npm - @agentcash/router - Versions diffs - 1.0.0 → 1.1.0 - Mend

@agentcash/router 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -30,6 +30,204 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 ));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/protocols/evm.ts
+function isEvmNetwork(network) {
+  return network.startsWith("eip155:");
+}
+function filterEvmNetworks(networks) {
+  return networks.filter(isEvmNetwork);
+}
+function buildEvmExactOptions(accepts, price) {
+  return accepts.filter(
+    (accept) => accept.scheme === "exact" && isEvmNetwork(accept.network)
+  ).map(({ network, payTo }) => ({
+    scheme: "exact",
+    network,
+    price,
+    payTo
+  }));
+}
+var init_evm = __esm({
+  "src/protocols/evm.ts"() {
+    "use strict";
+  }
+});
+// src/protocols/solana.ts
+function isSolanaNetwork(network) {
+  return network.startsWith("solana:");
+}
+function filterSolanaNetworks(networks) {
+  return networks.filter(isSolanaNetwork);
+}
+function buildSolanaExactOptions(accepts, price) {
+  return accepts.filter(
+    (accept) => accept.scheme === "exact" && isSolanaNetwork(accept.network)
+  ).map(({ network, payTo }) => ({
+    scheme: "exact",
+    network,
+    price,
+    payTo
+  }));
+}
+function hasSolanaAccepts(accepts) {
+  return accepts.some((accept) => isSolanaNetwork(accept.network));
+}
+async function enrichRequirementsWithFacilitatorAccepts(facilitator, resource, requirements) {
+  if (!facilitator.url) {
+    throw new Error(`Facilitator for ${facilitator.network} is missing a URL for /accepts`);
+  }
+  const authHeaders = await getAcceptsHeadersForFacilitator(facilitator);
+  const response = await fetch(`${facilitator.url.replace(/\/+$/, "")}/accepts`, {
+    method: "POST",
+    headers: {
+      ...authHeaders,
+      "content-type": "application/json"
+    },
+    body: JSON.stringify({
+      x402Version: 2,
+      resource,
+      accepts: requirements
+    })
+  });
+  if (!response.ok) {
+    throw new Error(`Facilitator /accepts failed with status ${response.status}`);
+  }
+  const body = await response.json();
+  if (!Array.isArray(body.accepts)) {
+    throw new Error("Facilitator /accepts response did not include accepts");
+  }
+  return body.accepts;
+}
+function isSolanaRequirement(requirement) {
+  return isSolanaNetwork(requirement.network);
+}
+var init_solana = __esm({
+  "src/protocols/solana.ts"() {
+    "use strict";
+    init_x402_facilitators();
+  }
+});
+// src/x402-facilitators.ts
+function getResolvedX402Facilitator(config, network, defaultEvmFacilitator) {
+  const family = getNetworkFamily(network);
+  if (!family) return null;
+  const target = resolveX402FacilitatorTarget(config, network, defaultEvmFacilitator);
+  const resolvedConfig = normalizeFacilitatorTarget(target);
+  return {
+    family,
+    network,
+    url: resolvedConfig.url,
+    config: resolvedConfig
+  };
+}
+function getResolvedX402Facilitators(config, networks, defaultEvmFacilitator) {
+  return Object.fromEntries(
+    networks.flatMap((network) => {
+      const facilitator = getResolvedX402Facilitator(config, network, defaultEvmFacilitator);
+      return facilitator ? [[network, facilitator]] : [];
+    })
+  );
+}
+function getResolvedX402FacilitatorGroups(facilitatorsByNetwork) {
+  const groups = [];
+  for (const facilitator of Object.values(facilitatorsByNetwork)) {
+    const existing = groups.find(
+      (group) => group.family === facilitator.family && sameFacilitatorConfig(group.config, facilitator.config)
+    );
+    if (existing) {
+      existing.networks.push(facilitator.network);
+      continue;
+    }
+    groups.push({
+      family: facilitator.family,
+      config: facilitator.config,
+      networks: [facilitator.network]
+    });
+  }
+  return groups;
+}
+function getFacilitatorForRequirement(facilitatorsByNetwork, requirement) {
+  return facilitatorsByNetwork?.[requirement.network];
+}
+function sameResolvedX402Facilitator(a, b) {
+  return sameFacilitatorConfig(a.config, b.config);
+}
+async function getAcceptsHeadersForFacilitator(facilitator) {
+  if (facilitator.config.createAcceptsHeaders) {
+    return facilitator.config.createAcceptsHeaders();
+  }
+  if (facilitator.config.createAuthHeaders) {
+    const headers = await facilitator.config.createAuthHeaders();
+    return headers.supported;
+  }
+  return {};
+}
+function resolveX402FacilitatorTarget(config, network, defaultEvmFacilitator) {
+  return (isSolanaNetwork(network) ? config.x402?.facilitators?.solana : void 0) ?? (isEvmNetwork(network) ? config.x402?.facilitators?.evm : void 0) ?? (isSolanaNetwork(network) ? DEFAULT_SOLANA_FACILITATOR_URL : defaultEvmFacilitator);
+}
+function normalizeFacilitatorTarget(target) {
+  return typeof target === "string" ? { url: target } : target;
+}
+function getNetworkFamily(network) {
+  if (isEvmNetwork(network)) return "evm";
+  if (isSolanaNetwork(network)) return "solana";
+  return null;
+}
+function sameFacilitatorConfig(a, b) {
+  return a.url === b.url && a.createAuthHeaders === b.createAuthHeaders && a.createAcceptsHeaders === b.createAcceptsHeaders;
+}
+var DEFAULT_SOLANA_FACILITATOR_URL;
+var init_x402_facilitators = __esm({
+  "src/x402-facilitators.ts"() {
+    "use strict";
+    init_evm();
+    init_solana();
+    DEFAULT_SOLANA_FACILITATOR_URL = "https://facilitator.corbits.dev";
+  }
+});
+// src/x402-config.ts
+async function resolvePayToValue(payTo, request, fallback) {
+  if (!payTo) return fallback;
+  if (typeof payTo === "string") return payTo;
+  return payTo(request);
+}
+function getConfiguredX402Accepts(config) {
+  if (config.x402?.accepts?.length) {
+    return [...config.x402.accepts];
+  }
+  return [
+    {
+      scheme: "exact",
+      network: config.network ?? "eip155:8453",
+      payTo: config.payeeAddress
+    }
+  ];
+}
+function getConfiguredX402Networks(config) {
+  return [...new Set(getConfiguredX402Accepts(config).map((accept) => accept.network))];
+}
+async function resolveX402Accepts(request, routeEntry, accepts, fallbackPayTo) {
+  return Promise.all(
+    accepts.map(async (accept) => ({
+      network: accept.network,
+      scheme: accept.scheme ?? "exact",
+      payTo: await resolvePayToValue(accept.payTo ?? routeEntry.payTo, request, fallbackPayTo),
+      ...accept.asset ? { asset: accept.asset } : {},
+      ...accept.decimals !== void 0 ? { decimals: accept.decimals } : {},
+      ...accept.maxTimeoutSeconds !== void 0 ? { maxTimeoutSeconds: accept.maxTimeoutSeconds } : {},
+      ...accept.extra ? { extra: accept.extra } : {}
+    }))
+  );
+}
+var init_x402_config = __esm({
+  "src/x402-config.ts"() {
+    "use strict";
+  }
+});
 // src/server.ts
 var server_exports = {};
 __export(server_exports, {
@@ -41,32 +239,59 @@ async function createX402Server(config) {
   const { bazaarResourceServerExtension } = await import("@x402/extensions/bazaar");
   const { siwxResourceServerExtension } = await import("@x402/extensions/sign-in-with-x");
   const { facilitator: defaultFacilitator } = await import("@coinbase/x402");
-  const raw = config.facilitatorUrl ?? defaultFacilitator;
-  const facilitatorConfig = typeof raw === "string" ? { url: raw } : raw;
-  const httpClient = new HTTPFacilitatorClient(facilitatorConfig);
-  const network = config.network ?? "eip155:8453";
-  const client = cachedClient(httpClient, network);
-  const server = new x402ResourceServer(client);
-  registerExactEvmScheme(server);
+  const configuredNetworks = getConfiguredX402Networks(config);
+  const facilitatorsByNetwork = getResolvedX402Facilitators(
+    config,
+    configuredNetworks,
+    defaultFacilitator
+  );
+  const evmNetworks = filterEvmNetworks(configuredNetworks);
+  const svmNetworks = filterSolanaNetworks(configuredNetworks);
+  const facilitatorClients = createFacilitatorClients(facilitatorsByNetwork, HTTPFacilitatorClient);
+  const server = new x402ResourceServer(
+    facilitatorClients.length === 1 ? facilitatorClients[0] : facilitatorClients
+  );
+  if (evmNetworks.length > 0) {
+    registerExactEvmScheme(server, { networks: evmNetworks });
+  }
+  if (svmNetworks.length > 0) {
+    const { registerExactSvmScheme } = await import("@x402/svm/exact/server");
+    registerExactSvmScheme(server, { networks: svmNetworks });
+  }
   server.registerExtension(bazaarResourceServerExtension);
   server.registerExtension(siwxResourceServerExtension);
   const initPromise = server.initialize();
-  return { server, initPromise };
+  return {
+    server,
+    initPromise,
+    facilitatorsByNetwork
+  };
 }
-function cachedClient(inner, network) {
+function cachedClient(inner, networks) {
   return {
     verify: inner.verify.bind(inner),
     settle: inner.settle.bind(inner),
     getSupported: async () => ({
-      kinds: [{ x402Version: 2, scheme: "exact", network }],
+      kinds: networks.map((network) => ({ x402Version: 2, scheme: "exact", network })),
       extensions: [],
       signers: {}
     })
   };
 }
+function createFacilitatorClients(facilitatorsByNetwork, HTTPFacilitatorClient) {
+  const groups = getResolvedX402FacilitatorGroups(facilitatorsByNetwork);
+  return groups.map((group) => {
+    const inner = new HTTPFacilitatorClient(group.config);
+    return group.family === "evm" ? cachedClient(inner, group.networks) : inner;
+  });
+}
 var init_server = __esm({
   "src/server.ts"() {
     "use strict";
+    init_evm();
+    init_solana();
+    init_x402_facilitators();
+    init_x402_config();
   }
 });
@@ -90,33 +315,46 @@ module.exports = __toCommonJS(index_exports);
 // src/registry.ts
 var RouteRegistry = class {
   routes = /* @__PURE__ */ new Map();
-  // Silently overwrites on duplicate key. Next.js module loading order is
-  // non-deterministic during build — discovery stubs and real handlers may
-  // register the same route key in either order. Last writer wins.
+  // Internal map key includes the HTTP method so that POST and DELETE on the
+  // same path coexist. Within the same path+method, last-write-wins is still
+  // intentional — Next.js module loading order is non-deterministic during
+  // build and discovery stubs may register the same route in either order.
   // Prior art: ElysiaJS uses the same pattern (silent overwrite in router.history).
+  mapKey(entry) {
+    return `${entry.key}:${entry.method}`;
+  }
   register(entry) {
-    if (this.routes.has(entry.key) && typeof process !== "undefined" && process.env?.["NODE_ENV"] !== "production") {
+    const k = this.mapKey(entry);
+    if (this.routes.has(k) && typeof process !== "undefined" && process.env?.["NODE_ENV"] !== "production") {
       console.warn(
-        `[agentcash/router] route '${entry.key}' registered twice \u2014 overwriting (this is expected for discovery stubs during next build)`
+        `[agentcash/router] route '${entry.key}' (${entry.method}) registered twice \u2014 overwriting (this is expected for discovery stubs during next build)`
       );
     }
-    this.routes.set(entry.key, entry);
+    this.routes.set(k, entry);
   }
+  // Accepts either a compound key ("site/domain:DELETE") or a path-only key
+  // ("site/domain") — path-only returns the first registered method for that path.
   get(key) {
-    return this.routes.get(key);
+    const direct = this.routes.get(key);
+    if (direct) return direct;
+    for (const entry of this.routes.values()) {
+      if (entry.key === key) return entry;
+    }
+    return void 0;
   }
   entries() {
     return this.routes.entries();
   }
   has(key) {
-    return this.routes.has(key);
+    return this.get(key) !== void 0;
   }
   get size() {
     return this.routes.size;
   }
   validate(expectedKeys) {
     if (!expectedKeys) return;
-    const missing = expectedKeys.filter((k) => !this.routes.has(k));
+    const registeredPathKeys = new Set([...this.routes.values()].map((e) => e.key));
+    const missing = expectedKeys.filter((k) => !registeredPathKeys.has(k));
     if (missing.length > 0) {
       throw new Error(
         `route${missing.length > 1 ? "s" : ""} ${missing.map((k) => `'${k}'`).join(", ")} in prices map but not registered \u2014 add to barrel imports`
@@ -374,51 +612,41 @@ var import_mppx = require("mppx");
 var import_viem = require("viem");
 // src/protocols/x402.ts
-async function buildX402Challenge(server, routeEntry, request, price, payeeAddress, network, extensions) {
+init_x402_facilitators();
+init_evm();
+init_solana();
+async function buildX402Challenge(opts) {
+  const { server, routeEntry, request, price, accepts, facilitatorsByNetwork, extensions } = opts;
   const { encodePaymentRequiredHeader } = await import("@x402/core/http");
-  const options = {
-    scheme: "exact",
-    network,
+  const resource = buildChallengeResource(request, routeEntry);
+  const requirements = await buildChallengeRequirements(
+    server,
+    request,
     price,
-    payTo: payeeAddress
-  };
-  const resource = {
-    url: request.url,
-    method: routeEntry.method,
-    description: routeEntry.description,
-    mimeType: "application/json"
-  };
-  const requirements = await server.buildPaymentRequirementsFromOptions([options], {
-    request
-  });
+    accepts,
+    resource,
+    facilitatorsByNetwork
+  );
   const paymentRequired = await server.createPaymentRequiredResponse(
     requirements,
     resource,
-    null,
+    void 0,
     extensions
   );
   const encoded = encodePaymentRequiredHeader(paymentRequired);
   return { encoded, requirements };
 }
-async function verifyX402Payment(server, request, routeEntry, price, payeeAddress, network) {
-  const { decodePaymentSignatureHeader } = await import("@x402/core/http");
-  const paymentHeader = request.headers.get("PAYMENT-SIGNATURE") ?? request.headers.get("X-PAYMENT");
-  if (!paymentHeader) return null;
-  const payload = decodePaymentSignatureHeader(paymentHeader);
-  const options = {
-    scheme: "exact",
-    network,
-    price,
-    payTo: payeeAddress
-  };
-  const requirements = await server.buildPaymentRequirementsFromOptions([options], {
-    request
-  });
-  const matching = server.findMatchingRequirements(requirements, payload);
-  const verify = await server.verifyPayment(payload, matching);
-  if (!verify.isValid) {
-    return { valid: false, payload: null, requirements: null, payer: null };
+async function verifyX402Payment(opts) {
+  const { server, request, price, accepts } = opts;
+  const payload = await readPaymentPayload(request);
+  if (!payload) return null;
+  const requirements = await buildExpectedRequirements(server, request, price, accepts);
+  const matching = findVerifiableRequirements(server, requirements, payload);
+  if (!matching) {
+    return invalidPaymentVerification();
   }
+  const verify = await server.verifyPayment(payload, matching);
+  if (!verify.isValid) return invalidPaymentVerification();
   return {
     valid: true,
     payer: verify.payer,
@@ -426,14 +654,150 @@ async function verifyX402Payment(server, request, routeEntry, price, payeeAddres
     requirements: matching
   };
 }
+function findVerifiableRequirements(server, requirements, payload) {
+  const strictMatch = server.findMatchingRequirements(requirements, payload);
+  if (strictMatch) {
+    return payload.x402Version === 2 ? payload.accepted : strictMatch;
+  }
+  if (payload.x402Version !== 2) {
+    return null;
+  }
+  const stableMatch = requirements.find(
+    (requirement) => matchesStableFields(requirement, payload.accepted)
+  );
+  return stableMatch ? payload.accepted : null;
+}
+function matchesStableFields(requirement, accepted) {
+  return requirement.scheme === accepted.scheme && requirement.network === accepted.network && requirement.payTo === accepted.payTo && requirement.asset === accepted.asset && requirement.amount === accepted.amount && requirement.maxTimeoutSeconds === accepted.maxTimeoutSeconds;
+}
+async function buildExpectedRequirements(server, request, price, accepts) {
+  const exactRequirements = await buildExactRequirements(server, request, price, accepts);
+  const customRequirements = buildCustomRequirements(price, accepts);
+  return [...exactRequirements, ...customRequirements];
+}
+async function buildExactRequirements(server, request, price, accepts) {
+  const exactOptions = [
+    ...buildEvmExactOptions(accepts, price),
+    ...buildSolanaExactOptions(accepts, price)
+  ];
+  if (exactOptions.length === 0) return [];
+  return server.buildPaymentRequirementsFromOptions(exactOptions, { request });
+}
+function buildCustomRequirements(price, accepts) {
+  return accepts.filter((accept) => accept.scheme !== "exact").map((accept) => buildCustomRequirement(price, accept));
+}
+async function buildChallengeRequirements(server, request, price, accepts, resource, facilitatorsByNetwork) {
+  const requirements = await buildExpectedRequirements(server, request, price, accepts);
+  if (!needsFacilitatorEnrichment(accepts)) return requirements;
+  return enrichChallengeRequirements(requirements, resource, facilitatorsByNetwork);
+}
+function needsFacilitatorEnrichment(accepts) {
+  return accepts.some((accept) => accept.scheme !== "exact") || hasSolanaAccepts(accepts);
+}
+async function enrichChallengeRequirements(requirements, resource, facilitatorsByNetwork) {
+  const groups = collectEnrichmentGroups(requirements, facilitatorsByNetwork);
+  if (groups.length === 0) return requirements;
+  const enrichedRequirements = [...requirements];
+  await Promise.all(
+    groups.map(async (group) => {
+      const enriched = await enrichRequirementsWithFacilitatorAccepts(
+        group.facilitator,
+        resource,
+        group.items.map(({ requirement }) => requirement)
+      );
+      if (enriched.length !== group.items.length) {
+        throw new Error(
+          `Facilitator /accepts returned ${enriched.length} requirements for ${group.items.length} inputs on ${group.facilitator.url ?? group.facilitator.network}`
+        );
+      }
+      enriched.forEach((requirement, offset) => {
+        const index = group.items[offset]?.index;
+        if (index === void 0) return;
+        enrichedRequirements[index] = requirement;
+      });
+    })
+  );
+  return enrichedRequirements;
+}
+function collectEnrichmentGroups(requirements, facilitatorsByNetwork) {
+  const groups = [];
+  requirements.forEach((requirement, index) => {
+    if (!requiresFacilitatorEnrichment(requirement)) return;
+    const facilitator = getRequiredFacilitator(requirement, facilitatorsByNetwork);
+    const existing = groups.find(
+      (group) => sameResolvedX402Facilitator(group.facilitator, facilitator)
+    );
+    if (existing) {
+      existing.items.push({ index, requirement });
+      return;
+    }
+    groups.push({
+      facilitator,
+      items: [{ index, requirement }]
+    });
+  });
+  return groups;
+}
+function getRequiredFacilitator(requirement, facilitatorsByNetwork) {
+  const facilitator = getFacilitatorForRequirement(facilitatorsByNetwork, requirement);
+  if (!facilitator) {
+    throw new Error(
+      `Missing x402 facilitator for ${requirement.scheme} requirement on ${requirement.network}`
+    );
+  }
+  return facilitator;
+}
+function requiresFacilitatorEnrichment(requirement) {
+  return requirement.scheme !== "exact" || isSolanaRequirement(requirement);
+}
+function buildCustomRequirement(price, accept) {
+  if (!accept.asset) {
+    throw new Error(
+      `Custom x402 accept '${accept.scheme}' on '${accept.network}' is missing asset`
+    );
+  }
+  return {
+    scheme: accept.scheme,
+    network: accept.network,
+    amount: decimalToAtomicUnits(price, accept.decimals ?? 6),
+    asset: accept.asset,
+    payTo: accept.payTo,
+    maxTimeoutSeconds: accept.maxTimeoutSeconds ?? 300,
+    extra: accept.extra ?? {}
+  };
+}
+function buildChallengeResource(request, routeEntry) {
+  return {
+    url: request.url,
+    method: routeEntry.method,
+    description: routeEntry.description,
+    mimeType: "application/json"
+  };
+}
+async function readPaymentPayload(request) {
+  const paymentHeader = request.headers.get("PAYMENT-SIGNATURE") ?? request.headers.get("X-PAYMENT");
+  if (!paymentHeader) return null;
+  const { decodePaymentSignatureHeader } = await import("@x402/core/http");
+  return decodePaymentSignatureHeader(paymentHeader);
+}
+function invalidPaymentVerification() {
+  return { valid: false, payload: null, requirements: null, payer: null };
+}
+function decimalToAtomicUnits(amount, decimals) {
+  const match = /^(?<whole>\d+)(?:\.(?<fraction>\d+))?$/.exec(amount);
+  if (!match?.groups) {
+    throw new Error(`Invalid decimal amount '${amount}'`);
+  }
+  const whole = match.groups.whole;
+  const fraction = match.groups.fraction ?? "";
+  if (fraction.length > decimals) {
+    throw new Error(`Amount '${amount}' exceeds ${decimals} decimal places`);
+  }
+  const normalized = `${whole}${fraction.padEnd(decimals, "0")}`.replace(/^0+(?=\d)/, "");
+  return normalized === "" ? "0" : normalized;
+}
 async function settleX402Payment(server, payload, requirements) {
   const { encodePaymentResponseHeader } = await import("@x402/core/http");
-  const payloadKeys = typeof payload === "object" && payload !== null ? Object.keys(payload).sort().join(",") : "n/a";
-  const reqKeys = typeof requirements === "object" && requirements !== null ? Object.keys(requirements).sort().join(",") : "n/a";
-  console.info("x402 settle input", {
-    payloadKeys,
-    requirementsKeys: reqKeys
-  });
   const result = await server.settlePayment(payload, requirements);
   const encoded = encodePaymentResponseHeader(result);
   return { encoded, result };
@@ -508,10 +872,10 @@ function extractBearerToken(header) {
 }
 // src/orchestrate.ts
-async function resolvePayTo(routeEntry, request, fallback) {
-  if (!routeEntry.payTo) return fallback;
-  if (typeof routeEntry.payTo === "string") return routeEntry.payTo;
-  return routeEntry.payTo(request);
+init_x402_config();
+function getRequirementNetwork(requirements, fallback) {
+  const network = requirements?.network;
+  return typeof network === "string" ? network : fallback;
 }
 function createRequestHandler(routeEntry, handler, deps) {
   async function invoke(request, meta, pluginCtx, wallet, account, parsedBody) {
@@ -792,24 +1156,28 @@ function createRequestHandler(routeEntry, handler, deps) {
         console.error(`[router] ${routeEntry.key}: ${reason}`);
         return fail(500, reason, meta, pluginCtx, body.data);
       }
-      const payTo = await resolvePayTo(routeEntry, request, deps.payeeAddress);
-      const verify = await verifyX402Payment(
-        deps.x402Server,
+      const accepts = await resolveX402Accepts(
         request,
         routeEntry,
-        price,
-        payTo,
-        deps.network
+        deps.x402Accepts,
+        deps.payeeAddress
       );
+      const verify = await verifyX402Payment({
+        server: deps.x402Server,
+        request,
+        price,
+        accepts
+      });
       if (!verify?.valid) return await build402(request, routeEntry, deps, meta, pluginCtx);
       const { payload: verifyPayload, requirements: verifyRequirements } = verify;
+      const matchedNetwork = getRequirementNetwork(verifyRequirements, deps.network);
       const wallet = verify.payer.toLowerCase();
       pluginCtx.setVerifiedWallet(wallet);
       firePluginHook(deps.plugin, "onPaymentVerified", pluginCtx, {
         protocol: "x402",
         payer: wallet,
         amount: price,
-        network: deps.network
+        network: matchedNetwork
       });
       const { response, rawResult } = await invoke(
         request,
@@ -821,15 +1189,6 @@ function createRequestHandler(routeEntry, handler, deps) {
       );
       if (response.status < 400) {
         try {
-          const payloadFingerprint = typeof verifyPayload === "object" && verifyPayload !== null ? {
-            keys: Object.keys(verifyPayload).sort().join(","),
-            payloadType: typeof verifyPayload
-          } : { payloadType: typeof verifyPayload };
-          console.info("Settlement attempt", {
-            route: routeEntry.key,
-            network: deps.network,
-            ...payloadFingerprint
-          });
           const settle = await settleX402Payment(
             deps.x402Server,
             verifyPayload,
@@ -851,14 +1210,14 @@ function createRequestHandler(routeEntry, handler, deps) {
             protocol: "x402",
             payer: verify.payer,
             transaction: String(settle.result?.transaction ?? ""),
-            network: deps.network
+            network: matchedNetwork
           });
         } catch (err) {
           const errObj = err;
           console.error("Settlement failed", {
             message: err instanceof Error ? err.message : String(err),
             route: routeEntry.key,
-            network: deps.network,
+            network: matchedNetwork,
             facilitatorStatus: errObj.response?.status,
             facilitatorBody: errObj.response?.data ?? errObj.response?.body
           });
@@ -1073,16 +1432,21 @@ async function build402(request, routeEntry, deps, meta, pluginCtx, bodyData) {
   }
   if (routeEntry.protocols.includes("x402") && deps.x402Server) {
     try {
-      const payTo = await resolvePayTo(routeEntry, request, deps.payeeAddress);
-      const { encoded } = await buildX402Challenge(
-        deps.x402Server,
+      const accepts = await resolveX402Accepts(
+        request,
+        routeEntry,
+        deps.x402Accepts,
+        deps.payeeAddress
+      );
+      const { encoded } = await buildX402Challenge({
+        server: deps.x402Server,
         routeEntry,
         request,
-        challengePrice,
-        payTo,
-        deps.network,
+        price: challengePrice,
+        accepts,
+        facilitatorsByNetwork: deps.x402FacilitatorsByNetwork,
         extensions
-      );
+      });
       response.headers.set("PAYMENT-REQUIRED", encoded);
     } catch (err) {
       const message = `x402 challenge build failed: ${err instanceof Error ? err.message : String(err)}`;
@@ -1475,8 +1839,8 @@ function createWellKnownHandler(registry, baseUrl, pricesKeys, discovery) {
     const x402Set = /* @__PURE__ */ new Set();
     const mppSet = /* @__PURE__ */ new Set();
     const methodHints = discovery.methodHints ?? "non-default";
-    for (const [key, entry] of registry.entries()) {
-      const url = `${normalizedBase}/api/${entry.path ?? key}`;
+    for (const [, entry] of registry.entries()) {
+      const url = `${normalizedBase}/api/${entry.path ?? entry.key}`;
       const resource = toDiscoveryResource(entry.method, url, methodHints);
       if (entry.authMode !== "unprotected") x402Set.add(resource);
       if (entry.protocols.includes("mpp")) mppSet.add(resource);
@@ -1532,12 +1896,12 @@ function createOpenAPIHandler(registry, baseUrl, pricesKeys, discovery) {
     const tagSet = /* @__PURE__ */ new Set();
     let requiresSiwxScheme = false;
     let requiresApiKeyScheme = false;
-    for (const [key, entry] of registry.entries()) {
-      const apiPath = `/api/${entry.path ?? key}`;
+    for (const [, entry] of registry.entries()) {
+      const apiPath = `/api/${entry.path ?? entry.key}`;
       const method = entry.method.toLowerCase();
-      const tag = deriveTag(key);
+      const tag = deriveTag(entry.key);
       tagSet.add(tag);
-      const built = buildOperation(key, entry, tag);
+      const built = buildOperation(entry.key, entry, tag);
       if (built.requiresSiwxScheme) requiresSiwxScheme = true;
       if (built.requiresApiKeyScheme) requiresApiKeyScheme = true;
       paths[apiPath] = { ...paths[apiPath], [method]: built.operation };
@@ -1706,11 +2070,15 @@ function createLlmsTxtHandler(discovery) {
 }
 // src/index.ts
+init_x402_config();
+init_evm();
+init_solana();
 function createRouter(config) {
   const registry = new RouteRegistry();
   const nonceStore = config.siwx?.nonceStore ?? new MemoryNonceStore();
   const entitlementStore = config.siwx?.entitlementStore ?? new MemoryEntitlementStore();
   const network = config.network ?? "eip155:8453";
+  const x402Accepts = getConfiguredX402Accepts(config);
   if (!config.baseUrl) {
     throw new Error(
       '[router] baseUrl is required in RouterConfig. Set it to your production domain (e.g., "https://api.example.com"). The realm is used for payment matching and must be correct.'
@@ -1724,8 +2092,23 @@ function createRouter(config) {
   const resolvedBaseUrl = config.baseUrl.replace(/\/+$/, "");
   let x402ConfigError;
   let mppConfigError;
-  if ((!config.protocols || config.protocols.includes("x402")) && !config.payeeAddress) {
-    x402ConfigError = "x402 requires payeeAddress in router config.";
+  if (!config.protocols || config.protocols.includes("x402")) {
+    if (x402Accepts.length === 0) {
+      x402ConfigError = "x402 requires at least one accept configuration.";
+    } else if (x402Accepts.some((accept) => !accept.network)) {
+      x402ConfigError = "x402 accepts require a network.";
+    } else if (x402Accepts.some((accept) => !isSupportedX402Network(accept.network))) {
+      const unsupported = x402Accepts.find((accept) => !isSupportedX402Network(accept.network));
+      x402ConfigError = `unsupported x402 network '${unsupported?.network}'. Use eip155:* or solana:*.`;
+    } else if (x402Accepts.some((accept) => (accept.scheme ?? "exact") !== "exact" && !accept.asset)) {
+      x402ConfigError = "non-exact x402 accepts require an asset.";
+    } else if (x402Accepts.some(
+      (accept) => accept.decimals !== void 0 && (!Number.isInteger(accept.decimals) || accept.decimals < 0)
+    )) {
+      x402ConfigError = "x402 accept decimals must be a non-negative integer.";
+    } else if (x402Accepts.some((accept) => !accept.payTo) && !config.payeeAddress) {
+      x402ConfigError = "x402 requires payeeAddress in router config or payTo on every x402 accept.";
+    }
   }
   if (config.protocols?.includes("mpp")) {
     if (!config.mpp) {
@@ -1759,8 +2142,10 @@ function createRouter(config) {
     plugin: config.plugin,
     nonceStore,
     entitlementStore,
-    payeeAddress: config.payeeAddress,
+    payeeAddress: config.payeeAddress ?? "",
     network,
+    x402FacilitatorsByNetwork: void 0,
+    x402Accepts,
     mppx: null
   };
   deps.initPromise = (async () => {
@@ -1771,6 +2156,7 @@ function createRouter(config) {
         const { createX402Server: createX402Server2 } = await Promise.resolve().then(() => (init_server(), server_exports));
         const result = await createX402Server2(config);
         deps.x402Server = result.server;
+        deps.x402FacilitatorsByNetwork = result.facilitatorsByNetwork;
         await result.initPromise;
       } catch (err) {
         deps.x402Server = null;
@@ -1861,6 +2247,9 @@ function createRouter(config) {
     registry
   };
 }
+function isSupportedX402Network(network) {
+  return isEvmNetwork(network) || isSolanaNetwork(network);
+}
 function normalizePath(path) {
   let normalized = path.trim();
   normalized = normalized.replace(/^\/+/, "");