fix(shared,client): harden Safe7579 session-key execution

Author: Oba-One

.plans/features/popup-sidepanel-walkthrough/eval/session-state.archive-2026-03-31.md

@@ -15,11 +15,11 @@ For shot sequencing and operator actions, use
 
 ### Opening
 
-Communities do not have an information problem. They have a fragmentation problem.
+We do not have an information problem. We have a fragmentation problem.
 
 Important context already exists in messy tabs, notes, links, conversations, and half-finished
-research. What is usually missing is a way to turn that messy knowledge into shared opportunity,
-coordinated governance, and durable memory.
+research — scattered across people and tools. What is usually missing is a way to turn that
+scattered knowledge into clear opportunity, whether for yourself, a team, or an entire community.
 
 That is what Coop is for.
 
@@ -133,14 +133,13 @@ It turns messy knowledge into opportunity, coordinated governance, and durable p
 ### Future Coda
 
 What comes next is deeper knowledge exploration, stronger Coop OS patterns, richer mobile and
-call-based participation, and more ways for communities to turn what they know into coordinated
-opportunity.
+call-based participation, and more ways to turn what you know into coordinated opportunity.
 
 ## Shorter Alt Close
 
 If you want a sharper final line:
 
-Coop helps communities move from scattered context to shared opportunity, from shared opportunity to
+Coop helps you move from scattered context to shared opportunity, from shared opportunity to
 governance, and from governance to durable memory.
 
 ## Delivery Notes

.plans/features/popup-sidepanel-walkthrough/eval/session-state.md

@@ -1,5 +1,10 @@
 import type { SetupInsightsInput } from '@coop/shared';
-import { clipboardPasteFallbackMessage, getRitualLenses, pasteClipboardText } from '@coop/shared';
+import {
+  clipboardPasteFallbackMessage,
+  getRitualLenses,
+  pasteClipboardText,
+  synthesizeTranscriptsToPurpose,
+} from '@coop/shared';
 import { type CSSProperties, useEffect, useMemo, useRef, useState } from 'react';
 import { DevTunnelBadge } from '../../components/DevTunnelBadge';
 import { LanguageSelector } from '../../components/LanguageSelector';
@@ -119,6 +124,7 @@ export function App({
   });
   const focusOpenCardRef = useRef<TranscriptKey | null>(null);
   const focusReturnCardRef = useRef<TranscriptKey | null>(null);
+  const lastSynthesizedFromRef = useRef('');
 
   const [setupInput, setSetupInput] = useState<SetupInsightsInput>(() => initialDraft.setupInput);
   const [transcripts, setTranscripts] = useState<TranscriptMap>(() => initialDraft.transcripts);
@@ -145,6 +151,22 @@ export function App({
   );
   const completedLensCount = lensProgress.filter((progress) => progress.status === 'ready').length;
   const allLensesReady = completedLensCount === ritualCardMappings.length;
+
+  useEffect(() => {
+    if (!allLensesReady || setupInput.purpose) {
+      return;
+    }
+    const transcriptFingerprint = `${transcripts.capital}|${transcripts.impact}|${transcripts.governance}|${transcripts.knowledge}`;
+    if (transcriptFingerprint === lastSynthesizedFromRef.current) {
+      return;
+    }
+    lastSynthesizedFromRef.current = transcriptFingerprint;
+    const synthesized = synthesizeTranscriptsToPurpose(transcripts);
+    if (synthesized) {
+      setSetupInput((current) => ({ ...current, purpose: synthesized }));
+    }
+  }, [allLensesReady, setupInput.purpose, transcripts]);
+
   const openCardIndex = openCardId ? ritualLenses.findIndex((lens) => lens.id === openCardId) : -1;
   const openCardLens = openCardIndex >= 0 ? ritualLenses[openCardIndex] : null;
   const openCardMapping = openCardIndex >= 0 ? ritualCardMappings[openCardIndex] : null;

…rence/hackathon-demo-voiceover-script.md docs/reference/demo-voiceover-script.mddocs/reference/hackathon-demo-voiceover-script.md renamed to docs/reference/demo-voiceover-script.md docs/reference/hackathon-demo-voiceover-script.md renamed to docs/reference/demo-voiceover-script.md

@@ -64,7 +64,8 @@ describe('isRitualReviewDue', () => {
               skillId: 'review-digest',
             },
             status: 'published',
-            createdAt: '2026-03-25T00:00:00.000Z',
+            // Must be within the 7-day freshness window relative to now
+            createdAt: new Date(Date.now() - 2 * 24 * 60 * 60 * 1000).toISOString(),
           }),
         ] as never[],
       }),

packages/app/src/views/Landing/index.tsx

@@ -1079,7 +1079,8 @@ describe('archive handlers', () => {
 
     expect(result).toEqual({
       ok: false,
-      error: 'A stored passkey session is required before a member can register proofs on Filecoin.',
+      error:
+        'A stored passkey session is required before a member can register proofs on Filecoin.',
     });
     expect(mocks.saveState).not.toHaveBeenCalled();
     expect(viemMocks.createWalletClient).not.toHaveBeenCalled();

packages/extension/src/background/handlers/__tests__/agent-observation-conditions.test.ts

@@ -44,6 +44,9 @@ const sharedMocks = vi.hoisted(() => ({
   getAuthSession: vi.fn(),
   getEncryptedSessionMaterial: vi.fn(),
   getSessionCapability: vi.fn(),
+  getSessionCapabilityUseStubSignature: vi.fn(
+    ({ capability }: { capability: SessionCapability }) => `wrapped:${capability.id}:validator-stub`,
+  ),
   incrementSessionCapabilityUsage: vi.fn((capability: SessionCapability) => ({
     ...capability,
     usedCount: ((capability as SessionCapability & { usedCount?: number }).usedCount ?? 0) + 1,
@@ -77,6 +80,20 @@ const sharedMocks = vi.hoisted(() => ({
   saveEncryptedSessionMaterial: vi.fn(async () => undefined),
   saveSessionCapability: vi.fn(async () => undefined),
   saveSessionCapabilityLogEntry: vi.fn(async () => undefined),
+  sendSmartAccountTransactionWithCoopGasFallback: vi.fn(async () => ({
+    txHash: '0xtxhash',
+    userOperationHash: '0xuophash',
+    receipt: {
+      transactionHash: '0xreceipt',
+    },
+  })),
+  signSessionCapabilityUserOperation: vi.fn(
+    async ({
+      capability,
+    }: {
+      capability: SessionCapability;
+    }) => `wrapped:${capability.id}:validator-signature`,
+  ),
   validateSessionCapabilityForBundle: vi.fn(),
   wrapUseSessionSignature: vi.fn(
     ({
@@ -126,6 +143,7 @@ vi.mock('@coop/shared', async (importOriginal) => {
     getAuthSession: sharedMocks.getAuthSession,
     getEncryptedSessionMaterial: sharedMocks.getEncryptedSessionMaterial,
     getSessionCapability: sharedMocks.getSessionCapability,
+    getSessionCapabilityUseStubSignature: sharedMocks.getSessionCapabilityUseStubSignature,
     incrementSessionCapabilityUsage: sharedMocks.incrementSessionCapabilityUsage,
     listSessionCapabilities: sharedMocks.listSessionCapabilities,
     listSessionCapabilityLogEntries: sharedMocks.listSessionCapabilityLogEntries,
@@ -137,6 +155,9 @@ vi.mock('@coop/shared', async (importOriginal) => {
     saveEncryptedSessionMaterial: sharedMocks.saveEncryptedSessionMaterial,
     saveSessionCapability: sharedMocks.saveSessionCapability,
     saveSessionCapabilityLogEntry: sharedMocks.saveSessionCapabilityLogEntry,
+    sendSmartAccountTransactionWithCoopGasFallback:
+      sharedMocks.sendSmartAccountTransactionWithCoopGasFallback,
+    signSessionCapabilityUserOperation: sharedMocks.signSessionCapabilityUserOperation,
     validateSessionCapabilityForBundle: sharedMocks.validateSessionCapabilityForBundle,
     wrapUseSessionSignature: sharedMocks.wrapUseSessionSignature,
   };
@@ -291,6 +312,10 @@ describe('session execution paths', () => {
       sendTransaction: vi.fn(async () => '0xtxhash'),
     };
     const baseAccount = {
+      entryPoint: {
+        address: '0x0000000071727De22E5E9d8BAf0edAc6f37da032',
+        version: '0.7' as const,
+      },
       getStubSignature: vi.fn(async () => 'validator-stub'),
       signUserOperation: vi.fn(async () => 'validator-signature'),
     };
@@ -358,7 +383,7 @@ describe('session execution paths', () => {
       expect.objectContaining({
         account: expect.objectContaining({
           address: '0xbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb',
-          type: 'erc7579-implementation',
+          type: 'safe',
           deployedOnChains: [11155111],
         }),
       }),
@@ -367,7 +392,7 @@ describe('session execution paths', () => {
       expect.objectContaining({
         account: expect.objectContaining({
           address: '0xbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb',
-          type: 'erc7579-implementation',
+          type: 'safe',
           deployedOnChains: [11155111],
         }),
       }),
@@ -492,6 +517,8 @@ describe('session execution paths', () => {
         version: '1.4.1',
         safe4337ModuleAddress: '0x7579EE8307284F293B1927136486880611F20002',
         erc7579LaunchpadAddress: '0x7579011aB74c46090561ea277Ba79D510c6C00ff',
+        attesters: ['0x000000333034E9f539ce08819E12c1b8Cb29084d'],
+        attestersThreshold: 1,
       }),
     );
   });
@@ -629,6 +656,9 @@ describe('session execution paths', () => {
   });
 
   it('records failed Green Goods session executions and rethrows the failure', async () => {
+    sharedMocks.sendSmartAccountTransactionWithCoopGasFallback.mockRejectedValueOnce(
+      new Error('Bundler rejected user operation.'),
+    );
     const sendTransaction = vi.fn(async () => {
       throw new Error('Bundler rejected user operation.');
     });

packages/extension/src/background/handlers/__tests__/archive-handlers.test.ts

@@ -120,7 +120,11 @@ async function ensureLocalMemberFvmSigner(passkeyCredentialId: string) {
     return existingSigner;
   }
 
-  const existingBinding = await getLocalFvmSignerBinding(db, configuredFvmChain, passkeyCredentialId);
+  const existingBinding = await getLocalFvmSignerBinding(
+    db,
+    configuredFvmChain,
+    passkeyCredentialId,
+  );
   if (existingBinding) {
     throw new Error(
       'Local Filecoin signer data is incomplete on this device. Restore the original browser profile or clear the saved signer binding before retrying.',
@@ -1305,7 +1309,8 @@ export async function handleFvmRegistration(
   if (!authSession?.passkey) {
     return {
       ok: false,
-      error: 'A stored passkey session is required before a member can register proofs on Filecoin.',
+      error:
+        'A stored passkey session is required before a member can register proofs on Filecoin.',
     } satisfies RuntimeActionResponse;
   }
 
@@ -1375,9 +1380,7 @@ export async function handleFvmRegistration(
     archiveScope: receipt.scope,
   });
 
-  let localSigner:
-    | Awaited<ReturnType<typeof ensureLocalMemberFvmSigner>>
-    | undefined;
+  let localSigner: Awaited<ReturnType<typeof ensureLocalMemberFvmSigner>> | undefined;
   try {
     localSigner = await ensureLocalMemberFvmSigner(authSession.passkey.id);
     const fvmConfig = getFvmChainConfig(configuredFvmChain);

packages/extension/src/background/handlers/__tests__/session-execution.test.ts

@@ -20,7 +20,10 @@ import {
   getAuthSession,
   getEncryptedSessionMaterial,
   getGreenGoodsDeployment,
+  getSmartSessionsValidatorNonceKey,
+  getCoopChainConfig,
   getSessionCapability,
+  getSessionCapabilityUseStubSignature,
   incrementSessionCapabilityUsage,
   listSessionCapabilities,
   listSessionCapabilityLogEntries,
@@ -32,10 +35,11 @@ import {
   saveEncryptedSessionMaterial,
   saveSessionCapability,
   saveSessionCapabilityLogEntry,
+  sendSmartAccountTransactionWithCoopGasFallback,
+  signSessionCapabilityUserOperation,
   toCoopSafeSmartAccount,
   usesCoopSafeErc7579,
   validateSessionCapabilityForBundle,
-  wrapUseSessionSignature,
 } from '@coop/shared';
 import {
   installModule as buildModuleInstallExecutions,
@@ -183,8 +187,33 @@ export async function ensureSessionCapabilityReadyLive(input: {
     onchainState: input.onchainState,
   });
   const { modules } = buildSmartSession({ capability: input.capability });
+  const modulesToEnsure = [
+    modules.validator,
+    {
+      ...modules.fallback,
+      functionSig: modules.fallback.functionSig ?? modules.fallback.selector,
+    },
+  ];
+  const waitForModuleInstalled = async (
+    module: (typeof modulesToEnsure)[number],
+    timeoutMs = 30_000,
+  ) => {
+    const startedAt = Date.now();
+    while (Date.now() - startedAt < timeoutMs) {
+      const installed = await checkModuleInstalled({
+        client: context.publicClient as Parameters<typeof checkModuleInstalled>[0]['client'],
+        account: context.moduleAccount,
+        module,
+      });
+      if (installed) {
+        return;
+      }
+      await new Promise((resolve) => setTimeout(resolve, 1_500));
+    }
+    throw new Error(`Timed out waiting for ${module.type} module installation to finalize.`);
+  };
 
-  for (const module of [modules.validator, modules.fallback]) {
+  for (const module of modulesToEnsure) {
     const installed = await checkModuleInstalled({
       client: context.publicClient as Parameters<typeof checkModuleInstalled>[0]['client'],
       account: context.moduleAccount,
@@ -200,12 +229,15 @@ export async function ensureSessionCapabilityReadyLive(input: {
       module,
     });
     for (const execution of executions) {
-      await context.smartClient.sendTransaction({
+      await sendSmartAccountTransactionWithCoopGasFallback({
+        smartClient: context.smartClient,
+        accountTypeHint: 'safe',
         to: execution.to,
         data: execution.data,
         value: execution.value as bigint,
       });
     }
+    await waitForModuleInstalled(module);
   }
 
   const enabled = await checkSessionCapabilityEnabled({
@@ -288,21 +320,25 @@ export async function createSessionExecutionContext(input: {
     chainKey: input.onchainState.chainKey,
     address: input.onchainState.safeAddress as Address,
     useErc7579: usesCoopSafeErc7579(input.onchainState),
+    nonceKey: getSmartSessionsValidatorNonceKey(),
   });
   const account = {
     ...baseAccount,
     async getStubSignature() {
-      const validatorSignature = await baseAccount.getStubSignature();
-      return wrapUseSessionSignature({
+      return getSessionCapabilityUseStubSignature({
         capability: input.capability,
-        validatorSignature,
       });
     },
     async signUserOperation(parameters: Parameters<typeof baseAccount.signUserOperation>[0]) {
-      const validatorSignature = await baseAccount.signUserOperation(parameters);
-      return wrapUseSessionSignature({
+      return signSessionCapabilityUserOperation({
         capability: input.capability,
-        validatorSignature,
+        signer: owner,
+        userOperation: parameters,
+        chainId:
+          parameters.chainId ?? getCoopChainConfig(input.capability.scope.chainKey).chain.id,
+        entryPointAddress: baseAccount.entryPoint.address,
+        entryPointVersion: baseAccount.entryPoint.version,
+        sender: input.onchainState.safeAddress as Address,
       });
     },
   };
@@ -416,12 +452,13 @@ export async function buildGreenGoodsSessionExecutor(input: {
     );
 
     try {
-      const txHash = await context.smartClient.sendTransaction({
+      const result = await sendSmartAccountTransactionWithCoopGasFallback({
+        smartClient: context.smartClient,
+        accountTypeHint: 'safe',
         to,
         data,
         value: value ?? 0n,
       });
-      const receipt = await context.publicClient.waitForTransactionReceipt({ hash: txHash });
       const updatedCapability = incrementSessionCapabilityUsage(capability);
       await saveSessionCapability(db, updatedCapability);
       await saveSessionCapabilityLogEntry(
@@ -437,13 +474,16 @@ export async function buildGreenGoodsSessionExecutor(input: {
         }),
       );
       return {
-        txHash,
-        receipt,
+        txHash: result.txHash,
+        receipt: result.receipt,
         safeAddress: input.coop.onchainState.safeAddress as Address,
       };
     } catch (error) {
-      const detail =
+      const rawDetail =
         error instanceof Error ? error.message : 'Session-key execution failed unexpectedly.';
+      const detail = rawDetail.includes('AA24 signature error')
+        ? 'Session-key signature was rejected onchain by Smart Sessions (AA24). The Safe and owner path are still intact, but this session key must be re-issued or re-enabled before autonomous execution can continue.'
+        : rawDetail;
       await saveSessionCapabilityLogEntry(
         db,
         createSessionCapabilityLogEntry({
@@ -456,7 +496,9 @@ export async function buildGreenGoodsSessionExecutor(input: {
           replayId: input.bundle.replayId,
         }),
       );
-      throw error;
+      throw new Error(detail, {
+        cause: error instanceof Error ? error : undefined,
+      });
     }
   };
 }

packages/extension/src/background/handlers/archive.ts

@@ -369,6 +369,8 @@ button:disabled {
   justify-content: center;
   gap: 6px;
   padding: 24px 16px;
+  /* Fill remaining sidepanel content area so justify-content centers visually */
+  min-height: calc(100vh - 12rem);
 }
 
 .empty-state__icon {