Merge pull request #7 from argentlabs/develop

Release 6.7.3

.eslintrc.json

@@ -0,0 +1,33 @@
+{
+  "env": {
+    "browser": true,
+    "es2021": true,
+    "node": true
+  },
+  "extends": [
+    "eslint:recommended",
+    "plugin:@typescript-eslint/recommended",
+    "plugin:@typescript-eslint/recommended",
+    "prettier"
+  ],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": "latest",
+    "sourceType": "module"
+  },
+  "plugins": ["@typescript-eslint"],
+  "rules": {
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-extra-semi": "off",
+    "@typescript-eslint/no-unused-vars": [
+      "warn",
+      {
+        "vars": "all",
+        "ignoreRestSiblings": true,
+        "argsIgnorePattern": "^_"
+      }
+    ],
+    "@typescript-eslint/no-non-null-assertion": "error",
+    "curly": "error"
+  }
+}

.github/workflows/release.yml

@@ -0,0 +1,44 @@
+name: release
+
+on:
+  push:
+    branches:
+      - develop
+      - main
+      - hotfix\/v[0-9]+.[0-9]+.[0-9]+
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: pnpm/action-setup@v2
+        name: Install pnpm
+        id: pnpm-install
+        with:
+          version: 8
+          run_install: false
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Build
+        run: pnpm build
+
+      - name: Test
+        run: pnpm test
+
+      - name: semantic-release
+        run: npx semantic-release --debug true --dry-run false
+        env:
+          HUSKY: 0
+          GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.CI_NPM_TOKEN }}

.gitignore

@@ -0,0 +1,24 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+
+# production
+/dist
+
+/.idea
+
+# misc
+.DS_Store
+.env
+npm-debug.log
+*.pem
+.eslintcache
+
+# vite / rollup
+.rollup.cache
+
+vite.config.ts.timestamp*
+
+# vscode
+.vscode

.husky/commit-msg

@@ -0,0 +1 @@
+pnpm commitlint --edit $1

.husky/pre-commit

@@ -0,0 +1 @@
+pnpm lint-staged

.npmrc

@@ -0,0 +1 @@
+shamefully-hoist=true

.prettierignore

@@ -0,0 +1,2 @@
+package.json
+pnpm-lock.yaml

.prettierrc

@@ -0,0 +1,18 @@
+{
+  "useTabs": false,
+  "trailingComma": "all",
+  "singleQuote": false,
+  "semi": false,
+  "overrides": [
+    {
+      "files": "*.md",
+      "options": {
+        "printWidth": 70,
+        "useTabs": false,
+        "trailingComma": "none",
+        "arrowParens": "avoid",
+        "proseWrap": "never"
+      }
+    }
+  ]
+}

.releaserc

@@ -0,0 +1,31 @@
+{
+  "branches": [
+    "main",
+    "hotfix/v[0-9]+.[0-9]+.[0-9]+",
+    {
+      "name": "develop",
+      "channel": "next"
+    },
+    {
+      "name": "beta",
+      "prerelease": true
+    }
+  ],
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/npm",
+    [
+      "@semantic-release/git",
+      {
+        "assets": [
+          "package.json",
+          "pnpm-lock.yaml"
+        ],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ],
+    "@semantic-release/github"
+  ],
+  "repositoryUrl": "[email protected]:argentlabs/x-sessions.git"
+}

README.md

@@ -0,0 +1,180 @@
+# Sessions
+
+Sessions can be used to send transactions from a dapp on behalf of a user without requiring their confirmation with a wallet.
+
+The user is guaranteed that the dapp can only execute transactions that comply to the policies of the session and until the session expires.
+
+## Installation
+
+```bash
+npm install @argent/x-sessions
+# or
+pnpm add @argent/x-sessions
+```
+
+## Demo Dapp
+
+A demo dapp using both sessions and offchain sessions can be found here [https://github.com/argentlabs/session-keys-example-dapp](https://github.com/argentlabs/session-keys-example-dapp)
+
+# Session keys
+
+## Creating an Argent session account
+
+First you need to have a deployed account. This is the account that will authorise the session and interact with the contracts of your dapp.
+
+To sign the session message the method needed is `openSession`. After the user sign the message, a session account can be created using `buildSessionAccount`.
+
+This example session will allow the dapp to execute an example endpoint on an example contract without asking the user to approve the transaction again. After signing the session the dapp can execute all transactions listed in `allowedMethods` whenever it wants and as many times as it wants.
+
+**The list of allowedMethods needs to be communicated with Argent, in order to be whitelisted.**
+
+```typescript
+export interface AllowedMethod {
+  "Contract Address": string
+  selector: string
+}
+
+export type MetadataTxFee = {
+  tokenAddress: string
+  maxAmount: string
+}
+
+export type SessionMetadata = {
+  projectID: string
+  txFees: MetadataTxFee[]
+}
+
+type SessionParams = {
+  dappKey?: Uint8Array // this is optional. This sdk generate a dappKey using ec.starkCurve.utils.randomPrivateKey() if not provided
+  allowedMethods: AllowedMethod[]
+  expiry: bigint
+  metaData: SessionMetadata
+}
+```
+
+The following snippet show how to create and use a session account
+
+```typescript
+import {
+  SignSessionError,
+  SessionParams,
+  openSession,
+  buildSessionAccount
+} from "@argent/x-sessions"
+import { ec } from "starknet"
+
+const sessionParams: SessionParams = {
+  allowedMethods: [
+    {
+      "Contract Address": contractAddress,
+      selector: "method_selector"
+    }
+  ],
+  expiry: Math.floor(
+    (Date.now() + 1000 * 60 * 60 * 24) / 1000
+  ) as any, // ie: 1 day
+  dappKey: ec.starkCurve.utils.randomPrivateKey(),
+  metaData: {
+    projectID: "test-dapp",
+    txFees: [
+      {
+        tokenAddress: ETHTokenAddress,
+        maxAmount: parseUnits("0.1", 18).value.toString()
+      }
+    ]
+  }
+}
+
+// open session and sign message
+const accountSessionSignature = await openSession({
+  wallet, // StarknetWindowObject
+  sessionParams, // SessionParams
+  chainId // StarknetChainId
+})
+
+// create the session account from the current one that will be used to submit transactions
+const sessionRequest = createSessionRequest(
+  sessionParams.allowedMethods,
+  sessionParams.expiry,
+  sessionParams.metaData,
+  sessionParams.dappKey
+)
+
+const sessionAccount = await buildSessionAccount({
+  useCacheAuthorisation: false, // optional and defaulted to false, will be added in future developments
+  accountSessionSignature: stark.formatSignature(
+    accountSessionSignature
+  ),
+  sessionRequest,
+  chainId, // StarknetChainId
+  provider: new RpcProvider({
+    nodeUrl: "https://starknet-sepolia.public.blastapi.io/rpc/v0_7",
+    chainId: constants.StarknetChainId.SN_SEPOLIA
+  }),
+  address, // account address
+  dappKey
+})
+
+try {
+  const tx = sessionAccount.execute({
+    // lets assume this is a erc20 contract
+    contractAddress: "0x...",
+    selector: "transfer",
+    calldata: [
+      "0x..."
+      // ...
+    ]
+  })
+} catch (e) {
+  console.error((e as SignSessionError).cause, e.message)
+}
+```
+
+## Execute from outside
+
+Executing transactions “from outside” allows an account to submit transactions on behalf of a user account, as long as they have the relevant signatures.
+
+This package expose a method in order to get the Call required to perform an execution from outside.
+
+```typescript
+// instantiate argent session service
+const beService = new ArgentSessionService(
+  dappKey.publicKey,
+  accountSessionSignature
+)
+
+// instantiate dapp session service
+const sessionDappService = new SessionDappService(
+  beService,
+  chainId,
+  dappKey
+)
+
+// example for creating the calldata
+const erc20Contract = new Contract(
+  Erc20Abi as Abi,
+  ETHTokenAddress,
+  sessionAccount as any
+)
+const calldata = erc20Contract.populate("transfer", {
+  recipient: address,
+  amount: parseInputAmountToUint256(amount)
+})
+
+// get execute from outside data
+const { contractAddress, entrypoint, calldata } =
+  await sessionDappService.getOutsideExecutionCall(
+    sessionRequest,
+    stark.formatSignature(accountSessionSignature),
+    false,
+    [calldata],
+    address, // the account address
+    chainId,
+    shortString.encodeShortString("ANY_CALLER"), // Optional: default value ANY_CALLER
+    execute_after, // Optional: timestamp in seconds - this is the lower value in the range. Default value: 5 mins before Date.now()
+    execute_before, // Optional: timestamp in seconds - this is the upper value in the range. Default value: 20 mins after Date.now()
+    nonce: BigNumberish, // Optional: nonce, default value is a random nonce
+  )
+```
+
+Another account can then use object `{ contractAddress, entrypoint, calldata }` to execute the transaction.

commitlint.config.cjs

@@ -0,0 +1,3 @@
+module.exports = {
+  extends: ["@commitlint/config-conventional"],
+}