@dexterai/vault 0.4.2 → 0.6.0

package/dist/tab/index.js

@@ -0,0 +1,631 @@
+// src/instructions/initialize.ts
+import {
+  TransactionInstruction,
+  SystemProgram
+} from "@solana/web3.js";
+
+// src/constants/index.ts
+import { PublicKey } from "@solana/web3.js";
+var DEXTER_VAULT_PROGRAM_ID = new PublicKey(
+  "Hg3wRaydFtJhYrdvYrKECacpJYDsC9Px7yKmpncj2fhc"
+);
+var SWIG_PROGRAM_ID = new PublicKey(
+  "swigypWHEksbC64pWKwah1WTeh9JXwx8H1rJHLdbQMB"
+);
+var SECP256R1_PROGRAM_ID = new PublicKey(
+  "Secp256r1SigVerify1111111111111111111111111"
+);
+var ED25519_PROGRAM_ID = new PublicKey(
+  "Ed25519SigVerify111111111111111111111111111"
+);
+var INSTRUCTIONS_SYSVAR_ID = new PublicKey(
+  "Sysvar1nstructions1111111111111111111111111"
+);
+var USDC_MAINNET = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
+var VAULT_SEED_PREFIX = Buffer.from("vault");
+var LOCKED_CLAIM_SEED = Buffer.from("locked-claim");
+var DISCRIMINATORS = Object.freeze({
+  initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
+  set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
+  settle_voucher: Uint8Array.from([144, 176, 128, 220, 156, 79, 41, 54]),
+  request_withdrawal: Uint8Array.from([251, 85, 121, 205, 56, 201, 12, 177]),
+  finalize_withdrawal: Uint8Array.from([178, 87, 206, 68, 201, 186, 164, 232]),
+  force_release: Uint8Array.from([122, 190, 243, 252, 54, 202, 208, 234]),
+  rotate_passkey: Uint8Array.from([28, 134, 49, 89, 196, 34, 58, 174]),
+  rotate_dexter_authority: Uint8Array.from([145, 60, 4, 119, 180, 205, 236, 134]),
+  prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
+  settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
+  register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151]),
+  lock_voucher: Uint8Array.from([91, 138, 5, 227, 119, 239, 48, 254]),
+  settle_locked_voucher: Uint8Array.from([44, 80, 216, 43, 247, 253, 101, 45]),
+  transfer_lock_ownership: Uint8Array.from([193, 13, 131, 134, 95, 25, 229, 157]),
+  recover_abandoned_lock: Uint8Array.from([169, 213, 107, 64, 229, 49, 43, 234]),
+  open_standby: Uint8Array.from([234, 184, 232, 135, 246, 191, 90, 250]),
+  draw_credit: Uint8Array.from([20, 84, 47, 211, 78, 117, 195, 210]),
+  repay_credit: Uint8Array.from([38, 113, 240, 182, 109, 179, 154, 245]),
+  seize_collateral: Uint8Array.from([40, 250, 7, 243, 168, 184, 116, 154]),
+  migrate_v4_to_v5: Uint8Array.from([226, 105, 140, 184, 101, 39, 235, 116])
+});
+var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
+  return buf;
+})();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
+var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
+  return buf;
+})();
+
+// src/instructions/setSwig.ts
+import {
+  TransactionInstruction as TransactionInstruction2,
+  SYSVAR_INSTRUCTIONS_PUBKEY
+} from "@solana/web3.js";
+
+// src/instructions/setSwigAtomic.ts
+import {
+  PublicKey as PublicKey5,
+  TransactionInstruction as TransactionInstruction3,
+  SystemProgram as SystemProgram2,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY2
+} from "@solana/web3.js";
+
+// src/instructions/swigBundle.ts
+import { createHmac } from "crypto";
+import {
+  getInstructionsFromContext,
+  findSwigPda,
+  fetchNullableSwig
+} from "@swig-wallet/kit";
+import {
+  Actions,
+  createProgramExecAuthorityInfo,
+  createEd25519AuthorityInfo,
+  createEd25519SessionAuthorityInfo,
+  getCreateSwigWithMultipleAuthoritiesInstructionContextBuilder
+} from "@swig-wallet/lib";
+import { address, createSolanaRpc } from "@solana/kit";
+import * as bs58Module from "bs58";
+import { PublicKey as PublicKey4 } from "@solana/web3.js";
+var DEFAULT_SESSION_TTL_SECONDS = BigInt(30 * 24 * 60 * 60);
+var DEFAULT_SPEND_LIMIT_ATOMIC = BigInt(1e9);
+var SWIG_PROGRAM_EXEC_PREFIX = new Uint8Array([
+  178,
+  87,
+  206,
+  68,
+  201,
+  186,
+  164,
+  232
+]);
+var SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB = new Uint8Array([
+  173,
+  22,
+  98,
+  31,
+  110,
+  129,
+  59,
+  161
+]);
+
+// src/instructions/setSwigAtomic.ts
+var SET_SWIG_ATOMIC_DISCRIMINATOR = new Uint8Array([
+  119,
+  111,
+  247,
+  215,
+  190,
+  3,
+  170,
+  23
+]);
+
+// src/instructions/registerSession.ts
+import { TransactionInstruction as TransactionInstruction5 } from "@solana/web3.js";
+
+// src/instructions/withdraw.ts
+import {
+  PublicKey as PublicKey6,
+  TransactionInstruction as TransactionInstruction4,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY3
+} from "@solana/web3.js";
+function deriveSwigWalletAddress(swigAddress) {
+  const [pda] = PublicKey6.findProgramAddressSync(
+    [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
+    SWIG_PROGRAM_ID
+  );
+  return pda;
+}
+
+// src/instructions/revokeSession.ts
+import { TransactionInstruction as TransactionInstruction6 } from "@solana/web3.js";
+
+// src/instructions/settleVoucher.ts
+import { TransactionInstruction as TransactionInstruction7 } from "@solana/web3.js";
+function encodeU64(value) {
+  const out = Buffer.alloc(8);
+  out.writeBigUInt64LE(value, 0);
+  return out;
+}
+function encodeBool(value) {
+  return Buffer.from([value ? 1 : 0]);
+}
+function buildSettleVoucherInstruction(p) {
+  const argsBuf = Buffer.concat([encodeU64(p.amount), encodeBool(p.increment)]);
+  const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_voucher), argsBuf]);
+  return new TransactionInstruction7({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false }
+    ],
+    data
+  });
+}
+
+// src/instructions/settleTabVoucher.ts
+import {
+  TransactionInstruction as TransactionInstruction8,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY4
+} from "@solana/web3.js";
+function encodeFixedBytes(buf, len) {
+  if (buf.length !== len) {
+    throw new Error(`expected ${len} bytes, got ${buf.length}`);
+  }
+  return Buffer.from(buf);
+}
+function encodeU642(value) {
+  const out = Buffer.alloc(8);
+  out.writeBigUInt64LE(value, 0);
+  return out;
+}
+function encodeU32(value) {
+  const out = Buffer.alloc(4);
+  out.writeUInt32LE(value >>> 0, 0);
+  return out;
+}
+function buildSettleTabVoucherInstruction(p) {
+  if (p.channelId.length !== 32) {
+    throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
+  }
+  const argsBuf = Buffer.concat([
+    encodeFixedBytes(p.channelId, 32),
+    encodeU642(p.cumulativeAmount),
+    encodeU32(p.sequenceNumber)
+  ]);
+  const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_tab_voucher), argsBuf]);
+  const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
+  return new TransactionInstruction8({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.swigAddress, isSigner: false, isWritable: false },
+      { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY4, isSigner: false, isWritable: false }
+    ],
+    data
+  });
+}
+
+// src/instructions/rotate.ts
+import {
+  TransactionInstruction as TransactionInstruction9,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY5
+} from "@solana/web3.js";
+
+// src/instructions/provePasskey.ts
+import {
+  TransactionInstruction as TransactionInstruction10,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY6
+} from "@solana/web3.js";
+
+// src/instructions/lockedClaim.ts
+import { PublicKey as PublicKey13, SystemProgram as SystemProgram3, TransactionInstruction as TransactionInstruction11 } from "@solana/web3.js";
+
+// src/instructions/credit.ts
+import { SystemProgram as SystemProgram4, TransactionInstruction as TransactionInstruction12 } from "@solana/web3.js";
+function encodeU643(value) {
+  const out = Buffer.alloc(8);
+  out.writeBigUInt64LE(value, 0);
+  return out;
+}
+function encodeI64(value) {
+  const out = Buffer.alloc(8);
+  out.writeBigInt64LE(value, 0);
+  return out;
+}
+function buildDrawCreditInstruction(p) {
+  const data = Buffer.concat([
+    Buffer.from(DISCRIMINATORS.draw_credit),
+    encodeU643(p.amount),
+    encodeI64(p.recoveryWindowSeconds)
+  ]);
+  const financierSwigWalletAddress = deriveSwigWalletAddress(p.financierSwig);
+  return new TransactionInstruction12({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.financierSwig, isSigner: false, isWritable: false },
+      { pubkey: financierSwigWalletAddress, isSigner: false, isWritable: false },
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
+      { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
+    ],
+    data
+  });
+}
+function buildRepayCreditInstruction(p) {
+  const data = Buffer.concat([
+    Buffer.from(DISCRIMINATORS.repay_credit),
+    encodeU643(p.amount)
+  ]);
+  const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
+  return new TransactionInstruction12({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.swigAddress, isSigner: false, isWritable: false },
+      { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
+      { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
+    ],
+    data
+  });
+}
+function buildSeizeCollateralInstruction(p) {
+  const data = Buffer.from(DISCRIMINATORS.seize_collateral);
+  const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
+  return new TransactionInstruction12({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: p.swigAddress, isSigner: false, isWritable: false },
+      { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
+      { pubkey: p.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
+      { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
+    ],
+    data
+  });
+}
+
+// src/tab/openTab.ts
+async function openTab(p) {
+  const ix = buildSettleVoucherInstruction({
+    vaultPda: p.vaultPda,
+    amount: p.amount,
+    increment: true,
+    dexterAuthority: p.dexterAuthority
+  });
+  return [ix];
+}
+
+// src/messages/voucher.ts
+function voucherPayloadMessage(p) {
+  if (p.channelId.length !== 32) {
+    throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
+  }
+  const buf = new Uint8Array(44);
+  const view = new DataView(buf.buffer);
+  buf.set(p.channelId, 0);
+  view.setBigUint64(32, p.cumulativeAmount, true);
+  view.setUint32(40, p.sequenceNumber >>> 0, true);
+  return buf;
+}
+
+// src/messages/operations.ts
+import { PublicKey as PublicKey15 } from "@solana/web3.js";
+
+// src/precompile/secp256r1.ts
+import { TransactionInstruction as TransactionInstruction13 } from "@solana/web3.js";
+
+// src/precompile/ed25519.ts
+import { TransactionInstruction as TransactionInstruction14 } from "@solana/web3.js";
+function buildEd25519VerifyInstruction(pubkey, signature, message) {
+  if (pubkey.length !== 32) throw new Error("pubkey must be 32 bytes");
+  if (signature.length !== 64) throw new Error("signature must be 64 bytes");
+  const NUM_SIG = 1;
+  const PADDING = 0;
+  const HEADER_LEN = 2;
+  const OFFSETS_LEN = 14;
+  const DATA_START = HEADER_LEN + OFFSETS_LEN;
+  const data = Buffer.alloc(DATA_START + pubkey.length + signature.length + message.length);
+  let off = 0;
+  data.writeUInt8(NUM_SIG, off);
+  off += 1;
+  data.writeUInt8(PADDING, off);
+  off += 1;
+  const pubkeyOffset = DATA_START;
+  const signatureOffset = pubkeyOffset + pubkey.length;
+  const messageOffset = signatureOffset + signature.length;
+  data.writeUInt16LE(signatureOffset, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  data.writeUInt16LE(pubkeyOffset, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  data.writeUInt16LE(messageOffset, off);
+  off += 2;
+  data.writeUInt16LE(message.length, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  Buffer.from(pubkey).copy(data, pubkeyOffset);
+  Buffer.from(signature).copy(data, signatureOffset);
+  Buffer.from(message).copy(data, messageOffset);
+  return new TransactionInstruction14({
+    programId: ED25519_PROGRAM_ID,
+    keys: [],
+    data
+  });
+}
+
+// src/reader/accountReader.ts
+import { PublicKey as PublicKey16 } from "@solana/web3.js";
+var VERSION_OFFSET = 8;
+var SWIG_ADDRESS_OFFSET = 43;
+var PENDING_VOUCHER_COUNT_OFFSET = 79;
+var PENDING_WITHDRAWAL_TAG_OFFSET = 83;
+var PENDING_WITHDRAWAL_BODY_LEN = 48;
+var PENDING_WITHDRAWAL_BODY_START = PENDING_WITHDRAWAL_TAG_OFFSET + 1;
+var IDENTITY_CLAIM_LEN = 32;
+var PUBKEY_LEN = 32;
+var ACTIVE_SESSION_BODY_LEN = 92;
+var EMPTY_FULL = {
+  exists: false,
+  version: 0,
+  swigAddress: null,
+  dexterAuthority: null,
+  pendingVoucherCount: 0,
+  activeSession: null
+};
+async function readVaultFull(conn, vaultPda) {
+  const account = await conn.getAccountInfo(vaultPda, "confirmed");
+  if (!account) return EMPTY_FULL;
+  const data = account.data;
+  if (data.length < SWIG_ADDRESS_OFFSET + PUBKEY_LEN) return EMPTY_FULL;
+  const version = data.readUInt8(VERSION_OFFSET);
+  const swigAddress = new PublicKey16(
+    data.subarray(SWIG_ADDRESS_OFFSET, SWIG_ADDRESS_OFFSET + PUBKEY_LEN)
+  ).toBase58();
+  const pendingVoucherCount = data.readUInt32LE(PENDING_VOUCHER_COUNT_OFFSET);
+  const withdrawalTag = data[PENDING_WITHDRAWAL_TAG_OFFSET];
+  const afterWithdrawal = PENDING_WITHDRAWAL_BODY_START + (withdrawalTag === 1 ? PENDING_WITHDRAWAL_BODY_LEN : 0);
+  const dexterAuthorityOffset = afterWithdrawal + IDENTITY_CLAIM_LEN;
+  if (data.length < dexterAuthorityOffset + PUBKEY_LEN) {
+    return { ...EMPTY_FULL, exists: true, version, swigAddress, pendingVoucherCount };
+  }
+  const dexterAuthority = new PublicKey16(
+    data.subarray(dexterAuthorityOffset, dexterAuthorityOffset + PUBKEY_LEN)
+  ).toBase58();
+  const activeSessionTagOffset = dexterAuthorityOffset + PUBKEY_LEN;
+  let activeSession = null;
+  if (data.length > activeSessionTagOffset && data[activeSessionTagOffset] === 1) {
+    const bodyStart = activeSessionTagOffset + 1;
+    if (data.length >= bodyStart + ACTIVE_SESSION_BODY_LEN) {
+      activeSession = {
+        sessionPubkey: new Uint8Array(data.subarray(bodyStart, bodyStart + 32)),
+        maxAmount: data.readBigUInt64LE(bodyStart + 32),
+        expiresAt: Number(data.readBigInt64LE(bodyStart + 40)),
+        allowedCounterparty: new PublicKey16(
+          data.subarray(bodyStart + 48, bodyStart + 80)
+        ).toBase58(),
+        nonce: data.readUInt32LE(bodyStart + 80),
+        spent: data.readBigUInt64LE(bodyStart + 84)
+      };
+    }
+  }
+  return {
+    exists: true,
+    version,
+    swigAddress,
+    dexterAuthority,
+    pendingVoucherCount,
+    activeSession
+  };
+}
+
+// src/tab/assembleSignV2.ts
+import { PublicKey as PublicKey18 } from "@solana/web3.js";
+import { fetchSwig, getSignInstructions, getSwigWalletAddress } from "@swig-wallet/kit";
+import { address as kitAddress } from "@solana/kit";
+import { getTransferCheckedInstruction } from "@solana-program/token";
+import { getAssociatedTokenAddressSync } from "@solana/spl-token";
+
+// src/kit/index.ts
+import { PublicKey as PublicKey17, TransactionInstruction as TransactionInstruction15 } from "@solana/web3.js";
+import { createSolanaRpc as createSolanaRpc2 } from "@solana/kit";
+function kitInstructionsToWeb3(kitInstructions) {
+  return kitInstructions.map((ix) => {
+    const accounts = (ix.accounts ?? []).map((acc) => {
+      const role = acc.role;
+      const hasBooleanShape = typeof acc.signer === "boolean" || typeof acc.writable === "boolean";
+      let isSigner = false;
+      let isWritable = false;
+      if (hasBooleanShape) {
+        isSigner = Boolean(acc.signer);
+        isWritable = Boolean(acc.writable);
+      } else if (typeof role === "number") {
+        isSigner = role >= 2;
+        isWritable = role % 2 === 1;
+      } else if (typeof role === "string") {
+        const r = role.toLowerCase();
+        isSigner = r.endsWith("signer");
+        isWritable = r.startsWith("writable");
+      }
+      const addressSource = acc.address ?? acc.publicKey;
+      const pubkey = addressSource instanceof PublicKey17 ? addressSource : typeof addressSource === "string" ? new PublicKey17(addressSource) : new PublicKey17(String(addressSource));
+      return { pubkey, isSigner, isWritable };
+    });
+    return new TransactionInstruction15({
+      programId: new PublicKey17(ix.programAddress ?? ix.programId),
+      keys: accounts,
+      data: Buffer.from(ix.data ?? [])
+    });
+  });
+}
+function getRpc(connection) {
+  const endpoint = connection._rpcEndpoint ?? connection.rpcEndpoint;
+  if (!endpoint) throw new Error("kit: cannot extract RPC endpoint from connection");
+  return createSolanaRpc2(endpoint);
+}
+
+// src/tab/assembleSignV2.ts
+var VAULT_PROGRAM_EXEC_ROLE_ID = 1;
+var USDC_DECIMALS = 6;
+var defaultAssembleSignV2 = async (a) => {
+  const rpc = getRpc(a.connection);
+  const swig = await fetchSwig(rpc, kitAddress(a.swigAddress.toBase58()));
+  if (!swig) throw new Error(`tab: swig not found on-chain: ${a.swigAddress.toBase58()}`);
+  const swigWalletKitAddr = await getSwigWalletAddress(swig);
+  const swigWalletPda = new PublicKey18(String(swigWalletKitAddr));
+  const usdcMint = new PublicKey18(USDC_MAINNET);
+  const sourceAta = getAssociatedTokenAddressSync(usdcMint, swigWalletPda, true);
+  const transferIxs = a.transfers.map(
+    (t) => getTransferCheckedInstruction({
+      source: kitAddress(sourceAta.toBase58()),
+      mint: kitAddress(usdcMint.toBase58()),
+      destination: kitAddress(t.destinationAta.toBase58()),
+      authority: swigWalletKitAddr,
+      amount: t.amount,
+      decimals: USDC_DECIMALS
+    })
+  );
+  const signIx = await getSignInstructions(
+    swig,
+    VAULT_PROGRAM_EXEC_ROLE_ID,
+    transferIxs,
+    false,
+    { payer: kitAddress(a.feePayer.toBase58()), preInstructions: [a.vaultIx] }
+  );
+  return kitInstructionsToWeb3(signIx);
+};
+
+// src/tab/settleTab.ts
+var defaultReadPriorSpent = async (connection, vaultPda) => {
+  const vault = await readVaultFull(connection, vaultPda);
+  const session = vault.activeSession;
+  if (!session) throw new Error("settleTab: no active session on vault");
+  return session.spent;
+};
+async function settleTab(p) {
+  const readPrior = p.readPriorSpent ?? defaultReadPriorSpent;
+  const priorSpent = await readPrior(p.connection, p.vaultPda);
+  if (p.cumulativeAmount <= priorSpent) {
+    throw new Error(
+      `settleTab: non-monotonic cumulative \u2014 ${p.cumulativeAmount} <= prior spent ${priorSpent}`
+    );
+  }
+  const delta = p.cumulativeAmount - priorSpent;
+  const message = voucherPayloadMessage({
+    channelId: p.channelId,
+    cumulativeAmount: p.cumulativeAmount,
+    sequenceNumber: p.sequenceNumber
+  });
+  const signature = await p.sessionSigner.sign(message);
+  const precompileIx = buildEd25519VerifyInstruction(
+    p.sessionSigner.publicKey,
+    signature,
+    message
+  );
+  const vaultIx = buildSettleTabVoucherInstruction({
+    vaultPda: p.vaultPda,
+    swigAddress: p.swigAddress,
+    dexterAuthority: p.dexterAuthority,
+    channelId: p.channelId,
+    cumulativeAmount: p.cumulativeAmount,
+    sequenceNumber: p.sequenceNumber
+  });
+  const assemble = p.assembleSignV2 ?? defaultAssembleSignV2;
+  const signV2Ixs = await assemble({
+    connection: p.connection,
+    swigAddress: p.swigAddress,
+    feePayer: p.feePayer,
+    vaultIx,
+    transfers: [{ destinationAta: p.sellerAta, amount: delta }]
+  });
+  return [precompileIx, vaultIx, ...signV2Ixs];
+}
+
+// src/tab/readTabMeter.ts
+async function readTabMeter(connection, vaultPda, read = readVaultFull) {
+  const vault = await read(connection, vaultPda);
+  const session = vault.activeSession;
+  if (!session) throw new Error("readTabMeter: no active session on vault");
+  const { spent, maxAmount } = session;
+  const raw = maxAmount - spent;
+  const remaining = raw > 0n ? raw : 0n;
+  return { spent, maxAmount, remaining };
+}
+
+// src/tab/credit.ts
+async function drawCredit(p) {
+  const vaultIx = buildDrawCreditInstruction({
+    financierSwig: p.financierSwig,
+    vaultPda: p.userVaultPda,
+    dexterAuthority: p.dexterAuthority,
+    amount: p.amount,
+    recoveryWindowSeconds: p.recoveryWindowSeconds
+  });
+  const assemble = p.assembleSignV2 ?? defaultAssembleSignV2;
+  const signV2Ixs = await assemble({
+    connection: p.connection,
+    swigAddress: p.financierSwig,
+    feePayer: p.feePayer,
+    vaultIx,
+    transfers: [{ destinationAta: p.sellerAta, amount: p.amount }]
+  });
+  return [vaultIx, ...signV2Ixs];
+}
+async function repayCredit(p) {
+  const vaultIx = buildRepayCreditInstruction({
+    swigAddress: p.userSwig,
+    vaultPda: p.userVaultPda,
+    dexterAuthority: p.dexterAuthority,
+    amount: p.amount
+  });
+  const assemble = p.assembleSignV2 ?? defaultAssembleSignV2;
+  const signV2Ixs = await assemble({
+    connection: p.connection,
+    swigAddress: p.userSwig,
+    feePayer: p.feePayer,
+    vaultIx,
+    transfers: [{ destinationAta: p.financierAta, amount: p.amount }]
+  });
+  return [vaultIx, ...signV2Ixs];
+}
+async function seizeCollateral(p) {
+  const vaultIx = buildSeizeCollateralInstruction({
+    swigAddress: p.userSwig,
+    vaultPda: p.userVaultPda,
+    dexterAuthority: p.dexterAuthority
+  });
+  const assemble = p.assembleSignV2 ?? defaultAssembleSignV2;
+  const signV2Ixs = await assemble({
+    connection: p.connection,
+    swigAddress: p.userSwig,
+    feePayer: p.feePayer,
+    vaultIx,
+    transfers: [{ destinationAta: p.financierAta, amount: p.seizeAmount }]
+  });
+  return [vaultIx, ...signV2Ixs];
+}
+export {
+  defaultAssembleSignV2,
+  drawCredit,
+  openTab,
+  readTabMeter,
+  repayCredit,
+  seizeCollateral,
+  settleTab
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dexterai/vault",
-  "version": "0.4.2",
+  "version": "0.6.0",
   "description": "Canonical off-chain mirror of the dexter-vault Solana Anchor program — Solana instruction builders, byte-precise message encoders, account decoders, secp256r1/Ed25519 precompile helpers, counterfactual Swig derivation, and signer interfaces. The single source of truth for any TypeScript code that produces bytes the on-chain program will verify.",
   "author": "Dexter",
   "license": "MIT",
@@ -26,11 +26,21 @@
       "import": "./dist/counterfactual.js",
       "require": "./dist/counterfactual.cjs"
     },
+    "./factoring": {
+      "types": "./dist/factoring/index.d.ts",
+      "import": "./dist/factoring/index.js",
+      "require": "./dist/factoring/index.cjs"
+    },
     "./instructions": {
       "types": "./dist/instructions/index.d.ts",
       "import": "./dist/instructions/index.js",
       "require": "./dist/instructions/index.cjs"
     },
+    "./kit": {
+      "types": "./dist/kit/index.d.ts",
+      "import": "./dist/kit/index.js",
+      "require": "./dist/kit/index.cjs"
+    },
     "./messages": {
       "types": "./dist/messages/index.d.ts",
       "import": "./dist/messages/index.js",
@@ -61,6 +71,16 @@
       "import": "./dist/signers/browser/index.js",
       "require": "./dist/signers/browser/index.cjs"
     },
+    "./tab": {
+      "types": "./dist/tab/index.d.ts",
+      "import": "./dist/tab/index.js",
+      "require": "./dist/tab/index.cjs"
+    },
+    "./connect": {
+      "types": "./dist/connect/index.d.ts",
+      "import": "./dist/connect/index.js",
+      "require": "./dist/connect/index.cjs"
+    },
     "./idl/dexter_vault.json": "./dist/idl/dexter_vault.json"
   },
   "files": [
@@ -83,6 +103,8 @@
   "dependencies": {
     "@noble/curves": "^1.9.7",
     "@noble/hashes": "^1.8.0",
+    "@solana-program/token": "^0.5.1",
+    "@solana/kit": "^2.3.0",
     "@solana/spl-token": "^0.4.9",
     "@solana/web3.js": "^1.98.0",
     "@swig-wallet/kit": "^1.9.0",