Merge pull request #22 from AAStarCommunity/chore/m7-r4-address-sync

chore(airaccount): sync M7 module addresses to r4 audit-final + postOp gas floor

Author: fanhousanbu

packages/airaccount/src/server/config.ts

@@ -53,25 +53,34 @@ export interface ServerConfig {
   logger?: ILogger;
 }
 
-/** AirAccount contract version selection. */
-export type AirAccountVersion = "M5" | "M7";
+/** AirAccount contract version selection.
+ * - "M7"   — r4 audit-final (default). Use for all new account creation.
+ * - "M7r6" — r6 deployment (2026-03-29, superseded). Use ONLY to recover existing r6-deployed accounts.
+ * - "M5"   — legacy 6-field InitConfig deployment.
+ */
+export type AirAccountVersion = "M5" | "M7" | "M7r6";
 
 /**
  * Build a pre-configured EntryPointVersionConfig for Sepolia using a known AirAccount deployment.
  * Eliminates the need to look up contract addresses manually.
  *
  * @example
- * // Use M7 (default)
+ * // Use M7 r4 audit-final (default)
  * const config = { entryPoints: { v07: sepoliaV07Config() }, ... };
  *
+ * // Recover an existing r6-deployed account (do NOT use for new accounts)
+ * const config = { entryPoints: { v07: sepoliaV07Config("M7r6") }, ... };
+ *
  * // Use M5 legacy
  * const config = { entryPoints: { v07: sepoliaV07Config("M5") }, ... };
  */
 export function sepoliaV07Config(version: AirAccountVersion = "M7"): EntryPointVersionConfig {
   const factoryAddress =
     version === "M5"
       ? AIRACCOUNT_ADDRESSES.sepolia.factoryM5
-      : AIRACCOUNT_ADDRESSES.sepolia.factory;
+      : version === "M7r6"
+      ? AIRACCOUNT_ADDRESSES.sepolia.factoryM7r6
+      : AIRACCOUNT_ADDRESSES.sepolia.factory; // "M7" = r4 audit-final (default)
 
   return {
     entryPointAddress: ENTRYPOINT_ADDRESSES[EntryPointVersion.V0_7].sepolia,

packages/airaccount/src/server/constants/entrypoint.ts

@@ -70,23 +70,37 @@ export const AIRACCOUNT_ADDRESSES = {
     factoryM4: "0x914db0a849f55e68a726c72fd02b7114b1176d88",
     // M5 factory r5 — 6-field InitConfig, guardian acceptance sigs required
     factoryM5: "0xd72a236d84be6c388a8bc7deb64afd54704ae385",
-    // M7 factory r5 (prev) — defaultCommunityGuardian was address(0), do not use for new accounts
-    factoryM7r5Prev: "0xa0007c5db27548d8c1582773856db1d123107383",
-    // M7 factory r6 — defaultCommunityGuardian = team Safe 0x51eD...E114 (deployed 2026-03-29)
-    // BREAKING CHANGE: `.factory` now points to r6. Accounts created here have a new CREATE2 address.
-    factory: "0x42f82d77f9cf940686b6a64a369245cb563e0e85",
-    // M7 factory alias — use this to be explicit about targeting M7
-    factoryM7: "0x42f82d77f9cf940686b6a64a369245cb563e0e85",
-    // M7 account implementation r6 (shared by all clone proxies)
-    accountImpl: "0x2F1B4EB63143D338bE78d0AF878B806f075080c1",
+    /** @deprecated defaultCommunityGuardian was address(0); superseded by r6 and r4. Do not use for new accounts. */
+    factoryM7r5Prev: "0xa0007c5dB27548D8c1582773856dB1D123107383",
+
+    // ── Deprecated: r6 addresses (2026-03-29 deployment, superseded by r4 audit-final) ──────────
+    // Retain for legacy account lookups and historical event indexing ONLY.
+    // DO NOT use for new account creation — CREATE2 address will differ from r4.
+    /** @deprecated Use {@link factory} (r4 audit-final) for new accounts. */
+    factoryM7r6: "0x42f82d77f9cf940686b6a64a369245cb563e0e85",
+    /** @deprecated Use {@link accountImpl} (r4 audit-final). */
+    accountImplM7r6: "0x2F1B4EB63143D338bE78d0AF878B806f075080c1",
+    /** @deprecated Use {@link compositeValidator} (r4 audit-final). */
+    compositeValidatorM7r6: "0x4135c539fec5e200fe9762b721f6829b2315cbe1",
+    /** @deprecated Use {@link tierGuardHook} (r4 audit-final). */
+    tierGuardHookM7r6: "0x73572e9e6138fd53465ee243e2fb4842cf86a787",
+    /** @deprecated Use {@link agentSessionKeyValidator} (r4 audit-final). */
+    agentSessionKeyValidatorM7r6: "0xa3e52db4b6e0a9d7cd5dd1414a90eedcf950e029",
+
+    // ── Current: r4 audit-final (freeze/m7-v0.16.0, 660 tests, all audit findings resolved) ─────
+    // M7 factory r4 — EIP-1167 clone factory, full audit-final release
+    factory: "0x61bBAf9E1b8Fd78fF874776cFa50497dB9d43C3F",
+    factoryM7: "0x61bBAf9E1b8Fd78fF874776cFa50497dB9d43C3F",
+    // M7 account implementation r4 (shared by all clone proxies, 23,847B EIP-170 compliant)
+    accountImpl: "0xA674D308ce22230B70412b20Ee5a66fC6B24F49c",
     validatorRouter: "0x730a162Ce3202b94cC5B74181B75b11eBB3045B1",
     blsAlgorithm: "0xc2096E8D04beb3C337bb388F5352710d62De0287",
     blsAggregator: "0x7700aec8a15a94db5697c581de8c88ecf83b59ff",
     superPaymaster: "0x16cE0c7d846f9446bbBeb9C5a84A4D140fAeD94A",
-    // M7 r5 ERC-7579 modules (pre-installed by factory on every new account)
-    compositeValidator: "0x4135c539fec5e200fe9762b721f6829b2315cbe1",
-    tierGuardHook: "0x73572e9e6138fd53465ee243e2fb4842cf86a787",
-    agentSessionKeyValidator: "0xa3e52db4b6e0a9d7cd5dd1414a90eedcf950e029",
+    // M7 r4 ERC-7579 modules (pre-installed by factory on every new account)
+    compositeValidator: "0xB65569950C48AA56dbe876915ca3605fD6FF2980",
+    tierGuardHook: "0x67f878295cFF7451CBD2A775C4490607AF1b07d7",
+    agentSessionKeyValidator: "0x1F06961e133217801F92e1CF552187F594a32873",
     // M6 继承合约（M7 factory 仍可配合使用）
     sessionKeyValidator: "0xcaba5a18e46f728b5330ea33bd099693a1b76217",
     calldataParserRegistry: "0x7099eb39fbab795e66dd71fbeaace150edf1b3c3",

packages/enduser/src/UserClient.ts

@@ -498,8 +498,10 @@ export class UserClient extends BaseClient {
                 const SAFETY_PAD = 80000n;
                 verificationGasLimit = est.verificationGasLimit + SAFETY_PAD;
 
-                // PostOp Tuning
-                paymasterPostOpGasLimit = est.paymasterPostOpGasLimit + 10000n;
+                // SuperPaymaster postOp calls burnFromWithOpHash (~40k gas) + storage writes.
+                // Add 100k buffer; floor at 200k to prevent OOG. Pure BigInt to avoid Number precision loss.
+                const _postOpBase = est.paymasterPostOpGasLimit + 100_000n;
+                paymasterPostOpGasLimit = _postOpBase > 200_000n ? _postOpBase : 200_000n;
 
                 autoEstimate = false; // logic handled
             }

packages/paymaster/src/V4/PaymasterClient.ts

@@ -336,13 +336,13 @@ export class PaymasterClient {
             verificationGasLimit: options?.verificationGasLimit,
             callGasLimit: options?.callGasLimit,
             paymasterVerificationGasLimit: options?.paymasterVerificationGasLimit,
-            paymasterPostOpGasLimit: options?.paymasterPostOpGasLimit ?? 150000n
+            paymasterPostOpGasLimit: options?.paymasterPostOpGasLimit ?? 200_000n
         };
 
         if (options?.autoEstimate !== false && (!gasLimits.verificationGasLimit || !gasLimits.callGasLimit)) {
             const est = await this.estimateUserOperationGas(
-                client, wallet, aaAddress, entryPoint, paymasterAddress, token, bundlerUrl, callData, 
-                { 
+                client, wallet, aaAddress, entryPoint, paymasterAddress, token, bundlerUrl, callData,
+                {
                     validityWindow: options?.validityWindow,
                     operator: options?.operator,
                     factory: options?.factory,
@@ -353,7 +353,12 @@ export class PaymasterClient {
             gasLimits.verificationGasLimit = options?.verificationGasLimit ?? est.verificationGasLimit;
             gasLimits.callGasLimit = options?.callGasLimit ?? est.callGasLimit;
             gasLimits.paymasterVerificationGasLimit = options?.paymasterVerificationGasLimit ?? est.paymasterVerificationGasLimit;
-            gasLimits.paymasterPostOpGasLimit = options?.paymasterPostOpGasLimit ?? est.paymasterPostOpGasLimit;
+            // SuperPaymaster postOp calls burnFromWithOpHash (~40k) + storage writes.
+            // Apply 100k buffer with 200k floor. Pure BigInt to avoid Number precision loss.
+            if (!options?.paymasterPostOpGasLimit) {
+                const _base = est.paymasterPostOpGasLimit + 100_000n;
+                gasLimits.paymasterPostOpGasLimit = _base > 200_000n ? _base : 200_000n;
+            }
         }
 
         // 1. Get Nonce

packages/paymaster/src/V4/SuperPaymasterClient.ts

@@ -113,8 +113,10 @@ export class SuperPaymasterClient {
         const bundlerEstimateVGL = est.paymasterVerificationGasLimit || 100000n;
         const tunedPMVerificationGas = tuneGasLimit(bundlerEstimateVGL, 60_000n, 0.45);
 
-        // Same for PostOp
-        const tunedPostOp = est.paymasterPostOpGasLimit + 10000n;
+        // SuperPaymaster postOp calls burnFromWithOpHash (~40k gas) + storage writes.
+        // Add 100k buffer; floor at 200k to prevent OOG. Pure BigInt to avoid Number precision loss.
+        const _postOpBase = est.paymasterPostOpGasLimit + 100_000n;
+        const tunedPostOp = _postOpBase > 200_000n ? _postOpBase : 200_000n;
 
         console.log(`[SuperPaymasterClient] 🔧 Tuned Limits: VGL=${tunedVGL}, PMVGL=${tunedPMVerificationGas}, PostOp=${tunedPostOp}`);