@asgcard/pay 0.1.1

package/dist/types/adapters/stripe.d.ts

@@ -0,0 +1,206 @@
+import { PaymentAdapter } from './types';
+import { Logger } from '../logger';
+import { MppChallenge } from '../mpp';
+/**
+ * Configuration for the Stripe MPP adapter.
+ *
+ * @example
+ * ```ts
+ * const adapter = new StripePaymentAdapter({
+ *   stripeSecretKey: process.env.STRIPE_SECRET_KEY!,
+ *   networkId: 'my-business-network',
+ * });
+ * ```
+ */
+export interface StripeAdapterOptions {
+    /**
+     * Stripe secret key (sk_test_... or sk_live_...).
+     * Used to create SPTs and PaymentIntents.
+     */
+    stripeSecretKey: string;
+    /**
+     * Stripe Business Network ID.
+     * Found in Dashboard → Settings → Business profile.
+     */
+    networkId?: string;
+    /**
+     * Accepted payment method types.
+     * @default ['card']
+     */
+    paymentMethodTypes?: string[];
+    /**
+     * Default payment method ID for autonomous agents.
+     * e.g. 'pm_card_visa' for test mode.
+     * If set, the adapter can create SPTs autonomously.
+     */
+    paymentMethodId?: string;
+    /**
+     * Default currency for payments.
+     * @default 'usd'
+     */
+    currency?: string;
+    /**
+     * SPT expiration window in seconds.
+     * @default 300 (5 minutes)
+     */
+    sptExpirySeconds?: number;
+    /**
+     * Stripe API base URL.
+     * @default 'https://api.stripe.com'
+     */
+    stripeApiBase?: string;
+    /** Optional logger. SDK is silent by default. */
+    logger?: Logger;
+}
+/**
+ * Result of creating a Shared Payment Token.
+ */
+interface SptResult {
+    id: string;
+    object: string;
+    expires_at?: number;
+}
+/**
+ * Result of creating/confirming a PaymentIntent.
+ */
+interface PaymentIntentResult {
+    id: string;
+    status: string;
+    amount: number;
+    currency: string;
+    next_action?: {
+        crypto_display_details?: {
+            deposit_addresses?: Record<string, {
+                address: string;
+                supported_tokens?: Array<{
+                    token_currency: string;
+                    token_contract_address: string;
+                }>;
+            }>;
+        };
+    };
+}
+/**
+ * StripePaymentAdapter — Machine Payments Protocol (MPP) settlement.
+ *
+ * Implements the full MPP flow for Stripe:
+ * 1. Receives 402 + `WWW-Authenticate: Payment` challenge
+ * 2. Creates a Shared Payment Token (SPT) via Stripe API
+ * 3. Builds MPP Credential with SPT
+ * 4. Returns credential for `Authorization: Payment` header
+ *
+ * Works in two modes:
+ * - **Autonomous** (with paymentMethodId): Creates SPTs automatically
+ * - **Delegated** (without): Requires external SPT provisioning via `setSptToken()`
+ *
+ * @example
+ * ```ts
+ * // Autonomous mode — agent has a payment method on file
+ * const adapter = new StripePaymentAdapter({
+ *   stripeSecretKey: 'sk_test_...',
+ *   networkId: 'my-network',
+ *   paymentMethodId: 'pm_card_visa', // test card
+ * });
+ *
+ * // Delegated mode — external system provides SPTs
+ * const adapter = new StripePaymentAdapter({
+ *   stripeSecretKey: 'sk_test_...',
+ * });
+ * adapter.setSptToken('spt_...');
+ * ```
+ *
+ * @see https://mpp.dev/payment-methods/stripe — MPP Stripe method spec
+ * @see https://docs.stripe.com/agentic-commerce/concepts/shared-payment-tokens
+ */
+export declare class StripePaymentAdapter implements PaymentAdapter {
+    readonly chainName = "Stripe MPP";
+    readonly caip2Id: string;
+    private secretKey;
+    private networkId;
+    private paymentMethodTypes;
+    private paymentMethodId;
+    private currency;
+    private sptExpirySeconds;
+    private stripeApiBase;
+    private log;
+    /** Externally-provided SPT for delegated mode */
+    private externalSpt;
+    /** Last MPP challenge processed (for credential building) */
+    private lastChallenge;
+    constructor(options: StripeAdapterOptions);
+    /**
+     * Set or update an externally-provided SPT token.
+     * Used in delegated mode when an external system provides the SPT.
+     */
+    setSptToken(token: string): void;
+    /**
+     * Store a parsed MPP challenge for credential building.
+     * Called by OwsClient when a 402 with `WWW-Authenticate: Payment method="stripe"` is received.
+     */
+    setMppChallenge(challenge: MppChallenge): void;
+    /**
+     * Get the last built MPP credential (base64url-encoded).
+     * Used by OwsClient to populate the `Authorization: Payment` header.
+     */
+    getLastCredential(): string | null;
+    private _lastCredential;
+    getAddress(): string;
+    /**
+     * Execute a Stripe MPP payment.
+     *
+     * This method handles the full SPT lifecycle:
+     * 1. If an external SPT is set → use it directly
+     * 2. If paymentMethodId is set → create SPT autonomously via Stripe API
+     * 3. Build MPP Credential with the SPT
+     * 4. Return credential string (used as "tx hash" equivalent)
+     *
+     * @param destination - Recipient (Stripe account or payment endpoint)
+     * @param amount - Amount in smallest currency unit (e.g. cents)
+     * @param network - Network identifier (ignored for Stripe, kept for interface compat)
+     * @returns Base64url-encoded MPP credential string, or null on failure
+     */
+    pay(destination: string, amount: string, network: string): Promise<string | null>;
+    /**
+     * Create a Shared Payment Token (SPT) via Stripe API.
+     *
+     * Test mode: POST /v1/test_helpers/shared_payment/granted_tokens
+     * Live mode: POST /v1/shared_payment/issued_tokens (TBD by Stripe)
+     */
+    createSpt(amount: number, currency: string): Promise<SptResult | null>;
+    /**
+     * Create and confirm a PaymentIntent using an SPT.
+     * Used in fallback mode (no MPP challenge, direct Stripe API).
+     */
+    createPaymentIntent(sptId: string, amount: number, currency: string): Promise<PaymentIntentResult | null>;
+    /**
+     * Create a crypto deposit-mode PaymentIntent.
+     * This is the verified-working flow for MPP on Stripe.
+     * Uses Tempo network + USDC stablecoins.
+     *
+     * @param amount - Amount in cents (e.g. 100 = $1.00)
+     * @param currency - Currency code (default: 'usd')
+     * @returns PaymentIntentResult with deposit address, or null on failure
+     *
+     * @example
+     * ```ts
+     * const pi = await adapter.createCryptoPaymentIntent(100, 'usd');
+     * // pi.next_action.crypto_display_details.deposit_addresses.tempo.address
+     * ```
+     */
+    createCryptoPaymentIntent(amount: number, currency?: string): Promise<PaymentIntentResult | null>;
+    /**
+     * Build and return a fully-formed MPP Challenge for server-side use.
+     * Useful if you want to GATE your own API with MPP 402.
+     *
+     * @param amount - Amount to charge (in smallest unit)
+     * @param options - Challenge options
+     * @returns WWW-Authenticate header value
+     */
+    buildServerChallenge(amount: string, options?: {
+        currency?: string;
+        description?: string;
+        expiresInSeconds?: number;
+    }): string;
+}
+export {};
+//# sourceMappingURL=stripe.d.ts.map

package/dist/types/adapters/stripe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripe.d.ts","sourceRoot":"","sources":["../../../src/adapters/stripe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,MAAM,EAAc,MAAM,WAAW,CAAC;AAC/C,OAAO,EACL,YAAY,EAMb,MAAM,QAAQ,CAAC;AAIhB;;;;;;;;;;GAUG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE9B;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,iDAAiD;IACjD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,UAAU,SAAS;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,UAAU,mBAAmB;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE;QACZ,sBAAsB,CAAC,EAAE;YACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;gBACjC,OAAO,EAAE,MAAM,CAAC;gBAChB,gBAAgB,CAAC,EAAE,KAAK,CAAC;oBACvB,cAAc,EAAE,MAAM,CAAC;oBACvB,sBAAsB,EAAE,MAAM,CAAC;iBAChC,CAAC,CAAC;aACJ,CAAC,CAAC;SACJ,CAAC;KACH,CAAC;CACH;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,qBAAa,oBAAqB,YAAW,cAAc;IACzD,SAAgB,SAAS,gBAAgB;IACzC,SAAgB,OAAO,EAAE,MAAM,CAAC;IAEhC,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,kBAAkB,CAAW;IACrC,OAAO,CAAC,eAAe,CAAgB;IACvC,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,GAAG,CAAS;IAEpB,iDAAiD;IACjD,OAAO,CAAC,WAAW,CAAuB;IAE1C,6DAA6D;IAC7D,OAAO,CAAC,aAAa,CAA6B;gBAEtC,OAAO,EAAE,oBAAoB;IAuBzC;;;OAGG;IACH,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAKhC;;;OAGG;IACH,eAAe,CAAC,SAAS,EAAE,YAAY,GAAG,IAAI;IAK9C;;;OAGG;IACH,iBAAiB,IAAI,MAAM,GAAG,IAAI;IAGlC,OAAO,CAAC,eAAe,CAAuB;IAE9C,UAAU,IAAI,MAAM;IAMpB;;;;;;;;;;;;;OAaG;IACG,GAAG,CACP,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkEzB;;;;;OAKG;IACG,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAsC5E;;;OAGG;IACG,mBAAmB,CACvB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAkCtC;;;;;;;;;;;;;;OAcG;IACG,yBAAyB,CAC7B,MAAM,EAAE,MAAM,EACd,QAAQ,GAAE,MAAc,GACvB,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IA6CtC;;;;;;;OAOG;IACH,oBAAoB,CAClB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE;QACP,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,gBAAgB,CAAC,EAAE,MAAM,CAAC;KACtB,GACL,MAAM;CAwBV"}

package/dist/types/adapters/types.d.ts

@@ -0,0 +1,35 @@
+/**
+ * PaymentAdapter — generic interface for on-chain settlement.
+ *
+ * Adapters implement this interface to provide settlement on different
+ * chains (Base, Stellar, Arbitrum, Solana, etc.) while the OwsClient
+ * remains chain-agnostic.
+ *
+ * @see OWS §07 — Supported Chains (CAIP-2 identifiers)
+ */
+export interface PaymentAdapter {
+    /**
+     * Execute an on-chain payment.
+     * @param destination - Recipient address (chain-native format)
+     * @param amount      - Amount in atomic units (wei, stroops, lamports)
+     * @param network     - Network identifier ('mainnet' | 'testnet' | CAIP-2 ID)
+     * @returns Transaction hash on success, null on failure
+     */
+    pay(destination: string, amount: string, network: string): Promise<string | null>;
+    /**
+     * Get the public address of this adapter's signing account.
+     */
+    getAddress(): string;
+    /**
+     * Human-readable chain name for logging.
+     */
+    readonly chainName: string;
+    /**
+     * CAIP-2 chain identifier.
+     * @example "eip155:8453" (Base Mainnet)
+     * @example "eip155:84532" (Base Sepolia)
+     * @example "stellar:pubnet"
+     */
+    readonly caip2Id: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types/adapters/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/adapters/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;OAMG;IACH,GAAG,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAElF;;OAEG;IACH,UAAU,IAAI,MAAM,CAAC;IAErB;;OAEG;IACH,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAE3B;;;;;OAKG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B"}

package/dist/types/client.d.ts

@@ -0,0 +1,89 @@
+import { AxiosInstance } from 'axios';
+import { PaymentAdapter } from './adapters/types';
+import { BudgetPolicy, PolicyEngine } from './policy';
+import { Logger } from './logger';
+export interface OWSClientOptions {
+    /** Base URL of the API that returns 402 challenges. */
+    baseURL: string;
+    /** Budget policy for the agent. */
+    policy: BudgetPolicy;
+    /** Any chain adapter implementing PaymentAdapter (EVM, Stellar, Stripe, etc.) */
+    adapter: PaymentAdapter;
+    /**
+     * Optional logger function. If omitted, SDK is silent.
+     * Pass `console.log` for verbose output.
+     *
+     * @example
+     * ```ts
+     * const client = new OwsClient({
+     *   baseURL: 'https://api.example.com',
+     *   policy: { monthlyBudget: 10, maxAmountPerTransaction: 1 },
+     *   adapter: new EvmPaymentAdapter({ chain: 'base' }),
+     *   logger: console.log,
+     * });
+     * ```
+     */
+    logger?: Logger;
+}
+/**
+ * OwsClient — Dual-protocol autonomous HTTP client for AI agents.
+ *
+ * Supports BOTH payment protocols:
+ * - **x402** (Coinbase/Cloudflare): JSON body challenges + X-PAYMENT header
+ * - **MPP** (Stripe/Tempo): WWW-Authenticate challenges + Authorization: Payment header
+ *
+ * Wraps Axios with an interceptor that automatically detects the protocol,
+ * validates spend against PolicyEngine, settles via pluggable adapter,
+ * and retries — all without human interaction.
+ *
+ * @see https://openwallet.sh — Open Wallet Standard specification
+ * @see https://x402.org — x402 payment protocol
+ * @see https://mpp.dev — Machine Payments Protocol
+ * @see https://pay.asgcard.dev — Production ASG Pay infrastructure
+ */
+export declare class OwsClient {
+    readonly api: AxiosInstance;
+    readonly policyEngine: PolicyEngine;
+    private adapter;
+    private log;
+    constructor(options: OWSClientOptions);
+    /**
+     * Handle a 402 Payment Required challenge.
+     * Auto-detects protocol (MPP vs x402) and routes accordingly.
+     */
+    private handle402;
+    /**
+     * Handle an MPP 402: parse WWW-Authenticate, create credential, retry.
+     */
+    private handleMpp402;
+    /**
+     * Handle an x402 402: parse JSON body, settle on-chain, retry with X-PAYMENT.
+     */
+    private handleX402;
+    /**
+     * Select the best challenge when multiple are offered.
+     * Prefers the method matching the current adapter.
+     */
+    private selectChallenge;
+    /**
+     * Extract USD amount from MPP request object.
+     */
+    private extractMppUsdAmount;
+    /**
+     * Extract USD amount from x402 challenge.
+     * Priority: resource.usdAmount → accepts[].maxAmountRequired → heuristic from description.
+     */
+    private extractUsdAmount;
+    private isStripeAdapter;
+    /**
+     * High-level helper for AI agents.
+     * The agent simply calls performTask() — the interceptor handles
+     * everything else (payment, policy, retry) transparently.
+     */
+    performTask(endpoint: string, data?: any): Promise<any>;
+    /**
+     * GET request with autonomous 402 handling.
+     */
+    get(endpoint: string): Promise<any>;
+}
+//# sourceMappingURL=client.d.ts.map

package/dist/types/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAc,EAAE,aAAa,EAA6B,MAAM,OAAO,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,MAAM,EAAc,MAAM,UAAU,CAAC;AAU9C,MAAM,WAAW,gBAAgB;IAC/B,uDAAuD;IACvD,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,MAAM,EAAE,YAAY,CAAC;IACrB,iFAAiF;IACjF,OAAO,EAAE,cAAc,CAAC;IACxB;;;;;;;;;;;;;OAaG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAuBD;;;;;;;;;;;;;;;GAeG;AACH,qBAAa,SAAS;IACpB,SAAgB,GAAG,EAAE,aAAa,CAAC;IACnC,SAAgB,YAAY,EAAE,YAAY,CAAC;IAC3C,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,GAAG,CAAS;gBAER,OAAO,EAAE,gBAAgB;IAqBrC;;;OAGG;YACW,SAAS;IAsBvB;;OAEG;YACW,YAAY;IAuG1B;;OAEG;YACW,UAAU;IA8ExB;;;OAGG;IACH,OAAO,CAAC,eAAe;IAavB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAW3B;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IA6BxB,OAAO,CAAC,eAAe;IAMvB;;;;OAIG;IACG,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;IAO7D;;OAEG;IACG,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAI1C"}

package/dist/types/index.d.ts

@@ -0,0 +1,15 @@
+export { OwsClient, OWSClientOptions } from './client';
+export { PolicyEngine, BudgetPolicy } from './policy';
+export type { Logger } from './logger';
+export { parseMppChallenge, parseMppChallenges, decodeChallengeRequest, buildMppCredential, buildAuthorizationHeader, parseMppReceipt, detectProtocol, extractMppChallenges, base64urlEncode, base64urlDecode, } from './mpp';
+export type { MppChallenge, MppCredential, MppRequestObject, MppStripePayload, MppTempoPayload, MppReceipt, MppMethod, MppIntent, } from './mpp';
+export { EvmPaymentAdapter, listEvmChains } from './adapters/evm';
+export type { EvmAdapterOptions, EvmChainName } from './adapters/evm';
+export { StripePaymentAdapter } from './adapters/stripe';
+export type { StripeAdapterOptions } from './adapters/stripe';
+export { StellarPaymentAdapter } from './adapters/stellar';
+export type { StellarPaymentAdapterOptions } from './adapters/stellar';
+export { BasePaymentAdapter } from './adapters/base';
+export type { BaseAdapterOptions } from './adapters/base';
+export type { PaymentAdapter } from './adapters/types';
+//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACtD,YAAY,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAGvC,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,eAAe,GAChB,MAAM,OAAO,CAAC;AACf,YAAY,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,UAAU,EACV,SAAS,EACT,SAAS,GACV,MAAM,OAAO,CAAC;AAGf,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAClE,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAGtE,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AACzD,YAAY,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAG9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,YAAY,EAAE,4BAA4B,EAAE,MAAM,oBAAoB,CAAC;AAGvE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAG1D,YAAY,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/types/logger.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Logger type for @asgcard/pay SDK.
+ *
+ * Pass `console.log` for verbose output, or provide a custom logger.
+ * If omitted, the SDK is silent — no stdout pollution.
+ */
+export type Logger = (message: string, ...args: any[]) => void;
+/** No-op logger — used when no logger is provided. */
+export declare const noopLogger: Logger;
+//# sourceMappingURL=logger.d.ts.map

package/dist/types/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/logger.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAC;AAE/D,sDAAsD;AACtD,eAAO,MAAM,UAAU,EAAE,MAAiB,CAAC"}

package/dist/types/mpp.d.ts

@@ -0,0 +1,153 @@
+/**
+ * MPP — Machine Payments Protocol utilities.
+ *
+ * Handles parsing/building of MPP-standard headers:
+ *   - WWW-Authenticate: Payment (Challenge)
+ *   - Authorization: Payment (Credential)
+ *   - Payment-Receipt (Receipt)
+ *
+ * @see https://mpp.dev/protocol/challenges
+ * @see https://mpp.dev/protocol/credentials
+ * @see https://mpp.dev/protocol/receipts
+ * @see https://paymentauth.org — IETF specification
+ */
+/** Supported MPP payment methods */
+export type MppMethod = 'stripe' | 'tempo' | 'card' | 'lightning' | 'solana' | 'stellar' | string;
+/** Payment intent types */
+export type MppIntent = 'charge' | 'session';
+/**
+ * Parsed MPP Challenge from `WWW-Authenticate: Payment` header.
+ */
+export interface MppChallenge {
+    /** Unique challenge ID (cryptographically bound to parameters) */
+    id: string;
+    /** Server realm (e.g. "mpp.dev", "pay.asgcard.dev") */
+    realm: string;
+    /** Payment method identifier */
+    method: MppMethod;
+    /** Payment intent type */
+    intent: MppIntent;
+    /** Base64url-encoded JSON with method-specific payment details */
+    request: string;
+    /** ISO 8601 expiration timestamp (optional) */
+    expires?: string;
+    /** Human-readable description (optional) */
+    description?: string;
+}
+/**
+ * Decoded request object from Challenge.
+ */
+export interface MppRequestObject {
+    /** Amount in smallest currency unit (string for precision) */
+    amount: string;
+    /** Currency code (e.g. "usd") or token address */
+    currency: string;
+    /** Recipient address or Stripe account */
+    recipient?: string;
+    /** Decimal places for the currency */
+    decimals?: number;
+    /** Human-readable description */
+    description?: string;
+    /** External reference ID */
+    externalId?: string;
+    /** Method-specific details */
+    methodDetails?: {
+        networkId?: string;
+        paymentMethodTypes?: string[];
+        metadata?: Record<string, string>;
+        [key: string]: unknown;
+    };
+}
+/**
+ * MPP Credential — sent in `Authorization: Payment` header.
+ */
+export interface MppCredential {
+    /** Echo of the original challenge */
+    challenge: MppChallenge;
+    /** DID or identifier of the paying entity */
+    source: string;
+    /** Method-specific payload */
+    payload: MppStripePayload | MppTempoPayload | Record<string, unknown>;
+}
+/** Stripe-specific credential payload */
+export interface MppStripePayload {
+    /** Shared Payment Token ID */
+    spt: string;
+    /** Optional external reference ID */
+    externalId?: string;
+}
+/** Tempo-specific credential payload */
+export interface MppTempoPayload {
+    type: 'transaction' | 'hash' | 'proof';
+    signature?: string;
+    hash?: string;
+}
+/**
+ * MPP Receipt — returned in `Payment-Receipt` header.
+ */
+export interface MppReceipt {
+    /** Receipt data (base64url-decoded JSON) */
+    [key: string]: unknown;
+}
+/**
+ * Encode string to base64url (RFC 4648 §5).
+ * No padding, URL-safe alphabet.
+ */
+export declare function base64urlEncode(str: string): string;
+/**
+ * Decode base64url string.
+ */
+export declare function base64urlDecode(str: string): string;
+/**
+ * Parse a `WWW-Authenticate: Payment` header value into an MppChallenge.
+ *
+ * Format:
+ * ```
+ * Payment id="abc", realm="mpp.dev", method="stripe", intent="charge",
+ *   expires="2025-01-15T12:05:00Z", request="eyJhbW91bnQ..."
+ * ```
+ *
+ * @param header — Raw header value (with or without "Payment " prefix)
+ * @returns Parsed challenge object
+ * @throws Error if required fields are missing
+ */
+export declare function parseMppChallenge(header: string): MppChallenge;
+/**
+ * Parse multiple `WWW-Authenticate: Payment` headers.
+ * Servers can offer multiple payment options.
+ */
+export declare function parseMppChallenges(headers: string[]): MppChallenge[];
+/**
+ * Decode the `request` field of a Challenge into a structured object.
+ */
+export declare function decodeChallengeRequest(challenge: MppChallenge): MppRequestObject;
+/**
+ * Build an MPP Credential for the `Authorization: Payment` header.
+ *
+ * @param challenge — The challenge being responded to
+ * @param source — DID or identifier of the payer
+ * @param payload — Method-specific proof (SPT for Stripe, tx for Tempo)
+ * @returns Base64url-encoded credential string
+ */
+export declare function buildMppCredential(challenge: MppChallenge, source: string, payload: MppCredential['payload']): string;
+/**
+ * Build the full `Authorization` header value.
+ */
+export declare function buildAuthorizationHeader(challenge: MppChallenge, source: string, payload: MppCredential['payload']): string;
+/**
+ * Parse a `Payment-Receipt` header.
+ */
+export declare function parseMppReceipt(header: string): MppReceipt;
+/**
+ * Detect whether a 402 response uses MPP or x402 protocol.
+ *
+ * MPP: has `WWW-Authenticate: Payment` header
+ * x402: has JSON body with `x402Version` and `accepts[]`
+ */
+export declare function detectProtocol(headers: Record<string, string | string[] | undefined>, body?: unknown): 'mpp' | 'x402' | 'unknown';
+/**
+ * Extract all MPP challenges from response headers.
+ * Handles both single and multiple WWW-Authenticate headers.
+ */
+export declare function extractMppChallenges(headers: Record<string, string | string[] | undefined>): MppChallenge[];
+//# sourceMappingURL=mpp.d.ts.map

package/dist/types/mpp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mpp.d.ts","sourceRoot":"","sources":["../../src/mpp.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAIH,oCAAoC;AACpC,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,WAAW,GAAG,QAAQ,GAAG,SAAS,GAAG,MAAM,CAAC;AAElG,2BAA2B;AAC3B,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,SAAS,CAAC;AAE7C;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,kEAAkE;IAClE,EAAE,EAAE,MAAM,CAAC;IACX,uDAAuD;IACvD,KAAK,EAAE,MAAM,CAAC;IACd,gCAAgC;IAChC,MAAM,EAAE,SAAS,CAAC;IAClB,0BAA0B;IAC1B,MAAM,EAAE,SAAS,CAAC;IAClB,kEAAkE;IAClE,OAAO,EAAE,MAAM,CAAC;IAChB,+CAA+C;IAC/C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8DAA8D;IAC9D,MAAM,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,4BAA4B;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,aAAa,CAAC,EAAE;QACd,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAClC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,qCAAqC;IACrC,SAAS,EAAE,YAAY,CAAC;IACxB,6CAA6C;IAC7C,MAAM,EAAE,MAAM,CAAC;IACf,8BAA8B;IAC9B,OAAO,EAAE,gBAAgB,GAAG,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACvE;AAED,yCAAyC;AACzC,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wCAAwC;AACxC,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,aAAa,GAAG,MAAM,GAAG,OAAO,CAAC;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,4CAA4C;IAC5C,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID;;;GAGG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAGnD;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAMnD;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CA2B9D;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,YAAY,EAAE,CAEpE;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,SAAS,EAAE,YAAY,GAAG,gBAAgB,CAGhF;AAID;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,YAAY,EACvB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,aAAa,CAAC,SAAS,CAAC,GAChC,MAAM,CAOR;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CACtC,SAAS,EAAE,YAAY,EACvB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,aAAa,CAAC,SAAS,CAAC,GAChC,MAAM,CAER;AAID;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAO1D;AAID;;;;;GAKG;AACH,wBAAgB,cAAc,CAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,EACtD,IAAI,CAAC,EAAE,OAAO,GACb,KAAK,GAAG,MAAM,GAAG,SAAS,CAgB5B;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GACrD,YAAY,EAAE,CAQhB"}

package/dist/types/policy.d.ts

@@ -0,0 +1,40 @@
+/**
+ * PolicyEngine — On-device budget controller for autonomous AI agents.
+ *
+ * Enforces per-transaction caps, monthly rolling budgets, and optional
+ * destination whitelists so that an agent can never overspend without
+ * explicit human approval.
+ *
+ * Fail-closed: if any check fails, the payment is rejected.
+ */
+import { Logger } from './logger';
+export interface BudgetPolicy {
+    /** Maximum USD amount the agent may spend in a single transaction. */
+    maxAmountPerTransaction: number;
+    /** Maximum USD the agent may spend within a calendar month. */
+    monthlyBudget: number;
+    /** Optional whitelist of addresses the agent is allowed to pay. */
+    allowedDestinations?: string[];
+}
+export declare class PolicyEngine {
+    private policy;
+    private currentMonthSpent;
+    private log;
+    constructor(policy: BudgetPolicy, logger?: Logger);
+    /**
+     * Returns `true` if the proposed spend passes every policy gate.
+     * Fail-closed: any unrecognised state returns `false`.
+     */
+    checkPolicy(amountUsd: number, destination?: string): boolean;
+    /** Record a successful spend against the rolling budget. */
+    recordSpend(amountUsd: number): void;
+    /** Get total USD spent in the current period. */
+    getSpent(): number;
+    /** Get remaining USD budget. */
+    getRemainingBudget(): number;
+    /** Reset the spend counter (e.g. on month rollover or for testing). */
+    resetBudget(): void;
+    /** Get a snapshot of the current policy configuration. */
+    getPolicy(): Readonly<BudgetPolicy>;
+}
+//# sourceMappingURL=policy.d.ts.map

package/dist/types/policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,MAAM,EAAc,MAAM,UAAU,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,sEAAsE;IACtE,uBAAuB,EAAE,MAAM,CAAC;IAChC,+DAA+D;IAC/D,aAAa,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC;AAED,qBAAa,YAAY;IAKrB,OAAO,CAAC,MAAM;IAJhB,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,GAAG,CAAS;gBAGV,MAAM,EAAE,YAAY,EAC5B,MAAM,CAAC,EAAE,MAAM;IAKjB;;;OAGG;IACI,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO;IAiCpE,4DAA4D;IACrD,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAO3C,iDAAiD;IAC1C,QAAQ,IAAI,MAAM;IAIzB,gCAAgC;IACzB,kBAAkB,IAAI,MAAM;IAInC,uEAAuE;IAChE,WAAW,IAAI,IAAI;IAI1B,0DAA0D;IACnD,SAAS,IAAI,QAAQ,CAAC,YAAY,CAAC;CAG3C"}

package/dist/types/stellar.d.ts

@@ -0,0 +1,27 @@
+export interface StellarPaymentAdapterOptions {
+    /** Stellar secret key for the agent's wallet. */
+    secretKey: string;
+    /** Override the network passphrase (default: Testnet). */
+    networkPassphrase?: string;
+    /** Override the Horizon URL (default: Testnet Horizon). */
+    horizonUrl?: string;
+}
+/**
+ * StellarPaymentAdapter — Executes on-chain Stellar payments.
+ *
+ * In the production ASG Pay stack the adapter targets USDC on Stellar
+ * mainnet (see https://pay.asgcard.dev). For hackathon purposes it
+ * defaults to Stellar Testnet with native XLM.
+ */
+export declare class StellarPaymentAdapter {
+    private keypair;
+    private server;
+    private networkPassphrase;
+    constructor(options: StellarPaymentAdapterOptions);
+    /**
+     * Send `amount` (in stroops) of native XLM to `destination`.
+     * Returns the transaction hash on success, or `null` on failure.
+     */
+    pay(destination: string, amount: string, network: string): Promise<string | null>;
+}
+//# sourceMappingURL=stellar.d.ts.map

package/dist/types/stellar.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stellar.d.ts","sourceRoot":"","sources":["../../src/stellar.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,4BAA4B;IAC3C,iDAAiD;IACjD,SAAS,EAAE,MAAM,CAAC;IAClB,0DAA0D;IAC1D,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,2DAA2D;IAC3D,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;GAMG;AACH,qBAAa,qBAAqB;IAChC,OAAO,CAAC,OAAO,CAAqB;IACpC,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,iBAAiB,CAAS;gBAEtB,OAAO,EAAE,4BAA4B;IASjD;;;OAGG;IACU,GAAG,CACd,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAuC1B"}