@ab-org/predicate-market-sdk 2.0.0 → 2.0.1-beta.0

package/README.md

@@ -11,12 +11,40 @@ Prediction-market specific helpers built on top of `@ab-org/sdk-core`.
 - **Dynamic token & chain lists** via `MarketDataProvider` (backend-driven, mock included)
 - **Quote / slippage API** — fetch real-time pricing before confirming deposit or withdraw
 - Predicate-market policy adapter for deposit / withdraw / trade flows
+- Social login bridge now uses `@ab-org/sdk-core` + CubeSigner EVM session helpers, so the main React entry no longer statically pulls in the legacy multi-chain `cubist-sig-sdk` bundle
 
 ## Installation
 ```bash
 npm install @ab-org/sdk-core @ab-org/predicate-market-sdk
 ```
 
+## Migration guide
+
+`@ab-org/predicate-market-sdk@2` adds narrower entrypoints while keeping the legacy root import compatible:
+
+- `@ab-org/predicate-market-sdk` remains the compatibility root entry.
+- `@ab-org/predicate-market-sdk/react` for `SignInModal`, `DepositModal`, and `WithdrawModal`.
+- `@ab-org/predicate-market-sdk/auth` for auth helpers such as `notifyTwitterCallback`.
+- `@ab-org/predicate-market-sdk/merchant` for merchant APIs, market-data helpers, and controller factories.
+
+If you want leaner bundle graphs in new code, migrate imports like this:
+
+| Before | After |
+|-------|-------|
+| `SignInModal`, `DepositModal`, `WithdrawModal` from `@ab-org/predicate-market-sdk` | `@ab-org/predicate-market-sdk/react` |
+| `notifyTwitterCallback` from `@ab-org/predicate-market-sdk` | `@ab-org/predicate-market-sdk/auth` |
+| `createMarketDataProvider`, `registerPlatform`, `createFundingWithdrawExecutor`, `createDepositController`, `createWithdrawController` from `@ab-org/predicate-market-sdk` | `@ab-org/predicate-market-sdk/merchant` |
+
+Why the split:
+
+- Root import stays compatible for old consumers.
+- Merchant runtime config is lazy, so importing the SDK no longer fails just because `MERCHANT_BASE_URL` is missing.
+- Pages that only need auth helpers or core helpers no longer pull in the React and merchant bundles by accident.
+- Current packages are meant to work with default Next.js and Vite setups, without custom `next.config.js` or `vite.config.ts` just to import the SDK.
+
+Upgrade notes are summarized in `docs/pages/index.mdx` under “Upgrading from legacy root exports”.
+
+
 ## Quick start
 ```tsx
 import {
@@ -26,13 +54,15 @@ import {
   createWalletConnectController,
   createWalletExecutionController,
 } from "@ab-org/sdk-core";
+import {
+  type CustodyAdapter,
+} from "@ab-org/predicate-market-sdk";
 import {
   createDepositController,
   createWithdrawController,
   createMarketDataProvider,
   createPredicateMarketPolicyAdapter,
-  type CustodyAdapter,
-} from "@ab-org/predicate-market-sdk";
+} from "@ab-org/predicate-market-sdk/merchant";
 
 declare const custodyAdapter: CustodyAdapter;
 
@@ -67,10 +97,11 @@ const policy = createPredicateMarketPolicyAdapter({
 
 The SDK ships with **bundled auth config** (Google client id, Twitter client id, CubeSigner env/org) so you can call `initSDK` with only `signIn`. Override via env (`NEXT_PUBLIC_*`) or by passing options to `initSDK`.
 
-**Google / X in `SignInModal`** use the SDK's **bundled OIDC relay auth**: a **popup** opens your **`NEXT_PUBLIC_RELAY_ORIGIN`** routes **`/relay/google`** and **`/relay/x`**, then the SDK's built-in **WalletAccount** bridge turns the returned OIDC token into the session provider.
+**Google / X in `SignInModal`** use the SDK's **bundled OIDC relay auth**: a **popup** opens your **`NEXT_PUBLIC_RELAY_ORIGIN`** routes **`/relay/google`** and **`/relay/x`**, then the SDK's built-in **WalletAccount** bridge turns the returned OIDC token into a CubeSigner-backed EVM session provider.
 
 ```tsx
-import { initSDK, SignInModal } from "@ab-org/predicate-market-sdk";
+import { initSDK } from "@ab-org/predicate-market-sdk";
+import { SignInModal } from "@ab-org/predicate-market-sdk/react";
 
 initSDK({
   // Optional: only used by other Twitter flows; SignInModal X login uses /relay/x on RELAY_ORIGIN
@@ -89,6 +120,8 @@ initSDK({
   },
 });
 
+- Auto registration: when `NEXT_PUBLIC_CUBE_REG` (or `CUBE_REG`) is set and you do not pass a custom `registerUser`, the SDK automatically registers a new OIDC user on first login (prove → signed payload → POST `CUBE_REG`) before creating the CubeSigner session.
+
 <SignInModal />;
 ```
 
@@ -112,7 +145,7 @@ Rules:
 - known wallet ids automatically reuse built-in metadata like `installUrl` and detected `installed` state unless you override them
 - component props still override `initSDK({ signIn })` on a per-modal basis
 
-The package still **exports** `signInWithGoogle` (Google Identity Services, optional FedCM) for **custom** integrations; the built-in **`SignInModal`** does **not** use it for Google.
+Note: Use the built-in OIDC relay flow via `SignInModal` for Google/X.
 
 ## Address & balance
 ```tsx
@@ -162,7 +195,7 @@ const quote  = await withdraw.fetchQuote("USDT", "ETH", "200");
 Replace `createMarketDataProvider()` with your own implementation:
 
 ```ts
-import type { MarketDataProvider } from "@ab-org/predicate-market-sdk";
+import type { MarketDataProvider } from "@ab-org/predicate-market-sdk/merchant";
 
 const realMarketData: MarketDataProvider = {
   async getSupportedTokens(direction) {

package/dist/account-F5Z2SMJE.js

@@ -0,0 +1,213 @@
+import { chainConfig } from './chunk-6YQEHB6P.js';
+import { getSDKConfig } from './chunk-WHTI52FI.js';
+import { getChainInfo } from './chunk-YX56ZGDB.js';
+import { sessionStore, getSupportedChainFromEvmChainId } from '@ab-org/sdk-core';
+import { CubeSignerAuth, createCubistEvmWalletProvider } from '@ab-org/sdk-core/social/auth';
+
+function resolveCubeSignerConfig() {
+  const cubeSigner = getSDKConfig().cubeSigner;
+  if (!cubeSigner) {
+    throw new Error("cubeSigner config is required. Call initSDK({ cubeSigner: { env, orgId } }) first.");
+  }
+  return cubeSigner;
+}
+function resolveDefaultChain() {
+  try {
+    return getSupportedChainFromEvmChainId(chainConfig.chainId);
+  } catch {
+    return "BSC";
+  }
+}
+function resolveRpcChainId(chain) {
+  switch (chain) {
+    case "BSC":
+      return "56";
+    case "BSC_TENDERLY":
+      return "3131";
+    default:
+      throw new Error(`Read-only RPC methods are not configured for chain ${chain}`);
+  }
+}
+function resolveRpcUrl(chain) {
+  return getChainInfo(resolveRpcChainId(chain)).rpcUrls[0];
+}
+async function resolveEvmAddress(session) {
+  const keys = await session.client.sessionKeys();
+  const evmKey = keys.find((key) => key.cached.key_type === "SecpEthAddr");
+  if (!evmKey) {
+    throw new Error("No EVM key found in CubeSigner session");
+  }
+  return evmKey.materialId;
+}
+var CubistWalletAccount = class {
+  constructor(auth, cubeSignerSession, address, chain) {
+    this.auth = auth;
+    this.cubeSignerSession = cubeSignerSession;
+    this.address = address;
+    this.chain = chain;
+    this.provider = this.createProvider(chain);
+  }
+  createProvider(chain) {
+    return createCubistEvmWalletProvider({
+      session: this.cubeSignerSession,
+      address: this.address,
+      chain
+    });
+  }
+  assertCurrentAddress(address) {
+    if (address.toLowerCase() !== this.address.toLowerCase()) {
+      throw new Error("address is not the current account");
+    }
+  }
+  async rpcRequest(method, params) {
+    const response = await fetch(resolveRpcUrl(this.chain), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        id: Date.now(),
+        jsonrpc: "2.0",
+        method,
+        params
+      })
+    });
+    if (!response.ok) {
+      throw new Error(`RPC request failed (${response.status})`);
+    }
+    const payload = await response.json();
+    if (payload.error) {
+      throw new Error(payload.error.message ?? `RPC request failed for ${method}`);
+    }
+    return payload.result;
+  }
+  getCubeSignerSession() {
+    return this.cubeSignerSession;
+  }
+  async request(payload) {
+    const params = payload.params ?? [];
+    switch (payload.method) {
+      case "wallet_switchEthereumChain":
+        return await this.wallet_switchEthereumChain(
+          params
+        );
+      case "eth_getBalance":
+        return await this.eth_getBalance(params);
+      case "eth_getTransactionCount":
+        return await this.eth_getTransactionCount(
+          params
+        );
+      default:
+        return this.provider.request(payload);
+    }
+  }
+  async eth_accounts() {
+    return this.provider.request({ method: "eth_accounts" });
+  }
+  async eth_requestAccounts() {
+    return this.provider.request({ method: "eth_requestAccounts" });
+  }
+  async eth_chainId() {
+    return this.provider.request({ method: "eth_chainId" });
+  }
+  async wallet_switchEthereumChain(networks) {
+    const nextChainId = networks[0]?.chainId;
+    if (nextChainId === void 0) {
+      throw new Error("chainId is required");
+    }
+    this.chain = getSupportedChainFromEvmChainId(nextChainId);
+    this.provider = this.createProvider(this.chain);
+    return true;
+  }
+  async eth_getBalance([address, blockTag]) {
+    this.assertCurrentAddress(address);
+    if (blockTag !== "latest") {
+      throw new Error("type is not supported");
+    }
+    const balanceHex = await this.rpcRequest("eth_getBalance", [
+      address,
+      blockTag
+    ]);
+    return BigInt(balanceHex).toString();
+  }
+  async eth_getTransactionCount([address, blockTag]) {
+    this.assertCurrentAddress(address);
+    if (blockTag !== "latest" && blockTag !== "pending") {
+      throw new Error("type is not supported");
+    }
+    const nonceHex = await this.rpcRequest(
+      "eth_getTransactionCount",
+      [address, blockTag]
+    );
+    return Number(BigInt(nonceHex));
+  }
+  async personal_sign(params) {
+    return this.provider.request({
+      method: "personal_sign",
+      params
+    });
+  }
+  async eth_signTypedData_v4(params) {
+    return this.provider.request({
+      method: "eth_signTypedData_v4",
+      params
+    });
+  }
+  async eth_signTransaction(params) {
+    return this.provider.request({
+      method: "eth_signTransaction",
+      params
+    });
+  }
+  async disconnect() {
+    await this.provider.disconnect();
+  }
+};
+var _WalletAccount = class _WalletAccount {
+  /** Clear cached instance so next login creates a fresh CubeSigner session. */
+  static clearInstance() {
+    const current = _WalletAccount.instance;
+    _WalletAccount.instance = null;
+    _WalletAccount.instanceToken = null;
+    void current?.disconnect().catch(() => {
+    });
+  }
+  static async getInstance(oidcToken) {
+    if (_WalletAccount.instance && _WalletAccount.instanceToken === oidcToken) {
+      return _WalletAccount.instance;
+    }
+    if (_WalletAccount.instance) {
+      _WalletAccount.clearInstance();
+    }
+    const auth = new CubeSignerAuth(resolveCubeSignerConfig());
+    const cubeSignerSession = await auth.loginWithOidcToken(oidcToken);
+    const address = await resolveEvmAddress(cubeSignerSession);
+    const walletAccount = new CubistWalletAccount(
+      auth,
+      cubeSignerSession,
+      address,
+      resolveDefaultChain()
+    );
+    _WalletAccount.instance = walletAccount;
+    _WalletAccount.instanceToken = oidcToken;
+    return walletAccount;
+  }
+};
+_WalletAccount.instance = null;
+_WalletAccount.instanceToken = null;
+var WalletAccount = _WalletAccount;
+function clearSocialAccountInstance() {
+  WalletAccount.clearInstance();
+  try {
+    const storage = typeof localStorage !== "undefined" ? localStorage : null;
+    const adapterId = storage?.getItem("ab:wallet:adapterId");
+    const session = sessionStore.getState().session;
+    const isSocialSession = session?.walletType === "social" || session?.authSource === "google" || session?.authSource === "twitter" || adapterId === "cubist";
+    if (!isSocialSession) return;
+    sessionStore.clearSession();
+    storage?.removeItem("ab:wallet:session");
+    storage?.removeItem("ab:wallet:adapterId");
+  } catch {
+    sessionStore.clearSession();
+  }
+}
+
+export { clearSocialAccountInstance, WalletAccount as default };

package/dist/api-DyQAYQ0i.d.ts

@@ -0,0 +1,156 @@
+import { AxiosInstance } from 'axios';
+
+/**
+ * Merchant API client
+ * 基于 axios 封装，类型与文档一致。
+ */
+
+/** 通用 API 响应：所有接口统一格式 */
+interface ApiResponse<T> {
+    data: T | null;
+    code: number;
+    msg: string;
+    timestamp: number;
+}
+interface TokenData {
+    symbol: string;
+    address: string;
+    decimals: number;
+    /** 最小充值量（最小单位字符串，如 `"15000000"`） */
+    minimum_deposit?: string;
+    /** 是否为 USD 类稳定币 */
+    is_usd_stable?: boolean;
+}
+interface ChainData {
+    chain_id: string;
+    network: string;
+    tokens: TokenData[];
+}
+interface ChainsResponseData {
+    chains: ChainData[];
+    is_testnet: boolean;
+}
+interface PlatformRegisterRequest {
+    platform_contract_address: string;
+    chain_id: string;
+}
+interface PlatformRegisterResponseData {
+    deposit_address: string;
+    chain_id: string;
+}
+type QuoteDirection = "deposit" | "withdraw";
+interface QuoteRequest {
+    direction: QuoteDirection;
+    chain_id: string;
+    token_address: string;
+    token_amount?: string;
+    dst_token_amount?: string;
+}
+interface QuoteResponseData {
+    token_address: string;
+    token_symbol: string;
+    token_decimals: number;
+    rate: string;
+    chain_id: number;
+    deposit_address?: string;
+    dst_token_amount?: string;
+    token_amount?: string;
+    expires_at?: string;
+}
+type DepositOrderStatus = "received" | "processing" | "completed" | "failed" | "funded";
+interface DepositOrderResponseData {
+    order_id: string;
+    status: DepositOrderStatus;
+    source_chain_id: string;
+    token_address: string;
+    token_amount?: string;
+    dst_token_amount?: string;
+    deposit_address?: string;
+    source_tx_hash?: string;
+    created_at?: string;
+    updated_at?: string;
+}
+type WithdrawOrderStatus = "pending" | "funded" | "processing" | "completed" | "failed" | "expired";
+interface WithdrawOrderResponseData {
+    order_id: string;
+    status: WithdrawOrderStatus;
+    one_time_address?: string;
+    chain_id: string;
+    dst_token_amount: string;
+    /** Fee (e.g. "0.01 USDT"); only present if backend includes it in GET /api/v1/orders/withdraw/:id. UI falls back to feeDisplay prop or "—". */
+    fee?: string;
+    target_chain_id: string;
+    target_address: string;
+    funding_tx_hash?: string;
+    dst_tx_hash?: string;
+    out_tx_hash?: string;
+    created_at?: string;
+    updated_at?: string;
+}
+interface NativeSwapPayload {
+    chain_id: string;
+    token_address: string;
+    token_amount: string;
+    dst_chain_id: string;
+    dst_token_address: string;
+    recipient: string;
+}
+interface PaymentPairData {
+    token_symbol: string;
+    token_amount: string;
+    token_address: string;
+    user_address: string;
+    chain_id: string;
+}
+interface CreateOrderRequest {
+    intent_id: string;
+    order_type: "NATIVE_SWAP";
+    order_payload: NativeSwapPayload;
+    payment_pairs: PaymentPairData[];
+}
+type PaymentSessionStatus = "CREATED" | "PENDING" | "FUNDED" | "CANCELED" | "CAPTURING" | "SUCCEED";
+interface PaymentSessionResponseData {
+    payment_session_id: string;
+    created_at?: string;
+    status: PaymentSessionStatus;
+    one_time_wallet_address: string;
+    amount: string;
+    currency: string;
+    user_address?: string;
+    network?: string;
+    token_symbol?: string;
+    chain_id?: string;
+    funding_transaction_hash?: string | null;
+    capturable_amount?: string;
+    captured_amount?: string;
+}
+interface CreateOrderResponseData {
+    order_id: string;
+    payment_sessions: PaymentSessionResponseData[];
+}
+interface MerchantApiConfig {
+    baseUrl?: string;
+    client?: AxiosInstance;
+}
+/**
+ * 配置 Merchant API 的 baseURL
+ */
+declare function configureMerchantApi(config?: MerchantApiConfig): AxiosInstance;
+/**
+ * 获取当前 axios 实例（用于自定义请求）
+ */
+declare function getMerchantApiClient(): AxiosInstance;
+/** GET /chains - 查询支持的链和代币列表 */
+declare function getChains(): Promise<ChainsResponseData>;
+/** POST /api/v1/platform - 注册平台合约并获取充值地址 */
+declare function registerPlatform(body: PlatformRegisterRequest): Promise<PlatformRegisterResponseData>;
+/** POST /api/v1/quote - 统一报价（充值/提现） */
+declare function quote(body: QuoteRequest): Promise<QuoteResponseData>;
+/** GET /api/v1/orders/deposit/{order_id} - 查询充值订单状态 */
+declare function getDepositOrder(orderId: string): Promise<DepositOrderResponseData>;
+/** GET /api/v1/orders/withdraw/{order_id} - 查询提现订单状态 */
+declare function getWithdrawOrder(orderId: string): Promise<WithdrawOrderResponseData>;
+/** POST /order - 创建 NATIVE_SWAP 提现订单 */
+declare function createOrder(body: CreateOrderRequest): Promise<CreateOrderResponseData>;
+
+export { type ApiResponse as A, type ChainData as C, type DepositOrderResponseData as D, type MerchantApiConfig as M, type NativeSwapPayload as N, type PaymentPairData as P, type QuoteDirection as Q, type TokenData as T, type WithdrawOrderResponseData as W, type ChainsResponseData as a, type CreateOrderRequest as b, type CreateOrderResponseData as c, type DepositOrderStatus as d, type PaymentSessionResponseData as e, type PaymentSessionStatus as f, type PlatformRegisterRequest as g, type PlatformRegisterResponseData as h, type QuoteResponseData as i, type WithdrawOrderStatus as j, configureMerchantApi as k, createOrder as l, getChains as m, getDepositOrder as n, getMerchantApiClient as o, getWithdrawOrder as p, quote as q, registerPlatform as r };

package/dist/auth.d.ts

@@ -0,0 +1,8 @@
+export { G as GoogleCredential, T as TwitterAuthResult } from './signInTypes-DESvmgWG.js';
+import 'react';
+import '@ab-org/sdk-core';
+
+/** Legacy X OAuth popup callback: posts `code` / `state` to `window.opener` and closes. OIDC relay flows do not use this. */
+declare function notifyTwitterCallback(): void;
+
+export { notifyTwitterCallback };

package/dist/auth.js

@@ -0,0 +1 @@
+export { notifyTwitterCallback } from './chunk-UAXKA6QC.js';

package/dist/autoReconnect-6YV7YSSL.js

@@ -0,0 +1,4 @@
+export { tryAutoReconnect } from './chunk-26RFAFJG.js';
+import './chunk-F3HQRJID.js';
+import './chunk-SHLNBZBY.js';
+import './chunk-WHTI52FI.js';

package/dist/chunk-26RFAFJG.js

@@ -0,0 +1,31 @@
+import { getSDKConfig } from './chunk-F3HQRJID.js';
+import { sessionStore, createDefaultInjectedWalletRegistry, WalletConnector } from '@ab-org/sdk-core';
+import { CubistSocialProvider } from '@ab-org/sdk-core/social/provider';
+
+var pending = null;
+function tryAutoReconnect() {
+  const session = sessionStore.getState().session;
+  if (!session) return Promise.resolve(null);
+  if (pending) return pending;
+  pending = doAutoReconnect().finally(() => {
+    pending = null;
+  });
+  return pending;
+}
+async function doAutoReconnect() {
+  const config = getSDKConfig();
+  const registry = createDefaultInjectedWalletRegistry();
+  const adapters = [...registry.map((r) => r.provider)];
+  if (config.cubeSigner) {
+    adapters.push(
+      new CubistSocialProvider({
+        ...config.cubeSigner,
+        defaultSessionPolicy: config.signIn?.sessionPolicy ?? config.cubeSigner.defaultSessionPolicy
+      })
+    );
+  }
+  const connector = new WalletConnector(adapters);
+  return connector.tryAutoReconnect();
+}
+
+export { tryAutoReconnect };