npm - zksync-sso - Versions diffs - 0.0.0-beta.9 → 0.1.0 - Mend

zksync-sso 0.0.0-beta.9 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (223) hide show

package/src/client/ecdsa/decorators/wallet.ts ADDED Viewed

@@ -0,0 +1,73 @@
+import { type Account, bytesToHex, type Chain, type ExactPartial, formatTransaction, type RpcTransaction, type Transport, type WalletActions } from "viem";
+import { deployContract, getAddresses, getChainId, sendRawTransaction, signMessage, signTypedData, writeContract } from "viem/actions";
+import { signTransaction, type TransactionRequestEIP712, type ZksyncEip712Meta } from "viem/zksync";
+import { getTransactionWithPaymasterData } from "../../../paymaster/index.js";
+import { sendEip712Transaction } from "../../session/actions/sendEip712Transaction.js";
+import type { ClientWithZksyncSsoEcdsaData } from "../client.js";
+export type ZksyncSsoEcdsaWalletActions<chain extends Chain, account extends Account> = Omit<
+  WalletActions<chain, account>, "addChain" | "getPermissions" | "requestAddresses" | "requestPermissions" | "switchChain" | "watchAsset" | "prepareTransactionRequest"
+>;
+export function zksyncSsoEcdsaWalletActions<
+  transport extends Transport,
+  chain extends Chain,
+  account extends Account,
+>(client: ClientWithZksyncSsoEcdsaData<transport, chain>): ZksyncSsoEcdsaWalletActions<chain, account> {
+  return {
+    deployContract: (args) => deployContract(client, args),
+    getAddresses: () => getAddresses(client),
+    getChainId: () => getChainId(client),
+    sendRawTransaction: (args) => sendRawTransaction(client, args),
+    sendTransaction: async (args) => {
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      const unformattedTx: any = Object.assign({}, args);
+      if ("eip712Meta" in unformattedTx) {
+        const eip712Meta = unformattedTx.eip712Meta as ZksyncEip712Meta;
+        unformattedTx.gasPerPubdata = eip712Meta.gasPerPubdata ? BigInt(eip712Meta.gasPerPubdata) : undefined;
+        unformattedTx.factoryDeps = eip712Meta.factoryDeps;
+        unformattedTx.customSignature = eip712Meta.customSignature;
+        unformattedTx.paymaster = eip712Meta.paymasterParams?.paymaster;
+        unformattedTx.paymasterInput = eip712Meta.paymasterParams?.paymasterInput ? bytesToHex(new Uint8Array(eip712Meta.paymasterParams?.paymasterInput)) : undefined;
+        delete unformattedTx.eip712Meta;
+      }
+      /* eslint-disable @typescript-eslint/no-unused-vars */
+      const { chainId: _, ...unformattedTxWithPaymaster } = await getTransactionWithPaymasterData(
+        client.chain.id,
+        client.account.address,
+        unformattedTx,
+        client.paymasterHandler,
+      );
+      const formatters = client.chain?.formatters;
+      const format = formatters?.transaction?.format || formatTransaction;
+      const tx = {
+        ...format(unformattedTxWithPaymaster as ExactPartial<RpcTransaction>),
+        type: "eip712",
+      };
+      return await sendEip712Transaction(client, tx);
+    },
+    signMessage: (args) => signMessage(client, args),
+    signTransaction: async (args) => {
+      /* eslint-disable @typescript-eslint/no-unused-vars */
+      const { chainId: _, ...unformattedTxWithPaymaster } = await getTransactionWithPaymasterData(
+        client.chain.id,
+        client.account.address,
+        args as TransactionRequestEIP712,
+        client.paymasterHandler,
+      );
+      return signTransaction(client, {
+        ...args,
+        unformattedTxWithPaymaster,
+      } as any);
+    },
+    signTypedData: (args) => signTypedData(client, args),
+    writeContract: (args) => writeContract(client, args),
+  };
+}

package/src/client/ecdsa/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export * from "./account.js";
+export * from "./actions/account.js";
+export * from "./client.js";
+export * from "./decorators/ecdsa.js";
+export * from "./decorators/wallet.js";
+export * from "./types.js";

package/src/client/ecdsa/types.ts ADDED Viewed

@@ -0,0 +1,108 @@
+import {
+  type Account,
+  type Address,
+  type Chain,
+  createWalletClient, custom,
+  type EIP1193Provider,
+  hashTypedData,
+  type LocalAccount,
+  type OneOf,
+  type Transport,
+  type WalletClient } from "viem";
+import { toAccount } from "viem/accounts";
+import { signTypedData } from "viem/actions";
+import { getAction } from "viem/utils";
+import { serializeTransaction, type ZksyncTransactionSerializableEIP712 } from "viem/zksync";
+import { getEip712Domain } from "../utils/getEip712Domain.js";
+export type Signer = OneOf<
+  | EIP1193Provider
+  | WalletClient<Transport, Chain | undefined, Account>
+  | LocalAccount
+>;
+export type EthereumProvider = OneOf<
+  { request(...args: any): Promise<any> } | EIP1193Provider
+>;
+export async function toOwner<provider extends EthereumProvider>({
+  owner,
+  address,
+}: {
+  owner: OneOf<
+    | provider
+    | WalletClient<Transport, Chain | undefined, Account>
+    | LocalAccount
+  >;
+  address?: Address;
+}): Promise<LocalAccount> {
+  if ("type" in owner && owner.type === "local") {
+    return owner as LocalAccount;
+  }
+  let walletClient:
+    | WalletClient<Transport, Chain | undefined, Account>
+    | undefined = undefined;
+  if ("request" in owner) {
+    if (!address) {
+      try {
+        [address] = await (owner as EthereumProvider).request({
+          method: "eth_requestAccounts",
+        });
+      } catch {
+        [address] = await (owner as EthereumProvider).request({
+          method: "eth_accounts",
+        });
+      }
+    }
+    if (!address) {
+      // For TS to be happy
+      throw new Error("address is required");
+    }
+    walletClient = createWalletClient({
+      account: address,
+      transport: custom(owner as EthereumProvider),
+    });
+  }
+  if (!walletClient) {
+    walletClient = owner as WalletClient<
+      Transport,
+          Chain | undefined,
+          Account
+    >;
+  }
+  return toAccount({
+    address: walletClient.account.address,
+    async signMessage({ message }) {
+      return walletClient.signMessage({ message });
+    },
+    async signTransaction(transaction) {
+      const signableTransaction = {
+        ...transaction,
+        from: this.address!,
+        type: "eip712",
+      } as ZksyncTransactionSerializableEIP712;
+      const eip712DomainAndMessage = getEip712Domain(signableTransaction);
+      const digest = hashTypedData(eip712DomainAndMessage);
+      const signedMessage = await walletClient.signMessage({ message: digest });
+      return serializeTransaction({
+        ...signableTransaction,
+        customSignature: signedMessage,
+      });
+    },
+    async signTypedData(typedData) {
+      return getAction(
+        walletClient,
+        signTypedData,
+        "signTypedData",
+      )(typedData as any);
+    },
+  });
+}

package/src/client/index.ts CHANGED Viewed

@@ -1,2 +1,5 @@
+export { deployAccount as deployEcdsaAccount, fetchAccount as fetchEcdsaAccount } from "./ecdsa/actions/account.js";
 export { deployAccount, fetchAccount } from "./passkey/actions/account.js";
+export * from "./recovery/actions/recovery.js";
+export * from "./recovery/client.js";
 export * from "./session/client.js";

package/src/client/passkey/actions/account.ts CHANGED Viewed

@@ -1,16 +1,18 @@
-import { type Account, type Address, type Chain, type Client, getAddress, type Hash, type Hex, parseAbi, type Prettify, toHex, type TransactionReceipt, type Transport } from "viem";
+import { type Account, type Address, type Chain, type Client, getAddress, type Hash, type Hex, keccak256, parseEventLogs, type Prettify, toHex, type TransactionReceipt, type Transport } from "viem";
 import { readContract, waitForTransactionReceipt, writeContract } from "viem/actions";
 import { getGeneralPaymasterInput } from "viem/zksync";
-import { FactoryAbi } from "../../../abi/Factory.js";
+import { AAFactoryAbi } from "../../../abi/AAFactory.js";
+import { WebAuthValidatorAbi } from "../../../abi/WebAuthValidator.js";
 import { encodeModuleData, encodePasskeyModuleParameters, encodeSession } from "../../../utils/encoding.js";
 import { noThrow } from "../../../utils/helpers.js";
-import { getPasskeySignatureFromPublicKeyBytes, getPublicKeyBytesFromPasskeySignature } from "../../../utils/passkey.js";
+import { base64UrlToUint8Array, getPasskeySignatureFromPublicKeyBytes, getPublicKeyBytesFromPasskeySignature } from "../../../utils/passkey.js";
 import type { SessionConfig } from "../../../utils/session.js";
 /* TODO: try to get rid of most of the contract params like passkey, session */
 /* it should come from factory, not passed manually each time */
 export type DeployAccountArgs = {
+  credentialId: string; // Unique id of the passkey public key (base64)
   credentialPublicKey: Uint8Array; // Public key of the previously registered
   paymasterAddress?: Address; // Paymaster used to pay the fees of creating accounts
   paymasterInput?: Hex; // Input for paymaster (if provided)
@@ -20,9 +22,9 @@ export type DeployAccountArgs = {
     accountFactory: Address;
     passkey: Address;
     session: Address;
+    recovery: Address;
   };
   initialSession?: SessionConfig;
-  salt?: Uint8Array; // Random 32 bytes
   onTransactionSent?: (hash: Hash) => void;
 };
 export type DeployAccountReturnType = {
@@ -36,6 +38,7 @@ export type FetchAccountArgs = {
     accountFactory: Address;
     passkey: Address;
     session: Address;
+    recovery: Address;
   };
 };
 export type FetchAccountReturnType = {
@@ -54,10 +57,6 @@ export const deployAccount = async <
   client: Client<transport, chain, account>, // Account deployer (any viem client)
   args: Prettify<DeployAccountArgs>,
 ): Promise<DeployAccountReturnType> => {
-  if (!args.salt) {
-    args.salt = crypto.getRandomValues(new Uint8Array(32));
-  }
   let origin: string | undefined = args.expectedOrigin;
   if (!origin) {
     try {
@@ -69,6 +68,7 @@ export const deployAccount = async <
   const passkeyPublicKey = getPublicKeyBytesFromPasskeySignature(args.credentialPublicKey);
   const encodedPasskeyParameters = encodePasskeyModuleParameters({
+    credentialId: args.credentialId,
     passkeyPublicKey,
     expectedOrigin: origin,
   });
@@ -83,16 +83,20 @@ export const deployAccount = async <
     parameters: args.initialSession ? encodeSession(args.initialSession) : "0x",
   });
+  const encodedGuardianRecoveryModuleData = encodeModuleData({
+    address: args.contracts.recovery,
+    parameters: "0x",
+  });
   let deployProxyArgs = {
     account: client.account!,
     chain: client.chain!,
     address: args.contracts.accountFactory,
-    abi: FactoryAbi,
+    abi: AAFactoryAbi,
     functionName: "deployProxySsoAccount",
     args: [
-      toHex(args.salt),
-      accountId,
-      [encodedPasskeyModuleData, encodedSessionKeyModuleData],
+      keccak256(toHex(accountId)),
+      [encodedPasskeyModuleData, encodedSessionKeyModuleData, encodedGuardianRecoveryModuleData],
       [],
     ],
   } as any;
@@ -112,14 +116,25 @@ export const deployAccount = async <
   const transactionReceipt = await waitForTransactionReceipt(client, { hash: transactionHash });
   if (transactionReceipt.status !== "success") throw new Error("Account deployment transaction reverted");
+  const getAccountId = () => {
+    if (transactionReceipt.contractAddress) {
+      return transactionReceipt.contractAddress;
+    }
+    const accountCreatedEvent = parseEventLogs({ abi: AAFactoryAbi, logs: transactionReceipt.logs })
+      .find((log) => log && log.eventName === "AccountCreated");
-  const proxyAccountAddress = transactionReceipt.contractAddress;
-  if (!proxyAccountAddress) {
-    throw new Error("No contract address in transaction receipt");
-  }
+    if (!accountCreatedEvent) {
+      throw new Error("No contract address in transaction receipt");
+    }
+    const { accountAddress } = accountCreatedEvent.args;
+    return accountAddress;
+  };
+  const accountAddress = getAccountId();
   return {
-    address: getAddress(proxyAccountAddress),
+    address: getAddress(accountAddress),
     transactionReceipt: transactionReceipt,
   };
 };
@@ -141,7 +156,6 @@ export const fetchAccount = async <
     }
   }
-  if (!args.contracts.accountFactory) throw new Error("Account factory address is not set");
   if (!args.contracts.passkey) throw new Error("Passkey module address is not set");
   let username: string | undefined = args.uniqueAccountId;
@@ -163,31 +177,26 @@ export const fetchAccount = async <
   if (!username) throw new Error("No account found");
+  const credentialId = toHex(base64UrlToUint8Array(username));
   const accountAddress = await readContract(client, {
-    abi: parseAbi(["function accountMappings(string) view returns (address)"]),
-    address: args.contracts.accountFactory,
-    functionName: "accountMappings",
-    args: [username],
+    abi: WebAuthValidatorAbi,
+    address: args.contracts.passkey,
+    functionName: "registeredAddress",
+    args: [origin, credentialId],
   });
   if (!accountAddress || accountAddress == NULL_ADDRESS) throw new Error(`No account found for username: ${username}`);
-  const lowerKeyHalfBytes = await readContract(client, {
-    abi: parseAbi(["function lowerKeyHalf(string,address) view returns (bytes32)"]),
-    address: args.contracts.passkey,
-    functionName: "lowerKeyHalf",
-    args: [origin, accountAddress],
-  });
-  const upperKeyHalfBytes = await readContract(client, {
-    abi: parseAbi(["function upperKeyHalf(string,address) view returns (bytes32)"]),
+  const publicKey = await readContract(client, {
+    abi: WebAuthValidatorAbi,
     address: args.contracts.passkey,
-    functionName: "upperKeyHalf",
-    args: [origin, accountAddress],
+    functionName: "getAccountKey",
+    args: [origin, credentialId, accountAddress],
   });
-  if (!lowerKeyHalfBytes || !upperKeyHalfBytes) throw new Error(`Passkey credentials not found in on-chain module for passkey ${username}`);
+  if (!publicKey || !publicKey[0] || !publicKey[1]) throw new Error(`Passkey credentials not found in on-chain module for passkey ${username}`);
-  const passkeyPublicKey = getPasskeySignatureFromPublicKeyBytes([lowerKeyHalfBytes, upperKeyHalfBytes]);
+  const passkeyPublicKey = getPasskeySignatureFromPublicKeyBytes(publicKey);
   return {
     username,

package/src/client/passkey/actions/passkey.ts CHANGED Viewed

@@ -1,8 +1,13 @@
 import { startAuthentication, startRegistration } from "@simplewebauthn/browser";
 import { generateAuthenticationOptions, type GenerateAuthenticationOptionsOpts, generateRegistrationOptions, type GenerateRegistrationOptionsOpts, type VerifiedRegistrationResponse, verifyAuthenticationResponse, verifyRegistrationResponse } from "@simplewebauthn/server";
 import { type AuthenticationResponseJSON, type PublicKeyCredentialCreationOptionsJSON, type PublicKeyCredentialRequestOptionsJSON, type RegistrationResponseJSON } from "@simplewebauthn/types";
-import { type Account, type Address, type Chain, type Client, type Hash, toBytes, type Transport } from "viem";
-import { writeContract } from "viem/actions";
+import { type Account, type Address, type Chain, type Client, encodeFunctionData, type Hash, type Hex, toBytes, toHex, type TransactionReceipt, type Transport } from "viem";
+import { waitForTransactionReceipt } from "viem/actions";
+import { getGeneralPaymasterInput, sendTransaction } from "viem/zksync";
+import { WebAuthValidatorAbi } from "../../../abi/WebAuthValidator.js";
+import { noThrow } from "../../../utils/helpers.js";
+import { base64UrlToUint8Array } from "../../../utils/passkey.js";
 const identifyPasskeyParams = () => {
   let rpName: string | undefined;
@@ -19,7 +24,6 @@ const identifyPasskeyParams = () => {
   return { rpName, rpID, origin };
 };
-// let pubKey: Uint8Array = new Uint8Array();
 export type GeneratePasskeyRegistrationOptionsArgs = Partial<GenerateRegistrationOptionsOpts> & { userName: string; userDisplayName: string };
 export type GeneratePasskeyRegistrationOptionsReturnType = PublicKeyCredentialCreationOptionsJSON;
 export const generatePasskeyRegistrationOptions = async (args: GeneratePasskeyRegistrationOptionsArgs): Promise<GeneratePasskeyRegistrationOptionsReturnType> => {
@@ -146,22 +150,49 @@ export const requestPasskeyAuthentication = async (args: RequestPasskeyAuthentic
 };
 export type AddAccountOwnerPasskeyArgs = {
-  passkeyPublicKey: Uint8Array;
-  contracts: { session: Address };
+  credentialId: string;
+  rawPublicKey: readonly [Hex, Hex];
+  origin: string;
+  contracts: { passkey: Address };
+  paymaster?: {
+    address: Address;
+    paymasterInput?: Hex;
+  };
+  onTransactionSent?: (hash: Hash) => void;
+};
+export type AddAccountOwnerPasskeyReturnType = {
+  transactionReceipt: TransactionReceipt;
 };
-export type AddAccountOwnerPasskeyReturnType = Hash;
 export const addAccountOwnerPasskey = async <
   transport extends Transport,
   chain extends Chain,
   account extends Account,
 >(client: Client<transport, chain, account>, args: AddAccountOwnerPasskeyArgs): Promise<AddAccountOwnerPasskeyReturnType> => {
-  /* TODO: Implement set owner passkey */
-  const transactionHash = await writeContract(client, {
-    address: args.contracts.session,
-    args: [args.passkeyPublicKey],
-    abi: [] as const,
-    functionName: "USE_ACTUAL_METHOD_HERE",
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  } as any);
-  return transactionHash;
+  const callData = encodeFunctionData({
+    abi: WebAuthValidatorAbi,
+    functionName: "addValidationKey",
+    args: [toHex(base64UrlToUint8Array(args.credentialId)), args.rawPublicKey, args.origin],
+  });
+  const sendTransactionArgs = {
+    account: client.account,
+    to: args.contracts.passkey,
+    paymaster: args.paymaster?.address,
+    paymasterInput: args.paymaster?.address ? (args.paymaster?.paymasterInput || getGeneralPaymasterInput({ innerInput: "0x" })) : undefined,
+    data: callData,
+    gas: 10_000_000n, // TODO: Remove when gas estimation is fixed
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  } as any;
+  const transactionHash = await sendTransaction(client, sendTransactionArgs);
+  if (args.onTransactionSent) {
+    noThrow(() => args.onTransactionSent?.(transactionHash));
+  }
+  const transactionReceipt = await waitForTransactionReceipt(client, { hash: transactionHash });
+  if (transactionReceipt.status !== "success") throw new Error("addValidationKey transaction reverted");
+  return {
+    transactionReceipt,
+  };
 };

package/src/client/passkey/client.ts CHANGED Viewed

@@ -32,7 +32,10 @@ export function createZksyncPasskeyClient<
         credentialPublicKey: parameters.credentialPublicKey,
       });
-      return passkeyHashSignatureResponseFormat(passkeySignature.passkeyAuthenticationResponse.response, parameters.contracts);
+      return passkeyHashSignatureResponseFormat(
+        passkeySignature.passkeyAuthenticationResponse.id,
+        passkeySignature.passkeyAuthenticationResponse.response,
+        parameters.contracts);
     },
   });
   const client = createClient<transport, chain, Account, rpcSchema>({
@@ -57,6 +60,7 @@ export function createZksyncPasskeyClient<
 export type PasskeyRequiredContracts = {
   session: Address; // Session, spend limit, etc.
   passkey: Address; // Validator for passkey signature
+  recovery: Address; // Validator for account recovery
   accountFactory?: Address; // For account creation
 };
 type ZksyncSsoPasskeyData = {

package/src/client/passkey/decorators/passkey.ts CHANGED Viewed

@@ -1,5 +1,10 @@
 import { type Chain, type Transport } from "viem";
+import {
+  confirmGuardian, type ConfirmGuardianArgs, type ConfirmGuardianReturnType,
+  proposeGuardian, type ProposeGuardianArgs, type ProposeGuardianReturnType,
+  removeGuardian, type RemoveGuardianArgs, type RemoveGuardianReturnType,
+} from "../../recovery/actions/recovery.js";
 import {
   createSession, type CreateSessionArgs, type CreateSessionReturnType,
   revokeSession, type RevokeSessionArgs, type RevokeSessionReturnType,
@@ -9,6 +14,9 @@ import type { ClientWithZksyncSsoPasskeyData } from "../client.js";
 export type ZksyncSsoPasskeyActions = {
   createSession: (args: Omit<CreateSessionArgs, "contracts">) => Promise<CreateSessionReturnType>;
   revokeSession: (args: Omit<RevokeSessionArgs, "contracts">) => Promise<RevokeSessionReturnType>;
+  proposeGuardian: (args: Omit<ProposeGuardianArgs, "contracts">) => Promise<ProposeGuardianReturnType>;
+  confirmGuardian: (args: Omit<ConfirmGuardianArgs, "contracts">) => Promise<ConfirmGuardianReturnType>;
+  removeGuardian: (args: Omit<RemoveGuardianArgs, "contracts">) => Promise<RemoveGuardianReturnType>;
 };
 export function zksyncSsoPasskeyActions<
@@ -28,5 +36,23 @@ export function zksyncSsoPasskeyActions<
         contracts: client.contracts,
       });
     },
+    proposeGuardian: async (args: Omit<ProposeGuardianArgs, "contracts">) => {
+      return await proposeGuardian(client, {
+        ...args,
+        contracts: client.contracts,
+      });
+    },
+    confirmGuardian: async (args: Omit<ConfirmGuardianArgs, "contracts">) => {
+      return await confirmGuardian(client, {
+        ...args,
+        contracts: client.contracts,
+      });
+    },
+    removeGuardian: async (args: Omit<RemoveGuardianArgs, "contracts">) => {
+      return await removeGuardian(client, {
+        ...args,
+        contracts: client.contracts,
+      });
+    },
   };
 }

package/src/client/recovery/account.ts ADDED Viewed

@@ -0,0 +1,61 @@
+import type { Address } from "abitype";
+import { type CustomSource, type Hash, hashMessage, hashTypedData, type Hex, type LocalAccount } from "viem";
+import { toAccount } from "viem/accounts";
+import { serializeTransaction, type ZksyncTransactionSerializableEIP712 } from "viem/zksync";
+import { getEip712Domain } from "../utils/getEip712Domain.js";
+export type ToRecoveryAccountParameters = {
+  /** Address of the deployed Account's Contract implementation. */
+  address: Address;
+  signTransaction: (parameters: { hash: Hash }) => Promise<Hex>;
+};
+export type RecoveryAccount = LocalAccount<"ssoRecoveryAccount"> & {
+  sign: NonNullable<CustomSource["sign"]>;
+};
+export function toRecoveryAccount(
+  parameters: ToRecoveryAccountParameters,
+): RecoveryAccount {
+  const { address, signTransaction } = parameters;
+  const account = toAccount({
+    address,
+    async signTransaction(transaction) {
+      const signableTransaction = {
+        ...transaction,
+        from: this.address!,
+        type: "eip712",
+      } as ZksyncTransactionSerializableEIP712;
+      const eip712DomainAndMessage = getEip712Domain(signableTransaction);
+      const digest = hashTypedData(eip712DomainAndMessage);
+      return serializeTransaction({
+        ...signableTransaction,
+        customSignature: await signTransaction({
+          hash: digest,
+        }),
+      });
+    },
+    async sign({ hash }) {
+      return signTransaction({ hash });
+    },
+    async signMessage({ message }) {
+      return signTransaction({
+        hash: hashMessage(message),
+      });
+    },
+    async signTypedData(typedData) {
+      return signTransaction({
+        hash: hashTypedData(typedData),
+      });
+    },
+  });
+  return {
+    ...account,
+    source: "ssoRecoveryAccount",
+  } as RecoveryAccount;
+}