feat: smart account utilities

Author: pcarranzav

apps/connect/src/components/create-space.tsx

@@ -54,6 +54,7 @@ export function CreateSpace() {
 
       const message: Messages.RequestConnectCreateSpaceEvent = {
         type: 'connect-create-space-event',
+        accountAddress,
         event: spaceEvent,
         spaceId: spaceEvent.transaction.id,
         keyBox: {

apps/connect/src/hooks/use-spaces.ts

@@ -1,4 +1,5 @@
 import { getAppInfoByIds } from '@/lib/get-app-info-by-ids';
+import { Connect } from '@graphprotocol/hypergraph';
 import { useIdentityToken } from '@privy-io/react-auth';
 import { useQuery } from '@tanstack/react-query';
 
@@ -22,8 +23,10 @@ export const useSpaces = () => {
     queryKey: ['spaces'],
     queryFn: async () => {
       if (!identityToken) return [];
+      const accountAddress = Connect.loadAccountAddress(localStorage);
+      if (!accountAddress) return [];
       const response = await fetch(`${import.meta.env.VITE_HYPERGRAPH_SYNC_SERVER_ORIGIN}/connect/spaces`, {
-        headers: { 'privy-id-token': identityToken },
+        headers: { 'privy-id-token': identityToken, 'account-address': accountAddress },
       });
       const data = await response.json();
       const appIds = new Set<string>();

apps/connect/src/routes/authenticate.tsx

@@ -2,14 +2,16 @@ import { CreateSpace } from '@/components/create-space';
 import { Button } from '@/components/ui/button';
 import { useSpaces } from '@/hooks/use-spaces';
 import { Connect, type Identity, Key, type Messages, StoreConnect, Utils } from '@graphprotocol/hypergraph';
+import { GEOGENESIS, GEO_TESTNET } from '@graphprotocol/hypergraph/connect/smart-account';
 import { useIdentityToken, usePrivy, useWallets } from '@privy-io/react-auth';
 import { createFileRoute } from '@tanstack/react-router';
 import { createStore } from '@xstate/store';
 import { useSelector } from '@xstate/store/react';
 import { Effect, Schema } from 'effect';
 import { useEffect } from 'react';
 import { createWalletClient, custom } from 'viem';
-import { mainnet } from 'viem/chains';
+
+const CHAIN = import.meta.env.VITE_HYPERGRAPH_CHAIN === 'geogenesis' ? GEOGENESIS : GEO_TESTNET;
 
 type AuthenticateSearch = {
   data: unknown;
@@ -150,6 +152,7 @@ function AuthenticateComponent() {
           {
             headers: {
               'privy-id-token': identityToken,
+              'account-address': accountAddress,
               'Content-Type': 'application/json',
             },
           },
@@ -261,6 +264,7 @@ function AuthenticateComponent() {
     const message: Messages.RequestConnectAddAppIdentityToSpaces = {
       type: 'connect-add-app-identity-to-spaces',
       appIdentityAddress: appIdentity.address,
+      accountAddress,
       spacesInput,
     };
 
@@ -284,6 +288,7 @@ function AuthenticateComponent() {
         appIdentityAddress: appIdentity.address,
         appIdentityAddressPrivateKey: appIdentity.addressPrivateKey,
         accountAddress: accountAddress,
+        permissionId: appIdentity.permissionId,
         encryptionPrivateKey: appIdentity.encryptionPrivateKey,
         signaturePrivateKey: appIdentity.signaturePrivateKey,
         signaturePublicKey: appIdentity.signaturePublicKey,
@@ -311,7 +316,7 @@ function AuthenticateComponent() {
     try {
       const privyProvider = await embeddedWallet.getEthereumProvider();
       const walletClient = createWalletClient({
-        chain: mainnet,
+        chain: CHAIN,
         transport: custom(privyProvider),
       });
 
@@ -331,18 +336,33 @@ function AuthenticateComponent() {
       };
 
       const newAppIdentity = Connect.createAppIdentity();
+      // TODO: add spaces and additional actions
+      const permissionId = await Connect.createSmartSession(
+        walletClient,
+        accountAddress,
+        newAppIdentity.addressPrivateKey,
+        CHAIN,
+        import.meta.env.VITE_HYPERGRAPH_RPC_URL,
+        {
+          allowCreateSpace: true,
+          spaces: [],
+          additionalActions: [],
+        },
+      );
+
       const { ciphertext, nonce } = await Connect.encryptAppIdentity(
         signer,
-        accountAddress,
         newAppIdentity.address,
         newAppIdentity.addressPrivateKey,
+        permissionId,
         keys,
       );
       const { accountProof, keyProof } = await Connect.proveIdentityOwnership(signer, accountAddress, keys);
 
       const message: Messages.RequestConnectCreateAppIdentity = {
         appId: state.appInfo.appId,
         address: newAppIdentity.address,
+        accountAddress,
         signaturePublicKey: newAppIdentity.signaturePublicKey,
         encryptionPublicKey: newAppIdentity.encryptionPublicKey,
         ciphertext,
@@ -372,6 +392,7 @@ function AuthenticateComponent() {
           signaturePublicKey: newAppIdentity.signaturePublicKey,
           sessionToken: appIdentityResponse.appIdentity.sessionToken,
           sessionTokenExpires: new Date(appIdentityResponse.appIdentity.sessionTokenExpires),
+          permissionId,
         },
         appInfo: state.appInfo,
       });
@@ -392,7 +413,7 @@ function AuthenticateComponent() {
 
     const privyProvider = await embeddedWallet.getEthereumProvider();
     const walletClient = createWalletClient({
-      chain: mainnet,
+      chain: CHAIN,
       transport: custom(privyProvider),
     });
 
@@ -413,7 +434,6 @@ function AuthenticateComponent() {
 
     const decryptedIdentity = await Connect.decryptAppIdentity(
       signer,
-      state.appIdentityResponse.accountAddress,
       state.appIdentityResponse.ciphertext,
       state.appIdentityResponse.nonce,
     );
@@ -422,7 +442,8 @@ function AuthenticateComponent() {
       appIdentity: {
         address: decryptedIdentity.address,
         addressPrivateKey: decryptedIdentity.addressPrivateKey,
-        accountAddress: decryptedIdentity.accountAddress,
+        accountAddress: state.appIdentityResponse.accountAddress,
+        permissionId: decryptedIdentity.permissionId,
         encryptionPrivateKey: decryptedIdentity.encryptionPrivateKey,
         signaturePrivateKey: decryptedIdentity.signaturePrivateKey,
         encryptionPublicKey: decryptedIdentity.encryptionPublicKey,

apps/connect/src/routes/login.lazy.tsx

@@ -1,11 +1,12 @@
 import { Button } from '@/components/ui/button';
 import { Connect, type Identity } from '@graphprotocol/hypergraph';
-import { useIdentityToken, usePrivy, useWallets } from '@privy-io/react-auth';
+import { GEOGENESIS, GEO_TESTNET } from '@graphprotocol/hypergraph/connect/smart-account';
+import { type ConnectedWallet, useIdentityToken, usePrivy, useWallets } from '@privy-io/react-auth';
 import { createLazyFileRoute, useRouter } from '@tanstack/react-router';
 import { useCallback, useEffect, useState } from 'react';
-import { createWalletClient, custom, getAddress } from 'viem';
-import { mainnet } from 'viem/chains';
+import { type WalletClient, createWalletClient, custom } from 'viem';
 
+const CHAIN = import.meta.env.VITE_HYPERGRAPH_CHAIN === 'geogenesis' ? GEOGENESIS : GEO_TESTNET;
 const syncServerUri = import.meta.env.VITE_HYPERGRAPH_SYNC_SERVER_ORIGIN;
 const storage = localStorage;
 
@@ -21,18 +22,35 @@ function Login() {
   const { identityToken } = useIdentityToken();
 
   const hypergraphLogin = useCallback(
-    async (signer: Identity.Signer) => {
-      if (!signer || !identityToken) {
+    async (walletClient: WalletClient, embeddedWallet: ConnectedWallet) => {
+      if (!identityToken) {
         return;
       }
+      const signer: Identity.Signer = {
+        getAddress: async () => {
+          const [address] = await walletClient.getAddresses();
+          return address;
+        },
+        signMessage: async (message: string) => {
+          if (embeddedWallet.walletClientType === 'privy') {
+            const { signature } = await signMessage({ message });
+            return signature;
+          }
+          const [address] = await walletClient.getAddresses();
+          return await walletClient.signMessage({ account: address, message });
+        },
+      };
+
       const address = await signer.getAddress();
       if (!address) {
         return;
       }
-      const accountAddress = getAddress(address);
-      await Connect.login(signer, accountAddress, syncServerUri, storage, identityToken);
+
+      const rpcUrl = import.meta.env.VITE_HYPERGRAPH_RPC_URL;
+
+      await Connect.login({ walletClient, signer, syncServerUri, storage, identityToken, rpcUrl, chain: CHAIN });
     },
-    [identityToken],
+    [identityToken, signMessage],
   );
 
   useEffect(() => {
@@ -48,26 +66,11 @@ function Login() {
           const embeddedWallet = wallets.find((wallet) => wallet.walletClientType === 'privy') || wallets[0];
           const privyProvider = await embeddedWallet.getEthereumProvider();
           const walletClient = createWalletClient({
-            chain: mainnet,
+            chain: CHAIN,
             transport: custom(privyProvider),
           });
 
-          const signer: Identity.Signer = {
-            getAddress: async () => {
-              const [address] = await walletClient.getAddresses();
-              return address;
-            },
-            signMessage: async (message: string) => {
-              if (embeddedWallet.walletClientType === 'privy') {
-                const { signature } = await signMessage({ message });
-                return signature;
-              }
-              const [address] = await walletClient.getAddresses();
-              return await walletClient.signMessage({ account: address, message });
-            },
-          };
-
-          await hypergraphLogin(signer);
+          await hypergraphLogin(walletClient, embeddedWallet);
 
           const redirect = localStorage.getItem('geo-connect-authenticate-redirect');
           if (redirect) {
@@ -83,7 +86,7 @@ function Login() {
         }
       })();
     }
-  }, [privyAuthenticated, walletsReady, wallets, signMessage, hypergraphLogin, navigate, hypergraphLoginStarted]);
+  }, [privyAuthenticated, walletsReady, wallets, hypergraphLogin, navigate, hypergraphLoginStarted]);
 
   return (
     <div className="flex flex-1 justify-center items-center flex-col gap-4">

apps/events/src/routes/authenticate-success.tsx

@@ -45,6 +45,7 @@ function RouteComponent() {
         address: parsedAuthParams.appIdentityAddress,
         addressPrivateKey: parsedAuthParams.appIdentityAddressPrivateKey,
         accountAddress: parsedAuthParams.accountAddress,
+        permissionId: parsedAuthParams.permissionId,
         signaturePublicKey: parsedAuthParams.signaturePublicKey,
         signaturePrivateKey: parsedAuthParams.signaturePrivateKey,
         encryptionPublicKey: parsedAuthParams.encryptionPublicKey,

apps/server/prisma/migrations/20250620005807_add_connect_signer_address/migration.sql

@@ -0,0 +1,26 @@
+/*
+  Warnings:
+
+  - Added the required column `connectSignerAddress` to the `Account` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- RedefineTables
+PRAGMA defer_foreign_keys=ON;
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_Account" (
+    "address" TEXT NOT NULL PRIMARY KEY,
+    "connectAddress" TEXT NOT NULL,
+    "connectCiphertext" TEXT NOT NULL,
+    "connectNonce" TEXT NOT NULL,
+    "connectSignaturePublicKey" TEXT NOT NULL,
+    "connectEncryptionPublicKey" TEXT NOT NULL,
+    "connectAccountProof" TEXT NOT NULL,
+    "connectKeyProof" TEXT NOT NULL,
+    "connectSignerAddress" TEXT NOT NULL
+);
+INSERT INTO "new_Account" ("address", "connectAccountProof", "connectAddress", "connectCiphertext", "connectEncryptionPublicKey", "connectKeyProof", "connectNonce", "connectSignaturePublicKey") SELECT "address", "connectAccountProof", "connectAddress", "connectCiphertext", "connectEncryptionPublicKey", "connectKeyProof", "connectNonce", "connectSignaturePublicKey" FROM "Account";
+DROP TABLE "Account";
+ALTER TABLE "new_Account" RENAME TO "Account";
+CREATE UNIQUE INDEX "Account_connectAddress_key" ON "Account"("connectAddress");
+PRAGMA foreign_keys=ON;
+PRAGMA defer_foreign_keys=OFF;

apps/server/prisma/schema.prisma

@@ -109,6 +109,7 @@ model Account {
   connectKeyProof            String
   infoAuthor                 Space[]
   spaceKeyBoxes              SpaceKeyBox[]
+  connectSignerAddress       String
 }
 
 model AppIdentity {

apps/server/src/handlers/createIdentity.ts

@@ -1,6 +1,7 @@
 import { prisma } from '../prisma.js';
 
 type Params = {
+  signerAddress: string;
   accountAddress: string;
   ciphertext: string;
   nonce: string;
@@ -11,6 +12,7 @@ type Params = {
 };
 
 export const createIdentity = async ({
+  signerAddress,
   accountAddress,
   ciphertext,
   nonce,
@@ -32,6 +34,7 @@ export const createIdentity = async ({
   }
   return await prisma.account.create({
     data: {
+      connectSignerAddress: signerAddress,
       address: accountAddress,
       connectAccountProof: accountProof,
       connectKeyProof: keyProof,

apps/server/src/handlers/is-signer-for-account.ts

@@ -0,0 +1,13 @@
+import { prisma } from '../prisma';
+
+export const isSignerForAccount = async (signerAddress: string, accountAddress: string) => {
+  const account = await prisma.account.findUnique({
+    where: {
+      address: accountAddress,
+    },
+  });
+  if (!account) {
+    return false;
+  }
+  return account.connectSignerAddress === signerAddress;
+};