@chainvue/v402-protocol 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +202 -0
- package/README.md +30 -0
- package/dist/amount.d.ts +16 -0
- package/dist/amount.d.ts.map +1 -0
- package/dist/amount.js +42 -0
- package/dist/amount.js.map +1 -0
- package/dist/canonical.d.ts +18 -0
- package/dist/canonical.d.ts.map +1 -0
- package/dist/canonical.js +118 -0
- package/dist/canonical.js.map +1 -0
- package/dist/errors.d.ts +10 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +9 -0
- package/dist/errors.js.map +1 -0
- package/dist/extensions.d.ts +21 -0
- package/dist/extensions.d.ts.map +1 -0
- package/dist/extensions.js +74 -0
- package/dist/extensions.js.map +1 -0
- package/dist/headers.d.ts +13 -0
- package/dist/headers.d.ts.map +1 -0
- package/dist/headers.js +20 -0
- package/dist/headers.js.map +1 -0
- package/dist/identity.d.ts +15 -0
- package/dist/identity.d.ts.map +1 -0
- package/dist/identity.js +17 -0
- package/dist/identity.js.map +1 -0
- package/dist/index.d.ts +11 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +10 -0
- package/dist/index.js.map +1 -0
- package/dist/schemas.d.ts +62 -0
- package/dist/schemas.d.ts.map +1 -0
- package/dist/schemas.js +138 -0
- package/dist/schemas.js.map +1 -0
- package/dist/signature.d.ts +3 -0
- package/dist/signature.d.ts.map +1 -0
- package/dist/signature.js +17 -0
- package/dist/signature.js.map +1 -0
- package/dist/types.d.ts +82 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/dist/version.d.ts +18 -0
- package/dist/version.d.ts.map +1 -0
- package/dist/version.js +20 -0
- package/dist/version.js.map +1 -0
- package/package.json +38 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,202 @@
|
|
|
1
|
+
|
|
2
|
+
Apache License
|
|
3
|
+
Version 2.0, January 2004
|
|
4
|
+
http://www.apache.org/licenses/
|
|
5
|
+
|
|
6
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
7
|
+
|
|
8
|
+
1. Definitions.
|
|
9
|
+
|
|
10
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
|
11
|
+
and distribution as defined by Sections 1 through 9 of this document.
|
|
12
|
+
|
|
13
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
|
14
|
+
the copyright owner that is granting the License.
|
|
15
|
+
|
|
16
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
|
17
|
+
other entities that control, are controlled by, or are under common
|
|
18
|
+
control with that entity. For the purposes of this definition,
|
|
19
|
+
"control" means (i) the power, direct or indirect, to cause the
|
|
20
|
+
direction or management of such entity, whether by contract or
|
|
21
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
22
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
23
|
+
|
|
24
|
+
"You" (or "Your") shall mean an individual or Legal Entity
|
|
25
|
+
exercising permissions granted by this License.
|
|
26
|
+
|
|
27
|
+
"Source" form shall mean the preferred form for making modifications,
|
|
28
|
+
including but not limited to software source code, documentation
|
|
29
|
+
source, and configuration files.
|
|
30
|
+
|
|
31
|
+
"Object" form shall mean any form resulting from mechanical
|
|
32
|
+
transformation or translation of a Source form, including but
|
|
33
|
+
not limited to compiled object code, generated documentation,
|
|
34
|
+
and conversions to other media types.
|
|
35
|
+
|
|
36
|
+
"Work" shall mean the work of authorship, whether in Source or
|
|
37
|
+
Object form, made available under the License, as indicated by a
|
|
38
|
+
copyright notice that is included in or attached to the work
|
|
39
|
+
(an example is provided in the Appendix below).
|
|
40
|
+
|
|
41
|
+
"Derivative Works" shall mean any work, whether in Source or Object
|
|
42
|
+
form, that is based on (or derived from) the Work and for which the
|
|
43
|
+
editorial revisions, annotations, elaborations, or other modifications
|
|
44
|
+
represent, as a whole, an original work of authorship. For the purposes
|
|
45
|
+
of this License, Derivative Works shall not include works that remain
|
|
46
|
+
separable from, or merely link (or bind by name) to the interfaces of,
|
|
47
|
+
the Work and Derivative Works thereof.
|
|
48
|
+
|
|
49
|
+
"Contribution" shall mean any work of authorship, including
|
|
50
|
+
the original version of the Work and any modifications or additions
|
|
51
|
+
to that Work or Derivative Works thereof, that is intentionally
|
|
52
|
+
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
53
|
+
or by an individual or Legal Entity authorized to submit on behalf of
|
|
54
|
+
the copyright owner. For the purposes of this definition, "submitted"
|
|
55
|
+
means any form of electronic, verbal, or written communication sent
|
|
56
|
+
to the Licensor or its representatives, including but not limited to
|
|
57
|
+
communication on electronic mailing lists, source code control systems,
|
|
58
|
+
and issue tracking systems that are managed by, or on behalf of, the
|
|
59
|
+
Licensor for the purpose of discussing and improving the Work, but
|
|
60
|
+
excluding communication that is conspicuously marked or otherwise
|
|
61
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
|
62
|
+
|
|
63
|
+
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
64
|
+
on behalf of whom a Contribution has been received by Licensor and
|
|
65
|
+
subsequently incorporated within the Work.
|
|
66
|
+
|
|
67
|
+
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
68
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
69
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
70
|
+
copyright license to reproduce, prepare Derivative Works of,
|
|
71
|
+
publicly display, publicly perform, sublicense, and distribute the
|
|
72
|
+
Work and such Derivative Works in Source or Object form.
|
|
73
|
+
|
|
74
|
+
3. Grant of Patent License. Subject to the terms and conditions of
|
|
75
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
76
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
77
|
+
(except as stated in this section) patent license to make, have made,
|
|
78
|
+
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
79
|
+
where such license applies only to those patent claims licensable
|
|
80
|
+
by such Contributor that are necessarily infringed by their
|
|
81
|
+
Contribution(s) alone or by combination of their Contribution(s)
|
|
82
|
+
with the Work to which such Contribution(s) was submitted. If You
|
|
83
|
+
institute patent litigation against any entity (including a
|
|
84
|
+
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
85
|
+
or a Contribution incorporated within the Work constitutes direct
|
|
86
|
+
or contributory patent infringement, then any patent licenses
|
|
87
|
+
granted to You under this License for that Work shall terminate
|
|
88
|
+
as of the date such litigation is filed.
|
|
89
|
+
|
|
90
|
+
4. Redistribution. You may reproduce and distribute copies of the
|
|
91
|
+
Work or Derivative Works thereof in any medium, with or without
|
|
92
|
+
modifications, and in Source or Object form, provided that You
|
|
93
|
+
meet the following conditions:
|
|
94
|
+
|
|
95
|
+
(a) You must give any other recipients of the Work or
|
|
96
|
+
Derivative Works a copy of this License; and
|
|
97
|
+
|
|
98
|
+
(b) You must cause any modified files to carry prominent notices
|
|
99
|
+
stating that You changed the files; and
|
|
100
|
+
|
|
101
|
+
(c) You must retain, in the Source form of any Derivative Works
|
|
102
|
+
that You distribute, all copyright, patent, trademark, and
|
|
103
|
+
attribution notices from the Source form of the Work,
|
|
104
|
+
excluding those notices that do not pertain to any part of
|
|
105
|
+
the Derivative Works; and
|
|
106
|
+
|
|
107
|
+
(d) If the Work includes a "NOTICE" text file as part of its
|
|
108
|
+
distribution, then any Derivative Works that You distribute must
|
|
109
|
+
include a readable copy of the attribution notices contained
|
|
110
|
+
within such NOTICE file, excluding those notices that do not
|
|
111
|
+
pertain to any part of the Derivative Works, in at least one
|
|
112
|
+
of the following places: within a NOTICE text file distributed
|
|
113
|
+
as part of the Derivative Works; within the Source form or
|
|
114
|
+
documentation, if provided along with the Derivative Works; or,
|
|
115
|
+
within a display generated by the Derivative Works, if and
|
|
116
|
+
wherever such third-party notices normally appear. The contents
|
|
117
|
+
of the NOTICE file are for informational purposes only and
|
|
118
|
+
do not modify the License. You may add Your own attribution
|
|
119
|
+
notices within Derivative Works that You distribute, alongside
|
|
120
|
+
or as an addendum to the NOTICE text from the Work, provided
|
|
121
|
+
that such additional attribution notices cannot be construed
|
|
122
|
+
as modifying the License.
|
|
123
|
+
|
|
124
|
+
You may add Your own copyright statement to Your modifications and
|
|
125
|
+
may provide additional or different license terms and conditions
|
|
126
|
+
for use, reproduction, or distribution of Your modifications, or
|
|
127
|
+
for any such Derivative Works as a whole, provided Your use,
|
|
128
|
+
reproduction, and distribution of the Work otherwise complies with
|
|
129
|
+
the conditions stated in this License.
|
|
130
|
+
|
|
131
|
+
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
132
|
+
any Contribution intentionally submitted for inclusion in the Work
|
|
133
|
+
by You to the Licensor shall be under the terms and conditions of
|
|
134
|
+
this License, without any additional terms or conditions.
|
|
135
|
+
Notwithstanding the above, nothing herein shall supersede or modify
|
|
136
|
+
the terms of any separate license agreement you may have executed
|
|
137
|
+
with Licensor regarding such Contributions.
|
|
138
|
+
|
|
139
|
+
6. Trademarks. This License does not grant permission to use the trade
|
|
140
|
+
names, trademarks, service marks, or product names of the Licensor,
|
|
141
|
+
except as required for reasonable and customary use in describing the
|
|
142
|
+
origin of the Work and reproducing the content of the NOTICE file.
|
|
143
|
+
|
|
144
|
+
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
145
|
+
agreed to in writing, Licensor provides the Work (and each
|
|
146
|
+
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
147
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
148
|
+
implied, including, without limitation, any warranties or conditions
|
|
149
|
+
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
150
|
+
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
151
|
+
appropriateness of using or redistributing the Work and assume any
|
|
152
|
+
risks associated with Your exercise of permissions under this License.
|
|
153
|
+
|
|
154
|
+
8. Limitation of Liability. In no event and under no legal theory,
|
|
155
|
+
whether in tort (including negligence), contract, or otherwise,
|
|
156
|
+
unless required by applicable law (such as deliberate and grossly
|
|
157
|
+
negligent acts) or agreed to in writing, shall any Contributor be
|
|
158
|
+
liable to You for damages, including any direct, indirect, special,
|
|
159
|
+
incidental, or consequential damages of any character arising as a
|
|
160
|
+
result of this License or out of the use or inability to use the
|
|
161
|
+
Work (including but not limited to damages for loss of goodwill,
|
|
162
|
+
work stoppage, computer failure or malfunction, or any and all
|
|
163
|
+
other commercial damages or losses), even if such Contributor
|
|
164
|
+
has been advised of the possibility of such damages.
|
|
165
|
+
|
|
166
|
+
9. Accepting Warranty or Additional Liability. While redistributing
|
|
167
|
+
the Work or Derivative Works thereof, You may choose to offer,
|
|
168
|
+
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
169
|
+
or other liability obligations and/or rights consistent with this
|
|
170
|
+
License. However, in accepting such obligations, You may act only
|
|
171
|
+
on Your own behalf and on Your sole responsibility, not on behalf
|
|
172
|
+
of any other Contributor, and only if You agree to indemnify,
|
|
173
|
+
defend, and hold each Contributor harmless for any liability
|
|
174
|
+
incurred by, or claims asserted against, such Contributor by reason
|
|
175
|
+
of your accepting any such warranty or additional liability.
|
|
176
|
+
|
|
177
|
+
END OF TERMS AND CONDITIONS
|
|
178
|
+
|
|
179
|
+
APPENDIX: How to apply the Apache License to your work.
|
|
180
|
+
|
|
181
|
+
To apply the Apache License to your work, attach the following
|
|
182
|
+
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
183
|
+
replaced with your own identifying information. (Don't include
|
|
184
|
+
the brackets!) The text should be enclosed in the appropriate
|
|
185
|
+
comment syntax for the file format. We also recommend that a
|
|
186
|
+
file or class name and description of purpose be included on the
|
|
187
|
+
same "printed page" as the copyright notice for easier
|
|
188
|
+
identification within third-party archives.
|
|
189
|
+
|
|
190
|
+
Copyright [yyyy] [name of copyright owner]
|
|
191
|
+
|
|
192
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
|
193
|
+
you may not use this file except in compliance with the License.
|
|
194
|
+
You may obtain a copy of the License at
|
|
195
|
+
|
|
196
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
|
197
|
+
|
|
198
|
+
Unless required by applicable law or agreed to in writing, software
|
|
199
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
|
200
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
201
|
+
See the License for the specific language governing permissions and
|
|
202
|
+
limitations under the License.
|
package/README.md
ADDED
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# @chainvue/v402-protocol
|
|
2
|
+
|
|
3
|
+
Protocol core of [v402](https://github.com/chainvue/v402), the Verus-native
|
|
4
|
+
payment layer for AI-agent APIs. Types, wire-format schemas (Zod), canonical
|
|
5
|
+
payload serialization, amount utilities. Framework-agnostic and browser-safe —
|
|
6
|
+
no Node-only APIs, `zod` is the only runtime dependency.
|
|
7
|
+
|
|
8
|
+
```sh
|
|
9
|
+
npm install @chainvue/v402-protocol
|
|
10
|
+
```
|
|
11
|
+
|
|
12
|
+
## What's in here
|
|
13
|
+
|
|
14
|
+
- `canonicalize()` / `canonicalizeBalanceQuery()` — payload → canonical signing
|
|
15
|
+
string, byte-exact per [`spec/0.1/canonical-payload.md`](https://github.com/chainvue/v402/blob/main/spec/0.1/canonical-payload.md)
|
|
16
|
+
- Wire-format schemas: 402 response body, discovery document, `X-V402-*`
|
|
17
|
+
headers (`V402_HEADERS`, `REQUIRED_PAYMENT_HEADERS`)
|
|
18
|
+
- Amount utilities: `humanToSats()` / `satsToHuman()` — exact `bigint` sats,
|
|
19
|
+
minimal-decimal human form
|
|
20
|
+
- `normalizeIdentityKey()` — chain-relative, case-insensitive identity keying
|
|
21
|
+
- `V402ProtocolError` with typed error codes; every validation fails closed
|
|
22
|
+
|
|
23
|
+
Conformance is defined by the spec plus
|
|
24
|
+
[`@chainvue/v402-test-vectors`](https://www.npmjs.com/package/@chainvue/v402-test-vectors) —
|
|
25
|
+
this package is the reference implementation of the canonical form.
|
|
26
|
+
|
|
27
|
+
## License
|
|
28
|
+
|
|
29
|
+
Apache-2.0. The protocol specification itself is CC-BY-4.0, see the
|
|
30
|
+
[spec directory](https://github.com/chainvue/v402/tree/main/spec).
|
package/dist/amount.d.ts
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Amount representation (Q3): `bigint` satoshis internally, human decimal
|
|
3
|
+
* strings at all boundaries. 1 VRSC = 100_000_000 sats, exact arithmetic only.
|
|
4
|
+
*/
|
|
5
|
+
export declare const AMOUNT_DECIMALS = 8;
|
|
6
|
+
export declare const SATS_PER_COIN = 100000000n;
|
|
7
|
+
export declare function isValidHumanAmount(value: string): boolean;
|
|
8
|
+
/** "0.001" → 100000n. Throws `V402ProtocolError("invalid-amount")` on any deviation from the wire grammar. */
|
|
9
|
+
export declare function humanToSats(value: string): bigint;
|
|
10
|
+
/**
|
|
11
|
+
* 100000n → "0.001" — minimal form (trailing fraction zeros trimmed).
|
|
12
|
+
* Negative inputs are supported for internal ledger use; they are never valid
|
|
13
|
+
* on the wire.
|
|
14
|
+
*/
|
|
15
|
+
export declare function satsToHuman(sats: bigint): string;
|
|
16
|
+
//# sourceMappingURL=amount.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"amount.d.ts","sourceRoot":"","sources":["../src/amount.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,eAAO,MAAM,eAAe,IAAI,CAAC;AACjC,eAAO,MAAM,aAAa,aAAe,CAAC;AAU1C,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEzD;AAED,8GAA8G;AAC9G,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOjD;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAQhD"}
|
package/dist/amount.js
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import { V402ProtocolError } from "./errors.js";
|
|
2
|
+
/**
|
|
3
|
+
* Amount representation (Q3): `bigint` satoshis internally, human decimal
|
|
4
|
+
* strings at all boundaries. 1 VRSC = 100_000_000 sats, exact arithmetic only.
|
|
5
|
+
*/
|
|
6
|
+
export const AMOUNT_DECIMALS = 8;
|
|
7
|
+
export const SATS_PER_COIN = 100000000n;
|
|
8
|
+
/**
|
|
9
|
+
* Wire grammar for human amounts: non-negative decimal, no leading zeros in
|
|
10
|
+
* the integer part, `.` separator, 1–8 fraction digits. Trailing fraction
|
|
11
|
+
* zeros are allowed ("1.99999000") — amounts are compared/signed byte-verbatim,
|
|
12
|
+
* never normalized.
|
|
13
|
+
*/
|
|
14
|
+
const HUMAN_AMOUNT_RE = /^(?:0|[1-9]\d*)(?:\.\d{1,8})?$/;
|
|
15
|
+
export function isValidHumanAmount(value) {
|
|
16
|
+
return HUMAN_AMOUNT_RE.test(value);
|
|
17
|
+
}
|
|
18
|
+
/** "0.001" → 100000n. Throws `V402ProtocolError("invalid-amount")` on any deviation from the wire grammar. */
|
|
19
|
+
export function humanToSats(value) {
|
|
20
|
+
if (!HUMAN_AMOUNT_RE.test(value)) {
|
|
21
|
+
throw new V402ProtocolError("invalid-amount", `not a valid human amount string: ${JSON.stringify(value)}`);
|
|
22
|
+
}
|
|
23
|
+
const [whole, fraction = ""] = value.split(".");
|
|
24
|
+
const fractionPadded = fraction.padEnd(AMOUNT_DECIMALS, "0");
|
|
25
|
+
return BigInt(whole) * SATS_PER_COIN + BigInt(fractionPadded);
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* 100000n → "0.001" — minimal form (trailing fraction zeros trimmed).
|
|
29
|
+
* Negative inputs are supported for internal ledger use; they are never valid
|
|
30
|
+
* on the wire.
|
|
31
|
+
*/
|
|
32
|
+
export function satsToHuman(sats) {
|
|
33
|
+
const sign = sats < 0n ? "-" : "";
|
|
34
|
+
const abs = sats < 0n ? -sats : sats;
|
|
35
|
+
const whole = abs / SATS_PER_COIN;
|
|
36
|
+
const fraction = abs % SATS_PER_COIN;
|
|
37
|
+
if (fraction === 0n)
|
|
38
|
+
return `${sign}${whole}`;
|
|
39
|
+
const fractionStr = fraction.toString().padStart(AMOUNT_DECIMALS, "0").replace(/0+$/, "");
|
|
40
|
+
return `${sign}${whole}.${fractionStr}`;
|
|
41
|
+
}
|
|
42
|
+
//# sourceMappingURL=amount.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"amount.js","sourceRoot":"","sources":["../src/amount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAEhD;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC;AACjC,MAAM,CAAC,MAAM,aAAa,GAAG,UAAY,CAAC;AAE1C;;;;;GAKG;AACH,MAAM,eAAe,GAAG,gCAAgC,CAAC;AAEzD,MAAM,UAAU,kBAAkB,CAAC,KAAa;IAC9C,OAAO,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACrC,CAAC;AAED,8GAA8G;AAC9G,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,iBAAiB,CAAC,gBAAgB,EAAE,oCAAoC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC7G,CAAC;IACD,MAAM,CAAC,KAAK,EAAE,QAAQ,GAAG,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IAC7D,OAAO,MAAM,CAAC,KAAM,CAAC,GAAG,aAAa,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;AACjE,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAClC,MAAM,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IACrC,MAAM,KAAK,GAAG,GAAG,GAAG,aAAa,CAAC;IAClC,MAAM,QAAQ,GAAG,GAAG,GAAG,aAAa,CAAC;IACrC,IAAI,QAAQ,KAAK,EAAE;QAAE,OAAO,GAAG,IAAI,GAAG,KAAK,EAAE,CAAC;IAC9C,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1F,OAAO,GAAG,IAAI,GAAG,KAAK,IAAI,WAAW,EAAE,CAAC;AAC1C,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { BalanceQueryPayload, CanonicalPayload } from "./types.js";
|
|
2
|
+
export declare function isValidUlid(value: string): boolean;
|
|
3
|
+
/**
|
|
4
|
+
* Build the exact byte string that gets signed (spec § Signed payload):
|
|
5
|
+
* line 1 `<scheme>/<schemeVersion>`, the 11 core fields in fixed order,
|
|
6
|
+
* then the alphabetically sorted extension section. LF separators, exact
|
|
7
|
+
* `key: value` form, no trailing newline.
|
|
8
|
+
*
|
|
9
|
+
* Every field is validated — a payload this function rejects must never be
|
|
10
|
+
* signed or verified.
|
|
11
|
+
*/
|
|
12
|
+
export declare function canonicalize(payload: CanonicalPayload): string;
|
|
13
|
+
/**
|
|
14
|
+
* Canonical `v402-balance-query/0.1` payload (spec § Topup Instructions
|
|
15
|
+
* Endpoint) — domain-separated from payment payloads via its own line 1.
|
|
16
|
+
*/
|
|
17
|
+
export declare function canonicalizeBalanceQuery(payload: BalanceQueryPayload): string;
|
|
18
|
+
//# sourceMappingURL=canonical.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../src/canonical.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAKxE,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAElD;AA6CD;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,gBAAgB,GAAG,MAAM,CA+B9D;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,mBAAmB,GAAG,MAAM,CAe7E"}
|
|
@@ -0,0 +1,118 @@
|
|
|
1
|
+
import { V402ProtocolError } from "./errors.js";
|
|
2
|
+
import { isValidHumanAmount } from "./amount.js";
|
|
3
|
+
import { serializeExtensionBlock } from "./extensions.js";
|
|
4
|
+
import { BALANCE_QUERY_CONTEXT, schemeContextLine } from "./version.js";
|
|
5
|
+
/** ULID: Crockford base32, 26 chars, 128 bit (first char therefore 0–7). */
|
|
6
|
+
const ULID_RE = /^[0-7][0-9A-HJKMNP-TV-Z]{25}$/;
|
|
7
|
+
export function isValidUlid(value) {
|
|
8
|
+
return ULID_RE.test(value);
|
|
9
|
+
}
|
|
10
|
+
const SCHEME_NAME_RE = /^[a-z0-9]+(?:-[a-z0-9]+)*$/;
|
|
11
|
+
const SCHEME_VERSION_RE = /^\d+\.\d+$/;
|
|
12
|
+
const METHOD_RE = /^[A-Z]+$/;
|
|
13
|
+
const NETWORK_RE = /^[a-z0-9]+$/;
|
|
14
|
+
/** Whitespace/control characters would corrupt the line-based canonical form. */
|
|
15
|
+
const LINE_SAFE_RE = /^[^\s\x00-\x1f\x7f]+$/;
|
|
16
|
+
function invalid(field, value, rule) {
|
|
17
|
+
throw new V402ProtocolError("invalid-field", `${field} ${rule}: ${JSON.stringify(value)}`);
|
|
18
|
+
}
|
|
19
|
+
function assertLineSafe(field, value) {
|
|
20
|
+
if (!LINE_SAFE_RE.test(value))
|
|
21
|
+
invalid(field, value, "must be non-empty without whitespace/control characters");
|
|
22
|
+
}
|
|
23
|
+
/** VerusID friendly name, e.g. "v402test.demoAgent@". Existence/charset rules are the verifier's job. */
|
|
24
|
+
function assertIdentity(field, value) {
|
|
25
|
+
assertLineSafe(field, value);
|
|
26
|
+
if (!value.endsWith("@") || value.length < 2)
|
|
27
|
+
invalid(field, value, "must be a VerusID friendly name ending in '@'");
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* `path` verbatim rule (M1): request-target exactly as sent on the wire,
|
|
31
|
+
* incl. query string. No normalization on either side — but dot-segments and
|
|
32
|
+
* duplicate slashes are forbidden by spec, so both sides fail closed here.
|
|
33
|
+
*/
|
|
34
|
+
function assertPath(value) {
|
|
35
|
+
assertLineSafe("path", value);
|
|
36
|
+
if (!value.startsWith("/"))
|
|
37
|
+
invalid("path", value, "must start with '/'");
|
|
38
|
+
const pathPart = value.split("?", 1)[0];
|
|
39
|
+
if (pathPart.includes("//"))
|
|
40
|
+
invalid("path", value, "must not contain duplicate slashes");
|
|
41
|
+
if (pathPart.split("/").some((segment) => segment === "." || segment === "..")) {
|
|
42
|
+
invalid("path", value, "must not contain dot-segments");
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
function assertUnixSeconds(field, value) {
|
|
46
|
+
if (!Number.isSafeInteger(value) || value < 0)
|
|
47
|
+
invalid(field, value, "must be a non-negative integer (Unix seconds)");
|
|
48
|
+
}
|
|
49
|
+
function assertRequestId(value) {
|
|
50
|
+
if (!ULID_RE.test(value))
|
|
51
|
+
invalid("requestId", value, "must be a ULID (26 chars, Crockford base32)");
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Build the exact byte string that gets signed (spec § Signed payload):
|
|
55
|
+
* line 1 `<scheme>/<schemeVersion>`, the 11 core fields in fixed order,
|
|
56
|
+
* then the alphabetically sorted extension section. LF separators, exact
|
|
57
|
+
* `key: value` form, no trailing newline.
|
|
58
|
+
*
|
|
59
|
+
* Every field is validated — a payload this function rejects must never be
|
|
60
|
+
* signed or verified.
|
|
61
|
+
*/
|
|
62
|
+
export function canonicalize(payload) {
|
|
63
|
+
if (!SCHEME_NAME_RE.test(payload.scheme))
|
|
64
|
+
invalid("scheme", payload.scheme, "must match <network-family>-<mechanism>");
|
|
65
|
+
if (!SCHEME_VERSION_RE.test(payload.schemeVersion))
|
|
66
|
+
invalid("schemeVersion", payload.schemeVersion, "must be MAJOR.MINOR");
|
|
67
|
+
assertLineSafe("canonicalDomain", payload.canonicalDomain);
|
|
68
|
+
if (!METHOD_RE.test(payload.method))
|
|
69
|
+
invalid("method", payload.method, "must be an uppercase HTTP method");
|
|
70
|
+
assertPath(payload.path);
|
|
71
|
+
if (!NETWORK_RE.test(payload.network))
|
|
72
|
+
invalid("network", payload.network, "must be a lowercase network identifier");
|
|
73
|
+
assertLineSafe("asset", payload.asset);
|
|
74
|
+
if (!isValidHumanAmount(payload.amount))
|
|
75
|
+
invalid("amount", payload.amount, "must be a human decimal amount string");
|
|
76
|
+
assertIdentity("payer", payload.payer);
|
|
77
|
+
assertIdentity("payTo", payload.payTo);
|
|
78
|
+
assertRequestId(payload.requestId);
|
|
79
|
+
assertUnixSeconds("issuedAt", payload.issuedAt);
|
|
80
|
+
const lines = [
|
|
81
|
+
schemeContextLine(payload.scheme, payload.schemeVersion),
|
|
82
|
+
`canonicalDomain: ${payload.canonicalDomain}`,
|
|
83
|
+
`method: ${payload.method}`,
|
|
84
|
+
`path: ${payload.path}`,
|
|
85
|
+
`scheme: ${payload.scheme}`,
|
|
86
|
+
`network: ${payload.network}`,
|
|
87
|
+
`asset: ${payload.asset}`,
|
|
88
|
+
`amount: ${payload.amount}`,
|
|
89
|
+
`payer: ${payload.payer}`,
|
|
90
|
+
`payTo: ${payload.payTo}`,
|
|
91
|
+
`requestId: ${payload.requestId}`,
|
|
92
|
+
`issuedAt: ${payload.issuedAt}`,
|
|
93
|
+
].join("\n");
|
|
94
|
+
if (payload.extensions === undefined || payload.extensions.length === 0)
|
|
95
|
+
return lines;
|
|
96
|
+
return `${lines}\n${serializeExtensionBlock(payload.extensions)}`;
|
|
97
|
+
}
|
|
98
|
+
/**
|
|
99
|
+
* Canonical `v402-balance-query/0.1` payload (spec § Topup Instructions
|
|
100
|
+
* Endpoint) — domain-separated from payment payloads via its own line 1.
|
|
101
|
+
*/
|
|
102
|
+
export function canonicalizeBalanceQuery(payload) {
|
|
103
|
+
assertLineSafe("canonicalDomain", payload.canonicalDomain);
|
|
104
|
+
if (!NETWORK_RE.test(payload.network))
|
|
105
|
+
invalid("network", payload.network, "must be a lowercase network identifier");
|
|
106
|
+
assertIdentity("payer", payload.payer);
|
|
107
|
+
assertRequestId(payload.requestId);
|
|
108
|
+
assertUnixSeconds("issuedAt", payload.issuedAt);
|
|
109
|
+
return [
|
|
110
|
+
BALANCE_QUERY_CONTEXT,
|
|
111
|
+
`canonicalDomain: ${payload.canonicalDomain}`,
|
|
112
|
+
`network: ${payload.network}`,
|
|
113
|
+
`payer: ${payload.payer}`,
|
|
114
|
+
`requestId: ${payload.requestId}`,
|
|
115
|
+
`issuedAt: ${payload.issuedAt}`,
|
|
116
|
+
].join("\n");
|
|
117
|
+
}
|
|
118
|
+
//# sourceMappingURL=canonical.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../src/canonical.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAGxE,4EAA4E;AAC5E,MAAM,OAAO,GAAG,+BAA+B,CAAC;AAEhD,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC7B,CAAC;AACD,MAAM,cAAc,GAAG,4BAA4B,CAAC;AACpD,MAAM,iBAAiB,GAAG,YAAY,CAAC;AACvC,MAAM,SAAS,GAAG,UAAU,CAAC;AAC7B,MAAM,UAAU,GAAG,aAAa,CAAC;AACjC,iFAAiF;AACjF,MAAM,YAAY,GAAG,uBAAuB,CAAC;AAE7C,SAAS,OAAO,CAAC,KAAa,EAAE,KAAc,EAAE,IAAY;IAC1D,MAAM,IAAI,iBAAiB,CAAC,eAAe,EAAE,GAAG,KAAK,IAAI,IAAI,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AAC7F,CAAC;AAED,SAAS,cAAc,CAAC,KAAa,EAAE,KAAa;IAClD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,yDAAyD,CAAC,CAAC;AAClH,CAAC;AAED,yGAAyG;AACzG,SAAS,cAAc,CAAC,KAAa,EAAE,KAAa;IAClD,cAAc,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,+CAA+C,CAAC,CAAC;AACvH,CAAC;AAED;;;;GAIG;AACH,SAAS,UAAU,CAAC,KAAa;IAC/B,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAC9B,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,qBAAqB,CAAC,CAAC;IAC1E,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC;IACzC,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,oCAAoC,CAAC,CAAC;IAC1F,IAAI,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,IAAI,CAAC,EAAE,CAAC;QAC/E,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,+BAA+B,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa,EAAE,KAAa;IACrD,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,+CAA+C,CAAC,CAAC;AACxH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,CAAC,WAAW,EAAE,KAAK,EAAE,6CAA6C,CAAC,CAAC;AACvG,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,YAAY,CAAC,OAAyB;IACpD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,EAAE,yCAAyC,CAAC,CAAC;IACvH,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,OAAO,CAAC,eAAe,EAAE,OAAO,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IAC3H,cAAc,CAAC,iBAAiB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,EAAE,kCAAkC,CAAC,CAAC;IAC3G,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;QAAE,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,EAAE,wCAAwC,CAAC,CAAC;IACrH,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACvC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,EAAE,uCAAuC,CAAC,CAAC;IACpH,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACvC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACvC,eAAe,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACnC,iBAAiB,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhD,MAAM,KAAK,GAAG;QACZ,iBAAiB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC;QACxD,oBAAoB,OAAO,CAAC,eAAe,EAAE;QAC7C,WAAW,OAAO,CAAC,MAAM,EAAE;QAC3B,SAAS,OAAO,CAAC,IAAI,EAAE;QACvB,WAAW,OAAO,CAAC,MAAM,EAAE;QAC3B,YAAY,OAAO,CAAC,OAAO,EAAE;QAC7B,UAAU,OAAO,CAAC,KAAK,EAAE;QACzB,WAAW,OAAO,CAAC,MAAM,EAAE;QAC3B,UAAU,OAAO,CAAC,KAAK,EAAE;QACzB,UAAU,OAAO,CAAC,KAAK,EAAE;QACzB,cAAc,OAAO,CAAC,SAAS,EAAE;QACjC,aAAa,OAAO,CAAC,QAAQ,EAAE;KAChC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACtF,OAAO,GAAG,KAAK,KAAK,uBAAuB,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAA4B;IACnE,cAAc,CAAC,iBAAiB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAC3D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;QAAE,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,EAAE,wCAAwC,CAAC,CAAC;IACrH,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACvC,eAAe,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACnC,iBAAiB,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,qBAAqB;QACrB,oBAAoB,OAAO,CAAC,eAAe,EAAE;QAC7C,YAAY,OAAO,CAAC,OAAO,EAAE;QAC7B,UAAU,OAAO,CAAC,KAAK,EAAE;QACzB,cAAc,OAAO,CAAC,SAAS,EAAE;QACjC,aAAa,OAAO,CAAC,QAAQ,EAAE;KAChC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}
|
package/dist/errors.d.ts
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Error codes are stable identifiers — adapters map them to HTTP responses,
|
|
3
|
+
* so renaming one is a breaking change.
|
|
4
|
+
*/
|
|
5
|
+
export type V402ProtocolErrorCode = "invalid-amount" | "invalid-field" | "invalid-extension-key" | "invalid-extension-value" | "extensions-unsorted" | "extensions-duplicate-key" | "invalid-extension-block" | "invalid-signature-encoding";
|
|
6
|
+
export declare class V402ProtocolError extends Error {
|
|
7
|
+
readonly code: V402ProtocolErrorCode;
|
|
8
|
+
constructor(code: V402ProtocolErrorCode, message: string);
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,MAAM,qBAAqB,GAC7B,gBAAgB,GAChB,eAAe,GACf,uBAAuB,GACvB,yBAAyB,GACzB,qBAAqB,GACrB,0BAA0B,GAC1B,yBAAyB,GACzB,4BAA4B,CAAC;AAEjC,qBAAa,iBAAkB,SAAQ,KAAK;IAC1C,QAAQ,CAAC,IAAI,EAAE,qBAAqB,CAAC;gBAEzB,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,MAAM;CAKzD"}
|
package/dist/errors.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAcA,MAAM,OAAO,iBAAkB,SAAQ,KAAK;IACjC,IAAI,CAAwB;IAErC,YAAY,IAA2B,EAAE,OAAe;QACtD,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import type { ExtensionField } from "./types.js";
|
|
2
|
+
/** Normative decoded size limit of the `X-V402-Extensions` block (B2). Enforced by servers. */
|
|
3
|
+
export declare const MAX_EXTENSIONS_BYTES = 4096;
|
|
4
|
+
export declare function isValidExtensionKey(key: string): boolean;
|
|
5
|
+
/**
|
|
6
|
+
* Serialize extension fields to the exact byte block that gets signed and
|
|
7
|
+
* transmitted (base64-encoded) in `X-V402-Extensions`: `key: value` lines,
|
|
8
|
+
* sorted bytewise-ascending by key, LF-separated, no trailing newline.
|
|
9
|
+
*
|
|
10
|
+
* Input order does not matter — sorting happens here so all parties produce
|
|
11
|
+
* identical bytes. Duplicate keys are rejected.
|
|
12
|
+
*/
|
|
13
|
+
export declare function serializeExtensionBlock(fields: ExtensionField[]): string;
|
|
14
|
+
/**
|
|
15
|
+
* Parse + validate a decoded `X-V402-Extensions` block (server side).
|
|
16
|
+
* The block must already be byte-identical to what was signed: LF-separated
|
|
17
|
+
* `key: value` lines, strictly ascending key order, no trailing newline.
|
|
18
|
+
* Semantic validation of known `scheme.*` fields is the verifier's job.
|
|
19
|
+
*/
|
|
20
|
+
export declare function parseExtensionBlock(block: string): ExtensionField[];
|
|
21
|
+
//# sourceMappingURL=extensions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"extensions.d.ts","sourceRoot":"","sources":["../src/extensions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,+FAA+F;AAC/F,eAAO,MAAM,oBAAoB,OAAO,CAAC;AASzC,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAExD;AAcD;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,CAcxE;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,cAAc,EAAE,CAsBnE"}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
import { V402ProtocolError } from "./errors.js";
|
|
2
|
+
/** Normative decoded size limit of the `X-V402-Extensions` block (B2). Enforced by servers. */
|
|
3
|
+
export const MAX_EXTENSIONS_BYTES = 4096;
|
|
4
|
+
/**
|
|
5
|
+
* Extension key grammar: `<prefix>.<field>` where prefix is `scheme`, `iana`,
|
|
6
|
+
* or vendor-custom `x-<vendor>`. Field names are single alphanumeric segments
|
|
7
|
+
* starting with a letter (camelCase by convention, e.g. `scheme.bodyHash`).
|
|
8
|
+
*/
|
|
9
|
+
const EXTENSION_KEY_RE = /^(?:scheme|iana|x-[a-z0-9]+(?:-[a-z0-9]+)*)\.[A-Za-z][A-Za-z0-9]*$/;
|
|
10
|
+
export function isValidExtensionKey(key) {
|
|
11
|
+
return EXTENSION_KEY_RE.test(key);
|
|
12
|
+
}
|
|
13
|
+
function assertValidField(field) {
|
|
14
|
+
if (!EXTENSION_KEY_RE.test(field.key)) {
|
|
15
|
+
throw new V402ProtocolError("invalid-extension-key", `invalid extension key: ${JSON.stringify(field.key)}`);
|
|
16
|
+
}
|
|
17
|
+
if (field.value.length === 0 || /[\r\n]/.test(field.value) || field.value.startsWith(" ")) {
|
|
18
|
+
throw new V402ProtocolError("invalid-extension-value", `extension value for ${field.key} must be non-empty, single-line, and must not start with a space`);
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Serialize extension fields to the exact byte block that gets signed and
|
|
23
|
+
* transmitted (base64-encoded) in `X-V402-Extensions`: `key: value` lines,
|
|
24
|
+
* sorted bytewise-ascending by key, LF-separated, no trailing newline.
|
|
25
|
+
*
|
|
26
|
+
* Input order does not matter — sorting happens here so all parties produce
|
|
27
|
+
* identical bytes. Duplicate keys are rejected.
|
|
28
|
+
*/
|
|
29
|
+
export function serializeExtensionBlock(fields) {
|
|
30
|
+
const seen = new Set();
|
|
31
|
+
for (const field of fields) {
|
|
32
|
+
assertValidField(field);
|
|
33
|
+
if (seen.has(field.key)) {
|
|
34
|
+
throw new V402ProtocolError("extensions-duplicate-key", `duplicate extension key: ${field.key}`);
|
|
35
|
+
}
|
|
36
|
+
seen.add(field.key);
|
|
37
|
+
}
|
|
38
|
+
return fields
|
|
39
|
+
.slice()
|
|
40
|
+
.sort((a, b) => (a.key < b.key ? -1 : 1))
|
|
41
|
+
.map((f) => `${f.key}: ${f.value}`)
|
|
42
|
+
.join("\n");
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Parse + validate a decoded `X-V402-Extensions` block (server side).
|
|
46
|
+
* The block must already be byte-identical to what was signed: LF-separated
|
|
47
|
+
* `key: value` lines, strictly ascending key order, no trailing newline.
|
|
48
|
+
* Semantic validation of known `scheme.*` fields is the verifier's job.
|
|
49
|
+
*/
|
|
50
|
+
export function parseExtensionBlock(block) {
|
|
51
|
+
if (block.length === 0)
|
|
52
|
+
return [];
|
|
53
|
+
if (/\r/.test(block) || block.endsWith("\n")) {
|
|
54
|
+
throw new V402ProtocolError("invalid-extension-block", "extension block must be LF-separated without trailing newline");
|
|
55
|
+
}
|
|
56
|
+
const fields = [];
|
|
57
|
+
let previousKey;
|
|
58
|
+
for (const line of block.split("\n")) {
|
|
59
|
+
const separator = line.indexOf(": ");
|
|
60
|
+
if (separator <= 0) {
|
|
61
|
+
throw new V402ProtocolError("invalid-extension-block", `malformed extension line: ${JSON.stringify(line)}`);
|
|
62
|
+
}
|
|
63
|
+
const field = { key: line.slice(0, separator), value: line.slice(separator + 2) };
|
|
64
|
+
assertValidField(field);
|
|
65
|
+
if (previousKey !== undefined && !(previousKey < field.key)) {
|
|
66
|
+
const code = previousKey === field.key ? "extensions-duplicate-key" : "extensions-unsorted";
|
|
67
|
+
throw new V402ProtocolError(code, `extension keys must be strictly ascending: ${previousKey} → ${field.key}`);
|
|
68
|
+
}
|
|
69
|
+
previousKey = field.key;
|
|
70
|
+
fields.push(field);
|
|
71
|
+
}
|
|
72
|
+
return fields;
|
|
73
|
+
}
|
|
74
|
+
//# sourceMappingURL=extensions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"extensions.js","sourceRoot":"","sources":["../src/extensions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGhD,+FAA+F;AAC/F,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAEzC;;;;GAIG;AACH,MAAM,gBAAgB,GAAG,oEAAoE,CAAC;AAE9F,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,OAAO,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAqB;IAC7C,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,EAAE,0BAA0B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC9G,CAAC;IACD,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1F,MAAM,IAAI,iBAAiB,CACzB,yBAAyB,EACzB,uBAAuB,KAAK,CAAC,GAAG,kEAAkE,CACnG,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,uBAAuB,CAAC,MAAwB;IAC9D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,iBAAiB,CAAC,0BAA0B,EAAE,4BAA4B,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;QACnG,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IACD,OAAO,MAAM;SACV,KAAK,EAAE;SACP,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SACxC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;SAClC,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAClC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,EAAE,+DAA+D,CAAC,CAAC;IAC1H,CAAC;IACD,MAAM,MAAM,GAAqB,EAAE,CAAC;IACpC,IAAI,WAA+B,CAAC;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,EAAE,6BAA6B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9G,CAAC;QACD,MAAM,KAAK,GAAmB,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,EAAE,CAAC;QAClG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,CAAC,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,GAAG,WAAW,KAAK,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,qBAAqB,CAAC;YAC5F,MAAM,IAAI,iBAAiB,CAAC,IAAI,EAAE,8CAA8C,WAAW,MAAM,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;QAChH,CAAC;QACD,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/** Canonical HTTP header names of the v402/0.1 wire format. */
|
|
2
|
+
export declare const V402_HEADERS: {
|
|
3
|
+
readonly scheme: "X-V402-Scheme";
|
|
4
|
+
readonly payer: "X-V402-Payer";
|
|
5
|
+
readonly amount: "X-V402-Amount";
|
|
6
|
+
readonly requestId: "X-V402-Request-Id";
|
|
7
|
+
readonly issuedAt: "X-V402-Issued-At";
|
|
8
|
+
readonly signature: "X-V402-Signature";
|
|
9
|
+
readonly extensions: "X-V402-Extensions";
|
|
10
|
+
};
|
|
11
|
+
/** Headers a payment request MUST carry (`X-V402-Extensions` is optional). */
|
|
12
|
+
export declare const REQUIRED_PAYMENT_HEADERS: readonly string[];
|
|
13
|
+
//# sourceMappingURL=headers.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../src/headers.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,eAAO,MAAM,YAAY;;;;;;;;CAQf,CAAC;AAEX,8EAA8E;AAC9E,eAAO,MAAM,wBAAwB,EAAE,SAAS,MAAM,EAOrD,CAAC"}
|
package/dist/headers.js
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/** Canonical HTTP header names of the v402/0.1 wire format. */
|
|
2
|
+
export const V402_HEADERS = {
|
|
3
|
+
scheme: "X-V402-Scheme",
|
|
4
|
+
payer: "X-V402-Payer",
|
|
5
|
+
amount: "X-V402-Amount",
|
|
6
|
+
requestId: "X-V402-Request-Id",
|
|
7
|
+
issuedAt: "X-V402-Issued-At",
|
|
8
|
+
signature: "X-V402-Signature",
|
|
9
|
+
extensions: "X-V402-Extensions",
|
|
10
|
+
};
|
|
11
|
+
/** Headers a payment request MUST carry (`X-V402-Extensions` is optional). */
|
|
12
|
+
export const REQUIRED_PAYMENT_HEADERS = [
|
|
13
|
+
V402_HEADERS.scheme,
|
|
14
|
+
V402_HEADERS.payer,
|
|
15
|
+
V402_HEADERS.amount,
|
|
16
|
+
V402_HEADERS.requestId,
|
|
17
|
+
V402_HEADERS.issuedAt,
|
|
18
|
+
V402_HEADERS.signature,
|
|
19
|
+
];
|
|
20
|
+
//# sourceMappingURL=headers.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"headers.js","sourceRoot":"","sources":["../src/headers.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,MAAM,EAAE,eAAe;IACvB,KAAK,EAAE,cAAc;IACrB,MAAM,EAAE,eAAe;IACvB,SAAS,EAAE,mBAAmB;IAC9B,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,kBAAkB;IAC7B,UAAU,EAAE,mBAAmB;CACvB,CAAC;AAEX,8EAA8E;AAC9E,MAAM,CAAC,MAAM,wBAAwB,GAAsB;IACzD,YAAY,CAAC,MAAM;IACnB,YAAY,CAAC,KAAK;IAClB,YAAY,CAAC,MAAM;IACnB,YAAY,CAAC,SAAS;IACtB,YAAY,CAAC,QAAQ;IACrB,YAAY,CAAC,SAAS;CACvB,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Canonical balance-account key for a VerusID friendly name.
|
|
3
|
+
*
|
|
4
|
+
* The Verus chain resolves identity names case-insensitively ("Fum@" and
|
|
5
|
+
* "fum@" are the same identity), but v402 keys balances by string. Every
|
|
6
|
+
* component that touches balance state (verifier lookups, deposit-watcher
|
|
7
|
+
* attribution) MUST key through this function, otherwise a deposit credited
|
|
8
|
+
* as "v402test.demoagent@" is invisible to a payer sending
|
|
9
|
+
* "v402test.demoAgent@".
|
|
10
|
+
*
|
|
11
|
+
* Signature verification is NOT affected — the canonical payload keeps the
|
|
12
|
+
* payer string exactly as the client signed it.
|
|
13
|
+
*/
|
|
14
|
+
export declare function normalizeIdentityKey(identity: string): string;
|
|
15
|
+
//# sourceMappingURL=identity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE7D"}
|
package/dist/identity.js
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Canonical balance-account key for a VerusID friendly name.
|
|
3
|
+
*
|
|
4
|
+
* The Verus chain resolves identity names case-insensitively ("Fum@" and
|
|
5
|
+
* "fum@" are the same identity), but v402 keys balances by string. Every
|
|
6
|
+
* component that touches balance state (verifier lookups, deposit-watcher
|
|
7
|
+
* attribution) MUST key through this function, otherwise a deposit credited
|
|
8
|
+
* as "v402test.demoagent@" is invisible to a payer sending
|
|
9
|
+
* "v402test.demoAgent@".
|
|
10
|
+
*
|
|
11
|
+
* Signature verification is NOT affected — the canonical payload keeps the
|
|
12
|
+
* payer string exactly as the client signed it.
|
|
13
|
+
*/
|
|
14
|
+
export function normalizeIdentityKey(identity) {
|
|
15
|
+
return identity.trim().toLowerCase();
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAgB;IACnD,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;AACvC,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export { V402ProtocolError, type V402ProtocolErrorCode } from "./errors.js";
|
|
2
|
+
export { PROTOCOL_VERSION, SCHEME_VERUS_PREPAID_SIG, VERUS_PREPAID_SIG_VERSION, BALANCE_QUERY_CONTEXT, schemeContextLine, } from "./version.js";
|
|
3
|
+
export { V402_HEADERS, REQUIRED_PAYMENT_HEADERS } from "./headers.js";
|
|
4
|
+
export type { ExtensionField, CanonicalPayload, BalanceQueryPayload, PaymentRequirement, Payment402Response, PaymentClaim, DiscoveryDocument, } from "./types.js";
|
|
5
|
+
export { AMOUNT_DECIMALS, SATS_PER_COIN, isValidHumanAmount, humanToSats, satsToHuman } from "./amount.js";
|
|
6
|
+
export { MAX_EXTENSIONS_BYTES, isValidExtensionKey, serializeExtensionBlock, parseExtensionBlock, } from "./extensions.js";
|
|
7
|
+
export { canonicalize, canonicalizeBalanceQuery, isValidUlid } from "./canonical.js";
|
|
8
|
+
export { normalizeIdentityKey } from "./identity.js";
|
|
9
|
+
export { isBase64Signature, assertBase64Signature } from "./signature.js";
|
|
10
|
+
export { humanAmountSchema, ulidSchema, identitySchema, unixSecondsSchema, paymentRequirementSchema, payment402ResponseSchema, discoveryDocumentSchema, parsePaymentHeaders, type ParsePaymentHeadersResult, } from "./schemas.js";
|
|
11
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAC5E,OAAO,EACL,gBAAgB,EAChB,wBAAwB,EACxB,yBAAyB,EACzB,qBAAqB,EACrB,iBAAiB,GAClB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AACtE,YAAY,EACV,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,iBAAiB,GAClB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC3G,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AACrF,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAC1E,OAAO,EACL,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,iBAAiB,EACjB,wBAAwB,EACxB,wBAAwB,EACxB,uBAAuB,EACvB,mBAAmB,EACnB,KAAK,yBAAyB,GAC/B,MAAM,cAAc,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
export { V402ProtocolError } from "./errors.js";
|
|
2
|
+
export { PROTOCOL_VERSION, SCHEME_VERUS_PREPAID_SIG, VERUS_PREPAID_SIG_VERSION, BALANCE_QUERY_CONTEXT, schemeContextLine, } from "./version.js";
|
|
3
|
+
export { V402_HEADERS, REQUIRED_PAYMENT_HEADERS } from "./headers.js";
|
|
4
|
+
export { AMOUNT_DECIMALS, SATS_PER_COIN, isValidHumanAmount, humanToSats, satsToHuman } from "./amount.js";
|
|
5
|
+
export { MAX_EXTENSIONS_BYTES, isValidExtensionKey, serializeExtensionBlock, parseExtensionBlock, } from "./extensions.js";
|
|
6
|
+
export { canonicalize, canonicalizeBalanceQuery, isValidUlid } from "./canonical.js";
|
|
7
|
+
export { normalizeIdentityKey } from "./identity.js";
|
|
8
|
+
export { isBase64Signature, assertBase64Signature } from "./signature.js";
|
|
9
|
+
export { humanAmountSchema, ulidSchema, identitySchema, unixSecondsSchema, paymentRequirementSchema, payment402ResponseSchema, discoveryDocumentSchema, parsePaymentHeaders, } from "./schemas.js";
|
|
10
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAA8B,MAAM,aAAa,CAAC;AAC5E,OAAO,EACL,gBAAgB,EAChB,wBAAwB,EACxB,yBAAyB,EACzB,qBAAqB,EACrB,iBAAiB,GAClB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AAUtE,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC3G,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AACrF,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAC1E,OAAO,EACL,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,iBAAiB,EACjB,wBAAwB,EACxB,wBAAwB,EACxB,uBAAuB,EACvB,mBAAmB,GAEpB,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { PaymentClaim } from "./types.js";
|
|
3
|
+
/**
|
|
4
|
+
* Wire validation (boundary only). Wire objects are parsed loose — a MINOR
|
|
5
|
+
* protocol version may add optional fields, and rejecting unknown keys would
|
|
6
|
+
* break forward compatibility.
|
|
7
|
+
*/
|
|
8
|
+
export declare const humanAmountSchema: z.ZodString;
|
|
9
|
+
export declare const ulidSchema: z.ZodString;
|
|
10
|
+
export declare const identitySchema: z.ZodString;
|
|
11
|
+
export declare const unixSecondsSchema: z.ZodNumber;
|
|
12
|
+
/** One fully validated `accepts` entry (validate the entry you picked, not the whole array). */
|
|
13
|
+
export declare const paymentRequirementSchema: z.ZodObject<{
|
|
14
|
+
scheme: z.ZodString;
|
|
15
|
+
schemeVersion: z.ZodString;
|
|
16
|
+
network: z.ZodString;
|
|
17
|
+
asset: z.ZodString;
|
|
18
|
+
amount: z.ZodString;
|
|
19
|
+
amountUnit: z.ZodLiteral<"human">;
|
|
20
|
+
payTo: z.ZodString;
|
|
21
|
+
facilitator: z.ZodString;
|
|
22
|
+
requiredHeaders: z.ZodArray<z.ZodString>;
|
|
23
|
+
canonicalDomain: z.ZodString;
|
|
24
|
+
topup: z.ZodOptional<z.ZodObject<{
|
|
25
|
+
depositAddress: z.ZodString;
|
|
26
|
+
attribution: z.ZodLiteral<"sender-verusid">;
|
|
27
|
+
}, z.core.$loose>>;
|
|
28
|
+
}, z.core.$loose>;
|
|
29
|
+
/**
|
|
30
|
+
* The 402 envelope. Entries are only shape-checked here — an unknown scheme
|
|
31
|
+
* with fields we can't interpret must not make the whole response unparseable.
|
|
32
|
+
*/
|
|
33
|
+
export declare const payment402ResponseSchema: z.ZodObject<{
|
|
34
|
+
version: z.ZodString;
|
|
35
|
+
accepts: z.ZodArray<z.ZodObject<{
|
|
36
|
+
scheme: z.ZodString;
|
|
37
|
+
schemeVersion: z.ZodString;
|
|
38
|
+
}, z.core.$loose>>;
|
|
39
|
+
}, z.core.$loose>;
|
|
40
|
+
/** `.well-known/v402` discovery document. */
|
|
41
|
+
export declare const discoveryDocumentSchema: z.ZodObject<{
|
|
42
|
+
specUrl: z.ZodOptional<z.ZodString>;
|
|
43
|
+
supportedVersions: z.ZodArray<z.ZodString>;
|
|
44
|
+
defaultVersion: z.ZodString;
|
|
45
|
+
deprecatedVersions: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
46
|
+
sunsetDates: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
|
|
47
|
+
supportedExtensions: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
48
|
+
}, z.core.$loose>;
|
|
49
|
+
export type ParsePaymentHeadersResult = {
|
|
50
|
+
ok: true;
|
|
51
|
+
claim: PaymentClaim;
|
|
52
|
+
} | {
|
|
53
|
+
ok: false;
|
|
54
|
+
error: string;
|
|
55
|
+
};
|
|
56
|
+
/**
|
|
57
|
+
* Extract + validate the `X-V402-*` headers into a `PaymentClaim`.
|
|
58
|
+
* Case-insensitive lookup (Node lowercases incoming header names); repeated
|
|
59
|
+
* payment headers are rejected — fail closed, never pick one of two values.
|
|
60
|
+
*/
|
|
61
|
+
export declare function parsePaymentHeaders(headers: Record<string, string | string[] | undefined>): ParsePaymentHeadersResult;
|
|
62
|
+
//# sourceMappingURL=schemas.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schemas.d.ts","sourceRoot":"","sources":["../src/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAKxB,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C;;;;GAIG;AAEH,eAAO,MAAM,iBAAiB,aAAiF,CAAC;AAChH,eAAO,MAAM,UAAU,aAAgF,CAAC;AACxG,eAAO,MAAM,cAAc,aAEwD,CAAC;AACpF,eAAO,MAAM,iBAAiB,aAAiC,CAAC;AAEhE,gGAAgG;AAChG,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;iBAiBnC,CAAC;AAEH;;;GAGG;AACH,eAAO,MAAM,wBAAwB;;;;;;iBAQnC,CAAC;AAEH,6CAA6C;AAC7C,eAAO,MAAM,uBAAuB;;;;;;;iBAOlC,CAAC;AAEH,MAAM,MAAM,yBAAyB,GACjC;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,YAAY,CAAA;CAAE,GACjC;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAIjC;;;;GAIG;AACH,wBAAgB,mBAAmB,CACjC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GACrD,yBAAyB,CA2E3B"}
|
package/dist/schemas.js
ADDED
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { isValidHumanAmount } from "./amount.js";
|
|
3
|
+
import { isValidUlid } from "./canonical.js";
|
|
4
|
+
import { isBase64Signature } from "./signature.js";
|
|
5
|
+
import { V402_HEADERS } from "./headers.js";
|
|
6
|
+
/**
|
|
7
|
+
* Wire validation (boundary only). Wire objects are parsed loose — a MINOR
|
|
8
|
+
* protocol version may add optional fields, and rejecting unknown keys would
|
|
9
|
+
* break forward compatibility.
|
|
10
|
+
*/
|
|
11
|
+
export const humanAmountSchema = z.string().refine(isValidHumanAmount, "must be a human decimal amount string");
|
|
12
|
+
export const ulidSchema = z.string().refine(isValidUlid, "must be a ULID (26 chars, Crockford base32)");
|
|
13
|
+
export const identitySchema = z
|
|
14
|
+
.string()
|
|
15
|
+
.regex(/^[^\s\x00-\x1f\x7f]+@$/, "must be a VerusID friendly name ending in '@'");
|
|
16
|
+
export const unixSecondsSchema = z.number().int().nonnegative();
|
|
17
|
+
/** One fully validated `accepts` entry (validate the entry you picked, not the whole array). */
|
|
18
|
+
export const paymentRequirementSchema = z.looseObject({
|
|
19
|
+
scheme: z.string().min(1),
|
|
20
|
+
schemeVersion: z.string().regex(/^\d+\.\d+$/),
|
|
21
|
+
network: z.string().min(1),
|
|
22
|
+
asset: z.string().min(1),
|
|
23
|
+
amount: humanAmountSchema,
|
|
24
|
+
amountUnit: z.literal("human"),
|
|
25
|
+
payTo: identitySchema,
|
|
26
|
+
facilitator: z.string().min(1),
|
|
27
|
+
requiredHeaders: z.array(z.string().min(1)).min(1),
|
|
28
|
+
canonicalDomain: z.string().min(1),
|
|
29
|
+
topup: z
|
|
30
|
+
.looseObject({
|
|
31
|
+
depositAddress: identitySchema,
|
|
32
|
+
attribution: z.literal("sender-verusid"),
|
|
33
|
+
})
|
|
34
|
+
.optional(),
|
|
35
|
+
});
|
|
36
|
+
/**
|
|
37
|
+
* The 402 envelope. Entries are only shape-checked here — an unknown scheme
|
|
38
|
+
* with fields we can't interpret must not make the whole response unparseable.
|
|
39
|
+
*/
|
|
40
|
+
export const payment402ResponseSchema = z.looseObject({
|
|
41
|
+
version: z.string().min(1),
|
|
42
|
+
accepts: z.array(z.looseObject({
|
|
43
|
+
scheme: z.string().min(1),
|
|
44
|
+
schemeVersion: z.string().min(1),
|
|
45
|
+
})),
|
|
46
|
+
});
|
|
47
|
+
/** `.well-known/v402` discovery document. */
|
|
48
|
+
export const discoveryDocumentSchema = z.looseObject({
|
|
49
|
+
specUrl: z.string().min(1).optional(),
|
|
50
|
+
supportedVersions: z.array(z.string().min(1)).min(1),
|
|
51
|
+
defaultVersion: z.string().min(1),
|
|
52
|
+
deprecatedVersions: z.array(z.string().min(1)).optional(),
|
|
53
|
+
sunsetDates: z.record(z.string(), z.string()).optional(),
|
|
54
|
+
supportedExtensions: z.array(z.string().min(1)).optional(),
|
|
55
|
+
});
|
|
56
|
+
const ISSUED_AT_RE = /^(?:0|[1-9]\d*)$/;
|
|
57
|
+
/**
|
|
58
|
+
* Extract + validate the `X-V402-*` headers into a `PaymentClaim`.
|
|
59
|
+
* Case-insensitive lookup (Node lowercases incoming header names); repeated
|
|
60
|
+
* payment headers are rejected — fail closed, never pick one of two values.
|
|
61
|
+
*/
|
|
62
|
+
export function parsePaymentHeaders(headers) {
|
|
63
|
+
const byName = new Map();
|
|
64
|
+
for (const [name, value] of Object.entries(headers)) {
|
|
65
|
+
if (value !== undefined)
|
|
66
|
+
byName.set(name.toLowerCase(), value);
|
|
67
|
+
}
|
|
68
|
+
const single = (name) => {
|
|
69
|
+
const value = byName.get(name.toLowerCase());
|
|
70
|
+
if (value === undefined)
|
|
71
|
+
return { error: `missing required header: ${name}` };
|
|
72
|
+
if (Array.isArray(value)) {
|
|
73
|
+
if (value.length !== 1)
|
|
74
|
+
return { error: `header must not repeat: ${name}` };
|
|
75
|
+
return value[0];
|
|
76
|
+
}
|
|
77
|
+
return value;
|
|
78
|
+
};
|
|
79
|
+
const read = {};
|
|
80
|
+
for (const name of [
|
|
81
|
+
V402_HEADERS.scheme,
|
|
82
|
+
V402_HEADERS.payer,
|
|
83
|
+
V402_HEADERS.amount,
|
|
84
|
+
V402_HEADERS.requestId,
|
|
85
|
+
V402_HEADERS.issuedAt,
|
|
86
|
+
V402_HEADERS.signature,
|
|
87
|
+
]) {
|
|
88
|
+
const result = single(name);
|
|
89
|
+
if (typeof result !== "string")
|
|
90
|
+
return { ok: false, error: result.error };
|
|
91
|
+
read[name] = result;
|
|
92
|
+
}
|
|
93
|
+
const payer = read[V402_HEADERS.payer];
|
|
94
|
+
if (!identitySchema.safeParse(payer).success) {
|
|
95
|
+
return { ok: false, error: `${V402_HEADERS.payer} must be a VerusID friendly name ending in '@'` };
|
|
96
|
+
}
|
|
97
|
+
const amount = read[V402_HEADERS.amount];
|
|
98
|
+
if (!isValidHumanAmount(amount)) {
|
|
99
|
+
return { ok: false, error: `${V402_HEADERS.amount} must be a human decimal amount string` };
|
|
100
|
+
}
|
|
101
|
+
const requestId = read[V402_HEADERS.requestId];
|
|
102
|
+
if (!isValidUlid(requestId)) {
|
|
103
|
+
return { ok: false, error: `${V402_HEADERS.requestId} must be a ULID` };
|
|
104
|
+
}
|
|
105
|
+
const issuedAtRaw = read[V402_HEADERS.issuedAt];
|
|
106
|
+
if (!ISSUED_AT_RE.test(issuedAtRaw) || !Number.isSafeInteger(Number(issuedAtRaw))) {
|
|
107
|
+
return { ok: false, error: `${V402_HEADERS.issuedAt} must be Unix seconds (non-negative integer)` };
|
|
108
|
+
}
|
|
109
|
+
const signature = read[V402_HEADERS.signature];
|
|
110
|
+
if (!isBase64Signature(signature)) {
|
|
111
|
+
return { ok: false, error: `${V402_HEADERS.signature} must be standard Base64` };
|
|
112
|
+
}
|
|
113
|
+
const scheme = read[V402_HEADERS.scheme];
|
|
114
|
+
if (scheme.length === 0) {
|
|
115
|
+
return { ok: false, error: `${V402_HEADERS.scheme} must not be empty` };
|
|
116
|
+
}
|
|
117
|
+
const claim = {
|
|
118
|
+
scheme,
|
|
119
|
+
payer,
|
|
120
|
+
amount,
|
|
121
|
+
requestId,
|
|
122
|
+
issuedAt: Number(issuedAtRaw),
|
|
123
|
+
signature,
|
|
124
|
+
};
|
|
125
|
+
const extensions = byName.get(V402_HEADERS.extensions.toLowerCase());
|
|
126
|
+
if (extensions !== undefined) {
|
|
127
|
+
if (Array.isArray(extensions)) {
|
|
128
|
+
if (extensions.length !== 1)
|
|
129
|
+
return { ok: false, error: `header must not repeat: ${V402_HEADERS.extensions}` };
|
|
130
|
+
claim.extensionsRaw = extensions[0];
|
|
131
|
+
}
|
|
132
|
+
else {
|
|
133
|
+
claim.extensionsRaw = extensions;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
return { ok: true, claim };
|
|
137
|
+
}
|
|
138
|
+
//# sourceMappingURL=schemas.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../src/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAG5C;;;;GAIG;AAEH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,kBAAkB,EAAE,uCAAuC,CAAC,CAAC;AAChH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,6CAA6C,CAAC,CAAC;AACxG,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC;KAC5B,MAAM,EAAE;KACR,KAAK,CAAC,wBAAwB,EAAE,+CAA+C,CAAC,CAAC;AACpF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;AAEhE,gGAAgG;AAChG,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,WAAW,CAAC;IACpD,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACzB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC;IAC7C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACxB,MAAM,EAAE,iBAAiB;IACzB,UAAU,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;IAC9B,KAAK,EAAE,cAAc;IACrB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9B,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClD,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAClC,KAAK,EAAE,CAAC;SACL,WAAW,CAAC;QACX,cAAc,EAAE,cAAc;QAC9B,WAAW,EAAE,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC;KACzC,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,WAAW,CAAC;IACpD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,WAAW,CAAC;QACZ,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;KACjC,CAAC,CACH;CACF,CAAC,CAAC;AAEH,6CAA6C;AAC7C,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,WAAW,CAAC;IACnD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrC,iBAAiB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACpD,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACjC,kBAAkB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACzD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,mBAAmB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC3D,CAAC,CAAC;AAMH,MAAM,YAAY,GAAG,kBAAkB,CAAC;AAExC;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAsD;IAEtD,MAAM,MAAM,GAAG,IAAI,GAAG,EAA6B,CAAC;IACpD,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,IAAI,KAAK,KAAK,SAAS;YAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,KAAK,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,IAAY,EAA8B,EAAE;QAC1D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,EAAE,KAAK,EAAE,4BAA4B,IAAI,EAAE,EAAE,CAAC;QAC9E,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,EAAE,KAAK,EAAE,2BAA2B,IAAI,EAAE,EAAE,CAAC;YAC5E,OAAO,KAAK,CAAC,CAAC,CAAE,CAAC;QACnB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;IAEF,MAAM,IAAI,GAA2B,EAAE,CAAC;IACxC,KAAK,MAAM,IAAI,IAAI;QACjB,YAAY,CAAC,MAAM;QACnB,YAAY,CAAC,KAAK;QAClB,YAAY,CAAC,MAAM;QACnB,YAAY,CAAC,SAAS;QACtB,YAAY,CAAC,QAAQ;QACrB,YAAY,CAAC,SAAS;KACvB,EAAE,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5B,IAAI,OAAO,MAAM,KAAK,QAAQ;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC;QAC1E,IAAI,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC;IACtB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAE,CAAC;IACxC,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,KAAK,gDAAgD,EAAE,CAAC;IACrG,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAE,CAAC;IAC1C,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC;QAChC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,MAAM,wCAAwC,EAAE,CAAC;IAC9F,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,SAAS,CAAE,CAAC;IAChD,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,SAAS,iBAAiB,EAAE,CAAC;IAC1E,CAAC;IACD,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAE,CAAC;IACjD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAClF,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,QAAQ,8CAA8C,EAAE,CAAC;IACtG,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,SAAS,CAAE,CAAC;IAChD,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,SAAS,0BAA0B,EAAE,CAAC;IACnF,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAE,CAAC;IAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,MAAM,oBAAoB,EAAE,CAAC;IAC1E,CAAC;IAED,MAAM,KAAK,GAAiB;QAC1B,MAAM;QACN,KAAK;QACL,MAAM;QACN,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC;QAC7B,SAAS;KACV,CAAC;IAEF,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,YAAY,CAAC,UAAU,EAAE,EAAE,CAAC;YAC/G,KAAK,CAAC,aAAa,GAAG,UAAU,CAAC,CAAC,CAAE,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,aAAa,GAAG,UAAU,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AAC7B,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signature.d.ts","sourceRoot":"","sources":["../src/signature.ts"],"names":[],"mappings":"AAUA,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAExD;AAED,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAIzD"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { V402ProtocolError } from "./errors.js";
|
|
2
|
+
/**
|
|
3
|
+
* Signature encoding (Q4): Verus `signmessage` returns standard Base64 — the
|
|
4
|
+
* string travels bit-identically through `X-V402-Signature` into
|
|
5
|
+
* `verifymessage`. These helpers only gate the encoding; they never decode or
|
|
6
|
+
* re-encode.
|
|
7
|
+
*/
|
|
8
|
+
const BASE64_RE = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})$/;
|
|
9
|
+
export function isBase64Signature(value) {
|
|
10
|
+
return BASE64_RE.test(value);
|
|
11
|
+
}
|
|
12
|
+
export function assertBase64Signature(value) {
|
|
13
|
+
if (!BASE64_RE.test(value)) {
|
|
14
|
+
throw new V402ProtocolError("invalid-signature-encoding", "signature must be non-empty standard Base64 (not base64url)");
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=signature.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signature.js","sourceRoot":"","sources":["../src/signature.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,SAAS,GAAG,kFAAkF,CAAC;AAErG,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,OAAO,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,iBAAiB,CAAC,4BAA4B,EAAE,6DAA6D,CAAC,CAAC;IAC3H,CAAC;AACH,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
/** One signed extension line, e.g. `{ key: "scheme.bodyHash", value: "sha256:…" }`. */
|
|
2
|
+
export interface ExtensionField {
|
|
3
|
+
key: string;
|
|
4
|
+
value: string;
|
|
5
|
+
}
|
|
6
|
+
/**
|
|
7
|
+
* Input to `canonicalize()` — the 11 core fields plus optional extensions.
|
|
8
|
+
* On the server, core values come from server truth (config + request); only
|
|
9
|
+
* `path`, `payer`, `requestId`, `issuedAt` originate from the client.
|
|
10
|
+
*/
|
|
11
|
+
export interface CanonicalPayload {
|
|
12
|
+
scheme: string;
|
|
13
|
+
schemeVersion: string;
|
|
14
|
+
canonicalDomain: string;
|
|
15
|
+
method: string;
|
|
16
|
+
/** Request-target verbatim as sent on the wire, incl. query string (M1). */
|
|
17
|
+
path: string;
|
|
18
|
+
network: string;
|
|
19
|
+
asset: string;
|
|
20
|
+
/** Human decimal string, e.g. "0.001" — signed byte-verbatim. */
|
|
21
|
+
amount: string;
|
|
22
|
+
payer: string;
|
|
23
|
+
payTo: string;
|
|
24
|
+
/** ULID, Crockford base32, 26 chars. */
|
|
25
|
+
requestId: string;
|
|
26
|
+
/** Unix seconds. */
|
|
27
|
+
issuedAt: number;
|
|
28
|
+
extensions?: ExtensionField[];
|
|
29
|
+
}
|
|
30
|
+
/** Input to `canonicalizeBalanceQuery()` — see spec § Topup Instructions Endpoint. */
|
|
31
|
+
export interface BalanceQueryPayload {
|
|
32
|
+
canonicalDomain: string;
|
|
33
|
+
network: string;
|
|
34
|
+
payer: string;
|
|
35
|
+
requestId: string;
|
|
36
|
+
issuedAt: number;
|
|
37
|
+
}
|
|
38
|
+
/** One entry of the 402 response's `accepts` array. */
|
|
39
|
+
export interface PaymentRequirement {
|
|
40
|
+
scheme: string;
|
|
41
|
+
schemeVersion: string;
|
|
42
|
+
network: string;
|
|
43
|
+
asset: string;
|
|
44
|
+
amount: string;
|
|
45
|
+
amountUnit: "human";
|
|
46
|
+
payTo: string;
|
|
47
|
+
facilitator: string;
|
|
48
|
+
requiredHeaders: string[];
|
|
49
|
+
canonicalDomain: string;
|
|
50
|
+
topup?: {
|
|
51
|
+
depositAddress: string;
|
|
52
|
+
attribution: "sender-verusid";
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
/** The 402 Payment Required response body. */
|
|
56
|
+
export interface Payment402Response {
|
|
57
|
+
version: string;
|
|
58
|
+
accepts: PaymentRequirement[];
|
|
59
|
+
}
|
|
60
|
+
/** Parsed + validated `X-V402-*` request headers. */
|
|
61
|
+
export interface PaymentClaim {
|
|
62
|
+
scheme: string;
|
|
63
|
+
payer: string;
|
|
64
|
+
amount: string;
|
|
65
|
+
requestId: string;
|
|
66
|
+
issuedAt: number;
|
|
67
|
+
/** Standard Base64 as produced by Verus `signmessage` — pass-through, never re-encoded. */
|
|
68
|
+
signature: string;
|
|
69
|
+
/** Raw base64 value of `X-V402-Extensions`, if present. Decoded/validated by the verifier. */
|
|
70
|
+
extensionsRaw?: string;
|
|
71
|
+
}
|
|
72
|
+
/** The `.well-known/v402` discovery document. */
|
|
73
|
+
export interface DiscoveryDocument {
|
|
74
|
+
specUrl?: string;
|
|
75
|
+
supportedVersions: string[];
|
|
76
|
+
defaultVersion: string;
|
|
77
|
+
deprecatedVersions?: string[];
|
|
78
|
+
/** version → ISO date */
|
|
79
|
+
sunsetDates?: Record<string, string>;
|
|
80
|
+
supportedExtensions?: string[];
|
|
81
|
+
}
|
|
82
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,uFAAuF;AACvF,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,4EAA4E;IAC5E,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,iEAAiE;IACjE,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,wCAAwC;IACxC,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,cAAc,EAAE,CAAC;CAC/B;AAED,sFAAsF;AACtF,MAAM,WAAW,mBAAmB;IAClC,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,uDAAuD;AACvD,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,OAAO,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,KAAK,CAAC,EAAE;QACN,cAAc,EAAE,MAAM,CAAC;QACvB,WAAW,EAAE,gBAAgB,CAAC;KAC/B,CAAC;CACH;AAED,8CAA8C;AAC9C,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,kBAAkB,EAAE,CAAC;CAC/B;AAED,qDAAqD;AACrD,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,2FAA2F;IAC3F,SAAS,EAAE,MAAM,CAAC;IAClB,8FAA8F;IAC9F,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,iDAAiD;AACjD,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
/** Protocol (envelope) version — 402 response shape, discovery, headers. */
|
|
2
|
+
export declare const PROTOCOL_VERSION = "v402/0.1";
|
|
3
|
+
/** Registered scheme name of the Verus prepaid-signature scheme. */
|
|
4
|
+
export declare const SCHEME_VERUS_PREPAID_SIG = "verus-prepaid-sig";
|
|
5
|
+
/** Current scheme version of `verus-prepaid-sig`. Versions independently of the protocol. */
|
|
6
|
+
export declare const VERUS_PREPAID_SIG_VERSION = "0.1";
|
|
7
|
+
/**
|
|
8
|
+
* Line 1 of a signed payment payload: `<scheme>/<schemeVersion>`.
|
|
9
|
+
* For the MVP scheme: `verus-prepaid-sig/0.1`.
|
|
10
|
+
*/
|
|
11
|
+
export declare function schemeContextLine(scheme: string, schemeVersion: string): string;
|
|
12
|
+
/**
|
|
13
|
+
* Line-1 context string of the signed balance query — deliberately distinct
|
|
14
|
+
* from every scheme context line so a payment signature can never verify as a
|
|
15
|
+
* balance query or vice versa (domain separation).
|
|
16
|
+
*/
|
|
17
|
+
export declare const BALANCE_QUERY_CONTEXT = "v402-balance-query/0.1";
|
|
18
|
+
//# sourceMappingURL=version.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,eAAO,MAAM,gBAAgB,aAAa,CAAC;AAE3C,oEAAoE;AACpE,eAAO,MAAM,wBAAwB,sBAAsB,CAAC;AAE5D,6FAA6F;AAC7F,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAE/C;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,MAAM,CAE/E;AAED;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,2BAA2B,CAAC"}
|
package/dist/version.js
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/** Protocol (envelope) version — 402 response shape, discovery, headers. */
|
|
2
|
+
export const PROTOCOL_VERSION = "v402/0.1";
|
|
3
|
+
/** Registered scheme name of the Verus prepaid-signature scheme. */
|
|
4
|
+
export const SCHEME_VERUS_PREPAID_SIG = "verus-prepaid-sig";
|
|
5
|
+
/** Current scheme version of `verus-prepaid-sig`. Versions independently of the protocol. */
|
|
6
|
+
export const VERUS_PREPAID_SIG_VERSION = "0.1";
|
|
7
|
+
/**
|
|
8
|
+
* Line 1 of a signed payment payload: `<scheme>/<schemeVersion>`.
|
|
9
|
+
* For the MVP scheme: `verus-prepaid-sig/0.1`.
|
|
10
|
+
*/
|
|
11
|
+
export function schemeContextLine(scheme, schemeVersion) {
|
|
12
|
+
return `${scheme}/${schemeVersion}`;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Line-1 context string of the signed balance query — deliberately distinct
|
|
16
|
+
* from every scheme context line so a payment signature can never verify as a
|
|
17
|
+
* balance query or vice versa (domain separation).
|
|
18
|
+
*/
|
|
19
|
+
export const BALANCE_QUERY_CONTEXT = "v402-balance-query/0.1";
|
|
20
|
+
//# sourceMappingURL=version.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"version.js","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,MAAM,CAAC,MAAM,gBAAgB,GAAG,UAAU,CAAC;AAE3C,oEAAoE;AACpE,MAAM,CAAC,MAAM,wBAAwB,GAAG,mBAAmB,CAAC;AAE5D,6FAA6F;AAC7F,MAAM,CAAC,MAAM,yBAAyB,GAAG,KAAK,CAAC;AAE/C;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAc,EAAE,aAAqB;IACrE,OAAO,GAAG,MAAM,IAAI,aAAa,EAAE,CAAC;AACtC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,wBAAwB,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@chainvue/v402-protocol",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "v402 protocol core: types, wire-format schemas, canonical payload serialization, amount utilities. Framework-agnostic, browser-safe.",
|
|
5
|
+
"repository": {
|
|
6
|
+
"type": "git",
|
|
7
|
+
"url": "git+https://github.com/chainvue/v402.git",
|
|
8
|
+
"directory": "packages/protocol"
|
|
9
|
+
},
|
|
10
|
+
"homepage": "https://github.com/chainvue/v402/tree/main/packages/protocol#readme",
|
|
11
|
+
"bugs": "https://github.com/chainvue/v402/issues",
|
|
12
|
+
"license": "Apache-2.0",
|
|
13
|
+
"author": "Robert Lech (chainvue)",
|
|
14
|
+
"type": "module",
|
|
15
|
+
"sideEffects": false,
|
|
16
|
+
"main": "./dist/index.js",
|
|
17
|
+
"types": "./dist/index.d.ts",
|
|
18
|
+
"exports": {
|
|
19
|
+
".": {
|
|
20
|
+
"types": "./dist/index.d.ts",
|
|
21
|
+
"import": "./dist/index.js"
|
|
22
|
+
}
|
|
23
|
+
},
|
|
24
|
+
"files": [
|
|
25
|
+
"dist"
|
|
26
|
+
],
|
|
27
|
+
"dependencies": {
|
|
28
|
+
"zod": "^4.4.3"
|
|
29
|
+
},
|
|
30
|
+
"publishConfig": {
|
|
31
|
+
"access": "public"
|
|
32
|
+
},
|
|
33
|
+
"scripts": {
|
|
34
|
+
"build": "tsc -p tsconfig.build.json",
|
|
35
|
+
"typecheck": "tsc -p tsconfig.json",
|
|
36
|
+
"test": "vitest run"
|
|
37
|
+
}
|
|
38
|
+
}
|