npm - @agirails/sdk - Versions diffs - 3.2.0 → 3.3.0 - Mend

@agirails/sdk 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (209) hide show

package/LICENSE +1 -1
package/README.md +12 -14
package/dist/ACTPClient.d.ts +8 -11
package/dist/ACTPClient.d.ts.map +1 -1
package/dist/ACTPClient.js +79 -20
package/dist/ACTPClient.js.map +1 -1
package/dist/__tests__/helpers/mockX402Server.d.ts +67 -0
package/dist/__tests__/helpers/mockX402Server.d.ts.map +1 -0
package/dist/__tests__/helpers/mockX402Server.js +121 -0
package/dist/__tests__/helpers/mockX402Server.js.map +1 -0
package/dist/adapters/BaseAdapter.d.ts +7 -1
package/dist/adapters/BaseAdapter.d.ts.map +1 -1
package/dist/adapters/BaseAdapter.js +11 -6
package/dist/adapters/BaseAdapter.js.map +1 -1
package/dist/adapters/BasicAdapter.d.ts.map +1 -1
package/dist/adapters/BasicAdapter.js +12 -2
package/dist/adapters/BasicAdapter.js.map +1 -1
package/dist/adapters/StandardAdapter.d.ts.map +1 -1
package/dist/adapters/StandardAdapter.js +12 -2
package/dist/adapters/StandardAdapter.js.map +1 -1
package/dist/adapters/X402Adapter.d.ts +161 -199
package/dist/adapters/X402Adapter.d.ts.map +1 -1
package/dist/adapters/X402Adapter.js +603 -414
package/dist/adapters/X402Adapter.js.map +1 -1
package/dist/adapters/index.d.ts +1 -1
package/dist/adapters/index.d.ts.map +1 -1
package/dist/adapters/index.js.map +1 -1
package/dist/builders/DeliveryProofBuilder.d.ts.map +1 -1
package/dist/builders/DeliveryProofBuilder.js +3 -2
package/dist/builders/DeliveryProofBuilder.js.map +1 -1
package/dist/cli/agirails.js +12 -4
package/dist/cli/agirails.js.map +1 -1
package/dist/cli/commands/autopublish.js +9 -1
package/dist/cli/commands/autopublish.js.map +1 -1
package/dist/cli/commands/config.js +1 -12
package/dist/cli/commands/config.js.map +1 -1
package/dist/cli/commands/deploy-env.js +1 -1
package/dist/cli/commands/deploy-env.js.map +1 -1
package/dist/cli/commands/diff.js +38 -4
package/dist/cli/commands/diff.js.map +1 -1
package/dist/cli/commands/health.js +3 -1
package/dist/cli/commands/health.js.map +1 -1
package/dist/cli/commands/init.d.ts +2 -0
package/dist/cli/commands/init.d.ts.map +1 -1
package/dist/cli/commands/init.js +75 -2
package/dist/cli/commands/init.js.map +1 -1
package/dist/cli/commands/pay.d.ts.map +1 -1
package/dist/cli/commands/pay.js +23 -0
package/dist/cli/commands/pay.js.map +1 -1
package/dist/cli/commands/publish.js +15 -8
package/dist/cli/commands/publish.js.map +1 -1
package/dist/cli/commands/pull.js +3 -1
package/dist/cli/commands/pull.js.map +1 -1
package/dist/cli/commands/receipt.d.ts +17 -3
package/dist/cli/commands/receipt.d.ts.map +1 -1
package/dist/cli/commands/receipt.js +95 -33
package/dist/cli/commands/receipt.js.map +1 -1
package/dist/cli/commands/test.d.ts.map +1 -1
package/dist/cli/commands/test.js +222 -60
package/dist/cli/commands/test.js.map +1 -1
package/dist/cli/commands/tx.js +13 -0
package/dist/cli/commands/tx.js.map +1 -1
package/dist/cli/index.js +3 -1
package/dist/cli/index.js.map +1 -1
package/dist/cli/receiptUpload.d.ts +52 -0
package/dist/cli/receiptUpload.d.ts.map +1 -0
package/dist/cli/receiptUpload.js +134 -0
package/dist/cli/receiptUpload.js.map +1 -0
package/dist/cli/utils/banner.d.ts +31 -0
package/dist/cli/utils/banner.d.ts.map +1 -0
package/dist/cli/utils/banner.js +92 -0
package/dist/cli/utils/banner.js.map +1 -0
package/dist/cli/utils/config.d.ts +0 -2
package/dist/cli/utils/config.d.ts.map +1 -1
package/dist/cli/utils/config.js +40 -25
package/dist/cli/utils/config.js.map +1 -1
package/dist/cli/utils/output.d.ts +2 -0
package/dist/cli/utils/output.d.ts.map +1 -1
package/dist/cli/utils/output.js +7 -1
package/dist/cli/utils/output.js.map +1 -1
package/dist/cli/utils/share.d.ts +51 -0
package/dist/cli/utils/share.d.ts.map +1 -0
package/dist/cli/utils/share.js +133 -0
package/dist/cli/utils/share.js.map +1 -0
package/dist/config/agirailsmd.d.ts.map +1 -1
package/dist/config/agirailsmd.js +2 -1
package/dist/config/agirailsmd.js.map +1 -1
package/dist/config/defaults.d.ts +2 -2
package/dist/config/defaults.d.ts.map +1 -1
package/dist/config/defaults.js +9 -3
package/dist/config/defaults.js.map +1 -1
package/dist/config/networks.d.ts +7 -0
package/dist/config/networks.d.ts.map +1 -1
package/dist/config/networks.js +20 -11
package/dist/config/networks.js.map +1 -1
package/dist/config/pendingPublish.d.ts.map +1 -1
package/dist/config/pendingPublish.js +10 -3
package/dist/config/pendingPublish.js.map +1 -1
package/dist/config/syncOperations.d.ts.map +1 -1
package/dist/config/syncOperations.js +4 -2
package/dist/config/syncOperations.js.map +1 -1
package/dist/erc8004/ERC8004Bridge.d.ts.map +1 -1
package/dist/erc8004/ERC8004Bridge.js +0 -1
package/dist/erc8004/ERC8004Bridge.js.map +1 -1
package/dist/errors/ACTPError.d.ts +24 -0
package/dist/errors/ACTPError.d.ts.map +1 -0
package/dist/errors/ACTPError.js +35 -0
package/dist/errors/ACTPError.js.map +1 -0
package/dist/errors/X402Errors.d.ts +106 -0
package/dist/errors/X402Errors.d.ts.map +1 -0
package/dist/errors/X402Errors.js +160 -0
package/dist/errors/X402Errors.js.map +1 -0
package/dist/errors/index.d.ts +3 -9
package/dist/errors/index.d.ts.map +1 -1
package/dist/errors/index.js +38 -33
package/dist/errors/index.js.map +1 -1
package/dist/index.d.ts +2 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +15 -3
package/dist/index.js.map +1 -1
package/dist/level0/Provider.d.ts +5 -0
package/dist/level0/Provider.d.ts.map +1 -1
package/dist/level0/ServiceDirectory.d.ts.map +1 -1
package/dist/level0/ServiceDirectory.js +3 -2
package/dist/level0/ServiceDirectory.js.map +1 -1
package/dist/level0/provide.d.ts.map +1 -1
package/dist/level0/provide.js +11 -8
package/dist/level0/provide.js.map +1 -1
package/dist/level0/request.d.ts.map +1 -1
package/dist/level0/request.js +14 -6
package/dist/level0/request.js.map +1 -1
package/dist/level1/Agent.d.ts +1 -1
package/dist/level1/Agent.d.ts.map +1 -1
package/dist/level1/Agent.js +12 -6
package/dist/level1/Agent.js.map +1 -1
package/dist/level1/pricing/PriceCalculator.d.ts.map +1 -1
package/dist/level1/pricing/PriceCalculator.js +4 -12
package/dist/level1/pricing/PriceCalculator.js.map +1 -1
package/dist/protocol/ACTPKernel.d.ts +4 -1
package/dist/protocol/ACTPKernel.d.ts.map +1 -1
package/dist/protocol/ACTPKernel.js +2 -1
package/dist/protocol/ACTPKernel.js.map +1 -1
package/dist/protocol/EventMonitor.d.ts +27 -1
package/dist/protocol/EventMonitor.d.ts.map +1 -1
package/dist/protocol/EventMonitor.js +11 -9
package/dist/protocol/EventMonitor.js.map +1 -1
package/dist/protocol/ProofGenerator.d.ts.map +1 -1
package/dist/protocol/ProofGenerator.js +3 -2
package/dist/protocol/ProofGenerator.js.map +1 -1
package/dist/runtime/BlockchainRuntime.d.ts +2 -0
package/dist/runtime/BlockchainRuntime.d.ts.map +1 -1
package/dist/runtime/BlockchainRuntime.js +19 -6
package/dist/runtime/BlockchainRuntime.js.map +1 -1
package/dist/runtime/MockRuntime.d.ts +3 -2
package/dist/runtime/MockRuntime.d.ts.map +1 -1
package/dist/runtime/MockRuntime.js +16 -22
package/dist/runtime/MockRuntime.js.map +1 -1
package/dist/runtime/types/MockState.d.ts +4 -0
package/dist/runtime/types/MockState.d.ts.map +1 -1
package/dist/runtime/types/MockState.js.map +1 -1
package/dist/server/buildX402Server.d.ts +131 -0
package/dist/server/buildX402Server.d.ts.map +1 -0
package/dist/server/buildX402Server.js +151 -0
package/dist/server/buildX402Server.js.map +1 -0
package/dist/server/index.d.ts +33 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +36 -0
package/dist/server/index.js.map +1 -0
package/dist/types/adapter.d.ts +42 -12
package/dist/types/adapter.d.ts.map +1 -1
package/dist/types/adapter.js +6 -1
package/dist/types/adapter.js.map +1 -1
package/dist/types/eip712.d.ts +20 -0
package/dist/types/eip712.d.ts.map +1 -1
package/dist/types/x402.d.ts +8 -8
package/dist/utils/security.d.ts.map +1 -1
package/dist/utils/security.js +4 -6
package/dist/utils/security.js.map +1 -1
package/dist/wallet/AutoWalletProvider.d.ts +45 -1
package/dist/wallet/AutoWalletProvider.d.ts.map +1 -1
package/dist/wallet/AutoWalletProvider.js +154 -1
package/dist/wallet/AutoWalletProvider.js.map +1 -1
package/dist/wallet/EOAWalletProvider.d.ts +13 -1
package/dist/wallet/EOAWalletProvider.d.ts.map +1 -1
package/dist/wallet/EOAWalletProvider.js +24 -0
package/dist/wallet/EOAWalletProvider.js.map +1 -1
package/dist/wallet/IWalletProvider.d.ts +34 -0
package/dist/wallet/IWalletProvider.d.ts.map +1 -1
package/dist/wallet/SmartWalletRouter.d.ts.map +1 -1
package/dist/wallet/SmartWalletRouter.js +3 -1
package/dist/wallet/SmartWalletRouter.js.map +1 -1
package/dist/wallet/aa/BundlerClient.js +8 -4
package/dist/wallet/aa/BundlerClient.js.map +1 -1
package/dist/wallet/aa/DualNonceManager.d.ts +4 -1
package/dist/wallet/aa/DualNonceManager.d.ts.map +1 -1
package/dist/wallet/aa/DualNonceManager.js +3 -0
package/dist/wallet/aa/DualNonceManager.js.map +1 -1
package/dist/wallet/keystore.d.ts.map +1 -1
package/dist/wallet/keystore.js +6 -4
package/dist/wallet/keystore.js.map +1 -1
package/package.json +16 -3
package/dist/adapters/BeginnerAdapter.d.ts +0 -152
package/dist/adapters/BeginnerAdapter.d.ts.map +0 -1
package/dist/adapters/BeginnerAdapter.js +0 -168
package/dist/adapters/BeginnerAdapter.js.map +0 -1
package/dist/adapters/IntermediateAdapter.d.ts +0 -211
package/dist/adapters/IntermediateAdapter.d.ts.map +0 -1
package/dist/adapters/IntermediateAdapter.js +0 -260
package/dist/adapters/IntermediateAdapter.js.map +0 -1

package/dist/adapters/X402Adapter.d.ts CHANGED Viewed

@@ -1,249 +1,211 @@
 /**
- * X402Adapter - HTTP 402 Payment Required Protocol (Atomic Payments)
+ * X402Adapter — real x402 v2 protocol support.
  *
- * Implements the x402 protocol for atomic, instant API payments.
- * NO escrow, NO state machine, NO disputes - just pay and receive.
+ * Thin wrapper around official @x402/fetch + @x402/evm + @x402/core packages.
+ * Replaces the legacy custom `x-payment-*` HTTP flow (which was never real x402)
+ * with proper EIP-3009 / Permit2 wire format for full interoperability with
+ * any x402 v2 seller (Coinbase demo, third-party servers, AGIRAILS sellers).
  *
- * This is fundamentally different from ACTP:
- * - ACTP: escrow → state machine → disputes → explicit release
- * - x402: atomic payment → instant settlement → done
+ * Architecture:
+ * - Buyer signs EIP-3009 authorization or Permit2 witness OFF-CHAIN
+ * - Facilitator (server-configured) submits on-chain tx and pays gas
+ * - Buyer is always gassless for x402 by protocol design
+ * - Smart Wallet buyers use Permit2 path (ERC-1271 + ERC-6492 via viem)
+ * - EOA buyers use either path
  *
- * Use x402 for:
- * - Simple API calls (pay-per-request)
- * - Instant delivery (response IS the delivery)
- * - Low-value, high-frequency transactions
+ * Zero fee layer: payTo goes directly to seller. X402Relay is never used.
+ * Zero reputation hooks: ERC-8004 registry never touched on x402 payments.
  *
- * Use ACTP for:
- * - Complex services requiring verification
- * - High-value transactions needing dispute protection
- * - Multi-step deliveries
+ * Architecture rationale and Smart Wallet signing flow are documented in
+ * the project's internal x402 v2 implementation notes.
  *
  * @module adapters/X402Adapter
  */
-import { BaseAdapter } from './BaseAdapter';
 import { IAdapter, TransactionStatus } from './IAdapter';
-import { AdapterMetadata, UnifiedPayParams, UnifiedPayResult } from '../types/adapter';
-import { X402Network } from '../types/x402';
-/** Type for fetch function (cross-platform compatible) */
-export type FetchFunction = (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+import { UnifiedPayParams, UnifiedPayResult, AdapterMetadata } from '../types/adapter';
+import { IWalletProvider } from '../wallet/IWalletProvider';
 /**
- * Transaction-like receipt returned by wallet abstractions.
+ * Configuration for X402Adapter.
  *
- * `success` is optional for backward compatibility with legacy transfer fns
- * that only return a hash string.
- */
-export interface TransferReceiptLike {
-    hash: string;
-    success?: boolean;
-}
-/**
- * Transfer function for atomic USDC payments.
- *
- * @param to - Recipient address
- * @param amount - Amount in USDC wei (string)
- * @returns Transaction hash string OR receipt-like object with hash/success
- */
-export type TransferFunction = (to: string, amount: string) => Promise<string | TransferReceiptLike>;
-/**
- * Approve function for USDC allowance (used with X402Relay).
- *
- * @param spender - Spender address (relay contract)
- * @param amount - Amount in USDC wei (string)
- * @returns Transaction hash
- */
-export type ApproveFunction = (spender: string, amount: string) => Promise<string>;
-/**
- * Relay pay function — calls X402Relay.payWithFee().
- *
- * @param provider - Provider address
- * @param grossAmount - Gross USDC amount (string)
- * @param serviceId - Service identifier (bytes32 hex)
- * @returns Transaction hash
- */
-export type RelayPayFunction = (provider: string, grossAmount: string, serviceId: string) => Promise<string>;
-/** Supported HTTP methods for x402 requests */
-export type X402HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
-/**
- * Extended payment parameters for x402 with full HTTP support.
- */
-export interface X402PayParams extends UnifiedPayParams {
-    /** HTTP method (default: GET) */
-    method?: X402HttpMethod;
-    /** Custom request headers */
-    headers?: Record<string, string>;
-    /** Request body (string or object, will be JSON.stringify'd if object) */
-    body?: string | Record<string, unknown>;
-    /** Content-Type header (default: application/json for POST/PUT/PATCH with body) */
-    contentType?: string;
-}
-/**
- * Configuration options for X402Adapter.
- *
- * Fee collection is required (since v2.6.0). Two modes:
- * - Relay (preferred): relayAddress + approveFn + relayPayFn — atomic on-chain split
- * - feeCollector (fallback): feeCollector address — client-side two-transfer split
+ * Auto-registered by ACTPClient when walletProvider implements signTypedData.
+ * Manual instantiation is supported but rarely needed — in most cases use
+ * ACTPClient auto-registration defaults or register a custom adapter instance.
  */
 export interface X402AdapterConfig {
-    /** Expected network for validation (must match server's X-Payment-Network) */
-    expectedNetwork: X402Network;
-    /** Transfer function for USDC payments (used in feeCollector path for provider + fee transfers) */
-    transferFn: TransferFunction;
-    /** Request timeout in milliseconds (default: 30000) */
-    requestTimeout?: number;
-    /** Custom fetch function for testing (default: global fetch) */
-    fetchFn?: FetchFunction;
-    /** Default headers to include in all requests */
-    defaultHeaders?: Record<string, string>;
-    /** X402Relay contract address for on-chain fee splitting (preferred) */
-    relayAddress?: string;
-    /** USDC approve function — required when relayAddress is set */
-    approveFn?: ApproveFunction;
-    /** Relay payWithFee function — required when relayAddress is set */
-    relayPayFn?: RelayPayFunction;
-    /** Fee collector address for client-side fee splitting (fallback when relay not available) */
-    feeCollector?: string;
-    /** Platform fee in basis points (default: 100 = 1%). Read-only display hint. */
-    platformFeeBps?: number;
-}
-/**
- * X402Adapter - Atomic HTTP payment protocol.
- *
- * Key characteristics:
- * - usesEscrow: false (direct payment)
- * - supportsDisputes: false (atomic = final)
- * - settlementMode: 'atomic' (instant)
- * - releaseRequired: false (no escrow to release)
- *
- * @example
- * ```typescript
- * const adapter = new X402Adapter(requesterAddress, {
- *   expectedNetwork: 'base-sepolia',
- *   transferFn: async (to, amount) => {
- *     const tx = await usdcContract.transfer(to, amount);
- *     return tx.hash;
- *   },
- *   feeCollector: '0x...treasury', // Required: AGIRAILS fee recipient
- * });
- *
- * const result = await adapter.pay({
- *   to: 'https://api.provider.com/service',
- *   amount: '10', // Hint only, actual amount from 402
- * });
- *
- * // That's it! No release() needed.
- * console.log(result.response?.status); // 200
- * console.log(result.releaseRequired);  // false
- * ```
- */
-export declare class X402Adapter extends BaseAdapter implements IAdapter {
-    private config;
     /**
-     * Adapter metadata - atomic, no escrow.
+     * Wallet provider for signing payment authorizations.
+     * Both `EOAWalletProvider` (Tier 2) and `AutoWalletProvider` (Tier 1 Smart Wallet)
+     * are supported as long as the provider implements the optional
+     * `signTypedData` method.
      */
-    readonly metadata: AdapterMetadata;
-    private readonly timeout;
-    private readonly fetchFn;
-    private readonly defaultHeaders;
-    private readonly transferFn;
-    /** Local cache of payments for status lookups */
-    private readonly payments;
+    walletProvider: IWalletProvider;
     /**
-     * Creates a new X402Adapter instance.
+     * Optional CAIP-2 network allowlist (e.g. `["eip155:8453", "eip155:84532"]`).
      *
-     * @param requesterAddress - The requester's Ethereum address
-     * @param config - X402-specific configuration
+     * Leave undefined (default) to allow ANY EVM network @x402/evm supports —
+     * this is the "works with anyone" interop default. Set an explicit list
+     * only if you want to restrict your agent to specific chains.
      */
-    constructor(requesterAddress: string, config: X402AdapterConfig);
+    allowedNetworks?: ReadonlyArray<string>;
     /**
-     * Check if this adapter can handle the given parameters.
-     *
-     * X402Adapter handles HTTPS URLs only (security requirement).
+     * Per-transaction safety cap in human-readable USD (e.g. "1" for $1 USDC).
+     * Protects against accidentally paying unexpectedly high prices.
+     * Default: "1"
      */
-    canHandle(params: UnifiedPayParams): boolean;
+    maxAmountPerTx?: string;
     /**
-     * Validate parameters before execution.
+     * Automatically run one-time Permit2 USDC approve on first Smart Wallet
+     * x402 payment. The approve is sponsored by the existing paymaster and
+     * costs nothing to the user in gas. Default: true.
      */
-    validate(params: UnifiedPayParams): void;
+    autoApprovePermit2?: boolean;
     /**
-     * Execute atomic x402 payment flow with full HTTP support.
-     *
-     * 1. Request endpoint → get 402
-     * 2. Parse payment headers
-     * 3. Execute atomic USDC transfer
-     * 4. Retry with tx hash as proof (same method/headers/body)
-     * 5. Return response (settlement complete!)
-     *
-     * @param params - Payment parameters with optional HTTP method, headers, body
+     * MEV hard cap on signed authorization validity window in seconds.
+     * Facilitator/server may propose longer `maxTimeoutSeconds`, but we clamp
+     * to this value before signing. Default: 300 (5 minutes).
      */
-    pay(params: UnifiedPayParams | X402PayParams): Promise<UnifiedPayResult>;
+    maxAuthorizationValidSec?: number;
     /**
-     * Serialize request body to string.
+     * Allowlist of asset token contract addresses the adapter will pay.
+     *
+     * Undefined (default) = all canonical USDC addresses on the configured
+     * `allowedNetworks` (see `DEFAULT_USDC_BY_NETWORK`). Set to a specific
+     * list to restrict further, or pass an empty array to allow any asset
+     * (NOT recommended — removes the safety check entirely).
+     *
+     * P1-1: prevents a server from advertising a different token (e.g., USDT
+     * on the same network, or a scam token) and having the adapter sign a
+     * payment for it. The cap check in `parseUsdcAmount` / `formatUsdcAmount`
+     * assumes 6 decimals, which is only accurate for USDC-family stables.
+     * Honoring a non-USDC asset with different decimals would also break the
+     * `maxAmountPerTx` cap.
+     *
+     * Addresses are compared case-insensitively.
      */
-    private serializeBody;
+    allowedAssets?: ReadonlyArray<string>;
     /**
-     * Get payment status by transaction hash.
+     * Allowlist of HTTPS hosts the adapter will pay without requiring explicit
+     * opt-in via `metadata.paymentMethod === 'x402'`.
+     *
+     * Undefined or empty (default) = no host allowlist; callers must always
+     * opt in explicitly unless they trust every HTTPS URL their code hits.
+     * Set to specific hostnames (e.g. `['x402.org', 'api.mycoinbase.com']`) to
+     * whitelist trusted servers for auto-pay.
      *
-     * For atomic payments, status is simple:
-     * - If tx exists → SETTLED (atomic = instant settlement)
+     * P1-3: prevents accidental `client.pay({ to: 'https://unrelated.com' })`
+     * from triggering a silent x402 charge. See `routeHttpsWithOptIn` flow in
+     * selectRequirements gate.
      */
-    getStatus(txId: string): Promise<TransactionStatus>;
+    allowedHosts?: ReadonlyArray<string>;
     /**
-     * Not applicable for atomic payments.
-     * @throws {Error} Always - x402 has no lifecycle
+     * Optional fetch override for tests. Defaults to global fetch.
      */
-    startWork(_txId: string): Promise<void>;
+    fetchImpl?: typeof fetch;
+}
+export declare class X402Adapter implements IAdapter {
+    private readonly config;
+    readonly metadata: AdapterMetadata;
+    private readonly x402;
+    private readonly fetchWithPayment;
+    private readonly maxAmountPerTx;
+    private readonly maxAuthorizationValidSec;
     /**
-     * Not applicable for atomic payments.
-     * @throws {Error} Always - x402 has no lifecycle
+     * Cached resolved allowed-network list. Computed once at construction; used
+     * on every selectRequirements call without re-running resolveAllowedNetworks.
      */
-    deliver(_txId: string, _proof?: string): Promise<void>;
+    private readonly allowedNetworks;
     /**
-     * Not applicable for atomic payments.
-     * @throws {Error} Always - x402 has no escrow
+     * Cached lowercase set of allowed asset (token contract) addresses.
+     * Undefined means user explicitly passed an empty array, which is our
+     * sentinel for "any asset" (NOT recommended — skips the safety check).
      */
-    release(_escrowId: string, _attestationUID?: string): Promise<void>;
+    private readonly allowedAssetsLc;
     /**
-     * Make an HTTP request with full options support.
-     *
-     * @param url - Request URL
-     * @param method - HTTP method
-     * @param customHeaders - Custom headers from request params
-     * @param body - Request body (optional)
-     * @param contentType - Content-Type header (optional)
-     * @param proofHeaders - Payment proof headers for retry (optional)
+     * Cached lowercase set of allowed host names. Empty means no host allowlist
+     * (user must always opt in via metadata.paymentMethod for every URL).
      */
-    private makeRequest;
+    private readonly allowedHostsLc;
+    /** network:tokenAddress → cached approved state */
+    private readonly permit2ApprovedCache;
+    /** network:tokenAddress → in-flight approve promise (coalesces concurrent callers) */
+    private readonly permit2InflightApprovals;
+    /** Completed payment records for getStatus() lookups. Capped to prevent unbounded growth. */
+    private readonly payments;
+    private static readonly MAX_PAYMENT_RECORDS;
+    constructor(config: X402AdapterConfig);
     /**
-     * Parse X-Payment-* headers from 402 response.
+     * STRICT HTTPS ONLY. `http://` is rejected at the canHandle level to prevent
+     * MITM interception of signed payment payloads. Integration tests that need
+     * localhost use a dedicated test flag (not exposed to end users).
+     *
+     * P1-3: canHandle returns true for any HTTPS URL so the router can select
+     * this adapter, but `validate()` enforces explicit opt-in before payment
+     * actually executes. This keeps the declarative "any HTTPS is x402-capable"
+     * shape while protecting against accidental auto-pay.
      */
-    private parsePaymentHeaders;
+    canHandle(params: UnifiedPayParams): boolean;
+    validate(params: UnifiedPayParams): void;
+    pay(params: UnifiedPayParams): Promise<UnifiedPayResult>;
+    getStatus(txId: string): Promise<TransactionStatus>;
+    startWork(_txId: string): Promise<void>;
+    deliver(_txId: string, _proof?: string): Promise<void>;
+    release(_escrowId: string, _attestationUID?: string): Promise<void>;
     /**
-     * Validate payment address from header.
+     * Registered as `onBeforePaymentCreation` hook on the x402Client in the
+     * constructor. Runs AFTER selectRequirements has chosen a target and BEFORE
+     * the scheme client signs the payload.
+     *
+     * For Smart Wallet + Permit2 flow, this is where we ensure the one-time
+     * Permit2 approve has been submitted and confirmed. The hook is awaited by
+     * @x402/core's createPaymentPayload, so we can block signing until the
+     * approve lands — no double roundtrip, no race.
+     *
+     * Return `{ abort: true, reason }` to cancel the payment cleanly.
      */
-    private validatePaymentAddress;
+    private beforePaymentCreationHook;
     /**
-     * Execute atomic payment with fee splitting.
+     * Registered as `paymentRequirementsSelector` on the x402Client.
+     * Called after server's payment-required is parsed, before signing.
+     *
+     * Picks the best requirement from `accepts[]` based on:
+     *   1. scheme === "exact" AND network in our allowlist
+     *   2. Wallet tier: Smart Wallet prefers Permit2, EOA prefers EIP-3009
+     *   3. Amount within maxAmountPerTx safety cap
+     *   4. Clamps maxTimeoutSeconds to maxAuthorizationValidSec (MEV cap)
+     */
+    private selectRequirements;
+    private ensurePermit2Approved;
+    /**
+     * P1-2: Read `USDC.allowance(smartWallet, PERMIT2_ADDRESS)` via the wallet
+     * provider's read provider and return true if already >= a sensible threshold
+     * (half of max uint256 — Permit2 approves are typically MAX_UINT256).
      *
-     * Priority: relay (atomic, 1 tx) > feeCollector (2 tx) > error
-     * Relay flow: approve relay → relay.payWithFee(provider, gross, serviceId)
-     * feeCollector flow: transferFn(provider, net) + transferFn(feeCollector, fee)
+     * Returns false if the wallet provider doesn't expose a read provider
+     * (older wallet implementations) — callers then fall back to submitting
+     * the approve unconditionally, which is the safe (but slightly wasteful)
+     * default.
+     *
+     * Uses eth_call with the standard ERC-20 allowance ABI selector to avoid
+     * pulling in additional contract ABIs.
      */
-    private executeAtomicPayment;
+    private readPermit2AllowanceIsSet;
     /**
-     * Retry request with payment proof (tx hash).
-     * Uses the same HTTP method, headers, and body as the original request.
-     *
-     * @param endpoint - Request URL
-     * @param txHash - Payment transaction hash as proof
-     * @param method - Original HTTP method
-     * @param customHeaders - Original custom headers
-     * @param body - Original request body
-     * @param contentType - Original content-type
+     * Check if the Smart Wallet is deployed on-chain (has code).
+     * Returns true for EOA wallets (they're always "deployed" in a loose sense)
+     * and for deployed Smart Wallets. Returns false for counterfactual wallets.
      */
-    private retryWithProof;
+    private isWalletDeployed;
+    private mapToPayResult;
     /**
-     * Create result for free services (200 on initial request).
+     * Bridge our IWalletProvider.signTypedData to @x402/evm's ClientEvmSigner
+     * structural type. Only `address` + `signTypedData` are required for the
+     * `exact` scheme flow we use.
+     *
+     * B3: no outer try/catch here — each IWalletProvider implementation is the
+     * error-converting boundary and already throws X402SignatureFailedError on
+     * failure. Wrapping here would produce double-nested error messages like
+     * "walletProvider.signTypedData failed: EOA signTypedData failed: ...".
      */
-    private createFreeServiceResult;
+    private walletProviderToClientEvmSigner;
 }
 //# sourceMappingURL=X402Adapter.d.ts.map

package/dist/adapters/X402Adapter.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"X402Adapter.d.ts","sourceRoot":"","sources":["../../src/adapters/X402Adapter.ts"],"names":[],"mappings":"AAAA~~;;;;;;;;;;;;;;;;;;;;;GAqBG~~;~~AAEH~~,OAAO,EAAE,~~WAAW,EAAmB,MAAM,eAAe,CAAC;AAC7D,OAAO,EAAE,~~QAAQ,EAAE,iBAAiB,EAA2B,MAAM,YAAY,CAAC;AAClF,OAAO,EACL,~~eAAe~~,~~EACf~~,gBAAgB,EAChB,~~gBAAgB~~,~~EACjB~~,MAAM,kBAAkB,CAAC;AAC1B,OAAO,~~EAML~~,~~WAAW,EAGZ,MAAM,~~eAAe,~~CAAC;AAMvB~~,~~0DAA0D;AAC1D,~~MAAM,~~MAAM~~,~~aAAa,GAAG,~~CAAC~~,KAAK,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC~~;~~AAEhG;;;;;GAKG~~;AACH,MAAM,WAAW,~~mBAAmB~~;~~IAClC,IAAI,EAAE,MAAM,CAAC~~;~~IACb~~,~~OAAO~~,~~CAAC,~~EAAE,~~OAAO~~,CAAC;~~CACnB;AAED~~;;;;;;~~GAMG~~;~~AACH~~,~~MAAM~~,~~MAAM,gBAAgB,GAAG,~~CAAC,EAAE,~~EAAE~~,~~MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,OAAO,~~CAAC,MAAM,~~GAAG,mBAAmB,~~CAAC,CAAC;~~AAErG;;;;;;GAMG~~;~~AACH~~,~~MAAM~~,~~MAAM,eAAe,GAAG,~~CAAC,~~OAAO,~~EAAE,MAAM,~~EAAE,MAAM,EAAE,MAAM,KAAK,OAAO,~~CAAC~~,MAAM,CAAC,CAAC~~;~~AAEnF;;;;;;;GAOG~~;~~AACH~~,~~MAAM~~,~~MAAM,gBAAgB,GAAG,~~CAAC,~~QAAQ,~~EAAE,~~MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,~~OAAO,CAAC~~,MAAM,CAAC,CAAC~~;~~AAE7G,+CAA+C~~;~~AAC/C~~,~~MAAM~~,~~MAAM,cAAc,GAAG,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,~~CAAC~~;AAEzE;;GAEG;AACH~~,~~MAAM~~,~~WAAW,aAAc,SAAQ,gBAAgB;IACrD,iCAAiC;IACjC,~~MAAM,CAAC~~,EAAE,cAAc,CAAC~~;~~IAExB,6BAA6B~~;~~IAC7B~~,~~OAAO~~,CAAC,EAAE,~~MAAM~~,CAAC,MAAM,~~EAAE,MAAM,~~CAAC,CAAC;~~IAEjC,0EAA0E~~;~~IAC1E~~,~~IAAI~~,CAAC,EAAE,~~MAAM~~,~~GAAG,MAAM,~~CAAC,MAAM,~~EAAE,OAAO,~~CAAC,CAAC;~~IAExC,mFAAmF~~;~~IACnF~~,~~WAAW~~,CAAC,EAAE,~~MAAM~~,CAAC;~~CACtB~~;~~AAED;;;;;;GAMG;AACH~~,~~MAAM~~,~~WAAW~~,~~iBAAiB;IAChC~~,~~8EAA8E~~;~~IAC9E~~,~~eAAe~~,~~EAAE,WAAW,~~CAAC~~;IAE7B~~,~~mGAAmG;IACnG~~,~~UAAU,EAAE,gBAAgB,~~CAAC~~;IAE7B~~,~~uDAAuD~~;~~IACvD~~,~~cAAc~~,~~CAAC~~,EAAE,~~MAAM~~,~~CAAC~~;~~IAExB~~,~~gEAAgE;IAChE,~~OAAO,CAAC,~~EAAE~~,~~aAAa,~~CAAC~~;IAExB~~,~~iDAAiD~~;~~IACjD~~,~~cAAc~~,CAAC,~~EAAE~~,~~MAAM,~~CAAC,~~MAAM~~,~~EAAE~~,~~MAAM~~,CAAC,~~CAAC;IAIxC~~,~~wEAAwE;IACxE,YAAY,~~CAAC,~~EAAE~~,~~MAAM,CAAC~~;~~IAEtB~~,~~gEAAgE;IAChE~~,~~SAAS,~~CAAC,~~EAAE~~,~~eAAe,~~CAAC~~;IAE5B~~,~~oEAAoE;IACpE~~,~~UAAU,CAAC,EAAE,gBAAgB,CAAC~~;~~IAE9B,8FAA8F~~;~~IAC9F~~,~~YAAY~~,CAAC,~~EAAE~~,~~MAAM,~~CAAC~~;IAEtB~~,~~gFAAgF;IAChF~~,~~cAAc,CAAC,EAAE,MAAM,CAAC~~;~~CACzB~~;~~AAmBD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH~~,~~qBAAa,WAAY,SAAQ,WAAY,YAAW,QAAQ;IA8B5D,~~OAAO,CAAC,~~MAAM;IA7BhB;;OAEG;IACH,SAAgB,~~QAAQ,~~EAAE~~,eAAe,~~CAQvC~~;~~IAEF~~,OAAO,CAAC,QAAQ,CAAC,~~OAAO~~,~~CAAS~~;~~IACjC~~,OAAO,CAAC,QAAQ,CAAC,~~OAAO~~,~~CAAgB~~;~~IACxC~~,OAAO,CAAC,QAAQ,CAAC,~~cAAc~~,~~CAAyB~~;~~IACxD~~,OAAO,CAAC,QAAQ,CAAC,~~UAAU~~,~~CAAmB~~;~~IAE9C~~,~~iDAAiD;IACjD,~~OAAO,CAAC,~~QAAQ~~,CAAC,QAAQ,~~CAA0C;IAEnE;;;;;OAKG;gBAED~~,~~gBAAgB~~,~~EAAE~~,MAAM,~~EAChB,MAAM,~~EAAE,iBAAiB;~~IAanC;;;;OAIG~~;IACH,SAAS,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO;~~IAa5C;;OAEG;IACH~~,QAAQ,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;~~IAiBxC;;;;;;;;;;OAUG;IACG~~,GAAG,CAAC,MAAM,EAAE,gBAAgB,GAAG,~~aAAa,GAAG,~~OAAO,CAAC,gBAAgB,CAAC;~~IAiG9E;;OAEG;IACH~~,~~OAAO,CAAC,aAAa;IASrB;;;;;OAKG;IACG,~~SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;~~IAmBzD;;;OAGG;IACG~~,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;~~IAO7C;;;OAGG;IACG~~,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;~~IAO5D;;;OAGG;IACG~~,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWzE~~;;;;;;;;;OASG~~;YACW,~~WAAW~~;~~IAiDzB;;OAEG~~;IACH,OAAO,CAAC,~~mBAAmB~~;~~IAoF3B;;OAEG;IACH~~,~~OAAO,CAAC,sBAAsB~~;~~IAY9B;;;;;;OAMG~~;YACW,~~oBAAoB~~;~~IA6IlC;;;;;;;;;;OAUG~~;YACW,cAAc;~~IAkC5B;;OAEG~~;IACH,OAAO,CAAC~~,uBAAuB~~;~~CAkBhC~~"}
1	+ {"version":3,"file":"X402Adapter.d.ts","sourceRoot":"","sources":["../../src/adapters/X402Adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAgBH,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAA2B,MAAM,YAAY,CAAC;AAClF,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAmB,MAAM,2BAA2B,CAAC;AAkB7E;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;OAKG;IACH,cAAc,EAAE,eAAe,CAAC;IAEhC;;;;;;OAMG;IACH,eAAe,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAExC;;;;OAIG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B;;;;OAIG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAElC;;;;;;;;;;;;;;;;OAgBG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtC;;;;;;;;;;;;OAYG;IACH,YAAY,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAErC;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B;AAqDD,qBAAa,WAAY,YAAW,QAAQ;IA4C9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IA3CnC,SAAgB,QAAQ,EAAE,eAAe,CAQvC;IAEF,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAkC;IACvD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAe;IAChD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAS;IAClD;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAwB;IAExD;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkC;IAElE;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAsB;IAErD,mDAAmD;IACnD,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAqB;IAE1D,sFAAsF;IACtF,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAoC;IAE7E,6FAA6F;IAC7F,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAwC;IACjE,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAU;gBAExB,MAAM,EAAE,iBAAiB;IAgEtD;;;;;;;;;OASG;IACH,SAAS,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO;IAI5C,QAAQ,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAsClC,GAAG,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA0CxD,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA6BnD,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOvC,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOtD,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWzE;;;;;;;;;;;OAWG;YACW,yBAAyB;IA2CvC;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;YAyEZ,qBAAqB;IAyEnC;;;;;;;;;;;;OAYG;YACW,yBAAyB;IAkCvC;;;;OAIG;YACW,gBAAgB;YAqBhB,cAAc;IAsG5B;;;;;;;;;OASG;IACH,OAAO,CAAC,+BAA+B;CAkBxC"}