use contract addresses from safe-modules-deployments (#950)

* use contract addresses from safe-modules-deployments

* upated safe passkey address in fixtures

packages/protocol-kit/package.json

@@ -78,7 +78,7 @@
     "@noble/hashes": "^1.3.3",
     "@safe-global/safe-core-sdk-types": "^5.1.0-alpha.2",
     "@safe-global/safe-deployments": "^1.37.3",
-    "@safe-global/safe-modules-deployments": "^2.2.0",
+    "@safe-global/safe-modules-deployments": "^2.2.1",
     "abitype": "^1.0.2",
     "ethereumjs-util": "^7.1.5",
     "ethers": "^6.13.1",

packages/protocol-kit/src/SafeProvider.ts

@@ -98,13 +98,6 @@ class SafeProvider {
       const chainId = await safeProvider.getChainId()
       const customContracts = contractNetworks?.[chainId.toString()]
 
-      // FIXME: Passkeys is an experimental feature and is currently only available on the Sepolia chain.
-      if (chainId !== 11155111n && process.env.TEST_NETWORK !== 'hardhat') {
-        throw new Error(
-          'Passkeys is an experimental feature and is currently only available on the Sepolia chain.'
-        )
-      }
-
       let passkeySigner
       const isPasskeySignerConfig = !(signer instanceof PasskeySigner)
 

packages/protocol-kit/src/contracts/config.ts

@@ -12,10 +12,11 @@ import {
   getSimulateTxAccessorDeployment
 } from '@safe-global/safe-deployments'
 import {
-  SafeVersion,
-  SafeWebAuthnSignerFactory_1_4_1_ContractArtifacts,
-  SafeWebAuthnSharedSigner_1_4_1_ContractArtifacts
-} from '@safe-global/safe-core-sdk-types'
+  Deployment,
+  getSafeWebAuthnSignerFactoryDeployment,
+  getSafeWebAuthnShareSignerDeployment
+} from '@safe-global/safe-modules-deployments'
+import { SafeVersion } from '@safe-global/safe-core-sdk-types'
 
 export const DEFAULT_SAFE_VERSION: SafeVersion = '1.3.0'
 export const SAFE_BASE_VERSION: SafeVersion = '1.0.0'
@@ -49,8 +50,8 @@ export const safeDeploymentsVersions: SafeDeploymentsVersions = {
     signMessageLibVersion: '1.4.1',
     createCallVersion: '1.4.1',
     simulateTxAccessorVersion: '1.4.1',
-    safeWebAuthnSignerFactoryVersion: '1.4.1',
-    safeWebAuthnSharedSignerVersion: '1.4.1'
+    safeWebAuthnSignerFactoryVersion: '0.2.1',
+    safeWebAuthnSharedSignerVersion: '0.2.1'
   },
   '1.3.0': {
     safeSingletonVersion: '1.3.0',
@@ -62,8 +63,8 @@ export const safeDeploymentsVersions: SafeDeploymentsVersions = {
     signMessageLibVersion: '1.3.0',
     createCallVersion: '1.3.0',
     simulateTxAccessorVersion: '1.3.0',
-    safeWebAuthnSignerFactoryVersion: '1.4.1',
-    safeWebAuthnSharedSignerVersion: '1.4.1'
+    safeWebAuthnSignerFactoryVersion: '0.2.1',
+    safeWebAuthnSharedSignerVersion: '0.2.1'
   },
   '1.2.0': {
     safeSingletonVersion: '1.2.0',
@@ -74,8 +75,8 @@ export const safeDeploymentsVersions: SafeDeploymentsVersions = {
     multiSendCallOnlyVersion: '1.3.0',
     signMessageLibVersion: '1.3.0',
     createCallVersion: '1.3.0',
-    safeWebAuthnSignerFactoryVersion: '1.4.1',
-    safeWebAuthnSharedSignerVersion: '1.4.1'
+    safeWebAuthnSignerFactoryVersion: '0.2.1',
+    safeWebAuthnSharedSignerVersion: '0.2.1'
   },
   '1.1.1': {
     safeSingletonVersion: '1.1.1',
@@ -86,8 +87,8 @@ export const safeDeploymentsVersions: SafeDeploymentsVersions = {
     multiSendCallOnlyVersion: '1.3.0',
     signMessageLibVersion: '1.3.0',
     createCallVersion: '1.3.0',
-    safeWebAuthnSignerFactoryVersion: '1.4.1',
-    safeWebAuthnSharedSignerVersion: '1.4.1'
+    safeWebAuthnSignerFactoryVersion: '0.2.1',
+    safeWebAuthnSharedSignerVersion: '0.2.1'
   },
   '1.0.0': {
     safeSingletonVersion: '1.0.0',
@@ -98,27 +99,18 @@ export const safeDeploymentsVersions: SafeDeploymentsVersions = {
     multiSendCallOnlyVersion: '1.3.0',
     signMessageLibVersion: '1.3.0',
     createCallVersion: '1.3.0',
-    safeWebAuthnSignerFactoryVersion: '1.4.1',
-    safeWebAuthnSharedSignerVersion: '1.4.1'
+    safeWebAuthnSignerFactoryVersion: '0.2.1',
+    safeWebAuthnSharedSignerVersion: '0.2.1'
   }
 }
 
 export const safeDeploymentsL1ChainIds = [
   1n // Ethereum Mainnet
 ]
 
-/*
-  Some of the contracts used in the PoC app are still experimental, and not included in
-  the production deployment packages, thus we need to hardcode their addresses here.
-  Deployment commit: https://github.com/safe-global/safe-modules/commit/3853f34f31837e0a0aee47a4452564278f8c62ba
-*/
-// FIXME: use the production deployment packages instead of a hardcoded addresses
-const WEBAUTHN_SIGNER_FACTORY_ADDRESS = '0xc40156AbFEE908E2e3269DA84fa9609bcCDDec60'
-const SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS = '0x608Cf2e3412c6BDA14E6D8A0a7D27c4240FeD6F1'
-
 const contractFunctions: Record<
   contractName,
-  (filter?: DeploymentFilter) => SingletonDeployment | undefined
+  (filter?: DeploymentFilter) => SingletonDeployment | undefined | Deployment
 > = {
   safeSingletonVersion: getSafeSingletonDeployment,
   safeSingletonL2Version: getSafeL2SingletonDeployment,
@@ -129,44 +121,8 @@ const contractFunctions: Record<
   signMessageLibVersion: getSignMessageLibDeployment,
   createCallVersion: getCreateCallDeployment,
   simulateTxAccessorVersion: getSimulateTxAccessorDeployment,
-  /*
-    safeWebAuthnSignerFactory contract is still experimental, and not included in
-    the production deployment packages, thus we need to hardcode the addresses here
-  */
-  safeWebAuthnSignerFactoryVersion: () => ({
-    abi: SafeWebAuthnSignerFactory_1_4_1_ContractArtifacts.abi as unknown as any[],
-    defaultAddress: WEBAUTHN_SIGNER_FACTORY_ADDRESS,
-    version: '1.4.1',
-    contractName: 'safeWebAuthnSignerFactoryVersion',
-    networkAddresses: {},
-    released: true,
-    // There was a major upgrade in safe-deployments, this property was added.
-    deployments: {
-      canonical: {
-        address: WEBAUTHN_SIGNER_FACTORY_ADDRESS,
-        codeHash: '0x0000000000000000000000000000000000000000000000000000000000000000'
-      }
-    }
-  }),
-  /*
-    safeWebAuthnSharedSigner contract is still experimental, and not included in
-    the production deployment packages, thus we need to hardcode the addresses here
-  */
-  safeWebAuthnSharedSignerVersion: () => ({
-    abi: SafeWebAuthnSharedSigner_1_4_1_ContractArtifacts.abi as unknown as any[],
-    defaultAddress: SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
-    version: '1.4.1',
-    contractName: 'safeWebAuthnSharedSignerVersion',
-    networkAddresses: {},
-    released: true,
-    // There was a major upgrade in safe-deployments, this property was added.
-    deployments: {
-      canonical: {
-        address: SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
-        codeHash: '0x0000000000000000000000000000000000000000000000000000000000000000'
-      }
-    }
-  })
+  safeWebAuthnSignerFactoryVersion: getSafeWebAuthnSignerFactoryDeployment,
+  safeWebAuthnSharedSignerVersion: getSafeWebAuthnShareSignerDeployment
 }
 
 export function getContractDeployment(
@@ -182,7 +138,7 @@ export function getContractDeployment(
     released: true
   }
 
-  const deployment = contractFunctions[contractName](filters)
+  const deployment = contractFunctions[contractName](filters) as SingletonDeployment
 
   return deployment
 }

packages/relay-kit/package.json

@@ -41,7 +41,7 @@
     "@gelatonetwork/relay-sdk": "^5.5.0",
     "@safe-global/protocol-kit": "^4.1.0-alpha.2",
     "@safe-global/safe-core-sdk-types": "^5.1.0-alpha.2",
-    "@safe-global/safe-modules-deployments": "^2.1.1",
+    "@safe-global/safe-modules-deployments": "^2.2.1",
     "ethers": "^6.13.1"
   }
 }

packages/relay-kit/src/packs/safe-4337/Safe4337Pack.test.ts

@@ -537,7 +537,7 @@ describe('Safe4337Pack', () => {
   })
 
   describe('When using a passkey signer', () => {
-    const SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS = '0x608Cf2e3412c6BDA14E6D8A0a7D27c4240FeD6F1'
+    const SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS = '0x94a4F6affBd8975951142c3999aEAB7ecee555c2'
     const CUSTOM_P256_VERIFIER_ADDRESS = '0xcA89CBa4813D5B40AeC6E57A30d0Eeb500d6531b'
     const PASSKEY_PRIVATE_KEY = BigInt(process.env.PASSKEY_PRIVATE_KEY!)
     jest.setTimeout(120_000)

packages/relay-kit/src/packs/safe-4337/Safe4337Pack.ts

@@ -20,7 +20,8 @@ import {
 } from '@safe-global/safe-core-sdk-types'
 import {
   getAddModulesLibDeployment,
-  getSafe4337ModuleDeployment
+  getSafe4337ModuleDeployment,
+  getSafeWebAuthnShareSignerDeployment
 } from '@safe-global/safe-modules-deployments'
 import EthSafeOperation from './SafeOperation'
 import {
@@ -55,14 +56,6 @@ const MAX_ERC20_AMOUNT_TO_APPROVE =
 
 const EQ_OR_GT_1_4_1 = '>=1.4.1'
 
-/**
-  Some of the contracts used in the PoC app are still experimental, and not included in
-  the production deployment packages, thus we need to hardcode their addresses here.
-  Deployment commit: https://github.com/safe-global/safe-modules/commit/3853f34f31837e0a0aee47a4452564278f8c62ba
-*/
-// FIXME: use the production deployment packages instead of a hardcoded address
-const SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS = '0x608Cf2e3412c6BDA14E6D8A0a7D27c4240FeD6F1'
-
 /**
  * Safe4337Pack class that extends RelayKitBasePack.
  * This class provides an implementation of the ERC-4337 that enables Safe accounts to wrk with UserOperations.
@@ -84,6 +77,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
 
   #ENTRYPOINT_ADDRESS: string
   #SAFE_4337_MODULE_ADDRESS: string = '0x'
+  #SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS: string = '0x'
 
   #bundlerClient: ethers.JsonRpcProvider
 
@@ -103,7 +97,8 @@ export class Safe4337Pack extends RelayKitBasePack<{
     chainId,
     paymasterOptions,
     entryPointAddress,
-    safe4337ModuleAddress
+    safe4337ModuleAddress,
+    safeWebAuthnSharedSignerAddress
   }: Safe4337Options) {
     super(protocolKit)
 
@@ -113,6 +108,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
     this.#paymasterOptions = paymasterOptions
     this.#ENTRYPOINT_ADDRESS = entryPointAddress
     this.#SAFE_4337_MODULE_ADDRESS = safe4337ModuleAddress
+    this.#SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS = safeWebAuthnSharedSignerAddress || '0x'
   }
 
   /**
@@ -167,6 +163,8 @@ export class Safe4337Pack extends RelayKitBasePack<{
       )
     }
 
+    let safeWebAuthnSharedSignerAddress = customContracts?.safeWebAuthnSharedSignerAddress
+
     // Existing Safe
     if ('safeAddress' in options) {
       protocolKit = await Safe.init({
@@ -247,10 +245,24 @@ export class Safe4337Pack extends RelayKitBasePack<{
       const isPasskeySigner = await safeProvider.isPasskeySigner()
 
       if (isPasskeySigner) {
+        if (!safeWebAuthnSharedSignerAddress) {
+          const safeWebAuthnSharedSignerDeployment = getSafeWebAuthnShareSignerDeployment({
+            released: true,
+            version: '0.2.1',
+            network
+          })
+          safeWebAuthnSharedSignerAddress =
+            safeWebAuthnSharedSignerDeployment?.networkAddresses[network]
+        }
+
+        if (!safeWebAuthnSharedSignerAddress) {
+          throw new Error(`safeWebAuthnSharedSignerAddress not available for chain ${network}`)
+        }
+
         const passkeySigner = (await safeProvider.getExternalSigner()) as PasskeySigner
 
-        if (!options.owners.includes(SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS)) {
-          options.owners.push(SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS)
+        if (!options.owners.includes(safeWebAuthnSharedSignerAddress)) {
+          options.owners.push(safeWebAuthnSharedSignerAddress)
         }
 
         const passkeyOwnerConfiguration = {
@@ -259,7 +271,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
         }
 
         const sharedSignerTransaction = {
-          to: SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
+          to: safeWebAuthnSharedSignerAddress,
           value: '0',
           data: INTERFACES.encodeFunctionData('configure', [passkeyOwnerConfiguration]),
           operation: OperationType.DelegateCall // DelegateCall required into the SafeWebAuthnSharedSigner instance in order for it to set its configuration.
@@ -351,7 +363,8 @@ export class Safe4337Pack extends RelayKitBasePack<{
       paymasterOptions,
       bundlerUrl,
       entryPointAddress: selectedEntryPoint!,
-      safe4337ModuleAddress
+      safe4337ModuleAddress,
+      safeWebAuthnSharedSignerAddress
     })
   }
 
@@ -385,7 +398,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
         userOperationToHexValues(
           addDummySignature(
             safeOperation.toUserOperation(),
-            SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
+            this.#SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
             threshold
           )
         ),
@@ -419,7 +432,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
       const paymasterEstimation = await feeEstimator?.getPaymasterEstimation?.({
         userOperation: addDummySignature(
           safeOperation.toUserOperation(),
-          SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
+          this.#SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
           threshold
         ),
         paymasterUrl: this.#paymasterOptions.paymasterUrl,
@@ -622,7 +635,7 @@ export class Safe4337Pack extends RelayKitBasePack<{
         const passkeySignature = await this.protocolKit.signHash(safeOpHash)
         // SafeWebAuthnSharedSigner signature
         signature = new EthSafeSignature(
-          SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
+          this.#SAFE_WEBAUTHN_SHARED_SIGNER_ADDRESS,
           passkeySignature.data,
           true // passkeys are contract signatures
         )

packages/relay-kit/src/packs/safe-4337/testing-utils/fixtures.ts

@@ -8,7 +8,7 @@ export const SAFE_ADDRESS_v1_3_0 = '0x8C35a08Af278518B59D04ddDe3F1b370aD766D22'
 export const SAFE_ADDRESS_4337_MODULE_NOT_ENABLED = '0xfC82a1e4A045a44527e8b45FC70332C8F66fc32B'
 export const SAFE_ADDRESS_4337_FALLBACKHANDLER_NOT_ENABLED =
   '0xA6FDc4e18404E1715D1bC51B07266c91393C6622'
-export const SAFE_ADDRESS_4337_PASSKEY = '0x6FC89F63A59776BE6679c5b09554D919eeDa41a7' // Safe owned by passkey signer + 4337 module + fallback handler enabled
+export const SAFE_ADDRESS_4337_PASSKEY = '0x02DCbFD25178b6b8eFb45603D30b5123179117DD' // Safe owned by passkey signer + 4337 module + fallback handler enabled
 export const SAFE_MODULES_V0_3_0 = '0.3.0'
 export const PAYMASTER_ADDRESS = '0x0000000000325602a77416A16136FDafd04b299f'
 export const PAYMASTER_TOKEN_ADDRESS = '0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238'

packages/relay-kit/src/packs/safe-4337/types.ts

@@ -44,6 +44,7 @@ export type Safe4337InitOptions = {
     entryPointAddress?: string
     safe4337ModuleAddress?: string
     addModulesLibAddress?: string
+    safeWebAuthnSharedSignerAddress?: string
   }
   options: ExistingSafeOptions | PredictedSafeOptions
   paymasterOptions?: PaymasterOptions
@@ -57,6 +58,7 @@ export type Safe4337Options = {
   bundlerClient: ethers.JsonRpcProvider
   entryPointAddress: string
   safe4337ModuleAddress: string
+  safeWebAuthnSharedSignerAddress?: string
 }
 
 export type Safe4337CreateTransactionProps = {

yarn.lock

@@ -1803,10 +1803,10 @@
   dependencies:
     semver "^7.6.2"
 
-"@safe-global/safe-modules-deployments@^2.1.1", "@safe-global/safe-modules-deployments@^2.2.0":
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/@safe-global/safe-modules-deployments/-/safe-modules-deployments-2.2.0.tgz#bb42c8010bbde65892fe438aaf8959e17c8654d6"
-  integrity sha512-ZzNhMf8Xxods3TrY7kSrescnicHQRFH7eYx7TMKqVhxFScEiuYmivQMdV94ziF+Hot0xCcrrFeed657U/oXrJw==
+"@safe-global/safe-modules-deployments@^2.2.1":
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/@safe-global/safe-modules-deployments/-/safe-modules-deployments-2.2.1.tgz#a8b88f2afc6ec04fed09968fe1e4990ed975c86e"
+  integrity sha512-H0XpusyXVcsTuRsQSq0FoBKqRfhZH87/1DrFEmXXPXmI3fJkvxq3KpTaTTqzcqoIe/J+erwVZQUYNfL68EcvAQ==
 
 "@safe-global/safe-passkey@0.2.0-alpha.1":
   version "0.2.0-alpha.1"