@agent-score/commerce 1.1.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/README.md +27 -12
  2. package/dist/{_response-RpEB7-vl.d.ts → _response-C2yFQoIA.d.ts} +1 -1
  3. package/dist/{_response-DS-LR590.d.mts → _response-DpB-cm2c.d.mts} +1 -1
  4. package/dist/agent_instructions-DiMSGkdm.d.mts +133 -0
  5. package/dist/agent_instructions-DiMSGkdm.d.ts +133 -0
  6. package/dist/challenge/index.d.mts +18 -116
  7. package/dist/challenge/index.d.ts +18 -116
  8. package/dist/challenge/index.js +41 -27
  9. package/dist/challenge/index.js.map +1 -1
  10. package/dist/challenge/index.mjs +40 -27
  11. package/dist/challenge/index.mjs.map +1 -1
  12. package/dist/core.js +1 -1
  13. package/dist/core.js.map +1 -1
  14. package/dist/core.mjs +1 -1
  15. package/dist/core.mjs.map +1 -1
  16. package/dist/discovery/index.d.mts +245 -2
  17. package/dist/discovery/index.d.ts +245 -2
  18. package/dist/discovery/index.js +276 -56
  19. package/dist/discovery/index.js.map +1 -1
  20. package/dist/discovery/index.mjs +269 -55
  21. package/dist/discovery/index.mjs.map +1 -1
  22. package/dist/identity/express.d.mts +2 -2
  23. package/dist/identity/express.d.ts +2 -2
  24. package/dist/identity/express.js +48 -25
  25. package/dist/identity/express.js.map +1 -1
  26. package/dist/identity/express.mjs +48 -25
  27. package/dist/identity/express.mjs.map +1 -1
  28. package/dist/identity/fastify.d.mts +2 -2
  29. package/dist/identity/fastify.d.ts +2 -2
  30. package/dist/identity/fastify.js +48 -25
  31. package/dist/identity/fastify.js.map +1 -1
  32. package/dist/identity/fastify.mjs +48 -25
  33. package/dist/identity/fastify.mjs.map +1 -1
  34. package/dist/identity/hono.d.mts +2 -2
  35. package/dist/identity/hono.d.ts +2 -2
  36. package/dist/identity/hono.js +48 -25
  37. package/dist/identity/hono.js.map +1 -1
  38. package/dist/identity/hono.mjs +48 -25
  39. package/dist/identity/hono.mjs.map +1 -1
  40. package/dist/identity/nextjs.d.mts +2 -2
  41. package/dist/identity/nextjs.d.ts +2 -2
  42. package/dist/identity/nextjs.js +48 -25
  43. package/dist/identity/nextjs.js.map +1 -1
  44. package/dist/identity/nextjs.mjs +48 -25
  45. package/dist/identity/nextjs.mjs.map +1 -1
  46. package/dist/identity/web.d.mts +2 -2
  47. package/dist/identity/web.d.ts +2 -2
  48. package/dist/identity/web.js +48 -25
  49. package/dist/identity/web.js.map +1 -1
  50. package/dist/identity/web.mjs +48 -25
  51. package/dist/identity/web.mjs.map +1 -1
  52. package/dist/index.d.mts +12 -12
  53. package/dist/index.d.ts +12 -12
  54. package/dist/index.js +47 -24
  55. package/dist/index.js.map +1 -1
  56. package/dist/index.mjs +47 -24
  57. package/dist/index.mjs.map +1 -1
  58. package/dist/payment/index.d.mts +136 -49
  59. package/dist/payment/index.d.ts +136 -49
  60. package/dist/payment/index.js +161 -73
  61. package/dist/payment/index.js.map +1 -1
  62. package/dist/payment/index.mjs +160 -72
  63. package/dist/payment/index.mjs.map +1 -1
  64. package/dist/{signer-Cvdwn6Cs.d.mts → signer-kCAJUZwp.d.mts} +10 -12
  65. package/dist/{signer-Cvdwn6Cs.d.ts → signer-kCAJUZwp.d.ts} +10 -12
  66. package/dist/stripe-multichain/index.d.mts +2 -2
  67. package/dist/stripe-multichain/index.d.ts +2 -2
  68. package/dist/stripe-multichain/index.js.map +1 -1
  69. package/dist/stripe-multichain/index.mjs.map +1 -1
  70. package/package.json +13 -4
package/dist/identity/fastify.mjs CHANGED
@@ -332,7 +332,7 @@ function createAgentScoreCore(options) {
332
332
  } = options;
333
333
  const baseUrl = stripTrailingSlashes(rawBaseUrl);
334
334
  const agentMemoryHint = buildAgentMemoryHint();
335
- const defaultUa = `@agent-score/commerce@${"1.1.0"}`;
335
+ const defaultUa = `@agent-score/commerce@${"1.3.0"}`;
336
336
  const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
337
337
  const sdk = new AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
338
338
  const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -705,6 +705,44 @@ function createAgentScoreCore(options) {
705
705
  }
706
706
 
707
707
  // src/signer.ts
708
+ var TOKEN_PROGRAM = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
709
+ var TOKEN_2022_PROGRAM = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
710
+ var TRANSFER_CHECKED_DISCRIMINATOR = 12;
711
+ async function extractSolanaSignerFromCredential(credential) {
712
+ const payload = credential.payload;
713
+ if (!payload?.transaction || payload.type !== "transaction") return null;
714
+ const moduleName = "@solana/kit";
715
+ const kit = await import(moduleName).catch(() => null);
716
+ if (!kit?.getBase64Codec || !kit.getTransactionDecoder || !kit.getCompiledTransactionMessageDecoder) {
717
+ return null;
718
+ }
719
+ try {
720
+ const txBytes = kit.getBase64Codec().encode(payload.transaction);
721
+ const decoded = kit.getTransactionDecoder().decode(txBytes);
722
+ const message = kit.getCompiledTransactionMessageDecoder().decode(decoded.messageBytes);
723
+ for (const ix of message.instructions) {
724
+ const programId = message.staticAccounts[ix.programAddressIndex];
725
+ if (programId !== TOKEN_PROGRAM && programId !== TOKEN_2022_PROGRAM) continue;
726
+ const data = ix.data;
727
+ if (!data || data.length === 0 || data[0] !== TRANSFER_CHECKED_DISCRIMINATOR) continue;
728
+ const accountIndices = ix.accountIndices ?? [];
729
+ const authorityIndex = accountIndices[3];
730
+ if (authorityIndex === void 0) continue;
731
+ if (authorityIndex >= message.staticAccounts.length) {
732
+ console.warn(
733
+ "[gate] Solana TransferChecked authority resolves through an address lookup table; signer-match recovery requires the static-account form. Skipping."
734
+ );
735
+ continue;
736
+ }
737
+ const authority = message.staticAccounts[authorityIndex];
738
+ if (authority) return authority;
739
+ }
740
+ return null;
741
+ } catch (err) {
742
+ console.warn("[gate] Solana credential decode failed:", err instanceof Error ? err.message : err);
743
+ return null;
744
+ }
745
+ }
708
746
  async function extractPaymentSigner(request, x402PaymentHeader) {
709
747
  const authHeader = request.headers.get("authorization");
710
748
  if (authHeader) {
@@ -714,8 +752,12 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
714
752
  if (mppx?.Credential?.extractPaymentScheme(authHeader)) {
715
753
  const credential = mppx.Credential.fromRequest(request);
716
754
  const source = credential.source;
717
- const match = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
718
- if (match) return { address: match[1].toLowerCase(), network: "evm" };
755
+ const evmMatch = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
756
+ if (evmMatch) return { address: evmMatch[1].toLowerCase(), network: "evm" };
757
+ const solMatch = source?.match(/^did:pkh:solana:[1-9A-HJ-NP-Za-km-z]{32,44}:([1-9A-HJ-NP-Za-km-z]{32,44})$/);
758
+ if (solMatch) return { address: solMatch[1], network: "solana" };
759
+ const solanaFromTx = await extractSolanaSignerFromCredential(credential);
760
+ if (solanaFromTx) return { address: solanaFromTx, network: "solana" };
719
761
  }
720
762
  } catch (err) {
721
763
  console.warn("[gate] MPP signer extraction failed:", err instanceof Error ? err.message : err);
@@ -725,28 +767,9 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
725
767
  try {
726
768
  const decoded = atob(x402PaymentHeader);
727
769
  const parsed = JSON.parse(decoded);
728
- const network = parsed?.accepted?.network ?? "";
729
- if (network.startsWith("eip155:")) {
730
- const from = parsed?.payload?.authorization?.from;
731
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
732
- return { address: from.toLowerCase(), network: "evm" };
733
- }
734
- } else if (network.startsWith("solana:")) {
735
- const transaction = parsed?.payload?.transaction;
736
- if (typeof transaction === "string") {
737
- const moduleName = "@x402/svm";
738
- const svm = await import(moduleName).catch(() => null);
739
- if (svm?.decodeTransactionFromPayload && svm.getTokenPayerFromTransaction) {
740
- const tx = svm.decodeTransactionFromPayload({ transaction });
741
- const payer = svm.getTokenPayerFromTransaction(tx);
742
- if (typeof payer === "string" && payer.length > 0) return { address: payer, network: "solana" };
743
- }
744
- }
745
- } else {
746
- const from = parsed?.payload?.authorization?.from;
747
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
748
- return { address: from.toLowerCase(), network: "evm" };
749
- }
770
+ const from = parsed?.payload?.authorization?.from;
771
+ if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
772
+ return { address: from.toLowerCase(), network: "evm" };
750
773
  }
751
774
  } catch (err) {
752
775
  console.warn("[gate] x402 signer extraction failed:", err instanceof Error ? err.message : err);