313 lines
11 KiB
TypeScript
313 lines
11 KiB
TypeScript
/**
|
|
* Wallet module — multichain Safe wallet visualization.
|
|
*
|
|
* Client-side only (no DB). Queries Safe Global API for balances,
|
|
* transfers, and multisig data across multiple chains.
|
|
*/
|
|
|
|
import { Hono } from "hono";
|
|
import { renderShell } from "../../server/shell";
|
|
import { getModuleInfoList } from "../../shared/module";
|
|
import type { RSpaceModule } from "../../shared/module";
|
|
import { renderLanding } from "./landing";
|
|
|
|
const routes = new Hono();
|
|
|
|
// ── Proxy Safe Global API (avoid CORS issues from browser) ──
|
|
routes.get("/api/safe/:chainId/:address/balances", async (c) => {
|
|
const chainId = c.req.param("chainId");
|
|
const address = c.req.param("address");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
const res = await fetch(`https://safe-transaction-${chainPrefix}.safe.global/api/v1/safes/${address}/balances/usd/?trusted=true&exclude_spam=true`);
|
|
if (!res.ok) return c.json({ error: "Safe API error" }, res.status as any);
|
|
const data = await res.json();
|
|
c.header("Cache-Control", "public, max-age=30");
|
|
return c.json(data);
|
|
});
|
|
|
|
routes.get("/api/safe/:chainId/:address/transfers", async (c) => {
|
|
const chainId = c.req.param("chainId");
|
|
const address = c.req.param("address");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
const limit = c.req.query("limit") || "100";
|
|
const res = await fetch(`https://safe-transaction-${chainPrefix}.safe.global/api/v1/safes/${address}/all-transactions/?limit=${limit}&executed=true`);
|
|
if (!res.ok) return c.json({ error: "Safe API error" }, res.status as any);
|
|
return c.json(await res.json());
|
|
});
|
|
|
|
routes.get("/api/safe/:chainId/:address/info", async (c) => {
|
|
const chainId = c.req.param("chainId");
|
|
const address = c.req.param("address");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
const res = await fetch(`https://safe-transaction-${chainPrefix}.safe.global/api/v1/safes/${address}/`);
|
|
if (!res.ok) return c.json({ error: "Safe API error" }, res.status as any);
|
|
const data = await res.json();
|
|
c.header("Cache-Control", "public, max-age=300");
|
|
return c.json(data);
|
|
});
|
|
|
|
// Detect which chains have a Safe for this address
|
|
routes.get("/api/safe/detect/:address", async (c) => {
|
|
const address = c.req.param("address");
|
|
const chains = Object.entries(CHAIN_MAP);
|
|
const results: Array<{ chainId: string; name: string; prefix: string }> = [];
|
|
|
|
await Promise.allSettled(
|
|
chains.map(async ([chainId, info]) => {
|
|
try {
|
|
const res = await fetch(`https://safe-transaction-${info.prefix}.safe.global/api/v1/safes/${address}/`, {
|
|
signal: AbortSignal.timeout(5000),
|
|
});
|
|
if (res.ok) results.push({ chainId, name: info.name, prefix: info.prefix });
|
|
} catch {}
|
|
})
|
|
);
|
|
|
|
return c.json({ address, chains: results.sort((a, b) => a.name.localeCompare(b.name)) });
|
|
});
|
|
|
|
// ── Chain mapping ──
|
|
const CHAIN_MAP: Record<string, { name: string; prefix: string }> = {
|
|
"1": { name: "Ethereum", prefix: "mainnet" },
|
|
"10": { name: "Optimism", prefix: "optimism" },
|
|
"100": { name: "Gnosis", prefix: "gnosis-chain" },
|
|
"137": { name: "Polygon", prefix: "polygon" },
|
|
"8453": { name: "Base", prefix: "base" },
|
|
"42161": { name: "Arbitrum", prefix: "arbitrum" },
|
|
"42220": { name: "Celo", prefix: "celo" },
|
|
"43114": { name: "Avalanche", prefix: "avalanche" },
|
|
"56": { name: "BSC", prefix: "bsc" },
|
|
"324": { name: "zkSync", prefix: "zksync" },
|
|
"11155111": { name: "Sepolia", prefix: "sepolia" },
|
|
"84532": { name: "Base Sepolia", prefix: "base-sepolia" },
|
|
};
|
|
|
|
function getSafePrefix(chainId: string): string | null {
|
|
return CHAIN_MAP[chainId]?.prefix || null;
|
|
}
|
|
|
|
// ── Safe Proposal / Confirm / Execute (EncryptID-authenticated) ──
|
|
|
|
// Helper: extract and verify JWT from request
|
|
async function verifyWalletAuth(c: any): Promise<{ sub: string; did?: string; username?: string; eid?: any } | null> {
|
|
const authorization = c.req.header("Authorization");
|
|
if (!authorization?.startsWith("Bearer ")) return null;
|
|
try {
|
|
// Import verify dynamically to avoid adding hono/jwt as a module-level dep
|
|
const { verify } = await import("hono/jwt");
|
|
const secret = process.env.JWT_SECRET;
|
|
if (!secret) return null;
|
|
const payload = await verify(authorization.slice(7), secret, "HS256");
|
|
return payload as any;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
// POST /api/safe/:chainId/:address/propose — Create a Safe transaction proposal
|
|
routes.post("/api/safe/:chainId/:address/propose", async (c) => {
|
|
const claims = await verifyWalletAuth(c);
|
|
if (!claims) return c.json({ error: "Authentication required" }, 401);
|
|
|
|
// Require ELEVATED auth level (3+)
|
|
if (!claims.eid || claims.eid.authLevel < 3) {
|
|
return c.json({ error: "Elevated authentication required for proposals" }, 403);
|
|
}
|
|
if (!claims.eid.capabilities?.wallet) {
|
|
return c.json({ error: "Wallet capability required" }, 403);
|
|
}
|
|
|
|
const chainId = c.req.param("chainId");
|
|
const address = c.req.param("address");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
const body = await c.req.json();
|
|
const { to, value, data, operation, safeTxGas, baseGas, gasPrice, gasToken, refundReceiver, nonce, signature, sender } = body;
|
|
|
|
if (!to || !signature || !sender) {
|
|
return c.json({ error: "Missing required fields: to, signature, sender" }, 400);
|
|
}
|
|
|
|
// Submit proposal to Safe Transaction Service
|
|
const res = await fetch(
|
|
`https://safe-transaction-${chainPrefix}.safe.global/api/v1/safes/${address}/multisig-transactions/`,
|
|
{
|
|
method: "POST",
|
|
headers: { "Content-Type": "application/json" },
|
|
body: JSON.stringify({
|
|
to,
|
|
value: value || "0",
|
|
data: data || "0x",
|
|
operation: operation || 0,
|
|
safeTxGas: safeTxGas || "0",
|
|
baseGas: baseGas || "0",
|
|
gasPrice: gasPrice || "0",
|
|
gasToken: gasToken || "0x0000000000000000000000000000000000000000",
|
|
refundReceiver: refundReceiver || "0x0000000000000000000000000000000000000000",
|
|
nonce,
|
|
signature,
|
|
sender,
|
|
}),
|
|
},
|
|
);
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return c.json({ error: "Safe Transaction Service error", details: err }, res.status as any);
|
|
}
|
|
|
|
return c.json(await res.json(), 201);
|
|
});
|
|
|
|
// POST /api/safe/:chainId/:address/confirm — Confirm a pending transaction
|
|
routes.post("/api/safe/:chainId/:address/confirm", async (c) => {
|
|
const claims = await verifyWalletAuth(c);
|
|
if (!claims) return c.json({ error: "Authentication required" }, 401);
|
|
|
|
if (!claims.eid || claims.eid.authLevel < 3) {
|
|
return c.json({ error: "Elevated authentication required" }, 403);
|
|
}
|
|
if (!claims.eid.capabilities?.wallet) {
|
|
return c.json({ error: "Wallet capability required" }, 403);
|
|
}
|
|
|
|
const chainId = c.req.param("chainId");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
const { safeTxHash, signature } = await c.req.json();
|
|
if (!safeTxHash || !signature) {
|
|
return c.json({ error: "Missing required fields: safeTxHash, signature" }, 400);
|
|
}
|
|
|
|
const res = await fetch(
|
|
`https://safe-transaction-${chainPrefix}.safe.global/api/v1/multisig-transactions/${safeTxHash}/confirmations/`,
|
|
{
|
|
method: "POST",
|
|
headers: { "Content-Type": "application/json" },
|
|
body: JSON.stringify({ signature }),
|
|
},
|
|
);
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return c.json({ error: "Confirmation failed", details: err }, res.status as any);
|
|
}
|
|
|
|
return c.json(await res.json());
|
|
});
|
|
|
|
// POST /api/safe/:chainId/:address/execute — Execute a ready transaction (CRITICAL auth)
|
|
routes.post("/api/safe/:chainId/:address/execute", async (c) => {
|
|
const claims = await verifyWalletAuth(c);
|
|
if (!claims) return c.json({ error: "Authentication required" }, 401);
|
|
|
|
// Require CRITICAL auth level (4) for execution
|
|
if (!claims.eid || claims.eid.authLevel < 4) {
|
|
return c.json({ error: "Critical authentication required for execution" }, 403);
|
|
}
|
|
if (!claims.eid.capabilities?.wallet) {
|
|
return c.json({ error: "Wallet capability required" }, 403);
|
|
}
|
|
|
|
// Check auth freshness (must be within 60 seconds)
|
|
const now = Math.floor(Date.now() / 1000);
|
|
if (claims.eid.authTime && (now - claims.eid.authTime) > 60) {
|
|
return c.json({ error: "Authentication too old for execution — re-authenticate" }, 403);
|
|
}
|
|
|
|
const chainId = c.req.param("chainId");
|
|
const address = c.req.param("address");
|
|
const chainPrefix = getSafePrefix(chainId);
|
|
if (!chainPrefix) return c.json({ error: "Unsupported chain" }, 400);
|
|
|
|
// Get pending transactions and find the one to execute
|
|
const { safeTxHash } = await c.req.json();
|
|
if (!safeTxHash) {
|
|
return c.json({ error: "Missing required field: safeTxHash" }, 400);
|
|
}
|
|
|
|
// Fetch the transaction details from Safe Transaction Service
|
|
const txRes = await fetch(
|
|
`https://safe-transaction-${chainPrefix}.safe.global/api/v1/multisig-transactions/${safeTxHash}/`,
|
|
);
|
|
|
|
if (!txRes.ok) {
|
|
return c.json({ error: "Transaction not found" }, 404);
|
|
}
|
|
|
|
const txData = await txRes.json() as { confirmations?: any[]; confirmationsRequired?: number; isExecuted?: boolean };
|
|
|
|
if (txData.isExecuted) {
|
|
return c.json({ error: "Transaction already executed" }, 400);
|
|
}
|
|
|
|
const confirmationsNeeded = txData.confirmationsRequired || 1;
|
|
const confirmationsReceived = txData.confirmations?.length || 0;
|
|
|
|
if (confirmationsReceived < confirmationsNeeded) {
|
|
return c.json({
|
|
error: "Not enough confirmations",
|
|
required: confirmationsNeeded,
|
|
received: confirmationsReceived,
|
|
}, 400);
|
|
}
|
|
|
|
// Transaction is ready — return execution data for client-side submission
|
|
// (Actual on-chain execution must happen client-side with the user's signer)
|
|
return c.json({
|
|
ready: true,
|
|
safeTxHash,
|
|
confirmations: confirmationsReceived,
|
|
required: confirmationsNeeded,
|
|
transaction: txData,
|
|
});
|
|
});
|
|
|
|
// ── Page route ──
|
|
routes.get("/", (c) => {
|
|
const spaceSlug = c.req.param("space") || "demo";
|
|
return c.html(renderShell({
|
|
title: `${spaceSlug} — Wallet | rSpace`,
|
|
moduleId: "rwallet",
|
|
spaceSlug,
|
|
modules: getModuleInfoList(),
|
|
theme: "dark",
|
|
body: `<folk-wallet-viewer></folk-wallet-viewer>`,
|
|
scripts: `<script type="module" src="/modules/rwallet/folk-wallet-viewer.js"></script>`,
|
|
styles: `<link rel="stylesheet" href="/modules/rwallet/wallet.css">`,
|
|
}));
|
|
});
|
|
|
|
export const walletModule: RSpaceModule = {
|
|
id: "rwallet",
|
|
name: "rWallet",
|
|
icon: "💰",
|
|
description: "Multichain Safe wallet visualization and treasury management",
|
|
routes,
|
|
standaloneDomain: "rwallet.online",
|
|
landingPage: renderLanding,
|
|
feeds: [
|
|
{
|
|
id: "balances",
|
|
name: "Token Balances",
|
|
kind: "economic",
|
|
description: "Multichain Safe token balances with USD valuations",
|
|
},
|
|
{
|
|
id: "transfers",
|
|
name: "Transfer History",
|
|
kind: "economic",
|
|
description: "Incoming and outgoing token transfers across chains",
|
|
},
|
|
],
|
|
acceptsFeeds: ["economic", "governance"],
|
|
};
|