@agent-score/commerce 1.2.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/README.md +26 -11
  2. package/dist/{_response-RpEB7-vl.d.ts → _response-C2yFQoIA.d.ts} +1 -1
  3. package/dist/{_response-DS-LR590.d.mts → _response-DpB-cm2c.d.mts} +1 -1
  4. package/dist/{agent_instructions-d3UWTdam.d.mts → agent_instructions-DiMSGkdm.d.mts} +10 -6
  5. package/dist/{agent_instructions-d3UWTdam.d.ts → agent_instructions-DiMSGkdm.d.ts} +10 -6
  6. package/dist/challenge/index.d.mts +18 -9
  7. package/dist/challenge/index.d.ts +18 -9
  8. package/dist/challenge/index.js +25 -24
  9. package/dist/challenge/index.js.map +1 -1
  10. package/dist/challenge/index.mjs +25 -24
  11. package/dist/challenge/index.mjs.map +1 -1
  12. package/dist/core.js +1 -1
  13. package/dist/core.js.map +1 -1
  14. package/dist/core.mjs +1 -1
  15. package/dist/core.mjs.map +1 -1
  16. package/dist/discovery/index.d.mts +130 -6
  17. package/dist/discovery/index.d.ts +130 -6
  18. package/dist/discovery/index.js +75 -59
  19. package/dist/discovery/index.js.map +1 -1
  20. package/dist/discovery/index.mjs +70 -58
  21. package/dist/discovery/index.mjs.map +1 -1
  22. package/dist/identity/express.d.mts +2 -2
  23. package/dist/identity/express.d.ts +2 -2
  24. package/dist/identity/express.js +48 -25
  25. package/dist/identity/express.js.map +1 -1
  26. package/dist/identity/express.mjs +48 -25
  27. package/dist/identity/express.mjs.map +1 -1
  28. package/dist/identity/fastify.d.mts +2 -2
  29. package/dist/identity/fastify.d.ts +2 -2
  30. package/dist/identity/fastify.js +48 -25
  31. package/dist/identity/fastify.js.map +1 -1
  32. package/dist/identity/fastify.mjs +48 -25
  33. package/dist/identity/fastify.mjs.map +1 -1
  34. package/dist/identity/hono.d.mts +2 -2
  35. package/dist/identity/hono.d.ts +2 -2
  36. package/dist/identity/hono.js +48 -25
  37. package/dist/identity/hono.js.map +1 -1
  38. package/dist/identity/hono.mjs +48 -25
  39. package/dist/identity/hono.mjs.map +1 -1
  40. package/dist/identity/nextjs.d.mts +2 -2
  41. package/dist/identity/nextjs.d.ts +2 -2
  42. package/dist/identity/nextjs.js +48 -25
  43. package/dist/identity/nextjs.js.map +1 -1
  44. package/dist/identity/nextjs.mjs +48 -25
  45. package/dist/identity/nextjs.mjs.map +1 -1
  46. package/dist/identity/web.d.mts +2 -2
  47. package/dist/identity/web.d.ts +2 -2
  48. package/dist/identity/web.js +48 -25
  49. package/dist/identity/web.js.map +1 -1
  50. package/dist/identity/web.mjs +48 -25
  51. package/dist/identity/web.mjs.map +1 -1
  52. package/dist/index.d.mts +12 -12
  53. package/dist/index.d.ts +12 -12
  54. package/dist/index.js +47 -24
  55. package/dist/index.js.map +1 -1
  56. package/dist/index.mjs +47 -24
  57. package/dist/index.mjs.map +1 -1
  58. package/dist/payment/index.d.mts +158 -49
  59. package/dist/payment/index.d.ts +158 -49
  60. package/dist/payment/index.js +194 -73
  61. package/dist/payment/index.js.map +1 -1
  62. package/dist/payment/index.mjs +192 -72
  63. package/dist/payment/index.mjs.map +1 -1
  64. package/dist/{signer-Cvdwn6Cs.d.mts → signer-kCAJUZwp.d.mts} +10 -12
  65. package/dist/{signer-Cvdwn6Cs.d.ts → signer-kCAJUZwp.d.ts} +10 -12
  66. package/dist/stripe-multichain/index.d.mts +2 -2
  67. package/dist/stripe-multichain/index.d.ts +2 -2
  68. package/dist/stripe-multichain/index.js.map +1 -1
  69. package/dist/stripe-multichain/index.mjs.map +1 -1
  70. package/package.json +13 -4
package/dist/identity/hono.js CHANGED
@@ -365,7 +365,7 @@ function createAgentScoreCore(options) {
365
365
  } = options;
366
366
  const baseUrl = stripTrailingSlashes(rawBaseUrl);
367
367
  const agentMemoryHint = buildAgentMemoryHint();
368
- const defaultUa = `@agent-score/commerce@${"1.2.0"}`;
368
+ const defaultUa = `@agent-score/commerce@${"1.3.1"}`;
369
369
  const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
370
370
  const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
371
371
  const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -738,6 +738,44 @@ function createAgentScoreCore(options) {
738
738
  }
739
739
 
740
740
  // src/signer.ts
741
+ var TOKEN_PROGRAM = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
742
+ var TOKEN_2022_PROGRAM = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
743
+ var TRANSFER_CHECKED_DISCRIMINATOR = 12;
744
+ async function extractSolanaSignerFromCredential(credential) {
745
+ const payload = credential.payload;
746
+ if (!payload?.transaction || payload.type !== "transaction") return null;
747
+ const moduleName = "@solana/kit";
748
+ const kit = await import(moduleName).catch(() => null);
749
+ if (!kit?.getBase64Codec || !kit.getTransactionDecoder || !kit.getCompiledTransactionMessageDecoder) {
750
+ return null;
751
+ }
752
+ try {
753
+ const txBytes = kit.getBase64Codec().encode(payload.transaction);
754
+ const decoded = kit.getTransactionDecoder().decode(txBytes);
755
+ const message = kit.getCompiledTransactionMessageDecoder().decode(decoded.messageBytes);
756
+ for (const ix of message.instructions) {
757
+ const programId = message.staticAccounts[ix.programAddressIndex];
758
+ if (programId !== TOKEN_PROGRAM && programId !== TOKEN_2022_PROGRAM) continue;
759
+ const data = ix.data;
760
+ if (!data || data.length === 0 || data[0] !== TRANSFER_CHECKED_DISCRIMINATOR) continue;
761
+ const accountIndices = ix.accountIndices ?? [];
762
+ const authorityIndex = accountIndices[3];
763
+ if (authorityIndex === void 0) continue;
764
+ if (authorityIndex >= message.staticAccounts.length) {
765
+ console.warn(
766
+ "[gate] Solana TransferChecked authority resolves through an address lookup table; signer-match recovery requires the static-account form. Skipping."
767
+ );
768
+ continue;
769
+ }
770
+ const authority = message.staticAccounts[authorityIndex];
771
+ if (authority) return authority;
772
+ }
773
+ return null;
774
+ } catch (err) {
775
+ console.warn("[gate] Solana credential decode failed:", err instanceof Error ? err.message : err);
776
+ return null;
777
+ }
778
+ }
741
779
  async function extractPaymentSigner(request, x402PaymentHeader) {
742
780
  const authHeader = request.headers.get("authorization");
743
781
  if (authHeader) {
@@ -747,8 +785,12 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
747
785
  if (mppx?.Credential?.extractPaymentScheme(authHeader)) {
748
786
  const credential = mppx.Credential.fromRequest(request);
749
787
  const source = credential.source;
750
- const match = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
751
- if (match) return { address: match[1].toLowerCase(), network: "evm" };
788
+ const evmMatch = source?.match(/^did:pkh:eip155:\d+:(0x[0-9a-fA-F]{40})$/);
789
+ if (evmMatch) return { address: evmMatch[1].toLowerCase(), network: "evm" };
790
+ const solMatch = source?.match(/^did:pkh:solana:[1-9A-HJ-NP-Za-km-z]{32,44}:([1-9A-HJ-NP-Za-km-z]{32,44})$/);
791
+ if (solMatch) return { address: solMatch[1], network: "solana" };
792
+ const solanaFromTx = await extractSolanaSignerFromCredential(credential);
793
+ if (solanaFromTx) return { address: solanaFromTx, network: "solana" };
752
794
  }
753
795
  } catch (err) {
754
796
  console.warn("[gate] MPP signer extraction failed:", err instanceof Error ? err.message : err);
@@ -758,28 +800,9 @@ async function extractPaymentSigner(request, x402PaymentHeader) {
758
800
  try {
759
801
  const decoded = atob(x402PaymentHeader);
760
802
  const parsed = JSON.parse(decoded);
761
- const network = parsed?.accepted?.network ?? "";
762
- if (network.startsWith("eip155:")) {
763
- const from = parsed?.payload?.authorization?.from;
764
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
765
- return { address: from.toLowerCase(), network: "evm" };
766
- }
767
- } else if (network.startsWith("solana:")) {
768
- const transaction = parsed?.payload?.transaction;
769
- if (typeof transaction === "string") {
770
- const moduleName = "@x402/svm";
771
- const svm = await import(moduleName).catch(() => null);
772
- if (svm?.decodeTransactionFromPayload && svm.getTokenPayerFromTransaction) {
773
- const tx = svm.decodeTransactionFromPayload({ transaction });
774
- const payer = svm.getTokenPayerFromTransaction(tx);
775
- if (typeof payer === "string" && payer.length > 0) return { address: payer, network: "solana" };
776
- }
777
- }
778
- } else {
779
- const from = parsed?.payload?.authorization?.from;
780
- if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
781
- return { address: from.toLowerCase(), network: "evm" };
782
- }
803
+ const from = parsed?.payload?.authorization?.from;
804
+ if (typeof from === "string" && /^0x[0-9a-fA-F]{40}$/.test(from)) {
805
+ return { address: from.toLowerCase(), network: "evm" };
783
806
  }
784
807
  } catch (err) {
785
808
  console.warn("[gate] x402 signer extraction failed:", err instanceof Error ? err.message : err);