feat: add terms decoding utils

[jeffsmale90]

Implements terms decoders in @metamask/delegation-core for every caveat enforcer that already had a terms encoder, so encoded terms bytes can be turned back into structured objects. Adds decodeCaveat in @metamask/smart-accounts-kit, which uses SmartAccountsEnvironment.caveatEnforcers to map an on-chain enforcer address to the right decoder and returns a CoreCaveatConfiguration (discriminated by type) for builders and tooling.

Closes #184.

Changes

@metamask/delegation-core

• Decoder APIs: For each caveat module, a decodeTerms(terms, encodingOptions?) companion to createTerms. Decoders accept BytesLike input and, where byte payloads are involved, support EncodingOptions (out: 'hex' | 'bytes') so callers can get 0x… strings or Uint8Array consistently with encoding helpers.
• Shared parsing helpers in internalUtils.ts: extractBigInt, extractNumber, extractAddress, extractHex, extractRemainingHex (fixed slices and “rest of buffer” extraction from normalized hex).
• returns.ts: DecodedBytesLike alias for clearer generics on decoded *Terms types.
• Term types: Several *Terms types are now generic over bytes-like fields (e.g. AllowedMethodsTerms) so decoded shapes stay typed when choosing hex vs bytes output.
• Docs: Short enforcer-oriented module headers on caveat files (what the enforcer does + on-wire layout). README updated for timestamp terms field names (see breaking change below).
• Exports: All new decoders re-exported from caveats/index.ts and the package index.ts.
• timestamp builder / types: Aligned with renamed timestamp term fields (afterThreshold / beforeThreshold).

@metamask/smart-accounts-kit/utils

• decodeCaveat: { caveat, environment } → CoreCaveatConfiguration; throws if enforcer is not in environment.caveatEnforcers.

---

Note

Medium Risk
Adds a large new surface area of decoding functions and changes the TimestampTerms field names, which is a small breaking API change and could affect downstream callers if not updated. Most changes are deterministic parsing/validation logic with good test coverage, but mistakes would cause mis-decoding of on-chain terms.

Overview
Adds decode*Terms functions across delegation caveats so encoded terms (Hex/Uint8Array) can be parsed back into structured *Terms objects, with output configurable to hex or bytes to mirror existing encoding APIs.

Introduces shared slicing/validation utilities in internalUtils.ts (e.g., extractBigInt, extractAddress, length assertions) and a DecodedBytesLike alias to keep decoded term types correctly parameterized; many *Terms types are now generic over bytes-like fields.

Updates public exports (caveats/index.ts, package index.ts), expands unit tests to cover decoding and invalid payload lengths, and renames TimestampTerms fields to afterThreshold/beforeThreshold (docs updated accordingly).

^{Written by Cursor Bugbot for commit 7d0bd1d. This will update automatically on new commits. Configure here.}

[MoMannn]

We are extracting number here. But limit is uint256 so it can go over number limit. BigInt would be safer. (practically speaking it would be quite an edge case to get to a number that big to break it, but just something to consider - same for other usages of extractNumber). If this is intentional then maybe just add a comment? Or maybe a hybrid where we decode to bigint and if its in correct range we return number otherwise throw an error?

[jeffsmale90]

Yeah, that's a good point.

All of the values that are encoded as a type larger than MAX_SAFE_INTEGER are either a timestamp or duration (seconds) or a count (index or limit). I think for those number type is ergonomic - having to BigInt(Date.now() / 1000) constantly would get tedious.

Saying that, it's not technically correct, so I updated the extractNumber function to convert to BigInt, and throw if it's greater than Number.MAX_SAFE_INTEGER, to provide safety.

The vast majority of use cases would not necessitate a value > MAX_SAFE_INTEGER, and we're not prohibiting encoding values great - just not providing tooling to make it easier.

We can still consider converting them to number, but it'll be a breaking change for existing encoders, so I'd put it into a separate PR.

[MoMannn]

This is more of a question. But should we also check the terms length here to make sure they are correct?

On chain we are checking terms length: https://github.com/MetaMask/delegation-framework/blob/f1d5913120fc772a4b2cc7ba4179450ffa2988c1/src/enforcers/AllowedTargetsEnforcer.sol#L58

So it should not be possible to have different terms length here. But the function could be used on a wrong data or something like that and this would be able to detect this. 🤔

If we should check terms then this should be on other enforcers as well

[jeffsmale90]

Good call - nice little sanity check that might save someone's sanity if they're having to debug!

I've added length checks to all terms decoders.

[MoMannn]

should this be Hex like with the others?

[jeffsmale90]

absolutely it should be!

[MoMannn]

should we make sure that addresses are normalized (always to lowerCase on both sides)?

[jeffsmale90]

Definitely we should - good call!

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

There are 2 total unresolved issues (including 1 from previous review).

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}