ethagent 1.1.1 → 2.0.0

package/src/identity/hub/effects/shared/sync.ts

@@ -0,0 +1,190 @@
+import { getAddress, type Address } from 'viem'
+import type { EthagentIdentity } from '../../../../storage/config.js'
+import {
+  createErc8004PublicClient,
+  type Erc8004RegistryConfig,
+} from '../../../registry/erc8004.js'
+import {
+  OPERATOR_VAULT_ABI,
+  encodeSetMetadataOperator,
+  readMetadataOperators,
+} from '../../../registry/operatorVault.js'
+import {
+  sendBrowserWalletTransaction,
+  type WalletPurpose,
+} from '../../../wallet/browserWallet.js'
+import {
+  computeApprovalDiff,
+  encodeResolverApprovalChanges,
+  verifyResolverApprovalsLanded,
+  type ApprovalDiff,
+} from '../../reconciliation/index.js'
+import { normalizeApprovedOperatorWallets } from '../../operatorWallets.js'
+import { readOwnerAddressField } from '../../../identityCompat.js'
+import { localContinuitySnapshotContentHashes } from '../../../continuity/storage.js'
+import { updatePublishedContinuitySnapshotContentHashes } from '../../../continuity/snapshots.js'
+import type { EffectCallbacks } from '../types.js'
+import { awaitConfirmedReceipt, awaitOptionalReceipt } from '../receipts.js'
+import { createMainnetEnsPublicClient } from '../ens/transactions.js'
+
+export function resolverSyncWarningMessage(err: unknown): string {
+  return err instanceof Error ? err.message : String(err)
+}
+
+export function appendResolverSyncWarning(message: string, warning: string | null): string {
+  if (!warning) return message
+  return `${message}\n\nWarning: ${warning}`
+}
+
+export async function syncResolverApprovalsAfterOwnerSave(args: {
+  beforeIdentity: EthagentIdentity
+  afterIdentity: EthagentIdentity
+  registry: Erc8004RegistryConfig
+  vaultAddress?: Address
+  callbacks: EffectCallbacks
+}): Promise<void> {
+  const beforeState = (args.beforeIdentity.state ?? {}) as Record<string, unknown>
+  const afterState = (args.afterIdentity.state ?? {}) as Record<string, unknown>
+  const ensName = typeof afterState.ensName === 'string' ? afterState.ensName.trim() : ''
+  const before = normalizeApprovedOperatorWallets(beforeState.approvedOperatorWallets)
+  const after = normalizeApprovedOperatorWallets(afterState.approvedOperatorWallets)
+  const diff = computeApprovalDiff(before, after)
+  if (diff.added.length === 0 && diff.removed.length === 0) return
+
+  const ownerAddressRaw = readOwnerAddressField(afterState) ?? args.afterIdentity.ownerAddress ?? args.afterIdentity.address
+  const ownerAddress = getAddress(ownerAddressRaw)
+
+  if (ensName) {
+    let encoded
+    try {
+      encoded = await encodeResolverApprovalChanges({ ensName, diff })
+    } catch {
+      encoded = null
+    }
+    if (encoded) {
+      const purpose: WalletPurpose = diff.removed.length > 0 && diff.added.length === 0
+        ? 'revoke-operator-wallet-resolver'
+        : 'authorize-operator-wallet-resolver'
+
+      const tx = await sendBrowserWalletTransaction({
+        chainId: 1,
+        expectedAccount: ownerAddress,
+        to: encoded.resolverAddress,
+        data: encoded.data,
+        onReady: args.callbacks.onWalletReady,
+        purpose,
+      })
+      args.callbacks.onWalletReady(null)
+      const client = createMainnetEnsPublicClient()
+      await awaitOptionalReceipt(client, tx.txHash, 'Resolver delegation sync')
+      await verifyResolverApprovalsLanded({
+        ensName,
+        ownerAddress: ownerAddress,
+        resolverAddress: encoded.resolverAddress,
+        added: encoded.added,
+        removed: encoded.removed,
+        client,
+      })
+    }
+  }
+
+  await syncVaultMetadataOperatorsAfterOwnerSave({
+    afterIdentity: args.afterIdentity,
+    registry: args.registry,
+    vaultAddress: args.vaultAddress,
+    diff,
+    ownerAddress,
+    callbacks: args.callbacks,
+  })
+}
+
+export async function syncVaultMetadataOperatorsAfterOwnerSave(args: {
+  afterIdentity: EthagentIdentity
+  registry: Erc8004RegistryConfig
+  vaultAddress: Address | undefined
+  diff: ApprovalDiff
+  ownerAddress: Address
+  callbacks: EffectCallbacks
+}): Promise<void> {
+  if (!args.vaultAddress) return
+  const agentIdRaw = args.afterIdentity.agentId
+  if (!agentIdRaw) return
+  const agentId = BigInt(agentIdRaw)
+  const registryAddress = getAddress(args.registry.identityRegistryAddress)
+  const vaultAddress = getAddress(args.vaultAddress)
+  const probeClient = createErc8004PublicClient(args.registry)
+  let depositor: Address | undefined
+  try {
+    depositor = await probeClient.readContract({
+      address: vaultAddress,
+      abi: OPERATOR_VAULT_ABI,
+      functionName: 'agentOwner',
+      args: [registryAddress, agentId],
+    }) as Address
+  } catch {
+    depositor = undefined
+  }
+  if (!depositor || depositor.toLowerCase() !== args.ownerAddress.toLowerCase()) return
+
+  const operations: Array<{ operator: Address; approved: boolean }> = []
+  for (const operator of args.diff.added) operations.push({ operator: getAddress(operator), approved: true })
+  for (const operator of args.diff.removed) operations.push({ operator: getAddress(operator), approved: false })
+  if (operations.length === 0) return
+
+  for (const op of operations) {
+    const encoded = encodeSetMetadataOperator({
+      registry: registryAddress,
+      agentId,
+      operator: op.operator,
+      approved: op.approved,
+      vaultAddress,
+    })
+    const tx = await sendBrowserWalletTransaction({
+      chainId: args.registry.chainId,
+      expectedAccount: args.ownerAddress,
+      to: encoded.to,
+      data: encoded.data,
+      onReady: args.callbacks.onWalletReady,
+      purpose: 'sync-operator-vault',
+    })
+    args.callbacks.onWalletReady(null)
+    await awaitConfirmedReceipt(probeClient, tx.txHash, 'Vault operator sync')
+  }
+
+  const VERIFY_MAX_ATTEMPTS = 5
+  const VERIFY_DELAY_MS = 1500
+  let lastMismatch: { op: typeof operations[number]; observed: boolean } | undefined
+  for (let attempt = 0; attempt < VERIFY_MAX_ATTEMPTS; attempt++) {
+    if (attempt > 0) await new Promise(resolve => setTimeout(resolve, VERIFY_DELAY_MS))
+    const final = await readMetadataOperators({
+      client: probeClient,
+      vaultAddress,
+      registry: registryAddress,
+      agentId,
+      candidates: operations.map(o => o.operator),
+    })
+    lastMismatch = undefined
+    for (const op of operations) {
+      const observed = Boolean(final[op.operator])
+      if (observed !== op.approved) {
+        lastMismatch = { op, observed }
+        break
+      }
+    }
+    if (!lastMismatch) return
+  }
+  if (lastMismatch) {
+    throw new Error(
+      lastMismatch.op.approved
+        ? `Vault operator authorization didn't land for ${lastMismatch.op.operator}. Your wallet may have rejected the inner transaction; retry the save to apply it.`
+        : `Vault operator revocation didn't land for ${lastMismatch.op.operator}. Your wallet may have rejected the inner transaction; retry the save to apply it.`,
+    )
+  }
+}
+
+export async function markCurrentContinuityFilesPublished(identity: EthagentIdentity): Promise<void> {
+  const cid = identity.backup?.cid
+  if (!cid) return
+  const contentHashes = await localContinuitySnapshotContentHashes(identity)
+  await updatePublishedContinuitySnapshotContentHashes(identity, cid, contentHashes).catch(() => null)
+}

package/src/identity/hub/effects/token-transfer/index.ts

@@ -0,0 +1,6 @@
+export {
+  runTokenTransferSigning,
+  runTokenTransferStorageSubmit,
+  runTokenTransferTargetSubmit,
+  tokenTransferProgressForPhase,
+} from './runTokenTransfer.js'

package/src/identity/hub/effects/token-transfer/progress.ts

@@ -0,0 +1,59 @@
+import { getAddress } from 'viem'
+import type { TokenTransferProgress } from '../types.js'
+
+export function tokenTransferProgressForPhase(
+  phase: TokenTransferProgress['phase'],
+  ownerAddress: string,
+  targetAddress: string,
+): TokenTransferProgress {
+  const sender = getAddress(ownerAddress)
+  const receiver = getAddress(targetAddress)
+  switch (phase) {
+    case 'sender-sign':
+      return {
+        phase,
+        walletRole: 'sender',
+        expectedAddress: sender,
+        title: 'Use Sender Wallet',
+        detail: 'Sign to save a transfer snapshot.',
+        walletAction: 'Sign Snapshot',
+        label: 'Sender Wallet: sign to save the transfer snapshot.',
+      }
+    case 'target-sign':
+      return {
+        phase,
+        walletRole: 'receiver',
+        expectedAddress: receiver,
+        title: 'Use Receiver Wallet',
+        detail: 'Sign so this wallet can restore after it receives the token.',
+        walletAction: 'Sign Restore Access',
+        label: 'Receiver Wallet: sign once to authorize future restore after the token transfer.',
+      }
+    case 'sender-transaction':
+      return {
+        phase,
+        walletRole: 'sender',
+        expectedAddress: sender,
+        title: 'Use Sender Wallet Again',
+        detail: 'Publish the transfer snapshot to the ERC-8004 token URI.',
+        walletAction: 'Update Token URI',
+        label: 'Sender Wallet: sign one ERC-8004 token URI update that points the token at the transfer snapshot.',
+      }
+    case 'pinning':
+      return {
+        phase,
+        walletRole: 'none',
+        title: 'Publishing Snapshot',
+        detail: 'Encrypting and pinning the dual-wallet transfer snapshot.',
+        label: 'Encrypting and pinning the dual-wallet transfer snapshot.',
+      }
+    case 'confirming':
+      return {
+        phase,
+        walletRole: 'none',
+        title: 'Confirming Token URI Update',
+        detail: 'Waiting for the ERC-8004 token URI transaction.',
+        label: 'Confirming the ERC-8004 token URI update.',
+      }
+  }
+}

package/src/identity/hub/effects/token-transfer/runTokenTransfer.ts

@@ -0,0 +1,299 @@
+import { getAddress, isAddress, type Address, type Hex } from 'viem'
+import type { EthagentIdentity } from '../../../../storage/config.js'
+import {
+  createTransferContinuitySnapshotChallenge,
+  createTransferContinuitySnapshotEnvelope,
+  serializeContinuitySnapshotEnvelope,
+  transferSnapshotMetadataFromEnvelope,
+} from '../../../continuity/envelope.js'
+import {
+  continuityAgentSnapshot,
+  continuityVaultStatus,
+  readContinuityFiles,
+  readPublicSkillsFile,
+  writePublicSkillsFile,
+} from '../../../continuity/storage.js'
+import {
+  createAgentCard,
+  defaultPublicSkillsProfile,
+  serializeAgentCard,
+} from '../../../continuity/publicSkills.js'
+import { recordPublishedContinuitySnapshot } from '../../../continuity/snapshots.js'
+import { addToIpfs, DEFAULT_IPFS_API_URL, isPinataUploadUrl } from '../../../storage/ipfs.js'
+import {
+  createErc8004PublicClient,
+  encodeSetAgentUri,
+  preflightSetAgentUri,
+  withEthagentPointers,
+} from '../../../registry/erc8004.js'
+import { resolveValidatedPinataJwt, savePinataJwt } from '../../../storage/pinataJwt.js'
+import { openBrowserWalletSession } from '../../../wallet/browserWallet.js'
+import { resolveEnsAddress } from '../../../ens/ensLookup.js'
+import type { Step } from '../../identityHubReducer.js'
+import type { EffectCallbacks } from '../types.js'
+import { awaitConfirmedReceipt } from '../receipts.js'
+import {
+  assertVerifiedPin,
+  deriveAgentName,
+} from '../shared/profilePrep.js'
+import { operatorsPointerFromState } from '../shared/snapshot.js'
+import { tokenTransferProgressForPhase } from './progress.js'
+import { assertTokenNotInVault } from '../vault/preflight.js'
+
+type BackupMetadata = NonNullable<EthagentIdentity['backup']>
+type PublicSkillsMetadata = NonNullable<EthagentIdentity['publicSkills']>
+
+type TokenTransferResult = {
+  identity: EthagentIdentity
+  snapshotCid: string
+  txHash: Hex
+}
+
+export async function runTokenTransferTargetSubmit(
+  value: string,
+  step: Extract<Step, { kind: 'token-transfer-target' }>,
+  callbacks: EffectCallbacks,
+  options: { signal?: AbortSignal } = {},
+): Promise<void> {
+  if (!step.identity.agentId) throw new Error('Cannot prepare token transfer: identity is missing an agent token ID')
+  const targetHandle = value.trim()
+  if (!targetHandle) throw new Error('Enter the receiver wallet ENS name or 0x address')
+  throwIfTransferAborted(options.signal)
+  await assertTokenNotInVault({ identity: step.identity, registry: step.registry })
+  throwIfTransferAborted(options.signal)
+  callbacks.onStep({ kind: 'token-transfer-resolving', identity: step.identity, registry: step.registry, targetHandle, returnTo: step.returnTo })
+  const targetAddress = await resolveTransferTargetAddress(targetHandle, { signal: options.signal })
+  throwIfTransferAborted(options.signal)
+  const ownerAddress = getAddress(step.identity.ownerAddress ?? step.identity.address)
+  if (targetAddress.toLowerCase() === ownerAddress.toLowerCase()) {
+    throw new Error('Receiver wallet must be different from the sender wallet')
+  }
+  const status = await continuityVaultStatus(step.identity)
+  throwIfTransferAborted(options.signal)
+  if (!status.ready) {
+    throw new Error('Restore local continuity files before preparing a transfer snapshot')
+  }
+  const apiUrl = DEFAULT_IPFS_API_URL
+  let jwt: string | undefined
+  try {
+    jwt = isPinataUploadUrl(apiUrl) ? await resolveValidatedPinataJwt() : undefined
+    throwIfTransferAborted(options.signal)
+  } catch (err: unknown) {
+    throwIfTransferAborted(options.signal)
+    callbacks.onStep({
+      kind: 'token-transfer-storage',
+      identity: step.identity,
+      registry: step.registry,
+      targetHandle,
+      targetAddress,
+      error: (err as Error).message,
+      returnTo: step.returnTo,
+    })
+    return
+  }
+  if (isPinataUploadUrl(apiUrl) && !jwt) {
+    throwIfTransferAborted(options.signal)
+    callbacks.onStep({ kind: 'token-transfer-storage', identity: step.identity, registry: step.registry, targetHandle, targetAddress, returnTo: step.returnTo })
+    return
+  }
+  throwIfTransferAborted(options.signal)
+  callbacks.onStep({ kind: 'token-transfer-signing', identity: step.identity, registry: step.registry, targetHandle, targetAddress, pinataJwt: jwt, returnTo: step.returnTo })
+}
+
+export async function runTokenTransferStorageSubmit(
+  input: string,
+  step: Extract<Step, { kind: 'token-transfer-storage' }>,
+  callbacks: EffectCallbacks,
+): Promise<void> {
+  const { jwt: pinataJwt } = await savePinataJwt(input)
+  callbacks.onStep({
+    kind: 'token-transfer-signing',
+    identity: step.identity,
+    registry: step.registry,
+    targetHandle: step.targetHandle,
+    targetAddress: step.targetAddress,
+    pinataJwt,
+    returnTo: step.returnTo,
+  })
+}
+
+export async function runTokenTransferSigning(
+  step: Extract<Step, { kind: 'token-transfer-signing' }>,
+  callbacks: EffectCallbacks,
+): Promise<TokenTransferResult> {
+  if (!step.identity.agentId) throw new Error('Cannot prepare token transfer: identity is missing an agent token ID')
+  const transferAgentId = step.identity.agentId
+  const ownerAddress = getAddress(step.identity.ownerAddress ?? step.identity.address)
+  const targetAddress = getAddress(step.targetAddress)
+  const token = {
+    chainId: step.registry.chainId,
+    identityRegistryAddress: step.registry.identityRegistryAddress,
+    agentId: transferAgentId,
+  }
+  const senderChallenge = createTransferContinuitySnapshotChallenge({ token, ownerAddress, targetAddress, role: 'sender' })
+  const targetChallenge = createTransferContinuitySnapshotChallenge({ token, ownerAddress, targetAddress, role: 'receiver' })
+
+  const session = await openBrowserWalletSession({ onReady: callbacks.onWalletReady })
+  try {
+
+  callbacks.onTokenTransferProgress?.(tokenTransferProgressForPhase('sender-sign', ownerAddress, targetAddress))
+  const senderSignature = await session.requestSignature({
+    chainId: step.registry.chainId,
+    expectedAccount: ownerAddress,
+    message: senderChallenge,
+    purpose: 'prepare-transfer-sender',
+  })
+
+  callbacks.onTokenTransferProgress?.(tokenTransferProgressForPhase('target-sign', ownerAddress, targetAddress))
+  const targetSignature = await session.requestSignature({
+    chainId: step.registry.chainId,
+    expectedAccount: targetAddress,
+    message: targetChallenge,
+    purpose: 'prepare-transfer-target',
+  })
+
+  callbacks.onTokenTransferProgress?.(tokenTransferProgressForPhase('pinning', ownerAddress, targetAddress))
+  const baseState = (step.identity.state ?? {}) as Record<string, unknown>
+  const state: Record<string, unknown> = {
+    ...baseState,
+    ownerAddress,
+    lastBackedUpAt: new Date().toISOString(),
+  }
+  const nextIdentityForFiles: EthagentIdentity = { ...step.identity, state }
+  const continuityFiles = await readContinuityFiles(nextIdentityForFiles)
+  const publicSkillsJson = await readPublicSkillsFile(nextIdentityForFiles)
+  const publicSkillsPin = await addToIpfs(DEFAULT_IPFS_API_URL, publicSkillsJson, fetch, { pinataJwt: step.pinataJwt })
+  assertVerifiedPin(publicSkillsPin)
+  const agentCardPin = await addToIpfs(
+    DEFAULT_IPFS_API_URL,
+    serializeAgentCard(createAgentCard(defaultPublicSkillsProfile(nextIdentityForFiles))),
+    fetch,
+    { pinataJwt: step.pinataJwt },
+  )
+  assertVerifiedPin(agentCardPin)
+  const envelope = createTransferContinuitySnapshotEnvelope({
+    ownerAddress,
+    ownerWalletSignature: senderSignature.signature,
+    targetAddress,
+    targetWalletSignature: targetSignature.signature,
+    targetHandle: step.targetHandle,
+    token,
+    payload: {
+      agent: continuityAgentSnapshot(nextIdentityForFiles),
+      files: continuityFiles,
+      transcript: [],
+      state,
+    },
+  })
+  const transferSnapshot = transferSnapshotMetadataFromEnvelope(envelope)
+  const statePin = await addToIpfs(DEFAULT_IPFS_API_URL, serializeContinuitySnapshotEnvelope(envelope), fetch, { pinataJwt: step.pinataJwt })
+  assertVerifiedPin(statePin)
+  const snapshotCid = statePin.cid
+  const backup: BackupMetadata = {
+    cid: snapshotCid,
+    createdAt: envelope.createdAt,
+    envelopeVersion: envelope.envelopeVersion,
+    ipfsApiUrl: DEFAULT_IPFS_API_URL,
+    status: 'pinned',
+    ownerAddress,
+    chainId: step.registry.chainId,
+    rpcUrl: step.registry.rpcUrl,
+    identityRegistryAddress: step.registry.identityRegistryAddress,
+    agentId: transferAgentId,
+    ...(transferSnapshot ? { transferSnapshot } : {}),
+  }
+  const publicSkills: PublicSkillsMetadata = {
+    cid: publicSkillsPin.cid,
+    agentCardCid: agentCardPin.cid,
+    updatedAt: envelope.createdAt,
+    status: 'pinned',
+  }
+  const nextName = typeof state.name === 'string' && state.name.trim() ? state.name.trim() : deriveAgentName(step.identity)
+  const nextDescription = typeof state.description === 'string' && state.description.trim() ? state.description.trim() : ''
+  const uploadedImageUri = typeof state.imageUrl === 'string' && state.imageUrl.trim() ? state.imageUrl.trim() : undefined
+  const nextEnsName = typeof state.ensName === 'string' && state.ensName.trim() ? state.ensName.trim() : undefined
+  const registration = withEthagentPointers({
+    type: 'https://eips.ethereum.org/EIPS/eip-8004#registration-v1',
+    name: nextName,
+    ...(nextDescription ? { description: nextDescription } : {}),
+    ...(uploadedImageUri ? { image: uploadedImageUri } : {}),
+  }, {
+    backup: { cid: snapshotCid, envelopeVersion: envelope.envelopeVersion, createdAt: envelope.createdAt, ...(transferSnapshot ? { transferSnapshot } : {}) },
+    publicDiscovery: { skillsCid: publicSkills.cid, agentCardCid: publicSkills.agentCardCid, updatedAt: publicSkills.updatedAt },
+    registration: { chainId: step.registry.chainId, identityRegistryAddress: step.registry.identityRegistryAddress, agentId: transferAgentId },
+    ensName: nextEnsName,
+    operators: operatorsPointerFromState(state, nextEnsName),
+    ownerAddress,
+  })
+  const metadataPin = await addToIpfs(DEFAULT_IPFS_API_URL, JSON.stringify(registration, null, 2), fetch, { pinataJwt: step.pinataJwt })
+  assertVerifiedPin(metadataPin)
+  const metadataCid = metadataPin.cid
+  const agentUri = `ipfs://${metadataCid}`
+  const agentId = BigInt(transferAgentId)
+  await preflightSetAgentUri({
+    ...step.registry,
+    account: ownerAddress,
+    agentId,
+    newUri: agentUri,
+  })
+
+  callbacks.onTokenTransferProgress?.(tokenTransferProgressForPhase('sender-transaction', ownerAddress, targetAddress))
+  const tx = await session.sendTransaction({
+    chainId: step.registry.chainId,
+    expectedAccount: ownerAddress,
+    to: step.registry.identityRegistryAddress,
+    data: encodeSetAgentUri({ agentId, newUri: agentUri }),
+    purpose: 'publish-transfer-snapshot',
+  })
+
+  callbacks.onTokenTransferProgress?.(tokenTransferProgressForPhase('confirming', ownerAddress, targetAddress))
+  const client = createErc8004PublicClient(step.registry)
+  await awaitConfirmedReceipt(client, tx.txHash, 'Token transfer URI publish', { kind: 'token-transfer', chainId: step.registry.chainId })
+  const nextIdentity: EthagentIdentity = {
+    ...step.identity,
+    source: 'erc8004',
+    address: ownerAddress,
+    ownerAddress,
+    chainId: step.registry.chainId,
+    rpcUrl: step.registry.rpcUrl,
+    identityRegistryAddress: step.registry.identityRegistryAddress,
+    agentUri,
+    metadataCid,
+    backup: { ...backup, metadataCid, agentUri, txHash: tx.txHash },
+    publicSkills,
+    state,
+  }
+  await writePublicSkillsFile(nextIdentity, publicSkillsJson)
+  await recordPublishedContinuitySnapshot({ identity: nextIdentity, label: 'published transfer snapshot' }).catch(() => null)
+  callbacks.onTokenTransferProgress?.(null)
+  return {
+    identity: nextIdentity,
+    snapshotCid,
+    txHash: tx.txHash,
+  }
+
+  } finally {
+    await session.close().catch(() => {})
+    callbacks.onWalletReady(null)
+  }
+}
+
+async function resolveTransferTargetAddress(value: string, options: { signal?: AbortSignal } = {}): Promise<Address> {
+  const trimmed = value.trim()
+  throwIfTransferAborted(options.signal)
+  if (isAddress(trimmed, { strict: false })) return getAddress(trimmed)
+  if (!trimmed.includes('.')) throw new Error('Enter a receiver Ethereum address or ENS name')
+  const resolved = await resolveEnsAddress(trimmed, { signal: options.signal })
+  throwIfTransferAborted(options.signal)
+  if (!resolved) throw new Error(`ENS name did not resolve: ${trimmed}`)
+  return getAddress(resolved)
+}
+
+function throwIfTransferAborted(signal: AbortSignal | undefined): void {
+  if (!signal?.aborted) return
+  const err = new Error('token transfer preparation cancelled')
+  err.name = 'AbortError'
+  throw err
+}
+
+export { tokenTransferProgressForPhase } from './progress.js'

package/src/identity/hub/effects/types.ts

@@ -0,0 +1,53 @@
+import type { Address } from 'viem'
+import type { EthagentIdentity } from '../../../storage/config.js'
+import type { BrowserWalletReady } from '../../wallet/browserWallet.js'
+import type { Step } from '../identityHubReducer.js'
+
+export type IdentityCompletionSource = 'create' | 'restore' | 'update'
+
+export type EffectCallbacks = {
+  onStep: (step: Step) => void
+  onWalletReady: (session: BrowserWalletReady | null) => void
+  onIdentityComplete: (identity: EthagentIdentity, message: string, source?: IdentityCompletionSource) => Promise<void>
+  onRestoreProgress?: (progress: RestoreProgress | null) => void
+  onTokenTransferProgress?: (progress: TokenTransferProgress | null) => void
+  onEnsClearProgress?: (progress: EnsClearProgress | null) => void
+  onEnsLinkProgress?: (progress: EnsLinkProgress | null) => void
+  onEnsUpdateProgress?: (progress: EnsUpdateProgress | null) => void
+  onCustodySwitchAdvancedProgress?: (progress: CustodySwitchAdvancedProgress | null) => void
+}
+
+export type RestoreProgress = {
+  phase: 'decrypting' | 'writing' | 'finishing'
+  label: string
+}
+
+export type TokenTransferProgress = {
+  phase: 'sender-sign' | 'target-sign' | 'pinning' | 'sender-transaction' | 'confirming'
+  walletRole: 'sender' | 'receiver' | 'none'
+  title: string
+  detail: string
+  label: string
+  expectedAddress?: Address
+  walletAction?: string
+}
+
+export type EnsClearProgress = {
+  phase: 'records-tx' | 'records-confirming' | 'snapshot-sign' | 'snapshot-tx' | 'snapshot-confirming'
+  label: string
+}
+
+export type EnsLinkProgress = {
+  phase: 'registry-tx' | 'registry-confirming' | 'records-tx' | 'records-confirming' | 'snapshot-sign' | 'snapshot-tx' | 'snapshot-confirming'
+  label: string
+}
+
+export type EnsUpdateProgress = {
+  phase: 'records-tx' | 'records-confirming' | 'snapshot-sign' | 'snapshot-tx' | 'snapshot-confirming'
+  label: string
+}
+
+export type CustodySwitchAdvancedProgress = {
+  phase: 'deploy-tx' | 'deploy-confirming' | 'deposit-tx' | 'deposit-confirming' | 'reconcile-tx' | 'reconcile-confirming'
+  label: string
+}

package/src/identity/hub/effects/vault/preflight.ts

@@ -0,0 +1,50 @@
+import { getAddress, type Address, type PublicClient } from 'viem'
+import type { EthagentIdentity } from '../../../../storage/config.js'
+import { readOperatorVaultAddressField } from '../../../identityCompat.js'
+import { createErc8004PublicClient, type Erc8004RegistryConfig } from '../../../registry/erc8004.js'
+import { isAgentInVault, resolveConfiguredOperatorVaultAddress } from '../../../registry/operatorVault.js'
+import { readCustodyMode } from '../../model/custody.js'
+
+export class OperatorVaultUnavailableError extends Error {
+  constructor(chainId: number) {
+    super(`Operator delegation vault is not deployed for chainId ${chainId}. Switching custody mode is unavailable until a deployment is recorded.`)
+    this.name = 'OperatorVaultUnavailableError'
+  }
+}
+
+export class TokenInVaultError extends Error {
+  constructor(public vaultAddress: Address) {
+    super('Token is in the operator delegation vault. Withdraw it first to prepare a transfer.')
+    this.name = 'TokenInVaultError'
+  }
+}
+
+export async function assertTokenNotInVault(args: {
+  identity: EthagentIdentity
+  registry: Erc8004RegistryConfig
+  operatorVaults?: Readonly<Record<string, string>>
+  client?: Pick<PublicClient, 'readContract'>
+}): Promise<void> {
+  if (!args.identity.agentId) return
+  const vaultAddress = vaultAddressForTransferPreflight(args.identity, args.operatorVaults)
+  if (!vaultAddress) return
+  const client = args.client ?? createErc8004PublicClient(args.registry)
+  const status = await isAgentInVault({
+    client,
+    vaultAddress,
+    registry: getAddress(args.registry.identityRegistryAddress),
+    agentId: BigInt(args.identity.agentId),
+  })
+  if (status.inVault) throw new TokenInVaultError(vaultAddress)
+}
+
+function vaultAddressForTransferPreflight(
+  identity: EthagentIdentity,
+  operatorVaults?: Readonly<Record<string, string>>,
+): Address | undefined {
+  const identityVault = readOperatorVaultAddressField(identity.state as Record<string, unknown> | undefined)
+  if (identityVault) return getAddress(identityVault)
+  if (readCustodyMode(identity.state as Record<string, unknown> | undefined) !== 'advanced') return undefined
+  if (!identity.chainId) return undefined
+  return resolveConfiguredOperatorVaultAddress(operatorVaults, identity.chainId)
+}