feat(sdk): Add server co-signing support to TypeScript and Python SDKs#60
Open
pcarranzav wants to merge 13 commits intopcv/cosigner-validatorfrom
Open
feat(sdk): Add server co-signing support to TypeScript and Python SDKs#60pcarranzav wants to merge 13 commits intopcv/cosigner-validatorfrom
pcarranzav wants to merge 13 commits intopcv/cosigner-validatorfrom
Conversation
…ypes - Add ERC3009AuthorizationData schema for TransferWithAuthorization data - Add ServerAuthorizationData schema for server co-signature responses - Extend AgentPaymentAuthResponse with payment field - Supports both co-signed and full-access authorization flows Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Update X402Wallet interface with optional serverAuthorization parameter - Add createCoSignedPayment() function for co-signed keys - Update SmartAccountWallet.createPayment() to branch on serverAuthorization - Update AmpersendTreasurer to pass server authorization from API response - Update AccountWallet to accept (and ignore) serverAuthorization parameter - Add encodeCoSignedERC1271Signature() helper for dual-signature encoding Supports both co-signed and full-access key flows with backward compatibility. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add ERC3009AuthorizationData and ServerAuthorizationData Pydantic models - Update ApiResponseAgentPaymentAuthorization with payment field - Add smart_account_create_cosigned_payment() function - Add encode_cosigned_1271_signature() helper for dual-signature encoding - Update SmartAccountWallet.create_payment() to branch on server_authorization - Update AmpersendTreasurer to pass server authorization from API response - Update X402Wallet protocol and AccountWallet for optional parameter Supports both co-signed and full-access key flows with backward compatibility. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pcarranzav
force-pushed
the
pcv/cosigner-sdk-updates
branch
from
50bbd43 to
25208e9
Compare
- Fix Python imports for mypy (use explicit eth_abi.abi, eth_utils.conversions) - Fix Python formatting (multi-line for long error messages) - Fix TypeScript formatting (prettier) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add cast() for to_hex return type - Use eth_utils.conversions for to_hex import Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pcarranzav
commented
Mar 13, 2026
| session_key: str | ||
| smart_account_address: str | ||
| validator_address: str = OWNABLE_VALIDATOR | ||
| cosigner_validator_address: str | None = None |
Member
Author
There was a problem hiding this comment.
This should default to our cosigner validator address
python/ampersend-sdk/src/ampersend_sdk/x402/wallets/smart_account/cosigned.py
Show resolved
Hide resolved
solidity/account-modules/.gitignore
Outdated
|
|
||
| # Dotenv file | ||
| .env | ||
| foundry.lock |
Member
Author
There was a problem hiding this comment.
this should not be gitignored
| // while x402 PaymentRequirements uses specific network literals. Runtime compatible. | ||
| const payment = await this.wallet.createPayment(authorizedReq.requirement as any) | ||
| // Check if server provided co-signature (for co-signed keys) | ||
| let payment |
| // Co-signed path: use server-provided authorization data and signature | ||
| payment = await this.wallet.createPayment( | ||
| response.payment.requirement as any, | ||
| response.payment as any, // ServerAuthorizationData |
Member
Author
There was a problem hiding this comment.
can we avoid using any here?
- Add COSIGNER_VALIDATOR constant to Python constants - Set cosigner_validator_address default to COSIGNER_VALIDATOR - Extract EIP-712 types to shared constants (Python and TypeScript) - Add PaymentPayload type annotation in treasurer - Replace 'any' with proper ServerAuthorizationData type - Remove foundry.lock from .gitignore - Add foundry.lock to repo Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Update X402Wallet interface to use ServerAuthorizationData instead of unknown - Update AccountWallet to use ServerAuthorizationData instead of Any - Apply to both TypeScript and Python implementations - Improves type safety while keeping implementation correct Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use x402's PaymentRequirements consistently in wallet interfaces - Replace 'as any' with 'as PaymentRequirements' at schema boundary - Use explicit AmpersendPaymentRequirements alias for Effect Schema type - Add comment explaining the zod/Effect Schema type boundary cast - Fix onPaymentRequired parameter type to match interface Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Construct ServerAuthorizationData from PaymentData (different types) - Use alias field names for Pydantic model construction - Fix ruff formatting on account wallet.py Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move ERC3009AuthorizationData and ServerAuthorizationData from ampersend/types.py to x402/types.py to break circular import chain: x402/wallet.py -> ampersend/types.py -> ampersend/__init__.py -> ampersend/treasurer.py -> x402/__init__.py -> x402/wallet.py Re-export from ampersend/types.py for backward compatibility. Update all imports to use canonical x402/types.py location. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…Wallet Add COSIGNER_VALIDATOR to TypeScript constants (matching Python SDK) and use it as default for coSignerValidatorAddress in SmartAccountWallet. This removes the need to explicitly pass the address since it's the same on all chains (CREATE2 deployed). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds server co-signing support to both TypeScript and Python SDKs, enabling smart account wallets to use server-provided co-signatures for enhanced security.
Changes
TypeScript
Python
Backward Compatibility
✅ Server authorization is optional - existing code works unchanged
✅ Full-access keys and EOA wallets ignore the parameter
Testing
TypeScript:
pnpm buildsucceedsPython: Syntax validated
🤖 Generated with Claude Code