Release 23.05.2025

backend/.env.example

@@ -12,6 +12,8 @@ HMAC_SECRET=""
 EPV_06=0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789,0x48e60BBb664aEfAc9f14aDB42e5FB5b4a119EB66
 EPV_07=0x0000000071727De22E5E9d8BAf0edAc6f37da032
 EPV_08=0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108
+# CHAIN_IDs separated by commas(',')
+ENFORCE_LEGACY_TRANSACTIONS_CHAINS=50
 
 # postgres database connection
 DATABASE_URL="postgresql://arkauser:paymaster@localhost:5432/arkadev"

backend/CHANGELOG.md

@@ -1,4 +1,9 @@
 # Changelog
+## [4.1.0] - 2025-05-22
+### Fixes
+- If `isApplicableTOAllChains` is true then dont check `enabledChains` on policy
+- Removed whitelist validation for now
+
 ## [4.0.2] - 2025-04-29
 ### Fixes
 - Added oracle decimals as constants for multiTokenPaymaster as some rpc endpoints return error

backend/migrations/2025052200001-update-sponsorship-table.cjs

@@ -0,0 +1,27 @@
+require('dotenv').config();
+const { DataTypes } = require('sequelize');
+
+async function up({ context: queryInterface }) {
+  await queryInterface.removeColumn(
+        {schema: process.env.DATABASE_SCHEMA_NAME, tableName: 'sponsorship_policies'},
+        'IS_PUBLIC',
+        {
+            type: DataTypes.TEXT,
+            allowNull: true
+        }
+    );
+}
+
+async function down({ context: queryInterface }) {
+    await queryInterface.addColumn(
+        {schema: process.env.DATABASE_SCHEMA_NAME, tableName: 'sponsorship_policies'},
+        'IS_PUBLIC',
+        {
+            type: DataTypes.TEXT,
+            allowNull: true
+        }
+    );
+}
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {up, down};

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "arka",
-  "version": "4.0.2",
+  "version": "4.1.0",
   "description": "ARKA - (Albanian for Cashier's case) is the first open source Paymaster as a service software",
   "type": "module",
   "directories": {

backend/src/models/sponsorship-policy.ts

@@ -6,7 +6,6 @@ export class SponsorshipPolicy extends Model {
     public walletAddress!: string;
     public name!: string;
     public description!: string | null;
-    public isPublic: boolean = false;
     public isEnabled: boolean = false;
     public isApplicableToAllNetworks!: boolean;
     public enabledChains?: number[];
@@ -96,11 +95,6 @@ export function initializeSponsorshipPolicyModel(sequelize: Sequelize, schema: s
             allowNull: true,
             field: 'DESCRIPTION'
         },
-        isPublic: {
-            type: DataTypes.BOOLEAN,
-            defaultValue: false,
-            field: 'IS_PUBLIC'
-        },
         isEnabled: {
             type: DataTypes.BOOLEAN,
             defaultValue: false,

backend/src/paymaster/index.ts

@@ -50,6 +50,20 @@ interface CoingeckoPriceCache {
   expiry: number;
 }
 
+interface ConstructorParams {
+  feeMarkUp: string;
+  multiTokenMarkUp: string;
+  ep7TokenVGL: string;
+  ep7TokenPGL: string;
+  sequelize: Sequelize;
+  mtpVglMarkup: string;
+  ep7Pvgl: string;
+  mtpPvgl: string;
+  mtpPpgl: string;
+  ep8Pvgl: string;
+  skipType2Txns: string[];
+}
+
 export class Paymaster {
   feeMarkUp: BigNumber;
   multiTokenMarkUp: number;
@@ -65,20 +79,23 @@ export class Paymaster {
   coingeckoPrice: Map<string, CoingeckoPriceCache> = new Map();
   coingeckoService: CoingeckoService = new CoingeckoService();
   sequelize: Sequelize;
-
-  constructor(feeMarkUp: string, multiTokenMarkUp: string, ep7TokenVGL: string, ep7TokenPGL: string, sequelize: Sequelize, 
-    mtpVglMarkup: string, ep7Pvgl: string, mtpPvgl: string, mtpPpgl: string, ep8Pvgl: string) {
-    this.feeMarkUp = ethers.utils.parseUnits(feeMarkUp, 'gwei');
-    if (isNaN(Number(multiTokenMarkUp))) this.multiTokenMarkUp = 1150000 // 15% more of the actual cost. Can be anything between 1e6 to 2e6
-    else this.multiTokenMarkUp = Number(multiTokenMarkUp);
-    this.EP7_TOKEN_PGL = ep7TokenPGL;
-    this.EP7_TOKEN_VGL = ep7TokenVGL;
-    this.sequelize = sequelize;
-    this.MTP_VGL_MARKUP = mtpVglMarkup;
-    this.EP7_PVGL = BigNumber.from(ep7Pvgl);
-    this.EP8_PVGL = BigNumber.from(ep8Pvgl);
-    this.MTP_PVGL = mtpPvgl;
-    this.MTP_PPGL = mtpPpgl;
+  skipType2Txns: number[];
+
+  constructor(params: ConstructorParams) {
+    this.feeMarkUp = ethers.utils.parseUnits(params.feeMarkUp, 'gwei');
+    if (isNaN(Number(params.multiTokenMarkUp))) this.multiTokenMarkUp = 1150000 // 15% more of the actual cost. Can be anything between 1e6 to 2e6
+    else this.multiTokenMarkUp = Number(params.multiTokenMarkUp);
+    this.EP7_TOKEN_PGL = params.ep7TokenPGL;
+    this.EP7_TOKEN_VGL = params.ep7TokenVGL;
+    this.sequelize = params.sequelize;
+    this.MTP_VGL_MARKUP = params.mtpVglMarkup;
+    this.EP7_PVGL = BigNumber.from(params.ep7Pvgl);
+    this.EP8_PVGL = BigNumber.from(params.ep8Pvgl);
+    this.MTP_PVGL = params.mtpPvgl;
+    this.MTP_PPGL = params.mtpPpgl;
+    this.skipType2Txns = params.skipType2Txns.map(
+      (value) => Number(value)
+    ).filter((value) => !isNaN(value));
   }
 
   packUint(high128: BigNumberish, low128: BigNumberish): string {
@@ -1115,7 +1132,7 @@ export class Paymaster {
       }
 
       let tx: providers.TransactionResponse;
-      if (!feeData.maxFeePerGas) {
+      if (!feeData.maxFeePerGas || this.skipType2Txns.includes(chainId)) {
         tx = await signer.sendTransaction({
           to: paymasterAddress,
           data: encodedData,
@@ -1168,7 +1185,7 @@ export class Paymaster {
       }
 
       let tx: providers.TransactionResponse;
-      if (!feeData.maxFeePerGas) {
+      if (!feeData.maxFeePerGas || this.skipType2Txns.includes(chainId)) {
         tx = await signer.sendTransaction({
           to: paymasterAddress,
           data: encodedData,
@@ -1232,7 +1249,7 @@ export class Paymaster {
       }
 
       let tx: providers.TransactionResponse;
-      if (!feeData.maxFeePerGas) {
+      if (!feeData.maxFeePerGas || this.skipType2Txns.includes(chainId)) {
         tx = await signer.sendTransaction({
           to: paymasterAddress,
           data: encodedData,
@@ -1295,7 +1312,7 @@ export class Paymaster {
       }
 
       let tx;
-      if (!feeData.maxFeePerGas) {
+      if (!feeData.maxFeePerGas || this.skipType2Txns.includes(chainId)) {
         tx = await contract.deploy(epAddr, signer.address, { gasPrice: feeData.gasPrice });
       } else {
         tx = await contract.deploy(
@@ -1342,7 +1359,7 @@ export class Paymaster {
       }
 
       let tx;
-      if (!feeData.maxFeePerGas) {
+      if (!feeData.maxFeePerGas || this.skipType2Txns.includes(chainId)) {
         tx = await contract.addStake("10", { value: ethers.utils.parseEther(amount), gasPrice: feeData.gasPrice });
       } else {
         tx = await contract.addStake(

backend/src/plugins/config.ts

@@ -42,6 +42,7 @@ const ConfigSchema = Type.Strict(
     EP8_PVGL: Type.String(),
     MTP_PVGL: Type.String() || undefined,
     MTP_PPGL: Type.String() || undefined,
+    ENFORCE_LEGACY_TRANSACTIONS_CHAINS: Type.Array(Type.String()) || undefined,
   })
 );
 
@@ -88,6 +89,7 @@ const configPlugin: FastifyPluginAsync = async (server) => {
     EP8_PVGL: process.env.EP8_PVGL ?? '30000',
     MTP_PVGL: process.env.MTP_PVGL ?? '50000',
     MTP_PPGL: process.env.MTP_PPGL ?? '70000',
+    ENFORCE_LEGACY_TRANSACTIONS_CHAINS: process.env.ENFORCE_LEGACY_TRANSACTIONS_CHAINS?.split(',') ?? []
   }
 
   const valid = validate(envVar);
@@ -130,6 +132,7 @@ const configPlugin: FastifyPluginAsync = async (server) => {
     EP8_PVGL: process.env.EP8_PVGL ?? '30000',
     MTP_PVGL: process.env.MTP_PVGL ?? '50000',
     MTP_PPGL: process.env.MTP_PPGL ?? '70000',
+    ENFORCE_LEGACY_TRANSACTIONS_CHAINS: process.env.ENFORCE_LEGACY_TRANSACTIONS_CHAINS?.split(',') ?? []
   }
 
   server.log.info(config, "config:");

backend/src/repository/sponsorship-policy-repository.ts

@@ -351,7 +351,6 @@ export class SponsorshipPolicyRepository {
             walletAddress: sponsorshipPolicy.walletAddress,
             name: sponsorshipPolicy.name,
             description: sponsorshipPolicy.description,
-            isPublic: sponsorshipPolicy.isPublic,
             isEnabled: sponsorshipPolicy.isEnabled,
             isApplicableToAllNetworks: sponsorshipPolicy.isApplicableToAllNetworks,
             enabledChains: sponsorshipPolicy.enabledChains,
@@ -493,8 +492,6 @@ export class SponsorshipPolicyRepository {
             existingSponsorshipPolicy.perOpMaximumNative = null;
         }
 
-        existingSponsorshipPolicy.isPublic = sponsorshipPolicy.isPublic;
-
         if (existingSponsorshipPolicy.addressAllowList && existingSponsorshipPolicy.addressAllowList.length > 0) {
             existingSponsorshipPolicy.addressAllowList = sponsorshipPolicy.addressAllowList as string[];
         } else {

backend/src/routes/admin-routes.ts

@@ -18,8 +18,19 @@ import { getNetworkConfig } from "../utils/common.js";
 import { Paymaster } from "../paymaster/index.js";
 
 const adminRoutes: FastifyPluginAsync = async (server) => {
-  const paymaster = new Paymaster(server.config.FEE_MARKUP, server.config.MULTI_TOKEN_MARKUP, server.config.EP7_TOKEN_VGL, server.config.EP7_TOKEN_PGL, server.sequelize, 
-    server.config.MTP_VGL_MARKUP, server.config.EP7_PVGL, server.config.MTP_PVGL, server.config.MTP_PPGL, server.config.EP8_PVGL);
+  const paymaster = new Paymaster({
+    feeMarkUp: server.config.FEE_MARKUP, 
+    multiTokenMarkUp: server.config.MULTI_TOKEN_MARKUP, 
+    ep7TokenVGL: server.config.EP7_TOKEN_VGL, 
+    ep7TokenPGL: server.config.EP7_TOKEN_PGL, 
+    sequelize: server.sequelize, 
+    mtpVglMarkup: server.config.MTP_VGL_MARKUP, 
+    ep7Pvgl: server.config.EP7_PVGL, 
+    mtpPvgl: server.config.MTP_PVGL, 
+    mtpPpgl: server.config.MTP_PPGL, 
+    ep8Pvgl: server.config.EP8_PVGL,
+    skipType2Txns: server.config.ENFORCE_LEGACY_TRANSACTIONS_CHAINS
+  });
 
   const prefixSecretId = 'arka_';
 

backend/src/routes/deposit-route.ts

@@ -12,8 +12,19 @@ import { APIKey } from "../models/api-key.js";
 import { EPVersions } from "../types/sponsorship-policy-dto.js";
 
 const depositRoutes: FastifyPluginAsync = async (server) => {
-    const paymaster = new Paymaster(server.config.FEE_MARKUP, server.config.MULTI_TOKEN_MARKUP, server.config.EP7_TOKEN_VGL, server.config.EP7_TOKEN_PGL, server.sequelize, 
-        server.config.MTP_VGL_MARKUP, server.config.EP7_PVGL, server.config.MTP_PVGL, server.config.MTP_PPGL, server.config.EP8_PVGL);
+    const paymaster = new Paymaster({
+        feeMarkUp: server.config.FEE_MARKUP,
+        multiTokenMarkUp: server.config.MULTI_TOKEN_MARKUP,
+        ep7TokenVGL: server.config.EP7_TOKEN_VGL,
+        ep7TokenPGL: server.config.EP7_TOKEN_PGL,
+        sequelize: server.sequelize,
+        mtpVglMarkup: server.config.MTP_VGL_MARKUP,
+        ep7Pvgl: server.config.EP7_PVGL,
+        mtpPvgl: server.config.MTP_PVGL,
+        mtpPpgl: server.config.MTP_PPGL,
+        ep8Pvgl: server.config.EP8_PVGL,
+        skipType2Txns: server.config.ENFORCE_LEGACY_TRANSACTIONS_CHAINS
+    });
 
     const SUPPORTED_ENTRYPOINTS = {
         EPV_06: server.config.EPV_06,
@@ -55,8 +66,8 @@ const depositRoutes: FastifyPluginAsync = async (server) => {
             const useVp = query['useVp'] ?? false;
             const chainId = query['chainId'] ?? body.params?.[1];
             const api_key = query['apiKey'] ?? body.params?.[2];
-            
-            if (!api_key || typeof(api_key) !== "string")
+
+            if (!api_key || typeof (api_key) !== "string")
                 return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY })
             let privateKey = '';
             let bundlerApiKey = api_key;
@@ -92,29 +103,29 @@ const depositRoutes: FastifyPluginAsync = async (server) => {
             let vpAddr;
             if (EPVersions.EPV_06 == epVersion) {
                 networkConfig = getNetworkConfig(chainId, supportedNetworks ?? '', SUPPORTED_ENTRYPOINTS.EPV_06);
-                vpAddr = apiKeyEntity.verifyingPaymasters ? 
-                            JSON.parse(apiKeyEntity.verifyingPaymasters)[chainId] :
-                            undefined;
+                vpAddr = apiKeyEntity.verifyingPaymasters ?
+                    JSON.parse(apiKeyEntity.verifyingPaymasters)[chainId] :
+                    undefined;
             } else if (EPVersions.EPV_07 == epVersion) {
                 networkConfig = getNetworkConfig(chainId, supportedNetworks ?? '', SUPPORTED_ENTRYPOINTS.EPV_07);
-                vpAddr = apiKeyEntity.verifyingPaymastersV2 ? 
-                            JSON.parse(apiKeyEntity.verifyingPaymastersV2)[chainId] :
-                            undefined;
+                vpAddr = apiKeyEntity.verifyingPaymastersV2 ?
+                    JSON.parse(apiKeyEntity.verifyingPaymastersV2)[chainId] :
+                    undefined;
             } else if (EPVersions.EPV_08 == epVersion) {
                 networkConfig = getNetworkConfig(chainId, supportedNetworks ?? '', SUPPORTED_ENTRYPOINTS.EPV_08);
-                vpAddr = apiKeyEntity.verifyingPaymastersV3 ? 
-                            JSON.parse(apiKeyEntity.verifyingPaymastersV3)[chainId] :
-                            undefined;
+                vpAddr = apiKeyEntity.verifyingPaymastersV3 ?
+                    JSON.parse(apiKeyEntity.verifyingPaymastersV3)[chainId] :
+                    undefined;
             }
             if (!networkConfig) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_NETWORK });
             let bundlerUrl = networkConfig.bundler;
             if (networkConfig.bundler.includes('etherspot.io')) bundlerUrl = `${networkConfig.bundler}?api-key=${bundlerApiKey}`;
 
-            if(!useVp) {
+            if (!useVp) {
                 return await paymaster.deposit(amount, networkConfig.contracts.etherspotPaymasterAddress, bundlerUrl, privateKey, chainId, true, server.log);
             }
-            if(!vpAddr) {
-                return reply.code(ReturnCode.FAILURE).send({error: ErrorMessage.VP_NOT_DEPLOYED})
+            if (!vpAddr) {
+                return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.VP_NOT_DEPLOYED })
             }
 
             return await paymaster.deposit(amount, vpAddr, bundlerUrl, privateKey, chainId, false, server.log);

backend/src/routes/paymaster-routes.ts

@@ -230,7 +230,7 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
 
               // get supported networks from sponsorshipPolicy
               const supportedNetworks: number[] | undefined | null = sponsorshipPolicy.enabledChains;
-              if (!supportedNetworks || !supportedNetworks.includes(chainId.chainId)) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_NETWORK });
+              if ((!supportedNetworks || !supportedNetworks.includes(chainId.chainId)) && !sponsorshipPolicy.isApplicableToAllNetworks) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_NETWORK });
 
               if (txnMode) {
                 const signerAddress = await signer.getAddress();
@@ -255,11 +255,13 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
                 const contractWhitelistResult = await checkContractWhitelist(userOp.callData, chainId.chainId, signer.address);
                 if (!contractWhitelistResult) throw new Error('Contract Method not whitelisted');
               }
+              /* Removed Whitelist for now
               const isWhitelisted = await checkWhitelist(api_key, epVersion, userOp.sender, sponsorshipPolicy.id);
               // For EPV_06 we still use the old paymaster which whitelists the address on-chain if its verifyingPaymaster it goes to case vps for EPV_06 which checks on db
               if (!isWhitelisted && epVersion !== EPVersions.EPV_06) {
                 throw new Error('This sender address has not been whitelisted yet');
               }
+              */
               if (epVersion === EPVersions.EPV_06)
                 result = await paymaster.signV06(userOp, str, str1, entryPoint, networkConfig.contracts.etherspotPaymasterAddress, bundlerUrl, signer, estimate, server.log);
               else if (epVersion === EPVersions.EPV_07) {
@@ -363,7 +365,7 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
 
               // get supported networks from sponsorshipPolicy
               const supportedNetworks: number[] | undefined | null = sponsorshipPolicy.enabledChains;
-              if (!supportedNetworks || !supportedNetworks.includes(chainId.chainId)) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_NETWORK });
+              if ((!supportedNetworks || !supportedNetworks.includes(chainId.chainId)) && !sponsorshipPolicy.isApplicableToAllNetworks) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.UNSUPPORTED_NETWORK });
 
               if (txnMode) {
                 const signerAddress = await signer.getAddress();
@@ -389,10 +391,12 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
                 if (!contractWhitelistResult) throw new Error('Contract Method not whitelisted');
               }
 
+              /* Removed Whitelist 
               const isWhitelisted = await checkWhitelist(api_key, epVersion, userOp.sender, sponsorshipPolicy.id);
               if (!isWhitelisted) {
                 throw new Error('This sender address has not been whitelisted yet');
               }
+              */
 
               if (epVersion === EPVersions.EPV_06) {
                 if (!apiKeyEntity.verifyingPaymasters) {
@@ -592,6 +596,7 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
     return returnValue;
   }
 
+  /* Removed Whitelist
   async function checkWhitelist(api_key: string, epVersion: EPVersions, senderAddress: string, policyId: number) {
     const globalWhitelistRecord = await server.whitelistRepository.findOneByApiKeyAndPolicyId(api_key);
     if (!globalWhitelistRecord?.addresses?.includes(senderAddress)) {
@@ -607,7 +612,7 @@ const paymasterRoutes: FastifyPluginAsync<PaymasterRoutesOpts> = async (server,
       }
     }
     return true;
-  }
+  } */
 };
 
 export default paymasterRoutes;

backend/src/routes/token-routes.ts

@@ -111,13 +111,7 @@ const tokenRoutes: FastifyPluginAsync = async (server) => {
         async function (request, reply) {
             try {
                 printRequest("/getAllCommonERC20PaymasterAddress", request, server.log);
-                const query: any = request.query;
                 const body: any = request.body;
-                const api_key = query['apiKey'] ?? body.params[0];
-                if (!api_key || typeof(api_key) !== "string")
-                    return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY })
-                const apiKeyData = await server.apiKeyRepository.findOneByApiKey(api_key);
-                if (!apiKeyData) return reply.code(ReturnCode.FAILURE).send({ error: ErrorMessage.INVALID_API_KEY })
                 const multiTokenRec = await server.multiTokenPaymasterRepository.findAll();
                 const result = multiTokenRec.map((record) => {
                     return {