Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 71 additions & 0 deletions .env.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
# ─── Wallets ──────────────────────────────────────────────────────────────────
# Deployer wallet — pays gas for contract deployments and delegation txs
PRIVATE_KEY=0xyour_deployer_private_key

# Secondary wallet (optional — used for testing with a second account)
PRIVATE_KEY2=0xyour_second_private_key

# Platform owner / whitelisted user — signs UserOps (needs no ETH for gasless ops)
OWNER_PRIVATE_KEY=0xyour_owner_private_key

# ─── RPC Endpoints ────────────────────────────────────────────────────────────
# Get free endpoints at https://infura.io or https://alchemy.com
SEPOLIA_RPC_URL=https://sepolia.infura.io/v3/your_infura_project_id
AMOY_RPC_URL=https://polygon-amoy.infura.io/v3/your_infura_project_id

# ─── Bundler ──────────────────────────────────────────────────────────────────
# Get a free Pimlico API key at https://dashboard.pimlico.io
PIMLICO_API_KEY=pim_your_pimlico_api_key

# ─── EntryPoint ───────────────────────────────────────────────────────────────
# Canonical EntryPoint v0.8 — same address on all supported chains
ENTRY_POINT=0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108

# ─── Document / Token Config ──────────────────────────────────────────────────
# Used by mintDocumentGasless.ts
TOKEN_ID=0xyour_document_hash_as_uint256
TOKEN_NAME=MyRegistry
TOKEN_SYMBOL=MYR
REMARK=optional remark text
BENEFICIARY_ADDRESS=0xbeneficiary_wallet_address
HOLDER_ADDRESS=0xholder_wallet_address
NOMINEE_ADDR=0xnominee_wallet_address
NEW_HOLDER_ADDR=0xnew_holder_wallet_address

# ─── Sepolia Deployments ──────────────────────────────────────────────────────
# Filled in automatically by deploy scripts — run in order:
# 1. npx hardhat run scripts/deployEIP7702.ts --network sepolia
# 2. npx hardhat run scripts/deployImplementation.ts --network sepolia
# 3. npx hardhat run scripts/deployFactory.ts --network sepolia
# 4. npx hardhat run scripts/deployPlatformPaymaster.ts --network sepolia
# 5. npx hardhat run scripts/stakePlatformPaymaster.ts --network sepolia

EIP7702_IMPL_ADDRESS_SEPOLIA=0x_filled_by_deployEIP7702
PAYMASTER_IMPLEMENTATION_SEPOLIA=0x_filled_by_deployImplementation
FACTORY_ADDRESS_SEPOLIA=0x_filled_by_deployFactory
PAYMASTER_ADDRESS_SEPOLIA=0x_filled_by_deployPlatformPaymaster

# TrustVC infrastructure on Sepolia (pre-deployed — do not change)
TDOC_DEPLOYER_ADDRESS_SEPOLIA=0x64bc665056DC8bE4092e569ED13a7F273Be28cD2
TDOC_IMPLEMENTATION_SEPOLIA=0x45c382574bb1B9C432a2e100Ab2086A4EAcB73Fd

# Filled in after running deployRegistryGasless.ts / mintDocumentGasless.ts
REGISTRY_ADDRESS_SEPOLIA=0x_filled_after_deployRegistry
TITLE_ESCROW_ADDRESS_SEPOLIA=0x_filled_after_mintDocument

# ─── Polygon Amoy Deployments ─────────────────────────────────────────────────
# Same deploy order as above but with --network amoy and NETWORK=amoy

EIP7702_IMPL_ADDRESS_AMOY=0x_filled_by_deployEIP7702
PAYMASTER_IMPLEMENTATION_AMOY=0x_filled_by_deployImplementation
FACTORY_ADDRESS_AMOY=0x_filled_by_deployFactory
PAYMASTER_ADDRESS_AMOY=0x_filled_by_deployPlatformPaymaster

# TrustVC infrastructure on Amoy (pre-deployed — do not change)
TDOC_DEPLOYER_ADDRESS_AMOY=0xfcafea839e576967b96ad1FBFB52b5CA26cd1D25
TDOC_IMPLEMENTATION_AMOY=0x_tdoc_implementation_on_amoy

# Filled in after running gasless scripts with NETWORK=amoy
REGISTRY_ADDRESS_AMOY=0x_filled_after_deployRegistry
TITLE_ESCROW_ADDRESS_AMOY=0x_filled_after_mintDocument
FACTORY_ADDRESS_AMOY=0x_filled_after_deployFactory

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🗄️ Data Integrity & Integration | 🟡 Minor | ⚡ Quick win

Remove duplicated FACTORY_ADDRESS_AMOY key.

Line 61 already defines FACTORY_ADDRESS_AMOY=0x_filled_by_deployFactory. The duplicate at line 71 with a different placeholder value will overwrite the first definition. Following the Sepolia pattern (lines 43–54), the factory address should only appear once in the deployments section; the "Filled in after running gasless scripts" section should contain only REGISTRY_ADDRESS_AMOY and TITLE_ESCROW_ADDRESS_AMOY.

-# Filled in after running gasless scripts with NETWORK=amoy
-REGISTRY_ADDRESS_AMOY=0x_filled_after_deployRegistry
-TITLE_ESCROW_ADDRESS_AMOY=0x_filled_after_mintDocument
-FACTORY_ADDRESS_AMOY=0x_filled_after_deployFactory
+# Filled in after running gasless scripts with NETWORK=amoy
+REGISTRY_ADDRESS_AMOY=0x_filled_after_deployRegistry
+TITLE_ESCROW_ADDRESS_AMOY=0x_filled_after_mintDocument
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
FACTORY_ADDRESS_AMOY=0x_filled_after_deployFactory
# Filled in after running gasless scripts with NETWORK=amoy
REGISTRY_ADDRESS_AMOY=0x_filled_after_deployRegistry
TITLE_ESCROW_ADDRESS_AMOY=0x_filled_after_mintDocument
🧰 Tools
🪛 dotenv-linter (4.0.0)

[warning] 71-71: [DuplicatedKey] The FACTORY_ADDRESS_AMOY key is duplicated

(DuplicatedKey)


[warning] 71-71: [UnorderedKey] The FACTORY_ADDRESS_AMOY key should go before the REGISTRY_ADDRESS_AMOY key

(UnorderedKey)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.env.example at line 71, Remove the duplicated FACTORY_ADDRESS_AMOY entry
from the “Filled in after running gasless scripts” section in .env.example so it
is defined only once in the deployments section, matching the Sepolia pattern;
keep only REGISTRY_ADDRESS_AMOY and TITLE_ESCROW_ADDRESS_AMOY there, and
preserve the existing FACTORY_ADDRESS_AMOY value defined earlier.

6 changes: 6 additions & 0 deletions .eslintignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dist
artifacts
cache
src/abis
node_modules
7702Frontend
43 changes: 43 additions & 0 deletions .eslintrc.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
{
"parser": "@typescript-eslint/parser",
"parserOptions": {
"project": "./tsconfig.json",
"ecmaVersion": 2020,
"sourceType": "module"
},
"plugins": ["@typescript-eslint"],
"extends": [
"eslint:recommended",
"plugin:@typescript-eslint/recommended"
],
"env": {
"node": true,
"mocha": true
},
"rules": {
"no-console": "off",
"@typescript-eslint/no-var-requires": "off",
"@typescript-eslint/no-explicit-any": "warn",
"@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
"import/no-extraneous-dependencies": "off"
Comment on lines +17 to +22

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf 'Files of interest:\n'
git ls-files .eslintrc.json package.json .github/workflows/linters.yml

printf '\n--- .eslintrc.json ---\n'
cat -n .eslintrc.json

printf '\n--- package.json (relevant lines) ---\n'
cat -n package.json | sed -n '1,220p'

printf '\n--- workflow excerpt ---\n'
cat -n .github/workflows/linters.yml | sed -n '1,220p'

printf '\n--- search for import plugin / extends ---\n'
rg -n '"eslint-plugin-import"|"\bimport/no-extraneous-dependencies\b"|extends|plugins' .eslintrc.json package.json .github/workflows/linters.yml

Repository: TrustVC/7702SmartAccount

Length of output: 5812


🏁 Script executed:

#!/bin/bash
set -euo pipefail
printf 'noop\n'

Repository: TrustVC/7702SmartAccount

Length of output: 167


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "ROOT=$(pwd)"
echo "--- .eslintrc.json ---"
cat -n .eslintrc.json
echo "--- package.json plugin/import search ---"
rg -n '"eslint-plugin-import"|"import/no-extraneous-dependencies"|extends|plugins' package.json .eslintrc.json

Repository: TrustVC/7702SmartAccount

Length of output: 1859


Add eslint-plugin-import or remove this rule. .eslintrc.json:8-22 references import/no-extraneous-dependencies without registering the import plugin, so npm run lint fails on config load.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.eslintrc.json around lines 17 - 22, The ESLint config currently enables
import/no-extraneous-dependencies without registering the import plugin, which
causes lint config loading to fail. Update .eslintrc.json to either add the
eslint-plugin-import plugin configuration alongside the existing rules or remove
the import/no-extraneous-dependencies rule if the plugin is not intended to be
used. Make sure the fix is applied in the top-level ESLint config so npm run
lint can load successfully.

},
"overrides": [
{
"files": ["test/**/*.ts"],
"env": { "mocha": true },
"rules": {
"@typescript-eslint/no-explicit-any": "off",
"@typescript-eslint/no-unused-vars": "off",
"@typescript-eslint/no-unused-expressions": "off",
"no-unused-expressions": "off"
}
},
{
"files": ["scripts/**/*.ts"],
"rules": {
"@typescript-eslint/no-explicit-any": "off"
}
}
],
"ignorePatterns": ["dist", "artifacts", "cache", "src/abis", "7702Frontend", "node_modules"]
}
28 changes: 28 additions & 0 deletions .github/workflows/linters.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
on:
workflow_call:

env:
NODE_ENV: ci

name: "Linters"

jobs:
lint:
name: Code Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 24.x
- run: npm ci --ignore-scripts
- run: npm run lint

commit-lint:
name: Commit Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Commit Lint Dependencies
run: npm install @commitlint/config-conventional
- uses: JulienKode/pull-request-name-linter-action@v0.5.0
Comment on lines +21 to +28

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '\n== workflows files ==\n'
git ls-files .github/workflows

printf '\n== linters.yml (numbered) ==\n'
cat -n .github/workflows/linters.yml

printf '\n== release.yml (numbered) ==\n'
cat -n .github/workflows/release.yml

Repository: TrustVC/7702SmartAccount

Length of output: 2824


🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '\n== lines mentioning workflow_call / pull_request / push ==\n'
rg -n "workflow_call|pull_request|push|pull_request_target|workflow_dispatch|commit-lint|pull-request-name-linter-action|npm install `@commitlint/config-conventional`" .github/workflows

Repository: TrustVC/7702SmartAccount

Length of output: 647


🏁 Script executed:

#!/bin/bash
set -euo pipefail

python3 - <<'PY'
from pathlib import Path
for path in [Path('.github/workflows/linters.yml'), Path('.github/workflows/release.yml')]:
    print(f"\n== {path} ==")
    text = path.read_text()
    for i, line in enumerate(text.splitlines(), 1):
        if 'commit-lint' in line or 'pull-request-name-linter-action' in line or 'workflow_call' in line or 'pull_request' in line or 'push:' in line or 'main' in line:
            print(f"{i:4}: {line}")
PY

Repository: TrustVC/7702SmartAccount

Length of output: 383


🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '\n== pull_requests.yml (numbered) ==\n'
cat -n .github/workflows/pull_requests.yml

printf '\n== references to pull-request-name-linter-action across repo ==\n'
rg -n "pull-request-name-linter-action|commit-lint|Commit Lint|pr title|pull request name" .

Repository: TrustVC/7702SmartAccount

Length of output: 1063


🌐 Web query:

JulienKode/pull-request-name-linter-action requires pull_request event title github context

💡 Result:

The JulienKode/pull-request-name-linter-action specifically requires a pull_request event to function because it relies on the GitHub Actions context to retrieve the pull request title [1]. The action retrieves the title internally from the GitHub context payload using github.context.payload.pull_request.title [1]. Because of this, it must be triggered by a workflow configured with the pull_request event [2][3]. To ensure the action correctly receives the pull request title, your workflow must include the appropriate configuration in the on: section [2][3]: on: pull_request: types: ['opened', 'edited', 'reopened', 'synchronize'] If a workflow is triggered by an event that does not contain pull request metadata (such as a push event), the action will not have access to the title [4][5]. Furthermore, users have noted that if you manually re-run a workflow, the action may use the cached title from the original event payload rather than the updated PR title [6]. If you find the action is not detecting title changes, ensure that your workflow includes the edited activity type [2][7].

Citations:


Move the PR-title lint out of the reusable workflow. JulienKode/pull-request-name-linter-action only works on pull_request events, but .github/workflows/release.yml reuses linters.yml on push to main, so this job can fail in release runs. Move it to .github/workflows/pull_requests.yml or guard it with if: github.event_name == 'pull_request'.

🧰 Tools
🪛 zizmor (1.26.1)

[warning] 25-25: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)


[warning] 27-27: ad-hoc installation of packages (adhoc-packages): installs a package outside of a lockfile

(adhoc-packages)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/linters.yml around lines 21 - 28, The Commit Lint job
currently includes JulienKode/pull-request-name-linter-action in the reusable
linters workflow, but that action only works on pull_request events and can
break release runs triggered from release.yml on push to main. Move the PR title
check out of the linters job in linters.yml into the pull_requests workflow, or
add an event guard on the existing step/job so it only runs when
github.event_name is pull_request.

Comment thread
coderabbitai[bot] marked this conversation as resolved.
30 changes: 30 additions & 0 deletions .github/workflows/pull_requests.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
on:
pull_request:
types: [opened, reopened, synchronize]
Comment on lines +2 to +3

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Re-run this workflow when the PR title is edited.

The linter stack now includes PR-title validation, but pull_request.types excludes edited. A title fixed after a failure will not be revalidated until someone pushes another commit or reopens the PR.

Suggested fix
   pull_request:
-    types: [opened, reopened, synchronize]
+    types: [opened, reopened, synchronize, edited]
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
pull_request:
types: [opened, reopened, synchronize]
pull_request:
types: [opened, reopened, synchronize, edited]
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/pull_requests.yml around lines 2 - 3, The pull request
workflow trigger is missing the edited event, so PR-title validation will not
rerun when only the title changes. Update the pull_request.types configuration
in the workflow definition to include edited alongside opened, reopened, and
synchronize so the linter stack revalidates titles after edits.


env:
NODE_ENV: ci

name: "Pull Requests"

jobs:
tests:
name: Tests
uses: ./.github/workflows/tests.yml

linters:
name: Linters
uses: ./.github/workflows/linters.yml

eslint-review:
name: ESLint Review
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: reviewdog/action-eslint@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
eslint_flags: "src scripts test --ext .ts"
Comment thread
coderabbitai[bot] marked this conversation as resolved.
53 changes: 53 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Release

on:
push:
branches:
- main
- dev

env:
NODE_ENV: ci

jobs:
tests:
name: Tests
uses: ./.github/workflows/tests.yml

linters:
name: Linters
uses: ./.github/workflows/linters.yml

release:
name: Publish Release
runs-on: ubuntu-latest
needs: [tests, linters]
permissions:
contents: write
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Cache node modules
uses: actions/cache@v4
with:
path: ~/node_modules
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}

- uses: actions/setup-node@v4
with:
node-version: 24
registry-url: https://registry.npmjs.org/

- run: npm ci
- run: npm run build
- run: npm run semantic-release

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
rg -n --glob 'package.json' --glob '.releaserc*' --glob 'release.config.*' 'semantic-release|branches|dev|main'

Repository: TrustVC/7702SmartAccount

Length of output: 162


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== top-level files =="
git ls-files | sed -n '1,200p'

echo
echo "== semantic-release related files =="
git ls-files | rg '(^|/)(package\.json|\.releaserc(\.[^/]+)?|release\.config\.[^/]+|.*release.*\.yml|.*release.*\.yaml)$'

echo
echo "== search for release config terms =="
rg -n --hidden --glob '!node_modules' --glob '!dist' --glob '!build' 'semantic-release|release\.branches|branches\s*:' .

echo
echo "== workflow snippet =="
sed -n '1,140p' .github/workflows/release.yml

Repository: TrustVC/7702SmartAccount

Length of output: 8449


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== semantic-release related files =="
git ls-files | rg '(^|/)(package\.json|\.releaserc(\.[^/]+)?|release\.config\.[^/]+|.*release.*\.yml|.*release.*\.yaml)$' || true

echo
echo "== search for release config terms =="
rg -n --hidden --glob '!node_modules' --glob '!dist' --glob '!build' 'semantic-release|release\.branches|branches\s*:' . || true

echo
echo "== workflow snippet =="
sed -n '1,140p' .github/workflows/release.yml

Repository: TrustVC/7702SmartAccount

Length of output: 6610


Restrict semantic-release to configured branches
.github/workflows/release.yml triggers on dev, but there’s no repo-level semantic-release branches config for it. Either add dev to the release config or stop running this job on that branch.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/release.yml at line 50, The release workflow is running
semantic-release on a branch that is not configured for releases. Update the
semantic-release configuration to include the dev branch, or change the release
job in the workflow so the semantic-release step only runs on branches already
configured for release; use the semantic-release invocation in the release
workflow to locate the change.

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.npm_token }}
31 changes: 31 additions & 0 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
on:
workflow_call:

env:
NODE_ENV: ci

name: "Tests"

jobs:
run-tests:
name: Run Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 24.x
- run: npm ci --ignore-scripts
- run: npm run build:sol
- run: npm test

test-build:
name: Test Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 24.x
- run: npm ci --ignore-scripts
- run: npm run build
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
node_modules
.env
/dist

# Hardhat files
/cache
/artifacts
/7702Frontend

# TypeChain files
/typechain
Expand Down
11 changes: 0 additions & 11 deletions 7702Frontend/.env.example

This file was deleted.

12 changes: 0 additions & 12 deletions 7702Frontend/index.html

This file was deleted.

Loading
Loading