@cedros/login-sidecar 0.0.1

package/dist/routes/health.js

@@ -0,0 +1,37 @@
+"use strict";
+/**
+ * Health check endpoint
+ *
+ * GET /health - Returns service health status
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createHealthRoutes = createHealthRoutes;
+const express_1 = require("express");
+function createHealthRoutes(solana, privacyCash) {
+    const router = (0, express_1.Router)();
+    router.get('/health', async (_req, res) => {
+        try {
+            const rpcConnected = await solana.isConnected();
+            const sdkLoaded = await privacyCash.isLoaded();
+            const status = rpcConnected && sdkLoaded ? 'healthy' : 'degraded';
+            res.json({
+                status,
+                timestamp: new Date().toISOString(),
+                network: solana.getNetwork(),
+                checks: {
+                    rpc_connected: rpcConnected,
+                    sdk_loaded: sdkLoaded,
+                },
+            });
+        }
+        catch (error) {
+            console.error('[Health] Check failed:', error);
+            res.status(503).json({
+                status: 'unhealthy',
+                timestamp: new Date().toISOString(),
+                error: error instanceof Error ? error.message : 'Unknown error',
+            });
+        }
+    });
+    return router;
+}

package/dist/routes/verify.d.ts

@@ -0,0 +1,2 @@
+import type { SolanaService } from '../services/solana.js';
+export declare function createVerifyRoutes(solanaService: SolanaService): import("express-serve-static-core").Router;

package/dist/routes/verify.js

@@ -0,0 +1,48 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createVerifyRoutes = createVerifyRoutes;
+const express_1 = require("express");
+const verifySolTransfer_js_1 = require("../utils/verifySolTransfer.js");
+function createVerifyRoutes(solanaService) {
+    const router = (0, express_1.Router)();
+    router.post('/verify/sol-transfer', async (req, res) => {
+        try {
+            const body = req.body;
+            if (!body || typeof body.signature !== 'string') {
+                return res.status(400).json({ error: 'Missing signature' });
+            }
+            if (typeof body.expectedDestination !== 'string' || body.expectedDestination.length === 0) {
+                return res.status(400).json({ error: 'Missing expectedDestination' });
+            }
+            if (body.expectedSource !== undefined && typeof body.expectedSource !== 'string') {
+                return res.status(400).json({ error: 'Invalid expectedSource' });
+            }
+            if (body.minLamports !== undefined && typeof body.minLamports !== 'number') {
+                return res.status(400).json({ error: 'Invalid minLamports' });
+            }
+            const connection = solanaService.getConnection();
+            const tx = await connection.getParsedTransaction(body.signature, {
+                commitment: 'finalized',
+                maxSupportedTransactionVersion: 0,
+            });
+            const result = (0, verifySolTransfer_js_1.verifySolTransferFromParsedTransaction)(tx, {
+                signature: body.signature,
+                expectedSource: body.expectedSource,
+                expectedDestination: body.expectedDestination,
+                minLamports: body.minLamports,
+            });
+            return res.json({
+                ok: true,
+                signature: result.signature,
+                observedLamports: result.observedLamports,
+                source: result.source,
+                destination: result.destination,
+            });
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : 'Verification failed';
+            return res.status(400).json({ error: message });
+        }
+    });
+    return router;
+}

package/dist/routes/withdraw.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Withdrawal endpoints for withdrawing from user's Privacy Cash to company wallet
+ *
+ * POST /withdraw - Withdraw from a user's Privacy Cash account to company wallet
+ * POST /withdraw/balance - Get a user's private balance in Privacy Cash
+ *
+ * Architecture:
+ * - Withdrawal requires user's keypair (reconstructed from stored shares)
+ * - Funds go from user's Privacy Cash account to company wallet
+ * - This is the second half of the privacy flow (deposit → wait → withdraw)
+ */
+import { Router } from 'express';
+import { PrivacyCashService } from '../services/privacy-cash.js';
+import { JupiterService } from '../services/jupiter.js';
+export declare function createWithdrawRoutes(privacyCash: PrivacyCashService, _jupiter?: JupiterService): Router;

package/dist/routes/withdraw.js

@@ -0,0 +1,137 @@
+"use strict";
+/**
+ * Withdrawal endpoints for withdrawing from user's Privacy Cash to company wallet
+ *
+ * POST /withdraw - Withdraw from a user's Privacy Cash account to company wallet
+ * POST /withdraw/balance - Get a user's private balance in Privacy Cash
+ *
+ * Architecture:
+ * - Withdrawal requires user's keypair (reconstructed from stored shares)
+ * - Funds go from user's Privacy Cash account to company wallet
+ * - This is the second half of the privacy flow (deposit → wait → withdraw)
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createWithdrawRoutes = createWithdrawRoutes;
+const express_1 = require("express");
+const web3_js_1 = require("@solana/web3.js");
+const bs58_1 = __importDefault(require("bs58"));
+function createWithdrawRoutes(privacyCash, _jupiter) {
+    const router = (0, express_1.Router)();
+    /**
+     * POST /withdraw
+     *
+     * Withdraw funds from a user's Privacy Cash account to the company wallet.
+     * This is called after the "privacy period" has elapsed.
+     *
+     * The user's keypair is reconstructed from stored SSS shares (Share A + Share B).
+     * Funds are sent to the configured company wallet address.
+     */
+    router.post('/withdraw', async (req, res) => {
+        try {
+            const body = req.body;
+            // Validate request
+            if (!body.user_private_key || typeof body.user_private_key !== 'string') {
+                res.status(400).json({ error: 'user_private_key is required and must be a base58 string' });
+                return;
+            }
+            if (!body.amount_lamports || typeof body.amount_lamports !== 'number') {
+                res.status(400).json({ error: 'amount_lamports is required and must be a number' });
+                return;
+            }
+            if (body.amount_lamports <= 0) {
+                res.status(400).json({ error: 'amount_lamports must be positive' });
+                return;
+            }
+            // Decode the private key
+            let userKeypair;
+            try {
+                const privateKeyBytes = bs58_1.default.decode(body.user_private_key);
+                userKeypair = web3_js_1.Keypair.fromSecretKey(privateKeyBytes);
+            }
+            catch {
+                res.status(400).json({ error: 'Invalid private key format' });
+                return;
+            }
+            // Execute the withdrawal from user's account to company wallet
+            const result = await privacyCash.withdrawFromUser(userKeypair, body.amount_lamports);
+            // NOTE: Swap-on-withdraw is not supported.
+            // The Privacy Cash withdrawal sends funds to the company wallet.
+            // Swapping would require signing with the company/treasury key.
+            const targetCurrency = body.target_currency?.toUpperCase() || 'SOL';
+            if (targetCurrency !== 'SOL') {
+                res.json({
+                    success: result.success,
+                    tx_signature: result.txSignature,
+                    fee_lamports: result.feeLamports,
+                    amount_lamports: result.amountLamports,
+                    is_partial: result.isPartial,
+                    swap_failed: true,
+                    swap_error: 'Swap-on-withdraw is not supported; funds remain in SOL',
+                    currency: 'SOL',
+                });
+                return;
+            }
+            // No swap needed - return SOL
+            res.json({
+                success: result.success,
+                tx_signature: result.txSignature,
+                fee_lamports: result.feeLamports,
+                amount_lamports: result.amountLamports,
+                is_partial: result.isPartial,
+                currency: 'SOL',
+            });
+        }
+        catch (error) {
+            console.error('[Withdraw] Error:', error);
+            res.status(500).json({
+                error: 'Failed to withdraw funds',
+                details: error instanceof Error ? error.message : 'Unknown error',
+            });
+        }
+    });
+    /**
+     * POST /withdraw/balance
+     *
+     * Get a user's private balance in Privacy Cash.
+     * Requires the user's keypair to decrypt UTXO data.
+     *
+     * Note: This is POST (not GET) because it requires a request body with the private key.
+     */
+    router.post('/withdraw/balance', async (req, res) => {
+        try {
+            const body = req.body;
+            // Validate request
+            if (!body.user_private_key || typeof body.user_private_key !== 'string') {
+                res.status(400).json({ error: 'user_private_key is required and must be a base58 string' });
+                return;
+            }
+            // Decode the private key
+            let userKeypair;
+            try {
+                const privateKeyBytes = bs58_1.default.decode(body.user_private_key);
+                userKeypair = web3_js_1.Keypair.fromSecretKey(privateKeyBytes);
+            }
+            catch {
+                res.status(400).json({ error: 'Invalid private key format' });
+                return;
+            }
+            const balanceLamports = await privacyCash.getUserPrivateBalance(userKeypair);
+            res.json({
+                balance_lamports: balanceLamports,
+                balance_sol: balanceLamports / 1_000_000_000,
+                user_pubkey: userKeypair.publicKey.toBase58(),
+            });
+        }
+        catch (error) {
+            console.error('[Withdraw/Balance] Error:', error);
+            res.status(500).json({
+                error: 'Failed to get private balance',
+                details: error instanceof Error ? error.message : 'Unknown error',
+            });
+        }
+    });
+    return router;
+}

package/dist/services/jupiter.d.ts

@@ -0,0 +1,129 @@
+/**
+ * Jupiter Ultra API service for gasless SPL token → SOL swaps
+ *
+ * Jupiter Ultra provides gasless swaps when:
+ * - User wallet has < 0.01 SOL (embedded wallets qualify)
+ * - Trade size > ~$10 USD (configured via JUPITER_MIN_SWAP_USD)
+ * - Jupiter pays transaction fees, deducted from swap output
+ *
+ * Flow:
+ * 1. GET /order - Get unsigned swap transaction
+ * 2. Sign transaction with user keypair
+ * 3. POST /execute - Submit signed transaction (Jupiter pays gas)
+ */
+import { Keypair } from '@solana/web3.js';
+import { Config } from '../config.js';
+/** USDC token mint address on Solana mainnet */
+export declare const USDC_MINT = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
+/** USDT token mint address on Solana mainnet */
+export declare const USDT_MINT = "Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB";
+/** Parameters for getting a swap order */
+export interface SwapOrderParams {
+    /** SPL token mint address to swap from (e.g., USDC) */
+    inputMint: string;
+    /** Amount in token's smallest unit (e.g., 10 USDC = 10_000_000 for 6 decimals) */
+    amount: string;
+    /** User's wallet address (taker) */
+    takerAddress: string;
+}
+/** Result of getting a swap order */
+export interface SwapOrder {
+    /** Base64 encoded unsigned transaction */
+    transaction: string;
+    /** Request ID for tracking */
+    requestId: string;
+    /** Expected output amount in smallest unit */
+    expectedOutAmount: string;
+    /** Price impact percentage */
+    priceImpactPct: string;
+    /** Whether this order qualifies for gasless execution */
+    gasless: boolean;
+    /** Slippage in basis points */
+    slippageBps: number;
+}
+/** Result of executing a swap */
+export interface SwapResult {
+    success: boolean;
+    /** Transaction signature */
+    txSignature: string;
+    /** Expected output amount (from order) */
+    expectedOutAmount: string;
+    /** Actual output amount received (if available) */
+    actualOutAmount?: string;
+    /** Whether gasless was used */
+    gasless: boolean;
+    /** Error message if failed */
+    error?: string;
+    /** Error code if failed */
+    errorCode?: number;
+}
+export declare class JupiterService {
+    private apiUrl;
+    private apiKey;
+    private minSwapUsd;
+    private rateLimit;
+    constructor(config: Config);
+    /**
+     * Get minimum swap amount in USD required for gasless swaps
+     */
+    getMinSwapUsd(): number;
+    /**
+     * Get configured rate limit (requests per 10 seconds) for queue throttling
+     */
+    getRateLimit(): number;
+    /**
+     * Get a swap order (unsigned transaction) from Jupiter Ultra API
+     *
+     * @param params - Swap parameters (inputMint, amount, takerAddress)
+     * @returns SwapOrder with unsigned transaction and expected output
+     * @throws Error if Jupiter API returns an error or network fails
+     */
+    getSwapOrder(params: SwapOrderParams): Promise<SwapOrder>;
+    /**
+     * Sign and execute a swap transaction
+     *
+     * Takes an unsigned transaction from getSwapOrder(), signs it with the user's
+     * keypair, and submits it to Jupiter for execution (gasless).
+     *
+     * @param order - SwapOrder from getSwapOrder()
+     * @param userKeypair - User's keypair to sign the transaction
+     * @returns SwapResult with transaction signature
+     * @throws Error if signing fails or Jupiter execution fails
+     */
+    executeSwap(order: SwapOrder, userKeypair: Keypair): Promise<SwapResult>;
+    /**
+     * Perform a complete gasless swap from SPL token to SOL
+     *
+     * Combines getSwapOrder() and executeSwap() into a single call.
+     * This is the main method to use for swapping tokens.
+     *
+     * @param inputMint - SPL token mint address to swap from
+     * @param amount - Amount in token's smallest unit
+     * @param userKeypair - User's keypair (for signing and as taker address)
+     * @returns SwapResult with transaction signature and output amount
+     */
+    swapToSol(inputMint: string, amount: string, userKeypair: Keypair): Promise<SwapResult>;
+    /**
+     * Perform a complete swap from SOL to SPL token (for withdrawals)
+     *
+     * This is used when the company's preferred currency is not SOL.
+     * The SOL from Privacy Cash is swapped to USDC/USDT via Jupiter.
+     *
+     * @param outputMint - SPL token mint address to swap to (e.g., USDC, USDT)
+     * @param amountLamports - Amount of SOL in lamports to swap
+     * @param userKeypair - User's keypair (for signing and as taker address)
+     * @returns SwapResult with transaction signature and output amount
+     */
+    swapFromSol(outputMint: string, amountLamports: string, userKeypair: Keypair): Promise<SwapResult>;
+    /**
+     * Get the mint address for a currency code
+     *
+     * @param currency - Currency code (SOL, USDC, USDT)
+     * @returns Mint address or null if unsupported/is SOL
+     */
+    static getMintForCurrency(currency: string): string | null;
+    /**
+     * Parse a base58-encoded private key into a Keypair
+     */
+    static parseKeypair(privateKeyBase58: string): Keypair;
+}

package/dist/services/jupiter.js

@@ -0,0 +1,304 @@
+"use strict";
+/**
+ * Jupiter Ultra API service for gasless SPL token → SOL swaps
+ *
+ * Jupiter Ultra provides gasless swaps when:
+ * - User wallet has < 0.01 SOL (embedded wallets qualify)
+ * - Trade size > ~$10 USD (configured via JUPITER_MIN_SWAP_USD)
+ * - Jupiter pays transaction fees, deducted from swap output
+ *
+ * Flow:
+ * 1. GET /order - Get unsigned swap transaction
+ * 2. Sign transaction with user keypair
+ * 3. POST /execute - Submit signed transaction (Jupiter pays gas)
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JupiterService = exports.USDT_MINT = exports.USDC_MINT = void 0;
+const web3_js_1 = require("@solana/web3.js");
+const bs58_1 = __importDefault(require("bs58"));
+const fetchWithTimeout_js_1 = require("../utils/fetchWithTimeout.js");
+/** SOL token mint address (native SOL wrapped) */
+const SOL_MINT = 'So11111111111111111111111111111111111111112';
+/** Default Jupiter HTTP timeout (ms) */
+const JUPITER_TIMEOUT_MS = 10_000;
+/** USDC token mint address on Solana mainnet */
+exports.USDC_MINT = 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v';
+/** USDT token mint address on Solana mainnet */
+exports.USDT_MINT = 'Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB';
+class JupiterService {
+    apiUrl;
+    apiKey;
+    minSwapUsd;
+    rateLimit;
+    constructor(config) {
+        this.apiUrl = config.jupiter.apiUrl;
+        this.apiKey = config.jupiter.apiKey;
+        this.minSwapUsd = config.jupiter.minSwapUsd;
+        this.rateLimit = config.jupiter.rateLimit;
+        if (!this.apiKey) {
+            console.warn('[Jupiter] WARNING: No API key configured. Jupiter Ultra API requires an API key. Get one free at https://portal.jup.ag');
+        }
+        console.log(`[Jupiter] Initialized with API: ${this.apiUrl}, minSwapUsd: ${this.minSwapUsd}, rateLimit: ${this.rateLimit}/10s`);
+    }
+    /**
+     * Get minimum swap amount in USD required for gasless swaps
+     */
+    getMinSwapUsd() {
+        return this.minSwapUsd;
+    }
+    /**
+     * Get configured rate limit (requests per 10 seconds) for queue throttling
+     */
+    getRateLimit() {
+        return this.rateLimit;
+    }
+    /**
+     * Get a swap order (unsigned transaction) from Jupiter Ultra API
+     *
+     * @param params - Swap parameters (inputMint, amount, takerAddress)
+     * @returns SwapOrder with unsigned transaction and expected output
+     * @throws Error if Jupiter API returns an error or network fails
+     */
+    async getSwapOrder(params) {
+        const { inputMint, amount, takerAddress } = params;
+        // Build query parameters
+        const queryParams = new URLSearchParams({
+            inputMint,
+            outputMint: SOL_MINT,
+            amount,
+            taker: takerAddress,
+        });
+        const url = `${this.apiUrl}/order?${queryParams.toString()}`;
+        const headers = {
+            'Accept': 'application/json',
+        };
+        // Add API key if configured (required for production)
+        if (this.apiKey) {
+            headers['x-api-key'] = this.apiKey;
+        }
+        console.log(`[Jupiter] Getting swap order: ${inputMint} -> SOL, amount: ${amount}`);
+        const response = await (0, fetchWithTimeout_js_1.fetchWithTimeout)(fetch, url, { headers }, JUPITER_TIMEOUT_MS);
+        if (!response.ok) {
+            const errorBody = await response.text();
+            let errorMessage = `Jupiter API error: ${response.status}`;
+            try {
+                const errorJson = JSON.parse(errorBody);
+                errorMessage = errorJson.error || errorMessage;
+            }
+            catch {
+                errorMessage = errorBody || errorMessage;
+            }
+            throw new Error(errorMessage);
+        }
+        const order = await response.json();
+        // Check for order-level errors (codes 1, 2, 3)
+        if (order.error || order.code) {
+            const errorMessages = {
+                1: 'Insufficient token balance for swap',
+                2: 'Insufficient SOL for gas fees',
+                3: 'Trade size below minimum for gasless swap',
+            };
+            const errorMsg = order.error || errorMessages[order.code] || `Order failed with code ${order.code}`;
+            throw new Error(errorMsg);
+        }
+        // Validate required fields are present
+        if (!order.transaction || !order.requestId || !order.outAmount) {
+            throw new Error('Invalid order response: missing required fields');
+        }
+        console.log(`[Jupiter] Order received: requestId=${order.requestId}, outAmount=${order.outAmount}, gasless=${order.gasless}, router=${order.router}`);
+        return {
+            transaction: order.transaction,
+            requestId: order.requestId,
+            expectedOutAmount: order.outAmount,
+            priceImpactPct: order.priceImpactPct || '0',
+            gasless: order.gasless ?? false,
+            slippageBps: order.slippageBps ?? 0,
+        };
+    }
+    /**
+     * Sign and execute a swap transaction
+     *
+     * Takes an unsigned transaction from getSwapOrder(), signs it with the user's
+     * keypair, and submits it to Jupiter for execution (gasless).
+     *
+     * @param order - SwapOrder from getSwapOrder()
+     * @param userKeypair - User's keypair to sign the transaction
+     * @returns SwapResult with transaction signature
+     * @throws Error if signing fails or Jupiter execution fails
+     */
+    async executeSwap(order, userKeypair) {
+        console.log(`[Jupiter] Executing swap: requestId=${order.requestId}, gasless=${order.gasless}`);
+        // Deserialize the transaction from base64
+        const txBuffer = Buffer.from(order.transaction, 'base64');
+        const transaction = web3_js_1.VersionedTransaction.deserialize(txBuffer);
+        // Sign the transaction with user's keypair
+        transaction.sign([userKeypair]);
+        // Serialize the signed transaction back to base64
+        const signedTxBase64 = Buffer.from(transaction.serialize()).toString('base64');
+        // Submit to Jupiter execute endpoint
+        const headers = {
+            'Content-Type': 'application/json',
+            'Accept': 'application/json',
+        };
+        if (this.apiKey) {
+            headers['x-api-key'] = this.apiKey;
+        }
+        const response = await (0, fetchWithTimeout_js_1.fetchWithTimeout)(fetch, `${this.apiUrl}/execute`, {
+            method: 'POST',
+            headers,
+            body: JSON.stringify({
+                signedTransaction: signedTxBase64,
+                requestId: order.requestId,
+            }),
+        }, JUPITER_TIMEOUT_MS);
+        if (!response.ok) {
+            const errorBody = await response.text();
+            let errorMessage = `Jupiter execute error: ${response.status}`;
+            try {
+                const errorJson = JSON.parse(errorBody);
+                errorMessage = errorJson.error || errorMessage;
+            }
+            catch {
+                errorMessage = errorBody || errorMessage;
+            }
+            throw new Error(errorMessage);
+        }
+        const result = await response.json();
+        // Check for failure via status or error code
+        if (result.status !== 'Success' || (result.code !== undefined && result.code !== 0)) {
+            return {
+                success: false,
+                txSignature: result.signature || '',
+                expectedOutAmount: order.expectedOutAmount,
+                gasless: order.gasless,
+                error: result.error || `Swap failed with code ${result.code}`,
+                errorCode: result.code,
+            };
+        }
+        console.log(`[Jupiter] Swap executed: signature=${result.signature}, actualOut=${result.outputAmountResult || 'N/A'}`);
+        return {
+            success: true,
+            txSignature: result.signature,
+            expectedOutAmount: order.expectedOutAmount,
+            actualOutAmount: result.outputAmountResult,
+            gasless: order.gasless,
+        };
+    }
+    /**
+     * Perform a complete gasless swap from SPL token to SOL
+     *
+     * Combines getSwapOrder() and executeSwap() into a single call.
+     * This is the main method to use for swapping tokens.
+     *
+     * @param inputMint - SPL token mint address to swap from
+     * @param amount - Amount in token's smallest unit
+     * @param userKeypair - User's keypair (for signing and as taker address)
+     * @returns SwapResult with transaction signature and output amount
+     */
+    async swapToSol(inputMint, amount, userKeypair) {
+        const takerAddress = userKeypair.publicKey.toBase58();
+        // Get the swap order (unsigned transaction)
+        const order = await this.getSwapOrder({
+            inputMint,
+            amount,
+            takerAddress,
+        });
+        // Sign and execute the swap
+        return this.executeSwap(order, userKeypair);
+    }
+    /**
+     * Perform a complete swap from SOL to SPL token (for withdrawals)
+     *
+     * This is used when the company's preferred currency is not SOL.
+     * The SOL from Privacy Cash is swapped to USDC/USDT via Jupiter.
+     *
+     * @param outputMint - SPL token mint address to swap to (e.g., USDC, USDT)
+     * @param amountLamports - Amount of SOL in lamports to swap
+     * @param userKeypair - User's keypair (for signing and as taker address)
+     * @returns SwapResult with transaction signature and output amount
+     */
+    async swapFromSol(outputMint, amountLamports, userKeypair) {
+        const takerAddress = userKeypair.publicKey.toBase58();
+        // Build query parameters for SOL -> outputMint
+        const queryParams = new URLSearchParams({
+            inputMint: SOL_MINT,
+            outputMint,
+            amount: amountLamports,
+            taker: takerAddress,
+        });
+        const url = `${this.apiUrl}/order?${queryParams.toString()}`;
+        const headers = {
+            'Accept': 'application/json',
+        };
+        if (this.apiKey) {
+            headers['x-api-key'] = this.apiKey;
+        }
+        console.log(`[Jupiter] Getting swap order: SOL -> ${outputMint}, amount: ${amountLamports} lamports`);
+        const response = await fetch(url, { headers });
+        if (!response.ok) {
+            const errorBody = await response.text();
+            let errorMessage = `Jupiter API error: ${response.status}`;
+            try {
+                const errorJson = JSON.parse(errorBody);
+                errorMessage = errorJson.error || errorMessage;
+            }
+            catch {
+                errorMessage = errorBody || errorMessage;
+            }
+            throw new Error(errorMessage);
+        }
+        const order = await response.json();
+        // Check for order-level errors (codes 1, 2, 3)
+        if (order.error || order.code) {
+            const errorMessages = {
+                1: 'Insufficient token balance for swap',
+                2: 'Insufficient SOL for gas fees',
+                3: 'Trade size below minimum for gasless swap',
+            };
+            const errorMsg = order.error || errorMessages[order.code] || `Order failed with code ${order.code}`;
+            throw new Error(errorMsg);
+        }
+        // Validate required fields are present
+        if (!order.transaction || !order.requestId || !order.outAmount) {
+            throw new Error('Invalid order response: missing required fields');
+        }
+        console.log(`[Jupiter] Order received: requestId=${order.requestId}, outAmount=${order.outAmount}, gasless=${order.gasless}, router=${order.router}`);
+        // Execute the swap
+        return this.executeSwap({
+            transaction: order.transaction,
+            requestId: order.requestId,
+            expectedOutAmount: order.outAmount,
+            priceImpactPct: order.priceImpactPct || '0',
+            gasless: order.gasless ?? false,
+            slippageBps: order.slippageBps ?? 0,
+        }, userKeypair);
+    }
+    /**
+     * Get the mint address for a currency code
+     *
+     * @param currency - Currency code (SOL, USDC, USDT)
+     * @returns Mint address or null if unsupported/is SOL
+     */
+    static getMintForCurrency(currency) {
+        switch (currency.toUpperCase()) {
+            case 'USDC':
+                return exports.USDC_MINT;
+            case 'USDT':
+                return exports.USDT_MINT;
+            case 'SOL':
+            default:
+                return null; // No swap needed for SOL
+        }
+    }
+    /**
+     * Parse a base58-encoded private key into a Keypair
+     */
+    static parseKeypair(privateKeyBase58) {
+        const privateKeyBytes = bs58_1.default.decode(privateKeyBase58);
+        return web3_js_1.Keypair.fromSecretKey(privateKeyBytes);
+    }
+}
+exports.JupiterService = JupiterService;