npm - @axonfi/sdk - Versions diffs - 0.3.7 → 0.4.1 - Mend

@axonfi/sdk 0.3.7 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.js CHANGED Viewed

@@ -3030,14 +3030,371 @@ function generateUuid() {
   const hex = Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
   return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
 }
+// src/x402.ts
+function parsePaymentRequired(headerValue) {
+  let decoded;
+  try {
+    decoded = atob(headerValue);
+  } catch {
+    decoded = headerValue;
+  }
+  const parsed = JSON.parse(decoded);
+  if (!parsed.accepts || !Array.isArray(parsed.accepts) || parsed.accepts.length === 0) {
+    throw new Error("x402: no payment options in PAYMENT-REQUIRED header");
+  }
+  if (!parsed.resource) {
+    throw new Error("x402: missing resource in PAYMENT-REQUIRED header");
+  }
+  return parsed;
+}
+function parseChainId(network) {
+  const parts = network.split(":");
+  if (parts.length !== 2 || parts[0] !== "eip155") {
+    throw new Error(`x402: unsupported network format "${network}" (expected "eip155:<chainId>")`);
+  }
+  const chainId = parseInt(parts[1], 10);
+  if (isNaN(chainId)) {
+    throw new Error(`x402: invalid chain ID in network "${network}"`);
+  }
+  return chainId;
+}
+function findMatchingOption(accepts, chainId) {
+  const matchingOptions = [];
+  for (const option of accepts) {
+    try {
+      const optionChainId = parseChainId(option.network);
+      if (optionChainId === chainId) {
+        matchingOptions.push(option);
+      }
+    } catch {
+      continue;
+    }
+  }
+  if (matchingOptions.length === 0) return null;
+  const usdcAddress = USDC[chainId]?.toLowerCase();
+  if (usdcAddress) {
+    const usdcOption = matchingOptions.find((opt) => opt.asset.toLowerCase() === usdcAddress);
+    if (usdcOption) return usdcOption;
+  }
+  return matchingOptions[0] ?? null;
+}
+function extractX402Metadata(parsed, selectedOption) {
+  const metadata = {};
+  if (parsed.x402Version !== void 0) {
+    metadata.x402_version = String(parsed.x402Version);
+  }
+  if (selectedOption.scheme) {
+    metadata.x402_scheme = selectedOption.scheme;
+  }
+  if (parsed.resource.mimeType) {
+    metadata.x402_mime_type = parsed.resource.mimeType;
+  }
+  if (selectedOption.payTo) {
+    metadata.x402_merchant = selectedOption.payTo;
+  }
+  if (parsed.resource.description) {
+    metadata.x402_resource_description = parsed.resource.description;
+  }
+  return {
+    resourceUrl: parsed.resource.url,
+    memo: parsed.resource.description ?? null,
+    recipientLabel: selectedOption.payTo ? `${selectedOption.payTo.slice(0, 6)}...${selectedOption.payTo.slice(-4)}` : null,
+    metadata
+  };
+}
+function formatPaymentSignature(payload) {
+  const json = JSON.stringify(payload);
+  return btoa(json);
+}
+var USDC_EIP712_DOMAIN = {
+  // Base mainnet
+  8453: { name: "USD Coin", version: "2" },
+  // Base Sepolia
+  84532: { name: "USDC", version: "2" },
+  // Arbitrum One
+  42161: { name: "USD Coin", version: "2" },
+  // Arbitrum Sepolia (same as mainnet convention)
+  421614: { name: "USDC", version: "2" }
+};
+var TRANSFER_WITH_AUTHORIZATION_TYPES = {
+  TransferWithAuthorization: [
+    { name: "from", type: "address" },
+    { name: "to", type: "address" },
+    { name: "value", type: "uint256" },
+    { name: "validAfter", type: "uint256" },
+    { name: "validBefore", type: "uint256" },
+    { name: "nonce", type: "bytes32" }
+  ]
+};
+function randomNonce() {
+  const bytes = new Uint8Array(32);
+  crypto.getRandomValues(bytes);
+  return `0x${Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+}
+async function signTransferWithAuthorization(privateKey, chainId, auth) {
+  const domainConfig = USDC_EIP712_DOMAIN[chainId];
+  if (!domainConfig) {
+    throw new Error(`EIP-3009 not configured for chain ${chainId}`);
+  }
+  const usdcAddress = USDC[chainId];
+  if (!usdcAddress) {
+    throw new Error(`USDC address not known for chain ${chainId}`);
+  }
+  const account = privateKeyToAccount(privateKey);
+  return account.signTypedData({
+    domain: {
+      name: domainConfig.name,
+      version: domainConfig.version,
+      chainId,
+      verifyingContract: usdcAddress
+    },
+    types: TRANSFER_WITH_AUTHORIZATION_TYPES,
+    primaryType: "TransferWithAuthorization",
+    message: {
+      from: auth.from,
+      to: auth.to,
+      value: auth.value,
+      validAfter: auth.validAfter,
+      validBefore: auth.validBefore,
+      nonce: auth.nonce
+    }
+  });
+}
+var PERMIT2_ADDRESS = "0x000000000022D473030F116dDEE9F6B43aC78BA3";
+var X402_PROXY_ADDRESS = "0x4020CD856C882D5fb903D99CE35316A085Bb0001";
+var WITNESS_TYPE_STRING = "TransferDetails witness)TokenPermissions(address token,uint256 amount)TransferDetails(address to,uint256 requestedAmount)";
+var PERMIT_WITNESS_TRANSFER_FROM_TYPES = {
+  PermitWitnessTransferFrom: [
+    { name: "permitted", type: "TokenPermissions" },
+    { name: "spender", type: "address" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" },
+    { name: "witness", type: "TransferDetails" }
+  ],
+  TokenPermissions: [
+    { name: "token", type: "address" },
+    { name: "amount", type: "uint256" }
+  ],
+  TransferDetails: [
+    { name: "to", type: "address" },
+    { name: "requestedAmount", type: "uint256" }
+  ]
+};
+function randomPermit2Nonce() {
+  const bytes = new Uint8Array(32);
+  crypto.getRandomValues(bytes);
+  let n = 0n;
+  for (const b of bytes) {
+    n = n << 8n | BigInt(b);
+  }
+  return n;
+}
+async function signPermit2WitnessTransfer(privateKey, chainId, permit) {
+  const account = privateKeyToAccount(privateKey);
+  return account.signTypedData({
+    domain: {
+      name: "Permit2",
+      chainId,
+      verifyingContract: PERMIT2_ADDRESS
+    },
+    types: PERMIT_WITNESS_TRANSFER_FROM_TYPES,
+    primaryType: "PermitWitnessTransferFrom",
+    message: {
+      permitted: {
+        token: permit.token,
+        amount: permit.amount
+      },
+      spender: permit.spender,
+      nonce: permit.nonce,
+      deadline: permit.deadline,
+      witness: {
+        to: permit.witnessTo,
+        requestedAmount: permit.witnessRequestedAmount
+      }
+    }
+  });
+}
+// src/client.ts
 var AxonClient = class {
   constructor(config) {
+    // ============================================================================
+    // x402 — HTTP 402 Payment Required
+    // ============================================================================
+    /**
+     * x402 utilities for handling HTTP 402 Payment Required responses.
+     *
+     * The x402 flow:
+     * 1. Bot hits an API that returns HTTP 402 + PAYMENT-REQUIRED header
+     * 2. SDK parses the header, finds a matching payment option
+     * 3. SDK funds the bot's EOA from the vault (full Axon pipeline applies)
+     * 4. Bot signs an EIP-3009 or Permit2 authorization
+     * 5. SDK returns a PAYMENT-SIGNATURE header for the bot to retry with
+     *
+     * @example
+     * ```ts
+     * const response = await fetch('https://api.example.com/data');
+     * if (response.status === 402) {
+     *   const result = await client.x402.handlePaymentRequired(response.headers);
+     *   const data = await fetch('https://api.example.com/data', {
+     *     headers: { 'PAYMENT-SIGNATURE': result.paymentSignature },
+     *   });
+     * }
+     * ```
+     */
+    this.x402 = {
+      /**
+       * Fund the bot's EOA from the vault for x402 settlement.
+       *
+       * This is a regular Axon payment (to = bot's own address) that goes through
+       * the full pipeline: policy engine, AI scan, human review if needed.
+       *
+       * @param amount - Amount in token base units
+       * @param token - Token address (defaults to USDC on this chain)
+       * @param metadata - Optional metadata for the payment record
+       */
+      fund: async (amount, token, metadata) => {
+        const tokenAddress = token ?? USDC[this.chainId];
+        if (!tokenAddress) {
+          throw new Error(`No default USDC address for chain ${this.chainId}`);
+        }
+        return this.pay({
+          to: this.botAddress,
+          token: tokenAddress,
+          amount,
+          x402Funding: true,
+          ...metadata
+        });
+      },
+      /**
+       * Handle a full x402 flow: parse header, fund bot, sign authorization, return header.
+       *
+       * Supports both EIP-3009 (USDC) and Permit2 (any ERC-20) settlement.
+       * The bot's EOA is funded from the vault first (full Axon pipeline applies).
+       *
+       * @param headers - Response headers from the 402 response (must contain PAYMENT-REQUIRED)
+       * @param maxTimeoutMs - Maximum time to wait for pending_review resolution (default: 120s)
+       * @param pollIntervalMs - Polling interval for pending_review (default: 5s)
+       * @returns Payment signature header value + funding details
+       */
+      handlePaymentRequired: async (headers, maxTimeoutMs = 12e4, pollIntervalMs = 5e3) => {
+        const headerValue = headers instanceof Headers ? headers.get("payment-required") ?? headers.get("PAYMENT-REQUIRED") : headers["payment-required"] ?? headers["PAYMENT-REQUIRED"];
+        if (!headerValue) {
+          throw new Error("x402: no PAYMENT-REQUIRED header found");
+        }
+        const parsed = parsePaymentRequired(headerValue);
+        const option = findMatchingOption(parsed.accepts, this.chainId);
+        if (!option) {
+          throw new Error(
+            `x402: no payment option matches chain ${this.chainId}. Available: ${parsed.accepts.map((a) => a.network).join(", ")}`
+          );
+        }
+        const x402Meta = extractX402Metadata(parsed, option);
+        const amount = BigInt(option.amount);
+        const tokenAddress = option.asset;
+        const payInput = {
+          to: this.botAddress,
+          token: tokenAddress,
+          amount,
+          x402Funding: true,
+          resourceUrl: x402Meta.resourceUrl,
+          metadata: x402Meta.metadata
+        };
+        if (x402Meta.memo) payInput.memo = x402Meta.memo;
+        if (x402Meta.recipientLabel) payInput.recipientLabel = x402Meta.recipientLabel;
+        let fundingResult = await this.pay(payInput);
+        if (fundingResult.status === "pending_review") {
+          const deadline = Date.now() + maxTimeoutMs;
+          while (fundingResult.status === "pending_review" && Date.now() < deadline) {
+            await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));
+            fundingResult = await this.poll(fundingResult.requestId);
+          }
+          if (fundingResult.status === "pending_review") {
+            throw new Error(`x402: funding timed out after ${maxTimeoutMs}ms (still pending_review)`);
+          }
+        }
+        if (fundingResult.status === "rejected") {
+          throw new Error(`x402: funding rejected \u2014 ${fundingResult.reason ?? "unknown reason"}`);
+        }
+        const botPrivateKey = this.botPrivateKey;
+        const payTo = option.payTo;
+        const usdcAddress = USDC[this.chainId]?.toLowerCase();
+        const isUsdc = tokenAddress.toLowerCase() === usdcAddress;
+        let signaturePayload;
+        if (isUsdc && USDC_EIP712_DOMAIN[this.chainId]) {
+          const nonce = randomNonce();
+          const validAfter = 0n;
+          const validBefore = BigInt(Math.floor(Date.now() / 1e3) + 300);
+          const sig = await signTransferWithAuthorization(botPrivateKey, this.chainId, {
+            from: this.botAddress,
+            to: payTo,
+            value: amount,
+            validAfter,
+            validBefore,
+            nonce
+          });
+          signaturePayload = {
+            scheme: "exact",
+            signature: sig,
+            authorization: {
+              from: this.botAddress,
+              to: payTo,
+              value: amount.toString(),
+              validAfter: validAfter.toString(),
+              validBefore: validBefore.toString(),
+              nonce
+            }
+          };
+        } else {
+          const nonce = randomPermit2Nonce();
+          const deadline = BigInt(Math.floor(Date.now() / 1e3) + 300);
+          const sig = await signPermit2WitnessTransfer(botPrivateKey, this.chainId, {
+            token: tokenAddress,
+            amount,
+            spender: X402_PROXY_ADDRESS,
+            nonce,
+            deadline,
+            witnessTo: payTo,
+            witnessRequestedAmount: amount
+          });
+          signaturePayload = {
+            scheme: "permit2",
+            signature: sig,
+            permit: {
+              permitted: { token: tokenAddress, amount: amount.toString() },
+              spender: X402_PROXY_ADDRESS,
+              nonce: nonce.toString(),
+              deadline: deadline.toString()
+            },
+            witness: {
+              to: payTo,
+              requestedAmount: amount.toString()
+            }
+          };
+        }
+        const paymentSignature = formatPaymentSignature(signaturePayload);
+        const handleResult = {
+          paymentSignature,
+          selectedOption: option,
+          fundingResult: {
+            requestId: fundingResult.requestId,
+            status: fundingResult.status
+          }
+        };
+        if (fundingResult.txHash) {
+          handleResult.fundingResult.txHash = fundingResult.txHash;
+        }
+        return handleResult;
+      }
+    };
     this.vaultAddress = config.vaultAddress;
     this.chainId = config.chainId;
-    this.relayerUrl = "https://relay.axonfi.xyz";
+    this.relayerUrl = config.relayerUrl ?? "https://relay.axonfi.xyz";
     if (!config.botPrivateKey) {
       throw new Error("botPrivateKey is required in AxonClientConfig");
     }
+    this.botPrivateKey = config.botPrivateKey;
     this.walletClient = createAxonWalletClient(config.botPrivateKey, config.chainId);
   }
   // ============================================================================
@@ -3340,7 +3697,8 @@ Timestamp: ${timestamp}`;
       ...input.invoiceId !== void 0 && { invoiceId: input.invoiceId },
       ...input.orderId !== void 0 && { orderId: input.orderId },
       ...input.recipientLabel !== void 0 && { recipientLabel: input.recipientLabel },
-      ...input.metadata !== void 0 && { metadata: input.metadata }
+      ...input.metadata !== void 0 && { metadata: input.metadata },
+      ...input.x402Funding !== void 0 && { x402Funding: input.x402Funding }
     };
     return this._post(RELAYER_API.PAYMENTS, idempotencyKey, body);
   }
@@ -3899,6 +4257,6 @@ var AxonRegistryAbi = [
   }
 ];
-export { AxonClient, AxonRegistryAbi, AxonVaultAbi, AxonVaultFactoryAbi, CHAIN_NAMES, Chain, DEFAULT_DEADLINE_SECONDS, EIP712_DOMAIN_NAME, EIP712_DOMAIN_VERSION, EXECUTE_INTENT_TYPEHASH, EXPLORER_ADDR, EXPLORER_TX, KNOWN_TOKENS, NATIVE_ETH, PAYMENT_INTENT_TYPEHASH, PaymentErrorCode, RELAYER_API, SUPPORTED_CHAIN_IDS, SWAP_INTENT_TYPEHASH, Token, USDC, WINDOW, createAxonPublicClient, createAxonWalletClient, decryptKeystore, deployVault, encodeRef, encryptKeystore, getBotConfig, getChain, getDomainSeparator, getKnownTokensForChain, getOperatorCeilings, getRebalanceTokenCount, getTokenSymbolByAddress, getVaultOperator, getVaultOwner, getVaultVersion, isBotActive, isDestinationAllowed, isRebalanceTokenWhitelisted, isVaultPaused, operatorMaxDrainPerDay, parseAmount, resolveToken, resolveTokenDecimals, signExecuteIntent, signPayment, signSwapIntent };
+export { AxonClient, AxonRegistryAbi, AxonVaultAbi, AxonVaultFactoryAbi, CHAIN_NAMES, Chain, DEFAULT_DEADLINE_SECONDS, EIP712_DOMAIN_NAME, EIP712_DOMAIN_VERSION, EXECUTE_INTENT_TYPEHASH, EXPLORER_ADDR, EXPLORER_TX, KNOWN_TOKENS, NATIVE_ETH, PAYMENT_INTENT_TYPEHASH, PERMIT2_ADDRESS, PaymentErrorCode, RELAYER_API, SUPPORTED_CHAIN_IDS, SWAP_INTENT_TYPEHASH, Token, USDC, USDC_EIP712_DOMAIN, WINDOW, WITNESS_TYPE_STRING, X402_PROXY_ADDRESS, createAxonPublicClient, createAxonWalletClient, decryptKeystore, deployVault, encodeRef, encryptKeystore, extractX402Metadata, findMatchingOption, formatPaymentSignature, getBotConfig, getChain, getDomainSeparator, getKnownTokensForChain, getOperatorCeilings, getRebalanceTokenCount, getTokenSymbolByAddress, getVaultOperator, getVaultOwner, getVaultVersion, isBotActive, isDestinationAllowed, isRebalanceTokenWhitelisted, isVaultPaused, operatorMaxDrainPerDay, parseAmount, parseChainId, parsePaymentRequired, randomNonce, randomPermit2Nonce, resolveToken, resolveTokenDecimals, signExecuteIntent, signPayment, signPermit2WitnessTransfer, signSwapIntent, signTransferWithAuthorization };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map