Skip to content

feat: add payee rule and LogicalOrWrapper enforcer#219

Open
mj-kiwi wants to merge 6 commits intomainfrom
feat/add-payee-rule
Open

feat: add payee rule and LogicalOrWrapper enforcer#219
mj-kiwi wants to merge 6 commits intomainfrom
feat/add-payee-rule

Conversation

@mj-kiwi
Copy link
Copy Markdown
Contributor

@mj-kiwi mj-kiwi commented Apr 30, 2026
edited by cursor Bot
Loading

📝 Description

Add optional payee execution rule to PermissionRequestParameter for allowance-type permissions, and add LogicalOrWrapperEnforcer encoding/decoding support to delegation-core.

🔄 What Changed?

  • Added optional payee field on PermissionRequestParameter that maps to a payee execution rule (allowance, stream, periodic permissions only)
  • Added LogicalOrWrapperEnforcer caveat to delegation-core with createLogicalOrWrapperTerms, decodeLogicalOrWrapperTerms, createLogicalOrWrapperArgs, and decodeLogicalOrWrapperArgs
  • Checksum-normalize payee addresses in granted permission responses

🚀 Why?

  • Payee rule allows restricting which addresses may receive funds from an allowance-type permission
  • LogicalOrWrapper enables combining multiple caveat groups with OR logic — redemption succeeds if any single group passes

🧪 How to Test?

  • Automated tests added/updated
  • All existing tests pass

⚠️ Breaking Changes

  • No breaking changes

📋 Checklist

  • Code follows the project's coding standards
  • Self-review completed
  • Tests added/updated
  • Changelog updated (if needed)
  • All CI checks pass

CHANGELOG entry

### Added
- Add optional `payee` execution rule to `PermissionRequestParameter` for allowance-type permissions ([#219](https://github.com/MetaMask/smart-accounts-kit/pull/219))

Note

Medium Risk
Adds a new execution rule (payee) that affects how permission requests are serialized/validated and how returned rules are normalized, plus introduces a new caveat encoding format (LogicalOrWrapper) where incorrect ABI packing could break interoperability.

Overview
Adds support for a new LogicalOrWrapperEnforcer caveat in delegation-core, including ABI encode/decode helpers for both terms (OR over caveat groups) and redemption args (selected group + per-caveat args), and exports these helpers from the package.

Extends ERC-7715 permission requests in smart-accounts-kit with an optional payee field that is validated, checksummed, and mapped into a payee rule for wallet RPC requests; granted permission responses now checksum-normalize addresses for both redeemer and payee rules. Tests and the changelog/docs are updated accordingly.

Reviewed by Cursor Bugbot for commit b0cbf55. Bugbot is set up for automated code reviews on this repo. Configure here.

@mj-kiwi mj-kiwi requested a review from a team as a code owner April 30, 2026 00:59
@mj-kiwi mj-kiwi changed the title feat: add payee execution rule and update related functionality feat: add payee rule Apr 30, 2026
jeffsmale90
jeffsmale90 reviewed Apr 30, 2026
View reviewed changes
Comment thread packages/smart-accounts-kit/src/actions/erc7715Types.ts
Comment on lines +148 to +151
/**
* When set, adds a `payee` execution rule: only these addresses may receive funds from the permission.
*/
payee?: readonly Address[] | undefined | null;
Copy link
Copy Markdown
Collaborator

@jeffsmale90 jeffsmale90 Apr 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The payee rule is only applicable for allowance type permissions (allowance / stream / periodic).

We could either make PermissionRequestParameter generic and extract the supported rule types (seems difficult and maybe over-engineered) or update the comment on this parameter to indicate that it's only supported on allowance type permissions.

Copy link
Copy Markdown
Contributor Author

@mj-kiwi mj-kiwi May 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I updated the comment for the payee for now.

Comment thread packages/smart-accounts-kit/CHANGELOG.md Outdated
Comment on lines +12 to +14
- feat: add payee rule
- Optional `payee` on `PermissionRequestParameter` maps to a `payee` execution rule; granted permission responses checksum-normalize payee addresses in `rules`.

Copy link
Copy Markdown
Collaborator

@jeffsmale90 jeffsmale90 Apr 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be merged into a single line - and needs the PR link

@mj-kiwi mj-kiwi changed the title feat: add payee rule feat: add payee rule and LogicalOrWrapper enforcer May 1, 2026
@mj-kiwi mj-kiwi requested a review from jeffsmale90 May 1, 2026 02:39
jeffsmale90
jeffsmale90 reviewed May 1, 2026
View reviewed changes
Comment thread packages/delegation-core/src/caveats/logicalOrWrapper.ts Outdated
* Terms for configuring a LogicalOrWrapper caveat.
*/
export type LogicalOrWrapperTerms<TBytesLike extends BytesLike = BytesLike> = {
/** An array of caveat groups — redemption succeeds if any single group passes. */
Copy link
Copy Markdown
Collaborator

@jeffsmale90 jeffsmale90 May 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think actually, the caveat is successful if any of the caveats in the CaveatGroup specified by index by args is successful.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeffsmale90 jeffsmale90 jeffsmale90 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mj-kiwi @jeffsmale90