@zyfai/sdk 0.1.14 → 0.1.16

package/README.md

@@ -40,8 +40,7 @@ pnpm add @zyfai/sdk viem
 import { ZyfaiSDK } from "@zyfai/sdk";
 
 const sdk = new ZyfaiSDK({
-  apiKey: "your-execution-api-key", // Execution API (transactions, Safe deployment)
-  dataApiKey: "your-data-api-key", // Data API (analytics, earnings, opportunities)
+  apiKey: "your-api-key", // API key for both Execution API and Data API
   bundlerApiKey: "your-bundler-api-key", // Required for Safe deployment
   environment: "production", // or 'staging' (default: 'production')
 });
@@ -49,12 +48,11 @@ const sdk = new ZyfaiSDK({
 
 **Configuration Options:**
 
-| Option          | Required | Description                                                                                     |
-| --------------- | -------- | ----------------------------------------------------------------------------------------------- |
-| `apiKey`        | Yes      | API key for Execution API (Safe deployment, transactions, session keys)                         |
-| `dataApiKey`    | No       | API key for Data API (earnings, opportunities, analytics). Defaults to `apiKey` if not provided |
-| `bundlerApiKey` | No\*     | Pimlico API key for Safe deployment (\*required for `deploySafe`)                               |
-| `environment`   | No       | `"production"` or `"staging"` (default: `"production"`)                                         |
+| Option          | Required | Description                                                                                          |
+| --------------- | -------- | ---------------------------------------------------------------------------------------------------- |
+| `apiKey`        | Yes      | API key for both Execution API and Data API (Safe deployment, transactions, session keys, analytics) |
+| `bundlerApiKey` | No\*     | Pimlico API key for Safe deployment (\*required for `deploySafe`)                                    |
+| `environment`   | No       | `"production"` or `"staging"` (default: `"production"`)                                              |
 
 **API Endpoints by Environment:**
 
@@ -786,12 +784,8 @@ try {
 For running the examples, set up the following environment variables:
 
 ```bash
-# Required: Execution API key (Safe deployment, transactions, session keys)
-ZYFAI_API_KEY=your-execution-api-key
-
-# Optional: Data API key (earnings, opportunities, analytics)
-# Falls back to ZYFAI_API_KEY if not provided
-ZYFAI_DATA_API_KEY=your-data-api-key
+# Required: API key for both Execution API and Data API
+ZYFAI_API_KEY=your-api-key
 
 # Required for Safe deployment: Bundler API key (e.g., Pimlico)
 BUNDLER_API_KEY=your-pimlico-api-key

package/dist/index.d.mts

@@ -7,10 +7,8 @@ type Address = `0x${string}`;
 type Hex = `0x${string}`;
 type Environment = "staging" | "production";
 interface SDKConfig {
-    /** API key for the Execution API */
+    /** API key for both Execution API and Data API */
     apiKey: string;
-    /** API key for the Data API - defaults to apiKey if not provided */
-    dataApiKey?: string;
     /** Environment: 'staging' or 'production' (default: 'production') */
     environment?: Environment;
     /** Bundler API key for Safe deployment (e.g., Pimlico) */

package/dist/index.d.ts

@@ -7,10 +7,8 @@ type Address = `0x${string}`;
 type Hex = `0x${string}`;
 type Environment = "staging" | "production";
 interface SDKConfig {
-    /** API key for the Execution API */
+    /** API key for both Execution API and Data API */
     apiKey: string;
-    /** API key for the Data API - defaults to apiKey if not provided */
-    dataApiKey?: string;
     /** Environment: 'staging' or 'production' (default: 'production') */
     environment?: Environment;
     /** Bundler API key for Safe deployment (e.g., Pimlico) */

package/dist/index.js

@@ -102,14 +102,12 @@ var HttpClient = class {
   /**
    * Create HTTP client for both Execution API and Data API
    *
-   * @param apiKey - API key for Execution API
+   * @param apiKey - API key for both Execution API and Data API
    * @param environment - 'staging' or 'production'
-   * @param dataApiKey - API key for Data API - defaults to apiKey
    */
-  constructor(apiKey, environment = "production", dataApiKey) {
+  constructor(apiKey, environment = "production") {
     this.authToken = null;
     this.apiKey = apiKey;
-    this.dataApiKey = dataApiKey || apiKey;
     this.environment = environment;
     const endpoint = API_ENDPOINTS[environment];
     const parsedUrl = new URL(endpoint);
@@ -128,7 +126,7 @@ var HttpClient = class {
       baseURL: `${dataEndpoint}${DATA_API_VERSION}`,
       headers: {
         "Content-Type": "application/json",
-        "X-API-Key": this.dataApiKey
+        "X-API-Key": this.apiKey
       },
       timeout: 3e4
     });
@@ -227,7 +225,7 @@ var HttpClient = class {
     const fullUrl = `${DATA_API_ENDPOINTS[this.environment]}${path}`;
     const headers = {
       "Content-Type": "application/json",
-      "X-API-Key": this.dataApiKey,
+      "X-API-Key": this.apiKey,
       ...config?.headers
     };
     if (this.authToken) {
@@ -243,7 +241,7 @@ var HttpClient = class {
   setupDataInterceptors() {
     this.dataClient.interceptors.request.use(
       (config) => {
-        config.headers["X-API-Key"] = this.dataApiKey;
+        config.headers["X-API-Key"] = this.apiKey;
         if (this.authToken) {
           config.headers["Authorization"] = `Bearer ${this.authToken}`;
         }
@@ -476,10 +474,30 @@ var getSafeAccount = async (config) => {
     threshold: 1
   });
   const saltHex = (0, import_viem3.fromHex)((0, import_viem3.toHex)(effectiveSalt), "bigint");
+  const signer = {
+    ...owner.account,
+    address: signerAddress,
+    // Override with the signer address at top level
+    signMessage: async (message) => {
+      if (typeof message === "string") {
+        return await owner.signMessage({
+          account: owner.account,
+          message
+        });
+      } else {
+        return await owner.signMessage({
+          account: owner.account,
+          message: {
+            raw: message.raw
+          }
+        });
+      }
+    }
+  };
   const safeAccount = await (0, import_accounts.toSafeSmartAccount)({
     client: publicClient,
-    owners: [owner],
-    // Pass the owner object with address and signMessage capability
+    owners: [signer],
+    // Pass the signer object with address at top level and signMessage capability
     version: "1.4.1",
     entryPoint: {
       address: import_account_abstraction.entryPoint07Address,
@@ -612,7 +630,7 @@ var deploySafeAccount = async (config) => {
     );
   }
 };
-var signSessionKey = async (config, sessions, allPublicClients) => {
+var signSessionKey = async (config, sessions, allPublicClients, signingParams) => {
   const { owner, publicClient } = config;
   if (!owner || !owner.account) {
     throw new Error("Wallet not connected. Please connect your wallet first.");
@@ -640,8 +658,9 @@ var signSessionKey = async (config, sessions, allPublicClients) => {
     sessions,
     account,
     clients,
-    permitGenericPolicy: true,
-    sessionNonces
+    permitGenericPolicy: signingParams?.permitGenericPolicy ?? true,
+    sessionNonces,
+    ignoreSecurityAttestations: signingParams?.ignoreSecurityAttestations ?? false
   });
   const signature = await owner.signMessage({
     account: owner.account,
@@ -670,12 +689,12 @@ var ZyfaiSDK = class {
     // Store reference to current provider for event handling
     this.currentChainId = null;
     const sdkConfig = typeof config === "string" ? { apiKey: config } : config;
-    const { apiKey, dataApiKey, environment, bundlerApiKey } = sdkConfig;
+    const { apiKey, environment, bundlerApiKey } = sdkConfig;
     if (!apiKey) {
       throw new Error("API key is required");
     }
     this.environment = environment || "production";
-    this.httpClient = new HttpClient(apiKey, this.environment, dataApiKey);
+    this.httpClient = new HttpClient(apiKey, this.environment);
     this.bundlerApiKey = bundlerApiKey;
   }
   /**
@@ -1153,9 +1172,10 @@ var ZyfaiSDK = class {
           alreadyActive: true
         };
       }
-      const sessionConfig = await this.httpClient.get(
+      const sessionConfigResponse = await this.httpClient.get(
         ENDPOINTS.SESSION_KEYS_CONFIG
       );
+      const sessionConfig = Array.isArray(sessionConfigResponse) ? sessionConfigResponse : sessionConfigResponse.sessions;
       if (!sessionConfig || sessionConfig.length === 0) {
         throw new Error("No session configuration available from API");
       }
@@ -1163,16 +1183,36 @@ var ZyfaiSDK = class {
         ...session,
         chainId: BigInt(session.chainId)
       }));
+      const DEFAULT_ACTION_TARGET = "0x0000000000000000000000000000000000000001";
+      const DEFAULT_ACTION_SELECTOR = "0x00000001";
+      const permitGenericPolicy = sessionConfig.some(
+        (session) => session.actions?.some(
+          (action) => action.actionTarget === DEFAULT_ACTION_TARGET && action.actionTargetSelector === DEFAULT_ACTION_SELECTOR
+        )
+      );
+      const chainConfig = getChainConfig(chainId);
+      const accountType = await getAccountType(
+        userAddress,
+        chainConfig.publicClient
+      );
+      const signingParams = {
+        permitGenericPolicy,
+        ignoreSecurityAttestations: accountType === "Safe"
+      };
       const signatureResult = await this.signSessionKey(
         userAddress,
         chainId,
-        sessions
+        sessions,
+        signingParams
       );
       if (!signatureResult.signature) {
         throw new Error("Failed to obtain session key signature");
       }
       await this.updateUserProtocols(chainId);
+      const signer = sessions[0].sessionValidator;
+      console.log("Session validator:", signer);
       const activation = await this.activateSessionKey(
+        signer,
         signatureResult.signature,
         signatureResult.sessionNonces
       );
@@ -1192,7 +1232,7 @@ var ZyfaiSDK = class {
    * Internal method to sign session key
    * @private
    */
-  async signSessionKey(userAddress, chainId, sessions) {
+  async signSessionKey(userAddress, chainId, sessions, signingParams) {
     try {
       if (!userAddress) {
         throw new Error("User address is required");
@@ -1227,7 +1267,8 @@ var ZyfaiSDK = class {
           environment: this.environment
         },
         sessions,
-        allPublicClients
+        allPublicClients,
+        signingParams
       );
       const safeAddress = await getDeterministicSafeAddress({
         owner: walletClient,
@@ -1274,9 +1315,10 @@ var ZyfaiSDK = class {
   /**
    * Activate session key via ZyFAI API
    */
-  async activateSessionKey(signature, sessionNonces) {
+  async activateSessionKey(signer, signature, sessionNonces) {
     const nonces = this.normalizeSessionNonces(sessionNonces);
     const payload = {
+      signer,
       hash: signature,
       nonces
     };

package/dist/index.mjs

@@ -63,14 +63,12 @@ var HttpClient = class {
   /**
    * Create HTTP client for both Execution API and Data API
    *
-   * @param apiKey - API key for Execution API
+   * @param apiKey - API key for both Execution API and Data API
    * @param environment - 'staging' or 'production'
-   * @param dataApiKey - API key for Data API - defaults to apiKey
    */
-  constructor(apiKey, environment = "production", dataApiKey) {
+  constructor(apiKey, environment = "production") {
     this.authToken = null;
     this.apiKey = apiKey;
-    this.dataApiKey = dataApiKey || apiKey;
     this.environment = environment;
     const endpoint = API_ENDPOINTS[environment];
     const parsedUrl = new URL(endpoint);
@@ -89,7 +87,7 @@ var HttpClient = class {
       baseURL: `${dataEndpoint}${DATA_API_VERSION}`,
       headers: {
         "Content-Type": "application/json",
-        "X-API-Key": this.dataApiKey
+        "X-API-Key": this.apiKey
       },
       timeout: 3e4
     });
@@ -188,7 +186,7 @@ var HttpClient = class {
     const fullUrl = `${DATA_API_ENDPOINTS[this.environment]}${path}`;
     const headers = {
       "Content-Type": "application/json",
-      "X-API-Key": this.dataApiKey,
+      "X-API-Key": this.apiKey,
       ...config?.headers
     };
     if (this.authToken) {
@@ -204,7 +202,7 @@ var HttpClient = class {
   setupDataInterceptors() {
     this.dataClient.interceptors.request.use(
       (config) => {
-        config.headers["X-API-Key"] = this.dataApiKey;
+        config.headers["X-API-Key"] = this.apiKey;
         if (this.authToken) {
           config.headers["Authorization"] = `Bearer ${this.authToken}`;
         }
@@ -456,10 +454,30 @@ var getSafeAccount = async (config) => {
     threshold: 1
   });
   const saltHex = fromHex(toHex(effectiveSalt), "bigint");
+  const signer = {
+    ...owner.account,
+    address: signerAddress,
+    // Override with the signer address at top level
+    signMessage: async (message) => {
+      if (typeof message === "string") {
+        return await owner.signMessage({
+          account: owner.account,
+          message
+        });
+      } else {
+        return await owner.signMessage({
+          account: owner.account,
+          message: {
+            raw: message.raw
+          }
+        });
+      }
+    }
+  };
   const safeAccount = await toSafeSmartAccount({
     client: publicClient,
-    owners: [owner],
-    // Pass the owner object with address and signMessage capability
+    owners: [signer],
+    // Pass the signer object with address at top level and signMessage capability
     version: "1.4.1",
     entryPoint: {
       address: entryPoint07Address,
@@ -592,7 +610,7 @@ var deploySafeAccount = async (config) => {
     );
   }
 };
-var signSessionKey = async (config, sessions, allPublicClients) => {
+var signSessionKey = async (config, sessions, allPublicClients, signingParams) => {
   const { owner, publicClient } = config;
   if (!owner || !owner.account) {
     throw new Error("Wallet not connected. Please connect your wallet first.");
@@ -620,8 +638,9 @@ var signSessionKey = async (config, sessions, allPublicClients) => {
     sessions,
     account,
     clients,
-    permitGenericPolicy: true,
-    sessionNonces
+    permitGenericPolicy: signingParams?.permitGenericPolicy ?? true,
+    sessionNonces,
+    ignoreSecurityAttestations: signingParams?.ignoreSecurityAttestations ?? false
   });
   const signature = await owner.signMessage({
     account: owner.account,
@@ -650,12 +669,12 @@ var ZyfaiSDK = class {
     // Store reference to current provider for event handling
     this.currentChainId = null;
     const sdkConfig = typeof config === "string" ? { apiKey: config } : config;
-    const { apiKey, dataApiKey, environment, bundlerApiKey } = sdkConfig;
+    const { apiKey, environment, bundlerApiKey } = sdkConfig;
     if (!apiKey) {
       throw new Error("API key is required");
     }
     this.environment = environment || "production";
-    this.httpClient = new HttpClient(apiKey, this.environment, dataApiKey);
+    this.httpClient = new HttpClient(apiKey, this.environment);
     this.bundlerApiKey = bundlerApiKey;
   }
   /**
@@ -1133,9 +1152,10 @@ var ZyfaiSDK = class {
           alreadyActive: true
         };
       }
-      const sessionConfig = await this.httpClient.get(
+      const sessionConfigResponse = await this.httpClient.get(
         ENDPOINTS.SESSION_KEYS_CONFIG
       );
+      const sessionConfig = Array.isArray(sessionConfigResponse) ? sessionConfigResponse : sessionConfigResponse.sessions;
       if (!sessionConfig || sessionConfig.length === 0) {
         throw new Error("No session configuration available from API");
       }
@@ -1143,16 +1163,36 @@ var ZyfaiSDK = class {
         ...session,
         chainId: BigInt(session.chainId)
       }));
+      const DEFAULT_ACTION_TARGET = "0x0000000000000000000000000000000000000001";
+      const DEFAULT_ACTION_SELECTOR = "0x00000001";
+      const permitGenericPolicy = sessionConfig.some(
+        (session) => session.actions?.some(
+          (action) => action.actionTarget === DEFAULT_ACTION_TARGET && action.actionTargetSelector === DEFAULT_ACTION_SELECTOR
+        )
+      );
+      const chainConfig = getChainConfig(chainId);
+      const accountType = await getAccountType(
+        userAddress,
+        chainConfig.publicClient
+      );
+      const signingParams = {
+        permitGenericPolicy,
+        ignoreSecurityAttestations: accountType === "Safe"
+      };
       const signatureResult = await this.signSessionKey(
         userAddress,
         chainId,
-        sessions
+        sessions,
+        signingParams
       );
       if (!signatureResult.signature) {
         throw new Error("Failed to obtain session key signature");
       }
       await this.updateUserProtocols(chainId);
+      const signer = sessions[0].sessionValidator;
+      console.log("Session validator:", signer);
       const activation = await this.activateSessionKey(
+        signer,
         signatureResult.signature,
         signatureResult.sessionNonces
       );
@@ -1172,7 +1212,7 @@ var ZyfaiSDK = class {
    * Internal method to sign session key
    * @private
    */
-  async signSessionKey(userAddress, chainId, sessions) {
+  async signSessionKey(userAddress, chainId, sessions, signingParams) {
     try {
       if (!userAddress) {
         throw new Error("User address is required");
@@ -1207,7 +1247,8 @@ var ZyfaiSDK = class {
           environment: this.environment
         },
         sessions,
-        allPublicClients
+        allPublicClients,
+        signingParams
       );
       const safeAddress = await getDeterministicSafeAddress({
         owner: walletClient,
@@ -1254,9 +1295,10 @@ var ZyfaiSDK = class {
   /**
    * Activate session key via ZyFAI API
    */
-  async activateSessionKey(signature, sessionNonces) {
+  async activateSessionKey(signer, signature, sessionNonces) {
     const nonces = this.normalizeSessionNonces(sessionNonces);
     const payload = {
+      signer,
       hash: signature,
       nonces
     };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zyfai/sdk",
-  "version": "0.1.14",
+  "version": "0.1.16",
   "description": "TypeScript SDK for ZyFAI Yield Optimization Engine - Deploy Safe smart wallets, manage session keys, and interact with DeFi protocols",
   "main": "dist/index.js",
   "module": "dist/index.mjs",