refactor: extract big.Int parsing into pkg/bigint to remove octal traps

Add pkg/bigint.Parse(s) that decodes a numeric string as base-10 by
default and as base-16 when prefixed with 0x/0X, with whitespace
trimmed and explicit errors on empty or unparseable input. Unlike
big.Int.SetString with base 0, it does not silently treat leading-
zero strings (e.g. "010") as octal.

Refactor three callsites onto the helper:

- pkg/erc4337/userop/parse.go: UserOp BigInt field decoder previously
  used SetString(..., 0), exposing the octal trap on user-supplied
  numeric fields.
- core/taskengine/utils.go: ABI uint/int parameter conversion already
  did the same hex-or-decimal split inline; collapse to the helper
  while preserving the existing error format that utils_calldata_test
  depends on.
- core/taskengine/vm_runner_contract_write.go: post-approve allowance
  override added in #527 used the same inline split; collapse it.

Author: will-dz

core/taskengine/utils.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/AvaProtocol/EigenLayer-AVS/core/taskengine/macros"
 	"github.com/AvaProtocol/EigenLayer-AVS/core/taskengine/modules"
+	"github.com/AvaProtocol/EigenLayer-AVS/pkg/bigint"
 	"github.com/AvaProtocol/EigenLayer-AVS/pkg/erc20"
 	avsproto "github.com/AvaProtocol/EigenLayer-AVS/protobuf"
 	"github.com/dop251/goja"
@@ -705,27 +706,7 @@ func parseABIParameter(param string, abiType abi.Type) (interface{}, error) {
 		return common.HexToAddress(param), nil
 
 	case abi.UintTy, abi.IntTy:
-		// Handle big integers
-		// Validate that the parameter is a valid number
-		paramTrimmed := strings.TrimSpace(param)
-		if paramTrimmed == "" {
-			return nil, fmt.Errorf("expected numeric value, got ''")
-		}
-
-		value := new(big.Int)
-		var ok bool
-		if strings.HasPrefix(paramTrimmed, "0x") {
-			_, ok = value.SetString(paramTrimmed[2:], 16)
-		} else {
-			// Check if it's a valid decimal number (allows digits, optional negative sign)
-			_, ok = value.SetString(paramTrimmed, 10)
-		}
-
-		if !ok {
-			return nil, fmt.Errorf("expected numeric value, got '%s'", paramTrimmed)
-		}
-
-		return value, nil
+		return bigint.Parse(param)
 
 	case abi.BoolTy:
 		switch strings.ToLower(param) {

core/taskengine/vm_runner_contract_write.go

@@ -20,6 +20,7 @@ import (
 
 	"github.com/AvaProtocol/EigenLayer-AVS/core/chainio/aa"
 	"github.com/AvaProtocol/EigenLayer-AVS/core/config"
+	"github.com/AvaProtocol/EigenLayer-AVS/pkg/bigint"
 	"github.com/AvaProtocol/EigenLayer-AVS/pkg/byte4"
 	"github.com/AvaProtocol/EigenLayer-AVS/pkg/eip1559"
 	"github.com/AvaProtocol/EigenLayer-AVS/pkg/erc4337/bundler"
@@ -506,20 +507,13 @@ func (r *ContractWriteProcessor) executeMethodCall(
 		// allowance[owner][spender] slot directly.
 		if simSuccess && isMethodWithParams(methodName, "approve", resolvedMethodParams, 2) {
 			rawSpender := strings.TrimSpace(resolvedMethodParams[0])
-			rawAmount := strings.TrimSpace(resolvedMethodParams[1])
 			if !common.IsHexAddress(rawSpender) {
 				r.vm.logger.Debug("Skipping allowance override: invalid spender address",
 					"raw", resolvedMethodParams[0])
 			} else {
 				spender := common.HexToAddress(rawSpender)
-				// Default to base 10; honor 0x/0X prefix as hex. Avoid base 0 because
-				// it treats leading-zero strings (e.g. "010") as octal.
-				base := 10
-				if strings.HasPrefix(rawAmount, "0x") || strings.HasPrefix(rawAmount, "0X") {
-					base = 16
-				}
-				amount, ok := new(big.Int).SetString(rawAmount, base)
-				if !ok || amount.Sign() < 0 {
+				amount, parseErr := bigint.Parse(resolvedMethodParams[1])
+				if parseErr != nil || amount.Sign() < 0 {
 					r.vm.logger.Debug("Skipping allowance override: invalid or negative amount",
 						"raw", resolvedMethodParams[1])
 				} else {

pkg/bigint/parse.go

@@ -0,0 +1,37 @@
+// Package bigint provides shared big.Int parsing helpers.
+package bigint
+
+import (
+	"fmt"
+	"math/big"
+	"strings"
+)
+
+// Parse decodes s as a base-10 integer, or as base-16 if s has a "0x" or "0X"
+// prefix. Whitespace around s is trimmed. Returns an error on empty or
+// unparseable input.
+//
+// Unlike (*big.Int).SetString with base 0, Parse does not treat leading-zero
+// strings as octal: "010" parses as 10, not 8. Use this for any user-supplied
+// numeric string where octal interpretation would be surprising or wrong
+// (e.g. ERC20 amounts, RPC payloads, contract method params).
+func Parse(s string) (*big.Int, error) {
+	trimmed := strings.TrimSpace(s)
+	if trimmed == "" {
+		return nil, fmt.Errorf("expected numeric value, got ''")
+	}
+	base := 10
+	digits := trimmed
+	if strings.HasPrefix(digits, "0x") || strings.HasPrefix(digits, "0X") {
+		base = 16
+		digits = digits[2:]
+		if digits == "" {
+			return nil, fmt.Errorf("expected numeric value, got '%s'", trimmed)
+		}
+	}
+	n, ok := new(big.Int).SetString(digits, base)
+	if !ok {
+		return nil, fmt.Errorf("expected numeric value, got '%s'", trimmed)
+	}
+	return n, nil
+}

pkg/bigint/parse_test.go

@@ -0,0 +1,54 @@
+package bigint
+
+import (
+	"math/big"
+	"testing"
+)
+
+func TestParse(t *testing.T) {
+	cases := []struct {
+		name    string
+		in      string
+		want    string // big.Int decimal string, ignored when wantErr is set
+		wantErr string
+	}{
+		{name: "zero", in: "0", want: "0"},
+		{name: "decimal", in: "4000000", want: "4000000"},
+		{name: "leading zero is decimal not octal", in: "010", want: "10"},
+		{name: "negative decimal", in: "-5", want: "-5"},
+		{name: "lowercase hex", in: "0x3D0900", want: "4000000"},
+		{name: "uppercase hex prefix", in: "0X3d0900", want: "4000000"},
+		{name: "hex with leading zero digits", in: "0x00ff", want: "255"},
+		{name: "trims whitespace", in: "  42  ", want: "42"},
+		{name: "huge value preserved", in: "100000000000000000000", want: "100000000000000000000"},
+
+		{name: "empty", in: "", wantErr: "expected numeric value, got ''"},
+		{name: "whitespace only", in: "   ", wantErr: "expected numeric value, got ''"},
+		{name: "0x with no digits", in: "0x", wantErr: "expected numeric value, got '0x'"},
+		{name: "non-numeric", in: "MAX", wantErr: "expected numeric value, got 'MAX'"},
+		{name: "invalid hex digits", in: "0xZZZ", wantErr: "expected numeric value, got '0xZZZ'"},
+		{name: "decimal with letters", in: "12abc", wantErr: "expected numeric value, got '12abc'"},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			got, err := Parse(tc.in)
+			if tc.wantErr != "" {
+				if err == nil {
+					t.Fatalf("Parse(%q) = %v, want error %q", tc.in, got, tc.wantErr)
+				}
+				if err.Error() != tc.wantErr {
+					t.Fatalf("Parse(%q) error = %q, want %q", tc.in, err.Error(), tc.wantErr)
+				}
+				return
+			}
+			if err != nil {
+				t.Fatalf("Parse(%q) unexpected error: %v", tc.in, err)
+			}
+			want, _ := new(big.Int).SetString(tc.want, 10)
+			if got.Cmp(want) != 0 {
+				t.Fatalf("Parse(%q) = %s, want %s", tc.in, got.String(), tc.want)
+			}
+		})
+	}
+}

pkg/erc4337/userop/parse.go

@@ -9,6 +9,7 @@ import (
 	"reflect"
 	"sync"
 
+	"github.com/AvaProtocol/EigenLayer-AVS/pkg/bigint"
 	"github.com/ethereum/go-ethereum/common"
 	validator "github.com/go-playground/validator/v10"
 	"github.com/mitchellh/mapstructure"
@@ -40,15 +41,13 @@ func decodeOpTypes(
 
 	// String to big.Int conversion
 	if f == reflect.String && t == reflect.Struct {
-		n := new(big.Int)
-		var ok bool
 		dataStr, ok := data.(string)
 		if !ok {
 			return nil, errors.New("expected string for bigInt conversion")
 		}
-		n, ok = n.SetString(dataStr, 0)
-		if !ok {
-			return nil, errors.New("bigInt conversion failed")
+		n, err := bigint.Parse(dataStr)
+		if err != nil {
+			return nil, fmt.Errorf("bigInt conversion failed: %w", err)
 		}
 		return n, nil
 	}