Skip to content

feat(m8): createAgentAccount factory function for autonomous agents#35

Open
jhfnetboy wants to merge 8 commits into
mainfrom
feat/m8-p3-agent-account
Open

feat(m8): createAgentAccount factory function for autonomous agents#35
jhfnetboy wants to merge 8 commits into
mainfrom
feat/m8-p3-agent-account

Conversation

@jhfnetboy
Copy link
Copy Markdown
Member

@jhfnetboy jhfnetboy commented May 21, 2026

Summary

  • Add createAgentAccount() to AAStarAirAccountFactoryV7: human caller auto-accepts as guardian1, only guardian2 needs to sign; owner is the agent's EOA key
  • Add getAgentAddress() for counterfactual address prediction: uint256(keccak256(humanOwner ++ agentId)) ensures each human+agentId pair gets a unique deterministic address
  • Add AgentAccountCreated event with indexed account, agentKey, humanOwner, and agentId
  • Fix TierGuardHook M8.P2 session scope enforcement: add _getSessionKeyFromAccount(), accountAgentValidator mapping, and extended 4-param onInstall format that was previously incomplete (compile error)
  • Add TypeScript SDK usage example in scripts/agent-account-manager.ts (viem-based)

Test plan

  • forge build succeeds (compiler run successful with warnings only)
  • All 713 tests pass: forge test — 32 test suites, 0 failures
  • 14 new factory agent account tests in test/AAStarAirAccountFactoryV7AgentAccount.t.sol:
    • Happy path: owner=agentKey, guardian1=human, guardian2=guardian2, guardian3=community
    • Idempotency: second call with same params returns same address
    • Sig validation: wrong sig → GuardianDidNotAccept, sig for wrong agentKey → revert
    • Require checks: zero agentKey, zero guardian2, zero dailyLimit, caller==guardian2, agentKey==guardian2
    • Address prediction: getAgentAddress() matches deployed address
    • Event: AgentAccountCreated emitted with correct indexed fields
    • Determinism: different agentIds → different addresses, different humans → different addresses
    • Security invariant: agentKey==caller reverts due to owner!=guardian constraint in account
  • 4 new TierGuardHook M8.P2 tests in test/TierGuardHook.t.sol:
    • Session scope blocks forbidden call targets
    • Session scope allows permitted call targets
    • No validator set → enforcement skipped (backward compatible)
    • Empty allowlist → any target allowed

@jhfnetboy
chore: Apache 2.0 license compliance — bilingual five-file set
c504d44 
Add/update LICENSE, NOTICE, TRADEMARK.md, LICENSE-zh.md, TRADEMARK-zh.md
per MushroomDAO ecosystem standard.
@jhfnetboy
docs: add License section to README (Apache 2.0)
9cfe78f
@jhfnetboy
docs: add all 5 license file links to README
20df799
@jhfnetboy
chore: add CONTRIBUTING guide and CLA assistant workflow
636e3d2
@jhfnetboy
chore: add Mycelium Protocol @-include context to CLAUDE.md
848debb
@jhfnetboy
docs: add M1-M7 feature list with user value and active/passive class…
952ede1 
…ification
@jhfnetboy
feat(m8): AgentRegistry + fix setAgentWallet
a9c11ff 
- Add src/registries/AgentRegistry.sol: reverse-lookup contract mapping
  agent execution wallets to their human AirAccount owners, with
  registerAgent/deregisterAgent, isRegisteredAgent, balanceOf, and
  enumeration helpers required by SuperPaymaster.

- Fix setAgentWallet() in AAStarAirAccountBase.sol: replace silent
  best-effort ERC-8004 call with hard-fail AgentRegistry.registerAgent()
  call; add extcodesize guard to reject EOA registries; add
  AgentRegistrationFailed custom error.

- Add test/AgentRegistry.t.sol: 15 comprehensive tests covering
  registration, deregistration, access control, enumeration, balanceOf,
  and full account→registry integration.

- Update test/AAStarAirAccountV7_M7.t.sol: update MockRegistry to match
  new registerAgent(address) interface; fix setAgentWallet tests to
  expect hard-failure behavior.

- Add scripts/deploy-agent-registry.ts: viem-based deploy script for
  Sepolia.

709 tests passing (was 680).
@jhfnetboy
feat(m8): createAgentAccount factory function for autonomous agents
6e8872b 
Add createAgentAccount() and getAgentAddress() to AAStarAirAccountFactoryV7,
enabling human owners to create full AirAccount instances for AI agents where
the human auto-accepts as guardian1 and only guardian2 must sign acceptance.

- Factory: AgentAccountCreated event, createAgentAccount(), getAgentAddress()
  - salt = uint256(keccak256(humanOwner ++ agentId)) for deterministic per-agent addresses
  - guardian1 = msg.sender (auto-accepted), guardian2 requires acceptance sig
  - validates agentKey != 0, guardian2 != 0, caller != guardian2, agentKey != guardian2
- TierGuardHook: add M8.P2 session scope enforcement features
  - accountAgentValidator mapping, extended 4-param onInstall (128-byte format)
  - _getSessionKeyFromAccount() callback to account transient storage
  - preCheck enforces callTargets/selectorAllowlist via enforceSessionScope() for ALG_SESSION_KEY
- Tests: 14 new tests in AAStarAirAccountFactoryV7AgentAccount.t.sol covering
  happy path, idempotency, sig validation, require checks, event emission,
  address prediction, determinism, and owner!=guardian invariant documentation
- Tests: 4 new M8.P2 session scope tests in TierGuardHook.t.sol
- Scripts: agent-account-manager.ts TypeScript SDK usage example (viem-based)

All 713 tests pass.
@jhfnetboy jhfnetboy requested a review from fanhousanbu as a code owner May 21, 2026 06:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fanhousanbu fanhousanbu Awaiting requested review from fanhousanbu fanhousanbu is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jhfnetboy