npm - nodpay - Versions diffs - 0.2.38 → 0.2.40 - Mend

nodpay 0.2.38 → 0.2.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/scripts/propose.mjs +47 -42

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nodpay",
-  "version": "0.2.38",
+  "version": "0.2.40",
   "description": "NodPay CLI — propose on-chain payments from agent-human shared wallets",
   "type": "module",
   "bin": {

package/scripts/propose.mjs CHANGED Viewed

@@ -6,7 +6,7 @@
  * The agent signs first (1 of 2). The serialized SafeOperation is
  * output so the web app can have the user co-sign and submit.
  *
- * Agent key: from process.env.NODPAY_AGENT_KEY (real env > ~/.nodpay/.env file > --remote-signer).
+ * Agent key: from process.env.NODPAY_AGENT_KEY (real env > ~/.nodpay/.env file), or remote_wallet proxy.
  * Chain config: resolved via --chain from @nodpay/core networks registry.
  * Bundler: NodPay public proxy (override with OP_STORE_URL for self-hosted).
  *
@@ -17,7 +17,6 @@
  *   --safe <address>         - Wallet (Safe) address
  *   --counterfactual         - Safe not yet deployed; include deployment in UserOp
  *   --human-signer-eoa <address>  - Human's EOA signer address (for EOA mode)
- *   --remote-signer <url>    - SafeClaw proxy URL for remote signing (mutually exclusive with --human-signer-eoa)
  *   --salt <nonce>           - Salt nonce (required for counterfactual)
  *   --reuse-gas-from <shortHash>  - Reuse gas values from a previous op (shortHash prefix of safeOpHash)
  *   --nonce <n>              - Required. Use `txs` to find current nonce.
@@ -86,12 +85,9 @@ const DEFAULT_SAFE = null; // always use --safe flag
 const opStoreBase = env('OP_STORE_URL', 'https://nodpay.ai/api');
 const BUNDLER_URL = `${opStoreBase}/bundler/${CHAIN_ID}`;
-// --- Agent key resolution: remote_wallet (config.json) > --remote-signer > local key ---
+// --- Agent key resolution: remote_wallet (config.json) or local key ---
 const _config = loadConfig();
 const _remoteWalletUrl = _config.remote_wallet || null;
-const _remoteSignerUrl = process.argv.includes('--remote-signer')
-  ? process.argv[process.argv.indexOf('--remote-signer') + 1]
-  : undefined;
 let AGENT_ADDRESS;
 let signHash;
@@ -129,31 +125,6 @@ if (_remoteWalletUrl) {
     }
     return (await signRes.json()).signature;
   };
-} else if (_remoteSignerUrl) {
-  // Legacy --remote-signer mode (deprecated, use config.json remote_wallet)
-  const addrRes = await fetch(`${_remoteSignerUrl}/address`);
-  if (!addrRes.ok) {
-    const err = await addrRes.json().catch(() => ({}));
-    console.error(JSON.stringify({
-      error: err.error || 'Failed to get agent address from remote signer',
-      code: err.code || 'REMOTE_SIGNER_ERROR'
-    }));
-    process.exit(1);
-  }
-  AGENT_ADDRESS = (await addrRes.json()).address;
-  signHash = async (hash) => {
-    const signRes = await fetch(`${_remoteSignerUrl}/sign/${AGENT_ADDRESS}`, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ hash })
-    });
-    if (!signRes.ok) {
-      const err = await signRes.json().catch(() => ({}));
-      throw new Error(err.error || 'Remote signing failed');
-    }
-    return (await signRes.json()).signature;
-  };
 } else {
   // Local mode: read key from process.env (loaded from real env or ~/.nodpay/.env)
   const NODPAY_AGENT_KEY = env('NODPAY_AGENT_KEY');
@@ -195,9 +166,9 @@ const passkeyVerifier = getArg('--passkey-verifier') || '0x445a0683e494ea0c5AF3E
 const recoverySigner = getArg('--recovery-signer');
 const isPasskey = !!(passkeyX && passkeyY);
-// Phase 1: remote modes + --human-signer-eoa is not supported
-if ((_remoteSignerUrl || _remoteWalletUrl) && humanSigner) {
-  console.error(JSON.stringify({ error: 'Remote signer/wallet and --human-signer-eoa cannot be combined. Remote mode only supports passkey wallets.' }));
+// remote_wallet + --human-signer-eoa is not supported
+if (_remoteWalletUrl && humanSigner) {
+  console.error(JSON.stringify({ error: 'remote_wallet and --human-signer-eoa cannot be combined. Remote mode only supports passkey wallets.' }));
   process.exit(1);
 }
@@ -206,19 +177,53 @@ if (!to) {
   process.exit(1);
 }
+// ENS support: if --to is not a raw 0x address, try resolving as ENS name.
+// ENS registry lives on Ethereum mainnet — always resolve against mainnet RPC,
+// regardless of the target --chain.
+let resolvedTo = to;
 if (!ethers.isAddress(to)) {
-  console.error(JSON.stringify({ error: `Invalid recipient address: ${to}` }));
-  process.exit(1);
+  if (!to.includes('.')) {
+    console.error(JSON.stringify({ error: `Invalid recipient address: ${to} (not a valid address or ENS name)` }));
+    process.exit(1);
+  }
+  try {
+    const ensRpcUrl = NETWORKS.mainnet.ethereum?.rpcUrl;
+    if (!ensRpcUrl) {
+      console.error(JSON.stringify({ error: `Cannot resolve ENS name "${to}": no Ethereum mainnet RPC available` }));
+      process.exit(1);
+    }
+    const ensProvider = new ethers.JsonRpcProvider(ensRpcUrl);
+    const resolved = await ensProvider.resolveName(to);
+    if (!resolved) {
+      console.error(JSON.stringify({ error: `Cannot resolve ENS name: ${to}` }));
+      process.exit(1);
+    }
+    resolvedTo = resolved;
+    console.error(`[INFO] Resolved ENS ${to} → ${resolved}`);
+  } catch (e) {
+    console.error(JSON.stringify({ error: `Cannot resolve ENS name "${to}": ${e.message}` }));
+    process.exit(1);
+  }
 }
 const SAFE_ADDRESS = safeOverride || DEFAULT_SAFE;
 // Read optional wallet JSON for rpId (SafeClaw cross-origin passkey support)
 // In remote_wallet mode, wallets were already fetched — use that data.
+// rpId MUST be present in approveUrl when available, otherwise the web app
+// defaults to rpId=nodpay.ai which causes passkey mismatch errors.
 let walletRpId = null;
-if (SAFE_ADDRESS && _remoteWalletUrl && _remoteWalletsCache) {
-  const match = _remoteWalletsCache.find(w => w.safe?.toLowerCase() === SAFE_ADDRESS.toLowerCase());
-  if (match?.rpId) walletRpId = match.rpId;
+if (_remoteWalletUrl && _remoteWalletsCache) {
+  // Try exact safe match first
+  if (SAFE_ADDRESS) {
+    const match = _remoteWalletsCache.find(w => w.safe?.toLowerCase() === SAFE_ADDRESS.toLowerCase());
+    if (match?.rpId) walletRpId = match.rpId;
+  }
+  // Fallback: use rpId from any wallet in cache (remote proxy typically serves one wallet set)
+  if (!walletRpId) {
+    const withRpId = _remoteWalletsCache.find(w => w.rpId);
+    if (withRpId) walletRpId = withRpId.rpId;
+  }
 }
 if (!walletRpId && SAFE_ADDRESS) {
   const walletJsonPath = join(HOME, '.nodpay', 'wallets', `${SAFE_ADDRESS}.json`);
@@ -507,7 +512,7 @@ try {
   // Create the transaction as a SafeOperation (UserOp wrapper)
   const safeOperation = await safe4337Pack.createTransaction({
-    transactions: [{ to, value, data: '0x' }],
+    transactions: [{ to: resolvedTo, value, data: '0x' }],
     options: txOptions,
   });
@@ -562,7 +567,7 @@ try {
     userOpHash: entryPointUserOpHash,
     safeOpHash,
     shortId,
-    to,
+    to: resolvedTo,
     value,
     valueEth,
     safeAddress,
@@ -582,7 +587,7 @@ try {
   const storePayload = {
     safeOperationJson,
     userOpHash: entryPointUserOpHash,
-    to,
+    to: resolvedTo,
     value,
     valueEth,
     safeAddress,