@alleyboss/micropay-solana-x402-paywall 1.0.1 → 2.0.0

package/dist/index.js

@@ -2,7 +2,15 @@ import { Connection, PublicKey, LAMPORTS_PER_SOL, clusterApiUrl } from '@solana/
 import { SignJWT, jwtVerify } from 'jose';
 import { v4 } from 'uuid';
 
-// src/solana/client.ts
+// src/types/payment.ts
+var TOKEN_MINTS = {
+  /** USDC on mainnet */
+  USDC_MAINNET: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
+  /** USDC on devnet */
+  USDC_DEVNET: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+  /** USDT on mainnet */
+  USDT_MAINNET: "Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB"
+};
 var cachedConnection = null;
 var cachedNetwork = null;
 function buildRpcUrl(config) {
@@ -209,6 +217,185 @@ function solToLamports(sol) {
   }
   return BigInt(Math.floor(sol * LAMPORTS_PER_SOL));
 }
+
+// src/solana/spl.ts
+var SIGNATURE_REGEX2 = /^[1-9A-HJ-NP-Za-km-z]{87,88}$/;
+var WALLET_REGEX2 = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
+function resolveMintAddress(asset, network) {
+  if (asset === "native") return null;
+  if (asset === "usdc") {
+    return network === "mainnet-beta" ? TOKEN_MINTS.USDC_MAINNET : TOKEN_MINTS.USDC_DEVNET;
+  }
+  if (asset === "usdt") {
+    return TOKEN_MINTS.USDT_MAINNET;
+  }
+  if (typeof asset === "object" && "mint" in asset) {
+    return asset.mint;
+  }
+  return null;
+}
+function getTokenDecimals(asset) {
+  if (asset === "native") return 9;
+  if (asset === "usdc" || asset === "usdt") return 6;
+  if (typeof asset === "object" && "decimals" in asset) {
+    return asset.decimals ?? 6;
+  }
+  return 6;
+}
+function parseSPLTransfer(transaction, expectedRecipient, expectedMint) {
+  const instructions = transaction.transaction.message.instructions;
+  for (const ix of instructions) {
+    if ("parsed" in ix && (ix.program === "spl-token" || ix.program === "spl-token-2022")) {
+      const parsed = ix.parsed;
+      if (parsed.type === "transfer" || parsed.type === "transferChecked") {
+        const amount = parsed.info.amount || parsed.info.tokenAmount?.amount;
+        if (amount && parsed.info.destination) {
+          return {
+            from: parsed.info.authority || parsed.info.source || "",
+            to: parsed.info.destination,
+            amount: BigInt(amount),
+            mint: parsed.info.mint || expectedMint
+          };
+        }
+      }
+    }
+  }
+  if (transaction.meta?.innerInstructions) {
+    for (const inner of transaction.meta.innerInstructions) {
+      for (const ix of inner.instructions) {
+        if ("parsed" in ix && (ix.program === "spl-token" || ix.program === "spl-token-2022")) {
+          const parsed = ix.parsed;
+          if (parsed.type === "transfer" || parsed.type === "transferChecked") {
+            const amount = parsed.info.amount || parsed.info.tokenAmount?.amount;
+            if (amount) {
+              return {
+                from: parsed.info.authority || parsed.info.source || "",
+                to: parsed.info.destination || "",
+                amount: BigInt(amount),
+                mint: parsed.info.mint || expectedMint
+              };
+            }
+          }
+        }
+      }
+    }
+  }
+  if (transaction.meta?.postTokenBalances && transaction.meta?.preTokenBalances) {
+    const preBalances = transaction.meta.preTokenBalances;
+    const postBalances = transaction.meta.postTokenBalances;
+    for (const post of postBalances) {
+      if (post.mint === expectedMint && post.owner === expectedRecipient) {
+        const pre = preBalances.find(
+          (p) => p.accountIndex === post.accountIndex
+        );
+        const preAmount = BigInt(pre?.uiTokenAmount?.amount || "0");
+        const postAmount = BigInt(post.uiTokenAmount?.amount || "0");
+        const transferred = postAmount - preAmount;
+        if (transferred > 0n) {
+          return {
+            from: "",
+            // Can't determine from balance changes
+            to: expectedRecipient,
+            amount: transferred,
+            mint: expectedMint
+          };
+        }
+      }
+    }
+  }
+  return null;
+}
+async function verifySPLPayment(params) {
+  const {
+    signature,
+    expectedRecipient,
+    expectedAmount,
+    asset,
+    clientConfig,
+    maxAgeSeconds = 300
+  } = params;
+  if (!SIGNATURE_REGEX2.test(signature)) {
+    return { valid: false, confirmed: false, signature, error: "Invalid signature format" };
+  }
+  if (!WALLET_REGEX2.test(expectedRecipient)) {
+    return { valid: false, confirmed: false, signature, error: "Invalid recipient address" };
+  }
+  const mintAddress = resolveMintAddress(asset, clientConfig.network);
+  if (!mintAddress) {
+    return { valid: false, confirmed: false, signature, error: "Invalid asset configuration" };
+  }
+  if (expectedAmount <= 0n) {
+    return { valid: false, confirmed: false, signature, error: "Invalid expected amount" };
+  }
+  const effectiveMaxAge = Math.min(Math.max(maxAgeSeconds, 60), 3600);
+  const connection = getConnection(clientConfig);
+  try {
+    const transaction = await connection.getParsedTransaction(signature, {
+      commitment: "confirmed",
+      maxSupportedTransactionVersion: 0
+    });
+    if (!transaction) {
+      return { valid: false, confirmed: false, signature, error: "Transaction not found" };
+    }
+    if (transaction.meta?.err) {
+      return { valid: false, confirmed: true, signature, error: "Transaction failed on-chain" };
+    }
+    if (transaction.blockTime) {
+      const now = Math.floor(Date.now() / 1e3);
+      if (now - transaction.blockTime > effectiveMaxAge) {
+        return { valid: false, confirmed: true, signature, error: "Transaction too old" };
+      }
+      if (transaction.blockTime > now + 60) {
+        return { valid: false, confirmed: true, signature, error: "Invalid transaction time" };
+      }
+    }
+    const transfer = parseSPLTransfer(transaction, expectedRecipient, mintAddress);
+    if (!transfer) {
+      return {
+        valid: false,
+        confirmed: true,
+        signature,
+        error: "No valid token transfer to recipient found"
+      };
+    }
+    if (transfer.mint !== mintAddress) {
+      return {
+        valid: false,
+        confirmed: true,
+        signature,
+        error: "Token mint mismatch"
+      };
+    }
+    if (transfer.amount < expectedAmount) {
+      return {
+        valid: false,
+        confirmed: true,
+        signature,
+        from: transfer.from,
+        to: transfer.to,
+        mint: transfer.mint,
+        amount: transfer.amount,
+        error: "Insufficient payment amount"
+      };
+    }
+    return {
+      valid: true,
+      confirmed: true,
+      signature,
+      from: transfer.from,
+      to: transfer.to,
+      mint: transfer.mint,
+      amount: transfer.amount,
+      blockTime: transaction.blockTime ?? void 0,
+      slot: transaction.slot
+    };
+  } catch {
+    return { valid: false, confirmed: false, signature, error: "Verification failed" };
+  }
+}
+function isNativeAsset(asset) {
+  return asset === "native";
+}
 var MAX_ARTICLES_PER_SESSION = 100;
 var MIN_SECRET_LENGTH = 32;
 function getSecretKey(secret) {
@@ -338,7 +525,7 @@ async function isArticleUnlocked(token, articleId, secret) {
 }
 
 // src/x402/config.ts
-var WALLET_REGEX2 = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
+var WALLET_REGEX3 = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
 function sanitizeDisplayString(str, maxLength = 200) {
   if (!str || typeof str !== "string") return "";
   return str.slice(0, maxLength).replace(/[<>"'&]/g, "");
@@ -352,7 +539,7 @@ function isValidUrl(url) {
   }
 }
 function buildPaymentRequirement(params) {
-  if (!WALLET_REGEX2.test(params.creatorWallet)) {
+  if (!WALLET_REGEX3.test(params.creatorWallet)) {
     throw new Error("Invalid creator wallet address");
   }
   if (params.priceInLamports <= 0n) {
@@ -410,12 +597,13 @@ var X402_HEADERS = {
   PAYMENT_RESPONSE: "X-Payment-Response"
 };
 function create402ResponseBody(requirement) {
+  const assetStr = typeof requirement.asset === "string" ? requirement.asset : requirement.asset.mint;
   return {
     error: "Payment Required",
     message: requirement.description,
     price: {
       amount: requirement.maxAmountRequired,
-      asset: requirement.asset,
+      asset: assetStr,
       network: requirement.network
     }
   };
@@ -430,7 +618,7 @@ function create402Headers(requirement) {
 }
 
 // src/x402/verification.ts
-var SIGNATURE_REGEX2 = /^[1-9A-HJ-NP-Za-km-z]{87,88}$/;
+var SIGNATURE_REGEX3 = /^[1-9A-HJ-NP-Za-km-z]{87,88}$/;
 async function verifyX402Payment(payload, requirement, clientConfig) {
   if (!payload || typeof payload !== "object") {
     return { valid: false, invalidReason: "Invalid payload" };
@@ -439,7 +627,7 @@ async function verifyX402Payment(payload, requirement, clientConfig) {
   if (!signature || typeof signature !== "string") {
     return { valid: false, invalidReason: "Missing transaction signature" };
   }
-  if (!SIGNATURE_REGEX2.test(signature)) {
+  if (!SIGNATURE_REGEX3.test(signature)) {
     return { valid: false, invalidReason: "Invalid signature format" };
   }
   if (payload.x402Version !== 1) {
@@ -512,6 +700,415 @@ function encodePaymentResponse(response) {
   return Buffer.from(JSON.stringify(response)).toString("base64");
 }
 
-export { X402_HEADERS, addArticleToSession, buildPaymentRequirement, create402Headers, create402ResponseBody, createSession, decodePaymentRequired, encodePaymentRequired, encodePaymentResponse, getConnection, getWalletTransactions, isArticleUnlocked, isMainnet, lamportsToSol, parsePaymentHeader, resetConnection, solToLamports, toX402Network, validateSession, verifyPayment, verifyX402Payment, waitForConfirmation };
+// src/store/memory.ts
+function createMemoryStore(options = {}) {
+  const { cleanupInterval = 6e4 } = options;
+  const store = /* @__PURE__ */ new Map();
+  const cleanupTimer = setInterval(() => {
+    const now = Date.now();
+    for (const [key, record] of store.entries()) {
+      if (record.expiresAt < now) {
+        store.delete(key);
+      }
+    }
+  }, cleanupInterval);
+  return {
+    async hasBeenUsed(signature) {
+      const record = store.get(signature);
+      if (!record) return false;
+      if (record.expiresAt < Date.now()) {
+        store.delete(signature);
+        return false;
+      }
+      return true;
+    },
+    async markAsUsed(signature, resourceId, expiresAt) {
+      store.set(signature, {
+        resourceId,
+        usedAt: Date.now(),
+        expiresAt: expiresAt.getTime()
+      });
+    },
+    async getUsage(signature) {
+      const record = store.get(signature);
+      if (!record) return null;
+      if (record.expiresAt < Date.now()) {
+        store.delete(signature);
+        return null;
+      }
+      return {
+        signature,
+        resourceId: record.resourceId,
+        usedAt: new Date(record.usedAt),
+        expiresAt: new Date(record.expiresAt),
+        walletAddress: record.walletAddress
+      };
+    },
+    /** Stop cleanup timer (for graceful shutdown) */
+    close() {
+      clearInterval(cleanupTimer);
+      store.clear();
+    }
+  };
+}
+
+// src/store/redis.ts
+function createRedisStore(options) {
+  const { client, keyPrefix = "micropay:sig:" } = options;
+  const buildKey = (signature) => `${keyPrefix}${signature}`;
+  return {
+    async hasBeenUsed(signature) {
+      const exists = await client.exists(buildKey(signature));
+      return exists > 0;
+    },
+    async markAsUsed(signature, resourceId, expiresAt) {
+      const key = buildKey(signature);
+      const ttl = Math.max(1, Math.floor((expiresAt.getTime() - Date.now()) / 1e3));
+      const record = {
+        signature,
+        resourceId,
+        usedAt: /* @__PURE__ */ new Date(),
+        expiresAt
+      };
+      if (client.setex) {
+        await client.setex(key, ttl, JSON.stringify(record));
+      } else {
+        await client.set(key, JSON.stringify(record), { EX: ttl });
+      }
+    },
+    async getUsage(signature) {
+      const data = await client.get(buildKey(signature));
+      if (!data) return null;
+      try {
+        const record = JSON.parse(data);
+        return {
+          ...record,
+          usedAt: new Date(record.usedAt),
+          expiresAt: new Date(record.expiresAt)
+        };
+      } catch {
+        return null;
+      }
+    }
+  };
+}
+
+// src/middleware/nextjs.ts
+function matchesProtectedPath(path, patterns) {
+  for (const pattern of patterns) {
+    const regexPattern = pattern.replace(/\*\*/g, "{{DOUBLE_STAR}}").replace(/\*/g, "[^/]*").replace(/{{DOUBLE_STAR}}/g, ".*");
+    const regex = new RegExp(`^${regexPattern}$`);
+    if (regex.test(path)) {
+      return true;
+    }
+  }
+  return false;
+}
+async function checkPaywallAccess(path, sessionToken, config) {
+  if (!matchesProtectedPath(path, config.protectedPaths)) {
+    return { allowed: true };
+  }
+  if (!sessionToken) {
+    return {
+      allowed: false,
+      reason: "No session token",
+      requiresPayment: true
+    };
+  }
+  const validation = await validateSession(sessionToken, config.sessionSecret);
+  if (!validation.valid || !validation.session) {
+    return {
+      allowed: false,
+      reason: validation.reason || "Invalid session",
+      requiresPayment: true
+    };
+  }
+  return {
+    allowed: true,
+    session: validation.session
+  };
+}
+function createPaywallMiddleware(config) {
+  const { cookieName = "x402_session" } = config;
+  return async function middleware(request) {
+    const url = new URL(request.url);
+    const path = url.pathname;
+    const cookieHeader = request.headers.get("cookie") || "";
+    const cookies = Object.fromEntries(
+      cookieHeader.split(";").map((c) => {
+        const [key, ...vals] = c.trim().split("=");
+        return [key, vals.join("=")];
+      })
+    );
+    const sessionToken = cookies[cookieName];
+    const result = await checkPaywallAccess(path, sessionToken, config);
+    if (!result.allowed && result.requiresPayment) {
+      const body = config.custom402Response ? config.custom402Response(path) : {
+        error: "Payment Required",
+        message: "This resource requires payment to access",
+        path
+      };
+      return new Response(JSON.stringify(body), {
+        status: 402,
+        headers: {
+          "Content-Type": "application/json"
+        }
+      });
+    }
+    return null;
+  };
+}
+function withPaywall(handler, options) {
+  const { sessionSecret, cookieName = "x402_session", articleId } = options;
+  return async function protectedHandler(request) {
+    const cookieHeader = request.headers.get("cookie") || "";
+    const cookies = Object.fromEntries(
+      cookieHeader.split(";").map((c) => {
+        const [key, ...vals] = c.trim().split("=");
+        return [key, vals.join("=")];
+      })
+    );
+    const sessionToken = cookies[cookieName];
+    if (!sessionToken) {
+      return new Response(
+        JSON.stringify({ error: "Payment Required", message: "No session token" }),
+        { status: 402, headers: { "Content-Type": "application/json" } }
+      );
+    }
+    const validation = await validateSession(sessionToken, sessionSecret);
+    if (!validation.valid || !validation.session) {
+      return new Response(
+        JSON.stringify({ error: "Payment Required", message: validation.reason }),
+        { status: 402, headers: { "Content-Type": "application/json" } }
+      );
+    }
+    if (articleId) {
+      const { session } = validation;
+      const hasAccess = session.siteWideUnlock || session.unlockedArticles.includes(articleId);
+      if (!hasAccess) {
+        return new Response(
+          JSON.stringify({ error: "Payment Required", message: "Article not unlocked" }),
+          { status: 402, headers: { "Content-Type": "application/json" } }
+        );
+      }
+    }
+    return handler(request, validation.session);
+  };
+}
+
+// src/utils/retry.ts
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function calculateDelay(attempt, options) {
+  const { baseDelay, maxDelay, jitter } = options;
+  let delay = baseDelay * Math.pow(2, attempt);
+  delay = Math.min(delay, maxDelay);
+  if (jitter) {
+    const jitterAmount = delay * 0.25;
+    delay += Math.random() * jitterAmount * 2 - jitterAmount;
+  }
+  return Math.floor(delay);
+}
+async function withRetry(fn, options = {}) {
+  const {
+    maxAttempts = 3,
+    baseDelay = 500,
+    maxDelay = 1e4,
+    jitter = true,
+    retryOn = () => true
+  } = options;
+  let lastError;
+  for (let attempt = 0; attempt < maxAttempts; attempt++) {
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error;
+      if (!retryOn(error)) {
+        throw error;
+      }
+      if (attempt < maxAttempts - 1) {
+        const delay = calculateDelay(attempt, {
+          baseDelay,
+          maxDelay,
+          jitter
+        });
+        await sleep(delay);
+      }
+    }
+  }
+  throw lastError;
+}
+function isRetryableRPCError(error) {
+  if (error instanceof Error) {
+    const message = error.message.toLowerCase();
+    if (message.includes("429") || message.includes("rate limit")) {
+      return true;
+    }
+    if (message.includes("timeout") || message.includes("econnreset")) {
+      return true;
+    }
+    if (message.includes("503") || message.includes("502") || message.includes("500")) {
+      return true;
+    }
+    if (message.includes("blockhash not found") || message.includes("slot skipped")) {
+      return true;
+    }
+  }
+  return false;
+}
+
+// src/client/payment.ts
+function buildSolanaPayUrl(params) {
+  const { recipient, amount, splToken, reference, label, message } = params;
+  const url = new URL(`solana:${recipient}`);
+  if (amount !== void 0) {
+    url.searchParams.set("amount", amount.toString());
+  }
+  if (splToken) {
+    url.searchParams.set("spl-token", splToken);
+  }
+  if (reference) {
+    url.searchParams.set("reference", reference);
+  }
+  if (label) {
+    url.searchParams.set("label", label);
+  }
+  if (message) {
+    url.searchParams.set("message", message);
+  }
+  return url.toString();
+}
+function createPaymentFlow(config) {
+  const { network, recipientWallet, amount, asset = "native", memo } = config;
+  let decimals = 9;
+  let mintAddress;
+  if (asset === "usdc") {
+    decimals = 6;
+    mintAddress = network === "mainnet-beta" ? TOKEN_MINTS.USDC_MAINNET : TOKEN_MINTS.USDC_DEVNET;
+  } else if (asset === "usdt") {
+    decimals = 6;
+    mintAddress = TOKEN_MINTS.USDT_MAINNET;
+  } else if (typeof asset === "object" && "mint" in asset) {
+    decimals = asset.decimals ?? 6;
+    mintAddress = asset.mint;
+  }
+  const naturalAmount = Number(amount) / Math.pow(10, decimals);
+  return {
+    /** Get the payment configuration */
+    getConfig: () => ({ ...config }),
+    /** Get amount in natural display units (e.g., 0.01 SOL) */
+    getDisplayAmount: () => naturalAmount,
+    /** Get amount formatted with symbol */
+    getFormattedAmount: () => {
+      const symbol = asset === "native" ? "SOL" : asset === "usdc" ? "USDC" : asset === "usdt" ? "USDT" : "tokens";
+      return `${naturalAmount.toFixed(decimals > 6 ? 4 : 2)} ${symbol}`;
+    },
+    /** Generate Solana Pay URL for QR codes */
+    getSolanaPayUrl: (options = {}) => {
+      return buildSolanaPayUrl({
+        recipient: recipientWallet,
+        amount: naturalAmount,
+        splToken: mintAddress,
+        label: options.label,
+        reference: options.reference,
+        message: memo
+      });
+    },
+    /** Get the token mint address (undefined for native SOL) */
+    getMintAddress: () => mintAddress,
+    /** Check if this is a native SOL payment */
+    isNativePayment: () => asset === "native",
+    /** Get network information */
+    getNetworkInfo: () => ({
+      network,
+      isMainnet: network === "mainnet-beta",
+      explorerUrl: network === "mainnet-beta" ? "https://explorer.solana.com" : "https://explorer.solana.com?cluster=devnet"
+    }),
+    /** Build explorer URL for a transaction */
+    getExplorerUrl: (signature) => {
+      const baseUrl = "https://explorer.solana.com/tx";
+      const cluster = network === "mainnet-beta" ? "" : "?cluster=devnet";
+      return `${baseUrl}/${signature}${cluster}`;
+    }
+  };
+}
+function createPaymentReference() {
+  if (typeof crypto !== "undefined" && crypto.randomUUID) {
+    return crypto.randomUUID();
+  }
+  return `${Date.now()}-${Math.random().toString(36).slice(2, 11)}`;
+}
+
+// src/pricing/index.ts
+var cachedPrice = null;
+var CACHE_TTL_MS = 6e4;
+async function getSolPrice() {
+  if (cachedPrice && Date.now() - cachedPrice.fetchedAt.getTime() < CACHE_TTL_MS) {
+    return cachedPrice;
+  }
+  try {
+    const response = await fetch(
+      "https://api.coingecko.com/api/v3/simple/price?ids=solana&vs_currencies=usd",
+      {
+        headers: { "Accept": "application/json" },
+        signal: AbortSignal.timeout(5e3)
+      }
+    );
+    if (!response.ok) {
+      throw new Error(`Price fetch failed: ${response.status}`);
+    }
+    const data = await response.json();
+    if (!data.solana?.usd) {
+      throw new Error("Invalid price response");
+    }
+    cachedPrice = {
+      solPrice: data.solana.usd,
+      fetchedAt: /* @__PURE__ */ new Date(),
+      source: "coingecko"
+    };
+    return cachedPrice;
+  } catch (error) {
+    if (cachedPrice) {
+      return cachedPrice;
+    }
+    return {
+      solPrice: 150,
+      // Fallback price
+      fetchedAt: /* @__PURE__ */ new Date(),
+      source: "fallback"
+    };
+  }
+}
+async function lamportsToUsd(lamports) {
+  const { solPrice } = await getSolPrice();
+  const sol = Number(lamports) / 1e9;
+  return sol * solPrice;
+}
+async function usdToLamports(usd) {
+  const { solPrice } = await getSolPrice();
+  const sol = usd / solPrice;
+  return BigInt(Math.floor(sol * 1e9));
+}
+async function formatPriceDisplay(lamports) {
+  const { solPrice } = await getSolPrice();
+  const sol = Number(lamports) / 1e9;
+  const usd = sol * solPrice;
+  return `${sol.toFixed(4)} SOL (~$${usd.toFixed(2)})`;
+}
+function formatPriceSync(lamports, solPrice) {
+  const sol = Number(lamports) / 1e9;
+  const usd = sol * solPrice;
+  return {
+    sol,
+    usd,
+    formatted: `${sol.toFixed(4)} SOL (~$${usd.toFixed(2)})`
+  };
+}
+function clearPriceCache() {
+  cachedPrice = null;
+}
+
+export { TOKEN_MINTS, X402_HEADERS, addArticleToSession, buildPaymentRequirement, buildSolanaPayUrl, checkPaywallAccess, clearPriceCache, create402Headers, create402ResponseBody, createMemoryStore, createPaymentFlow, createPaymentReference, createPaywallMiddleware, createRedisStore, createSession, decodePaymentRequired, encodePaymentRequired, encodePaymentResponse, formatPriceDisplay, formatPriceSync, getConnection, getSolPrice, getTokenDecimals, getWalletTransactions, isArticleUnlocked, isMainnet, isNativeAsset, isRetryableRPCError, lamportsToSol, lamportsToUsd, parsePaymentHeader, resetConnection, resolveMintAddress, solToLamports, toX402Network, usdToLamports, validateSession, verifyPayment, verifySPLPayment, verifyX402Payment, waitForConfirmation, withPaywall, withRetry };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map