kawasekit 0.4.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-6CNAYQOL.js → chunk-7YKRKV6D.js} +18 -4
- package/dist/chunk-7YKRKV6D.js.map +1 -0
- package/dist/{chunk-FD6Q4NB2.js → chunk-NY6VLXQB.js} +137 -32
- package/dist/chunk-NY6VLXQB.js.map +1 -0
- package/dist/{chunk-G3UC6SME.js → chunk-P5563RGP.js} +3 -3
- package/dist/{chunk-G3UC6SME.js.map → chunk-P5563RGP.js.map} +1 -1
- package/dist/{chunk-5TTOAVHE.js → chunk-VJUXTVSW.js} +11 -3
- package/dist/chunk-VJUXTVSW.js.map +1 -0
- package/dist/{chunk-E47SIVFY.js → chunk-X54U6GU4.js} +18 -5
- package/dist/chunk-X54U6GU4.js.map +1 -0
- package/dist/cli/index.cjs +29 -3
- package/dist/cli/index.cjs.map +1 -1
- package/dist/cli/index.js +6 -6
- package/dist/index.cjs +169 -30
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +5 -5
- package/dist/policy/index.cjs +27 -3
- package/dist/policy/index.cjs.map +1 -1
- package/dist/policy/index.d.cts +41 -3
- package/dist/policy/index.d.ts +41 -3
- package/dist/policy/index.js +2 -2
- package/dist/signer/index.cjs +141 -27
- package/dist/signer/index.cjs.map +1 -1
- package/dist/signer/index.d.cts +58 -2
- package/dist/signer/index.d.ts +58 -2
- package/dist/signer/index.js +3 -3
- package/dist/{spending-policy-BD2Mpm-L.d.ts → spending-policy-BBgXDrVD.d.ts} +10 -3
- package/dist/{spending-policy-CGIaBpg-.d.cts → spending-policy-CwXcTFD_.d.cts} +10 -3
- package/dist/x402/index.cjs.map +1 -1
- package/dist/x402/index.js +2 -2
- package/package.json +1 -1
- package/dist/chunk-5TTOAVHE.js.map +0 -1
- package/dist/chunk-6CNAYQOL.js.map +0 -1
- package/dist/chunk-E47SIVFY.js.map +0 -1
- package/dist/chunk-FD6Q4NB2.js.map +0 -1
|
@@ -1,5 +1,6 @@
|
|
|
1
|
+
import { normalizeRecipientAllowlist } from './chunk-7YKRKV6D.js';
|
|
1
2
|
import { jpycAbi } from './chunk-KT7XDT2T.js';
|
|
2
|
-
import { toCallPolicy, ParamCondition,
|
|
3
|
+
import { CallPolicyVersion, toCallPolicy, ParamCondition, toRateLimitPolicy } from '@zerodev/permissions/policies';
|
|
3
4
|
|
|
4
5
|
var ONE_DAY_SECONDS = 86400;
|
|
5
6
|
function createJpycDailyLimitPolicies(params) {
|
|
@@ -13,6 +14,17 @@ function createJpycDailyLimitPolicies(params) {
|
|
|
13
14
|
`createJpycDailyLimitPolicies: maxTransfersPerDay must be a positive integer, got ${params.maxTransfersPerDay}.`
|
|
14
15
|
);
|
|
15
16
|
}
|
|
17
|
+
const recipients = params.recipientAllowlist === void 0 || params.recipientAllowlist === "any" ? null : normalizeRecipientAllowlist(params.recipientAllowlist);
|
|
18
|
+
if (recipients !== null && recipients.length === 0) {
|
|
19
|
+
throw new Error(
|
|
20
|
+
'createJpycDailyLimitPolicies: recipientAllowlist must not be empty \u2014 omit it or pass "any" to allow any recipient.'
|
|
21
|
+
);
|
|
22
|
+
}
|
|
23
|
+
if (recipients !== null && params.callPolicyVersion === CallPolicyVersion.V0_0_1) {
|
|
24
|
+
throw new Error(
|
|
25
|
+
"createJpycDailyLimitPolicies: recipientAllowlist requires callPolicyVersion V0_0_2 or later (the ONE_OF condition is unsupported on V0_0_1)."
|
|
26
|
+
);
|
|
27
|
+
}
|
|
16
28
|
const callPolicy = toCallPolicy({
|
|
17
29
|
policyVersion: params.callPolicyVersion ?? CallPolicyVersion.V0_0_4,
|
|
18
30
|
permissions: [
|
|
@@ -21,8 +33,9 @@ function createJpycDailyLimitPolicies(params) {
|
|
|
21
33
|
abi: jpycAbi,
|
|
22
34
|
functionName: "transfer",
|
|
23
35
|
args: [
|
|
24
|
-
// Recipient:
|
|
25
|
-
|
|
36
|
+
// Recipient (`to`): unrestricted (`null`) unless an allowlist resolved
|
|
37
|
+
// above, in which case it is constrained via the ONE_OF condition.
|
|
38
|
+
recipients === null ? null : { condition: ParamCondition.ONE_OF, value: recipients },
|
|
26
39
|
// value: must be ≤ maxPerTransfer.
|
|
27
40
|
{
|
|
28
41
|
condition: ParamCondition.LESS_THAN_OR_EQUAL,
|
|
@@ -40,5 +53,5 @@ function createJpycDailyLimitPolicies(params) {
|
|
|
40
53
|
}
|
|
41
54
|
|
|
42
55
|
export { ONE_DAY_SECONDS, createJpycDailyLimitPolicies };
|
|
43
|
-
//# sourceMappingURL=chunk-
|
|
44
|
-
//# sourceMappingURL=chunk-
|
|
56
|
+
//# sourceMappingURL=chunk-X54U6GU4.js.map
|
|
57
|
+
//# sourceMappingURL=chunk-X54U6GU4.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/policy/daily-limit.ts"],"names":[],"mappings":";;;;AAiCO,IAAM,eAAA,GAAkB;AA2ExB,SAAS,6BACf,MAAA,EAC4B;AAC5B,EAAA,IAAI,MAAA,CAAO,kBAAkB,EAAA,EAAI;AAChC,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,mEAAA,EAAsE,OAAO,cAAc,CAAA,CAAA;AAAA,KAC5F;AAAA,EACD;AACA,EAAA,IAAI,CAAC,OAAO,SAAA,CAAU,MAAA,CAAO,kBAAkB,CAAA,IAAK,MAAA,CAAO,qBAAqB,CAAA,EAAG;AAClF,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,iFAAA,EAAoF,OAAO,kBAAkB,CAAA,CAAA;AAAA,KAC9G;AAAA,EACD;AAKA,EAAA,MAAM,UAAA,GACL,MAAA,CAAO,kBAAA,KAAuB,MAAA,IAAa,MAAA,CAAO,uBAAuB,KAAA,GACtE,IAAA,GACA,2BAAA,CAA4B,MAAA,CAAO,kBAAkB,CAAA;AACzD,EAAA,IAAI,UAAA,KAAe,IAAA,IAAQ,UAAA,CAAW,MAAA,KAAW,CAAA,EAAG;AACnD,IAAA,MAAM,IAAI,KAAA;AAAA,MACT;AAAA,KACD;AAAA,EACD;AAIA,EAAA,IAAI,UAAA,KAAe,IAAA,IAAQ,MAAA,CAAO,iBAAA,KAAsB,kBAAkB,MAAA,EAAQ;AACjF,IAAA,MAAM,IAAI,KAAA;AAAA,MACT;AAAA,KACD;AAAA,EACD;AAEA,EAAA,MAAM,aAAa,YAAA,CAAa;AAAA,IAC/B,aAAA,EAAe,MAAA,CAAO,iBAAA,IAAqB,iBAAA,CAAkB,MAAA;AAAA,IAC7D,WAAA,EAAa;AAAA,MACZ;AAAA,QACC,QAAQ,MAAA,CAAO,WAAA;AAAA,QACf,GAAA,EAAK,OAAA;AAAA,QACL,YAAA,EAAc,UAAA;AAAA,QACd,IAAA,EAAM;AAAA;AAAA;AAAA,UAGL,UAAA,KAAe,OAAO,IAAA,GAAO,EAAE,WAAW,cAAA,CAAe,MAAA,EAAQ,OAAO,UAAA,EAAW;AAAA;AAAA,UAEnF;AAAA,YACC,WAAW,cAAA,CAAe,kBAAA;AAAA,YAC1B,OAAO,MAAA,CAAO;AAAA;AACf;AACD;AACD;AACD,GACA,CAAA;AAED,EAAA,MAAM,kBAAkB,iBAAA,CAAkB;AAAA,IACzC,QAAA,EAAU,eAAA;AAAA,IACV,OAAO,MAAA,CAAO;AAAA,GACd,CAAA;AAED,EAAA,OAAO,CAAC,YAAY,eAAe,CAAA;AACpC","file":"chunk-X54U6GU4.js","sourcesContent":["/**\n * Daily-limit spending policy for JPYC, built on ZeroDev's Permission System.\n *\n * Composes two ZeroDev policies:\n * 1. **callPolicy** — locks the session key to `JPYC.transfer(to, value)`\n * with `value ≤ maxPerTransfer`, and — when {@link\n * CreateJpycDailyLimitPoliciesParams.recipientAllowlist} is provided —\n * restricts `to` to the allowlisted recipients (otherwise any recipient is\n * allowed). This is the on-chain enforcement behind the \"pay only registered\n * merchants\" model: a buy-list resolves to its merchants' addresses, which\n * are baked into a disposable session key here.\n * 2. **rateLimitPolicy** — caps userOp count to `maxTransfersPerDay` in any\n * 24-hour rolling window.\n *\n * Effective daily cap = `maxPerTransfer × maxTransfersPerDay`. This is not a\n * cumulative-amount tracker (ZeroDev doesn't ship one), but the agent cannot\n * exceed either dimension, so the spirit of \"daily limit\" holds.\n *\n * @packageDocumentation\n */\n\nimport type { Policy } from \"@zerodev/permissions\";\nimport {\n\tCallPolicyVersion,\n\tParamCondition,\n\ttoCallPolicy,\n\ttoRateLimitPolicy,\n} from \"@zerodev/permissions/policies\";\nimport type { Address } from \"viem\";\nimport { jpycAbi } from \"../tokens/jpyc\";\nimport { normalizeRecipientAllowlist } from \"./normalize-allowlist\";\n\n/** One day in seconds — the period for {@link createJpycDailyLimitPolicies}. */\nexport const ONE_DAY_SECONDS = 86_400;\n\n/** Parameters for {@link createJpycDailyLimitPolicies}. */\nexport interface CreateJpycDailyLimitPoliciesParams {\n\t/** JPYC contract address on the target chain. */\n\treadonly jpycAddress: Address;\n\t/** Maximum JPYC (in raw units) the session key may move in one transfer. */\n\treadonly maxPerTransfer: bigint;\n\t/** Maximum number of transfer userOps the session key may submit per day. */\n\treadonly maxTransfersPerDay: number;\n\t/**\n\t * ZeroDev callPolicy on-chain version. Defaults to V0_0_4 (latest at the\n\t * time of writing). Bump only after auditing the new version's semantics.\n\t */\n\treadonly callPolicyVersion?: CallPolicyVersion;\n\t/**\n\t * Recipient restriction. An address list restricts the session key to\n\t * `transfer` JPYC only to those recipients (enforced on-chain via the\n\t * callPolicy `to` argument, condition `ONE_OF`); every other recipient is\n\t * rejected before any funds move. `\"any\"` (or omitting the field) leaves the\n\t * recipient unrestricted.\n\t *\n\t * The type mirrors the off-chain {@link SpendingPolicy.recipientAllowlist}\n\t * (`Address[] | \"any\"`) so a buy-list's resolved allowlist can feed both the\n\t * off-chain and on-chain policy paths unchanged. Two **deliberate** differences\n\t * from that sibling, forced by on-chain semantics:\n\t * - it is **optional** here (omitted = `\"any\"`) for backward compatibility —\n\t * the pre-allowlist policy left the recipient unrestricted;\n\t * - an **empty** array `[]` **throws** (rather than meaning deny-all as it does\n\t * off-chain) — an on-chain allowlist cannot encode \"match nothing\"; omit it\n\t * or pass `\"any\"` for unrestricted, or list ≥1 recipient.\n\t *\n\t * Entries are checksum-normalized and de-duplicated (shared with the off-chain\n\t * path via {@link normalizeRecipientAllowlist}). An address list requires\n\t * `callPolicyVersion` ≥ `V0_0_2` (the `ONE_OF` condition is unsupported on\n\t * `V0_0_1`); the default `V0_0_4` is fine.\n\t */\n\treadonly recipientAllowlist?: readonly Address[] | \"any\";\n}\n\n/**\n * Builds the ZeroDev policy bundle that enforces a JPYC daily spend limit.\n *\n * Plug the returned policies into `toPermissionValidator({ policies, … })`\n * — see {@link createAgentSmartAccount} for the common wiring.\n *\n * @example\n * ```ts\n * import { parseUnits } from \"viem\";\n * import {\n * createJpycDailyLimitPolicies,\n * getJpycAddress,\n * JPYC_DECIMALS,\n * polygonAmoy,\n * } from \"kawasekit\";\n *\n * const policies = createJpycDailyLimitPolicies({\n * jpycAddress: getJpycAddress(polygonAmoy.id),\n * maxPerTransfer: parseUnits(\"100\", JPYC_DECIMALS), // 100 JPYC / tx\n * maxTransfersPerDay: 10, // 10 tx / day\n * // effective daily cap = 1000 JPYC\n * });\n * ```\n *\n * @example Restrict the session key to a buy-list's merchants only\n * ```ts\n * const policies = createJpycDailyLimitPolicies({\n * jpycAddress: getJpycAddress(polygonAmoy.id),\n * maxPerTransfer: parseUnits(\"100\", JPYC_DECIMALS),\n * maxTransfersPerDay: 5,\n * // on-chain: any transfer to a non-allowlisted address reverts before funds move\n * recipientAllowlist: [merchantA, merchantB],\n * });\n * ```\n */\nexport function createJpycDailyLimitPolicies(\n\tparams: CreateJpycDailyLimitPoliciesParams,\n): readonly [Policy, Policy] {\n\tif (params.maxPerTransfer <= 0n) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxPerTransfer must be positive, got ${params.maxPerTransfer}.`,\n\t\t);\n\t}\n\tif (!Number.isInteger(params.maxTransfersPerDay) || params.maxTransfersPerDay < 1) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxTransfersPerDay must be a positive integer, got ${params.maxTransfersPerDay}.`,\n\t\t);\n\t}\n\t// Resolve the recipient constraint up-front. Omitted or \"any\" => unrestricted\n\t// (a `null` arg); an address list => checksum-normalized + de-duped (shared\n\t// with the off-chain SpendingPolicy). Unlike off-chain, an empty list is a\n\t// caller bug here — an on-chain allowlist cannot encode \"deny all\".\n\tconst recipients =\n\t\tparams.recipientAllowlist === undefined || params.recipientAllowlist === \"any\"\n\t\t\t? null\n\t\t\t: normalizeRecipientAllowlist(params.recipientAllowlist);\n\tif (recipients !== null && recipients.length === 0) {\n\t\tthrow new Error(\n\t\t\t'createJpycDailyLimitPolicies: recipientAllowlist must not be empty — omit it or pass \"any\" to allow any recipient.',\n\t\t);\n\t}\n\t// The ONE_OF condition (used to encode an address list) is only supported by\n\t// the V0_0_2+ CallPolicy contract; catch the incompatible combination here\n\t// with a typed message rather than a bare error from deep inside toCallPolicy.\n\tif (recipients !== null && params.callPolicyVersion === CallPolicyVersion.V0_0_1) {\n\t\tthrow new Error(\n\t\t\t\"createJpycDailyLimitPolicies: recipientAllowlist requires callPolicyVersion V0_0_2 or later (the ONE_OF condition is unsupported on V0_0_1).\",\n\t\t);\n\t}\n\n\tconst callPolicy = toCallPolicy({\n\t\tpolicyVersion: params.callPolicyVersion ?? CallPolicyVersion.V0_0_4,\n\t\tpermissions: [\n\t\t\t{\n\t\t\t\ttarget: params.jpycAddress,\n\t\t\t\tabi: jpycAbi,\n\t\t\t\tfunctionName: \"transfer\",\n\t\t\t\targs: [\n\t\t\t\t\t// Recipient (`to`): unrestricted (`null`) unless an allowlist resolved\n\t\t\t\t\t// above, in which case it is constrained via the ONE_OF condition.\n\t\t\t\t\trecipients === null ? null : { condition: ParamCondition.ONE_OF, value: recipients },\n\t\t\t\t\t// value: must be ≤ maxPerTransfer.\n\t\t\t\t\t{\n\t\t\t\t\t\tcondition: ParamCondition.LESS_THAN_OR_EQUAL,\n\t\t\t\t\t\tvalue: params.maxPerTransfer,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t});\n\n\tconst rateLimitPolicy = toRateLimitPolicy({\n\t\tinterval: ONE_DAY_SECONDS,\n\t\tcount: params.maxTransfersPerDay,\n\t});\n\n\treturn [callPolicy, rateLimitPolicy] as const;\n}\n"]}
|
package/dist/cli/index.cjs
CHANGED
|
@@ -698,6 +698,20 @@ async function transferJpyc(kernelClient, params) {
|
|
|
698
698
|
success: receipt.success
|
|
699
699
|
};
|
|
700
700
|
}
|
|
701
|
+
function normalizeRecipientAllowlist(allowlist) {
|
|
702
|
+
const seen = /* @__PURE__ */ new Set();
|
|
703
|
+
const normalized = [];
|
|
704
|
+
for (const entry of allowlist) {
|
|
705
|
+
const checksummed = viem.getAddress(entry);
|
|
706
|
+
if (!seen.has(checksummed)) {
|
|
707
|
+
seen.add(checksummed);
|
|
708
|
+
normalized.push(checksummed);
|
|
709
|
+
}
|
|
710
|
+
}
|
|
711
|
+
return normalized;
|
|
712
|
+
}
|
|
713
|
+
|
|
714
|
+
// src/policy/daily-limit.ts
|
|
701
715
|
var ONE_DAY_SECONDS = 86400;
|
|
702
716
|
function createJpycDailyLimitPolicies(params) {
|
|
703
717
|
if (params.maxPerTransfer <= 0n) {
|
|
@@ -710,6 +724,17 @@ function createJpycDailyLimitPolicies(params) {
|
|
|
710
724
|
`createJpycDailyLimitPolicies: maxTransfersPerDay must be a positive integer, got ${params.maxTransfersPerDay}.`
|
|
711
725
|
);
|
|
712
726
|
}
|
|
727
|
+
const recipients = params.recipientAllowlist === void 0 || params.recipientAllowlist === "any" ? null : normalizeRecipientAllowlist(params.recipientAllowlist);
|
|
728
|
+
if (recipients !== null && recipients.length === 0) {
|
|
729
|
+
throw new Error(
|
|
730
|
+
'createJpycDailyLimitPolicies: recipientAllowlist must not be empty \u2014 omit it or pass "any" to allow any recipient.'
|
|
731
|
+
);
|
|
732
|
+
}
|
|
733
|
+
if (recipients !== null && params.callPolicyVersion === policies.CallPolicyVersion.V0_0_1) {
|
|
734
|
+
throw new Error(
|
|
735
|
+
"createJpycDailyLimitPolicies: recipientAllowlist requires callPolicyVersion V0_0_2 or later (the ONE_OF condition is unsupported on V0_0_1)."
|
|
736
|
+
);
|
|
737
|
+
}
|
|
713
738
|
const callPolicy = policies.toCallPolicy({
|
|
714
739
|
policyVersion: params.callPolicyVersion ?? policies.CallPolicyVersion.V0_0_4,
|
|
715
740
|
permissions: [
|
|
@@ -718,8 +743,9 @@ function createJpycDailyLimitPolicies(params) {
|
|
|
718
743
|
abi: jpycAbi,
|
|
719
744
|
functionName: "transfer",
|
|
720
745
|
args: [
|
|
721
|
-
// Recipient:
|
|
722
|
-
|
|
746
|
+
// Recipient (`to`): unrestricted (`null`) unless an allowlist resolved
|
|
747
|
+
// above, in which case it is constrained via the ONE_OF condition.
|
|
748
|
+
recipients === null ? null : { condition: policies.ParamCondition.ONE_OF, value: recipients },
|
|
723
749
|
// value: must be ≤ maxPerTransfer.
|
|
724
750
|
{
|
|
725
751
|
condition: policies.ParamCondition.LESS_THAN_OR_EQUAL,
|
|
@@ -1643,7 +1669,7 @@ function registerTransferCommand(program2) {
|
|
|
1643
1669
|
}
|
|
1644
1670
|
|
|
1645
1671
|
// cli/index.ts
|
|
1646
|
-
var CLI_VERSION = "0.
|
|
1672
|
+
var CLI_VERSION = "0.6.0" ;
|
|
1647
1673
|
var program = new commander.Command();
|
|
1648
1674
|
program.name("kawasekit").description(
|
|
1649
1675
|
"kawasekit \u2014 CLI for the kawasekit SDK (AI-agent stablecoin payments, Japan-first, JPYC-native)."
|