@agentcash/router 0.1.0

package/dist/index.js

@@ -0,0 +1,1159 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/server.ts
+var server_exports = {};
+__export(server_exports, {
+  createX402Server: () => createX402Server
+});
+function createX402Server(config) {
+  const { x402ResourceServer, HTTPFacilitatorClient } = __require("@x402/core/server");
+  const { registerExactEvmScheme } = __require("@x402/evm/exact/server");
+  const { bazaarResourceServerExtension } = __require("@x402/extensions/bazaar");
+  const { siwxResourceServerExtension } = __require("@x402/extensions/sign-in-with-x");
+  const { facilitator: defaultFacilitator } = __require("@coinbase/x402");
+  const facilitatorUrl = config.facilitatorUrl ?? defaultFacilitator;
+  const client = new HTTPFacilitatorClient(facilitatorUrl);
+  const server = new x402ResourceServer(client);
+  registerExactEvmScheme(server);
+  server.registerExtension(bazaarResourceServerExtension);
+  server.registerExtension(siwxResourceServerExtension);
+  const initPromise = retryInit(server);
+  return { server, initPromise };
+}
+async function retryInit(server, maxAttempts = 3, backoff = [1e3, 2e3, 4e3]) {
+  for (let attempt = 0; attempt < maxAttempts; attempt++) {
+    try {
+      await server.init();
+      return;
+    } catch (err) {
+      const is429 = err instanceof Error && (err.message.includes("429") || err.message.includes("rate limit"));
+      if (!is429 || attempt === maxAttempts - 1) throw err;
+      await new Promise((r) => setTimeout(r, backoff[attempt] ?? 4e3));
+    }
+  }
+}
+var init_server = __esm({
+  "src/server.ts"() {
+    "use strict";
+  }
+});
+
+// src/registry.ts
+var RouteRegistry = class {
+  routes = /* @__PURE__ */ new Map();
+  register(entry) {
+    if (this.routes.has(entry.key)) {
+      throw new Error(`route '${entry.key}': already registered (duplicate route key)`);
+    }
+    this.routes.set(entry.key, entry);
+  }
+  get(key) {
+    return this.routes.get(key);
+  }
+  entries() {
+    return this.routes.entries();
+  }
+  has(key) {
+    return this.routes.has(key);
+  }
+  get size() {
+    return this.routes.size;
+  }
+  validate(expectedKeys) {
+    if (!expectedKeys) return;
+    const missing = expectedKeys.filter((k) => !this.routes.has(k));
+    if (missing.length > 0) {
+      throw new Error(
+        `route${missing.length > 1 ? "s" : ""} ${missing.map((k) => `'${k}'`).join(", ")} in prices map but not registered \u2014 add to barrel imports`
+      );
+    }
+  }
+};
+
+// src/orchestrate.ts
+import { NextResponse as NextResponse2 } from "next/server";
+
+// src/plugin.ts
+function createDefaultContext(meta) {
+  const ctx = {
+    requestId: meta.requestId,
+    route: meta.route,
+    walletAddress: meta.walletAddress,
+    clientId: meta.clientId,
+    sessionId: meta.sessionId,
+    verifiedWallet: null,
+    setVerifiedWallet(address) {
+      ctx.verifiedWallet = address;
+    }
+  };
+  return ctx;
+}
+function firePluginHook(plugin, method, ...args) {
+  if (!plugin) return void 0;
+  const fn = plugin[method];
+  if (typeof fn !== "function") return void 0;
+  try {
+    const result = fn.apply(plugin, args);
+    if (result && typeof result.catch === "function") {
+      result.catch(() => {
+      });
+    }
+    return result;
+  } catch {
+    return void 0;
+  }
+}
+function consolePlugin() {
+  return {
+    onRequest(meta) {
+      const ctx = createDefaultContext(meta);
+      return ctx;
+    },
+    onPaymentVerified(_ctx, payment) {
+      console.log(`[router] VERIFIED ${payment.protocol} ${payment.payer} ${payment.amount}`);
+    },
+    onPaymentSettled(_ctx, settlement) {
+      console.log(`[router] SETTLED ${settlement.protocol} tx=${settlement.transaction}`);
+    },
+    onResponse(ctx, response) {
+      const wallet = ctx.verifiedWallet ? ` wallet=${ctx.verifiedWallet}` : "";
+      console.log(
+        `[router] ${ctx.route} \u2192 ${response.statusCode} (${response.duration}ms)${wallet}`
+      );
+    },
+    onError(_ctx, error) {
+      console.error(`[router] ERROR ${error.status}: ${error.message}`);
+    },
+    onAlert(_ctx, alert) {
+      const logFn = alert.level === "critical" || alert.level === "error" ? console.error : alert.level === "warn" ? console.warn : console.log;
+      logFn(
+        `[router] ${alert.level.toUpperCase()} ${alert.route}: ${alert.message}`,
+        alert.meta ?? ""
+      );
+    },
+    onProviderQuota(_ctx, event) {
+      const logFn = event.level === "critical" ? console.error : event.level === "warn" ? console.warn : console.log;
+      logFn(`[router] QUOTA ${event.level.toUpperCase()} ${event.provider}: ${event.message}`);
+    }
+  };
+}
+
+// src/protocols/detect.ts
+function detectProtocol(request) {
+  if (request.headers.get("PAYMENT-SIGNATURE") || request.headers.get("X-PAYMENT")) {
+    return "x402";
+  }
+  const auth = request.headers.get("Authorization");
+  if (auth && auth.startsWith("Payment ")) {
+    return "mpp";
+  }
+  if (request.headers.get("SIGN-IN-WITH-X")) {
+    return "siwx";
+  }
+  return null;
+}
+
+// src/handler.ts
+import { NextResponse } from "next/server";
+
+// src/types.ts
+var HttpError = class extends Error {
+  constructor(message, status) {
+    super(message);
+    this.status = status;
+    this.name = "HttpError";
+  }
+};
+
+// src/handler.ts
+async function safeCallHandler(handler, ctx) {
+  try {
+    const result = await handler(ctx);
+    if (result instanceof Response) return result;
+    return NextResponse.json(result);
+  } catch (error) {
+    const status = error instanceof HttpError ? error.status : 500;
+    const message = error instanceof Error ? error.message : "Internal error";
+    return NextResponse.json({ success: false, error: message }, { status });
+  }
+}
+
+// src/body.ts
+async function bufferBody(request) {
+  const text = await request.text();
+  if (!text) return void 0;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return void 0;
+  }
+}
+function validateBody(parsed, schema) {
+  const result = schema.safeParse(parsed);
+  if (result.success) {
+    return { success: true, data: result.data };
+  }
+  const err = result.error;
+  const issues = "issues" in err ? err.issues : [{ message: String(err.message ?? "Validation failed") }];
+  return {
+    success: false,
+    error: "Validation failed",
+    issues
+  };
+}
+
+// src/pricing.ts
+async function resolvePrice(pricing, body) {
+  if (typeof pricing === "string") {
+    return pricing;
+  }
+  if (typeof pricing === "function") {
+    return pricing(body);
+  }
+  const { field, tiers, default: defaultTier } = pricing;
+  const tierKey = body != null ? String(body[field] ?? "") : "";
+  if (tierKey && tiers[tierKey]) {
+    return tiers[tierKey].price;
+  }
+  if (defaultTier && tiers[defaultTier]) {
+    return tiers[defaultTier].price;
+  }
+  if (!tierKey) {
+    throw Object.assign(new Error(`Missing required field '${field}' for tier pricing`), {
+      status: 400
+    });
+  }
+  throw Object.assign(
+    new Error(
+      `Unknown tier '${tierKey}' for field '${field}'. Valid tiers: ${Object.keys(tiers).join(", ")}`
+    ),
+    { status: 400 }
+  );
+}
+function resolveMaxPrice(pricing) {
+  if (typeof pricing === "string") return pricing;
+  if (typeof pricing === "function") {
+    throw new Error("Dynamic pricing requires maxPrice \u2014 this should be caught at registration");
+  }
+  const { tiers } = pricing;
+  let max = "0";
+  for (const tier of Object.values(tiers)) {
+    if (parseFloat(tier.price) > parseFloat(max)) {
+      max = tier.price;
+    }
+  }
+  return max;
+}
+
+// src/protocols/x402.ts
+function buildX402Challenge(server, routeEntry, request, price, payeeAddress, network, extensions) {
+  const { encodePaymentRequiredHeader } = __require("@x402/core/http");
+  const options = {
+    scheme: "exact",
+    network,
+    price,
+    payTo: payeeAddress
+  };
+  const resource = {
+    url: request.url,
+    method: routeEntry.method,
+    description: routeEntry.description
+  };
+  const requirements = server.buildPaymentRequirementsFromOptions(options, {
+    request
+  });
+  const paymentRequired = server.createPaymentRequiredResponse(
+    requirements,
+    resource,
+    null,
+    extensions
+  );
+  const encoded = encodePaymentRequiredHeader(paymentRequired);
+  return { encoded, requirements };
+}
+async function verifyX402Payment(server, request, routeEntry, price, payeeAddress, network) {
+  const { decodePaymentSignatureHeader } = __require("@x402/core/http");
+  const paymentHeader = request.headers.get("PAYMENT-SIGNATURE") ?? request.headers.get("X-PAYMENT");
+  if (!paymentHeader) return null;
+  const payload = decodePaymentSignatureHeader(paymentHeader);
+  const options = {
+    scheme: "exact",
+    network,
+    price,
+    payTo: payeeAddress
+  };
+  const requirements = server.buildPaymentRequirementsFromOptions(options, {
+    request
+  });
+  const matching = server.findMatchingRequirements(requirements, payload);
+  const verify = await server.verifyPayment(payload, matching);
+  if (!verify.isValid) {
+    return { valid: false, payload: null, requirements: null, payer: null };
+  }
+  return {
+    valid: true,
+    payer: verify.payer,
+    payload,
+    requirements: matching
+  };
+}
+async function settleX402Payment(server, payload, requirements) {
+  const { encodePaymentResponseHeader } = __require("@x402/core/http");
+  const result = await server.settlePayment(payload, requirements);
+  const encoded = encodePaymentResponseHeader(result);
+  return { encoded, result };
+}
+
+// src/protocols/mpp.ts
+var mpayLoaded = false;
+var Challenge;
+var Credential;
+var Receipt;
+var tempo;
+function ensureMpay() {
+  if (mpayLoaded) return;
+  try {
+    const mpay = __require("mpay");
+    Challenge = mpay.Challenge;
+    Credential = mpay.Credential;
+    Receipt = mpay.Receipt;
+    const mpayServer = __require("mpay/server");
+    tempo = mpayServer.tempo;
+    mpayLoaded = true;
+  } catch {
+    throw new Error("mpay package is required for MPP protocol support. Install it: pnpm add mpay");
+  }
+}
+function buildMPPChallenge(routeEntry, request, mppConfig, price) {
+  ensureMpay();
+  const intent = {
+    amount: price,
+    currency: mppConfig.currency,
+    recipient: mppConfig.recipient ?? ""
+  };
+  const challenge = Challenge.fromIntent(intent, {
+    secretKey: mppConfig.secretKey,
+    realm: new URL(request.url).origin,
+    request
+  });
+  return Challenge.serialize(challenge);
+}
+async function verifyMPPCredential(request, _routeEntry, mppConfig, price) {
+  ensureMpay();
+  const credential = Credential.fromRequest(request);
+  if (!credential) return null;
+  const isValid = Challenge.verify(credential, { secretKey: mppConfig.secretKey });
+  if (!isValid) {
+    return { valid: false, payer: null };
+  }
+  const chargeConfig = {
+    amount: price,
+    currency: mppConfig.currency,
+    recipient: mppConfig.recipient ?? ""
+  };
+  const verifyResult = await tempo.charge(chargeConfig).verify(credential);
+  if (!verifyResult?.valid) {
+    return { valid: false, payer: null };
+  }
+  return {
+    valid: true,
+    payer: verifyResult.payer
+  };
+}
+function buildMPPReceipt(reference) {
+  ensureMpay();
+  const receipt = Receipt.from({
+    method: "tempo",
+    status: "success",
+    reference,
+    timestamp: Date.now()
+  });
+  return Receipt.serialize(receipt);
+}
+
+// src/auth/siwx.ts
+async function verifySIWX(request, _routeEntry, nonceStore) {
+  const {
+    parseSIWxHeader,
+    validateSIWxMessage,
+    verifySIWxSignature
+  } = __require("@x402/extensions/sign-in-with-x");
+  const header = request.headers.get("SIGN-IN-WITH-X");
+  if (!header) return { valid: false, wallet: null };
+  const payload = parseSIWxHeader(header);
+  const uri = request.url;
+  const validation = await validateSIWxMessage(payload, uri, {
+    checkNonce: (nonce) => nonceStore.check(nonce)
+  });
+  if (!validation.isValid) {
+    return { valid: false, wallet: null };
+  }
+  const verified = await verifySIWxSignature(payload);
+  if (!verified?.isValid) {
+    return { valid: false, wallet: null };
+  }
+  return { valid: true, wallet: verified.address };
+}
+function buildSIWXExtension() {
+  const { declareSIWxExtension } = __require("@x402/extensions/sign-in-with-x");
+  return declareSIWxExtension();
+}
+
+// src/auth/api-key.ts
+async function verifyApiKey(request, resolver) {
+  const apiKey = request.headers.get("X-API-Key") ?? extractBearerToken(request.headers.get("Authorization"));
+  if (!apiKey) {
+    return { valid: false, account: null };
+  }
+  const account = await resolver(apiKey);
+  if (account == null) {
+    return { valid: false, account: null };
+  }
+  return { valid: true, account };
+}
+function extractBearerToken(header) {
+  if (!header) return null;
+  if (header.startsWith("Bearer ")) return header.slice(7);
+  return null;
+}
+
+// src/orchestrate.ts
+function createRequestHandler(routeEntry, handler, deps) {
+  async function invoke(request, meta, pluginCtx, wallet, account, parsedBody) {
+    const ctx = {
+      body: parsedBody,
+      query: parseQuery(request, routeEntry),
+      request,
+      requestId: meta.requestId,
+      route: routeEntry.key,
+      wallet,
+      account,
+      alert(level, message, alertMeta) {
+        firePluginHook(deps.plugin, "onAlert", pluginCtx, {
+          level,
+          message,
+          route: routeEntry.key,
+          meta: alertMeta
+        });
+      },
+      setVerifiedWallet: (addr) => pluginCtx.setVerifiedWallet(addr)
+    };
+    let rawResult;
+    const response = await safeCallHandler(async (c) => {
+      rawResult = await handler(c);
+      return rawResult;
+    }, ctx);
+    return { response, rawResult };
+  }
+  function finalize(response, rawResult, meta, pluginCtx) {
+    fireProviderQuota(routeEntry, response, rawResult, deps, pluginCtx);
+    firePluginResponse(deps, pluginCtx, meta, response);
+  }
+  function fail(status, message, meta, pluginCtx) {
+    const response = NextResponse2.json({ success: false, error: message }, { status });
+    firePluginResponse(deps, pluginCtx, meta, response);
+    return response;
+  }
+  return async (request) => {
+    await deps.initPromise;
+    const meta = buildMeta(request, routeEntry);
+    const pluginCtx = firePluginHook(deps.plugin, "onRequest", meta) ?? createDefaultContext(meta);
+    async function handleAuth(wallet, account2) {
+      const body2 = await parseBody(request, routeEntry);
+      if (!body2.ok) {
+        firePluginResponse(deps, pluginCtx, meta, body2.response);
+        return body2.response;
+      }
+      const { response, rawResult } = await invoke(
+        request,
+        meta,
+        pluginCtx,
+        wallet,
+        account2,
+        body2.data
+      );
+      finalize(response, rawResult, meta, pluginCtx);
+      return response;
+    }
+    if (routeEntry.authMode === "unprotected") {
+      return handleAuth(null, void 0);
+    }
+    let account = void 0;
+    if (routeEntry.authMode === "apiKey" || routeEntry.apiKeyResolver) {
+      if (!routeEntry.apiKeyResolver) {
+        return fail(401, "API key resolver not configured", meta, pluginCtx);
+      }
+      const keyResult = await verifyApiKey(request, routeEntry.apiKeyResolver);
+      if (!keyResult.valid) {
+        return fail(401, "Invalid or missing API key", meta, pluginCtx);
+      }
+      account = keyResult.account;
+      if (routeEntry.authMode === "apiKey" && !routeEntry.pricing) {
+        return handleAuth(null, account);
+      }
+    }
+    const protocol = detectProtocol(request);
+    if (routeEntry.authMode === "siwx") {
+      if (!request.headers.get("SIGN-IN-WITH-X")) {
+        const response = new NextResponse2(null, { status: 402 });
+        try {
+          if (buildSIWXExtension()) response.headers.set("X-SIWX-REQUIRED", "true");
+        } catch {
+        }
+        firePluginResponse(deps, pluginCtx, meta, response);
+        return response;
+      }
+      const siwx = await verifySIWX(request, routeEntry, deps.nonceStore);
+      if (!siwx.valid) {
+        return fail(
+          402,
+          "SIWX verification failed \u2014 signature invalid, message expired, or nonce already used",
+          meta,
+          pluginCtx
+        );
+      }
+      pluginCtx.setVerifiedWallet(siwx.wallet);
+      return handleAuth(siwx.wallet, void 0);
+    }
+    if (!protocol || protocol === "siwx") {
+      return build402(request, routeEntry, deps, meta, pluginCtx);
+    }
+    const body = await parseBody(request, routeEntry);
+    if (!body.ok) {
+      firePluginResponse(deps, pluginCtx, meta, body.response);
+      return body.response;
+    }
+    let price;
+    try {
+      price = await resolvePrice(routeEntry.pricing, body.data);
+    } catch (err) {
+      return fail(
+        err.status ?? 500,
+        err instanceof Error ? err.message : "Price resolution failed",
+        meta,
+        pluginCtx
+      );
+    }
+    if (protocol === "x402") {
+      if (!deps.x402Server) {
+        const reason = deps.x402InitError ? `x402 facilitator initialization failed: ${deps.x402InitError}` : "x402 server not initialized \u2014 ensure @x402/core, @x402/evm, and @coinbase/x402 are installed";
+        return fail(500, reason, meta, pluginCtx);
+      }
+      const verify = await verifyX402Payment(
+        deps.x402Server,
+        request,
+        routeEntry,
+        price,
+        deps.payeeAddress,
+        deps.network
+      );
+      if (!verify?.valid) return build402(request, routeEntry, deps, meta, pluginCtx);
+      pluginCtx.setVerifiedWallet(verify.payer);
+      firePluginHook(deps.plugin, "onPaymentVerified", pluginCtx, {
+        protocol: "x402",
+        payer: verify.payer,
+        amount: price,
+        network: deps.network
+      });
+      const { response, rawResult } = await invoke(
+        request,
+        meta,
+        pluginCtx,
+        verify.payer,
+        account,
+        body.data
+      );
+      if (response.status < 400) {
+        try {
+          const settle = await settleX402Payment(
+            deps.x402Server,
+            verify.payload,
+            verify.requirements
+          );
+          response.headers.set("PAYMENT-RESPONSE", settle.encoded);
+          firePluginHook(deps.plugin, "onPaymentSettled", pluginCtx, {
+            protocol: "x402",
+            payer: verify.payer,
+            transaction: String(settle.result?.transaction ?? ""),
+            network: deps.network
+          });
+        } catch (err) {
+          firePluginHook(deps.plugin, "onAlert", pluginCtx, {
+            level: "critical",
+            message: `Settlement failed: ${err instanceof Error ? err.message : String(err)}`,
+            route: routeEntry.key
+          });
+        }
+      }
+      finalize(response, rawResult, meta, pluginCtx);
+      return response;
+    }
+    if (protocol === "mpp") {
+      if (!deps.mppConfig) return build402(request, routeEntry, deps, meta, pluginCtx);
+      const verify = await verifyMPPCredential(request, routeEntry, deps.mppConfig, price);
+      if (!verify?.valid) return build402(request, routeEntry, deps, meta, pluginCtx);
+      const wallet = verify.payer;
+      pluginCtx.setVerifiedWallet(wallet);
+      firePluginHook(deps.plugin, "onPaymentVerified", pluginCtx, {
+        protocol: "mpp",
+        payer: wallet,
+        amount: price,
+        network: "tempo:42431"
+      });
+      const { response, rawResult } = await invoke(
+        request,
+        meta,
+        pluginCtx,
+        wallet,
+        account,
+        body.data
+      );
+      if (response.status < 400) {
+        try {
+          response.headers.set("Payment-Receipt", buildMPPReceipt(crypto.randomUUID()));
+        } catch {
+        }
+      }
+      finalize(response, rawResult, meta, pluginCtx);
+      return response;
+    }
+    return build402(request, routeEntry, deps, meta, pluginCtx);
+  };
+}
+async function parseBody(request, routeEntry) {
+  if (!routeEntry.bodySchema) return { ok: true, data: void 0 };
+  const raw = await bufferBody(request);
+  const result = validateBody(raw, routeEntry.bodySchema);
+  if (result.success) return { ok: true, data: result.data };
+  return {
+    ok: false,
+    response: NextResponse2.json(
+      { success: false, error: result.error, issues: result.issues },
+      { status: 400 }
+    )
+  };
+}
+function buildMeta(request, routeEntry) {
+  return {
+    requestId: crypto.randomUUID(),
+    method: request.method,
+    route: routeEntry.key,
+    origin: request.headers.get("origin") ?? new URL(request.url).origin,
+    referer: request.headers.get("referer"),
+    walletAddress: request.headers.get("X-Wallet-Address"),
+    clientId: request.headers.get("X-Client-ID"),
+    sessionId: request.headers.get("X-Session-ID"),
+    contentType: request.headers.get("content-type"),
+    headers: Object.fromEntries(request.headers.entries()),
+    startTime: Date.now()
+  };
+}
+function parseQuery(request, routeEntry) {
+  if (!routeEntry.querySchema) return void 0;
+  const params = Object.fromEntries(request.nextUrl.searchParams.entries());
+  const result = routeEntry.querySchema.safeParse(params);
+  return result.success ? result.data : params;
+}
+function build402(request, routeEntry, deps, meta, pluginCtx) {
+  const response = new NextResponse2(null, { status: 402 });
+  let challengePrice;
+  if (routeEntry.maxPrice) {
+    challengePrice = routeEntry.maxPrice;
+  } else if (routeEntry.pricing) {
+    try {
+      challengePrice = resolveMaxPrice(routeEntry.pricing);
+    } catch {
+      challengePrice = "0";
+    }
+  } else {
+    challengePrice = "0";
+  }
+  let extensions;
+  try {
+    const { z } = __require("zod");
+    const { declareDiscoveryExtension } = __require("@x402/extensions/bazaar");
+    const inputSchema = routeEntry.bodySchema ? z.toJSONSchema(routeEntry.bodySchema, { target: "draft-2020-12" }) : routeEntry.querySchema ? z.toJSONSchema(routeEntry.querySchema, { target: "draft-2020-12" }) : void 0;
+    const outputSchema = routeEntry.outputSchema ? z.toJSONSchema(routeEntry.outputSchema, { target: "draft-2020-12" }) : void 0;
+    if (inputSchema) {
+      const config = {
+        bodyType: routeEntry.bodySchema ? "json" : void 0,
+        inputSchema
+      };
+      if (outputSchema) config.output = { schema: outputSchema, example: {} };
+      extensions = declareDiscoveryExtension(config);
+    }
+  } catch {
+  }
+  if (routeEntry.protocols.includes("x402") && deps.x402Server) {
+    try {
+      const { encoded } = buildX402Challenge(
+        deps.x402Server,
+        routeEntry,
+        request,
+        challengePrice,
+        deps.payeeAddress,
+        deps.network,
+        extensions
+      );
+      response.headers.set("PAYMENT-REQUIRED", encoded);
+    } catch {
+    }
+  }
+  if (routeEntry.protocols.includes("mpp") && deps.mppConfig) {
+    try {
+      response.headers.set(
+        "WWW-Authenticate",
+        buildMPPChallenge(routeEntry, request, deps.mppConfig, challengePrice)
+      );
+    } catch {
+    }
+  }
+  firePluginResponse(deps, pluginCtx, meta, response);
+  return response;
+}
+function firePluginResponse(deps, pluginCtx, meta, response) {
+  firePluginHook(deps.plugin, "onResponse", pluginCtx, {
+    statusCode: response.status,
+    statusText: response.statusText,
+    duration: Date.now() - meta.startTime,
+    contentType: response.headers.get("content-type"),
+    headers: Object.fromEntries(response.headers.entries())
+  });
+  if (response.status >= 400 && response.status !== 402) {
+    firePluginHook(deps.plugin, "onError", pluginCtx, {
+      status: response.status,
+      message: response.statusText || `HTTP ${response.status}`,
+      settled: false
+    });
+  }
+}
+function computeQuotaLevel(remaining, warn, critical) {
+  if (remaining === null) return "healthy";
+  if (critical !== void 0 && remaining <= critical) return "critical";
+  if (warn !== void 0 && remaining <= warn) return "warn";
+  return "healthy";
+}
+function fireProviderQuota(routeEntry, response, handlerResult, deps, pluginCtx) {
+  const { providerName, providerConfig } = routeEntry;
+  if (!providerName || !providerConfig?.extractQuota) return;
+  if (response.status >= 400) return;
+  try {
+    const quota = providerConfig.extractQuota(handlerResult, response.headers);
+    if (!quota) return;
+    const level = computeQuotaLevel(quota.remaining, providerConfig.warn, providerConfig.critical);
+    const overage = providerConfig.overage ?? "same-rate";
+    const event = {
+      provider: providerName,
+      route: routeEntry.key,
+      remaining: quota.remaining,
+      limit: quota.limit,
+      spend: quota.spend,
+      level,
+      overage,
+      message: quota.remaining !== null ? `${providerName}: ${quota.remaining}${quota.limit ? `/${quota.limit}` : ""} remaining` : `${providerName}: quota info unavailable`
+    };
+    firePluginHook(deps.plugin, "onProviderQuota", pluginCtx, event);
+  } catch {
+  }
+}
+
+// src/builder.ts
+var RouteBuilder = class {
+  /** @internal */
+  _key;
+  /** @internal */
+  _registry;
+  /** @internal */
+  _deps;
+  /** @internal */
+  _authMode = null;
+  /** @internal */
+  _pricing;
+  /** @internal */
+  _protocols = ["x402"];
+  /** @internal */
+  _maxPrice;
+  /** @internal */
+  _bodySchema;
+  /** @internal */
+  _querySchema;
+  /** @internal */
+  _outputSchema;
+  /** @internal */
+  _description;
+  /** @internal */
+  _path;
+  /** @internal */
+  _method = "POST";
+  /** @internal */
+  _apiKeyResolver;
+  /** @internal */
+  _providerName;
+  /** @internal */
+  _providerConfig;
+  constructor(key, registry, deps) {
+    this._key = key;
+    this._registry = registry;
+    this._deps = deps;
+  }
+  fork() {
+    const next = Object.create(Object.getPrototypeOf(this));
+    Object.assign(next, this);
+    next._protocols = [...this._protocols];
+    return next;
+  }
+  paid(pricing, options) {
+    const next = this.fork();
+    next._authMode = "paid";
+    next._pricing = pricing;
+    if (options?.protocols) next._protocols = options.protocols;
+    if (options?.maxPrice) next._maxPrice = options.maxPrice;
+    if (typeof pricing === "function" && !options?.maxPrice) {
+      throw new Error(`route '${this._key}': dynamic pricing requires maxPrice option`);
+    }
+    if (typeof pricing === "object" && "tiers" in pricing) {
+      for (const [tierKey, tierConfig] of Object.entries(pricing.tiers)) {
+        if (!tierKey) {
+          throw new Error(`route '${this._key}': tier key cannot be empty`);
+        }
+        const tierPrice = parseFloat(tierConfig.price);
+        if (isNaN(tierPrice) || tierPrice <= 0) {
+          throw new Error(
+            `route '${this._key}': tier '${tierKey}' price '${tierConfig.price}' must be a positive decimal string`
+          );
+        }
+      }
+    }
+    if (options?.maxPrice !== void 0) {
+      const parsed = parseFloat(options.maxPrice);
+      if (isNaN(parsed) || parsed <= 0) {
+        throw new Error(
+          `route '${this._key}': maxPrice '${options.maxPrice}' must be a positive decimal string`
+        );
+      }
+    }
+    return next;
+  }
+  siwx() {
+    const next = this.fork();
+    next._authMode = "siwx";
+    next._protocols = [];
+    return next;
+  }
+  apiKey(resolver) {
+    const next = this.fork();
+    next._authMode = "apiKey";
+    next._apiKeyResolver = resolver;
+    return next;
+  }
+  unprotected() {
+    const next = this.fork();
+    next._authMode = "unprotected";
+    next._protocols = [];
+    return next;
+  }
+  // -------------------------------------------------------------------------
+  // Provider monitoring
+  // -------------------------------------------------------------------------
+  provider(name, config) {
+    const next = this.fork();
+    next._providerName = name;
+    next._providerConfig = config ?? {};
+    return next;
+  }
+  // -------------------------------------------------------------------------
+  // Schema methods
+  // -------------------------------------------------------------------------
+  body(schema) {
+    const next = this.fork();
+    next._bodySchema = schema;
+    return next;
+  }
+  query(schema) {
+    const next = this.fork();
+    next._querySchema = schema;
+    next._method = "GET";
+    return next;
+  }
+  output(schema) {
+    const next = this.fork();
+    next._outputSchema = schema;
+    return next;
+  }
+  description(text) {
+    const next = this.fork();
+    next._description = text;
+    return next;
+  }
+  path(p) {
+    const next = this.fork();
+    next._path = p;
+    return next;
+  }
+  handler(fn) {
+    const entry = {
+      key: this._key,
+      authMode: this._authMode,
+      pricing: this._pricing,
+      protocols: this._protocols,
+      bodySchema: this._bodySchema,
+      querySchema: this._querySchema,
+      outputSchema: this._outputSchema,
+      description: this._description,
+      path: this._path,
+      method: this._method,
+      maxPrice: this._maxPrice,
+      apiKeyResolver: this._apiKeyResolver,
+      providerName: this._providerName,
+      providerConfig: this._providerConfig
+    };
+    this._registry.register(entry);
+    return createRequestHandler(entry, fn, this._deps);
+  }
+};
+
+// src/auth/nonce.ts
+var MemoryNonceStore = class {
+  seen = /* @__PURE__ */ new Map();
+  async check(nonce) {
+    this.evict();
+    if (this.seen.has(nonce)) return false;
+    this.seen.set(nonce, Date.now() + 5 * 60 * 1e3);
+    return true;
+  }
+  evict() {
+    const now = Date.now();
+    for (const [n, exp] of this.seen) {
+      if (exp < now) this.seen.delete(n);
+    }
+  }
+};
+
+// src/discovery/well-known.ts
+import { NextResponse as NextResponse3 } from "next/server";
+function createWellKnownHandler(registry, baseUrl, pricesKeys, options = {}) {
+  let validated = false;
+  return async (_request) => {
+    if (!validated && pricesKeys) {
+      registry.validate(pricesKeys);
+      validated = true;
+    }
+    const x402Resources = [];
+    const mppResources = [];
+    for (const [key, entry] of registry.entries()) {
+      const url = `${baseUrl}/api/${entry.path ?? key}`;
+      if (entry.protocols.includes("x402")) x402Resources.push(url);
+      if (entry.protocols.includes("mpp")) mppResources.push(url);
+    }
+    let instructions;
+    if (typeof options.instructions === "function") {
+      instructions = await options.instructions();
+    } else if (typeof options.instructions === "string") {
+      instructions = options.instructions;
+    }
+    const body = {
+      version: 1,
+      resources: x402Resources
+    };
+    if (mppResources.length > 0) {
+      body.mppResources = mppResources;
+    }
+    if (options.ownershipProofs) {
+      body.ownershipProofs = options.ownershipProofs;
+    }
+    if (instructions) {
+      body.instructions = instructions;
+    }
+    return NextResponse3.json(body);
+  };
+}
+
+// src/discovery/openapi.ts
+import { NextResponse as NextResponse4 } from "next/server";
+function createOpenAPIHandler(registry, baseUrl, pricesKeys, options) {
+  let cached = null;
+  let validated = false;
+  return async (_request) => {
+    if (cached) return NextResponse4.json(cached);
+    if (!validated && pricesKeys) {
+      registry.validate(pricesKeys);
+      validated = true;
+    }
+    const { createDocument } = await import("zod-openapi");
+    const paths = {};
+    const tagSet = /* @__PURE__ */ new Set();
+    for (const [key, entry] of registry.entries()) {
+      const apiPath = `/api/${entry.path ?? key}`;
+      const method = entry.method.toLowerCase();
+      const tag = deriveTag(key);
+      tagSet.add(tag);
+      paths[apiPath] = {
+        [method]: buildOperation(key, entry, tag)
+      };
+    }
+    cached = createDocument({
+      openapi: "3.1.0",
+      info: {
+        title: options.title,
+        description: options.description,
+        version: options.version,
+        ...options.contact && { contact: options.contact }
+      },
+      servers: [{ url: options.baseUrl ?? baseUrl }],
+      tags: Array.from(tagSet).sort().map((name) => ({ name })),
+      paths
+    });
+    return NextResponse4.json(cached);
+  };
+}
+function deriveTag(routeKey) {
+  return routeKey.split("/")[0].split("-").map((w) => w[0].toUpperCase() + w.slice(1)).join(" ");
+}
+function buildOperation(routeKey, entry, tag) {
+  const protocols = entry.protocols.length > 0 ? entry.protocols : void 0;
+  let price;
+  if (typeof entry.pricing === "string") {
+    price = parseFloat(entry.pricing);
+  } else if (entry.maxPrice) {
+    price = parseFloat(entry.maxPrice);
+  }
+  const operation = {
+    operationId: routeKey.replace(/\//g, "_"),
+    summary: entry.description ?? routeKey,
+    tags: [tag],
+    responses: {
+      "200": {
+        description: "Successful response",
+        ...entry.outputSchema && {
+          content: {
+            "application/json": { schema: entry.outputSchema }
+          }
+        }
+      },
+      ...entry.authMode === "paid" && {
+        "402": {
+          description: "Payment Required"
+        }
+      }
+    }
+  };
+  if (price !== void 0 || protocols) {
+    operation["x-payment-info"] = {
+      ...price !== void 0 && { price },
+      ...protocols && { protocols }
+    };
+  }
+  if (entry.bodySchema) {
+    operation.requestBody = {
+      required: true,
+      content: {
+        "application/json": { schema: entry.bodySchema }
+      }
+    };
+  }
+  if (entry.querySchema) {
+    operation.requestParams = {
+      query: entry.querySchema
+    };
+  }
+  return operation;
+}
+
+// src/index.ts
+function createRouter(config) {
+  const registry = new RouteRegistry();
+  const nonceStore = config.siwx?.nonceStore ?? new MemoryNonceStore();
+  const network = config.network ?? "eip155:8453";
+  const baseUrl = typeof globalThis.process !== "undefined" ? process.env.NEXT_PUBLIC_BASE_URL ?? "http://localhost:3000" : "http://localhost:3000";
+  if (config.plugin?.init) {
+    try {
+      config.plugin.init({ origin: baseUrl });
+    } catch {
+    }
+  }
+  const deps = {
+    x402Server: null,
+    initPromise: Promise.resolve(),
+    plugin: config.plugin,
+    nonceStore,
+    payeeAddress: config.payeeAddress,
+    network,
+    mppConfig: config.mpp
+  };
+  try {
+    const { createX402Server: createX402Server2 } = (init_server(), __toCommonJS(server_exports));
+    const result = createX402Server2(config);
+    deps.x402Server = result.server;
+    deps.initPromise = result.initPromise.catch((err) => {
+      deps.x402Server = null;
+      deps.x402InitError = err instanceof Error ? err.message : String(err);
+    });
+  } catch {
+  }
+  const pricesKeys = config.prices ? Object.keys(config.prices) : void 0;
+  return {
+    route(key) {
+      const builder = new RouteBuilder(key, registry, deps);
+      if (config.prices && key in config.prices) {
+        return builder.paid(config.prices[key]);
+      }
+      return builder;
+    },
+    wellKnown(options) {
+      return createWellKnownHandler(registry, baseUrl, pricesKeys, options);
+    },
+    openapi(options) {
+      return createOpenAPIHandler(registry, baseUrl, pricesKeys, options);
+    },
+    monitors() {
+      const result = [];
+      for (const [, entry] of registry.entries()) {
+        if (entry.providerName && entry.providerConfig?.monitor) {
+          result.push({
+            provider: entry.providerName,
+            route: entry.key,
+            monitor: entry.providerConfig.monitor,
+            overage: entry.providerConfig.overage ?? "same-rate",
+            warn: entry.providerConfig.warn,
+            critical: entry.providerConfig.critical
+          });
+        }
+      }
+      return result;
+    },
+    registry
+  };
+}
+export {
+  HttpError,
+  MemoryNonceStore,
+  RouteBuilder,
+  RouteRegistry,
+  consolePlugin,
+  createRouter
+};