@rhinestone/sdk 2.0.0-beta.3 → 2.0.0-beta.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/accounts/error.d.ts +2 -9
- package/dist/src/accounts/error.d.ts.map +1 -1
- package/dist/src/accounts/error.js +5 -11
- package/dist/src/accounts/hca.d.ts +25 -0
- package/dist/src/accounts/hca.d.ts.map +1 -0
- package/dist/src/accounts/hca.js +145 -0
- package/dist/src/accounts/index.d.ts +9 -9
- package/dist/src/accounts/index.d.ts.map +1 -1
- package/dist/src/accounts/index.js +112 -41
- package/dist/src/accounts/kernel.d.ts +1 -2
- package/dist/src/accounts/kernel.d.ts.map +1 -1
- package/dist/src/accounts/kernel.js +1 -8
- package/dist/src/accounts/nexus.d.ts +3 -2
- package/dist/src/accounts/nexus.d.ts.map +1 -1
- package/dist/src/accounts/nexus.js +33 -8
- package/dist/src/accounts/safe.d.ts +1 -2
- package/dist/src/accounts/safe.d.ts.map +1 -1
- package/dist/src/accounts/safe.js +3 -9
- package/dist/src/accounts/signing/common.d.ts +1 -4
- package/dist/src/accounts/signing/common.d.ts.map +1 -1
- package/dist/src/accounts/signing/common.js +7 -11
- package/dist/src/accounts/signing/message.d.ts.map +1 -1
- package/dist/src/accounts/signing/message.js +1 -4
- package/dist/src/accounts/signing/typedData.d.ts.map +1 -1
- package/dist/src/accounts/signing/typedData.js +1 -4
- package/dist/src/accounts/startale.d.ts +1 -2
- package/dist/src/accounts/startale.d.ts.map +1 -1
- package/dist/src/accounts/startale.js +2 -5
- package/dist/src/actions/ecdsa.js +5 -5
- package/dist/src/actions/index.js +2 -2
- package/dist/src/actions/mfa.js +2 -2
- package/dist/src/actions/passkeys.js +2 -2
- package/dist/src/actions/smart-sessions.d.ts +29 -5
- package/dist/src/actions/smart-sessions.d.ts.map +1 -1
- package/dist/src/actions/smart-sessions.js +38 -10
- package/dist/src/errors/index.d.ts +4 -4
- package/dist/src/errors/index.d.ts.map +1 -1
- package/dist/src/errors/index.js +6 -6
- package/dist/src/execution/error.d.ts +8 -21
- package/dist/src/execution/error.d.ts.map +1 -1
- package/dist/src/execution/error.js +7 -21
- package/dist/src/execution/index.d.ts +17 -17
- package/dist/src/execution/index.d.ts.map +1 -1
- package/dist/src/execution/index.js +22 -41
- package/dist/src/execution/utils.d.ts +15 -11
- package/dist/src/execution/utils.d.ts.map +1 -1
- package/dist/src/execution/utils.js +279 -75
- package/dist/src/index.d.ts +236 -37
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +60 -115
- package/dist/src/jwt-server/jcs.d.ts +1 -1
- package/dist/src/jwt-server/jcs.js +4 -2
- package/dist/src/modules/index.d.ts.map +1 -1
- package/dist/src/modules/index.js +0 -5
- package/dist/src/modules/read.d.ts +3 -2
- package/dist/src/modules/read.d.ts.map +1 -1
- package/dist/src/modules/read.js +33 -4
- package/dist/src/modules/validators/core.d.ts +5 -5
- package/dist/src/modules/validators/core.d.ts.map +1 -1
- package/dist/src/modules/validators/core.js +45 -34
- package/dist/src/modules/validators/cross-chain-permits.d.ts +11 -0
- package/dist/src/modules/validators/cross-chain-permits.d.ts.map +1 -0
- package/dist/src/modules/validators/cross-chain-permits.js +76 -0
- package/dist/src/modules/validators/permissions.d.ts +1 -0
- package/dist/src/modules/validators/permissions.d.ts.map +1 -1
- package/dist/src/modules/validators/permissions.js +162 -17
- package/dist/src/modules/validators/policies/claim/arbiters.d.ts +22 -0
- package/dist/src/modules/validators/policies/claim/arbiters.d.ts.map +1 -0
- package/dist/src/modules/validators/policies/claim/arbiters.js +57 -0
- package/dist/src/modules/validators/smart-sessions.d.ts +38 -9
- package/dist/src/modules/validators/smart-sessions.d.ts.map +1 -1
- package/dist/src/modules/validators/smart-sessions.js +509 -92
- package/dist/src/orchestrator/caip2.d.ts +9 -3
- package/dist/src/orchestrator/caip2.d.ts.map +1 -1
- package/dist/src/orchestrator/caip2.js +40 -5
- package/dist/src/orchestrator/client.d.ts.map +1 -1
- package/dist/src/orchestrator/client.js +44 -21
- package/dist/src/orchestrator/consts.d.ts +1 -1
- package/dist/src/orchestrator/consts.d.ts.map +1 -1
- package/dist/src/orchestrator/consts.js +1 -1
- package/dist/src/orchestrator/destinations.d.ts +24 -0
- package/dist/src/orchestrator/destinations.d.ts.map +1 -0
- package/dist/src/orchestrator/destinations.js +55 -0
- package/dist/src/orchestrator/error.d.ts +87 -4
- package/dist/src/orchestrator/error.d.ts.map +1 -1
- package/dist/src/orchestrator/error.js +237 -3
- package/dist/src/orchestrator/index.d.ts +6 -5
- package/dist/src/orchestrator/index.d.ts.map +1 -1
- package/dist/src/orchestrator/index.js +4 -3
- package/dist/src/orchestrator/registry.d.ts +2 -1
- package/dist/src/orchestrator/registry.d.ts.map +1 -1
- package/dist/src/orchestrator/registry.js +13 -0
- package/dist/src/orchestrator/types.d.ts +114 -28
- package/dist/src/orchestrator/types.d.ts.map +1 -1
- package/dist/src/orchestrator/types.js +1 -5
- package/dist/src/smart-sessions/index.d.ts +5 -0
- package/dist/src/smart-sessions/index.d.ts.map +1 -0
- package/dist/src/smart-sessions/index.js +6 -0
- package/dist/src/types.d.ts +298 -29
- package/dist/src/types.d.ts.map +1 -1
- package/dist/src/utils/index.d.ts +59 -0
- package/dist/src/utils/index.d.ts.map +1 -1
- package/dist/src/utils/index.js +59 -0
- package/package.json +4 -8
- package/dist/src/actions/recovery.d.ts +0 -33
- package/dist/src/actions/recovery.d.ts.map +0 -1
- package/dist/src/actions/recovery.js +0 -189
|
@@ -1,20 +1,22 @@
|
|
|
1
1
|
import { concat, createPublicClient, createWalletClient, encodeAbiParameters, encodePacked, hashDomain, hashMessage, hashStruct, hashTypedData, isAddress, keccak256, publicActions, toHex, } from 'viem';
|
|
2
2
|
import { entryPoint07Address, getUserOperationHash, } from 'viem/account-abstraction';
|
|
3
3
|
import { wrapTypedDataSignature } from 'viem/experimental/erc7739';
|
|
4
|
-
import { EoaAccountMustHaveAccountError, EoaSigningMethodNotConfiguredError, FactoryArgsNotAvailableError, getAccountProvider, getAddress, getEip712Domain, getEip1271Signature, getEip7702InitCall, getEmissarySignature,
|
|
4
|
+
import { EoaAccountMustHaveAccountError, EoaSigningMethodNotConfiguredError, FactoryArgsNotAvailableError, getAccountProvider, getAddress, getEip712Domain, getEip1271Signature, getEip7702InitCall, getEmissarySignature, getInitCode, getSmartAccount, getTypedDataPackedSignature, is7702, toErc6492Signature, } from '../accounts/index.js';
|
|
5
5
|
import { convertOwnerSetToSignerSet } from '../accounts/signing/common.js';
|
|
6
6
|
import { K1_DEFAULT_VALIDATOR_ADDRESS } from '../accounts/startale.js';
|
|
7
7
|
import { createTransport, getBundlerClient, } from '../accounts/utils.js';
|
|
8
8
|
import { createAuthProvider } from '../auth/provider.js';
|
|
9
9
|
import { buildMockSignature, DUMMY_PRECLAIMOP_SELECTOR, DUMMY_PRECLAIMOP_TARGET, getOwnerValidator, getPermissionId, getSmartSessionValidator, isSessionEnabled, } from '../modules/validators/index.js';
|
|
10
|
-
import { getMultiFactorValidator,
|
|
10
|
+
import { getMultiFactorValidator, getWebAuthnValidator, supportsEip712, } from '../modules/validators/core.js';
|
|
11
11
|
import { buildPermit2ClaimPolicyCalldata, } from '../modules/validators/policies/claim/permit2.js';
|
|
12
|
-
import { resolvePermit2ClaimPolicy, } from '../modules/validators/smart-sessions.js';
|
|
12
|
+
import { resolvePermit2ClaimPolicy, selectPermit2ClaimPolicyForMessage, } from '../modules/validators/smart-sessions.js';
|
|
13
13
|
import { getOrchestrator, } from '../orchestrator/index.js';
|
|
14
|
+
import { isNonEvmChainId, toCaip2 } from '../orchestrator/caip2.js';
|
|
15
|
+
import { getChainId, isNonEvmChain, } from '../orchestrator/destinations.js';
|
|
14
16
|
import { getChainById, getTokenAddress, resolveTokenAddress, } from '../orchestrator/registry.js';
|
|
15
|
-
import { SIG_MODE_EMISSARY_EXECUTION_ERC1271,
|
|
17
|
+
import { SIG_MODE_EMISSARY_EXECUTION_ERC1271, SIG_MODE_ERC1271, } from '../orchestrator/types.js';
|
|
16
18
|
import { convertBigIntFields } from '../orchestrator/utils.js';
|
|
17
|
-
import { Eip7702InitSignatureRequiredError,
|
|
19
|
+
import { Eip7702InitSignatureRequiredError, InvalidSourceCallsError, QuoteNotInPreparedTransactionError, } from './error.js';
|
|
18
20
|
function isResolvedSessionSignerSet(signers) {
|
|
19
21
|
return (signers?.type === 'experimental_session' && 'verifyExecutions' in signers);
|
|
20
22
|
}
|
|
@@ -25,16 +27,61 @@ async function resolveSignersForChain(config, signers, chainId) {
|
|
|
25
27
|
const resolved = resolveSessionForChain(signers, chainId);
|
|
26
28
|
const enabled = await isSessionEnabled(getAddress(config), config.provider, resolved.session, config.useDevContracts);
|
|
27
29
|
const enableData = enabled ? undefined : resolved.enableData;
|
|
28
|
-
const verifyExecutions = resolved.verifyExecutions ??
|
|
29
|
-
signers.verifyExecutions ??
|
|
30
|
-
resolved.session.hasExplicitPermissions;
|
|
31
30
|
return {
|
|
32
31
|
type: 'experimental_session',
|
|
33
32
|
session: resolved.session,
|
|
34
33
|
enableData,
|
|
35
|
-
|
|
34
|
+
// First use of any session must go through the emissary's verifyExecution
|
|
35
|
+
// path: that's the only mechanism that consumes enableData + calls setConfig
|
|
36
|
+
// to install the session on-chain. Once installed, steady-state signing can
|
|
37
|
+
// drop to mode 1 unless the session has explicit permissions to enforce.
|
|
38
|
+
verifyExecutions: !enabled || resolved.session.hasExplicitPermissions,
|
|
36
39
|
};
|
|
37
40
|
}
|
|
41
|
+
// Picks the single signature mode that matches the bytes shape the SDK will
|
|
42
|
+
// actually sign, so the on-chain dispatcher hits the right validator on the
|
|
43
|
+
// first try instead of falling through a hybrid.
|
|
44
|
+
async function resolveSignatureMode(config, signers, sourceChains, targetChainId,
|
|
45
|
+
// Optional pre-resolved per-chain signer sets. When supplied, reuse them
|
|
46
|
+
// instead of resolving again — each resolveSignersForChain does an
|
|
47
|
+
// isSessionEnabled RPC, so sharing one map across mockSignatures, sigMode, and
|
|
48
|
+
// preClaim avoids duplicate calls per intent. The map also defines *which*
|
|
49
|
+
// chains carry a session: the caller omits a non-EVM target (it has no session
|
|
50
|
+
// validator), so deriving the chain set from the map's keys keeps us from
|
|
51
|
+
// resolving — and throwing on — a target with no configured session.
|
|
52
|
+
preResolved) {
|
|
53
|
+
if (config.account?.type === 'eoa') {
|
|
54
|
+
return SIG_MODE_ERC1271;
|
|
55
|
+
}
|
|
56
|
+
if (signers?.type !== 'experimental_session') {
|
|
57
|
+
return SIG_MODE_ERC1271;
|
|
58
|
+
}
|
|
59
|
+
const chainIds = preResolved
|
|
60
|
+
? [...preResolved.keys()]
|
|
61
|
+
: [...new Set([...(sourceChains ?? []).map((c) => c.id), targetChainId])];
|
|
62
|
+
const resolvedSet = await Promise.all(chainIds.map((chainId) =>
|
|
63
|
+
// Use has() not `?? resolve` so a cached `undefined` entry is still reused
|
|
64
|
+
// (get() can't distinguish "missing key" from "present but undefined").
|
|
65
|
+
preResolved?.has(chainId)
|
|
66
|
+
? preResolved.get(chainId)
|
|
67
|
+
: resolveSignersForChain(config, signers, chainId)));
|
|
68
|
+
let anyVerifyExecutions = false;
|
|
69
|
+
for (const resolved of resolvedSet) {
|
|
70
|
+
if (!isResolvedSessionSignerSet(resolved)) {
|
|
71
|
+
return SIG_MODE_ERC1271;
|
|
72
|
+
}
|
|
73
|
+
// Conservative: one chain with verifyExecutions=true forces mode 5 across
|
|
74
|
+
// all origin signatures — a single mode field can't describe divergence.
|
|
75
|
+
if (resolved.verifyExecutions)
|
|
76
|
+
anyVerifyExecutions = true;
|
|
77
|
+
}
|
|
78
|
+
// Mode 4 (pure emissary-execution) is unused: signIntentTypedData always
|
|
79
|
+
// emits a dual sig for the intent's origin/destination signatures when
|
|
80
|
+
// verifyExecutions=true, so mode 5 is the right hybrid.
|
|
81
|
+
return anyVerifyExecutions
|
|
82
|
+
? SIG_MODE_EMISSARY_EXECUTION_ERC1271
|
|
83
|
+
: SIG_MODE_ERC1271;
|
|
84
|
+
}
|
|
38
85
|
function resolveSessionForChain(signers, chainId) {
|
|
39
86
|
if ('sessions' in signers) {
|
|
40
87
|
const config = signers.sessions[chainId];
|
|
@@ -46,13 +93,23 @@ function resolveSessionForChain(signers, chainId) {
|
|
|
46
93
|
return { session: signers.session, enableData: signers.enableData };
|
|
47
94
|
}
|
|
48
95
|
async function prepareTransaction(config, transaction) {
|
|
49
|
-
const { sourceChains, targetChain, tokenRequests, signers, sponsored, eip7702InitSignature, settlementLayers, sourceAssets, feeAsset, auxiliaryFunds, account, recipient, } = getTransactionParams(transaction);
|
|
96
|
+
const { sourceChains, targetChain, tokenRequests, signers, sponsored, eip7702InitSignature, settlementLayers, sourceAssets, feeAsset, auxiliaryFunds, appFees, account, recipient, sourceCalls, } = getTransactionParams(transaction);
|
|
50
97
|
const accountAddress = getAddress(config);
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
98
|
+
// Destination calls (transaction.calls on a cross-chain transaction) are
|
|
99
|
+
// executed on the destination chain by the solver/account. For non-EVM
|
|
100
|
+
// destinations we can't resolve arbitrary EVM calls; assert there are
|
|
101
|
+
// none and route an empty list through.
|
|
102
|
+
let resolvedCalls;
|
|
103
|
+
if (isNonEvmChain(targetChain)) {
|
|
104
|
+
if (transaction.calls && transaction.calls.length > 0) {
|
|
105
|
+
throw new Error(`Destination calls are not supported for non-EVM target chain ${targetChain.name} (${targetChain.caip2})`);
|
|
106
|
+
}
|
|
107
|
+
resolvedCalls = [];
|
|
54
108
|
}
|
|
55
|
-
|
|
109
|
+
else {
|
|
110
|
+
resolvedCalls = await resolveCallInputs(transaction.calls, config, targetChain, accountAddress);
|
|
111
|
+
}
|
|
112
|
+
const prepared = await prepareTransactionAsIntent(config, sourceChains, targetChain, resolvedCalls, transaction.gasLimit, tokenRequests, recipient, sponsored, eip7702InitSignature, settlementLayers, sourceAssets, feeAsset, auxiliaryFunds, account, signers, sourceCalls, appFees);
|
|
56
113
|
return {
|
|
57
114
|
quotes: prepared.quotes,
|
|
58
115
|
intentInput: prepared.intentInput,
|
|
@@ -131,6 +188,11 @@ async function getTargetExecutionSignature(config, signData, targetChain, signer
|
|
|
131
188
|
if (!signData.targetExecution) {
|
|
132
189
|
return undefined;
|
|
133
190
|
}
|
|
191
|
+
// Target executions are EVM-only (smart-session validator on destination).
|
|
192
|
+
// Non-EVM destinations don't have a validator there to verify the sig.
|
|
193
|
+
if (isNonEvmChain(targetChain)) {
|
|
194
|
+
return undefined;
|
|
195
|
+
}
|
|
134
196
|
const resolvedSigners = await resolveSignersForChain(config, signers, targetChain.id);
|
|
135
197
|
if (!isResolvedSessionSignerSet(resolvedSigners) ||
|
|
136
198
|
!resolvedSigners.verifyExecutions) {
|
|
@@ -266,10 +328,16 @@ async function signAuthorizationsInternal(config, context) {
|
|
|
266
328
|
}
|
|
267
329
|
const accountAddress = getAddress(config);
|
|
268
330
|
const { contract: eip7702Contract } = getEip7702InitCall(config, eip7702InitSignature);
|
|
331
|
+
// EIP-7702 authorization is EVM-only — there's no contract to delegate
|
|
332
|
+
// to on Solana / Tron. Skip the destination chain entirely when it's
|
|
333
|
+
// non-EVM; source chains are always EVM by construction.
|
|
269
334
|
const chains = new Map();
|
|
270
|
-
for (const chain of
|
|
335
|
+
for (const chain of context.sourceChains ?? []) {
|
|
271
336
|
chains.set(chain.id, chain);
|
|
272
337
|
}
|
|
338
|
+
if (!isNonEvmChain(context.targetChain)) {
|
|
339
|
+
chains.set(context.targetChain.id, context.targetChain);
|
|
340
|
+
}
|
|
273
341
|
const authorizations = [];
|
|
274
342
|
for (const chain of chains.values()) {
|
|
275
343
|
const walletClient = createWalletClient({
|
|
@@ -316,8 +384,10 @@ function getTransactionParams(transaction) {
|
|
|
316
384
|
const sourceAssets = transaction.sourceAssets;
|
|
317
385
|
const feeAsset = transaction.feeAsset;
|
|
318
386
|
const auxiliaryFunds = transaction.auxiliaryFunds;
|
|
387
|
+
const appFees = transaction.appFees;
|
|
319
388
|
const account = transaction.experimental_accountOverride;
|
|
320
389
|
const recipient = transaction.recipient;
|
|
390
|
+
const sourceCalls = transaction.sourceCalls;
|
|
321
391
|
const tokenRequests = getTokenRequests(targetChain, initialTokenRequests);
|
|
322
392
|
return {
|
|
323
393
|
sourceChains,
|
|
@@ -331,13 +401,22 @@ function getTransactionParams(transaction) {
|
|
|
331
401
|
sourceAssets,
|
|
332
402
|
feeAsset,
|
|
333
403
|
auxiliaryFunds,
|
|
404
|
+
appFees,
|
|
334
405
|
account,
|
|
335
406
|
recipient,
|
|
407
|
+
sourceCalls,
|
|
336
408
|
};
|
|
337
409
|
}
|
|
338
410
|
function getTokenRequests(targetChain, initialTokenRequests) {
|
|
339
|
-
|
|
340
|
-
|
|
411
|
+
// Non-EVM destinations carry SPL mint / Tron T-prefixed addresses that
|
|
412
|
+
// aren't valid 0x-hex; skip symbol/EVM-address validation here and let
|
|
413
|
+
// the orchestrator validate per its own schema. EVM destinations keep
|
|
414
|
+
// the existing strict check so a typo on Optimism still fails fast.
|
|
415
|
+
if (initialTokenRequests && !isNonEvmChain(targetChain)) {
|
|
416
|
+
// Inside this branch targetChain is a viem `Chain`, which excludes the
|
|
417
|
+
// non-EVM transaction variant — token requests are EVM-typed here.
|
|
418
|
+
const evmRequests = initialTokenRequests;
|
|
419
|
+
validateTokenSymbols(targetChain, evmRequests.map((tokenRequest) => tokenRequest.address));
|
|
341
420
|
}
|
|
342
421
|
return initialTokenRequests ?? [];
|
|
343
422
|
}
|
|
@@ -386,12 +465,46 @@ function getIntentAccount(config, eip7702InitSignature, account) {
|
|
|
386
465
|
delegations,
|
|
387
466
|
};
|
|
388
467
|
}
|
|
389
|
-
|
|
390
|
-
|
|
468
|
+
function cloneAuxiliaryFunds(auxiliaryFunds) {
|
|
469
|
+
if (!auxiliaryFunds)
|
|
470
|
+
return undefined;
|
|
471
|
+
return Object.fromEntries(Object.entries(auxiliaryFunds).map(([chainId, funds]) => [
|
|
472
|
+
Number(chainId),
|
|
473
|
+
{ ...funds },
|
|
474
|
+
]));
|
|
475
|
+
}
|
|
476
|
+
function toCallInput(sourceCall) {
|
|
477
|
+
const { provides: _provides, ...call } = sourceCall;
|
|
478
|
+
return call;
|
|
479
|
+
}
|
|
480
|
+
function addProvidedFunds(auxiliaryFunds, chainId, calls) {
|
|
481
|
+
let next = auxiliaryFunds;
|
|
482
|
+
for (const call of calls) {
|
|
483
|
+
for (const provided of call.provides ?? []) {
|
|
484
|
+
next ??= {};
|
|
485
|
+
next[chainId] ??= {};
|
|
486
|
+
const token = provided.token;
|
|
487
|
+
next[chainId][token] = (next[chainId][token] ?? 0n) + provided.amount;
|
|
488
|
+
}
|
|
489
|
+
}
|
|
490
|
+
return next;
|
|
491
|
+
}
|
|
492
|
+
async function prepareTransactionAsIntent(config, sourceChains, targetChain, callInputs, gasLimit, tokenRequests, recipientInput, sponsored, eip7702InitSignature, settlementLayers, sourceAssets, feeAsset, auxiliaryFunds, account, signers, sourceCalls, appFees) {
|
|
493
|
+
const targetChainId = getChainId(targetChain);
|
|
494
|
+
const calls = parseCalls(callInputs, targetChainId);
|
|
391
495
|
const accountAccessList = createAccountAccessList(sourceChains, sourceAssets);
|
|
392
496
|
function getRecipient(recipient) {
|
|
393
497
|
if (typeof recipient === 'string') {
|
|
394
|
-
//
|
|
498
|
+
// Non-EVM-addressed recipients (Solana base58 / Tron T-prefix) carry no
|
|
499
|
+
// EVM smart-account semantics; the orchestrator schema requires
|
|
500
|
+
// accountType / setupOps to be unset. Emit just the address. HyperCore
|
|
501
|
+
// is EVM-addressed (eip155:1337) so it falls through to the EOA
|
|
502
|
+
// passthrough below — the orchestrator's HyperCore gate requires
|
|
503
|
+
// accountType: 'EOA'.
|
|
504
|
+
if (isNonEvmChainId(targetChainId)) {
|
|
505
|
+
return { address: recipient };
|
|
506
|
+
}
|
|
507
|
+
// EVM (and HyperCore) passthrough — assume EOA.
|
|
395
508
|
return {
|
|
396
509
|
address: recipient,
|
|
397
510
|
accountType: 'EOA',
|
|
@@ -404,25 +517,65 @@ async function prepareTransactionAsIntent(config, sourceChains, targetChain, cal
|
|
|
404
517
|
}
|
|
405
518
|
return getIntentAccount(recipient, eip7702InitSignature, account);
|
|
406
519
|
}
|
|
520
|
+
// Resolve per-chain signer state once (each resolveSignersForChain does an
|
|
521
|
+
// isSessionEnabled RPC) and reuse it for mock signatures, the signature mode,
|
|
522
|
+
// and preClaim ops. Exclude a non-EVM destination — it has no session
|
|
523
|
+
// validator, so resolving it would waste an RPC (or throw for per-chain
|
|
524
|
+
// session signers). resolveSignatureMode derives its chain set from this map's
|
|
525
|
+
// keys, so the excluded non-EVM target is never resolved there either.
|
|
526
|
+
const sessionChainIds = [
|
|
527
|
+
...new Set([
|
|
528
|
+
...(sourceChains ?? []).map((c) => c.id),
|
|
529
|
+
...(isNonEvmChain(targetChain) ? [] : [targetChainId]),
|
|
530
|
+
]),
|
|
531
|
+
];
|
|
532
|
+
const resolvedByChain = signers?.type === 'experimental_session'
|
|
533
|
+
? new Map(await Promise.all(sessionChainIds.map(async (chainId) => [
|
|
534
|
+
chainId,
|
|
535
|
+
await resolveSignersForChain(config, signers, chainId),
|
|
536
|
+
])))
|
|
537
|
+
: undefined;
|
|
538
|
+
// Per-chain mock signatures: enables accurate per-chain session validation gas
|
|
539
|
+
// simulation. Non-EVM destinations are excluded — they have no destination-side
|
|
540
|
+
// session validator. Each chain's mock sig carries that chain's own resolved
|
|
541
|
+
// shape (ENABLE / USE / ERC-1271). Note these are per-chain and may differ in
|
|
542
|
+
// shape, whereas `signatureMode` (below) is a single global value resolved
|
|
543
|
+
// conservatively (anyVerifyExecutions across chains → mode 5) — so in mixed
|
|
544
|
+
// states a chain's mock shape need not match the global signatureMode.
|
|
545
|
+
let mockSignatures;
|
|
546
|
+
if (resolvedByChain) {
|
|
547
|
+
const entries = [...resolvedByChain.entries()].flatMap(([chainId, resolved]) => {
|
|
548
|
+
// resolvedByChain is keyed by sessionChainIds, which already excludes a
|
|
549
|
+
// non-EVM target — so no per-entry target guard is needed here.
|
|
550
|
+
if (!isResolvedSessionSignerSet(resolved))
|
|
551
|
+
return [];
|
|
552
|
+
// Match the mock shape to what the real sig will be: ERC-1271 when not
|
|
553
|
+
// verifying executions; otherwise ENABLE if the session still needs
|
|
554
|
+
// installing (enableData present), else USE (already enabled, e.g.
|
|
555
|
+
// explicit permissions — its real sig is MODE_USE with no enableData).
|
|
556
|
+
const shape = !resolved.verifyExecutions
|
|
557
|
+
? 'erc1271'
|
|
558
|
+
: resolved.enableData !== undefined
|
|
559
|
+
? 'enable'
|
|
560
|
+
: 'use';
|
|
561
|
+
return [
|
|
562
|
+
[
|
|
563
|
+
String(chainId),
|
|
564
|
+
buildMockSignature(resolved.session, config.useDevContracts, sourceChains?.length ?? 1, chainId, shape),
|
|
565
|
+
],
|
|
566
|
+
];
|
|
567
|
+
});
|
|
568
|
+
// Leave mockSignatures undefined (not {}) when there are no eligible chains,
|
|
569
|
+
// so downstream consumers can treat presence as "per-chain sigs provided".
|
|
570
|
+
if (entries.length > 0)
|
|
571
|
+
mockSignatures = Object.fromEntries(entries);
|
|
572
|
+
}
|
|
407
573
|
const intentAccount = {
|
|
408
574
|
...getIntentAccount(config, eip7702InitSignature, account),
|
|
409
|
-
...(
|
|
410
|
-
// Per-chain map: enables accurate per-chain session validation gas simulation
|
|
411
|
-
mockSignatures: Object.fromEntries([
|
|
412
|
-
...new Set([
|
|
413
|
-
...(sourceChains ?? []).map((c) => c.id),
|
|
414
|
-
targetChain.id,
|
|
415
|
-
]),
|
|
416
|
-
].map((chainId) => [
|
|
417
|
-
String(chainId),
|
|
418
|
-
buildMockSignature(resolveSessionForChain(signers, chainId).session, config.useDevContracts, sourceChains?.length ?? 1, chainId),
|
|
419
|
-
])),
|
|
420
|
-
}),
|
|
575
|
+
...(mockSignatures && { mockSignatures }),
|
|
421
576
|
};
|
|
422
577
|
const recipient = getRecipient(recipientInput);
|
|
423
|
-
const signatureMode = signers
|
|
424
|
-
? SIG_MODE_EMISSARY_EXECUTION_ERC1271
|
|
425
|
-
: SIG_MODE_ERC1271_EMISSARY;
|
|
578
|
+
const signatureMode = await resolveSignatureMode(config, signers, sourceChains, targetChainId, resolvedByChain);
|
|
426
579
|
// For session signers that need enabling, pass a dummy preclaimop per source chain
|
|
427
580
|
// so the orchestrator bakes it into the bundle before computing its HMAC. The filler
|
|
428
581
|
// executes the op via verifyExecution in ENABLE mode, enabling the session on-chain
|
|
@@ -430,11 +583,11 @@ async function prepareTransactionAsIntent(config, sourceChains, targetChain, cal
|
|
|
430
583
|
// post-facto — because the orchestrator HMAC covers preClaimOps.
|
|
431
584
|
const preClaimExecutions = {};
|
|
432
585
|
if (signers?.type === 'experimental_session' && sourceChains) {
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
586
|
+
// Reuse the shared per-chain resolution (source chains are a subset of
|
|
587
|
+
// sessionChainIds) instead of resolving — and re-doing isSessionEnabled — again.
|
|
588
|
+
for (const chain of sourceChains) {
|
|
589
|
+
const chainId = chain.id;
|
|
590
|
+
const resolved = resolvedByChain?.get(chainId);
|
|
438
591
|
if (!isResolvedSessionSignerSet(resolved))
|
|
439
592
|
continue;
|
|
440
593
|
const { enableData, verifyExecutions } = resolved;
|
|
@@ -449,10 +602,40 @@ async function prepareTransactionAsIntent(config, sourceChains, targetChain, cal
|
|
|
449
602
|
];
|
|
450
603
|
}
|
|
451
604
|
}
|
|
605
|
+
let combinedAuxiliaryFunds = cloneAuxiliaryFunds(auxiliaryFunds);
|
|
606
|
+
if (sourceCalls) {
|
|
607
|
+
const accountAddress = getAddress(config);
|
|
608
|
+
const allowedChainIds = new Set([
|
|
609
|
+
...(sourceChains ?? []).map((c) => c.id),
|
|
610
|
+
...(!isNonEvmChain(targetChain) ? [targetChainId] : []),
|
|
611
|
+
]);
|
|
612
|
+
for (const [chainIdStr, calls] of Object.entries(sourceCalls)) {
|
|
613
|
+
const chainId = Number(chainIdStr);
|
|
614
|
+
if (!allowedChainIds.has(chainId)) {
|
|
615
|
+
throw new InvalidSourceCallsError({ chainId });
|
|
616
|
+
}
|
|
617
|
+
const chain = sourceChains?.find((c) => c.id === chainId) ??
|
|
618
|
+
(!isNonEvmChain(targetChain) && targetChainId === chainId
|
|
619
|
+
? targetChain
|
|
620
|
+
: undefined);
|
|
621
|
+
if (!chain) {
|
|
622
|
+
throw new InvalidSourceCallsError({ chainId });
|
|
623
|
+
}
|
|
624
|
+
combinedAuxiliaryFunds = addProvidedFunds(combinedAuxiliaryFunds, chainId, calls);
|
|
625
|
+
const resolved = await resolveCallInputs(calls.map(toCallInput), config, chain, accountAddress);
|
|
626
|
+
const userExecutions = parseCalls(resolved, chainId);
|
|
627
|
+
if (userExecutions.length === 0)
|
|
628
|
+
continue;
|
|
629
|
+
preClaimExecutions[chainId] = [
|
|
630
|
+
...(preClaimExecutions[chainId] ?? []),
|
|
631
|
+
...userExecutions,
|
|
632
|
+
];
|
|
633
|
+
}
|
|
634
|
+
}
|
|
452
635
|
const metaIntent = {
|
|
453
|
-
destinationChainId:
|
|
636
|
+
destinationChainId: targetChainId,
|
|
454
637
|
tokenRequests: tokenRequests.map((tokenRequest) => ({
|
|
455
|
-
tokenAddress: resolveTokenAddress(tokenRequest.address,
|
|
638
|
+
tokenAddress: resolveTokenAddress(tokenRequest.address, targetChainId),
|
|
456
639
|
amount: tokenRequest.amount,
|
|
457
640
|
})),
|
|
458
641
|
recipient,
|
|
@@ -477,19 +660,20 @@ async function prepareTransactionAsIntent(config, sourceChains, targetChain, cal
|
|
|
477
660
|
: undefined,
|
|
478
661
|
settlementLayers,
|
|
479
662
|
signatureMode,
|
|
480
|
-
auxiliaryFunds,
|
|
663
|
+
auxiliaryFunds: combinedAuxiliaryFunds,
|
|
664
|
+
appFees,
|
|
481
665
|
},
|
|
482
666
|
...(Object.keys(preClaimExecutions).length > 0 && { preClaimExecutions }),
|
|
483
667
|
};
|
|
484
668
|
const serializedIntent = convertBigIntFields(metaIntent);
|
|
485
669
|
const orchestrator = getOrchestrator(config._authProvider ?? createAuthProvider(config), config.endpointUrl, config.headers);
|
|
486
|
-
const { routes } = await orchestrator.createQuote(metaIntent);
|
|
670
|
+
const { routes, traceId } = await orchestrator.createQuote(metaIntent);
|
|
487
671
|
const best = routes[0];
|
|
488
672
|
if (!best) {
|
|
489
673
|
throw new Error('Orchestrator returned no quote');
|
|
490
674
|
}
|
|
491
675
|
return {
|
|
492
|
-
quotes: { best, all: routes },
|
|
676
|
+
quotes: { traceId, best, all: routes },
|
|
493
677
|
intentInput: serializedIntent,
|
|
494
678
|
};
|
|
495
679
|
}
|
|
@@ -529,7 +713,14 @@ async function signIntent(config, signData, targetChain, signers, targetExecutio
|
|
|
529
713
|
const signature = await signIntentTypedData(config, originSigners, validator, isRoot, typedData, chain, targetExecution ?? false);
|
|
530
714
|
originSignatures.push(signature);
|
|
531
715
|
}
|
|
532
|
-
|
|
716
|
+
// Non-EVM destinations have no destination-side validator, so there's no
|
|
717
|
+
// session to resolve and no signer to derive. Skipping here matters for
|
|
718
|
+
// per-chain experimental sessions: `resolveSessionForChain` would throw
|
|
719
|
+
// `No session configured for chain {synthetic-id}` since users never
|
|
720
|
+
// configure a session keyed by the synthetic Solana/Tron chain id.
|
|
721
|
+
const destinationSigners = isNonEvmChain(targetChain)
|
|
722
|
+
? undefined
|
|
723
|
+
: await resolveSignersForChain(config, signers, targetChain.id);
|
|
533
724
|
const destinationSignature = await getDestinationSignature(config, destinationSigners, validator, isRoot, targetChain, destination, originSignatures, targetExecution ?? false);
|
|
534
725
|
return {
|
|
535
726
|
originSignatures,
|
|
@@ -537,18 +728,25 @@ async function signIntent(config, signData, targetChain, signers, targetExecutio
|
|
|
537
728
|
};
|
|
538
729
|
}
|
|
539
730
|
async function getDestinationSignature(config, signers, validator, isRoot, targetChain, destination, originSignatures, targetExecution) {
|
|
540
|
-
//
|
|
541
|
-
// session enable data
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
|
|
545
|
-
|
|
546
|
-
|
|
547
|
-
|
|
548
|
-
|
|
549
|
-
|
|
550
|
-
|
|
551
|
-
|
|
731
|
+
// Non-EVM destinations have no destination-side validator, no
|
|
732
|
+
// eip712Domain(), no smart session enable data. Settlement is solver-
|
|
733
|
+
// mediated on the orchestrator side and the origin signatures alone
|
|
734
|
+
// authorize the bundle. Fall through to the "reuse last origin sig"
|
|
735
|
+
// branch instead of trying to sign on Solana / Tron.
|
|
736
|
+
if (!isNonEvmChain(targetChain)) {
|
|
737
|
+
// Smart sessions require a separate destination signature because the
|
|
738
|
+
// session enable data differs per chain
|
|
739
|
+
if (signers?.type === 'experimental_session') {
|
|
740
|
+
return await signDestinationSeparately(config, signers, validator, isRoot, targetChain, destination, targetExecution);
|
|
741
|
+
}
|
|
742
|
+
// ERC-7739 with K1 validator requires a separate destination signature because
|
|
743
|
+
// the account's eip712Domain() returns the target chain's chainId, which differs
|
|
744
|
+
// from the origin chain used for the last origin signature
|
|
745
|
+
const isK1Validator = validator.address.toLowerCase() ===
|
|
746
|
+
K1_DEFAULT_VALIDATOR_ADDRESS.toLowerCase();
|
|
747
|
+
if (isK1Validator && supportsEip712(validator)) {
|
|
748
|
+
return await signDestinationSeparately(config, signers, validator, isRoot, targetChain, destination, targetExecution);
|
|
749
|
+
}
|
|
552
750
|
}
|
|
553
751
|
const lastOriginSignature = originSignatures.at(-1);
|
|
554
752
|
return typeof lastOriginSignature === 'object'
|
|
@@ -628,7 +826,17 @@ function resolveClaimPolicyData(signers, parameters) {
|
|
|
628
826
|
typeof msg.deadline !== 'bigint') {
|
|
629
827
|
return undefined;
|
|
630
828
|
}
|
|
631
|
-
|
|
829
|
+
const message = parameters.message;
|
|
830
|
+
// A session may carry several claim policies (a user policy plus one or
|
|
831
|
+
// more synthesized cross-chain permits). The on-chain emissary validates
|
|
832
|
+
// against the policy that matches this Permit2 message, and the calldata
|
|
833
|
+
// layout is policy-specific — so we must build it from the matching policy,
|
|
834
|
+
// not blindly `claimPolicies[0]`.
|
|
835
|
+
const claimPolicy = selectPermit2ClaimPolicyForMessage(signers.session.claimPolicies, message);
|
|
836
|
+
if (!claimPolicy) {
|
|
837
|
+
return undefined;
|
|
838
|
+
}
|
|
839
|
+
return buildPermit2ClaimPolicyCalldata(resolvePermit2ClaimPolicy(claimPolicy), message);
|
|
632
840
|
}
|
|
633
841
|
async function signIntentTypedData(config, signers, validator, isRoot, parameters, chain, targetExecution) {
|
|
634
842
|
if (supportsEip712(validator)) {
|
|
@@ -757,7 +965,7 @@ async function submitIntentInternal(config, sourceChains, targetChain, quote, or
|
|
|
757
965
|
...(authorizations.length > 0 && {
|
|
758
966
|
authorizations: {
|
|
759
967
|
sponsor: authorizations.map((authorization) => ({
|
|
760
|
-
chainId: authorization.chainId,
|
|
968
|
+
chainId: toCaip2(authorization.chainId),
|
|
761
969
|
address: authorization.address,
|
|
762
970
|
nonce: authorization.nonce,
|
|
763
971
|
yParity: authorization.yParity ?? 0,
|
|
@@ -774,8 +982,9 @@ async function submitIntentInternal(config, sourceChains, targetChain, quote, or
|
|
|
774
982
|
return {
|
|
775
983
|
type: 'intent',
|
|
776
984
|
id: response.intentId,
|
|
985
|
+
traceId: response.traceId,
|
|
777
986
|
sourceChains: sourceChains?.map((chain) => chain.id),
|
|
778
|
-
targetChain: targetChain
|
|
987
|
+
targetChain: getChainId(targetChain),
|
|
779
988
|
};
|
|
780
989
|
}
|
|
781
990
|
async function getValidatorAccount(config, signers, publicClient, chain) {
|
|
@@ -787,13 +996,7 @@ async function getValidatorAccount(config, signers, publicClient, chain) {
|
|
|
787
996
|
if (withOwner) {
|
|
788
997
|
return getSmartAccount(config, publicClient, chain);
|
|
789
998
|
}
|
|
790
|
-
|
|
791
|
-
return withGuardians
|
|
792
|
-
? await getGuardianSmartAccount(config, publicClient, chain, {
|
|
793
|
-
type: 'ecdsa',
|
|
794
|
-
accounts: withGuardians.guardians,
|
|
795
|
-
})
|
|
796
|
-
: null;
|
|
999
|
+
return null;
|
|
797
1000
|
}
|
|
798
1001
|
function getValidator(config, signers) {
|
|
799
1002
|
if (!signers) {
|
|
@@ -824,15 +1027,12 @@ function getValidator(config, signers) {
|
|
|
824
1027
|
if (withSession) {
|
|
825
1028
|
return getSmartSessionValidator(config);
|
|
826
1029
|
}
|
|
827
|
-
// Guardians (social recovery)
|
|
828
|
-
const withGuardians = signers.type === 'guardians' ? signers : null;
|
|
829
|
-
if (withGuardians) {
|
|
830
|
-
return getSocialRecoveryValidator(withGuardians.guardians);
|
|
831
|
-
}
|
|
832
1030
|
// Fallback
|
|
833
1031
|
return undefined;
|
|
834
1032
|
}
|
|
835
1033
|
function parseCalls(calls, chainId) {
|
|
1034
|
+
// Destination calls only run on EVM chains (non-EVM destinations reject
|
|
1035
|
+
// calls upstream), so the resolved `to` is always a viem `Address` here.
|
|
836
1036
|
return calls.map((call) => ({
|
|
837
1037
|
data: call.data ?? '0x',
|
|
838
1038
|
value: call.value ?? 0n,
|
|
@@ -852,6 +1052,8 @@ function createAccountAccessList(sourceChains, sourceAssets) {
|
|
|
852
1052
|
const chainTokenAmounts = {};
|
|
853
1053
|
for (const config of sourceAssets) {
|
|
854
1054
|
const chainId = config.chain.id;
|
|
1055
|
+
// Source assets live on viem `Chain`s, which are always EVM, so the
|
|
1056
|
+
// resolved value is a viem `Address`.
|
|
855
1057
|
const tokenAddress = resolveTokenAddress(config.address, config.chain.id);
|
|
856
1058
|
if (config.amount !== undefined) {
|
|
857
1059
|
if (!chainTokenAmounts[chainId])
|
|
@@ -999,7 +1201,9 @@ function hashErc7739TypedDataForSolady({ domain, types, primaryType, message, ve
|
|
|
999
1201
|
deps.delete(primary);
|
|
1000
1202
|
const sorted = [primary, ...Array.from(deps).sort()];
|
|
1001
1203
|
return sorted
|
|
1002
|
-
.map((t) => `${t}(${allTypes[t]
|
|
1204
|
+
.map((t) => `${t}(${allTypes[t]
|
|
1205
|
+
.map((f) => `${f.type} ${f.name}`)
|
|
1206
|
+
.join(',')})`)
|
|
1003
1207
|
.join('');
|
|
1004
1208
|
}
|
|
1005
1209
|
const contentsType = encodeTypeString(primaryType, types);
|
|
@@ -1051,4 +1255,4 @@ function hashErc7739TypedDataForSolady({ domain, types, primaryType, message, ve
|
|
|
1051
1255
|
// Final hash: keccak256("\x19\x01" || appDomainSep || structHash)
|
|
1052
1256
|
return keccak256(concat(['0x1901', appDomainSeparator, structHash]));
|
|
1053
1257
|
}
|
|
1054
|
-
export { prepareTransaction, getTransactionMessages, signTransaction, signAuthorizations, signAuthorizationsInternal, signMessage, signTypedData, submitTransaction, prepareUserOperation, signUserOperation, submitUserOperation, signIntent, prepareTransactionAsIntent, submitIntentInternal, getValidatorAccount, parseCalls, getTokenRequests, resolveCallInputs, getIntentAccount, getTargetExecutionSignature, hashErc7739TypedDataForSolady, resolveSessionForChain, };
|
|
1258
|
+
export { prepareTransaction, getTransactionMessages, signTransaction, signAuthorizations, signAuthorizationsInternal, signMessage, signTypedData, submitTransaction, prepareUserOperation, signUserOperation, submitUserOperation, signIntent, prepareTransactionAsIntent, submitIntentInternal, getValidatorAccount, parseCalls, getTokenRequests, resolveCallInputs, getIntentAccount, getTargetExecutionSignature, hashErc7739TypedDataForSolady, resolveSessionForChain, resolveSignatureMode, };
|