kawasekit 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,10 +1,83 @@
1
- import { Transport, Chain, Address, Hex, PublicClient, LocalAccount, Hash } from 'viem';
1
+ import { LocalAccount, PublicClient, Transport, Chain, Address, Hex, Hash } from 'viem';
2
2
  import { S as SupportedChainId } from './index-2fEOL83n.cjs';
3
3
  import { Policy } from '@zerodev/permissions';
4
+ import { KernelValidator, CreateKernelAccountReturnType, KernelAccountClient } from '@zerodev/sdk';
4
5
  import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
5
- import { KernelAccountClient, CreateKernelAccountReturnType } from '@zerodev/sdk';
6
6
  import { SmartAccount } from 'viem/account-abstraction';
7
7
 
8
+ /**
9
+ * Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
10
+ * permission validator.
11
+ *
12
+ * The owner EOA keeps full control (sudo) and can revoke / rotate the session
13
+ * key at any time. The session key is the day-to-day signer the AI agent
14
+ * holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
15
+ * are enforced at the ERC-4337 validation phase by ZeroDev's
16
+ * `PermissionValidator`. Violating userOps revert before execution — they
17
+ * never spend any of the smart account's funds, and a sponsored bundler
18
+ * cannot be tricked into paying for them either.
19
+ *
20
+ * @packageDocumentation
21
+ */
22
+
23
+ /**
24
+ * Owner = ECDSA convenience XOR a pre-built sudo validator (weighted / passkey / MPC).
25
+ *
26
+ * @remarks Pass a pre-built validator via `sudoValidator`, never via `ownerSigner`.
27
+ * Because ZeroDev's `KernelValidator` structurally extends `LocalAccount`, a validator
28
+ * mis-passed in the `ownerSigner` slot type-checks and would be wrapped as an ECDSA
29
+ * signer (confusing downstream failure) rather than used as the sudo directly.
30
+ */
31
+ type AgentOwner = {
32
+ readonly ownerSigner: LocalAccount;
33
+ readonly sudoValidator?: never;
34
+ } | {
35
+ readonly sudoValidator: KernelValidator;
36
+ readonly ownerSigner?: never;
37
+ };
38
+ /** Parameters for {@link createAgentSmartAccount}. */
39
+ type CreateAgentSmartAccountParams = {
40
+ readonly publicClient: PublicClient<Transport, Chain | undefined>;
41
+ readonly sessionKeySigner: LocalAccount;
42
+ readonly policies: readonly Policy[];
43
+ /** Bind to an existing deployed account (e.g. re-provision after recovery). */
44
+ readonly address?: Address;
45
+ readonly entryPoint?: EntryPointType<"0.7">;
46
+ readonly kernelVersion?: GetKernelVersion<"0.7">;
47
+ } & AgentOwner;
48
+ /**
49
+ * Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
50
+ * validators wired up.
51
+ *
52
+ * @example
53
+ * ```ts
54
+ * import { parseUnits } from "viem";
55
+ * import { privateKeyToAccount } from "viem/accounts";
56
+ * import {
57
+ * createAgentSmartAccount,
58
+ * createJpycDailyLimitPolicies,
59
+ * getJpycAddress,
60
+ * JPYC_DECIMALS,
61
+ * polygonAmoy,
62
+ * } from "kawasekit";
63
+ *
64
+ * const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
65
+ * const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
66
+ *
67
+ * const account = await createAgentSmartAccount({
68
+ * publicClient,
69
+ * ownerSigner: owner,
70
+ * sessionKeySigner: sessionKey,
71
+ * policies: createJpycDailyLimitPolicies({
72
+ * jpycAddress: getJpycAddress(polygonAmoy.id),
73
+ * maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
74
+ * maxTransfersPerDay: 10,
75
+ * }),
76
+ * });
77
+ * ```
78
+ */
79
+ declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
80
+
8
81
  /**
9
82
  * High-level helper: transfer JPYC from a Kernel smart account via a sponsored
10
83
  * UserOp.
@@ -231,22 +304,27 @@ declare class SessionEnvelopeParseError extends Error {
231
304
  */
232
305
 
233
306
  /** Parameters for {@link issueSessionKey}. */
234
- interface IssueSessionKeyParams {
235
- /**
236
- * viem `PublicClient` on the chain the smart account will live on. Its
237
- * `chain.id` MUST be a {@link SupportedChainId} and is recorded in the
238
- * envelope so restore-time mismatches fail fast.
239
- */
307
+ type IssueSessionKeyParams = {
240
308
  readonly publicClient: PublicClient<Transport, Chain>;
241
- /** Owner EOA — retains sudo authority. */
242
- readonly ownerSigner: LocalAccount;
243
- /** Session-key EOA — the day-to-day signer the agent will hold. */
244
309
  readonly sessionKeySigner: LocalAccount;
245
310
  /**
246
- * Policies the session key must satisfy at userOp validation time
247
- * (e.g. {@link createJpycDailyLimitPolicies}).
311
+ * Policies the session key must satisfy at userOp validation time (e.g.
312
+ * {@link createJpycDailyLimitPolicies}). Supply the SAME policies in the SAME
313
+ * order to issue and to revoke (`buildRevokeSessionKeyCall`) — the validator
314
+ * identifier hashes the ordered policy array.
248
315
  */
249
316
  readonly policies: readonly Policy[];
317
+ /** Bind issuance to an existing deployed account (re-provision after recovery). */
318
+ readonly address?: Address;
319
+ /**
320
+ * Weighted-enable seam (RFC-0003 U-B1). Called with the SDK-built permission
321
+ * validator; returns the enable signature for `serializePermissionAccount`'s
322
+ * 3rd arg. Omit for an ECDSA owner (the default single-signer enable). For a
323
+ * weighted sudo this is `approvePlugin(plugin)` + `encodeSignatures([approval], true)`,
324
+ * computed by the caller with their weighted client. A mismatch surfaces on-chain
325
+ * as `EnableNotApproved` at first use.
326
+ */
327
+ readonly approveEnable?: (permissionValidator: KernelValidator) => Promise<Hex>;
250
328
  /** Optional advisory expiry (unix seconds). Recorded in the envelope. */
251
329
  readonly expiresAt?: bigint;
252
330
  /** Optional advisory policy summary for host UI. */
@@ -255,7 +333,7 @@ interface IssueSessionKeyParams {
255
333
  readonly entryPoint?: EntryPointType<"0.7">;
256
334
  /** Kernel version override. Defaults to {@link KERNEL_V3_1}. */
257
335
  readonly kernelVersion?: GetKernelVersion<"0.7">;
258
- }
336
+ } & AgentOwner;
259
337
  /**
260
338
  * Issues a fresh session key for an agent smart account.
261
339
  *
@@ -507,6 +585,45 @@ interface RevokeSessionKeyResult {
507
585
  * ```
508
586
  */
509
587
  declare function revokeSessionKey(params: RevokeSessionKeyParams): Promise<RevokeSessionKeyResult>;
588
+ /** Parameters for {@link buildRevokeSessionKeyCall}. */
589
+ interface BuildRevokeSessionKeyCallParams {
590
+ /** A viem public client (the public API stays `PublicClient`; the shared builder widens to `Client` internally). */
591
+ readonly publicClient: PublicClient<Transport, Chain>;
592
+ /** The session-key signer the key was ISSUED with. */
593
+ readonly sessionKeySigner: LocalAccount;
594
+ /**
595
+ * The policies the key was issued with — identical policies in identical
596
+ * ORDER, since the validator identifier hashes the ordered policy array.
597
+ * A mismatch reverts at `uninstallValidation`.
598
+ */
599
+ readonly policies: readonly Policy[];
600
+ /** The deployed agent smart-account address. */
601
+ readonly smartAccountAddress: Address;
602
+ readonly entryPoint?: EntryPointType<"0.7">;
603
+ readonly kernelVersion?: GetKernelVersion<"0.7">;
604
+ }
605
+ /**
606
+ * Build the `uninstallValidation(vId, deinitData, hookDeinitData)` call that
607
+ * removes a session-key permission validator — a byte-exact reproduction of
608
+ * `@zerodev/sdk`'s `uninstallPlugin` inner call, which the SDK cannot call
609
+ * directly because it hardcodes the single-signer `sendUserOperation` path a
610
+ * weighted/passkey/MPC owner rejects.
611
+ *
612
+ * Submit it yourself: single-signer owners via {@link revokeSessionKey};
613
+ * weighted/passkey/MPC owners via their aggregate flow —
614
+ * `account.encodeCalls([{ to: smartAccountAddress, value: 0n, data }])` →
615
+ * `sendUserOperationWithSignatures`.
616
+ *
617
+ * @example
618
+ * ```ts
619
+ * const data = await buildRevokeSessionKeyCall({
620
+ * publicClient, sessionKeySigner, policies, smartAccountAddress,
621
+ * });
622
+ * const callData = await weightedAccount.encodeCalls([{ to: smartAccountAddress, value: 0n, data }]);
623
+ * // …approveUserOperation per signer → sendUserOperationWithSignatures(callData, signatures)
624
+ * ```
625
+ */
626
+ declare function buildRevokeSessionKeyCall(params: BuildRevokeSessionKeyCallParams): Promise<Hex>;
510
627
 
511
628
  /**
512
629
  * `rotateSessionKey()` — a thin compositional helper that revokes the
@@ -563,4 +680,4 @@ interface RotateSessionKeyResult {
563
680
  */
564
681
  declare function rotateSessionKey(params: RotateSessionKeyParams): Promise<RotateSessionKeyResult>;
565
682
 
566
- export { type ConfiguredKernelClient as C, type IssueSessionKeyParams as I, KAWASEKIT_SESSION_ENVELOPE_VERSION as K, type RestoreSessionAccountParams as R, SessionEnvelopeChainMismatchError as S, TransferJpycInputError as T, type KawasekitSessionEnvelope as a, type KawasekitSessionEnvelopeVersion as b, type KawasekitSessionPolicySummary as c, type RevokeSessionKeyParams as d, type RevokeSessionKeyResult as e, type RotateSessionKeyParams as f, type RotateSessionKeyResult as g, SessionEnvelopeParseError as h, SessionEnvelopeSignerMismatchError as i, SessionEnvelopeVersionError as j, type TransferJpycParams as k, type TransferJpycResult as l, issueSessionKey as m, revokeSessionKey as n, rotateSessionKey as o, parseSessionEnvelope as p, restoreSessionAccount as r, serializeSessionEnvelope as s, transferJpyc as t };
683
+ export { type AgentOwner as A, type BuildRevokeSessionKeyCallParams as B, type ConfiguredKernelClient as C, type IssueSessionKeyParams as I, KAWASEKIT_SESSION_ENVELOPE_VERSION as K, type RestoreSessionAccountParams as R, SessionEnvelopeChainMismatchError as S, TransferJpycInputError as T, type CreateAgentSmartAccountParams as a, type KawasekitSessionEnvelope as b, type KawasekitSessionEnvelopeVersion as c, type KawasekitSessionPolicySummary as d, type RevokeSessionKeyParams as e, type RevokeSessionKeyResult as f, type RotateSessionKeyParams as g, type RotateSessionKeyResult as h, SessionEnvelopeParseError as i, SessionEnvelopeSignerMismatchError as j, SessionEnvelopeVersionError as k, type TransferJpycParams as l, type TransferJpycResult as m, buildRevokeSessionKeyCall as n, createAgentSmartAccount as o, issueSessionKey as p, parseSessionEnvelope as q, restoreSessionAccount as r, revokeSessionKey as s, rotateSessionKey as t, serializeSessionEnvelope as u, transferJpyc as v };
@@ -1,10 +1,83 @@
1
- import { Transport, Chain, Address, Hex, PublicClient, LocalAccount, Hash } from 'viem';
1
+ import { LocalAccount, PublicClient, Transport, Chain, Address, Hex, Hash } from 'viem';
2
2
  import { S as SupportedChainId } from './index-2fEOL83n.js';
3
3
  import { Policy } from '@zerodev/permissions';
4
+ import { KernelValidator, CreateKernelAccountReturnType, KernelAccountClient } from '@zerodev/sdk';
4
5
  import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
5
- import { KernelAccountClient, CreateKernelAccountReturnType } from '@zerodev/sdk';
6
6
  import { SmartAccount } from 'viem/account-abstraction';
7
7
 
8
+ /**
9
+ * Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
10
+ * permission validator.
11
+ *
12
+ * The owner EOA keeps full control (sudo) and can revoke / rotate the session
13
+ * key at any time. The session key is the day-to-day signer the AI agent
14
+ * holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
15
+ * are enforced at the ERC-4337 validation phase by ZeroDev's
16
+ * `PermissionValidator`. Violating userOps revert before execution — they
17
+ * never spend any of the smart account's funds, and a sponsored bundler
18
+ * cannot be tricked into paying for them either.
19
+ *
20
+ * @packageDocumentation
21
+ */
22
+
23
+ /**
24
+ * Owner = ECDSA convenience XOR a pre-built sudo validator (weighted / passkey / MPC).
25
+ *
26
+ * @remarks Pass a pre-built validator via `sudoValidator`, never via `ownerSigner`.
27
+ * Because ZeroDev's `KernelValidator` structurally extends `LocalAccount`, a validator
28
+ * mis-passed in the `ownerSigner` slot type-checks and would be wrapped as an ECDSA
29
+ * signer (confusing downstream failure) rather than used as the sudo directly.
30
+ */
31
+ type AgentOwner = {
32
+ readonly ownerSigner: LocalAccount;
33
+ readonly sudoValidator?: never;
34
+ } | {
35
+ readonly sudoValidator: KernelValidator;
36
+ readonly ownerSigner?: never;
37
+ };
38
+ /** Parameters for {@link createAgentSmartAccount}. */
39
+ type CreateAgentSmartAccountParams = {
40
+ readonly publicClient: PublicClient<Transport, Chain | undefined>;
41
+ readonly sessionKeySigner: LocalAccount;
42
+ readonly policies: readonly Policy[];
43
+ /** Bind to an existing deployed account (e.g. re-provision after recovery). */
44
+ readonly address?: Address;
45
+ readonly entryPoint?: EntryPointType<"0.7">;
46
+ readonly kernelVersion?: GetKernelVersion<"0.7">;
47
+ } & AgentOwner;
48
+ /**
49
+ * Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
50
+ * validators wired up.
51
+ *
52
+ * @example
53
+ * ```ts
54
+ * import { parseUnits } from "viem";
55
+ * import { privateKeyToAccount } from "viem/accounts";
56
+ * import {
57
+ * createAgentSmartAccount,
58
+ * createJpycDailyLimitPolicies,
59
+ * getJpycAddress,
60
+ * JPYC_DECIMALS,
61
+ * polygonAmoy,
62
+ * } from "kawasekit";
63
+ *
64
+ * const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
65
+ * const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
66
+ *
67
+ * const account = await createAgentSmartAccount({
68
+ * publicClient,
69
+ * ownerSigner: owner,
70
+ * sessionKeySigner: sessionKey,
71
+ * policies: createJpycDailyLimitPolicies({
72
+ * jpycAddress: getJpycAddress(polygonAmoy.id),
73
+ * maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
74
+ * maxTransfersPerDay: 10,
75
+ * }),
76
+ * });
77
+ * ```
78
+ */
79
+ declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
80
+
8
81
  /**
9
82
  * High-level helper: transfer JPYC from a Kernel smart account via a sponsored
10
83
  * UserOp.
@@ -231,22 +304,27 @@ declare class SessionEnvelopeParseError extends Error {
231
304
  */
232
305
 
233
306
  /** Parameters for {@link issueSessionKey}. */
234
- interface IssueSessionKeyParams {
235
- /**
236
- * viem `PublicClient` on the chain the smart account will live on. Its
237
- * `chain.id` MUST be a {@link SupportedChainId} and is recorded in the
238
- * envelope so restore-time mismatches fail fast.
239
- */
307
+ type IssueSessionKeyParams = {
240
308
  readonly publicClient: PublicClient<Transport, Chain>;
241
- /** Owner EOA — retains sudo authority. */
242
- readonly ownerSigner: LocalAccount;
243
- /** Session-key EOA — the day-to-day signer the agent will hold. */
244
309
  readonly sessionKeySigner: LocalAccount;
245
310
  /**
246
- * Policies the session key must satisfy at userOp validation time
247
- * (e.g. {@link createJpycDailyLimitPolicies}).
311
+ * Policies the session key must satisfy at userOp validation time (e.g.
312
+ * {@link createJpycDailyLimitPolicies}). Supply the SAME policies in the SAME
313
+ * order to issue and to revoke (`buildRevokeSessionKeyCall`) — the validator
314
+ * identifier hashes the ordered policy array.
248
315
  */
249
316
  readonly policies: readonly Policy[];
317
+ /** Bind issuance to an existing deployed account (re-provision after recovery). */
318
+ readonly address?: Address;
319
+ /**
320
+ * Weighted-enable seam (RFC-0003 U-B1). Called with the SDK-built permission
321
+ * validator; returns the enable signature for `serializePermissionAccount`'s
322
+ * 3rd arg. Omit for an ECDSA owner (the default single-signer enable). For a
323
+ * weighted sudo this is `approvePlugin(plugin)` + `encodeSignatures([approval], true)`,
324
+ * computed by the caller with their weighted client. A mismatch surfaces on-chain
325
+ * as `EnableNotApproved` at first use.
326
+ */
327
+ readonly approveEnable?: (permissionValidator: KernelValidator) => Promise<Hex>;
250
328
  /** Optional advisory expiry (unix seconds). Recorded in the envelope. */
251
329
  readonly expiresAt?: bigint;
252
330
  /** Optional advisory policy summary for host UI. */
@@ -255,7 +333,7 @@ interface IssueSessionKeyParams {
255
333
  readonly entryPoint?: EntryPointType<"0.7">;
256
334
  /** Kernel version override. Defaults to {@link KERNEL_V3_1}. */
257
335
  readonly kernelVersion?: GetKernelVersion<"0.7">;
258
- }
336
+ } & AgentOwner;
259
337
  /**
260
338
  * Issues a fresh session key for an agent smart account.
261
339
  *
@@ -507,6 +585,45 @@ interface RevokeSessionKeyResult {
507
585
  * ```
508
586
  */
509
587
  declare function revokeSessionKey(params: RevokeSessionKeyParams): Promise<RevokeSessionKeyResult>;
588
+ /** Parameters for {@link buildRevokeSessionKeyCall}. */
589
+ interface BuildRevokeSessionKeyCallParams {
590
+ /** A viem public client (the public API stays `PublicClient`; the shared builder widens to `Client` internally). */
591
+ readonly publicClient: PublicClient<Transport, Chain>;
592
+ /** The session-key signer the key was ISSUED with. */
593
+ readonly sessionKeySigner: LocalAccount;
594
+ /**
595
+ * The policies the key was issued with — identical policies in identical
596
+ * ORDER, since the validator identifier hashes the ordered policy array.
597
+ * A mismatch reverts at `uninstallValidation`.
598
+ */
599
+ readonly policies: readonly Policy[];
600
+ /** The deployed agent smart-account address. */
601
+ readonly smartAccountAddress: Address;
602
+ readonly entryPoint?: EntryPointType<"0.7">;
603
+ readonly kernelVersion?: GetKernelVersion<"0.7">;
604
+ }
605
+ /**
606
+ * Build the `uninstallValidation(vId, deinitData, hookDeinitData)` call that
607
+ * removes a session-key permission validator — a byte-exact reproduction of
608
+ * `@zerodev/sdk`'s `uninstallPlugin` inner call, which the SDK cannot call
609
+ * directly because it hardcodes the single-signer `sendUserOperation` path a
610
+ * weighted/passkey/MPC owner rejects.
611
+ *
612
+ * Submit it yourself: single-signer owners via {@link revokeSessionKey};
613
+ * weighted/passkey/MPC owners via their aggregate flow —
614
+ * `account.encodeCalls([{ to: smartAccountAddress, value: 0n, data }])` →
615
+ * `sendUserOperationWithSignatures`.
616
+ *
617
+ * @example
618
+ * ```ts
619
+ * const data = await buildRevokeSessionKeyCall({
620
+ * publicClient, sessionKeySigner, policies, smartAccountAddress,
621
+ * });
622
+ * const callData = await weightedAccount.encodeCalls([{ to: smartAccountAddress, value: 0n, data }]);
623
+ * // …approveUserOperation per signer → sendUserOperationWithSignatures(callData, signatures)
624
+ * ```
625
+ */
626
+ declare function buildRevokeSessionKeyCall(params: BuildRevokeSessionKeyCallParams): Promise<Hex>;
510
627
 
511
628
  /**
512
629
  * `rotateSessionKey()` — a thin compositional helper that revokes the
@@ -563,4 +680,4 @@ interface RotateSessionKeyResult {
563
680
  */
564
681
  declare function rotateSessionKey(params: RotateSessionKeyParams): Promise<RotateSessionKeyResult>;
565
682
 
566
- export { type ConfiguredKernelClient as C, type IssueSessionKeyParams as I, KAWASEKIT_SESSION_ENVELOPE_VERSION as K, type RestoreSessionAccountParams as R, SessionEnvelopeChainMismatchError as S, TransferJpycInputError as T, type KawasekitSessionEnvelope as a, type KawasekitSessionEnvelopeVersion as b, type KawasekitSessionPolicySummary as c, type RevokeSessionKeyParams as d, type RevokeSessionKeyResult as e, type RotateSessionKeyParams as f, type RotateSessionKeyResult as g, SessionEnvelopeParseError as h, SessionEnvelopeSignerMismatchError as i, SessionEnvelopeVersionError as j, type TransferJpycParams as k, type TransferJpycResult as l, issueSessionKey as m, revokeSessionKey as n, rotateSessionKey as o, parseSessionEnvelope as p, restoreSessionAccount as r, serializeSessionEnvelope as s, transferJpyc as t };
683
+ export { type AgentOwner as A, type BuildRevokeSessionKeyCallParams as B, type ConfiguredKernelClient as C, type IssueSessionKeyParams as I, KAWASEKIT_SESSION_ENVELOPE_VERSION as K, type RestoreSessionAccountParams as R, SessionEnvelopeChainMismatchError as S, TransferJpycInputError as T, type CreateAgentSmartAccountParams as a, type KawasekitSessionEnvelope as b, type KawasekitSessionEnvelopeVersion as c, type KawasekitSessionPolicySummary as d, type RevokeSessionKeyParams as e, type RevokeSessionKeyResult as f, type RotateSessionKeyParams as g, type RotateSessionKeyResult as h, SessionEnvelopeParseError as i, SessionEnvelopeSignerMismatchError as j, SessionEnvelopeVersionError as k, type TransferJpycParams as l, type TransferJpycResult as m, buildRevokeSessionKeyCall as n, createAgentSmartAccount as o, issueSessionKey as p, parseSessionEnvelope as q, restoreSessionAccount as r, revokeSessionKey as s, rotateSessionKey as t, serializeSessionEnvelope as u, transferJpyc as v };
package/dist/index.cjs CHANGED
@@ -10,26 +10,49 @@ var viem = require('viem');
10
10
  var policies = require('@zerodev/permissions/policies');
11
11
 
12
12
  // src/account/session-key.ts
13
+ async function resolveSudoValidator(params) {
14
+ if (params.ownerSigner !== void 0 && params.sudoValidator !== void 0) {
15
+ throw new Error("kawasekit: pass exactly one of `ownerSigner` or `sudoValidator`, not both.");
16
+ }
17
+ if (params.sudoValidator !== void 0) return params.sudoValidator;
18
+ if (params.ownerSigner === void 0) {
19
+ throw new Error("kawasekit: pass one of `ownerSigner` (ECDSA) or `sudoValidator` (pre-built).");
20
+ }
21
+ return ecdsaValidator.signerToEcdsaValidator(params.publicClient, {
22
+ signer: params.ownerSigner,
23
+ entryPoint: params.entryPoint,
24
+ kernelVersion: params.kernelVersion
25
+ });
26
+ }
27
+ async function buildSessionPermissionValidator(params) {
28
+ const signer = await signers.toECDSASigner({ signer: params.sessionKeySigner });
29
+ return permissions.toPermissionValidator(params.publicClient, {
30
+ signer,
31
+ policies: [...params.policies],
32
+ entryPoint: params.entryPoint,
33
+ kernelVersion: params.kernelVersion
34
+ });
35
+ }
13
36
  async function createAgentSmartAccount(params) {
14
37
  const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
15
38
  const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
16
- const sudoValidator = await ecdsaValidator.signerToEcdsaValidator(params.publicClient, {
17
- signer: params.ownerSigner,
39
+ const sudoValidator = await resolveSudoValidator({
40
+ publicClient: params.publicClient,
41
+ ownerSigner: params.ownerSigner,
42
+ sudoValidator: params.sudoValidator,
18
43
  entryPoint,
19
44
  kernelVersion
20
45
  });
21
- const modularSessionSigner = await signers.toECDSASigner({ signer: params.sessionKeySigner });
22
- const permissionValidator = await permissions.toPermissionValidator(params.publicClient, {
23
- signer: modularSessionSigner,
24
- policies: [...params.policies],
46
+ const permissionValidator = await buildSessionPermissionValidator({
47
+ publicClient: params.publicClient,
48
+ sessionKeySigner: params.sessionKeySigner,
49
+ policies: params.policies,
25
50
  entryPoint,
26
51
  kernelVersion
27
52
  });
28
53
  return sdk.createKernelAccount(params.publicClient, {
29
- plugins: {
30
- sudo: sudoValidator,
31
- regular: permissionValidator
32
- },
54
+ plugins: { sudo: sudoValidator, regular: permissionValidator },
55
+ ...params.address !== void 0 ? { address: params.address } : {},
33
56
  entryPoint,
34
57
  kernelVersion
35
58
  });
@@ -470,11 +493,6 @@ function createBuyListPolicies(params) {
470
493
  "createBuyListPolicies: merchants must not be empty \u2014 a buy-list must target at least one merchant."
471
494
  );
472
495
  }
473
- if (!Number.isInteger(params.maxTransfers) || params.maxTransfers < 1) {
474
- throw new Error(
475
- `createBuyListPolicies: maxTransfers must be a positive integer, got ${params.maxTransfers}.`
476
- );
477
- }
478
496
  if (!Number.isInteger(params.validUntil) || params.validUntil <= 0) {
479
497
  throw new Error(
480
498
  `createBuyListPolicies: validUntil must be a positive unix-seconds integer, got ${params.validUntil}.`
@@ -497,15 +515,10 @@ function createBuyListPolicies(params) {
497
515
  recipientAllowlist: params.merchants,
498
516
  callPolicyVersion: params.callPolicyVersion
499
517
  });
500
- const rateLimitPolicy = policies.toRateLimitPolicy({
501
- interval: params.validUntil - validAfter,
502
- count: params.maxTransfers,
503
- startAt: validAfter
504
- });
505
518
  const timestampPolicy = policies.toTimestampPolicy(
506
519
  params.validAfter === void 0 ? { validUntil: params.validUntil } : { validAfter: params.validAfter, validUntil: params.validUntil }
507
520
  );
508
- return [callPolicy, rateLimitPolicy, timestampPolicy];
521
+ return [callPolicy, timestampPolicy];
509
522
  }
510
523
  var ONE_DAY_SECONDS = 86400;
511
524
  function createJpycDailyLimitPolicies(params) {
@@ -3161,15 +3174,28 @@ async function issueSessionKey(params) {
3161
3174
  const supportedChainId = chainId;
3162
3175
  const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
3163
3176
  const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
3164
- const account = await createAgentSmartAccount({
3177
+ const sudoValidator = await resolveSudoValidator({
3165
3178
  publicClient: params.publicClient,
3166
3179
  ownerSigner: params.ownerSigner,
3180
+ sudoValidator: params.sudoValidator,
3181
+ entryPoint,
3182
+ kernelVersion
3183
+ });
3184
+ const permissionValidator = await buildSessionPermissionValidator({
3185
+ publicClient: params.publicClient,
3167
3186
  sessionKeySigner: params.sessionKeySigner,
3168
3187
  policies: params.policies,
3169
3188
  entryPoint,
3170
3189
  kernelVersion
3171
3190
  });
3172
- const serialized = await permissions.serializePermissionAccount(account);
3191
+ const account = await sdk.createKernelAccount(params.publicClient, {
3192
+ plugins: { sudo: sudoValidator, regular: permissionValidator },
3193
+ ...params.address !== void 0 ? { address: params.address } : {},
3194
+ entryPoint,
3195
+ kernelVersion
3196
+ });
3197
+ const enableSignature = params.approveEnable ? await params.approveEnable(permissionValidator) : void 0;
3198
+ const serialized = enableSignature ? await permissions.serializePermissionAccount(account, void 0, enableSignature) : await permissions.serializePermissionAccount(account);
3173
3199
  const base = {
3174
3200
  kawasekitVersion: KAWASEKIT_SESSION_ENVELOPE_VERSION,
3175
3201
  chainId: supportedChainId,
@@ -3245,10 +3271,10 @@ async function revokeSessionKey(params) {
3245
3271
  "revokeSessionKey: ownerKernelClient.client is undefined \u2014 pass `client: publicClient` when constructing the Kernel client so the validator can be reconstructed."
3246
3272
  );
3247
3273
  }
3248
- const modularSigner = await signers.toECDSASigner({ signer: sessionKeySigner });
3249
- const permissionPlugin = await permissions.toPermissionValidator(ownerKernelClient.client, {
3250
- signer: modularSigner,
3251
- policies: [...policies],
3274
+ const permissionPlugin = await buildSessionPermissionValidator({
3275
+ publicClient: ownerKernelClient.client,
3276
+ sessionKeySigner,
3277
+ policies,
3252
3278
  entryPoint,
3253
3279
  kernelVersion
3254
3280
  });
@@ -3267,6 +3293,30 @@ async function revokeSessionKey(params) {
3267
3293
  success: receipt.success
3268
3294
  };
3269
3295
  }
3296
+ var UNINSTALL_VALIDATION_ABI = viem.parseAbi([
3297
+ "function uninstallValidation(bytes21 vId, bytes deinitData, bytes hookDeinitData)"
3298
+ ]);
3299
+ async function buildRevokeSessionKeyCall(params) {
3300
+ const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
3301
+ const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
3302
+ const plugin = await buildSessionPermissionValidator({
3303
+ publicClient: params.publicClient,
3304
+ sessionKeySigner: params.sessionKeySigner,
3305
+ policies: params.policies,
3306
+ entryPoint,
3307
+ kernelVersion
3308
+ });
3309
+ const vId = viem.concatHex([
3310
+ constants.VALIDATOR_TYPE.PERMISSION,
3311
+ viem.pad(plugin.getIdentifier(), { size: 20, dir: "right" })
3312
+ ]);
3313
+ const deinitData = await plugin.getEnableData(viem.getAddress(params.smartAccountAddress));
3314
+ return viem.encodeFunctionData({
3315
+ abi: UNINSTALL_VALIDATION_ABI,
3316
+ functionName: "uninstallValidation",
3317
+ args: [vId, deinitData, "0x"]
3318
+ });
3319
+ }
3270
3320
 
3271
3321
  // src/session/rotate.ts
3272
3322
  async function rotateSessionKey(params) {
@@ -3312,6 +3362,7 @@ exports.avalanche = avalanche;
3312
3362
  exports.avalancheFuji = avalancheFuji;
3313
3363
  exports.buildPaymentRequiredResponse = buildPaymentRequiredResponse;
3314
3364
  exports.buildPaymentRequirements = buildPaymentRequirements;
3365
+ exports.buildRevokeSessionKeyCall = buildRevokeSessionKeyCall;
3315
3366
  exports.cancelAuthorizationTypes = cancelAuthorizationTypes;
3316
3367
  exports.canonicalRequestBytes = canonicalRequestBytes;
3317
3368
  exports.chainIdToX402Network = chainIdToX402Network;