@dexterai/vault 0.4.1 → 0.5.0

package/README.md

@@ -21,11 +21,53 @@
 
 ---
 
-## What is `@dexterai/vault`?
+<!-- GTM-DRAFT: product framing/wording pending GTM agent review before publish -->
 
-The `dexter-vault` Solana program is a non-custodial passkey-rooted vault: WebAuthn signs every spend, a programmatic Swig role makes the unruggable streaming channel possible, and the entire spend path goes through the vault program — no master key, no escrow, no trust.
+## Open a tab for your agent
 
-This package is the TypeScript that talks to it. Every byte the on-chain program checks — instruction discriminators, the 180-byte session-registration message, the 128-byte revocation message, the 44-byte voucher payload, the vault account layout — lives here, in exactly one file each. Three repos used to hand-roll these primitives and one of them missed a role; that bug is now structurally impossible.
+You open a tab with a hard limit. Your agent spends against it, charge by charge, with no signature prompt per charge. When the work is done you settle and the tab closes. The spending limit is enforced by the Solana program at consensus, not by this SDK and not by Dexter. The SDK never holds a key that can overspend it, and you can verify the cap on-chain yourself.
+
+```ts
+import { openTab, settleTab, readTabMeter } from '@dexterai/vault/tab';
+
+// arm a tab with a chain-enforced cap
+const open = await openTab({ vaultPda, amount: 5_000_000n, dexterAuthority });
+
+// settle a streamed micro-charge (composes precompile + settle + transfer)
+const settle = await settleTab({
+  connection, vaultPda, swigAddress, channelId,
+  cumulativeAmount, sequenceNumber, sessionSigner, sellerAta, feePayer, dexterAuthority,
+});
+
+// read remaining headroom (the chain is the real guard)
+const meter = await readTabMeter(connection, vaultPda);
+```
+
+That is the whole product loop: `openTab` arms a capped tab, `settleTab` records each streamed charge against it, `readTabMeter` reports the headroom left. The buyer's USDC never leaves their wallet while the tab runs; the program gates their exit until the tab settles. The closest familiar shape is an auth-and-capture credit-card hold, except the hold is enforced on-chain instead of by a processor.
+
+A tab can also spend **past** the user's balance, backed by a financier's standby capital: non-custodial, and structured so the buyer cannot rug the financier and the financier cannot seize more than the agreed bound. Every guard in that path is proven on Solana mainnet, including a real draw, a real repayment, a real default-and-seize, and every anti-rug rejection. Same import, three more verbs:
+
+```ts
+import { drawCredit, repayCredit, seizeCollateral } from '@dexterai/vault/tab';
+```
+
+Credit is not a separate product bolted onto a tab. It is a tab that can spend past its balance. That is why it lives in the same import.
+
+> **Two sides.** This package is the buyer side. The seller side (verify vouchers, meter consumption, accept payment in about ten lines) lives in `@dexterai/x402`. Together they cover both halves of agent payments on Solana.
+
+Every `./tab` verb returns `TransactionInstruction[]`, so you own signing, fees, and sending.
+
+---
+
+## Under the hood: the primitives
+
+If the four `./tab` verbs are all you need, you can stop reading here. The rest of this package is the low-level surface those verbs are built from, exposed for the servers that assemble their own transactions.
+
+The `dexter-vault` Solana program is a non-custodial passkey-rooted vault: WebAuthn signs every spend, a programmatic Swig role makes the unruggable streaming channel possible, and the entire spend path goes through the vault program, with no master key, no escrow, and no trust.
+
+This package is the TypeScript that talks to it. Every byte the on-chain program checks lives here, in exactly one file each: instruction discriminators, the 188-byte V2 session-registration message, the 128-byte revocation message, the 44-byte voucher payload, and the vault account layout. Three repos used to hand-roll these primitives and one of them missed a role; that bug is now structurally impossible.
+
+The `./tab` verbs above compose these primitives. The tiers stack on top of the same building blocks: the streaming tab (`settle_tab_voucher`), the credit tab (`draw_credit` / `repay_credit` / `seize_collateral`), the LockedClaim crystallized tier (`@dexterai/vault/instructions`), and factoring / instant payout (`@dexterai/vault/factoring`).
 
 If you are about to hand-roll a vault instruction builder, a precompile message, a Swig role list, or a vault account decoder, **stop and import from here instead**.
 
@@ -37,7 +79,7 @@ If you are about to hand-roll a vault instruction builder, a precompile message,
 npm install @dexterai/vault
 ```
 
-Compatible with `dexter-vault` program version 2 (12 Anchor discriminators including `prove_passkey`, `settle_tab_voucher`, and the session-key register/revoke pair).
+Targets the `dexter-vault` V5 program (21 Anchor discriminators including `prove_passkey`, `settle_tab_voucher`, the session-key register/revoke pair, the LockedClaim set, and the credit set `open_standby` / `draw_credit` / `repay_credit` / `seize_collateral`).
 
 ---
 
@@ -63,7 +105,7 @@ const bundle = await buildSwigCreationBundle({
 const tx = new Transaction().add(...bundle.instructions);
 ```
 
-The 4-role design — role 0 bootstrap, role 1 `ProgramExec(finalize_withdrawal)`, role 2 session master, role 3 `ProgramExec(settle_tab_voucher)` — lives in exactly one function. Tests in this repo lock the role list against the on-chain Anchor discriminators.
+The 4-role design (role 0 bootstrap, role 1 `ProgramExec(finalize_withdrawal)`, role 2 session master, role 3 `ProgramExec(settle_tab_voucher)`) lives in exactly one function. Tests in this repo lock the role list against the on-chain Anchor discriminators.
 
 ### Settle a Tab voucher on chain (facilitator-side)
 
@@ -141,14 +183,18 @@ Each subpath is a tree-shakeable entry point. Pull only what you need.
 |---|---|
 | `@dexterai/vault` | Re-exports `types` + `counterfactual` for convenience |
 | `@dexterai/vault/types` | `VaultState`, `VaultStateFull`, `ActiveSession`, `PendingWithdrawal`, `SessionKey`, `SessionScope`, `SignedVoucher`, `VoucherPayload`, `AtomicAmount`, `HumanAmount`, `TabNetworkId` |
-| `@dexterai/vault/constants` | `DEXTER_VAULT_PROGRAM_ID`, `SWIG_PROGRAM_ID`, `USDC_MAINNET`/`USDC_DEVNET`, all 12 `DISCRIMINATORS`, `OTS_SESSION_REGISTER_V1_DOMAIN`, `OTS_SESSION_REVOKE_V1_DOMAIN` |
+| `@dexterai/vault/constants` | `DEXTER_VAULT_PROGRAM_ID`, `SWIG_PROGRAM_ID`, `USDC_MAINNET`/`USDC_DEVNET`, all 21 `DISCRIMINATORS`, `LOCKED_CLAIM_SEED`, `OTS_SESSION_REGISTER_V1_DOMAIN`, `OTS_SESSION_REGISTER_V2_DOMAIN`, `OTS_SESSION_REVOKE_V1_DOMAIN` |
 | `@dexterai/vault/instructions` | Every builder: `buildInitializeVaultInstruction`, `buildSetSwigInstruction`, `buildRegisterSessionKeyInstruction`, `buildRevokeSessionKeyInstruction`, `buildSettleVoucherInstruction`, `buildSettleTabVoucherInstruction`, `buildRequestWithdrawalInstruction`, `buildFinalizeWithdrawalInstruction`, `buildForceReleaseInstruction`, `buildRotatePasskeyInstruction`, `buildRotateDexterAuthorityInstruction`, `buildProvePasskeyInstruction`, and the canonical `buildSwigCreationBundle` + `expectedSwigAddressFor` + `verifySwigIsOurs` |
-| `@dexterai/vault/messages` | `sessionRegisterMessage` (180 bytes), `sessionRevokeMessage` (128 bytes), `voucherPayloadMessage` / `buildVoucherMessage` (44 bytes), `buildSetSwigOperationMessage` |
+| `@dexterai/vault/messages` | `sessionRegisterMessage` (188 bytes, V2), `sessionRevokeMessage` (128 bytes), `voucherPayloadMessage` / `buildVoucherMessage` (44 bytes), `buildSetSwigOperationMessage` |
 | `@dexterai/vault/reader` | `readVaultOnchain` (slim), `readVaultFull` (with active session) |
 | `@dexterai/vault/precompile` | `buildSecp256r1VerifyInstruction`, `buildPrecompileMessage`, `buildEd25519VerifyInstruction` |
 | `@dexterai/vault/counterfactual` | `deriveCounterfactualAddresses` |
 | `@dexterai/vault/signers` | `Ed25519Signer`, `PasskeySigner` interfaces |
 | `@dexterai/vault/signers/node` | `NodeEd25519Signer` (tweetnacl-backed) |
+| `@dexterai/vault/signers/browser` | `WebAuthnAssertion` (pure-browser P-256 passkey ceremony, shipped 0.2.0), `derSignatureToCompactLowS` |
+| `@dexterai/vault/tab` | Product layer: `openTab`, `settleTab`, `readTabMeter`, `drawCredit`, `repayCredit`, `seizeCollateral`, `defaultAssembleSignV2` |
+| `@dexterai/vault/factoring` | `computeFactoringSplit`, `buildInstantPayoutInstructions` (settle a LockedClaim and split the payout) |
+| `@dexterai/vault/kit` | `kitInstructionsToWeb3`, `getRpc` (Swig-kit↔web3 bridge) |
 
 ---
 
@@ -156,7 +202,7 @@ Each subpath is a tree-shakeable entry point. Pull only what you need.
 
 Three places used to hand-roll the same protocol: `dexter-api/src/vault/`, `dexter-facilitator/src/vault/`, and `dexter-vault/tests/`. One of them added role 3 (`ProgramExec` for `settle_tab_voucher`); two didn't. The end-to-end Tab settle smoke kept failing with `Role not found for ID: 3` and it ate hours of debugging on 2026-06-02 before anyone noticed the drift.
 
-This package is the structural fix. The canonical 4-role Swig provisioner, every instruction builder, every byte-precise message encoder, the vault account decoder, the precompile helpers — they live in exactly one file each. Consumers (`dexter-api`, `dexter-facilitator`, `dexter-vault` tests, `@dexterai/x402/tab`) import from here. The drift bug class is gone.
+This package is the structural fix. The canonical 4-role Swig provisioner, every instruction builder, every byte-precise message encoder, the vault account decoder, and the precompile helpers each live in exactly one file. Consumers (`dexter-api`, `dexter-facilitator`, `dexter-vault` tests, `@dexterai/x402/tab`) import from here. The drift bug class is gone.
 
 ---
 
@@ -164,10 +210,10 @@ This package is the structural fix. The canonical 4-role Swig provisioner, every
 
 `tests/byte-parity.test.ts`, `tests/precompile.test.ts`, `tests/swigBundle.test.ts`, `tests/counterfactual.test.ts`, and `tests/reader.test.ts` together snapshot:
 
-- All **12 instruction discriminators** (10 vault + 2 session-key) as exact byte arrays.
-- All **3 message layouts** — 180-byte session registration, 128-byte revocation, 44-byte voucher payload — byte-by-byte.
-- Both **precompile builders** — secp256r1 (SIMD-0075) and Ed25519 — including the 14-byte offsets table.
-- The **vault account decoder** for every Anchor v2 layout combination (with/without pending withdrawal, with/without active session).
+- All **21 instruction discriminators**, derived from `sha256("global:<name>")` and checked against the pinned bytes, covering the vault core, the session-key pair, the LockedClaim set, and the credit set.
+- All **3 message layouts**, byte-by-byte: 188-byte V2 session registration, 128-byte revocation, 44-byte voucher payload.
+- Both **precompile builders**, secp256r1 (SIMD-0075) and Ed25519, including the 14-byte offsets table.
+- The **vault account decoder** for every V5 layout combination (with/without pending withdrawal, with/without active session).
 - The **`buildSwigCreationBundle` structural lock**: ≥4 instructions, idempotent for the same `(identitySeed, hmacKey)`, distinct outputs for different inputs, the `settle_tab_voucher` Swig exec marker bytes match the on-chain discriminator.
 - The **counterfactual derivation** for a known seed.
 
@@ -184,7 +230,7 @@ npm test
 ```
                 ┌─────────────────────────────────┐
                 │  dexter-vault (Anchor program)  │  ← source of truth
-                │  12 discriminators, 3 layouts   │
+                │  V5: 21 discriminators, 3 layouts│
                 └────────────────┬────────────────┘
                                  │ defines bytes
                                  ▼
@@ -229,15 +275,15 @@ interface PasskeySigner {
 }
 ```
 
-`NodeEd25519Signer` ships at `@dexterai/vault/signers/node`. `BrowserPasskeySigner` is the v0.2 work — lifted from `dexter-fe`'s existing WebAuthn ceremony, it unlocks browser-buyer flows on dexter.cash and anywhere else a user pays through their passkey vault.
+`NodeEd25519Signer` ships at `@dexterai/vault/signers/node`. The browser passkey signer shipped in 0.2.0 as `WebAuthnAssertion` at `@dexterai/vault/signers/browser`: a pure-browser P-256 ceremony that runs `navigator.credentials.get()` and returns the three on-chain-ready buffers (64-byte compact lowS signature, raw `clientDataJSON`, raw `authenticatorData`), zero `fetch` calls. It implements the `PasskeySigner` interface; consumers compose it with their own server-policy adapter. This unlocks browser-buyer flows on dexter.cash and anywhere else a user pays through their passkey vault.
 
 ---
 
 ## Versioning
 
-`@dexterai/vault@0.1.x` is compatible with `dexter-vault` program version 2 (12 Anchor instructions; role 3 `ProgramExec` for `settle_tab_voucher` registered on every new Swig).
+The current SDK targets the `dexter-vault` V5 program (21 Anchor instructions; role 3 `ProgramExec` for `settle_tab_voucher` registered on every new Swig).
 
-Future program versions will bump the SDK major or document the delta in the CHANGELOG. The byte-parity tests are the structural lock — any layout change requires an explicit snapshot update.
+Future program versions will bump the SDK major or document the delta in the CHANGELOG. The byte-parity tests are the structural lock: any layout change requires an explicit snapshot update.
 
 ---
 

package/dist/constants/index.cjs

@@ -24,6 +24,7 @@ __export(constants_exports, {
   DISCRIMINATORS: () => DISCRIMINATORS,
   ED25519_PROGRAM_ID: () => ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID: () => INSTRUCTIONS_SYSVAR_ID,
+  LOCKED_CLAIM_SEED: () => LOCKED_CLAIM_SEED,
   OTS_SESSION_REGISTER_V1_DOMAIN: () => OTS_SESSION_REGISTER_V1_DOMAIN,
   OTS_SESSION_REGISTER_V2_DOMAIN: () => OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN: () => OTS_SESSION_REVOKE_V1_DOMAIN,
@@ -53,6 +54,7 @@ var INSTRUCTIONS_SYSVAR_ID = new import_web3.PublicKey(
 var USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
 var USDC_DEVNET = "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU";
 var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
 var DISCRIMINATORS = Object.freeze({
   initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
   set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
@@ -65,7 +67,16 @@ var DISCRIMINATORS = Object.freeze({
   prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
   settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
   register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
-  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
 });
 var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
@@ -88,6 +99,7 @@ var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   DISCRIMINATORS,
   ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID,
+  LOCKED_CLAIM_SEED,
   OTS_SESSION_REGISTER_V1_DOMAIN,
   OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN,

package/dist/constants/index.d.cts

@@ -14,6 +14,7 @@ declare const INSTRUCTIONS_SYSVAR_ID: PublicKey;
 declare const USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
 declare const USDC_DEVNET = "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU";
 declare const VAULT_SEED_PREFIX: Buffer<ArrayBuffer>;
+declare const LOCKED_CLAIM_SEED: Buffer<ArrayBuffer>;
 declare const DISCRIMINATORS: Readonly<{
     initialize_vault: Uint8Array<ArrayBuffer>;
     set_swig: Uint8Array<ArrayBuffer>;
@@ -27,9 +28,18 @@ declare const DISCRIMINATORS: Readonly<{
     settle_tab_voucher: Uint8Array<ArrayBuffer>;
     register_session_key: Uint8Array<ArrayBuffer>;
     revoke_session_key: Uint8Array<ArrayBuffer>;
+    lock_voucher: Uint8Array<ArrayBuffer>;
+    settle_locked_voucher: Uint8Array<ArrayBuffer>;
+    transfer_lock_ownership: Uint8Array<ArrayBuffer>;
+    recover_abandoned_lock: Uint8Array<ArrayBuffer>;
+    open_standby: Uint8Array<ArrayBuffer>;
+    draw_credit: Uint8Array<ArrayBuffer>;
+    repay_credit: Uint8Array<ArrayBuffer>;
+    seize_collateral: Uint8Array<ArrayBuffer>;
+    migrate_v4_to_v5: Uint8Array<ArrayBuffer>;
 }>;
 declare const OTS_SESSION_REGISTER_V1_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REGISTER_V2_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REVOKE_V1_DOMAIN: Uint8Array;
 
-export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };
+export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, LOCKED_CLAIM_SEED, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };

package/dist/constants/index.d.ts

@@ -14,6 +14,7 @@ declare const INSTRUCTIONS_SYSVAR_ID: PublicKey;
 declare const USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
 declare const USDC_DEVNET = "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU";
 declare const VAULT_SEED_PREFIX: Buffer<ArrayBuffer>;
+declare const LOCKED_CLAIM_SEED: Buffer<ArrayBuffer>;
 declare const DISCRIMINATORS: Readonly<{
     initialize_vault: Uint8Array<ArrayBuffer>;
     set_swig: Uint8Array<ArrayBuffer>;
@@ -27,9 +28,18 @@ declare const DISCRIMINATORS: Readonly<{
     settle_tab_voucher: Uint8Array<ArrayBuffer>;
     register_session_key: Uint8Array<ArrayBuffer>;
     revoke_session_key: Uint8Array<ArrayBuffer>;
+    lock_voucher: Uint8Array<ArrayBuffer>;
+    settle_locked_voucher: Uint8Array<ArrayBuffer>;
+    transfer_lock_ownership: Uint8Array<ArrayBuffer>;
+    recover_abandoned_lock: Uint8Array<ArrayBuffer>;
+    open_standby: Uint8Array<ArrayBuffer>;
+    draw_credit: Uint8Array<ArrayBuffer>;
+    repay_credit: Uint8Array<ArrayBuffer>;
+    seize_collateral: Uint8Array<ArrayBuffer>;
+    migrate_v4_to_v5: Uint8Array<ArrayBuffer>;
 }>;
 declare const OTS_SESSION_REGISTER_V1_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REGISTER_V2_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REVOKE_V1_DOMAIN: Uint8Array;
 
-export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };
+export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, LOCKED_CLAIM_SEED, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };

package/dist/constants/index.js

@@ -18,6 +18,7 @@ var INSTRUCTIONS_SYSVAR_ID = new PublicKey(
 var USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
 var USDC_DEVNET = "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU";
 var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
 var DISCRIMINATORS = Object.freeze({
   initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
   set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
@@ -30,7 +31,16 @@ var DISCRIMINATORS = Object.freeze({
   prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
   settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
   register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
-  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
 });
 var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
@@ -52,6 +62,7 @@ export {
   DISCRIMINATORS,
   ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID,
+  LOCKED_CLAIM_SEED,
   OTS_SESSION_REGISTER_V1_DOMAIN,
   OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN,

package/dist/counterfactual.cjs

@@ -39,6 +39,7 @@ var import_lib2 = require("@swig-wallet/lib");
 var import_node_crypto = require("crypto");
 var import_kit = require("@swig-wallet/kit");
 var import_lib = require("@swig-wallet/lib");
+var import_kit2 = require("@solana/kit");
 var bs58Module = __toESM(require("bs58"), 1);
 var import_web32 = require("@solana/web3.js");
 
@@ -60,6 +61,7 @@ var INSTRUCTIONS_SYSVAR_ID = new import_web3.PublicKey(
   "Sysvar1nstructions1111111111111111111111111"
 );
 var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
 var DISCRIMINATORS = Object.freeze({
   initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
   set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
@@ -72,7 +74,16 @@ var DISCRIMINATORS = Object.freeze({
   prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
   settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
   register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
-  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
 });
 var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);

package/dist/counterfactual.js

@@ -15,6 +15,7 @@ import {
   createEd25519SessionAuthorityInfo,
   getCreateSwigWithMultipleAuthoritiesInstructionContextBuilder
 } from "@swig-wallet/lib";
+import { address, createSolanaRpc } from "@solana/kit";
 import * as bs58Module from "bs58";
 import { PublicKey as PublicKey2 } from "@solana/web3.js";
 
@@ -36,6 +37,7 @@ var INSTRUCTIONS_SYSVAR_ID = new PublicKey(
   "Sysvar1nstructions1111111111111111111111111"
 );
 var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
 var DISCRIMINATORS = Object.freeze({
   initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
   set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
@@ -48,7 +50,16 @@ var DISCRIMINATORS = Object.freeze({
   prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
   settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
   register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
-  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
 });
 var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);

package/dist/factoring/index.cjs

@@ -0,0 +1,246 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/factoring/index.ts
+var factoring_exports = {};
+__export(factoring_exports, {
+  buildInstantPayoutInstructions: () => buildInstantPayoutInstructions,
+  computeFactoringSplit: () => computeFactoringSplit,
+  getRpc: () => getRpc,
+  kitInstructionsToWeb3: () => kitInstructionsToWeb3
+});
+module.exports = __toCommonJS(factoring_exports);
+
+// src/factoring/split.ts
+function computeFactoringSplit(p) {
+  if (p.claimAmount <= 0n) {
+    throw new Error(`factoring: claim amount must be positive, got ${p.claimAmount}`);
+  }
+  if (p.financierSpread < 0n) {
+    throw new Error(`factoring: spread must not be negative, got ${p.financierSpread}`);
+  }
+  if (p.financierSpread > p.claimAmount) {
+    throw new Error(`factoring: spread exceeds claim (${p.financierSpread} > ${p.claimAmount})`);
+  }
+  return {
+    sellerReceives: p.claimAmount - p.financierSpread,
+    financierSpread: p.financierSpread
+  };
+}
+
+// src/factoring/instantPayout.ts
+var import_web35 = require("@solana/web3.js");
+var import_kit3 = require("@swig-wallet/kit");
+var import_kit4 = require("@solana/kit");
+var import_token = require("@solana-program/token");
+var import_spl_token = require("@solana/spl-token");
+
+// src/instructions/lockedClaim.ts
+var import_web33 = require("@solana/web3.js");
+
+// src/constants/index.ts
+var import_web3 = require("@solana/web3.js");
+var DEXTER_VAULT_PROGRAM_ID = new import_web3.PublicKey(
+  "Hg3wRaydFtJhYrdvYrKECacpJYDsC9Px7yKmpncj2fhc"
+);
+var SWIG_PROGRAM_ID = new import_web3.PublicKey(
+  "swigypWHEksbC64pWKwah1WTeh9JXwx8H1rJHLdbQMB"
+);
+var SECP256R1_PROGRAM_ID = new import_web3.PublicKey(
+  "Secp256r1SigVerify1111111111111111111111111"
+);
+var ED25519_PROGRAM_ID = new import_web3.PublicKey(
+  "Ed25519SigVerify111111111111111111111111111"
+);
+var INSTRUCTIONS_SYSVAR_ID = new import_web3.PublicKey(
+  "Sysvar1nstructions1111111111111111111111111"
+);
+var USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
+var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
+var DISCRIMINATORS = Object.freeze({
+  initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
+  set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
+  settle_voucher: Uint8Array.from([144, 176, 128, 220, 156, 79, 41, 54]),
+  request_withdrawal: Uint8Array.from([251, 85, 121, 205, 56, 201, 12, 177]),
+  finalize_withdrawal: Uint8Array.from([178, 87, 206, 68, 201, 186, 164, 232]),
+  force_release: Uint8Array.from([122, 190, 243, 252, 54, 202, 208, 234]),
+  rotate_passkey: Uint8Array.from([28, 134, 49, 89, 196, 34, 58, 174]),
+  rotate_dexter_authority: Uint8Array.from([145, 60, 4, 119, 180, 205, 236, 134]),
+  prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
+  settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
+  register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
+});
+var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
+  return buf;
+})();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
+var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
+  return buf;
+})();
+
+// src/instructions/withdraw.ts
+var import_web32 = require("@solana/web3.js");
+function deriveSwigWalletAddress(swigAddress) {
+  const [pda] = import_web32.PublicKey.findProgramAddressSync(
+    [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
+    SWIG_PROGRAM_ID
+  );
+  return pda;
+}
+
+// src/instructions/lockedClaim.ts
+function buildSettleLockedVoucherInstruction(p) {
+  const data = Buffer.from(DISCRIMINATORS.settle_locked_voucher);
+  const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
+  return new import_web33.TransactionInstruction({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.swigAddress, isSigner: false, isWritable: false },
+      { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
+      { pubkey: p.claimPda, isSigner: false, isWritable: true },
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.holder, isSigner: true, isWritable: false },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false }
+    ],
+    data
+  });
+}
+
+// src/kit/index.ts
+var import_web34 = require("@solana/web3.js");
+var import_kit = require("@solana/kit");
+function kitInstructionsToWeb3(kitInstructions) {
+  return kitInstructions.map((ix) => {
+    const accounts = (ix.accounts ?? []).map((acc) => {
+      const role = acc.role;
+      const hasBooleanShape = typeof acc.signer === "boolean" || typeof acc.writable === "boolean";
+      let isSigner = false;
+      let isWritable = false;
+      if (hasBooleanShape) {
+        isSigner = Boolean(acc.signer);
+        isWritable = Boolean(acc.writable);
+      } else if (typeof role === "number") {
+        isSigner = role >= 2;
+        isWritable = role % 2 === 1;
+      } else if (typeof role === "string") {
+        const r = role.toLowerCase();
+        isSigner = r.endsWith("signer");
+        isWritable = r.startsWith("writable");
+      }
+      const addressSource = acc.address ?? acc.publicKey;
+      const pubkey = addressSource instanceof import_web34.PublicKey ? addressSource : typeof addressSource === "string" ? new import_web34.PublicKey(addressSource) : new import_web34.PublicKey(String(addressSource));
+      return { pubkey, isSigner, isWritable };
+    });
+    return new import_web34.TransactionInstruction({
+      programId: new import_web34.PublicKey(ix.programAddress ?? ix.programId),
+      keys: accounts,
+      data: Buffer.from(ix.data ?? [])
+    });
+  });
+}
+function getRpc(connection) {
+  const endpoint = connection._rpcEndpoint ?? connection.rpcEndpoint;
+  if (!endpoint) throw new Error("kit: cannot extract RPC endpoint from connection");
+  return (0, import_kit.createSolanaRpc)(endpoint);
+}
+
+// src/factoring/instantPayout.ts
+var VAULT_PROGRAM_EXEC_ROLE_ID = 1;
+var USDC_DECIMALS = 6;
+async function buildInstantPayoutInstructions(p) {
+  const split = computeFactoringSplit({
+    claimAmount: p.claimAmount,
+    financierSpread: p.financierSpread
+  });
+  const settleIx = buildSettleLockedVoucherInstruction({
+    swigAddress: p.swigAddress,
+    claimPda: p.claimPda,
+    vaultPda: p.vaultPda,
+    holder: p.financier,
+    dexterAuthority: p.dexterAuthority
+  });
+  const transfers = [
+    { destinationAta: p.sellerAta, amount: split.sellerReceives }
+  ];
+  if (split.financierSpread > 0n) {
+    transfers.push({ destinationAta: p.financierAta, amount: split.financierSpread });
+  }
+  const assemble = p.assembleSignV2 ?? defaultAssembleSignV2;
+  const signV2Ixs = await assemble({
+    connection: p.connection,
+    swigAddress: p.swigAddress,
+    feePayer: p.feePayer,
+    settleIx,
+    transfers
+  });
+  return [settleIx, ...signV2Ixs];
+}
+var defaultAssembleSignV2 = async (a) => {
+  const rpc = getRpc(a.connection);
+  const swig = await (0, import_kit3.fetchSwig)(rpc, (0, import_kit4.address)(a.swigAddress.toBase58()));
+  if (!swig) throw new Error(`factoring: swig not found on-chain: ${a.swigAddress.toBase58()}`);
+  const swigWalletKitAddr = await (0, import_kit3.getSwigWalletAddress)(swig);
+  const swigWalletPda = new import_web35.PublicKey(String(swigWalletKitAddr));
+  const usdcMint = new import_web35.PublicKey(USDC_MAINNET);
+  const sourceAta = (0, import_spl_token.getAssociatedTokenAddressSync)(usdcMint, swigWalletPda, true);
+  const transferIxs = a.transfers.map(
+    (t) => (0, import_token.getTransferCheckedInstruction)({
+      source: (0, import_kit4.address)(sourceAta.toBase58()),
+      mint: (0, import_kit4.address)(usdcMint.toBase58()),
+      destination: (0, import_kit4.address)(t.destinationAta.toBase58()),
+      authority: swigWalletKitAddr,
+      amount: t.amount,
+      decimals: USDC_DECIMALS
+    })
+  );
+  const signIx = await (0, import_kit3.getSignInstructions)(
+    swig,
+    VAULT_PROGRAM_EXEC_ROLE_ID,
+    transferIxs,
+    false,
+    { payer: (0, import_kit4.address)(a.feePayer.toBase58()), preInstructions: [a.settleIx] }
+  );
+  return kitInstructionsToWeb3(signIx);
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  buildInstantPayoutInstructions,
+  computeFactoringSplit,
+  getRpc,
+  kitInstructionsToWeb3
+});