npm - @agent-score/commerce - Versions diffs - 2.0.2 → 2.1.0 - Mend

@agent-score/commerce 2.0.2 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

package/README.md +26 -11
package/dist/_core-kI7FRAiZ.d.mts +10 -0
package/dist/_core-kI7FRAiZ.d.ts +10 -0
package/dist/challenge/index.d.mts +3 -3
package/dist/challenge/index.d.ts +3 -3
package/dist/challenge/index.js +21 -14
package/dist/challenge/index.js.map +1 -1
package/dist/challenge/index.mjs +21 -14
package/dist/challenge/index.mjs.map +1 -1
package/dist/{checkout-DhSj_h94.d.ts → checkout-BH-I_Ns8.d.ts} +13 -12
package/dist/{checkout-jNUIql6D.d.mts → checkout-Bd_4aQ6c.d.mts} +13 -12
package/dist/core.js +1 -1
package/dist/core.js.map +1 -1
package/dist/core.mjs +1 -1
package/dist/core.mjs.map +1 -1
package/dist/default_rails-BWAquZeu.d.mts +188 -0
package/dist/default_rails-BxBzcCA1.d.ts +188 -0
package/dist/discovery/index.d.mts +5 -5
package/dist/discovery/index.d.ts +5 -5
package/dist/discovery/index.js +14 -1
package/dist/discovery/index.js.map +1 -1
package/dist/discovery/index.mjs +14 -1
package/dist/discovery/index.mjs.map +1 -1
package/dist/identity/express.d.mts +7 -3
package/dist/identity/express.d.ts +7 -3
package/dist/identity/express.js +39 -96
package/dist/identity/express.js.map +1 -1
package/dist/identity/express.mjs +37 -87
package/dist/identity/express.mjs.map +1 -1
package/dist/identity/fastify.d.mts +4 -4
package/dist/identity/fastify.d.ts +4 -4
package/dist/identity/fastify.js +60 -96
package/dist/identity/fastify.js.map +1 -1
package/dist/identity/fastify.mjs +58 -87
package/dist/identity/fastify.mjs.map +1 -1
package/dist/identity/hono.d.mts +11 -3
package/dist/identity/hono.d.ts +11 -3
package/dist/identity/hono.js +39 -93
package/dist/identity/hono.js.map +1 -1
package/dist/identity/hono.mjs +37 -84
package/dist/identity/hono.mjs.map +1 -1
package/dist/identity/nextjs.d.mts +10 -3
package/dist/identity/nextjs.d.ts +10 -3
package/dist/identity/nextjs.js +49 -93
package/dist/identity/nextjs.js.map +1 -1
package/dist/identity/nextjs.mjs +46 -84
package/dist/identity/nextjs.mjs.map +1 -1
package/dist/identity/policy.js +185 -139
package/dist/identity/policy.js.map +1 -1
package/dist/identity/policy.mjs +187 -141
package/dist/identity/policy.mjs.map +1 -1
package/dist/identity/web.d.mts +9 -3
package/dist/identity/web.d.ts +9 -3
package/dist/identity/web.js +45 -93
package/dist/identity/web.js.map +1 -1
package/dist/identity/web.mjs +42 -84
package/dist/identity/web.mjs.map +1 -1
package/dist/index.d.mts +554 -90
package/dist/index.d.ts +554 -90
package/dist/index.js +916 -162
package/dist/index.js.map +1 -1
package/dist/index.mjs +904 -162
package/dist/index.mjs.map +1 -1
package/dist/middleware/express.d.mts +10 -0
package/dist/middleware/express.d.ts +10 -0
package/dist/middleware/express.js +128 -0
package/dist/middleware/express.js.map +1 -0
package/dist/middleware/express.mjs +91 -0
package/dist/middleware/express.mjs.map +1 -0
package/dist/middleware/fastify.d.mts +10 -0
package/dist/middleware/fastify.d.ts +10 -0
package/dist/middleware/fastify.js +127 -0
package/dist/middleware/fastify.js.map +1 -0
package/dist/middleware/fastify.mjs +90 -0
package/dist/middleware/fastify.mjs.map +1 -0
package/dist/middleware/hono.d.mts +10 -0
package/dist/middleware/hono.d.ts +10 -0
package/dist/middleware/hono.js +122 -0
package/dist/middleware/hono.js.map +1 -0
package/dist/middleware/hono.mjs +85 -0
package/dist/middleware/hono.mjs.map +1 -0
package/dist/middleware/nextjs.d.mts +22 -0
package/dist/middleware/nextjs.d.ts +22 -0
package/dist/middleware/nextjs.js +143 -0
package/dist/middleware/nextjs.js.map +1 -0
package/dist/middleware/nextjs.mjs +105 -0
package/dist/middleware/nextjs.mjs.map +1 -0
package/dist/middleware/web.d.mts +25 -0
package/dist/middleware/web.d.ts +25 -0
package/dist/middleware/web.js +128 -0
package/dist/middleware/web.js.map +1 -0
package/dist/middleware/web.mjs +91 -0
package/dist/middleware/web.mjs.map +1 -0
package/dist/payment/index.d.mts +21 -6
package/dist/payment/index.d.ts +21 -6
package/dist/payment/index.js +136 -9
package/dist/payment/index.js.map +1 -1
package/dist/payment/index.mjs +127 -9
package/dist/payment/index.mjs.map +1 -1
package/dist/{pricing-CxzwyiO6.d.mts → pricing-4n5Ota0D.d.mts} +14 -4
package/dist/{pricing-CQ9DIFaw.d.ts → pricing-DHfH3ogG.d.ts} +14 -4
package/dist/{rail_spec-XP0wKgJV.d.mts → rail_spec-D6qzh3J0.d.mts} +1 -1
package/dist/{rail_spec-XP0wKgJV.d.ts → rail_spec-D6qzh3J0.d.ts} +1 -1
package/dist/stripe-multichain/index.d.mts +150 -47
package/dist/stripe-multichain/index.d.ts +150 -47
package/dist/stripe-multichain/index.js +19749 -42
package/dist/stripe-multichain/index.js.map +1 -1
package/dist/stripe-multichain/index.mjs +19758 -27
package/dist/stripe-multichain/index.mjs.map +1 -1
package/dist/{x402_server-hgQzWQwB.d.mts → x402_server-Ciz2mls2.d.mts} +1 -1
package/dist/{x402_server-hgQzWQwB.d.ts → x402_server-Ciz2mls2.d.ts} +1 -1
package/package.json +40 -2
package/dist/_response-BFYN3b6i.d.mts +0 -142
package/dist/_response-_iPD5AIj.d.ts +0 -142
package/dist/solana-Cds87OTu.d.mts +0 -67
package/dist/solana-Cds87OTu.d.ts +0 -67

package/dist/index.mjs CHANGED Viewed

@@ -31,6 +31,27 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
+// src/payment/network_kind.ts
+function readNetwork(input) {
+  if (typeof input === "string") return input;
+  if (input && typeof input === "object") {
+    const network = input.network;
+    return typeof network === "string" ? network : "";
+  }
+  return "";
+}
+function isEvmNetwork(input) {
+  return readNetwork(input).startsWith("eip155:");
+}
+function isSolanaNetwork(input) {
+  return readNetwork(input).startsWith("solana:");
+}
+var init_network_kind = __esm({
+  "src/payment/network_kind.ts"() {
+    "use strict";
+  }
+});
 // src/identity/ucp.ts
 function ucpSigningKeyFromJWKImpl(jwk) {
   if (!jwk || typeof jwk !== "object") {
@@ -160,7 +181,7 @@ function isTempoSessionRailSpec(s) {
 }
 function mppRailToNetworkEntry(spec) {
   if (isTempoSessionRailSpec(spec)) return tempoSessionToNetworkEntry(spec);
-  if ("rpcUrl" in spec || "tokenProgram" in spec || (spec.network?.startsWith("solana:") ?? false)) {
+  if ("rpcUrl" in spec || "tokenProgram" in spec || isSolanaNetwork(spec)) {
     return solanaMppToNetworkEntry(spec);
   }
   if (isTempoRailSpec(spec)) return tempoToNetworkEntry(spec);
@@ -217,6 +238,7 @@ var UCPSigningKey, DEFAULT_VERSION, AGENTSCORE_CAPABILITY_NAME, AGENTSCORE_CAPAB
 var init_ucp = __esm({
   "src/identity/ucp.ts"() {
     "use strict";
+    init_network_kind();
     UCPSigningKey = {
       fromJWK: ucpSigningKeyFromJWKImpl
     };
@@ -636,64 +658,6 @@ var init_ucp_jwks = __esm({
   }
 });
-// src/payment/usdc.ts
-var USDC;
-var init_usdc = __esm({
-  "src/payment/usdc.ts"() {
-    "use strict";
-    USDC = {
-      base: {
-        mainnet: { address: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", decimals: 6 },
-        sepolia: { address: "0x036CbD53842c5426634e7929541eC2318f3dCF7e", decimals: 6 }
-      },
-      solana: {
-        mainnet: { mint: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", decimals: 6 },
-        devnet: { mint: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU", decimals: 6 }
-      },
-      tempo: {
-        mainnet: { address: "0x20C000000000000000000000b9537d11c60E8b50", decimals: 6 },
-        testnet: { address: "0x20c0000000000000000000000000000000000000", decimals: 6 }
-      }
-    };
-  }
-});
-// src/payment/wwwauthenticate.ts
-function paymentRequiredHeader({
-  x402Version,
-  accepts,
-  resource
-}) {
-  return Buffer.from(JSON.stringify({ x402Version, accepts, ...resource ? { resource } : {} })).toString("base64");
-}
-var init_wwwauthenticate = __esm({
-  "src/payment/wwwauthenticate.ts"() {
-    "use strict";
-  }
-});
-// src/payment/networks.ts
-var networks;
-var init_networks = __esm({
-  "src/payment/networks.ts"() {
-    "use strict";
-    networks = {
-      base: {
-        mainnet: { caip2: "eip155:8453", chainId: 8453 },
-        sepolia: { caip2: "eip155:84532", chainId: 84532 }
-      },
-      solana: {
-        mainnet: { caip2: "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp" },
-        devnet: { caip2: "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1" }
-      },
-      tempo: {
-        mainnet: { caip2: "eip155:4217", chainId: 4217 },
-        testnet: { caip2: "eip155:42431", chainId: 42431 }
-      }
-    };
-  }
-});
 // node_modules/ox/_esm/core/Abi.js
 var init_Abi = __esm({
   "node_modules/ox/_esm/core/Abi.js"() {
@@ -20305,6 +20269,64 @@ var init_dist2 = __esm({
   }
 });
+// src/payment/usdc.ts
+var USDC;
+var init_usdc = __esm({
+  "src/payment/usdc.ts"() {
+    "use strict";
+    USDC = {
+      base: {
+        mainnet: { address: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", decimals: 6 },
+        sepolia: { address: "0x036CbD53842c5426634e7929541eC2318f3dCF7e", decimals: 6 }
+      },
+      solana: {
+        mainnet: { mint: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", decimals: 6 },
+        devnet: { mint: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU", decimals: 6 }
+      },
+      tempo: {
+        mainnet: { address: "0x20C000000000000000000000b9537d11c60E8b50", decimals: 6 },
+        testnet: { address: "0x20c0000000000000000000000000000000000000", decimals: 6 }
+      }
+    };
+  }
+});
+// src/payment/wwwauthenticate.ts
+function paymentRequiredHeader({
+  x402Version,
+  accepts,
+  resource
+}) {
+  return Buffer.from(JSON.stringify({ x402Version, accepts, ...resource ? { resource } : {} })).toString("base64");
+}
+var init_wwwauthenticate = __esm({
+  "src/payment/wwwauthenticate.ts"() {
+    "use strict";
+  }
+});
+// src/payment/networks.ts
+var networks;
+var init_networks = __esm({
+  "src/payment/networks.ts"() {
+    "use strict";
+    networks = {
+      base: {
+        mainnet: { caip2: "eip155:8453", chainId: 8453 },
+        sepolia: { caip2: "eip155:84532", chainId: 84532 }
+      },
+      solana: {
+        mainnet: { caip2: "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp" },
+        devnet: { caip2: "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1" }
+      },
+      tempo: {
+        mainnet: { caip2: "eip155:4217", chainId: 4217 },
+        testnet: { caip2: "eip155:42431", chainId: 42431 }
+      }
+    };
+  }
+});
 // src/payment/rails.ts
 function lookupRail(name) {
   return rails[name];
@@ -21125,7 +21147,7 @@ function createAgentScoreCore(options) {
   } = options;
   const baseUrl = stripTrailingSlashes(rawBaseUrl);
   const agentMemoryHint = buildAgentMemoryHint();
-  const defaultUa = `@agent-score/commerce@${"2.0.2"}`;
+  const defaultUa = `@agent-score/commerce@${"2.1.0"}`;
   const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
   const sdk = new AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
   const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -21417,6 +21439,13 @@ function createAgentScoreCore(options) {
   return { evaluate, captureWallet, getSignerVerdict };
 }
+// src/_headers.ts
+function normalizeHeadersToLowercase(headers) {
+  const out = {};
+  for (const [k, v] of Object.entries(headers)) out[k.toLowerCase()] = v;
+  return out;
+}
 // src/signer.ts
 var TOKEN_PROGRAM = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
 var TOKEN_2022_PROGRAM = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
@@ -21499,13 +21528,8 @@ async function extractPaymentSignerFromAuth(authHeader, x402PaymentHeader) {
 function readX402PaymentHeader(request) {
   return request.headers.get("payment-signature") ?? request.headers.get("x-payment") ?? void 0;
 }
-function lowerHeaders(headers) {
-  const out = {};
-  for (const [k, v] of Object.entries(headers)) out[k.toLowerCase()] = v;
-  return out;
-}
 async function extractSignerForPrecheck(headers) {
-  const lower = lowerHeaders(headers);
+  const lower = normalizeHeadersToLowercase(headers);
   const x402 = lower["payment-signature"] ?? lower["x-payment"];
   if (x402) {
     const signer = await extractPaymentSignerFromAuth(void 0, x402);
@@ -21520,7 +21544,7 @@ async function extractSignerForPrecheck(headers) {
 // src/identity/a2a.ts
 var PROTOCOL_VERSION = "1.0";
-var DEFAULT_PROTOCOL_BINDING = "HTTP+JSON";
+var DEFAULT_TRANSPORT = "JSONRPC";
 var DEFAULT_INPUT_MODE = "application/json";
 var DEFAULT_OUTPUT_MODE = "application/json";
 var UCP_A2A_EXTENSION_URI = "https://ucp.dev/2026-04-08/specification/reference";
@@ -21540,30 +21564,33 @@ function buildA2AAgentCard(input) {
   }
   const capabilities = {};
   if (input.streaming !== void 0) capabilities.streaming = input.streaming;
-  if (input.push_notifications !== void 0) capabilities.push_notifications = input.push_notifications;
+  if (input.pushNotifications !== void 0) capabilities.pushNotifications = input.pushNotifications;
+  if (input.stateTransitionHistory !== void 0) capabilities.stateTransitionHistory = input.stateTransitionHistory;
   if (input.extensions && input.extensions.length > 0) capabilities.extensions = input.extensions;
-  if (input.extended_agent_card !== void 0) capabilities.extended_agent_card = input.extended_agent_card;
-  const primaryInterface = {
-    url: input.url,
-    protocol_binding: input.protocol_binding ?? DEFAULT_PROTOCOL_BINDING,
-    protocol_version: input.a2a_protocol_version ?? PROTOCOL_VERSION
-  };
   const card = {
     name: input.name,
     description: input.description,
-    supported_interfaces: [primaryInterface],
+    url: input.url,
+    preferredTransport: input.preferredTransport ?? "HTTP+JSON",
+    protocolVersion: input.protocolVersion ?? PROTOCOL_VERSION,
     version: input.version ?? "1.0.0",
     capabilities,
-    default_input_modes: input.default_input_modes ?? [DEFAULT_INPUT_MODE],
-    default_output_modes: input.default_output_modes ?? [DEFAULT_OUTPUT_MODE],
+    defaultInputModes: input.defaultInputModes ?? [DEFAULT_INPUT_MODE],
+    defaultOutputModes: input.defaultOutputModes ?? [DEFAULT_OUTPUT_MODE],
     skills: input.skills
   };
+  if (input.additionalInterfaces !== void 0 && input.additionalInterfaces.length > 0) {
+    card.additionalInterfaces = input.additionalInterfaces;
+  }
   if (input.provider !== void 0) card.provider = input.provider;
-  if (input.documentation_url !== void 0) card.documentation_url = input.documentation_url;
-  if (input.icon_url !== void 0) card.icon_url = input.icon_url;
+  if (input.documentationUrl !== void 0) card.documentationUrl = input.documentationUrl;
+  if (input.iconUrl !== void 0) card.iconUrl = input.iconUrl;
+  if (input.supportsAuthenticatedExtendedCard !== void 0) {
+    card.supportsAuthenticatedExtendedCard = input.supportsAuthenticatedExtendedCard;
+  }
   if (input.signatures !== void 0 && input.signatures.length > 0) card.signatures = input.signatures;
-  if (input.security_schemes !== void 0) card.security_schemes = input.security_schemes;
-  if (input.security_requirements !== void 0) card.security_requirements = input.security_requirements;
+  if (input.security !== void 0) card.security = input.security;
+  if (input.securitySchemes !== void 0) card.securitySchemes = input.securitySchemes;
   if (input.extras) {
     for (const [k, v] of Object.entries(input.extras)) {
       card[k] = v;
@@ -21571,6 +21598,8 @@ function buildA2AAgentCard(input) {
   }
   return card;
 }
+var A2A_PROTOCOL_VERSION = PROTOCOL_VERSION;
+var A2A_DEFAULT_TRANSPORT = DEFAULT_TRANSPORT;
 // src/index.ts
 init_ucp();
@@ -21579,6 +21608,34 @@ init_ucp_jwks();
 // src/checkout.ts
 import { randomUUID } from "crypto";
+// src/_mppx_receipt.ts
+function extractMppxReceiptHeaderFromRaw(raw) {
+  if (!raw || typeof raw !== "object" || !("withReceipt" in raw)) return null;
+  const fn = raw.withReceipt;
+  if (typeof fn !== "function") return null;
+  try {
+    const wrapped = fn.call(raw, new Response());
+    return wrapped.headers.get("Payment-Receipt");
+  } catch {
+    return null;
+  }
+}
+async function extractMppxReceiptMethod(header) {
+  try {
+    const { Receipt } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
+    return Receipt.deserialize(header).method;
+  } catch {
+    return void 0;
+  }
+}
+async function deriveMppxReceiptMethod(raw) {
+  const direct = raw?.receipt?.method;
+  if (direct) return direct;
+  const header = extractMppxReceiptHeaderFromRaw(raw);
+  if (!header) return void 0;
+  return extractMppxReceiptMethod(header);
+}
 // src/payment/rail_spec.ts
 init_usdc();
 async function resolveRecipient(r) {
@@ -21803,10 +21860,13 @@ function buildHowToPay({
   totalUsd,
   rails: rails2,
   opTokenPlaceholder,
-  maxSpend
+  maxSpend,
+  decimals
 }) {
   const totalNum = typeof totalUsd === "string" ? Number(totalUsd) : totalUsd;
-  const maxSpendStr = String(maxSpend ?? (Math.ceil(totalNum) + 1).toFixed(2));
+  const d = decimals ?? 2;
+  const defaultMaxSpend = totalNum >= 1 ? (Math.ceil(totalNum) + 1).toFixed(d) : totalNum.toFixed(d);
+  const maxSpendStr = String(maxSpend ?? defaultMaxSpend);
   const opToken = opTokenPlaceholder ?? "<your_opc_token>";
   const block = {};
   if (rails2.tempo) {
@@ -21899,26 +21959,26 @@ function buildPricingBlock({
   totalCents,
   taxRate,
   taxState,
-  currency
+  currency,
+  decimals
 }) {
   const shipping = shippingCents ?? 0;
   const discount = discountCents ?? 0;
   const total = totalCents ?? Math.max(0, subtotalCents + taxCents + shipping - discount);
+  const d = decimals ?? 2;
+  const fmt = (cents) => (cents / 100).toFixed(d);
   const block = {
-    subtotal: formatCents(subtotalCents),
-    tax: formatCents(taxCents),
-    total: formatCents(total)
+    subtotal: fmt(subtotalCents),
+    tax: fmt(taxCents),
+    total: fmt(total)
   };
-  if (shippingCents !== void 0) block.shipping = formatCents(shipping);
-  if (discountCents !== void 0) block.discount = formatCents(discount);
+  if (shippingCents !== void 0) block.shipping = fmt(shipping);
+  if (discountCents !== void 0) block.discount = fmt(discount);
   if (taxRate !== void 0) block.tax_rate = taxRate;
   if (taxState !== void 0) block.tax_state = taxState;
   if (currency !== void 0) block.currency = currency;
   return block;
 }
-function formatCents(cents) {
-  return (cents / 100).toFixed(2);
-}
 // src/challenge/respond_402.ts
 init_wwwauthenticate();
@@ -21927,10 +21987,7 @@ function respond402({
   body,
   x402
 }) {
-  const headers = {};
-  for (const [k, v] of Object.entries(mppxChallengeHeaders)) {
-    headers[k.toLowerCase()] = v;
-  }
+  const headers = normalizeHeadersToLowercase(mppxChallengeHeaders);
   headers["content-type"] = "application/json";
   if (x402) {
     headers["payment-required"] = paymentRequiredHeader(x402);
@@ -21993,7 +22050,8 @@ function isSolanaMppRailSpec(s) {
   return s.network?.startsWith("solana:") ?? false;
 }
 function solanaNetworkFromCAIP2(caip2) {
-  if (caip2 === networks.solana.devnet.caip2) return "devnet";
+  if (caip2 === "devnet" || caip2 === networks.solana.devnet.caip2) return "devnet";
+  if (caip2 === "localnet") return "localnet";
   return "mainnet-beta";
 }
 function solanaDefaultRpcUrl(network) {
@@ -22277,6 +22335,41 @@ function lazyMppxServer(opts) {
   };
 }
+// src/checkout.ts
+init_network_kind();
+// src/payment/payment_header.ts
+function toTitleCase(name) {
+  return name.replace(/(^|-)([a-z])/g, (_m, sep, c) => sep + c.toUpperCase());
+}
+function readHeader(headers, name) {
+  if (typeof headers.get === "function") {
+    return headers.get(name);
+  }
+  const rec = headers;
+  const v = rec[name] ?? rec[name.toLowerCase()] ?? rec[toTitleCase(name)];
+  if (typeof v === "string") return v;
+  if (Array.isArray(v) && typeof v[0] === "string") return v[0];
+  return null;
+}
+function asHeaders(input) {
+  return typeof input.headers === "object" && input instanceof Request ? input.headers : input;
+}
+function hasPaymentHeader(input) {
+  const headers = asHeaders(input);
+  return Boolean(
+    readHeader(headers, "payment-signature") || readHeader(headers, "x-payment") || readHeader(headers, "authorization")?.startsWith("Payment ")
+  );
+}
+function hasX402Header(input) {
+  const headers = asHeaders(input);
+  return Boolean(readHeader(headers, "payment-signature") || readHeader(headers, "x-payment"));
+}
+function hasMppxHeader(input) {
+  const headers = asHeaders(input);
+  return Boolean(readHeader(headers, "authorization")?.startsWith("Payment "));
+}
 // src/payment/x402_settle.ts
 function classifyX402SettleResult(result) {
   if (result.success) return null;
@@ -22568,12 +22661,14 @@ function pricingResult(opts) {
       ...opts.discountCents !== void 0 && { discountCents: opts.discountCents },
       ...opts.taxRate !== void 0 && { taxRate: opts.taxRate },
       ...opts.taxState !== void 0 && { taxState: opts.taxState },
-      currency
+      currency,
+      ...opts.decimals !== void 0 && { decimals: opts.decimals }
     });
     return {
       amountUsd: derivedAmount,
       currency,
       block,
+      ...opts.decimals !== void 0 && { decimals: opts.decimals },
       ...opts.product !== void 0 && { product: opts.product },
       ...opts.bodyExtras !== void 0 && { bodyExtras: opts.bodyExtras }
     };
@@ -22584,6 +22679,7 @@ function pricingResult(opts) {
   return {
     amountUsd: opts.amountUsd,
     currency,
+    ...opts.decimals !== void 0 && { decimals: opts.decimals },
     ...opts.product !== void 0 && { product: opts.product },
     ...opts.bodyExtras !== void 0 && { bodyExtras: opts.bodyExtras }
   };
@@ -22609,21 +22705,8 @@ var CheckoutValidationError = class extends Error {
     this.extra = opts.extra;
   }
 };
-function lowerHeaders2(headers) {
-  const out = {};
-  for (const [k, v] of Object.entries(headers)) out[k.toLowerCase()] = v;
-  return out;
-}
-function hasX402Header(headers) {
-  const h = lowerHeaders2(headers);
-  return Boolean(h["payment-signature"] ?? h["x-payment"]);
-}
-function hasMppxHeader(headers) {
-  const h = lowerHeaders2(headers);
-  return (h["authorization"] ?? "").startsWith("Payment ");
-}
 function resolveIdentityMetadata(ctx) {
-  const h = lowerHeaders2(ctx.request.headers);
+  const h = normalizeHeadersToLowercase(ctx.request.headers);
   const wallet = h["x-wallet-address"];
   if (!wallet) return void 0;
   let linkedWallets;
@@ -22652,26 +22735,24 @@ function isTempoSessionRailSpec3(s) {
 function specRailKey(spec) {
   if (isStripeRailSpec2(spec)) return "stripe";
   if (isTempoSessionRailSpec3(spec)) return "tempo_mpp";
-  const network = spec.network ?? "";
-  if (network.startsWith("eip155:")) return "x402_base";
-  if (network.startsWith("solana:") || "rpcUrl" in spec) return "solana_mpp";
+  if (isEvmNetwork(spec)) return "x402_base";
+  if (isSolanaNetwork(spec) || "rpcUrl" in spec) return "solana_mpp";
   return "tempo_mpp";
 }
 function specMethodName(spec) {
   if (isStripeRailSpec2(spec)) return "stripe/spt";
   if (isTempoSessionRailSpec3(spec)) return "tempo/charge";
-  const network = spec.network ?? "";
-  if (network.startsWith("eip155:")) return "x402/exact (base)";
-  if (network.startsWith("solana:") || "rpcUrl" in spec) return "solana/charge";
+  if (isEvmNetwork(spec)) return "x402/exact (base)";
+  if (isSolanaNetwork(spec) || "rpcUrl" in spec) return "solana/charge";
   return "tempo/charge";
 }
 function makeMppxComposeHook(opts) {
   return async (ctx) => {
     if (ctx.pricing === null) return { status: 402 };
     const mpp = await opts.serverGetter();
-    const lower = lowerHeaders2(ctx.request.headers);
+    const lower = normalizeHeadersToLowercase(ctx.request.headers);
     const authorization = lower["authorization"];
-    const amountStr = ctx.pricing.amountUsd.toFixed(2);
+    const amountStr = ctx.pricing.amountUsd.toFixed(ctx.pricing.decimals ?? 2);
     let result;
     try {
       result = await mpp.charge({ authorization, amount: amountStr });
@@ -22755,7 +22836,7 @@ var Checkout = class {
     let x402ServerGetter;
     if (x402Server === void 0) {
       const baseSpec = Object.values(opts.rails).find(
-        (s) => !isTempoSessionRailSpec3(s) && !isStripeRailSpec2(s) && "recipient" in s && (s.network ?? "").startsWith("eip155:")
+        (s) => !isTempoSessionRailSpec3(s) && !isStripeRailSpec2(s) && "recipient" in s && isEvmNetwork(s)
       );
       if (baseSpec !== void 0) {
         x402ServerGetter = lazyX402Server({
@@ -22845,7 +22926,7 @@ var Checkout = class {
    *  `"x402_base"` when no match found. */
   x402RailKey() {
     for (const [k, v] of Object.entries(this.rails)) {
-      if (!isStripeRailSpec2(v) && !isTempoSessionRailSpec3(v) && (v.network ?? "").startsWith("eip155:")) {
+      if (!isStripeRailSpec2(v) && !isTempoSessionRailSpec3(v) && isEvmNetwork(v)) {
         return k;
       }
     }
@@ -22854,8 +22935,7 @@ var Checkout = class {
   /** Return the rails-dict key for the primary MPP rail. */
   mppRailKey() {
     for (const [k, v] of Object.entries(this.rails)) {
-      const network = v.network ?? "";
-      if (!isStripeRailSpec2(v) && !network.startsWith("eip155:")) return k;
+      if (!isStripeRailSpec2(v) && !isEvmNetwork(v)) return k;
     }
     return "tempo";
   }
@@ -22874,17 +22954,15 @@ var Checkout = class {
     if (method === "solana") {
       for (const [k, v] of Object.entries(this.rails)) {
         if (isStripeRailSpec2(v) || isTempoSessionRailSpec3(v)) continue;
-        const network = v.network ?? "";
-        if (network.startsWith("solana:") || "rpcUrl" in v || "tokenProgram" in v) return k;
+        if (isSolanaNetwork(v) || "rpcUrl" in v || "tokenProgram" in v) return k;
       }
       return void 0;
     }
     if (method === "tempo") {
       for (const [k, v] of Object.entries(this.rails)) {
         if (isStripeRailSpec2(v)) continue;
-        const network = v.network ?? "";
-        if (network.startsWith("solana:") || "rpcUrl" in v || "tokenProgram" in v) continue;
-        if (network.startsWith("eip155:")) continue;
+        if (isSolanaNetwork(v) || "rpcUrl" in v || "tokenProgram" in v) continue;
+        if (isEvmNetwork(v)) continue;
         return k;
       }
       return void 0;
@@ -22897,7 +22975,7 @@ var Checkout = class {
   get x402BaseNetwork() {
     if (!this.x402ServerAvailable()) return null;
     for (const spec of Object.values(this.rails)) {
-      if (!isStripeRailSpec2(spec) && !isTempoSessionRailSpec3(spec) && (spec.network ?? "").startsWith("eip155:")) {
+      if (!isStripeRailSpec2(spec) && !isTempoSessionRailSpec3(spec) && isEvmNetwork(spec)) {
         return spec.network ?? "eip155:8453";
       }
     }
@@ -22949,8 +23027,8 @@ var Checkout = class {
         throw err;
       }
     }
-    const hasPaymentHeader = hasX402Header(request.headers) || hasMppxHeader(request.headers);
-    if (this.gate !== void 0 && hasPaymentHeader) {
+    const hasPaymentHeader2 = hasX402Header(request.headers) || hasMppxHeader(request.headers);
+    if (this.gate !== void 0 && hasPaymentHeader2) {
       const denial = await this.runGate(ctx);
       if (denial !== null) {
         return {
@@ -23040,7 +23118,7 @@ var Checkout = class {
       ...policyOverride ?? {}
     };
     const core = createAgentScoreCore(coreOpts);
-    const headers = lowerHeaders2(ctx.request.headers);
+    const headers = normalizeHeadersToLowercase(ctx.request.headers);
     const walletAddress = headers["x-wallet-address"];
     const operatorToken = headers["x-operator-token"];
     const identity = walletAddress !== void 0 || operatorToken !== void 0 ? {
@@ -23102,7 +23180,7 @@ var Checkout = class {
     if (!this.zeroSettleCarveOut || ctx.pricing === null) return null;
     const cents = Math.round(ctx.pricing.amountUsd * 100);
     if (cents !== 0) return null;
-    const headers = lowerHeaders2(ctx.request.headers);
+    const headers = normalizeHeadersToLowercase(ctx.request.headers);
     let zero;
     if (rail === "x402-base") {
       const x402Header = headers["payment-signature"] ?? headers["x-payment"];
@@ -23176,7 +23254,7 @@ var Checkout = class {
       resourceConfig: {
         scheme: "exact",
         network: verified.signedNetwork,
-        price: `$${ctx.pricing.amountUsd.toFixed(2)}`,
+        price: `$${ctx.pricing.amountUsd.toFixed(ctx.pricing.decimals ?? 2)}`,
         payTo: verified.signedPayTo,
         maxTimeoutSeconds: 300
       },
@@ -23285,15 +23363,18 @@ var Checkout = class {
         howToPayRails[k] = v;
       }
     }
+    const pricingDecimals = ctx.pricing.decimals ?? 2;
     const howToPay = buildHowToPay({
       url: this.url,
       retryBodyJson: JSON.stringify(ctx.request.body),
-      totalUsd: ctx.pricing.amountUsd.toFixed(2),
-      rails: howToPayRails
+      totalUsd: ctx.pricing.amountUsd.toFixed(pricingDecimals),
+      rails: howToPayRails,
+      ...ctx.pricing.decimals !== void 0 && { decimals: ctx.pricing.decimals }
     });
     const pricingBlock = ctx.pricing.block ?? buildPricingBlock({
-      subtotalCents: Math.round(ctx.pricing.amountUsd * 100),
-      currency: ctx.pricing.currency ?? "USD"
+      subtotalCents: ctx.pricing.amountUsd * 100,
+      currency: ctx.pricing.currency ?? "USD",
+      ...ctx.pricing.decimals !== void 0 && { decimals: ctx.pricing.decimals }
     });
     let x402Accepts = [];
     let x402Resource;
@@ -23306,7 +23387,7 @@ var Checkout = class {
         try {
           x402Accepts = await buildX402AcceptsFor402(x402Server, {
             network: baseNetwork,
-            price: `$${ctx.pricing.amountUsd.toFixed(2)}`,
+            price: `$${ctx.pricing.amountUsd.toFixed(pricingDecimals)}`,
             payTo: recipient,
             maxTimeoutSeconds: 300
           });
@@ -23322,7 +23403,7 @@ var Checkout = class {
       agentInstructions: buildAgentInstructions({ howToPay }),
       ...identityMetadata !== void 0 ? { identityMetadata } : {},
       pricing: pricingBlock,
-      amountUsd: ctx.pricing.amountUsd.toFixed(2),
+      amountUsd: ctx.pricing.amountUsd.toFixed(pricingDecimals),
       retryBody: ctx.request.body,
       agentMemory: firstEncounterAgentMemory({ firstEncounter: true }),
       ...ctx.pricing.product ? { product: ctx.pricing.product } : {},
@@ -23430,25 +23511,6 @@ function stripContentType(headers) {
   }
   return out;
 }
-function extractMppxReceiptHeaderFromRaw(raw) {
-  if (!raw || typeof raw !== "object" || !("withReceipt" in raw)) return null;
-  const fn = raw.withReceipt;
-  if (typeof fn !== "function") return null;
-  try {
-    const wrapped = fn.call(raw, new Response());
-    return wrapped.headers.get("Payment-Receipt");
-  } catch {
-    return null;
-  }
-}
-async function extractMppxReceiptMethod(header) {
-  try {
-    const { Receipt } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
-    return Receipt.deserialize(header).method;
-  } catch {
-    return void 0;
-  }
-}
 function headersToRecord(h) {
   if (h === void 0) return {};
   if (h instanceof Headers) {
@@ -23762,6 +23824,15 @@ import { createHash } from "crypto";
 function hashOperatorToken(plaintext) {
   return createHash("sha256").update(plaintext, "utf8").digest("hex");
 }
+function extractOwnerScope(input) {
+  const headers = asHeaders(input);
+  const walletAddress = readHeader(headers, "x-wallet-address");
+  const operatorToken = readHeader(headers, "x-operator-token");
+  return {
+    ...walletAddress ? { walletAddress } : {},
+    ...operatorToken ? { operatorTokenHash: hashOperatorToken(operatorToken) } : {}
+  };
+}
 // src/payment/index.ts
 init_directive();
@@ -23775,8 +23846,45 @@ init_directive();
 init_wwwauthenticate();
 // src/payment/amounts.ts
-function formatUsdCents(cents) {
-  return (cents / 100).toFixed(2);
+function usdToAtomic(usd, opts) {
+  const { decimals } = opts;
+  if (!Number.isInteger(decimals) || decimals < 0) {
+    throw new RangeError(`decimals must be a non-negative integer, got ${decimals}`);
+  }
+  if (typeof usd === "number") {
+    if (!Number.isFinite(usd)) {
+      throw new RangeError(`usd must be finite, got ${usd}`);
+    }
+    if (usd < 0) {
+      throw new RangeError(`usd must be non-negative, got ${usd}`);
+    }
+  }
+  const s = (typeof usd === "number" ? usd.toString() : usd).trim();
+  if (s.startsWith("-")) {
+    throw new RangeError(`usd must be non-negative, got ${s}`);
+  }
+  if (s === "NaN" || s === "Infinity") {
+    throw new RangeError(`usd must be finite, got ${s}`);
+  }
+  const match = /^(\d*)(?:\.(\d*))?$/.exec(s);
+  if (!match || match[1] === "" && (match[2] === void 0 || match[2] === "")) {
+    throw new SyntaxError(`invalid usd value: ${JSON.stringify(usd)}`);
+  }
+  const intPart = match[1] || "0";
+  const fracPart = match[2] ?? "";
+  if (fracPart.length <= decimals) {
+    return BigInt(intPart + fracPart.padEnd(decimals, "0"));
+  }
+  const kept = fracPart.slice(0, decimals);
+  const roundDigit = fracPart[decimals];
+  let result = BigInt(intPart + kept);
+  if (roundDigit >= "5") {
+    result += 1n;
+  }
+  return result;
+}
+function formatUsdCents(cents, decimals = 2) {
+  return (cents / 100).toFixed(decimals);
 }
 // src/payment/solana.ts
@@ -23799,7 +23907,631 @@ async function loadSolanaFeePayer(opts) {
   }
   return kit.createKeyPairSignerFromPrivateKeyBytes(bytes);
 }
+// src/payment/compose_rails.ts
+init_usdc();
+function buildMppxComposeRails(opts) {
+  const rails2 = [];
+  if (opts.tempoRecipient) {
+    rails2.push(["tempo/charge", {
+      amount: opts.amountUsd,
+      currency: opts.tempoTokenAddress ?? USDC.tempo.mainnet.address,
+      decimals: 6,
+      recipient: opts.tempoRecipient
+    }]);
+  }
+  if (opts.solanaRecipient) {
+    const atomic = usdToAtomic(opts.amountUsd, { decimals: 6 });
+    rails2.push(["solana/charge", {
+      amount: atomic.toString(),
+      currency: opts.solanaTokenMint ?? USDC.solana.mainnet.mint,
+      decimals: 6,
+      recipient: opts.solanaRecipient,
+      network: opts.solanaNetwork ?? "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp"
+    }]);
+  }
+  if (opts.includeStripe !== false) {
+    rails2.push(["stripe/charge", { amount: opts.amountUsd, currency: "usd", decimals: 2 }]);
+  }
+  return rails2;
+}
+// src/payment/default_rails.ts
+init_networks();
+init_usdc();
+function buildDefaultCheckoutRails(opts) {
+  const out = {};
+  if (opts.tempo) {
+    out.tempo = { recipient: "", ...RAIL_SPEC_DEFAULTS.tempo, ...opts.tempo };
+  }
+  if (opts.x402Base) {
+    const merged = { recipient: "", ...RAIL_SPEC_DEFAULTS.x402Base, ...opts.x402Base };
+    if (merged.network === networks.base.sepolia.caip2) {
+      if (opts.x402Base.chainId === void 0) merged.chainId = networks.base.sepolia.chainId;
+      if (opts.x402Base.token === void 0) merged.token = USDC.base.sepolia.address;
+    } else if (merged.network === networks.base.mainnet.caip2) {
+      if (opts.x402Base.chainId === void 0) merged.chainId = networks.base.mainnet.chainId;
+      if (opts.x402Base.token === void 0) merged.token = USDC.base.mainnet.address;
+    }
+    out.x402_base = merged;
+  }
+  if (opts.solanaMpp) {
+    const merged = { recipient: "", ...RAIL_SPEC_DEFAULTS.solanaMpp, ...opts.solanaMpp };
+    const isDevnet = merged.network === "devnet" || merged.network === networks.solana.devnet.caip2;
+    if (isDevnet && opts.solanaMpp.token === void 0) {
+      merged.token = USDC.solana.devnet.mint;
+    }
+    out.solana_mpp = merged;
+  }
+  if (opts.stripe) {
+    out.stripe = { ...RAIL_SPEC_DEFAULTS.stripe, ...opts.stripe };
+  }
+  return out;
+}
+// src/payment/index.ts
+init_network_kind();
+// src/checkout_compute_first.ts
+import { randomUUID as randomUUID2 } from "crypto";
+// src/discovery/index.ts
+init_probe();
+// src/discovery/agentscore_content.ts
+var PURCHASE_MODE_NOTES = Object.freeze({
+  redemption_only: "Requires a single-use redemption code (printed on a mailer or other out-of-band delivery). Submit the code in the request body as `redemption_code`. Without a valid code the order is rejected.",
+  coupon_applicable: "Codes are optional. Without one, settle at list price. With a valid code the discount is applied automatically (percent_off, fixed_off, or fixed_settle).",
+  paid_only: "Codes are NOT accepted. Settle at the listed price. Submitting a `redemption_code` field returns 400 codes_not_accepted."
+});
+function buildSuccessNextSteps(opts) {
+  const out = {
+    action: "done",
+    user_message: opts.userMessage ?? "Payment complete. Your AgentScore Passport is now active across every AgentScore-gated merchant."
+  };
+  if (opts.orderStatusUrl) out.order_status_url = opts.orderStatusUrl;
+  if (opts.fulfillmentEta !== void 0) out.fulfillment_eta = opts.fulfillmentEta;
+  return out;
+}
+// src/discovery/index.ts
+init_well_known();
+// src/quote_cache.ts
+import { createHash as createHash2 } from "crypto";
+// src/_redis.ts
+async function tryCreateRedis(opts) {
+  const url2 = opts.url ?? process.env.REDIS_URL;
+  if (!url2) return null;
+  try {
+    const mod = await import("ioredis");
+    const client = new mod.default(url2, {
+      connectTimeout: opts.connectTimeout ?? 3e3,
+      maxRetriesPerRequest: opts.maxRetriesPerRequest ?? 1,
+      tls: url2.startsWith("rediss://") ? {} : void 0
+    });
+    client.on("error", (err) => console.error(`[${opts.label}] Redis error:`, err.message));
+    return client;
+  } catch {
+    return null;
+  }
+}
+function memoizedRedis(opts) {
+  let promise2 = null;
+  return () => {
+    if (!promise2) promise2 = tryCreateRedis(opts);
+    return promise2;
+  };
+}
+// src/quote_cache.ts
+function canonicalize2(value) {
+  if (Array.isArray(value)) return value.map(canonicalize2);
+  if (value && typeof value === "object") {
+    const sorted = {};
+    for (const key of Object.keys(value).sort()) {
+      sorted[key] = canonicalize2(value[key]);
+    }
+    return sorted;
+  }
+  return value;
+}
+function createQuoteCache(opts = {}) {
+  const ttlMs = opts.ttlMs ?? 5 * 6e4;
+  const keyPrefix = opts.keyPrefix ?? "quote:";
+  const memMap = /* @__PURE__ */ new Map();
+  const getRedis = memoizedRedis({ url: opts.redisUrl, label: "quote-cache" });
+  const evictExpired = () => {
+    const now = Date.now();
+    for (const [k, v] of memMap.entries()) {
+      if (v.expiresAt <= now) memMap.delete(k);
+    }
+  };
+  return {
+    bodyHashKey(prefix, body) {
+      const canonical = JSON.stringify(canonicalize2(body));
+      const hash3 = createHash2("sha256").update(`${prefix}::${canonical}`).digest("hex").slice(0, 24);
+      return `${prefix}::${hash3}`;
+    },
+    async read(key) {
+      const r = await getRedis();
+      if (r) {
+        try {
+          const raw = await r.get(`${keyPrefix}${key}`);
+          if (!raw) return null;
+          return JSON.parse(raw);
+        } catch {
+        }
+      }
+      evictExpired();
+      const entry = memMap.get(key);
+      return entry ? entry.entry : null;
+    },
+    async write(key, body, priceCents, recipients = {}) {
+      const cached2 = { body, priceCents, recipients };
+      const r = await getRedis();
+      if (r) {
+        try {
+          await r.set(`${keyPrefix}${key}`, JSON.stringify(cached2), "PX", ttlMs);
+          return;
+        } catch {
+        }
+      }
+      memMap.set(key, { entry: cached2, expiresAt: Date.now() + ttlMs });
+    },
+    async clear() {
+      memMap.clear();
+      const r = await getRedis();
+      if (r) {
+        try {
+          await r.flushdb();
+        } catch {
+        }
+      }
+    }
+  };
+}
+// src/checkout_compute_first.ts
+var DEFAULT_TTL_MS = 5 * 6e4;
+function decimalsForUnit(unitPriceCents) {
+  if (Number.isInteger(unitPriceCents)) return 2;
+  const str = unitPriceCents.toString();
+  const dotIdx = str.indexOf(".");
+  const frac = dotIdx === -1 ? 0 : str.length - dotIdx - 1;
+  return 2 + frac;
+}
+function computeFirstCheckout(opts) {
+  const cache = opts.cache ?? createQuoteCache({ ttlMs: opts.cacheTtlMs ?? DEFAULT_TTL_MS });
+  const decimals = opts.decimals ?? decimalsForUnit(opts.unitPriceCents);
+  const appUrl = opts.appUrl ?? new URL(opts.url).origin;
+  async function mintAndResolveRecipients(req, body, priceCents) {
+    const minted = opts.mintRecipients ? await opts.mintRecipients({ request: req, body, priceCents }) : {};
+    const out = {};
+    const tempo = minted.tempo ?? (opts.rails.tempo ? await resolveRecipient(opts.rails.tempo.recipient) : void 0);
+    const x402Base = minted.x402_base ?? (opts.rails.x402_base ? await resolveRecipient(opts.rails.x402_base.recipient) : void 0);
+    const solana = minted.solana_mpp ?? (opts.rails.solana_mpp ? await resolveRecipient(opts.rails.solana_mpp.recipient) : void 0);
+    if (tempo) out.tempo = tempo;
+    if (x402Base) out.x402_base = x402Base;
+    if (solana) out.solana_mpp = solana;
+    return out;
+  }
+  async function emit402(req, body, priceCents, recipients) {
+    const totalUsd = formatUsdCents(priceCents, decimals);
+    const tempoRecipient = recipients.tempo;
+    const x402BaseRecipient = recipients.x402_base;
+    const solanaRecipient = recipients.solana_mpp;
+    const accepted = await buildAcceptedMethods({
+      ...tempoRecipient && opts.rails.tempo && { tempo: { ...opts.rails.tempo, recipient: tempoRecipient } },
+      ...solanaRecipient && opts.rails.solana_mpp && { solana_mpp: { ...opts.rails.solana_mpp, recipient: solanaRecipient } },
+      ...opts.rails.stripe && { stripe: opts.rails.stripe }
+    });
+    if (x402BaseRecipient && opts.rails.x402_base) {
+      try {
+        const resolvedX402PayTo = await resolveRecipient(x402BaseRecipient);
+        const x402Entries = await buildX402AcceptsFor402(opts.x402Server, {
+          network: opts.rails.x402_base.network ?? "eip155:8453",
+          price: `$${totalUsd}`,
+          payTo: resolvedX402PayTo,
+          maxTimeoutSeconds: 300
+        });
+        accepted.push(...x402Entries);
+      } catch (err) {
+        console.warn(
+          `[${opts.name}.computeFirst] buildX402AcceptsFor402 failed; dropping x402 from accepts:`,
+          err instanceof Error ? err.message : err
+        );
+      }
+    }
+    const howToPay = buildHowToPay({
+      url: opts.url,
+      retryBodyJson: JSON.stringify(body),
+      totalUsd,
+      decimals,
+      rails: {
+        ...tempoRecipient && opts.rails.tempo && { tempo: { ...opts.rails.tempo, recipient: tempoRecipient } },
+        ...x402BaseRecipient && opts.rails.x402_base && { x402_base: { ...opts.rails.x402_base, recipient: x402BaseRecipient } },
+        ...solanaRecipient && opts.rails.solana_mpp && { solana_mpp: { ...opts.rails.solana_mpp, recipient: solanaRecipient } },
+        ...opts.rails.stripe && { stripe: opts.rails.stripe }
+      }
+    });
+    const pricing = buildPricingBlock({ subtotalCents: priceCents, currency: "USD", decimals });
+    const agentInstructions = buildAgentInstructions({
+      howToPay,
+      warnings: [
+        "The quoted price is exact: it was derived from the actual number of results returned by the work on the probe leg.",
+        "The merchant cached the result against a hash of this request body. Retry with the same body within the quote TTL (default 5 min) to settle and receive the cached results; if the quote expires, re-probe."
+      ]
+    });
+    let mppChallengeHeaders = {};
+    if (opts.composeMppx) {
+      try {
+        const mppResult = await opts.composeMppx({
+          request: req,
+          cachedBody: body,
+          priceCents,
+          priceUsd: totalUsd,
+          recipients
+        });
+        if (mppResult.status === 402 && mppResult.headers) {
+          mppChallengeHeaders = mppResult.headers;
+        }
+      } catch (err) {
+        console.warn(
+          `[${opts.name}.computeFirst] composeMppx probe-leg failed; dropping MPP rails from 402 challenge:`,
+          err instanceof Error ? err.message : err
+        );
+      }
+    }
+    const body402 = build402Body({
+      product: { id: opts.name, name: opts.name },
+      acceptedMethods: accepted,
+      pricing,
+      agentInstructions,
+      amountUsd: totalUsd,
+      currency: "USD",
+      orderId: null,
+      retryBody: body
+    });
+    const headers = new Headers({ "Content-Type": "application/json" });
+    for (const [k, v] of Object.entries(mppChallengeHeaders)) headers.set(k, v);
+    headers.set(
+      "PAYMENT-REQUIRED",
+      paymentRequiredHeader({ x402Version: 2, accepts: accepted, resource: { url: opts.url } })
+    );
+    return new Response(JSON.stringify(body402), { status: 402, headers });
+  }
+  async function handleX402Settle(req, referenceId, cachedBody, priceCents, recipients) {
+    const verified = await verifyX402Request({
+      request: req,
+      isCachedAddress: async () => true,
+      acceptedNetwork: opts.rails.x402_base?.network ?? "eip155:8453"
+    });
+    if (!verified.ok) {
+      return new Response(JSON.stringify(verified.body), {
+        status: verified.status,
+        headers: { "Content-Type": "application/json" }
+      });
+    }
+    const actualUsd = formatUsdCents(priceCents, decimals);
+    const settle = await processX402Settle({
+      x402Server: opts.x402Server,
+      payload: verified.payload,
+      resourceConfig: {
+        scheme: "exact",
+        network: verified.signedNetwork,
+        price: `$${actualUsd}`,
+        payTo: verified.signedPayTo,
+        maxTimeoutSeconds: 300
+      },
+      resourceMeta: {
+        url: req.url,
+        description: `Agent purchase via x402-exact (${opts.name})`,
+        mimeType: "application/json"
+      }
+    });
+    if (!settle.success) {
+      const detail = settle.error?.message ?? "unknown";
+      return new Response(
+        JSON.stringify({
+          id: referenceId,
+          endpoint: opts.name,
+          created_at: (/* @__PURE__ */ new Date()).toISOString(),
+          payment_status: "failed",
+          charged_usd: "0.00",
+          rail: `x402-base (${verified.signedNetwork})`,
+          error: {
+            code: "settle_failed",
+            message: "Facilitator rejected the exact settle; no on-chain capture occurred.",
+            detail
+          }
+        }),
+        { status: 502, headers: { "Content-Type": "application/json" } }
+      );
+    }
+    const signer = await extractPaymentSigner(req, readX402PaymentHeader(req));
+    const signerInfo = signer ? { address: signer.address, network: signer.network } : void 0;
+    const railLabel = `Base (${verified.signedNetwork})`;
+    if (opts.onSettled) {
+      try {
+        await opts.onSettled({
+          request: req,
+          rail: "x402",
+          cachedBody,
+          priceCents,
+          priceUsd: actualUsd,
+          recipients,
+          ...signerInfo ? { signer: signerInfo } : {}
+        });
+      } catch (err) {
+        console.warn(`[${opts.name}.computeFirst.onSettled] x402 side-effect failed:`, err instanceof Error ? err.message : err);
+      }
+    }
+    const buildBody = opts.buildSuccessBody ?? defaultSuccessBody(appUrl);
+    const body = buildBody({
+      referenceId,
+      endpoint: opts.name,
+      chargedUsd: actualUsd,
+      rail: railLabel,
+      ...signerInfo ? { signer: signerInfo } : {},
+      cachedBody
+    });
+    return new Response(JSON.stringify(body), { status: 200, headers: { "Content-Type": "application/json" } });
+  }
+  function mppRailLabel(method) {
+    const scheme = method?.split("/")[0];
+    if (scheme === "tempo") {
+      const networkName = opts.rails.tempo?.testnet ? "tempo-testnet" : opts.rails.tempo?.network ?? "tempo-mainnet";
+      return `Tempo (${networkName})`;
+    }
+    if (scheme === "solana") {
+      const networkName = opts.rails.solana_mpp?.network ?? "solana";
+      return `Solana (${networkName})`;
+    }
+    if (scheme === "stripe") return "Stripe (card+link)";
+    return "MPP";
+  }
+  async function handleMppSettle(req, referenceId, cachedBody, priceCents, recipients) {
+    if (!opts.composeMppx) {
+      return new Response(
+        JSON.stringify({
+          id: referenceId,
+          endpoint: opts.name,
+          created_at: (/* @__PURE__ */ new Date()).toISOString(),
+          payment_status: "failed",
+          charged_usd: "0.00",
+          error: { code: "mpp_unavailable", message: "MPP settle hook not configured on this endpoint." }
+        }),
+        { status: 503, headers: { "Content-Type": "application/json" } }
+      );
+    }
+    const priceUsd = formatUsdCents(priceCents, decimals);
+    const result = await opts.composeMppx({ request: req, cachedBody, priceCents, priceUsd, recipients });
+    if (result.status !== 200) {
+      const headers = result.headers ?? {};
+      return new Response(
+        JSON.stringify({
+          id: referenceId,
+          endpoint: opts.name,
+          created_at: (/* @__PURE__ */ new Date()).toISOString(),
+          payment_status: "failed",
+          charged_usd: "0.00",
+          error: { code: "mpp_settle_failed", message: "MPP compose did not return 200; credential rejected." }
+        }),
+        { status: 400, headers: { "Content-Type": "application/json", ...headers } }
+      );
+    }
+    const signer = result.signerAddress ? { address: result.signerAddress, network: result.signerNetwork ?? "evm" } : await extractPaymentSigner(req, readX402PaymentHeader(req)).then((s) => s ? { address: s.address, network: s.network } : void 0);
+    const method = await deriveMppxReceiptMethod(result.raw);
+    const railLabel = mppRailLabel(method);
+    if (opts.onSettled) {
+      try {
+        await opts.onSettled({
+          request: req,
+          rail: "mpp",
+          mppMethod: method,
+          cachedBody,
+          priceCents,
+          priceUsd,
+          recipients,
+          ...signer ? { signer } : {},
+          ...result.txHash ? { paymentIntentId: result.txHash } : {}
+        });
+      } catch (err) {
+        console.warn(`[${opts.name}.computeFirst.onSettled] MPP side-effect failed:`, err instanceof Error ? err.message : err);
+      }
+    }
+    const buildBody = opts.buildSuccessBody ?? defaultSuccessBody(appUrl);
+    const body = buildBody({
+      referenceId,
+      endpoint: opts.name,
+      chargedUsd: priceUsd,
+      rail: railLabel,
+      ...result.txHash ? { paymentIntentId: result.txHash } : {},
+      ...signer ? { signer } : {},
+      cachedBody
+    });
+    return new Response(JSON.stringify(body), { status: 200, headers: { "Content-Type": "application/json" } });
+  }
+  async function handle(req) {
+    const referenceId = `${opts.name}_${randomUUID2()}`;
+    let body;
+    try {
+      body = await req.clone().json();
+    } catch {
+      body = {};
+    }
+    try {
+      opts.validateInput?.(body);
+    } catch (err) {
+      if (err instanceof CheckoutValidationError) {
+        return new Response(
+          JSON.stringify({
+            error: { code: err.code, message: err.message },
+            ...err.action ? { next_steps: { action: err.action, user_message: err.message } } : {},
+            ...err.extra
+          }),
+          { status: err.status, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      throw err;
+    }
+    const cacheKey2 = cache.bodyHashKey(opts.name, body);
+    if (hasX402Header(req.headers) || hasMppxHeader(req.headers)) {
+      const quote2 = await cache.read(cacheKey2);
+      if (!quote2) {
+        return new Response(
+          JSON.stringify({
+            id: referenceId,
+            endpoint: opts.name,
+            created_at: (/* @__PURE__ */ new Date()).toISOString(),
+            payment_status: "failed",
+            charged_usd: "0.00",
+            error: {
+              code: "stale_quote",
+              message: "No active quote for this request body. The quote may have expired or the body changed since the probe."
+            },
+            next_steps: {
+              action: "re_probe",
+              suggestion: "Send the same body without a payment header to get a fresh 402 quote, then retry with the payment credential."
+            }
+          }),
+          { status: 400, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      if (hasX402Header(req.headers)) return handleX402Settle(req, referenceId, quote2.body, quote2.priceCents, quote2.recipients);
+      return handleMppSettle(req, referenceId, quote2.body, quote2.priceCents, quote2.recipients);
+    }
+    let quote = await cache.read(cacheKey2);
+    if (!quote) {
+      let outcome;
+      try {
+        outcome = await opts.runWork(body, { request: req });
+      } catch {
+        return new Response(
+          JSON.stringify({
+            id: referenceId,
+            endpoint: opts.name,
+            created_at: (/* @__PURE__ */ new Date()).toISOString(),
+            payment_status: "no_charge",
+            charged_usd: "0.00",
+            result: { matches: [], total: 0 },
+            error: {
+              code: "upstream_failed",
+              message: "The wrapped endpoint failed; no charge was applied."
+            }
+          }),
+          { status: 200, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      if (outcome.resultCount === 0) {
+        return new Response(
+          JSON.stringify({
+            id: referenceId,
+            endpoint: opts.name,
+            created_at: (/* @__PURE__ */ new Date()).toISOString(),
+            payment_status: "no_charge",
+            charged_usd: "0.00",
+            result: outcome.body
+          }),
+          { status: 200, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      const priceCents = opts.unitPriceCents * outcome.resultCount;
+      const recipients = await mintAndResolveRecipients(req, body, priceCents);
+      await cache.write(cacheKey2, outcome.body, priceCents, recipients);
+      quote = { body: outcome.body, priceCents, recipients };
+    }
+    return emit402(req, body, quote.priceCents, quote.recipients);
+  }
+  return {
+    handleWeb: handle,
+    async handleHono(c) {
+      return handle(c.req.raw);
+    }
+  };
+}
+function defaultSuccessBody(appUrl) {
+  return ({ referenceId, endpoint, chargedUsd, rail, paymentIntentId, signer, cachedBody }) => ({
+    id: referenceId,
+    endpoint,
+    created_at: (/* @__PURE__ */ new Date()).toISOString(),
+    payment_status: "completed",
+    charged_usd: chargedUsd,
+    rail,
+    ...paymentIntentId ? { payment_intent_id: paymentIntentId } : {},
+    ...signer ? { signer } : {},
+    result: cachedBody,
+    next_steps: buildSuccessNextSteps({ orderStatusUrl: `${appUrl}/health` }),
+    agent_memory: firstEncounterAgentMemory({ firstEncounter: true })
+  });
+}
+// src/identity/default_denied.ts
+function createDefaultOnDenied(opts) {
+  const supportContext = opts.supportContext ?? "Contact support if you believe this denial is in error.";
+  const paymentRequiredMessage = opts.paymentRequiredMessage ?? "AgentScore tier does not support assess. Contact support.";
+  const walletNotTrustedMessage = opts.walletNotTrustedMessage ?? `Identity check did not satisfy policy for ${opts.merchantName}.`;
+  return function defaultOnDenied(reason) {
+    if (reason.code === "wallet_signer_mismatch" || reason.code === "wallet_auth_requires_wallet_signing") {
+      const body = buildSignerMismatchBody({
+        result: {
+          kind: reason.code,
+          claimedOperator: reason.claimed_operator ?? null,
+          actualSignerOperator: reason.actual_signer_operator ?? null,
+          expectedSigner: reason.expected_signer ?? "",
+          actualSigner: reason.actual_signer ?? "",
+          linkedWallets: reason.linked_wallets ?? [],
+          agentInstructions: reason.agent_instructions ?? "",
+          claimedWallet: reason.expected_signer ?? ""
+        }
+      });
+      return { status: 403, body: body ?? denialReasonToBody(reason) };
+    }
+    if (reason.code === "wallet_not_trusted") {
+      return {
+        status: 403,
+        body: {
+          error: { code: "compliance_denied", message: walletNotTrustedMessage },
+          reasons: reason.reasons ?? [],
+          policy_result: reason.data?.policy_result,
+          verify_url: reason.verify_url,
+          next_steps: buildContactSupportNextSteps(opts.supportEmail, supportContext)
+        }
+      };
+    }
+    if (reason.code === "payment_required") {
+      return {
+        status: 403,
+        body: {
+          ...denialReasonToBody(reason),
+          error: { code: "compliance_error", message: paymentRequiredMessage }
+        }
+      };
+    }
+    const status = reason.code === "token_expired" || reason.code === "invalid_credential" ? 401 : reason.code === "api_error" ? 503 : 403;
+    return {
+      status,
+      body: denialReasonToBody(reason),
+      ...status >= 500 && { headers: { "Cache-Control": "no-store" } }
+    };
+  };
+}
+function defaultReadOnlyOnDenied(reason) {
+  const message = reason.code === "missing_identity" ? "X-Wallet-Address or X-Operator-Token header required" : "Invalid identity";
+  return {
+    status: 401,
+    body: {
+      ...denialReasonToBody(reason),
+      error: { code: "unauthorized", message }
+    },
+    headers: { "Cache-Control": "no-store" }
+  };
+}
 export {
+  A2A_DEFAULT_TRANSPORT,
+  A2A_PROTOCOL_VERSION,
   AGENTSCORE_UCP_CAPABILITY,
   Checkout,
   CheckoutValidationError,
@@ -23810,18 +24542,28 @@ export {
   buildA2AAgentCard,
   buildAgentMemoryHint,
   buildContactSupportNextSteps,
+  buildDefaultCheckoutRails,
   buildGateFromPolicy,
   buildJWKSResponse,
+  buildMppxComposeRails,
   buildSignerMismatchBody,
   buildUCPProfile,
+  computeFirstCheckout,
+  createDefaultOnDenied,
+  createQuoteCache,
+  defaultReadOnlyOnDenied,
   denialReasonStatus,
   denialReasonToBody,
+  extractOwnerScope,
   extractPaymentSigner,
   extractPaymentSignerFromAuth,
   extractSignerForPrecheck,
   formatUsdCents,
   generateUCPSigningKey,
   getIdentityStatus,
+  hasMppxHeader,
+  hasPaymentHeader,
+  hasX402Header,
   hashOperatorToken,
   isFixableDenial,
   loadSolanaFeePayer,