@agent-score/commerce 1.0.3 → 1.2.0

package/README.md

@@ -25,7 +25,7 @@ npm install hono mppx @x402/core @x402/evm @x402/svm stripe   # whatever your st
 |---|---|
 | `/identity/{hono,express,fastify,nextjs,web}` | Trust gate middleware: KYC, sanctions, age, jurisdiction. `agentscoreGate(...)`, `getAgentScoreData(c)`, `captureWallet(...)`, `verifyWalletSignerMatch(...)`. Plus shared denial helpers: `denialReasonStatus`, `denialReasonToBody`, `buildSignerMismatchBody`, `buildContactSupportNextSteps`, `verificationAgentInstructions`, `isFixableDenial`, `FIXABLE_DENIAL_REASONS`. |
 | `/payment` | `networks`, `USDC`, `rails` registries; `paymentDirective`, `buildPaymentDirective`, `wwwAuthenticateHeader`, `paymentRequiredHeader`, `aliasAmountFields` (v1↔v2 amount field shim — emits both `amount` and `maxAmountRequired` so v1-only x402 parsers like Coinbase awal can read v2 bodies), `settlementOverrideHeader`, `dispatchSettlementByNetwork`, `extractPaymentSigner` (returns `{address, network}`); `createX402Server`, `createMppxServer`; drop-in x402 helpers: `validateX402NetworkConfig` (boot-time guard), `verifyX402Request` (parse + validate inbound X-Payment), `processX402Settle` (verify-then-settle with one call). |
-| `/discovery` | `isDiscoveryProbeRequest`, `buildDiscoveryProbeResponse` (with optional `x402Sample` for x402-aware crawlers — `awal x402 details` etc.), `sampleX402AcceptForNetwork` (USDC sample-accept builder for known CAIP-2 networks), `buildWellKnownMpp`, `buildLlmsTxt` + `llmsTxtIdentitySection` + `llmsTxtPaymentSection` (compact + verbose modes), `agentscoreOpenApiSnippets`, `createBazaarDiscovery`, `noindexNonDiscoveryPaths` (Hono middleware that emits `X-Robots-Tag: noindex` on every path except the agent-discovery surfaces — defaults cover `/openapi.json`, `/llms.txt`, `/.well-known/{mpp.json,agent-card.json,ucp}`, `/favicon.{png,ico}`; pure helpers `isDiscoveryPath` + `defaultDiscoveryPaths` for non-Hono frameworks). |
+| `/discovery` | `isDiscoveryProbeRequest`, `buildDiscoveryProbeResponse` (with optional `x402Sample` for x402-aware crawlers — `awal x402 details` etc.), `sampleX402AcceptForNetwork` (USDC sample-accept builder for known CAIP-2 networks), `buildWellKnownMpp`, `buildLlmsTxt` + `llmsTxtIdentitySection` + `llmsTxtPaymentSection` (compact + verbose modes), `buildSkillMd` (Claude-Skill-compatible `/skill.md` agent-discovery manifest — strictly agent-facing data only, no internal posture), `agentscoreOpenApiSnippets`, `createBazaarDiscovery`, `noindexNonDiscoveryPaths` (Hono middleware that emits `X-Robots-Tag: noindex` on every path except the agent-discovery surfaces — defaults cover `/openapi.json`, `/llms.txt`, `/skill.md`, `/.well-known/{mpp.json,agent-card.json,ucp}`, `/favicon.{png,ico}`; pure helpers `isDiscoveryPath` + `defaultDiscoveryPaths` for non-Hono frameworks). |
 | `/challenge` | `build402Body`, `buildAcceptedMethods`, `buildIdentityMetadata`, `buildHowToPay`, `buildAgentInstructions` (auto-emits per-rail `compatible_clients` — smoke-verified CLIs the agent should use; vendor override supported), `buildPricingBlock`, `firstEncounterAgentMemory`, `OrderReceipt`; `respond402` — drop-in 402 emit that preserves mppx's `WWW-Authenticate` and layers x402's `PAYMENT-REQUIRED`. `buildValidationError` — structured 4xx body builder (`{error: {code, message}, required_fields?, example_body?, next_steps?, ...extra}`) so vendors compose body shapes by name instead of inlining at every validation site. |
 | `/stripe-multichain` | `createMultichainPaymentIntent`, `getDepositAddress`, `simulateCryptoDeposit`, `createMppxStripe`; `createPiCache` (TTL'd PI / deposit-address cache, Redis-backed when `redisUrl` set, in-memory otherwise), `simulateDepositIfTestMode` (gates on `sk_test_` and looks up the PI for you), `STRIPE_TEST_TX_HASH_SUCCESS` / `STRIPE_TEST_TX_HASH_FAILED` constants. Peer dep on `stripe`. |
 | `/api` | Everything from `@agent-score/sdk` re-exported in one place: `AgentScore` + `AgentScoreError`, `AGENTSCORE_TEST_ADDRESSES` + `isAgentScoreTestAddress`. **Don't add `@agent-score/sdk` as a separate dep** — the two can drift versions and cause subtle type mismatches. |
@@ -278,6 +278,33 @@ app.post("/purchase", async (c) => {
 });
 ```
 
+## Fail-open behavior
+
+By default AgentScore Gate fails closed: any AgentScore-side infrastructure failure (HTTP 429, 5xx, network timeout) returns 503 to the buyer. Set `failOpen: true` on `agentscoreGate({...})` to opt in to graceful degradation:
+
+```ts
+import { agentscoreGate, getGateDegradedState } from '@agent-score/commerce/identity/hono';
+
+const gate = agentscoreGate({ apiKey: process.env.AGENTSCORE_API_KEY!, failOpen: true });
+
+app.use('/purchase', gate);
+
+app.post('/purchase', async (c) => {
+  const { degraded, infraReason } = getGateDegradedState(c);
+  if (degraded) {
+    // Compliance was NOT enforced this request — log/alert/refund-async/etc.
+    console.warn(`[gate] degraded: ${infraReason}`);
+  }
+  // ...rest of handler
+});
+```
+
+When `failOpen: true` AND the failure is infra-shape, the gate carries `degraded: true` + `infraReason: 'quota_exceeded' | 'api_error' | 'network_timeout'` so merchants can log/alert without parsing console output. **Compliance denials (sanctions, age, jurisdiction, signer-mismatch) still deny regardless of `failOpen`** — `failOpen` only covers "AgentScore couldn't tell us," never "AgentScore said no."
+
+For regulated commerce (alcohol, age-gated, sanctioned-jurisdiction-relevant) keep the default `failOpen: false` — outage is the correct posture; bypassing compliance on infra failure is a compliance gap. For low-stakes commerce or high-uptime SLAs, opt in and use the `degraded` flag as the audit trail.
+
+The `getGateDegradedState` helper is exported by every framework adapter (Hono, Express, Fastify, Next.js, Web Fetch). For `withAgentScoreGate` (Next.js / Web Fetch), the `degraded` + `infraReason` fields land directly on the `gate` object passed to your handler.
+
 ## Examples
 
 The [examples/](./examples) directory has 7 runnable single-file Hono apps covering common merchant scenarios — copy-paste templates, not frameworks. See [examples/README.md](./examples/README.md) for the full table.

package/dist/agent_instructions-d3UWTdam.d.mts

@@ -0,0 +1,129 @@
+interface HowToPayRailEntry {
+    setup?: string[];
+    prerequisite?: string;
+    command: string;
+    alternative_command?: string;
+    what_it_does: string;
+}
+interface HowToPayStripeEntry {
+    prerequisite: string;
+    instructions: string;
+    setup_link_cli?: string[];
+    command_link_cli?: string[];
+    what_it_does_link_cli?: string;
+    note?: string;
+}
+interface HowToPayBlock {
+    tempo?: HowToPayRailEntry;
+    x402_base?: HowToPayRailEntry;
+    x402_solana?: HowToPayRailEntry;
+    stripe?: HowToPayStripeEntry;
+}
+interface BuildHowToPayInput {
+    /** The merchant's full URL (e.g., 'https://agents.merchant.example/api/buy'). */
+    url: string;
+    /** JSON string of the body the agent should retry with — typically the original request body. */
+    retryBodyJson: string;
+    /** Total amount in USD (string or number). Used to compute max-spend defaults and stripe context. */
+    totalUsd: string | number;
+    /** Per-rail config — each is optional. Pass only the rails you support. */
+    rails: {
+        tempo?: {
+            recipient: string;
+            networkName?: string;
+            chainId?: number;
+            recommend?: 'tempo' | 'agentscore-pay' | 'both';
+        };
+        x402_base?: {
+            recipient: string;
+            network?: string;
+        };
+        x402_solana?: {
+            recipient: string;
+            network?: string;
+        };
+        stripe?: {
+            profileId?: string | null;
+            productName?: string;
+        };
+    };
+    /** Placeholder text for the operator token in commands. Defaults to '<your_opc_token>'. */
+    opTokenPlaceholder?: string;
+    /** Override max-spend value used in commands. Default: ceil(totalUsd) + 1. */
+    maxSpend?: string | number;
+}
+/**
+ * Build the agent_instructions.how_to_pay block. Generates per-rail setup/command/what_it_does
+ * boilerplate so agents see concrete commands per rail in the 402 body. Vendors pass the rails
+ * they support; the helper produces the right command for each.
+ *
+ * Tool recommendations (tempo CLI vs agentscore-pay vs link-cli) are configurable per rail.
+ */
+declare function buildHowToPay(input: BuildHowToPayInput): HowToPayBlock;
+
+/** Map of rail key (e.g. 'x402_base', 'tempo_mpp', 'stripe') → list of client identifiers
+ *  that have been smoke-verified by the merchant against the protocol shape they emit.
+ *  Strings are display labels, not install commands — agents already get install commands
+ *  via `how_to_pay.<rail>.setup`. Use these as a "what's known to work" hint. */
+type CompatibleClients = Record<string, string[]>;
+interface BuildAgentInstructionsInput {
+    /** Per-rail commands. Build with `buildHowToPay`. */
+    howToPay: HowToPayBlock;
+    /** Tool recommendations as human-readable strings. Defaults to a sensible set covering tempo + agentscore-pay. */
+    recommendedTools?: string[];
+    /** Wallet-stack compatibility note for the agent. Default: rail-neutral, no specific wallet stack required. */
+    walletCompatibility?: string;
+    /** How long the merchant will wait for payment after the 402. Default 300 (5 minutes). */
+    timeoutSeconds?: number;
+    /** Warnings about common footguns. Defaults include tempo wallet transfer + raw on-chain x402 deposits. */
+    warnings?: string[];
+    /** Recommended rail (e.g., 'tempo', 'x402_base'). Surfaced for agents to default to. */
+    recommended?: string;
+    /** Per-rail list of client names the merchant has verified work end-to-end. Vendors set
+     *  this from their own smoke matrix — defaults to none (avoids vouching for clients the
+     *  merchant has not tested). When omitted, the field is not emitted. */
+    compatibleClients?: CompatibleClients;
+    /** Arbitrary additional fields the vendor wants merged into the agent_instructions object. */
+    extra?: Record<string, unknown>;
+}
+interface AgentInstructions {
+    how_to_pay: HowToPayBlock;
+    recommended_tools: string[];
+    wallet_compatibility: string;
+    timeout_seconds: number;
+    warnings: string[];
+    recommended?: string;
+    compatible_clients?: CompatibleClients;
+    [key: string]: unknown;
+}
+/**
+ * Default `compatible_clients` derived from the rails declared in `howToPay`. Lists
+ * clients the AgentScore team has smoke-verified end-to-end against an `@agent-score/commerce`
+ * merchant; entries appear only for rails the vendor actually offers. Vendors override
+ * this in `buildAgentInstructions({compatibleClients: {...}})` to add their own tested
+ * clients or remove entries that don't fit their endpoint.
+ *
+ * Verified state as of the SDK release. The same data is also published as a docs page
+ * for humans (rationale, per-rail commands, why some clients don't fully work, last
+ * verified date) — this default keeps the merchant-side surface in sync.
+ */
+/** Symbolic rail keys agent-facing surfaces use to talk about a rail without spelling out
+ *  network/scheme details. Same keys as `CompatibleClients` map keys. */
+type RailKey = 'tempo_mpp' | 'x402_base' | 'x402_solana' | 'stripe';
+/** Returns the smoke-verified client list for a set of rail keys. The single source of
+ *  truth for "which CLIs we've verified end-to-end on each rail" — consumed both by the
+ *  402-body builder (`defaultCompatibleClients`) and by discovery surfaces (skill.md,
+ *  llms.txt, etc.). Update here, every surface inherits. */
+declare function compatibleClientsByRails(rails: readonly RailKey[]): CompatibleClients | undefined;
+/**
+ * Build the agent_instructions object for the 402 body. Combines how_to_pay with
+ * recommended tools, warnings, wallet-compatibility note, and timeout.
+ *
+ * Defaults adapt to the rails declared in `howToPay`: only tempo-relevant warnings/tools
+ * appear if `howToPay.tempo` is set, only x402-relevant ones if `x402_base`/`x402_solana`
+ * are set. Stripe-only merchants get neither rail-specific warning. Vendors override
+ * `warnings`/`recommendedTools` for full control.
+ */
+declare function buildAgentInstructions(input: BuildAgentInstructionsInput): AgentInstructions;
+
+export { type AgentInstructions as A, type BuildAgentInstructionsInput as B, type CompatibleClients as C, type HowToPayBlock as H, type RailKey as R, type BuildHowToPayInput as a, type HowToPayRailEntry as b, compatibleClientsByRails as c, type HowToPayStripeEntry as d, buildAgentInstructions as e, buildHowToPay as f };

package/dist/agent_instructions-d3UWTdam.d.ts

@@ -0,0 +1,129 @@
+interface HowToPayRailEntry {
+    setup?: string[];
+    prerequisite?: string;
+    command: string;
+    alternative_command?: string;
+    what_it_does: string;
+}
+interface HowToPayStripeEntry {
+    prerequisite: string;
+    instructions: string;
+    setup_link_cli?: string[];
+    command_link_cli?: string[];
+    what_it_does_link_cli?: string;
+    note?: string;
+}
+interface HowToPayBlock {
+    tempo?: HowToPayRailEntry;
+    x402_base?: HowToPayRailEntry;
+    x402_solana?: HowToPayRailEntry;
+    stripe?: HowToPayStripeEntry;
+}
+interface BuildHowToPayInput {
+    /** The merchant's full URL (e.g., 'https://agents.merchant.example/api/buy'). */
+    url: string;
+    /** JSON string of the body the agent should retry with — typically the original request body. */
+    retryBodyJson: string;
+    /** Total amount in USD (string or number). Used to compute max-spend defaults and stripe context. */
+    totalUsd: string | number;
+    /** Per-rail config — each is optional. Pass only the rails you support. */
+    rails: {
+        tempo?: {
+            recipient: string;
+            networkName?: string;
+            chainId?: number;
+            recommend?: 'tempo' | 'agentscore-pay' | 'both';
+        };
+        x402_base?: {
+            recipient: string;
+            network?: string;
+        };
+        x402_solana?: {
+            recipient: string;
+            network?: string;
+        };
+        stripe?: {
+            profileId?: string | null;
+            productName?: string;
+        };
+    };
+    /** Placeholder text for the operator token in commands. Defaults to '<your_opc_token>'. */
+    opTokenPlaceholder?: string;
+    /** Override max-spend value used in commands. Default: ceil(totalUsd) + 1. */
+    maxSpend?: string | number;
+}
+/**
+ * Build the agent_instructions.how_to_pay block. Generates per-rail setup/command/what_it_does
+ * boilerplate so agents see concrete commands per rail in the 402 body. Vendors pass the rails
+ * they support; the helper produces the right command for each.
+ *
+ * Tool recommendations (tempo CLI vs agentscore-pay vs link-cli) are configurable per rail.
+ */
+declare function buildHowToPay(input: BuildHowToPayInput): HowToPayBlock;
+
+/** Map of rail key (e.g. 'x402_base', 'tempo_mpp', 'stripe') → list of client identifiers
+ *  that have been smoke-verified by the merchant against the protocol shape they emit.
+ *  Strings are display labels, not install commands — agents already get install commands
+ *  via `how_to_pay.<rail>.setup`. Use these as a "what's known to work" hint. */
+type CompatibleClients = Record<string, string[]>;
+interface BuildAgentInstructionsInput {
+    /** Per-rail commands. Build with `buildHowToPay`. */
+    howToPay: HowToPayBlock;
+    /** Tool recommendations as human-readable strings. Defaults to a sensible set covering tempo + agentscore-pay. */
+    recommendedTools?: string[];
+    /** Wallet-stack compatibility note for the agent. Default: rail-neutral, no specific wallet stack required. */
+    walletCompatibility?: string;
+    /** How long the merchant will wait for payment after the 402. Default 300 (5 minutes). */
+    timeoutSeconds?: number;
+    /** Warnings about common footguns. Defaults include tempo wallet transfer + raw on-chain x402 deposits. */
+    warnings?: string[];
+    /** Recommended rail (e.g., 'tempo', 'x402_base'). Surfaced for agents to default to. */
+    recommended?: string;
+    /** Per-rail list of client names the merchant has verified work end-to-end. Vendors set
+     *  this from their own smoke matrix — defaults to none (avoids vouching for clients the
+     *  merchant has not tested). When omitted, the field is not emitted. */
+    compatibleClients?: CompatibleClients;
+    /** Arbitrary additional fields the vendor wants merged into the agent_instructions object. */
+    extra?: Record<string, unknown>;
+}
+interface AgentInstructions {
+    how_to_pay: HowToPayBlock;
+    recommended_tools: string[];
+    wallet_compatibility: string;
+    timeout_seconds: number;
+    warnings: string[];
+    recommended?: string;
+    compatible_clients?: CompatibleClients;
+    [key: string]: unknown;
+}
+/**
+ * Default `compatible_clients` derived from the rails declared in `howToPay`. Lists
+ * clients the AgentScore team has smoke-verified end-to-end against an `@agent-score/commerce`
+ * merchant; entries appear only for rails the vendor actually offers. Vendors override
+ * this in `buildAgentInstructions({compatibleClients: {...}})` to add their own tested
+ * clients or remove entries that don't fit their endpoint.
+ *
+ * Verified state as of the SDK release. The same data is also published as a docs page
+ * for humans (rationale, per-rail commands, why some clients don't fully work, last
+ * verified date) — this default keeps the merchant-side surface in sync.
+ */
+/** Symbolic rail keys agent-facing surfaces use to talk about a rail without spelling out
+ *  network/scheme details. Same keys as `CompatibleClients` map keys. */
+type RailKey = 'tempo_mpp' | 'x402_base' | 'x402_solana' | 'stripe';
+/** Returns the smoke-verified client list for a set of rail keys. The single source of
+ *  truth for "which CLIs we've verified end-to-end on each rail" — consumed both by the
+ *  402-body builder (`defaultCompatibleClients`) and by discovery surfaces (skill.md,
+ *  llms.txt, etc.). Update here, every surface inherits. */
+declare function compatibleClientsByRails(rails: readonly RailKey[]): CompatibleClients | undefined;
+/**
+ * Build the agent_instructions object for the 402 body. Combines how_to_pay with
+ * recommended tools, warnings, wallet-compatibility note, and timeout.
+ *
+ * Defaults adapt to the rails declared in `howToPay`: only tempo-relevant warnings/tools
+ * appear if `howToPay.tempo` is set, only x402-relevant ones if `x402_base`/`x402_solana`
+ * are set. Stripe-only merchants get neither rail-specific warning. Vendors override
+ * `warnings`/`recommendedTools` for full control.
+ */
+declare function buildAgentInstructions(input: BuildAgentInstructionsInput): AgentInstructions;
+
+export { type AgentInstructions as A, type BuildAgentInstructionsInput as B, type CompatibleClients as C, type HowToPayBlock as H, type RailKey as R, type BuildHowToPayInput as a, type HowToPayRailEntry as b, compatibleClientsByRails as c, type HowToPayStripeEntry as d, buildAgentInstructions as e, buildHowToPay as f };

package/dist/challenge/index.d.mts

@@ -1,3 +1,5 @@
+import { A as AgentInstructions } from '../agent_instructions-d3UWTdam.mjs';
+export { B as BuildAgentInstructionsInput, a as BuildHowToPayInput, C as CompatibleClients, H as HowToPayBlock, b as HowToPayRailEntry, d as HowToPayStripeEntry, R as RailKey, e as buildAgentInstructions, f as buildHowToPay, c as compatibleClientsByRails } from '../agent_instructions-d3UWTdam.mjs';
 import { AgentMemoryHint } from '../core.mjs';
 export { buildAgentMemoryHint } from '../core.mjs';
 import { P as PaymentRequiredHeaderInput } from '../wwwauthenticate-CU1eNvMQ.mjs';
@@ -95,115 +97,6 @@ interface IdentityMetadataBlock {
  */
 declare function buildIdentityMetadata(input: IdentityMetadataInput): IdentityMetadataBlock;
 
-interface HowToPayRailEntry {
-    setup?: string[];
-    prerequisite?: string;
-    command: string;
-    alternative_command?: string;
-    what_it_does: string;
-}
-interface HowToPayStripeEntry {
-    prerequisite: string;
-    instructions: string;
-    setup_link_cli?: string[];
-    command_link_cli?: string[];
-    what_it_does_link_cli?: string;
-    note?: string;
-}
-interface HowToPayBlock {
-    tempo?: HowToPayRailEntry;
-    x402_base?: HowToPayRailEntry;
-    x402_solana?: HowToPayRailEntry;
-    stripe?: HowToPayStripeEntry;
-}
-interface BuildHowToPayInput {
-    /** The merchant's full URL (e.g., 'https://agents.merchant.example/api/buy'). */
-    url: string;
-    /** JSON string of the body the agent should retry with — typically the original request body. */
-    retryBodyJson: string;
-    /** Total amount in USD (string or number). Used to compute max-spend defaults and stripe context. */
-    totalUsd: string | number;
-    /** Per-rail config — each is optional. Pass only the rails you support. */
-    rails: {
-        tempo?: {
-            recipient: string;
-            networkName?: string;
-            chainId?: number;
-            recommend?: 'tempo' | 'agentscore-pay' | 'both';
-        };
-        x402_base?: {
-            recipient: string;
-            network?: string;
-        };
-        x402_solana?: {
-            recipient: string;
-            network?: string;
-        };
-        stripe?: {
-            profileId?: string | null;
-            productName?: string;
-        };
-    };
-    /** Placeholder text for the operator token in commands. Defaults to '<your_opc_token>'. */
-    opTokenPlaceholder?: string;
-    /** Override max-spend value used in commands. Default: ceil(totalUsd) + 1. */
-    maxSpend?: string | number;
-}
-/**
- * Build the agent_instructions.how_to_pay block. Generates per-rail setup/command/what_it_does
- * boilerplate so agents see concrete commands per rail in the 402 body. Vendors pass the rails
- * they support; the helper produces the right command for each.
- *
- * Tool recommendations (tempo CLI vs agentscore-pay vs link-cli) are configurable per rail.
- */
-declare function buildHowToPay(input: BuildHowToPayInput): HowToPayBlock;
-
-/** Map of rail key (e.g. 'x402_base', 'tempo_mpp', 'stripe') → list of client identifiers
- *  that have been smoke-verified by the merchant against the protocol shape they emit.
- *  Strings are display labels, not install commands — agents already get install commands
- *  via `how_to_pay.<rail>.setup`. Use these as a "what's known to work" hint. */
-type CompatibleClients = Record<string, string[]>;
-interface BuildAgentInstructionsInput {
-    /** Per-rail commands. Build with `buildHowToPay`. */
-    howToPay: HowToPayBlock;
-    /** Tool recommendations as human-readable strings. Defaults to a sensible set covering tempo + agentscore-pay. */
-    recommendedTools?: string[];
-    /** Wallet-stack compatibility note for the agent. Default: rail-neutral, no specific wallet stack required. */
-    walletCompatibility?: string;
-    /** How long the merchant will wait for payment after the 402. Default 300 (5 minutes). */
-    timeoutSeconds?: number;
-    /** Warnings about common footguns. Defaults include tempo wallet transfer + raw on-chain x402 deposits. */
-    warnings?: string[];
-    /** Recommended rail (e.g., 'tempo', 'x402_base'). Surfaced for agents to default to. */
-    recommended?: string;
-    /** Per-rail list of client names the merchant has verified work end-to-end. Vendors set
-     *  this from their own smoke matrix — defaults to none (avoids vouching for clients the
-     *  merchant has not tested). When omitted, the field is not emitted. */
-    compatibleClients?: CompatibleClients;
-    /** Arbitrary additional fields the vendor wants merged into the agent_instructions object. */
-    extra?: Record<string, unknown>;
-}
-interface AgentInstructions {
-    how_to_pay: HowToPayBlock;
-    recommended_tools: string[];
-    wallet_compatibility: string;
-    timeout_seconds: number;
-    warnings: string[];
-    recommended?: string;
-    compatible_clients?: CompatibleClients;
-    [key: string]: unknown;
-}
-/**
- * Build the agent_instructions object for the 402 body. Combines how_to_pay with
- * recommended tools, warnings, wallet-compatibility note, and timeout.
- *
- * Defaults adapt to the rails declared in `howToPay`: only tempo-relevant warnings/tools
- * appear if `howToPay.tempo` is set, only x402-relevant ones if `x402_base`/`x402_solana`
- * are set. Stripe-only merchants get neither rail-specific warning. Vendors override
- * `warnings`/`recommendedTools` for full control.
- */
-declare function buildAgentInstructions(input: BuildAgentInstructionsInput): AgentInstructions;
-
 /**
  * Helpers for emitting the cross-merchant `agent_memory` hint on merchant 402 responses.
  *
@@ -520,4 +413,4 @@ interface ValidationErrorBody {
  */
 declare function buildValidationError(input: BuildValidationErrorInput): ValidationErrorBody;
 
-export { type AcceptedMethodEntry, type AgentInstructions, AgentMemoryHint, type Build402BodyInput, type BuildAcceptedMethodsInput, type BuildAgentInstructionsInput, type BuildHowToPayInput, type BuildPricingBlockInput, type BuildValidationErrorInput, type CompatibleClients, type FirstEncounterAgentMemoryInput, type HowToPayBlock, type HowToPayRailEntry, type HowToPayStripeEntry, type IdentityMetadataBlock, type IdentityMetadataInput, type IdentityMode, type OrderReceipt, type PricingBlock, type Respond402Input, type SignerMatchResultLike, type StripeMethodEntry, type TempoMethodEntry, type ValidationErrorBody, type X402MethodEntry, build402Body, buildAcceptedMethods, buildAgentInstructions, buildHowToPay, buildIdentityMetadata, buildPricingBlock, buildValidationError, firstEncounterAgentMemory, respond402 };
+export { type AcceptedMethodEntry, AgentInstructions, AgentMemoryHint, type Build402BodyInput, type BuildAcceptedMethodsInput, type BuildPricingBlockInput, type BuildValidationErrorInput, type FirstEncounterAgentMemoryInput, type IdentityMetadataBlock, type IdentityMetadataInput, type IdentityMode, type OrderReceipt, type PricingBlock, type Respond402Input, type SignerMatchResultLike, type StripeMethodEntry, type TempoMethodEntry, type ValidationErrorBody, type X402MethodEntry, build402Body, buildAcceptedMethods, buildIdentityMetadata, buildPricingBlock, buildValidationError, firstEncounterAgentMemory, respond402 };

package/dist/challenge/index.d.ts

@@ -1,3 +1,5 @@
+import { A as AgentInstructions } from '../agent_instructions-d3UWTdam.js';
+export { B as BuildAgentInstructionsInput, a as BuildHowToPayInput, C as CompatibleClients, H as HowToPayBlock, b as HowToPayRailEntry, d as HowToPayStripeEntry, R as RailKey, e as buildAgentInstructions, f as buildHowToPay, c as compatibleClientsByRails } from '../agent_instructions-d3UWTdam.js';
 import { AgentMemoryHint } from '../core.js';
 export { buildAgentMemoryHint } from '../core.js';
 import { P as PaymentRequiredHeaderInput } from '../wwwauthenticate-CU1eNvMQ.js';
@@ -95,115 +97,6 @@ interface IdentityMetadataBlock {
  */
 declare function buildIdentityMetadata(input: IdentityMetadataInput): IdentityMetadataBlock;
 
-interface HowToPayRailEntry {
-    setup?: string[];
-    prerequisite?: string;
-    command: string;
-    alternative_command?: string;
-    what_it_does: string;
-}
-interface HowToPayStripeEntry {
-    prerequisite: string;
-    instructions: string;
-    setup_link_cli?: string[];
-    command_link_cli?: string[];
-    what_it_does_link_cli?: string;
-    note?: string;
-}
-interface HowToPayBlock {
-    tempo?: HowToPayRailEntry;
-    x402_base?: HowToPayRailEntry;
-    x402_solana?: HowToPayRailEntry;
-    stripe?: HowToPayStripeEntry;
-}
-interface BuildHowToPayInput {
-    /** The merchant's full URL (e.g., 'https://agents.merchant.example/api/buy'). */
-    url: string;
-    /** JSON string of the body the agent should retry with — typically the original request body. */
-    retryBodyJson: string;
-    /** Total amount in USD (string or number). Used to compute max-spend defaults and stripe context. */
-    totalUsd: string | number;
-    /** Per-rail config — each is optional. Pass only the rails you support. */
-    rails: {
-        tempo?: {
-            recipient: string;
-            networkName?: string;
-            chainId?: number;
-            recommend?: 'tempo' | 'agentscore-pay' | 'both';
-        };
-        x402_base?: {
-            recipient: string;
-            network?: string;
-        };
-        x402_solana?: {
-            recipient: string;
-            network?: string;
-        };
-        stripe?: {
-            profileId?: string | null;
-            productName?: string;
-        };
-    };
-    /** Placeholder text for the operator token in commands. Defaults to '<your_opc_token>'. */
-    opTokenPlaceholder?: string;
-    /** Override max-spend value used in commands. Default: ceil(totalUsd) + 1. */
-    maxSpend?: string | number;
-}
-/**
- * Build the agent_instructions.how_to_pay block. Generates per-rail setup/command/what_it_does
- * boilerplate so agents see concrete commands per rail in the 402 body. Vendors pass the rails
- * they support; the helper produces the right command for each.
- *
- * Tool recommendations (tempo CLI vs agentscore-pay vs link-cli) are configurable per rail.
- */
-declare function buildHowToPay(input: BuildHowToPayInput): HowToPayBlock;
-
-/** Map of rail key (e.g. 'x402_base', 'tempo_mpp', 'stripe') → list of client identifiers
- *  that have been smoke-verified by the merchant against the protocol shape they emit.
- *  Strings are display labels, not install commands — agents already get install commands
- *  via `how_to_pay.<rail>.setup`. Use these as a "what's known to work" hint. */
-type CompatibleClients = Record<string, string[]>;
-interface BuildAgentInstructionsInput {
-    /** Per-rail commands. Build with `buildHowToPay`. */
-    howToPay: HowToPayBlock;
-    /** Tool recommendations as human-readable strings. Defaults to a sensible set covering tempo + agentscore-pay. */
-    recommendedTools?: string[];
-    /** Wallet-stack compatibility note for the agent. Default: rail-neutral, no specific wallet stack required. */
-    walletCompatibility?: string;
-    /** How long the merchant will wait for payment after the 402. Default 300 (5 minutes). */
-    timeoutSeconds?: number;
-    /** Warnings about common footguns. Defaults include tempo wallet transfer + raw on-chain x402 deposits. */
-    warnings?: string[];
-    /** Recommended rail (e.g., 'tempo', 'x402_base'). Surfaced for agents to default to. */
-    recommended?: string;
-    /** Per-rail list of client names the merchant has verified work end-to-end. Vendors set
-     *  this from their own smoke matrix — defaults to none (avoids vouching for clients the
-     *  merchant has not tested). When omitted, the field is not emitted. */
-    compatibleClients?: CompatibleClients;
-    /** Arbitrary additional fields the vendor wants merged into the agent_instructions object. */
-    extra?: Record<string, unknown>;
-}
-interface AgentInstructions {
-    how_to_pay: HowToPayBlock;
-    recommended_tools: string[];
-    wallet_compatibility: string;
-    timeout_seconds: number;
-    warnings: string[];
-    recommended?: string;
-    compatible_clients?: CompatibleClients;
-    [key: string]: unknown;
-}
-/**
- * Build the agent_instructions object for the 402 body. Combines how_to_pay with
- * recommended tools, warnings, wallet-compatibility note, and timeout.
- *
- * Defaults adapt to the rails declared in `howToPay`: only tempo-relevant warnings/tools
- * appear if `howToPay.tempo` is set, only x402-relevant ones if `x402_base`/`x402_solana`
- * are set. Stripe-only merchants get neither rail-specific warning. Vendors override
- * `warnings`/`recommendedTools` for full control.
- */
-declare function buildAgentInstructions(input: BuildAgentInstructionsInput): AgentInstructions;
-
 /**
  * Helpers for emitting the cross-merchant `agent_memory` hint on merchant 402 responses.
  *
@@ -520,4 +413,4 @@ interface ValidationErrorBody {
  */
 declare function buildValidationError(input: BuildValidationErrorInput): ValidationErrorBody;
 
-export { type AcceptedMethodEntry, type AgentInstructions, AgentMemoryHint, type Build402BodyInput, type BuildAcceptedMethodsInput, type BuildAgentInstructionsInput, type BuildHowToPayInput, type BuildPricingBlockInput, type BuildValidationErrorInput, type CompatibleClients, type FirstEncounterAgentMemoryInput, type HowToPayBlock, type HowToPayRailEntry, type HowToPayStripeEntry, type IdentityMetadataBlock, type IdentityMetadataInput, type IdentityMode, type OrderReceipt, type PricingBlock, type Respond402Input, type SignerMatchResultLike, type StripeMethodEntry, type TempoMethodEntry, type ValidationErrorBody, type X402MethodEntry, build402Body, buildAcceptedMethods, buildAgentInstructions, buildHowToPay, buildIdentityMetadata, buildPricingBlock, buildValidationError, firstEncounterAgentMemory, respond402 };
+export { type AcceptedMethodEntry, AgentInstructions, AgentMemoryHint, type Build402BodyInput, type BuildAcceptedMethodsInput, type BuildPricingBlockInput, type BuildValidationErrorInput, type FirstEncounterAgentMemoryInput, type IdentityMetadataBlock, type IdentityMetadataInput, type IdentityMode, type OrderReceipt, type PricingBlock, type Respond402Input, type SignerMatchResultLike, type StripeMethodEntry, type TempoMethodEntry, type ValidationErrorBody, type X402MethodEntry, build402Body, buildAcceptedMethods, buildIdentityMetadata, buildPricingBlock, buildValidationError, firstEncounterAgentMemory, respond402 };