@rhinestone/sdk 2.0.0-beta.3 → 2.0.0-beta.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. package/dist/src/accounts/error.d.ts +2 -9
  2. package/dist/src/accounts/error.d.ts.map +1 -1
  3. package/dist/src/accounts/error.js +5 -11
  4. package/dist/src/accounts/hca.d.ts +25 -0
  5. package/dist/src/accounts/hca.d.ts.map +1 -0
  6. package/dist/src/accounts/hca.js +145 -0
  7. package/dist/src/accounts/index.d.ts +9 -9
  8. package/dist/src/accounts/index.d.ts.map +1 -1
  9. package/dist/src/accounts/index.js +112 -41
  10. package/dist/src/accounts/kernel.d.ts +1 -2
  11. package/dist/src/accounts/kernel.d.ts.map +1 -1
  12. package/dist/src/accounts/kernel.js +1 -8
  13. package/dist/src/accounts/nexus.d.ts +3 -2
  14. package/dist/src/accounts/nexus.d.ts.map +1 -1
  15. package/dist/src/accounts/nexus.js +33 -8
  16. package/dist/src/accounts/safe.d.ts +1 -2
  17. package/dist/src/accounts/safe.d.ts.map +1 -1
  18. package/dist/src/accounts/safe.js +3 -9
  19. package/dist/src/accounts/signing/common.d.ts +1 -4
  20. package/dist/src/accounts/signing/common.d.ts.map +1 -1
  21. package/dist/src/accounts/signing/common.js +7 -11
  22. package/dist/src/accounts/signing/message.d.ts.map +1 -1
  23. package/dist/src/accounts/signing/message.js +1 -4
  24. package/dist/src/accounts/signing/typedData.d.ts.map +1 -1
  25. package/dist/src/accounts/signing/typedData.js +1 -4
  26. package/dist/src/accounts/startale.d.ts +1 -2
  27. package/dist/src/accounts/startale.d.ts.map +1 -1
  28. package/dist/src/accounts/startale.js +2 -5
  29. package/dist/src/actions/ecdsa.js +5 -5
  30. package/dist/src/actions/index.js +2 -2
  31. package/dist/src/actions/mfa.js +2 -2
  32. package/dist/src/actions/passkeys.js +2 -2
  33. package/dist/src/actions/smart-sessions.d.ts +29 -5
  34. package/dist/src/actions/smart-sessions.d.ts.map +1 -1
  35. package/dist/src/actions/smart-sessions.js +38 -10
  36. package/dist/src/errors/index.d.ts +4 -4
  37. package/dist/src/errors/index.d.ts.map +1 -1
  38. package/dist/src/errors/index.js +6 -6
  39. package/dist/src/execution/error.d.ts +8 -21
  40. package/dist/src/execution/error.d.ts.map +1 -1
  41. package/dist/src/execution/error.js +7 -21
  42. package/dist/src/execution/index.d.ts +17 -17
  43. package/dist/src/execution/index.d.ts.map +1 -1
  44. package/dist/src/execution/index.js +22 -41
  45. package/dist/src/execution/utils.d.ts +15 -11
  46. package/dist/src/execution/utils.d.ts.map +1 -1
  47. package/dist/src/execution/utils.js +279 -75
  48. package/dist/src/index.d.ts +236 -37
  49. package/dist/src/index.d.ts.map +1 -1
  50. package/dist/src/index.js +60 -115
  51. package/dist/src/jwt-server/jcs.d.ts +1 -1
  52. package/dist/src/jwt-server/jcs.js +4 -2
  53. package/dist/src/modules/index.d.ts.map +1 -1
  54. package/dist/src/modules/index.js +0 -5
  55. package/dist/src/modules/read.d.ts +3 -2
  56. package/dist/src/modules/read.d.ts.map +1 -1
  57. package/dist/src/modules/read.js +33 -4
  58. package/dist/src/modules/validators/core.d.ts +5 -5
  59. package/dist/src/modules/validators/core.d.ts.map +1 -1
  60. package/dist/src/modules/validators/core.js +45 -34
  61. package/dist/src/modules/validators/cross-chain-permits.d.ts +11 -0
  62. package/dist/src/modules/validators/cross-chain-permits.d.ts.map +1 -0
  63. package/dist/src/modules/validators/cross-chain-permits.js +76 -0
  64. package/dist/src/modules/validators/permissions.d.ts +1 -0
  65. package/dist/src/modules/validators/permissions.d.ts.map +1 -1
  66. package/dist/src/modules/validators/permissions.js +162 -17
  67. package/dist/src/modules/validators/policies/claim/arbiters.d.ts +22 -0
  68. package/dist/src/modules/validators/policies/claim/arbiters.d.ts.map +1 -0
  69. package/dist/src/modules/validators/policies/claim/arbiters.js +57 -0
  70. package/dist/src/modules/validators/smart-sessions.d.ts +38 -9
  71. package/dist/src/modules/validators/smart-sessions.d.ts.map +1 -1
  72. package/dist/src/modules/validators/smart-sessions.js +509 -92
  73. package/dist/src/orchestrator/caip2.d.ts +9 -3
  74. package/dist/src/orchestrator/caip2.d.ts.map +1 -1
  75. package/dist/src/orchestrator/caip2.js +40 -5
  76. package/dist/src/orchestrator/client.d.ts.map +1 -1
  77. package/dist/src/orchestrator/client.js +44 -21
  78. package/dist/src/orchestrator/consts.d.ts +1 -1
  79. package/dist/src/orchestrator/consts.d.ts.map +1 -1
  80. package/dist/src/orchestrator/consts.js +1 -1
  81. package/dist/src/orchestrator/destinations.d.ts +24 -0
  82. package/dist/src/orchestrator/destinations.d.ts.map +1 -0
  83. package/dist/src/orchestrator/destinations.js +55 -0
  84. package/dist/src/orchestrator/error.d.ts +87 -4
  85. package/dist/src/orchestrator/error.d.ts.map +1 -1
  86. package/dist/src/orchestrator/error.js +237 -3
  87. package/dist/src/orchestrator/index.d.ts +6 -5
  88. package/dist/src/orchestrator/index.d.ts.map +1 -1
  89. package/dist/src/orchestrator/index.js +4 -3
  90. package/dist/src/orchestrator/registry.d.ts +2 -1
  91. package/dist/src/orchestrator/registry.d.ts.map +1 -1
  92. package/dist/src/orchestrator/registry.js +13 -0
  93. package/dist/src/orchestrator/types.d.ts +114 -28
  94. package/dist/src/orchestrator/types.d.ts.map +1 -1
  95. package/dist/src/orchestrator/types.js +1 -5
  96. package/dist/src/smart-sessions/index.d.ts +5 -0
  97. package/dist/src/smart-sessions/index.d.ts.map +1 -0
  98. package/dist/src/smart-sessions/index.js +6 -0
  99. package/dist/src/types.d.ts +298 -29
  100. package/dist/src/types.d.ts.map +1 -1
  101. package/dist/src/utils/index.d.ts +59 -0
  102. package/dist/src/utils/index.d.ts.map +1 -1
  103. package/dist/src/utils/index.js +59 -0
  104. package/package.json +4 -8
  105. package/dist/src/actions/recovery.d.ts +0 -33
  106. package/dist/src/actions/recovery.d.ts.map +0 -1
  107. package/dist/src/actions/recovery.js +0 -189
@@ -1,4 +1,4 @@
1
- import { isAddress, isHex, size, toFunctionSelector, } from 'viem';
1
+ import { isAddress, isHex, padHex, size, toFunctionSelector, } from 'viem';
2
2
  function isStaticAbiType(type) {
3
3
  if (type === 'address' || type === 'bool')
4
4
  return true;
@@ -33,12 +33,53 @@ function toReferenceValue(value, abiType) {
33
33
  if (typeof value === 'string' &&
34
34
  isHex(value) &&
35
35
  size(value) === expectedSize) {
36
- return value;
36
+ // Solidity calldata encodes bytesN (N<32) left-aligned + right-padded
37
+ // inside its 32-byte word, whereas address/uint*/bool are right-aligned
38
+ // + left-padded. Downstream `encodeActionParamRule` unconditionally
39
+ // left-pads with `padHex`, which is correct for the right-aligned types
40
+ // but wrong for bytesN. Pre-encode here to the full 32-byte hex with
41
+ // the correct alignment so the policy's bytes32 == bytes32 comparison
42
+ // matches what's actually in calldata.
43
+ return padHex(value, { size: 32, dir: 'right' });
37
44
  }
38
45
  throw new Error(`Expected ${expectedSize}-byte hex string for ${abiType}`);
39
46
  }
40
47
  throw new Error(`Unsupported ABI type: ${abiType}`);
41
48
  }
49
+ // Right-fold an array of leaves into a right-leaning OR chain:
50
+ // [a, b, c] → OR(a, OR(b, c))
51
+ // Right-leaning is fine because ArgPolicy evaluates with short-circuit; any
52
+ // shape that uses every leaf and respects post-order produces the same result.
53
+ function orChain(leaves) {
54
+ let acc = leaves[leaves.length - 1];
55
+ for (let i = leaves.length - 2; i >= 0; i--) {
56
+ acc = { type: 'or', left: leaves[i], right: acc };
57
+ }
58
+ return acc;
59
+ }
60
+ function andChain(leaves) {
61
+ let acc = leaves[leaves.length - 1];
62
+ for (let i = leaves.length - 2; i >= 0; i--) {
63
+ acc = { type: 'and', left: leaves[i], right: acc };
64
+ }
65
+ return acc;
66
+ }
67
+ // On-chain ERC20SpendingLimitPolicy._isTokenTransferOrApprove matches by
68
+ // 4-byte selector, accepting only these four. Selector-gating here keeps the
69
+ // SDK's accepted set congruent with the contract's — a same-shaped function
70
+ // like `mint(address,uint256)` would otherwise pass argument-type checks and
71
+ // fail every call on-chain.
72
+ const ERC20_SPENDING_LIMIT_SELECTORS = new Set([
73
+ '0x095ea7b3', // approve(address,uint256)
74
+ '0x39509351', // increaseAllowance(address,uint256)
75
+ '0xa9059cbb', // transfer(address,uint256)
76
+ '0x23b872dd', // transferFrom(address,address,uint256)
77
+ ]);
78
+ // Year 2100 in ms — well within uint128 after the encoder's ms→s conversion.
79
+ // Used as the one-sided default for `validUntil` when only `validAfter` is set.
80
+ // Exported so the cross-chain permit expansion (smart-sessions.ts) applies the
81
+ // same always-passing upper bound instead of defaulting to 0 (already expired).
82
+ export const FAR_FUTURE_MS = 4_102_444_800_000;
42
83
  function resolvePermission(permission) {
43
84
  const { abi, address, functions } = permission;
44
85
  const actions = [];
@@ -58,11 +99,57 @@ function resolvePermission(permission) {
58
99
  }
59
100
  const abiEntry = abiEntries[0];
60
101
  const selector = toFunctionSelector(abiEntry);
61
- const policies = config.policies ? [...config.policies] : [];
62
- const params = config.params ?? {};
63
- const paramEntries = Object.entries(params).filter(([, v]) => v !== undefined);
102
+ if (Object.hasOwn(config, 'policies')) {
103
+ throw new Error(`Function "${fnName}": \`policies\` was removed from permission configs. ` +
104
+ 'Use params, maxUses, validUntil/validAfter, valueLimit, or spendingLimit instead.');
105
+ }
106
+ const policies = [];
107
+ // --- Sugar field expansion -----------------------------------------------
108
+ if (config.maxUses !== undefined) {
109
+ policies.push({ type: 'usage-limit', limit: config.maxUses });
110
+ }
111
+ if (config.validUntil !== undefined || config.validAfter !== undefined) {
112
+ const validUntil = config.validUntil !== undefined
113
+ ? config.validUntil.getTime()
114
+ : FAR_FUTURE_MS;
115
+ const validAfter = config.validAfter !== undefined ? config.validAfter.getTime() : 0;
116
+ if (validUntil < validAfter) {
117
+ throw new Error(`Function "${fnName}": validUntil (${validUntil}) is before validAfter (${validAfter}).`);
118
+ }
119
+ policies.push({ type: 'time-frame', validUntil, validAfter });
120
+ }
121
+ if (config.valueLimit !== undefined) {
122
+ // Runtime backstop: payable-gating is enforced at the type level, but
123
+ // users can bypass with `as` casts. valueLimit on a non-payable function
124
+ // is harmless on-chain (msg.value is always 0, the cap always passes)
125
+ // but it leaks intent — throw rather than encode dead weight.
126
+ if (abiEntry.stateMutability !== 'payable') {
127
+ throw new Error(`Function "${fnName}" is not payable — \`valueLimit\` only constrains native ETH ` +
128
+ 'attached to the call, which is always zero for non-payable functions. ' +
129
+ 'Remove `valueLimit`.');
130
+ }
131
+ policies.push({ type: 'value-limit', limit: config.valueLimit });
132
+ }
133
+ if (config.spendingLimit !== undefined) {
134
+ // Runtime backstop: type-level gate restricts shape, but ERC20SpendingLimitPolicy
135
+ // dispatches by selector on-chain — a same-shaped function like
136
+ // mint(address,uint256) would encode successfully and fail every call.
137
+ if (!ERC20_SPENDING_LIMIT_SELECTORS.has(selector)) {
138
+ throw new Error(`Function "${fnName}" (selector ${selector}) is not an ERC-20 transfer/approve ` +
139
+ 'selector; `spendingLimit` only works on approve, increaseAllowance, ' +
140
+ 'transfer, or transferFrom. The on-chain policy dispatches by selector ' +
141
+ 'and would fail every call for other functions.');
142
+ }
143
+ policies.push({
144
+ type: 'spending-limits',
145
+ limits: [config.spendingLimit],
146
+ });
147
+ }
148
+ // --- End sugar field expansion -------------------------------------------
149
+ const rawParams = config.params ?? {};
150
+ const paramEntries = Object.entries(rawParams).filter(([, v]) => v !== undefined);
64
151
  if (paramEntries.length > 0) {
65
- const rules = paramEntries.map(([paramName, rule]) => {
152
+ const normalized = paramEntries.map(([paramName, rule]) => {
66
153
  const paramIndex = abiEntry.inputs.findIndex((p) => p.name === paramName);
67
154
  if (paramIndex === -1) {
68
155
  throw new Error(`Parameter "${paramName}" not found in function "${fnName}". ` +
@@ -75,21 +162,79 @@ function resolvePermission(permission) {
75
162
  '(address, bool, uint*, int*, bytes1–bytes32).');
76
163
  }
77
164
  const calldataOffset = BigInt(paramIndex) * 32n;
78
- const referenceValue = toReferenceValue(rule.value, param.type);
165
+ if (rule.anyOf !== undefined) {
166
+ if (rule.anyOf.length === 0) {
167
+ throw new Error(`Parameter "${paramName}" has empty anyOf — provide at least one value.`);
168
+ }
169
+ return {
170
+ paramName,
171
+ calldataOffset,
172
+ abiType: param.type,
173
+ anyOf: rule.anyOf,
174
+ };
175
+ }
79
176
  return {
80
- condition: rule.condition,
177
+ paramName,
81
178
  calldataOffset,
82
- referenceValue,
83
- ...(rule.usageLimit !== undefined
84
- ? { usageLimit: rule.usageLimit }
85
- : {}),
179
+ abiType: param.type,
180
+ condition: rule.condition,
181
+ value: rule.value,
182
+ usageLimit: rule.usageLimit,
86
183
  };
87
184
  });
88
- policies.push({
89
- type: 'universal-action',
90
- valueLimitPerUse: config.valueLimitPerUse ?? 0n,
91
- rules: rules,
92
- });
185
+ const usesArgPolicy = normalized.some((n) => n.anyOf !== undefined);
186
+ // UniActionPolicy/ArgPolicy reject `msg.value > valueLimitPerUse`, so a
187
+ // default of 0 would block any non-zero msg.value before the standalone
188
+ // value-limit policy (sugar) could allow it. Inherit the sugar's cap so
189
+ // the per-use gate matches user intent; value-limit still enforces the
190
+ // cumulative cap on top.
191
+ const embeddedValueLimit = config.valueLimitPerUse ?? config.valueLimit ?? 0n;
192
+ if (usesArgPolicy) {
193
+ // One sub-expression per param, then AND across params.
194
+ const perParam = normalized.map((n) => {
195
+ if (n.anyOf !== undefined) {
196
+ const leaves = n.anyOf.map((v) => ({
197
+ type: 'rule',
198
+ rule: {
199
+ condition: 'equal',
200
+ calldataOffset: n.calldataOffset,
201
+ referenceValue: toReferenceValue(v, n.abiType),
202
+ },
203
+ }));
204
+ return leaves.length === 1 ? leaves[0] : orChain(leaves);
205
+ }
206
+ return {
207
+ type: 'rule',
208
+ rule: {
209
+ condition: n.condition,
210
+ calldataOffset: n.calldataOffset,
211
+ referenceValue: toReferenceValue(n.value, n.abiType),
212
+ ...(n.usageLimit !== undefined
213
+ ? { usageLimit: n.usageLimit }
214
+ : {}),
215
+ },
216
+ };
217
+ });
218
+ policies.push({
219
+ type: 'arg-policy',
220
+ valueLimitPerUse: embeddedValueLimit,
221
+ expression: perParam.length === 1 ? perParam[0] : andChain(perParam),
222
+ });
223
+ }
224
+ else {
225
+ // Flat AND-of-rules — cheaper to init via UniActionPolicy.
226
+ const rules = normalized.map((n) => ({
227
+ condition: n.condition,
228
+ calldataOffset: n.calldataOffset,
229
+ referenceValue: toReferenceValue(n.value, n.abiType),
230
+ ...(n.usageLimit !== undefined ? { usageLimit: n.usageLimit } : {}),
231
+ }));
232
+ policies.push({
233
+ type: 'universal-action',
234
+ valueLimitPerUse: embeddedValueLimit,
235
+ rules: rules,
236
+ });
237
+ }
93
238
  }
94
239
  else if (config.valueLimitPerUse !== undefined) {
95
240
  policies.push({
@@ -0,0 +1,22 @@
1
+ import type { Address } from 'viem';
2
+ import type { CrossChainSettlementLayer } from '../../../../types.js';
3
+ /**
4
+ * Collects every distinct arbiter address that any chain in the registry
5
+ * has deployed for the given settlement layers. The resulting whitelist
6
+ * is what the Permit2 claim policy enforces on-chain — a session signed
7
+ * once with this whitelist is valid against any of those arbiters.
8
+ *
9
+ * **"Any" means any of the *supported* settlement layers**, not any
10
+ * address on earth. When `layers` is empty or undefined, this resolver
11
+ * expands to the union of every layer in
12
+ * {@link SETTLEMENT_LAYER_CONTRACT_KEYS}, so the on-chain arbiter check
13
+ * stays meaningful (the worst case is still a Rhinestone-blessed
14
+ * arbiter). To get a truly unrestricted whitelist a caller would have
15
+ * to bypass this helper entirely.
16
+ *
17
+ * @param layers Settlement layers the session is permitted to use.
18
+ * Empty/undefined ⇒ all supported layers.
19
+ * @param useDevContracts Pull from the dev address book instead of mainnet.
20
+ */
21
+ export declare function getArbitersForSettlementLayers(layers: readonly CrossChainSettlementLayer[] | undefined, useDevContracts?: boolean): Address[] | undefined;
22
+ //# sourceMappingURL=arbiters.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"arbiters.d.ts","sourceRoot":"","sources":["../../../../../../modules/validators/policies/claim/arbiters.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,mBAAmB,CAAA;AAiBlE;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,8BAA8B,CAC5C,MAAM,EAAE,SAAS,yBAAyB,EAAE,GAAG,SAAS,EACxD,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,EAAE,GAAG,SAAS,CA8BvB"}
@@ -0,0 +1,57 @@
1
+ import { contractAddresses, contractAddressesDev, } from '@rhinestone/shared-configs';
2
+ /**
3
+ * The contract registry keys (per `shared-configs/contracts.{,dev}.js`)
4
+ * that each settlement layer expands to. `ACROSS` whitelists both arbiter
5
+ * impls so a session is permissioned for the 7579 and multicall paths
6
+ * regardless of which one the orchestrator picks at intent time.
7
+ */
8
+ const SETTLEMENT_LAYER_CONTRACT_KEYS = {
9
+ SAME_CHAIN: ['samechainArbiter'],
10
+ ECO: ['ecoArbiter'],
11
+ ACROSS: ['across7579Arbiter', 'acrossMulticallArbiter'],
12
+ };
13
+ /**
14
+ * Collects every distinct arbiter address that any chain in the registry
15
+ * has deployed for the given settlement layers. The resulting whitelist
16
+ * is what the Permit2 claim policy enforces on-chain — a session signed
17
+ * once with this whitelist is valid against any of those arbiters.
18
+ *
19
+ * **"Any" means any of the *supported* settlement layers**, not any
20
+ * address on earth. When `layers` is empty or undefined, this resolver
21
+ * expands to the union of every layer in
22
+ * {@link SETTLEMENT_LAYER_CONTRACT_KEYS}, so the on-chain arbiter check
23
+ * stays meaningful (the worst case is still a Rhinestone-blessed
24
+ * arbiter). To get a truly unrestricted whitelist a caller would have
25
+ * to bypass this helper entirely.
26
+ *
27
+ * @param layers Settlement layers the session is permitted to use.
28
+ * Empty/undefined ⇒ all supported layers.
29
+ * @param useDevContracts Pull from the dev address book instead of mainnet.
30
+ */
31
+ export function getArbitersForSettlementLayers(layers, useDevContracts) {
32
+ const effectiveLayers = !layers || layers.length === 0
33
+ ? Object.keys(SETTLEMENT_LAYER_CONTRACT_KEYS)
34
+ : layers;
35
+ const registry = useDevContracts ? contractAddressesDev : contractAddresses;
36
+ const keys = effectiveLayers.flatMap((l) => SETTLEMENT_LAYER_CONTRACT_KEYS[l]);
37
+ const seen = new Set();
38
+ const addresses = [];
39
+ // shared-configs is shaped Record<chainId, Record<contractKey, Address>>.
40
+ // The same logical arbiter often shares an address across chains, but a
41
+ // given key may also have multiple addresses live in the wild (e.g.
42
+ // post-redeploy). We collect every unique address we see for the keys
43
+ // the caller asked for, deduplicated case-insensitively.
44
+ for (const chainContracts of Object.values(registry)) {
45
+ for (const key of keys) {
46
+ const addr = chainContracts[key];
47
+ if (!addr)
48
+ continue;
49
+ const norm = addr.toLowerCase();
50
+ if (seen.has(norm))
51
+ continue;
52
+ seen.add(norm);
53
+ addresses.push(addr);
54
+ }
55
+ }
56
+ return addresses.length ? addresses : undefined;
57
+ }
@@ -2,7 +2,7 @@ import { type Abi, type Address, type Hex, type TypedDataDefinition } from 'viem
2
2
  import type { Permit2ClaimPolicy, Policy, ProviderConfig, ResolvedAction, ResolvedERC7739Policies, ResolvedPolicy, RhinestoneAccountConfig, RhinestoneConfig, Session, SessionDefinition, SessionEnableData } from '../../types.js';
3
3
  import { type Module } from '../common.js';
4
4
  import { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV } from './core.js';
5
- import { type InternalPermit2ClaimPolicy } from './policies/claim/permit2.js';
5
+ import { type InternalPermit2ClaimPolicy, type Permit2ClaimMessage } from './policies/claim/permit2.js';
6
6
  interface SessionData {
7
7
  sessionValidator: Address;
8
8
  sessionValidatorInitData: Hex;
@@ -153,9 +153,19 @@ declare const SPENDING_LIMITS_POLICY_ADDRESS: Address;
153
153
  declare const TIME_FRAME_POLICY_ADDRESS: Address;
154
154
  declare const SUDO_POLICY_ADDRESS: Address;
155
155
  declare const UNIVERSAL_ACTION_POLICY_ADDRESS: Address;
156
+ declare const ARG_POLICY_ADDRESS: Address;
156
157
  declare const USAGE_LIMIT_POLICY_ADDRESS: Address;
157
158
  declare const VALUE_LIMIT_POLICY_ADDRESS: Address;
158
159
  declare const INTENT_EXECUTION_POLICY_ADDRESS: Address;
160
+ interface ResolvedPolicyAddresses {
161
+ sudo: Address;
162
+ universalAction: Address;
163
+ argPolicy: Address;
164
+ spendingLimits: Address;
165
+ timeFrame: Address;
166
+ usageLimit: Address;
167
+ valueLimit: Address;
168
+ }
159
169
  interface ResolvedSessionSignerSet {
160
170
  type: 'experimental_session';
161
171
  session: Session;
@@ -174,23 +184,42 @@ declare function getEnableSessionCall(account: Address, session: Session, enable
174
184
  to: `0x${string}`;
175
185
  data: `0x${string}`;
176
186
  }>;
187
+ declare function getDisableSessionCall(account: Address, session: Session, expires: bigint, provider: ProviderConfig | undefined, useDevContracts?: boolean): Promise<{
188
+ to: `0x${string}`;
189
+ data: `0x${string}`;
190
+ }>;
177
191
  declare function toSession<const TAbis extends readonly Abi[]>(definition: SessionDefinition<TAbis>, options?: {
178
192
  useDevContracts?: boolean;
179
193
  }): Session;
194
+ /**
195
+ * Selects the claim policy whose constraints the given Permit2 message
196
+ * satisfies. With 0–1 policies the choice is trivial; with several, returns
197
+ * the first match in list order (aligns with the contract iterating its
198
+ * stored claim policies). Falls back to the first policy when nothing matches
199
+ * so behaviour is never worse than the previous always-`[0]` logic — the
200
+ * resulting on-chain failure is then identical to before.
201
+ */
202
+ declare function selectPermit2ClaimPolicyForMessage(claimPolicies: readonly Permit2ClaimPolicy[], message: Permit2ClaimMessage): Permit2ClaimPolicy | undefined;
180
203
  declare function resolvePermit2ClaimPolicy(policy: Permit2ClaimPolicy): InternalPermit2ClaimPolicy;
181
204
  declare function getSessionData(session: Session): SessionData;
182
205
  declare function getPermissionId(session: Session): `0x${string}`;
183
- declare function getPolicyData(policy: Policy, useDevContracts?: boolean): PolicyData;
206
+ declare function getPolicyData(policy: Policy, useDevContracts?: boolean, addresses?: ResolvedPolicyAddresses): PolicyData;
184
207
  declare function getSmartSessionValidator(config: RhinestoneConfig): Module | null;
185
208
  /**
186
209
  * Builds a mockSignature for SSX validation gas estimation.
187
- * Format: emissaryAddress (20 bytes) + enable-mode sigData.
188
- * Uses real session data (policies/actions from the user's session config) with dummy
189
- * sigs and hashes — the mock emissary skips sig verification and only writes storage.
190
- * The orchestrator slices off the first 20 bytes to identify the validator, then
191
- * simulates verifyExecution with the mock emissary to estimate gas before the user signs.
210
+ * Format: emissaryAddress (20 bytes) + packed sigData. Uses real session data
211
+ * (policies/actions from the user's session config) with dummy sigs and hashes —
212
+ * the mock emissary skips sig verification and only reads/writes storage. The
213
+ * orchestrator slices off the first 20 bytes to identify the validator, then
214
+ * picks the gas-simulation path from the bundle's declared `signatureMode`:
215
+ * `verifyExecution` for execution-emissary modes (ENABLE/USE), or
216
+ * `isValidSignatureWithSender` via `simulate_verify1271` for plain ERC-1271.
217
+ * The mode byte alone can't disambiguate USE from ERC-1271 (both are `0x00`),
218
+ * but `shape` is derived from the same resolved `verifyExecutions` that drives
219
+ * `signatureMode`, so the mock payload always matches the path that mode selects.
192
220
  */
193
- declare function buildMockSignature(session: Session, useDevContracts?: boolean, chainCount?: number, targetChainId?: number): Hex;
194
- export { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV, SMART_SESSIONS_FALLBACK_TARGET_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG_PERMITTED_TO_CALL_SMARTSESSION, DUMMY_PRECLAIMOP_TARGET, DUMMY_PRECLAIMOP_SELECTOR, SPENDING_LIMITS_POLICY_ADDRESS, TIME_FRAME_POLICY_ADDRESS, SUDO_POLICY_ADDRESS, UNIVERSAL_ACTION_POLICY_ADDRESS, USAGE_LIMIT_POLICY_ADDRESS, VALUE_LIMIT_POLICY_ADDRESS, INTENT_EXECUTION_POLICY_ADDRESS, packSignature, toSession, resolvePermit2ClaimPolicy, getSessionData, getPolicyData, getEnableSessionCall, getPermissionId, getSmartSessionValidator, getSessionDetails, isSessionEnabled, signEnableSession, buildMockSignature, };
221
+ type SmartSessionMockShape = 'enable' | 'use' | 'erc1271';
222
+ declare function buildMockSignature(session: Session, useDevContracts?: boolean, chainCount?: number, targetChainId?: number, shape?: SmartSessionMockShape): Hex;
223
+ export { SMART_SESSION_EMISSARY_ADDRESS, SMART_SESSION_EMISSARY_ADDRESS_DEV, SMART_SESSIONS_FALLBACK_TARGET_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG, SMART_SESSIONS_FALLBACK_TARGET_SELECTOR_FLAG_PERMITTED_TO_CALL_SMARTSESSION, DUMMY_PRECLAIMOP_TARGET, DUMMY_PRECLAIMOP_SELECTOR, SPENDING_LIMITS_POLICY_ADDRESS, TIME_FRAME_POLICY_ADDRESS, SUDO_POLICY_ADDRESS, UNIVERSAL_ACTION_POLICY_ADDRESS, ARG_POLICY_ADDRESS, USAGE_LIMIT_POLICY_ADDRESS, VALUE_LIMIT_POLICY_ADDRESS, INTENT_EXECUTION_POLICY_ADDRESS, packSignature, toSession, resolvePermit2ClaimPolicy, selectPermit2ClaimPolicyForMessage, getSessionData, getPolicyData, getEnableSessionCall, getDisableSessionCall, getPermissionId, getSmartSessionValidator, getSessionDetails, isSessionEnabled, signEnableSession, buildMockSignature, };
195
224
  export type { ChainSession, ChainDigest, ResolvedSessionSignerSet, SessionData, SmartSessionModeType, SessionDetails, };
196
225
  //# sourceMappingURL=smart-sessions.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"smart-sessions.d.ts","sourceRoot":"","sources":["../../../../modules/validators/smart-sessions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,GAAG,EACR,KAAK,OAAO,EAMZ,KAAK,GAAG,EAOR,KAAK,mBAAmB,EAKzB,MAAM,MAAM,CAAA;AAcb,OAAO,KAAK,EAEV,kBAAkB,EAClB,MAAM,EACN,cAAc,EACd,cAAc,EACd,uBAAuB,EACvB,cAAc,EACd,uBAAuB,EACvB,gBAAgB,EAChB,OAAO,EACP,iBAAiB,EACjB,iBAAiB,EAElB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAA4B,KAAK,MAAM,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EAGL,8BAA8B,EAC9B,kCAAkC,EACnC,MAAM,QAAQ,CAAA;AAEf,OAAO,EAEL,KAAK,0BAA0B,EAEhC,MAAM,0BAA0B,CAAA;AAQjC,UAAU,WAAW;IACnB,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,eAAe,EAAE,uBAAuB,CAAA;IACxC,OAAO,EAAE,SAAS,cAAc,EAAE,CAAA;IAClC,aAAa,EAAE,SAAS,cAAc,EAAE,CAAA;CACzC;AAED,KAAK,UAAU,GAAG,cAAc,CAAA;AAChC,KAAK,UAAU,GAAG,cAAc,CAAA;AAahC,KAAK,oBAAoB,GACrB,OAAO,sBAAsB,GAC7B,OAAO,yBAAyB,CAAA;AAEpC,UAAU,WAAW;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB;AAED,UAAU,iBAAiB;IACzB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,iBAAiB,EAAE,OAAO,CAAA;IAC1B,0BAA0B,EAAE,OAAO,CAAA;IACnC,sBAAsB,EAAE,OAAO,CAAA;IAC/B,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;IACrC,eAAe,EAAE,WAAW,CAAA;IAC5B,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;CAC/B;AAED,UAAU,aAAa;IACrB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,MAAM,CAAA;CACd;AAED,UAAU,YAAY;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,aAAa,CAAA;CACvB;AAED,UAAU,WAAW;IACnB,qBAAqB,EAAE,SAAS,cAAc,EAAE,CAAA;IAChD,eAAe,EAAE,SAAS,UAAU,EAAE,CAAA;CACvC;AAED,UAAU,cAAc;IACtB,kBAAkB,EAAE,GAAG,CAAA;IACvB,WAAW,EAAE,SAAS,MAAM,EAAE,CAAA;CAC/B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,iBAAiB,EAAE,WAAW,EAAE,CAAA;IAChC,IAAI,EAAE,mBAAmB,CAAC,OAAO,KAAK,EAAE,mBAAmB,CAAC,CAAA;CAC7D;AAED,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CD,CAAA;AAEV,QAAA,MAAM,sBAAsB,SAAS,CAAA;AACrC,QAAA,MAAM,yBAAyB,SAAS,CAAA;AAExC,QAAA,MAAM,mCAAmC,EAAE,OACG,CAAA;AAC9C,QAAA,MAAM,4CAA4C,EAAE,GAAkB,CAAA;AACtE,QAAA,MAAM,2EAA2E,EAAE,GACrE,CAAA;AAOd,QAAA,MAAM,uBAAuB,EAAE,OACe,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,GAAkB,CAAA;AAEnD,QAAA,MAAM,8BAA8B,EAAE,OACQ,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,OACa,CAAA;AAC9C,QAAA,MAAM,mBAAmB,EAAE,OACmB,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AAC9C,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AAY9C,UAAU,wBAAwB;IAChC,IAAI,EAAE,sBAAsB,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,CAAC,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,eAAe,CAAC,EAAE,GAAG,CAAA;CACtB;AAED,iBAAS,aAAa,CACpB,OAAO,EAAE,wBAAwB,EACjC,kBAAkB,EAAE,GAAG,GACtB,GAAG,CA4JL;AAED,iBAAe,iBAAiB,CAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,OAAO,EAAE,EACnB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,cAAc,CAAC,CA+CzB;AAED,iBAAe,gBAAgB,CAC7B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,OAAO,CAAC,CAuBlB;AAED,iBAAe,iBAAiB,CAC9B,MAAM,EAAE,uBAAuB,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,GAAG,CAAC,CAyBd;AAwED,iBAAe,oBAAoB,CACjC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,EAChB,sBAAsB,EAAE,GAAG,EAC3B,iBAAiB,EAAE;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB,EAAE,EACH,oBAAoB,EAAE,MAAM,EAC5B,eAAe,CAAC,EAAE,OAAO;;;GA8B1B;AAED,iBAAS,SAAS,CAAC,KAAK,CAAC,KAAK,SAAS,SAAS,GAAG,EAAE,EACnD,UAAU,EAAE,iBAAiB,CAAC,KAAK,CAAC,EACpC,OAAO,GAAE;IAAE,eAAe,CAAC,EAAE,OAAO,CAAA;CAAO,GAC1C,OAAO,CAcT;AAED,iBAAS,yBAAyB,CAChC,MAAM,EAAE,kBAAkB,GACzB,0BAA0B,CAwB5B;AAkGD,iBAAS,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,WAAW,CAcrD;AAED,iBAAS,eAAe,CAAC,OAAO,EAAE,OAAO,iBAExC;AA4BD,iBAAS,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,OAAO,GAAG,UAAU,CA0K5E;AAED,iBAAS,wBAAwB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI,CAezE;AAQD;;;;;;;GAOG;AACH,iBAAS,kBAAkB,CACzB,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,EACzB,UAAU,GAAE,MAAU,EACtB,aAAa,CAAC,EAAE,MAAM,GACrB,GAAG,CAgCL;AASD,OAAO,EACL,8BAA8B,EAC9B,kCAAkC,EAClC,mCAAmC,EACnC,4CAA4C,EAC5C,2EAA2E,EAC3E,uBAAuB,EACvB,yBAAyB,EACzB,8BAA8B,EAC9B,yBAAyB,EACzB,mBAAmB,EACnB,+BAA+B,EAC/B,0BAA0B,EAC1B,0BAA0B,EAC1B,+BAA+B,EAC/B,aAAa,EACb,SAAS,EACT,yBAAyB,EACzB,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,iBAAiB,EACjB,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,GACnB,CAAA;AACD,YAAY,EACV,YAAY,EACZ,WAAW,EACX,wBAAwB,EACxB,WAAW,EACX,oBAAoB,EACpB,cAAc,GACf,CAAA"}
1
+ {"version":3,"file":"smart-sessions.d.ts","sourceRoot":"","sources":["../../../../modules/validators/smart-sessions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,GAAG,EACR,KAAK,OAAO,EAMZ,KAAK,GAAG,EAQR,KAAK,mBAAmB,EAKzB,MAAM,MAAM,CAAA;AAcb,OAAO,KAAK,EAIV,kBAAkB,EAClB,MAAM,EACN,cAAc,EACd,cAAc,EACd,uBAAuB,EACvB,cAAc,EACd,uBAAuB,EACvB,gBAAgB,EAChB,OAAO,EACP,iBAAiB,EACjB,iBAAiB,EAGlB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAA4B,KAAK,MAAM,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EAIL,8BAA8B,EAC9B,kCAAkC,EACnC,MAAM,QAAQ,CAAA;AAIf,OAAO,EAEL,KAAK,0BAA0B,EAE/B,KAAK,mBAAmB,EACzB,MAAM,0BAA0B,CAAA;AAQjC,UAAU,WAAW;IACnB,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,eAAe,EAAE,uBAAuB,CAAA;IACxC,OAAO,EAAE,SAAS,cAAc,EAAE,CAAA;IAClC,aAAa,EAAE,SAAS,cAAc,EAAE,CAAA;CACzC;AAED,KAAK,UAAU,GAAG,cAAc,CAAA;AAChC,KAAK,UAAU,GAAG,cAAc,CAAA;AAahC,KAAK,oBAAoB,GACrB,OAAO,sBAAsB,GAC7B,OAAO,yBAAyB,CAAA;AAEpC,UAAU,WAAW;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB;AAED,UAAU,iBAAiB;IACzB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,iBAAiB,EAAE,OAAO,CAAA;IAC1B,0BAA0B,EAAE,OAAO,CAAA;IACnC,sBAAsB,EAAE,OAAO,CAAA;IAC/B,cAAc,EAAE,SAAS,UAAU,EAAE,CAAA;IACrC,eAAe,EAAE,WAAW,CAAA;IAC5B,OAAO,EAAE,SAAS,UAAU,EAAE,CAAA;CAC/B;AAED,UAAU,aAAa;IACrB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,wBAAwB,EAAE,GAAG,CAAA;IAC7B,IAAI,EAAE,GAAG,CAAA;IACT,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,MAAM,CAAA;CACd;AAED,UAAU,YAAY;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,aAAa,CAAA;CACvB;AAED,UAAU,WAAW;IACnB,qBAAqB,EAAE,SAAS,cAAc,EAAE,CAAA;IAChD,eAAe,EAAE,SAAS,UAAU,EAAE,CAAA;CACvC;AAED,UAAU,cAAc;IACtB,kBAAkB,EAAE,GAAG,CAAA;IACvB,WAAW,EAAE,SAAS,MAAM,EAAE,CAAA;CAC/B;AAED,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,iBAAiB,EAAE,WAAW,EAAE,CAAA;IAChC,IAAI,EAAE,mBAAmB,CAAC,OAAO,KAAK,EAAE,mBAAmB,CAAC,CAAA;CAC7D;AAED,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CD,CAAA;AAEV,QAAA,MAAM,sBAAsB,SAAS,CAAA;AACrC,QAAA,MAAM,yBAAyB,SAAS,CAAA;AAExC,QAAA,MAAM,mCAAmC,EAAE,OACG,CAAA;AAC9C,QAAA,MAAM,4CAA4C,EAAE,GAAkB,CAAA;AACtE,QAAA,MAAM,2EAA2E,EAAE,GACrE,CAAA;AAOd,QAAA,MAAM,uBAAuB,EAAE,OACe,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,GAAkB,CAAA;AAEnD,QAAA,MAAM,8BAA8B,EAAE,OACQ,CAAA;AAC9C,QAAA,MAAM,yBAAyB,EAAE,OACa,CAAA;AAC9C,QAAA,MAAM,mBAAmB,EAAE,OACmB,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AAC9C,QAAA,MAAM,kBAAkB,EAAE,OAAsD,CAAA;AAChF,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,0BAA0B,EAAE,OACY,CAAA;AAC9C,QAAA,MAAM,+BAA+B,EAAE,OACO,CAAA;AA+B9C,UAAU,uBAAuB;IAC/B,IAAI,EAAE,OAAO,CAAA;IACb,eAAe,EAAE,OAAO,CAAA;IACxB,SAAS,EAAE,OAAO,CAAA;IAClB,cAAc,EAAE,OAAO,CAAA;IACvB,SAAS,EAAE,OAAO,CAAA;IAClB,UAAU,EAAE,OAAO,CAAA;IACnB,UAAU,EAAE,OAAO,CAAA;CACpB;AA6BD,UAAU,wBAAwB;IAChC,IAAI,EAAE,sBAAsB,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,CAAC,EAAE,iBAAiB,CAAA;IAC9B,gBAAgB,EAAE,OAAO,CAAA;IACzB,eAAe,CAAC,EAAE,GAAG,CAAA;CACtB;AAED,iBAAS,aAAa,CACpB,OAAO,EAAE,wBAAwB,EACjC,kBAAkB,EAAE,GAAG,GACtB,GAAG,CA4JL;AAED,iBAAe,iBAAiB,CAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,OAAO,EAAE,EACnB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,cAAc,CAAC,CA+CzB;AAED,iBAAe,gBAAgB,CAC7B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,GACxB,OAAO,CAAC,OAAO,CAAC,CAuBlB;AAED,iBAAe,iBAAiB,CAC9B,MAAM,EAAE,uBAAuB,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,GAAG,CAAC,CAyBd;AAwED,iBAAe,oBAAoB,CACjC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,EAChB,sBAAsB,EAAE,GAAG,EAC3B,iBAAiB,EAAE;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,GAAG,CAAA;CACnB,EAAE,EACH,oBAAoB,EAAE,MAAM,EAC5B,eAAe,CAAC,EAAE,OAAO;;;GA8B1B;AAgBD,iBAAe,qBAAqB,CAClC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,eAAe,CAAC,EAAE,OAAO;;;GA6D1B;AAED,iBAAS,SAAS,CAAC,KAAK,CAAC,KAAK,SAAS,SAAS,GAAG,EAAE,EACnD,UAAU,EAAE,iBAAiB,CAAC,KAAK,CAAC,EACpC,OAAO,GAAE;IAAE,eAAe,CAAC,EAAE,OAAO,CAAA;CAAO,GAC1C,OAAO,CA8BT;AA+LD;;;;;;;GAOG;AACH,iBAAS,kCAAkC,CACzC,aAAa,EAAE,SAAS,kBAAkB,EAAE,EAC5C,OAAO,EAAE,mBAAmB,GAC3B,kBAAkB,GAAG,SAAS,CAMhC;AAED,iBAAS,yBAAyB,CAChC,MAAM,EAAE,kBAAkB,GACzB,0BAA0B,CAwB5B;AA4ID,iBAAS,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,WAAW,CAcrD;AAED,iBAAS,eAAe,CAAC,OAAO,EAAE,OAAO,iBAExC;AAoID,iBAAS,aAAa,CACpB,MAAM,EAAE,MAAM,EACd,eAAe,CAAC,EAAE,OAAO,EACzB,SAAS,GAAE,uBAAkD,GAC5D,UAAU,CAmMZ;AAED,iBAAS,wBAAwB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI,CAezE;AAQD;;;;;;;;;;;;GAYG;AAUH,KAAK,qBAAqB,GAAG,QAAQ,GAAG,KAAK,GAAG,SAAS,CAAA;AAEzD,iBAAS,kBAAkB,CACzB,OAAO,EAAE,OAAO,EAChB,eAAe,CAAC,EAAE,OAAO,EACzB,UAAU,GAAE,MAAU,EACtB,aAAa,CAAC,EAAE,MAAM,EAEtB,KAAK,GAAE,qBAAgC,GACtC,GAAG,CAiDL;AASD,OAAO,EACL,8BAA8B,EAC9B,kCAAkC,EAClC,mCAAmC,EACnC,4CAA4C,EAC5C,2EAA2E,EAC3E,uBAAuB,EACvB,yBAAyB,EACzB,8BAA8B,EAC9B,yBAAyB,EACzB,mBAAmB,EACnB,+BAA+B,EAC/B,kBAAkB,EAClB,0BAA0B,EAC1B,0BAA0B,EAC1B,+BAA+B,EAC/B,aAAa,EACb,SAAS,EACT,yBAAyB,EACzB,kCAAkC,EAClC,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,qBAAqB,EACrB,eAAe,EACf,wBAAwB,EACxB,iBAAiB,EACjB,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,GACnB,CAAA;AACD,YAAY,EACV,YAAY,EACZ,WAAW,EACX,wBAAwB,EACxB,WAAW,EACX,oBAAoB,EACpB,cAAc,GACf,CAAA"}