@cedros/pay-react 0.1.0

package/dist/CedrosContext-vX9uqZKp.mjs

@@ -0,0 +1,1796 @@
+import { jsx as H } from "react/jsx-runtime";
+import { createContext as me, useContext as pe, useState as X, useRef as ye, useEffect as D, useMemo as Y } from "react";
+import { g as N } from "./uuid-UlzrVY8Y.mjs";
+import { clusterApiUrl as Le, Connection as $e, Transaction as ae, PublicKey as M, LAMPORTS_PER_SOL as _e } from "@solana/web3.js";
+import { getAssociatedTokenAddress as je, createTransferInstruction as qe } from "@solana/spl-token";
+import { PhantomWalletAdapter as We, SolflareWalletAdapter as Ke } from "@solana/wallet-adapter-wallets";
+var we = "https://js.stripe.com/v3", ze = /^https:\/\/js\.stripe\.com\/v3\/?(\?.*)?$/;
+var Ve = function() {
+  for (var e = document.querySelectorAll('script[src^="'.concat(we, '"]')), r = 0; r < e.length; r++) {
+    var n = e[r];
+    if (ze.test(n.src))
+      return n;
+  }
+  return null;
+}, oe = function(e) {
+  var r = "", n = document.createElement("script");
+  n.src = "".concat(we).concat(r);
+  var a = document.head || document.body;
+  if (!a)
+    throw new Error("Expected document.body not to be null. Stripe.js requires a <body> element.");
+  return a.appendChild(n), n;
+}, Ge = function(e, r) {
+  !e || !e._registerWrapper || e._registerWrapper({
+    name: "stripe-js",
+    version: "4.6.0",
+    startTime: r
+  });
+}, U = null, $ = null, _ = null, He = function(e) {
+  return function() {
+    e(new Error("Failed to load Stripe.js"));
+  };
+}, Xe = function(e, r) {
+  return function() {
+    window.Stripe ? e(window.Stripe) : r(new Error("Stripe.js not available"));
+  };
+}, Ye = function(e) {
+  return U !== null ? U : (U = new Promise(function(r, n) {
+    if (typeof window > "u" || typeof document > "u") {
+      r(null);
+      return;
+    }
+    if (window.Stripe) {
+      r(window.Stripe);
+      return;
+    }
+    try {
+      var a = Ve();
+      if (!(a && e)) {
+        if (!a)
+          a = oe(e);
+        else if (a && _ !== null && $ !== null) {
+          var o;
+          a.removeEventListener("load", _), a.removeEventListener("error", $), (o = a.parentNode) === null || o === void 0 || o.removeChild(a), a = oe(e);
+        }
+      }
+      _ = Xe(r, n), $ = He(n), a.addEventListener("load", _), a.addEventListener("error", $);
+    } catch (s) {
+      n(s);
+      return;
+    }
+  }), U.catch(function(r) {
+    return U = null, Promise.reject(r);
+  }));
+}, Qe = function(e, r, n) {
+  if (e === null)
+    return null;
+  var a = e.apply(void 0, r);
+  return Ge(a, n), a;
+}, O, ge = !1, be = function() {
+  return O || (O = Ye(null).catch(function(e) {
+    return O = null, Promise.reject(e);
+  }), O);
+};
+Promise.resolve().then(function() {
+  return be();
+}).catch(function(t) {
+  ge || console.warn(t);
+});
+var Je = function() {
+  for (var e = arguments.length, r = new Array(e), n = 0; n < e; n++)
+    r[n] = arguments[n];
+  ge = !0;
+  var a = Date.now();
+  return be().then(function(o) {
+    return Qe(o, r, a);
+  });
+}, Ze = /* @__PURE__ */ ((t) => (t[t.DEBUG = 0] = "DEBUG", t[t.INFO = 1] = "INFO", t[t.WARN = 2] = "WARN", t[t.ERROR = 3] = "ERROR", t[t.SILENT = 4] = "SILENT", t))(Ze || {});
+class ve {
+  config;
+  constructor(e) {
+    this.config = e;
+  }
+  /**
+   * Update the log level dynamically
+   */
+  setLevel(e) {
+    this.config.level = e;
+  }
+  /**
+   * Get the current log level
+   */
+  getLevel() {
+    return this.config.level;
+  }
+  /**
+   * Debug-level logging (most verbose)
+   * Use for detailed debugging information
+   */
+  debug(...e) {
+    this.config.level <= 0 && this.log("DEBUG", console.log, e);
+  }
+  /**
+   * Info-level logging
+   * Use for general informational messages
+   */
+  info(...e) {
+    this.config.level <= 1 && this.log("INFO", console.info, e);
+  }
+  /**
+   * Warning-level logging
+   * Use for potentially problematic situations
+   */
+  warn(...e) {
+    this.config.level <= 2 && this.log("WARN", console.warn, e);
+  }
+  /**
+   * Error-level logging
+   * Use for error conditions
+   */
+  error(...e) {
+    this.config.level <= 3 && this.log("ERROR", console.error, e);
+  }
+  /**
+   * Internal log method with formatting
+   */
+  log(e, r, n) {
+    const a = this.config.prefix ? `${this.config.prefix} ` : "", o = (/* @__PURE__ */ new Date()).toISOString();
+    r(`[${o}] ${a}[${e}]`, ...n);
+  }
+}
+const et = () => typeof process < "u" && process.env.NODE_ENV === "development" ? 0 : 2;
+let q = null;
+function f() {
+  return q || (q = new ve({
+    level: et(),
+    prefix: "[CedrosPay]"
+  })), q;
+}
+function tt(t) {
+  q = t;
+}
+function rt(t) {
+  return new ve(t);
+}
+function F(t, e) {
+  return t instanceof Error ? t.message : typeof t == "string" ? t : e;
+}
+const nt = {
+  service_unavailable: "Service temporarily unavailable. Please try again later or contact support.",
+  server_insufficient_funds: "Service temporarily unavailable. Please try again later or contact support.",
+  insufficient_funds_token: "Insufficient token balance in your wallet. Please add more tokens and try again.",
+  insufficient_funds_sol: "Insufficient SOL for transaction fees. Please add some SOL to your wallet and try again.",
+  insufficient_amount: "Payment amount is insufficient. Please check the required amount.",
+  invalid_signature: "Transaction signature is invalid. Please try again.",
+  send_failed: "Failed to send transaction. Please try again or contact support.",
+  timeout: "Transaction timed out. Please check the blockchain explorer or try again."
+};
+async function T(t, e, r = !1) {
+  try {
+    const n = await t.json();
+    if (r && n.verificationError) {
+      f().debug(`Payment verification failed: ${n.verificationError.code}`);
+      const a = n.verificationError.code;
+      return nt[a] || n.verificationError.message || e;
+    }
+    return typeof n.error == "string" ? n.error : n.error && typeof n.error == "object" && "message" in n.error ? n.error.message : e;
+  } catch {
+    return await t.text() || e;
+  }
+}
+const at = 3e4;
+async function S(t, e = {}, r = at) {
+  const n = new AbortController(), a = e.signal;
+  if (a?.aborted)
+    throw n.abort(), new DOMException("The operation was aborted", "AbortError");
+  const o = setTimeout(() => n.abort(), r);
+  let s = null;
+  a && (s = () => n.abort(), a.addEventListener("abort", s));
+  try {
+    return await fetch(t, {
+      ...e,
+      signal: n.signal
+    });
+  } catch (i) {
+    throw i instanceof Error && i.name === "AbortError" ? a?.aborted ? i : new Error(`Request timeout after ${r}ms`) : i;
+  } finally {
+    clearTimeout(o), a && s && a.removeEventListener("abort", s);
+  }
+}
+function K(t) {
+  const { maxRequests: e, windowMs: r } = t;
+  let n = e, a = Date.now();
+  const o = e / r;
+  function s() {
+    const d = Date.now(), h = d - a;
+    if (h > 0) {
+      const p = h * o;
+      n = Math.min(e, n + p), a = d;
+    }
+  }
+  function i() {
+    return s(), n >= 1 ? (n -= 1, !0) : !1;
+  }
+  function l() {
+    return s(), Math.floor(n);
+  }
+  function c() {
+    if (s(), n >= 1)
+      return 0;
+    const h = (1 - n) / o;
+    return Math.ceil(h);
+  }
+  function u() {
+    n = e, a = Date.now();
+  }
+  return {
+    tryConsume: i,
+    getAvailableTokens: l,
+    getTimeUntilRefill: c,
+    reset: u
+  };
+}
+const Q = {
+  /** 10 requests per minute - recommended for payment requests */
+  PAYMENT: { maxRequests: 10, windowMs: 6e4 },
+  /** 30 requests per minute - for quote fetching */
+  QUOTE: { maxRequests: 30, windowMs: 6e4 },
+  /** 5 requests per minute - strict limit for sensitive operations */
+  STRICT: { maxRequests: 5, windowMs: 6e4 },
+  /** 100 requests per minute - permissive for UI interactions */
+  PERMISSIVE: { maxRequests: 100, windowMs: 6e4 }
+};
+var ot = /* @__PURE__ */ ((t) => (t.CLOSED = "CLOSED", t.OPEN = "OPEN", t.HALF_OPEN = "HALF_OPEN", t))(ot || {});
+class E extends Error {
+  constructor(e) {
+    super(e), this.name = "CircuitBreakerOpenError";
+  }
+}
+function te(t) {
+  const { failureThreshold: e, timeout: r, name: n = "circuit-breaker" } = t;
+  let a = "CLOSED", o = 0, s = 0, i = 0, l = null, c = null, u = null;
+  function d() {
+    a === "OPEN" && u !== null && Date.now() >= u && (f().debug(`[CircuitBreaker:${n}] Transitioning OPEN → HALF_OPEN (timeout expired)`), a = "HALF_OPEN", u = null);
+  }
+  function h() {
+    c = Date.now(), s++, a === "HALF_OPEN" ? (f().debug(`[CircuitBreaker:${n}] Success in HALF_OPEN → CLOSED`), a = "CLOSED", o = 0) : a === "CLOSED" && (o = 0);
+  }
+  function p(b) {
+    l = Date.now(), o++, f().warn(`[CircuitBreaker:${n}] Failure recorded (${o}/${e}):`, b.message), a === "HALF_OPEN" ? (f().warn(`[CircuitBreaker:${n}] Failed in HALF_OPEN → OPEN`), a = "OPEN", u = Date.now() + r) : a === "CLOSED" && o >= e && (f().error(`[CircuitBreaker:${n}] Failure threshold reached (${o}) → OPEN`), a = "OPEN", u = Date.now() + r);
+  }
+  async function m(b) {
+    if (d(), a === "OPEN") {
+      i++;
+      const w = u ? Math.ceil((u - Date.now()) / 1e3) : 0;
+      throw new E(
+        `Circuit breaker is OPEN. Service is unavailable. Retry in ${w}s.`
+      );
+    }
+    try {
+      const w = await b();
+      return h(), w;
+    } catch (w) {
+      throw p(w instanceof Error ? w : new Error(String(w))), w;
+    }
+  }
+  function y() {
+    return d(), a;
+  }
+  function v() {
+    return d(), {
+      state: a,
+      failures: o,
+      successes: s,
+      rejections: i,
+      lastFailureTime: l,
+      lastSuccessTime: c
+    };
+  }
+  function A() {
+    f().debug(`[CircuitBreaker:${n}] Manual reset → CLOSED`), a = "CLOSED", o = 0, s = 0, i = 0, l = null, c = null, u = null;
+  }
+  function x() {
+    f().warn(`[CircuitBreaker:${n}] Manual trip → OPEN`), a = "OPEN", u = Date.now() + r;
+  }
+  return {
+    execute: m,
+    getState: y,
+    getStats: v,
+    reset: A,
+    trip: x
+  };
+}
+const Ht = {
+  /** Strict: Opens quickly (3 failures), long timeout (60s) */
+  STRICT: { failureThreshold: 3, timeout: 6e4 },
+  /** Standard: Balanced settings (5 failures, 30s timeout) */
+  STANDARD: { failureThreshold: 5, timeout: 3e4 },
+  /** Lenient: Tolerates more failures (10 failures, 15s timeout) */
+  LENIENT: { failureThreshold: 10, timeout: 15e3 }
+};
+function st(t, e) {
+  if (e >= 3)
+    return !1;
+  const r = t.message.toLowerCase();
+  return r.includes("network") || r.includes("timeout") || r.includes("fetch failed") || r.includes("econnrefused") || r.includes("503") || r.includes("502") || r.includes("500") || r.includes("429") ? !0 : (r.includes("400") || r.includes("401") || r.includes("403") || r.includes("404"), !1);
+}
+function it(t, e, r, n, a) {
+  const o = e * Math.pow(r, t), s = Math.min(o, n);
+  if (a) {
+    const i = Math.random() * s;
+    return Math.floor(i);
+  }
+  return Math.floor(s);
+}
+function ct(t) {
+  return new Promise((e) => setTimeout(e, t));
+}
+async function C(t, e = {}) {
+  const {
+    maxRetries: r = 3,
+    initialDelayMs: n = 1e3,
+    backoffFactor: a = 2,
+    maxDelayMs: o = 3e4,
+    jitter: s = !0,
+    shouldRetry: i = st,
+    name: l = "retry"
+  } = e;
+  let c = null, u = 0;
+  for (let d = 0; d <= r; d++)
+    try {
+      const h = await t();
+      return d > 0 && f().debug(
+        `[Retry:${l}] Succeeded on attempt ${d + 1}/${r + 1} after ${u}ms`
+      ), h;
+    } catch (h) {
+      c = h instanceof Error ? h : new Error(String(h));
+      const p = d === r, m = i(c, d);
+      if (p || !m)
+        throw f().warn(
+          `[Retry:${l}] Failed on attempt ${d + 1}/${r + 1}. ${p ? "No more retries." : "Error not retryable."}`
+        ), c;
+      const y = it(d, n, a, o, s);
+      u += y, f().warn(
+        `[Retry:${l}] Attempt ${d + 1}/${r + 1} failed: ${c.message}. Retrying in ${y}ms...`
+      ), await ct(y);
+    }
+  throw c || new Error("Retry failed with no error");
+}
+const P = {
+  /** Quick retries for transient errors (3 retries, 1s initial, 2x backoff) */
+  QUICK: {
+    maxRetries: 3,
+    initialDelayMs: 1e3,
+    backoffFactor: 2,
+    maxDelayMs: 1e4
+  },
+  /** Standard retries (3 retries, 2s initial, 2x backoff) */
+  STANDARD: {
+    maxRetries: 3,
+    initialDelayMs: 2e3,
+    backoffFactor: 2,
+    maxDelayMs: 3e4
+  },
+  /** Aggressive retries for critical operations (5 retries, 500ms initial) */
+  AGGRESSIVE: {
+    maxRetries: 5,
+    initialDelayMs: 500,
+    backoffFactor: 1.5,
+    maxDelayMs: 15e3
+  },
+  /** Patient retries for slow backends (5 retries, 5s initial) */
+  PATIENT: {
+    maxRetries: 5,
+    initialDelayMs: 5e3,
+    backoffFactor: 2,
+    maxDelayMs: 6e4
+  }
+};
+class lt {
+  stripe = null;
+  publicKey;
+  routeDiscovery;
+  rateLimiter = K(Q.PAYMENT);
+  circuitBreaker = te({
+    failureThreshold: 5,
+    timeout: 1e4,
+    // 10 seconds for faster recovery in payment flows
+    name: "stripe-manager"
+  });
+  constructor(e, r) {
+    this.publicKey = e, this.routeDiscovery = r;
+  }
+  /**
+   * Initialize Stripe.js library
+   */
+  async initialize() {
+    if (!this.stripe && (this.stripe = await Je(this.publicKey), !this.stripe))
+      throw new Error("Failed to initialize Stripe");
+  }
+  /**
+   * Create a Stripe checkout session
+   */
+  async createSession(e) {
+    if (!this.rateLimiter.tryConsume())
+      throw new Error("Rate limit exceeded for Stripe session creation. Please try again later.");
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const r = await this.routeDiscovery.buildUrl("/paywall/v1/stripe-session");
+          f().debug("[StripeManager] Creating session with request:", e), e.couponCode ? f().debug("[StripeManager] Coupon code included:", e.couponCode) : f().debug("[StripeManager] No coupon code in request");
+          const n = await S(r, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "Idempotency-Key": N()
+            },
+            body: JSON.stringify(e)
+          });
+          if (!n.ok) {
+            const a = await T(n, "Failed to create Stripe session");
+            throw new Error(a);
+          }
+          return n.json();
+        },
+        { ...P.STANDARD, name: "stripe-create-session" }
+      ));
+    } catch (r) {
+      throw r instanceof E ? (f().error("[StripeManager] Circuit breaker is OPEN - Stripe service unavailable"), new Error("Stripe payment service is temporarily unavailable. Please try again in a few moments.")) : r;
+    }
+  }
+  /**
+   * Redirect to Stripe checkout
+   */
+  async redirectToCheckout(e) {
+    if (this.stripe || await this.initialize(), !this.stripe)
+      return {
+        success: !1,
+        error: "Stripe not initialized"
+      };
+    const r = await this.stripe.redirectToCheckout({ sessionId: e });
+    return r.error ? {
+      success: !1,
+      error: r.error.message
+    } : { success: !0 };
+  }
+  /**
+   * Handle complete payment flow: create session and redirect
+   */
+  async processPayment(e) {
+    try {
+      const r = await this.createSession(e);
+      return await this.redirectToCheckout(r.sessionId);
+    } catch (r) {
+      return {
+        success: !1,
+        error: F(r, "Unknown error")
+      };
+    }
+  }
+  /**
+   * Create a Stripe cart checkout session for multiple items
+   */
+  async processCartCheckout(e) {
+    const { items: r, successUrl: n, cancelUrl: a, metadata: o, customerEmail: s, couponCode: i } = e;
+    if (!this.rateLimiter.tryConsume())
+      return {
+        success: !1,
+        error: "Rate limit exceeded for cart checkout. Please try again later."
+      };
+    try {
+      const l = await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const c = await this.routeDiscovery.buildUrl("/paywall/v1/cart/checkout"), u = {
+            items: r,
+            successUrl: n,
+            cancelUrl: a,
+            metadata: o,
+            customerEmail: s,
+            couponCode: i
+          }, d = await S(c, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "Idempotency-Key": N()
+            },
+            body: JSON.stringify(u)
+          });
+          if (!d.ok) {
+            const h = await T(d, "Failed to create cart checkout session");
+            throw new Error(h);
+          }
+          return await d.json();
+        },
+        { ...P.STANDARD, name: "stripe-cart-checkout" }
+      ));
+      return await this.redirectToCheckout(l.sessionId);
+    } catch (l) {
+      return l instanceof E ? {
+        success: !1,
+        error: "Stripe payment service is temporarily unavailable. Please try again in a few moments."
+      } : {
+        success: !1,
+        error: F(l, "Cart checkout failed")
+      };
+    }
+  }
+}
+const Ee = "3.7.8", ut = Ee, R = typeof Buffer == "function", se = typeof TextDecoder == "function" ? new TextDecoder() : void 0, ie = typeof TextEncoder == "function" ? new TextEncoder() : void 0, dt = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=", B = Array.prototype.slice.call(dt), j = ((t) => {
+  let e = {};
+  return t.forEach((r, n) => e[r] = n), e;
+})(B), ft = /^(?:[A-Za-z\d+\/]{4})*?(?:[A-Za-z\d+\/]{2}(?:==)?|[A-Za-z\d+\/]{3}=?)?$/, g = String.fromCharCode.bind(String), ce = typeof Uint8Array.from == "function" ? Uint8Array.from.bind(Uint8Array) : (t) => new Uint8Array(Array.prototype.slice.call(t, 0)), xe = (t) => t.replace(/=/g, "").replace(/[+\/]/g, (e) => e == "+" ? "-" : "_"), Ce = (t) => t.replace(/[^A-Za-z0-9\+\/]/g, ""), Pe = (t) => {
+  let e, r, n, a, o = "";
+  const s = t.length % 3;
+  for (let i = 0; i < t.length; ) {
+    if ((r = t.charCodeAt(i++)) > 255 || (n = t.charCodeAt(i++)) > 255 || (a = t.charCodeAt(i++)) > 255)
+      throw new TypeError("invalid character found");
+    e = r << 16 | n << 8 | a, o += B[e >> 18 & 63] + B[e >> 12 & 63] + B[e >> 6 & 63] + B[e & 63];
+  }
+  return s ? o.slice(0, s - 3) + "===".substring(s) : o;
+}, re = typeof btoa == "function" ? (t) => btoa(t) : R ? (t) => Buffer.from(t, "binary").toString("base64") : Pe, J = R ? (t) => Buffer.from(t).toString("base64") : (t) => {
+  let r = [];
+  for (let n = 0, a = t.length; n < a; n += 4096)
+    r.push(g.apply(null, t.subarray(n, n + 4096)));
+  return re(r.join(""));
+}, W = (t, e = !1) => e ? xe(J(t)) : J(t), ht = (t) => {
+  if (t.length < 2) {
+    var e = t.charCodeAt(0);
+    return e < 128 ? t : e < 2048 ? g(192 | e >>> 6) + g(128 | e & 63) : g(224 | e >>> 12 & 15) + g(128 | e >>> 6 & 63) + g(128 | e & 63);
+  } else {
+    var e = 65536 + (t.charCodeAt(0) - 55296) * 1024 + (t.charCodeAt(1) - 56320);
+    return g(240 | e >>> 18 & 7) + g(128 | e >>> 12 & 63) + g(128 | e >>> 6 & 63) + g(128 | e & 63);
+  }
+}, mt = /[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g, Se = (t) => t.replace(mt, ht), le = R ? (t) => Buffer.from(t, "utf8").toString("base64") : ie ? (t) => J(ie.encode(t)) : (t) => re(Se(t)), k = (t, e = !1) => e ? xe(le(t)) : le(t), ue = (t) => k(t, !0), pt = /[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}|[\xF0-\xF7][\x80-\xBF]{3}/g, yt = (t) => {
+  switch (t.length) {
+    case 4:
+      var e = (7 & t.charCodeAt(0)) << 18 | (63 & t.charCodeAt(1)) << 12 | (63 & t.charCodeAt(2)) << 6 | 63 & t.charCodeAt(3), r = e - 65536;
+      return g((r >>> 10) + 55296) + g((r & 1023) + 56320);
+    case 3:
+      return g((15 & t.charCodeAt(0)) << 12 | (63 & t.charCodeAt(1)) << 6 | 63 & t.charCodeAt(2));
+    default:
+      return g((31 & t.charCodeAt(0)) << 6 | 63 & t.charCodeAt(1));
+  }
+}, Ae = (t) => t.replace(pt, yt), Te = (t) => {
+  if (t = t.replace(/\s+/g, ""), !ft.test(t))
+    throw new TypeError("malformed base64.");
+  t += "==".slice(2 - (t.length & 3));
+  let e, r, n, a = [];
+  for (let o = 0; o < t.length; )
+    e = j[t.charAt(o++)] << 18 | j[t.charAt(o++)] << 12 | (r = j[t.charAt(o++)]) << 6 | (n = j[t.charAt(o++)]), r === 64 ? a.push(g(e >> 16 & 255)) : n === 64 ? a.push(g(e >> 16 & 255, e >> 8 & 255)) : a.push(g(e >> 16 & 255, e >> 8 & 255, e & 255));
+  return a.join("");
+}, ne = typeof atob == "function" ? (t) => atob(Ce(t)) : R ? (t) => Buffer.from(t, "base64").toString("binary") : Te, ke = R ? (t) => ce(Buffer.from(t, "base64")) : (t) => ce(ne(t).split("").map((e) => e.charCodeAt(0))), Re = (t) => ke(Me(t)), wt = R ? (t) => Buffer.from(t, "base64").toString("utf8") : se ? (t) => se.decode(ke(t)) : (t) => Ae(ne(t)), Me = (t) => Ce(t.replace(/[-_]/g, (e) => e == "-" ? "+" : "/")), Z = (t) => wt(Me(t)), gt = (t) => {
+  if (typeof t != "string")
+    return !1;
+  const e = t.replace(/\s+/g, "").replace(/={0,2}$/, "");
+  return !/[^\s0-9a-zA-Z\+/]/.test(e) || !/[^\s0-9a-zA-Z\-_]/.test(e);
+}, Ue = (t) => ({
+  value: t,
+  enumerable: !1,
+  writable: !0,
+  configurable: !0
+}), Oe = function() {
+  const t = (e, r) => Object.defineProperty(String.prototype, e, Ue(r));
+  t("fromBase64", function() {
+    return Z(this);
+  }), t("toBase64", function(e) {
+    return k(this, e);
+  }), t("toBase64URI", function() {
+    return k(this, !0);
+  }), t("toBase64URL", function() {
+    return k(this, !0);
+  }), t("toUint8Array", function() {
+    return Re(this);
+  });
+}, De = function() {
+  const t = (e, r) => Object.defineProperty(Uint8Array.prototype, e, Ue(r));
+  t("toBase64", function(e) {
+    return W(this, e);
+  }), t("toBase64URI", function() {
+    return W(this, !0);
+  }), t("toBase64URL", function() {
+    return W(this, !0);
+  });
+}, bt = () => {
+  Oe(), De();
+}, I = {
+  version: Ee,
+  VERSION: ut,
+  atob: ne,
+  atobPolyfill: Te,
+  btoa: re,
+  btoaPolyfill: Pe,
+  fromBase64: Z,
+  toBase64: k,
+  encode: k,
+  encodeURI: ue,
+  encodeURL: ue,
+  utob: Se,
+  btou: Ae,
+  decode: Z,
+  isValid: gt,
+  fromUint8Array: W,
+  toUint8Array: Re,
+  extendString: Oe,
+  extendUint8Array: De,
+  extendBuiltins: bt
+};
+class vt {
+  routeDiscovery;
+  quoteRateLimiter = K(Q.QUOTE);
+  verifyRateLimiter = K(Q.PAYMENT);
+  circuitBreaker = te({
+    failureThreshold: 5,
+    timeout: 1e4,
+    // 10 seconds for faster recovery in payment flows
+    name: "x402-manager"
+  });
+  constructor(e) {
+    this.routeDiscovery = e;
+  }
+  /**
+   * Request a protected resource and get x402 requirement
+   * SECURITY: Resource ID and coupon codes sent in request body to prevent leakage
+   * Prevents exposure of product IDs, SKUs, and business-sensitive identifiers in logs
+   */
+  async requestQuote(e) {
+    const { resource: r, couponCode: n } = e;
+    if (!this.quoteRateLimiter.tryConsume())
+      throw new Error("Rate limit exceeded for quote requests. Please try again later.");
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const a = "/paywall/v1/quote";
+          f().debug(
+            "[X402Manager] Requesting quote",
+            n ? "with coupon" : "without coupon"
+          );
+          const o = await this.routeDiscovery.buildUrl(a), s = await S(o, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json"
+            },
+            body: JSON.stringify({
+              resource: r,
+              couponCode: n || null
+            })
+          });
+          if (s.status !== 402)
+            throw new Error(`Expected 402 status, got ${s.status}`);
+          const i = await s.json();
+          if (!i.accepts || i.accepts.length === 0)
+            throw new Error("Invalid x402 response: missing accepts array");
+          return i.accepts[0];
+        },
+        { ...P.QUICK, name: "x402-quote" }
+      ));
+    } catch (a) {
+      throw a instanceof E ? (f().error("[X402Manager] Circuit breaker is OPEN - x402 service unavailable"), new Error("Payment service is temporarily unavailable. Please try again in a few moments.")) : a;
+    }
+  }
+  /**
+   * Request a cart quote for multiple items
+   */
+  async requestCartQuote(e) {
+    const { items: r, metadata: n, couponCode: a } = e;
+    if (!this.quoteRateLimiter.tryConsume())
+      throw new Error("Rate limit exceeded for cart quote requests. Please try again later.");
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const o = await this.routeDiscovery.buildUrl("/paywall/v1/cart/quote"), s = {
+            items: r,
+            metadata: n,
+            couponCode: a
+          }, i = await S(o, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "Idempotency-Key": N()
+            },
+            body: JSON.stringify(s)
+          });
+          if (i.status !== 402 && !i.ok) {
+            const l = await T(i, "Failed to get cart quote");
+            throw new Error(l);
+          }
+          return i.json();
+        },
+        { ...P.QUICK, name: "x402-cart-quote" }
+      ));
+    } catch (o) {
+      throw o instanceof E ? (f().error("[X402Manager] Circuit breaker is OPEN - cart quote service unavailable"), new Error("Payment service is temporarily unavailable. Please try again in a few moments.")) : o;
+    }
+  }
+  /**
+   * Build X-PAYMENT header from payment payload (base64 encoded)
+   */
+  buildPaymentHeader(e) {
+    const r = JSON.stringify(e);
+    return I.encode(r);
+  }
+  /**
+   * Parse X-PAYMENT-RESPONSE header (base64 encoded settlement response)
+   */
+  parseSettlementResponse(e) {
+    const r = e.headers.get("X-PAYMENT-RESPONSE");
+    if (!r)
+      return null;
+    try {
+      const n = I.decode(r), a = JSON.parse(n);
+      return typeof a.success != "boolean" ? (f().error("Invalid settlement response: missing success field"), null) : a;
+    } catch (n) {
+      return f().error("Failed to parse settlement response:", n), null;
+    }
+  }
+  /**
+   * Retry request with payment proof
+   * SECURITY: Coupon and metadata sent in X-PAYMENT header payload, NOT query strings
+   */
+  async submitPayment(e) {
+    const {
+      resource: r,
+      payload: n,
+      couponCode: a,
+      metadata: o,
+      resourceType: s = "regular"
+    } = e;
+    if (!this.verifyRateLimiter.tryConsume())
+      return {
+        success: !1,
+        error: "Rate limit exceeded for payment verification. Please try again later."
+      };
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const l = {
+            ...n,
+            payload: {
+              ...n.payload,
+              resource: r,
+              resourceType: s,
+              metadata: {
+                ...n.payload.metadata || {},
+                // Preserve existing metadata
+                ...o || {},
+                // Layer in new metadata
+                ...a ? { couponCode: a } : {}
+                // Add coupon if present
+              }
+            }
+          }, c = this.buildPaymentHeader(l), u = "/paywall/v1/verify";
+          f().debug("[X402Manager] Submitting payment", {
+            resourceType: s,
+            hasCoupon: !!a,
+            hasMetadata: !!o
+          });
+          const d = await this.routeDiscovery.buildUrl(u), h = await S(d, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "X-PAYMENT": c,
+              "Idempotency-Key": N()
+            }
+          });
+          if (h.ok) {
+            const { settlement: m, transactionId: y } = await this.handlePaymentVerification(
+              h,
+              n.payload.signature
+            );
+            return {
+              success: !0,
+              transactionId: y,
+              settlement: m || void 0
+            };
+          }
+          return {
+            success: !1,
+            error: await T(h, "Payment verification failed", !0)
+          };
+        },
+        { ...P.STANDARD, name: "x402-verify" }
+      ));
+    } catch (i) {
+      return i instanceof E ? {
+        success: !1,
+        error: "Payment verification service is temporarily unavailable. Please try again in a few moments."
+      } : {
+        success: !1,
+        error: F(i, "Unknown error")
+      };
+    }
+  }
+  /**
+   * Build a complete gasless transaction on the backend
+   * Returns an unsigned transaction with all instructions (compute budget, transfer, memo)
+   */
+  async buildGaslessTransaction(e) {
+    const { resourceId: r, userWallet: n, feePayer: a, couponCode: o } = e;
+    if (!this.quoteRateLimiter.tryConsume())
+      throw new Error("Rate limit exceeded for gasless transaction requests. Please try again later.");
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const s = await this.routeDiscovery.buildUrl(
+            "/paywall/v1/gasless-transaction"
+          ), i = await S(s, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json"
+            },
+            body: JSON.stringify({
+              resourceId: r,
+              userWallet: n,
+              feePayer: a,
+              couponCode: o
+            })
+          });
+          if (!i.ok) {
+            const l = await T(i, "Failed to build gasless transaction");
+            throw new Error(l);
+          }
+          return i.json();
+        },
+        { ...P.QUICK, name: "x402-gasless-build" }
+      ));
+    } catch (s) {
+      throw s instanceof E ? (f().error("[X402Manager] Circuit breaker is OPEN - gasless transaction service unavailable"), new Error("Gasless transaction service is temporarily unavailable. Please try again in a few moments.")) : s;
+    }
+  }
+  /**
+   * Submit gasless partial transaction for co-signing
+   * Sends the partially-signed transaction in X-Payment header for backend co-signing
+   * SECURITY: Coupon and metadata sent in X-PAYMENT header payload, NOT query strings
+   */
+  async submitGaslessTransaction(e) {
+    const {
+      resource: r,
+      partialTx: n,
+      couponCode: a,
+      metadata: o,
+      resourceType: s = "regular",
+      requirement: i
+    } = e;
+    if (!this.verifyRateLimiter.tryConsume())
+      return {
+        success: !1,
+        error: "Rate limit exceeded for gasless transaction verification. Please try again later."
+      };
+    try {
+      return await this.circuitBreaker.execute(async () => await C(
+        async () => {
+          const c = {
+            x402Version: 0,
+            scheme: i?.scheme || "solana-spl-transfer",
+            network: i?.network || "mainnet-beta",
+            payload: {
+              signature: "",
+              // Placeholder - backend will finalize after co-signing
+              transaction: n,
+              feePayer: i?.extra?.feePayer || "",
+              resource: r,
+              resourceType: s,
+              metadata: {
+                ...o || {},
+                ...a ? { couponCode: a } : {}
+              }
+            }
+          }, u = this.buildPaymentHeader(c), h = await this.routeDiscovery.buildUrl("/paywall/v1/verify"), p = await S(h, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "X-PAYMENT": u,
+              "Idempotency-Key": N()
+            }
+          });
+          if (p.ok) {
+            const { settlement: y, transactionId: v } = await this.handlePaymentVerification(
+              p,
+              "gasless-tx"
+            );
+            return {
+              success: !0,
+              transactionId: v,
+              settlement: y || void 0
+            };
+          }
+          return {
+            success: !1,
+            error: await T(p, "Gasless transaction failed", !0)
+          };
+        },
+        { ...P.STANDARD, name: "x402-gasless-verify" }
+      ));
+    } catch (l) {
+      return l instanceof E ? {
+        success: !1,
+        error: "Gasless transaction verification service is temporarily unavailable. Please try again in a few moments."
+      } : {
+        success: !1,
+        error: F(l, "Unknown error")
+      };
+    }
+  }
+  /**
+   * Handle payment verification response (shared logic for both submitPayment and submitGaslessTransaction)
+   * Parses settlement header and extracts transaction ID from response body
+   * @param response - HTTP response from payment verification endpoint
+   * @param defaultTxId - Fallback transaction ID if JSON parsing fails
+   * @returns Settlement data and transaction ID
+   */
+  async handlePaymentVerification(e, r) {
+    const n = this.parseSettlementResponse(e), a = e.headers.get("Content-Type") || "";
+    let o = r;
+    if (a.includes("application/json"))
+      try {
+        o = (await e.json()).signature || r;
+      } catch (s) {
+        f().warn("Failed to parse JSON response body:", s);
+      }
+    return { settlement: n, transactionId: o };
+  }
+  /**
+   * Validate x402 requirement structure
+   */
+  validateRequirement(e) {
+    return !!(e.scheme && e.network && e.maxAmountRequired && e.resource && e.payTo && e.asset && e.maxTimeoutSeconds > 0);
+  }
+}
+function Et(t) {
+  if (t.length >= 255)
+    throw new TypeError("Alphabet too long");
+  const e = new Uint8Array(256);
+  for (let c = 0; c < e.length; c++)
+    e[c] = 255;
+  for (let c = 0; c < t.length; c++) {
+    const u = t.charAt(c), d = u.charCodeAt(0);
+    if (e[d] !== 255)
+      throw new TypeError(u + " is ambiguous");
+    e[d] = c;
+  }
+  const r = t.length, n = t.charAt(0), a = Math.log(r) / Math.log(256), o = Math.log(256) / Math.log(r);
+  function s(c) {
+    if (c instanceof Uint8Array || (ArrayBuffer.isView(c) ? c = new Uint8Array(c.buffer, c.byteOffset, c.byteLength) : Array.isArray(c) && (c = Uint8Array.from(c))), !(c instanceof Uint8Array))
+      throw new TypeError("Expected Uint8Array");
+    if (c.length === 0)
+      return "";
+    let u = 0, d = 0, h = 0;
+    const p = c.length;
+    for (; h !== p && c[h] === 0; )
+      h++, u++;
+    const m = (p - h) * o + 1 >>> 0, y = new Uint8Array(m);
+    for (; h !== p; ) {
+      let x = c[h], b = 0;
+      for (let w = m - 1; (x !== 0 || b < d) && w !== -1; w--, b++)
+        x += 256 * y[w] >>> 0, y[w] = x % r >>> 0, x = x / r >>> 0;
+      if (x !== 0)
+        throw new Error("Non-zero carry");
+      d = b, h++;
+    }
+    let v = m - d;
+    for (; v !== m && y[v] === 0; )
+      v++;
+    let A = n.repeat(u);
+    for (; v < m; ++v)
+      A += t.charAt(y[v]);
+    return A;
+  }
+  function i(c) {
+    if (typeof c != "string")
+      throw new TypeError("Expected String");
+    if (c.length === 0)
+      return new Uint8Array();
+    let u = 0, d = 0, h = 0;
+    for (; c[u] === n; )
+      d++, u++;
+    const p = (c.length - u) * a + 1 >>> 0, m = new Uint8Array(p);
+    for (; u < c.length; ) {
+      const x = c.charCodeAt(u);
+      if (x > 255)
+        return;
+      let b = e[x];
+      if (b === 255)
+        return;
+      let w = 0;
+      for (let L = p - 1; (b !== 0 || w < h) && L !== -1; L--, w++)
+        b += r * m[L] >>> 0, m[L] = b % 256 >>> 0, b = b / 256 >>> 0;
+      if (b !== 0)
+        throw new Error("Non-zero carry");
+      h = w, u++;
+    }
+    let y = p - h;
+    for (; y !== p && m[y] === 0; )
+      y++;
+    const v = new Uint8Array(d + (p - y));
+    let A = d;
+    for (; y !== p; )
+      v[A++] = m[y++];
+    return v;
+  }
+  function l(c) {
+    const u = i(c);
+    if (u)
+      return u;
+    throw new Error("Non-base" + r + " character");
+  }
+  return {
+    encode: s,
+    decodeUnsafe: i,
+    decode: l
+  };
+}
+var xt = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+const de = Et(xt), ee = {
+  CASHx9KJUStyftLFWGvEVf59SGeG9sh5FfcnZMVPCASH: "CASH",
+  EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v: "USDC",
+  Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB: "USDT",
+  "2b1kV6DkPAnxd5ixfnxCpjxmKwqjjaYmCZfHsFu24GXo": "PYUSD"
+};
+function Ct(t) {
+  return t in ee;
+}
+function Be(t, e = "token mint", r = !1) {
+  if (!t || t.trim().length === 0)
+    return {
+      isValid: !0,
+      isKnownStablecoin: !1
+    };
+  const n = t.trim();
+  if (Ct(n))
+    return {
+      isValid: !0,
+      isKnownStablecoin: !0,
+      symbol: ee[n]
+    };
+  const a = Object.entries(ee).map(([o, s]) => `  ${s}: ${o}`).join(`
+`);
+  return r ? {
+    isValid: !0,
+    // Allow but warn
+    isKnownStablecoin: !1,
+    warning: [
+      `Warning: Unrecognized token mint address in ${e}`,
+      `  Provided: ${n}`,
+      "",
+      "This token mint does not match any known stablecoin addresses.",
+      "You have set dangerouslyAllowUnknownMint=true, so this will proceed.",
+      "If this is a typo, payments will be sent to the wrong token and funds will be PERMANENTLY LOST.",
+      "",
+      "Known stablecoin mints (mainnet-beta):",
+      a,
+      "",
+      "Double-check your token mint address before deploying to production."
+    ].join(`
+`)
+  } : {
+    isValid: !1,
+    isKnownStablecoin: !1,
+    error: [
+      `SAFETY ERROR: Unrecognized token mint address in ${e}`,
+      `  Provided: ${n}`,
+      "",
+      "This token mint does not match any known stablecoin addresses.",
+      "Using an unknown token mint can result in PERMANENT LOSS OF FUNDS if it's a typo.",
+      "",
+      "Known stablecoin mints (mainnet-beta):",
+      a,
+      "",
+      "If you are CERTAIN this is the correct mint address (custom token, testnet, or new stablecoin),",
+      "set dangerouslyAllowUnknownMint={true} in your CedrosProvider config:",
+      "",
+      "  <CedrosProvider",
+      "    config={{",
+      "      ...",
+      '      tokenMint: "' + n + '",',
+      "      dangerouslyAllowUnknownMint: true, // ⚠️ I have verified this mint address",
+      "    }}",
+      "  />",
+      "",
+      "⚠️ WARNING: Only enable dangerouslyAllowUnknownMint if you have TRIPLE-CHECKED the mint address."
+    ].join(`
+`)
+  };
+}
+function Pt(t, e = "unknown", r = !1) {
+  return Be(t, `X402Requirement (resource: ${e})`, r);
+}
+class St {
+  connection;
+  cluster;
+  endpoint;
+  allowUnknownMint;
+  rpcRateLimiter = K({
+    maxRequests: 50,
+    windowMs: 6e4
+    // 50 requests per minute for RPC calls
+  });
+  rpcCircuitBreaker = te({
+    failureThreshold: 5,
+    timeout: 1e4,
+    // 10 seconds for faster recovery in payment flows
+    name: "solana-rpc"
+  });
+  constructor(e = "mainnet-beta", r, n = !1) {
+    this.cluster = e, this.endpoint = r, this.allowUnknownMint = n, this.connection = this.createConnection();
+  }
+  /**
+   * Create Solana RPC connection
+   */
+  createConnection() {
+    const e = this.endpoint ?? Le(this.cluster);
+    return new $e(e, "confirmed");
+  }
+  /**
+   * Transform RPC errors into user-friendly messages
+   */
+  transformRpcError(e) {
+    const r = e instanceof Error ? e.message : typeof e == "string" ? e : String(e);
+    return r.includes("403") || r.includes("Access forbidden") ? new Error(
+      "Public Solana RPC access denied. Please configure a custom RPC endpoint (e.g., from Helius, QuickNode, or Alchemy) in your CedrosProvider config using the solanaEndpoint option."
+    ) : r.includes("429") || r.includes("Too Many Requests") ? new Error(
+      "Solana RPC rate limit exceeded. Please configure a custom RPC endpoint with higher limits in your CedrosProvider config using the solanaEndpoint option."
+    ) : e instanceof Error ? e : new Error(r);
+  }
+  /**
+   * Build transaction from x402 requirement
+   */
+  async buildTransaction(e) {
+    const { requirement: r, payerPublicKey: n, blockhash: a } = e;
+    if (!r || !r.payTo)
+      throw new Error("Invalid requirement: missing payTo");
+    console.log("🔨 [WalletManager] Building NEW transaction for resource:", r.resource);
+    const o = new ae(), s = this.resolveAmountInMinorUnits(r), i = r.asset;
+    if (!i)
+      throw new Error("asset is required in x402 requirement");
+    const l = Pt(i, r.resource, this.allowUnknownMint);
+    if (!l.isValid && l.error)
+      throw new Error(l.error);
+    l.warning && f().warn(l.warning);
+    const c = new M(i), u = await je(
+      c,
+      n
+    );
+    if (!this.rpcRateLimiter.tryConsume())
+      throw new Error("RPC rate limit exceeded. Please try again in a moment.");
+    let d;
+    try {
+      d = await this.rpcCircuitBreaker.execute(async () => await C(
+        async () => await this.connection.getAccountInfo(u),
+        { ...P.QUICK, name: "rpc-get-account-info" }
+      ));
+    } catch (m) {
+      throw m instanceof E ? new Error("Solana RPC service is temporarily unavailable. Please try again in a few moments.") : this.transformRpcError(m);
+    }
+    if (!d)
+      throw new Error("Payer is missing an associated token account for this mint");
+    let h;
+    try {
+      h = r.extra?.recipientTokenAccount ? new M(r.extra.recipientTokenAccount) : new M(r.payTo);
+    } catch {
+      throw new Error("We are currently unable to process payment, please try again later");
+    }
+    if (o.add(
+      qe(
+        u,
+        h,
+        n,
+        s
+      )
+    ), r.extra?.memo) {
+      const { TransactionInstruction: m } = await import("@solana/web3.js"), y = new m({
+        keys: [],
+        programId: new M("MemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr"),
+        data: Buffer.from(r.extra.memo, "utf8")
+      });
+      o.add(y);
+    }
+    let p;
+    if (a)
+      p = a;
+    else {
+      if (!this.rpcRateLimiter.tryConsume())
+        throw new Error("RPC rate limit exceeded. Please try again in a moment.");
+      try {
+        p = (await this.rpcCircuitBreaker.execute(async () => await C(
+          async () => await this.connection.getLatestBlockhash(),
+          { ...P.QUICK, name: "rpc-get-blockhash" }
+        ))).blockhash;
+      } catch (m) {
+        throw m instanceof E ? new Error("Solana RPC service is temporarily unavailable. Please try again in a few moments.") : this.transformRpcError(m);
+      }
+    }
+    return o.recentBlockhash = p, r.extra?.feePayer ? o.feePayer = new M(r.extra.feePayer) : o.feePayer = n, o;
+  }
+  /**
+   * Parse amount from x402 requirement (already in atomic units as string)
+   */
+  resolveAmountInMinorUnits(e) {
+    const r = parseInt(e.maxAmountRequired, 10);
+    if (Number.isNaN(r) || r <= 0)
+      throw new Error("Invalid maxAmountRequired in requirement");
+    return r;
+  }
+  /**
+   * Build payment payload from signed transaction (x402 spec)
+   */
+  buildPaymentPayload(e) {
+    const { requirement: r, signedTx: n, payerPublicKey: a } = e;
+    return {
+      x402Version: 0,
+      scheme: r.scheme,
+      network: r.network,
+      payload: {
+        signature: n.signature,
+        transaction: n.serialized,
+        payer: a.toString(),
+        memo: r.extra?.memo,
+        recipientTokenAccount: r.extra?.recipientTokenAccount
+      }
+    };
+  }
+  /**
+   * Sign transaction using wallet adapter (fully signed for regular mode)
+   */
+  async signTransaction(e) {
+    const { transaction: r, signTransaction: n } = e;
+    console.log("✍️ [WalletManager] Requesting wallet to sign transaction");
+    const a = await n(r), o = a.serialize(), s = a.signatures[0]?.signature;
+    if (!s)
+      throw new Error("Signed transaction missing signature");
+    const i = de.encode(s);
+    return console.log("✅ [WalletManager] Transaction signed with signature:", i.substring(0, 20) + "..."), {
+      serialized: I.fromUint8Array(o),
+      signature: i
+    };
+  }
+  /**
+   * Deserialize a base64-encoded transaction from the backend
+   * Used for gasless flow where backend builds the complete transaction
+   */
+  deserializeTransaction(e) {
+    try {
+      const r = I.toUint8Array(e);
+      return ae.from(r);
+    } catch (r) {
+      throw new Error(
+        `Failed to deserialize transaction: ${F(r, "Unknown error")}`
+      );
+    }
+  }
+  /**
+   * Partially sign transaction for gasless mode
+   * User signs their authority, server will co-sign as fee payer
+   */
+  async partiallySignTransaction(e) {
+    const { transaction: r, signTransaction: n, blockhash: a } = e;
+    a && r.recentBlockhash !== a && (r.recentBlockhash = a);
+    const o = await n(r), s = o.signatures[0]?.signature;
+    if (s) {
+      const l = de.encode(s);
+      console.log("✅ [WalletManager] Partially signed with signature:", l.substring(0, 20) + "...");
+    }
+    const i = o.serialize({
+      requireAllSignatures: !1,
+      verifySignatures: !1
+    });
+    return I.fromUint8Array(i);
+  }
+  /**
+   * Get wallet balance
+   */
+  async getBalance(e) {
+    if (!this.rpcRateLimiter.tryConsume())
+      throw new Error("RPC rate limit exceeded. Please try again in a moment.");
+    try {
+      return await this.rpcCircuitBreaker.execute(async () => await C(
+        async () => await this.connection.getBalance(e),
+        { ...P.QUICK, name: "rpc-get-balance" }
+      )) / _e;
+    } catch (r) {
+      throw r instanceof E ? new Error("Solana RPC service is temporarily unavailable. Please try again in a few moments.") : this.transformRpcError(r);
+    }
+  }
+  /**
+   * Verify transaction on-chain
+   */
+  async verifyTransaction(e) {
+    if (!this.rpcRateLimiter.tryConsume())
+      return f().warn("[WalletManager] RPC rate limit exceeded for transaction verification"), !1;
+    try {
+      return !!(await this.rpcCircuitBreaker.execute(async () => await C(
+        async () => await this.connection.getSignatureStatus(e),
+        { ...P.QUICK, name: "rpc-verify-tx" }
+      ))).value?.confirmationStatus;
+    } catch (r) {
+      return r instanceof E && f().warn("[WalletManager] Circuit breaker OPEN - cannot verify transaction"), !1;
+    }
+  }
+}
+class At {
+  serverUrl;
+  routePrefix = null;
+  discoveryPromise = null;
+  maxRetries = 3;
+  baseDelayMs = 1e3;
+  constructor(e) {
+    this.serverUrl = e;
+  }
+  /**
+   * Discover route prefix from backend health endpoint
+   *
+   * DEDUPLICATION: Multiple concurrent calls share the same in-flight request
+   * SECURITY FIX: Only cache on success, retry on failures with exponential backoff
+   * This prevents permanent bricking of payments due to transient failures
+   */
+  async discoverPrefix() {
+    if (this.routePrefix !== null)
+      return this.routePrefix;
+    if (this.discoveryPromise)
+      return this.discoveryPromise;
+    const e = (async () => {
+      let r = 0;
+      for (; r < this.maxRetries; )
+        try {
+          const n = await S(`${this.serverUrl}/cedros-health`);
+          if (!n.ok) {
+            if (n.status >= 400 && n.status < 500)
+              return f().warn(`Route discovery received ${n.status} - not retrying client error`), this.routePrefix = "", "";
+            throw new Error(`Health check returned ${n.status}`);
+          }
+          const o = (await n.json()).routePrefix || "";
+          return this.routePrefix = o, f().debug("Route discovery successful, prefix:", o || "(empty)"), o;
+        } catch (n) {
+          if (r++, r >= this.maxRetries)
+            return f().warn(
+              `Route discovery failed after ${r} attempts, using empty prefix for this request:`,
+              n
+            ), "";
+          const a = this.baseDelayMs * Math.pow(2, r - 1);
+          f().warn(
+            `Route discovery failed (attempt ${r}/${this.maxRetries}), retrying in ${a}ms:`,
+            n
+          ), await new Promise((o) => setTimeout(o, a));
+        }
+      return "";
+    })();
+    this.discoveryPromise = e;
+    try {
+      return await this.discoveryPromise;
+    } finally {
+      this.discoveryPromise = null;
+    }
+  }
+  /**
+   * Build API URL with discovered prefix
+   */
+  async buildUrl(e) {
+    const r = await this.discoverPrefix(), n = e.startsWith("/") ? e : `/${e}`;
+    return `${this.serverUrl}${r}${n}`;
+  }
+  /**
+   * Reset cached prefix (useful for testing or reconnecting)
+   */
+  reset() {
+    this.routePrefix = null, this.discoveryPromise = null;
+  }
+}
+const z = /* @__PURE__ */ new Map();
+function Ne(t, e, r, n, a) {
+  return JSON.stringify({
+    stripePublicKey: t,
+    serverUrl: e,
+    solanaCluster: r,
+    solanaEndpoint: n || "",
+    dangerouslyAllowUnknownMint: a || !1
+  });
+}
+function Tt(t, e, r, n, a) {
+  const o = Ne(
+    t,
+    e,
+    r,
+    n,
+    a
+  );
+  let s = z.get(o);
+  if (s)
+    return s.refCount++, f().debug(
+      `[ManagerCache] Reusing cached managers (refCount: ${s.refCount}):`,
+      { stripePublicKey: t.slice(0, 10) + "...", serverUrl: e }
+    ), s;
+  f().debug(
+    "[ManagerCache] Creating new manager instances:",
+    { stripePublicKey: t.slice(0, 10) + "...", serverUrl: e }
+  );
+  const i = new At(e), l = new lt(t, i), c = new vt(i), u = new St(
+    r,
+    n,
+    a ?? !1
+  );
+  return s = {
+    stripeManager: l,
+    x402Manager: c,
+    walletManager: u,
+    routeDiscovery: i,
+    refCount: 1
+  }, z.set(o, s), s;
+}
+function kt(t, e, r, n, a) {
+  const o = Ne(
+    t,
+    e,
+    r,
+    n,
+    a
+  ), s = z.get(o);
+  if (!s) {
+    f().warn("[ManagerCache] Attempted to release non-existent managers:", { cacheKey: o });
+    return;
+  }
+  s.refCount--, f().debug(
+    `[ManagerCache] Released manager reference (refCount: ${s.refCount}):`,
+    { stripePublicKey: t.slice(0, 10) + "...", serverUrl: e }
+  ), s.refCount <= 0 && (z.delete(o), f().debug("[ManagerCache] Removed managers from cache (refCount reached 0)"));
+}
+const Rt = [
+  "stripePublicKey"
+], fe = /* @__PURE__ */ new Set(["mainnet-beta", "devnet", "testnet"]);
+function Mt() {
+  if (typeof window < "u" && window.location)
+    return window.location.origin;
+  throw new Error(
+    "serverUrl is required in SSR/Node environments. In browser environments, it defaults to window.location.origin"
+  );
+}
+function Ut(t) {
+  const e = [];
+  Rt.forEach((n) => {
+    const a = t[n];
+    (typeof a != "string" || a.trim().length === 0) && e.push({
+      field: n,
+      message: "must be a non-empty string"
+    });
+  });
+  let r;
+  if (t.serverUrl !== void 0)
+    typeof t.serverUrl != "string" || t.serverUrl.trim().length === 0 ? (e.push({
+      field: "serverUrl",
+      message: "must be a non-empty string when provided"
+    }), r = "") : r = t.serverUrl;
+  else
+    try {
+      r = Mt();
+    } catch (n) {
+      e.push({
+        field: "serverUrl",
+        message: n instanceof Error ? n.message : "failed to determine default"
+      }), r = "";
+    }
+  if (fe.has(t.solanaCluster) || e.push({
+    field: "solanaCluster",
+    message: `must be one of ${Array.from(fe).join(", ")}`
+  }), t.solanaEndpoint !== void 0 && (typeof t.solanaEndpoint != "string" ? e.push({
+    field: "solanaEndpoint",
+    message: "must be a string when provided"
+  }) : t.solanaEndpoint.trim().length === 0 ? e.push({
+    field: "solanaEndpoint",
+    message: 'must be a non-empty string when provided (e.g., "https://api.mainnet-beta.solana.com")'
+  }) : !t.solanaEndpoint.startsWith("http://") && !t.solanaEndpoint.startsWith("https://") && e.push({
+    field: "solanaEndpoint",
+    message: 'must start with "http://" or "https://" (e.g., "https://api.mainnet-beta.solana.com")'
+  })), t.tokenMint && typeof t.tokenMint != "string" && e.push({
+    field: "tokenMint",
+    message: "must be a string when provided"
+  }), e.length > 0) {
+    const n = e.map((a) => `- ${a.field} ${a.message}`).join(`
+`);
+    throw new Error(`Invalid Cedros configuration:
+${n}`);
+  }
+  if (t.tokenMint) {
+    const n = t.dangerouslyAllowUnknownMint === !0, a = Be(t.tokenMint, "CedrosConfig.tokenMint", n);
+    if (!a.isValid && a.error)
+      throw new Error(a.error);
+    a.warning && f().warn(a.warning);
+  }
+  return {
+    ...t,
+    serverUrl: r
+  };
+}
+class Ot {
+  adapters = null;
+  poolId;
+  isCleanedUp = !1;
+  constructor(e) {
+    this.poolId = e ?? `pool_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`, f().debug(`[WalletPool] Created pool: ${this.poolId}`);
+  }
+  /**
+   * Get wallet adapters for this pool
+   *
+   * Lazy initialization: adapters are created on first access.
+   * Returns empty array in SSR environments.
+   */
+  getAdapters() {
+    return typeof window > "u" ? [] : this.isCleanedUp ? (f().warn(`[WalletPool] Attempted to use pool after cleanup: ${this.poolId}`), []) : this.adapters !== null ? this.adapters : (f().debug(`[WalletPool] Initializing adapters for pool: ${this.poolId}`), this.adapters = [
+      new We(),
+      new Ke()
+    ], this.adapters);
+  }
+  /**
+   * Cleanup wallet adapters
+   *
+   * Disconnects all wallets and clears the adapter cache.
+   * Called automatically when CedrosProvider unmounts.
+   *
+   * IMPORTANT: After cleanup, getAdapters() will return empty array.
+   */
+  async cleanup() {
+    if (this.isCleanedUp) {
+      f().debug(`[WalletPool] Pool already cleaned up: ${this.poolId}`);
+      return;
+    }
+    if (f().debug(`[WalletPool] Cleaning up pool: ${this.poolId}`), this.isCleanedUp = !0, this.adapters === null)
+      return;
+    const e = this.adapters.map(async (r) => {
+      try {
+        r.connected && (f().debug(`[WalletPool] Disconnecting wallet: ${r.name}`), await r.disconnect());
+      } catch (n) {
+        f().warn(`[WalletPool] Failed to disconnect wallet ${r.name}:`, n);
+      }
+    });
+    await Promise.allSettled(e), this.adapters = null, f().debug(`[WalletPool] Pool cleanup complete: ${this.poolId}`);
+  }
+  /**
+   * Check if this pool has been initialized
+   *
+   * Useful for testing or debugging.
+   */
+  isInitialized() {
+    return this.adapters !== null;
+  }
+  /**
+   * Get pool ID (for debugging/logging)
+   */
+  getId() {
+    return this.poolId;
+  }
+}
+function Dt(t) {
+  return new Ot(t);
+}
+const Bt = Object.freeze({
+  surfaceBackground: "rgba(255, 255, 255, 0)",
+  surfaceText: "#111827",
+  surfaceBorder: "rgba(15, 23, 42, 0.08)",
+  stripeBackground: "linear-gradient(135deg, #635bff 0%, #4f46e5 100%)",
+  stripeText: "#ffffff",
+  stripeShadow: "rgba(79, 70, 229, 0.25)",
+  cryptoBackground: "linear-gradient(135deg, #14f195 0%, #9945ff 100%)",
+  cryptoText: "#ffffff",
+  cryptoShadow: "rgba(99, 102, 241, 0.25)",
+  errorBackground: "#fee2e2",
+  errorBorder: "#fca5a5",
+  errorText: "#b91c1c",
+  successBackground: "#dcfce7",
+  successBorder: "#86efac",
+  successText: "#166534",
+  modalOverlay: "rgba(0, 0, 0, 0.5)",
+  modalBackground: "#ffffff",
+  modalBorder: "rgba(15, 23, 42, 0.08)",
+  buttonBorderRadius: "8px",
+  buttonPadding: "0.75rem 1.5rem",
+  buttonFontSize: "1rem",
+  buttonFontWeight: "600"
+}), Nt = Object.freeze({
+  surfaceBackground: "rgba(17, 24, 39, 0.6)",
+  surfaceText: "#f9fafb",
+  surfaceBorder: "rgba(148, 163, 184, 0.25)",
+  stripeBackground: "linear-gradient(135deg, #4f46e5 0%, #3730a3 100%)",
+  stripeText: "#f5f3ff",
+  stripeShadow: "rgba(99, 102, 241, 0.35)",
+  cryptoBackground: "linear-gradient(135deg, #1dd4a6 0%, #6d28d9 100%)",
+  cryptoText: "#ecfeff",
+  cryptoShadow: "rgba(75, 85, 99, 0.35)",
+  errorBackground: "#7f1d1d",
+  errorBorder: "#fca5a5",
+  errorText: "#fecaca",
+  successBackground: "#14532d",
+  successBorder: "#4ade80",
+  successText: "#bbf7d0",
+  modalOverlay: "rgba(0, 0, 0, 0.75)",
+  modalBackground: "#1f2937",
+  modalBorder: "rgba(148, 163, 184, 0.25)",
+  buttonBorderRadius: "8px",
+  buttonPadding: "0.75rem 1.5rem",
+  buttonFontSize: "1rem",
+  buttonFontWeight: "600"
+}), It = {
+  surfaceBackground: "--cedros-surface-bg",
+  surfaceText: "--cedros-surface-text",
+  surfaceBorder: "--cedros-surface-border",
+  stripeBackground: "--cedros-stripe-bg",
+  stripeText: "--cedros-stripe-text",
+  stripeShadow: "--cedros-stripe-shadow",
+  cryptoBackground: "--cedros-crypto-bg",
+  cryptoText: "--cedros-crypto-text",
+  cryptoShadow: "--cedros-crypto-shadow",
+  errorBackground: "--cedros-error-bg",
+  errorBorder: "--cedros-error-border",
+  errorText: "--cedros-error-text",
+  successBackground: "--cedros-success-bg",
+  successBorder: "--cedros-success-border",
+  successText: "--cedros-success-text",
+  modalOverlay: "--cedros-modal-overlay",
+  modalBackground: "--cedros-modal-bg",
+  modalBorder: "--cedros-modal-border",
+  buttonBorderRadius: "--cedros-button-radius",
+  buttonPadding: "--cedros-button-padding",
+  buttonFontSize: "--cedros-button-font-size",
+  buttonFontWeight: "--cedros-button-font-weight"
+}, Ie = me(null);
+function Ft(t, e) {
+  return {
+    ...t === "dark" ? Nt : Bt,
+    ...e
+  };
+}
+function Lt(t) {
+  const e = Object.entries(t).map(([r, n]) => [
+    It[r],
+    n
+  ]);
+  return Object.fromEntries(e);
+}
+function $t({
+  initialMode: t = "light",
+  overrides: e,
+  unstyled: r = !1,
+  children: n
+}) {
+  const [a, o] = X(t), [s, i] = X(e), l = ye(e);
+  D(() => {
+    if (e === l.current)
+      return;
+    (!e || !l.current ? e !== l.current : Object.keys({ ...e, ...l.current }).some(
+      (d) => e[d] !== l.current?.[d]
+    )) && (l.current = e, i(e));
+  }, [e]);
+  const c = Y(() => {
+    const u = Ft(a, s), d = r ? {} : Lt(u), h = r ? "" : `cedros-theme-root cedros-theme cedros-theme--${a}`;
+    return {
+      mode: a,
+      setMode: o,
+      tokens: u,
+      className: h,
+      style: d,
+      unstyled: r
+    };
+  }, [a, s, r]);
+  return /* @__PURE__ */ H(Ie.Provider, { value: c, children: n });
+}
+function Xt() {
+  const t = pe(Ie);
+  if (!t)
+    throw new Error("useCedrosTheme must be used within CedrosProvider");
+  return t;
+}
+let V = !1, G = !1;
+async function _t() {
+  if (V)
+    return G ? { available: !0 } : {
+      available: !1,
+      error: he()
+    };
+  try {
+    return await import("@solana/web3.js"), V = !0, G = !0, { available: !0 };
+  } catch {
+    return V = !0, G = !1, {
+      available: !1,
+      error: he()
+    };
+  }
+}
+function he() {
+  return `Solana dependencies not installed. To use crypto payments, install them with:
+
+npm install @solana/web3.js @solana/spl-token @solana/wallet-adapter-react @solana/wallet-adapter-react-ui @solana/wallet-adapter-wallets @solana/wallet-adapter-base
+
+Or if you only need Stripe payments, hide the crypto button with:
+<CedrosPay showCrypto={false} />`;
+}
+function jt() {
+  return typeof process < "u" && process.env.NODE_ENV === "development" ? 0 : 2;
+}
+const Fe = me(null);
+function Yt({ config: t, children: e }) {
+  const r = Y(() => Ut(t), [t]), n = ye(null);
+  n.current === null && (n.current = Dt());
+  const [a, o] = X(null);
+  D(() => {
+    let i = !1;
+    return _t().then((l) => {
+      i || (l.available ? o(void 0) : o(l.error || "Solana dependencies not available"));
+    }), () => {
+      i = !0;
+    };
+  }, []), D(() => {
+    const i = r.logLevel ?? jt(), l = rt({
+      level: i,
+      prefix: "[CedrosPay]"
+    });
+    tt(l);
+  }, [r.logLevel]), D(() => {
+    const i = n.current;
+    return () => {
+      i && i.cleanup().catch((l) => {
+        f().warn("[CedrosProvider] Wallet pool cleanup failed:", l);
+      });
+    };
+  }, []), D(() => {
+    const i = r.stripePublicKey, l = r.serverUrl ?? "", c = r.solanaCluster, u = r.solanaEndpoint, d = r.dangerouslyAllowUnknownMint;
+    return () => {
+      kt(i, l, c, u, d);
+    };
+  }, [
+    r.stripePublicKey,
+    r.serverUrl,
+    r.solanaCluster,
+    r.solanaEndpoint,
+    r.dangerouslyAllowUnknownMint
+  ]);
+  const s = Y(() => {
+    const { stripeManager: i, x402Manager: l, walletManager: c } = Tt(
+      r.stripePublicKey,
+      r.serverUrl ?? "",
+      r.solanaCluster,
+      r.solanaEndpoint,
+      r.dangerouslyAllowUnknownMint
+    );
+    return {
+      config: r,
+      stripeManager: i,
+      x402Manager: l,
+      walletManager: c,
+      walletPool: n.current,
+      solanaError: a
+    };
+  }, [r, a]);
+  return /* @__PURE__ */ H(Fe.Provider, { value: s, children: /* @__PURE__ */ H(
+    $t,
+    {
+      initialMode: r.theme ?? "light",
+      overrides: r.themeOverrides,
+      unstyled: r.unstyled ?? !1,
+      children: e
+    }
+  ) });
+}
+function Qt() {
+  const t = pe(Fe);
+  if (!t)
+    throw new Error("useCedrosContext must be used within CedrosProvider");
+  return t;
+}
+export {
+  Yt as C,
+  ee as K,
+  Ze as L,
+  Q as R,
+  Ot as W,
+  Xt as a,
+  ve as b,
+  K as c,
+  rt as d,
+  Be as e,
+  F as f,
+  f as g,
+  te as h,
+  ot as i,
+  E as j,
+  Ht as k,
+  P as l,
+  Dt as m,
+  C as r,
+  Qt as u,
+  Ut as v
+};