Merge pull request #6 from Outblock/feat/erc4337

feat: ERC-4337 smart wallet support

Author: lmcmz

bun.lock

@@ -16,7 +16,7 @@ import { encode } from "@onflow/rlp"
 import { signWithKey } from "../utils/sign";
 
 interface ConnectProps {
-  address: string;
+  address?: string;
 }
 
 interface AuthnInfo {

components/Connect.tsx

@@ -31,6 +31,7 @@ const WalletCard = ({ address }: WalletCardProps) => {
   const [chainTab, setChainTab] = useState("flow");
 
   const evmAddress = store.keyInfo?.evmAddress;
+  const smartWalletAddress = store.keyInfo?.smartWalletAddress;
   const network = store.network || "testnet";
 
   const copyAddr = (addr: string) => {
@@ -88,6 +89,15 @@ const WalletCard = ({ address }: WalletCardProps) => {
                 </button>
               </div>
             )}
+            {smartWalletAddress && (
+              <div className="flex items-center gap-2">
+                <Badge variant="secondary" className="text-[10px] bg-amber-500/10 text-amber-400 border-amber-500/20 font-mono px-1.5">4337</Badge>
+                <code className="font-mono text-[11px] text-zinc-400 truncate flex-1">{smartWalletAddress}</code>
+                <button onClick={() => copyAddr(smartWalletAddress)} className="text-zinc-600 hover:text-zinc-300 transition-colors">
+                  <LuCopy className="h-3 w-3" />
+                </button>
+              </div>
+            )}
           </CardContent>
         </Card>
 

components/WalletCard.tsx

@@ -128,8 +128,8 @@ const ActivityList = () => {
   const { data: flowTxs, loading: flowLoading, error: flowError } = useFlowTransactions(store.address);
   const { data: evmTxs, loading: evmLoading, error: evmError } = useEvmTransactions(evmAddress);
 
-  const flowList: FlowTx[] = flowTxs?.data || flowTxs?.transactions || (Array.isArray(flowTxs) ? flowTxs : []);
-  const evmList: EvmTx[] = evmTxs?.data || evmTxs?.items || (Array.isArray(evmTxs) ? evmTxs : []);
+  const flowList: FlowTx[] = (flowTxs as any)?.data || (flowTxs as any)?.transactions || (Array.isArray(flowTxs) ? flowTxs : []);
+  const evmList: EvmTx[] = (evmTxs as any)?.data || (evmTxs as any)?.items || (Array.isArray(evmTxs) ? evmTxs : []);
 
   return (
     <div className="flex flex-col gap-2">

components/activity/ActivityList.tsx

@@ -59,7 +59,7 @@ const Setting = () => {
               onCheckedChange={(checked: boolean) => {
                 console.log("onCheckedChange ==>", enableBiometric);
                 setEnableBiometric(checked);
-                set(KEYS.BIOMETRIC, checked);
+                set(KEYS.BIOMETRIC, String(checked));
                 handleKeyInfo(checked);
               }}
             />

components/setting/Setting.tsx

@@ -95,10 +95,31 @@ function removeKeyFromList(address: string): void {
 type Mode = null | 'create' | 'passkey-signin';
 type CreateType = null | 'passkey' | 'privateKey';
 
+const COLORS = ["Red", "Blue", "Green", "Purple", "Orange", "Pink", "Cyan", "Gold", "Silver", "Coral", "Teal", "Lime", "Mint", "Amber", "Jade"];
+const ANIMALS = ["Fox", "Wolf", "Bear", "Eagle", "Hawk", "Tiger", "Lion", "Panda", "Otter", "Raven", "Falcon", "Lynx", "Cobra", "Dolphin", "Owl"];
+
+function generateRandomName(): string {
+  const color = COLORS[Math.floor(Math.random() * COLORS.length)];
+  const animal = ANIMALS[Math.floor(Math.random() * ANIMALS.length)];
+  return `${color} ${animal}`;
+}
+
+const MotionWrap = ({ children }: { children: React.ReactNode }) => (
+  <motion.div
+    initial={{ opacity: 0, y: 12 }}
+    animate={{ opacity: 1, y: 0 }}
+    exit={{ opacity: 0, y: -12 }}
+    transition={{ duration: 0.25, ease: [0.25, 0.46, 0.45, 0.94] }}
+    className="flex flex-col gap-3 w-full"
+  >
+    {children}
+  </motion.div>
+);
+
 const SignCard = () => {
   const { store, setStore } = useContext(StoreContext);
   const [mode, setMode] = useState<Mode>(null);
-  const [username, setUsername] = useState("");
+  const [username, setUsername] = useState(() => generateRandomName());
   const [createType, setCreateType] = useState<CreateType>(null);
   const [generatedKey, setGeneratedKey] = useState<{ pk: string; pubK: string } | null>(null);
   const [loading, setLoading] = useState(false);
@@ -130,8 +151,22 @@ const SignCard = () => {
   useEffect(() => {
     if (!registerInfo || !registerInfo.credentialId) return;
     const result = getPKfromRegister(registerInfo);
-    setStore((s: any) => ({ ...s, keyInfo: result, id: registerInfo.credentialId, username, isCreating: true }));
-    doCreateAccount(result.pubK);
+
+    // Derive smart wallet address for passkey (async)
+    (async () => {
+      try {
+        const { getSmartWalletAddress } = await import("../../utils/smartWallet");
+        const smartWalletAddress = await getSmartWalletAddress(
+          registerInfo.publicKeySec1Hex,
+          store.network || "testnet"
+        );
+        result.smartWalletAddress = smartWalletAddress;
+      } catch (e) {
+        console.warn("[passkey] Could not derive smart wallet address:", e);
+      }
+      setStore((s: any) => ({ ...s, keyInfo: result, id: registerInfo.credentialId, username, isCreating: true }));
+      doCreateAccount(result.pubK);
+    })();
   }, [registerInfo]);
 
   const doCreateAccount = async (pubK: string, signatureAlgorithm = "ECDSA_P256", hashAlgorithm = "SHA2_256") => {
@@ -213,18 +248,6 @@ const SignCard = () => {
 
   const modeKey = !mode ? "home" : mode === "create" && !createType ? "create" : mode === "create" && createType === "passkey" ? "passkey" : "home";
 
-  const MotionWrap = ({ children }: { children: React.ReactNode }) => (
-    <motion.div
-      initial={{ opacity: 0, y: 12 }}
-      animate={{ opacity: 1, y: 0 }}
-      exit={{ opacity: 0, y: -12 }}
-      transition={{ duration: 0.25, ease: [0.25, 0.46, 0.45, 0.94] }}
-      className="flex flex-col gap-3 w-full"
-    >
-      {children}
-    </motion.div>
-  );
-
   // === Main selector ===
   if (!mode) {
     return (
@@ -433,20 +456,33 @@ const SignCard = () => {
             <BackButton onClick={() => setCreateType(null)} />
             <div className="flex flex-col gap-2">
               <label className="text-sm text-gray-400">Username</label>
-              <Input
-                type="text"
-                placeholder="Choose a name for your passkey"
-                value={username}
-                onChange={(e: React.ChangeEvent<HTMLInputElement>) => setUsername(e.target.value)}
-                className="bg-zinc-900/50 border-zinc-700"
-              />
+              <div className="flex gap-2">
+                <Input
+                  type="text"
+                  placeholder="Choose a name for your passkey"
+                  value={username}
+                  onChange={(e: React.ChangeEvent<HTMLInputElement>) => setUsername(e.target.value)}
+                  className="bg-zinc-900/50 border-zinc-700 flex-1"
+                />
+                <Button
+                  variant="outline"
+                  size="icon"
+                  className="h-10 w-10 border-zinc-700 shrink-0"
+                  onClick={() => setUsername(generateRandomName())}
+                  title="Random name"
+                >
+                  <svg className="h-4 w-4" fill="none" viewBox="0 0 24 24" stroke="currentColor" strokeWidth={2}>
+                    <path strokeLinecap="round" strokeLinejoin="round" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15" />
+                  </svg>
+                </Button>
+              </div>
             </div>
             <Button
               className="bg-[#00EF8B] text-black hover:bg-[#00d67d] font-semibold"
               disabled={!username.trim()}
               onClick={async () => {
                 try {
-                  setRegisterInfo(await createPasskey(username, username));
+                  setRegisterInfo(await createPasskey(username));
                 } catch (e) {
                   toast.error("Passkey registration failed");
                 }

components/sign/SignCard.tsx

@@ -25,7 +25,7 @@ const TokenList = () => {
     return <p className="text-sm text-red-400">Failed to load tokens</p>;
   }
 
-  const tokenList = tokens?.data || (Array.isArray(tokens) ? tokens : []);
+  const tokenList = (tokens as any)?.data || (Array.isArray(tokens) ? tokens : []);
 
   return (
     <div role="listbox" aria-label="Token list" className="flex flex-col">

components/token/TokenList.tsx

@@ -0,0 +1,164 @@
+// @ts-check
+const { test, expect } = require('@playwright/test');
+const { getStoredWallet } = require('./helpers');
+
+/**
+ * Passkey + ERC-4337 Smart Wallet E2E Tests
+ *
+ * Uses Playwright's CDP virtual authenticator to simulate WebAuthn passkey.
+ * Tests smart wallet address derivation and 4337 integration.
+ */
+
+test.describe('Passkey + 4337 Smart Wallet', () => {
+  test('smart wallet address can be derived from P256 public key', async ({ page }) => {
+    // This tests the factory contract call on Flow EVM testnet
+    await page.goto('http://localhost:3003');
+
+    // Use a known P256 uncompressed public key (04 + x + y, 65 bytes)
+    const testPubKey = '04' +
+      'a9c60215b3d3d0bd8c34be4f8b32e1d39aa93aa702e9fb84c8d64fdadc0b29c2' +
+      'c3f55b1e8ce19d4a7b1e7a7a8b0d6c5e4f3a2b1c0d9e8f7a6b5c4d3e2f1a0b9';
+
+    const smartWalletAddress = await page.evaluate(async (pubKey) => {
+      const { getSmartWalletAddress } = await import('/utils/smartWallet');
+      return getSmartWalletAddress(pubKey, 'testnet');
+    }, testPubKey).catch(() => null);
+
+    // If the factory is deployed and responsive, we should get an address
+    // If not (e.g., RPC issues), skip gracefully
+    if (smartWalletAddress) {
+      expect(smartWalletAddress).toMatch(/^0x[0-9a-fA-F]{40}$/);
+      console.log('Smart wallet address for test key:', smartWalletAddress);
+    } else {
+      console.log('Skipping: could not derive smart wallet address (RPC may be unavailable)');
+    }
+  });
+
+  test('private key wallet does NOT have smart wallet address', async ({ page }) => {
+    await page.goto('http://localhost:3003');
+    await page.evaluate(() => {
+      localStorage.removeItem('store');
+      localStorage.removeItem('settings_config');
+      localStorage.removeItem('enableBiometric');
+    });
+    await page.goto('http://localhost:3003');
+    await page.waitForLoadState('networkidle');
+
+    await page.getByText('Create Wallet', { exact: true }).waitFor({ state: 'visible', timeout: 15000 });
+    await page.getByText('Create Wallet', { exact: true }).click();
+
+    await page.getByText('Private Key', { exact: true }).waitFor({ state: 'visible', timeout: 5000 });
+    await page.getByText('Private Key', { exact: true }).click();
+
+    await page.waitForFunction(
+      () => {
+        const raw = localStorage.getItem('store');
+        if (!raw) return false;
+        const store = JSON.parse(raw);
+        return store.keyInfo && store.keyInfo.type === 'PrivateKey';
+      },
+      { timeout: 15000 }
+    );
+
+    const store = await getStoredWallet(page);
+    expect(store.keyInfo.type).toBe('PrivateKey');
+    expect(store.keyInfo.evmAddress).toBeTruthy();
+    // Private key wallets should NOT have smartWalletAddress (only passkey wallets)
+    expect(store.keyInfo.smartWalletAddress).toBeUndefined();
+  });
+
+  test('passkey wallet creation with virtual authenticator', async ({ page }) => {
+    // Set up virtual WebAuthn authenticator
+    const cdpSession = await page.context().newCDPSession(page);
+    await cdpSession.send('WebAuthn.enable', { enableUI: false });
+    const { authenticatorId } = await cdpSession.send('WebAuthn.addVirtualAuthenticator', {
+      options: {
+        protocol: 'ctap2',
+        transport: 'internal',
+        hasResidentKey: true,
+        hasUserVerification: true,
+        isUserVerified: true,
+        automaticPresenceSimulation: true,
+      },
+    });
+
+    // Clear state
+    await page.goto('http://localhost:3003');
+    await page.evaluate(() => {
+      localStorage.removeItem('store');
+      localStorage.removeItem('settings_config');
+      localStorage.removeItem('enableBiometric');
+    });
+    await page.goto('http://localhost:3003');
+    await page.waitForLoadState('networkidle');
+    await page.waitForTimeout(1000);
+
+    // Capture errors
+    const errors = [];
+    page.on('pageerror', (err) => errors.push(err.message));
+    page.on('console', (msg) => {
+      if (msg.type() === 'error') errors.push(msg.text());
+    });
+
+    // Navigate to passkey creation
+    await page.getByText('Create Wallet', { exact: true }).waitFor({ state: 'visible', timeout: 15000 });
+    await page.getByText('Create Wallet', { exact: true }).click();
+    await page.getByText('Passkey', { exact: true }).waitFor({ state: 'visible', timeout: 5000 });
+    await page.getByText('Passkey', { exact: true }).click();
+
+    // Fill username and register
+    const input = page.getByPlaceholder('Choose a name for your passkey');
+    await input.waitFor({ state: 'visible', timeout: 5000 });
+    await input.fill('TestPasskey');
+    await page.getByRole('button', { name: /register with passkey/i }).click();
+
+    // Wait for store to be populated with passkey keyInfo
+    const success = await page.waitForFunction(
+      () => {
+        const raw = localStorage.getItem('store');
+        if (!raw) return false;
+        const s = JSON.parse(raw);
+        return s.keyInfo?.type === 'Passkey' && s.keyInfo?.credentialId;
+      },
+      { timeout: 20000 }
+    ).then(() => true).catch(() => false);
+
+    if (!success) {
+      console.log('Passkey registration failed. Errors:', errors);
+      // Check if Oops page is shown
+      const body = await page.textContent('body');
+      if (body.includes('Oops')) {
+        console.log('Error card shown — passkey registration threw an exception');
+        console.log('This may be due to @flowindex/flow-passkey incompatibility with virtual authenticator');
+      }
+      // Don't fail the test — passkey + virtual authenticator is environment-dependent
+      test.skip();
+      return;
+    }
+
+    const store = await getStoredWallet(page);
+    expect(store.keyInfo.type).toBe('Passkey');
+    expect(store.keyInfo.credentialId).toBeTruthy();
+    expect(store.keyInfo.publicKeySec1Hex).toBeTruthy();
+
+    // Check smart wallet address derivation
+    const hasSmartWallet = await page.waitForFunction(
+      () => {
+        const raw = localStorage.getItem('store');
+        return raw && JSON.parse(raw).keyInfo?.smartWalletAddress;
+      },
+      { timeout: 15000 }
+    ).then(() => true).catch(() => false);
+
+    if (hasSmartWallet) {
+      const updated = await getStoredWallet(page);
+      expect(updated.keyInfo.smartWalletAddress).toMatch(/^0x[0-9a-fA-F]{40}$/);
+      console.log('Smart wallet address:', updated.keyInfo.smartWalletAddress);
+    } else {
+      console.log('Smart wallet address not derived (factory may be unavailable)');
+    }
+
+    // Cleanup
+    await cdpSession.send('WebAuthn.removeVirtualAuthenticator', { authenticatorId });
+  });
+});

e2e/passkey-4337.spec.js

@@ -94,14 +94,14 @@ export function readSettings(): Settings {
 			settings = JSON.parse(s as string);
 		} catch {
 		}
-		if ("rp" in settings) {
-			delete settings.rp;
+		if ("rp" in (settings as any)) {
+			delete (settings as any).rp;
 		}
-		if ("user" in settings) {
-			delete settings.user;
+		if ("user" in (settings as any)) {
+			delete (settings as any).user;
 		}
 		if (!("credentials" in settings)) {
-			settings.credentials = {};
+			(settings as any).credentials = {};
 		}
 	}
 	return settings;

modules/settings.ts

@@ -10,6 +10,7 @@
     "lint": "bun next lint"
   },
   "dependencies": {
+    "@flowindex/evm-wallet": "^0.1.0",
     "@flowindex/flow-passkey": "latest",
     "@flowindex/flow-signer": "latest",
     "@onflow/fcl": "^1.21.9",