mppx 0.6.21 → 0.6.22

package/dist/tempo/server/internal/html.gen.js.map

@@ -1 +1 @@
-{"version":3,"file":"html.gen.js","sourceRoot":"","sources":["../../../../src/tempo/server/internal/html.gen.ts"],"names":[],"mappings":"AAAA,2BAA2B;AAC3B,MAAM,CAAC,MAAM,IAAI,GAAG,s+teAAs+te,CAAA"}
+{"version":3,"file":"html.gen.js","sourceRoot":"","sources":["../../../../src/tempo/server/internal/html.gen.ts"],"names":[],"mappings":"AAAA,2BAA2B;AAC3B,MAAM,CAAC,MAAM,IAAI,GAAG,8yteAA8yte,CAAA"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "mppx",
   "type": "module",
-  "version": "0.6.21",
+  "version": "0.6.22",
   "main": "./dist/index.js",
   "license": "MIT",
   "files": [

package/src/tempo/client/Subscription.test.ts

@@ -104,6 +104,57 @@ describe('tempo.subscription client', () => {
     )
   })
 
+  test('passes hex-encoded `scopes` and `limits` to wallet_authorizeAccessKey', async () => {
+    const challenge = createChallenge()
+    const keyAuthorization = await signSubscriptionKeyAuthorization({
+      accessKey,
+      account: selectedAccount,
+      chainId,
+      request: challenge.request,
+    })
+    if (!keyAuthorization) throw new Error('expected key authorization')
+
+    let capturedParams: Record<string, unknown> | undefined
+    const method = subscription({
+      account: selectedAccount.address,
+      getClient: async () =>
+        ({
+          request: async ({ params }: { params: readonly Record<string, unknown>[] }) => {
+            capturedParams = params[0]
+            return { keyAuthorization: KeyAuthorization.toRpc(keyAuthorization) }
+          },
+        }) as never,
+    })
+
+    await method.createCredential({ challenge, context: {} })
+
+    expect(capturedParams).toMatchObject({
+      address: accessKey.accessKeyAddress.toLowerCase(),
+      keyType: accessKey.keyType,
+      expiry: expect.any(Number),
+      limits: [
+        {
+          token: expect.stringMatching(/^0x[0-9a-fA-F]{40}$/),
+          limit: '0xf4240',
+          period: expect.any(Number),
+        },
+      ],
+      scopes: [
+        {
+          address: expect.stringMatching(/^0x[0-9a-fA-F]{40}$/),
+          selector: expect.stringMatching(/^0x/),
+          recipients: expect.any(Array),
+        },
+        {
+          address: expect.stringMatching(/^0x[0-9a-fA-F]{40}$/),
+          selector: expect.stringMatching(/^0x/),
+          recipients: expect.any(Array),
+        },
+      ],
+    })
+    expect(capturedParams).not.toHaveProperty('allowedCalls')
+  })
+
   test('rejects key authorizations signed by a different account', async () => {
     const challenge = createChallenge()
     const keyAuthorization = await signSubscriptionKeyAuthorization({

package/src/tempo/client/Subscription.ts

@@ -1,3 +1,4 @@
+import { Hex } from 'ox'
 import { KeyAuthorization } from 'ox/tempo'
 import { isAddressEqual, type Address } from 'viem'
 import { tempo as tempo_chain } from 'viem/chains'
@@ -11,7 +12,7 @@ import * as z from '../../zod.js'
 import * as defaults from '../internal/defaults.js'
 import * as Methods from '../Methods.js'
 import {
-  getSubscriptionRpcAllowedCalls,
+  getSubscriptionScopes,
   signSubscriptionKeyAuthorization,
   toSubscriptionExpiryDate,
   toSubscriptionExpirySeconds,
@@ -117,16 +118,16 @@ async function authorizeAccessKey(
     params: [
       {
         address: accessKey.accessKeyAddress,
-        allowedCalls: getSubscriptionRpcAllowedCalls(request),
         expiry: toSubscriptionExpirySeconds(toSubscriptionExpiryDate(request.subscriptionExpires)),
         keyType: accessKey.keyType,
         limits: [
           {
             token: request.currency as Address,
-            limit: BigInt(request.amount),
+            limit: Hex.fromNumber(BigInt(request.amount)),
             period: toSubscriptionPeriodSeconds(request),
           },
         ],
+        scopes: getSubscriptionScopes(request),
       },
     ],
   } as never)) as {