feat: Remove LogicalOrWrapper payee support for ERC20 (#313)

* feat: remove logicalOrWrapperEnforcer and update payee validation for ERC20 permissions

* feat: implement RedemptionForm component and integrate into index page

Author: mj-kiwi

packages/gator-permissions-snap/src/core/chainMetadata.ts

@@ -20,7 +20,6 @@ export type DelegationContracts = {
   allowedCalldataEnforcer: Hex;
   redeemerEnforcer: Hex;
   allowedTargetsEnforcer: Hex;
-  logicalOrWrapperEnforcer: Hex;
 };
 
 const contracts: DelegationContracts = {
@@ -39,7 +38,6 @@ const contracts: DelegationContracts = {
   allowedCalldataEnforcer: '0xc2b0d624c1c4319760C96503BA27C347F3260f55',
   redeemerEnforcer: '0xE144b0b2618071B4E56f746313528a669c7E65c5',
   allowedTargetsEnforcer: '0x7F20f61b1f09b08D970938F6fa563634d65c4EeB',
-  logicalOrWrapperEnforcer: '0xE1302607a3251AF54c3a6e69318d6aa07F5eB46c',
 };
 
 // derived from https://chainid.network/chains.json

packages/gator-permissions-snap/src/core/payeeCaveat.ts

@@ -4,10 +4,11 @@ import type { Caveat, Hex } from '@metamask/delegation-core';
 import {
   createAllowedCalldataTerms,
   createAllowedTargetsTerms,
-  createLogicalOrWrapperTerms,
 } from '@metamask/delegation-core';
+import { InvalidInputError } from '@metamask/snaps-sdk';
 
 import type { DelegationContracts } from './chainMetadata';
+import { MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR } from '../permissions/validation';
 
 const ERC20_PERMISSION_TYPES = new Set([
   'erc20-token-stream',
@@ -19,8 +20,6 @@ const NATIVE_PERMISSION_TYPES = new Set([
   'native-token-periodic',
 ]);
 
-const EMPTY_ARGS = new Uint8Array();
-
 /**
  * Pads an Ethereum address to 32 bytes (left-padded with zeros).
  * @param address - The address to pad.
@@ -71,7 +70,7 @@ function buildNativePayeeCaveat(
  * Appends payee-restricting caveats when the permission request includes a payee rule.
  *
  * For native token permissions, allowedTargetsEnforcer supports multiple targets directly.
- * For ERC-20 permissions, multiple addresses are wrapped in a LogicalOrWrapperEnforcer.
+ * For ERC-20 permissions, allowedCalldataEnforcer supports one target.
  *
  * @param options - Arguments for appending the caveat.
  * @param options.rules - Resolved permission request rules from the grant flow.
@@ -106,17 +105,7 @@ export function appendPayeeCaveatIfPresent({
   }
 
   if (isErc20 && rawAddresses.length > 1) {
-    const caveatGroups = rawAddresses.map((address) => {
-      const caveat = buildErc20PayeeCaveat(address, contracts);
-      return [{ ...caveat, args: EMPTY_ARGS }];
-    });
-
-    caveats.push({
-      enforcer: contracts.logicalOrWrapperEnforcer,
-      terms: createLogicalOrWrapperTerms({ caveatGroups }),
-      args: '0x',
-    });
-    return;
+    throw new InvalidInputError(MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR);
   }
 
   const payeeCaveat = isErc20

packages/gator-permissions-snap/src/permissions/erc20TokenPeriodic/validation.ts

@@ -36,7 +36,7 @@ function validatePermissionData(
 
   validateStartTime(startTime, rules);
   validateRedeemerRule(rules);
-  validatePayeeRule(rules);
+  validatePayeeRule(rules, { allowMultiplePayees: false });
 
   return true;
 }

packages/gator-permissions-snap/src/permissions/erc20TokenStream/validation.ts

@@ -57,7 +57,7 @@ function validatePermissionData(
 
   validateStartTime(startTime, rules);
   validateRedeemerRule(rules);
-  validatePayeeRule(rules);
+  validatePayeeRule(rules, { allowMultiplePayees: false });
 
   return true;
 }

packages/gator-permissions-snap/src/permissions/validation.ts

@@ -3,6 +3,9 @@ import { extractDescriptorName } from '@metamask/7715-permissions-shared/utils';
 import type { Hex } from '@metamask/delegation-core';
 import { InvalidInputError } from '@metamask/snaps-sdk';
 
+export const MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR =
+  'Multiple payee addresses are not currently supported for ERC20 permissions.';
+
 /**
  * Validates a hex integer value with configurable constraints.
  * @param params - The validation parameters.
@@ -69,10 +72,17 @@ export function validateRedeemerRule(
 /**
  * Validates the payee rule, if present, has a non-empty addresses array.
  * @param rules - The rules of the permission request.
+ * @param options - Payee validation options.
+ * @param options.allowMultiplePayees - Whether more than one payee address is supported.
  * @throws {InvalidInputError} If a payee rule exists with missing or empty addresses.
  */
 export function validatePayeeRule(
   rules: PermissionRequest['rules'] | undefined,
+  {
+    allowMultiplePayees = true,
+  }: {
+    allowMultiplePayees?: boolean;
+  } = {},
 ): void {
   const payeeRule = rules?.find(
     (rule) => extractDescriptorName(rule.type) === 'payee',
@@ -87,6 +97,10 @@ export function validatePayeeRule(
       'Invalid payee rule: must include a non-empty addresses array',
     );
   }
+
+  if (!allowMultiplePayees && addresses.length > 1) {
+    throw new InvalidInputError(MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR);
+  }
 }
 
 /**

packages/gator-permissions-snap/test/core/chainMetadata.test.ts

@@ -35,7 +35,6 @@ describe('chainMetadata', () => {
         allowedCalldataEnforcer: expect.any(String),
         redeemerEnforcer: expect.any(String),
         allowedTargetsEnforcer: expect.any(String),
-        logicalOrWrapperEnforcer: expect.any(String),
       },
       name: expect.any(String),
       explorerUrl: expect.any(String),
@@ -105,7 +104,6 @@ describe('chainMetadata', () => {
           'allowedCalldataEnforcer',
           'redeemerEnforcer',
           'allowedTargetsEnforcer',
-          'logicalOrWrapperEnforcer',
         ];
 
         const metadata = getChainMetadata({ chainId: 11155111 }); // Sepolia

packages/gator-permissions-snap/test/core/payeeCaveat.test.ts

@@ -2,10 +2,10 @@ import type { Caveat, Hex } from '@metamask/delegation-core';
 import {
   createAllowedCalldataTerms,
   createAllowedTargetsTerms,
-  createLogicalOrWrapperTerms,
 } from '@metamask/delegation-core';
 
 import { appendPayeeCaveatIfPresent } from '../../src/core/payeeCaveat';
+import { MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR } from '../../src/permissions/validation';
 
 const MOCK_CONTRACTS = {
   delegationManager: '0x0000000000000000000000000000000000000001' as Hex,
@@ -26,12 +26,10 @@ const MOCK_CONTRACTS = {
   allowedCalldataEnforcer: '0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' as Hex,
   redeemerEnforcer: '0x000000000000000000000000000000000000000c' as Hex,
   allowedTargetsEnforcer: '0xBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB' as Hex,
-  logicalOrWrapperEnforcer: '0xCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC' as Hex,
 };
 
 const PAYEE_ADDRESS_1 = '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266' as Hex;
 const PAYEE_ADDRESS_2 = '0x70997970C51812dc3A010C7d01b50e0d17dc79C8' as Hex;
-const EMPTY_ARGS = new Uint8Array();
 
 /**
  * Pads an Ethereum address to 32 bytes (left-padded with zeros).
@@ -117,49 +115,23 @@ describe('appendPayeeCaveatIfPresent', () => {
       },
     );
 
-    it('wraps multiple payees in logicalOrWrapperEnforcer for ERC-20', () => {
+    it('throws for multiple ERC-20 payees', () => {
       const caveats: Caveat[] = [];
-      appendPayeeCaveatIfPresent({
-        rules: [
-          {
-            type: 'payee',
-            data: { addresses: [PAYEE_ADDRESS_1, PAYEE_ADDRESS_2] },
-          },
-        ],
-        contracts: MOCK_CONTRACTS,
-        caveats,
-        permissionType: 'erc20-token-stream',
-      });
-
-      expect(caveats).toHaveLength(1);
-      expect(caveats[0].enforcer).toBe(MOCK_CONTRACTS.logicalOrWrapperEnforcer);
-      expect(caveats[0].terms).toStrictEqual(
-        createLogicalOrWrapperTerms({
-          caveatGroups: [
-            [
-              {
-                enforcer: MOCK_CONTRACTS.allowedCalldataEnforcer,
-                terms: createAllowedCalldataTerms({
-                  startIndex: 4,
-                  value: padTo32Bytes(PAYEE_ADDRESS_1),
-                }),
-                args: EMPTY_ARGS,
-              },
-            ],
-            [
-              {
-                enforcer: MOCK_CONTRACTS.allowedCalldataEnforcer,
-                terms: createAllowedCalldataTerms({
-                  startIndex: 4,
-                  value: padTo32Bytes(PAYEE_ADDRESS_2),
-                }),
-                args: EMPTY_ARGS,
-              },
-            ],
+      expect(() =>
+        appendPayeeCaveatIfPresent({
+          rules: [
+            {
+              type: 'payee',
+              data: { addresses: [PAYEE_ADDRESS_1, PAYEE_ADDRESS_2] },
+            },
           ],
+          contracts: MOCK_CONTRACTS,
+          caveats,
+          permissionType: 'erc20-token-stream',
         }),
-      );
-      expect(caveats[0].args).toBe('0x');
+      ).toThrow(MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR);
+
+      expect(caveats).toHaveLength(0);
     });
   });
 

packages/gator-permissions-snap/test/permissions/erc20TokenPeriodic/validation.test.ts

@@ -4,6 +4,7 @@ import { bigIntToHex } from '@metamask/utils';
 import { TimePeriod } from '../../../src/core/types';
 import type { Erc20TokenPeriodicPermissionRequest } from '../../../src/permissions/erc20TokenPeriodic/types';
 import { parseAndValidatePermission } from '../../../src/permissions/erc20TokenPeriodic/validation';
+import { MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR } from '../../../src/permissions/validation';
 import { TIME_PERIOD_TO_SECONDS } from '../../../src/utils/time';
 import { parseUnits } from '../../../src/utils/value';
 
@@ -57,6 +58,49 @@ describe('erc20TokenPeriodic:validation', () => {
       ).not.toThrow();
     });
 
+    describe('payee rule validation', () => {
+      it('allows one payee', () => {
+        const singlePayeeRequest = {
+          ...validPermissionRequest,
+          rules: [
+            ...validPermissionRequest.rules,
+            {
+              type: 'payee',
+              data: {
+                addresses: ['0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266'],
+              },
+            },
+          ],
+        };
+
+        expect(() =>
+          parseAndValidatePermission(singlePayeeRequest),
+        ).not.toThrow();
+      });
+
+      it('throws for multiple payees', () => {
+        const multiPayeeRequest = {
+          ...validPermissionRequest,
+          rules: [
+            ...validPermissionRequest.rules,
+            {
+              type: 'payee',
+              data: {
+                addresses: [
+                  '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266',
+                  '0x70997970C51812dc3A010C7d01b50e0d17dc79C8',
+                ],
+              },
+            },
+          ],
+        };
+
+        expect(() => parseAndValidatePermission(multiPayeeRequest)).toThrow(
+          MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR,
+        );
+      });
+    });
+
     it('should throw for invalid permission type', () => {
       const invalidTypeRequest = {
         ...validPermissionRequest,

packages/gator-permissions-snap/test/permissions/erc20TokenStream/validation.test.ts

@@ -3,6 +3,7 @@ import { bigIntToHex } from '@metamask/utils';
 
 import type { Erc20TokenStreamPermissionRequest } from '../../../src/permissions/erc20TokenStream/types';
 import { parseAndValidatePermission } from '../../../src/permissions/erc20TokenStream/validation';
+import { MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR } from '../../../src/permissions/validation';
 import { parseUnits } from '../../../src/utils/value';
 
 const tokenDecimals = 10;
@@ -60,6 +61,49 @@ describe('erc20TokenStream:validation', () => {
       ).not.toThrow();
     });
 
+    describe('payee rule validation', () => {
+      it('allows one payee', () => {
+        const singlePayeeRequest = {
+          ...validPermissionRequest,
+          rules: [
+            ...validPermissionRequest.rules,
+            {
+              type: 'payee',
+              data: {
+                addresses: ['0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266'],
+              },
+            },
+          ],
+        };
+
+        expect(() =>
+          parseAndValidatePermission(singlePayeeRequest),
+        ).not.toThrow();
+      });
+
+      it('throws for multiple payees', () => {
+        const multiPayeeRequest = {
+          ...validPermissionRequest,
+          rules: [
+            ...validPermissionRequest.rules,
+            {
+              type: 'payee',
+              data: {
+                addresses: [
+                  '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266',
+                  '0x70997970C51812dc3A010C7d01b50e0d17dc79C8',
+                ],
+              },
+            },
+          ],
+        };
+
+        expect(() => parseAndValidatePermission(multiPayeeRequest)).toThrow(
+          MULTIPLE_ERC20_PAYEES_UNSUPPORTED_ERROR,
+        );
+      });
+    });
+
     it('should throw for invalid permission type', () => {
       const invalidTypeRequest = {
         ...validPermissionRequest,

packages/gator-permissions-snap/test/permissions/nativeTokenPeriodic/validation.test.ts

@@ -52,6 +52,30 @@ describe('nativeTokenPeriodic:validation', () => {
       ).not.toThrow();
     });
 
+    describe('payee rule validation', () => {
+      it('allows multiple payees', () => {
+        const multiPayeeRequest = {
+          ...validPermissionRequest,
+          rules: [
+            ...validPermissionRequest.rules,
+            {
+              type: 'payee',
+              data: {
+                addresses: [
+                  '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266',
+                  '0x70997970C51812dc3A010C7d01b50e0d17dc79C8',
+                ],
+              },
+            },
+          ],
+        };
+
+        expect(() =>
+          parseAndValidatePermission(multiPayeeRequest),
+        ).not.toThrow();
+      });
+    });
+
     it('should throw for invalid permission type', () => {
       const invalidTypeRequest = {
         ...validPermissionRequest,