foundry-rs
diff --git a/‎crates/cast/src/cmd/keychain.rs‎
Lines changed: 7 additions & 267 deletions b/‎crates/cast/src/cmd/keychain.rs‎
Lines changed: 7 additions & 267 deletions
diff --git a/‎crates/cast/src/cmd/mod.rs‎
Lines changed: 1 addition & 0 deletions b/‎crates/cast/src/cmd/mod.rs‎
Lines changed: 1 addition & 0 deletions
@@ -3,7 +3,7 @@ use alloy_ens::NameOrAddress;
 use std::time::Duration;
 
 use alloy_network::{EthereumWallet, TransactionBuilder};
-use alloy_primitives::{Address, U256, hex, keccak256};
+use alloy_primitives::{Address, U256, hex};
 use alloy_provider::{Provider, ProviderBuilder as AlloyProviderBuilder};
 use alloy_rpc_types::BlockId;
 use alloy_signer::Signer;
@@ -42,6 +42,10 @@ use tempo_primitives::transaction::{
 };
 use yansi::Paint;
 
+use crate::cmd::tempo_policy_args::{
+    SelectorArg, parse_period, parse_policy_token, parse_scope, parse_selector_arg,
+    parse_selector_bytes,
+};
 use foundry_cli::utils::{maybe_print_resolved_lane, resolve_lane};
 
 use crate::{
@@ -338,9 +342,6 @@ pub enum KeychainPolicySubcommand {
     },
 }
 
-#[derive(Debug, Clone, Copy)]
-pub struct SelectorArg([u8; 4]);
-
 fn parse_signature_type(s: &str) -> Result<SignatureType, String> {
     match s.to_lowercase().as_str() {
         "secp256k1" => Ok(SignatureType::Secp256k1),
@@ -403,150 +404,6 @@ fn parse_limit(s: &str) -> Result<TokenLimit, String> {
     Ok(TokenLimit { token, amount, period: 0 })
 }
 
-/// Parse a `--scope TARGET[:SELECTORS[@RECIPIENTS]]` flag value.
-///
-/// Formats:
-/// - `0xAddr` — allow all calls to target
-/// - `0xAddr:transfer,approve` — allow only those selectors (by name or 4-byte hex)
-/// - `0xAddr:transfer@0xRecipient` — selector with recipient restriction
-fn parse_scope(s: &str) -> Result<CallScope, String> {
-    let (target_str, selectors_str) = match s.split_once(':') {
-        Some((t, sel)) => (t, Some(sel)),
-        None => (s, None),
-    };
-
-    let target: Address =
-        target_str.parse().map_err(|e| format!("invalid target address '{target_str}': {e}"))?;
-
-    let selector_rules = match selectors_str {
-        None => vec![],
-        Some(sel_str) => parse_selector_rules(sel_str)?,
-    };
-
-    Ok(CallScope { target, selectorRules: selector_rules })
-}
-
-/// Parse comma-separated selectors, each optionally with `@recipient1,recipient2,...`.
-///
-/// Example: `transfer,approve` or `transfer@0x123` or `0xd09de08a`
-fn parse_selector_rules(s: &str) -> Result<Vec<SelectorRule>, String> {
-    let mut rules = Vec::new();
-
-    for part in s.split(',') {
-        let part = part.trim();
-        if part.is_empty() {
-            continue;
-        }
-
-        let (selector_str, recipients_str) = match part.split_once('@') {
-            Some((sel, recip)) => (sel, Some(recip)),
-            None => (part, None),
-        };
-
-        let selector = parse_selector_bytes(selector_str)?;
-
-        let recipients = match recipients_str {
-            None => vec![],
-            Some(r) => r
-                .split(',')
-                .filter(|s| !s.trim().is_empty())
-                .map(|addr_str| {
-                    let addr_str = addr_str.trim();
-                    addr_str
-                        .parse::<Address>()
-                        .map_err(|e| format!("invalid recipient address '{addr_str}': {e}"))
-                })
-                .collect::<Result<Vec<_>, _>>()?,
-        };
-
-        rules.push(SelectorRule { selector: selector.into(), recipients });
-    }
-
-    Ok(rules)
-}
-
-/// Parse a selector string: a 4-byte hex (`0xd09de08a`), a full signature
-/// (`transfer(address,uint256)`), or a well-known TIP-20 function name shorthand.
-///
-/// Recognized shorthands: `transfer`, `approve`, `transferFrom`, `transferWithMemo`,
-/// `transferFromWithMemo`. These resolve to the standard ERC20/TIP-20 signatures.
-/// Unknown names without parentheses are hashed as `name()`.
-fn parse_selector_bytes(s: &str) -> Result<[u8; 4], String> {
-    let s = s.trim();
-    if s.starts_with("0x") || s.starts_with("0X") {
-        let hex_str = &s[2..];
-        if hex_str.len() != 8 {
-            return Err(format!("hex selector must be 4 bytes (8 hex chars), got: {s}"));
-        }
-        let bytes = hex::decode(hex_str).map_err(|e| format!("invalid hex selector '{s}': {e}"))?;
-        let mut arr = [0u8; 4];
-        arr.copy_from_slice(&bytes);
-        Ok(arr)
-    } else {
-        // Expand well-known TIP-20 shorthands to full signatures.
-        let sig = if s.contains('(') {
-            s.to_string()
-        } else {
-            match s {
-                "transfer" => "transfer(address,uint256)".to_string(),
-                "approve" => "approve(address,uint256)".to_string(),
-                "transferFrom" => "transferFrom(address,address,uint256)".to_string(),
-                "transferWithMemo" => "transferWithMemo(address,uint256,bytes32)".to_string(),
-                "transferFromWithMemo" => {
-                    "transferFromWithMemo(address,address,uint256,bytes32)".to_string()
-                }
-                _ => format!("{s}()"),
-            }
-        };
-        let hash = keccak256(sig.as_bytes());
-        let mut arr = [0u8; 4];
-        arr.copy_from_slice(&hash[..4]);
-        Ok(arr)
-    }
-}
-
-fn parse_selector_arg(s: &str) -> Result<SelectorArg, String> {
-    parse_selector_bytes(s).map(SelectorArg)
-}
-
-fn parse_policy_token(s: &str) -> Result<Address, String> {
-    match s.to_ascii_lowercase().as_str() {
-        "pathusd" | "path_usd" | "path-usd" | "usd" => Ok(PATH_USD_ADDRESS),
-        _ => foundry_cli::utils::parse_fee_token_address(s).map_err(|e| e.to_string()),
-    }
-}
-
-fn parse_period(s: &str) -> Result<u64, String> {
-    let s = s.trim();
-    if s.is_empty() {
-        return Err("period cannot be empty".to_string());
-    }
-
-    let split = s.find(|c: char| !c.is_ascii_digit()).unwrap_or(s.len());
-    if split == 0 {
-        return Err(format!(
-            "invalid period '{s}': expected a number followed by s, m, h, d, or w"
-        ));
-    }
-
-    let value: u64 =
-        s[..split].parse().map_err(|e| format!("invalid period value '{}': {e}", &s[..split]))?;
-    let multiplier = match &s[split..].to_ascii_lowercase()[..] {
-        "" | "s" => 1,
-        "m" => 60,
-        "h" => 60 * 60,
-        "d" => 24 * 60 * 60,
-        "w" => 7 * 24 * 60 * 60,
-        unit => {
-            return Err(format!(
-                "invalid period unit '{unit}' in '{s}' (expected s, m, h, d, or w)"
-            ));
-        }
-    };
-
-    value.checked_mul(multiplier).ok_or_else(|| format!("period '{s}' is too large"))
-}
-
 /// Represents a single scope entry in JSON format for `--scopes`.
 #[derive(serde::Deserialize)]
 struct JsonCallScope {
@@ -634,7 +491,7 @@ impl KeychainSubcommand {
                     key_address,
                     root_account,
                     to,
-                    selector.map(|s| s.0),
+                    selector.map(SelectorArg::into_bytes),
                     recipient,
                     fee_token,
                     tempo,
@@ -704,7 +561,7 @@ impl KeychainPolicySubcommand {
                     key_address,
                     root_account,
                     target,
-                    selector.0,
+                    selector.into_bytes(),
                     recipients,
                     tx,
                     send_tx,
@@ -3369,106 +3226,6 @@ mod tests {
     use std::str::FromStr;
     use tempo_primitives::transaction::{KeyAuthorization, PrimitiveSignature};
 
-    #[test]
-    fn test_parse_selector_bytes_named() {
-        let sel = parse_selector_bytes("transfer").unwrap();
-        assert_eq!(sel, keccak256(b"transfer(address,uint256)")[..4]);
-
-        let sel = parse_selector_bytes("approve").unwrap();
-        assert_eq!(sel, keccak256(b"approve(address,uint256)")[..4]);
-
-        let sel = parse_selector_bytes("transferWithMemo").unwrap();
-        assert_eq!(sel, keccak256(b"transferWithMemo(address,uint256,bytes32)")[..4]);
-    }
-
-    #[test]
-    fn test_parse_selector_bytes_hex() {
-        let sel = parse_selector_bytes("0xaabbccdd").unwrap();
-        assert_eq!(sel, [0xaa, 0xbb, 0xcc, 0xdd]);
-
-        let sel = parse_selector_bytes("0xd09de08a").unwrap();
-        assert_eq!(sel, [0xd0, 0x9d, 0xe0, 0x8a]);
-    }
-
-    #[test]
-    fn test_parse_selector_bytes_hex_invalid() {
-        assert!(parse_selector_bytes("0xaabb").is_err());
-        assert!(parse_selector_bytes("0xaabbccddee").is_err());
-        assert!(parse_selector_bytes("0xzzzzzzzz").is_err());
-    }
-
-    #[test]
-    fn test_parse_selector_bytes_full_signature() {
-        let sel = parse_selector_bytes("increment()").unwrap();
-        assert_eq!(sel, keccak256(b"increment()")[..4]);
-    }
-
-    #[test]
-    fn test_parse_selector_rules_simple() {
-        let rules = parse_selector_rules("transfer,approve").unwrap();
-        assert_eq!(rules.len(), 2);
-        assert!(rules[0].recipients.is_empty());
-        assert!(rules[1].recipients.is_empty());
-    }
-
-    #[test]
-    fn test_parse_selector_rules_with_recipient() {
-        let rules =
-            parse_selector_rules("transfer@0x1111111111111111111111111111111111111111").unwrap();
-        assert_eq!(rules.len(), 1);
-        assert_eq!(rules[0].recipients.len(), 1);
-        assert_eq!(
-            rules[0].recipients[0],
-            Address::from_str("0x1111111111111111111111111111111111111111").unwrap()
-        );
-    }
-
-    #[test]
-    fn test_parse_selector_rules_hex_with_recipient() {
-        let rules =
-            parse_selector_rules("0xaabbccdd@0x1111111111111111111111111111111111111111").unwrap();
-        assert_eq!(rules.len(), 1);
-        assert_eq!(rules[0].selector.0, [0xaa, 0xbb, 0xcc, 0xdd]);
-        assert_eq!(rules[0].recipients.len(), 1);
-    }
-
-    #[test]
-    fn test_parse_scope_target_only() {
-        let scope = parse_scope("0x86A2EE8FAf9A840F7a2c64CA3d51209F9A02081D").unwrap();
-        assert_eq!(
-            scope.target,
-            Address::from_str("0x86A2EE8FAf9A840F7a2c64CA3d51209F9A02081D").unwrap()
-        );
-        assert!(scope.selectorRules.is_empty());
-    }
-
-    #[test]
-    fn test_parse_scope_with_selectors() {
-        let scope =
-            parse_scope("0x20c0000000000000000000000000000000000001:transfer,approve").unwrap();
-        assert_eq!(scope.selectorRules.len(), 2);
-        assert!(scope.selectorRules[0].recipients.is_empty());
-        assert!(scope.selectorRules[1].recipients.is_empty());
-    }
-
-    #[test]
-    fn test_parse_scope_hex_selector() {
-        let scope = parse_scope("0x86A2EE8FAf9A840F7a2c64CA3d51209F9A02081D:0xaabbccdd").unwrap();
-        assert_eq!(scope.selectorRules.len(), 1);
-        assert_eq!(scope.selectorRules[0].selector.0, [0xaa, 0xbb, 0xcc, 0xdd]);
-        assert!(scope.selectorRules[0].recipients.is_empty());
-    }
-
-    #[test]
-    fn test_parse_scope_selector_with_recipient() {
-        let scope = parse_scope(
-            "0x20c0000000000000000000000000000000000001:transfer@0x1111111111111111111111111111111111111111",
-        )
-        .unwrap();
-        assert_eq!(scope.selectorRules.len(), 1);
-        assert_eq!(scope.selectorRules[0].recipients.len(), 1);
-    }
-
     #[test]
     fn test_parse_scopes_json_plain() {
         let json = r#"[{"target":"0x20c0000000000000000000000000000000000001","selectors":["transfer","approve"]},{"target":"0x86A2EE8FAf9A840F7a2c64CA3d51209F9A02081D"}]"#;
@@ -3493,23 +3250,6 @@ mod tests {
         assert!(parse_scopes_json(json).is_err());
     }
 
-    #[test]
-    fn test_parse_policy_token_path_usd() {
-        assert_eq!(parse_policy_token("PathUSD").unwrap(), PATH_USD_ADDRESS);
-        assert_eq!(parse_policy_token("path-usd").unwrap(), PATH_USD_ADDRESS);
-    }
-
-    #[test]
-    fn test_parse_period_units() {
-        assert_eq!(parse_period("0").unwrap(), 0);
-        assert_eq!(parse_period("30s").unwrap(), 30);
-        assert_eq!(parse_period("5m").unwrap(), 300);
-        assert_eq!(parse_period("2h").unwrap(), 7200);
-        assert_eq!(parse_period("7d").unwrap(), 604800);
-        assert_eq!(parse_period("2w").unwrap(), 1209600);
-        assert!(parse_period("1mo").is_err());
-    }
-
     #[test]
     fn test_add_selector_rule_merges_recipients() {
         let first = Address::from_str("0x1111111111111111111111111111111111111111").unwrap();
 
@@ -30,6 +30,7 @@ pub mod run;
 pub mod send;
 pub mod storage;
 pub mod tempo;
+pub(crate) mod tempo_policy_args;
 pub mod tip20;
 pub mod trace;
 pub mod txpool;