@cedros/login-sidecar 0.0.1

package/.env.example

@@ -0,0 +1,52 @@
+# Privacy Cash Sidecar Configuration
+#
+# This sidecar handles Privacy Cash operations for SSS embedded wallets.
+# User keypairs are reconstructed from SSS shares and passed to endpoints.
+
+# Port to listen on (default: 3100)
+PORT=3100
+
+# Host/interface to bind to (default: 127.0.0.1)
+# Use 0.0.0.0 if you need to accept connections from outside the machine/container.
+HOST=127.0.0.1
+
+# API key for authentication (required)
+# Generate with: openssl rand -hex 32
+SIDECAR_API_KEY=your-secure-api-key-here
+
+# Solana network: 'devnet' or 'mainnet-beta' (default: devnet). 'mainnet' is accepted as an alias.
+SOLANA_NETWORK=devnet
+
+# Solana RPC URL (optional, defaults based on network)
+# SOLANA_RPC_URL=https://api.devnet.solana.com
+
+# Privacy Cash program ID (required)
+# Mainnet: 9fhQBbumKEFuXtMBDw8AaQyAjCorLGJQiS3skWZdQyQD
+PRIVACY_CASH_PROGRAM_ID=9fhQBbumKEFuXtMBDw8AaQyAjCorLGJQiS3skWZdQyQD
+
+# Company wallet address for withdrawals (required)
+# This is where funds are sent when withdrawing from user Privacy Cash accounts
+COMPANY_WALLET_ADDRESS=
+
+# =============================================================================
+# Jupiter Ultra API (for gasless SPL token swaps)
+# =============================================================================
+# Jupiter API URL (default: https://api.jup.ag/ultra/v1)
+# JUPITER_API_URL=https://api.jup.ag/ultra/v1
+
+# Jupiter API key (REQUIRED - get free key at https://portal.jup.ag)
+JUPITER_API_KEY=
+
+# Minimum swap amount in USD for gasless swaps (default: 10)
+# Jupiter requires ~$10 minimum for gasless swaps
+JUPITER_MIN_SWAP_USD=10
+
+# Jupiter Ultra API rate limit (requests per 10 seconds)
+# Used for swap queue throttling. Ultra API uses dynamic rate limiting
+# that scales with your 24-hour swap volume:
+#   $0 volume:       50 requests / 10 seconds
+#   $10,000 volume:  51 requests / 10 seconds
+#   $100,000 volume: 61 requests / 10 seconds
+#   $1M volume:      165 requests / 10 seconds
+# Note: This is NOT tied to Pro plan tiers - it scales automatically
+JUPITER_RATE_LIMIT=50

package/README.md

@@ -0,0 +1,26 @@
+# @cedros/login-sidecar
+
+Node.js sidecar service for `cedros-login-server`.
+
+This service wraps the JavaScript-only Privacy Cash SDK and provides related Solana utilities
+(verification, batching, swaps) used by the Rust backend.
+
+## Requirements
+
+- Node.js >= 24
+
+By default the sidecar binds to `127.0.0.1`. Set `HOST=0.0.0.0` if you need it reachable outside the machine/container.
+
+## Local dev
+
+```bash
+cd login-sidecar
+nvm use
+npm install
+npm run dev
+```
+
+Configure the Rust server to point at the sidecar:
+
+- `PRIVACY_CASH_SIDECAR_URL` (e.g. `http://localhost:3100`)
+- `SIDECAR_API_KEY`

package/dist/config.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Sidecar configuration loaded from environment variables
+ */
+export interface Config {
+    port: number;
+    host: string;
+    apiKey: string;
+    solanaRpcUrl: string;
+    solanaNetwork: 'devnet' | 'mainnet-beta';
+    privacyCashProgramId: string;
+    /** Company wallet address for withdrawals (receives funds from Privacy Cash) */
+    companyWalletAddress: string;
+    /** Jupiter Ultra API settings for gasless swaps */
+    jupiter: {
+        apiUrl: string;
+        apiKey: string | null;
+        /** Minimum swap amount in USD (Jupiter gasless requires ~$10) */
+        minSwapUsd: number;
+        /** Rate limit in requests per 10 seconds (for swap queue throttling) */
+        rateLimit: number;
+    };
+}
+export declare function loadConfig(): Config;

package/dist/config.js

@@ -0,0 +1,40 @@
+"use strict";
+/**
+ * Sidecar configuration loaded from environment variables
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadConfig = loadConfig;
+function getEnvRequired(key) {
+    const value = process.env[key];
+    if (!value) {
+        throw new Error(`Missing required environment variable: ${key}`);
+    }
+    return value;
+}
+function getEnvOptional(key, defaultValue) {
+    return process.env[key] || defaultValue;
+}
+function loadConfig() {
+    const rawNetwork = getEnvOptional('SOLANA_NETWORK', 'devnet');
+    const network = rawNetwork === 'mainnet' ? 'mainnet-beta' : rawNetwork;
+    if (network !== 'devnet' && network !== 'mainnet-beta') {
+        throw new Error(`Invalid SOLANA_NETWORK: ${rawNetwork}. Must be 'devnet' or 'mainnet-beta' (or 'mainnet' alias)`);
+    }
+    return {
+        port: parseInt(getEnvOptional('PORT', '3100'), 10),
+        host: getEnvOptional('HOST', '127.0.0.1'),
+        apiKey: getEnvRequired('SIDECAR_API_KEY'),
+        solanaRpcUrl: getEnvOptional('SOLANA_RPC_URL', network === 'devnet'
+            ? 'https://api.devnet.solana.com'
+            : 'https://api.mainnet-beta.solana.com'),
+        solanaNetwork: network,
+        privacyCashProgramId: getEnvRequired('PRIVACY_CASH_PROGRAM_ID'),
+        companyWalletAddress: getEnvRequired('COMPANY_WALLET_ADDRESS'),
+        jupiter: {
+            apiUrl: getEnvOptional('JUPITER_API_URL', 'https://api.jup.ag/ultra/v1'),
+            apiKey: process.env.JUPITER_API_KEY || null,
+            minSwapUsd: parseFloat(getEnvOptional('JUPITER_MIN_SWAP_USD', '10')),
+            rateLimit: parseInt(getEnvOptional('JUPITER_RATE_LIMIT', '50'), 10),
+        },
+    };
+}

package/dist/index.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Cedros Login Sidecar
+ *
+ * A Node.js sidecar service used by the Rust backend. This wraps the Privacy Cash SDK
+ * and provides related Solana utilities (verification, batching, swaps).
+ * Required because the Privacy Cash SDK is JavaScript-only and requires Node.js 24+.
+ *
+ * Endpoints:
+ * - GET  /health         - Health check (no auth required)
+ * - POST /deposit/build  - Build unsigned deposit transaction
+ * - POST /deposit/submit - Submit signed deposit transaction
+ * - POST /withdraw       - Withdraw note to company wallet
+ *
+ * All endpoints except /health require Bearer token auth.
+ */
+export {};

package/dist/index.js

@@ -0,0 +1,103 @@
+"use strict";
+/**
+ * Cedros Login Sidecar
+ *
+ * A Node.js sidecar service used by the Rust backend. This wraps the Privacy Cash SDK
+ * and provides related Solana utilities (verification, batching, swaps).
+ * Required because the Privacy Cash SDK is JavaScript-only and requires Node.js 24+.
+ *
+ * Endpoints:
+ * - GET  /health         - Health check (no auth required)
+ * - POST /deposit/build  - Build unsigned deposit transaction
+ * - POST /deposit/submit - Submit signed deposit transaction
+ * - POST /withdraw       - Withdraw note to company wallet
+ *
+ * All endpoints except /health require Bearer token auth.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const config_js_1 = require("./config.js");
+const auth_js_1 = require("./middleware/auth.js");
+const rateLimit_js_1 = require("./middleware/rateLimit.js");
+const solana_js_1 = require("./services/solana.js");
+const privacy_cash_js_1 = require("./services/privacy-cash.js");
+const jupiter_js_1 = require("./services/jupiter.js");
+const health_js_1 = require("./routes/health.js");
+const deposit_js_1 = require("./routes/deposit.js");
+const withdraw_js_1 = require("./routes/withdraw.js");
+const batch_js_1 = require("./routes/batch.js");
+const verify_js_1 = require("./routes/verify.js");
+const redactRpcUrl_js_1 = require("./utils/redactRpcUrl.js");
+async function main() {
+    console.log('[Sidecar] Starting Cedros login sidecar...');
+    // Load configuration
+    const config = (0, config_js_1.loadConfig)();
+    console.log(`[Sidecar] Network: ${config.solanaNetwork}`);
+    console.log(`[Sidecar] RPC: ${(0, redactRpcUrl_js_1.redactRpcUrl)(config.solanaRpcUrl)}`);
+    console.log(`[Sidecar] Host: ${config.host}`);
+    console.log(`[Sidecar] Port: ${config.port}`);
+    // Initialize services
+    const solanaService = new solana_js_1.SolanaService(config);
+    const privacyCashService = new privacy_cash_js_1.PrivacyCashService(config, solanaService);
+    const jupiterService = new jupiter_js_1.JupiterService(config);
+    // Verify RPC connection
+    const rpcConnected = await solanaService.isConnected();
+    if (!rpcConnected) {
+        console.error('[Sidecar] WARNING: Failed to connect to Solana RPC');
+    }
+    else {
+        console.log('[Sidecar] Connected to Solana RPC');
+    }
+    // Create Express app
+    const app = (0, express_1.default)();
+    // Middleware
+    app.use(express_1.default.json({ limit: '1mb' }));
+    // SIDE-02: Basic in-memory rate limiting (protects sidecar from accidental overload)
+    app.use((0, rateLimit_js_1.createRateLimitMiddleware)({ windowMs: 10_000, maxRequests: 200 }));
+    // SIDE-02: Request timeout guard (best-effort)
+    app.use((_req, res, next) => {
+        res.setTimeout(30_000, () => {
+            if (!res.headersSent) {
+                res.status(503).json({ error: 'Request timeout' });
+            }
+        });
+        next();
+    });
+    app.use((0, auth_js_1.createAuthMiddleware)(config.apiKey));
+    // Request logging (simple, non-blocking)
+    app.use((req, _res, next) => {
+        console.log(`[${new Date().toISOString()}] ${req.method} ${req.path}`);
+        next();
+    });
+    // Routes
+    app.use((0, health_js_1.createHealthRoutes)(solanaService, privacyCashService));
+    app.use((0, deposit_js_1.createDepositRoutes)(privacyCashService, jupiterService));
+    app.use((0, withdraw_js_1.createWithdrawRoutes)(privacyCashService, jupiterService));
+    app.use((0, verify_js_1.createVerifyRoutes)(solanaService));
+    app.use('/batch', (0, batch_js_1.createBatchRouter)(config));
+    // 404 handler
+    app.use((_req, res) => {
+        res.status(404).json({ error: 'Not found' });
+    });
+    // Error handler
+    app.use((err, _req, res, _next) => {
+        console.error('[Sidecar] Unhandled error:', err);
+        res.status(500).json({ error: 'Internal server error' });
+    });
+    // Start server
+    const server = app.listen(config.port, config.host, () => {
+        console.log(`[Sidecar] Server running on http://${config.host}:${config.port}`);
+        console.log('[Sidecar] Ready to accept requests');
+    });
+    // SIDE-02: Tighten server-level timeouts (slowloris + hung sockets)
+    server.keepAliveTimeout = 5_000;
+    server.headersTimeout = 15_000;
+    server.requestTimeout = 30_000;
+}
+main().catch((error) => {
+    console.error('[Sidecar] Fatal error:', error);
+    process.exit(1);
+});

package/dist/middleware/auth.d.ts

@@ -0,0 +1,11 @@
+/**
+ * API key authentication middleware
+ *
+ * All endpoints (except /health) require a valid API key in the Authorization header.
+ * Format: Authorization: Bearer <api-key>
+ */
+import { Request, Response, NextFunction } from 'express';
+/**
+ * Create auth middleware with the given API key
+ */
+export declare function createAuthMiddleware(apiKey: string): (req: Request, res: Response, next: NextFunction) => void;

package/dist/middleware/auth.js

@@ -0,0 +1,41 @@
+"use strict";
+/**
+ * API key authentication middleware
+ *
+ * All endpoints (except /health) require a valid API key in the Authorization header.
+ * Format: Authorization: Bearer <api-key>
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAuthMiddleware = createAuthMiddleware;
+const crypto_1 = require("crypto");
+/**
+ * Create auth middleware with the given API key
+ */
+function createAuthMiddleware(apiKey) {
+    const apiKeyBuffer = Buffer.from(apiKey);
+    return (req, res, next) => {
+        // Skip auth for health check
+        if (req.path === '/health') {
+            return next();
+        }
+        const authHeader = req.headers.authorization;
+        if (!authHeader) {
+            res.status(401).json({ error: 'Missing Authorization header' });
+            return;
+        }
+        const match = authHeader.match(/^Bearer\s+(.+)$/i);
+        if (!match) {
+            res.status(401).json({ error: 'Invalid Authorization header format. Expected: Bearer <token>' });
+            return;
+        }
+        const providedKey = match[1];
+        const providedBuffer = Buffer.from(providedKey);
+        // Timing-safe comparison to prevent timing attacks
+        if (providedBuffer.length !== apiKeyBuffer.length ||
+            !(0, crypto_1.timingSafeEqual)(providedBuffer, apiKeyBuffer)) {
+            res.status(401).json({ error: 'Invalid API key' });
+            return;
+        }
+        next();
+    };
+}

package/dist/middleware/rateLimit.d.ts

@@ -0,0 +1,6 @@
+import type { NextFunction, Request, Response } from 'express';
+export interface RateLimitOptions {
+    windowMs: number;
+    maxRequests: number;
+}
+export declare function createRateLimitMiddleware({ windowMs, maxRequests }: RateLimitOptions): (req: Request, res: Response, next: NextFunction) => void;

package/dist/middleware/rateLimit.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRateLimitMiddleware = createRateLimitMiddleware;
+function createRateLimitMiddleware({ windowMs, maxRequests }) {
+    const buckets = new Map();
+    return (req, res, next) => {
+        if (req.path === '/health') {
+            next();
+            return;
+        }
+        const now = Date.now();
+        const ip = req.ip || req.socket.remoteAddress || 'unknown';
+        const existing = buckets.get(ip);
+        if (!existing || existing.resetAtMs <= now) {
+            buckets.set(ip, { count: 1, resetAtMs: now + windowMs });
+            next();
+            return;
+        }
+        existing.count += 1;
+        buckets.set(ip, existing);
+        if (existing.count > maxRequests) {
+            const retryAfterSeconds = Math.max(1, Math.ceil((existing.resetAtMs - now) / 1000));
+            res.setHeader('Retry-After', String(retryAfterSeconds));
+            res.status(429).json({ error: 'Too many requests' });
+            return;
+        }
+        next();
+    };
+}

package/dist/routes/batch.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Batch swap route for micro deposit batching
+ *
+ * POST /batch/swap - Swap SOL to output currency via Jupiter
+ *
+ * Used by the micro batch worker to convert accumulated SOL deposits
+ * into the company's preferred currency (USDC/USDT).
+ */
+import { Router } from 'express';
+import { Config } from '../config.js';
+export declare function createBatchRouter(config: Config): Router;

package/dist/routes/batch.js

@@ -0,0 +1,98 @@
+"use strict";
+/**
+ * Batch swap route for micro deposit batching
+ *
+ * POST /batch/swap - Swap SOL to output currency via Jupiter
+ *
+ * Used by the micro batch worker to convert accumulated SOL deposits
+ * into the company's preferred currency (USDC/USDT).
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createBatchRouter = createBatchRouter;
+const express_1 = require("express");
+const jupiter_js_1 = require("../services/jupiter.js");
+function createBatchRouter(config) {
+    const router = (0, express_1.Router)();
+    const jupiterService = new jupiter_js_1.JupiterService(config);
+    /**
+     * POST /batch/swap
+     *
+     * Swaps SOL from treasury wallet to output currency via Jupiter.
+     * Used for batching micro deposits.
+     */
+    router.post('/swap', async (req, res) => {
+        try {
+            const body = req.body;
+            // Validate request
+            if (!body.privateKey || typeof body.privateKey !== 'string') {
+                return res.status(400).json({
+                    success: false,
+                    error: 'Missing or invalid privateKey',
+                });
+            }
+            if (!body.amountLamports || typeof body.amountLamports !== 'number' || body.amountLamports <= 0) {
+                return res.status(400).json({
+                    success: false,
+                    error: 'Missing or invalid amountLamports',
+                });
+            }
+            if (!body.outputCurrency || !['USDC', 'USDT'].includes(body.outputCurrency.toUpperCase())) {
+                return res.status(400).json({
+                    success: false,
+                    error: 'outputCurrency must be USDC or USDT',
+                });
+            }
+            // Get output mint
+            const outputMint = jupiter_js_1.JupiterService.getMintForCurrency(body.outputCurrency);
+            if (!outputMint) {
+                return res.status(400).json({
+                    success: false,
+                    error: `Unsupported output currency: ${body.outputCurrency}`,
+                });
+            }
+            // Parse the keypair
+            let keypair;
+            try {
+                keypair = jupiter_js_1.JupiterService.parseKeypair(body.privateKey);
+            }
+            catch (e) {
+                console.error('[Batch] Failed to parse private key:', e);
+                return res.status(400).json({
+                    success: false,
+                    error: 'Invalid private key format',
+                });
+            }
+            console.log(`[Batch] Executing swap: ${body.amountLamports} lamports SOL -> ${body.outputCurrency}`);
+            // Execute the swap
+            const result = await jupiterService.swapFromSol(outputMint, body.amountLamports.toString(), keypair);
+            if (!result.success) {
+                console.error(`[Batch] Swap failed: ${result.error}`);
+                return res.status(500).json({
+                    success: false,
+                    txSignature: result.txSignature || '',
+                    inputLamports: body.amountLamports,
+                    outputAmount: '0',
+                    outputCurrency: body.outputCurrency.toUpperCase(),
+                    error: result.error || 'Swap execution failed',
+                });
+            }
+            console.log(`[Batch] Swap succeeded: signature=${result.txSignature}, output=${result.actualOutAmount || result.expectedOutAmount}`);
+            const response = {
+                success: true,
+                txSignature: result.txSignature,
+                inputLamports: body.amountLamports,
+                outputAmount: result.actualOutAmount || result.expectedOutAmount,
+                outputCurrency: body.outputCurrency.toUpperCase(),
+            };
+            return res.json(response);
+        }
+        catch (error) {
+            console.error('[Batch] Unexpected error:', error);
+            return res.status(500).json({
+                success: false,
+                error: error instanceof Error ? error.message : 'Internal server error',
+            });
+        }
+    });
+    return router;
+}

package/dist/routes/deposit.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Deposit endpoints for Privacy Cash deposits (SSS embedded wallets only)
+ *
+ * POST /deposit - Execute a deposit to the user's Privacy Cash account
+ * POST /deposit/swap-and-deposit - Swap SPL token to SOL and deposit (gasless)
+ *
+ * Architecture:
+ * - User's keypair is reconstructed server-side from SSS shares
+ * - Deposit goes to user's Privacy Cash account (user's pubkey)
+ * - Server stores Share B during privacy period for later withdrawal
+ */
+import { Router } from 'express';
+import { PrivacyCashService } from '../services/privacy-cash.js';
+import { JupiterService } from '../services/jupiter.js';
+export declare function createDepositRoutes(privacyCash: PrivacyCashService, jupiter: JupiterService): Router;

package/dist/routes/deposit.js

@@ -0,0 +1,163 @@
+"use strict";
+/**
+ * Deposit endpoints for Privacy Cash deposits (SSS embedded wallets only)
+ *
+ * POST /deposit - Execute a deposit to the user's Privacy Cash account
+ * POST /deposit/swap-and-deposit - Swap SPL token to SOL and deposit (gasless)
+ *
+ * Architecture:
+ * - User's keypair is reconstructed server-side from SSS shares
+ * - Deposit goes to user's Privacy Cash account (user's pubkey)
+ * - Server stores Share B during privacy period for later withdrawal
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createDepositRoutes = createDepositRoutes;
+const express_1 = require("express");
+const web3_js_1 = require("@solana/web3.js");
+const bs58_1 = __importDefault(require("bs58"));
+function createDepositRoutes(privacyCash, jupiter) {
+    const router = (0, express_1.Router)();
+    /**
+     * POST /deposit
+     *
+     * Execute a Privacy Cash deposit for an SSS embedded wallet.
+     *
+     * The deposit goes to the USER's Privacy Cash account (user's pubkey is owner).
+     * This provides privacy because the subsequent withdrawal to company wallet
+     * is unlinkable on-chain.
+     *
+     * Requirements:
+     * - User must have no-recovery wallet (no Share C)
+     * - Server temporarily stores Share B during privacy period
+     */
+    router.post('/deposit', async (req, res) => {
+        try {
+            const body = req.body;
+            // Validate request
+            if (!body.user_private_key || typeof body.user_private_key !== 'string') {
+                res.status(400).json({ error: 'user_private_key is required and must be a base58 string' });
+                return;
+            }
+            if (!body.amount_lamports || typeof body.amount_lamports !== 'number') {
+                res.status(400).json({ error: 'amount_lamports is required and must be a number' });
+                return;
+            }
+            if (body.amount_lamports <= 0) {
+                res.status(400).json({ error: 'amount_lamports must be positive' });
+                return;
+            }
+            // Decode the private key
+            let userKeypair;
+            try {
+                const privateKeyBytes = bs58_1.default.decode(body.user_private_key);
+                userKeypair = web3_js_1.Keypair.fromSecretKey(privateKeyBytes);
+            }
+            catch {
+                res.status(400).json({ error: 'Invalid private key format' });
+                return;
+            }
+            // Execute the deposit to user's Privacy Cash account
+            const result = await privacyCash.executeDeposit(userKeypair, body.amount_lamports);
+            res.json({
+                success: result.success,
+                tx_signature: result.txSignature,
+                user_pubkey: userKeypair.publicKey.toBase58(),
+            });
+        }
+        catch (error) {
+            console.error('[Deposit] Error:', error);
+            res.status(500).json({
+                error: 'Failed to execute deposit',
+                details: error instanceof Error ? error.message : 'Unknown error',
+            });
+        }
+    });
+    /**
+     * POST /deposit/swap-and-deposit
+     *
+     * Swap SPL token to SOL using Jupiter gasless swap, then deposit to Privacy Cash.
+     *
+     * This endpoint combines two operations:
+     * 1. Gasless swap: SPL token → SOL (Jupiter pays gas fees)
+     * 2. Privacy Cash deposit: SOL → user's Privacy Cash account
+     *
+     * Requirements:
+     * - User wallet must have < 0.01 SOL (gasless requirement)
+     * - Trade size must be > ~$10 USD (Jupiter minimum)
+     * - User must have no-recovery wallet (no Share C)
+     */
+    router.post('/deposit/swap-and-deposit', async (req, res) => {
+        try {
+            const body = req.body;
+            // Validate request
+            if (!body.user_private_key || typeof body.user_private_key !== 'string') {
+                res.status(400).json({ error: 'user_private_key is required and must be a base58 string' });
+                return;
+            }
+            if (!body.input_mint || typeof body.input_mint !== 'string') {
+                res.status(400).json({ error: 'input_mint is required and must be a string' });
+                return;
+            }
+            if (!body.amount || typeof body.amount !== 'string') {
+                res.status(400).json({ error: 'amount is required and must be a string' });
+                return;
+            }
+            // Decode the private key
+            let userKeypair;
+            try {
+                const privateKeyBytes = bs58_1.default.decode(body.user_private_key);
+                userKeypair = web3_js_1.Keypair.fromSecretKey(privateKeyBytes);
+            }
+            catch {
+                res.status(400).json({ error: 'Invalid private key format' });
+                return;
+            }
+            const userPubkey = userKeypair.publicKey.toBase58();
+            console.log(`[SwapAndDeposit] Starting for user: ${userPubkey}`);
+            // Step 1: Execute gasless swap (SPL token → SOL)
+            console.log(`[SwapAndDeposit] Swapping ${body.amount} of ${body.input_mint} to SOL`);
+            const swapResult = await jupiter.swapToSol(body.input_mint, body.amount, userKeypair);
+            if (!swapResult.success) {
+                console.error(`[SwapAndDeposit] Swap failed: ${swapResult.error} (code: ${swapResult.errorCode})`);
+                res.status(500).json({
+                    error: 'Swap failed',
+                    details: swapResult.error,
+                    error_code: swapResult.errorCode,
+                    swap_tx_signature: swapResult.txSignature || null,
+                    gasless: swapResult.gasless,
+                });
+                return;
+            }
+            // Use actual output if available, otherwise expected
+            const solAmount = swapResult.actualOutAmount || swapResult.expectedOutAmount;
+            console.log(`[SwapAndDeposit] Swap succeeded: ${swapResult.txSignature}, got ${solAmount} lamports (gasless: ${swapResult.gasless})`);
+            // Step 2: Execute Privacy Cash deposit with the swapped SOL
+            const solAmountLamports = parseInt(solAmount, 10);
+            console.log(`[SwapAndDeposit] Depositing ${solAmountLamports} lamports to Privacy Cash`);
+            const depositResult = await privacyCash.executeDeposit(userKeypair, solAmountLamports);
+            console.log(`[SwapAndDeposit] Deposit succeeded: ${depositResult.txSignature}`);
+            res.json({
+                success: true,
+                swap_tx_signature: swapResult.txSignature,
+                deposit_tx_signature: depositResult.txSignature,
+                sol_amount_lamports: solAmountLamports,
+                gasless: swapResult.gasless,
+                // Return input (pre-swap) amount for crediting
+                input_mint: body.input_mint,
+                input_amount: body.amount,
+                user_pubkey: userPubkey,
+            });
+        }
+        catch (error) {
+            console.error('[SwapAndDeposit] Error:', error);
+            res.status(500).json({
+                error: 'Failed to execute swap and deposit',
+                details: error instanceof Error ? error.message : 'Unknown error',
+            });
+        }
+    });
+    return router;
+}

package/dist/routes/health.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Health check endpoint
+ *
+ * GET /health - Returns service health status
+ */
+import { Router } from 'express';
+import { SolanaService } from '../services/solana.js';
+import { PrivacyCashService } from '../services/privacy-cash.js';
+export declare function createHealthRoutes(solana: SolanaService, privacyCash: PrivacyCashService): Router;