@totalreclaw/totalreclaw 1.6.0 → 3.0.6

package/subgraph-store.ts

@@ -5,34 +5,83 @@
  * "true"). Replaces the HTTP POST to /v1/store with an on-chain transaction
  * flow.
  *
- * Builds UserOps client-side using `permissionless` + `viem` and submits
- * them through the TotalReclaw relay server, which proxies bundler/paymaster
- * JSON-RPC to Pimlico with its own API key. Clients never need a Pimlico key.
+ * Uses @totalreclaw/core WASM for calldata encoding, UserOp hashing, and
+ * ECDSA signing. Raw fetch() for all JSON-RPC calls to the relay bundler
+ * and chain RPCs. No viem, no permissionless.
  */
 
-import { createPublicClient, http, type Hex, type Address, type Chain } from 'viem';
-import { entryPoint07Address } from 'viem/account-abstraction';
-import { mnemonicToAccount } from 'viem/accounts';
-import { gnosis, gnosisChiado, baseSepolia } from 'viem/chains';
-import { createSmartAccountClient } from 'permissionless';
-import { toSimpleSmartAccount } from 'permissionless/accounts';
-import { createPimlicoClient } from 'permissionless/clients/pimlico';
+// Lazy-load WASM to avoid crash when npm install hasn't finished yet.
+let _wasm: typeof import('@totalreclaw/core') | null = null;
+function getWasm() {
+  if (!_wasm) _wasm = require('@totalreclaw/core');
+  return _wasm;
+}
+import { CONFIG } from './config.js';
 
 // ---------------------------------------------------------------------------
-// Types
+// Pimlico 429 retry helper
 // ---------------------------------------------------------------------------
 
-/** Default EventfulDataEdge contract address on Gnosis mainnet */
-const DEFAULT_DATA_EDGE_ADDRESS = '0xC445af1D4EB9fce4e1E61fE96ea7B8feBF03c5ca';
+/**
+ * Wrap a fetch-based JSON-RPC call with exponential backoff for HTTP 429
+ * (rate limit) responses from Pimlico. Max 5 retries with 5s base delay,
+ * doubling each attempt, capped at 60s, plus random jitter (0-1000ms).
+ * Total retry window: ~135s (5+10+20+40+60 plus jitter).
+ * All other HTTP errors throw immediately.
+ */
+async function rpcWithRetry(
+  url: string,
+  headers: Record<string, string>,
+  method: string,
+  params: unknown[],
+): Promise<any> {
+  const maxRetries = 5;
+  const baseDelay = 5000;   // 5 seconds
+  const maxDelay = 60_000;  // 60 seconds cap
+  const body = JSON.stringify({ jsonrpc: '2.0', id: 1, method, params });
+
+  for (let attempt = 1; attempt <= maxRetries + 1; attempt++) {
+    const resp = await fetch(url, { method: 'POST', headers, body });
+
+    if (resp.ok) {
+      const json = await resp.json() as { result?: any; error?: { message: string } };
+      if (json.error) {
+        // Check if the RPC-level error message indicates a rate limit
+        if (attempt <= maxRetries && /429|rate limit/i.test(json.error.message)) {
+          const delay = Math.min(Math.pow(2, attempt - 1) * baseDelay, maxDelay) + Math.floor(Math.random() * 1000);
+          console.error(`Pimlico rate limited, retrying in ${delay}ms (attempt ${attempt}/${maxRetries})...`);
+          await new Promise(r => setTimeout(r, delay));
+          continue;
+        }
+        throw new Error(`RPC ${method}: ${json.error.message}`);
+      }
+      return json.result;
+    }
+
+    // HTTP-level 429 — retry with backoff
+    if (resp.status === 429 && attempt <= maxRetries) {
+      const delay = Math.min(Math.pow(2, attempt - 1) * baseDelay, maxDelay) + Math.floor(Math.random() * 1000);
+      console.error(`Pimlico rate limited, retrying in ${delay}ms (attempt ${attempt}/${maxRetries})...`);
+      await new Promise(r => setTimeout(r, delay));
+      continue;
+    }
+
+    throw new Error(`Relay returned HTTP ${resp.status} for ${method}`);
+  }
 
-/** Well-known ERC-4337 EntryPoint v0.7 address (same on all chains) */
-const DEFAULT_ENTRYPOINT_ADDRESS = '0x0000000071727De22E5E9d8BAf0edAc6f37da032';
+  // Should not be reached, but satisfies TypeScript
+  throw new Error(`RPC ${method}: max retries exceeded`);
+}
+
+// ---------------------------------------------------------------------------
+// Types
+// ---------------------------------------------------------------------------
 
 export interface SubgraphStoreConfig {
   relayUrl: string;           // TotalReclaw relay server URL (proxies bundler + subgraph)
   mnemonic: string;           // BIP-39 mnemonic for key derivation
   cachePath: string;          // Hot cache file path
-  chainId: number;            // 100 for Gnosis mainnet, 10200 for Chiado testnet, 84532 for Base Sepolia
+  chainId: number;            // 100 for Gnosis mainnet, 84532 for Base Sepolia
   dataEdgeAddress: string;    // EventfulDataEdge contract address
   entryPointAddress: string;  // ERC-4337 EntryPoint v0.7
   authKeyHex?: string;        // HKDF auth key for relay server Authorization header
@@ -44,141 +93,203 @@ export interface FactPayload {
   id: string;
   timestamp: string;
   owner: string;           // Smart Account address (hex)
-  encryptedBlob: string;   // Hex-encoded AES-256-GCM ciphertext
+  encryptedBlob: string;   // Hex-encoded XChaCha20-Poly1305 ciphertext
   blindIndices: string[];   // SHA-256 hashes (word + LSH)
   decayScore: number;
   source: string;
   contentFp: string;
   agentId: string;
   encryptedEmbedding?: string;
+  /**
+   * Outer protobuf schema version. Plugin v3.0.0 writes Memory Taxonomy v1
+   * JSON inner blobs, so this defaults to `PROTOBUF_VERSION_V4` (4). Omitting
+   * the field (or passing 0) yields the legacy `DEFAULT_PROTOBUF_VERSION`
+   * (3), which is retained so tombstone rows stay wire-compatible with
+   * pre-v3 readers if ever needed.
+   */
+  version?: number;
 }
 
+/** Legacy protobuf wrapper schema version (v0/v1-binary inner blob). */
+export const PROTOBUF_VERSION_LEGACY = 3;
+
+/** Memory Taxonomy v1 protobuf wrapper schema version. */
+export const PROTOBUF_VERSION_V4 = 4;
+
+// Stub 65-byte signature for gas estimation (pm_sponsorUserOperation).
+// Must be a structurally valid ECDSA signature (r,s,v) so that ecrecover does
+// NOT revert inside SimpleAccount._validateSignature.  All-zeros causes
+// OpenZeppelin ECDSA.recover() to revert with ECDSAInvalidSignature() (0xf645eedf),
+// which the EntryPoint surfaces as AA23.
+// This matches the stub used by permissionless/viem — ecrecover returns a
+// non-owner address, so validateUserOp returns SIG_VALIDATION_FAILED (1)
+// instead of reverting, which is what bundlers expect during simulation.
+const DUMMY_SIGNATURE =
+  '0xfffffffffffffffffffffffffffffff0000000000000000000000000000000007aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa1c';
+
 // ---------------------------------------------------------------------------
-// Protobuf encoding (unchanged)
+// Protobuf encoding (WASM)
 // ---------------------------------------------------------------------------
 
 /**
- * Encode a fact payload as a minimal Protobuf wire format.
+ * Encode a fact payload as a minimal Protobuf wire format via WASM core.
  *
- * Field numbers match server/proto/totalreclaw.proto:
- *   1: id (string), 2: timestamp (string), 3: owner (string),
- *   4: encrypted_blob (bytes), 5: blind_indices (repeated string),
- *   6: decay_score (double), 7: is_active (bool), 8: version (int32),
- *   9: source (string), 10: content_fp (string), 11: agent_id (string),
- *   12: sequence_id (int64), 13: encrypted_embedding (string)
+ * Field numbers match server/proto/totalreclaw.proto.
+ *
+ * As of plugin v3.0.0 the outer protobuf `version` field is written as 4
+ * when the caller passes `version: PROTOBUF_VERSION_V4`. Omitting the field
+ * preserves legacy v3 semantics (e.g. for tombstone tombstone rows that
+ * should round-trip through pre-v3 readers).
  */
 export function encodeFactProtobuf(fact: FactPayload): Buffer {
-  const parts: Buffer[] = [];
-
-  // Helper: encode a string field
-  const writeString = (fieldNumber: number, value: string) => {
-    if (!value) return;
-    const data = Buffer.from(value, 'utf-8');
-    const key = (fieldNumber << 3) | 2; // wire type 2 = length-delimited
-    parts.push(encodeVarint(key));
-    parts.push(encodeVarint(data.length));
-    parts.push(data);
-  };
-
-  // Helper: encode a bytes field
-  const writeBytes = (fieldNumber: number, value: Buffer) => {
-    const key = (fieldNumber << 3) | 2;
-    parts.push(encodeVarint(key));
-    parts.push(encodeVarint(value.length));
-    parts.push(value);
-  };
-
-  // Helper: encode a double field (wire type 1 = 64-bit)
-  const writeDouble = (fieldNumber: number, value: number) => {
-    const key = (fieldNumber << 3) | 1;
-    parts.push(encodeVarint(key));
-    const buf = Buffer.alloc(8);
-    buf.writeDoubleLE(value);
-    parts.push(buf);
-  };
-
-  // Helper: encode a varint field (wire type 0)
-  const writeVarintField = (fieldNumber: number, value: number) => {
-    const key = (fieldNumber << 3) | 0;
-    parts.push(encodeVarint(key));
-    parts.push(encodeVarint(value));
-  };
-
-  // Encode fields
-  writeString(1, fact.id);
-  writeString(2, fact.timestamp);
-  writeString(3, fact.owner);
-  writeBytes(4, Buffer.from(fact.encryptedBlob, 'hex'));
-
-  for (const index of fact.blindIndices) {
-    writeString(5, index);
-  }
-
-  writeDouble(6, fact.decayScore);
-  writeVarintField(7, 1); // is_active = true
-  writeVarintField(8, 2); // version = 2
-  writeString(9, fact.source);
-  writeString(10, fact.contentFp);
-  writeString(11, fact.agentId);
-  // Field 12 (sequence_id) is assigned by the subgraph mapping, not the client
-  if (fact.encryptedEmbedding) {
-    writeString(13, fact.encryptedEmbedding);
-  }
-
-  return Buffer.concat(parts);
-}
-
-/** Encode an integer as a Protobuf varint */
-export function encodeVarint(value: number): Buffer {
-  const bytes: number[] = [];
-  let v = value >>> 0; // unsigned
-  while (v > 0x7f) {
-    bytes.push((v & 0x7f) | 0x80);
-    v >>>= 7;
-  }
-  bytes.push(v & 0x7f);
-  return Buffer.from(bytes);
+  const json = JSON.stringify({
+    id: fact.id,
+    timestamp: fact.timestamp,
+    owner: fact.owner,
+    encrypted_blob_hex: fact.encryptedBlob,
+    blind_indices: fact.blindIndices,
+    decay_score: fact.decayScore,
+    source: fact.source,
+    content_fp: fact.contentFp,
+    agent_id: fact.agentId,
+    encrypted_embedding: fact.encryptedEmbedding || null,
+    version: fact.version ?? PROTOBUF_VERSION_LEGACY,
+  });
+  return Buffer.from(getWasm().encodeFactProtobuf(json));
 }
 
 // ---------------------------------------------------------------------------
 // Chain helpers
 // ---------------------------------------------------------------------------
 
-/** Resolve a viem Chain object from chain ID */
-function getChainFromId(chainId: number): Chain {
+/** Get the default public RPC URL for a chain ID */
+function getDefaultRpcUrl(chainId: number): string {
   switch (chainId) {
     case 100:
-      return gnosis;
-    case 10200:
-      return gnosisChiado;
+      return 'https://rpc.gnosischain.com';
     case 84532:
-      return baseSepolia;
+      return 'https://sepolia.base.org';
     default:
-      return gnosis;
+      return 'https://sepolia.base.org';
   }
 }
 
-/** Build the relay bundler RPC URL from the relay server URL */
-function getRelayBundlerUrl(relayUrl: string): string {
-  return `${relayUrl}/v1/bundler`;
+// ---------------------------------------------------------------------------
+// Smart Account address derivation
+// ---------------------------------------------------------------------------
+
+/**
+ * Derive the Smart Account address from a BIP-39 mnemonic.
+ *
+ * Uses the SimpleAccountFactory's getAddress(owner, salt=0) view function
+ * via a raw eth_call to the chain RPC. The address is deterministic (CREATE2).
+ */
+export async function deriveSmartAccountAddress(mnemonic: string, chainId?: number): Promise<string> {
+  const eoa = getWasm().deriveEoa(mnemonic) as { private_key: string; address: string };
+  const resolvedChainId = chainId ?? 84532;
+
+  // SimpleAccountFactory.getAddress(address owner, uint256 salt) — view function
+  // Selector: 0x8cb84e18 = keccak256("getAddress(address,uint256)")[0:4]
+  const factoryAddress = getWasm().getSimpleAccountFactory();
+  const ownerPadded = eoa.address.slice(2).toLowerCase().padStart(64, '0');
+  const saltPadded = '0'.repeat(64);
+  const selector = '8cb84e18';
+  const calldata = `0x${selector}${ownerPadded}${saltPadded}`;
+
+  const rpcUrl = CONFIG.rpcUrl || getDefaultRpcUrl(resolvedChainId);
+  const response = await fetch(rpcUrl, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'eth_call',
+      params: [{ to: factoryAddress, data: calldata }, 'latest'],
+    }),
+  });
+  const json = await response.json() as { result?: string; error?: { message: string } };
+  if (json.error) {
+    throw new Error(`Failed to resolve Smart Account address: ${json.error.message}`);
+  }
+  if (!json.result || json.result === '0x') {
+    throw new Error('Failed to resolve Smart Account address: empty result');
+  }
+  // Result is a 32-byte ABI-encoded address — take last 20 bytes
+  return `0x${json.result.slice(-40)}`.toLowerCase();
 }
 
 // ---------------------------------------------------------------------------
-// On-chain submission (Pimlico UserOps)
+// Smart Account deployment check (with session cache)
+// ---------------------------------------------------------------------------
+
+/**
+ * Session-level cache for account deployment status.
+ * Once an account is deployed (first successful UserOp), we skip the
+ * eth_getCode check and omit factory/factoryData for all subsequent calls.
+ * This prevents AA10 "duplicate deployment" errors when multiple facts
+ * are stored in rapid succession for a first-time user.
+ */
+const deployedAccounts = new Set<string>();
+
+/**
+ * Check if a Smart Account is deployed and return factory/factoryData if not.
+ *
+ * For ERC-4337 v0.7, undeployed accounts need `factory` and `factoryData`
+ * in the UserOp so the EntryPoint can deploy them during the first transaction.
+ */
+async function getInitCode(
+  sender: string,
+  eoaAddress: string,
+  rpcUrl: string,
+): Promise<{ factory: string | null; factoryData: string | null }> {
+  // Session cache: if we already deployed this account, skip the RPC check
+  if (deployedAccounts.has(sender.toLowerCase())) {
+    return { factory: null, factoryData: null };
+  }
+
+  // Check if the Smart Account contract is deployed
+  const codeResp = await fetch(rpcUrl, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      jsonrpc: '2.0', id: 1, method: 'eth_getCode',
+      params: [sender, 'latest'],
+    }),
+  });
+  const codeJson = await codeResp.json() as { result?: string };
+  const isDeployed = codeJson.result && codeJson.result !== '0x' && codeJson.result !== '0x0';
+
+  if (isDeployed) {
+    deployedAccounts.add(sender.toLowerCase());
+    return { factory: null, factoryData: null };
+  }
+
+  // Account not deployed — build factory + factoryData for first-time deployment.
+  // createAccount(address owner, uint256 salt) — state-changing function
+  // Selector: 0x5fbfb9cf = keccak256("createAccount(address,uint256)")[0:4]
+  const factory = getWasm().getSimpleAccountFactory();
+  const ownerPadded = eoaAddress.slice(2).toLowerCase().padStart(64, '0');
+  const saltPadded = '0'.repeat(64);
+  const selector = '5fbfb9cf';
+  const factoryData = `0x${selector}${ownerPadded}${saltPadded}`;
+
+  return { factory, factoryData };
+}
+
+// ---------------------------------------------------------------------------
+// On-chain submission (ERC-4337 UserOps via raw fetch)
 // ---------------------------------------------------------------------------
 
 /**
  * Submit a fact on-chain via ERC-4337 UserOp through the relay server.
  *
- * Builds a UserOp client-side using `permissionless` + `viem`:
- * 1. Derives private key from mnemonic (BIP-39 + BIP-44 m/44'/60'/0'/0/0)
- * 2. Creates a SimpleSmartAccount
- * 3. Gets paymaster sponsorship (via relay proxy to Pimlico)
- * 4. Signs and submits the UserOp to relay bundler endpoint
- * 5. Waits for the transaction receipt
+ * Uses @totalreclaw/core WASM for:
+ * 1. EOA derivation from mnemonic (BIP-39 + BIP-44)
+ * 2. Calldata encoding (SimpleAccount.execute)
+ * 3. UserOp hashing (ERC-4337 v0.7)
+ * 4. ECDSA signing (EIP-191 prefixed)
  *
- * The relay server proxies all bundler/paymaster JSON-RPC to Pimlico
- * with its own API key. Clients never need a Pimlico API key.
+ * All JSON-RPC calls go through raw fetch() to the relay bundler endpoint.
  */
 export async function submitFactOnChain(
   protobufPayload: Buffer,
@@ -192,92 +303,178 @@ export async function submitFactOnChain(
     throw new Error('Mnemonic (TOTALRECLAW_RECOVERY_PHRASE) is required for on-chain submission');
   }
 
-  const chain = getChainFromId(config.chainId);
-  const bundlerRpcUrl = getRelayBundlerUrl(config.relayUrl);
-  const dataEdgeAddress = config.dataEdgeAddress as Address;
-  const entryPointAddr = (config.entryPointAddress || entryPoint07Address) as Address;
-
-  // Build authenticated transport for relay server proxy
+  const bundlerUrl = `${config.relayUrl}/v1/bundler`;
   const headers: Record<string, string> = {
+    'Content-Type': 'application/json',
     'X-TotalReclaw-Client': 'openclaw-plugin',
   };
   if (config.authKeyHex) headers['Authorization'] = `Bearer ${config.authKeyHex}`;
   if (config.walletAddress) headers['X-Wallet-Address'] = config.walletAddress;
 
-  const authTransport = Object.keys(headers).length > 0
-    ? http(bundlerRpcUrl, { fetchOptions: { headers } })
-    : http(bundlerRpcUrl);
-
-  // 1. Derive EOA signer from mnemonic (BIP-44 m/44'/60'/0'/0/0)
-  const ownerAccount = mnemonicToAccount(config.mnemonic);
+  // Helper for JSON-RPC calls to relay bundler (with 429 retry)
+  async function rpc(method: string, params: unknown[]): Promise<any> {
+    return rpcWithRetry(bundlerUrl, headers, method, params);
+  }
 
-  // 2. Create a public client for chain reads (using explicit RPC if configured,
-  //    NOT the bundler proxy which only supports ERC-4337 JSON-RPC methods)
-  const publicClient = createPublicClient({
-    chain,
-    transport: config.rpcUrl ? http(config.rpcUrl) : http(),
-  });
+  // 1. Derive EOA from mnemonic
+  const eoa = getWasm().deriveEoa(config.mnemonic) as { private_key: string; address: string };
+  const sender = config.walletAddress || await deriveSmartAccountAddress(config.mnemonic, config.chainId);
+  const entryPoint = config.entryPointAddress || getWasm().getEntryPointAddress();
+
+  // 2. Encode calldata (SimpleAccount.execute → DataEdge fallback)
+  const calldataBytes = getWasm().encodeSingleCall(protobufPayload);
+  const callData = `0x${Buffer.from(calldataBytes).toString('hex')}`;
+
+  // 3. Get gas prices from Pimlico
+  const gasPrices = await rpc('pimlico_getUserOperationGasPrice', []);
+  const fast = gasPrices.fast;
+
+  const rpcUrl = config.rpcUrl || CONFIG.rpcUrl || getDefaultRpcUrl(config.chainId);
+
+  // 4. Check if Smart Account is deployed (needed for factory/factoryData)
+  const { factory, factoryData } = await getInitCode(sender, eoa.address, rpcUrl);
+
+  // 5. Get nonce from EntryPoint via bundler RPC.
+  //    Routing through the bundler lets Pimlico account for pending mempool
+  //    UserOps, preventing AA25 nonce conflicts on rapid submissions.
+  //    Requires relay allowlist to include eth_call (added in relay v1.x).
+  //    Fallback: if bundler rejects eth_call (403/method_not_allowed), use public RPC.
+  //    getNonce(address sender, uint192 key) — selector 0x35567e1a
+  const senderPadded = sender.slice(2).toLowerCase().padStart(64, '0');
+  const keyPadded = '0'.repeat(64);
+  const nonceCalldata = `0x35567e1a${senderPadded}${keyPadded}`;
+
+  let nonce: string;
+  try {
+    const nonceResult = await rpc('eth_call', [{ to: entryPoint, data: nonceCalldata }, 'latest']);
+    nonce = nonceResult || '0x0';
+  } catch {
+    // Fallback to public RPC if bundler doesn't support eth_call
+    const nonceResp = await fetch(rpcUrl, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        jsonrpc: '2.0', id: 1, method: 'eth_call',
+        params: [{ to: entryPoint, data: nonceCalldata }, 'latest'],
+      }),
+    });
+    const nonceJson = await nonceResp.json() as { result?: string };
+    nonce = nonceJson.result || '0x0';
+  }
 
-  // 3. Create Pimlico client for bundler + paymaster operations (via relay)
-  const pimlicoClient = createPimlicoClient({
-    chain,
-    transport: authTransport,
-    entryPoint: {
-      address: entryPointAddr,
-      version: '0.7',
-    },
-  });
+  // 6. Build unsigned UserOp (v0.7 fields, camelCase for Rust JSON serde)
+  const unsignedOp: Record<string, any> = {
+    sender,
+    nonce,
+    callData,
+    callGasLimit: '0x0',
+    verificationGasLimit: '0x0',
+    preVerificationGas: '0x0',
+    maxFeePerGas: fast.maxFeePerGas,
+    maxPriorityFeePerGas: fast.maxPriorityFeePerGas,
+    signature: DUMMY_SIGNATURE,
+  };
+  if (factory) {
+    unsignedOp.factory = factory;
+    unsignedOp.factoryData = factoryData;
+  }
 
-  // 4. Create a SimpleSmartAccount (auto-generates initCode if undeployed)
-  const smartAccount = await toSimpleSmartAccount({
-    client: publicClient,
-    owner: ownerAccount,
-    entryPoint: {
-      address: entryPointAddr,
-      version: '0.7',
-    },
-  });
+  // 7. Get paymaster sponsorship (fills gas limits + paymaster fields)
+  const sponsorResult = await rpc('pm_sponsorUserOperation', [unsignedOp, entryPoint]);
+  Object.assign(unsignedOp, sponsorResult);
+
+  // 8. Hash and sign the UserOp via WASM
+  const opJson = JSON.stringify(unsignedOp);
+  const hashHex = getWasm().hashUserOp(opJson, entryPoint, BigInt(config.chainId));
+  const sigHex = getWasm().signUserOp(hashHex, eoa.private_key);
+  unsignedOp.signature = `0x${sigHex}`;
+
+  // 9. Submit the signed UserOp (with AA25 nonce conflict retry)
+  let userOpHash: string;
+  try {
+    userOpHash = await rpc('eth_sendUserOperation', [unsignedOp, entryPoint]);
+  } catch (err: any) {
+    const msg = err?.message || '';
+    if (/AA25|AA10|invalid account nonce|already being processed/i.test(msg)) {
+      console.error('AA25/AA10 nonce conflict detected, rebuilding UserOp with fresh nonce...');
+      // Bust deployment cache so getInitCode re-checks on-chain
+      deployedAccounts.delete(sender.toLowerCase());
+
+      // Wait for previous UserOp to mine before retrying with fresh nonce.
+      // Public RPC won't reflect the new nonce until the tx is on-chain.
+      await new Promise(r => setTimeout(r, 15000));
+
+      // Re-fetch initCode and nonce
+      const { factory: retryFactory, factoryData: retryFactoryData } = await getInitCode(sender, eoa.address, rpcUrl);
+      let retryNonce: string;
+      try {
+        const retryNonceResult = await rpc('eth_call', [{ to: entryPoint, data: nonceCalldata }, 'latest']);
+        retryNonce = retryNonceResult || '0x0';
+      } catch {
+        const retryNonceResp = await fetch(rpcUrl, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            jsonrpc: '2.0', id: 1, method: 'eth_call',
+            params: [{ to: entryPoint, data: nonceCalldata }, 'latest'],
+          }),
+        });
+        const retryNonceJson = await retryNonceResp.json() as { result?: string };
+        retryNonce = retryNonceJson.result || '0x0';
+      }
+
+      // Rebuild unsigned UserOp with fresh nonce and initCode
+      const retryOp: Record<string, any> = {
+        sender,
+        nonce: retryNonce,
+        callData,
+        callGasLimit: '0x0',
+        verificationGasLimit: '0x0',
+        preVerificationGas: '0x0',
+        maxFeePerGas: fast.maxFeePerGas,
+        maxPriorityFeePerGas: fast.maxPriorityFeePerGas,
+        signature: DUMMY_SIGNATURE,
+      };
+      if (retryFactory) {
+        retryOp.factory = retryFactory;
+        retryOp.factoryData = retryFactoryData;
+      }
+
+      // Re-sponsor and re-sign
+      const retrySponsor = await rpc('pm_sponsorUserOperation', [retryOp, entryPoint]);
+      Object.assign(retryOp, retrySponsor);
+      const retryOpJson = JSON.stringify(retryOp);
+      const retryHashHex = getWasm().hashUserOp(retryOpJson, entryPoint, BigInt(config.chainId));
+      const retrySigHex = getWasm().signUserOp(retryHashHex, eoa.private_key);
+      retryOp.signature = `0x${retrySigHex}`;
+
+      userOpHash = await rpc('eth_sendUserOperation', [retryOp, entryPoint]);
+    } else {
+      throw err;
+    }
+  }
 
-  // 5. Create smart account client wired to relay bundler + paymaster
-  const smartAccountClient = createSmartAccountClient({
-    account: smartAccount,
-    chain,
-    bundlerTransport: authTransport,
-    // Paymaster sponsorship proxied through relay to Pimlico
-    paymaster: pimlicoClient,
-    userOperation: {
-      estimateFeesPerGas: async () => {
-        return (await pimlicoClient.getUserOperationGasPrice()).fast;
-      },
-    },
-  });
+  // 10. Wait for receipt (poll up to 120s)
+  let receipt = null;
+  for (let i = 0; i < 60; i++) {
+    await new Promise(r => setTimeout(r, 2000));
+    try {
+      receipt = await rpc('eth_getUserOperationReceipt', [userOpHash]);
+      if (receipt) break;
+    } catch { /* not mined yet */ }
+  }
 
-  // 6. Send the transaction: Smart Account execute(dataEdgeAddress, 0, protobufPayload)
-  //    The DataEdge contract has a fallback() that emits Log(bytes), so the calldata
-  //    IS the protobuf payload directly (no function selector needed).
-  //    permissionless encodes the execute() call internally from to/value/data.
-  const calldata = `0x${protobufPayload.toString('hex')}` as Hex;
-
-  // Use sendUserOperation to get the userOpHash, then wait for receipt
-  const userOpHash = await smartAccountClient.sendUserOperation({
-    calls: [
-      {
-        to: dataEdgeAddress,
-        value: 0n,
-        data: calldata,
-      },
-    ],
-  });
+  const success = receipt?.success ?? false;
 
-  // 7. Wait for the UserOp to be included in a transaction
-  const receipt = await pimlicoClient.waitForUserOperationReceipt({
-    hash: userOpHash,
-  });
+  // Mark account as deployed after first successful submission
+  if (success) {
+    deployedAccounts.add(sender.toLowerCase());
+  }
 
   return {
-    txHash: receipt.receipt.transactionHash,
+    txHash: receipt?.receipt?.transactionHash || '',
     userOpHash,
-    success: receipt.success,
+    success,
   };
 }
 
@@ -311,71 +508,187 @@ export async function submitFactBatchOnChain(
     throw new Error('Mnemonic (TOTALRECLAW_RECOVERY_PHRASE) is required for on-chain submission');
   }
 
-  const chain = getChainFromId(config.chainId);
-  const bundlerRpcUrl = getRelayBundlerUrl(config.relayUrl);
-  const dataEdgeAddress = config.dataEdgeAddress as Address;
-  const entryPointAddr = (config.entryPointAddress || entryPoint07Address) as Address;
-
+  const bundlerUrl = `${config.relayUrl}/v1/bundler`;
   const headers: Record<string, string> = {
+    'Content-Type': 'application/json',
     'X-TotalReclaw-Client': 'openclaw-plugin',
   };
   if (config.authKeyHex) headers['Authorization'] = `Bearer ${config.authKeyHex}`;
   if (config.walletAddress) headers['X-Wallet-Address'] = config.walletAddress;
 
-  const authTransport = Object.keys(headers).length > 0
-    ? http(bundlerRpcUrl, { fetchOptions: { headers } })
-    : http(bundlerRpcUrl);
+  // Helper for JSON-RPC calls to relay bundler (with 429 retry)
+  async function rpc(method: string, params: unknown[]): Promise<any> {
+    return rpcWithRetry(bundlerUrl, headers, method, params);
+  }
 
-  const ownerAccount = mnemonicToAccount(config.mnemonic);
-  const publicClient = createPublicClient({
-    chain,
-    transport: config.rpcUrl ? http(config.rpcUrl) : http(),
-  });
+  const eoa = getWasm().deriveEoa(config.mnemonic) as { private_key: string; address: string };
+  const sender = config.walletAddress || await deriveSmartAccountAddress(config.mnemonic, config.chainId);
+  const entryPoint = config.entryPointAddress || getWasm().getEntryPointAddress();
+
+  // Encode batch calldata (SimpleAccount.executeBatch)
+  // encodeBatchCall expects a JSON array of hex-encoded payload strings
+  const payloadsHex = protobufPayloads.map(p => p.toString('hex'));
+  const calldataBytes = getWasm().encodeBatchCall(JSON.stringify(payloadsHex));
+  const callData = `0x${Buffer.from(calldataBytes).toString('hex')}`;
+
+  // Get gas prices
+  const gasPrices = await rpc('pimlico_getUserOperationGasPrice', []);
+  const fast = gasPrices.fast;
+
+  const rpcUrl = config.rpcUrl || CONFIG.rpcUrl || getDefaultRpcUrl(config.chainId);
+
+  // Check if Smart Account is deployed (needed for factory/factoryData)
+  const { factory, factoryData } = await getInitCode(sender, eoa.address, rpcUrl);
+
+  // Get nonce via bundler (accounts for pending mempool UserOps) with public RPC fallback
+  const senderPadded = sender.slice(2).toLowerCase().padStart(64, '0');
+  const keyPadded = '0'.repeat(64);
+  const nonceCalldata = `0x35567e1a${senderPadded}${keyPadded}`;
+
+  let nonce: string;
+  try {
+    const nonceResult = await rpc('eth_call', [{ to: entryPoint, data: nonceCalldata }, 'latest']);
+    nonce = nonceResult || '0x0';
+  } catch {
+    const nonceResp = await fetch(rpcUrl, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        jsonrpc: '2.0', id: 1, method: 'eth_call',
+        params: [{ to: entryPoint, data: nonceCalldata }, 'latest'],
+      }),
+    });
+    const nonceJson = await nonceResp.json() as { result?: string };
+    nonce = nonceJson.result || '0x0';
+  }
 
-  const pimlicoClient = createPimlicoClient({
-    chain,
-    transport: authTransport,
-    entryPoint: {
-      address: entryPointAddr,
-      version: '0.7',
-    },
-  });
+  // Build unsigned UserOp
+  const unsignedOp: Record<string, any> = {
+    sender,
+    nonce,
+    callData,
+    callGasLimit: '0x0',
+    verificationGasLimit: '0x0',
+    preVerificationGas: '0x0',
+    maxFeePerGas: fast.maxFeePerGas,
+    maxPriorityFeePerGas: fast.maxPriorityFeePerGas,
+    signature: DUMMY_SIGNATURE,
+  };
+  if (factory) {
+    unsignedOp.factory = factory;
+    unsignedOp.factoryData = factoryData;
+  }
 
-  const smartAccount = await toSimpleSmartAccount({
-    client: publicClient,
-    owner: ownerAccount,
-    entryPoint: {
-      address: entryPointAddr,
-      version: '0.7',
-    },
-  });
+  // Gas estimation for batch operations — get accurate gas limits from Pimlico
+  // before paymaster sponsorship (can't bump after sponsorship as it invalidates
+  // the paymaster's signature, causing AA34).
+  if (protobufPayloads.length > 1) {
+    try {
+      const gasEstimate = await rpc('eth_estimateUserOperationGas', [unsignedOp, entryPoint]);
+      if (gasEstimate.callGasLimit) unsignedOp.callGasLimit = gasEstimate.callGasLimit;
+      if (gasEstimate.verificationGasLimit) unsignedOp.verificationGasLimit = gasEstimate.verificationGasLimit;
+      if (gasEstimate.preVerificationGas) unsignedOp.preVerificationGas = gasEstimate.preVerificationGas;
+    } catch {
+      // If estimation fails, let the paymaster handle it (default behavior)
+    }
+  }
 
-  const smartAccountClient = createSmartAccountClient({
-    account: smartAccount,
-    chain,
-    bundlerTransport: authTransport,
-    paymaster: pimlicoClient,
-    userOperation: {
-      estimateFeesPerGas: async () => {
-        return (await pimlicoClient.getUserOperationGasPrice()).fast;
-      },
-    },
-  });
+  // Paymaster sponsorship (uses gas limits from estimation above for batches)
+  const sponsorResult = await rpc('pm_sponsorUserOperation', [unsignedOp, entryPoint]);
+  Object.assign(unsignedOp, sponsorResult);
+
+  // Hash and sign via WASM
+  const opJson = JSON.stringify(unsignedOp);
+  const hashHex = getWasm().hashUserOp(opJson, entryPoint, BigInt(config.chainId));
+  const sigHex = getWasm().signUserOp(hashHex, eoa.private_key);
+  unsignedOp.signature = `0x${sigHex}`;
+
+  // Submit (with AA25 nonce conflict retry)
+  let userOpHash: string;
+  try {
+    userOpHash = await rpc('eth_sendUserOperation', [unsignedOp, entryPoint]);
+  } catch (err: any) {
+    const msg = err?.message || '';
+    if (/AA25|AA10|invalid account nonce|already being processed/i.test(msg)) {
+      console.error('AA25/AA10 nonce conflict detected (batch), rebuilding UserOp with fresh nonce...');
+      // Bust deployment cache so getInitCode re-checks on-chain
+      deployedAccounts.delete(sender.toLowerCase());
+
+      // Wait for previous UserOp to mine before retrying with fresh nonce.
+      // Public RPC won't reflect the new nonce until the tx is on-chain.
+      await new Promise(r => setTimeout(r, 15000));
+
+      // Re-fetch initCode and nonce
+      const { factory: retryFactory, factoryData: retryFactoryData } = await getInitCode(sender, eoa.address, rpcUrl);
+      let retryNonce: string;
+      try {
+        const retryNonceResult = await rpc('eth_call', [{ to: entryPoint, data: nonceCalldata }, 'latest']);
+        retryNonce = retryNonceResult || '0x0';
+      } catch {
+        const retryNonceResp = await fetch(rpcUrl, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            jsonrpc: '2.0', id: 1, method: 'eth_call',
+            params: [{ to: entryPoint, data: nonceCalldata }, 'latest'],
+          }),
+        });
+        const retryNonceJson = await retryNonceResp.json() as { result?: string };
+        retryNonce = retryNonceJson.result || '0x0';
+      }
+
+      // Rebuild unsigned UserOp with fresh nonce and initCode
+      const retryOp: Record<string, any> = {
+        sender,
+        nonce: retryNonce,
+        callData,
+        callGasLimit: '0x0',
+        verificationGasLimit: '0x0',
+        preVerificationGas: '0x0',
+        maxFeePerGas: fast.maxFeePerGas,
+        maxPriorityFeePerGas: fast.maxPriorityFeePerGas,
+        signature: DUMMY_SIGNATURE,
+      };
+      if (retryFactory) {
+        retryOp.factory = retryFactory;
+        retryOp.factoryData = retryFactoryData;
+      }
+
+      // Re-sponsor and re-sign
+      const retrySponsor = await rpc('pm_sponsorUserOperation', [retryOp, entryPoint]);
+      Object.assign(retryOp, retrySponsor);
+      const retryOpJson = JSON.stringify(retryOp);
+      const retryHashHex = getWasm().hashUserOp(retryOpJson, entryPoint, BigInt(config.chainId));
+      const retrySigHex = getWasm().signUserOp(retryHashHex, eoa.private_key);
+      retryOp.signature = `0x${retrySigHex}`;
+
+      userOpHash = await rpc('eth_sendUserOperation', [retryOp, entryPoint]);
+    } else {
+      throw err;
+    }
+  }
+
+  // Wait for receipt (poll up to 120s)
+  let receipt = null;
+  for (let i = 0; i < 60; i++) {
+    await new Promise(r => setTimeout(r, 2000));
+    try {
+      receipt = await rpc('eth_getUserOperationReceipt', [userOpHash]);
+      if (receipt) break;
+    } catch { /* not mined yet */ }
+  }
 
-  // Build multi-call batch: each payload → one call to DataEdge fallback()
-  const calls = protobufPayloads.map(payload => ({
-    to: dataEdgeAddress,
-    value: 0n,
-    data: `0x${payload.toString('hex')}` as Hex,
-  }));
+  const batchSuccess = receipt?.success ?? false;
 
-  const userOpHash = await smartAccountClient.sendUserOperation({ calls });
-  const receipt = await pimlicoClient.waitForUserOperationReceipt({ hash: userOpHash });
+  // Mark account as deployed after first successful submission
+  if (batchSuccess) {
+    deployedAccounts.add(sender.toLowerCase());
+  }
 
   return {
-    txHash: receipt.receipt.transactionHash,
+    txHash: receipt?.receipt?.transactionHash || '',
     userOpHash,
-    success: receipt.success,
+    success: batchSuccess,
     batchSize: protobufPayloads.length,
   };
 }
@@ -391,57 +704,28 @@ export async function submitFactBatchOnChain(
  * The managed service (subgraph mode) is the default.
  */
 export function isSubgraphMode(): boolean {
-  return process.env.TOTALRECLAW_SELF_HOSTED !== 'true';
+  return !CONFIG.selfHosted;
 }
 
 /**
  * Get subgraph configuration from environment variables.
  *
- * After the relay refactor, clients only need:
+ * After the v1 env var cleanup, clients only need:
  *   - TOTALRECLAW_RECOVERY_PHRASE -- BIP-39 mnemonic
  *   - TOTALRECLAW_SERVER_URL -- relay server URL (default: https://api.totalreclaw.xyz)
  *   - TOTALRECLAW_SELF_HOSTED -- set "true" to use self-hosted server (default: managed service)
- *   - TOTALRECLAW_CHAIN_ID -- optional, defaults to 100 (Gnosis mainnet)
  *
- * Removed from client-side config (now server-side only):
- *   - PIMLICO_API_KEY
- *   - TOTALRECLAW_SUBGRAPH_ENDPOINT
- */
-/**
- * Derive the Smart Account address from a BIP-39 mnemonic.
- * This is the on-chain owner identity used in the subgraph.
+ * Chain ID is no longer configurable via env — it is auto-detected from the
+ * relay billing response (free = Base Sepolia, Pro = Gnosis mainnet).
  */
-export async function deriveSmartAccountAddress(mnemonic: string, chainId?: number): Promise<string> {
-  const chain: Chain = getChainFromId(chainId ?? 100);
-  const ownerAccount = mnemonicToAccount(mnemonic);
-  const entryPointAddr = (process.env.TOTALRECLAW_ENTRYPOINT_ADDRESS || DEFAULT_ENTRYPOINT_ADDRESS) as Address;
-  const rpcUrl = process.env.TOTALRECLAW_RPC_URL;
-
-  const publicClient = createPublicClient({
-    chain,
-    transport: rpcUrl ? http(rpcUrl) : http(),
-  });
-
-  const smartAccount = await toSimpleSmartAccount({
-    client: publicClient,
-    owner: ownerAccount,
-    entryPoint: {
-      address: entryPointAddr,
-      version: '0.7',
-    },
-  });
-
-  return smartAccount.address.toLowerCase();
-}
-
 export function getSubgraphConfig(): SubgraphStoreConfig {
   return {
-    relayUrl: process.env.TOTALRECLAW_SERVER_URL || 'https://api.totalreclaw.xyz',
-    mnemonic: process.env.TOTALRECLAW_RECOVERY_PHRASE || '',
-    cachePath: process.env.TOTALRECLAW_CACHE_PATH || `${process.env.HOME}/.totalreclaw/cache.enc`,
-    chainId: parseInt(process.env.TOTALRECLAW_CHAIN_ID || '100'),
-    dataEdgeAddress: process.env.TOTALRECLAW_DATA_EDGE_ADDRESS || DEFAULT_DATA_EDGE_ADDRESS,
-    entryPointAddress: process.env.TOTALRECLAW_ENTRYPOINT_ADDRESS || DEFAULT_ENTRYPOINT_ADDRESS,
-    rpcUrl: process.env.TOTALRECLAW_RPC_URL || undefined,
+    relayUrl: CONFIG.serverUrl || 'https://api.totalreclaw.xyz',
+    mnemonic: CONFIG.recoveryPhrase,
+    cachePath: CONFIG.cachePath,
+    chainId: CONFIG.chainId,
+    dataEdgeAddress: CONFIG.dataEdgeAddress || getWasm().getDataEdgeAddress(),
+    entryPointAddress: CONFIG.entryPointAddress || getWasm().getEntryPointAddress(),
+    rpcUrl: CONFIG.rpcUrl || undefined,
   };
 }