@pafi-dev/issuer 0.7.6 → 0.7.8

package/dist/index.js

@@ -2283,15 +2283,18 @@ import {
   ENTRY_POINT_V08 as ENTRY_POINT_V082,
   buildDelegationUserOp,
   buildEip7702Authorization,
+  computeUserOpHash as computeUserOpHash2,
+  buildUserOpTypedData as buildUserOpTypedData2,
   getContractAddresses as getContractAddresses5,
   serializeUserOpToJsonRpc as serializeUserOpToJsonRpc2
 } from "@pafi-dev/core";
+import { getAddress as getAddress9 } from "viem";
 var DEFAULT_DELEGATE_GAS = {
   callGasLimit: 100000n,
   verificationGasLimit: 150000n,
   preVerificationGas: 50000n
 };
-async function handleDelegateSubmit(params) {
+async function handleDelegatePrepare(params) {
   const { batchExecutor } = getContractAddresses5(params.chainId);
   const partial = buildDelegationUserOp({
     userAddress: params.userAddress,
@@ -2328,39 +2331,76 @@ async function handleDelegateSubmit(params) {
     onWarning: params.onWarning
   });
   const merged = {
-    ...userOp,
-    ...paymasterFields ?? {}
+    sender: userOp.sender,
+    nonce: userOp.nonce,
+    callData: userOp.callData,
+    callGasLimit: paymasterFields?.callGasLimit ?? userOp.callGasLimit,
+    verificationGasLimit: paymasterFields?.verificationGasLimit ?? userOp.verificationGasLimit,
+    preVerificationGas: paymasterFields?.preVerificationGas ?? userOp.preVerificationGas,
+    maxFeePerGas: paymasterFields?.maxFeePerGas ?? userOp.maxFeePerGas,
+    maxPriorityFeePerGas: paymasterFields?.maxPriorityFeePerGas ?? userOp.maxPriorityFeePerGas,
+    paymaster: paymasterFields?.paymaster,
+    paymasterVerificationGasLimit: paymasterFields?.paymasterVerificationGasLimit,
+    paymasterPostOpGasLimit: paymasterFields?.paymasterPostOpGasLimit,
+    paymasterData: paymasterFields?.paymasterData
   };
-  const userOpJson = serializeUserOpToJsonRpc2(
+  const userOpHash = computeUserOpHash2(merged, params.chainId);
+  const typed = buildUserOpTypedData2(merged, params.chainId);
+  await params.store.save(
+    params.lockId,
     {
       sender: merged.sender,
-      nonce: merged.nonce,
+      nonce: merged.nonce.toString(10),
       callData: merged.callData,
-      callGasLimit: merged.callGasLimit,
-      verificationGasLimit: merged.verificationGasLimit,
-      preVerificationGas: merged.preVerificationGas,
-      maxFeePerGas: merged.maxFeePerGas,
-      maxPriorityFeePerGas: merged.maxPriorityFeePerGas,
-      paymaster: paymasterFields?.paymaster,
-      paymasterVerificationGasLimit: paymasterFields?.paymasterVerificationGasLimit,
-      paymasterPostOpGasLimit: paymasterFields?.paymasterPostOpGasLimit,
-      paymasterData: paymasterFields?.paymasterData
+      callGasLimit: merged.callGasLimit.toString(10),
+      verificationGasLimit: merged.verificationGasLimit.toString(10),
+      preVerificationGas: merged.preVerificationGas.toString(10),
+      maxFeePerGas: merged.maxFeePerGas.toString(10),
+      maxPriorityFeePerGas: merged.maxPriorityFeePerGas.toString(10),
+      ...merged.paymaster ? { paymaster: merged.paymaster } : {},
+      ...merged.paymasterVerificationGasLimit ? {
+        paymasterVerificationGasLimit: merged.paymasterVerificationGasLimit.toString(10)
+      } : {},
+      ...merged.paymasterPostOpGasLimit ? {
+        paymasterPostOpGasLimit: merged.paymasterPostOpGasLimit.toString(10)
+      } : {},
+      ...merged.paymasterData ? { paymasterData: merged.paymasterData } : {},
+      chainId: params.chainId,
+      userOpHash,
+      eip7702Auth: authorization
     },
-    // Delegation UserOp is submitted unsigned — the EIP-7702 authorization
-    // is the user's "consent"; no separate AA signature is needed.
-    "0x"
+    params.ttlSeconds
   );
+  return {
+    lockId: params.lockId,
+    userOpHash,
+    typedData: serializeUserOpTypedData(typed),
+    expiresInSeconds: params.ttlSeconds,
+    isSponsored: !!paymasterFields
+  };
+}
+async function handleDelegateSubmit(params) {
+  const entry = await params.store.get(params.lockId);
+  if (!entry) {
+    throw new PendingUserOpNotFoundError(params.lockId);
+  }
+  if (getAddress9(entry.sender) !== getAddress9(params.authenticatedAddress)) {
+    throw new PendingUserOpForbiddenError(params.lockId);
+  }
+  if (!entry.eip7702Auth) {
+    throw new Error(
+      `delegate entry ${params.lockId} missing eip7702Auth \u2014 prepare step did not run correctly`
+    );
+  }
+  const userOpJson = serializeEntryToJsonRpc(entry, params.userOpSig, "sponsored");
   const result = await relayUserOp({
     client: params.pafiBackendClient,
     userOp: userOpJson,
-    entryPoint: ENTRY_POINT_V082,
-    eip7702Auth: authorization
+    entryPoint: params.entryPoint ?? ENTRY_POINT_V082,
+    eip7702Auth: entry.eip7702Auth
   });
-  return {
-    userOpHash: result.userOpHash,
-    isSponsored: !!paymasterFields,
-    authorization
-  };
+  await params.store.delete(params.lockId);
+  return { userOpHash: result.userOpHash };
 }
 
 // src/api/errorMapper.ts
@@ -2389,10 +2429,10 @@ function createSdkErrorMapper(factories) {
 }
 
 // src/api/issuerApiAdapter.ts
-import { getAddress as getAddress9 } from "viem";
+import { randomUUID } from "crypto";
+import { getAddress as getAddress10 } from "viem";
 import {
   buildAndSignSponsorAuth,
-  computeAuthorizationHash,
   decodeBatchExecuteCalls as decodeBatchExecuteCalls3,
   encodeBatchExecute,
   ENTRY_POINT_V08 as ENTRY_POINT_V083,
@@ -2455,7 +2495,7 @@ var IssuerApiAdapter = class {
   async pools(authenticatedAddress, chainId, pointTokenAddress) {
     const result = await this.cfg.issuerService.api.handlePools(
       authenticatedAddress,
-      { chainId, pointTokenAddress: getAddress9(pointTokenAddress) }
+      { chainId, pointTokenAddress: getAddress10(pointTokenAddress) }
     );
     return { pools: result.pools };
   }
@@ -2464,8 +2504,8 @@ var IssuerApiAdapter = class {
       authenticatedAddress,
       {
         chainId,
-        userAddress: getAddress9(userAddress),
-        pointTokenAddress: getAddress9(pointTokenAddress)
+        userAddress: getAddress10(userAddress),
+        pointTokenAddress: getAddress10(pointTokenAddress)
       }
     );
     return {
@@ -2487,7 +2527,7 @@ var IssuerApiAdapter = class {
       "ptClaimHandler",
       "claim"
     );
-    const pointTokenAddress = getAddress9(input.pointTokenAddress);
+    const pointTokenAddress = getAddress10(input.pointTokenAddress);
     const result = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
@@ -2582,7 +2622,7 @@ var IssuerApiAdapter = class {
       "ptClaimHandler",
       "claimPrepare"
     );
-    const pointTokenAddress = getAddress9(input.pointTokenAddress);
+    const pointTokenAddress = getAddress10(input.pointTokenAddress);
     const claimResult = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
@@ -2628,7 +2668,7 @@ var IssuerApiAdapter = class {
   }
   async redeemPrepare(input) {
     this.assertRedeemHandler();
-    const pointTokenAddress = getAddress9(input.pointTokenAddress);
+    const pointTokenAddress = getAddress10(input.pointTokenAddress);
     const redeemResponse = await this.cfg.ptRedeemHandler.handle({
       userAddress: input.authenticatedAddress,
       authenticatedAddress: input.authenticatedAddress,
@@ -2693,45 +2733,73 @@ var IssuerApiAdapter = class {
   // ------------------------------ Delegate endpoints -----------------------
   async delegateStatus(authenticatedAddress, chainId) {
     const { batchExecutor } = getContractAddresses6(chainId);
-    const code = await this.cfg.provider.getCode({
-      address: authenticatedAddress
-    });
-    return {
-      isDelegated: parseEip7702DelegatedAddress2(code) !== null,
-      batchExecutorAddress: batchExecutor
-    };
-  }
-  async delegatePrepare(authenticatedAddress, chainId) {
-    const { batchExecutor } = getContractAddresses6(chainId);
-    const accountNonce = BigInt(
-      await this.cfg.provider.getTransactionCount({
-        address: authenticatedAddress
+    const [code, nonce] = await Promise.all([
+      this.cfg.provider.getCode({ address: authenticatedAddress }),
+      this.cfg.provider.getTransactionCount({
+        address: authenticatedAddress,
+        blockTag: "pending"
       })
-    );
-    const authorizationHash = computeAuthorizationHash(
-      chainId,
-      batchExecutor,
-      accountNonce
-    );
+    ]);
     return {
-      authorizationHash,
-      delegationNonce: accountNonce.toString(),
+      isDelegated: parseEip7702DelegatedAddress2(code) !== null,
       batchExecutorAddress: batchExecutor,
+      delegationNonce: nonce.toString(),
       chainId
     };
   }
-  async delegateSubmit(input) {
+  /**
+   * Build the delegation-anchor UserOp + obtain paymaster sponsorship
+   * + persist as a pending entry. Mobile must:
+   *
+   *   1. Sign EIP-7702 authorization LOCALLY (Privy `signAuthorization`
+   *      with `{contractAddress: batchExecutorAddress, chainId,
+   *      nonce: delegationNonce}`) → 65-byte authSig hex.
+   *   2. POST `/delegate/prepare` with `{ chainId, delegationNonce,
+   *      authSig }` → this method.
+   *   3. Sign returned `userOpHash` LOCALLY (`signTypedData(typedData)`).
+   *   4. POST `/delegate/submit` with `{ lockId, userOpSig }`.
+   *
+   * v0.7.7 — replaces single-shot delegateSubmit that tried to relay
+   * a UserOp with empty `signature: "0x"` (Simple7702Account's
+   * validateUserOp reverts `ECDSAInvalidSignatureLength` 0xfce698f7).
+   */
+  async delegatePrepare(authenticatedAddress, input) {
+    const { batchExecutor } = getContractAddresses6(input.chainId);
     const fees = await this.cfg.provider.estimateFeesPerGas();
-    const result = await handleDelegateSubmit({
-      userAddress: input.authenticatedAddress,
+    const lockId = randomUUID();
+    const result = await handleDelegatePrepare({
+      userAddress: authenticatedAddress,
       chainId: input.chainId,
       delegationNonce: input.delegationNonce,
       aaNonce: input.aaNonce,
       authSig: input.authSig,
       fees,
+      lockId,
+      store: this.cfg.pendingUserOpStore,
+      ttlSeconds: 15 * 60,
+      // 15min — match claim/redeem mobile lock duration
       pafiBackendClient: this.cfg.pafiBackendClient,
       onWarning: this.cfg.onWarning
     });
+    return {
+      lockId: result.lockId,
+      userOpHash: result.userOpHash,
+      typedData: result.typedData,
+      expiresInSeconds: result.expiresInSeconds,
+      isSponsored: result.isSponsored,
+      delegationNonce: input.delegationNonce.toString(),
+      batchExecutorAddress: batchExecutor,
+      chainId: input.chainId
+    };
+  }
+  async delegateSubmit(input) {
+    const result = await handleDelegateSubmit({
+      lockId: input.lockId,
+      authenticatedAddress: input.authenticatedAddress,
+      userOpSig: input.userOpSig,
+      store: this.cfg.pendingUserOpStore,
+      pafiBackendClient: this.cfg.pafiBackendClient
+    });
     return { userOpHash: result.userOpHash };
   }
   // ------------------------------ Internal helpers -------------------------
@@ -3372,7 +3440,7 @@ var PafiBackendClient = class {
 };
 
 // src/config.ts
-import { getAddress as getAddress10 } from "viem";
+import { getAddress as getAddress11 } from "viem";
 import { getContractAddresses as getContractAddresses7 } from "@pafi-dev/core";
 function createIssuerService(config) {
   if (!config.provider) {
@@ -3393,7 +3461,7 @@ function createIssuerService(config) {
       "createIssuerService: at least one of pointTokenAddress / pointTokenAddresses is required"
     );
   }
-  const tokenAddresses = rawAddresses.map((a) => getAddress10(a));
+  const tokenAddresses = rawAddresses.map((a) => getAddress11(a));
   const ledger = config.ledger;
   const sessionStore = config.sessionStore ?? new MemorySessionStore();
   const policy = config.policy ?? new DefaultPolicyEngine({ ledger });
@@ -3482,7 +3550,7 @@ function createIssuerService(config) {
 }
 
 // src/issuer-state/validator.ts
-import { getAddress as getAddress11 } from "viem";
+import { getAddress as getAddress12 } from "viem";
 import {
   POINT_TOKEN_V2_ABI as POINT_TOKEN_V2_ABI3,
   issuerRegistryGetIssuerFlatAbi,
@@ -3513,7 +3581,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    */
   invalidate(pointToken) {
     if (pointToken) {
-      const key = getAddress11(pointToken);
+      const key = getAddress12(pointToken);
       this.pointTokenIssuerCache.delete(key);
       this.stateCache.delete(key);
       this.inflight.delete(key);
@@ -3528,7 +3596,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    * The issuer field is set at `initialize()` and never changes.
    */
   async getIssuerAddressForPointToken(pointToken) {
-    const key = getAddress11(pointToken);
+    const key = getAddress12(pointToken);
     const cached = this.pointTokenIssuerCache.get(key);
     if (cached) return cached;
     const issuer = await this.provider.readContract({
@@ -3536,15 +3604,15 @@ var IssuerStateValidator = class _IssuerStateValidator {
       abi: POINT_TOKEN_V2_ABI3,
       functionName: "issuer"
     });
-    this.pointTokenIssuerCache.set(key, getAddress11(issuer));
-    return getAddress11(issuer);
+    this.pointTokenIssuerCache.set(key, getAddress12(issuer));
+    return getAddress12(issuer);
   }
   /**
    * Read registry record + totalSupply, with 30s cache and in-flight
    * deduplication. Does NOT throw on inactive/missing — returns raw state.
    */
   async getIssuerState(pointToken) {
-    const tokenAddr = getAddress11(pointToken);
+    const tokenAddr = getAddress12(pointToken);
     const now = Date.now();
     const cached = this.stateCache.get(tokenAddr);
     if (cached && cached.expiresAt > now) return cached.value;
@@ -3642,7 +3710,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
 };
 
 // src/index.ts
-var PAFI_ISSUER_SDK_VERSION = true ? "0.7.6" : "dev";
+var PAFI_ISSUER_SDK_VERSION = true ? "0.7.8" : "dev";
 export {
   AdapterMisconfiguredError,
   AuthError,