n name: SPONSOR_AUTH_DOMAIN_NAME,\n version: \"1\",\n chainId,\n verifyingContract: \"0x0000000000000000000000000000000000000000\" as Address,\n };\n}\n\nfunction buildMessage(payload: SponsorAuthPayload) {\n return {\n chainId: BigInt(payload.chainId),\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce,\n expiresAt: BigInt(payload.expiresAt),\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport function buildSponsorAuthTypedData(payload: SponsorAuthPayload) {\n return {\n domain: buildSponsorAuthDomain(payload.chainId),\n types: SPONSOR_AUTH_TYPES,\n primaryType: \"SponsorAuth\" as const,\n message: buildMessage(payload),\n };\n}\n\nexport function computeCallDataHash(callData: Hex): Hex {\n return keccak256(callData);\n}\n\nexport async function signSponsorAuth(\n wallet: WalletClient,\n payload: SponsorAuthPayload,\n): Promise<Hex> {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n return wallet.signTypedData({\n account: wallet.account!,\n domain,\n types,\n primaryType,\n message,\n });\n}\n\nexport interface BuiltSponsorAuth {\n sig: Hex;\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n /** Decimal-string for JSON transport (bigint not safely serializable). */\n nonce: string;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface BuildSponsorAuthParams {\n /** User EOA the sponsorship is for. */\n userAddress: Address;\n /** UserOp `callData` to bind the auth to (hashed via keccak256). */\n callData: Hex;\n /** Chain id the UserOp will execute on. */\n chainId: number;\n /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */\n scenario: string;\n /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */\n issuerId: string;\n /** Issuer signer wallet (HSM/KMS-backed in production). */\n issuerSignerWallet: WalletClient;\n /** Validity window in seconds. Default 600 (10 min). */\n expiresInSeconds?: number;\n /**\n * Optional explicit nonce. When omitted, defaults to a unique\n * `Date.now() * 1e6 + random` — matches the gg56 reference impl.\n * Override for test fixtures or when chaining replay-protection.\n */\n nonce?: bigint;\n}\n\n/**\n * Build, sign, and serialize a `SponsorAuth` payload in one call.\n * Replaces the ~30 LoC private `buildSponsorAuth` helper that every\n * issuer would otherwise reimplement on each sponsored endpoint.\n *\n * Output is JSON-safe (`nonce` as decimal string) and matches the\n * shape sponsor-relayer's `/paymaster/sponsor` accepts as the\n * `sponsorAuth` field.\n *\n * Issuer typically calls this from each sponsored controller route:\n *\n * ```ts\n * const sponsorAuth = await buildAndSignSponsorAuth({\n * userAddress: user.userAddress,\n * callData: userOp.callData,\n * chainId,\n * scenario: 'mint',\n * issuerId: this.config.get('PAFI_ISSUER_ID'),\n * issuerSignerWallet: this.issuerSignerWallet,\n * });\n * return { ...response, sponsorAuth };\n * ```\n */\nexport async function buildAndSignSponsorAuth(\n params: BuildSponsorAuthParams,\n): Promise<BuiltSponsorAuth> {\n const expiresAt =\n Math.floor(Date.now() / 1000) + (params.expiresInSeconds ?? 600);\n\n const nonce =\n params.nonce ??\n BigInt(Date.now()) * 1_000_000n +\n BigInt(Math.floor(Math.random() * 1_000_000));\n\n const payload: SponsorAuthPayload = {\n chainId: params.chainId,\n sender: params.userAddress,\n callDataHash: computeCallDataHash(params.callData),\n nonce,\n expiresAt,\n scenario: params.scenario,\n issuerId: params.issuerId,\n };\n\n const sig = await signSponsorAuth(params.issuerSignerWallet, payload);\n\n return {\n sig,\n chainId: payload.chainId,\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce.toString(),\n expiresAt: payload.expiresAt,\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport async function verifySponsorAuth(\n payload: SponsorAuthPayload,\n signature: Hex,\n expectedSigner: Address,\n): Promise<SponsorAuthVerifyResult> {\n const nowSec = Math.floor(Date.now() / 1000);\n if (payload.expiresAt < nowSec) {\n return { ok: false, reason: \"EXPIRED\" };\n }\n\n if (signature.length < 132) {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n let recovered: Address;\n try {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n recovered = await recoverTypedDataAddress({\n domain,\n types,\n primaryType,\n message,\n signature,\n });\n } catch {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n if (recovered.toLowerCase() !== expectedSigner.toLowerCase()) {\n return { ok: false, reason: \"INVALID_SIGNER\", recoveredAddress: recovered };\n }\n\n return { ok: true, recoveredAddress: recovered };\n}\n"],"mappings":";AAAA,SAAS,YAAY,eAAe,6BAA6B;AAIjE,IAAM,kBAAkB;AACxB,IAAM,oBAAoB;AASnB,SAAS,mBAAmB,QAAoC;AACrE,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,UAAU;AAAA,IACV,WAAW,oBAAI,KAAK;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,MAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,qCAAqC;AAClE,MAAI,CAAC,MAAO,OAAM,IAAI,MAAM,oCAAoC;AAChE,MAAI,CAAC,IAAK,OAAM,IAAI,MAAM,kCAAkC;AAE5D,QAAM,cAAc,WAAW,OAAO;AAEtC,QAAM,QAAkB,CAAC;AACzB,QAAM,KAAK,GAAG,MAAM,mDAAmD;AACvE,QAAM,KAAK,WAAW;AACtB,QAAM,KAAK,EAAE;AACb,MAAI,WAAW;AACb,UAAM,KAAK,SAAS;AACpB,UAAM,KAAK,EAAE;AAAA,EACf;AACA,QAAM,KAAK,QAAQ,GAAG,EAAE;AACxB,QAAM,KAAK,YAAY,OAAO,EAAE;AAChC,QAAM,KAAK,aAAa,OAAO,EAAE;AACjC,QAAM,KAAK,UAAU,KAAK,EAAE;AAC5B,QAAM,KAAK,cAAc,SAAS,YAAY,CAAC,EAAE;AACjD,MAAI,gBAAgB;AAClB,UAAM,KAAK,oBAAoB,eAAe,YAAY,CAAC,EAAE;AAAA,EAC/D;AACA,MAAI,WAAW;AACb,UAAM,KAAK,eAAe,UAAU,YAAY,CAAC,EAAE;AAAA,EACrD;AACA,MAAI,WAAW;AACb,UAAM,KAAK,eAAe,SAAS,EAAE;AAAA,EACvC;AAEA,SAAO,MAAM,KAAK,IAAI;AACxB;AAOO,SAAS,kBAAkB,SAAqC;AACrE,QAAM,QAAQ,QAAQ,MAAM,IAAI;AAChC,MAAI,MAAM,SAAS,GAAG;AACpB,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AAEA,QAAM,aAAa,MAAM,CAAC,KAAK;AAC/B,QAAM,cAAc,WAAW;AAAA,IAC7B;AAAA,EACF;AACA,MAAI,CAAC,eAAe,CAAC,YAAY,QAAQ;AACvC,UAAM,IAAI,MAAM,wCAAwC;AAAA,EAC1D;AACA,QAAM,SAAS,YAAY,OAAO,QAAQ;AAE1C,QAAM,cAAc,MAAM,CAAC,KAAK;AAChC,MAAI,CAAC,sBAAsB,KAAK,WAAW,GAAG;AAC5C,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AACA,QAAM,UAAU,WAAW,WAAW;AAGtC,MAAI,SAAS;AACb,MAAI,MAAM,MAAM,MAAM,IAAI;AACxB,UAAM,IAAI,MAAM,qDAAqD;AAAA,EACvE;AACA;AAEA,MAAI;AAEJ,MAAI,SAAS,MAAM,UAAU,CAAC,kBAAkB,MAAM,MAAM,CAAE,GAAG;AAC/D,gBAAY,MAAM,MAAM;AACxB;AACA,QAAI,MAAM,MAAM,MAAM,IAAI;AACxB,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AACA;AAAA,EACF;AAEA,QAAM,SAAS,oBAAI,IAAoB;AACvC,SAAO,SAAS,MAAM,QAAQ,UAAU;AACtC,UAAM,OAAO,MAAM,MAAM;AACzB,QAAI,SAAS,GAAI;AACjB,UAAM,MAAM,KAAK,QAAQ,IAAI;AAC7B,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI,MAAM,6CAA6C,IAAI,GAAG;AAAA,IACtE;AACA,UAAM,MAAM,KAAK,MAAM,GAAG,GAAG;AAC7B,UAAM,QAAQ,KAAK,MAAM,MAAM,CAAC;AAChC,WAAO,IAAI,KAAK,KAAK;AAAA,EACvB;AAEA,QAAM,MAAM,aAAa,QAAQ,KAAK;AACtC,QAAM,UAAU,aAAa,QAAQ,SAAS;AAC9C,QAAM,UAAU,OAAO,aAAa,QAAQ,UAAU,CAAC;AACvD,MAAI,CAAC,OAAO,UAAU,OAAO,GAAG;AAC9B,UAAM,IAAI,MAAM,+CAA+C;AAAA,EACjE;AACA,QAAM,QAAQ,aAAa,QAAQ,OAAO;AAC1C,QAAM,WAAW,IAAI,KAAK,aAAa,QAAQ,WAAW,CAAC;AAC3D,QAAM,iBAAiB,aAAa,QAAQ,iBAAiB;AAC7D,QAAM,YAAY,aAAa,QAAQ,YAAY;AACnD,QAAM,YAAY,OAAO,IAAI,YAAY;AAEzC,QAAM,SAA6B;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,MAAI,mBAAmB,OAAW,QAAO,iBAAiB;AAC1D,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,SAAO;AACT;AAQA,eAAsB,mBACpB,SACA,WAC4B;AAC5B,QAAM,SAAS,kBAAkB,OAAO;AACxC,QAAM,QAAQ,MAAM,cAAc;AAAA,IAChC,SAAS,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF,CAAC;AACD,MAAI,OAAO;AACT,WAAO,EAAE,OAAO,MAAM,SAAS,OAAO,QAAQ;AAAA,EAChD;AAEA,QAAM,YAAY,MAAM,sBAAsB,EAAE,SAAS,UAAU,CAAC;AACpE,SAAO,EAAE,OAAO,OAAO,SAAS,WAAW,SAAS,EAAa;AACnE;AAMA,IAAM,aAAa,oBAAI,IAAI;AAAA,EACzB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,SAAS,kBAAkB,MAAuB;AAChD,QAAM,MAAM,KAAK,QAAQ,IAAI;AAC7B,MAAI,QAAQ,GAAI,QAAO;AACvB,SAAO,WAAW,IAAI,KAAK,MAAM,GAAG,GAAG,CAAC;AAC1C;AAEA,SAAS,aAAa,QAA6B,KAAqB;AACtE,QAAM,QAAQ,OAAO,IAAI,GAAG;AAC5B,MAAI,UAAU,QAAW;AACvB,UAAM,IAAI,MAAM,8CAA8C,GAAG,GAAG;AAAA,EACtE;AACA,SAAO;AACT;AAEA,SAAS,aACP,QACA,KACkB;AAClB,QAAM,MAAM,OAAO,IAAI,GAAG;AAC1B,MAAI,QAAQ,OAAW,QAAO;AAC9B,SAAO,IAAI,KAAK,GAAG;AACrB;;;AC9MA,SAAS,WAAW,+BAA+B;AAG5C,IAAM,2BAA2B;AAEjC,IAAM,qBAAqB;AAAA,EAChC,aAAa;AAAA,IACX,EAAE,MAAM,WAAW,MAAM,UAAU;AAAA,IACnC,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,IAClC,EAAE,MAAM,gBAAgB,MAAM,UAAU;AAAA,IACxC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,aAAa,MAAM,UAAU;AAAA,IACrC,EAAE,MAAM,YAAY,MAAM,SAAS;AAAA,IACnC,EAAE,MAAM,YAAY,MAAM,SAAS;AAAA,EACrC;AACF;AAkBO,SAAS,uBAAuB,SAAiB;AACtD,SAAO;AAAA,IACL,MAAM;AAAA,IACN,SAAS;AAAA,IACT;AAAA,IACA,mBAAmB;AAAA,EACrB;AACF;AAEA,SAAS,aAAa,SAA6B;AACjD,SAAO;AAAA,IACL,SAAS,OAAO,QAAQ,OAAO;AAAA,IAC/B,QAAQ,QAAQ;AAAA,IAChB,cAAc,QAAQ;AAAA,IACtB,OAAO,QAAQ;AAAA,IACf,WAAW,OAAO,QAAQ,SAAS;AAAA,IACnC,UAAU,QAAQ;AAAA,IAClB,UAAU,QAAQ;AAAA,EACpB;AACF;AAEO,SAAS,0BAA0B,SAA6B;AACrE,SAAO;AAAA,IACL,QAAQ,uBAAuB,QAAQ,OAAO;AAAA,IAC9C,OAAO;AAAA,IACP,aAAa;AAAA,IACb,SAAS,aAAa,OAAO;AAAA,EAC/B;AACF;AAEO,SAAS,oBAAoB,UAAoB;AACtD,SAAO,UAAU,QAAQ;AAC3B;AAEA,eAAsB,gBACpB,QACA,SACc;AACd,QAAM,EAAE,QAAQ,OAAO,aAAa,QAAQ,IAC1C,0BAA0B,OAAO;AACnC,SAAO,OAAO,cAAc;AAAA,IAC1B,SAAS,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH;AA4DA,eAAsB,wBACpB,QAC2B;AAC3B,QAAM,YACJ,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,KAAK,OAAO,oBAAoB;AAE9D,QAAM,QACJ,OAAO,SACP,OAAO,KAAK,IAAI,CAAC,IAAI,WACnB,OAAO,KAAK,MAAM,KAAK,OAAO,IAAI,GAAS,CAAC;AAEhD,QAAM,UAA8B;AAAA,IAClC,SAAS,OAAO;AAAA,IAChB,QAAQ,OAAO;AAAA,IACf,cAAc,oBAAoB,OAAO,QAAQ;AAAA,IACjD;AAAA,IACA;AAAA,IACA,UAAU,OAAO;AAAA,IACjB,UAAU,OAAO;AAAA,EACnB;AAEA,QAAM,MAAM,MAAM,gBAAgB,OAAO,oBAAoB,OAAO;AAEpE,SAAO;AAAA,IACL;AAAA,IACA,SAAS,QAAQ;AAAA,IACjB,QAAQ,QAAQ;AAAA,IAChB,cAAc,QAAQ;AAAA,IACtB,OAAO,QAAQ,MAAM,SAAS;AAAA,IAC9B,WAAW,QAAQ;AAAA,IACnB,UAAU,QAAQ;AAAA,IAClB,UAAU,QAAQ;AAAA,EACpB;AACF;AAEA,eAAsB,kBACpB,SACA,WACA,gBACkC;AAClC,QAAM,SAAS,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAC3C,MAAI,QAAQ,YAAY,QAAQ;AAC9B,WAAO,EAAE,IAAI,OAAO,QAAQ,UAAU;AAAA,EACxC;AAEA,MAAI,UAAU,SAAS,KAAK;AAC1B,WAAO,EAAE,IAAI,OAAO,QAAQ,2BAA2B;AAAA,EACzD;AAEA,MAAI;AACJ,MAAI;AACF,UAAM,EAAE,QAAQ,OAAO,aAAa,QAAQ,IAC1C,0BAA0B,OAAO;AACnC,gBAAY,MAAM,wBAAwB;AAAA,MACxC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH,QAAQ;AACN,WAAO,EAAE,IAAI,OAAO,QAAQ,2BAA2B;AAAA,EACzD;AAEA,MAAI,UAAU,YAAY,MAAM,eAAe,YAAY,GAAG;AAC5D,WAAO,EAAE,IAAI,OAAO,QAAQ,kBAAkB,kBAAkB,UAAU;AAAA,EAC5E;AAEA,SAAO,EAAE,IAAI,MAAM,kBAAkB,UAAU;AACjD;","names":[]}
@@ -209,6 +209,30 @@ async function signSponsorAuth(wallet, payload) {
209
209
  message
210
210
  });
211
211
  }
212
+ async function buildAndSignSponsorAuth(params) {
213
+ const expiresAt = Math.floor(Date.now() / 1e3) + (_nullishCoalesce(params.expiresInSeconds, () => ( 600)));
214
+ const nonce = _nullishCoalesce(params.nonce, () => ( BigInt(Date.now()) * 1000000n + BigInt(Math.floor(Math.random() * 1e6))));
215
+ const payload = {
216
+ chainId: params.chainId,
217
+ sender: params.userAddress,
218
+ callDataHash: computeCallDataHash(params.callData),
219
+ nonce,
220
+ expiresAt,
221
+ scenario: params.scenario,
222
+ issuerId: params.issuerId
223
+ };
224
+ const sig = await signSponsorAuth(params.issuerSignerWallet, payload);
225
+ return {
226
+ sig,
227
+ chainId: payload.chainId,
228
+ sender: payload.sender,
229
+ callDataHash: payload.callDataHash,
230
+ nonce: payload.nonce.toString(),
231
+ expiresAt: payload.expiresAt,
232
+ scenario: payload.scenario,
233
+ issuerId: payload.issuerId
234
+ };
235
+ }
212
236
  async function verifySponsorAuth(payload, signature, expectedSigner) {
213
237
  const nowSec = Math.floor(Date.now() / 1e3);
214
238
  if (payload.expiresAt < nowSec) {
@@ -247,5 +271,6 @@ async function verifySponsorAuth(payload, signature, expectedSigner) {
247
271
 
248
272
 
249
273
 
250
- exports.createLoginMessage = createLoginMessage; exports.parseLoginMessage = parseLoginMessage; exports.verifyLoginMessage = verifyLoginMessage; exports.SPONSOR_AUTH_DOMAIN_NAME = SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = SPONSOR_AUTH_TYPES; exports.buildSponsorAuthDomain = buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = buildSponsorAuthTypedData; exports.computeCallDataHash = computeCallDataHash; exports.signSponsorAuth = signSponsorAuth; exports.verifySponsorAuth = verifySponsorAuth;
251
- //# sourceMappingURL=chunk-FNJZUNK3.cjs.map
274
+
275
+ exports.createLoginMessage = createLoginMessage; exports.parseLoginMessage = parseLoginMessage; exports.verifyLoginMessage = verifyLoginMessage; exports.SPONSOR_AUTH_DOMAIN_NAME = SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = SPONSOR_AUTH_TYPES; exports.buildSponsorAuthDomain = buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = buildSponsorAuthTypedData; exports.computeCallDataHash = computeCallDataHash; exports.signSponsorAuth = signSponsorAuth; exports.buildAndSignSponsorAuth = buildAndSignSponsorAuth; exports.verifySponsorAuth = verifySponsorAuth;
276
+ //# sourceMappingURL=chunk-RZDG6SRR.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-RZDG6SRR.cjs","../src/auth/loginMessage.ts","../src/auth/sponsorAuth.ts"],"names":[],"mappings":"AAAA;ACAA,4BAAiE;AAIjE,IAAM,gBAAA,EAAkB,GAAA;AACxB,IAAM,kBAAA,EAAoB,gCAAA;AASnB,SAAS,kBAAA,CAAmB,MAAA,EAAoC;AACrE,EAAA,MAAM;AAAA,IACJ,MAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,KAAA;AAAA,IACA,GAAA;AAAA,IACA,UAAA,EAAY,iBAAA;AAAA,IACZ,QAAA,EAAU,eAAA;AAAA,IACV,SAAA,kBAAW,IAAI,IAAA,CAAK,CAAA;AAAA,IACpB,cAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,EACF,EAAA,EAAI,MAAA;AAEJ,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,qCAAqC,CAAA;AAClE,EAAA,GAAA,CAAI,CAAC,KAAA,EAAO,MAAM,IAAI,KAAA,CAAM,oCAAoC,CAAA;AAChE,EAAA,GAAA,CAAI,CAAC,GAAA,EAAK,MAAM,IAAI,KAAA,CAAM,kCAAkC,CAAA;AAE5D,EAAA,MAAM,YAAA,EAAc,8BAAA,OAAkB,CAAA;AAEtC,EAAA,MAAM,MAAA,EAAkB,CAAC,CAAA;AACzB,EAAA,KAAA,CAAM,IAAA,CAAK,CAAA,EAAA;AACA,EAAA;AACA,EAAA;AACP,EAAA;AACI,IAAA;AACA,IAAA;AACR,EAAA;AACW,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACP,EAAA;AACI,IAAA;AACR,EAAA;AACI,EAAA;AACI,IAAA;AACR,EAAA;AACI,EAAA;AACI,IAAA;AACR,EAAA;AAEO,EAAA;AACT;AAOgB;AACR,EAAA;AACI,EAAA;AACE,IAAA;AACZ,EAAA;AAEM,EAAA;AACA,EAAA;AACJ,IAAA;AACF,EAAA;AACK,EAAA;AACO,IAAA;AACZ,EAAA;AACM,EAAA;AAEA,EAAA;AACD,EAAA;AACO,IAAA;AACZ,EAAA;AACM,EAAA;AAGF,EAAA;AACM,EAAA;AACE,IAAA;AACZ,EAAA;AACA,EAAA;AAEI,EAAA;AAEA,EAAA;AACF,IAAA;AACA,IAAA;AACU,IAAA;AACF,MAAA;AACR,IAAA;AACA,IAAA;AACF,EAAA;AAEM,EAAA;AACC,EAAA;AACC,IAAA;AACF,IAAA;AACE,IAAA;AACF,IAAA;AACI,MAAA;AACR,IAAA;AACM,IAAA;AACA,IAAA;AACC,IAAA;AACT,EAAA;AAEY,EAAA;AACN,EAAA;AACA,EAAA;AACM,EAAA;AACA,IAAA;AACZ,EAAA;AACM,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AAEA,EAAA;AACJ,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACF,EAAA;AACI,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACG,EAAA;AACT;AAQA;AAIQ,EAAA;AACA,EAAA;AACK,IAAA;AACT,IAAA;AACA,IAAA;AACD,EAAA;AACU,EAAA;AACA,IAAA;AACX,EAAA;AAEM,EAAA;AACG,EAAA;AACX;AAMM;AACJ,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACD;AAEQ;AACK,EAAA;AACA,EAAA;AACL,EAAA;AACT;AAES;AACD,EAAA;AACF,EAAA;AACQ,IAAA;AACZ,EAAA;AACO,EAAA;AACT;AAES;AAIK,EAAA;AACA,EAAA;AACD,EAAA;AACb;ADlDc;AACA;AE7JL;AAGI;AAEA;AACX,EAAA;AACU,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACV,EAAA;AACF;AAkBgB;AACP,EAAA;AACC,IAAA;AACG,IAAA;AACT,IAAA;AACA,IAAA;AACF,EAAA;AACF;AAES;AACA,EAAA;AACI,IAAA;AACD,IAAA;AACR,IAAA;AACO,IAAA;AACP,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AACF;AAEgB;AACP,EAAA;AACG,IAAA;AACD,IAAA;AACP,IAAA;AACS,IAAA;AACX,EAAA;AACF;AAEgB;AACP,EAAA;AACT;AAEA;AAIU,EAAA;AAED,EAAA;AACI,IAAA;AACT,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACD,EAAA;AACH;AA4DA;AAGQ,EAAA;AAGA,EAAA;AAKA,EAAA;AACK,IAAA;AACD,IAAA;AACR,IAAA;AACA,IAAA;AACA,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AAEY,EAAA;AAEL,EAAA;AACL,IAAA;AACS,IAAA;AACD,IAAA;AACR,IAAA;AACO,IAAA;AACP,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AACF;AAEA;AAKQ,EAAA;AACM,EAAA;AACD,IAAA;AACX,EAAA;AAEI,EAAA;AACO,IAAA;AACX,EAAA;AAEI,EAAA;AACA,EAAA;AACM,IAAA;AAER,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACD,IAAA;AACK,EAAA;AACG,IAAA;AACX,EAAA;AAEI,EAAA;AACO,IAAA;AACX,EAAA;AAES,EAAA;AACX;AFoDc;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-RZDG6SRR.cjs","sourcesContent":[null,"import { getAddress, verifyMessage, recoverMessageAddress } from \"viem\";\nimport type { Address, Hex } from \"viem\";\nimport type { LoginMessageParams, VerifyLoginResult } from \"./types\";\n\nconst DEFAULT_VERSION = \"1\";\nconst DEFAULT_STATEMENT = \"Sign in with Ethereum to PAFI.\";\n\n/**\n * Build an EIP-4361 login message string.\n *\n * The output is a deterministic plain-text message that the wallet signs via\n * `personal_sign`. The same message can be parsed back with\n * {@link parseLoginMessage} and verified with {@link verifyLoginMessage}.\n */\nexport function createLoginMessage(params: LoginMessageParams): string {\n const {\n domain,\n address,\n chainId,\n nonce,\n uri,\n statement = DEFAULT_STATEMENT,\n version = DEFAULT_VERSION,\n issuedAt = new Date(),\n expirationTime,\n notBefore,\n requestId,\n } = params;\n\n if (!domain) throw new Error(\"createLoginMessage: domain required\");\n if (!nonce) throw new Error(\"createLoginMessage: nonce required\");\n if (!uri) throw new Error(\"createLoginMessage: uri required\");\n\n const checksummed = getAddress(address);\n\n const lines: string[] = [];\n lines.push(`${domain} wants you to sign in with your Ethereum account:`);\n lines.push(checksummed);\n lines.push(\"\");\n if (statement) {\n lines.push(statement);\n lines.push(\"\");\n }\n lines.push(`URI: ${uri}`);\n lines.push(`Version: ${version}`);\n lines.push(`Chain ID: ${chainId}`);\n lines.push(`Nonce: ${nonce}`);\n lines.push(`Issued At: ${issuedAt.toISOString()}`);\n if (expirationTime) {\n lines.push(`Expiration Time: ${expirationTime.toISOString()}`);\n }\n if (notBefore) {\n lines.push(`Not Before: ${notBefore.toISOString()}`);\n }\n if (requestId) {\n lines.push(`Request ID: ${requestId}`);\n }\n\n return lines.join(\"\\n\");\n}\n\n/**\n * Parse a login message string built by {@link createLoginMessage} back into\n * its structured fields. Throws if the message does not match the expected\n * EIP-4361 layout.\n */\nexport function parseLoginMessage(message: string): LoginMessageParams {\n const lines = message.split(\"\\n\");\n if (lines.length < 7) {\n throw new Error(\"parseLoginMessage: message too short\");\n }\n\n const headerLine = lines[0] ?? \"\";\n const headerMatch = headerLine.match(\n /^(?<domain>.+) wants you to sign in with your Ethereum account:$/,\n );\n if (!headerMatch || !headerMatch.groups) {\n throw new Error(\"parseLoginMessage: invalid header line\");\n }\n const domain = headerMatch.groups[\"domain\"]!;\n\n const addressLine = lines[1] ?? \"\";\n if (!/^0x[0-9a-fA-F]{40}$/.test(addressLine)) {\n throw new Error(\"parseLoginMessage: invalid address line\");\n }\n const address = getAddress(addressLine);\n\n // After address: blank line, optional statement + blank line, then key:value lines.\n let cursor = 2;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after address\");\n }\n cursor++;\n\n let statement: string | undefined;\n // Statement is present if the next line is not a known key.\n if (cursor < lines.length && !looksLikeKeyValue(lines[cursor]!)) {\n statement = lines[cursor];\n cursor++;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after statement\");\n }\n cursor++;\n }\n\n const fields = new Map<string, string>();\n for (; cursor < lines.length; cursor++) {\n const line = lines[cursor]!;\n if (line === \"\") continue;\n const idx = line.indexOf(\": \");\n if (idx === -1) {\n throw new Error(`parseLoginMessage: malformed field line: \"${line}\"`);\n }\n const key = line.slice(0, idx);\n const value = line.slice(idx + 2);\n fields.set(key, value);\n }\n\n const uri = requireField(fields, \"URI\");\n const version = requireField(fields, \"Version\");\n const chainId = Number(requireField(fields, \"Chain ID\"));\n if (!Number.isInteger(chainId)) {\n throw new Error(\"parseLoginMessage: Chain ID is not an integer\");\n }\n const nonce = requireField(fields, \"Nonce\");\n const issuedAt = new Date(requireField(fields, \"Issued At\"));\n const expirationTime = optionalDate(fields, \"Expiration Time\");\n const notBefore = optionalDate(fields, \"Not Before\");\n const requestId = fields.get(\"Request ID\");\n\n const result: LoginMessageParams = {\n domain,\n address,\n chainId,\n nonce,\n uri,\n version,\n issuedAt,\n };\n if (statement !== undefined) result.statement = statement;\n if (expirationTime !== undefined) result.expirationTime = expirationTime;\n if (notBefore !== undefined) result.notBefore = notBefore;\n if (requestId !== undefined) result.requestId = requestId;\n return result;\n}\n\n/**\n * Verify that a login message was signed by the address embedded in the\n * message. Returns `{ valid, address }` where `address` is the recovered\n * signer (checksummed). Does NOT check expiration / not-before / nonce\n * consumption — those are the AuthService's responsibility.\n */\nexport async function verifyLoginMessage(\n message: string,\n signature: Hex,\n): Promise<VerifyLoginResult> {\n const parsed = parseLoginMessage(message);\n const valid = await verifyMessage({\n address: parsed.address,\n message,\n signature,\n });\n if (valid) {\n return { valid: true, address: parsed.address };\n }\n // Recover anyway so callers can log the mismatch.\n const recovered = await recoverMessageAddress({ message, signature });\n return { valid: false, address: getAddress(recovered) as Address };\n}\n\n// -------------------------------------------------------------------------\n// helpers\n// -------------------------------------------------------------------------\n\nconst KNOWN_KEYS = new Set([\n \"URI\",\n \"Version\",\n \"Chain ID\",\n \"Nonce\",\n \"Issued At\",\n \"Expiration Time\",\n \"Not Before\",\n \"Request ID\",\n]);\n\nfunction looksLikeKeyValue(line: string): boolean {\n const idx = line.indexOf(\": \");\n if (idx === -1) return false;\n return KNOWN_KEYS.has(line.slice(0, idx));\n}\n\nfunction requireField(fields: Map<string, string>, key: string): string {\n const value = fields.get(key);\n if (value === undefined) {\n throw new Error(`parseLoginMessage: missing required field \"${key}\"`);\n }\n return value;\n}\n\nfunction optionalDate(\n fields: Map<string, string>,\n key: string,\n): Date | undefined {\n const raw = fields.get(key);\n if (raw === undefined) return undefined;\n return new Date(raw);\n}\n","import { keccak256, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\n\nexport const SPONSOR_AUTH_DOMAIN_NAME = \"PafiSponsorAuth\";\n\nexport const SPONSOR_AUTH_TYPES = {\n SponsorAuth: [\n { name: \"chainId\", type: \"uint256\" },\n { name: \"sender\", type: \"address\" },\n { name: \"callDataHash\", type: \"bytes32\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"expiresAt\", type: \"uint256\" },\n { name: \"scenario\", type: \"string\" },\n { name: \"issuerId\", type: \"string\" },\n ],\n} as const;\n\nexport interface SponsorAuthPayload {\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n nonce: bigint;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface SponsorAuthVerifyResult {\n ok: boolean;\n recoveredAddress?: Address;\n reason?: \"EXPIRED\" | \"INVALID_SIGNER\" | \"INVALID_SIGNATURE_FORMAT\";\n}\n\nexport function buildSponsorAuthDomain(chainId: number) {\n return {\n name: SPONSOR_AUTH_DOMAIN_NAME,\n version: \"1\",\n chainId,\n verifyingContract: \"0x0000000000000000000000000000000000000000\" as Address,\n };\n}\n\nfunction buildMessage(payload: SponsorAuthPayload) {\n return {\n chainId: BigInt(payload.chainId),\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce,\n expiresAt: BigInt(payload.expiresAt),\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport function buildSponsorAuthTypedData(payload: SponsorAuthPayload) {\n return {\n domain: buildSponsorAuthDomain(payload.chainId),\n types: SPONSOR_AUTH_TYPES,\n primaryType: \"SponsorAuth\" as const,\n message: buildMessage(payload),\n };\n}\n\nexport function computeCallDataHash(callData: Hex): Hex {\n return keccak256(callData);\n}\n\nexport async function signSponsorAuth(\n wallet: WalletClient,\n payload: SponsorAuthPayload,\n): Promise<Hex> {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n return wallet.signTypedData({\n account: wallet.account!,\n domain,\n types,\n primaryType,\n message,\n });\n}\n\nexport interface BuiltSponsorAuth {\n sig: Hex;\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n /** Decimal-string for JSON transport (bigint not safely serializable). */\n nonce: string;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface BuildSponsorAuthParams {\n /** User EOA the sponsorship is for. */\n userAddress: Address;\n /** UserOp `callData` to bind the auth to (hashed via keccak256). */\n callData: Hex;\n /** Chain id the UserOp will execute on. */\n chainId: number;\n /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */\n scenario: string;\n /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */\n issuerId: string;\n /** Issuer signer wallet (HSM/KMS-backed in production). */\n issuerSignerWallet: WalletClient;\n /** Validity window in seconds. Default 600 (10 min). */\n expiresInSeconds?: number;\n /**\n * Optional explicit nonce. When omitted, defaults to a unique\n * `Date.now() * 1e6 + random` — matches the gg56 reference impl.\n * Override for test fixtures or when chaining replay-protection.\n */\n nonce?: bigint;\n}\n\n/**\n * Build, sign, and serialize a `SponsorAuth` payload in one call.\n * Replaces the ~30 LoC private `buildSponsorAuth` helper that every\n * issuer would otherwise reimplement on each sponsored endpoint.\n *\n * Output is JSON-safe (`nonce` as decimal string) and matches the\n * shape sponsor-relayer's `/paymaster/sponsor` accepts as the\n * `sponsorAuth` field.\n *\n * Issuer typically calls this from each sponsored controller route:\n *\n * ```ts\n * const sponsorAuth = await buildAndSignSponsorAuth({\n * userAddress: user.userAddress,\n * callData: userOp.callData,\n * chainId,\n * scenario: 'mint',\n * issuerId: this.config.get('PAFI_ISSUER_ID'),\n * issuerSignerWallet: this.issuerSignerWallet,\n * });\n * return { ...response, sponsorAuth };\n * ```\n */\nexport async function buildAndSignSponsorAuth(\n params: BuildSponsorAuthParams,\n): Promise<BuiltSponsorAuth> {\n const expiresAt =\n Math.floor(Date.now() / 1000) + (params.expiresInSeconds ?? 600);\n\n const nonce =\n params.nonce ??\n BigInt(Date.now()) * 1_000_000n +\n BigInt(Math.floor(Math.random() * 1_000_000));\n\n const payload: SponsorAuthPayload = {\n chainId: params.chainId,\n sender: params.userAddress,\n callDataHash: computeCallDataHash(params.callData),\n nonce,\n expiresAt,\n scenario: params.scenario,\n issuerId: params.issuerId,\n };\n\n const sig = await signSponsorAuth(params.issuerSignerWallet, payload);\n\n return {\n sig,\n chainId: payload.chainId,\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce.toString(),\n expiresAt: payload.expiresAt,\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport async function verifySponsorAuth(\n payload: SponsorAuthPayload,\n signature: Hex,\n expectedSigner: Address,\n): Promise<SponsorAuthVerifyResult> {\n const nowSec = Math.floor(Date.now() / 1000);\n if (payload.expiresAt < nowSec) {\n return { ok: false, reason: \"EXPIRED\" };\n }\n\n if (signature.length < 132) {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n let recovered: Address;\n try {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n recovered = await recoverTypedDataAddress({\n domain,\n types,\n primaryType,\n message,\n signature,\n });\n } catch {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n if (recovered.toLowerCase() !== expectedSigner.toLowerCase()) {\n return { ok: false, reason: \"INVALID_SIGNER\", recoveredAddress: recovered };\n }\n\n return { ok: true, recoveredAddress: recovered };\n}\n"]}
package/dist/index.cjs CHANGED
@@ -12,7 +12,8 @@ var _chunkR6OFGVMPcjs = require('./chunk-R6OFGVMP.cjs');
12
12
 
13
13
 
14
14
 
15
- var _chunkFNJZUNK3cjs = require('./chunk-FNJZUNK3.cjs');
15
+
16
+ var _chunkRZDG6SRRcjs = require('./chunk-RZDG6SRR.cjs');
16
17
 
17
18
 
18
19
 
@@ -715,7 +716,8 @@ var CONTRACT_ADDRESSES = {
715
716
  pafiHook: "0x870cAF9882d3160602AaC1769C2B264A2d8EC044",
716
717
  chainlinkEthUsd: "0x71041dddad3595F9CEd3DcCFBe3D1F4b0a16Bb70",
717
718
  orderlyRelay: "0xDA082DAce1522c185aeB5A713FcA6fa6B6E99e7f",
718
- pafiFeeRecipient: "0xa3F71eadEd101513a0151007590020dCFD7C495e"
719
+ pafiFeeRecipient: "0xa3F71eadEd101513a0151007590020dCFD7C495e",
720
+ universalRouter: "0x6fF5693b99212Da76ad316178A184AB56D299b43"
719
721
  },
720
722
  // Base Sepolia — not in active use; placeholders kept so the map
721
723
  // compiles for tooling that enumerates chains.
@@ -728,7 +730,8 @@ var CONTRACT_ADDRESSES = {
728
730
  pafiHook: PLACEHOLDER_DEAD("dead"),
729
731
  chainlinkEthUsd: PLACEHOLDER_DEAD("de02"),
730
732
  orderlyRelay: PLACEHOLDER_DEAD("de03"),
731
- pafiFeeRecipient: PLACEHOLDER_DEAD("de04")
733
+ pafiFeeRecipient: PLACEHOLDER_DEAD("de04"),
734
+ universalRouter: PLACEHOLDER_DEAD("de05")
732
735
  }
733
736
  };
734
737
  var POINT_TOKEN_FACTORY_ADDRESSES = {
@@ -1195,7 +1198,7 @@ var PafiSDK = class {
1195
1198
  if (!account) {
1196
1199
  throw new (0, _chunkJJ2LGENOcjs.ConfigurationError)("signer has no account attached");
1197
1200
  }
1198
- return _chunkFNJZUNK3cjs.createLoginMessage.call(void 0, { ...params, address: account.address, chainId });
1201
+ return _chunkRZDG6SRRcjs.createLoginMessage.call(void 0, { ...params, address: account.address, chainId });
1199
1202
  }
1200
1203
  /** Sign a login message string with the current signer (personal_sign) */
1201
1204
  async signLoginMessage(message) {
@@ -1341,5 +1344,6 @@ var PafiSDK = class {
1341
1344
 
1342
1345
 
1343
1346
 
1344
- exports.ApiError = _chunkJJ2LGENOcjs.ApiError; exports.BATCH_EXECUTOR_7702_IMPL = BATCH_EXECUTOR_7702_IMPL; exports.BATCH_EXECUTOR_ABI = _chunkJJ2LGENOcjs.BATCH_EXECUTOR_ABI; exports.BATCH_EXECUTOR_ADDRESS_BASE_MAINNET = BATCH_EXECUTOR_ADDRESS_BASE_MAINNET; exports.BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA = BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA; exports.BROKER_HASHES = BROKER_HASHES; exports.COMMON_POOLS = _chunkX2JZFK4Ccjs.COMMON_POOLS; exports.COMMON_TOKENS = _chunkX2JZFK4Ccjs.COMMON_TOKENS; exports.CONTRACT_ADDRESSES = CONTRACT_ADDRESSES; exports.ConfigurationError = _chunkJJ2LGENOcjs.ConfigurationError; exports.DUMMY_SIGNATURE_V07 = DUMMY_SIGNATURE_V07; exports.ENTRY_POINT_V07 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V07; exports.ENTRY_POINT_V08 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V08; exports.ORDERLY_RELAY_ABI = ORDERLY_RELAY_ABI; exports.ORDERLY_VAULT_ABI = ORDERLY_VAULT_ABI; exports.ORDERLY_VAULT_ADDRESSES = ORDERLY_VAULT_ADDRESSES; exports.ORDERLY_VAULT_BASE_MAINNET = ORDERLY_VAULT_BASE_MAINNET; exports.PAFI_SUBGRAPH_URL = PAFI_SUBGRAPH_URL; exports.PERMIT2_ADDRESS = _chunkX2JZFK4Ccjs.PERMIT2_ADDRESS; exports.POINT_TOKEN_FACTORY_ADDRESSES = POINT_TOKEN_FACTORY_ADDRESSES; exports.POINT_TOKEN_IMPL_ADDRESSES = POINT_TOKEN_IMPL_ADDRESSES; exports.POINT_TOKEN_POOLS = _chunkX2JZFK4Ccjs.POINT_TOKEN_POOLS; exports.POINT_TOKEN_V2_ABI = _chunkLRHY7GORcjs.pointTokenAbi; exports.PafiSDK = PafiSDK; exports.PafiSDKError = _chunkJJ2LGENOcjs.PafiSDKError; exports.SETTLE_ALL = _chunkJJ2LGENOcjs.SETTLE_ALL; exports.SIMPLE_7702_IMPL_BASE_MAINNET = SIMPLE_7702_IMPL_BASE_MAINNET; exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkFNJZUNK3cjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkFNJZUNK3cjs.SPONSOR_AUTH_TYPES; exports.SUPPORTED_CHAINS = _chunkX2JZFK4Ccjs.SUPPORTED_CHAINS; exports.SWAP_EXACT_IN = _chunkJJ2LGENOcjs.SWAP_EXACT_IN; exports.SigningError = _chunkJJ2LGENOcjs.SigningError; exports.SimulationError = _chunkJJ2LGENOcjs.SimulationError; exports.TAKE_ALL = _chunkJJ2LGENOcjs.TAKE_ALL; exports.TOKEN_HASHES = TOKEN_HASHES; exports.UNIVERSAL_ROUTER_ADDRESSES = _chunkX2JZFK4Ccjs.UNIVERSAL_ROUTER_ADDRESSES; exports.V4_QUOTER_ADDRESSES = _chunkX2JZFK4Ccjs.V4_QUOTER_ADDRESSES; exports.V4_SWAP = _chunkJJ2LGENOcjs.V4_SWAP; exports.ZERO_VALUE = ZERO_VALUE; exports._resetPaymasterConfigForTests = _resetPaymasterConfigForTests; exports.assembleUserOperation = _chunkJJ2LGENOcjs.assembleUserOperation; exports.buildAllPaths = _chunkL5UHQQVCcjs.buildAllPaths; exports.buildBurnRequestTypedData = _chunkDX73FB4Pcjs.buildBurnRequestTypedData; exports.buildDelegationUserOp = buildDelegationUserOp; exports.buildDomain = _chunkDX73FB4Pcjs.buildDomain; exports.buildErc20ApprovalCalldata = _chunkJJ2LGENOcjs.buildErc20ApprovalCalldata; exports.buildMintRequestTypedData = _chunkDX73FB4Pcjs.buildMintRequestTypedData; exports.buildPartialUserOperation = _chunkJJ2LGENOcjs.buildPartialUserOperation; exports.buildPermit2ApprovalCalldata = _chunkJJ2LGENOcjs.buildPermit2ApprovalCalldata; exports.buildPerpDepositViaRelay = buildPerpDepositViaRelay; exports.buildPerpDepositWithGasDeduction = buildPerpDepositWithGasDeduction; exports.buildReceiverConsentTypedData = _chunkDX73FB4Pcjs.buildReceiverConsentTypedData; exports.buildSponsorAuthDomain = _chunkFNJZUNK3cjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkFNJZUNK3cjs.buildSponsorAuthTypedData; exports.buildSwapFromQuote = _chunkJJ2LGENOcjs.buildSwapFromQuote; exports.buildSwapWithGasDeduction = _chunkJJ2LGENOcjs.buildSwapWithGasDeduction; exports.buildUniversalRouterExecuteArgs = _chunkJJ2LGENOcjs.buildUniversalRouterExecuteArgs; exports.buildUserOpTypedData = buildUserOpTypedData; exports.buildV4SwapInput = _chunkJJ2LGENOcjs.buildV4SwapInput; exports.burnRequestTypes = _chunkX2JZFK4Ccjs.burnRequestTypes; exports.checkAllowance = _chunkJJ2LGENOcjs.checkAllowance; exports.checkDelegation = checkDelegation; exports.checkEthAndBranch = checkEthAndBranch; exports.combineRoutes = _chunkL5UHQQVCcjs.combineRoutes; exports.computeAccountId = computeAccountId; exports.computeAuthorizationHash = computeAuthorizationHash; exports.computeCallDataHash = _chunkFNJZUNK3cjs.computeCallDataHash; exports.computeUserOpHash = computeUserOpHash; exports.createLoginMessage = _chunkFNJZUNK3cjs.createLoginMessage; exports.createPafiProxyTransport = createPafiProxyTransport; exports.decodeBatchExecuteCalls = _chunkJJ2LGENOcjs.decodeBatchExecuteCalls; exports.detectDelegateImpl = detectDelegateImpl; exports.encodeBatchExecute = _chunkJJ2LGENOcjs.encodeBatchExecute; exports.erc20Abi = _chunkIPXARZ6Fcjs.erc20Abi; exports.erc20ApproveOp = _chunkJJ2LGENOcjs.erc20ApproveOp; exports.erc20BurnOp = _chunkJJ2LGENOcjs.erc20BurnOp; exports.erc20TransferOp = _chunkJJ2LGENOcjs.erc20TransferOp; exports.fetchPafiPools = fetchPafiPools; exports.findBestQuote = _chunkL5UHQQVCcjs.findBestQuote; exports.getAaNonce = getAaNonce; exports.getBurnRequestNonce = _chunkCLPRSQT2cjs.getBurnRequestNonce; exports.getContractAddresses = getContractAddresses; exports.getDummySignatureFor7702 = getDummySignatureFor7702; exports.getIssuer = _chunkCLPRSQT2cjs.getIssuer2; exports.getMintRequestNonce = _chunkCLPRSQT2cjs.getMintRequestNonce; exports.getPafiWebModalAdapter = getPafiWebModalAdapter; exports.getPaymasterConfig = getPaymasterConfig; exports.getPointTokenBalance = _chunkCLPRSQT2cjs.getPointTokenBalance; exports.getPointTokenIssuer = _chunkCLPRSQT2cjs.getPointTokenIssuer; exports.getPointTokenIssuerAddress = _chunkCLPRSQT2cjs.getIssuer; exports.getReceiverConsentNonce = _chunkCLPRSQT2cjs.getReceiverConsentNonce; exports.getTokenName = _chunkCLPRSQT2cjs.getTokenName; exports.isActiveIssuer = _chunkCLPRSQT2cjs.isActiveIssuer; exports.isDelegatedTo = isDelegatedTo; exports.isDelegatedToTarget = isDelegatedToTarget; exports.isMinter = _chunkCLPRSQT2cjs.isMinter; exports.isPaymasterConfigured = isPaymasterConfigured; exports.isPaymasterError = isPaymasterError; exports.issuerRegistryAbi = _chunkLRHY7GORcjs.issuerRegistryAbi; exports.issuerRegistryGetIssuerFlatAbi = _chunkCLPRSQT2cjs.issuerRegistryGetIssuerFlatAbi; exports.mintRequestTypes = _chunkX2JZFK4Ccjs.mintRequestTypes; exports.mintingOracleAbi = _chunkLRHY7GORcjs.mintingOracleAbi; exports.openPafiWebModal = openPafiWebModal; exports.openWebPopup = openWebPopup; exports.parseEip7702DelegatedAddress = parseEip7702DelegatedAddress; exports.parseLoginMessage = _chunkFNJZUNK3cjs.parseLoginMessage; exports.permit2Abi = _chunkIPXARZ6Fcjs.permit2Abi; exports.pointTokenAbi = _chunkLRHY7GORcjs.pointTokenAbi; exports.pointTokenFactoryAbi = _chunkR6OFGVMPcjs.pointTokenFactoryAbi; exports.quoteBestRoute = _chunkL5UHQQVCcjs.quoteBestRoute; exports.quoteExactInput = _chunkL5UHQQVCcjs.quoteExactInput; exports.quoteExactInputSingle = _chunkL5UHQQVCcjs.quoteExactInputSingle; exports.quoteOperatorFeePt = quoteOperatorFeePt; exports.rawCallOp = _chunkJJ2LGENOcjs.rawCallOp; exports.receiverConsentTypes = _chunkX2JZFK4Ccjs.receiverConsentTypes; exports.sendWithPaymasterFallback = sendWithPaymasterFallback; exports.serializeUserOpToJsonRpc = serializeUserOpToJsonRpc; exports.setPafiWebModalAdapter = setPafiWebModalAdapter; exports.setPaymasterConfig = setPaymasterConfig; exports.signBurnRequest = _chunkDX73FB4Pcjs.signBurnRequest; exports.signMintRequest = _chunkDX73FB4Pcjs.signMintRequest; exports.signReceiverConsent = _chunkDX73FB4Pcjs.signReceiverConsent; exports.signSponsorAuth = _chunkFNJZUNK3cjs.signSponsorAuth; exports.simulateSwap = _chunkJJ2LGENOcjs.simulateSwap; exports.universalRouterAbi = _chunkIPXARZ6Fcjs.universalRouterAbi; exports.v4QuoterAbi = _chunkCL3QSI4Ocjs.v4QuoterAbi; exports.verifyBurnRequest = _chunkDX73FB4Pcjs.verifyBurnRequest; exports.verifyLoginMessage = _chunkFNJZUNK3cjs.verifyLoginMessage; exports.verifyMintCap = _chunkCLPRSQT2cjs.verifyMintCap; exports.verifyMintRequest = _chunkDX73FB4Pcjs.verifyMintRequest; exports.verifyReceiverConsent = _chunkDX73FB4Pcjs.verifyReceiverConsent; exports.verifySponsorAuth = _chunkFNJZUNK3cjs.verifySponsorAuth; exports.webPopupAdapter = webPopupAdapter;
1347
+
1348
+ exports.ApiError = _chunkJJ2LGENOcjs.ApiError; exports.BATCH_EXECUTOR_7702_IMPL = BATCH_EXECUTOR_7702_IMPL; exports.BATCH_EXECUTOR_ABI = _chunkJJ2LGENOcjs.BATCH_EXECUTOR_ABI; exports.BATCH_EXECUTOR_ADDRESS_BASE_MAINNET = BATCH_EXECUTOR_ADDRESS_BASE_MAINNET; exports.BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA = BATCH_EXECUTOR_ADDRESS_BASE_SEPOLIA; exports.BROKER_HASHES = BROKER_HASHES; exports.COMMON_POOLS = _chunkX2JZFK4Ccjs.COMMON_POOLS; exports.COMMON_TOKENS = _chunkX2JZFK4Ccjs.COMMON_TOKENS; exports.CONTRACT_ADDRESSES = CONTRACT_ADDRESSES; exports.ConfigurationError = _chunkJJ2LGENOcjs.ConfigurationError; exports.DUMMY_SIGNATURE_V07 = DUMMY_SIGNATURE_V07; exports.ENTRY_POINT_V07 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V07; exports.ENTRY_POINT_V08 = _chunkX2JZFK4Ccjs.ENTRY_POINT_V08; exports.ORDERLY_RELAY_ABI = ORDERLY_RELAY_ABI; exports.ORDERLY_VAULT_ABI = ORDERLY_VAULT_ABI; exports.ORDERLY_VAULT_ADDRESSES = ORDERLY_VAULT_ADDRESSES; exports.ORDERLY_VAULT_BASE_MAINNET = ORDERLY_VAULT_BASE_MAINNET; exports.PAFI_SUBGRAPH_URL = PAFI_SUBGRAPH_URL; exports.PERMIT2_ADDRESS = _chunkX2JZFK4Ccjs.PERMIT2_ADDRESS; exports.POINT_TOKEN_FACTORY_ADDRESSES = POINT_TOKEN_FACTORY_ADDRESSES; exports.POINT_TOKEN_IMPL_ADDRESSES = POINT_TOKEN_IMPL_ADDRESSES; exports.POINT_TOKEN_POOLS = _chunkX2JZFK4Ccjs.POINT_TOKEN_POOLS; exports.POINT_TOKEN_V2_ABI = _chunkLRHY7GORcjs.pointTokenAbi; exports.PafiSDK = PafiSDK; exports.PafiSDKError = _chunkJJ2LGENOcjs.PafiSDKError; exports.SETTLE_ALL = _chunkJJ2LGENOcjs.SETTLE_ALL; exports.SIMPLE_7702_IMPL_BASE_MAINNET = SIMPLE_7702_IMPL_BASE_MAINNET; exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkRZDG6SRRcjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkRZDG6SRRcjs.SPONSOR_AUTH_TYPES; exports.SUPPORTED_CHAINS = _chunkX2JZFK4Ccjs.SUPPORTED_CHAINS; exports.SWAP_EXACT_IN = _chunkJJ2LGENOcjs.SWAP_EXACT_IN; exports.SigningError = _chunkJJ2LGENOcjs.SigningError; exports.SimulationError = _chunkJJ2LGENOcjs.SimulationError; exports.TAKE_ALL = _chunkJJ2LGENOcjs.TAKE_ALL; exports.TOKEN_HASHES = TOKEN_HASHES; exports.UNIVERSAL_ROUTER_ADDRESSES = _chunkX2JZFK4Ccjs.UNIVERSAL_ROUTER_ADDRESSES; exports.V4_QUOTER_ADDRESSES = _chunkX2JZFK4Ccjs.V4_QUOTER_ADDRESSES; exports.V4_SWAP = _chunkJJ2LGENOcjs.V4_SWAP; exports.ZERO_VALUE = ZERO_VALUE; exports._resetPaymasterConfigForTests = _resetPaymasterConfigForTests; exports.assembleUserOperation = _chunkJJ2LGENOcjs.assembleUserOperation; exports.buildAllPaths = _chunkL5UHQQVCcjs.buildAllPaths; exports.buildAndSignSponsorAuth = _chunkRZDG6SRRcjs.buildAndSignSponsorAuth; exports.buildBurnRequestTypedData = _chunkDX73FB4Pcjs.buildBurnRequestTypedData; exports.buildDelegationUserOp = buildDelegationUserOp; exports.buildDomain = _chunkDX73FB4Pcjs.buildDomain; exports.buildErc20ApprovalCalldata = _chunkJJ2LGENOcjs.buildErc20ApprovalCalldata; exports.buildMintRequestTypedData = _chunkDX73FB4Pcjs.buildMintRequestTypedData; exports.buildPartialUserOperation = _chunkJJ2LGENOcjs.buildPartialUserOperation; exports.buildPermit2ApprovalCalldata = _chunkJJ2LGENOcjs.buildPermit2ApprovalCalldata; exports.buildPerpDepositViaRelay = buildPerpDepositViaRelay; exports.buildPerpDepositWithGasDeduction = buildPerpDepositWithGasDeduction; exports.buildReceiverConsentTypedData = _chunkDX73FB4Pcjs.buildReceiverConsentTypedData; exports.buildSponsorAuthDomain = _chunkRZDG6SRRcjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkRZDG6SRRcjs.buildSponsorAuthTypedData; exports.buildSwapFromQuote = _chunkJJ2LGENOcjs.buildSwapFromQuote; exports.buildSwapWithGasDeduction = _chunkJJ2LGENOcjs.buildSwapWithGasDeduction; exports.buildUniversalRouterExecuteArgs = _chunkJJ2LGENOcjs.buildUniversalRouterExecuteArgs; exports.buildUserOpTypedData = buildUserOpTypedData; exports.buildV4SwapInput = _chunkJJ2LGENOcjs.buildV4SwapInput; exports.burnRequestTypes = _chunkX2JZFK4Ccjs.burnRequestTypes; exports.checkAllowance = _chunkJJ2LGENOcjs.checkAllowance; exports.checkDelegation = checkDelegation; exports.checkEthAndBranch = checkEthAndBranch; exports.combineRoutes = _chunkL5UHQQVCcjs.combineRoutes; exports.computeAccountId = computeAccountId; exports.computeAuthorizationHash = computeAuthorizationHash; exports.computeCallDataHash = _chunkRZDG6SRRcjs.computeCallDataHash; exports.computeUserOpHash = computeUserOpHash; exports.createLoginMessage = _chunkRZDG6SRRcjs.createLoginMessage; exports.createPafiProxyTransport = createPafiProxyTransport; exports.decodeBatchExecuteCalls = _chunkJJ2LGENOcjs.decodeBatchExecuteCalls; exports.detectDelegateImpl = detectDelegateImpl; exports.encodeBatchExecute = _chunkJJ2LGENOcjs.encodeBatchExecute; exports.erc20Abi = _chunkIPXARZ6Fcjs.erc20Abi; exports.erc20ApproveOp = _chunkJJ2LGENOcjs.erc20ApproveOp; exports.erc20BurnOp = _chunkJJ2LGENOcjs.erc20BurnOp; exports.erc20TransferOp = _chunkJJ2LGENOcjs.erc20TransferOp; exports.fetchPafiPools = fetchPafiPools; exports.findBestQuote = _chunkL5UHQQVCcjs.findBestQuote; exports.getAaNonce = getAaNonce; exports.getBurnRequestNonce = _chunkCLPRSQT2cjs.getBurnRequestNonce; exports.getContractAddresses = getContractAddresses; exports.getDummySignatureFor7702 = getDummySignatureFor7702; exports.getIssuer = _chunkCLPRSQT2cjs.getIssuer2; exports.getMintRequestNonce = _chunkCLPRSQT2cjs.getMintRequestNonce; exports.getPafiWebModalAdapter = getPafiWebModalAdapter; exports.getPaymasterConfig = getPaymasterConfig; exports.getPointTokenBalance = _chunkCLPRSQT2cjs.getPointTokenBalance; exports.getPointTokenIssuer = _chunkCLPRSQT2cjs.getPointTokenIssuer; exports.getPointTokenIssuerAddress = _chunkCLPRSQT2cjs.getIssuer; exports.getReceiverConsentNonce = _chunkCLPRSQT2cjs.getReceiverConsentNonce; exports.getTokenName = _chunkCLPRSQT2cjs.getTokenName; exports.isActiveIssuer = _chunkCLPRSQT2cjs.isActiveIssuer; exports.isDelegatedTo = isDelegatedTo; exports.isDelegatedToTarget = isDelegatedToTarget; exports.isMinter = _chunkCLPRSQT2cjs.isMinter; exports.isPaymasterConfigured = isPaymasterConfigured; exports.isPaymasterError = isPaymasterError; exports.issuerRegistryAbi = _chunkLRHY7GORcjs.issuerRegistryAbi; exports.issuerRegistryGetIssuerFlatAbi = _chunkCLPRSQT2cjs.issuerRegistryGetIssuerFlatAbi; exports.mintRequestTypes = _chunkX2JZFK4Ccjs.mintRequestTypes; exports.mintingOracleAbi = _chunkLRHY7GORcjs.mintingOracleAbi; exports.openPafiWebModal = openPafiWebModal; exports.openWebPopup = openWebPopup; exports.parseEip7702DelegatedAddress = parseEip7702DelegatedAddress; exports.parseLoginMessage = _chunkRZDG6SRRcjs.parseLoginMessage; exports.permit2Abi = _chunkIPXARZ6Fcjs.permit2Abi; exports.pointTokenAbi = _chunkLRHY7GORcjs.pointTokenAbi; exports.pointTokenFactoryAbi = _chunkR6OFGVMPcjs.pointTokenFactoryAbi; exports.quoteBestRoute = _chunkL5UHQQVCcjs.quoteBestRoute; exports.quoteExactInput = _chunkL5UHQQVCcjs.quoteExactInput; exports.quoteExactInputSingle = _chunkL5UHQQVCcjs.quoteExactInputSingle; exports.quoteOperatorFeePt = quoteOperatorFeePt; exports.rawCallOp = _chunkJJ2LGENOcjs.rawCallOp; exports.receiverConsentTypes = _chunkX2JZFK4Ccjs.receiverConsentTypes; exports.sendWithPaymasterFallback = sendWithPaymasterFallback; exports.serializeUserOpToJsonRpc = serializeUserOpToJsonRpc; exports.setPafiWebModalAdapter = setPafiWebModalAdapter; exports.setPaymasterConfig = setPaymasterConfig; exports.signBurnRequest = _chunkDX73FB4Pcjs.signBurnRequest; exports.signMintRequest = _chunkDX73FB4Pcjs.signMintRequest; exports.signReceiverConsent = _chunkDX73FB4Pcjs.signReceiverConsent; exports.signSponsorAuth = _chunkRZDG6SRRcjs.signSponsorAuth; exports.simulateSwap = _chunkJJ2LGENOcjs.simulateSwap; exports.universalRouterAbi = _chunkIPXARZ6Fcjs.universalRouterAbi; exports.v4QuoterAbi = _chunkCL3QSI4Ocjs.v4QuoterAbi; exports.verifyBurnRequest = _chunkDX73FB4Pcjs.verifyBurnRequest; exports.verifyLoginMessage = _chunkRZDG6SRRcjs.verifyLoginMessage; exports.verifyMintCap = _chunkCLPRSQT2cjs.verifyMintCap; exports.verifyMintRequest = _chunkDX73FB4Pcjs.verifyMintRequest; exports.verifyReceiverConsent = _chunkDX73FB4Pcjs.verifyReceiverConsent; exports.verifySponsorAuth = _chunkRZDG6SRRcjs.verifySponsorAuth; exports.webPopupAdapter = webPopupAdapter;
1345
1349
  //# sourceMappingURL=index.cjs.map