@agent-score/commerce 2.1.1 → 2.2.0

package/dist/index.js

@@ -20061,11 +20061,12 @@ function toClient(method, options) {
   };
 }
 function toServer(method, options) {
-  const { authorize, defaults, html, request, respond, stableBinding, transport, verify: verify3 } = options;
+  const { authorize, defaults, extensions, html, request, respond, stableBinding, transport, verify: verify3 } = options;
   return {
     ...method,
     authorize,
     defaults,
+    extensions,
     html,
     request,
     respond,
@@ -21221,7 +21222,7 @@ function createAgentScoreCore(options) {
   } = options;
   const baseUrl = stripTrailingSlashes(rawBaseUrl);
   const agentMemoryHint = buildAgentMemoryHint();
-  const defaultUa = `@agent-score/commerce@${"2.1.1"}`;
+  const defaultUa = `@agent-score/commerce@${"2.2.0"}`;
   const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
   const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
   const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -21358,8 +21359,9 @@ function createAgentScoreCore(options) {
         ...Object.keys(policy).length > 0 ? { policy } : {},
         // Pre-extracted payment signer (by the adapter middleware). When present, the API
         // composes BOTH signer_match (wallet-binding) and signer_sanctions (OFAC SDN wallet
-        // check) verdicts on the response in one round trip. Under
-        // policy.require_sanctions_clear, a signer_sanctions hit flips decision -> deny inline.
+        // check) verdicts on the response in one round trip. Wallet-OFAC enforcement on the
+        // signer block is unconditional — a signer_sanctions hit flips decision -> deny
+        // regardless of policy.require_sanctions_clear (which gates the separate NAME screen).
         ...signer && { signer: { address: signer.address, network: signer.network } }
       };
       const result = identity.address ? await sdk.assess(identity.address, { ...opts, operatorToken: identity.operatorToken }) : await sdk.assess(null, { ...opts, operatorToken: identity.operatorToken });
@@ -21841,6 +21843,16 @@ async function deriveMppxReceiptMethod(raw) {
   return extractMppxReceiptMethod(header);
 }
 
+// src/_warnings.ts
+var warnedNoApiKey = false;
+function warnMissingApiKeyOnce(label) {
+  if (warnedNoApiKey) return;
+  warnedNoApiKey = true;
+  console.warn(
+    `[${label}] AGENTSCORE_API_KEY is not set \u2014 wallet OFAC SDN sanctions are NOT being enforced. Set the env var to enable strict-liability protection on settle.`
+  );
+}
+
 // src/payment/rail_spec.ts
 init_usdc();
 async function resolveRecipient(r) {
@@ -22072,14 +22084,16 @@ function buildHowToPay({
   const d = decimals ?? 2;
   const defaultMaxSpend = totalNum >= 1 ? (Math.ceil(totalNum) + 1).toFixed(d) : totalNum.toFixed(d);
   const maxSpendStr = String(maxSpend ?? defaultMaxSpend);
+  const gateless = opTokenPlaceholder === null;
   const opToken = opTokenPlaceholder ?? "<your_opc_token>";
+  const opTokenHeaderFlag = gateless ? "" : `-H 'X-Operator-Token: ${opToken}' `;
   const block = {};
   if (rails2.tempo) {
     const networkName = rails2.tempo.testnet ? "tempo-testnet" : rails2.tempo.network ?? RAIL_SPEC_DEFAULTS.tempo.network;
     const chainId = rails2.tempo.chainId ?? RAIL_SPEC_DEFAULTS.tempo.chainId;
     const recommend = rails2.tempo.recommend ?? RAIL_SPEC_DEFAULTS.tempo.recommend;
-    const tempoCommand = `tempo request -X POST -H 'X-Operator-Token: ${opToken}' -H 'Content-Type: application/json' --json '${retryBodyJson}' --max-spend ${maxSpendStr} ${url2}`;
-    const payCommand = `agentscore-pay pay POST ${url2} --chain tempo -H 'X-Operator-Token: ${opToken}' -H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`;
+    const tempoCommand = `tempo request -X POST ${opTokenHeaderFlag}-H 'Content-Type: application/json' --json '${retryBodyJson}' --max-spend ${maxSpendStr} ${url2}`;
+    const payCommand = `agentscore-pay pay POST ${url2} --chain tempo ${opTokenHeaderFlag}-H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`;
     block.tempo = {
       setup: TEMPO_SETUP,
       prerequisite: `Run \`tempo wallet whoami\` and confirm USDC.e balance on ${networkName} (chain ${chainId}) is at least $${maxSpendStr}. If the tempo CLI is not installed, run the setup commands above first.`,
@@ -22093,7 +22107,7 @@ function buildHowToPay({
     block.x402_base = {
       setup: PAY_SETUP_BASE,
       prerequisite: `Run \`agentscore-pay balance --chain base\` and confirm USDC balance on Base (${network}) is at least $${maxSpendStr}. If the CLI is not installed, run the setup commands above first.`,
-      command: `agentscore-pay pay POST ${url2} --chain base -H 'X-Operator-Token: ${opToken}' -H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`,
+      command: `agentscore-pay pay POST ${url2} --chain base ${opTokenHeaderFlag}-H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`,
       what_it_does: "Pays via USDC on Base."
     };
   }
@@ -22102,7 +22116,7 @@ function buildHowToPay({
     block.solana_mpp = {
       setup: PAY_SETUP_SOLANA,
       prerequisite: `Run \`agentscore-pay balance --chain solana\` and confirm USDC balance on Solana (${network}) is at least $${maxSpendStr}. If the CLI is not installed, run the setup commands above first.`,
-      command: `agentscore-pay pay POST ${url2} --chain solana -H 'X-Operator-Token: ${opToken}' -H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`,
+      command: `agentscore-pay pay POST ${url2} --chain solana ${opTokenHeaderFlag}-H 'Content-Type: application/json' -d '${retryBodyJson}' --max-spend ${maxSpendStr}`,
       what_it_does: "Pays via USDC on Solana."
     };
   }
@@ -22124,7 +22138,7 @@ function buildHowToPay({
       ];
       stripe.command_link_cli = [
         `SPEND_ID=$(link-cli spend-request create --payment-method-id <csmrpd_id_from_payment_methods_list> --credential-type shared_payment_token --network-id ${stripeCfg.profileId} --amount ${amountCents} --context "${sptContext}" --request-approval --output-json | jq -r .id)`,
-        `link-cli mpp pay ${url2} --spend-request-id $SPEND_ID --method POST --data '${retryBodyJson}' --header 'X-Operator-Token: ${opToken}' --output-json`
+        gateless ? `link-cli mpp pay ${url2} --spend-request-id $SPEND_ID --method POST --data '${retryBodyJson}' --output-json` : `link-cli mpp pay ${url2} --spend-request-id $SPEND_ID --method POST --data '${retryBodyJson}' --header 'X-Operator-Token: ${opToken}' --output-json`
       ];
       stripe.what_it_does_link_cli = "Mints a one-time-use SharedPaymentToken scoped to this purchase (user approves in Link wallet), then submits it as the payment credential.";
     } else if (linkCliBlocked) {
@@ -23041,6 +23055,23 @@ var Checkout = class {
   discoveryExtensions;
   discoveryProbe;
   _x402ServerGetter;
+  /**
+   * True when the merchant has configured an identity-bearing policy flag —
+   * `require_kyc`, `require_sanctions_clear` (name screening on the KYC
+   * identity), `min_age`, or jurisdiction lists. Wallet OFAC SDN enforcement
+   * (the always-on default) does NOT count as an identity gate; agents don't
+   * need an AgentScore credential to satisfy it.
+   *
+   * Used to conditionally emit AgentScore identity boilerplate in 402 bodies
+   * (`agent_memory`, `X-Operator-Token` references in per-rail commands).
+   */
+  hasIdentityGate() {
+    const g = this.gate;
+    if (!g) return false;
+    return Boolean(
+      g.requireKyc || g.requireSanctionsClear || g.minAge !== void 0 || g.allowedJurisdictions && g.allowedJurisdictions.length > 0 || g.blockedJurisdictions && g.blockedJurisdictions.length > 0
+    );
+  }
   constructor(opts) {
     const x402Server = opts.x402Server;
     let x402ServerGetter;
@@ -23238,8 +23269,8 @@ var Checkout = class {
       }
     }
     const hasPaymentHeader2 = hasX402Header(request.headers) || hasMppxHeader(request.headers);
-    if (this.gate !== void 0 && hasPaymentHeader2) {
-      const denial = await this.runGate(ctx);
+    if (hasPaymentHeader2) {
+      const denial = this.gate !== void 0 ? await this.runGate(ctx) : await this.runWalletSanctionsOnly(ctx);
       if (denial !== null) {
         return {
           status: denial.status,
@@ -23311,7 +23342,9 @@ var Checkout = class {
       }
       return result;
     }
-    if (gate.apiKey === void 0) return null;
+    if (gate.apiKey === void 0) {
+      return this.runWalletSanctionsOnly(ctx);
+    }
     let policyOverride;
     if (gate.perRequestPolicy !== void 0) {
       policyOverride = await gate.perRequestPolicy(ctx);
@@ -23401,6 +23434,58 @@ var Checkout = class {
     const status = reason.code === "token_expired" || reason.code === "invalid_credential" ? 401 : reason.code === "api_error" ? 503 : 403;
     return { status, body };
   }
+  /**
+   * Wallet OFAC SDN enforcement.
+   *
+   * Runs on settle (payment header present) when either `this.gate` is
+   * undefined OR a gate is configured but has no `apiKey` to reach
+   * `/v1/assess` for full policy enforcement (fallback to the
+   * strict-liability default).
+   *
+   * Env knobs:
+   *   - `AGENTSCORE_API_KEY` — required. No key → one-time warning + skip
+   *     (dev/testnet pattern; production should always configure a key).
+   *   - `AGENTSCORE_BASE_URL` — optional override for staging/dev API
+   *     (e.g. `https://api-dev.agentscore.sh` or `http://localhost:3002`).
+   *
+   * Stripe SPT (no extractable wallet signer) → skip silently; Stripe runs
+   * its own OFAC screen on the buyer's Stripe account at customer creation.
+   *
+   * Calls `/v1/assess` with the signer wallet as both the primary address
+   * and the signer block. The API enforces signer-sanctions unconditionally
+   * when a signer is present (no policy flag needed). Denies on OFAC SDN
+   * hit; fail-closed on unavailable lookup (strict liability — falsely
+   * allowing a sanctioned settle is an OFAC violation, falsely denying a
+   * clean buyer is just bad UX).
+   */
+  async runWalletSanctionsOnly(ctx) {
+    const apiKey = process.env.AGENTSCORE_API_KEY;
+    if (!apiKey) {
+      warnMissingApiKeyOnce("checkout");
+      return null;
+    }
+    const headers = normalizeHeadersToLowercase(ctx.request.headers);
+    const x402Header = headers["payment-signature"] ?? headers["x-payment"];
+    const signer = await extractPaymentSignerFromAuth(headers["authorization"], x402Header);
+    if (!signer) {
+      return null;
+    }
+    const baseUrl = process.env.AGENTSCORE_BASE_URL;
+    const core = createAgentScoreCore({
+      apiKey,
+      ...baseUrl !== void 0 && { baseUrl }
+    });
+    const outcome = await core.evaluate(
+      { address: signer.address },
+      ctx,
+      signer
+    );
+    if (outcome.kind === "allow") return null;
+    const reason = outcome.reason;
+    const body = denialReasonToBody(reason);
+    const status = reason.code === "token_expired" || reason.code === "invalid_credential" ? 401 : reason.code === "api_error" ? 503 : 403;
+    return { status, body };
+  }
   async handleZeroSettle(ctx, rail) {
     if (!this.zeroSettleCarveOut || ctx.pricing === null) return null;
     const cents = Math.round(ctx.pricing.amountUsd * 100);
@@ -23616,6 +23701,10 @@ var Checkout = class {
       retryBodyJson: JSON.stringify(ctx.request.body),
       totalUsd: ctx.pricing.amountUsd.toFixed(pricingDecimals),
       rails: howToPayRails,
+      // Merchants without an identity-bearing policy flag get clean commands
+      // without an X-Operator-Token header — agents don't need one to satisfy
+      // wallet OFAC enforcement (the always-on default).
+      ...this.hasIdentityGate() ? {} : { opTokenPlaceholder: null },
       ...ctx.pricing.decimals !== void 0 && { decimals: ctx.pricing.decimals }
     });
     const pricingBlock = ctx.pricing.block ?? buildPricingBlock({
@@ -23652,7 +23741,10 @@ var Checkout = class {
       pricing: pricingBlock,
       amountUsd: ctx.pricing.amountUsd.toFixed(pricingDecimals),
       retryBody: ctx.request.body,
-      agentMemory: firstEncounterAgentMemory({ firstEncounter: true }),
+      // Merchants without an identity-bearing gate get a clean 402: no
+      // AgentScore-identity bootstrap describing a verification flow they
+      // don't run. Wallet OFAC (the always-on default) doesn't need it.
+      agentMemory: firstEncounterAgentMemory({ firstEncounter: this.hasIdentityGate() }),
       ...ctx.pricing.product ? { product: ctx.pricing.product } : {},
       ...ctx.pricing.bodyExtras ? { extra: ctx.pricing.bodyExtras } : {},
       ...x402Accepts.length > 0 ? {
@@ -24380,6 +24472,36 @@ function computeFirstCheckout(opts) {
     );
     return new Response(JSON.stringify(body402), { status: 402, headers });
   }
+  async function enforceWalletSanctions(req, referenceId) {
+    const apiKey = process.env.AGENTSCORE_API_KEY;
+    if (!apiKey) {
+      warnMissingApiKeyOnce(`${opts.name}.computeFirst`);
+      return null;
+    }
+    const x402Header = readX402PaymentHeader(req);
+    const signer = await extractPaymentSigner(req, x402Header);
+    if (!signer) return null;
+    const baseUrl = process.env.AGENTSCORE_BASE_URL;
+    const core = createAgentScoreCore({
+      apiKey,
+      ...baseUrl !== void 0 && { baseUrl }
+    });
+    const outcome = await core.evaluate({ address: signer.address }, void 0, signer);
+    if (outcome.kind === "allow") return null;
+    const reason = outcome.reason;
+    const body = denialReasonToBody(reason);
+    const status = reason.code === "token_expired" || reason.code === "invalid_credential" ? 401 : reason.code === "api_error" ? 503 : 403;
+    return new Response(
+      JSON.stringify({
+        id: referenceId,
+        endpoint: opts.name,
+        created_at: (/* @__PURE__ */ new Date()).toISOString(),
+        payment_status: "failed",
+        ...body
+      }),
+      { status, headers: { "Content-Type": "application/json" } }
+    );
+  }
   async function handleX402Settle(req, referenceId, cachedBody, priceCents, recipients) {
     const verified = await verifyX402Request({
       request: req,
@@ -24578,6 +24700,8 @@ function computeFirstCheckout(opts) {
           { status: 400, headers: { "Content-Type": "application/json" } }
         );
       }
+      const ofacDenial = await enforceWalletSanctions(req, referenceId);
+      if (ofacDenial !== null) return ofacDenial;
       if (hasX402Header(req.headers)) return handleX402Settle(req, referenceId, quote2.body, quote2.priceCents, quote2.recipients);
       return handleMppSettle(req, referenceId, quote2.body, quote2.priceCents, quote2.recipients);
     }