npm - @ar-agents/mercadopago - Versions diffs - 0.2.0 → 0.4.0 - Mend

@ar-agents/mercadopago 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
+import { createHmac, timingSafeEqual, createHash } from 'crypto';
 import { tool } from 'ai';
 import { z } from 'zod';
-import { createHmac, timingSafeEqual } from 'crypto';
 // src/errors.ts
 var MercadoPagoError = class extends Error {
@@ -98,12 +98,38 @@ var MercadoPagoRateLimitError = class extends MercadoPagoError {
   }
   retryAfterSeconds;
 };
+var MercadoPagoOverloadedError = class extends MercadoPagoError {
+  constructor(endpoint, status) {
+    super(
+      `Mercado Pago appears overloaded \u2014 returned a non-JSON ${status} response for ${endpoint}. Wait a few seconds and retry.`,
+      status,
+      endpoint
+    );
+    this.name = "MercadoPagoOverloadedError";
+  }
+};
+var MercadoPagoTimeoutError = class extends MercadoPagoError {
+  constructor(endpoint, timeoutMs) {
+    super(
+      `Mercado Pago request timed out after ${timeoutMs}ms on ${endpoint}. Increase requestTimeoutMs or check connectivity.`,
+      0,
+      endpoint
+    );
+    this.timeoutMs = timeoutMs;
+    this.name = "MercadoPagoTimeoutError";
+  }
+  timeoutMs;
+};
 function classifyError(status, endpoint, body, context) {
   const bodyText = typeof body === "string" ? body : body && typeof body === "object" ? JSON.stringify(body) : "";
   const lower = bodyText.toLowerCase();
   if (status === 401) return new MercadoPagoAuthError(endpoint, body);
   if (status === 429) {
-    return new MercadoPagoRateLimitError(endpoint, null, body);
+    let retryAfter = null;
+    const obj = body;
+    if (obj?.retry_after) retryAfter = Number(obj.retry_after);
+    else if (obj?.["retry-after"]) retryAfter = Number(obj["retry-after"]);
+    return new MercadoPagoRateLimitError(endpoint, retryAfter, body);
   }
   if (status === 400) {
     if (lower.includes("back_url") && lower.includes("not a valid url")) {
@@ -129,10 +155,16 @@ function classifyError(status, endpoint, body, context) {
 // src/client.ts
 var DEFAULT_BASE_URL = "https://api.mercadopago.com";
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
 var MercadoPagoClient = class {
   accessToken;
   baseUrl;
   fetchImpl;
+  requestTimeoutMs;
+  maxRetries;
+  onCall;
   constructor(options) {
     if (!options.accessToken) {
       throw new Error(
@@ -142,6 +174,9 @@ var MercadoPagoClient = class {
     this.accessToken = options.accessToken;
     this.baseUrl = options.baseUrl ?? DEFAULT_BASE_URL;
     this.fetchImpl = options.fetch;
+    this.requestTimeoutMs = options.requestTimeoutMs ?? 3e4;
+    this.maxRetries = Math.max(0, options.maxRetries ?? 1);
+    this.onCall = options.onCall;
   }
   async request(method, path, body, options) {
     const headers = {
@@ -151,10 +186,6 @@ var MercadoPagoClient = class {
     if (options?.idempotencyKey) {
       headers["X-Idempotency-Key"] = options.idempotencyKey;
     }
-    const init = { method, headers };
-    if (body !== void 0) {
-      init.body = JSON.stringify(body);
-    }
     let url = `${this.baseUrl}${path}`;
     if (options?.query) {
       const search = new URLSearchParams();
@@ -167,20 +198,95 @@ var MercadoPagoClient = class {
       if (qs) url += `?${qs}`;
     }
     const fetchFn = this.fetchImpl ?? globalThis.fetch;
-    const res = await fetchFn(url, init);
-    if (!res.ok) {
-      let parsed;
-      const text2 = await res.text();
+    const t0 = Date.now();
+    let attempt = 0;
+    let lastError;
+    let lastStatus = null;
+    while (attempt <= this.maxRetries) {
+      const controller = new AbortController();
+      const timer = setTimeout(() => controller.abort(), this.requestTimeoutMs);
+      const init = { method, headers, signal: controller.signal };
+      if (body !== void 0) init.body = JSON.stringify(body);
       try {
-        parsed = JSON.parse(text2);
-      } catch {
-        parsed = text2;
+        const res = await fetchFn(url, init);
+        clearTimeout(timer);
+        lastStatus = res.status;
+        if (res.ok) {
+          const text2 = await res.text();
+          this.onCall?.({
+            method,
+            path,
+            durationMs: Date.now() - t0,
+            httpStatus: res.status,
+            retried: attempt,
+            success: true
+          });
+          if (!text2) return void 0;
+          return JSON.parse(text2);
+        }
+        const isRetryable = res.status >= 500 || res.status === 429;
+        if (isRetryable && attempt < this.maxRetries) {
+          const retryAfter = res.headers.get("retry-after");
+          const waitMs = retryAfter ? Number(retryAfter) * 1e3 : 250 * Math.pow(2, attempt);
+          attempt++;
+          await sleep(waitMs);
+          continue;
+        }
+        const contentType = res.headers.get("content-type") ?? "";
+        if (res.status >= 500 && !contentType.includes("application/json")) {
+          this.onCall?.({
+            method,
+            path,
+            durationMs: Date.now() - t0,
+            httpStatus: res.status,
+            retried: attempt,
+            success: false
+          });
+          throw new MercadoPagoOverloadedError(path, res.status);
+        }
+        let parsed;
+        const text = await res.text();
+        try {
+          parsed = JSON.parse(text);
+        } catch {
+          parsed = text;
+        }
+        const err = classifyError(res.status, path, parsed, options?.classifyContext);
+        this.onCall?.({
+          method,
+          path,
+          durationMs: Date.now() - t0,
+          httpStatus: res.status,
+          retried: attempt,
+          success: false
+        });
+        throw err;
+      } catch (err) {
+        clearTimeout(timer);
+        if (err instanceof MercadoPagoError) throw err;
+        const isAbort = err instanceof Error && err.name === "AbortError";
+        const isNetwork = !lastStatus && !isAbort;
+        if ((isNetwork || isAbort) && attempt < this.maxRetries) {
+          lastError = err;
+          attempt++;
+          await sleep(250 * Math.pow(2, attempt - 1));
+          continue;
+        }
+        this.onCall?.({
+          method,
+          path,
+          durationMs: Date.now() - t0,
+          httpStatus: lastStatus,
+          retried: attempt,
+          success: false
+        });
+        if (isAbort) {
+          throw new MercadoPagoTimeoutError(path, this.requestTimeoutMs);
+        }
+        throw err;
       }
-      throw classifyError(res.status, path, parsed, options?.classifyContext);
     }
-    const text = await res.text();
-    if (!text) return void 0;
-    return JSON.parse(text);
+    throw lastError ?? new Error(`MercadoPago request failed after ${this.maxRetries} retries`);
   }
   // ───────────────────────────────────────────────────────────────────────────
   // Subscriptions (Preapprovals) — v0.1 surface, kept stable
@@ -498,7 +604,301 @@ var MercadoPagoClient = class {
   async getMe() {
     return this.request("GET", "/users/me");
   }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Card tokens (server-side, for saved-card retokenization)
+  // ───────────────────────────────────────────────────────────────────────────
+  /**
+   * Create a single-use card token from a saved card. This is the server-side
+   * retokenization path (PCI-safe because the card data lives in MP's vault,
+   * we only pass the saved card_id + customer_id + the user-supplied CVV).
+   *
+   * Tokens expire in 7 days but typically burn on first use. AR currently
+   * REQUIRES CVV on every charge (MP doesn't store it); skipping CVV requires
+   * a private MP product enablement, not a public API.
+   */
+  async createCardToken(params) {
+    return this.request("POST", "/v1/card_tokens", {
+      card_id: params.cardId,
+      customer_id: params.customerId,
+      security_code: params.securityCode
+    });
+  }
+  /**
+   * High-level helper: charge a saved card in 3 steps.
+   * 1. Mint a card token from {customer_id, card_id, security_code}
+   * 2. Lookup card to fill payment_method_id (avoids agent guessing)
+   * 3. Create the payment with the token + idempotency key
+   *
+   * Returns the resulting Payment. Uses deterministic idempotency from
+   * (card_id, amount, externalReference) so retries dedupe on MP's side.
+   */
+  async chargeSavedCard(params) {
+    const token = await this.createCardToken({
+      cardId: params.cardId,
+      customerId: params.customerId,
+      securityCode: params.securityCode
+    });
+    const card = await this.getCustomerCard(params.customerId, params.cardId);
+    const paymentMethodId = card.payment_method?.id;
+    if (!paymentMethodId) {
+      throw new MercadoPagoError(
+        `Saved card ${params.cardId} has no payment_method.id. Cannot charge.`,
+        0,
+        `/v1/customers/${params.customerId}/cards/${params.cardId}`
+      );
+    }
+    const body = {
+      transaction_amount: params.amount,
+      token: token.id,
+      payment_method_id: paymentMethodId,
+      installments: params.installments ?? 1,
+      description: params.description,
+      payer: { type: "customer", id: params.customerId }
+    };
+    if (params.externalReference) body.external_reference = params.externalReference;
+    if (params.statementDescriptor) body.statement_descriptor = params.statementDescriptor;
+    return this.request("POST", "/v1/payments", body, {
+      ...params.idempotencyKey !== void 0 ? { idempotencyKey: params.idempotencyKey } : {},
+      classifyContext: { customerId: params.customerId }
+    });
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // QR (in-store dynamic) — Section 2 of v0.3 spec
+  // ───────────────────────────────────────────────────────────────────────────
+  /**
+   * Create a dynamic in-store QR order. Returns `qr_data` (EMVCo TLV string)
+   * + `in_store_order_id`. The buyer scans the QR with any AR wallet (Modo,
+   * BNA+, Cuenta DNI, Naranja X, etc. — interop is mandated by Transferencias
+   * 3.0). On payment, MP fires `point_integration_wh` then `payment` topics.
+   *
+   * Requires a pre-configured POS (`external_pos_id` from MP dashboard or
+   * `POST /pos`). The seller's `user_id` is auto-fetched from `/users/me`.
+   *
+   * The lib does NOT render the QR image — pass `qr_data` to a QR renderer
+   * (e.g., `qrcode` package) to get a data URL. The agent tool layer wraps
+   * this and returns both raw + data URL.
+   */
+  async createQrPayment(userId, params) {
+    const body = {
+      total_amount: params.totalAmount,
+      title: params.title
+    };
+    if (params.description) body.description = params.description;
+    if (params.notificationUrl) body.notification_url = params.notificationUrl;
+    if (params.externalReference) body.external_reference = params.externalReference;
+    if (params.expirationDate) body.expiration_date = params.expirationDate;
+    body.items = params.items ?? [
+      {
+        title: params.title,
+        quantity: 1,
+        unit_price: params.totalAmount,
+        unit_measure: "unit",
+        total_amount: params.totalAmount
+      }
+    ];
+    return this.request(
+      "PUT",
+      `/instore/orders/qr/seller/collectors/${encodeURIComponent(userId)}/pos/${encodeURIComponent(params.externalPosId)}/qrs`,
+      body
+    );
+  }
+  /**
+   * Cancel a pending QR order on a POS. Necessary if the buyer never scans
+   * — otherwise the next `createQrPayment` on the same POS returns 409.
+   */
+  async cancelQrPayment(userId, externalPosId) {
+    await this.request(
+      "DELETE",
+      `/instore/orders/qr/seller/collectors/${encodeURIComponent(userId)}/pos/${encodeURIComponent(externalPosId)}/qrs`
+    );
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Subscription Plans (preapproval_plan — reusable plans, v0.4)
+  // ───────────────────────────────────────────────────────────────────────────
+  /**
+   * Create a reusable subscription plan. Customers later subscribe to it via
+   * `subscribeToPlan` (which creates a preapproval pointing at the plan).
+   *
+   * Use this when you have fixed tiers (Básico/Pro/Enterprise). For custom
+   * per-customer amounts, skip plans and use `createPreapproval` directly.
+   */
+  async createSubscriptionPlan(params) {
+    const body = {
+      reason: params.reason,
+      back_url: params.backUrl,
+      auto_recurring: {
+        frequency: params.frequency,
+        frequency_type: params.frequencyType,
+        transaction_amount: params.amount,
+        currency_id: params.currency,
+        ...params.freeTrialFrequency !== void 0 && params.freeTrialFrequencyType !== void 0 ? {
+          free_trial: {
+            frequency: params.freeTrialFrequency,
+            frequency_type: params.freeTrialFrequencyType
+          }
+        } : {}
+      }
+    };
+    if (params.externalReference) body.external_reference = params.externalReference;
+    return this.request("POST", "/preapproval_plan", body);
+  }
+  async getSubscriptionPlan(id) {
+    return this.request("GET", `/preapproval_plan/${id}`);
+  }
+  async listSubscriptionPlans(params = {}) {
+    const query = {
+      limit: params.limit ?? 30,
+      offset: params.offset ?? 0
+    };
+    if (params.status) query["status"] = params.status;
+    return this.request("GET", "/preapproval_plan/search", void 0, { query });
+  }
+  async updateSubscriptionPlan(id, patch) {
+    const body = {};
+    if (patch.reason !== void 0) body.reason = patch.reason;
+    if (patch.status !== void 0) body.status = patch.status;
+    if (patch.backUrl !== void 0) body.back_url = patch.backUrl;
+    if (patch.amount !== void 0) {
+      body.auto_recurring = { transaction_amount: patch.amount };
+    }
+    return this.request("PUT", `/preapproval_plan/${id}`, body);
+  }
+  /**
+   * Subscribe a customer to an existing plan. Returns a Preapproval with
+   * `init_point` URL where the buyer completes the first payment.
+   */
+  async subscribeToPlan(params) {
+    const body = {
+      preapproval_plan_id: params.planId,
+      payer_email: params.payerEmail
+    };
+    if (params.cardTokenId) body.card_token_id = params.cardTokenId;
+    if (params.externalReference) body.external_reference = params.externalReference;
+    return this.request("POST", "/preapproval", body, {
+      classifyContext: { payerEmail: params.payerEmail }
+    });
+  }
+  /**
+   * List the auto-charge attempts (authorized_payments) under a preapproval.
+   * Useful for "show me the cobros of the last 6 months for this client".
+   */
+  async listSubscriptionPayments(preapprovalId, params = {}) {
+    const query = {
+      preapproval_id: preapprovalId,
+      limit: params.limit ?? 30,
+      offset: params.offset ?? 0
+    };
+    return this.request(
+      "GET",
+      `/authorized_payments/search`,
+      void 0,
+      { query, classifyContext: { preapprovalId } }
+    );
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Stores + POS (for QR payments self-serve setup, v0.4)
+  // ───────────────────────────────────────────────────────────────────────────
+  /** Create a store for the seller. POSes (for QR) live under stores. */
+  async createStore(userId, params) {
+    const body = {
+      name: params.name,
+      external_id: params.externalId
+    };
+    if (params.location) {
+      body.location = {
+        ...params.location.addressLine ? { address_line: params.location.addressLine } : {},
+        ...params.location.cityName ? { city_name: params.location.cityName } : {},
+        ...params.location.stateName ? { state_name: params.location.stateName } : {},
+        ...params.location.countryId ? { country_id: params.location.countryId } : {},
+        ...params.location.latitude !== void 0 ? { latitude: params.location.latitude } : {},
+        ...params.location.longitude !== void 0 ? { longitude: params.location.longitude } : {}
+      };
+    }
+    return this.request("POST", `/users/${encodeURIComponent(userId)}/stores`, body);
+  }
+  async listStores(userId, params = {}) {
+    const query = {
+      limit: params.limit ?? 50,
+      offset: params.offset ?? 0
+    };
+    return this.request("GET", `/users/${encodeURIComponent(userId)}/stores/search`, void 0, { query });
+  }
+  /** Create a POS under a store. The POS's `external_id` is what `createQrPayment` uses. */
+  async createPos(params) {
+    const body = {
+      name: params.name,
+      external_id: params.externalId,
+      store_id: params.storeId,
+      category: params.category ?? 621102
+      // "Other Food and Beverage Services" — generic default
+    };
+    if (params.fixedAmount !== void 0) body.fixed_amount = params.fixedAmount;
+    return this.request("POST", "/pos", body);
+  }
+  async listPos(params = {}) {
+    const query = {
+      limit: params.limit ?? 50,
+      offset: params.offset ?? 0
+    };
+    if (params.storeId !== void 0) query["store_id"] = String(params.storeId);
+    return this.request("GET", "/pos", void 0, { query });
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Disputes (read-only, v0.4)
+  // ───────────────────────────────────────────────────────────────────────────
+  async listPaymentDisputes(paymentId) {
+    return this.request("GET", `/v1/payments/${paymentId}/disputes`, void 0, {
+      classifyContext: { paymentId }
+    });
+  }
+  async getDispute(paymentId, disputeId) {
+    return this.request(
+      "GET",
+      `/v1/payments/${paymentId}/disputes/${disputeId}`,
+      void 0,
+      { classifyContext: { paymentId } }
+    );
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Identification Types + Issuers (lookup helpers, v0.4)
+  // ───────────────────────────────────────────────────────────────────────────
+  /** List valid identification types for the seller's site. AR returns DNI/CI/LE/LC/Otro/Pasaporte/CUIT/CUIL. */
+  async listIdentificationTypes() {
+    return this.request("GET", "/v1/identification_types");
+  }
+  /** List card issuers for a payment method. Useful with `bin` for installments. */
+  async listIssuers(params) {
+    const query = {
+      payment_method_id: params.paymentMethodId
+    };
+    if (params.bin) query["bin"] = params.bin;
+    return this.request("GET", "/v1/payment_methods/card_issuers", void 0, { query });
+  }
+  // ───────────────────────────────────────────────────────────────────────────
+  // Webhooks management (v0.4)
+  // ───────────────────────────────────────────────────────────────────────────
+  /** List configured webhook subscriptions. */
+  async listWebhooks() {
+    return this.request("GET", "/v1/webhooks");
+  }
+  /** Create a webhook subscription for a topic. */
+  async createWebhook(params) {
+    return this.request("POST", "/v1/webhooks", {
+      url: params.url,
+      topic: params.topic
+    });
+  }
+  async updateWebhook(id, patch) {
+    return this.request("PUT", `/v1/webhooks/${id}`, patch);
+  }
+  async deleteWebhook(id) {
+    await this.request("DELETE", `/v1/webhooks/${id}`);
+  }
 };
+function deterministicIdempotencyKey(...parts) {
+  const payload = parts.filter((p) => p !== void 0 && p !== null).map(String).join("|");
+  return createHash("sha256").update(payload).digest("hex").slice(0, 32);
+}
 var DEFAULT_DESCRIPTIONS = {
   // ── Subscriptions ────────────────────────────────────────────────────────
   create_subscription: "Create a Mercado Pago recurring subscription. Returns an init_point URL where the customer must complete the FIRST payment with their card and CVV (this is a hard MP requirement; agents cannot bypass it). After they pay, MP will auto-charge at the configured frequency without further intervention.",
@@ -527,7 +927,34 @@ var DEFAULT_DESCRIPTIONS = {
   list_payment_methods: "List all payment methods enabled for the seller's MP account (visa, master, naranja, naranja_x, cabal, account_money, rapipago, pagofacil, etc.). Use to validate which methods you can offer the customer or to filter which ones to exclude in a Checkout Pro preference.",
   calculate_installments: "Calculate cuotas (installments) options for a given amount. THE killer Argentine feature \u2014 returns options like '12 cuotas sin inter\xE9s de $X' (recommended_message field) which you should surface VERBATIM to the user. Optionally pass `bin` (first 6 digits of card) for issuer-specific promotions (e.g., Naranja's interest-free deals). Use before create_payment to let the user pick installments knowingly.",
   // ── Account ──────────────────────────────────────────────────────────────
-  get_account_info: "Get info about the Mercado Pago account that owns the access token: site_id (MLA=Argentina), country_id, user_type (registered, partial, etc.). Useful to verify the agent is connected to the right account before taking actions."
+  get_account_info: "Get info about the Mercado Pago account that owns the access token: site_id (MLA=Argentina), country_id, user_type (registered, partial, etc.). Useful to verify the agent is connected to the right account before taking actions.",
+  // ── Saved-card charging (v0.3) ───────────────────────────────────────────
+  charge_saved_card: "Charge a previously-saved card for a returning customer. Requires customer_id + card_id (from list_customer_cards) AND a fresh CVV the user provides this session. AR Mercado Pago does NOT support CVV-less charges via the public API \u2014 every charge needs CVV. Idempotent on (card_id, amount, external_reference): retries dedupe automatically. Returns the resulting Payment.",
+  // ── QR in-store (v0.3) ───────────────────────────────────────────────────
+  create_qr_payment: "Generate a dynamic in-store QR for a buyer to scan with any AR wallet (Modo, BNA+, Cuenta DNI, Naranja X, Mercado Pago, etc. \u2014 interop is mandated by Transferencias 3.0). Requires a pre-configured POS external_id (use create_pos to set one up first if needed). Returns the qr_data string + a base64 PNG data URL ready to display. The QR expires in `expires_in_seconds` (default 600). MP fires `point_integration_wh` then `payment` webhooks when scanned.",
+  cancel_qr_payment: "Cancel a pending QR order on a POS. Necessary if the buyer never scans \u2014 otherwise the next create_qr_payment on the same POS returns 409.",
+  // ── Subscription Plans (v0.4) ────────────────────────────────────────────
+  create_subscription_plan: "Create a REUSABLE subscription plan (preapproval_plan). Different from create_subscription: a plan defines price + frequency once, then customers subscribe to it via subscribe_to_plan. Use plans for SaaS-style billing (B\xE1sico/Pro/Enterprise tiers). For per-customer custom amounts, use create_subscription directly.",
+  list_subscription_plans: "List all subscription plans defined for this MP account. Useful before create_subscription_plan to check if one already exists, or for surfacing options to a customer.",
+  update_subscription_plan: "Update a subscription plan's reason / amount / status / back_url. Existing customer subscriptions to the plan are NOT automatically updated \u2014 only NEW subscribers get the new pricing.",
+  subscribe_to_plan: "Subscribe a customer to an existing reusable plan. Returns a Preapproval with init_point URL where the customer completes first payment. Cleaner than create_subscription when you have fixed tiers.",
+  list_subscription_payments: "List the auto-charge attempts (authorized_payments) under a subscription. Useful for 'show me the cobros del \xFAltimo mes for this client' or to debug a failing recurring charge.",
+  // ── Stores + POS (v0.4) ──────────────────────────────────────────────────
+  create_store: "Create a store under the seller's MP account. Stores are the parent entity for POSes (which generate QR payments). Required ONE-TIME setup before create_pos. Pass a unique external_id and a display name.",
+  list_stores: "List all stores configured for this MP account. Use this to find an existing store_id before create_pos, or to surface store options to the agent.",
+  create_pos: "Create a POS (Point of Sale) under a store. The POS's external_id is what create_qr_payment uses. Each physical checkout / counter / agent typically has its own POS. Categories are MP-defined (default 621102 = Other Food and Beverage Services).",
+  list_pos: "List all POSes for the seller (or filtered by store_id). Use to find an existing POS before create_qr_payment, or to surface options.",
+  // ── Disputes (v0.4 — read-only) ──────────────────────────────────────────
+  list_payment_disputes: "List all disputes / chargebacks raised against a payment. Read-only \u2014 resolution is dashboard-only. Surface the dashboard URL `https://www.mercadopago.com.ar/disputes/{dispute_id}` to the user when they need to respond.",
+  get_dispute: "Get details of a specific dispute including reason, amount, resolution status. Read-only.",
+  // ── Lookup helpers (v0.4) ────────────────────────────────────────────────
+  list_identification_types: "List valid identification types for the seller's site. AR returns: DNI, CI, LE, LC, Otro, Pasaporte, CUIT, CUIL with their min/max length. Useful to validate an identification before passing to create_payment.",
+  list_issuers: "List card issuers (banks) that support a payment_method_id. Optionally filter by `bin` (first 6 digits of the card) for accurate issuer detection. Useful with calculate_installments \u2014 issuer-specific promos (e.g., Naranja Galicia 6 cuotas sin inter\xE9s) only appear when the issuer is identified.",
+  // ── Webhooks management (v0.4) ───────────────────────────────────────────
+  list_webhooks: "List all webhook subscriptions configured for this MP application. Use to see what topics + URLs are wired before adding new ones.",
+  create_webhook: "Subscribe a webhook URL to a MP topic (payment, subscription_authorized_payment, subscription_preapproval, merchant_order, point_integration_wh). MP will POST to this URL when events of that topic fire.",
+  update_webhook: "Update a webhook's URL or topic. Useful when you change deployment URLs without resubscribing from scratch.",
+  delete_webhook: "Delete a webhook subscription. MP stops POSTing to it immediately."
 };
 function mercadoPagoTools(client, options) {
   const desc = (name) => options.descriptions?.[name] ?? DEFAULT_DESCRIPTIONS[name];
@@ -669,8 +1096,15 @@ function mercadoPagoTools(client, options) {
           ...input.identification !== void 0 ? { identification: input.identification } : {},
           ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
           ...options.notificationUrl !== void 0 ? { notificationUrl: options.notificationUrl } : {},
-          // Auto-generate idempotency key from caller-meaningful fields
-          idempotencyKey: `${input.external_reference ?? input.payer_email}-${input.amount_ars}-${Date.now()}`
+          // Deterministic idempotency key — safe to retry, same inputs always
+          // produce the same key (MP dedupes on its side).
+          idempotencyKey: deterministicIdempotencyKey(
+            "create_payment",
+            input.external_reference ?? input.payer_email,
+            input.amount_ars,
+            input.payment_method_id,
+            input.token
+          )
         });
         return {
           payment_id: payment.id,
@@ -787,7 +1221,7 @@ function mercadoPagoTools(client, options) {
         const refund = await client.createRefund({
           paymentId: payment_id,
           ...amount_ars !== void 0 ? { amount: amount_ars } : {},
-          idempotencyKey: `refund-${payment_id}-${amount_ars ?? "full"}`
+          idempotencyKey: deterministicIdempotencyKey("refund", payment_id, amount_ars ?? "full")
         });
         return {
           refund_id: refund.id,
@@ -1027,6 +1461,493 @@ function mercadoPagoTools(client, options) {
           user_type: me.user_type
         };
       }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Saved-card charging (v0.3)
+    // ─────────────────────────────────────────────────────────────────────────
+    charge_saved_card: tool({
+      description: desc("charge_saved_card"),
+      inputSchema: z.object({
+        customer_id: z.string().describe("MP customer id (from create_customer / find_customer_by_email)"),
+        card_id: z.string().describe("Saved card id (from list_customer_cards)"),
+        security_code: z.string().regex(/^\d{3,4}$/).describe("CVV \u2014 3 digits (Visa/Master) or 4 (Amex). User must provide this each charge in AR."),
+        amount_ars: z.number().positive(),
+        description: z.string().min(1).max(255),
+        installments: z.number().int().min(1).max(24).optional().describe("Default 1. Use calculate_installments first to pick a valid count."),
+        external_reference: z.string().optional(),
+        statement_descriptor: z.string().max(13).optional()
+      }),
+      execute: async (input) => {
+        const payment = await client.chargeSavedCard({
+          customerId: input.customer_id,
+          cardId: input.card_id,
+          securityCode: input.security_code,
+          amount: input.amount_ars,
+          description: input.description,
+          ...input.installments !== void 0 ? { installments: input.installments } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
+          idempotencyKey: deterministicIdempotencyKey(
+            "charge_saved_card",
+            input.card_id,
+            input.amount_ars,
+            input.external_reference
+          )
+        });
+        return {
+          payment_id: payment.id,
+          status: payment.status,
+          status_detail: payment.status_detail,
+          amount: payment.transaction_amount,
+          installments: payment.installments,
+          payment_method: payment.payment_method_id,
+          customer_id: input.customer_id,
+          card_id: input.card_id,
+          external_reference: payment.external_reference,
+          date_approved: payment.date_approved
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // QR in-store (v0.3)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_qr_payment: tool({
+      description: desc("create_qr_payment"),
+      inputSchema: z.object({
+        external_pos_id: z.string().describe("Pre-configured POS external_id from MP dashboard. Required."),
+        amount_ars: z.number().positive(),
+        title: z.string().min(1).max(80).describe("Display title shown when scanning"),
+        description: z.string().max(255).optional(),
+        external_reference: z.string().optional(),
+        notification_url: z.string().url().optional().describe("Webhook URL \u2014 falls back to dashboard config if omitted"),
+        expires_in_seconds: z.number().int().min(60).max(3600).optional().describe("Default 600 (10 min)")
+      }),
+      execute: async (input) => {
+        const QRCode = (await import('qrcode')).default;
+        const me = await client.getMe();
+        const userId = String(me.id);
+        const expiresAt = new Date(
+          Date.now() + (input.expires_in_seconds ?? 600) * 1e3
+        ).toISOString();
+        const qr = await client.createQrPayment(userId, {
+          externalPosId: input.external_pos_id,
+          totalAmount: input.amount_ars,
+          title: input.title,
+          ...input.description !== void 0 ? { description: input.description } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.notification_url !== void 0 ? { notificationUrl: input.notification_url } : {},
+          expirationDate: expiresAt
+        });
+        const qrDataUrl = await QRCode.toDataURL(qr.qr_data, {
+          errorCorrectionLevel: "M",
+          margin: 1,
+          width: 512
+        });
+        return {
+          in_store_order_id: qr.in_store_order_id,
+          qr_data: qr.qr_data,
+          qr_data_url: qrDataUrl,
+          expires_at: expiresAt,
+          external_pos_id: input.external_pos_id,
+          amount: input.amount_ars,
+          next_step: "Display the qr_data_url image to the buyer. Wait for the payment webhook (point_integration_wh fires first, then payment topic). If buyer doesn't scan in time, call cancel_qr_payment to free the POS."
+        };
+      }
+    }),
+    cancel_qr_payment: tool({
+      description: desc("cancel_qr_payment"),
+      inputSchema: z.object({
+        external_pos_id: z.string()
+      }),
+      execute: async ({ external_pos_id }) => {
+        const me = await client.getMe();
+        await client.cancelQrPayment(String(me.id), external_pos_id);
+        return { external_pos_id, cancelled: true };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Subscription Plans (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_subscription_plan: tool({
+      description: desc("create_subscription_plan"),
+      inputSchema: z.object({
+        reason: z.string().min(3).max(120).describe("Plan name shown at checkout"),
+        amount_ars: z.number().positive(),
+        frequency_months: z.number().int().min(1).max(12),
+        back_url: z.string().url().describe("HTTPS URL where MP redirects after first payment"),
+        external_reference: z.string().optional(),
+        free_trial_days: z.number().int().min(1).max(60).optional().describe("Free trial period in days before first charge")
+      }),
+      execute: async (input) => {
+        const plan = await client.createSubscriptionPlan({
+          reason: input.reason,
+          amount: input.amount_ars,
+          currency: "ARS",
+          frequency: input.frequency_months,
+          frequencyType: "months",
+          backUrl: input.back_url,
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.free_trial_days !== void 0 ? { freeTrialFrequency: input.free_trial_days, freeTrialFrequencyType: "days" } : {}
+        });
+        return {
+          plan_id: plan.id,
+          status: plan.status,
+          reason: plan.reason,
+          amount: plan.auto_recurring.transaction_amount,
+          currency: plan.auto_recurring.currency_id,
+          frequency: `${plan.auto_recurring.frequency} ${plan.auto_recurring.frequency_type}`,
+          external_reference: plan.external_reference,
+          next_step: "Use subscribe_to_plan to enroll customers in this plan, or share its ID for them to subscribe via your frontend."
+        };
+      }
+    }),
+    list_subscription_plans: tool({
+      description: desc("list_subscription_plans"),
+      inputSchema: z.object({
+        status: z.string().optional(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listSubscriptionPlans({
+          ...input.status !== void 0 ? { status: input.status } : {},
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          plans: result.results.map((p) => ({
+            plan_id: p.id,
+            reason: p.reason,
+            status: p.status,
+            amount: p.auto_recurring.transaction_amount,
+            currency: p.auto_recurring.currency_id,
+            frequency: `${p.auto_recurring.frequency} ${p.auto_recurring.frequency_type}`
+          }))
+        };
+      }
+    }),
+    update_subscription_plan: tool({
+      description: desc("update_subscription_plan"),
+      inputSchema: z.object({
+        plan_id: z.string(),
+        reason: z.string().optional(),
+        amount_ars: z.number().positive().optional(),
+        status: z.enum(["active", "cancelled"]).optional(),
+        back_url: z.string().url().optional()
+      }),
+      execute: async (input) => {
+        const updated = await client.updateSubscriptionPlan(input.plan_id, {
+          ...input.reason !== void 0 ? { reason: input.reason } : {},
+          ...input.amount_ars !== void 0 ? { amount: input.amount_ars } : {},
+          ...input.status !== void 0 ? { status: input.status } : {},
+          ...input.back_url !== void 0 ? { backUrl: input.back_url } : {}
+        });
+        return {
+          plan_id: updated.id,
+          status: updated.status,
+          reason: updated.reason,
+          amount: updated.auto_recurring.transaction_amount,
+          message: input.amount_ars !== void 0 ? "Updated. Existing subscribers keep their old amount; only NEW subscribers get the new pricing." : "Plan updated."
+        };
+      }
+    }),
+    subscribe_to_plan: tool({
+      description: desc("subscribe_to_plan"),
+      inputSchema: z.object({
+        plan_id: z.string(),
+        customer_email: z.string().email(),
+        external_reference: z.string().optional()
+      }),
+      execute: async (input) => {
+        const sub = await client.subscribeToPlan({
+          planId: input.plan_id,
+          payerEmail: input.customer_email,
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {}
+        });
+        return {
+          subscription_id: sub.id,
+          status: sub.status,
+          payer_email: sub.payer_email,
+          init_point_url: sub.init_point,
+          next_step: "Send init_point_url to the customer for first payment with card+CVV."
+        };
+      }
+    }),
+    list_subscription_payments: tool({
+      description: desc("list_subscription_payments"),
+      inputSchema: z.object({
+        subscription_id: z.string(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listSubscriptionPayments(input.subscription_id, {
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          subscription_id: input.subscription_id,
+          total: result.paging.total,
+          payments: result.results.map((p) => ({
+            authorized_payment_id: p.id,
+            payment_id: p.payment_id ?? null,
+            status: p.status,
+            amount: p.transaction_amount ?? null,
+            currency: p.currency_id ?? null,
+            debit_date: p.debit_date ?? null,
+            next_retry_date: p.next_retry_date ?? null,
+            retry_attempt: p.retry_attempt ?? 0,
+            reason: p.reason ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Stores + POS (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_store: tool({
+      description: desc("create_store"),
+      inputSchema: z.object({
+        name: z.string().min(1).max(80),
+        external_id: z.string().min(1).max(64).describe("Unique within the seller's stores"),
+        address_line: z.string().optional(),
+        city_name: z.string().optional(),
+        state_name: z.string().optional()
+      }),
+      execute: async (input) => {
+        const me = await client.getMe();
+        const store = await client.createStore(String(me.id), {
+          name: input.name,
+          externalId: input.external_id,
+          ...input.address_line || input.city_name || input.state_name ? {
+            location: {
+              ...input.address_line ? { addressLine: input.address_line } : {},
+              ...input.city_name ? { cityName: input.city_name } : {},
+              ...input.state_name ? { stateName: input.state_name } : {},
+              countryId: "AR"
+            }
+          } : {}
+        });
+        return {
+          store_id: store.id,
+          name: store.name,
+          external_id: store.external_id,
+          next_step: "Use create_pos with this store_id to add a Point of Sale where create_qr_payment can issue QRs."
+        };
+      }
+    }),
+    list_stores: tool({
+      description: desc("list_stores"),
+      inputSchema: z.object({
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const me = await client.getMe();
+        const result = await client.listStores(String(me.id), {
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          stores: result.results.map((s) => ({
+            store_id: s.id,
+            name: s.name ?? null,
+            external_id: s.external_id ?? null
+          }))
+        };
+      }
+    }),
+    create_pos: tool({
+      description: desc("create_pos"),
+      inputSchema: z.object({
+        name: z.string().min(1).max(80),
+        external_id: z.string().min(1).max(64).describe("Unique within the store. This is what create_qr_payment uses."),
+        store_id: z.string().describe("From create_store / list_stores"),
+        category: z.number().int().optional().describe("MP category code, default 621102 (other food/beverage)"),
+        fixed_amount: z.boolean().optional().describe("True for static QR with fixed amount; false (default) for dynamic per-order QR")
+      }),
+      execute: async (input) => {
+        const pos = await client.createPos({
+          name: input.name,
+          externalId: input.external_id,
+          storeId: input.store_id,
+          ...input.category !== void 0 ? { category: input.category } : {},
+          ...input.fixed_amount !== void 0 ? { fixedAmount: input.fixed_amount } : {}
+        });
+        return {
+          pos_id: pos.id,
+          external_id: pos.external_id,
+          store_id: pos.store_id,
+          name: pos.name,
+          next_step: "Use create_qr_payment with this external_id to start issuing dynamic QRs from this POS."
+        };
+      }
+    }),
+    list_pos: tool({
+      description: desc("list_pos"),
+      inputSchema: z.object({
+        store_id: z.string().optional(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listPos({
+          ...input.store_id !== void 0 ? { storeId: input.store_id } : {},
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          pos: result.results.map((p) => ({
+            pos_id: p.id,
+            external_id: p.external_id ?? null,
+            store_id: p.store_id ?? null,
+            name: p.name ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Disputes (v0.4 — read-only)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_payment_disputes: tool({
+      description: desc("list_payment_disputes"),
+      inputSchema: z.object({ payment_id: z.string() }),
+      execute: async ({ payment_id }) => {
+        const disputes = await client.listPaymentDisputes(payment_id);
+        return {
+          payment_id,
+          count: disputes.length,
+          disputes: disputes.map((d) => ({
+            dispute_id: d.id,
+            status: d.status,
+            amount: d.amount ?? null,
+            reason: d.reason ?? null,
+            date_created: d.date_created ?? null,
+            dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
+          }))
+        };
+      }
+    }),
+    get_dispute: tool({
+      description: desc("get_dispute"),
+      inputSchema: z.object({
+        payment_id: z.string(),
+        dispute_id: z.string()
+      }),
+      execute: async ({ payment_id, dispute_id }) => {
+        const d = await client.getDispute(payment_id, dispute_id);
+        return {
+          dispute_id: d.id,
+          status: d.status,
+          amount: d.amount ?? null,
+          reason: d.reason ?? null,
+          reason_description: d.reason_description ?? null,
+          resolution: d.resolution ?? null,
+          date_created: d.date_created ?? null,
+          dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Lookup helpers (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_identification_types: tool({
+      description: desc("list_identification_types"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const types = await client.listIdentificationTypes();
+        return {
+          count: types.length,
+          types: types.map((t) => ({
+            id: t.id,
+            name: t.name,
+            type: t.type,
+            min_length: t.min_length ?? null,
+            max_length: t.max_length ?? null
+          }))
+        };
+      }
+    }),
+    list_issuers: tool({
+      description: desc("list_issuers"),
+      inputSchema: z.object({
+        payment_method_id: z.string().describe("E.g. 'visa', 'master', 'naranja'"),
+        bin: z.string().min(6).max(8).optional().describe("First 6-8 digits of card for precise issuer detection")
+      }),
+      execute: async (input) => {
+        const issuers = await client.listIssuers({
+          paymentMethodId: input.payment_method_id,
+          ...input.bin !== void 0 ? { bin: input.bin } : {}
+        });
+        return {
+          payment_method_id: input.payment_method_id,
+          count: issuers.length,
+          issuers: issuers.map((i) => ({
+            issuer_id: i.id,
+            name: i.name,
+            status: i.status ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Webhooks management (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_webhooks: tool({
+      description: desc("list_webhooks"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const hooks = await client.listWebhooks();
+        return {
+          count: hooks.length,
+          webhooks: hooks.map((h) => ({
+            webhook_id: h.id,
+            url: h.url ?? null,
+            topic: h.topic ?? null,
+            status: h.status ?? null,
+            date_created: h.date_created ?? null
+          }))
+        };
+      }
+    }),
+    create_webhook: tool({
+      description: desc("create_webhook"),
+      inputSchema: z.object({
+        url: z.string().url(),
+        topic: z.string().describe("E.g. 'payment', 'subscription_authorized_payment', 'subscription_preapproval', 'merchant_order', 'point_integration_wh'")
+      }),
+      execute: async ({ url, topic }) => {
+        const hook = await client.createWebhook({ url, topic });
+        return {
+          webhook_id: hook.id,
+          url: hook.url ?? url,
+          topic: hook.topic ?? topic,
+          status: hook.status ?? null
+        };
+      }
+    }),
+    update_webhook: tool({
+      description: desc("update_webhook"),
+      inputSchema: z.object({
+        webhook_id: z.string(),
+        url: z.string().url().optional(),
+        topic: z.string().optional()
+      }),
+      execute: async (input) => {
+        const hook = await client.updateWebhook(input.webhook_id, {
+          ...input.url !== void 0 ? { url: input.url } : {},
+          ...input.topic !== void 0 ? { topic: input.topic } : {}
+        });
+        return {
+          webhook_id: hook.id,
+          url: hook.url ?? null,
+          topic: hook.topic ?? null,
+          status: hook.status ?? null
+        };
+      }
+    }),
+    delete_webhook: tool({
+      description: desc("delete_webhook"),
+      inputSchema: z.object({ webhook_id: z.string() }),
+      execute: async ({ webhook_id }) => {
+        await client.deleteWebhook(webhook_id);
+        return { webhook_id, deleted: true };
+      }
     })
   };
 }
@@ -1227,6 +2148,17 @@ z.object({
     }).passthrough()
   )
 }).passthrough();
+z.object({
+  in_store_order_id: z.string(),
+  qr_data: z.string()
+}).passthrough();
+z.object({
+  id: z.string(),
+  status: z.string().optional(),
+  date_due: z.string().optional(),
+  card_id: z.string().optional(),
+  cardholder: z.unknown().optional()
+}).passthrough();
 z.object({
   id: z.union([z.string(), z.number()]).transform(String),
   email: z.string().nullable().optional(),
@@ -1236,6 +2168,105 @@ z.object({
   user_type: z.string().nullable().optional(),
   status: z.object({ user_type: z.string().nullable().optional() }).passthrough().nullable().optional()
 }).passthrough();
+z.object({
+  id: z.string(),
+  status: z.string(),
+  reason: z.string(),
+  back_url: z.string().url().optional(),
+  external_reference: z.string().nullable().optional(),
+  date_created: z.string(),
+  last_modified: z.string(),
+  auto_recurring: AutoRecurringSchema
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  name: z.string().optional(),
+  external_id: z.string().optional(),
+  date_creation: z.string().optional(),
+  location: z.object({
+    address_line: z.string().optional(),
+    city_name: z.string().optional(),
+    state_name: z.string().optional(),
+    country_id: z.string().optional(),
+    latitude: z.number().optional(),
+    longitude: z.number().optional()
+  }).passthrough().optional()
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  name: z.string().optional(),
+  external_id: z.string().optional(),
+  store_id: z.union([z.string(), z.number()]).optional(),
+  category: z.number().int().optional(),
+  fixed_amount: z.boolean().optional(),
+  qr: z.object({
+    template_image: z.string().optional(),
+    image: z.string().optional()
+  }).passthrough().optional(),
+  date_creation: z.string().optional()
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  status: z.string(),
+  resource: z.string().optional(),
+  resource_id: z.union([z.string(), z.number()]).optional(),
+  amount: z.number().optional(),
+  date_created: z.string().optional(),
+  reason: z.string().optional(),
+  resolution: z.object({
+    reason: z.string().optional(),
+    result: z.string().optional(),
+    date: z.string().optional()
+  }).passthrough().optional(),
+  /** Documents the buyer / seller submitted as evidence. */
+  documents: z.array(z.unknown()).optional(),
+  /** Buyer's stated complaint. */
+  reason_description: z.string().optional()
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  preapproval_id: z.string().optional(),
+  status: z.string(),
+  payment_id: z.union([z.string(), z.number()]).nullable().optional(),
+  transaction_amount: z.number().optional(),
+  currency_id: z.string().optional(),
+  date_created: z.string().optional(),
+  debit_date: z.string().optional(),
+  next_retry_date: z.string().nullable().optional(),
+  retry_attempt: z.number().optional(),
+  reason: z.string().optional()
+}).passthrough();
+z.object({
+  id: z.string(),
+  name: z.string(),
+  type: z.string(),
+  min_length: z.number().optional(),
+  max_length: z.number().optional()
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  name: z.string(),
+  secure_thumbnail: z.string().nullable().optional(),
+  thumbnail: z.string().nullable().optional(),
+  processing_mode: z.string().optional(),
+  status: z.string().optional()
+}).passthrough();
+z.enum([
+  "payment",
+  "subscription_authorized_payment",
+  "subscription_preapproval",
+  "merchant_order",
+  "point_integration_wh",
+  "stop_delivery_op_wh"
+]);
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  url: z.string().url().optional(),
+  status: z.string().optional(),
+  topic: z.string().optional(),
+  date_created: z.string().optional(),
+  date_modified: z.string().optional()
+}).passthrough();
 // src/webhook.ts
 function parseWebhookEvent(body, searchParams) {
@@ -1267,6 +2298,6 @@ function verifyWebhookSignature(params) {
   return timingSafeEqual(Buffer.from(expected), Buffer.from(v1));
 }
-export { InMemoryStateAdapter, MercadoPagoAccountTypeMismatchError, MercadoPagoAuthError, MercadoPagoAuthorizeForbiddenError, MercadoPagoBackUrlInvalidError, MercadoPagoClient, MercadoPagoError, MercadoPagoPaymentRejectedError, MercadoPagoRateLimitError, MercadoPagoSelfPaymentError, classifyError, mercadoPagoTools, parseWebhookEvent, verifyWebhookSignature };
+export { InMemoryStateAdapter, MercadoPagoAccountTypeMismatchError, MercadoPagoAuthError, MercadoPagoAuthorizeForbiddenError, MercadoPagoBackUrlInvalidError, MercadoPagoClient, MercadoPagoError, MercadoPagoOverloadedError, MercadoPagoPaymentRejectedError, MercadoPagoRateLimitError, MercadoPagoSelfPaymentError, MercadoPagoTimeoutError, classifyError, mercadoPagoTools, parseWebhookEvent, verifyWebhookSignature };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map