accounts 0.8.1 → 0.8.2

package/src/core/Client.ts

@@ -22,8 +22,9 @@ export function fromChainId(
   const { chains, feePayer: feePayerOption, provider, store } = options
   const feePayerUrl = (() => {
     if (feePayerOption === false) return undefined
-    if (typeof feePayerOption === 'string') return feePayerOption
-    return feePayerOption?.url
+    if (typeof feePayerOption === 'string') return normalizeFeePayerUrl(feePayerOption)
+    if (feePayerOption?.url) return normalizeFeePayerUrl(feePayerOption.url)
+    return undefined
   })()
   const precedence = (() => {
     if (typeof feePayerOption === 'object' && feePayerOption !== null)
@@ -87,6 +88,17 @@ function providerTransport(provider: ox_Provider.Provider, base: Transport): Tra
   }
 }
 
+/**
+ * Resolves a fee payer URL to an absolute URL string. Relative paths (e.g.
+ * `/relay`) are resolved against `window.location.origin` when running in a
+ * browser; on the server, relative paths are returned as-is.
+ */
+function normalizeFeePayerUrl(url: string): string {
+  if (url.startsWith('http://') || url.startsWith('https://')) return url
+  if (typeof window !== 'undefined') return new URL(url, window.location.origin).href
+  return url
+}
+
 function feePayerTransport(
   base: Transport,
   url: string,

package/src/core/Provider.test.ts

@@ -642,6 +642,28 @@ describe.each(adapters)('$name', ({ adapter }: (typeof adapters)[number]) => {
     })
   })
 
+  describe('wallet_send', () => {
+    test('error: throws UnsupportedMethodError when adapter has no send action', async () => {
+      const provider = Provider.create({ adapter: adapter(), chains: [chain] })
+      await connect(provider)
+
+      await expect(
+        provider.request({
+          method: 'wallet_send',
+          params: [
+            {
+              to: '0x0000000000000000000000000000000000000001',
+              token: Addresses.pathUsd,
+              value: '1',
+            },
+          ],
+        }),
+      ).rejects.toThrowErrorMatchingInlineSnapshot(
+        `[Provider.UnsupportedMethodError: \`send\` not supported by adapter.]`,
+      )
+    })
+  })
+
   describe('wallet_getCapabilities', () => {
     test('default: returns atomic supported for all chains', async () => {
       const provider = Provider.create({ adapter: adapter() })
@@ -1214,24 +1236,95 @@ describe.each(adapters)('$name', ({ adapter }: (typeof adapters)[number]) => {
   })
 
   describe('wallet_revokeAccessKey', () => {
-    test('default: revokes a granted access key', async () => {
+    test('default: revokes a granted access key on-chain', async () => {
       const provider = Provider.create({ adapter: adapter(), chains: [chain] })
       await connect(provider)
 
       const connected = (await provider.request({ method: 'eth_accounts' }))[0]!
+      await fund(connected)
+
       const { keyAuthorization } = await provider.request({
         method: 'wallet_authorizeAccessKey',
         params: [{ expiry: Expiry.days(1) }],
       })
 
+      // Send a tx to register the key on-chain via keyAuthorization.
+      await provider.request({
+        method: 'eth_sendTransactionSync',
+        params: [{ calls: [transferCall] }],
+      })
+
+      // Key should exist on-chain before revocation.
+      const client = getClient()
+      const before = await Actions.accessKey.getMetadata(client, {
+        account: connected,
+        accessKey: keyAuthorization.address,
+      })
+      expect(before.isRevoked).toBe(false)
+
       await provider.request({
         method: 'wallet_revokeAccessKey',
         params: [{ address: connected, accessKeyAddress: keyAuthorization.address }],
       })
 
-      // After revoking, sendTransactionSync should use root key (still works)
-      const address = (await provider.request({ method: 'eth_accounts' }))[0]!
-      await fund(address)
+      // Key should be revoked on-chain.
+      const after = await Actions.accessKey.getMetadata(client, {
+        account: connected,
+        accessKey: keyAuthorization.address,
+      })
+      expect(after.isRevoked).toBe(true)
+    })
+
+    test('behavior: removes key from local store', async () => {
+      const provider = Provider.create({ adapter: adapter(), chains: [chain] })
+      await connect(provider)
+
+      const connected = (await provider.request({ method: 'eth_accounts' }))[0]!
+      await fund(connected)
+
+      const { keyAuthorization } = await provider.request({
+        method: 'wallet_authorizeAccessKey',
+        params: [{ expiry: Expiry.days(1) }],
+      })
+
+      // Register the key on-chain.
+      await provider.request({
+        method: 'eth_sendTransactionSync',
+        params: [{ calls: [transferCall] }],
+      })
+
+      expect(provider.store.getState().accessKeys).toHaveLength(1)
+
+      await provider.request({
+        method: 'wallet_revokeAccessKey',
+        params: [{ address: connected, accessKeyAddress: keyAuthorization.address }],
+      })
+
+      expect(provider.store.getState().accessKeys).toMatchInlineSnapshot(`[]`)
+    })
+
+    test('behavior: root key still works after revoking access key', async () => {
+      const provider = Provider.create({ adapter: adapter(), chains: [chain] })
+      await connect(provider)
+
+      const connected = (await provider.request({ method: 'eth_accounts' }))[0]!
+      await fund(connected)
+
+      const { keyAuthorization } = await provider.request({
+        method: 'wallet_authorizeAccessKey',
+        params: [{ expiry: Expiry.days(1) }],
+      })
+
+      // Register the key on-chain, then revoke it.
+      await provider.request({
+        method: 'eth_sendTransactionSync',
+        params: [{ calls: [transferCall] }],
+      })
+
+      await provider.request({
+        method: 'wallet_revokeAccessKey',
+        params: [{ address: connected, accessKeyAddress: keyAuthorization.address }],
+      })
 
       const receipt = await provider.request({
         method: 'eth_sendTransactionSync',
@@ -1292,6 +1385,12 @@ describe.each(adapters)('$name', ({ adapter }: (typeof adapters)[number]) => {
       })
       expect(provider.store.getState().accessKeys).toHaveLength(1)
 
+      // Send a tx to register the key on-chain via keyAuthorization.
+      await provider.request({
+        method: 'eth_sendTransactionSync',
+        params: [{ calls: [transferCall] }],
+      })
+
       // Revoke the access key on-chain so the node will reject it.
       const { accessKeys } = provider.store.getState()
       const accessKeyAddress = accessKeys[0]!.address

package/src/core/Provider.ts

@@ -619,6 +619,25 @@ export function create(options: create.Options = {}): create.ReturnType {
                     )) satisfies Rpc.wallet_deposit.Encoded['returns']
                   }
 
+                  case 'wallet_send': {
+                    assertConnected()
+                    if (!actions.send)
+                      throw new ox_Provider.UnsupportedMethodError({
+                        message: '`send` not supported by adapter.',
+                      })
+                    const decoded = request._decoded.params?.[0] ?? {}
+                    const parameters = {
+                      ...decoded,
+                      ...(typeof decoded.feePayer !== 'undefined'
+                        ? { feePayer: resolveFeePayer(decoded.feePayer) }
+                        : {}),
+                    } as Adapter.send.Parameters
+                    return (await actions.send(
+                      parameters,
+                      request,
+                    )) satisfies Rpc.wallet_send.Encoded['returns']
+                  }
+
                   case 'wallet_switchEthereumChain': {
                     const { chainId } = request._decoded.params[0]
                     if (!chains.some((c) => c.id === chainId))

package/src/core/Remote.ts

@@ -210,15 +210,8 @@ export function create(options: create.Options): Remote {
       if (typeof window !== 'undefined') {
         const params = new URLSearchParams(window.location.search)
         const mode = params.get('mode') as State['mode']
-        const chainId = Number(params.get('chainId'))
 
         if (mode) store.setState({ mode })
-
-        if (chainId && provider.store.getState().chainId !== chainId)
-          provider.request({
-            method: 'wallet_switchEthereumChain',
-            params: [{ chainId: Hex.fromNumber(chainId) }],
-          })
       }
     },
 

package/src/core/Schema.test-d.ts

@@ -121,6 +121,22 @@ describe('Encoded', () => {
     }>()
   })
 
+  test('wallet_send', () => {
+    expectTypeOf<Rpc.wallet_send.Encoded>().toMatchTypeOf<{
+      method: 'wallet_send'
+      params:
+        | readonly [
+            {
+              to?: Hex | undefined
+              token?: Hex | undefined
+              value?: string | undefined
+            },
+          ]
+        | undefined
+      returns: { receipt: { transactionHash: Hex } }
+    }>()
+  })
+
   test('wallet_switchEthereumChain', () => {
     expectTypeOf<Rpc.wallet_switchEthereumChain.Encoded>().toEqualTypeOf<{
       method: 'wallet_switchEthereumChain'
@@ -159,7 +175,7 @@ describe('Ox', () => {
 describe('Viem', () => {
   test('is a tuple of all provider methods', () => {
     expectTypeOf<Schema.Viem[0]['Method']>().toEqualTypeOf<'eth_accounts'>()
-    expectTypeOf<Schema.Viem[18]['Method']>().toEqualTypeOf<'wallet_switchEthereumChain'>()
+    expectTypeOf<Schema.Viem[19]['Method']>().toEqualTypeOf<'wallet_switchEthereumChain'>()
   })
 })
 
@@ -186,6 +202,7 @@ describe('Request', () => {
       | 'wallet_deposit'
       | 'wallet_getBalances'
       | 'wallet_revokeAccessKey'
+      | 'wallet_send'
     >()
   })
 

package/src/core/Schema.ts

@@ -93,6 +93,7 @@ export const schema = from([
   Rpc.wallet_getCallsStatus.schema,
   Rpc.wallet_getCapabilities.schema,
   Rpc.wallet_revokeAccessKey.schema,
+  Rpc.wallet_send.schema,
   Rpc.wallet_sendCalls.schema,
   Rpc.wallet_switchEthereumChain.schema,
 ])

package/src/core/adapters/dialog.ts

@@ -166,7 +166,8 @@ export function dialog(options: dialog.Options = {}): Adapter.Adapter {
         const result = await fn(account, keyAuthorization ?? undefined)
         AccessKey.removePending(account, { store })
         return result
-      } catch {
+      } catch (err) {
+        console.warn('[accounts] silent sign with access key failed, removing key:', err)
         AccessKey.remove(account, { store })
         return undefined
       }
@@ -395,6 +396,13 @@ export function dialog(options: dialog.Options = {}): Adapter.Adapter {
           return await provider.request(request)
         },
 
+        async send(params, request) {
+          return await provider.request({
+            ...request,
+            params: [z.encode(Rpc.wallet_send.parameters, params)] as const,
+          })
+        },
+
         async disconnect() {
           store.setState({ accessKeys: [], accounts: [], activeAccount: 0 })
         },

package/src/core/adapters/local.ts

@@ -1,7 +1,8 @@
 import { Address as ox_Address, Hex, Provider as ox_Provider, PublicKey, WebCryptoP256 } from 'ox'
 import { KeyAuthorization, SignatureEnvelope } from 'ox/tempo'
+import { BaseError } from 'viem'
 import { prepareTransactionRequest } from 'viem/actions'
-import { Account as TempoAccount } from 'viem/tempo'
+import { Account as TempoAccount, Actions } from 'viem/tempo'
 
 import * as AccessKey from '../AccessKey.js'
 import * as Account from '../Account.js'
@@ -184,10 +185,26 @@ export function local(options: local.Options): Adapter.Adapter {
           return { accounts, email, keyAuthorization, signature: signature_, username }
         },
         async revokeAccessKey(parameters) {
-          AccessKey.revoke({
-            address: parameters.address,
-            store,
-          })
+          const account = getAccount({ accessKey: false, signable: true })
+          const client = getClient()
+          try {
+            await Actions.accessKey.revoke(client, {
+              account,
+              accessKey: parameters.accessKeyAddress,
+            } as never)
+          } catch (error) {
+            const isKeyNotFound =
+              error instanceof BaseError &&
+              !!error.walk(
+                (e) => (e as { data?: { errorName?: string } }).data?.errorName === 'KeyNotFound',
+              )
+            if (!isKeyNotFound) throw error
+          }
+          store.setState((state) => ({
+            accessKeys: state.accessKeys.filter(
+              (a) => a.address?.toLowerCase() !== parameters.accessKeyAddress.toLowerCase(),
+            ),
+          }))
         },
         async signPersonalMessage({ data, address }) {
           const account = getAccount({ address, signable: true })

package/src/core/zod/rpc.ts

@@ -531,6 +531,34 @@ export namespace wallet_getCallsStatus {
   export type Decoded = Schema.Decoded<typeof schema>
 }
 
+export namespace wallet_send {
+  /** Parameters object for `wallet_send`. */
+  export const parameters = z.object({
+    /**
+     * Fee payer override. `false` to disable the wallet's default fee
+     * payer, a URL string to use a custom fee payer service.
+     */
+    feePayer: z.optional(z.union([z.boolean(), z.string()])),
+    /** Recipient address to pre-fill. */
+    to: z.optional(u.address()),
+    /** Token contract address to pre-fill. Omit to let the user choose. */
+    token: z.optional(u.address()),
+    /** Human-readable amount to pre-fill (e.g. "1.5"). */
+    value: z.optional(z.string()),
+  })
+
+  export const schema = Schema.defineItem({
+    method: z.literal('wallet_send'),
+    params: z.optional(z.readonly(z.tuple([parameters]))),
+    returns: z.object({
+      /** Receipt of the submitted send. */
+      receipt,
+    }),
+  })
+  export type Encoded = Schema.Encoded<typeof schema>
+  export type Decoded = Schema.Decoded<typeof schema>
+}
+
 export namespace wallet_switchEthereumChain {
   export const schema = Schema.defineItem({
     method: z.literal('wallet_switchEthereumChain'),

package/src/server/internal/handlers/relay.test.ts

@@ -281,6 +281,127 @@ describe('behavior: with app-provided feePayer URL', () => {
   })
 })
 
+describe('behavior: with app-provided feePayer URL + autoSwap', () => {
+  let appServer: Server
+  let walletServer: Server
+  let client: ReturnType<typeof getClient<typeof chain>>
+
+  beforeAll(async () => {
+    // App relay sponsors fees AND has `features: 'all'` so it can recover
+    // from InsufficientBalance via autoSwap.
+    appServer = await createServer(
+      relay({
+        chains: [chain],
+        features: 'all',
+        transports: { [chain.id]: http() },
+        feePayer: {
+          account: feePayerAccount,
+          name: 'App Sponsor',
+          url: 'https://app.example.com',
+        },
+      }).listener,
+    )
+
+    // Wallet relay forwards to the app relay; also has features:'all' so its
+    // own fill() can detect upstream `capabilities.error` as InsufficientBalance.
+    walletServer = await createServer(
+      relay({
+        chains: [chain],
+        features: 'all',
+        transports: { [chain.id]: http() },
+      }).listener,
+    )
+
+    client = getClient({ transport: http(walletServer.url) })
+  })
+
+  afterAll(() => {
+    appServer.close()
+    walletServer.close()
+  })
+
+  test('behavior: autoSwap recovers when external feePayer surfaces InsufficientBalance', async () => {
+    const sender = accounts[6]!
+
+    // Token pair + DEX liquidity. Use alphaUsd as the quote token so the
+    // relay can swap alphaUsd → base to cover the deficit.
+    const rpc = getClient({ account: accounts[0]! })
+    const { token: base } = await Actions.token.createSync(rpc, {
+      name: 'External Swap Base',
+      symbol: 'EXTBASE',
+      currency: 'USD',
+      quoteToken: addresses.alphaUsd,
+    })
+    await sendTransactionSync(rpc, {
+      calls: [
+        Actions.token.grantRoles.call({ token: base, role: 'issuer', to: rpc.account!.address }),
+        Actions.token.mint.call({
+          token: base,
+          to: rpc.account!.address,
+          amount: parseUnits('10000', 6),
+        }),
+        Actions.token.mint.call({
+          token: addresses.alphaUsd,
+          to: rpc.account!.address,
+          amount: parseUnits('10000', 6),
+        }),
+        Actions.token.approve.call({
+          token: base,
+          spender: Addresses.stablecoinDex,
+          amount: parseUnits('10000', 6),
+        }),
+        Actions.token.approve.call({
+          token: addresses.alphaUsd,
+          spender: Addresses.stablecoinDex,
+          amount: parseUnits('10000', 6),
+        }),
+      ],
+    })
+    await Actions.dex.createPairSync(rpc, { base })
+    await Actions.dex.placeSync(rpc, {
+      token: base,
+      amount: parseUnits('500', 6),
+      type: 'sell',
+      tick: Tick.fromPrice('1.001'),
+    })
+
+    // Give sender alphaUsd (fee + swap source) but NO base tokens.
+    await Actions.token.mintSync(rpc, {
+      token: addresses.alphaUsd,
+      amount: parseUnits('1000', 6),
+      to: sender.address,
+    })
+    await Actions.fee.setUserToken(getClient({ account: sender }), { token: addresses.alphaUsd })
+
+    // Sender attempts to transfer base via the wallet relay, which forwards
+    // to the app relay. The app relay returns 200 with capabilities.error =
+    // InsufficientBalance and a stub tx; the wallet relay must convert that
+    // into a synthetic throw so its own fill() autoSwap branch can recover.
+    const transferAmount = parseUnits('5', 6)
+    const result = await fillTransaction(client, {
+      account: sender.address,
+      ...Actions.token.transfer.call({
+        token: base,
+        to: accounts[7]!.address,
+        amount: transferAmount,
+      }),
+      feePayer: appServer.url as never,
+    })
+
+    const { transaction, capabilities } = result
+
+    // Tx is filled with the swap calls prepended (approve + buy + transfer).
+    expect(transaction.calls).toHaveLength(3)
+    expect(transaction.feePayerSignature).toBeDefined()
+
+    // autoSwap metadata is surfaced.
+    expect(capabilities?.autoSwap?.slippage).toBe(0.05)
+    expect(capabilities?.autoSwap?.maxIn.symbol).toBe('AlphaUSD')
+    expect(capabilities?.autoSwap?.minOut.symbol).toBe('EXTBASE')
+    expect(capabilities?.autoSwap?.minOut.formatted).toBe('5')
+  })
+})
+
 describe('behavior: chainId path parameter', () => {
   let server: Server
   let client: ReturnType<typeof getClient<typeof chain>>

package/src/server/internal/handlers/relay.ts

@@ -573,10 +573,36 @@ async function fill(
     // @ts-expect-error
     if (result.tx.gas && request.feePayer && !result.tx.feePayerSignature)
       result.tx.gas = Hex.fromNumber(BigInt(result.tx.gas) + 20_000n)
-    const sponsor = (result as Record<string, any>).capabilities?.sponsor as
+    const upstreamCapabilities = (result as { capabilities?: Record<string, unknown> }).capabilities
+    const sponsor = upstreamCapabilities?.sponsor as
       | { address: Address; name?: string; url?: string }
       | undefined
-    return { transaction: Utils.normalizeTempoTransaction(result.tx), sponsor }
+    // External fee-payer relays surface chain reverts (e.g. InsufficientBalance)
+    // inside `capabilities.error` with a stub `tx` instead of throwing. Detect
+    // that here and re-throw so the autoSwap branch below can recover the same
+    // way it does for the direct-chain path.
+    const upstreamError = upstreamCapabilities?.error as
+      | { errorName?: string; message?: string; data?: `0x${string}` }
+      | undefined
+    if (upstreamError?.errorName === 'InsufficientBalance') {
+      const synthetic = new Error(upstreamError.message ?? 'InsufficientBalance')
+      synthetic.name = 'UpstreamRevertError'
+      ;(synthetic as { data?: `0x${string}` | undefined }).data = upstreamError.data
+      throw synthetic
+    }
+    // Reconstruct a `swap` shape from upstream's `capabilities.autoSwap` so the
+    // wallet relay's outer code can re-resolve autoSwap metadata locally —
+    // otherwise upstream-driven swaps are silently dropped from the response.
+    const swap = extractSwapFromCapabilities(upstreamCapabilities?.autoSwap)
+    // The chain's `eth_fillTransaction` doesn't echo back `calls`, so merge
+    // them in from the original request before normalizing — otherwise the
+    // typed envelope built for sponsorship signing throws CallsEmptyError.
+    const mergedTx = mergeCallsFromRequest(result.tx as Record<string, unknown>, request)
+    return {
+      transaction: Utils.normalizeTempoTransaction(mergedTx),
+      sponsor,
+      ...(swap ? { swap } : {}),
+    }
   } catch (error) {
     if (!(error instanceof Error)) throw error
     if (!autoSwap) throw error
@@ -613,8 +639,12 @@ async function fill(
     const sponsor = (result as Record<string, any>).capabilities?.sponsor as
       | { address: Address; name?: string; url?: string }
       | undefined
+    const mergedTx = mergeCallsFromRequest(result.tx as Record<string, unknown>, {
+      ...request,
+      calls: [...swapCalls, ...originalCalls],
+    })
     return {
-      transaction: Utils.normalizeTempoTransaction(result.tx),
+      transaction: Utils.normalizeTempoTransaction(mergedTx),
       sponsor,
       swap: {
         calls: swapCalls,
@@ -1015,3 +1045,75 @@ function buildSwapCalls(
     { to: buy.to, data: buy.data, value: 0n },
   ] as const
 }
+
+/**
+ * Merges the original fill request into the result tx. The chain's
+ * `eth_fillTransaction` returns only the "filled" gas/nonce/fee fields and
+ * omits envelope inputs like `calls`, `chainId`, `validBefore`, `nonceKey`,
+ * `keyData`, `keyType`, `feePayer`. Without these the typed Tempo envelope
+ * built for sponsorship signing throws `CallsEmptyError` or
+ * `Cannot convert undefined to a BigInt` when serializing.
+ *
+ * Result fields take precedence (they are the chain's authoritative filled
+ * values); request fields fill in everything else. Calls are normalized
+ * separately so legacy `to`/`data`/`value` requests are also supported.
+ */
+function mergeCallsFromRequest(
+  resultTx: Record<string, unknown>,
+  request: Record<string, unknown>,
+): Record<string, unknown> {
+  const merged: Record<string, unknown> = { ...request, ...resultTx }
+  const resultCalls = resultTx.calls
+  if (Array.isArray(resultCalls) && resultCalls.length > 0) return merged
+
+  const reqCalls = request.calls
+  if (Array.isArray(reqCalls) && reqCalls.length > 0) {
+    merged.calls = reqCalls
+    return merged
+  }
+
+  const { to, data, value } = request
+  if (typeof to === 'undefined' && typeof data === 'undefined' && typeof value === 'undefined')
+    return merged
+
+  merged.calls = [
+    {
+      ...(typeof to !== 'undefined' ? { to } : {}),
+      ...(typeof data !== 'undefined' ? { data } : {}),
+      ...(typeof value !== 'undefined' ? { value } : {}),
+    },
+  ]
+  return merged
+}
+
+/**
+ * Reconstructs a `swap` shape (matching the inner autoSwap branch's return
+ * value) from an upstream relay's `capabilities.autoSwap`. Used so a wallet
+ * relay forwarding to an external feePayer URL can re-emit autoSwap metadata
+ * locally without losing track of the upstream's swap.
+ */
+function extractSwapFromCapabilities(autoSwap: unknown):
+  | {
+      calls: readonly { to: Address; data: `0x${string}` }[]
+      tokenIn: Address
+      tokenOut: Address
+      amountOut: bigint
+      maxAmountIn: bigint
+    }
+  | undefined {
+  if (!autoSwap || typeof autoSwap !== 'object') return undefined
+  const a = autoSwap as {
+    calls?: readonly { to: Address; data: `0x${string}` }[]
+    maxIn?: { token?: Address; value?: `0x${string}` }
+    minOut?: { token?: Address; value?: `0x${string}` }
+  }
+  if (!a.calls || !a.maxIn?.token || !a.maxIn.value || !a.minOut?.token || !a.minOut.value)
+    return undefined
+  return {
+    calls: a.calls,
+    tokenIn: a.maxIn.token,
+    tokenOut: a.minOut.token,
+    amountOut: BigInt(a.minOut.value),
+    maxAmountIn: BigInt(a.maxIn.value),
+  }
+}