kawasekit 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.cts CHANGED
@@ -1,12 +1,11 @@
1
- import { Policy } from '@zerodev/permissions';
2
- import { CreateKernelAccountReturnType } from '@zerodev/sdk';
3
- import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
4
- import * as viem from 'viem';
5
- import { PublicClient, Transport, Chain, LocalAccount, Address } from 'viem';
1
+ import { C as ConfiguredKernelClient } from './index-FxiMeqpl.cjs';
2
+ export { A as AgentOwner, B as BuildRevokeSessionKeyCallParams, a as CreateAgentSmartAccountParams, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, b as KawasekitSessionEnvelope, c as KawasekitSessionEnvelopeVersion, d as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, e as RevokeSessionKeyParams, f as RevokeSessionKeyResult, g as RotateSessionKeyParams, h as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, i as SessionEnvelopeParseError, j as SessionEnvelopeSignerMismatchError, k as SessionEnvelopeVersionError, T as TransferJpycInputError, l as TransferJpycParams, m as TransferJpycResult, n as buildRevokeSessionKeyCall, o as createAgentSmartAccount, p as issueSessionKey, q as parseSessionEnvelope, r as restoreSessionAccount, s as revokeSessionKey, t as rotateSessionKey, u as serializeSessionEnvelope, v as transferJpyc } from './index-FxiMeqpl.cjs';
6
3
  import { S as SupportedChainId } from './index-2fEOL83n.cjs';
7
4
  export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.cjs';
8
- import { C as ConfiguredKernelClient } from './index-DFChv_fT.cjs';
9
- export { I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-DFChv_fT.cjs';
5
+ import { CreateKernelAccountReturnType } from '@zerodev/sdk';
6
+ import * as viem from 'viem';
7
+ import { Chain, PublicClient, Transport, Address } from 'viem';
8
+ import { Policy } from '@zerodev/permissions';
10
9
  import { CallPolicyVersion } from '@zerodev/permissions/policies';
11
10
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.cjs';
12
11
  export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-CwXcTFD_.cjs';
@@ -19,85 +18,9 @@ export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthor
19
18
  export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.cjs';
20
19
  export { CanonicalRequestIdentity, CreateIdempotencyKeyBuilderParams, IdempotencyConfigError, IdempotencyKeyBuilder, IdempotencyRecordParseError, IdempotencyRecordVersionError, createIdempotencyKeyBuilder, deriveIdempotencyKey, normalizeIntentText } from './idempotency/index.cjs';
21
20
  export { C as CreateInMemoryIdempotencyStoreParams, I as IdempotencyLease, a as IdempotencyLookupResult, b as IdempotencyRecord, c as IdempotencyResponseSnapshot, d as IdempotencyStore, K as KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, e as KawasekitIdempotencyRecordVersion, f as createInMemoryIdempotencyStore, p as parseIdempotencyRecord, s as serializeIdempotencyRecord } from './store-DPOLS6yp.cjs';
21
+ import '@zerodev/sdk/types';
22
22
  import 'viem/account-abstraction';
23
23
 
24
- /**
25
- * Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
26
- * permission validator.
27
- *
28
- * The owner EOA keeps full control (sudo) and can revoke / rotate the session
29
- * key at any time. The session key is the day-to-day signer the AI agent
30
- * holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
31
- * are enforced at the ERC-4337 validation phase by ZeroDev's
32
- * `PermissionValidator`. Violating userOps revert before execution — they
33
- * never spend any of the smart account's funds, and a sponsored bundler
34
- * cannot be tricked into paying for them either.
35
- *
36
- * @packageDocumentation
37
- */
38
-
39
- /** Parameters for {@link createAgentSmartAccount}. */
40
- interface CreateAgentSmartAccountParams {
41
- /**
42
- * viem `PublicClient` used to read on-chain state during account derivation.
43
- */
44
- readonly publicClient: PublicClient<Transport, Chain | undefined>;
45
- /**
46
- * The owner EOA. Retains sudo authority — can install new plugins,
47
- * revoke / rotate the session key, and bypass any policy.
48
- */
49
- readonly ownerSigner: LocalAccount;
50
- /**
51
- * The day-to-day signer the agent holds. Authority is limited to whatever
52
- * `policies` allow — by default it can do nothing.
53
- */
54
- readonly sessionKeySigner: LocalAccount;
55
- /**
56
- * ZeroDev policies (e.g. {@link createJpycDailyLimitPolicies}) the session
57
- * key must satisfy at userOp validation time.
58
- */
59
- readonly policies: readonly Policy[];
60
- /**
61
- * EntryPoint version + address. Defaults to v0.7 at the canonical
62
- * ERC-4337 entry-point address.
63
- */
64
- readonly entryPoint?: EntryPointType<"0.7">;
65
- /** Kernel version. Defaults to {@link KERNEL_V3_1}. */
66
- readonly kernelVersion?: GetKernelVersion<"0.7">;
67
- }
68
- /**
69
- * Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
70
- * validators wired up.
71
- *
72
- * @example
73
- * ```ts
74
- * import { parseUnits } from "viem";
75
- * import { privateKeyToAccount } from "viem/accounts";
76
- * import {
77
- * createAgentSmartAccount,
78
- * createJpycDailyLimitPolicies,
79
- * getJpycAddress,
80
- * JPYC_DECIMALS,
81
- * polygonAmoy,
82
- * } from "kawasekit";
83
- *
84
- * const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
85
- * const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
86
- *
87
- * const account = await createAgentSmartAccount({
88
- * publicClient,
89
- * ownerSigner: owner,
90
- * sessionKeySigner: sessionKey,
91
- * policies: createJpycDailyLimitPolicies({
92
- * jpycAddress: getJpycAddress(polygonAmoy.id),
93
- * maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
94
- * maxTransfersPerDay: 10,
95
- * }),
96
- * });
97
- * ```
98
- */
99
- declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
100
-
101
24
  /**
102
25
  * Avalanche C-Chain — priority 3 production chain.
103
26
  *
@@ -627,23 +550,29 @@ declare function createSponsoredKernelClient(params: CreateSponsoredKernelClient
627
550
  * Buy-list → ZeroDev policy bundle for a **disposable, scoped session key**
628
551
  * (the Agent Commerce Hub authorization flow).
629
552
  *
630
- * A user's resolved buy-list (its merchants + a per-transfer cap + a total
631
- * transfer count + a schedule window) is baked into a single-use session key by
632
- * composing three on-chain policies:
553
+ * A user's resolved buy-list (its merchants + a per-transfer cap + a schedule
554
+ * window) is baked into a single-use session key by composing two on-chain
555
+ * policies:
633
556
  * 1. **callPolicy** — `JPYC.transfer(to, value)` with `value ≤ maxPerTransfer`
634
557
  * and `to ∈ merchants` (the allowlist; shared with
635
558
  * {@link createJpycDailyLimitPolicies} via {@link buildJpycTransferCallPolicy}).
636
- * 2. **rateLimitPolicy** — a **total** cap of `maxTransfers` over the whole
637
- * schedule window (the rate window is set to span `[validAfter, validUntil]`,
638
- * so `count` does NOT reset within the session — it is a session total, not a
639
- * per-day limit).
640
- * 3. **timestampPolicy** — the session key is only valid within
559
+ * 2. **timestampPolicy** — the session key is only valid within
641
560
  * `[validAfter, validUntil]`.
642
561
  *
643
562
  * Cumulative budget ("spend ≤ ¥X total") is NOT a policy field — it is the
644
563
  * amount the user funds the account with (funding is the user's responsibility,
645
564
  * out of the SDK's scope). These policies bound *who* (allowlist), *how much per
646
- * transfer* (cap), *how many* (count), and *when* (window).
565
+ * transfer* (cap), and *when* (window).
566
+ *
567
+ * The transfer **count** / sponsored-op bound is intentionally NOT a session-key
568
+ * policy — total value is bounded by the funded balance, and an op-count / gas
569
+ * bound (if desired) belongs to the consumer's **sponsor-gas policy**, not this
570
+ * permission bundle. A prior version included a `rateLimitPolicy` for a
571
+ * `maxTransfers` count, but it was built on ZeroDev's **scheduled-release** rate-
572
+ * limit contract (`0xf63d4139…`, which gates op *i* at `startAt + i·interval`)
573
+ * with `interval` = the whole window, so the 2nd transfer was *not-due until
574
+ * `validUntil`* and the 3rd+ never — back-to-back multi-merchant payment reverted
575
+ * `AA22`. It was dropped in `0.10.0`; see `docs/rfc/0004-buylist-drop-scheduled-rate-limit.md`.
647
576
  *
648
577
  * @packageDocumentation
649
578
  */
@@ -660,11 +589,6 @@ interface CreateBuyListPoliciesParams {
660
589
  readonly merchants: readonly Address[];
661
590
  /** Maximum JPYC (raw units) per single transfer. Must be positive. */
662
591
  readonly maxPerTransfer: bigint;
663
- /**
664
- * Maximum number of transfers over the WHOLE window — a session total, not a
665
- * per-day limit. Must be a positive integer.
666
- */
667
- readonly maxTransfers: number;
668
592
  /** Schedule-window end (unix seconds); the key is invalid after this. Must be a positive integer. */
669
593
  readonly validUntil: number;
670
594
  /**
@@ -690,13 +614,12 @@ interface CreateBuyListPoliciesParams {
690
614
  * jpycAddress: getJpycAddress(polygonAmoy.id),
691
615
  * merchants: [merchantA, merchantB], // pay ONLY these (allowlist)
692
616
  * maxPerTransfer: parseUnits("500", JPYC_DECIMALS),
693
- * maxTransfers: 3, // at most 3 transfers, total
694
617
  * validUntil: Math.floor(Date.now() / 1000) + 3 * 86_400, // valid 3 days
695
618
  * });
696
- * // user funds the account with their budget; the policies bound who/how-much/how-many/when.
619
+ * // user funds the account with their budget; the policies bound who/how-much/when.
697
620
  * ```
698
621
  */
699
- declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy, Policy];
622
+ declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy];
700
623
 
701
624
  /**
702
625
  * JPYC stablecoin metadata, deployments, and ABI.
@@ -1064,4 +987,4 @@ declare const jpycAbi: readonly [{
1064
987
  }];
1065
988
  }];
1066
989
 
1067
- export { ConfiguredKernelClient, type CreateAgentSmartAccountParams, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createAgentSmartAccount, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
990
+ export { ConfiguredKernelClient, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
package/dist/index.d.ts CHANGED
@@ -1,12 +1,11 @@
1
- import { Policy } from '@zerodev/permissions';
2
- import { CreateKernelAccountReturnType } from '@zerodev/sdk';
3
- import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
4
- import * as viem from 'viem';
5
- import { PublicClient, Transport, Chain, LocalAccount, Address } from 'viem';
1
+ import { C as ConfiguredKernelClient } from './index-RsuBt-Xw.js';
2
+ export { A as AgentOwner, B as BuildRevokeSessionKeyCallParams, a as CreateAgentSmartAccountParams, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, b as KawasekitSessionEnvelope, c as KawasekitSessionEnvelopeVersion, d as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, e as RevokeSessionKeyParams, f as RevokeSessionKeyResult, g as RotateSessionKeyParams, h as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, i as SessionEnvelopeParseError, j as SessionEnvelopeSignerMismatchError, k as SessionEnvelopeVersionError, T as TransferJpycInputError, l as TransferJpycParams, m as TransferJpycResult, n as buildRevokeSessionKeyCall, o as createAgentSmartAccount, p as issueSessionKey, q as parseSessionEnvelope, r as restoreSessionAccount, s as revokeSessionKey, t as rotateSessionKey, u as serializeSessionEnvelope, v as transferJpyc } from './index-RsuBt-Xw.js';
6
3
  import { S as SupportedChainId } from './index-2fEOL83n.js';
7
4
  export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.js';
8
- import { C as ConfiguredKernelClient } from './index-CSpNGigO.js';
9
- export { I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-CSpNGigO.js';
5
+ import { CreateKernelAccountReturnType } from '@zerodev/sdk';
6
+ import * as viem from 'viem';
7
+ import { Chain, PublicClient, Transport, Address } from 'viem';
8
+ import { Policy } from '@zerodev/permissions';
10
9
  import { CallPolicyVersion } from '@zerodev/permissions/policies';
11
10
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.js';
12
11
  export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-BBgXDrVD.js';
@@ -19,85 +18,9 @@ export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthor
19
18
  export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.js';
20
19
  export { CanonicalRequestIdentity, CreateIdempotencyKeyBuilderParams, IdempotencyConfigError, IdempotencyKeyBuilder, IdempotencyRecordParseError, IdempotencyRecordVersionError, createIdempotencyKeyBuilder, deriveIdempotencyKey, normalizeIntentText } from './idempotency/index.js';
21
20
  export { C as CreateInMemoryIdempotencyStoreParams, I as IdempotencyLease, a as IdempotencyLookupResult, b as IdempotencyRecord, c as IdempotencyResponseSnapshot, d as IdempotencyStore, K as KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, e as KawasekitIdempotencyRecordVersion, f as createInMemoryIdempotencyStore, p as parseIdempotencyRecord, s as serializeIdempotencyRecord } from './store-DmdoV3Ii.js';
21
+ import '@zerodev/sdk/types';
22
22
  import 'viem/account-abstraction';
23
23
 
24
- /**
25
- * Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
26
- * permission validator.
27
- *
28
- * The owner EOA keeps full control (sudo) and can revoke / rotate the session
29
- * key at any time. The session key is the day-to-day signer the AI agent
30
- * holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
31
- * are enforced at the ERC-4337 validation phase by ZeroDev's
32
- * `PermissionValidator`. Violating userOps revert before execution — they
33
- * never spend any of the smart account's funds, and a sponsored bundler
34
- * cannot be tricked into paying for them either.
35
- *
36
- * @packageDocumentation
37
- */
38
-
39
- /** Parameters for {@link createAgentSmartAccount}. */
40
- interface CreateAgentSmartAccountParams {
41
- /**
42
- * viem `PublicClient` used to read on-chain state during account derivation.
43
- */
44
- readonly publicClient: PublicClient<Transport, Chain | undefined>;
45
- /**
46
- * The owner EOA. Retains sudo authority — can install new plugins,
47
- * revoke / rotate the session key, and bypass any policy.
48
- */
49
- readonly ownerSigner: LocalAccount;
50
- /**
51
- * The day-to-day signer the agent holds. Authority is limited to whatever
52
- * `policies` allow — by default it can do nothing.
53
- */
54
- readonly sessionKeySigner: LocalAccount;
55
- /**
56
- * ZeroDev policies (e.g. {@link createJpycDailyLimitPolicies}) the session
57
- * key must satisfy at userOp validation time.
58
- */
59
- readonly policies: readonly Policy[];
60
- /**
61
- * EntryPoint version + address. Defaults to v0.7 at the canonical
62
- * ERC-4337 entry-point address.
63
- */
64
- readonly entryPoint?: EntryPointType<"0.7">;
65
- /** Kernel version. Defaults to {@link KERNEL_V3_1}. */
66
- readonly kernelVersion?: GetKernelVersion<"0.7">;
67
- }
68
- /**
69
- * Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
70
- * validators wired up.
71
- *
72
- * @example
73
- * ```ts
74
- * import { parseUnits } from "viem";
75
- * import { privateKeyToAccount } from "viem/accounts";
76
- * import {
77
- * createAgentSmartAccount,
78
- * createJpycDailyLimitPolicies,
79
- * getJpycAddress,
80
- * JPYC_DECIMALS,
81
- * polygonAmoy,
82
- * } from "kawasekit";
83
- *
84
- * const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
85
- * const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
86
- *
87
- * const account = await createAgentSmartAccount({
88
- * publicClient,
89
- * ownerSigner: owner,
90
- * sessionKeySigner: sessionKey,
91
- * policies: createJpycDailyLimitPolicies({
92
- * jpycAddress: getJpycAddress(polygonAmoy.id),
93
- * maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
94
- * maxTransfersPerDay: 10,
95
- * }),
96
- * });
97
- * ```
98
- */
99
- declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
100
-
101
24
  /**
102
25
  * Avalanche C-Chain — priority 3 production chain.
103
26
  *
@@ -627,23 +550,29 @@ declare function createSponsoredKernelClient(params: CreateSponsoredKernelClient
627
550
  * Buy-list → ZeroDev policy bundle for a **disposable, scoped session key**
628
551
  * (the Agent Commerce Hub authorization flow).
629
552
  *
630
- * A user's resolved buy-list (its merchants + a per-transfer cap + a total
631
- * transfer count + a schedule window) is baked into a single-use session key by
632
- * composing three on-chain policies:
553
+ * A user's resolved buy-list (its merchants + a per-transfer cap + a schedule
554
+ * window) is baked into a single-use session key by composing two on-chain
555
+ * policies:
633
556
  * 1. **callPolicy** — `JPYC.transfer(to, value)` with `value ≤ maxPerTransfer`
634
557
  * and `to ∈ merchants` (the allowlist; shared with
635
558
  * {@link createJpycDailyLimitPolicies} via {@link buildJpycTransferCallPolicy}).
636
- * 2. **rateLimitPolicy** — a **total** cap of `maxTransfers` over the whole
637
- * schedule window (the rate window is set to span `[validAfter, validUntil]`,
638
- * so `count` does NOT reset within the session — it is a session total, not a
639
- * per-day limit).
640
- * 3. **timestampPolicy** — the session key is only valid within
559
+ * 2. **timestampPolicy** — the session key is only valid within
641
560
  * `[validAfter, validUntil]`.
642
561
  *
643
562
  * Cumulative budget ("spend ≤ ¥X total") is NOT a policy field — it is the
644
563
  * amount the user funds the account with (funding is the user's responsibility,
645
564
  * out of the SDK's scope). These policies bound *who* (allowlist), *how much per
646
- * transfer* (cap), *how many* (count), and *when* (window).
565
+ * transfer* (cap), and *when* (window).
566
+ *
567
+ * The transfer **count** / sponsored-op bound is intentionally NOT a session-key
568
+ * policy — total value is bounded by the funded balance, and an op-count / gas
569
+ * bound (if desired) belongs to the consumer's **sponsor-gas policy**, not this
570
+ * permission bundle. A prior version included a `rateLimitPolicy` for a
571
+ * `maxTransfers` count, but it was built on ZeroDev's **scheduled-release** rate-
572
+ * limit contract (`0xf63d4139…`, which gates op *i* at `startAt + i·interval`)
573
+ * with `interval` = the whole window, so the 2nd transfer was *not-due until
574
+ * `validUntil`* and the 3rd+ never — back-to-back multi-merchant payment reverted
575
+ * `AA22`. It was dropped in `0.10.0`; see `docs/rfc/0004-buylist-drop-scheduled-rate-limit.md`.
647
576
  *
648
577
  * @packageDocumentation
649
578
  */
@@ -660,11 +589,6 @@ interface CreateBuyListPoliciesParams {
660
589
  readonly merchants: readonly Address[];
661
590
  /** Maximum JPYC (raw units) per single transfer. Must be positive. */
662
591
  readonly maxPerTransfer: bigint;
663
- /**
664
- * Maximum number of transfers over the WHOLE window — a session total, not a
665
- * per-day limit. Must be a positive integer.
666
- */
667
- readonly maxTransfers: number;
668
592
  /** Schedule-window end (unix seconds); the key is invalid after this. Must be a positive integer. */
669
593
  readonly validUntil: number;
670
594
  /**
@@ -690,13 +614,12 @@ interface CreateBuyListPoliciesParams {
690
614
  * jpycAddress: getJpycAddress(polygonAmoy.id),
691
615
  * merchants: [merchantA, merchantB], // pay ONLY these (allowlist)
692
616
  * maxPerTransfer: parseUnits("500", JPYC_DECIMALS),
693
- * maxTransfers: 3, // at most 3 transfers, total
694
617
  * validUntil: Math.floor(Date.now() / 1000) + 3 * 86_400, // valid 3 days
695
618
  * });
696
- * // user funds the account with their budget; the policies bound who/how-much/how-many/when.
619
+ * // user funds the account with their budget; the policies bound who/how-much/when.
697
620
  * ```
698
621
  */
699
- declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy, Policy];
622
+ declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy];
700
623
 
701
624
  /**
702
625
  * JPYC stablecoin metadata, deployments, and ABI.
@@ -1064,4 +987,4 @@ declare const jpycAbi: readonly [{
1064
987
  }];
1065
988
  }];
1066
989
 
1067
- export { ConfiguredKernelClient, type CreateAgentSmartAccountParams, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createAgentSmartAccount, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
990
+ export { ConfiguredKernelClient, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
package/dist/index.js CHANGED
@@ -1,10 +1,10 @@
1
- export { TransferJpycInputError, createBuyListPolicies, createSponsoredKernelClient, transferJpyc } from './chunk-DMP7YFGA.js';
1
+ export { TransferJpycInputError, createBuyListPolicies, createSponsoredKernelClient, transferJpyc } from './chunk-OUCIKHS2.js';
2
2
  export { X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, X402_FACILITATOR_ERROR_CODES, createCoinbaseFacilitator, createHttpFacilitator, createSelfFacilitator, createX402PaymentSigner, deriveReceiptTimeoutMs, wrapFetch } from './chunk-P5563RGP.js';
3
3
  export { X402_DEFAULT_MAX_TIMEOUT_SECONDS, X402_HEADER_IDEMPOTENCY_KEY, X402_HEADER_PAYMENT_REQUIRED, X402_HEADER_PAYMENT_RESPONSE, X402_HEADER_PAYMENT_SIGNATURE, buildPaymentRequiredResponse, buildPaymentRequirements, createX402Handler, decodePaymentRequiredHeader, decodePaymentResponseHeader, decodePaymentSignatureHeader, encodePaymentRequiredHeader, encodePaymentResponseHeader, encodePaymentSignatureHeader } from './chunk-PVUKX6IF.js';
4
4
  export { extractAcceptedNetworks, invokeHookSafely } from './chunk-LEHWRDVS.js';
5
5
  export { createIdempotencyKeyBuilder, createInMemoryIdempotencyStore, deriveIdempotencyKey, normalizeIntentText } from './chunk-TTX3RBIZ.js';
6
6
  export { IdempotencyConfigError, IdempotencyRecordParseError, IdempotencyRecordVersionError, KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, X402_VERSION, chainIdToX402Network, isX402Network, parseIdempotencyRecord, serializeIdempotencyRecord, x402NetworkToChainId } from './chunk-QHUCU5YX.js';
7
- export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-N3CVLISJ.js';
7
+ export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, buildRevokeSessionKeyCall, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-KYVAOUQV.js';
8
8
  export { WIRE_VERSION, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-NY6VLXQB.js';
9
9
  export { CoSignUnavailableError, PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-VJUXTVSW.js';
10
10
  export { X402InvalidConfigError, X402InvalidPayloadError, X402PolicyRejectedError } from './chunk-WMVJNPX2.js';
@@ -3,10 +3,10 @@
3
3
  var viem = require('viem');
4
4
  var chains = require('viem/chains');
5
5
  var permissions = require('@zerodev/permissions');
6
+ var sdk = require('@zerodev/sdk');
6
7
  var constants = require('@zerodev/sdk/constants');
7
8
  var ecdsaValidator = require('@zerodev/ecdsa-validator');
8
9
  var signers = require('@zerodev/permissions/signers');
9
- var sdk = require('@zerodev/sdk');
10
10
 
11
11
  // src/session/envelope.ts
12
12
  var avalanche = {
@@ -222,28 +222,27 @@ function parseSessionEnvelope(input) {
222
222
  }
223
223
  return base;
224
224
  }
225
- async function createAgentSmartAccount(params) {
226
- const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
227
- const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
228
- const sudoValidator = await ecdsaValidator.signerToEcdsaValidator(params.publicClient, {
225
+ async function resolveSudoValidator(params) {
226
+ if (params.ownerSigner !== void 0 && params.sudoValidator !== void 0) {
227
+ throw new Error("kawasekit: pass exactly one of `ownerSigner` or `sudoValidator`, not both.");
228
+ }
229
+ if (params.sudoValidator !== void 0) return params.sudoValidator;
230
+ if (params.ownerSigner === void 0) {
231
+ throw new Error("kawasekit: pass one of `ownerSigner` (ECDSA) or `sudoValidator` (pre-built).");
232
+ }
233
+ return ecdsaValidator.signerToEcdsaValidator(params.publicClient, {
229
234
  signer: params.ownerSigner,
230
- entryPoint,
231
- kernelVersion
235
+ entryPoint: params.entryPoint,
236
+ kernelVersion: params.kernelVersion
232
237
  });
233
- const modularSessionSigner = await signers.toECDSASigner({ signer: params.sessionKeySigner });
234
- const permissionValidator = await permissions.toPermissionValidator(params.publicClient, {
235
- signer: modularSessionSigner,
238
+ }
239
+ async function buildSessionPermissionValidator(params) {
240
+ const signer = await signers.toECDSASigner({ signer: params.sessionKeySigner });
241
+ return permissions.toPermissionValidator(params.publicClient, {
242
+ signer,
236
243
  policies: [...params.policies],
237
- entryPoint,
238
- kernelVersion
239
- });
240
- return sdk.createKernelAccount(params.publicClient, {
241
- plugins: {
242
- sudo: sudoValidator,
243
- regular: permissionValidator
244
- },
245
- entryPoint,
246
- kernelVersion
244
+ entryPoint: params.entryPoint,
245
+ kernelVersion: params.kernelVersion
247
246
  });
248
247
  }
249
248
 
@@ -258,15 +257,28 @@ async function issueSessionKey(params) {
258
257
  const supportedChainId = chainId;
259
258
  const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
260
259
  const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
261
- const account = await createAgentSmartAccount({
260
+ const sudoValidator = await resolveSudoValidator({
262
261
  publicClient: params.publicClient,
263
262
  ownerSigner: params.ownerSigner,
263
+ sudoValidator: params.sudoValidator,
264
+ entryPoint,
265
+ kernelVersion
266
+ });
267
+ const permissionValidator = await buildSessionPermissionValidator({
268
+ publicClient: params.publicClient,
264
269
  sessionKeySigner: params.sessionKeySigner,
265
270
  policies: params.policies,
266
271
  entryPoint,
267
272
  kernelVersion
268
273
  });
269
- const serialized = await permissions.serializePermissionAccount(account);
274
+ const account = await sdk.createKernelAccount(params.publicClient, {
275
+ plugins: { sudo: sudoValidator, regular: permissionValidator },
276
+ ...params.address !== void 0 ? { address: params.address } : {},
277
+ entryPoint,
278
+ kernelVersion
279
+ });
280
+ const enableSignature = params.approveEnable ? await params.approveEnable(permissionValidator) : void 0;
281
+ const serialized = enableSignature ? await permissions.serializePermissionAccount(account, void 0, enableSignature) : await permissions.serializePermissionAccount(account);
270
282
  const base = {
271
283
  kawasekitVersion: KAWASEKIT_SESSION_ENVELOPE_VERSION,
272
284
  chainId: supportedChainId,
@@ -342,10 +354,10 @@ async function revokeSessionKey(params) {
342
354
  "revokeSessionKey: ownerKernelClient.client is undefined \u2014 pass `client: publicClient` when constructing the Kernel client so the validator can be reconstructed."
343
355
  );
344
356
  }
345
- const modularSigner = await signers.toECDSASigner({ signer: sessionKeySigner });
346
- const permissionPlugin = await permissions.toPermissionValidator(ownerKernelClient.client, {
347
- signer: modularSigner,
348
- policies: [...policies],
357
+ const permissionPlugin = await buildSessionPermissionValidator({
358
+ publicClient: ownerKernelClient.client,
359
+ sessionKeySigner,
360
+ policies,
349
361
  entryPoint,
350
362
  kernelVersion
351
363
  });
@@ -364,6 +376,9 @@ async function revokeSessionKey(params) {
364
376
  success: receipt.success
365
377
  };
366
378
  }
379
+ viem.parseAbi([
380
+ "function uninstallValidation(bytes21 vId, bytes deinitData, bytes hookDeinitData)"
381
+ ]);
367
382
 
368
383
  // src/session/rotate.ts
369
384
  async function rotateSessionKey(params) {