@agentcash/telemetry 0.0.0-pr-16-20260520161400

package/dist/siwx.js

@@ -0,0 +1,99 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } }
+
+var _chunk47QZYT7Qjs = require('./chunk-47QZYT7Q.js');
+require('./chunk-MBH3LCBQ.js');
+require('./chunk-QEJ7ZGGH.js');
+
+// src/siwx.ts
+var _server = require('next/server');
+var _crypto = require('crypto');
+
+
+
+
+
+var _signinwithx = require('@x402/extensions/sign-in-with-x');
+var _http = require('@x402/core/http');
+function withSiwxTelemetry(handler) {
+  return _chunk47QZYT7Qjs.withTelemetry.call(void 0, async (request, ctx) => {
+    const header = _nullishCoalesce(request.headers.get("SIGN-IN-WITH-X"), () => ( request.headers.get("sign-in-with-x")));
+    if (!header) {
+      return buildSiwxChallengeResponse(request);
+    }
+    const payload = _signinwithx.parseSIWxHeader.call(void 0, header);
+    const validation = await _signinwithx.validateSIWxMessage.call(void 0, payload, request.url);
+    if (!validation.valid) {
+      return _server.NextResponse.json(
+        { success: false, error: `SIWX validation failed: ${validation.error}` },
+        { status: 402 }
+      );
+    }
+    const verification = await _signinwithx.verifySIWxSignature.call(void 0, payload);
+    if (!verification.valid || !verification.address) {
+      return _server.NextResponse.json(
+        { success: false, error: "SIWX signature verification failed" },
+        { status: 402 }
+      );
+    }
+    const walletAddress = verification.address.toLowerCase();
+    ctx.setVerifiedWallet(walletAddress);
+    return handler(request, {
+      ...ctx,
+      verifiedWallet: walletAddress
+    });
+  });
+}
+function buildSiwxChallengeResponse(request) {
+  const url = new URL(request.url);
+  const nonce = _crypto.randomBytes.call(void 0, 16).toString("hex");
+  const issuedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const expirationTime = new Date(Date.now() + 3e5).toISOString();
+  const paymentRequired = {
+    x402Version: 2,
+    error: "SIWX authentication required",
+    resource: {
+      url: request.url,
+      description: "SIWX-protected endpoint",
+      mimeType: "application/json"
+    },
+    accepts: [
+      {
+        scheme: "exact",
+        network: "eip155:8453",
+        asset: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+        amount: "0",
+        payTo: "0x0000000000000000000000000000000000000000",
+        maxTimeoutSeconds: 300,
+        extra: {}
+      }
+    ],
+    extensions: {
+      "sign-in-with-x": {
+        info: {
+          domain: url.hostname,
+          uri: request.url,
+          version: "1",
+          nonce,
+          issuedAt,
+          expirationTime,
+          statement: "Sign in to verify your wallet identity",
+          resources: [request.url]
+        },
+        supportedChains: [{ chainId: "eip155:8453", type: "eip191" }],
+        schema: _signinwithx.buildSIWxSchema.call(void 0, )
+      }
+    }
+  };
+  const encoded = _http.encodePaymentRequiredHeader.call(void 0, paymentRequired);
+  return new (0, _server.NextResponse)(JSON.stringify(paymentRequired), {
+    status: 402,
+    headers: {
+      "Content-Type": "application/json",
+      "PAYMENT-REQUIRED": encoded
+    }
+  });
+}
+
+
+exports.withSiwxTelemetry = withSiwxTelemetry;
+//# sourceMappingURL=siwx.js.map

package/dist/siwx.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["/home/runner/work/agentcash-telemetry/agentcash-telemetry/dist/siwx.js","../src/siwx.ts"],"names":[],"mappings":"AAAA;AACE;AACF,sDAA4B;AAC5B,+BAA4B;AAC5B,+BAA4B;AAC5B;AACA;ACKA,qCAA+C;AAC/C,gCAA4B;AAC5B;AACE;AACA;AACA;AACA;AAAA,8DACK;AACP,uCAA4C;AAoBrC,SAAS,iBAAA,CAAkB,OAAA,EAAsB;AACtD,EAAA,OAAO,4CAAA,MAAc,CAAO,OAAA,EAAsB,GAAA,EAAA,GAA0B;AAC1E,IAAA,MAAM,OAAA,mBAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,gBAAgB,CAAA,UAAK,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,gBAAgB,GAAA;AAE5F,IAAA,GAAA,CAAI,CAAC,MAAA,EAAQ;AACX,MAAA,OAAO,0BAAA,CAA2B,OAAO,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,QAAA,EAAU,0CAAA,MAAsB,CAAA;AAEtC,IAAA,MAAM,WAAA,EAAa,MAAM,8CAAA,OAAoB,EAAS,OAAA,CAAQ,GAAG,CAAA;AACjE,IAAA,GAAA,CAAI,CAAC,UAAA,CAAW,KAAA,EAAO;AACrB,MAAA,OAAO,oBAAA,CAAa,IAAA;AAAA,QAClB,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,CAAA,wBAAA,EAA2B,UAAA,CAAW,KAAK,CAAA,EAAA;AACtD,QAAA;AAChB,MAAA;AACF,IAAA;AAEsD,IAAA;AACJ,IAAA;AAC5B,MAAA;AAC4C,QAAA;AAChD,QAAA;AAChB,MAAA;AACF,IAAA;AAEuD,IAAA;AACpB,IAAA;AAEX,IAAA;AACnB,MAAA;AACa,MAAA;AACO,IAAA;AAC1B,EAAA;AACH;AAKwE;AACvC,EAAA;AACa,EAAA;AACJ,EAAA;AAC0B,EAAA;AAE1C,EAAA;AACT,IAAA;AACN,IAAA;AACG,IAAA;AACK,MAAA;AACA,MAAA;AACH,MAAA;AACZ,IAAA;AACS,IAAA;AACP,MAAA;AACU,QAAA;AACC,QAAA;AACF,QAAA;AACC,QAAA;AACD,QAAA;AACY,QAAA;AACX,QAAA;AACV,MAAA;AACF,IAAA;AACY,IAAA;AACQ,MAAA;AACV,QAAA;AACQ,UAAA;AACC,UAAA;AACJ,UAAA;AACT,UAAA;AACA,UAAA;AACA,UAAA;AACW,UAAA;AACY,UAAA;AACzB,QAAA;AAC4D,QAAA;AACpC,QAAA;AAC1B,MAAA;AACF,IAAA;AACF,EAAA;AAE2D,EAAA;AAEF,EAAA;AAC/C,IAAA;AACC,IAAA;AACS,MAAA;AACI,MAAA;AACtB,IAAA;AACD,EAAA;AACH;ADnC6E;AACA;AACA","file":"/home/runner/work/agentcash-telemetry/agentcash-telemetry/dist/siwx.js","sourcesContent":[null,"/**\n * SIWX telemetry wrapper — composes SIWX verification with telemetry.\n * One-liner for routes that need wallet auth + telemetry.\n *\n * Delegates SIWX verification to @x402/extensions/sign-in-with-x.\n * This package does NOT implement SIWX itself.\n *\n * Import from '@agentcash/telemetry/siwx'.\n * Requires peer dep: @x402/extensions\n */\n\nimport { type NextRequest, NextResponse } from 'next/server';\nimport { randomBytes } from 'crypto';\nimport {\n  parseSIWxHeader,\n  validateSIWxMessage,\n  verifySIWxSignature,\n  buildSIWxSchema,\n} from '@x402/extensions/sign-in-with-x';\nimport { encodePaymentRequiredHeader } from '@x402/core/http';\nimport type { TelemetryContext } from './types';\nimport { withTelemetry } from './telemetry';\n\nexport type { SiwxTelemetryContext };\n\ninterface SiwxTelemetryContext extends Omit<TelemetryContext, 'verifiedWallet'> {\n  /** Verified wallet address from SIWX authentication */\n  verifiedWallet: string;\n}\n\ntype SiwxHandler = (request: NextRequest, ctx: SiwxTelemetryContext) => Promise<NextResponse>;\n\n/**\n * Wrap a Next.js route handler with SIWX verification + telemetry.\n *\n * Verifies the SIGN-IN-WITH-X header and sets the verified wallet automatically.\n * If no SIWX header is present, returns a 402 with SIWX challenge.\n * If verification fails, returns a 402 (matching x402 protocol convention).\n */\nexport function withSiwxTelemetry(handler: SiwxHandler) {\n  return withTelemetry(async (request: NextRequest, ctx: TelemetryContext) => {\n    const header = request.headers.get('SIGN-IN-WITH-X') ?? request.headers.get('sign-in-with-x');\n\n    if (!header) {\n      return buildSiwxChallengeResponse(request);\n    }\n\n    const payload = parseSIWxHeader(header);\n\n    const validation = await validateSIWxMessage(payload, request.url);\n    if (!validation.valid) {\n      return NextResponse.json(\n        { success: false, error: `SIWX validation failed: ${validation.error}` },\n        { status: 402 },\n      );\n    }\n\n    const verification = await verifySIWxSignature(payload);\n    if (!verification.valid || !verification.address) {\n      return NextResponse.json(\n        { success: false, error: 'SIWX signature verification failed' },\n        { status: 402 },\n      );\n    }\n\n    const walletAddress = verification.address.toLowerCase();\n    ctx.setVerifiedWallet(walletAddress);\n\n    return handler(request, {\n      ...ctx,\n      verifiedWallet: walletAddress,\n    } as SiwxTelemetryContext);\n  });\n}\n\n/**\n * Build a 402 response with SIWX challenge.\n */\nfunction buildSiwxChallengeResponse(request: NextRequest): NextResponse {\n  const url = new URL(request.url);\n  const nonce = randomBytes(16).toString('hex');\n  const issuedAt = new Date().toISOString();\n  const expirationTime = new Date(Date.now() + 300_000).toISOString();\n\n  const paymentRequired = {\n    x402Version: 2,\n    error: 'SIWX authentication required',\n    resource: {\n      url: request.url,\n      description: 'SIWX-protected endpoint',\n      mimeType: 'application/json',\n    },\n    accepts: [\n      {\n        scheme: 'exact' as const,\n        network: 'eip155:8453' as const,\n        asset: '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913',\n        amount: '0',\n        payTo: '0x0000000000000000000000000000000000000000',\n        maxTimeoutSeconds: 300,\n        extra: {},\n      },\n    ],\n    extensions: {\n      'sign-in-with-x': {\n        info: {\n          domain: url.hostname,\n          uri: request.url,\n          version: '1',\n          nonce,\n          issuedAt,\n          expirationTime,\n          statement: 'Sign in to verify your wallet identity',\n          resources: [request.url],\n        },\n        supportedChains: [{ chainId: 'eip155:8453', type: 'eip191' }],\n        schema: buildSIWxSchema(),\n      },\n    },\n  };\n\n  const encoded = encodePaymentRequiredHeader(paymentRequired);\n\n  return new NextResponse(JSON.stringify(paymentRequired), {\n    status: 402,\n    headers: {\n      'Content-Type': 'application/json',\n      'PAYMENT-REQUIRED': encoded,\n    },\n  });\n}\n"]}

package/dist/siwx.mjs

@@ -0,0 +1,99 @@
+import {
+  withTelemetry
+} from "./chunk-5JJYROO4.mjs";
+import "./chunk-MJIU4ZVL.mjs";
+import "./chunk-V553T6WE.mjs";
+
+// src/siwx.ts
+import { NextResponse } from "next/server";
+import { randomBytes } from "crypto";
+import {
+  parseSIWxHeader,
+  validateSIWxMessage,
+  verifySIWxSignature,
+  buildSIWxSchema
+} from "@x402/extensions/sign-in-with-x";
+import { encodePaymentRequiredHeader } from "@x402/core/http";
+function withSiwxTelemetry(handler) {
+  return withTelemetry(async (request, ctx) => {
+    const header = request.headers.get("SIGN-IN-WITH-X") ?? request.headers.get("sign-in-with-x");
+    if (!header) {
+      return buildSiwxChallengeResponse(request);
+    }
+    const payload = parseSIWxHeader(header);
+    const validation = await validateSIWxMessage(payload, request.url);
+    if (!validation.valid) {
+      return NextResponse.json(
+        { success: false, error: `SIWX validation failed: ${validation.error}` },
+        { status: 402 }
+      );
+    }
+    const verification = await verifySIWxSignature(payload);
+    if (!verification.valid || !verification.address) {
+      return NextResponse.json(
+        { success: false, error: "SIWX signature verification failed" },
+        { status: 402 }
+      );
+    }
+    const walletAddress = verification.address.toLowerCase();
+    ctx.setVerifiedWallet(walletAddress);
+    return handler(request, {
+      ...ctx,
+      verifiedWallet: walletAddress
+    });
+  });
+}
+function buildSiwxChallengeResponse(request) {
+  const url = new URL(request.url);
+  const nonce = randomBytes(16).toString("hex");
+  const issuedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const expirationTime = new Date(Date.now() + 3e5).toISOString();
+  const paymentRequired = {
+    x402Version: 2,
+    error: "SIWX authentication required",
+    resource: {
+      url: request.url,
+      description: "SIWX-protected endpoint",
+      mimeType: "application/json"
+    },
+    accepts: [
+      {
+        scheme: "exact",
+        network: "eip155:8453",
+        asset: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+        amount: "0",
+        payTo: "0x0000000000000000000000000000000000000000",
+        maxTimeoutSeconds: 300,
+        extra: {}
+      }
+    ],
+    extensions: {
+      "sign-in-with-x": {
+        info: {
+          domain: url.hostname,
+          uri: request.url,
+          version: "1",
+          nonce,
+          issuedAt,
+          expirationTime,
+          statement: "Sign in to verify your wallet identity",
+          resources: [request.url]
+        },
+        supportedChains: [{ chainId: "eip155:8453", type: "eip191" }],
+        schema: buildSIWxSchema()
+      }
+    }
+  };
+  const encoded = encodePaymentRequiredHeader(paymentRequired);
+  return new NextResponse(JSON.stringify(paymentRequired), {
+    status: 402,
+    headers: {
+      "Content-Type": "application/json",
+      "PAYMENT-REQUIRED": encoded
+    }
+  });
+}
+export {
+  withSiwxTelemetry
+};
+//# sourceMappingURL=siwx.mjs.map

package/dist/siwx.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/siwx.ts"],"sourcesContent":["/**\n * SIWX telemetry wrapper — composes SIWX verification with telemetry.\n * One-liner for routes that need wallet auth + telemetry.\n *\n * Delegates SIWX verification to @x402/extensions/sign-in-with-x.\n * This package does NOT implement SIWX itself.\n *\n * Import from '@agentcash/telemetry/siwx'.\n * Requires peer dep: @x402/extensions\n */\n\nimport { type NextRequest, NextResponse } from 'next/server';\nimport { randomBytes } from 'crypto';\nimport {\n  parseSIWxHeader,\n  validateSIWxMessage,\n  verifySIWxSignature,\n  buildSIWxSchema,\n} from '@x402/extensions/sign-in-with-x';\nimport { encodePaymentRequiredHeader } from '@x402/core/http';\nimport type { TelemetryContext } from './types';\nimport { withTelemetry } from './telemetry';\n\nexport type { SiwxTelemetryContext };\n\ninterface SiwxTelemetryContext extends Omit<TelemetryContext, 'verifiedWallet'> {\n  /** Verified wallet address from SIWX authentication */\n  verifiedWallet: string;\n}\n\ntype SiwxHandler = (request: NextRequest, ctx: SiwxTelemetryContext) => Promise<NextResponse>;\n\n/**\n * Wrap a Next.js route handler with SIWX verification + telemetry.\n *\n * Verifies the SIGN-IN-WITH-X header and sets the verified wallet automatically.\n * If no SIWX header is present, returns a 402 with SIWX challenge.\n * If verification fails, returns a 402 (matching x402 protocol convention).\n */\nexport function withSiwxTelemetry(handler: SiwxHandler) {\n  return withTelemetry(async (request: NextRequest, ctx: TelemetryContext) => {\n    const header = request.headers.get('SIGN-IN-WITH-X') ?? request.headers.get('sign-in-with-x');\n\n    if (!header) {\n      return buildSiwxChallengeResponse(request);\n    }\n\n    const payload = parseSIWxHeader(header);\n\n    const validation = await validateSIWxMessage(payload, request.url);\n    if (!validation.valid) {\n      return NextResponse.json(\n        { success: false, error: `SIWX validation failed: ${validation.error}` },\n        { status: 402 },\n      );\n    }\n\n    const verification = await verifySIWxSignature(payload);\n    if (!verification.valid || !verification.address) {\n      return NextResponse.json(\n        { success: false, error: 'SIWX signature verification failed' },\n        { status: 402 },\n      );\n    }\n\n    const walletAddress = verification.address.toLowerCase();\n    ctx.setVerifiedWallet(walletAddress);\n\n    return handler(request, {\n      ...ctx,\n      verifiedWallet: walletAddress,\n    } as SiwxTelemetryContext);\n  });\n}\n\n/**\n * Build a 402 response with SIWX challenge.\n */\nfunction buildSiwxChallengeResponse(request: NextRequest): NextResponse {\n  const url = new URL(request.url);\n  const nonce = randomBytes(16).toString('hex');\n  const issuedAt = new Date().toISOString();\n  const expirationTime = new Date(Date.now() + 300_000).toISOString();\n\n  const paymentRequired = {\n    x402Version: 2,\n    error: 'SIWX authentication required',\n    resource: {\n      url: request.url,\n      description: 'SIWX-protected endpoint',\n      mimeType: 'application/json',\n    },\n    accepts: [\n      {\n        scheme: 'exact' as const,\n        network: 'eip155:8453' as const,\n        asset: '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913',\n        amount: '0',\n        payTo: '0x0000000000000000000000000000000000000000',\n        maxTimeoutSeconds: 300,\n        extra: {},\n      },\n    ],\n    extensions: {\n      'sign-in-with-x': {\n        info: {\n          domain: url.hostname,\n          uri: request.url,\n          version: '1',\n          nonce,\n          issuedAt,\n          expirationTime,\n          statement: 'Sign in to verify your wallet identity',\n          resources: [request.url],\n        },\n        supportedChains: [{ chainId: 'eip155:8453', type: 'eip191' }],\n        schema: buildSIWxSchema(),\n      },\n    },\n  };\n\n  const encoded = encodePaymentRequiredHeader(paymentRequired);\n\n  return new NextResponse(JSON.stringify(paymentRequired), {\n    status: 402,\n    headers: {\n      'Content-Type': 'application/json',\n      'PAYMENT-REQUIRED': encoded,\n    },\n  });\n}\n"],"mappings":";;;;;;;AAWA,SAA2B,oBAAoB;AAC/C,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,mCAAmC;AAoBrC,SAAS,kBAAkB,SAAsB;AACtD,SAAO,cAAc,OAAO,SAAsB,QAA0B;AAC1E,UAAM,SAAS,QAAQ,QAAQ,IAAI,gBAAgB,KAAK,QAAQ,QAAQ,IAAI,gBAAgB;AAE5F,QAAI,CAAC,QAAQ;AACX,aAAO,2BAA2B,OAAO;AAAA,IAC3C;AAEA,UAAM,UAAU,gBAAgB,MAAM;AAEtC,UAAM,aAAa,MAAM,oBAAoB,SAAS,QAAQ,GAAG;AACjE,QAAI,CAAC,WAAW,OAAO;AACrB,aAAO,aAAa;AAAA,QAClB,EAAE,SAAS,OAAO,OAAO,2BAA2B,WAAW,KAAK,GAAG;AAAA,QACvE,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,eAAe,MAAM,oBAAoB,OAAO;AACtD,QAAI,CAAC,aAAa,SAAS,CAAC,aAAa,SAAS;AAChD,aAAO,aAAa;AAAA,QAClB,EAAE,SAAS,OAAO,OAAO,qCAAqC;AAAA,QAC9D,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,gBAAgB,aAAa,QAAQ,YAAY;AACvD,QAAI,kBAAkB,aAAa;AAEnC,WAAO,QAAQ,SAAS;AAAA,MACtB,GAAG;AAAA,MACH,gBAAgB;AAAA,IAClB,CAAyB;AAAA,EAC3B,CAAC;AACH;AAKA,SAAS,2BAA2B,SAAoC;AACtE,QAAM,MAAM,IAAI,IAAI,QAAQ,GAAG;AAC/B,QAAM,QAAQ,YAAY,EAAE,EAAE,SAAS,KAAK;AAC5C,QAAM,YAAW,oBAAI,KAAK,GAAE,YAAY;AACxC,QAAM,iBAAiB,IAAI,KAAK,KAAK,IAAI,IAAI,GAAO,EAAE,YAAY;AAElE,QAAM,kBAAkB;AAAA,IACtB,aAAa;AAAA,IACb,OAAO;AAAA,IACP,UAAU;AAAA,MACR,KAAK,QAAQ;AAAA,MACb,aAAa;AAAA,MACb,UAAU;AAAA,IACZ;AAAA,IACA,SAAS;AAAA,MACP;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,OAAO;AAAA,QACP,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,mBAAmB;AAAA,QACnB,OAAO,CAAC;AAAA,MACV;AAAA,IACF;AAAA,IACA,YAAY;AAAA,MACV,kBAAkB;AAAA,QAChB,MAAM;AAAA,UACJ,QAAQ,IAAI;AAAA,UACZ,KAAK,QAAQ;AAAA,UACb,SAAS;AAAA,UACT;AAAA,UACA;AAAA,UACA;AAAA,UACA,WAAW;AAAA,UACX,WAAW,CAAC,QAAQ,GAAG;AAAA,QACzB;AAAA,QACA,iBAAiB,CAAC,EAAE,SAAS,eAAe,MAAM,SAAS,CAAC;AAAA,QAC5D,QAAQ,gBAAgB;AAAA,MAC1B;AAAA,IACF;AAAA,EACF;AAEA,QAAM,UAAU,4BAA4B,eAAe;AAE3D,SAAO,IAAI,aAAa,KAAK,UAAU,eAAe,GAAG;AAAA,IACvD,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,oBAAoB;AAAA,IACtB;AAAA,EACF,CAAC;AACH;","names":[]}

package/dist/types-DnZ7Qg3n.d.mts

@@ -0,0 +1,61 @@
+/**
+ * ClickHouse row type for mcp_resource_invocations table.
+ * This is the real contract — not the DDL.
+ */
+interface McpResourceInvocation {
+    id: string;
+    x_wallet_address: string | null;
+    x_client_id: string | null;
+    session_id: string | null;
+    verified_wallet_address: string | null;
+    method: string;
+    route: string;
+    origin: string;
+    referer: string | null;
+    request_content_type: string | null;
+    request_headers: string | null;
+    request_body: string | null;
+    status_code: number;
+    status_text: string;
+    duration: number;
+    response_content_type: string | null;
+    response_headers: string | null;
+    response_body: string | null;
+    payment_protocol: string | null;
+    payment_amount: string | null;
+    payment_network: string | null;
+    payment_tx_hash: string | null;
+    created_at: Date;
+}
+/**
+ * Telemetry context passed to handler functions.
+ */
+interface TelemetryContext {
+    /** Wallet address from X-Wallet-Address header (lowercased) */
+    walletAddress: string | null;
+    /** Client ID from X-Client-ID header */
+    clientId: string | null;
+    /** Session ID from X-Session-ID header */
+    sessionId: string | null;
+    /** Verified wallet address (auto-extracted from x402 payment, or set manually) */
+    verifiedWallet: string | null;
+    /** Manually set the verified wallet address (for SIWX, API-key, or other auth) */
+    setVerifiedWallet: (address: string) => void;
+}
+/**
+ * ClickHouse connection config for initTelemetry.
+ */
+interface TelemetryConfig {
+    clickhouse: {
+        url: string;
+        database?: string;
+        username?: string;
+        password?: string;
+    };
+    /** Server's own origin URL (e.g., 'https://enrichx402.com'). Auto-detected from request if not set. */
+    origin?: string;
+    /** If true, pings ClickHouse on init and logs the result. Never throws or blocks. */
+    verify?: boolean;
+}
+
+export type { McpResourceInvocation as M, TelemetryConfig as T, TelemetryContext as a };

package/dist/types-DnZ7Qg3n.d.ts

@@ -0,0 +1,61 @@
+/**
+ * ClickHouse row type for mcp_resource_invocations table.
+ * This is the real contract — not the DDL.
+ */
+interface McpResourceInvocation {
+    id: string;
+    x_wallet_address: string | null;
+    x_client_id: string | null;
+    session_id: string | null;
+    verified_wallet_address: string | null;
+    method: string;
+    route: string;
+    origin: string;
+    referer: string | null;
+    request_content_type: string | null;
+    request_headers: string | null;
+    request_body: string | null;
+    status_code: number;
+    status_text: string;
+    duration: number;
+    response_content_type: string | null;
+    response_headers: string | null;
+    response_body: string | null;
+    payment_protocol: string | null;
+    payment_amount: string | null;
+    payment_network: string | null;
+    payment_tx_hash: string | null;
+    created_at: Date;
+}
+/**
+ * Telemetry context passed to handler functions.
+ */
+interface TelemetryContext {
+    /** Wallet address from X-Wallet-Address header (lowercased) */
+    walletAddress: string | null;
+    /** Client ID from X-Client-ID header */
+    clientId: string | null;
+    /** Session ID from X-Session-ID header */
+    sessionId: string | null;
+    /** Verified wallet address (auto-extracted from x402 payment, or set manually) */
+    verifiedWallet: string | null;
+    /** Manually set the verified wallet address (for SIWX, API-key, or other auth) */
+    setVerifiedWallet: (address: string) => void;
+}
+/**
+ * ClickHouse connection config for initTelemetry.
+ */
+interface TelemetryConfig {
+    clickhouse: {
+        url: string;
+        database?: string;
+        username?: string;
+        password?: string;
+    };
+    /** Server's own origin URL (e.g., 'https://enrichx402.com'). Auto-detected from request if not set. */
+    origin?: string;
+    /** If true, pings ClickHouse on init and logs the result. Never throws or blocks. */
+    verify?: boolean;
+}
+
+export type { McpResourceInvocation as M, TelemetryConfig as T, TelemetryContext as a };

package/package.json

@@ -0,0 +1,94 @@
+{
+  "name": "@agentcash/telemetry",
+  "version": "0.0.0-pr-16-20260520161400",
+  "description": "ClickHouse telemetry plugin for @agentcash/router. Logs request lifecycle, payments, settlements, and provider quota to ClickHouse.",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./siwx": {
+      "types": "./dist/siwx.d.ts",
+      "import": "./dist/siwx.mjs",
+      "require": "./dist/siwx.js"
+    },
+    "./builder": {
+      "types": "./dist/builder.d.ts",
+      "import": "./dist/builder.mjs",
+      "require": "./dist/builder.js"
+    },
+    "./plugin": {
+      "types": "./dist/router-plugin.d.ts",
+      "import": "./dist/router-plugin.mjs",
+      "require": "./dist/router-plugin.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "keywords": [
+    "x402",
+    "agentcash",
+    "telemetry",
+    "clickhouse",
+    "payments"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Merit-Systems/agentcash-telemetry"
+  },
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "peerDependencies": {
+    "@clickhouse/client": "^1.12.0",
+    "@x402/core": "^2.2.0",
+    "@x402/extensions": "^2.3.0",
+    "@x402/next": "^2.2.0",
+    "next": ">=15.0.0",
+    "zod": "^4.0.0"
+  },
+  "peerDependenciesMeta": {
+    "@x402/next": {
+      "optional": true
+    },
+    "@x402/extensions": {
+      "optional": true
+    },
+    "zod": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@changesets/cli": "^2.29.8",
+    "@clickhouse/client": "^1.16.0",
+    "@eslint/js": "^9.0.0",
+    "@x402/core": "^2.2.0",
+    "@x402/extensions": "^2.3.0",
+    "@x402/next": "^2.2.0",
+    "eslint": "^9.0.0",
+    "next": "16.0.10",
+    "prettier": "^3.8.1",
+    "tsup": "^8.0.0",
+    "typescript": "^5.7.0",
+    "typescript-eslint": "^8.55.0",
+    "vitest": "^4.0.18",
+    "zod": "^4.1.13"
+  },
+  "scripts": {
+    "build": "tsup",
+    "lint": "eslint src/",
+    "lint:fix": "eslint src/ --fix",
+    "format": "prettier --write 'src/**/*.ts' '*.json' '*.mjs'",
+    "format:check": "prettier --check 'src/**/*.ts' '*.json' '*.mjs'",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "check": "npm run format:check && npm run lint && npm run typecheck && npm run build && npm test",
+    "changeset": "changeset"
+  }
+}