@rhinestone/sdk 1.4.1 → 1.5.0

package/dist/src/jwt-server/signer.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createJwtSigner = createJwtSigner;
+const jose_1 = require("jose");
+const digest_1 = require("./digest");
+const sponsorship_1 = require("./sponsorship");
+function pickAlg(jwk) {
+    if (jwk.kty === 'EC') {
+        if (jwk.crv === 'P-256')
+            return 'ES256';
+        if (jwk.crv === 'P-384')
+            return 'ES384';
+        if (jwk.crv === 'P-521')
+            return 'ES512';
+        throw new Error(`Unsupported EC curve: ${jwk.crv}`);
+    }
+    if (jwk.kty === 'RSA')
+        return 'RS256';
+    throw new Error(`Unsupported JWK kty: ${jwk.kty}`);
+}
+function createJwtSigner(config) {
+    const { jwt: { privateKey, integratorId, projectId, appId, keyId, audience = 'rhinestone-api', }, shouldSponsor: filters, } = config;
+    const alg = pickAlg(privateKey);
+    let cachedKey = null;
+    async function getKey() {
+        if (!cachedKey) {
+            cachedKey = (await (0, jose_1.importJWK)(privateKey, alg));
+        }
+        return cachedKey;
+    }
+    async function accessToken() {
+        const key = await getKey();
+        return new jose_1.SignJWT({ typ: 'access', app_id: appId })
+            .setProtectedHeader({ alg, kid: keyId })
+            .setIssuer(integratorId)
+            .setSubject(projectId)
+            .setAudience(audience)
+            .setIssuedAt()
+            .setExpirationTime('1h')
+            .sign(key);
+    }
+    async function getIntentExtensionToken(intentInput) {
+        if (filters) {
+            const allowed = await (0, sponsorship_1.shouldSponsor)(intentInput, filters);
+            if (!allowed) {
+                throw new sponsorship_1.SponsorshipDeniedError();
+            }
+        }
+        const key = await getKey();
+        const digest = await (0, digest_1.computeIntentInputDigest)(intentInput);
+        return new jose_1.SignJWT({
+            typ: 'intent_extension',
+            app_id: appId,
+            jti: crypto.randomUUID(),
+            policy: {
+                sponsorship: {
+                    scope: 'intent',
+                    intent_input: { digest },
+                },
+            },
+        })
+            .setProtectedHeader({ alg, kid: keyId })
+            .setIssuer(integratorId)
+            .setSubject(projectId)
+            .setAudience(audience)
+            .setIssuedAt()
+            .setExpirationTime('5m')
+            .sign(key);
+    }
+    return { accessToken, getIntentExtensionToken };
+}

package/dist/src/jwt-server/sponsorship.d.ts

@@ -0,0 +1,19 @@
+import type { Address, Hex } from 'viem';
+export declare class SponsorshipDeniedError extends Error {
+    constructor();
+}
+type MaybeAsync<T> = T | Promise<T>;
+export interface SponsorshipFilter {
+    chain?: (chain: {
+        id: number;
+    }) => MaybeAsync<boolean>;
+    account?: (address: Address) => MaybeAsync<boolean>;
+    calls?: (calls: {
+        to: Address;
+        value: bigint;
+        data: Hex;
+    }[]) => MaybeAsync<boolean>;
+}
+export declare function shouldSponsor(intentInput: unknown, filters: SponsorshipFilter): Promise<boolean>;
+export {};
+//# sourceMappingURL=sponsorship.d.ts.map

package/dist/src/jwt-server/sponsorship.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sponsorship.d.ts","sourceRoot":"","sources":["../../../jwt-server/sponsorship.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAA;AAExC,qBAAa,sBAAuB,SAAQ,KAAK;;CAKhD;AAED,KAAK,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;AAEnC,MAAM,WAAW,iBAAiB;IAChC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,KAAK,UAAU,CAAC,OAAO,CAAC,CAAA;IACtD,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,UAAU,CAAC,OAAO,CAAC,CAAA;IACnD,KAAK,CAAC,EAAE,CACN,KAAK,EAAE;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE,EAAE,KAC/C,UAAU,CAAC,OAAO,CAAC,CAAA;CACzB;AAiDD,wBAAsB,aAAa,CACjC,WAAW,EAAE,OAAO,EACpB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,OAAO,CAAC,CAclB"}

package/dist/src/jwt-server/sponsorship.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SponsorshipDeniedError = void 0;
+exports.shouldSponsor = shouldSponsor;
+class SponsorshipDeniedError extends Error {
+    constructor() {
+        super('Sponsorship denied');
+        this.name = 'SponsorshipDeniedError';
+    }
+}
+exports.SponsorshipDeniedError = SponsorshipDeniedError;
+function parseIntentInput(intentInput) {
+    if (typeof intentInput !== 'object' || intentInput === null) {
+        throw new Error('intentInput must be a non-null object');
+    }
+    const input = intentInput;
+    const chainId = input.destinationChainId;
+    if (typeof chainId !== 'number') {
+        throw new Error('intentInput.destinationChainId must be a number');
+    }
+    const account = input.account;
+    if (typeof account !== 'object' || account === null) {
+        throw new Error('intentInput.account must be a non-null object');
+    }
+    const address = account.address;
+    if (typeof address !== 'string') {
+        throw new Error('intentInput.account.address must be a string');
+    }
+    const executions = input.destinationExecutions;
+    if (!Array.isArray(executions)) {
+        throw new Error('intentInput.destinationExecutions must be an array');
+    }
+    const calls = executions.map((exec) => ({
+        to: exec.to,
+        value: BigInt(exec.value),
+        data: exec.data,
+    }));
+    return {
+        chain: { id: chainId },
+        account: address,
+        calls,
+    };
+}
+async function shouldSponsor(intentInput, filters) {
+    const parsed = parseIntentInput(intentInput);
+    if (filters.chain && !(await filters.chain(parsed.chain))) {
+        return false;
+    }
+    if (filters.account && !(await filters.account(parsed.account))) {
+        return false;
+    }
+    if (filters.calls && !(await filters.calls(parsed.calls))) {
+        return false;
+    }
+    return true;
+}

package/dist/src/jwt-server/web.d.ts

@@ -0,0 +1,4 @@
+import { type JwtHandlerConfig } from './handlers';
+export declare function createAccessTokenHandler(config: JwtHandlerConfig): (req: Request) => Promise<Response>;
+export declare function createExtensionTokenHandler(config: JwtHandlerConfig): (req: Request) => Promise<Response>;
+//# sourceMappingURL=web.d.ts.map

package/dist/src/jwt-server/web.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"web.d.ts","sourceRoot":"","sources":["../../../jwt-server/web.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,gBAAgB,EACtB,MAAM,YAAY,CAAA;AAEnB,wBAAgB,wBAAwB,CACtC,MAAM,EAAE,gBAAgB,GACvB,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAOrC;AAED,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,gBAAgB,GACvB,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAerC"}

package/dist/src/jwt-server/web.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAccessTokenHandler = createAccessTokenHandler;
+exports.createExtensionTokenHandler = createExtensionTokenHandler;
+const handlers_1 = require("./handlers");
+function createAccessTokenHandler(config) {
+    const handle = (0, handlers_1.createCoreAccessTokenHandler)(config);
+    return async () => {
+        const result = await handle();
+        return Response.json(result.body, { status: result.status });
+    };
+}
+function createExtensionTokenHandler(config) {
+    const handle = (0, handlers_1.createCoreExtensionTokenHandler)(config);
+    return async (req) => {
+        let intentInput;
+        try {
+            const body = await req.json();
+            intentInput = body.intentInput;
+        }
+        catch {
+            return Response.json({ error: 'Invalid JSON body' }, { status: 400 });
+        }
+        const result = await handle(intentInput);
+        return Response.json(result.body, { status: result.status });
+    };
+}

package/dist/src/modules/validators/index.d.ts

@@ -1,4 +1,4 @@
 import { getMockSignature, getOwnerValidator, MULTI_FACTOR_VALIDATOR_ADDRESS, OWNABLE_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS } from './core';
-import { buildMockSignature, getEnableSessionCall, getPermissionId, getSmartSessionValidator, isSessionEnabled } from './smart-sessions';
-export { OWNABLE_VALIDATOR_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS, MULTI_FACTOR_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, getOwnerValidator, getSmartSessionValidator, getEnableSessionCall, getPermissionId, getMockSignature, buildMockSignature, isSessionEnabled, };
+import { buildMockSignature, DUMMY_PRECLAIMOP_SELECTOR, DUMMY_PRECLAIMOP_TARGET, getEnableSessionCall, getPermissionId, getSmartSessionValidator, isSessionEnabled, packSignature } from './smart-sessions';
+export { OWNABLE_VALIDATOR_ADDRESS, WEBAUTHN_VALIDATOR_ADDRESS, MULTI_FACTOR_VALIDATOR_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS, DUMMY_PRECLAIMOP_TARGET, DUMMY_PRECLAIMOP_SELECTOR, getOwnerValidator, getSmartSessionValidator, getEnableSessionCall, getPermissionId, getMockSignature, buildMockSignature, isSessionEnabled, packSignature, };
 //# sourceMappingURL=index.d.ts.map

package/dist/src/modules/validators/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/validators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAC9B,0BAA0B,EAC3B,MAAM,QAAQ,CAAA;AACf,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EACjB,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,iBAAiB,EACjB,wBAAwB,EACxB,oBAAoB,EACpB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,GACjB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/validators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,8BAA8B,EAC9B,yBAAyB,EACzB,8BAA8B,EAC9B,0BAA0B,EAC3B,MAAM,QAAQ,CAAA;AACf,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EAChB,aAAa,EACd,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,yBAAyB,EACzB,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,uBAAuB,EACvB,yBAAyB,EACzB,iBAAiB,EACjB,wBAAwB,EACxB,oBAAoB,EACpB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,GACd,CAAA"}

package/dist/src/modules/validators/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isSessionEnabled = exports.buildMockSignature = exports.getMockSignature = exports.getPermissionId = exports.getEnableSessionCall = exports.getSmartSessionValidator = exports.getOwnerValidator = exports.SMART_SESSION_EMISSARY_ADDRESS = exports.MULTI_FACTOR_VALIDATOR_ADDRESS = exports.WEBAUTHN_VALIDATOR_ADDRESS = exports.OWNABLE_VALIDATOR_ADDRESS = void 0;
+exports.packSignature = exports.isSessionEnabled = exports.buildMockSignature = exports.getMockSignature = exports.getPermissionId = exports.getEnableSessionCall = exports.getSmartSessionValidator = exports.getOwnerValidator = exports.DUMMY_PRECLAIMOP_SELECTOR = exports.DUMMY_PRECLAIMOP_TARGET = exports.SMART_SESSION_EMISSARY_ADDRESS = exports.MULTI_FACTOR_VALIDATOR_ADDRESS = exports.WEBAUTHN_VALIDATOR_ADDRESS = exports.OWNABLE_VALIDATOR_ADDRESS = void 0;
 const core_1 = require("./core");
 Object.defineProperty(exports, "getMockSignature", { enumerable: true, get: function () { return core_1.getMockSignature; } });
 Object.defineProperty(exports, "getOwnerValidator", { enumerable: true, get: function () { return core_1.getOwnerValidator; } });
@@ -10,7 +10,10 @@ Object.defineProperty(exports, "SMART_SESSION_EMISSARY_ADDRESS", { enumerable: t
 Object.defineProperty(exports, "WEBAUTHN_VALIDATOR_ADDRESS", { enumerable: true, get: function () { return core_1.WEBAUTHN_VALIDATOR_ADDRESS; } });
 const smart_sessions_1 = require("./smart-sessions");
 Object.defineProperty(exports, "buildMockSignature", { enumerable: true, get: function () { return smart_sessions_1.buildMockSignature; } });
+Object.defineProperty(exports, "DUMMY_PRECLAIMOP_SELECTOR", { enumerable: true, get: function () { return smart_sessions_1.DUMMY_PRECLAIMOP_SELECTOR; } });
+Object.defineProperty(exports, "DUMMY_PRECLAIMOP_TARGET", { enumerable: true, get: function () { return smart_sessions_1.DUMMY_PRECLAIMOP_TARGET; } });
 Object.defineProperty(exports, "getEnableSessionCall", { enumerable: true, get: function () { return smart_sessions_1.getEnableSessionCall; } });
 Object.defineProperty(exports, "getPermissionId", { enumerable: true, get: function () { return smart_sessions_1.getPermissionId; } });
 Object.defineProperty(exports, "getSmartSessionValidator", { enumerable: true, get: function () { return smart_sessions_1.getSmartSessionValidator; } });
 Object.defineProperty(exports, "isSessionEnabled", { enumerable: true, get: function () { return smart_sessions_1.isSessionEnabled; } });
+Object.defineProperty(exports, "packSignature", { enumerable: true, get: function () { return smart_sessions_1.packSignature; } });

package/dist/src/modules/validators/policies/claim/permit2.d.ts

@@ -0,0 +1,55 @@
+import { type Address, type Hex } from 'viem';
+import type { Permit2ClaimPolicy } from '../../../../types';
+/** Typed representation of the Permit2 message fields used for calldata building */
+export interface Permit2ClaimMessage {
+    permitted: readonly {
+        token: Address;
+        amount: bigint;
+    }[];
+    spender: Address;
+    nonce: bigint;
+    deadline: bigint;
+    mandate: {
+        target: {
+            recipient: Address;
+            tokenOut: readonly {
+                token: Address;
+                amount: bigint;
+            }[];
+            targetChain: bigint;
+            fillExpiry: bigint;
+        };
+        minGas: bigint;
+        originOps: {
+            vt: Hex;
+            ops: readonly {
+                to: Address;
+                value: bigint;
+                data: Hex;
+            }[];
+        };
+        destOps: {
+            vt: Hex;
+            ops: readonly {
+                to: Address;
+                value: bigint;
+                data: Hex;
+            }[];
+        };
+        q: Hex;
+    };
+}
+/**
+ * Builds the policySpecificData calldata for a Permit2ClaimPolicy EIP-1271 check.
+ *
+ * Format (derived from Permit2ClaimPolicy.sol calldata layout):
+ *   Header:  [spender:20][nonce:32][deadline:32]
+ *   TokenIn: expanded [count:1][token:32][amount:32]... OR pre-computed hash [32]
+ *   Mandate: if any target check enabled — expanded target + minGas:16 + ops hashes + q
+ *            else — pre-computed mandateHash [32]
+ *
+ */
+export declare function buildPermit2ClaimPolicyCalldata(policy: Permit2ClaimPolicy, message: Permit2ClaimMessage): Hex;
+export declare const PERMIT2_CLAIM_POLICY_ADDRESS: Address;
+export declare function encodePermit2ClaimPolicyInitData(policy: Permit2ClaimPolicy): Hex;
+//# sourceMappingURL=permit2.d.ts.map

package/dist/src/modules/validators/policies/claim/permit2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permit2.d.ts","sourceRoot":"","sources":["../../../../../../modules/validators/policies/claim/permit2.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,OAAO,EAIZ,KAAK,GAAG,EAKT,MAAM,MAAM,CAAA;AACb,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AAiD3D,oFAAoF;AACpF,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,SAAS;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,EAAE,CAAA;IACxD,OAAO,EAAE,OAAO,CAAA;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE;QACP,MAAM,EAAE;YACN,SAAS,EAAE,OAAO,CAAA;YAClB,QAAQ,EAAE,SAAS;gBAAE,KAAK,EAAE,OAAO,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,CAAA;YACvD,WAAW,EAAE,MAAM,CAAA;YACnB,UAAU,EAAE,MAAM,CAAA;SACnB,CAAA;QACD,MAAM,EAAE,MAAM,CAAA;QACd,SAAS,EAAE;YACT,EAAE,EAAE,GAAG,CAAA;YACP,GAAG,EAAE,SAAS;gBAAE,EAAE,EAAE,OAAO,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAC;gBAAC,IAAI,EAAE,GAAG,CAAA;aAAE,EAAE,CAAA;SAC1D,CAAA;QACD,OAAO,EAAE;YACP,EAAE,EAAE,GAAG,CAAA;YACP,GAAG,EAAE,SAAS;gBAAE,EAAE,EAAE,OAAO,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAC;gBAAC,IAAI,EAAE,GAAG,CAAA;aAAE,EAAE,CAAA;SAC1D,CAAA;QACD,CAAC,EAAE,GAAG,CAAA;KACP,CAAA;CACF;AA+ED;;;;;;;;;GASG;AACH,wBAAgB,+BAA+B,CAC7C,MAAM,EAAE,kBAAkB,EAC1B,OAAO,EAAE,mBAAmB,GAC3B,GAAG,CA2EL;AAED,eAAO,MAAM,4BAA4B,EAAE,OACG,CAAA;AAE9C,wBAAgB,gCAAgC,CAC9C,MAAM,EAAE,kBAAkB,GACzB,GAAG,CA2FL"}

package/dist/src/modules/validators/policies/claim/permit2.js

@@ -0,0 +1,239 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PERMIT2_CLAIM_POLICY_ADDRESS = void 0;
+exports.buildPermit2ClaimPolicyCalldata = buildPermit2ClaimPolicyCalldata;
+exports.encodePermit2ClaimPolicyInitData = encodePermit2ClaimPolicyInitData;
+const viem_1 = require("viem");
+const types_1 = require("./types");
+// EIP-712 type definitions for Permit2/Mandate struct encoding.
+// Note: the token-out struct is named 'Token' in the Solidity contract (matching the
+// signed Permit2 message types in execution/permit2.ts).
+const PERMIT2_TYPES = {
+    TokenPermissions: [
+        { name: 'token', type: 'address' },
+        { name: 'amount', type: 'uint256' },
+    ],
+    Token: [
+        { name: 'token', type: 'address' },
+        { name: 'amount', type: 'uint256' },
+    ],
+    Ops: [
+        { name: 'to', type: 'address' },
+        { name: 'value', type: 'uint256' },
+        { name: 'data', type: 'bytes' },
+    ],
+    Op: [
+        { name: 'vt', type: 'bytes32' },
+        { name: 'ops', type: 'Ops[]' },
+    ],
+    Target: [
+        { name: 'recipient', type: 'address' },
+        { name: 'tokenOut', type: 'Token[]' },
+        { name: 'targetChain', type: 'uint256' },
+        { name: 'fillExpiry', type: 'uint256' },
+    ],
+    Mandate: [
+        { name: 'target', type: 'Target' },
+        { name: 'minGas', type: 'uint128' },
+        { name: 'originOps', type: 'Op' },
+        { name: 'destOps', type: 'Op' },
+        { name: 'q', type: 'bytes32' },
+    ],
+};
+// --- EIP-712 hash helpers ---
+function hashArray(hashes) {
+    return (0, viem_1.keccak256)(hashes.length > 0 ? (0, viem_1.concat)(hashes) : '0x');
+}
+function hashTokenPermissionsArray(permitted) {
+    return hashArray(permitted.map(({ token, amount }) => (0, viem_1.hashStruct)({
+        primaryType: 'TokenPermissions',
+        types: PERMIT2_TYPES,
+        data: { token, amount },
+    })));
+}
+function hashTokenOutArray(tokenOut) {
+    return hashArray(tokenOut.map(({ token, amount }) => (0, viem_1.hashStruct)({
+        primaryType: 'Token',
+        types: PERMIT2_TYPES,
+        data: { token, amount },
+    })));
+}
+function hashOpStruct(op) {
+    return (0, viem_1.hashStruct)({
+        primaryType: 'Op',
+        types: PERMIT2_TYPES,
+        data: { vt: op.vt, ops: Array.from(op.ops) },
+    });
+}
+function hashMandateStruct(mandate) {
+    return (0, viem_1.hashStruct)({
+        primaryType: 'Mandate',
+        types: PERMIT2_TYPES,
+        data: {
+            target: {
+                recipient: mandate.target.recipient,
+                tokenOut: Array.from(mandate.target.tokenOut),
+                targetChain: mandate.target.targetChain,
+                fillExpiry: mandate.target.fillExpiry,
+            },
+            minGas: mandate.minGas,
+            originOps: {
+                vt: mandate.originOps.vt,
+                ops: Array.from(mandate.originOps.ops),
+            },
+            destOps: { vt: mandate.destOps.vt, ops: Array.from(mandate.destOps.ops) },
+            q: mandate.q,
+        },
+    });
+}
+// --- Token array encoding helpers ---
+/** Encodes a token+amount pair as [token_as_uint256:32][amount:32] (64 bytes) */
+function encodeTokenEntry(token, amount) {
+    return (0, viem_1.encodeAbiParameters)([{ type: 'address' }, { type: 'uint256' }], [token, amount]);
+}
+/**
+ * Builds the policySpecificData calldata for a Permit2ClaimPolicy EIP-1271 check.
+ *
+ * Format (derived from Permit2ClaimPolicy.sol calldata layout):
+ *   Header:  [spender:20][nonce:32][deadline:32]
+ *   TokenIn: expanded [count:1][token:32][amount:32]... OR pre-computed hash [32]
+ *   Mandate: if any target check enabled — expanded target + minGas:16 + ops hashes + q
+ *            else — pre-computed mandateHash [32]
+ *
+ */
+function buildPermit2ClaimPolicyCalldata(policy, message) {
+    const tokenInEnabled = !!policy.tokensIn?.length;
+    const recipientEnabled = !!policy.recipients?.length;
+    const fillExpiryEnabled = !!policy.fillExpiryBounds?.length;
+    const tokenOutEnabled = !!policy.tokensOut?.length;
+    const recipientIsSponsorEnabled = !!policy.recipientIsSponsor;
+    // hasAnyTargetCheck mirrors the Solidity MASK_TARGET_CHECKS logic for our supported fields
+    const hasAnyTargetCheck = recipientEnabled ||
+        fillExpiryEnabled ||
+        tokenOutEnabled ||
+        recipientIsSponsorEnabled;
+    const parts = [];
+    // Header: [spender:20][nonce:32][deadline:32]  (spender == arbiter in Permit2 context)
+    parts.push((0, viem_1.encodePacked)(['address', 'uint256', 'uint256'], [message.spender, message.nonce, message.deadline]));
+    // TokenIn section
+    if (tokenInEnabled) {
+        // Expanded: [count:1][token_as_uint256:32][amount:32]...
+        if (message.permitted.length > 255)
+            throw new Error('permitted array exceeds max length of 255');
+        parts.push((0, viem_1.toHex)(message.permitted.length, { size: 1 }));
+        for (const { token, amount } of message.permitted) {
+            parts.push(encodeTokenEntry(token, amount));
+        }
+    }
+    else {
+        parts.push(hashTokenPermissionsArray(message.permitted));
+    }
+    // Mandate section
+    if (!hasAnyTargetCheck) {
+        // No mandate-level checks enabled — provide pre-computed mandateHash
+        parts.push(hashMandateStruct(message.mandate));
+    }
+    else {
+        // Expanded mandate: target fields + minGas + ops hashes + q
+        const target = message.mandate.target;
+        // Target: [recipient:20][targetChain:32][fillExpiry:32]
+        parts.push((0, viem_1.encodePacked)(['address', 'uint256', 'uint256'], [target.recipient, target.targetChain, target.fillExpiry]));
+        // TokenOut (inside target)
+        if (tokenOutEnabled) {
+            if (target.tokenOut.length > 255)
+                throw new Error('tokenOut array exceeds max length of 255');
+            parts.push((0, viem_1.toHex)(target.tokenOut.length, { size: 1 }));
+            for (const { token, amount } of target.tokenOut) {
+                parts.push(encodeTokenEntry(token, amount));
+            }
+        }
+        else {
+            parts.push(hashTokenOutArray(target.tokenOut));
+        }
+        // minGas: uint128 = 16 bytes
+        parts.push((0, viem_1.toHex)(message.mandate.minGas, { size: 16 }));
+        // originOpsHash and destOpsHash: always 32-byte hashes (we don't support ops checks)
+        parts.push(hashOpStruct(message.mandate.originOps));
+        parts.push(hashOpStruct(message.mandate.destOps));
+        // qualificationHash: q is already keccak256(qualifier.encodedVal)
+        parts.push(message.mandate.q);
+    }
+    return (0, viem_1.concat)(parts);
+}
+exports.PERMIT2_CLAIM_POLICY_ADDRESS = '0x62E3588C6d861C9f986E82EC3757434EDF16ce91';
+function encodePermit2ClaimPolicyInitData(policy) {
+    let modeConfig = 0;
+    const setMode = (fieldId) => {
+        modeConfig |= types_1.MODE_CHECK_STORAGE << (fieldId * 2);
+    };
+    if (policy.arbiters?.length)
+        setMode(types_1.FIELD_ARBITER);
+    if (policy.expiryBounds)
+        setMode(types_1.FIELD_EXPIRY);
+    if (policy.tokensIn?.length)
+        setMode(types_1.FIELD_TOKEN_IN);
+    if (policy.recipients?.length)
+        setMode(types_1.FIELD_RECIPIENT);
+    if (policy.fillExpiryBounds?.length)
+        setMode(types_1.FIELD_FILL_EXPIRY);
+    if (policy.tokensOut?.length)
+        setMode(types_1.FIELD_TOKEN_OUT);
+    if (policy.recipientIsSponsor)
+        setMode(types_1.FIELD_RECIPIENT_IS_SPONSOR);
+    const parts = [(0, viem_1.toHex)(modeConfig, { size: 4 })];
+    // Arbiter: [count: 1][address: 20] each
+    if (policy.arbiters?.length) {
+        if (policy.arbiters.length > 255)
+            throw new Error('arbiters array exceeds max length of 255');
+        parts.push((0, viem_1.encodePacked)(['uint8', ...policy.arbiters.map(() => 'address')], [policy.arbiters.length, ...policy.arbiters]));
+    }
+    // Expiry: [maxExpiry: 16][minExpiry: 16] packed into uint256
+    if (policy.expiryBounds) {
+        const mask128 = (1n << 128n) - 1n;
+        const min = (policy.expiryBounds.min ?? 0n) & mask128;
+        const max = (policy.expiryBounds.max ?? viem_1.maxUint256) & mask128;
+        parts.push((0, viem_1.toHex)((min & mask128) | (max << 128n), { size: 32 }));
+    }
+    // TokenIn: [count: 1][chainId: 32][token: 20] each
+    if (policy.tokensIn?.length) {
+        if (policy.tokensIn.length > 255)
+            throw new Error('tokensIn array exceeds max length of 255');
+        parts.push((0, viem_1.toHex)(policy.tokensIn.length, { size: 1 }));
+        for (const { chainId, token } of policy.tokensIn) {
+            parts.push((0, viem_1.encodePacked)(['uint256', 'address'], [BigInt(chainId), token]));
+        }
+    }
+    // Recipient: [count: 1][chainId: 32][recipient: 20] each
+    if (policy.recipients?.length) {
+        if (policy.recipients.length > 255)
+            throw new Error('recipients array exceeds max length of 255');
+        parts.push((0, viem_1.toHex)(policy.recipients.length, { size: 1 }));
+        for (const { chainId, recipient } of policy.recipients) {
+            parts.push((0, viem_1.encodePacked)(['uint256', 'address'], [BigInt(chainId), recipient === 'any' ? types_1.ANY_ADDRESS : recipient]));
+        }
+    }
+    // FillExpiry: [count: 1][chainId: 32][max<<128|min packed into uint256] each
+    if (policy.fillExpiryBounds?.length) {
+        if (policy.fillExpiryBounds.length > 255)
+            throw new Error('fillExpiryBounds array exceeds max length of 255');
+        const mask128 = (1n << 128n) - 1n;
+        parts.push((0, viem_1.toHex)(policy.fillExpiryBounds.length, { size: 1 }));
+        for (const { chainId, min: fMin, max: fMax } of policy.fillExpiryBounds) {
+            const minVal = (fMin ?? 0n) & mask128;
+            const maxVal = (fMax ?? viem_1.maxUint256) & mask128;
+            const packed = minVal | (maxVal << 128n);
+            parts.push((0, viem_1.encodePacked)(['uint256', 'uint256'], [BigInt(chainId), packed]));
+        }
+    }
+    // TokenOut: [count: 1][chainId: 32][token: 20] each
+    if (policy.tokensOut?.length) {
+        if (policy.tokensOut.length > 255)
+            throw new Error('tokensOut array exceeds max length of 255');
+        parts.push((0, viem_1.toHex)(policy.tokensOut.length, { size: 1 }));
+        for (const { chainId, token } of policy.tokensOut) {
+            parts.push((0, viem_1.encodePacked)(['uint256', 'address'], [BigInt(chainId), token]));
+        }
+    }
+    // RecipientIsSponsor has no data payload — mode bit alone enables it
+    return (0, viem_1.concat)(parts);
+}

package/dist/src/modules/validators/policies/claim/types.d.ts

@@ -0,0 +1,12 @@
+export declare const FIELD_ARBITER = 0;
+export declare const FIELD_EXPIRY = 1;
+export declare const FIELD_TOKEN_IN = 2;
+export declare const FIELD_RECIPIENT = 3;
+export declare const FIELD_FILL_EXPIRY = 4;
+export declare const FIELD_TOKEN_OUT = 5;
+export declare const FIELD_ORIGIN_OPS = 6;
+export declare const FIELD_DEST_OPS = 7;
+export declare const FIELD_RECIPIENT_IS_SPONSOR = 9;
+export declare const MODE_CHECK_STORAGE = 1;
+export declare const ANY_ADDRESS: "0xFFfFfFffFFfffFFfFFfFFFFFffFFFffffFfFFFfF";
+//# sourceMappingURL=types.d.ts.map

package/dist/src/modules/validators/policies/claim/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../../../modules/validators/policies/claim/types.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,aAAa,IAAI,CAAA;AAC9B,eAAO,MAAM,YAAY,IAAI,CAAA;AAC7B,eAAO,MAAM,cAAc,IAAI,CAAA;AAC/B,eAAO,MAAM,eAAe,IAAI,CAAA;AAChC,eAAO,MAAM,iBAAiB,IAAI,CAAA;AAClC,eAAO,MAAM,eAAe,IAAI,CAAA;AAChC,eAAO,MAAM,gBAAgB,IAAI,CAAA;AACjC,eAAO,MAAM,cAAc,IAAI,CAAA;AAE/B,eAAO,MAAM,0BAA0B,IAAI,CAAA;AAG3C,eAAO,MAAM,kBAAkB,IAAI,CAAA;AAGnC,eAAO,MAAM,WAAW,EAAG,4CAAqD,CAAA"}

package/dist/src/modules/validators/policies/claim/types.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ANY_ADDRESS = exports.MODE_CHECK_STORAGE = exports.FIELD_RECIPIENT_IS_SPONSOR = exports.FIELD_DEST_OPS = exports.FIELD_ORIGIN_OPS = exports.FIELD_TOKEN_OUT = exports.FIELD_FILL_EXPIRY = exports.FIELD_RECIPIENT = exports.FIELD_TOKEN_IN = exports.FIELD_EXPIRY = exports.FIELD_ARBITER = void 0;
+// Field IDs matching BaseDataTypes.sol
+exports.FIELD_ARBITER = 0;
+exports.FIELD_EXPIRY = 1;
+exports.FIELD_TOKEN_IN = 2;
+exports.FIELD_RECIPIENT = 3;
+exports.FIELD_FILL_EXPIRY = 4;
+exports.FIELD_TOKEN_OUT = 5;
+exports.FIELD_ORIGIN_OPS = 6;
+exports.FIELD_DEST_OPS = 7;
+// Field 8 is reserved in BaseDataTypes.sol
+exports.FIELD_RECIPIENT_IS_SPONSOR = 9;
+// Mode values
+exports.MODE_CHECK_STORAGE = 1;
+// Sentinel: allows any recipient address
+exports.ANY_ADDRESS = '0xFFfFfFffFFfffFFfFFfFFFFFffFFFffffFfFFFfF';

package/dist/src/modules/validators/smart-sessions.d.ts

@@ -1,5 +1,5 @@
 import { type Address, type Hex, type TypedDataDefinition } from 'viem';
-import type { ProviderConfig, RhinestoneAccountConfig, RhinestoneConfig, Session, SessionEnableData } from '../../types';
+import type { Policy, ProviderConfig, RhinestoneAccountConfig, RhinestoneConfig, Session, SessionEnableData } from '../../types';
 import { type Module } from '../common';
 import { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV } from './core';
 interface SessionData {
@@ -164,11 +164,21 @@ declare const SMART_SESSION_MODE_ENABLE = "0x01";
 declare const SMART_SESSIONS_FALLBACK_TARGET_FLAG: Address;
 declare const SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG: Hex;
 declare const SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG_PERMITTED_TO_CALL_SMARTSESSION: Hex;
+declare const DUMMY_PRECLAIMOP_TARGET: Address;
+declare const DUMMY_PRECLAIMOP_SELECTOR: Hex;
+declare const SPENDING_LIMITS_POLICY_ADDRESS: Address;
+declare const TIME_FRAME_POLICY_ADDRESS: Address;
+declare const SUDO_POLICY_ADDRESS: Address;
+declare const UNIVERSAL_ACTION_POLICY_ADDRESS: Address;
+declare const USAGE_LIMIT_POLICY_ADDRESS: Address;
+declare const VALUE_LIMIT_POLICY_ADDRESS: Address;
+declare const INTENT_EXECUTION_POLICY_ADDRESS: Address;
 interface ResolvedSessionSignerSet {
     type: 'experimental_session';
     session: Session;
     enableData?: SessionEnableData;
     verifyExecutions: boolean;
+    claimPolicyData?: Hex;
 }
 declare function packSignature(signers: ResolvedSessionSignerSet, validatorSignature: Hex): Hex;
 declare function getSessionDetails(account: Address, sessions: Session[], provider: ProviderConfig | undefined, useDevContracts?: boolean): Promise<SessionDetails>;
@@ -181,8 +191,9 @@ declare function getEnableSessionCall(account: Address, session: Session, enable
     to: `0x${string}`;
     data: `0x${string}`;
 }>;
-declare function getSessionData(session: Session): SessionData;
+declare function getSessionData(session: Session, useDevContracts?: boolean): SessionData;
 declare function getPermissionId(session: Session): `0x${string}`;
+declare function getPolicyData(policy: Policy, useDevContracts?: boolean): PolicyData;
 declare function getSmartSessionValidator(config: RhinestoneConfig): Module | null;
 /**
  * Builds a mockSignature for SSX validation gas estimation.
@@ -192,7 +203,7 @@ declare function getSmartSessionValidator(config: RhinestoneConfig): Module | nu
  * The orchestrator slices off the first 20 bytes to identify the validator, then
  * simulates verifyExecution with the mock emissary to estimate gas before the user signs.
  */
-declare function buildMockSignature(session: Session, useDevContracts?: boolean, chainCount?: number): Hex;
-export { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV, SMART_SESSIONS_FALLBACK_TARGET_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG_PERMITTED_TO_CALL_SMARTSESSION, packSignature, getSessionData, getEnableSessionCall, getPermissionId, getSmartSessionValidator, getSessionDetails, isSessionEnabled, signEnableSession, buildMockSignature, };
+declare function buildMockSignature(session: Session, useDevContracts?: boolean, chainCount?: number, targetChainId?: number): Hex;
+export { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV, SMART_SESSIONS_FALLBACK_TARGET_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG_PERMITTED_TO_CALL_SMARTSESSION, DUMMY_PRECLAIMOP_TARGET, DUMMY_PRECLAIMOP_SELECTOR, SPENDING_LIMITS_POLICY_ADDRESS, TIME_FRAME_POLICY_ADDRESS, SUDO_POLICY_ADDRESS, UNIVERSAL_ACTION_POLICY_ADDRESS, USAGE_LIMIT_POLICY_ADDRESS, VALUE_LIMIT_POLICY_ADDRESS, INTENT_EXECUTION_POLICY_ADDRESS, packSignature, getSessionData, getPolicyData, getEnableSessionCall, getPermissionId, getSmartSessionValidator, getSessionDetails, isSessionEnabled, signEnableSession, buildMockSignature, };
 export type { ChainSession, ChainDigest, ResolvedSessionSignerSet, SessionData, SmartSessionModeType, SessionDetails, };
 //# sourceMappingURL=smart-sessions.d.ts.map

package/dist/src/modules/validators/smart-sessions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"smart-sessions.d.ts","sourceRoot":"","sources":["../../../../modules/validators/smart-sessions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,OAAO,EAMZ,KAAK,GAAG,EAOR,KAAK,mBAAmB,EAKzB,MAAM,MAAM,CAAA;AAcb,OAAO,KAAK,EAGV,cAAc,EACd,uBAAuB,EACvB,gBAAgB,EAChB,OAAO,EACP,iBAAiB,EAElB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAA4B,KAAK,MAAM,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EAGL,8BAA8B,EAC9B,kCAAkC,EACnC,MAAM,QAAQ,CAAA;AAQf,UAAU,WAAW;IACnB,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,eAAe,EAAE;QACf,qBAAqB,EAAE,SAAS,qBAAqB,EAAE,CAAA;QACvD,eAAe,EAAE,SAAS,aAAa,EAAE,CAAA;KAC1C,CAAA;IACD,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;IAC9B,aAAa,EAAE,SAAS,UAAU,EAAE,CAAA;CACrC;AAED,UAAU,aAAa;IACrB,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,GAAG,CAAA;CACd;AAED,UAAU,qBAAqB;IAC7B,kBAAkB,EAAE,GAAG,CAAA;IACvB,YAAY,EAAE,SAAS,MAAM,EAAE,CAAA;CAChC;AAED,UAAU,UAAU;IAClB,oBAAoB,EAAE,GAAG,CAAA;IACzB,YAAY,EAAE,OAAO,CAAA;IACrB,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;CACtC;AAED,UAAU,UAAU;IAClB,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,GAAG,CAAA;CACd;AAaD,KAAK,oBAAoB,GACrB,OAAO,sBAAsB,GAC7B,OAAO,yBAAyB,CAAA;AAEpC,UAAU,WAAW;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB;AAED,UAAU,iBAAiB;IACzB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,iBAAiB,EAAE,OAAO,CAAA;IAC1B,0BAA0B,EAAE,OAAO,CAAA;IACnC,sBAAsB,EAAE,OAAO,CAAA;IAC/B,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;IACrC,eAAe,EAAE,WAAW,CAAA;IAC5B,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;CAC/B;AAED,UAAU,aAAa;IACrB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,MAAM,CAAA;CACd;AAED,UAAU,YAAY;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,aAAa,CAAA;CACvB;AAED,UAAU,WAAW;IACnB,qBAAqB,EAAE,SAAS,cAAc,EAAE,CAAA;IAChD,eAAe,EAAE,SAAS,UAAU,EAAE,CAAA;CACvC;AAED,UAAU,cAAc;IACtB,kBAAkB,EAAE,GAAG,CAAA;IACvB,WAAW,EAAE,SAAS,MAAM,EAAE,CAAA;CAC/B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,iBAAiB,EAAE,WAAW,EAAE,CAAA;IAChC,IAAI,EAAE,mBAAmB,CAAC,OAAO,KAAK,EAAE,mBAAmB,CAAC,CAAA;CAC7D;AAED,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CD,CAAA;AAEV,QAAA,MAAM,sBAAsB,SAAS,CAAA;AACrC,QAAA,MAAM,yBAAyB,SAAS,CAAA;AAExC,QAAA,MAAM,mCAAmC,EAAE,OACG,CAAA;AAC9C,QAAA,MAAM,4CAA4C,EAAE,GAAkB,CAAA;AACtE,QAAA,MAAM,2EAA2E,EAAE,GACrE,CAAA;AAyBd,UAAU,wBAAwB;IAChC,IAAI,EAAE,sBAAsB,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,CAAC,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,iBAAS,aAAa,CACpB,OAAO,EAAE,wBAAwB,EACjC,kBAAkB,EAAE,GAAG,GACtB,GAAG,CA4JL;AAED,iBAAe,iBAAiB,CAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,OAAO,EAAE,EACnB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,cAAc,CAAC,CA+CzB;AAED,iBAAe,gBAAgB,CAC7B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,OAAO,CAAC,CAuBlB;AAED,iBAAe,iBAAiB,CAC9B,MAAM,EAAE,uBAAuB,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,GAAG,CAAC,CAyBd;AAwED,iBAAe,oBAAoB,CACjC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,EAChB,sBAAsB,EAAE,GAAG,EAC3B,iBAAiB,EAAE;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB,EAAE,EACH,oBAAoB,EAAE,MAAM,EAC5B,eAAe,CAAC,EAAE,OAAO;;;GA8B1B;AAED,iBAAS,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,WAAW,CA6ErD;AAED,iBAAS,eAAe,CAAC,OAAO,EAAE,OAAO,iBAyBxC;AA4KD,iBAAS,wBAAwB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI,CAezE;AAQD;;;;;;;GAOG;AACH,iBAAS,kBAAkB,CACzB,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,EACzB,UAAU,GAAE,MAAU,GACrB,GAAG,CAyBL;AASD,OAAO,EACL,8BAA8B,EAC9B,kCAAkC,EAClC,mCAAmC,EACnC,4CAA4C,EAC5C,2EAA2E,EAC3E,aAAa,EACb,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,iBAAiB,EACjB,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,GACnB,CAAA;AACD,YAAY,EACV,YAAY,EACZ,WAAW,EACX,wBAAwB,EACxB,WAAW,EACX,oBAAoB,EACpB,cAAc,GACf,CAAA"}
+{"version":3,"file":"smart-sessions.d.ts","sourceRoot":"","sources":["../../../../modules/validators/smart-sessions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,OAAO,EAMZ,KAAK,GAAG,EAOR,KAAK,mBAAmB,EAKzB,MAAM,MAAM,CAAA;AAcb,OAAO,KAAK,EAEV,MAAM,EACN,cAAc,EACd,uBAAuB,EACvB,gBAAgB,EAChB,OAAO,EACP,iBAAiB,EAElB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAA4B,KAAK,MAAM,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EAGL,8BAA8B,EAC9B,kCAAkC,EACnC,MAAM,QAAQ,CAAA;AAYf,UAAU,WAAW;IACnB,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,eAAe,EAAE;QACf,qBAAqB,EAAE,SAAS,qBAAqB,EAAE,CAAA;QACvD,eAAe,EAAE,SAAS,aAAa,EAAE,CAAA;KAC1C,CAAA;IACD,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;IAC9B,aAAa,EAAE,SAAS,UAAU,EAAE,CAAA;CACrC;AAED,UAAU,aAAa;IACrB,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,GAAG,CAAA;CACd;AAED,UAAU,qBAAqB;IAC7B,kBAAkB,EAAE,GAAG,CAAA;IACvB,YAAY,EAAE,SAAS,MAAM,EAAE,CAAA;CAChC;AAED,UAAU,UAAU;IAClB,oBAAoB,EAAE,GAAG,CAAA;IACzB,YAAY,EAAE,OAAO,CAAA;IACrB,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;CACtC;AAED,UAAU,UAAU;IAClB,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,GAAG,CAAA;CACd;AAaD,KAAK,oBAAoB,GACrB,OAAO,sBAAsB,GAC7B,OAAO,yBAAyB,CAAA;AAEpC,UAAU,WAAW;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB;AAED,UAAU,iBAAiB;IACzB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,iBAAiB,EAAE,OAAO,CAAA;IAC1B,0BAA0B,EAAE,OAAO,CAAA;IACnC,sBAAsB,EAAE,OAAO,CAAA;IAC/B,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;IACrC,eAAe,EAAE,WAAW,CAAA;IAC5B,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;CAC/B;AAED,UAAU,aAAa;IACrB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,MAAM,CAAA;CACd;AAED,UAAU,YAAY;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,aAAa,CAAA;CACvB;AAED,UAAU,WAAW;IACnB,qBAAqB,EAAE,SAAS,cAAc,EAAE,CAAA;IAChD,eAAe,EAAE,SAAS,UAAU,EAAE,CAAA;CACvC;AAED,UAAU,cAAc;IACtB,kBAAkB,EAAE,GAAG,CAAA;IACvB,WAAW,EAAE,SAAS,MAAM,EAAE,CAAA;CAC/B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,iBAAiB,EAAE,WAAW,EAAE,CAAA;IAChC,IAAI,EAAE,mBAAmB,CAAC,OAAO,KAAK,EAAE,mBAAmB,CAAC,CAAA;CAC7D;AAED,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CD,CAAA;AAEV,QAAA,MAAM,sBAAsB,SAAS,CAAA;AACrC,QAAA,MAAM,yBAAyB,SAAS,CAAA;AAExC,QAAA,MAAM,mCAAmC,EAAE,OACG,CAAA;AAC9C,QAAA,MAAM,4CAA4C,EAAE,GAAkB,CAAA;AACtE,QAAA,MAAM,2EAA2E,EAAE,GACrE,CAAA;AASd,QAAA,MAAM,uBAAuB,EAAE,OACe,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,GAAkB,CAAA;AAEnD,QAAA,MAAM,8BAA8B,EAAE,OACQ,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,OACa,CAAA;AAC9C,QAAA,MAAM,mBAAmB,EAAE,OACmB,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AAC9C,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AAY9C,UAAU,wBAAwB;IAChC,IAAI,EAAE,sBAAsB,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,CAAC,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,eAAe,CAAC,EAAE,GAAG,CAAA;CACtB;AAED,iBAAS,aAAa,CACpB,OAAO,EAAE,wBAAwB,EACjC,kBAAkB,EAAE,GAAG,GACtB,GAAG,CA4JL;AAED,iBAAe,iBAAiB,CAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,OAAO,EAAE,EACnB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,cAAc,CAAC,CAiDzB;AAED,iBAAe,gBAAgB,CAC7B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,OAAO,CAAC,CAuBlB;AAED,iBAAe,iBAAiB,CAC9B,MAAM,EAAE,uBAAuB,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,GAAG,CAAC,CAyBd;AAwED,iBAAe,oBAAoB,CACjC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,EAChB,sBAAsB,EAAE,GAAG,EAC3B,iBAAiB,EAAE;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB,EAAE,EACH,oBAAoB,EAAE,MAAM,EAC5B,eAAe,CAAC,EAAE,OAAO;;;GA8B1B;AAED,iBAAS,cAAc,CACrB,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,GACxB,WAAW,CA6Fb;AAED,iBAAS,eAAe,CAAC,OAAO,EAAE,OAAO,iBAyBxC;AAED,iBAAS,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,OAAO,GAAG,UAAU,CA0K5E;AAED,iBAAS,wBAAwB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI,CAezE;AAQD;;;;;;;GAOG;AACH,iBAAS,kBAAkB,CACzB,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,EACzB,UAAU,GAAE,MAAU,EACtB,aAAa,CAAC,EAAE,MAAM,GACrB,GAAG,CAgCL;AASD,OAAO,EACL,8BAA8B,EAC9B,kCAAkC,EAClC,mCAAmC,EACnC,4CAA4C,EAC5C,2EAA2E,EAC3E,uBAAuB,EACvB,yBAAyB,EACzB,8BAA8B,EAC9B,yBAAyB,EACzB,mBAAmB,EACnB,+BAA+B,EAC/B,0BAA0B,EAC1B,0BAA0B,EAC1B,+BAA+B,EAC/B,aAAa,EACb,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,iBAAiB,EACjB,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,GACnB,CAAA;AACD,YAAY,EACV,YAAY,EACZ,WAAW,EACX,wBAAwB,EACxB,WAAW,EACX,oBAAoB,EACpB,cAAc,GACf,CAAA"}