@steerprotocol/curator-tools 1.7.0 → 1.8.0

package/README.md

@@ -61,7 +61,7 @@ Canonical overrides are stored on **Arbitrum One**, and the payload’s `chainId
 - **Resolver (Arbitrum One)**: `0x6628d1Bf82F34de132d0e1c60DEB574C1352d5A7`
 - **Schema revocable**: `true`
 - **Schema UID**: `0xf1a6a394d1f3dd832a15e5b750963d929812e2b74d2dcea68ddf9f75691f16bf`
-- **Deprecated schema (no resolver)**: `0x62b656756a16bd3d2ef501cd9493c603fd90b050d6e9cfffc8e450639ce30a27` (registered with resolver `address(0)`, so it enforces no on-chain curator checks)
+- **Deprecated testing-only schema (no resolver guards)**: `0x62b656756a16bd3d2ef501cd9493c603fd90b050d6e9cfffc8e450639ce30a27` (registered with resolver `address(0)`)
 
 ## User Flows
 
@@ -115,6 +115,20 @@ bytes memory data = abi.encode(vault, targetChainId, strategyTokenId, manifestCi
 const data = StrategyStore.encodeOverrideAttestationData(vault, targetChainId, 1n, manifestCid);
 ```
 
+**Full EAS request defaults (TypeScript)**
+```ts
+const request = StrategyStore.buildOverrideAttestationRequest(
+  schemaUID,
+  vault,
+  targetChainId,
+  1n,
+  manifestCid
+);
+// request.data.recipient = computeVaultIdentifier(vault, targetChainId)
+// request.data.revocable = false
+// request.data.expirationTime = 0n
+```
+
 ### Managing Curators via CLI
 Authorize/revoke a curator for a specific vault.
 
@@ -172,15 +186,15 @@ import { ethers } from 'ethers';
 
 const provider = new ethers.JsonRpcProvider(RPC_URL);
 
-// Automatic resolution for supported networks (e.g., Arbitrum: 42161)
-const store = new StrategyStore({ chainId: 42161 }, provider);
+// Automatic resolution defaults to Base mainnet (8453)
+const store = new StrategyStore({}, provider);
 
 // OR explicit addresses
 const store2 = new StrategyStore(
   {
     resolverAddress: '0x...',
     registryAddress: '0x...', // Optional: Enables strict vault validation
-    chainId: 42161, // Required for curator checks/updates
+    chainId: 8453, // Optional; defaults to Base when omitted
   },
   provider
 );
@@ -190,6 +204,25 @@ const authorized = await store2.isCurator(vaultAddress, curatorAddress);
 
 // Generate tx data for an admin dashboard
 const tx = await store2.registerCuratorTx(vaultAddress, curatorAddress, true);
+
+// Curator flow: check auth, build request, and submit EAS attestation
+const submit = await store2.submitOverrideAttestation(
+  vaultAddress,
+  targetChainId,
+  1n,
+  manifestCid
+);
+console.log(submit.txHash, submit.uid);
+
+// Read full decoded history for a vault+targetChain
+const history = await store2.getOverrideAttestationHistory(vaultAddress, targetChainId, {
+  graphqlEndpoint: 'https://base.easscan.org/graphql',
+});
+
+// Read latest active attestation (not revoked, not expired)
+const latest = await store2.getLatestOverrideAttestation(vaultAddress, targetChainId, {
+  graphqlEndpoint: 'https://base.easscan.org/graphql',
+});
 ```
 
 ### Contract Verification on Arbiscan (optional)

package/dist/index.d.mts

@@ -42,20 +42,84 @@ interface StrategyStoreConfig {
     resolverAddress?: string;
     registryAddress?: string;
 }
+interface EASAttestationRequestData {
+    recipient: Address;
+    expirationTime: bigint;
+    revocable: boolean;
+    refUID: string;
+    data: string;
+    value: bigint;
+}
+interface EASAttestationRequest {
+    schema: string;
+    data: EASAttestationRequestData;
+}
+interface SubmitOverrideAttestationOptions {
+    schemaUID?: string;
+    easAddress?: string;
+    refUID?: string;
+    skipCuratorCheck?: boolean;
+    easContract?: ethers.Contract;
+}
+interface SubmitOverrideAttestationResult {
+    request: EASAttestationRequest;
+    txHash: string;
+    uid?: string;
+}
+interface GetOverrideAttestationsOptions {
+    schemaUID?: string;
+    graphqlEndpoint?: string;
+    strategyTokenId?: bigint;
+    includeRevoked?: boolean;
+    includeExpired?: boolean;
+    pageSize?: number;
+    maxPages?: number;
+    timeoutMs?: number;
+    retries?: number;
+    fetchFn?: typeof fetch;
+}
+interface OverrideAttestationRecord {
+    uid: string;
+    attester: Address;
+    recipient: Address;
+    refUID: string;
+    revocable: boolean;
+    revocationTime: bigint;
+    expirationTime: bigint;
+    createdAt: bigint;
+    data: string;
+    vault: Address;
+    targetChainId: bigint;
+    strategyTokenId: bigint;
+    manifestCid: string;
+    isActive: boolean;
+}
 declare class StrategyStore {
-    static readonly ARBITRUM_ONE_RESOLVER_ADDRESS = "0x6628d1Bf82F34de132d0e1c60DEB574C1352d5A7";
-    static readonly ARBITRUM_ONE_CROSSCHAIN_SCHEMA_UID = "0xf1a6a394d1f3dd832a15e5b750963d929812e2b74d2dcea68ddf9f75691f16bf";
+    static readonly BASE_MAINNET_EAS_ADDRESS: Address;
+    static readonly BASE_MAINNET_RESOLVER_ADDRESS: Address;
+    static readonly BASE_MAINNET_CROSSCHAIN_SCHEMA_UID: string;
+    /** @deprecated Use BASE_MAINNET_EAS_ADDRESS */
+    static readonly ARBITRUM_ONE_EAS_ADDRESS: `0x${string}`;
+    /** @deprecated Use BASE_MAINNET_RESOLVER_ADDRESS */
+    static readonly ARBITRUM_ONE_RESOLVER_ADDRESS: `0x${string}`;
+    /** @deprecated Use BASE_MAINNET_CROSSCHAIN_SCHEMA_UID */
+    static readonly ARBITRUM_ONE_CROSSCHAIN_SCHEMA_UID: string;
     static encodeOverrideAttestationData(vault: string, targetChainId: number | bigint, strategyTokenId: bigint, manifestCid: string): string;
+    static buildOverrideAttestationRequest(schemaUID: string, vault: string, targetChainId: number | bigint, strategyTokenId: bigint, manifestCid: string, refUID?: string): EASAttestationRequest;
     private resolver;
     private registry?;
     private resolverAddress;
     private registryAddress?;
-    private chainId?;
+    private chainId;
+    private readonly runner;
     constructor(config: string | StrategyStoreConfig, providerOrSigner: ethers.Provider | ethers.Signer, overrides?: {
         resolver?: any;
         registry?: any;
     });
     private resolveChainId;
+    private getDefaultSchemaUID;
+    private getDefaultEASAddress;
+    private getSignerAddress;
     /**
      * Checks if an address is the top-level admin.
      * @param address The address to check.
@@ -79,6 +143,25 @@ declare class StrategyStore {
         to: string;
         data: string;
     }>;
+    /**
+     * Checks curator auth, builds an EAS request, and submits the attestation transaction.
+     * Uses computed recipient format, revocable=false, expirationTime=0 by default.
+     */
+    submitOverrideAttestation(vault: string, targetChainId: number | bigint, strategyTokenId: bigint, manifestCid: string, options?: SubmitOverrideAttestationOptions): Promise<SubmitOverrideAttestationResult>;
+    private static toBigInt;
+    private static isActiveAttestation;
+    private queryEASSubgraph;
+    private decodeOverrideAttestationRecord;
+    /**
+     * Returns full decoded override attestation history for a (vault, targetChainId) pair.
+     * Results are returned newest first according to subgraph ordering.
+     */
+    getOverrideAttestationHistory(vault: string, targetChainId: number | bigint, options?: GetOverrideAttestationsOptions): Promise<OverrideAttestationRecord[]>;
+    /**
+     * Returns the latest active override attestation for a (vault, targetChainId) pair.
+     * Active means not revoked and not expired.
+     */
+    getLatestOverrideAttestation(vault: string, targetChainId: number | bigint, options?: GetOverrideAttestationsOptions): Promise<OverrideAttestationRecord | null>;
 }
 
-export { CHAINS, type ChainConfig, StrategyStore, type StrategyStoreConfig, computeVaultIdentifier };
+export { CHAINS, type ChainConfig, type EASAttestationRequest, type EASAttestationRequestData, type GetOverrideAttestationsOptions, type OverrideAttestationRecord, StrategyStore, type StrategyStoreConfig, type SubmitOverrideAttestationOptions, type SubmitOverrideAttestationResult, computeVaultIdentifier };

package/dist/index.mjs

@@ -3,7 +3,7 @@ import { ethers } from "ethers";
 import { z } from "zod";
 import { getContractAddressByChainIdAndContractName } from "@steerprotocol/sdk";
 import { encodePacked, keccak256 } from "viem";
-import { base } from "viem/chains";
+import { arbitrum, base } from "viem/chains";
 
 // deployments/8453.json
 var __default = {
@@ -676,7 +676,66 @@ var REGISTRY_ABI = [
   "function totalVaultCount() view returns (uint256)",
   "function getVaultDetails(address _address) view returns (tuple(uint8 state, uint256 tokenId, uint256 vaultID, string payloadIpfs, address vaultAddress, string beaconName))"
 ];
+var EAS_ABI = [
+  "event Attested(address indexed recipient, address indexed attester, bytes32 uid, bytes32 indexed schemaUID)",
+  "function attest((bytes32 schema,(address recipient,uint64 expirationTime,bool revocable,bytes32 refUID,bytes data,uint256 value) data) request) payable returns (bytes32)"
+];
+var DEFAULT_EAS_SUBGRAPH_ENDPOINT = "https://base.easscan.org/graphql";
+var DEFAULT_SUBGRAPH_PAGE_SIZE = 100;
+var DEFAULT_SUBGRAPH_MAX_PAGES = 20;
+var DEFAULT_SUBGRAPH_TIMEOUT_MS = 15e3;
+var DEFAULT_SUBGRAPH_RETRIES = 2;
+var DEFAULT_CHAIN_ID = __default.chainId;
+var EAS_ATTESTATION_HISTORY_QUERY = `
+query AttestationHistory($schemaUID: String!, $recipient: String!, $take: Int!, $skip: Int!) {
+  attestations(
+    where: { schemaId: { equals: $schemaUID }, recipient: { equals: $recipient } }
+    orderBy: [{ timeCreated: desc }]
+    take: $take
+    skip: $skip
+  ) {
+    id
+    attester
+    recipient
+    refUID
+    revocable
+    revocationTime
+    expirationTime
+    time
+    timeCreated
+    data
+  }
+}
+`;
+var EAS_ATTESTATION_HISTORY_FALLBACK_QUERY = `
+query AttestationHistoryFallback($take: Int!, $skip: Int!) {
+  attestations(take: $take, skip: $skip) {
+    id
+    attester
+    recipient
+    refUID
+    revocable
+    revocationTime
+    expirationTime
+    time
+    timeCreated
+    data
+  }
+}
+`;
+var ARBITRUM_ONE_DEPLOYMENT = {
+  chainId: 42161,
+  chainName: "Arbitrum One",
+  chain: arbitrum,
+  rpcUrl: "https://arb1.arbitrum.io/rpc",
+  explorerUrl: "https://arbiscan.io",
+  easAddress: "0xbD75f629A22Dc1ceD33dDA0b68c546A1c035c458",
+  schemaRegistry: "0xA310da9c5B885E7fb3fbA9D66E9Ba6Df512b78eB",
+  resolverAddress: "0x6628d1Bf82F34de132d0e1c60DEB574C1352d5A7",
+  schemaUID: "0xf1a6a394d1f3dd832a15e5b750963d929812e2b74d2dcea68ddf9f75691f16bf"
+};
 var CHAINS = {
+  ARBITRUM_ONE: ARBITRUM_ONE_DEPLOYMENT,
   BASE_MAINNET: {
     chainId: __default.chainId,
     chainName: __default.chainName,
@@ -700,9 +759,19 @@ function computeVaultIdentifier(vault, chainId) {
   const hash = keccak256(packed);
   return `0x${hash.slice(-40)}`;
 }
+var Bytes32Schema = z.string().regex(/^0x[a-fA-F0-9]{64}$/, {
+  message: "Invalid bytes32 hex string"
+});
 var StrategyStore = class _StrategyStore {
-  static ARBITRUM_ONE_RESOLVER_ADDRESS = "0x6628d1Bf82F34de132d0e1c60DEB574C1352d5A7";
-  static ARBITRUM_ONE_CROSSCHAIN_SCHEMA_UID = "0xf1a6a394d1f3dd832a15e5b750963d929812e2b74d2dcea68ddf9f75691f16bf";
+  static BASE_MAINNET_EAS_ADDRESS = __default.easAddress;
+  static BASE_MAINNET_RESOLVER_ADDRESS = __default.deployments.SteerAuthorityResolver.address;
+  static BASE_MAINNET_CROSSCHAIN_SCHEMA_UID = __default.schema.uid;
+  /** @deprecated Use BASE_MAINNET_EAS_ADDRESS */
+  static ARBITRUM_ONE_EAS_ADDRESS = ARBITRUM_ONE_DEPLOYMENT.easAddress;
+  /** @deprecated Use BASE_MAINNET_RESOLVER_ADDRESS */
+  static ARBITRUM_ONE_RESOLVER_ADDRESS = ARBITRUM_ONE_DEPLOYMENT.resolverAddress;
+  /** @deprecated Use BASE_MAINNET_CROSSCHAIN_SCHEMA_UID */
+  static ARBITRUM_ONE_CROSSCHAIN_SCHEMA_UID = ARBITRUM_ONE_DEPLOYMENT.schemaUID;
   static encodeOverrideAttestationData(vault, targetChainId, strategyTokenId, manifestCid) {
     const validatedVault = AddressSchema.parse(vault);
     return ethers.AbiCoder.defaultAbiCoder().encode(
@@ -710,35 +779,61 @@ var StrategyStore = class _StrategyStore {
       [validatedVault, targetChainId, strategyTokenId, manifestCid]
     );
   }
+  static buildOverrideAttestationRequest(schemaUID, vault, targetChainId, strategyTokenId, manifestCid, refUID = ethers.ZeroHash) {
+    const validatedSchemaUID = Bytes32Schema.parse(schemaUID);
+    const validatedVault = AddressSchema.parse(vault);
+    const validatedRefUID = Bytes32Schema.parse(refUID);
+    const normalizedTargetChainId = BigInt(targetChainId);
+    const data = _StrategyStore.encodeOverrideAttestationData(
+      validatedVault,
+      normalizedTargetChainId,
+      strategyTokenId,
+      manifestCid
+    );
+    return {
+      schema: validatedSchemaUID,
+      data: {
+        recipient: computeVaultIdentifier(validatedVault, normalizedTargetChainId),
+        expirationTime: 0n,
+        revocable: false,
+        refUID: validatedRefUID,
+        data,
+        value: 0n
+      }
+    };
+  }
   resolver;
   registry;
   resolverAddress;
   registryAddress;
-  chainId;
+  chainId = DEFAULT_CHAIN_ID;
+  runner;
   constructor(config, providerOrSigner, overrides) {
     let resAddr;
     let regAddr;
+    this.runner = providerOrSigner;
     if (typeof config === "string") {
       resAddr = config;
+      this.chainId = DEFAULT_CHAIN_ID;
     } else {
       resAddr = config.resolverAddress;
       regAddr = config.registryAddress;
-      this.chainId = config.chainId;
-      const chainConfig = config.chainId ? getChainConfigByChainId(config.chainId) : void 0;
+      this.chainId = config.chainId ?? DEFAULT_CHAIN_ID;
+      const chainConfig = getChainConfigByChainId(this.chainId);
       if (!resAddr && chainConfig?.resolverAddress) {
         resAddr = chainConfig.resolverAddress;
       }
-      if (!resAddr && config.chainId) {
-        if (config.chainId === 42161) {
+      if (!resAddr) {
+        if (this.chainId === 42161) {
           resAddr = _StrategyStore.ARBITRUM_ONE_RESOLVER_ADDRESS;
         } else {
-          resAddr = getContractAddressByChainIdAndContractName(config.chainId, "SteerAuthorityResolver");
+          resAddr = getContractAddressByChainIdAndContractName(this.chainId, "SteerAuthorityResolver");
         }
       }
-      if (!regAddr && config.chainId) {
-        regAddr = getContractAddressByChainIdAndContractName(config.chainId, "VaultRegistry");
+      if (!regAddr && config.chainId !== void 0) {
+        regAddr = getContractAddressByChainIdAndContractName(this.chainId, "VaultRegistry");
         if (!regAddr) {
-          throw new Error(`VaultRegistry address not found for chainId ${config.chainId}`);
+          throw new Error(`VaultRegistry address not found for chainId ${this.chainId}`);
         }
       }
     }
@@ -753,11 +848,20 @@ var StrategyStore = class _StrategyStore {
     }
   }
   resolveChainId(chainId) {
-    const resolvedChainId = chainId ?? this.chainId;
-    if (resolvedChainId === void 0) {
-      throw new Error("chainId is required to perform this action");
+    return chainId ?? this.chainId;
+  }
+  getDefaultSchemaUID() {
+    return _StrategyStore.BASE_MAINNET_CROSSCHAIN_SCHEMA_UID;
+  }
+  getDefaultEASAddress() {
+    const chainConfig = getChainConfigByChainId(this.chainId);
+    return chainConfig?.easAddress ?? _StrategyStore.BASE_MAINNET_EAS_ADDRESS;
+  }
+  async getSignerAddress() {
+    if (!("getAddress" in this.runner) || typeof this.runner.getAddress !== "function") {
+      throw new Error("A signer is required to submit attestations");
     }
-    return resolvedChainId;
+    return await this.runner.getAddress();
   }
   /**
    * Checks if an address is the top-level admin.
@@ -817,6 +921,260 @@ var StrategyStore = class _StrategyStore {
       data
     };
   }
+  /**
+   * Checks curator auth, builds an EAS request, and submits the attestation transaction.
+   * Uses computed recipient format, revocable=false, expirationTime=0 by default.
+   */
+  async submitOverrideAttestation(vault, targetChainId, strategyTokenId, manifestCid, options) {
+    const resolvedSchemaUID = options?.schemaUID ?? this.getDefaultSchemaUID();
+    const resolvedEASAddress = options?.easAddress ?? this.getDefaultEASAddress();
+    const signerAddress = await this.getSignerAddress();
+    if (!options?.skipCuratorCheck) {
+      const authorized = await this.isCurator(vault, signerAddress, targetChainId);
+      if (!authorized) {
+        throw new Error(
+          `Address ${signerAddress} is not authorized as curator for vault ${vault} on chain ${targetChainId}`
+        );
+      }
+    }
+    const request = _StrategyStore.buildOverrideAttestationRequest(
+      resolvedSchemaUID,
+      vault,
+      targetChainId,
+      strategyTokenId,
+      manifestCid,
+      options?.refUID
+    );
+    const eas = options?.easContract || new ethers.Contract(AddressSchema.parse(resolvedEASAddress), EAS_ABI, this.runner);
+    const tx = await eas.attest(request);
+    const receipt = await tx.wait();
+    let uid;
+    for (const log of receipt.logs) {
+      try {
+        const parsed = eas.interface.parseLog(log);
+        if (!parsed || parsed.name !== "Attested") {
+          continue;
+        }
+        const eventAttester = String(parsed.args[1]).toLowerCase();
+        const eventUid = String(parsed.args[2]);
+        const eventSchemaUID = String(parsed.args[3]).toLowerCase();
+        if (eventAttester === signerAddress.toLowerCase() && eventSchemaUID === resolvedSchemaUID.toLowerCase()) {
+          uid = eventUid;
+          break;
+        }
+      } catch {
+      }
+    }
+    return {
+      request,
+      txHash: tx.hash,
+      uid
+    };
+  }
+  static toBigInt(value) {
+    if (value === null || value === void 0) {
+      return 0n;
+    }
+    if (typeof value === "bigint") {
+      return value;
+    }
+    if (typeof value === "number") {
+      return BigInt(value);
+    }
+    if (value.startsWith("0x") || value.startsWith("0X")) {
+      return BigInt(value);
+    }
+    return BigInt(value || "0");
+  }
+  static isActiveAttestation(record) {
+    const now = BigInt(Math.floor(Date.now() / 1e3));
+    const notRevoked = record.revocationTime === 0n;
+    const notExpired = record.expirationTime === 0n || record.expirationTime > now;
+    return notRevoked && notExpired;
+  }
+  async queryEASSubgraph(query, variables, endpoint, timeoutMs, retries, fetchFn) {
+    const resolvedFetchFn = fetchFn ?? globalThis.fetch;
+    if (!resolvedFetchFn) {
+      throw new Error("No fetch implementation available for subgraph requests");
+    }
+    let lastError;
+    for (let attempt = 0; attempt <= retries; attempt++) {
+      const controller = new AbortController();
+      const timeoutHandle = setTimeout(() => controller.abort(), timeoutMs);
+      try {
+        const response = await resolvedFetchFn(endpoint, {
+          method: "POST",
+          headers: {
+            "content-type": "application/json"
+          },
+          body: JSON.stringify({ query, variables }),
+          signal: controller.signal
+        });
+        if (!response.ok) {
+          throw new Error(`Subgraph HTTP ${response.status} ${response.statusText}`);
+        }
+        const payload = await response.json();
+        if (payload.errors && payload.errors.length > 0) {
+          const errorMessages = payload.errors.map((error) => error.message || "Unknown GraphQL error").join("; ");
+          throw new Error(`Subgraph GraphQL error: ${errorMessages}`);
+        }
+        if (!payload.data) {
+          throw new Error("Subgraph response missing data");
+        }
+        return payload.data;
+      } catch (error) {
+        lastError = error instanceof Error ? error : new Error(String(error));
+        if (attempt === retries) {
+          break;
+        }
+        const backoffMs = 300 * (attempt + 1);
+        await new Promise((resolve) => setTimeout(resolve, backoffMs));
+      } finally {
+        clearTimeout(timeoutHandle);
+      }
+    }
+    throw new Error(`Failed to query EAS subgraph after ${retries + 1} attempts: ${lastError?.message || "unknown error"}`);
+  }
+  decodeOverrideAttestationRecord(raw) {
+    try {
+      const decoded = ethers.AbiCoder.defaultAbiCoder().decode(
+        ["address", "uint256", "uint256", "string"],
+        raw.data
+      );
+      const vault = decoded[0];
+      const targetChainId = decoded[1];
+      const strategyTokenId = decoded[2];
+      const manifestCid = decoded[3];
+      const record = {
+        uid: raw.id,
+        attester: AddressSchema.parse(raw.attester),
+        recipient: AddressSchema.parse(raw.recipient),
+        refUID: raw.refUID,
+        revocable: raw.revocable,
+        revocationTime: _StrategyStore.toBigInt(raw.revocationTime),
+        expirationTime: _StrategyStore.toBigInt(raw.expirationTime),
+        createdAt: _StrategyStore.toBigInt(raw.timeCreated ?? raw.time),
+        data: raw.data,
+        vault: AddressSchema.parse(vault),
+        targetChainId: _StrategyStore.toBigInt(targetChainId),
+        strategyTokenId: _StrategyStore.toBigInt(strategyTokenId),
+        manifestCid,
+        isActive: false
+      };
+      record.isActive = _StrategyStore.isActiveAttestation(record);
+      return record;
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Returns full decoded override attestation history for a (vault, targetChainId) pair.
+   * Results are returned newest first according to subgraph ordering.
+   */
+  async getOverrideAttestationHistory(vault, targetChainId, options) {
+    const validatedVault = AddressSchema.parse(vault);
+    const normalizedTargetChainId = BigInt(targetChainId);
+    const recipient = computeVaultIdentifier(validatedVault, normalizedTargetChainId);
+    const schemaUID = options?.schemaUID ?? this.getDefaultSchemaUID();
+    const endpoint = options?.graphqlEndpoint ?? DEFAULT_EAS_SUBGRAPH_ENDPOINT;
+    const pageSize = options?.pageSize ?? DEFAULT_SUBGRAPH_PAGE_SIZE;
+    const maxPages = options?.maxPages ?? DEFAULT_SUBGRAPH_MAX_PAGES;
+    const timeoutMs = options?.timeoutMs ?? DEFAULT_SUBGRAPH_TIMEOUT_MS;
+    const retries = options?.retries ?? DEFAULT_SUBGRAPH_RETRIES;
+    const includeRevoked = options?.includeRevoked ?? true;
+    const includeExpired = options?.includeExpired ?? true;
+    const all = [];
+    let useFallbackQuery = false;
+    for (let page = 0; page < maxPages; page++) {
+      const skip = page * pageSize;
+      let response;
+      if (!useFallbackQuery) {
+        try {
+          response = await this.queryEASSubgraph(
+            EAS_ATTESTATION_HISTORY_QUERY,
+            {
+              schemaUID,
+              recipient,
+              take: pageSize,
+              skip
+            },
+            endpoint,
+            timeoutMs,
+            retries,
+            options?.fetchFn
+          );
+        } catch {
+          useFallbackQuery = true;
+          response = await this.queryEASSubgraph(
+            EAS_ATTESTATION_HISTORY_FALLBACK_QUERY,
+            {
+              take: pageSize,
+              skip
+            },
+            endpoint,
+            timeoutMs,
+            retries,
+            options?.fetchFn
+          );
+        }
+      } else {
+        response = await this.queryEASSubgraph(
+          EAS_ATTESTATION_HISTORY_FALLBACK_QUERY,
+          {
+            take: pageSize,
+            skip
+          },
+          endpoint,
+          timeoutMs,
+          retries,
+          options?.fetchFn
+        );
+      }
+      const pageRows = response.attestations || [];
+      for (const row of pageRows) {
+        const decoded = this.decodeOverrideAttestationRecord(row);
+        if (!decoded) {
+          continue;
+        }
+        if (decoded.vault.toLowerCase() !== validatedVault.toLowerCase()) {
+          continue;
+        }
+        if (decoded.targetChainId !== normalizedTargetChainId) {
+          continue;
+        }
+        if (decoded.recipient.toLowerCase() !== recipient.toLowerCase()) {
+          continue;
+        }
+        if (options?.strategyTokenId !== void 0 && decoded.strategyTokenId !== options.strategyTokenId) {
+          continue;
+        }
+        if (!includeRevoked && decoded.revocationTime !== 0n) {
+          continue;
+        }
+        if (!includeExpired && decoded.expirationTime !== 0n && decoded.expirationTime <= BigInt(Math.floor(Date.now() / 1e3))) {
+          continue;
+        }
+        all.push(decoded);
+      }
+      if (pageRows.length < pageSize) {
+        break;
+      }
+    }
+    return all;
+  }
+  /**
+   * Returns the latest active override attestation for a (vault, targetChainId) pair.
+   * Active means not revoked and not expired.
+   */
+  async getLatestOverrideAttestation(vault, targetChainId, options) {
+    const history = await this.getOverrideAttestationHistory(vault, targetChainId, options);
+    for (const item of history) {
+      if (item.isActive) {
+        return item;
+      }
+    }
+    return null;
+  }
 };
 export {
   CHAINS,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@steerprotocol/curator-tools",
-  "version": "1.7.0",
+  "version": "1.8.0",
   "description": "Steer Protocol Curator Override Tools",
   "publishConfig": {
     "access": "public"