@alleyboss/micropay-solana-x402-paywall 3.5.1 → 3.5.2

package/README.md

@@ -117,6 +117,12 @@ const x402Fetch = createX402Fetch({
     windowMs: 60_000,     // Per minute
   },
 });
+
+// 💡 Header Compatibility:
+// Automatically detects requirements from:
+// - WWW-Authenticate: X402 ... (Standard)
+// - X-Payment-Requirements: json (Simple)
+// - payment-required: base64 (Upstream Middleware)
 ```
 
 **Security Error Codes:**
@@ -229,6 +235,19 @@ const withMicropay = createX402Middleware({
 | **Setup** | Zero-config | Requires RPC URL |
 | **Best For** | Quick startups, MVPs | Production, High-Volume, Agents |
 
+## 🔧 What's New in v3.5.2
+
+**Middleware Fix**: The `createX402Middleware` now generates 402 responses directly, fixing a bug where the upstream library multiplied payment amounts by 1M. Your configured `price` in lamports is now used exactly as specified.
+
+```typescript
+// price: '1000000' → 0.001 SOL (correct!)
+const withPayment = createX402Middleware({
+    walletAddress: 'YOUR_WALLET',
+    price: '1000000', // This is now used correctly
+    network: 'devnet'
+});
+```
+
 ## 🌐 PayAI Format Support (New in v3.3.13)
 
 Native support for the **PayAI payment format** - a universal payment protocol that works across Solana, Ethereum, Base, and other chains.

package/dist/agent/index.cjs

@@ -542,6 +542,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/agent/index.js

@@ -536,6 +536,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/fetch/index.cjs

@@ -210,6 +210,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/fetch/index.js

@@ -208,6 +208,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/index.cjs

@@ -822,6 +822,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/index.js

@@ -817,6 +817,25 @@ function parse402Response(response) {
       throw invalid402ResponseError("Invalid WWW-Authenticate header");
     }
   }
+  const paymentRequired = response.headers.get("payment-required");
+  if (paymentRequired) {
+    try {
+      const jsonStr = atob(paymentRequired.trim());
+      const parsed = JSON.parse(jsonStr);
+      const option = Array.isArray(parsed.accepts) && parsed.accepts.length > 0 ? parsed.accepts[0] : parsed;
+      return {
+        payTo: option.payTo ?? option.recipient,
+        amount: String(option.amount),
+        asset: option.asset ?? "SOL",
+        network: option.network ?? "solana-mainnet",
+        description: parsed.description ?? option.description,
+        resource: parsed.resource ?? option.resource,
+        maxAge: parsed.maxAge ?? option.maxAge
+      };
+    } catch {
+      throw invalid402ResponseError("Invalid payment-required header");
+    }
+  }
   throw invalid402ResponseError("No payment requirements found in 402 response");
 }
 function buildPaymentHeader(signature) {

package/dist/next/index.cjs

@@ -233,31 +233,14 @@ function createX402Middleware(config) {
   const server$2 = new server.x402ResourceServer(facilitatorClient);
   server$1.registerExactSvmScheme(server$2);
   const networkId = config.network === "mainnet-beta" ? "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp" : "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1";
-  return function withMicropay(handler, routeConfig) {
+  return function withMicropay(handler, _routeConfig) {
     const priceValue = config.price?.toString() || "0";
-    const amountValue = (BigInt(priceValue) * BigInt(1e6)).toString();
-    const paymentSpec = {
-      scheme: "exact",
-      payTo: config.walletAddress,
-      amount: amountValue,
-      network: networkId,
-      asset: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU"
-      // Native SOL asset
-    };
-    const finalConfig = routeConfig || {
-      accepts: {
-        ...paymentSpec,
-        price: priceValue
-        // Include for x402 SDK 402 generation
-      }
-    };
-    const wrappedHandler = next.withX402(handler, finalConfig, server$2);
     return async (req, ctx) => {
       const authHeader = req.headers?.get?.("authorization") || req.headers?.authorization;
       if (authHeader && authHeader.toLowerCase().startsWith("x402 ")) {
         try {
-          const base64Payload = authHeader.slice(5);
-          const payloadJson = Buffer.from(base64Payload, "base64").toString("utf8");
+          const base64Payload2 = authHeader.slice(5);
+          const payloadJson = Buffer.from(base64Payload2, "base64").toString("utf8");
           let payload = JSON.parse(payloadJson);
           if (payload.scheme === "exact-svm" || payload.scheme === "exact-evm") {
             payload = transformPayAIToX402(payload, networkId);
@@ -267,7 +250,7 @@ function createX402Middleware(config) {
             const verifyPaymentSpec = {
               scheme: payload.scheme || "exact",
               network: payload.network || networkId,
-              amount: amountValue,
+              amount: priceValue,
               payTo: config.walletAddress
             };
             let verifyResult;
@@ -290,32 +273,33 @@ function createX402Middleware(config) {
         } catch (parseError) {
         }
       }
-      const compatibleReq = new Proxy(req, {
-        get(target, prop) {
-          if (prop === "url") {
-            return target.nextUrl?.pathname || target.url;
-          }
-          if (prop === "headers") {
-            const headers = target.headers;
-            return new Proxy(headers, {
-              get(hTarget, hProp) {
-                if (hProp === "authorization" || hProp === "Authorization") {
-                  const val3 = hTarget.get("authorization");
-                  return val3;
-                }
-                if (typeof hProp === "string" && !["get", "set", "has", "delete", "entries", "keys", "values", "forEach", "append"].includes(hProp) && typeof hTarget[hProp] === "undefined") {
-                  return hTarget.get(hProp) || void 0;
-                }
-                const val2 = hTarget[hProp];
-                return typeof val2 === "function" ? val2.bind(hTarget) : val2;
-              }
-            });
-          }
-          const val = target[prop];
-          return typeof val === "function" ? val.bind(target) : val;
+      const paymentPayload = {
+        x402Version: 2,
+        error: "Payment required",
+        resource: {
+          url: req.nextUrl?.pathname || req.url,
+          description: "",
+          mimeType: ""
+        },
+        accepts: [{
+          scheme: "exact",
+          network: networkId,
+          amount: priceValue,
+          // Use raw lamports, no multiplier
+          asset: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+          payTo: config.walletAddress,
+          maxTimeoutSeconds: 300,
+          extra: { feePayer: "11111111111111111111111111111111" }
+        }]
+      };
+      const base64Payload = Buffer.from(JSON.stringify(paymentPayload)).toString("base64");
+      return new Response(JSON.stringify({}), {
+        status: 402,
+        headers: {
+          "Content-Type": "application/json",
+          "payment-required": base64Payload
         }
       });
-      return await wrappedHandler(compatibleReq, ctx);
     };
   };
 }

package/dist/next/index.d.cts

@@ -19,7 +19,7 @@ interface X402Config {
 /**
  * Create a specialized Next.js middleware with Solana support pre-configured
  */
-declare function createX402Middleware(config: X402Config): (handler: any, routeConfig?: any) => (req: any, ctx: any) => Promise<any>;
+declare function createX402Middleware(config: X402Config): (handler: any, _routeConfig?: any) => (req: any, ctx: any) => Promise<any>;
 declare const withX402: typeof withX402$1;
 
 export { type X402Config, createX402Middleware, withX402 };

package/dist/next/index.d.ts

@@ -19,7 +19,7 @@ interface X402Config {
 /**
  * Create a specialized Next.js middleware with Solana support pre-configured
  */
-declare function createX402Middleware(config: X402Config): (handler: any, routeConfig?: any) => (req: any, ctx: any) => Promise<any>;
+declare function createX402Middleware(config: X402Config): (handler: any, _routeConfig?: any) => (req: any, ctx: any) => Promise<any>;
 declare const withX402: typeof withX402$1;
 
 export { type X402Config, createX402Middleware, withX402 };

package/dist/next/index.js

@@ -232,31 +232,14 @@ function createX402Middleware(config) {
   const server = new x402ResourceServer(facilitatorClient);
   registerExactSvmScheme(server);
   const networkId = config.network === "mainnet-beta" ? "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp" : "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1";
-  return function withMicropay(handler, routeConfig) {
+  return function withMicropay(handler, _routeConfig) {
     const priceValue = config.price?.toString() || "0";
-    const amountValue = (BigInt(priceValue) * BigInt(1e6)).toString();
-    const paymentSpec = {
-      scheme: "exact",
-      payTo: config.walletAddress,
-      amount: amountValue,
-      network: networkId,
-      asset: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU"
-      // Native SOL asset
-    };
-    const finalConfig = routeConfig || {
-      accepts: {
-        ...paymentSpec,
-        price: priceValue
-        // Include for x402 SDK 402 generation
-      }
-    };
-    const wrappedHandler = withX402$1(handler, finalConfig, server);
     return async (req, ctx) => {
       const authHeader = req.headers?.get?.("authorization") || req.headers?.authorization;
       if (authHeader && authHeader.toLowerCase().startsWith("x402 ")) {
         try {
-          const base64Payload = authHeader.slice(5);
-          const payloadJson = Buffer.from(base64Payload, "base64").toString("utf8");
+          const base64Payload2 = authHeader.slice(5);
+          const payloadJson = Buffer.from(base64Payload2, "base64").toString("utf8");
           let payload = JSON.parse(payloadJson);
           if (payload.scheme === "exact-svm" || payload.scheme === "exact-evm") {
             payload = transformPayAIToX402(payload, networkId);
@@ -266,7 +249,7 @@ function createX402Middleware(config) {
             const verifyPaymentSpec = {
               scheme: payload.scheme || "exact",
               network: payload.network || networkId,
-              amount: amountValue,
+              amount: priceValue,
               payTo: config.walletAddress
             };
             let verifyResult;
@@ -289,32 +272,33 @@ function createX402Middleware(config) {
         } catch (parseError) {
         }
       }
-      const compatibleReq = new Proxy(req, {
-        get(target, prop) {
-          if (prop === "url") {
-            return target.nextUrl?.pathname || target.url;
-          }
-          if (prop === "headers") {
-            const headers = target.headers;
-            return new Proxy(headers, {
-              get(hTarget, hProp) {
-                if (hProp === "authorization" || hProp === "Authorization") {
-                  const val3 = hTarget.get("authorization");
-                  return val3;
-                }
-                if (typeof hProp === "string" && !["get", "set", "has", "delete", "entries", "keys", "values", "forEach", "append"].includes(hProp) && typeof hTarget[hProp] === "undefined") {
-                  return hTarget.get(hProp) || void 0;
-                }
-                const val2 = hTarget[hProp];
-                return typeof val2 === "function" ? val2.bind(hTarget) : val2;
-              }
-            });
-          }
-          const val = target[prop];
-          return typeof val === "function" ? val.bind(target) : val;
+      const paymentPayload = {
+        x402Version: 2,
+        error: "Payment required",
+        resource: {
+          url: req.nextUrl?.pathname || req.url,
+          description: "",
+          mimeType: ""
+        },
+        accepts: [{
+          scheme: "exact",
+          network: networkId,
+          amount: priceValue,
+          // Use raw lamports, no multiplier
+          asset: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+          payTo: config.walletAddress,
+          maxTimeoutSeconds: 300,
+          extra: { feePayer: "11111111111111111111111111111111" }
+        }]
+      };
+      const base64Payload = Buffer.from(JSON.stringify(paymentPayload)).toString("base64");
+      return new Response(JSON.stringify({}), {
+        status: 402,
+        headers: {
+          "Content-Type": "application/json",
+          "payment-required": base64Payload
         }
       });
-      return await wrappedHandler(compatibleReq, ctx);
     };
   };
 }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@alleyboss/micropay-solana-x402-paywall",
-    "version": "3.5.1",
+    "version": "3.5.2",
     "description": "Production-ready Solana micropayments library wrapper for official x402 SDK",
     "author": "AlleyBoss",
     "license": "MIT",