chore: Add Expiry Extraction Utilities to gator-permissions-controller #7195
+192
−26
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Draft
7 tasks
hanzel98
changed the title
mj-kiwi
previously approved these changes
Nov 19, 2025
packages/gator-permissions-controller/src/decodePermission/decodePermission.ts
Outdated
Show resolved
Hide resolved
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
packages/gator-permissions-controller/src/decodePermission/decodePermission.ts
Show resolved
Hide resolved
MoMannn
requested changes
Nov 20, 2025
Contributor
MoMannn
left a comment
MoMannn
left a comment
There was a problem hiding this comment.
I think that instead of a util function the expiry should be decoded and saved under Rules in the permission. So that anyone fetching the permissions would already get decoded expiry and does not need to decode every time.
- Export extractExpiryFromPermissionContext to extract expiry from delegation contexts - Export DELEGATION_FRAMEWORK_VERSION constant for consistency - Add extractExpiryFromCaveatTerms helper for parsing TimestampEnforcer terms - Add validation for terms length (must be exactly 32 bytes) - Add overflow protection for timestamps exceeding Number.MAX_SAFE_INTEGER - Add comprehensive test coverage for new functions - Refactor existing code to use new shared expiry extraction logic
- Fix import of DELEGATION_FRAMEWORK_VERSION in test file - Remove redundant Number.isSafeInteger check (hexToNumber already validates) - Update extractExpiry tests to reflect actual error behavior - Update error message tests in decodePermission.test.ts
- Add tests with real encoded delegations using encodeDelegations - Cover success case: extraction from valid context with timestamp caveat - Cover edge cases: no timestamp caveat, zero expiry, multiple delegations - Cover error cases: invalid context, unsupported chain, malformed data - This increases coverage for lines 276-299 in decodePermission.ts
- Add test mocking decodeDelegations to return array with undefined element - This covers line 278: the defensive check for null/undefined delegation - Should achieve 100% code coverage
…sionResponseSanitized - Export DELEGATION_FRAMEWORK_VERSION constant for version consistency - Include rules property in PermissionResponseSanitized for stronger typing - Remove extractExpiryFromPermissionContext (no longer needed) - Keep extractExpiryFromCaveatTerms as internal implementation detail - Update tests and remove unused exports - Fix linting issues
hanzel98
force-pushed
the
feat/gator-permissions-expiry-extraction
branch
from
a544388 to
b90b881
Compare
MoMannn
requested changes
Nov 21, 2025
Contributor
There was a problem hiding this comment.
For consistency I would move this tests to decodePermission.test.ts since the method is in that coresponsing file.
| * @returns The expiry timestamp in seconds, or null if no valid expiry exists | ||
| * @throws If the terms are not exactly 32 bytes or if the timestampAfterThreshold is non-zero | ||
| */ | ||
| export const extractExpiryFromCaveatTerms = (terms: Hex): number | null => { |
Contributor
There was a problem hiding this comment.
This probably does not need to be exported now? Or if we still want it to be usable as a package then it would also need to be exported in index but I don't think we need that now.
- Move extractExpiryFromCaveatTerms tests to decodePermission.test.ts for consistency - Make extractExpiryFromCaveatTerms internal (remove export) as it's only used within decodePermission.ts - Add comprehensive edge case tests through getPermissionDataAndExpiry: - Terms too short/long validation - Safe integer validation for expiry timestamps - Large valid timestamp handling - Delete separate extractExpiry.test.ts file - All 49 tests passing with 100% coverage of extraction logic
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explanation
This PR export the delegation framework version and skips the rules from the sanitization of the permissions response. The rules include the expiry.
Solution
This PR introduces:
Skip rules from sanitizationDELEGATION_FRAMEWORK_VERSIONconstantconstants.tsfile to prevent circular dependenciesReferences
Checklist
Note
Exports DELEGATION_FRAMEWORK_VERSION, preserves rules in sanitized permission responses, and adds robust expiry extraction/validation for TimestampEnforcer with expanded tests.
DELEGATION_FRAMEWORK_VERSIONtosrc/constants.ts; update imports and re-export fromsrc/index.ts.#sanitizeStoredGatorPermissionandPermissionResponseSanitizedto remove onlydependencyInfoandsigner(retainrules).extractExpiryFromCaveatTermsand use it ingetPermissionDataAndExpiry; enforce exact terms length, zerotimestampAfterThreshold, and safe integer parsing; support large valid expiries.constants; add/adjust cases for detailed expiry validation (length too short/long, non-zero after-threshold, non-hex terms, unsafe integers, large valid timestamp).CHANGELOG.mdto noterulesinclusion inPermissionResponseSanitizedand exportedDELEGATION_FRAMEWORK_VERSION.Written by Cursor Bugbot for commit 30f23bc. This will update automatically on new commits. Configure here.