import type { Address } from 'abitype' import type { KeyAuthorization } from 'ox/tempo' import type { Account } from '../../accounts/types.js' import { parseAccount } from '../../accounts/utils/parseAccount.js' import { readContract } from '../../actions/public/readContract.js' import { sendTransaction } from '../../actions/wallet/sendTransaction.js' import { sendTransactionSync } from '../../actions/wallet/sendTransactionSync.js' import type { WriteContractReturnType } from '../../actions/wallet/writeContract.js' import { writeContract } from '../../actions/wallet/writeContract.js' import { writeContractSync } from '../../actions/wallet/writeContractSync.js' import type { Client } from '../../clients/createClient.js' import type { Transport } from '../../clients/transports/createTransport.js' import type { BaseErrorType } from '../../errors/base.js' import type { Chain } from '../../types/chain.js' import type { GetEventArgs } from '../../types/contract.js' import type { Log } from '../../types/log.js' import type { Compute } from '../../types/utils.js' import { parseEventLogs } from '../../utils/abi/parseEventLogs.js' import * as Abis from '../Abis.js' import type { AccessKeyAccount, resolveAccessKey } from '../Account.js' import { signKeyAuthorization } from '../Account.js' import * as Addresses from '../Addresses.js' import * as Hardfork from '../Hardfork.js' import type { GetAccountParameter, ReadParameters, WriteParameters, } from '../internal/types.js' import { defineCall } from '../internal/utils.js' import type { TransactionReceipt } from '../Transaction.js' /** @internal */ const signatureTypes = { 0: 'secp256k1', 1: 'p256', 2: 'webAuthn', } as const satisfies Record /** @internal */ const spendPolicies = { true: 'limited', false: 'unlimited', } as const /** * Authorizes an access key by signing a key authorization and sending a transaction. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions, Account } from 'viem/tempo' * import { generatePrivateKey } from 'viem/accounts' * * const account = Account.from({ privateKey: '0x...' }) * const client = createClient({ * account, * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const accessKey = Account.fromP256(generatePrivateKey(), { * access: account, * }) * * const hash = await Actions.accessKey.authorize(client, { * accessKey, * expiry: Math.floor((Date.now() + 30_000) / 1000), * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction hash. */ export async function authorize< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: authorize.Parameters, ): Promise { return authorize.inner(sendTransaction, client, parameters) } export namespace authorize { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = WriteParameters & Args export type Args = { /** The access key to authorize. */ accessKey: resolveAccessKey.Parameters /** The chain ID. */ chainId?: number | undefined /** Unix timestamp when the key expires. */ expiry?: number | undefined /** Spending limits per token. */ limits?: | { token: Address; limit: bigint; period?: number | undefined }[] | undefined /** Call scopes restricting which contracts/selectors this key can call. */ scopes?: KeyAuthorization.Scope[] | undefined } export type ReturnValue = WriteContractReturnType // TODO: exhaustive error type export type ErrorType = BaseErrorType /** @internal */ export async function inner< action extends typeof sendTransaction | typeof sendTransactionSync, chain extends Chain | undefined, account extends Account | undefined, >( action: action, client: Client, parameters: authorize.Parameters, ): Promise> { const { accessKey, chainId = client.chain?.id, expiry, limits, scopes, ...rest } = parameters const account_ = rest.account ?? client.account if (!account_) throw new Error('account is required.') if (!chainId) throw new Error('chainId is required.') const parsed = parseAccount(account_) const keyAuthorization = await signKeyAuthorization(parsed as never, { chainId: BigInt(chainId), key: accessKey, expiry, limits, scopes, }) return (await action(client, { ...rest, keyAuthorization, } as never)) as never } export function extractEvent(logs: Log[]) { const [log] = parseEventLogs({ abi: Abis.accountKeychain, logs, eventName: 'KeyAuthorized', strict: true, }) if (!log) throw new Error('`KeyAuthorized` event not found.') return log } } /** * Authorizes an access key and waits for the transaction receipt. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions, Account } from 'viem/tempo' * import { generatePrivateKey } from 'viem/accounts' * * const account = Account.from({ privateKey: '0x...' }) * const client = createClient({ * account, * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const accessKey = Account.fromP256(generatePrivateKey(), { * access: account, * }) * * const { receipt, ...result } = await Actions.accessKey.authorizeSync(client, { * accessKey, * expiry: Math.floor((Date.now() + 30_000) / 1000), * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction receipt and event data. */ export async function authorizeSync< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: authorizeSync.Parameters, ): Promise { const { throwOnReceiptRevert = true, ...rest } = parameters const receipt = await authorize.inner(sendTransactionSync, client, { ...rest, throwOnReceiptRevert, } as never) const { args } = authorize.extractEvent(receipt.logs) return { ...args, receipt, } as never } export namespace authorizeSync { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = authorize.Parameters export type Args = authorize.Args export type ReturnValue = Compute< GetEventArgs< typeof Abis.accountKeychain, 'KeyAuthorized', { IndexedOnly: false; Required: true } > & { receipt: TransactionReceipt } > // TODO: exhaustive error type export type ErrorType = BaseErrorType } /** * Revokes an authorized access key. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * import { privateKeyToAccount } from 'viem/accounts' * * const client = createClient({ * account: privateKeyToAccount('0x...'), * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const hash = await Actions.accessKey.revoke(client, { * accessKey: '0x...', * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction hash. */ export async function revoke< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: revoke.Parameters, ): Promise { return revoke.inner(writeContract, client, parameters) } export namespace revoke { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = WriteParameters & Args export type Args = { /** The access key to revoke. */ accessKey: Address | AccessKeyAccount } export type ReturnValue = WriteContractReturnType // TODO: exhaustive error type export type ErrorType = BaseErrorType /** @internal */ export async function inner< action extends typeof writeContract | typeof writeContractSync, chain extends Chain | undefined, account extends Account | undefined, >( action: action, client: Client, parameters: revoke.Parameters, ): Promise> { const { accessKey, ...rest } = parameters const call = revoke.call({ accessKey }) return (await action(client, { ...rest, ...call, } as never)) as never } /** * Defines a call to the `revokeKey` function. * * Can be passed as a parameter to: * - [`estimateContractGas`](https://viem.sh/docs/contract/estimateContractGas): estimate the gas cost of the call * - [`simulateContract`](https://viem.sh/docs/contract/simulateContract): simulate the call * - [`sendCalls`](https://viem.sh/docs/actions/wallet/sendCalls): send multiple calls * * @example * ```ts * import { createClient, http, walletActions } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * * const client = createClient({ * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }).extend(walletActions) * * const hash = await client.sendTransaction({ * calls: [ * Actions.accessKey.revoke.call({ accessKey: '0x...' }), * ], * }) * ``` * * @param args - Arguments. * @returns The call. */ export function call(args: Args) { const { accessKey } = args return defineCall({ address: Addresses.accountKeychain, abi: Abis.accountKeychain, functionName: 'revokeKey', args: [resolveAccessKeyAddress(accessKey)], }) } export function extractEvent(logs: Log[]) { const [log] = parseEventLogs({ abi: Abis.accountKeychain, logs, eventName: 'KeyRevoked', strict: true, }) if (!log) throw new Error('`KeyRevoked` event not found.') return log } } /** * Revokes an authorized access key and waits for the transaction receipt. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * import { privateKeyToAccount } from 'viem/accounts' * * const client = createClient({ * account: privateKeyToAccount('0x...'), * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const result = await Actions.accessKey.revokeSync(client, { * accessKey: '0x...', * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction receipt and event data. */ export async function revokeSync< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: revokeSync.Parameters, ): Promise { const { throwOnReceiptRevert = true, ...rest } = parameters const receipt = await revoke.inner(writeContractSync, client, { ...rest, throwOnReceiptRevert, } as never) const { args } = revoke.extractEvent(receipt.logs) return { ...args, receipt, } as never } export namespace revokeSync { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = revoke.Parameters export type Args = revoke.Args export type ReturnValue = Compute< GetEventArgs< typeof Abis.accountKeychain, 'KeyRevoked', { IndexedOnly: false; Required: true } > & { receipt: TransactionReceipt } > // TODO: exhaustive error type export type ErrorType = BaseErrorType } /** * Updates the spending limit for a specific token on an authorized access key. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * import { privateKeyToAccount } from 'viem/accounts' * * const client = createClient({ * account: privateKeyToAccount('0x...'), * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const hash = await Actions.accessKey.updateLimit(client, { * accessKey: '0x...', * token: '0x...', * limit: 1000000000000000000n, * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction hash. */ export async function updateLimit< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: updateLimit.Parameters, ): Promise { return updateLimit.inner(writeContract, client, parameters) } export namespace updateLimit { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = WriteParameters & Args export type Args = { /** The access key to update. */ accessKey: Address | AccessKeyAccount /** The token address. */ token: Address /** The new spending limit. */ limit: bigint } export type ReturnValue = WriteContractReturnType // TODO: exhaustive error type export type ErrorType = BaseErrorType /** @internal */ export async function inner< action extends typeof writeContract | typeof writeContractSync, chain extends Chain | undefined, account extends Account | undefined, >( action: action, client: Client, parameters: updateLimit.Parameters, ): Promise> { const { accessKey, token, limit, ...rest } = parameters const call = updateLimit.call({ accessKey, token, limit }) return (await action(client, { ...rest, ...call, } as never)) as never } /** * Defines a call to the `updateSpendingLimit` function. * * Can be passed as a parameter to: * - [`estimateContractGas`](https://viem.sh/docs/contract/estimateContractGas): estimate the gas cost of the call * - [`simulateContract`](https://viem.sh/docs/contract/simulateContract): simulate the call * - [`sendCalls`](https://viem.sh/docs/actions/wallet/sendCalls): send multiple calls * * @example * ```ts * import { createClient, http, walletActions } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * * const client = createClient({ * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }).extend(walletActions) * * const hash = await client.sendTransaction({ * calls: [ * Actions.accessKey.updateLimit.call({ * accessKey: '0x...', * token: '0x...', * limit: 1000000000000000000n, * }), * ], * }) * ``` * * @param args - Arguments. * @returns The call. */ export function call(args: Args) { const { accessKey, token, limit } = args return defineCall({ address: Addresses.accountKeychain, abi: Abis.accountKeychain, functionName: 'updateSpendingLimit', args: [resolveAccessKeyAddress(accessKey), token, limit], }) } export function extractEvent(logs: Log[]) { const [log] = parseEventLogs({ abi: Abis.accountKeychain, logs, eventName: 'SpendingLimitUpdated', strict: true, }) if (!log) throw new Error('`SpendingLimitUpdated` event not found.') return log } } /** * Updates the spending limit and waits for the transaction receipt. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * import { privateKeyToAccount } from 'viem/accounts' * * const client = createClient({ * account: privateKeyToAccount('0x...'), * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const result = await Actions.accessKey.updateLimitSync(client, { * accessKey: '0x...', * token: '0x...', * limit: 1000000000000000000n, * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The transaction receipt and event data. */ export async function updateLimitSync< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: updateLimitSync.Parameters, ): Promise { const { throwOnReceiptRevert = true, ...rest } = parameters const receipt = await updateLimit.inner(writeContractSync, client, { ...rest, throwOnReceiptRevert, } as never) const { args } = updateLimit.extractEvent(receipt.logs) return { account: args.account, publicKey: args.publicKey, token: args.token, limit: args.newLimit, receipt, } } export namespace updateLimitSync { export type Parameters< chain extends Chain | undefined = Chain | undefined, account extends Account | undefined = Account | undefined, > = updateLimit.Parameters export type Args = updateLimit.Args export type ReturnValue = { /** The account that owns the key. */ account: Address /** The access key address. */ publicKey: Address /** The token address. */ token: Address /** The new spending limit. */ limit: bigint /** The transaction receipt. */ receipt: TransactionReceipt } // TODO: exhaustive error type export type ErrorType = BaseErrorType } /** * Gets access key information. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * * const client = createClient({ * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const key = await Actions.accessKey.getMetadata(client, { * account: '0x...', * accessKey: '0x...', * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The key information. */ export async function getMetadata< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: getMetadata.Parameters, ): Promise { const { account: account_ = client.account, accessKey, ...rest } = parameters if (!account_) throw new Error('account is required.') const account = parseAccount(account_) const result = await readContract(client, { ...rest, ...getMetadata.call({ account: account.address, accessKey }), }) return { address: result.keyId, keyType: signatureTypes[result.signatureType as keyof typeof signatureTypes] ?? 'secp256k1', expiry: result.expiry, spendPolicy: spendPolicies[`${result.enforceLimits}`], isRevoked: result.isRevoked, } } export namespace getMetadata { export type Parameters< account extends Account | undefined = Account | undefined, > = ReadParameters & GetAccountParameter & Pick export type Args = { /** Account address. */ account: Address /** The access key. */ accessKey: Address | AccessKeyAccount } export type ReturnValue = { /** The access key address. */ address: Address /** The key type. */ keyType: 'secp256k1' | 'p256' | 'webAuthn' /** The expiry timestamp. */ expiry: bigint /** The spending policy. */ spendPolicy: 'limited' | 'unlimited' /** Whether the key is revoked. */ isRevoked: boolean } /** * Defines a call to the `getKey` function. * * @param args - Arguments. * @returns The call. */ export function call(args: Args) { const { account, accessKey } = args return defineCall({ address: Addresses.accountKeychain, abi: Abis.accountKeychain, functionName: 'getKey', args: [account, resolveAccessKeyAddress(accessKey)], }) } } /** * Gets the remaining spending limit for a key-token pair. * * @example * ```ts * import { createClient, http } from 'viem' * import { tempo } from 'viem/chains' * import { Actions } from 'viem/tempo' * * const client = createClient({ * chain: tempo.extend({ feeToken: '0x20c0000000000000000000000000000000000001' }), * transport: http(), * }) * * const remaining = await Actions.accessKey.getRemainingLimit(client, { * account: '0x...', * accessKey: '0x...', * token: '0x...', * }) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The remaining spending amount. */ export async function getRemainingLimit< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: getRemainingLimit.Parameters, ): Promise { const { account: account_ = client.account, accessKey, token, ...rest } = parameters if (!account_) throw new Error('account is required.') const account = parseAccount(account_) // TODO: remove pre-t3 branch once mainnet is on t3. const hardfork = (client.chain as { hardfork?: string } | undefined)?.hardfork if (hardfork && Hardfork.lt(hardfork, 't3')) { const remaining = await readContract(client, { ...rest, ...getRemainingLimit.call({ account: account.address, accessKey, token }), }) return { remaining, periodEnd: undefined } } const [remaining, periodEnd] = await readContract(client, { ...rest, ...getRemainingLimit.callWithPeriod({ account: account.address, accessKey, token, }), }) return { remaining, periodEnd } } export namespace getRemainingLimit { export type Parameters< account extends Account | undefined = Account | undefined, > = ReadParameters & GetAccountParameter & Pick export type Args = { /** Account address. */ account: Address /** The access key. */ accessKey: Address | AccessKeyAccount /** The token address. */ token: Address } export type ReturnValue = { remaining: bigint periodEnd: bigint | undefined } /** * Defines a call to the `getRemainingLimit` function (pre-T3). * * @param args - Arguments. * @returns The call. */ export function call(args: Args) { const { account, accessKey, token } = args return defineCall({ address: Addresses.accountKeychain, abi: Abis.accountKeychain, functionName: 'getRemainingLimit', args: [account, resolveAccessKeyAddress(accessKey), token], }) } /** * Defines a call to the `getRemainingLimitWithPeriod` function (T3+). * * @param args - Arguments. * @returns The call. */ export function callWithPeriod(args: Args) { const { account, accessKey, token } = args return defineCall({ address: Addresses.accountKeychain, abi: Abis.accountKeychain, functionName: 'getRemainingLimitWithPeriod', args: [account, resolveAccessKeyAddress(accessKey), token], }) } } /** * Signs a key authorization for an access key. * * @example * ```ts * import { generatePrivateKey } from 'viem/accounts' * import { Account, Actions } from 'viem/tempo' * * const account = Account.from({ privateKey: '0x...' }) * const accessKey = Account.fromP256(generatePrivateKey(), { * access: account, * }) * * const keyAuthorization = await Actions.accessKey.signAuthorization( * client, * { * account, * accessKey, * expiry: Math.floor((Date.now() + 30_000) / 1000), * }, * ) * ``` * * @param client - Client. * @param parameters - Parameters. * @returns The signed key authorization. */ export async function signAuthorization< chain extends Chain | undefined, account extends Account | undefined, >( client: Client, parameters: signAuthorization.Parameters, ): Promise { const { accessKey, chainId = client.chain?.id, ...rest } = parameters const account_ = rest.account ?? client.account if (!account_) throw new Error('account is required.') if (!chainId) throw new Error('chainId is required.') const parsed = parseAccount(account_) return signKeyAuthorization(parsed as never, { chainId: BigInt(chainId), key: accessKey, ...rest, }) } export namespace signAuthorization { export type Parameters< account extends Account | undefined = Account | undefined, > = GetAccountParameter & { /** The access key to authorize. */ accessKey: resolveAccessKey.Parameters /** The chain ID. */ chainId?: number | undefined /** Unix timestamp when the key expires. */ expiry?: number | undefined /** Spending limits per token. */ limits?: | { token: Address; limit: bigint; period?: number | undefined }[] | undefined /** Call scopes restricting which contracts/selectors this key can call. */ scopes?: KeyAuthorization.Scope[] | undefined } export type ReturnValue = Awaited> } /** @internal */ function resolveAccessKeyAddress( accessKey: Address | AccessKeyAccount, ): Address { if (typeof accessKey === 'string') return accessKey return accessKey.accessKeyAddress }