fix(chore): address PR #22 review — BigInt safety, PaymasterClient floor, M7r6 selector, EIP-55

[Blocking] BigInt→Number unsafe conversion (Claude H1 / Codex M1):
- UserClient.ts + SuperPaymasterClient.ts: replace Math.max(Number(...)) with pure BigInt comparison
  const base = est.paymasterPostOpGasLimit + 100_000n; result = base > 200_000n ? base : 200_000n

[Blocking] PaymasterClient OOG fix incomplete (Codex H1):
- submitGaslessUserOperation: default floor raised 150k→200k
- autoEstimate path now applies same 100k buffer + 200k floor (caller-supplied value is respected as-is)

[Blocking] sepoliaV07Config silently re-targets r4 (Codex H2):
- AirAccountVersion type: add "M7r6" selector
- sepoliaV07Config("M7r6") routes to factoryM7r6 for legacy r6 account recovery
- JSDoc updated with explicit warning: M7r6 = recovery only, not for new account creation

[Suggested] EIP-55 checksum consistency (Claude M1 / Codex L1):
- All 5 r4 addresses now use EIP-55 mixed-case checksum

[Suggested] factoryM7r5Prev @deprecated JSDoc (Claude L1 / Codex L2)

Author: fanhousanbu

packages/airaccount/src/server/config.ts

@@ -53,25 +53,34 @@ export interface ServerConfig {
   logger?: ILogger;
 }
 
-/** AirAccount contract version selection. */
-export type AirAccountVersion = "M5" | "M7";
+/** AirAccount contract version selection.
+ * - "M7"   — r4 audit-final (default). Use for all new account creation.
+ * - "M7r6" — r6 deployment (2026-03-29, superseded). Use ONLY to recover existing r6-deployed accounts.
+ * - "M5"   — legacy 6-field InitConfig deployment.
+ */
+export type AirAccountVersion = "M5" | "M7" | "M7r6";
 
 /**
  * Build a pre-configured EntryPointVersionConfig for Sepolia using a known AirAccount deployment.
  * Eliminates the need to look up contract addresses manually.
  *
  * @example
- * // Use M7 (default)
+ * // Use M7 r4 audit-final (default)
  * const config = { entryPoints: { v07: sepoliaV07Config() }, ... };
  *
+ * // Recover an existing r6-deployed account (do NOT use for new accounts)
+ * const config = { entryPoints: { v07: sepoliaV07Config("M7r6") }, ... };
+ *
  * // Use M5 legacy
  * const config = { entryPoints: { v07: sepoliaV07Config("M5") }, ... };
  */
 export function sepoliaV07Config(version: AirAccountVersion = "M7"): EntryPointVersionConfig {
   const factoryAddress =
     version === "M5"
       ? AIRACCOUNT_ADDRESSES.sepolia.factoryM5
-      : AIRACCOUNT_ADDRESSES.sepolia.factory;
+      : version === "M7r6"
+      ? AIRACCOUNT_ADDRESSES.sepolia.factoryM7r6
+      : AIRACCOUNT_ADDRESSES.sepolia.factory; // "M7" = r4 audit-final (default)
 
   return {
     entryPointAddress: ENTRYPOINT_ADDRESSES[EntryPointVersion.V0_7].sepolia,

packages/airaccount/src/server/constants/entrypoint.ts

@@ -70,8 +70,8 @@ export const AIRACCOUNT_ADDRESSES = {
     factoryM4: "0x914db0a849f55e68a726c72fd02b7114b1176d88",
     // M5 factory r5 — 6-field InitConfig, guardian acceptance sigs required
     factoryM5: "0xd72a236d84be6c388a8bc7deb64afd54704ae385",
-    // M7 factory r5 (prev) — defaultCommunityGuardian was address(0), do not use for new accounts
-    factoryM7r5Prev: "0xa0007c5db27548d8c1582773856db1d123107383",
+    /** @deprecated defaultCommunityGuardian was address(0); superseded by r6 and r4. Do not use for new accounts. */
+    factoryM7r5Prev: "0xa0007c5dB27548D8c1582773856dB1D123107383",
 
     // ── Deprecated: r6 addresses (2026-03-29 deployment, superseded by r4 audit-final) ──────────
     // Retain for legacy account lookups and historical event indexing ONLY.
@@ -89,18 +89,18 @@ export const AIRACCOUNT_ADDRESSES = {
 
     // ── Current: r4 audit-final (freeze/m7-v0.16.0, 660 tests, all audit findings resolved) ─────
     // M7 factory r4 — EIP-1167 clone factory, full audit-final release
-    factory: "0x61bbaf9e1b8fd78ff874776cfa50497db9d43c3f",
-    factoryM7: "0x61bbaf9e1b8fd78ff874776cfa50497db9d43c3f",
+    factory: "0x61bBAf9E1b8Fd78fF874776cFa50497dB9d43C3F",
+    factoryM7: "0x61bBAf9E1b8Fd78fF874776cFa50497dB9d43C3F",
     // M7 account implementation r4 (shared by all clone proxies, 23,847B EIP-170 compliant)
     accountImpl: "0xA674D308ce22230B70412b20Ee5a66fC6B24F49c",
     validatorRouter: "0x730a162Ce3202b94cC5B74181B75b11eBB3045B1",
     blsAlgorithm: "0xc2096E8D04beb3C337bb388F5352710d62De0287",
     blsAggregator: "0x7700aec8a15a94db5697c581de8c88ecf83b59ff",
     superPaymaster: "0x16cE0c7d846f9446bbBeb9C5a84A4D140fAeD94A",
     // M7 r4 ERC-7579 modules (pre-installed by factory on every new account)
-    compositeValidator: "0xb65569950c48aa56dbe876915ca3605fd6ff2980",
-    tierGuardHook: "0x67f878295cff7451cbd2a775c4490607af1b07d7",
-    agentSessionKeyValidator: "0x1f06961e133217801f92e1cf552187f594a32873",
+    compositeValidator: "0xB65569950C48AA56dbe876915ca3605fD6FF2980",
+    tierGuardHook: "0x67f878295cFF7451CBD2A775C4490607AF1b07d7",
+    agentSessionKeyValidator: "0x1F06961e133217801F92e1CF552187F594a32873",
     // M6 继承合约（M7 factory 仍可配合使用）
     sessionKeyValidator: "0xcaba5a18e46f728b5330ea33bd099693a1b76217",
     calldataParserRegistry: "0x7099eb39fbab795e66dd71fbeaace150edf1b3c3",

packages/enduser/src/UserClient.ts

@@ -499,8 +499,9 @@ export class UserClient extends BaseClient {
                 verificationGasLimit = est.verificationGasLimit + SAFETY_PAD;
 
                 // SuperPaymaster postOp calls burnFromWithOpHash (~40k gas) + storage writes.
-                // Add 100k buffer; floor at 200k to prevent OOG.
-                paymasterPostOpGasLimit = BigInt(Math.max(Number(est.paymasterPostOpGasLimit + 100000n), 200000));
+                // Add 100k buffer; floor at 200k to prevent OOG. Pure BigInt to avoid Number precision loss.
+                const _postOpBase = est.paymasterPostOpGasLimit + 100_000n;
+                paymasterPostOpGasLimit = _postOpBase > 200_000n ? _postOpBase : 200_000n;
 
                 autoEstimate = false; // logic handled
             }

packages/paymaster/src/V4/PaymasterClient.ts

@@ -336,13 +336,13 @@ export class PaymasterClient {
             verificationGasLimit: options?.verificationGasLimit,
             callGasLimit: options?.callGasLimit,
             paymasterVerificationGasLimit: options?.paymasterVerificationGasLimit,
-            paymasterPostOpGasLimit: options?.paymasterPostOpGasLimit ?? 150000n
+            paymasterPostOpGasLimit: options?.paymasterPostOpGasLimit ?? 200_000n
         };
 
         if (options?.autoEstimate !== false && (!gasLimits.verificationGasLimit || !gasLimits.callGasLimit)) {
             const est = await this.estimateUserOperationGas(
-                client, wallet, aaAddress, entryPoint, paymasterAddress, token, bundlerUrl, callData, 
-                { 
+                client, wallet, aaAddress, entryPoint, paymasterAddress, token, bundlerUrl, callData,
+                {
                     validityWindow: options?.validityWindow,
                     operator: options?.operator,
                     factory: options?.factory,
@@ -353,7 +353,12 @@ export class PaymasterClient {
             gasLimits.verificationGasLimit = options?.verificationGasLimit ?? est.verificationGasLimit;
             gasLimits.callGasLimit = options?.callGasLimit ?? est.callGasLimit;
             gasLimits.paymasterVerificationGasLimit = options?.paymasterVerificationGasLimit ?? est.paymasterVerificationGasLimit;
-            gasLimits.paymasterPostOpGasLimit = options?.paymasterPostOpGasLimit ?? est.paymasterPostOpGasLimit;
+            // SuperPaymaster postOp calls burnFromWithOpHash (~40k) + storage writes.
+            // Apply 100k buffer with 200k floor. Pure BigInt to avoid Number precision loss.
+            if (!options?.paymasterPostOpGasLimit) {
+                const _base = est.paymasterPostOpGasLimit + 100_000n;
+                gasLimits.paymasterPostOpGasLimit = _base > 200_000n ? _base : 200_000n;
+            }
         }
 
         // 1. Get Nonce

packages/paymaster/src/V4/SuperPaymasterClient.ts

@@ -114,8 +114,9 @@ export class SuperPaymasterClient {
         const tunedPMVerificationGas = tuneGasLimit(bundlerEstimateVGL, 60_000n, 0.45);
 
         // SuperPaymaster postOp calls burnFromWithOpHash (~40k gas) + storage writes.
-        // Add 100k buffer; floor at 200k to prevent OOG in postOp.
-        const tunedPostOp = BigInt(Math.max(Number(est.paymasterPostOpGasLimit + 100000n), 200000));
+        // Add 100k buffer; floor at 200k to prevent OOG. Pure BigInt to avoid Number precision loss.
+        const _postOpBase = est.paymasterPostOpGasLimit + 100_000n;
+        const tunedPostOp = _postOpBase > 200_000n ? _postOpBase : 200_000n;
 
         console.log(`[SuperPaymasterClient] 🔧 Tuned Limits: VGL=${tunedVGL}, PMVGL=${tunedPMVerificationGas}, PostOp=${tunedPostOp}`);