feat: add CORS bundler (#33)

* feat: add CORS bundler

Different config so it's the same port externally,
otherwise the front-end can't use this

* chore: linter toml

Having problems with running a script on CI

* Update bundler-proxy.js

Preserve headers from Alto via CORS proxy

Co-authored-by: Copilot <[email protected]>

* fix: code review comments

* removed unused test data file
* moved javascript files into js folder
* changed bundler startup
* proxy all headers from alto

---------

Co-authored-by: Copilot <[email protected]>

Author: cpb8010

alto-with-proxy.json

@@ -0,0 +1,8 @@
+{
+  "entrypoints": "0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108",
+  "executor-private-keys": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
+  "utility-private-key": "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d",
+  "rpc-url": "http://localhost:8545",
+  "port": 4338,
+  "safe-mode": false
+}

alto.json

@@ -1,8 +1,8 @@
 {
-    "entrypoints": "0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108",
-    "executor-private-keys": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
-    "utility-private-key": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
-    "rpc-url": "http://localhost:8545",
-    "port": 4337,
-    "safe-mode": false
+  "entrypoints": "0x4337084D9E255Ff0702461CF8895CE9E3b5Ff108",
+  "executor-private-keys": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
+  "utility-private-key": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
+  "rpc-url": "http://localhost:8545",
+  "port": 4337,
+  "safe-mode": false
 }

foundry.toml

@@ -26,7 +26,7 @@ eth-infinitism-account-abstraction = "0.8.0"
 "@openzeppelin-contracts" = "5.4.0"
 solady = "0.1.24"
 
-[lint]
+[profile.lint]
 lint_on_build = true
 severity = ["high", "med", "low", "info"]
 exclude_lints = [

js/bundler-proxy.js

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+
+/**
+ * Simple CORS proxy for Alto bundler
+ * Listens on port 4337 and forwards requests to Alto on port 4338
+ */
+
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const http = require("http");
+
+const PROXY_PORT = 4337;
+const ALTO_PORT = 4338;
+const ALTO_HOST = "localhost";
+
+const server = http.createServer((req, res) => {
+  // Set CORS headers
+  res.setHeader("Access-Control-Allow-Origin", "*");
+  res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+  res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+  res.setHeader("Access-Control-Max-Age", "86400"); // 24 hours
+
+  // Handle preflight requests
+  if (req.method === "OPTIONS") {
+    res.writeHead(200);
+    res.end();
+    return;
+  }
+
+  // Collect request body
+  const chunks = [];
+  req.on("data", (chunk) => {
+    chunks.push(chunk);
+  });
+
+  req.on("end", () => {
+    const body = Buffer.concat(chunks).toString();
+    // Forward request to Alto
+    // Clone original headers and update Content-Length
+    const headers = { ...req.headers };
+    headers["content-length"] = Buffer.byteLength(body);
+    const options = {
+      hostname: ALTO_HOST,
+      port: ALTO_PORT,
+      path: req.url,
+      method: req.method,
+      headers,
+    };
+
+    const proxyReq = http.request(options, (proxyRes) => {
+      // Forward status code
+      res.writeHead(proxyRes.statusCode, proxyRes.headers);
+
+      // Forward response body
+      proxyRes.pipe(res);
+    });
+
+    proxyReq.on("error", (error) => {
+      console.error("Proxy error:", error);
+      res.setHeader('Content-Type', 'application/json');
+      res.writeHead(502);
+      res.end(JSON.stringify({ error: "Bad Gateway", message: error.message }));
+    });
+
+    // Send request body to Alto
+    if (body) {
+      proxyReq.write(body);
+    }
+    proxyReq.end();
+  });
+});
+
+server.listen(PROXY_PORT, () => {
+  console.log(`CORS proxy listening on port ${PROXY_PORT}`);
+
+  console.log(`Forwarding requests to Alto at ${ALTO_HOST}:${ALTO_PORT}`);
+
+  console.log(`CORS enabled for all origins (*)`);
+});
+
+server.on("error", (error) => {
+  if (error.code === "EADDRINUSE") {
+    console.error(`Port ${PROXY_PORT} is already in use. Please stop the other service first.`);
+  } else {
+    console.error("Server error:", error);
+  }
+  process.exit(1);
+});

js/bundler-with-proxy.js

@@ -0,0 +1,156 @@
+#!/usr/bin/env node
+
+/**
+ * Runs Alto bundler on port 4338 and CORS proxy on port 4337
+ * This allows browser-based applications to interact with Alto without CORS issues
+ */
+
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const { spawn } = require("child_process");
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const path = require("path");
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const net = require("net");
+
+const ALTO_CONFIG = path.join(__dirname, "..", "alto-with-proxy.json");
+const PROXY_SCRIPT = path.join(__dirname, "bundler-proxy.js");
+
+// ANSI color codes
+const colors = {
+  reset: "\x1b[0m",
+  cyan: "\x1b[36m",
+  green: "\x1b[32m",
+  yellow: "\x1b[33m",
+  red: "\x1b[31m",
+};
+
+function log(prefix, message, color = colors.reset) {
+  console.log(`${color}[${prefix}]${colors.reset} ${message}`);
+}
+
+/**
+ * Check if a port is listening
+ * @param {number} port - The port to check
+ * @param {number} maxAttempts - Maximum number of attempts
+ * @param {number} delayMs - Delay between attempts in milliseconds
+ * @returns {Promise<boolean>} - True if port is listening, false otherwise
+ */
+async function waitForPort(port, maxAttempts = 30, delayMs = 1000) {
+  for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+    const isListening = await new Promise((resolve) => {
+      const client = new net.Socket();
+
+      client.once("connect", () => {
+        client.destroy();
+        resolve(true);
+      });
+
+      client.once("error", () => {
+        client.destroy();
+        resolve(false);
+      });
+
+      client.connect(port, "localhost");
+    });
+
+    if (isListening) {
+      return true;
+    }
+
+    if (attempt < maxAttempts) {
+      await new Promise((resolve) => setTimeout(resolve, delayMs));
+    }
+  }
+
+  return false;
+}
+
+let proxy;
+
+// Start Alto bundler
+log("SETUP", "Starting Alto bundler on port 4338...", colors.cyan);
+const alto = spawn("alto", ["--config", ALTO_CONFIG], {
+  stdio: "inherit",
+  shell: true,
+});
+
+alto.on("error", (error) => {
+  log("ALTO", `Failed to start: ${error.message}`, colors.red);
+  process.exit(1);
+});
+
+alto.on("exit", (code) => {
+  log("ALTO", `Exited with code ${code}`, colors.yellow);
+  // Kill proxy if alto exits
+  if (proxy) {
+    proxy.kill();
+  }
+  process.exit(code);
+});
+
+// Handle cleanup on exit - register handlers early to avoid race condition
+process.on("SIGINT", () => {
+  log("SETUP", "Shutting down...", colors.yellow);
+  alto.kill();
+  if (proxy) {
+    proxy.kill();
+  }
+  process.exit(0);
+});
+
+process.on("SIGTERM", () => {
+  log("SETUP", "Shutting down...", colors.yellow);
+  alto.kill();
+  if (proxy) {
+    proxy.kill();
+  }
+  process.exit(0);
+});
+
+// Wait for Alto to be ready before starting proxy
+(async () => {
+  log("SETUP", "Waiting for Alto bundler to be ready on port 4338...", colors.cyan);
+
+  const altoReady = await waitForPort(4338);
+  if (!altoReady) {
+    log("ALTO", "Failed to start - port 4338 not listening after 30 seconds", colors.red);
+    alto.kill();
+    process.exit(1);
+  }
+
+  log("ALTO", "Ready and listening on port 4338", colors.green);
+  log("SETUP", "Starting CORS proxy on port 4337...", colors.cyan);
+
+  proxy = spawn("node", [PROXY_SCRIPT], {
+    stdio: "inherit",
+    shell: true,
+  });
+
+  proxy.on("error", (error) => {
+    log("PROXY", `Failed to start: ${error.message}`, colors.red);
+    alto.kill();
+    process.exit(1);
+  });
+
+  proxy.on("exit", (code) => {
+    log("PROXY", `Exited with code ${code}`, colors.yellow);
+    // Kill alto if proxy exits
+    alto.kill();
+    process.exit(code);
+  });
+
+  // Wait for proxy to be ready
+  log("SETUP", "Waiting for CORS proxy to be ready on port 4337...", colors.cyan);
+  const proxyReady = await waitForPort(4337);
+  if (!proxyReady) {
+    log("PROXY", "Failed to start - port 4337 not listening after 30 seconds", colors.red);
+    alto.kill();
+    proxy.kill();
+    process.exit(1);
+  }
+
+  log("PROXY", "Ready and listening on port 4337", colors.green);
+  log("SETUP", "Both services started successfully!", colors.green);
+  log("SETUP", "Alto bundler: http://localhost:4338", colors.green);
+  log("SETUP", "CORS proxy: http://localhost:4337", colors.green);
+})();

package.json

@@ -5,6 +5,8 @@
   "main": "index.js",
   "scripts": {
     "bundler": "alto --config ./alto.json",
+    "bundler:with-proxy": "node js/bundler-with-proxy.js",
+    "bundler-proxy": "node js/bundler-proxy.js",
     "test": "node --test --import tsx --test-concurrency=1 test/integration/*.test.ts",
     "anvil": "anvil --fork-url https://reth-ethereum.ithaca.xyz/rpc --chain-id 1337",
     "coverage": "forge coverage --ir-minimum --no-match-coverage 'script|test'",

src/libraries/SessionLib.sol

@@ -318,8 +318,9 @@ library SessionLib {
             shrinkRange(timeRange, newValidAfter, newValidUntil);
 
             for (uint256 i = 0; i < callPolicy.constraints.length; ++i) {
-                (newValidAfter, newValidUntil) = callPolicy.constraints[i]
-                .checkAndUpdate(state.params[target][selector][i], callData, periodIds[2 + i]);
+                (newValidAfter, newValidUntil) = callPolicy.constraints[i].checkAndUpdate(
+                    state.params[target][selector][i], callData, periodIds[2 + i]
+                );
                 shrinkRange(timeRange, newValidAfter, newValidUntil);
             }
         } else {