kawasekit 0.8.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-N3CVLISJ.js → chunk-KYVAOUQV.js} +82 -22
- package/dist/chunk-KYVAOUQV.js.map +1 -0
- package/dist/{chunk-DMP7YFGA.js → chunk-OUCIKHS2.js} +4 -14
- package/dist/chunk-OUCIKHS2.js.map +1 -0
- package/dist/cli/index.cjs +41 -26
- package/dist/cli/index.cjs.map +1 -1
- package/dist/cli/index.js +3 -3
- package/dist/cli/index.js.map +1 -1
- package/dist/{index-DFChv_fT.d.cts → index-FxiMeqpl.d.cts} +132 -15
- package/dist/{index-CSpNGigO.d.ts → index-RsuBt-Xw.d.ts} +132 -15
- package/dist/index.cjs +78 -27
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +25 -102
- package/dist/index.d.ts +25 -102
- package/dist/index.js +2 -2
- package/dist/session/index.cjs +41 -26
- package/dist/session/index.cjs.map +1 -1
- package/dist/session/index.d.cts +2 -2
- package/dist/session/index.d.ts +2 -2
- package/dist/session/index.js +1 -1
- package/package.json +1 -1
- package/dist/chunk-DMP7YFGA.js.map +0 -1
- package/dist/chunk-N3CVLISJ.js.map +0 -1
package/dist/index.d.cts
CHANGED
|
@@ -1,12 +1,11 @@
|
|
|
1
|
-
import {
|
|
2
|
-
|
|
3
|
-
import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
|
|
4
|
-
import * as viem from 'viem';
|
|
5
|
-
import { PublicClient, Transport, Chain, LocalAccount, Address } from 'viem';
|
|
1
|
+
import { C as ConfiguredKernelClient } from './index-FxiMeqpl.cjs';
|
|
2
|
+
export { A as AgentOwner, B as BuildRevokeSessionKeyCallParams, a as CreateAgentSmartAccountParams, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, b as KawasekitSessionEnvelope, c as KawasekitSessionEnvelopeVersion, d as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, e as RevokeSessionKeyParams, f as RevokeSessionKeyResult, g as RotateSessionKeyParams, h as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, i as SessionEnvelopeParseError, j as SessionEnvelopeSignerMismatchError, k as SessionEnvelopeVersionError, T as TransferJpycInputError, l as TransferJpycParams, m as TransferJpycResult, n as buildRevokeSessionKeyCall, o as createAgentSmartAccount, p as issueSessionKey, q as parseSessionEnvelope, r as restoreSessionAccount, s as revokeSessionKey, t as rotateSessionKey, u as serializeSessionEnvelope, v as transferJpyc } from './index-FxiMeqpl.cjs';
|
|
6
3
|
import { S as SupportedChainId } from './index-2fEOL83n.cjs';
|
|
7
4
|
export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.cjs';
|
|
8
|
-
import {
|
|
9
|
-
|
|
5
|
+
import { CreateKernelAccountReturnType } from '@zerodev/sdk';
|
|
6
|
+
import * as viem from 'viem';
|
|
7
|
+
import { Chain, PublicClient, Transport, Address } from 'viem';
|
|
8
|
+
import { Policy } from '@zerodev/permissions';
|
|
10
9
|
import { CallPolicyVersion } from '@zerodev/permissions/policies';
|
|
11
10
|
export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.cjs';
|
|
12
11
|
export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-CwXcTFD_.cjs';
|
|
@@ -19,85 +18,9 @@ export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthor
|
|
|
19
18
|
export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.cjs';
|
|
20
19
|
export { CanonicalRequestIdentity, CreateIdempotencyKeyBuilderParams, IdempotencyConfigError, IdempotencyKeyBuilder, IdempotencyRecordParseError, IdempotencyRecordVersionError, createIdempotencyKeyBuilder, deriveIdempotencyKey, normalizeIntentText } from './idempotency/index.cjs';
|
|
21
20
|
export { C as CreateInMemoryIdempotencyStoreParams, I as IdempotencyLease, a as IdempotencyLookupResult, b as IdempotencyRecord, c as IdempotencyResponseSnapshot, d as IdempotencyStore, K as KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, e as KawasekitIdempotencyRecordVersion, f as createInMemoryIdempotencyStore, p as parseIdempotencyRecord, s as serializeIdempotencyRecord } from './store-DPOLS6yp.cjs';
|
|
21
|
+
import '@zerodev/sdk/types';
|
|
22
22
|
import 'viem/account-abstraction';
|
|
23
23
|
|
|
24
|
-
/**
|
|
25
|
-
* Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
|
|
26
|
-
* permission validator.
|
|
27
|
-
*
|
|
28
|
-
* The owner EOA keeps full control (sudo) and can revoke / rotate the session
|
|
29
|
-
* key at any time. The session key is the day-to-day signer the AI agent
|
|
30
|
-
* holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
|
|
31
|
-
* are enforced at the ERC-4337 validation phase by ZeroDev's
|
|
32
|
-
* `PermissionValidator`. Violating userOps revert before execution — they
|
|
33
|
-
* never spend any of the smart account's funds, and a sponsored bundler
|
|
34
|
-
* cannot be tricked into paying for them either.
|
|
35
|
-
*
|
|
36
|
-
* @packageDocumentation
|
|
37
|
-
*/
|
|
38
|
-
|
|
39
|
-
/** Parameters for {@link createAgentSmartAccount}. */
|
|
40
|
-
interface CreateAgentSmartAccountParams {
|
|
41
|
-
/**
|
|
42
|
-
* viem `PublicClient` used to read on-chain state during account derivation.
|
|
43
|
-
*/
|
|
44
|
-
readonly publicClient: PublicClient<Transport, Chain | undefined>;
|
|
45
|
-
/**
|
|
46
|
-
* The owner EOA. Retains sudo authority — can install new plugins,
|
|
47
|
-
* revoke / rotate the session key, and bypass any policy.
|
|
48
|
-
*/
|
|
49
|
-
readonly ownerSigner: LocalAccount;
|
|
50
|
-
/**
|
|
51
|
-
* The day-to-day signer the agent holds. Authority is limited to whatever
|
|
52
|
-
* `policies` allow — by default it can do nothing.
|
|
53
|
-
*/
|
|
54
|
-
readonly sessionKeySigner: LocalAccount;
|
|
55
|
-
/**
|
|
56
|
-
* ZeroDev policies (e.g. {@link createJpycDailyLimitPolicies}) the session
|
|
57
|
-
* key must satisfy at userOp validation time.
|
|
58
|
-
*/
|
|
59
|
-
readonly policies: readonly Policy[];
|
|
60
|
-
/**
|
|
61
|
-
* EntryPoint version + address. Defaults to v0.7 at the canonical
|
|
62
|
-
* ERC-4337 entry-point address.
|
|
63
|
-
*/
|
|
64
|
-
readonly entryPoint?: EntryPointType<"0.7">;
|
|
65
|
-
/** Kernel version. Defaults to {@link KERNEL_V3_1}. */
|
|
66
|
-
readonly kernelVersion?: GetKernelVersion<"0.7">;
|
|
67
|
-
}
|
|
68
|
-
/**
|
|
69
|
-
* Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
|
|
70
|
-
* validators wired up.
|
|
71
|
-
*
|
|
72
|
-
* @example
|
|
73
|
-
* ```ts
|
|
74
|
-
* import { parseUnits } from "viem";
|
|
75
|
-
* import { privateKeyToAccount } from "viem/accounts";
|
|
76
|
-
* import {
|
|
77
|
-
* createAgentSmartAccount,
|
|
78
|
-
* createJpycDailyLimitPolicies,
|
|
79
|
-
* getJpycAddress,
|
|
80
|
-
* JPYC_DECIMALS,
|
|
81
|
-
* polygonAmoy,
|
|
82
|
-
* } from "kawasekit";
|
|
83
|
-
*
|
|
84
|
-
* const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
|
|
85
|
-
* const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
|
|
86
|
-
*
|
|
87
|
-
* const account = await createAgentSmartAccount({
|
|
88
|
-
* publicClient,
|
|
89
|
-
* ownerSigner: owner,
|
|
90
|
-
* sessionKeySigner: sessionKey,
|
|
91
|
-
* policies: createJpycDailyLimitPolicies({
|
|
92
|
-
* jpycAddress: getJpycAddress(polygonAmoy.id),
|
|
93
|
-
* maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
|
|
94
|
-
* maxTransfersPerDay: 10,
|
|
95
|
-
* }),
|
|
96
|
-
* });
|
|
97
|
-
* ```
|
|
98
|
-
*/
|
|
99
|
-
declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
|
|
100
|
-
|
|
101
24
|
/**
|
|
102
25
|
* Avalanche C-Chain — priority 3 production chain.
|
|
103
26
|
*
|
|
@@ -627,23 +550,29 @@ declare function createSponsoredKernelClient(params: CreateSponsoredKernelClient
|
|
|
627
550
|
* Buy-list → ZeroDev policy bundle for a **disposable, scoped session key**
|
|
628
551
|
* (the Agent Commerce Hub authorization flow).
|
|
629
552
|
*
|
|
630
|
-
* A user's resolved buy-list (its merchants + a per-transfer cap + a
|
|
631
|
-
*
|
|
632
|
-
*
|
|
553
|
+
* A user's resolved buy-list (its merchants + a per-transfer cap + a schedule
|
|
554
|
+
* window) is baked into a single-use session key by composing two on-chain
|
|
555
|
+
* policies:
|
|
633
556
|
* 1. **callPolicy** — `JPYC.transfer(to, value)` with `value ≤ maxPerTransfer`
|
|
634
557
|
* and `to ∈ merchants` (the allowlist; shared with
|
|
635
558
|
* {@link createJpycDailyLimitPolicies} via {@link buildJpycTransferCallPolicy}).
|
|
636
|
-
* 2. **
|
|
637
|
-
* schedule window (the rate window is set to span `[validAfter, validUntil]`,
|
|
638
|
-
* so `count` does NOT reset within the session — it is a session total, not a
|
|
639
|
-
* per-day limit).
|
|
640
|
-
* 3. **timestampPolicy** — the session key is only valid within
|
|
559
|
+
* 2. **timestampPolicy** — the session key is only valid within
|
|
641
560
|
* `[validAfter, validUntil]`.
|
|
642
561
|
*
|
|
643
562
|
* Cumulative budget ("spend ≤ ¥X total") is NOT a policy field — it is the
|
|
644
563
|
* amount the user funds the account with (funding is the user's responsibility,
|
|
645
564
|
* out of the SDK's scope). These policies bound *who* (allowlist), *how much per
|
|
646
|
-
* transfer* (cap),
|
|
565
|
+
* transfer* (cap), and *when* (window).
|
|
566
|
+
*
|
|
567
|
+
* The transfer **count** / sponsored-op bound is intentionally NOT a session-key
|
|
568
|
+
* policy — total value is bounded by the funded balance, and an op-count / gas
|
|
569
|
+
* bound (if desired) belongs to the consumer's **sponsor-gas policy**, not this
|
|
570
|
+
* permission bundle. A prior version included a `rateLimitPolicy` for a
|
|
571
|
+
* `maxTransfers` count, but it was built on ZeroDev's **scheduled-release** rate-
|
|
572
|
+
* limit contract (`0xf63d4139…`, which gates op *i* at `startAt + i·interval`)
|
|
573
|
+
* with `interval` = the whole window, so the 2nd transfer was *not-due until
|
|
574
|
+
* `validUntil`* and the 3rd+ never — back-to-back multi-merchant payment reverted
|
|
575
|
+
* `AA22`. It was dropped in `0.10.0`; see `docs/rfc/0004-buylist-drop-scheduled-rate-limit.md`.
|
|
647
576
|
*
|
|
648
577
|
* @packageDocumentation
|
|
649
578
|
*/
|
|
@@ -660,11 +589,6 @@ interface CreateBuyListPoliciesParams {
|
|
|
660
589
|
readonly merchants: readonly Address[];
|
|
661
590
|
/** Maximum JPYC (raw units) per single transfer. Must be positive. */
|
|
662
591
|
readonly maxPerTransfer: bigint;
|
|
663
|
-
/**
|
|
664
|
-
* Maximum number of transfers over the WHOLE window — a session total, not a
|
|
665
|
-
* per-day limit. Must be a positive integer.
|
|
666
|
-
*/
|
|
667
|
-
readonly maxTransfers: number;
|
|
668
592
|
/** Schedule-window end (unix seconds); the key is invalid after this. Must be a positive integer. */
|
|
669
593
|
readonly validUntil: number;
|
|
670
594
|
/**
|
|
@@ -690,13 +614,12 @@ interface CreateBuyListPoliciesParams {
|
|
|
690
614
|
* jpycAddress: getJpycAddress(polygonAmoy.id),
|
|
691
615
|
* merchants: [merchantA, merchantB], // pay ONLY these (allowlist)
|
|
692
616
|
* maxPerTransfer: parseUnits("500", JPYC_DECIMALS),
|
|
693
|
-
* maxTransfers: 3, // at most 3 transfers, total
|
|
694
617
|
* validUntil: Math.floor(Date.now() / 1000) + 3 * 86_400, // valid 3 days
|
|
695
618
|
* });
|
|
696
|
-
* // user funds the account with their budget; the policies bound who/how-much/
|
|
619
|
+
* // user funds the account with their budget; the policies bound who/how-much/when.
|
|
697
620
|
* ```
|
|
698
621
|
*/
|
|
699
|
-
declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy
|
|
622
|
+
declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy];
|
|
700
623
|
|
|
701
624
|
/**
|
|
702
625
|
* JPYC stablecoin metadata, deployments, and ABI.
|
|
@@ -1064,4 +987,4 @@ declare const jpycAbi: readonly [{
|
|
|
1064
987
|
}];
|
|
1065
988
|
}];
|
|
1066
989
|
|
|
1067
|
-
export { ConfiguredKernelClient, type
|
|
990
|
+
export { ConfiguredKernelClient, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,12 +1,11 @@
|
|
|
1
|
-
import {
|
|
2
|
-
|
|
3
|
-
import { EntryPointType, GetKernelVersion } from '@zerodev/sdk/types';
|
|
4
|
-
import * as viem from 'viem';
|
|
5
|
-
import { PublicClient, Transport, Chain, LocalAccount, Address } from 'viem';
|
|
1
|
+
import { C as ConfiguredKernelClient } from './index-RsuBt-Xw.js';
|
|
2
|
+
export { A as AgentOwner, B as BuildRevokeSessionKeyCallParams, a as CreateAgentSmartAccountParams, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, b as KawasekitSessionEnvelope, c as KawasekitSessionEnvelopeVersion, d as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, e as RevokeSessionKeyParams, f as RevokeSessionKeyResult, g as RotateSessionKeyParams, h as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, i as SessionEnvelopeParseError, j as SessionEnvelopeSignerMismatchError, k as SessionEnvelopeVersionError, T as TransferJpycInputError, l as TransferJpycParams, m as TransferJpycResult, n as buildRevokeSessionKeyCall, o as createAgentSmartAccount, p as issueSessionKey, q as parseSessionEnvelope, r as restoreSessionAccount, s as revokeSessionKey, t as rotateSessionKey, u as serializeSessionEnvelope, v as transferJpyc } from './index-RsuBt-Xw.js';
|
|
6
3
|
import { S as SupportedChainId } from './index-2fEOL83n.js';
|
|
7
4
|
export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.js';
|
|
8
|
-
import {
|
|
9
|
-
|
|
5
|
+
import { CreateKernelAccountReturnType } from '@zerodev/sdk';
|
|
6
|
+
import * as viem from 'viem';
|
|
7
|
+
import { Chain, PublicClient, Transport, Address } from 'viem';
|
|
8
|
+
import { Policy } from '@zerodev/permissions';
|
|
10
9
|
import { CallPolicyVersion } from '@zerodev/permissions/policies';
|
|
11
10
|
export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.js';
|
|
12
11
|
export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-BBgXDrVD.js';
|
|
@@ -19,85 +18,9 @@ export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthor
|
|
|
19
18
|
export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.js';
|
|
20
19
|
export { CanonicalRequestIdentity, CreateIdempotencyKeyBuilderParams, IdempotencyConfigError, IdempotencyKeyBuilder, IdempotencyRecordParseError, IdempotencyRecordVersionError, createIdempotencyKeyBuilder, deriveIdempotencyKey, normalizeIntentText } from './idempotency/index.js';
|
|
21
20
|
export { C as CreateInMemoryIdempotencyStoreParams, I as IdempotencyLease, a as IdempotencyLookupResult, b as IdempotencyRecord, c as IdempotencyResponseSnapshot, d as IdempotencyStore, K as KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, e as KawasekitIdempotencyRecordVersion, f as createInMemoryIdempotencyStore, p as parseIdempotencyRecord, s as serializeIdempotencyRecord } from './store-DmdoV3Ii.js';
|
|
21
|
+
import '@zerodev/sdk/types';
|
|
22
22
|
import 'viem/account-abstraction';
|
|
23
23
|
|
|
24
|
-
/**
|
|
25
|
-
* Agent smart account = Kernel v3.1 + ECDSA sudo validator + session-key
|
|
26
|
-
* permission validator.
|
|
27
|
-
*
|
|
28
|
-
* The owner EOA keeps full control (sudo) and can revoke / rotate the session
|
|
29
|
-
* key at any time. The session key is the day-to-day signer the AI agent
|
|
30
|
-
* holds; whatever policies you attach (see {@link createJpycDailyLimitPolicies})
|
|
31
|
-
* are enforced at the ERC-4337 validation phase by ZeroDev's
|
|
32
|
-
* `PermissionValidator`. Violating userOps revert before execution — they
|
|
33
|
-
* never spend any of the smart account's funds, and a sponsored bundler
|
|
34
|
-
* cannot be tricked into paying for them either.
|
|
35
|
-
*
|
|
36
|
-
* @packageDocumentation
|
|
37
|
-
*/
|
|
38
|
-
|
|
39
|
-
/** Parameters for {@link createAgentSmartAccount}. */
|
|
40
|
-
interface CreateAgentSmartAccountParams {
|
|
41
|
-
/**
|
|
42
|
-
* viem `PublicClient` used to read on-chain state during account derivation.
|
|
43
|
-
*/
|
|
44
|
-
readonly publicClient: PublicClient<Transport, Chain | undefined>;
|
|
45
|
-
/**
|
|
46
|
-
* The owner EOA. Retains sudo authority — can install new plugins,
|
|
47
|
-
* revoke / rotate the session key, and bypass any policy.
|
|
48
|
-
*/
|
|
49
|
-
readonly ownerSigner: LocalAccount;
|
|
50
|
-
/**
|
|
51
|
-
* The day-to-day signer the agent holds. Authority is limited to whatever
|
|
52
|
-
* `policies` allow — by default it can do nothing.
|
|
53
|
-
*/
|
|
54
|
-
readonly sessionKeySigner: LocalAccount;
|
|
55
|
-
/**
|
|
56
|
-
* ZeroDev policies (e.g. {@link createJpycDailyLimitPolicies}) the session
|
|
57
|
-
* key must satisfy at userOp validation time.
|
|
58
|
-
*/
|
|
59
|
-
readonly policies: readonly Policy[];
|
|
60
|
-
/**
|
|
61
|
-
* EntryPoint version + address. Defaults to v0.7 at the canonical
|
|
62
|
-
* ERC-4337 entry-point address.
|
|
63
|
-
*/
|
|
64
|
-
readonly entryPoint?: EntryPointType<"0.7">;
|
|
65
|
-
/** Kernel version. Defaults to {@link KERNEL_V3_1}. */
|
|
66
|
-
readonly kernelVersion?: GetKernelVersion<"0.7">;
|
|
67
|
-
}
|
|
68
|
-
/**
|
|
69
|
-
* Builds a Kernel v3.1 smart account with sudo (owner) + regular (session key)
|
|
70
|
-
* validators wired up.
|
|
71
|
-
*
|
|
72
|
-
* @example
|
|
73
|
-
* ```ts
|
|
74
|
-
* import { parseUnits } from "viem";
|
|
75
|
-
* import { privateKeyToAccount } from "viem/accounts";
|
|
76
|
-
* import {
|
|
77
|
-
* createAgentSmartAccount,
|
|
78
|
-
* createJpycDailyLimitPolicies,
|
|
79
|
-
* getJpycAddress,
|
|
80
|
-
* JPYC_DECIMALS,
|
|
81
|
-
* polygonAmoy,
|
|
82
|
-
* } from "kawasekit";
|
|
83
|
-
*
|
|
84
|
-
* const owner = privateKeyToAccount(process.env.OWNER_PRIVATE_KEY as `0x${string}`);
|
|
85
|
-
* const sessionKey = privateKeyToAccount(process.env.SESSION_KEY_PRIVATE_KEY as `0x${string}`);
|
|
86
|
-
*
|
|
87
|
-
* const account = await createAgentSmartAccount({
|
|
88
|
-
* publicClient,
|
|
89
|
-
* ownerSigner: owner,
|
|
90
|
-
* sessionKeySigner: sessionKey,
|
|
91
|
-
* policies: createJpycDailyLimitPolicies({
|
|
92
|
-
* jpycAddress: getJpycAddress(polygonAmoy.id),
|
|
93
|
-
* maxPerTransfer: parseUnits("100", JPYC_DECIMALS),
|
|
94
|
-
* maxTransfersPerDay: 10,
|
|
95
|
-
* }),
|
|
96
|
-
* });
|
|
97
|
-
* ```
|
|
98
|
-
*/
|
|
99
|
-
declare function createAgentSmartAccount(params: CreateAgentSmartAccountParams): Promise<CreateKernelAccountReturnType<"0.7">>;
|
|
100
|
-
|
|
101
24
|
/**
|
|
102
25
|
* Avalanche C-Chain — priority 3 production chain.
|
|
103
26
|
*
|
|
@@ -627,23 +550,29 @@ declare function createSponsoredKernelClient(params: CreateSponsoredKernelClient
|
|
|
627
550
|
* Buy-list → ZeroDev policy bundle for a **disposable, scoped session key**
|
|
628
551
|
* (the Agent Commerce Hub authorization flow).
|
|
629
552
|
*
|
|
630
|
-
* A user's resolved buy-list (its merchants + a per-transfer cap + a
|
|
631
|
-
*
|
|
632
|
-
*
|
|
553
|
+
* A user's resolved buy-list (its merchants + a per-transfer cap + a schedule
|
|
554
|
+
* window) is baked into a single-use session key by composing two on-chain
|
|
555
|
+
* policies:
|
|
633
556
|
* 1. **callPolicy** — `JPYC.transfer(to, value)` with `value ≤ maxPerTransfer`
|
|
634
557
|
* and `to ∈ merchants` (the allowlist; shared with
|
|
635
558
|
* {@link createJpycDailyLimitPolicies} via {@link buildJpycTransferCallPolicy}).
|
|
636
|
-
* 2. **
|
|
637
|
-
* schedule window (the rate window is set to span `[validAfter, validUntil]`,
|
|
638
|
-
* so `count` does NOT reset within the session — it is a session total, not a
|
|
639
|
-
* per-day limit).
|
|
640
|
-
* 3. **timestampPolicy** — the session key is only valid within
|
|
559
|
+
* 2. **timestampPolicy** — the session key is only valid within
|
|
641
560
|
* `[validAfter, validUntil]`.
|
|
642
561
|
*
|
|
643
562
|
* Cumulative budget ("spend ≤ ¥X total") is NOT a policy field — it is the
|
|
644
563
|
* amount the user funds the account with (funding is the user's responsibility,
|
|
645
564
|
* out of the SDK's scope). These policies bound *who* (allowlist), *how much per
|
|
646
|
-
* transfer* (cap),
|
|
565
|
+
* transfer* (cap), and *when* (window).
|
|
566
|
+
*
|
|
567
|
+
* The transfer **count** / sponsored-op bound is intentionally NOT a session-key
|
|
568
|
+
* policy — total value is bounded by the funded balance, and an op-count / gas
|
|
569
|
+
* bound (if desired) belongs to the consumer's **sponsor-gas policy**, not this
|
|
570
|
+
* permission bundle. A prior version included a `rateLimitPolicy` for a
|
|
571
|
+
* `maxTransfers` count, but it was built on ZeroDev's **scheduled-release** rate-
|
|
572
|
+
* limit contract (`0xf63d4139…`, which gates op *i* at `startAt + i·interval`)
|
|
573
|
+
* with `interval` = the whole window, so the 2nd transfer was *not-due until
|
|
574
|
+
* `validUntil`* and the 3rd+ never — back-to-back multi-merchant payment reverted
|
|
575
|
+
* `AA22`. It was dropped in `0.10.0`; see `docs/rfc/0004-buylist-drop-scheduled-rate-limit.md`.
|
|
647
576
|
*
|
|
648
577
|
* @packageDocumentation
|
|
649
578
|
*/
|
|
@@ -660,11 +589,6 @@ interface CreateBuyListPoliciesParams {
|
|
|
660
589
|
readonly merchants: readonly Address[];
|
|
661
590
|
/** Maximum JPYC (raw units) per single transfer. Must be positive. */
|
|
662
591
|
readonly maxPerTransfer: bigint;
|
|
663
|
-
/**
|
|
664
|
-
* Maximum number of transfers over the WHOLE window — a session total, not a
|
|
665
|
-
* per-day limit. Must be a positive integer.
|
|
666
|
-
*/
|
|
667
|
-
readonly maxTransfers: number;
|
|
668
592
|
/** Schedule-window end (unix seconds); the key is invalid after this. Must be a positive integer. */
|
|
669
593
|
readonly validUntil: number;
|
|
670
594
|
/**
|
|
@@ -690,13 +614,12 @@ interface CreateBuyListPoliciesParams {
|
|
|
690
614
|
* jpycAddress: getJpycAddress(polygonAmoy.id),
|
|
691
615
|
* merchants: [merchantA, merchantB], // pay ONLY these (allowlist)
|
|
692
616
|
* maxPerTransfer: parseUnits("500", JPYC_DECIMALS),
|
|
693
|
-
* maxTransfers: 3, // at most 3 transfers, total
|
|
694
617
|
* validUntil: Math.floor(Date.now() / 1000) + 3 * 86_400, // valid 3 days
|
|
695
618
|
* });
|
|
696
|
-
* // user funds the account with their budget; the policies bound who/how-much/
|
|
619
|
+
* // user funds the account with their budget; the policies bound who/how-much/when.
|
|
697
620
|
* ```
|
|
698
621
|
*/
|
|
699
|
-
declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy
|
|
622
|
+
declare function createBuyListPolicies(params: CreateBuyListPoliciesParams): readonly [Policy, Policy];
|
|
700
623
|
|
|
701
624
|
/**
|
|
702
625
|
* JPYC stablecoin metadata, deployments, and ABI.
|
|
@@ -1064,4 +987,4 @@ declare const jpycAbi: readonly [{
|
|
|
1064
987
|
}];
|
|
1065
988
|
}];
|
|
1066
989
|
|
|
1067
|
-
export { ConfiguredKernelClient, type
|
|
990
|
+
export { ConfiguredKernelClient, type CreateBuyListPoliciesParams, type CreateSponsoredKernelClientParams, JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, type JpycDeployment, JpycNotAvailableError, type SponsoredKernelClientObservability, SupportedChainId, avalanche, avalancheFuji, createBuyListPolicies, createSponsoredKernelClient, ethereum, getJpycAddress, jpycAbi, jpycDeployments, kaia, kairos, polygon, polygonAmoy, sepolia };
|
package/dist/index.js
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
export { TransferJpycInputError, createBuyListPolicies, createSponsoredKernelClient, transferJpyc } from './chunk-
|
|
1
|
+
export { TransferJpycInputError, createBuyListPolicies, createSponsoredKernelClient, transferJpyc } from './chunk-OUCIKHS2.js';
|
|
2
2
|
export { X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, X402_FACILITATOR_ERROR_CODES, createCoinbaseFacilitator, createHttpFacilitator, createSelfFacilitator, createX402PaymentSigner, deriveReceiptTimeoutMs, wrapFetch } from './chunk-P5563RGP.js';
|
|
3
3
|
export { X402_DEFAULT_MAX_TIMEOUT_SECONDS, X402_HEADER_IDEMPOTENCY_KEY, X402_HEADER_PAYMENT_REQUIRED, X402_HEADER_PAYMENT_RESPONSE, X402_HEADER_PAYMENT_SIGNATURE, buildPaymentRequiredResponse, buildPaymentRequirements, createX402Handler, decodePaymentRequiredHeader, decodePaymentResponseHeader, decodePaymentSignatureHeader, encodePaymentRequiredHeader, encodePaymentResponseHeader, encodePaymentSignatureHeader } from './chunk-PVUKX6IF.js';
|
|
4
4
|
export { extractAcceptedNetworks, invokeHookSafely } from './chunk-LEHWRDVS.js';
|
|
5
5
|
export { createIdempotencyKeyBuilder, createInMemoryIdempotencyStore, deriveIdempotencyKey, normalizeIntentText } from './chunk-TTX3RBIZ.js';
|
|
6
6
|
export { IdempotencyConfigError, IdempotencyRecordParseError, IdempotencyRecordVersionError, KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, X402_VERSION, chainIdToX402Network, isX402Network, parseIdempotencyRecord, serializeIdempotencyRecord, x402NetworkToChainId } from './chunk-QHUCU5YX.js';
|
|
7
|
-
export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-
|
|
7
|
+
export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, buildRevokeSessionKeyCall, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-KYVAOUQV.js';
|
|
8
8
|
export { WIRE_VERSION, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-NY6VLXQB.js';
|
|
9
9
|
export { CoSignUnavailableError, PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-VJUXTVSW.js';
|
|
10
10
|
export { X402InvalidConfigError, X402InvalidPayloadError, X402PolicyRejectedError } from './chunk-WMVJNPX2.js';
|
package/dist/session/index.cjs
CHANGED
|
@@ -3,10 +3,10 @@
|
|
|
3
3
|
var viem = require('viem');
|
|
4
4
|
var chains = require('viem/chains');
|
|
5
5
|
var permissions = require('@zerodev/permissions');
|
|
6
|
+
var sdk = require('@zerodev/sdk');
|
|
6
7
|
var constants = require('@zerodev/sdk/constants');
|
|
7
8
|
var ecdsaValidator = require('@zerodev/ecdsa-validator');
|
|
8
9
|
var signers = require('@zerodev/permissions/signers');
|
|
9
|
-
var sdk = require('@zerodev/sdk');
|
|
10
10
|
|
|
11
11
|
// src/session/envelope.ts
|
|
12
12
|
var avalanche = {
|
|
@@ -222,28 +222,27 @@ function parseSessionEnvelope(input) {
|
|
|
222
222
|
}
|
|
223
223
|
return base;
|
|
224
224
|
}
|
|
225
|
-
async function
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
225
|
+
async function resolveSudoValidator(params) {
|
|
226
|
+
if (params.ownerSigner !== void 0 && params.sudoValidator !== void 0) {
|
|
227
|
+
throw new Error("kawasekit: pass exactly one of `ownerSigner` or `sudoValidator`, not both.");
|
|
228
|
+
}
|
|
229
|
+
if (params.sudoValidator !== void 0) return params.sudoValidator;
|
|
230
|
+
if (params.ownerSigner === void 0) {
|
|
231
|
+
throw new Error("kawasekit: pass one of `ownerSigner` (ECDSA) or `sudoValidator` (pre-built).");
|
|
232
|
+
}
|
|
233
|
+
return ecdsaValidator.signerToEcdsaValidator(params.publicClient, {
|
|
229
234
|
signer: params.ownerSigner,
|
|
230
|
-
entryPoint,
|
|
231
|
-
kernelVersion
|
|
235
|
+
entryPoint: params.entryPoint,
|
|
236
|
+
kernelVersion: params.kernelVersion
|
|
232
237
|
});
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
238
|
+
}
|
|
239
|
+
async function buildSessionPermissionValidator(params) {
|
|
240
|
+
const signer = await signers.toECDSASigner({ signer: params.sessionKeySigner });
|
|
241
|
+
return permissions.toPermissionValidator(params.publicClient, {
|
|
242
|
+
signer,
|
|
236
243
|
policies: [...params.policies],
|
|
237
|
-
entryPoint,
|
|
238
|
-
kernelVersion
|
|
239
|
-
});
|
|
240
|
-
return sdk.createKernelAccount(params.publicClient, {
|
|
241
|
-
plugins: {
|
|
242
|
-
sudo: sudoValidator,
|
|
243
|
-
regular: permissionValidator
|
|
244
|
-
},
|
|
245
|
-
entryPoint,
|
|
246
|
-
kernelVersion
|
|
244
|
+
entryPoint: params.entryPoint,
|
|
245
|
+
kernelVersion: params.kernelVersion
|
|
247
246
|
});
|
|
248
247
|
}
|
|
249
248
|
|
|
@@ -258,15 +257,28 @@ async function issueSessionKey(params) {
|
|
|
258
257
|
const supportedChainId = chainId;
|
|
259
258
|
const entryPoint = params.entryPoint ?? constants.getEntryPoint("0.7");
|
|
260
259
|
const kernelVersion = params.kernelVersion ?? constants.KERNEL_V3_1;
|
|
261
|
-
const
|
|
260
|
+
const sudoValidator = await resolveSudoValidator({
|
|
262
261
|
publicClient: params.publicClient,
|
|
263
262
|
ownerSigner: params.ownerSigner,
|
|
263
|
+
sudoValidator: params.sudoValidator,
|
|
264
|
+
entryPoint,
|
|
265
|
+
kernelVersion
|
|
266
|
+
});
|
|
267
|
+
const permissionValidator = await buildSessionPermissionValidator({
|
|
268
|
+
publicClient: params.publicClient,
|
|
264
269
|
sessionKeySigner: params.sessionKeySigner,
|
|
265
270
|
policies: params.policies,
|
|
266
271
|
entryPoint,
|
|
267
272
|
kernelVersion
|
|
268
273
|
});
|
|
269
|
-
const
|
|
274
|
+
const account = await sdk.createKernelAccount(params.publicClient, {
|
|
275
|
+
plugins: { sudo: sudoValidator, regular: permissionValidator },
|
|
276
|
+
...params.address !== void 0 ? { address: params.address } : {},
|
|
277
|
+
entryPoint,
|
|
278
|
+
kernelVersion
|
|
279
|
+
});
|
|
280
|
+
const enableSignature = params.approveEnable ? await params.approveEnable(permissionValidator) : void 0;
|
|
281
|
+
const serialized = enableSignature ? await permissions.serializePermissionAccount(account, void 0, enableSignature) : await permissions.serializePermissionAccount(account);
|
|
270
282
|
const base = {
|
|
271
283
|
kawasekitVersion: KAWASEKIT_SESSION_ENVELOPE_VERSION,
|
|
272
284
|
chainId: supportedChainId,
|
|
@@ -342,10 +354,10 @@ async function revokeSessionKey(params) {
|
|
|
342
354
|
"revokeSessionKey: ownerKernelClient.client is undefined \u2014 pass `client: publicClient` when constructing the Kernel client so the validator can be reconstructed."
|
|
343
355
|
);
|
|
344
356
|
}
|
|
345
|
-
const
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
policies
|
|
357
|
+
const permissionPlugin = await buildSessionPermissionValidator({
|
|
358
|
+
publicClient: ownerKernelClient.client,
|
|
359
|
+
sessionKeySigner,
|
|
360
|
+
policies,
|
|
349
361
|
entryPoint,
|
|
350
362
|
kernelVersion
|
|
351
363
|
});
|
|
@@ -364,6 +376,9 @@ async function revokeSessionKey(params) {
|
|
|
364
376
|
success: receipt.success
|
|
365
377
|
};
|
|
366
378
|
}
|
|
379
|
+
viem.parseAbi([
|
|
380
|
+
"function uninstallValidation(bytes21 vId, bytes deinitData, bytes hookDeinitData)"
|
|
381
|
+
]);
|
|
367
382
|
|
|
368
383
|
// src/session/rotate.ts
|
|
369
384
|
async function rotateSessionKey(params) {
|