accounts 0.6.7 → 0.7.0

package/src/core/ExecutionError.ts

@@ -0,0 +1,189 @@
+import { type DecodeErrorResultReturnType, type Hex, decodeErrorResult } from 'viem'
+import { Abis } from 'viem/tempo'
+
+import type { OneOf, UnionOmit } from '../internal/types.js'
+
+type AllAbis = typeof Abis.abis
+type AbiErrorName = Extract<AllAbis[number], { type: 'error' }>['name']
+
+/** Decoded execution error from a Tempo precompile revert. */
+export type ExecutionError = OneOf<
+  | (DecodeErrorResultReturnType<AllAbis> & {
+      data: Hex
+      message: string
+    })
+  | { errorName: 'unknown'; message: string }
+>
+
+/** RPC-serialized execution error (bigints and numbers as hex). */
+export type Rpc = UnionOmit<ExecutionError, 'args'>
+
+/** Human-readable messages keyed by ABI error name. */
+export const messages: Record<AbiErrorName, string> = {
+  AddressAlreadyHasValidator: 'This address already has a validator.',
+  AddressNotReserved: 'Address is not reserved.',
+  AddressReserved: 'Address is reserved.',
+  AlreadyInitialized: 'Already initialized.',
+  BelowMinimumOrderSize: 'Below minimum order size: {0}.',
+  CallNotAllowed: 'This call is not allowed.',
+  CannotChangeWithPendingFees: 'Cannot change while fees are pending.',
+  CannotChangeWithinBlock: 'Cannot change within the same block.',
+  ContractPaused: 'Contract is paused.',
+  DivisionByZero: 'Division by zero.',
+  EmptyV1ValidatorSet: 'Validator set is empty.',
+  ExpiringNonceReplay: 'Expiring nonce has already been used.',
+  ExpiringNonceSetFull: 'Expiring nonce set is full.',
+  ExpiryInPast: 'Expiry is in the past.',
+  IdenticalAddresses: 'Addresses must be different.',
+  IdenticalTokens: 'Tokens must be different.',
+  IncompatiblePolicyType: 'Incompatible policy type.',
+  IngressAlreadyExists: 'Ingress "{0}" already exists.',
+  InsufficientAllowance: 'Insufficient allowance.',
+  InsufficientBalance: 'Insufficient balance. Required: {1}, available: {0}.',
+  InsufficientFeeTokenBalance: 'Insufficient fee token balance.',
+  InsufficientLiquidity: 'Insufficient liquidity.',
+  InsufficientOutput: 'Insufficient output amount.',
+  InsufficientReserves: 'Insufficient reserves.',
+  InternalError: 'Internal error.',
+  InvalidAmount: 'Invalid amount.',
+  InvalidBaseToken: 'Invalid base token.',
+  InvalidCallScope: 'Invalid call scope.',
+  InvalidCurrency: 'Invalid currency.',
+  InvalidExpiringNonceExpiry: 'Invalid expiring nonce expiry.',
+  InvalidFlipTick: 'Invalid flip tick.',
+  InvalidFormat: 'Invalid format.',
+  InvalidMasterAddress: 'Invalid master address.',
+  InvalidMigrationIndex: 'Invalid migration index.',
+  InvalidNonceKey: 'Invalid nonce key.',
+  InvalidOwner: 'Invalid owner.',
+  InvalidPayload: 'Invalid payload.',
+  InvalidPolicyType: 'Invalid policy type.',
+  InvalidPublicKey: 'Invalid public key.',
+  InvalidQuoteToken: 'Invalid quote token.',
+  InvalidRecipient: 'Invalid recipient.',
+  InvalidSignature: 'Invalid signature.',
+  InvalidSignatureFormat: 'Invalid signature format.',
+  InvalidSignatureType: 'Invalid signature type.',
+  InvalidSpendingLimit: 'Invalid spending limit.',
+  InvalidSupplyCap: 'Invalid supply cap.',
+  InvalidSwapCalculation: 'Invalid swap calculation.',
+  InvalidTick: 'Invalid tick.',
+  InvalidToken: 'Invalid token.',
+  InvalidTransferPolicyId: 'Invalid transfer policy.',
+  InvalidValidatorAddress: 'Invalid validator address.',
+  KeyAlreadyExists: 'Key already exists.',
+  KeyAlreadyRevoked: 'Key has already been revoked.',
+  KeyExpired: 'Key has expired.',
+  KeyNotFound: 'Key not found.',
+  LegacyAuthorizeKeySelectorChanged: 'Legacy authorize key selector changed to {0}.',
+  MasterIdCollision: 'Master ID collision with {0}.',
+  MaxInputExceeded: 'Maximum input exceeded.',
+  MigrationNotComplete: 'Migration is not complete.',
+  NoOptedInSupply: 'No opted-in supply.',
+  NonceOverflow: 'Nonce overflow.',
+  NotHostPort: '"{1}" is not a valid host:port for {0}.',
+  NotInitialized: 'Not initialized.',
+  NotIp: '"{0}" is not a valid IP address.',
+  NotIpPort: '"{1}" is not a valid IP:port for {0}.',
+  OnlySystemContract: 'Only callable by system contract.',
+  OnlyValidator: 'Only callable by a validator.',
+  OrderDoesNotExist: 'Order does not exist.',
+  OrderNotStale: 'Order is not stale.',
+  PairAlreadyExists: 'Pair already exists.',
+  PairDoesNotExist: 'Pair does not exist.',
+  PermitExpired: 'Permit has expired.',
+  PolicyForbids: 'Forbidden by policy.',
+  PolicyNotFound: 'Policy not found.',
+  PolicyNotSimple: 'Policy is not a simple policy.',
+  PoolDoesNotExist: 'Pool does not exist.',
+  ProofOfWorkFailed: 'Proof of work failed.',
+  ProtectedAddress: 'Address is protected.',
+  ProtocolNonceNotSupported: 'Protocol nonce is not supported.',
+  PublicKeyAlreadyExists: 'Public key already exists.',
+  SignatureTypeMismatch: 'Signature type mismatch. Expected {0}, got {1}.',
+  SpendingLimitExceeded: 'Spending limit exceeded.',
+  StringTooLong: 'String is too long.',
+  SupplyCapExceeded: 'Supply cap exceeded.',
+  TickOutOfBounds: 'Tick {0} is out of bounds.',
+  TokenAlreadyExists: 'Token {0} already exists.',
+  TokenPolicyForbids: 'Forbidden by token policy.',
+  TransfersDisabled: 'Transfers are disabled.',
+  Unauthorized: 'Unauthorized.',
+  UnauthorizedCaller: 'Unauthorized caller.',
+  Uninitialized: 'Uninitialized.',
+  ValidatorAlreadyDeactivated: 'Validator is already deactivated.',
+  ValidatorAlreadyExists: 'Validator already exists.',
+  ValidatorNotFound: 'Validator not found.',
+  VirtualAddressNotAllowed: 'Virtual address is not allowed.',
+  VirtualAddressUnregistered: 'Virtual address is not registered.',
+  ZeroPublicKey: 'Public key cannot be zero.',
+}
+
+/** Interpolate `{0}`, `{1}`, … placeholders with args. */
+function interpolate(template: string, args?: readonly unknown[]): string {
+  if (!args) return template
+  return template.replace(/\{(\d+)\}/g, (_, i) => {
+    const v = args[Number(i)]
+    return v === undefined ? `{${i}}` : String(v)
+  })
+}
+
+/** Parse a viem error into a structured execution error. */
+export function parse(error: Error): ExecutionError {
+  const raw =
+    (error as { details?: string }).details ??
+    (error as { shortMessage?: string }).shortMessage ??
+    error.message
+
+  const data = extractRevertData(error)
+  if (data) {
+    try {
+      const decoded = decodeErrorResult({ abi: Abis.abis, data })
+      const template = messages[decoded.errorName as AbiErrorName]
+      return {
+        ...decoded,
+        data,
+        message: template
+          ? interpolate(template, decoded.args as readonly unknown[])
+          : raw.replace(/^execution reverted:\s*/i, ''),
+      } as never
+    } catch {}
+  }
+
+  // Fallback: extract error name from human-readable revert message.
+  const nameMatch = /:\s*(\w+)\(\w+/.exec(raw)
+  const errorName = nameMatch?.[1]
+  if (errorName && errorName in messages)
+    return { errorName: 'unknown', message: messages[errorName as AbiErrorName]! }
+
+  return {
+    errorName: 'unknown',
+    message: raw.replace(/^execution reverted:\s*/i, ''),
+  }
+}
+
+/** Serializes an ExecutionError for RPC transport (bigints/numbers → hex). */
+export function serialize(preimage: ExecutionError): Rpc {
+  if (preimage.errorName === 'unknown') return { errorName: 'unknown', message: preimage.message }
+  return {
+    errorName: preimage.errorName,
+    abiItem: preimage.abiItem,
+    message: preimage.message,
+    data: preimage.data,
+  } as never
+}
+
+function extractRevertData(error: unknown): Hex | null {
+  if (!error || typeof error !== 'object') return null
+  const e = error as Record<string, unknown>
+  if (typeof e.data === 'string' && e.data.startsWith('0x')) return e.data as Hex
+  if (e.cause) return extractRevertData(e.cause)
+  if (e.error) return extractRevertData(e.error)
+  if (typeof e.walk === 'function') {
+    const inner = (e as { walk: (fn: (e: unknown) => boolean) => unknown }).walk(
+      (e) => typeof (e as Record<string, unknown>).data === 'string',
+    )
+    if (inner) return extractRevertData(inner)
+  }
+  return null
+}

package/src/core/Provider.test.ts

@@ -1600,9 +1600,11 @@ describe.each(adapters)('$name', ({ adapter }: (typeof adapters)[number]) => {
 
     beforeAll(async () => {
       server = await createServer(
-        Handler.feePayer({
-          account: feePayerAccount,
+        Handler.relay({
           chains: [chain],
+          feePayer: {
+            account: feePayerAccount,
+          },
           transports: { [chain.id]: http() },
         }).listener,
       )

package/src/core/zod/rpc.ts

@@ -150,11 +150,28 @@ export namespace eth_fillTransaction {
     returns: z.object({
       capabilities: z.object({
         balanceDiffs: z.optional(z.record(u.address(), z.readonly(z.array(balanceDiff)))),
-        fee: z.nullable(
+        error: z.optional(
+          z.object({
+            abiItem: z.optional(z.record(z.string(), z.unknown())),
+            data: z.optional(u.hex()),
+            errorName: z.string(),
+            message: z.string(),
+          }),
+        ),
+        fee: z.optional(
+          z.object({
+            amount: u.hex(),
+            decimals: z.number(),
+            formatted: z.string(),
+            symbol: z.string(),
+          }),
+        ),
+        requireFunds: z.optional(
           z.object({
             amount: u.hex(),
             decimals: z.number(),
             formatted: z.string(),
+            token: u.address(),
             symbol: z.string(),
           }),
         ),

package/src/server/CliAuth.test-d.ts

@@ -54,3 +54,9 @@ describe('Store', () => {
     expectTypeOf(CliAuth.Store.memory).returns.toMatchTypeOf<CliAuth.Store>()
   })
 })
+
+describe('from', () => {
+  test('returns the shared CLI auth helper contract', () => {
+    expectTypeOf(CliAuth.from).returns.toMatchTypeOf<CliAuth.CliAuth>()
+  })
+})

package/src/server/CliAuth.test.ts

@@ -170,6 +170,64 @@ async function get<response extends z.ZodMiniType>(
   }
 }
 
+describe('from', () => {
+  test('default: shares defaults across the device-code flow', async () => {
+    const store = CliAuth.Store.memory()
+    const now = () => 1_000
+    const { codeVerifier, request } = await createRequest()
+    const cli = CliAuth.from({
+      chains: [chain],
+      now,
+      random: () => new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7]),
+      store,
+      ttlMs: 30_000,
+    })
+
+    const created = await cli.createDeviceCode({ request })
+    const entry = await store.get(created.code)
+    const authorized = await cli.authorize({
+      request: await authorize(created.code),
+    })
+    const polled = await cli.poll({
+      code: created.code,
+      request: {
+        codeVerifier,
+      },
+    })
+
+    expect(created).toMatchInlineSnapshot(`
+      {
+        "code": "ABCDEFGH",
+      }
+    `)
+    expect(entry).toMatchInlineSnapshot(`
+      {
+        "chainId": 1337n,
+        "code": "ABCDEFGH",
+        "codeChallenge": "NUwjc1h8PuXcsvSOG44Rp4bMayBXnOkriHEJ19CaSQM",
+        "createdAt": 1000,
+        "expiresAt": 31000,
+        "expiry": ${expiry},
+        "keyType": "p256",
+        "limits": [
+          {
+            "limit": 1000n,
+            "token": "0x20c0000000000000000000000000000000000001",
+          },
+        ],
+        "pubKey": "${accessKey.publicKey}",
+        "status": "pending",
+      }
+    `)
+    expect(authorized).toMatchInlineSnapshot(`
+      {
+        "status": "authorized",
+      }
+    `)
+    expect(polled.status).toMatchInlineSnapshot(`"authorized"`)
+  })
+})
+
 describe('createDeviceCode', () => {
   test('default: creates a pending device code', async () => {
     const store = CliAuth.Store.memory()
@@ -256,6 +314,31 @@ describe('createDeviceCode', () => {
     expect(response.status).toMatchInlineSnapshot(`400`)
   })
 
+  test('behavior: handler rejects requests for unconfigured chains', async () => {
+    const handler = Handler.codeAuth({
+      chains: [chain],
+    })
+    const { request } = await createRequest()
+
+    const result = await post(handler, {
+      body: {
+        ...request,
+        chainId: BigInt(chain.id + 1),
+      },
+      request: CliAuth.createRequest,
+      url: 'http://localhost/auth/pkce/code',
+    })
+
+    expect(result).toMatchInlineSnapshot(`
+      {
+        "body": {
+          "error": "Chain 1338 not configured",
+        },
+        "status": 400,
+      }
+    `)
+  })
+
   test('behavior: supports pubkey-only requests with server defaults', async () => {
     const store = CliAuth.Store.memory()
     const now = () => 1_000