@agether/sdk 1.5.0 → 1.5.2

package/dist/chunk-PTXYOTCG.mjs

@@ -0,0 +1,257 @@
+// src/clients/X402Client.ts
+import { ethers } from "ethers";
+var USDC_DOMAINS = {
+  "eip155:1": { name: "USD Coin", version: "2", address: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48" },
+  "eip155:8453": { name: "USD Coin", version: "2", address: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913" },
+  "eip155:84532": { name: "USD Coin", version: "2", address: "0x036CbD53842c5426634e7929541eC2318f3dCF7e" },
+  "eip155:42161": { name: "USD Coin", version: "2", address: "0xaf88d065e77c8cC2239327C5EDb3A432268e5831" },
+  "eip155:10": { name: "USD Coin", version: "2", address: "0x0b2C639c533813f4Aa9D7837CAf62653d097Ff85" }
+};
+function chainIdFromNetwork(network) {
+  const m = network.match(/^eip155:(\d+)$/);
+  return m ? Number(m[1]) : 1;
+}
+var X402Client = class {
+  constructor(config) {
+    this.config = config;
+    const provider = new ethers.JsonRpcProvider(config.rpcUrl);
+    this.wallet = new ethers.Wallet(config.privateKey, provider);
+  }
+  async get(url, opts) {
+    return this.request(url, { ...opts, method: "GET" });
+  }
+  async post(url, body, opts) {
+    return this.request(url, {
+      ...opts,
+      method: "POST",
+      body: body ? JSON.stringify(body) : void 0,
+      headers: { "Content-Type": "application/json", ...opts?.headers }
+    });
+  }
+  getAddress() {
+    return this.wallet.address;
+  }
+  // ──────────── Core request / 402-retry loop ────────────
+  async request(url, options) {
+    try {
+      console.log("   [1/4] Calling resource server\u2026");
+      const response = await fetch(url, {
+        ...options,
+        headers: {
+          ...options?.headers,
+          "X-Agent-Id": this.config.agentId || ""
+        }
+      });
+      if (response.ok) {
+        const data = await response.json();
+        return { success: true, data };
+      }
+      if (response.status !== 402) {
+        return { success: false, error: `HTTP ${response.status}: ${await response.text()}` };
+      }
+      console.log("   [2/4] 402 received \u2014 parsing payment requirements\u2026");
+      const parsed = await this.parsePaymentRequired(response);
+      if (!parsed) {
+        return { success: false, error: "Could not parse payment requirements from 402 response" };
+      }
+      const { requirements, resource } = parsed;
+      console.log(`         scheme  : ${requirements.scheme}`);
+      console.log(`         network : ${requirements.network}`);
+      console.log(`         amount  : ${requirements.amount} (atomic)`);
+      console.log(`         asset   : ${requirements.asset}`);
+      console.log(`         payTo   : ${requirements.payTo}`);
+      console.log("   [3/4] Signing EIP-3009 transferWithAuthorization\u2026");
+      const paymentPayload = await this.buildPaymentPayload(requirements, resource, url);
+      const paymentB64 = Buffer.from(JSON.stringify(paymentPayload)).toString("base64");
+      await this.riskCheck(paymentPayload, requirements);
+      console.log("   [4/4] Retrying with PAYMENT-SIGNATURE header\u2026");
+      const paidResponse = await fetch(url, {
+        ...options,
+        headers: {
+          ...options?.headers,
+          "X-Agent-Id": this.config.agentId || "",
+          // v2 header
+          "PAYMENT-SIGNATURE": paymentB64,
+          // v1 compat header (some servers still use this)
+          "X-PAYMENT": paymentB64
+        }
+      });
+      if (paidResponse.ok) {
+        const data = await paidResponse.json();
+        const settlementHeader = paidResponse.headers.get("PAYMENT-RESPONSE") || paidResponse.headers.get("X-PAYMENT-RESPONSE");
+        let txHash;
+        if (settlementHeader) {
+          try {
+            const settlement = JSON.parse(Buffer.from(settlementHeader, "base64").toString("utf-8"));
+            txHash = settlement.transaction;
+          } catch {
+          }
+        }
+        return {
+          success: true,
+          data,
+          paymentInfo: {
+            amount: requirements.amount,
+            asset: requirements.extra?.name || "USDC",
+            network: requirements.network,
+            txHash
+          }
+        };
+      }
+      const errBody = await paidResponse.text();
+      return { success: false, error: `Payment rejected (HTTP ${paidResponse.status}): ${errBody}` };
+    } catch (error) {
+      return { success: false, error: `Request failed: ${error instanceof Error ? error.message : String(error)}` };
+    }
+  }
+  // ──────────── Parse 402 response ────────────
+  async parsePaymentRequired(response) {
+    const prHeader = response.headers.get("PAYMENT-REQUIRED") || response.headers.get("x-payment-required");
+    if (prHeader) {
+      try {
+        const decoded = JSON.parse(Buffer.from(prHeader, "base64").toString("utf-8"));
+        if (decoded.accepts?.length) {
+          return { requirements: decoded.accepts[0], resource: decoded.resource };
+        }
+      } catch {
+      }
+    }
+    try {
+      const body = await response.json();
+      if (body.accepts && Array.isArray(body.accepts) && body.accepts.length > 0) {
+        return { requirements: body.accepts[0], resource: body.resource };
+      }
+      if (body.paymentRequirements) {
+        const pr = Array.isArray(body.paymentRequirements) ? body.paymentRequirements[0] : body.paymentRequirements;
+        return { requirements: pr, resource: body.resource };
+      }
+      if (body.scheme && body.network) {
+        return { requirements: body, resource: body.resource };
+      }
+    } catch {
+    }
+    const wwwAuth = response.headers.get("WWW-Authenticate");
+    if (wwwAuth) {
+      const m = wwwAuth.match(/x402[^"]*"([^"]+)"/);
+      if (m) {
+        try {
+          const decoded = JSON.parse(Buffer.from(m[1], "base64").toString("utf-8"));
+          const reqs = Array.isArray(decoded) ? decoded[0] : decoded;
+          return { requirements: reqs };
+        } catch {
+        }
+      }
+    }
+    return null;
+  }
+  // ──────────── Build x402 v2 PaymentPayload with EIP-3009 ────────────
+  //
+  // If an AgentAccount is configured, we use it as the `from` address
+  // (smart wallet pays directly). The AgentAccount implements EIP-1271
+  // so USDC's transferWithAuthorization will call isValidSignature()
+  // to verify the owner's ECDSA signature. The facilitator detects
+  // the >65-byte or smart-wallet case and uses the bytes overload.
+  async buildPaymentPayload(reqs, resource, url) {
+    const now = Math.floor(Date.now() / 1e3);
+    const validAfter = String(now - 60);
+    const validBefore = String(now + (reqs.maxTimeoutSeconds || 300));
+    const nonce = ethers.hexlify(ethers.randomBytes(32));
+    const chainId = chainIdFromNetwork(reqs.network);
+    const usdcDomain = USDC_DOMAINS[reqs.network] || USDC_DOMAINS["eip155:1"];
+    const payerAddress = this.config.accountAddress || this.wallet.address;
+    const isSmartWallet = !!this.config.accountAddress;
+    const domain = {
+      name: usdcDomain.name,
+      version: usdcDomain.version,
+      chainId,
+      verifyingContract: reqs.asset || usdcDomain.address
+    };
+    const types = {
+      TransferWithAuthorization: [
+        { name: "from", type: "address" },
+        { name: "to", type: "address" },
+        { name: "value", type: "uint256" },
+        { name: "validAfter", type: "uint256" },
+        { name: "validBefore", type: "uint256" },
+        { name: "nonce", type: "bytes32" }
+      ]
+    };
+    const value = {
+      from: payerAddress,
+      // AgentAccount or EOA
+      to: reqs.payTo,
+      value: reqs.amount,
+      validAfter,
+      validBefore,
+      nonce
+    };
+    let signature = await this.wallet.signTypedData(domain, types, value);
+    if (isSmartWallet) {
+      signature = signature + "00";
+    }
+    if (isSmartWallet) {
+      console.log(`         \u2713 Signed for AgentAccount ${payerAddress.slice(0, 10)}\u2026 (EIP-1271, chain=${chainId})`);
+    } else {
+      console.log(`         \u2713 Signed (from=${payerAddress.slice(0, 10)}\u2026, chain=${chainId})`);
+    }
+    return {
+      x402Version: 2,
+      resource: resource || { url, description: "", mimeType: "application/json" },
+      accepted: {
+        scheme: reqs.scheme,
+        network: reqs.network,
+        amount: reqs.amount,
+        asset: reqs.asset,
+        payTo: reqs.payTo,
+        maxTimeoutSeconds: reqs.maxTimeoutSeconds,
+        extra: reqs.extra || {}
+      },
+      payload: {
+        signature,
+        authorization: {
+          from: payerAddress,
+          // AgentAccount address — facilitator checks balance here
+          to: reqs.payTo,
+          value: reqs.amount,
+          validAfter,
+          validBefore,
+          nonce
+        }
+      }
+    };
+  }
+  // ──────────── Risk check via our backend ────────────
+  async riskCheck(paymentPayload, reqs) {
+    try {
+      const verifyUrl = `${this.config.backendUrl}/x402/verify`;
+      const resp = await fetch(verifyUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-Agent-Id": this.config.agentId || "",
+          ...this.config.accountAddress ? { "X-Agent-Account": this.config.accountAddress } : {}
+        },
+        body: JSON.stringify({
+          x402Version: 2,
+          paymentPayload,
+          paymentRequirements: reqs
+        }),
+        signal: AbortSignal.timeout(5e3)
+      });
+      if (resp.ok) {
+        const result = await resp.json();
+        const decision = resp.headers.get("X-Risk-Decision") || (result.isValid ? "allow" : "unknown");
+        const score = resp.headers.get("X-Risk-Score") || "?";
+        console.log(`         \u2713 Risk check: ${decision} (score=${score})`);
+      } else {
+        console.log(`         \u26A0 Risk check failed (HTTP ${resp.status}) \u2014 continuing anyway`);
+      }
+    } catch {
+      console.log("         \u26A0 Risk check unavailable \u2014 continuing");
+    }
+  }
+};
+
+export {
+  X402Client
+};

package/dist/cli.d.mts

@@ -0,0 +1 @@
+#!/usr/bin/env node

package/dist/cli.d.ts

@@ -0,0 +1 @@
+#!/usr/bin/env node

package/dist/cli.js

@@ -148,9 +148,9 @@ var init_config = __esm({
         morphoBlue: "0xBBBBBbbBBb9cC5e90e3b3Af64bdAF62C37EEFFCb"
       },
       [8453 /* Base */]: {
-        accountFactory: "0xeB72f248Ad9F4bf4024e8D9da75cf7AAD37B58f5",
-        validationRegistry: "0x8842f2383A86134Dd80c3Ecf6Bbae2e38396A5ec",
-        agentReputation: "0xF1bed094D4E33E47CC8C72E086FFFde09e2211b4",
+        accountFactory: "0x7D5D56416bAEA06a9DCBe3092eF335724C6320a0",
+        validationRegistry: "0xd196C32D2149270F56E209ba7aEE67CE9ceD2001",
+        agentReputation: "0x65c9cA1211809D3CF3A2707558198eb2b2bE623c",
         usdc: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
         identityRegistry: "0x8004A169FB4a3325136EB29fA0ceB6D2e539a432",
         morphoBlue: "0xBBBBBbbBBb9cC5e90e3b3Af64bdAF62C37EEFFCb"
@@ -274,11 +274,6 @@ var init_MorphoClient = __esm({
         let agentId;
         if (balance > 0n && this.agentId) {
           agentId = BigInt(this.agentId);
-        } else if (balance > 0n) {
-          throw new AgetherError(
-            "Wallet already has an ERC-8004 identity but agentId is unknown. Pass agentId in config.",
-            "AGENT_ID_UNKNOWN"
-          );
         } else {
           const regTx = await this.identityRegistry.register();
           const regReceipt = await regTx.wait();