@dexterai/x402 1.4.0 → 1.5.0

package/README.md

@@ -40,7 +40,7 @@ This SDK handles the entire flow automatically—you just call `fetch()` and pay
 
 **Multi-chain.** Solana and Base (Ethereum L2) with the same API. Add wallets for both and the SDK picks the right one automatically.
 
-**Works out of the box.** Built-in RPC proxy, pre-flight balance checks, automatic retry on 402. Uses the [Dexter facilitator](https://x402.dexter.cash) by default—the only x402 facilitator with full Phantom wallet support on Solana mainnet.
+**Works out of the box.** Built-in RPC proxy, pre-flight balance checks, automatic retry on 402. Uses the [Dexter facilitator](https://x402.dexter.cash) by default—Solana's most feature-rich x402 facilitator.
 
 ---
 

package/dist/adapters/index.d.cts

@@ -1,7 +1,7 @@
-import { C as ChainAdapter } from '../types-CQGDK_7X.cjs';
-export { A as AdapterConfig, B as BalanceInfo, G as GenericWallet, S as SignedTransaction, W as WalletSet } from '../types-CQGDK_7X.cjs';
-export { A as ARBITRUM_ONE, B as BASE_MAINNET, h as BASE_SEPOLIA, j as ETHEREUM_MAINNET, E as EvmAdapter, k as EvmWallet, d as SOLANA_DEVNET, S as SOLANA_MAINNET, e as SOLANA_TESTNET, b as SolanaAdapter, f as SolanaWallet, a as createEvmAdapter, c as createSolanaAdapter, g as isEvmWallet, i as isSolanaWallet } from '../evm-BaoETN1Y.cjs';
-import '../types-B7T6dZ-y.cjs';
+import { C as ChainAdapter } from '../types--r7urkVI.cjs';
+export { A as AdapterConfig, B as BalanceInfo, G as GenericWallet, S as SignedTransaction, W as WalletSet } from '../types--r7urkVI.cjs';
+export { A as ARBITRUM_ONE, B as BASE_MAINNET, h as BASE_SEPOLIA, j as ETHEREUM_MAINNET, E as EvmAdapter, k as EvmWallet, d as SOLANA_DEVNET, S as SOLANA_MAINNET, e as SOLANA_TESTNET, b as SolanaAdapter, f as SolanaWallet, a as createEvmAdapter, c as createSolanaAdapter, g as isEvmWallet, i as isSolanaWallet } from '../evm-BYjwU6ZW.cjs';
+import '../types-CcVAaoro.cjs';
 
 /**
  * Create all default adapters

package/dist/adapters/index.d.ts

@@ -1,7 +1,7 @@
-import { C as ChainAdapter } from '../types-DNx7-QUN.js';
-export { A as AdapterConfig, B as BalanceInfo, G as GenericWallet, S as SignedTransaction, W as WalletSet } from '../types-DNx7-QUN.js';
-export { A as ARBITRUM_ONE, B as BASE_MAINNET, h as BASE_SEPOLIA, j as ETHEREUM_MAINNET, E as EvmAdapter, k as EvmWallet, d as SOLANA_DEVNET, S as SOLANA_MAINNET, e as SOLANA_TESTNET, b as SolanaAdapter, f as SolanaWallet, a as createEvmAdapter, c as createSolanaAdapter, g as isEvmWallet, i as isSolanaWallet } from '../evm-ZDwQi4QL.js';
-import '../types-B7T6dZ-y.js';
+import { C as ChainAdapter } from '../types-BtpD4ULe.js';
+export { A as AdapterConfig, B as BalanceInfo, G as GenericWallet, S as SignedTransaction, W as WalletSet } from '../types-BtpD4ULe.js';
+export { A as ARBITRUM_ONE, B as BASE_MAINNET, h as BASE_SEPOLIA, j as ETHEREUM_MAINNET, E as EvmAdapter, k as EvmWallet, d as SOLANA_DEVNET, S as SOLANA_MAINNET, e as SOLANA_TESTNET, b as SolanaAdapter, f as SolanaWallet, a as createEvmAdapter, c as createSolanaAdapter, g as isEvmWallet, i as isSolanaWallet } from '../evm-71SZ7cjW.js';
+import '../types-CcVAaoro.js';
 
 /**
  * Create all default adapters

package/dist/client/index.cjs

@@ -614,10 +614,41 @@ function createX402Client(config) {
     rpcUrls = {},
     maxAmountAtomic,
     fetch: customFetch = globalThis.fetch,
-    verbose = false
+    verbose = false,
+    accessPass: accessPassConfig
   } = config;
   const log = verbose ? console.log.bind(console, "[x402]") : () => {
   };
+  const passCache = /* @__PURE__ */ new Map();
+  function getCachedPass(url) {
+    try {
+      const host = new URL(url).host;
+      const cached = passCache.get(host);
+      if (cached && cached.expiresAt > Date.now() / 1e3 + 10) {
+        return cached.jwt;
+      }
+      if (cached) {
+        passCache.delete(host);
+      }
+    } catch {
+    }
+    return null;
+  }
+  function cachePass(url, jwt) {
+    try {
+      const host = new URL(url).host;
+      const parts = jwt.split(".");
+      if (parts.length === 3) {
+        const payload = JSON.parse(atob(parts[1].replace(/-/g, "+").replace(/_/g, "/")));
+        if (payload.exp) {
+          passCache.set(host, { jwt, expiresAt: payload.exp });
+          log("Access pass cached for", host, "| expires:", new Date(payload.exp * 1e3).toISOString());
+        }
+      }
+    } catch {
+      log("Failed to cache access pass");
+    }
+  }
   const wallets = walletSet || {};
   if (legacyWallet && !wallets.solana && isSolanaWallet(legacyWallet)) {
     wallets.solana = legacyWallet;
@@ -652,13 +683,158 @@ function createX402Client(config) {
   function getRpcUrl(network, adapter) {
     return rpcUrls[network] || adapter.getDefaultRpcUrl(network);
   }
+  async function purchaseAccessPass(input, init, originalResponse, passInfo, url) {
+    let tierQuery = "";
+    if (accessPassConfig?.preferTier && passInfo.tiers) {
+      const match2 = passInfo.tiers.find((t) => t.id === accessPassConfig.preferTier);
+      if (match2) {
+        if (accessPassConfig.maxSpend && parseFloat(match2.price) > parseFloat(accessPassConfig.maxSpend)) {
+          throw new X402Error(
+            "access_pass_exceeds_max_spend",
+            `Access pass tier "${match2.id}" costs $${match2.price}, exceeds max spend $${accessPassConfig.maxSpend}`
+          );
+        }
+        tierQuery = `tier=${match2.id}`;
+      }
+    } else if (accessPassConfig?.preferDuration && passInfo.ratePerHour) {
+      tierQuery = `duration=${accessPassConfig.preferDuration}`;
+    } else if (passInfo.tiers && passInfo.tiers.length > 0) {
+      const cheapest = passInfo.tiers[0];
+      if (accessPassConfig?.maxSpend && parseFloat(cheapest.price) > parseFloat(accessPassConfig.maxSpend)) {
+        throw new X402Error(
+          "access_pass_exceeds_max_spend",
+          `Cheapest access pass costs $${cheapest.price}, exceeds max spend $${accessPassConfig?.maxSpend}`
+        );
+      }
+      tierQuery = `tier=${cheapest.id}`;
+    }
+    const passUrl = tierQuery ? url.includes("?") ? `${url}&${tierQuery}` : `${url}?${tierQuery}` : url;
+    log("Purchasing access pass:", tierQuery || "default tier");
+    const paymentRequiredHeader = originalResponse.headers.get("PAYMENT-REQUIRED");
+    if (!paymentRequiredHeader) return null;
+    let requirements;
+    try {
+      requirements = JSON.parse(atob(paymentRequiredHeader));
+    } catch {
+      return null;
+    }
+    const match = findPaymentOption(requirements.accepts);
+    if (!match) return null;
+    const { accept, adapter, wallet } = match;
+    if (adapter.name === "Solana" && !accept.extra?.feePayer) return null;
+    const USDC_MINTS = [
+      "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
+      "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+      "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+      "0x036CbD53842c5426634e7929541eC2318f3dCF7e"
+    ];
+    const decimals = accept.extra?.decimals ?? (USDC_MINTS.includes(accept.asset) ? 6 : void 0);
+    if (typeof decimals !== "number") return null;
+    const paymentAmount = accept.amount || accept.maxAmountRequired;
+    if (!paymentAmount) return null;
+    const rpcUrl = getRpcUrl(accept.network, adapter);
+    const balance = await adapter.getBalance(accept, wallet, rpcUrl);
+    const requiredAmount = Number(paymentAmount) / Math.pow(10, decimals);
+    if (balance < requiredAmount) {
+      throw new X402Error(
+        "insufficient_balance",
+        `Insufficient balance for access pass. Have $${balance.toFixed(4)}, need $${requiredAmount.toFixed(4)}`
+      );
+    }
+    const signedTx = await adapter.buildTransaction(accept, wallet, rpcUrl);
+    let payload;
+    if (adapter.name === "EVM") {
+      payload = JSON.parse(signedTx.serialized);
+    } else {
+      payload = { transaction: signedTx.serialized };
+    }
+    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    let resolvedResource = requirements.resource;
+    if (typeof requirements.resource === "string") {
+      try {
+        resolvedResource = new URL(requirements.resource, originalUrl).toString();
+      } catch {
+      }
+    } else if (requirements.resource && typeof requirements.resource === "object" && "url" in requirements.resource) {
+      const rObj = requirements.resource;
+      try {
+        resolvedResource = { ...rObj, url: new URL(rObj.url, originalUrl).toString() };
+      } catch {
+      }
+    }
+    const paymentSignature = {
+      x402Version: accept.x402Version ?? 2,
+      resource: resolvedResource,
+      accepted: accept,
+      payload
+    };
+    const paymentSignatureHeader = btoa(JSON.stringify(paymentSignature));
+    const passResponse = await customFetch(passUrl, {
+      ...init,
+      headers: {
+        ...init?.headers || {},
+        "PAYMENT-SIGNATURE": paymentSignatureHeader
+      }
+    });
+    if (!passResponse.ok) {
+      log("Pass purchase failed:", passResponse.status);
+      return null;
+    }
+    const accessPassJwt = passResponse.headers.get("ACCESS-PASS");
+    if (!accessPassJwt) {
+      return passResponse;
+    }
+    cachePass(url, accessPassJwt);
+    log("Access pass purchased and cached");
+    const retryResponse = await customFetch(input, {
+      ...init,
+      headers: {
+        ...init?.headers || {},
+        "Authorization": `Bearer ${accessPassJwt}`
+      }
+    });
+    return retryResponse;
+  }
   async function x402Fetch(input, init) {
-    log("Making request:", input);
+    const url = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    log("Making request:", url);
+    if (accessPassConfig) {
+      const cachedJwt = getCachedPass(url);
+      if (cachedJwt) {
+        log("Using cached access pass");
+        const passResponse = await customFetch(input, {
+          ...init,
+          headers: {
+            ...init?.headers || {},
+            "Authorization": `Bearer ${cachedJwt}`
+          }
+        });
+        if (passResponse.status !== 401 && passResponse.status !== 402) {
+          return passResponse;
+        }
+        log("Cached pass rejected (status", passResponse.status, "), purchasing new pass");
+        try {
+          passCache.delete(new URL(url).host);
+        } catch {
+        }
+      }
+    }
     const response = await customFetch(input, init);
     if (response.status !== 402) {
       return response;
     }
     log("Received 402 Payment Required");
+    const passTiersHeader = response.headers.get("X-ACCESS-PASS-TIERS");
+    if (accessPassConfig && passTiersHeader) {
+      log("Server offers access passes, purchasing...");
+      try {
+        const passInfo = JSON.parse(atob(passTiersHeader));
+        const passResponse = await purchaseAccessPass(input, init, response, passInfo, url);
+        if (passResponse) return passResponse;
+      } catch (e) {
+        log("Access pass purchase failed, falling back to per-request payment:", e);
+      }
+    }
     const paymentRequiredHeader = response.headers.get("PAYMENT-REQUIRED");
     if (!paymentRequiredHeader) {
       throw new X402Error(
@@ -875,7 +1051,8 @@ function wrapFetch(fetchImpl, options) {
     // facilitatorUrl is reserved for future use when we add facilitator selection
     rpcUrls,
     maxAmountAtomic,
-    verbose
+    verbose,
+    accessPass
   } = options;
   if (!walletPrivateKey && !evmPrivateKey) {
     throw new Error("At least one wallet private key is required (walletPrivateKey or evmPrivateKey)");
@@ -893,7 +1070,8 @@ function wrapFetch(fetchImpl, options) {
     rpcUrls,
     maxAmountAtomic,
     fetch: fetchImpl,
-    verbose
+    verbose,
+    accessPass
   };
   const client = createX402Client(clientConfig);
   return client.fetch.bind(client);