Open
Conversation
|
Visit the preview URL for this PR (updated for commit b3ebc2f): https://zksync-auth-server-staging--pr233-nft-quest-setup-ae5ugd7r.web.app (expires Fri, 19 Dec 2025 07:16:00 GMT) 🔥 via Firebase Hosting GitHub Action 🌎 Sign: 509a9c9ea42583076f531c53cf2979c544d5d0b7 |
itsacoyote
reviewed
Dec 2, 2025
cpb8010
force-pushed
the
nft-quest-setup
branch
from
6b72da8 to
89523b1
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR implements a proof-of-concept for NFT Quest using ERC-4337 account abstraction with passkey authentication and session keys, eliminating the need for the Auth Server. The implementation transitions from ZKsync-specific infrastructure to a standard Anvil/Alto setup for testing and deployment.
Key Changes:
- Added session proof generation and validation using cryptographic signatures
- Refactored NFT Quest to use direct passkey registration and ERC-4337 bundler
- Updated test infrastructure to use Anvil + Alto bundler instead of ZKsync test node
Reviewed changes
Copilot reviewed 37 out of 38 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/sdk-platforms/rust/.../transaction.rs | Fixed type ambiguity by aliasing SessionSpec import |
| packages/sdk-platforms/rust/.../ffi-web/src/lib.rs | Added proof parameter to createSession WASM binding |
| packages/sdk-platforms/rust/.../session/send.rs | Added session proof generation in tests |
| packages/sdk-platforms/rust/.../session/revoke.rs | Added session proof generation in tests |
| packages/sdk-platforms/rust/.../session/create.rs | Added proof parameter and helper function for session creation |
| packages/sdk-platforms/rust/.../session/active.rs | Refactored to use generated signers for session proofs |
| packages/sdk-platforms/rust/.../session.rs | Made contract module public |
| packages/sdk-platforms/rust/.../guardian/.../finalize.rs | Added data parameter to finalize recovery |
| packages/sdk-platforms/rust/.../deploy.rs | Changed deployment to install session validator post-deployment |
| packages/sdk-4337/src/client/session/utils.ts | Added getSessionHash utility function |
| packages/sdk-4337/src/client/session/types.ts | Changed LimitType from string to numeric enum |
| packages/sdk-4337/src/client/session/session.test.ts | Updated tests for LimitType string serialization |
| packages/sdk-4337/src/client/passkey/client-actions.ts | Added proof parameter to createSession action |
| packages/sdk-4337/src/client/actions/sessions.ts | Added proof parameter to createSession |
| packages/sdk-4337/src/client/actions/deploy.ts | Fixed conditional logic for EOA signers |
| packages/sdk-4337/src/abi/SessionKeyValidator.ts | Added proof field to ABI |
| packages/sdk-4337/package.json | Added account export path |
| packages/erc4337-contracts | Updated submodule reference |
| examples/nft-quest/tests/main.spec.ts | Simplified test to single passkey flow without Auth Server |
| examples/nft-quest/stores/connector.ts | Complete rewrite for direct passkey registration and deployment |
| examples/nft-quest/stores/client.ts | New store for managing viem clients |
| examples/nft-quest/stores/account.ts | New store for account state management |
| examples/nft-quest/scripts/deploy-msa-anvil.sh | New deployment script for Anvil setup |
| examples/nft-quest/project.json | Updated build and dev tasks for Anvil |
| examples/nft-quest/playwright.config.ts | Removed Auth Server from test config |
| examples/nft-quest/pages/mint/index.vue | Updated to use new store structure |
| examples/nft-quest/package.json | Added SimpleWebAuthn and WASM dependencies |
| examples/nft-quest/nuxt.config.ts | Added WASM plugins and Anvil chain config |
| examples/nft-quest/contracts-anvil.json | New config file with deployed addresses |
| examples/nft-quest/composables/useMintNft.ts | Refactored to use passkey client |
| examples/nft-quest-contracts/project.json | Added Anvil deployment task |
| examples/nft-quest-contracts/hardhat.config.ts | Added localhost network and optimizer settings |
| examples/nft-quest-contracts/deploy/deploy-anvil.ts | New Anvil deployment script |
| examples/demo-app/components/SessionCreator.vue | Added proof generation for session creation |
| .github/workflows/deploy-preview.yml | Updated chain ID |
| .github/workflows/deploy-auth-server.yml | Updated chain ID |
| .github/workflows/ci.yml | Re-enabled NFT Quest E2E tests with Anvil setup |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (1)
examples/nft-quest/stores/connector.ts:1
- The variable name 'randomRecipient' is misleading as this is actually a hardcoded address, not a random one. Consider renaming to 'recipientAddress' or generating an actual random address.
import { startRegistration } from "@simplewebauthn/browser";
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
cpb8010
force-pushed
the
nft-quest-setup
branch
from
89523b1 to
8c8ac2c
Compare
missing entry points
for consistent test setup
cpb8010
force-pushed
the
nft-quest-setup
branch
from
0663103 to
b3ebc2f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR implements NFT Quest using ERC-4337 account abstraction with passkey authentication, eliminating the dependency on the Auth Server. The implementation transitions from ZKsync-specific infrastructure to a standard Anvil/Alto bundler setup for local testing.
Key Changes
NFT Quest Application (
examples/nft-quest/)stores/account.ts- Account state management (address, credentialId)stores/client.ts- Viem client management (public, bundler, passkey clients)stores/connector.ts- Complete rewrite for direct passkey registration and smart account deploymentuseMintNftcomposable - Now uses passkey client instead of wagmiscripts/deploy-msa-anvil.shfor deploying ERC-4337 contracts to AnvilNFT Quest Contracts (
examples/nft-quest-contracts/)localhostnetwork config for Anvil deployment (chain ID 1337)deploy/deploy-anvil.tsscript for deploying NFT contracts to local Anvildeploy:anvilnx targetSDK-4337 (
packages/sdk-4337/)getSessionHashutility function insession/utils.tsdeploy.ts- Pass null for eoaSigners when empty to prevent validation errors/accountexport path in package.jsonRust SDK (
packages/sdk-platforms/)dataparameter to finalize recovery functionCI/CD (
.github/workflows/ci.yml)eth_chainIdRPC callAuth Server Updates
Testing
The NFT Quest E2E test flow:
Technical Details
0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108@simplewebauthn/browserfor WebAuthn registration