@wlfi-agent/cli 1.4.16 → 1.4.18

package/crates/vault-sdk-agent/src/lib.rs

@@ -89,7 +89,7 @@ pub trait AgentOperations: Send + Sync {
     async fn reserve_broadcast_nonce(
         &self,
         chain_id: u64,
-        min_nonce: u64,
+        nonce: u64,
     ) -> Result<NonceReservation, AgentSdkError>;
 
     /// Explicitly releases an unused nonce reservation.
@@ -244,7 +244,21 @@ where
     }
 
     async fn broadcast_tx(&self, mut tx: BroadcastTx) -> Result<Signature, AgentSdkError> {
-        let reservation = self.reserve_broadcast_nonce(tx.chain_id, tx.nonce).await?;
+        let requested_nonce = tx.nonce;
+        let reservation = self
+            .reserve_broadcast_nonce(tx.chain_id, requested_nonce)
+            .await?;
+        if reservation.nonce != requested_nonce {
+            let _ = self
+                .release_broadcast_nonce(reservation.reservation_id)
+                .await;
+            return Err(AgentSdkError::Daemon(DaemonError::InvalidNonceReservation(
+                format!(
+                    "requested exact nonce {requested_nonce} for chain_id {} but daemon reserved {}",
+                    tx.chain_id, reservation.nonce
+                ),
+            )));
+        }
         tx.nonce = reservation.nonce;
 
         match self.sign_action(AgentAction::BroadcastTx { tx }).await {
@@ -261,7 +275,7 @@ where
     async fn reserve_broadcast_nonce(
         &self,
         chain_id: u64,
-        min_nonce: u64,
+        nonce: u64,
     ) -> Result<NonceReservation, AgentSdkError> {
         let now = OffsetDateTime::now_utc();
         let request = NonceReservationRequest {
@@ -269,7 +283,8 @@ where
             agent_key_id: self.agent_key_id,
             agent_auth_token: self.agent_auth_token.to_string(),
             chain_id,
-            min_nonce,
+            min_nonce: nonce,
+            exact_nonce: true,
             requested_at: now,
             expires_at: now + Self::REQUEST_TTL,
         };
@@ -302,10 +317,10 @@ mod tests {
     use uuid::Uuid;
     use vault_daemon::{DaemonError, KeyManagerDaemonApi};
     use vault_domain::{
-        AdminSession, AgentAction, AgentCredentials, AgentKey, BroadcastTx, EvmAddress, Lease,
-        ManualApprovalDecision, ManualApprovalRequest, NonceReleaseRequest, NonceReservation,
-        NonceReservationRequest, PolicyAttachment, RelayConfig, SignRequest, Signature,
-        SpendingPolicy, VaultKey,
+        AdminSession, AgentAction, AgentCredentials, AgentKey, BroadcastTx, EntityScope,
+        EvmAddress, Lease, ManualApprovalDecision, ManualApprovalRequest, NonceReleaseRequest,
+        NonceReservation, NonceReservationRequest, PolicyAttachment, RelayConfig, SignRequest,
+        Signature, SpendingPolicy, VaultKey, DomainError,
     };
     use vault_policy::PolicyEvaluation;
     use vault_signer::KeyCreateRequest;
@@ -315,6 +330,8 @@ mod tests {
     #[derive(Default)]
     pub(super) struct RecordingDaemon {
         pub(super) request: Mutex<Option<SignRequest>>,
+        pub(super) nonce_request: Mutex<Option<NonceReservationRequest>>,
+        pub(super) released_reservation: Mutex<Option<Uuid>>,
         fail_sign: bool,
         reserved_nonce_override: Option<u64>,
     }
@@ -440,6 +457,7 @@ mod tests {
             &self,
             request: NonceReservationRequest,
         ) -> Result<NonceReservation, DaemonError> {
+            *self.nonce_request.lock().expect("lock") = Some(request.clone());
             Ok(NonceReservation {
                 reservation_id: Uuid::new_v4(),
                 agent_key_id: request.agent_key_id,
@@ -451,7 +469,8 @@ mod tests {
             })
         }
 
-        async fn release_nonce(&self, _request: NonceReleaseRequest) -> Result<(), DaemonError> {
+        async fn release_nonce(&self, request: NonceReleaseRequest) -> Result<(), DaemonError> {
+            *self.released_reservation.lock().expect("lock") = Some(request.reservation_id);
             Ok(())
         }
 
@@ -476,6 +495,178 @@ mod tests {
         }
     }
 
+    fn sample_admin_session() -> AdminSession {
+        AdminSession {
+            vault_password: "vault-password".to_string(),
+            lease: Lease {
+                lease_id: Uuid::new_v4(),
+                issued_at: OffsetDateTime::UNIX_EPOCH,
+                expires_at: OffsetDateTime::UNIX_EPOCH + time::Duration::minutes(5),
+            },
+        }
+    }
+
+    fn sample_policy() -> SpendingPolicy {
+        SpendingPolicy::new(
+            0,
+            vault_domain::PolicyType::PerTxMaxSpending,
+            100,
+            EntityScope::All,
+            EntityScope::All,
+            EntityScope::All,
+        )
+        .expect("policy")
+    }
+
+    fn sample_sign_request() -> SignRequest {
+        SignRequest {
+            request_id: Uuid::new_v4(),
+            agent_key_id: Uuid::new_v4(),
+            agent_auth_token: "agent-secret-token".to_string(),
+            payload: br#"{"kind":"transfer_native"}"#.to_vec(),
+            action: AgentAction::TransferNative {
+                chain_id: 1,
+                to: "0x1111111111111111111111111111111111111111"
+                    .parse()
+                    .expect("to"),
+                amount_wei: 1,
+            },
+            requested_at: OffsetDateTime::UNIX_EPOCH,
+            expires_at: OffsetDateTime::UNIX_EPOCH + time::Duration::minutes(2),
+        }
+    }
+
+    fn sample_nonce_release_request() -> NonceReleaseRequest {
+        NonceReleaseRequest {
+            request_id: Uuid::new_v4(),
+            agent_key_id: Uuid::new_v4(),
+            agent_auth_token: "agent-secret-token".to_string(),
+            reservation_id: Uuid::new_v4(),
+            requested_at: OffsetDateTime::UNIX_EPOCH,
+            expires_at: OffsetDateTime::UNIX_EPOCH + time::Duration::minutes(2),
+        }
+    }
+
+    fn sample_nonce_reservation_request() -> NonceReservationRequest {
+        NonceReservationRequest {
+            request_id: Uuid::new_v4(),
+            agent_key_id: Uuid::new_v4(),
+            agent_auth_token: "agent-secret-token".to_string(),
+            chain_id: 1,
+            min_nonce: 7,
+            exact_nonce: false,
+            requested_at: OffsetDateTime::UNIX_EPOCH,
+            expires_at: OffsetDateTime::UNIX_EPOCH + time::Duration::minutes(2),
+        }
+    }
+
+    #[tokio::test]
+    async fn recording_daemon_not_used_paths_return_transport_errors() {
+        let daemon = RecordingDaemon::default();
+        let session = sample_admin_session();
+        let policy = sample_policy();
+        let request = sample_sign_request();
+        let reservation_request = sample_nonce_reservation_request();
+        let release_request = sample_nonce_release_request();
+
+        assert!(matches!(
+            daemon.issue_lease("pw").await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.add_policy(&session, policy.clone()).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.list_policies(&session).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.disable_policy(&session, Uuid::new_v4()).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon
+                .create_vault_key(&session, KeyCreateRequest::Generate)
+                .await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon
+                .export_vault_private_key(&session, Uuid::new_v4())
+                .await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon
+                .create_agent_key(&session, Uuid::new_v4(), PolicyAttachment::AllPolicies)
+                .await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.rotate_agent_auth_token(&session, Uuid::new_v4()).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.revoke_agent_key(&session, Uuid::new_v4()).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.list_manual_approval_requests(&session).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon
+                .decide_manual_approval_request(
+                    &session,
+                    Uuid::new_v4(),
+                    ManualApprovalDecision::Approve,
+                    None
+                )
+                .await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon
+                .set_relay_config(&session, Some("https://relay.example".to_string()), None)
+                .await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.get_relay_config(&session).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.evaluate_for_agent(request.clone()).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+        assert!(matches!(
+            daemon.explain_for_agent(request).await,
+            Err(DaemonError::Transport(message)) if message == "not used"
+        ));
+
+        let reservation = daemon
+            .reserve_nonce(reservation_request.clone())
+            .await
+            .expect("reserve nonce");
+        assert_eq!(reservation.chain_id, reservation_request.chain_id);
+        assert_eq!(reservation.nonce, reservation_request.min_nonce);
+        assert_eq!(
+            daemon
+                .nonce_request
+                .lock()
+                .expect("lock")
+                .clone()
+                .expect("captured nonce request")
+                .exact_nonce,
+            reservation_request.exact_nonce
+        );
+        daemon
+            .release_nonce(release_request)
+            .await
+            .expect("release nonce");
+    }
+
     #[tokio::test]
     async fn approve_sends_canonical_action_payload_and_auth_token() {
         let daemon = Arc::new(RecordingDaemon::default());
@@ -518,10 +709,109 @@ mod tests {
         assert_eq!(decoded, captured.action);
     }
 
+    #[tokio::test]
+    async fn constructors_transfer_native_and_reservation_helpers_use_expected_identity() {
+        let daemon = Arc::new(RecordingDaemon::default());
+        let key_id = Uuid::new_v4();
+        let sdk = AgentSdk::new_with_key_id_and_token(
+            daemon.clone(),
+            key_id,
+            "agent-secret-token".to_string(),
+        );
+
+        let recipient: EvmAddress = "0x2100000000000000000000000000000000000000"
+            .parse()
+            .expect("recipient");
+        let signature = sdk
+            .transfer_native(1, recipient.clone(), 5)
+            .await
+            .expect("transfer native");
+        assert_eq!(signature.bytes, vec![0x11, 0x22]);
+
+        let captured = daemon
+            .request
+            .lock()
+            .expect("lock")
+            .clone()
+            .expect("captured request");
+        assert_eq!(captured.agent_key_id, key_id);
+        assert_eq!(captured.agent_auth_token, "agent-secret-token");
+        assert_eq!(
+            captured.action,
+            AgentAction::TransferNative {
+                chain_id: 1,
+                to: recipient,
+                amount_wei: 5
+            }
+        );
+
+        let reservation = sdk
+            .reserve_broadcast_nonce(56, 99)
+            .await
+            .expect("reserve nonce");
+        assert_eq!(reservation.chain_id, 56);
+        assert_eq!(reservation.nonce, 99);
+        let captured_reservation = daemon
+            .nonce_request
+            .lock()
+            .expect("lock")
+            .clone()
+            .expect("captured nonce request");
+        assert_eq!(captured_reservation.chain_id, 56);
+        assert_eq!(captured_reservation.min_nonce, 99);
+        assert!(captured_reservation.exact_nonce);
+        sdk.release_broadcast_nonce(reservation.reservation_id)
+            .await
+            .expect("release nonce");
+    }
+
+    #[tokio::test]
+    async fn sign_erc20_calldata_and_invalid_actions_propagate_domain_errors() {
+        let daemon = Arc::new(RecordingDaemon::default());
+        let sdk = AgentSdk::new(daemon.clone(), test_credentials());
+        let encoded = vec![
+            0x09, 0x5e, 0xa7, 0xb3, // approve(address,uint256)
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x44, 0x44, 0x44, 0x44,
+            0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+            0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c,
+        ];
+
+        let signature = sdk
+            .sign_erc20_calldata(
+                1,
+                "0x3300000000000000000000000000000000000000"
+                    .parse()
+                    .expect("token"),
+                encoded,
+            )
+            .await
+            .expect("sign erc20 calldata");
+        assert_eq!(signature.bytes, vec![0x11, 0x22]);
+
+        let err = sdk
+            .transfer_native(
+                1,
+                "0x5500000000000000000000000000000000000000"
+                    .parse()
+                    .expect("to"),
+                0,
+            )
+            .await
+            .expect_err("invalid action");
+        assert!(matches!(err, AgentSdkError::Domain(DomainError::InvalidAmount)));
+    }
+
     #[tokio::test]
     async fn transfer_propagates_daemon_errors() {
         let daemon = Arc::new(RecordingDaemon {
             request: Mutex::new(None),
+            nonce_request: Mutex::new(None),
+            released_reservation: Mutex::new(None),
             fail_sign: true,
             reserved_nonce_override: None,
         });
@@ -580,9 +870,11 @@ mod tests {
     }
 
     #[tokio::test]
-    async fn broadcast_tx_uses_reserved_nonce_from_daemon() {
+    async fn broadcast_tx_rejects_mismatched_reserved_nonce_from_daemon() {
         let daemon = Arc::new(RecordingDaemon {
             request: Mutex::new(None),
+            nonce_request: Mutex::new(None),
+            released_reservation: Mutex::new(None),
             fail_sign: false,
             reserved_nonce_override: Some(1),
         });
@@ -603,22 +895,34 @@ mod tests {
             delegation_enabled: false,
         };
 
-        sdk.broadcast_tx(tx.clone()).await.expect("broadcast");
+        let err = sdk
+            .broadcast_tx(tx.clone())
+            .await
+            .expect_err("mismatched reserved nonce must fail");
+        assert!(matches!(
+            err,
+            AgentSdkError::Daemon(DaemonError::InvalidNonceReservation(message))
+            if message.contains("requested exact nonce 0")
+                && message.contains("chain_id 56")
+                && message.contains("reserved 1")
+        ));
 
-        let captured = daemon
-            .request
+        assert!(daemon.request.lock().expect("lock").is_none());
+        assert!(
+            daemon
+                .released_reservation
+                .lock()
+                .expect("lock")
+                .is_some()
+        );
+        let captured_reservation = daemon
+            .nonce_request
             .lock()
             .expect("lock")
             .clone()
-            .expect("captured request");
-        match captured.action {
-            AgentAction::BroadcastTx { tx: signed_tx } => {
-                assert_eq!(signed_tx.nonce, 1);
-                assert_eq!(signed_tx.chain_id, tx.chain_id);
-                assert_eq!(signed_tx.to, tx.to);
-            }
-            other => panic!("unexpected action: {other:?}"),
-        }
+            .expect("captured nonce request");
+        assert!(captured_reservation.exact_nonce);
+        assert_eq!(captured_reservation.min_nonce, tx.nonce);
     }
 }
 
@@ -708,4 +1012,93 @@ mod typed_data_tests {
         let decoded: AgentAction = serde_json::from_slice(&captured.payload).expect("decode");
         assert_eq!(decoded, captured.action);
     }
+
+    #[tokio::test]
+    async fn transfer_and_eip3009_transfer_sends_canonical_action_payload() {
+        let daemon = Arc::new(RecordingDaemon::default());
+        let sdk = AgentSdk::new(daemon.clone(), test_credentials());
+
+        let token = "0x3000000000000000000000000000000000000000"
+            .parse()
+            .expect("token");
+        let to = "0x5000000000000000000000000000000000000000"
+            .parse()
+            .expect("to");
+        let signature = sdk
+            .transfer(1, token, to, 9)
+            .await
+            .expect("transfer");
+        assert_eq!(signature.bytes, vec![0x11, 0x22]);
+
+        let transfer_action = daemon
+            .request
+            .lock()
+            .expect("lock")
+            .clone()
+            .expect("captured request")
+            .action;
+        assert!(matches!(transfer_action, AgentAction::Transfer { .. }));
+
+        let authorization = Eip3009Transfer {
+            chain_id: 1,
+            token: "0x3000000000000000000000000000000000000000"
+                .parse()
+                .expect("token"),
+            token_name: "USD Coin".to_string(),
+            token_version: Some("2".to_string()),
+            from: "0x4000000000000000000000000000000000000000"
+                .parse()
+                .expect("from"),
+            to: "0x5000000000000000000000000000000000000000"
+                .parse()
+                .expect("to"),
+            amount_wei: 9,
+            valid_after: 1,
+            valid_before: 2,
+            nonce_hex: "0x5555555555555555555555555555555555555555555555555555555555555555"
+                .to_string(),
+        };
+
+        let signature = sdk
+            .eip3009_transfer_with_authorization(authorization.clone())
+            .await
+            .expect("eip3009 transfer");
+        assert_eq!(signature.bytes, vec![0x11, 0x22]);
+
+        let captured = daemon
+            .request
+            .lock()
+            .expect("lock")
+            .clone()
+            .expect("captured request");
+        assert_eq!(
+            captured.action,
+            AgentAction::Eip3009TransferWithAuthorization { authorization }
+        );
+        let decoded: AgentAction = serde_json::from_slice(&captured.payload).expect("decode");
+        assert_eq!(decoded, captured.action);
+
+        let erc20_transfer = vec![
+            0xa9, 0x05, 0x9c, 0xbb, // transfer(address,uint256)
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x55, 0x55, 0x55, 0x55,
+            0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+            0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+        ];
+        let signature = sdk
+            .sign_erc20_calldata(
+                1,
+                "0x6000000000000000000000000000000000000000"
+                    .parse()
+                    .expect("token"),
+                erc20_transfer,
+            )
+            .await
+            .expect("erc20 transfer");
+        assert_eq!(signature.bytes, vec![0x11, 0x22]);
+    }
 }

package/crates/vault-signer/Cargo.toml

@@ -5,6 +5,9 @@ edition.workspace = true
 license.workspace = true
 authors.workspace = true
 
+[features]
+interactive-secure-enclave-tests = []
+
 [dependencies]
 async-trait.workspace = true
 core-foundation.workspace = true