@agent-score/commerce 1.1.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/README.md +27 -12
  2. package/dist/{_response-RpEB7-vl.d.ts → _response-C2yFQoIA.d.ts} +1 -1
  3. package/dist/{_response-DS-LR590.d.mts → _response-DpB-cm2c.d.mts} +1 -1
  4. package/dist/agent_instructions-DiMSGkdm.d.mts +133 -0
  5. package/dist/agent_instructions-DiMSGkdm.d.ts +133 -0
  6. package/dist/challenge/index.d.mts +18 -116
  7. package/dist/challenge/index.d.ts +18 -116
  8. package/dist/challenge/index.js +41 -27
  9. package/dist/challenge/index.js.map +1 -1
  10. package/dist/challenge/index.mjs +40 -27
  11. package/dist/challenge/index.mjs.map +1 -1
  12. package/dist/core.js +1 -1
  13. package/dist/core.js.map +1 -1
  14. package/dist/core.mjs +1 -1
  15. package/dist/core.mjs.map +1 -1
  16. package/dist/discovery/index.d.mts +245 -2
  17. package/dist/discovery/index.d.ts +245 -2
  18. package/dist/discovery/index.js +276 -56
  19. package/dist/discovery/index.js.map +1 -1
  20. package/dist/discovery/index.mjs +269 -55
  21. package/dist/discovery/index.mjs.map +1 -1
  22. package/dist/identity/express.d.mts +2 -2
  23. package/dist/identity/express.d.ts +2 -2
  24. package/dist/identity/express.js +48 -25
  25. package/dist/identity/express.js.map +1 -1
  26. package/dist/identity/express.mjs +48 -25
  27. package/dist/identity/express.mjs.map +1 -1
  28. package/dist/identity/fastify.d.mts +2 -2
  29. package/dist/identity/fastify.d.ts +2 -2
  30. package/dist/identity/fastify.js +48 -25
  31. package/dist/identity/fastify.js.map +1 -1
  32. package/dist/identity/fastify.mjs +48 -25
  33. package/dist/identity/fastify.mjs.map +1 -1
  34. package/dist/identity/hono.d.mts +2 -2
  35. package/dist/identity/hono.d.ts +2 -2
  36. package/dist/identity/hono.js +48 -25
  37. package/dist/identity/hono.js.map +1 -1
  38. package/dist/identity/hono.mjs +48 -25
  39. package/dist/identity/hono.mjs.map +1 -1
  40. package/dist/identity/nextjs.d.mts +2 -2
  41. package/dist/identity/nextjs.d.ts +2 -2
  42. package/dist/identity/nextjs.js +48 -25
  43. package/dist/identity/nextjs.js.map +1 -1
  44. package/dist/identity/nextjs.mjs +48 -25
  45. package/dist/identity/nextjs.mjs.map +1 -1
  46. package/dist/identity/web.d.mts +2 -2
  47. package/dist/identity/web.d.ts +2 -2
  48. package/dist/identity/web.js +48 -25
  49. package/dist/identity/web.js.map +1 -1
  50. package/dist/identity/web.mjs +48 -25
  51. package/dist/identity/web.mjs.map +1 -1
  52. package/dist/index.d.mts +12 -12
  53. package/dist/index.d.ts +12 -12
  54. package/dist/index.js +47 -24
  55. package/dist/index.js.map +1 -1
  56. package/dist/index.mjs +47 -24
  57. package/dist/index.mjs.map +1 -1
  58. package/dist/payment/index.d.mts +136 -49
  59. package/dist/payment/index.d.ts +136 -49
  60. package/dist/payment/index.js +161 -73
  61. package/dist/payment/index.js.map +1 -1
  62. package/dist/payment/index.mjs +160 -72
  63. package/dist/payment/index.mjs.map +1 -1
  64. package/dist/{signer-Cvdwn6Cs.d.mts → signer-kCAJUZwp.d.mts} +10 -12
  65. package/dist/{signer-Cvdwn6Cs.d.ts → signer-kCAJUZwp.d.ts} +10 -12
  66. package/dist/stripe-multichain/index.d.mts +2 -2
  67. package/dist/stripe-multichain/index.d.ts +2 -2
  68. package/dist/stripe-multichain/index.js.map +1 -1
  69. package/dist/stripe-multichain/index.mjs.map +1 -1
  70. package/package.json +13 -4
package/dist/identity/web.js CHANGED
@@ -361,7 +361,7 @@ function createAgentScoreCore(options) {
361
361
  } = options;
362
362
  const baseUrl = stripTrailingSlashes(rawBaseUrl);
363
363
  const agentMemoryHint = buildAgentMemoryHint();
364
- const defaultUa = `@agent-score/commerce@${"1.1.0"}`;
364
+ const defaultUa = `@agent-score/commerce@${"1.3.0"}`;
365
365
  const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
366
366
  const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
367
367
  const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -734,6 +734,44 @@ function createAgentScoreCore(options) {
734
734
  }
735
735
 
736
736
  // src/signer.ts
737
+ var TOKEN_PROGRAM = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
738
+ var TOKEN_2022_PROGRAM = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
739
+ var TRANSFER_CHECKED_DISCRIMINATOR = 12;
740
+ async function extractSolanaSignerFromCredential(credential) {
741
+ const payload = credential.payload;
742
+ if (!payload?.transaction || payload.type !== "transaction") return null;
743
+ const moduleName = "@solana/kit";
744
+ const kit = await import(moduleName).catch(() => null);
745
+ if (!kit?.getBase64Codec || !kit.getTransactionDecoder || !kit.getCompiledTransactionMessageDecoder) {
746
+ return null;
747
+ }
748
+ try {
749
+ const txBytes = kit.getBase64Codec().encode(payload.transaction);
750
+ const decoded = kit.getTransactionDecoder().decode(txBytes);
751
+ const message = kit.getCompiledTransactionMessageDecoder().decode(decoded.messageBytes);
752
+ for (const ix of message.instructions) {
753
+ const programId = message.staticAccounts[ix.programAddressIndex];
754
+ if (programId !== TOKEN_PROGRAM && programId !== TOKEN_2022_PROGRAM) continue;
755
+ const data = ix.data;
756
+ if (!data || data.length === 0 || data[0] !== TRANSFER_CHECKED_DISCRIMINATOR) continue;
757
+ const accountIndices = ix.accountIndices ?? [];
758
+ const authorityIndex = accountIndices[3];
759
+ if (authorityIndex === void 0) continue;
760
+ if (authorityIndex >= message.staticAccounts.length) {
761
+ console.warn(
762
+ "[gate] Solana TransferChecked authority resolves through an address lookup table; signer-match recovery requires the static-account form. Skipping."
763
+ );
764
+ continue;
765
+ }
766
+ const authority = message.staticAccounts[authorityIndex];
767
+ if (authority) return authority;
768
+ }
769
+ return null;
770
+ } catch (err) {
771
+ console.warn("[gate] Solana credential decode failed:", err instanceof Error ? err.message : err);
772
+ return null;
773
+ }
774
+ }
737
775
  async function extractPaymentSigner(request, x402PaymentHeader) {
738
776
  const authHeader = request.headers.get("authorization");
739
777
  if (authHeader) {
@@ -743,8 +781,12 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
743
781
  if (mppx?.Credential?.extractPaymentScheme(authHeader)) {
744
782
  const credential = mppx.Credential.fromRequest(request);
745
783
  const source = credential.source;
746
- const match = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
747
- if (match) return { address: match[1].toLowerCase(), network: "evm" };
784
+ const evmMatch = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
785
+ if (evmMatch) return { address: evmMatch[1].toLowerCase(), network: "evm" };
786
+ const solMatch = source?.match(/^did:pkh:solana:[1-9A-HJ-NP-Za-km-z]{32,44}:([1-9A-HJ-NP-Za-km-z]{32,44})$/);
787
+ if (solMatch) return { address: solMatch[1], network: "solana" };
788
+ const solanaFromTx = await extractSolanaSignerFromCredential(credential);
789
+ if (solanaFromTx) return { address: solanaFromTx, network: "solana" };
748
790
  }
749
791
  } catch (err) {
750
792
  console.warn("[gate] MPP signer extraction failed:", err instanceof Error ? err.message : err);
@@ -754,28 +796,9 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
754
796
  try {
755
797
  const decoded = atob(x402PaymentHeader);
756
798
  const parsed = JSON.parse(decoded);
757
- const network = parsed?.accepted?.network ?? "";
758
- if (network.startsWith("eip155:")) {
759
- const from = parsed?.payload?.authorization?.from;
760
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
761
- return { address: from.toLowerCase(), network: "evm" };
762
- }
763
- } else if (network.startsWith("solana:")) {
764
- const transaction = parsed?.payload?.transaction;
765
- if (typeof transaction === "string") {
766
- const moduleName = "@x402/svm";
767
- const svm = await import(moduleName).catch(() => null);
768
- if (svm?.decodeTransactionFromPayload && svm.getTokenPayerFromTransaction) {
769
- const tx = svm.decodeTransactionFromPayload({ transaction });
770
- const payer = svm.getTokenPayerFromTransaction(tx);
771
- if (typeof payer === "string" && payer.length > 0) return { address: payer, network: "solana" };
772
- }
773
- }
774
- } else {
775
- const from = parsed?.payload?.authorization?.from;
776
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
777
- return { address: from.toLowerCase(), network: "evm" };
778
- }
799
+ const from = parsed?.payload?.authorization?.from;
800
+ if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
801
+ return { address: from.toLowerCase(), network: "evm" };
779
802
  }
780
803
  } catch (err) {
781
804
  console.warn("[gate] x402 signer extraction failed:", err instanceof Error ? err.message : err);