From d34c0be9a6c1919ec160fee4f5c6eb4d8c25350e Mon Sep 17 00:00:00 2001 From: samuel Date: Wed, 7 Feb 2024 14:07:24 +0100 Subject: [PATCH] CR --- .../http/rest/controller/admin.controller.ts | 7 +- .../policy-criterion-builder.dto.ts | 13 +- .../dto/policy-rules/policy-criterion.dto.ts | 14 ++ .../set-policy-rules-request.dto.ts | 4 +- .../set-policy-rules-response.dto.ts | 0 apps/authz/src/app/opa/opa.service.ts | 2 +- .../0e1e777c-7385-4f77-a696-4971faa16cf7.rego | 27 +++ .../f0d5badc-6f3f-40f2-a7f4-acc1ff7d560a.rego | 27 +++ apps/authz/src/opa/rego/lib/main.rego | 2 +- apps/authz/src/shared/types/domain.type.ts | 16 -- .../authz-shared/src/lib/type/domain.type.ts | 16 ++ .../src/lib/type/policy-builder.type.ts | 190 +++++++++--------- 12 files changed, 199 insertions(+), 119 deletions(-) rename apps/authz/src/app/http/rest/dto/{ => policy-rules}/policy-criterion-builder.dto.ts (62%) create mode 100644 apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion.dto.ts rename apps/authz/src/app/http/rest/dto/{ => policy-rules}/set-policy-rules-request.dto.ts (84%) rename apps/authz/src/app/http/rest/dto/{ => policy-rules}/set-policy-rules-response.dto.ts (100%) create mode 100644 apps/authz/src/opa/rego/generated/0e1e777c-7385-4f77-a696-4971faa16cf7.rego create mode 100644 apps/authz/src/opa/rego/generated/f0d5badc-6f3f-40f2-a7f4-acc1ff7d560a.rego diff --git a/apps/authz/src/app/http/rest/controller/admin.controller.ts b/apps/authz/src/app/http/rest/controller/admin.controller.ts index a2303284f..6b4e31db6 100644 --- a/apps/authz/src/app/http/rest/controller/admin.controller.ts +++ b/apps/authz/src/app/http/rest/controller/admin.controller.ts @@ -13,12 +13,12 @@ import { CreateOrganizationRequestDto } from '@app/authz/app/http/rest/dto/creat import { CreateOrganizationResponseDto } from '@app/authz/app/http/rest/dto/create-organization-response.dto' import { CreateUserRequestDto } from '@app/authz/app/http/rest/dto/create-user-request.dto' import { CreateUserResponseDto } from '@app/authz/app/http/rest/dto/create-user-response.dto' +import { SetPolicyRulesRequestDto } from '@app/authz/app/http/rest/dto/policy-rules/set-policy-rules-request.dto' +import { SetPolicyRulesResponseDto } from '@app/authz/app/http/rest/dto/policy-rules/set-policy-rules-response.dto' import { RegisterTokensRequestDto } from '@app/authz/app/http/rest/dto/register-tokens-request.dto' import { RegisterTokensResponseDto } from '@app/authz/app/http/rest/dto/register-tokens-response.dto' import { RegisterWalletRequestDto } from '@app/authz/app/http/rest/dto/register-wallet-request.dto' import { RegisterWalletResponseDto } from '@app/authz/app/http/rest/dto/register-wallet-response.dto' -import { SetPolicyRulesRequestDto } from '@app/authz/app/http/rest/dto/set-policy-rules-request.dto' -import { SetPolicyRulesResponseDto } from '@app/authz/app/http/rest/dto/set-policy-rules-response.dto' import { UpdateUserRequestDto } from '@app/authz/app/http/rest/dto/update-user-request.dto' import { UpdateUserResponseDto } from '@app/authz/app/http/rest/dto/update-user-response.dto' import { @@ -31,7 +31,6 @@ import { CreateUserRequest, RegisterTokensRequest, RegisterWalletRequest, - SetPolicyRulesRequest, UpdateUserRequest } from '@narval/authz-shared' import { Body, Controller, Logger, Patch, Post } from '@nestjs/common' @@ -143,7 +142,7 @@ export class AdminController { @Post('/policy-rules') async setPolicyRules(@Body() body: SetPolicyRulesRequestDto) { - const payload: SetPolicyRulesRequest = body + const payload = body as any const policyRules = await this.adminService.setPolicyRules(payload) diff --git a/apps/authz/src/app/http/rest/dto/policy-criterion-builder.dto.ts b/apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion-builder.dto.ts similarity index 62% rename from apps/authz/src/app/http/rest/dto/policy-criterion-builder.dto.ts rename to apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion-builder.dto.ts index 0dedcddc4..2190fb851 100644 --- a/apps/authz/src/app/http/rest/dto/policy-criterion-builder.dto.ts +++ b/apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion-builder.dto.ts @@ -1,6 +1,8 @@ -import { PolicyCriterion, PolicyCriterionBuilder, Then } from '@narval/authz-shared' +import { PolicyCriterionBuilder, Then } from '@narval/authz-shared' import { ApiProperty } from '@nestjs/swagger' +import { Type } from 'class-transformer' import { IsDefined, IsIn, IsString, ValidateNested } from 'class-validator' +import { PolicyCriterionDto } from './policy-criterion.dto' export class PolicyCriterionBuilderDto { constructor(data: PolicyCriterionBuilder) { @@ -14,10 +16,13 @@ export class PolicyCriterionBuilderDto { @ApiProperty() name: string - @IsString() @ValidateNested() - @ApiProperty() - when: PolicyCriterion[] + @Type(() => PolicyCriterionDto) + @ApiProperty({ + type: () => PolicyCriterionDto, + isArray: true + }) + when: PolicyCriterionDto[] @IsIn(Object.values(Then)) @IsDefined() diff --git a/apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion.dto.ts b/apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion.dto.ts new file mode 100644 index 000000000..c17e25986 --- /dev/null +++ b/apps/authz/src/app/http/rest/dto/policy-rules/policy-criterion.dto.ts @@ -0,0 +1,14 @@ +import { Criterion } from '@narval/authz-shared' +import { ApiProperty } from '@nestjs/swagger' +import { IsDefined, IsIn } from 'class-validator' + +export class PolicyCriterionDto { + @IsIn(Object.values(Criterion)) + @IsDefined() + @ApiProperty({ + enum: Object.values(Criterion) + }) + criterion: Criterion + + args: any +} diff --git a/apps/authz/src/app/http/rest/dto/set-policy-rules-request.dto.ts b/apps/authz/src/app/http/rest/dto/policy-rules/set-policy-rules-request.dto.ts similarity index 84% rename from apps/authz/src/app/http/rest/dto/set-policy-rules-request.dto.ts rename to apps/authz/src/app/http/rest/dto/policy-rules/set-policy-rules-request.dto.ts index ceeae8328..9d37ebb64 100644 --- a/apps/authz/src/app/http/rest/dto/set-policy-rules-request.dto.ts +++ b/apps/authz/src/app/http/rest/dto/policy-rules/set-policy-rules-request.dto.ts @@ -1,8 +1,8 @@ import { Action } from '@narval/authz-shared' import { ApiProperty } from '@nestjs/swagger' import { IsDefined, IsIn, ValidateNested } from 'class-validator' -import { BaseActionDto } from './base-action.dto' -import { BaseAdminRequestPayloadDto } from './base-admin-request-payload.dto' +import { BaseActionDto } from '../base-action.dto' +import { BaseAdminRequestPayloadDto } from '../base-admin-request-payload.dto' import { PolicyCriterionBuilderDto } from './policy-criterion-builder.dto' export class SetPolicyRulesDto extends BaseActionDto { diff --git a/apps/authz/src/app/http/rest/dto/set-policy-rules-response.dto.ts b/apps/authz/src/app/http/rest/dto/policy-rules/set-policy-rules-response.dto.ts similarity index 100% rename from apps/authz/src/app/http/rest/dto/set-policy-rules-response.dto.ts rename to apps/authz/src/app/http/rest/dto/policy-rules/set-policy-rules-response.dto.ts diff --git a/apps/authz/src/app/opa/opa.service.ts b/apps/authz/src/app/opa/opa.service.ts index c094abed6..f75543a98 100644 --- a/apps/authz/src/app/opa/opa.service.ts +++ b/apps/authz/src/app/opa/opa.service.ts @@ -96,7 +96,7 @@ export class OpaService implements OnApplicationBootstrap { writeFileSync(`./apps/authz/src/opa/rego/generated/${uuidv4()}.rego`, regoContent, 'utf-8') - console.log('Policy .rego file generated successfully.') + this.logger.log('Policy .rego file generated successfully.') } private async fetchEntityData(): Promise { diff --git a/apps/authz/src/opa/rego/generated/0e1e777c-7385-4f77-a696-4971faa16cf7.rego b/apps/authz/src/opa/rego/generated/0e1e777c-7385-4f77-a696-4971faa16cf7.rego new file mode 100644 index 000000000..84e14a790 --- /dev/null +++ b/apps/authz/src/opa/rego/generated/0e1e777c-7385-4f77-a696-4971faa16cf7.rego @@ -0,0 +1,27 @@ +package main + + permit[{"policyId": "examplePermitPolicy" }] = reason { + checkTransferResourceIntegrity + checkNonceExists + checkAction({"signTransaction"}) + checkPrincipalId({"matt@narval.xyz"}) + checkWalletId({"eip155:eoa:0x90d03a8971a2faa19a9d7ffdcbca28fe826a289b"}) + checkIntentType({"transferNative"}) + checkIntentToken({"eip155:137/slip44:966"}) + checkIntentAmount({"currency":"*","operator":"lte","value":"1000000000000000000"}) + approvals = checkApprovals([{"approvalCount":2,"countPrincipal":false,"approvalEntityType":"Narval::User","entityIds":["aa@narval.xyz","bb@narval.xyz"]}, {"approvalCount":1,"countPrincipal":false,"approvalEntityType":"Narval::UserRole","entityIds":["admin"]}]) + reason = {"type": "permit", "policyId": "examplePermitPolicy", "approvalsSatisfied": approvals.approvalsSatisfied, "approvalsMissing": approvals.approvalsMissing} + } + + forbid[{"policyId": "exampleForbidPolicy" }] = reason { + checkTransferResourceIntegrity + checkNonceExists + checkAction({"signTransaction"}) + checkPrincipalId({"matt@narval.xyz"}) + checkWalletId({"eip155:eoa:0x90d03a8971a2faa19a9d7ffdcbca28fe826a289b"}) + checkIntentType({"transferNative"}) + checkIntentToken({"eip155:137/slip44:966"}) + checkSpendingLimit({"limit":"1000000000000000000","timeWindow":{"type":"rolling","value":43200},"filters":{"tokens":["eip155:137/slip44:966"],"users":["matt@narval.xyz"]}}) + reason = {"type":"forbid","policyId":"exampleForbidPolicy","approvalsSatisfied":[],"approvalsMissing":[]} + } + diff --git a/apps/authz/src/opa/rego/generated/f0d5badc-6f3f-40f2-a7f4-acc1ff7d560a.rego b/apps/authz/src/opa/rego/generated/f0d5badc-6f3f-40f2-a7f4-acc1ff7d560a.rego new file mode 100644 index 000000000..84e14a790 --- /dev/null +++ b/apps/authz/src/opa/rego/generated/f0d5badc-6f3f-40f2-a7f4-acc1ff7d560a.rego @@ -0,0 +1,27 @@ +package main + + permit[{"policyId": "examplePermitPolicy" }] = reason { + checkTransferResourceIntegrity + checkNonceExists + checkAction({"signTransaction"}) + checkPrincipalId({"matt@narval.xyz"}) + checkWalletId({"eip155:eoa:0x90d03a8971a2faa19a9d7ffdcbca28fe826a289b"}) + checkIntentType({"transferNative"}) + checkIntentToken({"eip155:137/slip44:966"}) + checkIntentAmount({"currency":"*","operator":"lte","value":"1000000000000000000"}) + approvals = checkApprovals([{"approvalCount":2,"countPrincipal":false,"approvalEntityType":"Narval::User","entityIds":["aa@narval.xyz","bb@narval.xyz"]}, {"approvalCount":1,"countPrincipal":false,"approvalEntityType":"Narval::UserRole","entityIds":["admin"]}]) + reason = {"type": "permit", "policyId": "examplePermitPolicy", "approvalsSatisfied": approvals.approvalsSatisfied, "approvalsMissing": approvals.approvalsMissing} + } + + forbid[{"policyId": "exampleForbidPolicy" }] = reason { + checkTransferResourceIntegrity + checkNonceExists + checkAction({"signTransaction"}) + checkPrincipalId({"matt@narval.xyz"}) + checkWalletId({"eip155:eoa:0x90d03a8971a2faa19a9d7ffdcbca28fe826a289b"}) + checkIntentType({"transferNative"}) + checkIntentToken({"eip155:137/slip44:966"}) + checkSpendingLimit({"limit":"1000000000000000000","timeWindow":{"type":"rolling","value":43200},"filters":{"tokens":["eip155:137/slip44:966"],"users":["matt@narval.xyz"]}}) + reason = {"type":"forbid","policyId":"exampleForbidPolicy","approvalsSatisfied":[],"approvalsMissing":[]} + } + diff --git a/apps/authz/src/opa/rego/lib/main.rego b/apps/authz/src/opa/rego/lib/main.rego index 32997920f..dd21e206d 100644 --- a/apps/authz/src/opa/rego/lib/main.rego +++ b/apps/authz/src/opa/rego/lib/main.rego @@ -14,7 +14,7 @@ wildcard = "*" operators = { "equal": "eq", - "notEqual": "neq", + "notEqual": "ne", "greaterThan": "gt", "greaterThanOrEqual": "gte", "lessThan": "lt", diff --git a/apps/authz/src/shared/types/domain.type.ts b/apps/authz/src/shared/types/domain.type.ts index 85f0c55b9..c4c8e0b32 100644 --- a/apps/authz/src/shared/types/domain.type.ts +++ b/apps/authz/src/shared/types/domain.type.ts @@ -14,22 +14,6 @@ export enum UserRoles { MANAGER = 'manager' } -export enum ValueOperators { - GREATER_THAN = 'gt', - LESS_THAN = 'lt', - GREATER_THAN_OR_EQUAL = 'gte', - LESS_THAN_OR_EQUAL = 'lte', - EQUAL = 'eq', - NOT_EQUAL = 'ne' -} - -export enum IdentityOperators { - IS = 'is', - IS_NOT = 'is_not', - CONTAINS = 'contains', - IN = 'in' -} - export type RegoInput = { action: Action intent?: Intent diff --git a/packages/authz-shared/src/lib/type/domain.type.ts b/packages/authz-shared/src/lib/type/domain.type.ts index 0f9bdbee1..2e6ec65dc 100644 --- a/packages/authz-shared/src/lib/type/domain.type.ts +++ b/packages/authz-shared/src/lib/type/domain.type.ts @@ -33,6 +33,22 @@ export enum FiatCurrency { EUR = 'fiat:eur' } +export enum ValueOperators { + GREATER_THAN = 'gt', + LESS_THAN = 'lt', + GREATER_THAN_OR_EQUAL = 'gte', + LESS_THAN_OR_EQUAL = 'lte', + EQUAL = 'eq', + NOT_EQUAL = 'ne' +} + +export enum IdentityOperators { + IS = 'is', + IS_NOT = 'is_not', + CONTAINS = 'contains', + IN = 'in' +} + export type HistoricalTransfer = { amount: string // Amount in the smallest unit of the token (eg. wei for ETH) from: string diff --git a/packages/authz-shared/src/lib/type/policy-builder.type.ts b/packages/authz-shared/src/lib/type/policy-builder.type.ts index 04a751d1a..bdafeae75 100644 --- a/packages/authz-shared/src/lib/type/policy-builder.type.ts +++ b/packages/authz-shared/src/lib/type/policy-builder.type.ts @@ -1,70 +1,78 @@ -import { AccountId, AccountType, Action, Address, Alg, AssetId, Hex } from '@narval/authz-shared' +import { + AccountId, + AccountType, + Action, + Address, + Alg, + AssetId, + EntityType, + FiatCurrency, + Hex, + IdentityOperators, + ValueOperators +} from '@narval/authz-shared' import { Intents } from '@narval/transaction-request-intent' -export enum Then { - PERMIT = 'permit', - FORBID = 'forbid' -} - -export enum Criterion { - CHECK_ACTION = 'checkAction', - CHECK_TRANSFER_RESOURCE_INTEGRITY = 'checkTransferResourceIntegrity', - CHECK_PRINCIPAL_ID = 'checkPrincipalId', - CHECK_PRINCIPAL_ROLE = 'checkPrincipalRole', - CHECK_PRINCIPAL_GROUP = 'checkPrincipalGroup', - CHECK_WALLET_ID = 'checkWalletId', - CHECK_WALLET_ADDRESS = 'checkWalletAddress', - CHECK_WALLET_ACCOUNT_TYPE = 'checkWalletAccountType', - CHECK_WALLET_CHAIN_ID = 'checkWalletChainId', - CHECK_WALLET_GROUP = 'checkWalletGroup', - CHECK_INTENT_TYPE = 'checkIntentType', - CHECK_DESTINATION_ID = 'checkDestinationId', - CHECK_DESTINATION_ADDRESS = 'checkDestinationAddress', - CHECK_DESTINATION_ACCOUNT_TYPE = 'checkDestinationAccountType', - CHECK_DESTINATION_CLASSIFICATION = 'checkDestinationClassification', - CHECK_INTENT_CONTRACT = 'checkIntentContract', - CHECK_INTENT_TOKEN = 'checkIntentToken', - CHECK_INTENT_SPENDER = 'checkIntentSpender', - CHECK_INTENT_CHAIN_ID = 'checkIntentChainId', - CHECK_INTENT_HEX_SIGNATURE = 'checkIntentHexSignature', - CHECK_INTENT_AMOUNT = 'checkIntentAmount', - CHECK_ERC721_TOKEN_ID = 'checkERC721TokenId', - CHECK_ERC1155_TOKEN_ID = 'checkERC1155TokenId', - CHECK_ERC1155_TRANSFERS = 'checkERC1155Transfers', - CHECK_INTENT_MESSAGE = 'checkIntentMessage', - CHECK_INTENT_PAYLOAD = 'checkIntentPayload', - CHECK_INTENT_ALGORITHM = 'checkIntentAlgorithm', - CHECK_INTENT_DOMAIN = 'checkIntentDomain', - CHECK_PERMIT_DEADLINE = 'checkPermitDeadline', - CHECK_GAS_FEE_AMOUNT = 'checkGasFeeAmount', - CHECK_NONCE_EXISTS = 'checkNonceExists', - CHECK_NONCE_NOT_EXISTS = 'checkNonceNotExists', - CHECK_APPROVALS = 'checkApprovals', - CHECK_SPENDING_LIMIT = 'checkSpendingLimit' -} - -type Wildcard = '*' - -type EntityType = 'Narval::User' | 'Narval::UserRole' | 'Narval::UserGroup' - -type Operators = 'eq' | 'neq' | 'gt' | 'gte' | 'lt' | 'lte' - -type Currency = 'fiat:usd' | 'fiat:eur' +export const Then = { + PERMIT: 'permit', + FORBID: 'forbid' +} as const + +export type Then = (typeof Then)[keyof typeof Then] + +export const Criterion = { + CHECK_ACTION: 'checkAction', + CHECK_TRANSFER_RESOURCE_INTEGRITY: 'checkTransferResourceIntegrity', + CHECK_PRINCIPAL_ID: 'checkPrincipalId', + CHECK_PRINCIPAL_ROLE: 'checkPrincipalRole', + CHECK_PRINCIPAL_GROUP: 'checkPrincipalGroup', + CHECK_WALLET_ID: 'checkWalletId', + CHECK_WALLET_ADDRESS: 'checkWalletAddress', + CHECK_WALLET_ACCOUNT_TYPE: 'checkWalletAccountType', + CHECK_WALLET_CHAIN_ID: 'checkWalletChainId', + CHECK_WALLET_GROUP: 'checkWalletGroup', + CHECK_INTENT_TYPE: 'checkIntentType', + CHECK_DESTINATION_ID: 'checkDestinationId', + CHECK_DESTINATION_ADDRESS: 'checkDestinationAddress', + CHECK_DESTINATION_ACCOUNT_TYPE: 'checkDestinationAccountType', + CHECK_DESTINATION_CLASSIFICATION: 'checkDestinationClassification', + CHECK_INTENT_CONTRACT: 'checkIntentContract', + CHECK_INTENT_TOKEN: 'checkIntentToken', + CHECK_INTENT_SPENDER: 'checkIntentSpender', + CHECK_INTENT_CHAIN_ID: 'checkIntentChainId', + CHECK_INTENT_HEX_SIGNATURE: 'checkIntentHexSignature', + CHECK_INTENT_AMOUNT: 'checkIntentAmount', + CHECK_ERC721_TOKEN_ID: 'checkERC721TokenId', + CHECK_ERC1155_TOKEN_ID: 'checkERC1155TokenId', + CHECK_ERC1155_TRANSFERS: 'checkERC1155Transfers', + CHECK_INTENT_MESSAGE: 'checkIntentMessage', + CHECK_INTENT_PAYLOAD: 'checkIntentPayload', + CHECK_INTENT_ALGORITHM: 'checkIntentAlgorithm', + CHECK_INTENT_DOMAIN: 'checkIntentDomain', + CHECK_PERMIT_DEADLINE: 'checkPermitDeadline', + CHECK_GAS_FEE_AMOUNT: 'checkGasFeeAmount', + CHECK_NONCE_EXISTS: 'checkNonceExists', + CHECK_NONCE_NOT_EXISTS: 'checkNonceNotExists', + CHECK_APPROVALS: 'checkApprovals', + CHECK_SPENDING_LIMIT: 'checkSpendingLimit' +} as const + +export type Criterion = (typeof Criterion)[keyof typeof Criterion] type AmountCondition = { - currency: Currency | Wildcard - operator: Operators + currency: `${FiatCurrency}` | '*' + operator: `${ValueOperators}` value: string } type ERC1155AmountCondition = { tokenId: AssetId - operator: Operators + operator: `${ValueOperators}` value: string } type SignMessageCondition = { - operator: 'eq' | 'contains' + operator: `${ValueOperators.EQUAL}` | `${typeof IdentityOperators.CONTAINS}` value: string } @@ -76,20 +84,20 @@ type SignTypedDataDomainCondition = { } type PermitDeadlineCondition = { - operator: Operators + operator: `${ValueOperators}` value: string // timestamp in ms } type ApprovalCondition = { approvalCount: number countPrincipal: boolean - approvalEntityType: EntityType + approvalEntityType: `${EntityType}` entityIds: string[] } type SpendingLimitCondition = { limit: string - currency?: Currency + currency?: `${FiatCurrency}` timeWindow?: { type?: 'rolling' | 'fixed' value?: number // in seconds @@ -107,172 +115,172 @@ type SpendingLimitCondition = { } type ActionCriterion = { - criterion: Criterion.CHECK_ACTION + criterion: typeof Criterion.CHECK_ACTION args: Action[] } type TransferResourceIntegrityCriterion = { - criterion: Criterion.CHECK_TRANSFER_RESOURCE_INTEGRITY + criterion: typeof Criterion.CHECK_TRANSFER_RESOURCE_INTEGRITY args: null } type PrincipalIdCriterion = { - criterion: Criterion.CHECK_PRINCIPAL_ID + criterion: typeof Criterion.CHECK_PRINCIPAL_ID args: string[] } type PrincipalRoleCriterion = { - criterion: Criterion.CHECK_PRINCIPAL_ROLE + criterion: typeof Criterion.CHECK_PRINCIPAL_ROLE args: string[] } type PrincipalGroupCriterion = { - criterion: Criterion.CHECK_PRINCIPAL_GROUP + criterion: typeof Criterion.CHECK_PRINCIPAL_GROUP args: string[] } type WalletIdCriterion = { - criterion: Criterion.CHECK_WALLET_ID + criterion: typeof Criterion.CHECK_WALLET_ID args: string[] } type WalletAddressCriterion = { - criterion: Criterion.CHECK_WALLET_ADDRESS + criterion: typeof Criterion.CHECK_WALLET_ADDRESS args: string[] } type WalletAccountTypeCriterion = { - criterion: Criterion.CHECK_WALLET_ACCOUNT_TYPE + criterion: typeof Criterion.CHECK_WALLET_ACCOUNT_TYPE args: AccountType[] } type WalletChainIdCriterion = { - criterion: Criterion.CHECK_WALLET_CHAIN_ID + criterion: typeof Criterion.CHECK_WALLET_CHAIN_ID args: string[] } type WalletGroupCriterion = { - criterion: Criterion.CHECK_WALLET_GROUP + criterion: typeof Criterion.CHECK_WALLET_GROUP args: string[] } type IntentTypeCriterion = { - criterion: Criterion.CHECK_INTENT_TYPE + criterion: typeof Criterion.CHECK_INTENT_TYPE args: Intents[] } type DestinationIdCriterion = { - criterion: Criterion.CHECK_DESTINATION_ID + criterion: typeof Criterion.CHECK_DESTINATION_ID args: AccountId[] } type DestinationAddressCriterion = { - criterion: Criterion.CHECK_DESTINATION_ADDRESS + criterion: typeof Criterion.CHECK_DESTINATION_ADDRESS args: string[] } type DestinationAccountTypeCriterion = { - criterion: Criterion.CHECK_DESTINATION_ACCOUNT_TYPE + criterion: typeof Criterion.CHECK_DESTINATION_ACCOUNT_TYPE args: AccountType[] } type DestinationClassificationCriterion = { - criterion: Criterion.CHECK_DESTINATION_CLASSIFICATION + criterion: typeof Criterion.CHECK_DESTINATION_CLASSIFICATION args: string[] } type IntentContractCriterion = { - criterion: Criterion.CHECK_INTENT_CONTRACT + criterion: typeof Criterion.CHECK_INTENT_CONTRACT args: AccountId[] } type IntentTokenCriterion = { - criterion: Criterion.CHECK_INTENT_TOKEN + criterion: typeof Criterion.CHECK_INTENT_TOKEN args: AccountId[] } type IntentSpenderCriterion = { - criterion: Criterion.CHECK_INTENT_SPENDER + criterion: typeof Criterion.CHECK_INTENT_SPENDER args: AccountId[] } type IntentChainIdCriterion = { - criterion: Criterion.CHECK_INTENT_CHAIN_ID + criterion: typeof Criterion.CHECK_INTENT_CHAIN_ID args: string[] } type IntentHexSignatureCriterion = { - criterion: Criterion.CHECK_INTENT_HEX_SIGNATURE + criterion: typeof Criterion.CHECK_INTENT_HEX_SIGNATURE args: Hex[] } type IntentAmountCriterion = { - criterion: Criterion.CHECK_INTENT_AMOUNT + criterion: typeof Criterion.CHECK_INTENT_AMOUNT args: AmountCondition } type ERC721TokenIdCriterion = { - criterion: Criterion.CHECK_ERC721_TOKEN_ID + criterion: typeof Criterion.CHECK_ERC721_TOKEN_ID args: AssetId[] } type ERC1155TokenIdCriterion = { - criterion: Criterion.CHECK_ERC1155_TOKEN_ID + criterion: typeof Criterion.CHECK_ERC1155_TOKEN_ID args: AssetId[] } type ERC1155TransfersCriterion = { - criterion: Criterion.CHECK_ERC1155_TRANSFERS + criterion: typeof Criterion.CHECK_ERC1155_TRANSFERS args: ERC1155AmountCondition[] } type IntentMessageCriterion = { - criterion: Criterion.CHECK_INTENT_MESSAGE + criterion: typeof Criterion.CHECK_INTENT_MESSAGE args: SignMessageCondition } type IntentPayloadCriterion = { - criterion: Criterion.CHECK_INTENT_PAYLOAD + criterion: typeof Criterion.CHECK_INTENT_PAYLOAD args: string[] } type IntentAlgorithmCriterion = { - criterion: Criterion.CHECK_INTENT_ALGORITHM + criterion: typeof Criterion.CHECK_INTENT_ALGORITHM args: Alg[] } type IntentDomainCriterion = { - criterion: Criterion.CHECK_INTENT_DOMAIN + criterion: typeof Criterion.CHECK_INTENT_DOMAIN args: SignTypedDataDomainCondition } type PermitDeadlineCriterion = { - criterion: Criterion.CHECK_PERMIT_DEADLINE + criterion: typeof Criterion.CHECK_PERMIT_DEADLINE args: PermitDeadlineCondition } type GasFeeAmountCriterion = { - criterion: Criterion.CHECK_GAS_FEE_AMOUNT + criterion: typeof Criterion.CHECK_GAS_FEE_AMOUNT args: AmountCondition } type NonceRequiredCriterion = { - criterion: Criterion.CHECK_NONCE_EXISTS + criterion: typeof Criterion.CHECK_NONCE_EXISTS args: null } type NonceNotRequiredCriterion = { - criterion: Criterion.CHECK_NONCE_NOT_EXISTS + criterion: typeof Criterion.CHECK_NONCE_NOT_EXISTS args: null } type ApprovalsCriterion = { - criterion: Criterion.CHECK_APPROVALS + criterion: typeof Criterion.CHECK_APPROVALS args: ApprovalCondition[] } type SpendingLimitCriterion = { - criterion: Criterion.CHECK_SPENDING_LIMIT + criterion: typeof Criterion.CHECK_SPENDING_LIMIT args: SpendingLimitCondition }