@caypo/mpp-canton 0.1.0

package/.turbo/turbo-build.log

@@ -0,0 +1,40 @@
+
+> @caypo/mpp-canton@0.1.0 build /Users/anil/Desktop/caypo/packages/mpp
+> tsup
+
+CLI Building entry: src/client.ts, src/index.ts, src/server.ts
+CLI Using tsconfig: tsconfig.json
+CLI tsup v8.5.1
+CLI Using tsup config: /Users/anil/Desktop/caypo/packages/mpp/tsup.config.ts
+CLI Target: es2022
+CLI Cleaning output folder
+ESM Build start
+CJS Build start
+ESM dist/index.js              497.00 B
+ESM dist/chunk-NTWNP6H5.js     1.14 KB
+ESM dist/server.js             193.00 B
+ESM dist/chunk-757U7PM3.js     4.17 KB
+ESM dist/client.js             145.00 B
+ESM dist/chunk-5CWLHTUR.js     3.31 KB
+ESM dist/index.js.map          893.00 B
+ESM dist/chunk-NTWNP6H5.js.map 2.76 KB
+ESM dist/client.js.map         71.00 B
+ESM dist/chunk-757U7PM3.js.map 8.67 KB
+ESM dist/server.js.map         71.00 B
+ESM dist/chunk-5CWLHTUR.js.map 7.01 KB
+ESM ⚡️ Build success in 10ms
+CJS dist/server.cjs     5.57 KB
+CJS dist/index.cjs      10.04 KB
+CJS dist/client.cjs     6.38 KB
+CJS dist/server.cjs.map 9.75 KB
+CJS dist/index.cjs.map  19.18 KB
+CJS dist/client.cjs.map 11.40 KB
+CJS ⚡️ Build success in 10ms
+DTS Build start
+DTS ⚡️ Build success in 997ms
+DTS dist/index.d.ts   2.60 KB
+DTS dist/client.d.ts  839.00 B
+DTS dist/server.d.ts  971.00 B
+DTS dist/index.d.cts  2.60 KB
+DTS dist/client.d.cts 839.00 B
+DTS dist/server.d.cts 971.00 B

package/.turbo/turbo-test.log

@@ -0,0 +1,16 @@
+
+> @caypo/mpp-canton@0.1.0 test /Users/anil/Desktop/caypo/packages/mpp
+> vitest run
+
+
+ RUN  v3.2.4 /Users/anil/Desktop/caypo/packages/mpp
+
+ ✓ src/__tests__/method.test.ts (19 tests) 5ms
+ ✓ src/__tests__/client.test.ts (6 tests) 18ms
+ ✓ src/__tests__/server.test.ts (10 tests) 18ms
+
+ Test Files  3 passed (3)
+      Tests  35 passed (35)
+   Start at  19:11:45
+   Duration  296ms (transform 89ms, setup 0ms, collect 158ms, tests 41ms, environment 0ms, prepare 141ms)
+

package/README.md

@@ -0,0 +1,104 @@
+# @caypo/mpp-canton
+
+**Canton Network payment method for the [Machine Payments Protocol (MPP)](https://mpp.dev)**
+
+Accept and make USDCx payments in any HTTP API using Canton's CIP-56 token standard with 1-step TransferPreapproval transfers.
+
+[![License](https://img.shields.io/badge/license-Apache--2.0%20%2F%20MIT-blue)](../../LICENSE-APACHE)
+
+## Install
+
+```bash
+npm install @caypo/mpp-canton
+```
+
+## Accept Payments (Server)
+
+```typescript
+import { cantonServer } from "@caypo/mpp-canton/server";
+
+const server = cantonServer({
+  ledgerUrl: "http://localhost:7575",
+  token: process.env.CANTON_JWT,
+  userId: "ledger-api-user",
+  recipientPartyId: "Gateway::1220...",
+  network: "mainnet",
+});
+
+// When agent submits credential after paying:
+const receipt = await server.verify({ credential });
+// { method: "canton", reference: "upd-abc123", status: "success" }
+```
+
+## Make Payments (Client)
+
+```typescript
+import { cantonClient } from "@caypo/mpp-canton/client";
+
+const client = cantonClient({
+  ledgerUrl: "http://localhost:7575",
+  token: process.env.CANTON_JWT,
+  userId: "ledger-api-user",
+  partyId: "Agent::1220...",
+  network: "mainnet",
+});
+
+// When receiving a 402 challenge:
+const credential = await client.createCredential({ challenge });
+// Base64-encoded credential with updateId, completionOffset, sender, commandId
+```
+
+## Method Definition
+
+```typescript
+import { cantonMethod } from "@caypo/mpp-canton";
+
+cantonMethod.name;   // "canton"
+cantonMethod.intent; // "charge"
+```
+
+## Schemas
+
+```typescript
+import { requestSchema, credentialPayloadSchema } from "@caypo/mpp-canton";
+
+// Validate payment requests
+requestSchema.parse({ amount: "0.01", currency: "USDCx", recipient: "...", network: "mainnet" });
+
+// Validate credentials
+credentialPayloadSchema.parse({ updateId: "...", completionOffset: 42, sender: "...", commandId: "..." });
+```
+
+## Error Handling
+
+```typescript
+import { MppVerificationError } from "@caypo/mpp-canton";
+
+try {
+  await server.verify({ credential });
+} catch (err) {
+  if (err instanceof MppVerificationError) {
+    console.log(err.problemCode); // "verification-failed" | "payment-insufficient"
+  }
+}
+```
+
+## How It Works
+
+The Canton MPP method uses **CIP-56 TransferPreapproval** for 1-step transfers:
+
+1. Service returns `402` with `WWW-Authenticate: Payment method="canton", amount="0.01", recipient="...", network="..."`
+2. Agent exercises `TransferFactory_Transfer` on Canton (requires recipient's TransferPreapproval)
+3. Agent builds credential with `{ updateId, completionOffset, sender, commandId }`
+4. Service verifies by fetching the transaction from Canton ledger
+5. Service confirms: Holding created for recipient, amount >= required, correct sender
+
+## Links
+
+- [MPP Protocol](https://mpp.dev) — Machine Payments Protocol by Stripe and Tempo
+- [Canton Network](https://canton.network) — Privacy-enabled institutional blockchain
+- [CIP-56](https://canton.network) — Canton token standard
+
+## License
+
+Apache-2.0 OR MIT

package/SPEC.md

@@ -0,0 +1,269 @@
+# @cayvox/mpp-canton — MPP Payment Method Specification (Production)
+
+## Transfer Flow for MPP
+
+**The critical insight:** The MPP gateway server MUST have a `TransferPreapproval` contract active. This enables 1-step transfers from agents — no receiver acceptance needed.
+
+```
+Agent                          Gateway (Canton)                    Canton Ledger
+  |                               |                                    |
+  |-- GET /api/data ------------->|                                    |
+  |<-- 402 + Challenge -----------|                                    |
+  |                               |                                    |
+  |   (Agent exercises TransferFactory_Transfer                        |
+  |    using gateway's TransferPreapproval)                            |
+  |                               |                                    |
+  |-- POST /v2/commands/submit-and-wait -------------------------------->|
+  |<-- { updateId, completionOffset } ----------------------------------|
+  |                               |                                    |
+  |-- GET /api/data + credential->|                                    |
+  |                               |-- verify via /v2/updates/... ----->|
+  |                               |<-- transaction tree ---------------|
+  |<-- 200 + Receipt + data ------|                                    |
+```
+
+## Method Definition
+
+```typescript
+import { Method, z } from "mppx";
+
+export const cantonMethod = Method.from({
+  intent: "charge",
+  name: "canton",
+  schema: {
+    credential: {
+      payload: z.object({
+        updateId: z.string().min(1),
+        completionOffset: z.number().int(),
+        sender: z.string().min(1),          // e.g., "Agent::1220abcd..."
+        commandId: z.string().min(1),
+      }),
+    },
+    request: z.object({
+      amount: z.string().regex(/^\d+\.?\d{0,10}$/),
+      currency: z.enum(["USDCx", "CC"]),
+      recipient: z.string().min(1),         // e.g., "Gateway::1220efgh..."
+      network: z.enum(["mainnet", "testnet", "devnet"]),
+      description: z.string().optional(),
+      expiry: z.number().int().min(1).max(3600).default(300),
+    }),
+  },
+});
+```
+
+Note: Canton uses `Numeric 10` (10 decimal places) internally. USDCx has 6 meaningful decimals but the on-chain representation may use 10.
+
+## Client Implementation
+
+```typescript
+import { Method, Credential } from "mppx";
+import { cantonMethod } from "./method";
+
+export interface CantonClientConfig {
+  ledgerUrl: string;       // e.g., "http://localhost:7575"
+  token: string;           // JWT bearer token
+  userId: string;          // Ledger API user ID
+  partyId: string;         // Agent's party ID (e.g., "Agent::1220...")
+  network: "mainnet" | "testnet" | "devnet";
+}
+
+export function cantonClient(config: CantonClientConfig) {
+  return Method.toClient(cantonMethod, {
+    async createCredential({ challenge }) {
+      // 1. Validate network
+      if (challenge.request.network !== config.network) {
+        throw new Error(`Network mismatch: expected ${config.network}`);
+      }
+
+      // 2. Query agent's USDCx holdings
+      const holdingsResponse = await fetch(
+        `${config.ledgerUrl}/v2/state/active-contracts`,
+        {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            "Authorization": `Bearer ${config.token}`,
+          },
+          body: JSON.stringify({
+            eventFormat: {
+              filtersByParty: {
+                [config.partyId]: {
+                  cumulative: [{
+                    identifierFilter: {
+                      TemplateFilter: {
+                        value: { templateId: USDCX_HOLDING_TEMPLATE_ID }
+                      }
+                    }
+                  }]
+                }
+              },
+              verbose: true
+            },
+            activeAtOffset: await getLedgerEnd(config),
+          }),
+        }
+      );
+
+      // 3. Select holdings covering the amount
+      const holdings = parseHoldings(await holdingsResponse.json());
+      const selected = selectHoldings(holdings, challenge.request.amount);
+
+      // 4. Generate unique commandId
+      const commandId = crypto.randomUUID();
+
+      // 5. Exercise TransferFactory_Transfer via submit-and-wait
+      const submitResponse = await fetch(
+        `${config.ledgerUrl}/v2/commands/submit-and-wait`,
+        {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            "Authorization": `Bearer ${config.token}`,
+          },
+          body: JSON.stringify({
+            commands: [{
+              ExerciseCommand: {
+                templateId: TRANSFER_FACTORY_TEMPLATE_ID,
+                contractId: selected.transferFactoryContractId,
+                choice: "TransferFactory_Transfer",
+                choiceArgument: {
+                  sender: config.partyId,
+                  receiver: challenge.request.recipient,
+                  amount: challenge.request.amount,
+                  instrumentId: USDCX_INSTRUMENT_ID,
+                  inputHoldingCids: selected.holdingContractIds,
+                  meta: {},
+                },
+              },
+            }],
+            userId: config.userId,
+            commandId,
+            actAs: [config.partyId],
+            readAs: [config.partyId],
+          }),
+        }
+      );
+
+      const result = await submitResponse.json();
+
+      // 6. Return credential
+      return Credential.serialize({
+        challenge,
+        payload: {
+          updateId: result.updateId,
+          completionOffset: result.completionOffset,
+          sender: config.partyId,
+          commandId,
+        },
+      });
+    },
+  });
+}
+```
+
+## Server Implementation
+
+```typescript
+import { Method, Receipt } from "mppx";
+import { cantonMethod } from "./method";
+
+export interface CantonServerConfig {
+  ledgerUrl: string;
+  token: string;
+  userId: string;
+  recipientPartyId: string;
+  network: "mainnet" | "testnet" | "devnet";
+}
+
+export function cantonServer(config: CantonServerConfig) {
+  return Method.toServer(cantonMethod, {
+    async verify({ credential }) {
+      const { updateId, completionOffset, sender, commandId } = credential.payload;
+      const { amount, recipient, network } = credential.challenge.request;
+
+      // 1. Network check
+      if (network !== config.network) {
+        throw new Error("Network mismatch");
+      }
+
+      // 2. Recipient check
+      if (recipient !== config.recipientPartyId) {
+        throw new Error("Recipient mismatch");
+      }
+
+      // 3. Fetch transaction by updateId
+      const txResponse = await fetch(
+        `${config.ledgerUrl}/v2/updates/transaction-by-id/${updateId}`,
+        {
+          headers: {
+            "Authorization": `Bearer ${config.token}`,
+          },
+        }
+      );
+
+      if (!txResponse.ok) {
+        throw new Error("Transaction not found on Canton ledger");
+      }
+
+      const tx = await txResponse.json();
+
+      // 4. Verify: find the created Holding event for recipient
+      const recipientHolding = findCreatedHolding(tx, config.recipientPartyId);
+      if (!recipientHolding) {
+        throw new Error("No holding created for recipient");
+      }
+
+      // 5. Verify amount >= required
+      if (parseFloat(recipientHolding.amount) < parseFloat(amount)) {
+        throw new Error(`Insufficient: ${recipientHolding.amount} < ${amount}`);
+      }
+
+      // 6. Verify sender
+      const senderEvent = findExercisedEvent(tx, sender);
+      if (!senderEvent) {
+        throw new Error("Sender mismatch");
+      }
+
+      // 7. Return receipt
+      return Receipt.from({
+        method: "canton",
+        reference: updateId,
+        status: "success",
+        timestamp: new Date().toISOString(),
+      });
+    },
+  });
+}
+```
+
+## Gateway TransferPreapproval Setup
+
+The gateway MUST run this setup once before accepting payments:
+
+```typescript
+// One-time setup: Create TransferPreapproval for gateway party
+// This allows agents to do 1-step transfers to the gateway
+async function setupGatewayPreapproval(config: CantonServerConfig) {
+  // Option A: Via validator API (if using Splice wallet)
+  // POST /v0/admin/external-party/setup-proposal
+  
+  // Option B: Via Ledger API (direct)
+  // Exercise the appropriate TransferPreapproval creation choice
+  // on the token registry
+  
+  // The preapproval must be renewed before expiry (default: $1/year fee)
+}
+```
+
+## Error Mapping
+
+| Canton Error | MPP Problem Code | HTTP |
+|-------------|-----------------|------|
+| Transaction not found | verification-failed | 402 |
+| Amount insufficient | payment-insufficient | 402 |
+| Wrong recipient | verification-failed | 402 |
+| Wrong network | verification-failed | 402 |
+| Duplicate commandId | verification-failed | 402 |
+| INVALID_ARGUMENT | malformed-credential | 402 |
+| PERMISSION_DENIED | verification-failed | 402 |
+| UNAVAILABLE | N/A | 503 |

package/dist/chunk-5CWLHTUR.js

@@ -0,0 +1,111 @@
+import {
+  cantonMethod
+} from "./chunk-NTWNP6H5.js";
+
+// src/server.ts
+import { Method, Receipt } from "mppx";
+var MppVerificationError = class extends Error {
+  problemCode;
+  constructor(message, problemCode) {
+    super(message);
+    this.name = "MppVerificationError";
+    this.problemCode = problemCode;
+  }
+};
+function findCreatedHolding(tx, recipientParty) {
+  const events = tx.eventsById ?? {};
+  for (const evt of Object.values(events)) {
+    if (evt.createdEvent) {
+      const signatories = evt.createdEvent.signatories ?? [];
+      const witnesses = evt.createdEvent.witnessParties ?? [];
+      const allParties = [...signatories, ...witnesses];
+      if (allParties.includes(recipientParty)) {
+        const amount = evt.createdEvent.createArgument?.amount;
+        if (typeof amount === "string") {
+          return { amount };
+        }
+      }
+    }
+  }
+  return null;
+}
+function findExercisedEvent(tx, senderParty) {
+  const events = tx.eventsById ?? {};
+  for (const evt of Object.values(events)) {
+    if (evt.exercisedEvent) {
+      const acting = evt.exercisedEvent.actingParties ?? [];
+      if (acting.includes(senderParty)) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+function cantonServer(config) {
+  return Method.toServer(cantonMethod, {
+    async verify({
+      credential
+    }) {
+      const { updateId, sender } = credential.payload;
+      const { amount, recipient, network } = credential.challenge.request;
+      if (network !== config.network) {
+        throw new MppVerificationError(
+          `Network mismatch: credential is for ${network}, server is on ${config.network}`,
+          "verification-failed"
+        );
+      }
+      if (recipient !== config.recipientPartyId) {
+        throw new MppVerificationError(
+          `Recipient mismatch: credential targets ${recipient}, server is ${config.recipientPartyId}`,
+          "verification-failed"
+        );
+      }
+      const txResponse = await fetch(
+        `${config.ledgerUrl}/v2/updates/transaction-by-id/${encodeURIComponent(updateId)}`,
+        {
+          headers: {
+            Authorization: `Bearer ${config.token}`
+          }
+        }
+      );
+      if (!txResponse.ok) {
+        throw new MppVerificationError(
+          "Transaction not found on Canton ledger",
+          "verification-failed"
+        );
+      }
+      const tx = await txResponse.json();
+      const recipientHolding = findCreatedHolding(tx, config.recipientPartyId);
+      if (!recipientHolding) {
+        throw new MppVerificationError(
+          "No holding created for recipient in transaction",
+          "verification-failed"
+        );
+      }
+      if (parseFloat(recipientHolding.amount) < parseFloat(amount)) {
+        throw new MppVerificationError(
+          `Payment insufficient: received ${recipientHolding.amount}, required ${amount}`,
+          "payment-insufficient"
+        );
+      }
+      if (!findExercisedEvent(tx, sender)) {
+        throw new MppVerificationError(
+          `Sender mismatch: ${sender} did not execute the transfer`,
+          "verification-failed"
+        );
+      }
+      return Receipt.from({
+        method: "canton",
+        reference: updateId,
+        status: "success",
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    }
+  });
+}
+
+export {
+  MppVerificationError,
+  cantonServer
+};
+//# sourceMappingURL=chunk-5CWLHTUR.js.map

package/dist/chunk-5CWLHTUR.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/server.ts"],"sourcesContent":["/**\n * Canton MPP server — used by gateways to verify payments.\n *\n * Verification flow:\n * 1. Check network matches server config\n * 2. Check recipient matches server's party\n * 3. Fetch transaction from ledger by updateId\n * 4. Find Created Holding event for recipient, verify amount >= required\n * 5. Find Exercised event proving the sender executed the transfer\n * 6. Return receipt\n */\n\nimport { Method, Receipt, type CredentialData } from \"mppx\";\nimport { cantonMethod } from \"./method.js\";\nimport type { CantonCredentialPayload, CantonRequest } from \"./schemas.js\";\n\nexport type CantonNetwork = \"mainnet\" | \"testnet\" | \"devnet\";\n\nexport interface CantonMppServerConfig {\n  ledgerUrl: string;\n  token: string;\n  userId: string;\n  recipientPartyId: string;\n  network: CantonNetwork;\n}\n\nexport class MppVerificationError extends Error {\n  readonly problemCode: string;\n\n  constructor(message: string, problemCode: string) {\n    super(message);\n    this.name = \"MppVerificationError\";\n    this.problemCode = problemCode;\n  }\n}\n\ninterface TransactionEvent {\n  createdEvent?: {\n    contractId: string;\n    templateId: string;\n    createArgument: Record<string, unknown>;\n    witnessParties: string[];\n    signatories: string[];\n  };\n  exercisedEvent?: {\n    contractId: string;\n    choice: string;\n    actingParties: string[];\n  };\n}\n\ninterface TransactionData {\n  updateId: string;\n  eventsById?: Record<string, TransactionEvent>;\n  rootEventIds?: string[];\n}\n\nfunction findCreatedHolding(\n  tx: TransactionData,\n  recipientParty: string,\n): { amount: string } | null {\n  const events = tx.eventsById ?? {};\n\n  for (const evt of Object.values(events)) {\n    if (evt.createdEvent) {\n      const signatories = evt.createdEvent.signatories ?? [];\n      const witnesses = evt.createdEvent.witnessParties ?? [];\n      const allParties = [...signatories, ...witnesses];\n\n      if (allParties.includes(recipientParty)) {\n        const amount = evt.createdEvent.createArgument?.amount;\n        if (typeof amount === \"string\") {\n          return { amount };\n        }\n      }\n    }\n  }\n\n  return null;\n}\n\nfunction findExercisedEvent(\n  tx: TransactionData,\n  senderParty: string,\n): boolean {\n  const events = tx.eventsById ?? {};\n\n  for (const evt of Object.values(events)) {\n    if (evt.exercisedEvent) {\n      const acting = evt.exercisedEvent.actingParties ?? [];\n      if (acting.includes(senderParty)) {\n        return true;\n      }\n    }\n  }\n\n  return false;\n}\n\nexport function cantonServer(config: CantonMppServerConfig) {\n  return Method.toServer(cantonMethod, {\n    async verify({\n      credential,\n    }: {\n      credential: CredentialData<CantonCredentialPayload, CantonRequest>;\n    }) {\n      const { updateId, sender } = credential.payload;\n      const { amount, recipient, network } = credential.challenge.request;\n\n      // 1. Network check\n      if (network !== config.network) {\n        throw new MppVerificationError(\n          `Network mismatch: credential is for ${network}, server is on ${config.network}`,\n          \"verification-failed\",\n        );\n      }\n\n      // 2. Recipient check\n      if (recipient !== config.recipientPartyId) {\n        throw new MppVerificationError(\n          `Recipient mismatch: credential targets ${recipient}, server is ${config.recipientPartyId}`,\n          \"verification-failed\",\n        );\n      }\n\n      // 3. Fetch transaction by updateId\n      const txResponse = await fetch(\n        `${config.ledgerUrl}/v2/updates/transaction-by-id/${encodeURIComponent(updateId)}`,\n        {\n          headers: {\n            Authorization: `Bearer ${config.token}`,\n          },\n        },\n      );\n\n      if (!txResponse.ok) {\n        throw new MppVerificationError(\n          \"Transaction not found on Canton ledger\",\n          \"verification-failed\",\n        );\n      }\n\n      const tx = (await txResponse.json()) as TransactionData;\n\n      // 4. Find created Holding for recipient and verify amount\n      const recipientHolding = findCreatedHolding(tx, config.recipientPartyId);\n      if (!recipientHolding) {\n        throw new MppVerificationError(\n          \"No holding created for recipient in transaction\",\n          \"verification-failed\",\n        );\n      }\n\n      if (parseFloat(recipientHolding.amount) < parseFloat(amount)) {\n        throw new MppVerificationError(\n          `Payment insufficient: received ${recipientHolding.amount}, required ${amount}`,\n          \"payment-insufficient\",\n        );\n      }\n\n      // 5. Verify sender\n      if (!findExercisedEvent(tx, sender)) {\n        throw new MppVerificationError(\n          `Sender mismatch: ${sender} did not execute the transfer`,\n          \"verification-failed\",\n        );\n      }\n\n      // 6. Return receipt\n      return Receipt.from({\n        method: \"canton\",\n        reference: updateId,\n        status: \"success\",\n        timestamp: new Date().toISOString(),\n      });\n    },\n  });\n}\n"],"mappings":";;;;;AAYA,SAAS,QAAQ,eAAoC;AAc9C,IAAM,uBAAN,cAAmC,MAAM;AAAA,EACrC;AAAA,EAET,YAAY,SAAiB,aAAqB;AAChD,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,cAAc;AAAA,EACrB;AACF;AAuBA,SAAS,mBACP,IACA,gBAC2B;AAC3B,QAAM,SAAS,GAAG,cAAc,CAAC;AAEjC,aAAW,OAAO,OAAO,OAAO,MAAM,GAAG;AACvC,QAAI,IAAI,cAAc;AACpB,YAAM,cAAc,IAAI,aAAa,eAAe,CAAC;AACrD,YAAM,YAAY,IAAI,aAAa,kBAAkB,CAAC;AACtD,YAAM,aAAa,CAAC,GAAG,aAAa,GAAG,SAAS;AAEhD,UAAI,WAAW,SAAS,cAAc,GAAG;AACvC,cAAM,SAAS,IAAI,aAAa,gBAAgB;AAChD,YAAI,OAAO,WAAW,UAAU;AAC9B,iBAAO,EAAE,OAAO;AAAA,QAClB;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,mBACP,IACA,aACS;AACT,QAAM,SAAS,GAAG,cAAc,CAAC;AAEjC,aAAW,OAAO,OAAO,OAAO,MAAM,GAAG;AACvC,QAAI,IAAI,gBAAgB;AACtB,YAAM,SAAS,IAAI,eAAe,iBAAiB,CAAC;AACpD,UAAI,OAAO,SAAS,WAAW,GAAG;AAChC,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,aAAa,QAA+B;AAC1D,SAAO,OAAO,SAAS,cAAc;AAAA,IACnC,MAAM,OAAO;AAAA,MACX;AAAA,IACF,GAEG;AACD,YAAM,EAAE,UAAU,OAAO,IAAI,WAAW;AACxC,YAAM,EAAE,QAAQ,WAAW,QAAQ,IAAI,WAAW,UAAU;AAG5D,UAAI,YAAY,OAAO,SAAS;AAC9B,cAAM,IAAI;AAAA,UACR,uCAAuC,OAAO,kBAAkB,OAAO,OAAO;AAAA,UAC9E;AAAA,QACF;AAAA,MACF;AAGA,UAAI,cAAc,OAAO,kBAAkB;AACzC,cAAM,IAAI;AAAA,UACR,0CAA0C,SAAS,eAAe,OAAO,gBAAgB;AAAA,UACzF;AAAA,QACF;AAAA,MACF;AAGA,YAAM,aAAa,MAAM;AAAA,QACvB,GAAG,OAAO,SAAS,iCAAiC,mBAAmB,QAAQ,CAAC;AAAA,QAChF;AAAA,UACE,SAAS;AAAA,YACP,eAAe,UAAU,OAAO,KAAK;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAEA,UAAI,CAAC,WAAW,IAAI;AAClB,cAAM,IAAI;AAAA,UACR;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAEA,YAAM,KAAM,MAAM,WAAW,KAAK;AAGlC,YAAM,mBAAmB,mBAAmB,IAAI,OAAO,gBAAgB;AACvE,UAAI,CAAC,kBAAkB;AACrB,cAAM,IAAI;AAAA,UACR;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAEA,UAAI,WAAW,iBAAiB,MAAM,IAAI,WAAW,MAAM,GAAG;AAC5D,cAAM,IAAI;AAAA,UACR,kCAAkC,iBAAiB,MAAM,cAAc,MAAM;AAAA,UAC7E;AAAA,QACF;AAAA,MACF;AAGA,UAAI,CAAC,mBAAmB,IAAI,MAAM,GAAG;AACnC,cAAM,IAAI;AAAA,UACR,oBAAoB,MAAM;AAAA,UAC1B;AAAA,QACF;AAAA,MACF;AAGA,aAAO,QAAQ,KAAK;AAAA,QAClB,QAAQ;AAAA,QACR,WAAW;AAAA,QACX,QAAQ;AAAA,QACR,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,MACpC,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AACH;","names":[]}

package/dist/chunk-757U7PM3.js

@@ -0,0 +1,140 @@
+import {
+  cantonMethod
+} from "./chunk-NTWNP6H5.js";
+
+// src/client.ts
+import { Credential, Method } from "mppx";
+var USDCX_HOLDING_TEMPLATE_ID = "Splice.Api.Token.HoldingV1:Holding";
+var TRANSFER_FACTORY_TEMPLATE_ID = "Splice.Api.Token.TransferFactoryV1:TransferFactory";
+var USDCX_INSTRUMENT_ID = "USDCx";
+async function fetchJson(url, token, init) {
+  const response = await fetch(url, {
+    ...init,
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${token}`,
+      ...init?.headers
+    }
+  });
+  if (!response.ok) {
+    const text = await response.text().catch(() => "");
+    throw new Error(`Canton API error: HTTP ${response.status} \u2014 ${text}`);
+  }
+  return response.json();
+}
+async function getLedgerEnd(config) {
+  const data = await fetchJson(`${config.ledgerUrl}/v2/state/ledger-end`, config.token);
+  return data.offset;
+}
+async function queryHoldings(config) {
+  const offset = await getLedgerEnd(config);
+  const data = await fetchJson(`${config.ledgerUrl}/v2/state/active-contracts`, config.token, {
+    method: "POST",
+    body: JSON.stringify({
+      eventFormat: {
+        filtersByParty: {
+          [config.partyId]: {
+            cumulative: [
+              {
+                identifierFilter: {
+                  TemplateFilter: {
+                    value: { templateId: USDCX_HOLDING_TEMPLATE_ID }
+                  }
+                }
+              }
+            ]
+          }
+        },
+        verbose: true
+      },
+      activeAtOffset: offset
+    })
+  });
+  return (data.contractEntry ?? []).filter((e) => e.createdEvent != null).map((e) => ({
+    contractId: e.createdEvent.contractId,
+    amount: e.createdEvent.createArgument.amount
+  }));
+}
+function selectHoldings(holdings, requiredAmount) {
+  if (holdings.length === 0) {
+    throw new Error(`Insufficient balance: no holdings available`);
+  }
+  const sorted = [...holdings].sort(
+    (a, b) => parseFloat(b.amount) - parseFloat(a.amount)
+  );
+  for (let i = sorted.length - 1; i >= 0; i--) {
+    if (parseFloat(sorted[i].amount) >= parseFloat(requiredAmount)) {
+      return [sorted[i].contractId];
+    }
+  }
+  let total = 0;
+  const selected = [];
+  for (const h of sorted) {
+    selected.push(h.contractId);
+    total += parseFloat(h.amount);
+    if (total >= parseFloat(requiredAmount)) {
+      return selected;
+    }
+  }
+  throw new Error(
+    `Insufficient balance: have ${total}, need ${requiredAmount}`
+  );
+}
+function cantonClient(config) {
+  return Method.toClient(cantonMethod, {
+    async createCredential({ challenge }) {
+      if (challenge.request.network !== config.network) {
+        throw new Error(
+          `Network mismatch: challenge requires ${challenge.request.network}, agent configured for ${config.network}`
+        );
+      }
+      const holdings = await queryHoldings(config);
+      const selectedCids = selectHoldings(holdings, challenge.request.amount);
+      const commandId = crypto.randomUUID();
+      const result = await fetchJson(
+        `${config.ledgerUrl}/v2/commands/submit-and-wait`,
+        config.token,
+        {
+          method: "POST",
+          body: JSON.stringify({
+            commands: [
+              {
+                ExerciseCommand: {
+                  templateId: TRANSFER_FACTORY_TEMPLATE_ID,
+                  contractId: selectedCids[0],
+                  choice: "TransferFactory_Transfer",
+                  choiceArgument: {
+                    sender: config.partyId,
+                    receiver: challenge.request.recipient,
+                    amount: challenge.request.amount,
+                    instrumentId: USDCX_INSTRUMENT_ID,
+                    inputHoldingCids: selectedCids,
+                    meta: {}
+                  }
+                }
+              }
+            ],
+            userId: config.userId,
+            commandId,
+            actAs: [config.partyId],
+            readAs: [config.partyId]
+          })
+        }
+      );
+      return Credential.serialize({
+        challenge,
+        payload: {
+          updateId: result.updateId,
+          completionOffset: result.completionOffset,
+          sender: config.partyId,
+          commandId
+        }
+      });
+    }
+  });
+}
+
+export {
+  cantonClient
+};
+//# sourceMappingURL=chunk-757U7PM3.js.map