@dexterai/x402 2.0.0 → 2.1.0

package/dist/client/index.js

@@ -379,16 +379,40 @@ function createSolanaAdapter(config) {
 }
 
 // src/adapters/evm.ts
+var PERMIT2_ADDRESS = "0x000000000022D473030F116dDEE9F6B43aC78BA3";
+var X402_EXACT_PERMIT2_PROXY = "0x402085c248EeA27D92E8b30b2C58ed07f9E20001";
+var PERMIT2_WITNESS_TYPES = {
+  PermitWitnessTransferFrom: [
+    { name: "permitted", type: "TokenPermissions" },
+    { name: "spender", type: "address" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" },
+    { name: "witness", type: "Witness" }
+  ],
+  TokenPermissions: [
+    { name: "token", type: "address" },
+    { name: "amount", type: "uint256" }
+  ],
+  Witness: [
+    { name: "to", type: "address" },
+    { name: "validAfter", type: "uint256" }
+  ]
+};
+var MAX_UINT256 = BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
 var BASE_MAINNET = "eip155:8453";
 var BASE_SEPOLIA = "eip155:84532";
 var ARBITRUM_ONE = "eip155:42161";
 var POLYGON = "eip155:137";
 var OPTIMISM = "eip155:10";
 var AVALANCHE = "eip155:43114";
+var BSC_MAINNET = "eip155:56";
 var SKALE_BASE = "eip155:1187947933";
 var SKALE_BASE_SEPOLIA = "eip155:324705682";
 var ETHEREUM_MAINNET = "eip155:1";
+var BSC_USDT = "0x55d398326f99059fF775485246999027B3197955";
+var BSC_USDC = "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d";
 var CHAIN_IDS = {
+  [BSC_MAINNET]: 56,
   [BASE_MAINNET]: 8453,
   [BASE_SEPOLIA]: 84532,
   [ARBITRUM_ONE]: 42161,
@@ -400,6 +424,7 @@ var CHAIN_IDS = {
   [ETHEREUM_MAINNET]: 1
 };
 var DEFAULT_RPC_URLS2 = {
+  [BSC_MAINNET]: "https://bsc-dataseed1.binance.org",
   [BASE_MAINNET]: "https://api.dexter.cash/api/base/rpc",
   [BASE_SEPOLIA]: "https://sepolia.base.org",
   [ARBITRUM_ONE]: "https://arb1.arbitrum.io/rpc",
@@ -411,6 +436,7 @@ var DEFAULT_RPC_URLS2 = {
   [ETHEREUM_MAINNET]: "https://eth.llamarpc.com"
 };
 var USDC_ADDRESSES = {
+  [BSC_MAINNET]: BSC_USDC,
   [BASE_MAINNET]: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
   [BASE_SEPOLIA]: "0x036CbD53842c5426634e7929541eC2318f3dCF7e",
   [ARBITRUM_ONE]: "0xaf88d065e77c8cC2239327C5EDb3A432268e5831",
@@ -421,6 +447,10 @@ var USDC_ADDRESSES = {
   [SKALE_BASE_SEPOLIA]: "0x2e08028E3C4c2356572E096d8EF835cD5C6030bD",
   [ETHEREUM_MAINNET]: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48"
 };
+var BSC_STABLECOIN_ADDRESSES = {
+  [BSC_USDT]: { symbol: "USDT", decimals: 18 },
+  [BSC_USDC]: { symbol: "USDC", decimals: 18 }
+};
 function isEvmWallet(wallet) {
   if (!wallet || typeof wallet !== "object") return false;
   const w = wallet;
@@ -428,7 +458,7 @@ function isEvmWallet(wallet) {
 }
 var EvmAdapter = class {
   name = "EVM";
-  networks = [BASE_MAINNET, BASE_SEPOLIA, ETHEREUM_MAINNET, ARBITRUM_ONE];
+  networks = [BSC_MAINNET, BASE_MAINNET, BASE_SEPOLIA, ETHEREUM_MAINNET, ARBITRUM_ONE];
   config;
   log;
   constructor(config = {}) {
@@ -439,6 +469,7 @@ var EvmAdapter = class {
   canHandle(network) {
     if (this.networks.includes(network)) return true;
     if (network === "base") return true;
+    if (network === "bsc") return true;
     if (network === "ethereum") return true;
     if (network === "arbitrum") return true;
     if (network.startsWith("eip155:")) return true;
@@ -452,6 +483,7 @@ var EvmAdapter = class {
       return DEFAULT_RPC_URLS2[network];
     }
     if (network === "base") return DEFAULT_RPC_URLS2[BASE_MAINNET];
+    if (network === "bsc") return DEFAULT_RPC_URLS2[BSC_MAINNET];
     if (network === "ethereum") return DEFAULT_RPC_URLS2[ETHEREUM_MAINNET];
     if (network === "arbitrum") return DEFAULT_RPC_URLS2[ARBITRUM_ONE];
     return DEFAULT_RPC_URLS2[BASE_MAINNET];
@@ -471,6 +503,7 @@ var EvmAdapter = class {
       return parseInt(chainIdStr, 10);
     }
     if (network === "base") return 8453;
+    if (network === "bsc") return 56;
     if (network === "ethereum") return 1;
     if (network === "arbitrum") return 42161;
     return 8453;
@@ -520,13 +553,19 @@ var EvmAdapter = class {
     const paddedAddress = address.slice(2).toLowerCase().padStart(64, "0");
     return selector + paddedAddress;
   }
-  async buildTransaction(accept, wallet, _rpcUrl) {
+  async buildTransaction(accept, wallet, rpcUrl) {
     if (!isEvmWallet(wallet)) {
       throw new Error("Invalid EVM wallet");
     }
     if (!wallet.address) {
       throw new Error("Wallet not connected");
     }
+    if (accept.scheme === "exact-approval") {
+      return this.buildApprovalTransaction(accept, wallet, rpcUrl);
+    }
+    if (accept.extra?.assetTransferMethod === "permit2") {
+      return this.buildPermit2Transaction(accept, wallet, rpcUrl);
+    }
     const { payTo, asset, extra } = accept;
     const amount = accept.amount ?? accept.maxAmountRequired;
     if (!amount) {
@@ -597,6 +636,325 @@ var EvmAdapter = class {
       signature
     };
   }
+  // ===========================================================================
+  // exact-approval: BSC and other chains without EIP-3009
+  // ===========================================================================
+  /**
+   * Build a payment transaction for chains that use the approval-based scheme.
+   * The facilitator's /supported response provides the EIP-712 domain and types
+   * in accept.extra, so the client doesn't hardcode any contract addresses.
+   */
+  async buildApprovalTransaction(accept, wallet, rpcUrl) {
+    const { payTo, asset, extra } = accept;
+    const amount = accept.amount ?? accept.maxAmountRequired;
+    if (!amount) {
+      throw new Error("Missing amount in payment requirements");
+    }
+    const facilitatorContract = extra?.facilitatorContract;
+    if (!facilitatorContract) {
+      throw new Error(
+        "exact-approval scheme requires extra.facilitatorContract from the facilitator. The /supported endpoint should provide this."
+      );
+    }
+    if (!wallet.signTypedData) {
+      throw new Error("Wallet does not support signTypedData (EIP-712)");
+    }
+    this.log("Building approval-based transaction:", {
+      from: wallet.address,
+      to: payTo,
+      amount,
+      asset,
+      network: accept.network,
+      facilitatorContract
+    });
+    const url = rpcUrl || this.getDefaultRpcUrl(accept.network);
+    const fee = extra?.fee ?? "0";
+    const totalNeeded = BigInt(amount) + BigInt(fee);
+    const currentAllowance = await this.readAllowance(url, asset, wallet.address, facilitatorContract);
+    if (currentAllowance < totalNeeded) {
+      if (!wallet.sendTransaction) {
+        throw new Error(
+          "BSC payments require a wallet that supports sendTransaction for the one-time token approval. Use createEvmKeypairWallet() or a browser wallet with transaction support."
+        );
+      }
+      const approvalAmount = this.calculateApprovalAmount(amount, fee, extra?.approvalStrategy);
+      this.log(`Approving ${approvalAmount} for ${facilitatorContract} (current allowance: ${currentAllowance})`);
+      const approveTxHash = await wallet.sendTransaction({
+        to: asset,
+        data: this.encodeApprove(facilitatorContract, approvalAmount),
+        value: 0n
+      });
+      this.log(`Approval tx sent: ${approveTxHash}`);
+      await this.waitForReceipt(url, approveTxHash);
+      this.log("Approval confirmed");
+    } else {
+      this.log("Sufficient allowance, skipping approval");
+    }
+    const nonceBytes = new Uint8Array(16);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(nonceBytes);
+    const nonce = [...nonceBytes].reduce((acc, b) => acc * 256n + BigInt(b), 0n).toString();
+    const paymentIdBytes = new Uint8Array(32);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(paymentIdBytes);
+    const paymentId = "0x" + [...paymentIdBytes].map((b) => b.toString(16).padStart(2, "0")).join("");
+    const now = Math.floor(Date.now() / 1e3);
+    const deadline = now + (accept.maxTimeoutSeconds || 300);
+    const eip712Domain = extra?.eip712Domain;
+    const domain = eip712Domain ? {
+      name: eip712Domain.name,
+      version: eip712Domain.version,
+      chainId: BigInt(eip712Domain.chainId),
+      verifyingContract: eip712Domain.verifyingContract
+    } : {
+      name: "DexterBSCFacilitator",
+      version: "1",
+      chainId: BigInt(this.getChainId(accept.network)),
+      verifyingContract: facilitatorContract
+    };
+    const types = extra?.eip712Types ?? {
+      Payment: [
+        { name: "from", type: "address" },
+        { name: "to", type: "address" },
+        { name: "token", type: "address" },
+        { name: "amount", type: "uint256" },
+        { name: "fee", type: "uint256" },
+        { name: "nonce", type: "uint256" },
+        { name: "deadline", type: "uint256" },
+        { name: "paymentId", type: "bytes32" }
+      ]
+    };
+    const message = {
+      from: wallet.address,
+      to: payTo,
+      token: asset,
+      amount: BigInt(amount),
+      fee: BigInt(fee),
+      nonce: BigInt(nonce),
+      deadline: BigInt(deadline),
+      paymentId
+    };
+    const signature = await wallet.signTypedData({
+      domain,
+      types,
+      primaryType: "Payment",
+      message
+    });
+    this.log("EIP-712 Payment signature obtained");
+    const payload = {
+      from: wallet.address,
+      to: payTo,
+      token: asset,
+      amount,
+      fee,
+      nonce,
+      deadline,
+      paymentId,
+      signature
+    };
+    return {
+      serialized: JSON.stringify(payload),
+      signature
+    };
+  }
+  // ===========================================================================
+  // Permit2: Universal ERC-20 payments via Uniswap's Permit2 contract
+  // ===========================================================================
+  /**
+   * Build a Permit2 payment transaction. Used when the facilitator signals
+   * assetTransferMethod: "permit2" in extra (e.g., BSC where EIP-3009 is unavailable).
+   *
+   * Flow:
+   * 1. Check if token has approved the Permit2 contract. If not, approve(Permit2, maxUint256).
+   * 2. Sign EIP-712 PermitWitnessTransferFrom against the Permit2 contract.
+   * 3. Return { permit2Authorization, signature } payload for the facilitator.
+   */
+  async buildPermit2Transaction(accept, wallet, rpcUrl) {
+    const { payTo, asset } = accept;
+    const amount = accept.amount ?? accept.maxAmountRequired;
+    if (!amount) {
+      throw new Error("Missing amount in payment requirements");
+    }
+    if (!wallet.signTypedData) {
+      throw new Error("Wallet does not support signTypedData (EIP-712)");
+    }
+    this.log("Building Permit2 transaction:", {
+      from: wallet.address,
+      to: payTo,
+      amount,
+      asset,
+      network: accept.network
+    });
+    const url = rpcUrl || this.getDefaultRpcUrl(accept.network);
+    const currentAllowance = await this.readAllowance(url, asset, wallet.address, PERMIT2_ADDRESS);
+    if (currentAllowance < BigInt(amount)) {
+      if (!wallet.sendTransaction) {
+        throw new Error(
+          "Permit2 payments require a wallet that supports sendTransaction for the one-time Permit2 approval. Use createEvmKeypairWallet() or a browser wallet with transaction support."
+        );
+      }
+      this.log(`Approving Permit2 for ${asset} (current allowance: ${currentAllowance})`);
+      const approveTxHash = await wallet.sendTransaction({
+        to: asset,
+        data: this.encodeApprove(PERMIT2_ADDRESS, MAX_UINT256),
+        value: 0n
+      });
+      this.log(`Permit2 approval tx sent: ${approveTxHash}`);
+      await this.waitForReceipt(url, approveTxHash);
+      this.log("Permit2 approval confirmed");
+    } else {
+      this.log("Sufficient Permit2 allowance, skipping approval");
+    }
+    const nonceBytes = new Uint8Array(32);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(nonceBytes);
+    const nonce = [...nonceBytes].reduce((acc, b) => acc * 256n + BigInt(b), 0n);
+    const now = Math.floor(Date.now() / 1e3);
+    const validAfter = now - 600;
+    const deadline = now + (accept.maxTimeoutSeconds || 300);
+    const chainId = this.getChainId(accept.network);
+    const domain = {
+      name: "Permit2",
+      chainId: BigInt(chainId),
+      verifyingContract: PERMIT2_ADDRESS
+    };
+    const message = {
+      permitted: {
+        token: asset,
+        amount: BigInt(amount)
+      },
+      spender: X402_EXACT_PERMIT2_PROXY,
+      nonce,
+      deadline: BigInt(deadline),
+      witness: {
+        to: payTo,
+        validAfter: BigInt(validAfter)
+      }
+    };
+    const signature = await wallet.signTypedData({
+      domain,
+      types: PERMIT2_WITNESS_TYPES,
+      primaryType: "PermitWitnessTransferFrom",
+      message
+    });
+    this.log("Permit2 PermitWitnessTransferFrom signature obtained");
+    const payload = {
+      signature,
+      permit2Authorization: {
+        from: wallet.address,
+        permitted: {
+          token: asset,
+          amount
+        },
+        spender: X402_EXACT_PERMIT2_PROXY,
+        nonce: nonce.toString(),
+        deadline: String(deadline),
+        witness: {
+          to: payTo,
+          validAfter: String(validAfter)
+        }
+      }
+    };
+    return {
+      serialized: JSON.stringify(payload),
+      signature
+    };
+  }
+  /**
+   * Read ERC-20 allowance via raw eth_call (no viem dependency needed).
+   */
+  async readAllowance(rpcUrl, token, owner, spender) {
+    const selector = "0xdd62ed3e";
+    const paddedOwner = owner.slice(2).toLowerCase().padStart(64, "0");
+    const paddedSpender = spender.slice(2).toLowerCase().padStart(64, "0");
+    const data = selector + paddedOwner + paddedSpender;
+    try {
+      const response = await fetch(rpcUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          jsonrpc: "2.0",
+          id: 1,
+          method: "eth_call",
+          params: [{ to: token, data }, "latest"]
+        })
+      });
+      const result = await response.json();
+      if (result.error || !result.result || result.result === "0x") return 0n;
+      return BigInt(result.result);
+    } catch {
+      return 0n;
+    }
+  }
+  /**
+   * Encode ERC-20 approve(address,uint256) calldata.
+   */
+  encodeApprove(spender, amount) {
+    const selector = "0x095ea7b3";
+    const paddedSpender = spender.slice(2).toLowerCase().padStart(64, "0");
+    const paddedAmount = amount.toString(16).padStart(64, "0");
+    return selector + paddedSpender + paddedAmount;
+  }
+  /**
+   * Wait for a transaction receipt by polling eth_getTransactionReceipt.
+   */
+  async waitForReceipt(rpcUrl, txHash, timeoutMs = 3e4) {
+    const start = Date.now();
+    while (Date.now() - start < timeoutMs) {
+      try {
+        const response = await fetch(rpcUrl, {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method: "eth_getTransactionReceipt",
+            params: [txHash]
+          })
+        });
+        const result = await response.json();
+        if (result.result) {
+          if (result.result.status === "0x0") {
+            throw new Error(`Approval transaction reverted: ${txHash}`);
+          }
+          return;
+        }
+      } catch (err) {
+        if (err instanceof Error && err.message.includes("reverted")) throw err;
+      }
+      await new Promise((r) => setTimeout(r, 2e3));
+    }
+    throw new Error(`Approval transaction receipt timeout after ${timeoutMs}ms: ${txHash}`);
+  }
+  /**
+   * Calculate how much to approve based on the facilitator's approval strategy.
+   * Buffered approvals reduce the number of on-chain approval txs for micropayments.
+   */
+  calculateApprovalAmount(paymentAmount, fee, strategy) {
+    const total = BigInt(paymentAmount) + BigInt(fee);
+    if (!strategy || strategy.mode === "exact") {
+      return total;
+    }
+    const multiple = BigInt(strategy.defaultMultiple ?? 10);
+    const buffered = total * multiple;
+    if (strategy.maxCapUsd) {
+      const decimals = this.inferDecimals(paymentAmount);
+      const maxCap = BigInt(Math.floor(strategy.maxCapUsd * Math.pow(10, decimals)));
+      if (buffered > maxCap) return maxCap;
+    }
+    if (strategy.exactAboveUsd) {
+      const decimals = this.inferDecimals(paymentAmount);
+      const threshold = BigInt(Math.floor(strategy.exactAboveUsd * Math.pow(10, decimals)));
+      if (BigInt(paymentAmount) > threshold) return total;
+    }
+    return buffered;
+  }
+  /**
+   * Infer token decimals from payment amount magnitude.
+   * BSC stablecoins use 18 decimals, all others use 6.
+   * A $1 payment is 1000000 (6 dec) or 1000000000000000000 (18 dec).
+   * If the amount has > 12 digits, it's almost certainly 18 decimals.
+   */
+  inferDecimals(amount) {
+    return amount.length > 12 ? 18 : 6;
+  }
 };
 function createEvmAdapter(config) {
   return new EvmAdapter(config);
@@ -610,6 +968,9 @@ function isKnownUSDC(asset) {
   for (const addr of Object.values(USDC_ADDRESSES)) {
     if (addr.toLowerCase() === lc) return true;
   }
+  for (const addr of Object.keys(BSC_STABLECOIN_ADDRESSES)) {
+    if (addr.toLowerCase() === lc) return true;
+  }
   return false;
 }
 
@@ -718,6 +1079,19 @@ function createX402Client(config) {
     }
     return candidates[0];
   }
+  function getChainDisplayName(network, adapterName) {
+    const names = {
+      "eip155:56": "BSC",
+      "eip155:8453": "Base",
+      "eip155:84532": "Base Sepolia",
+      "eip155:42161": "Arbitrum",
+      "eip155:137": "Polygon",
+      "eip155:10": "Optimism",
+      "eip155:43114": "Avalanche",
+      "eip155:1": "Ethereum"
+    };
+    return names[network] || adapterName;
+  }
   function getRpcUrl(network, adapter) {
     return rpcUrls[network] || adapter.getDefaultRpcUrl(network);
   }
@@ -932,10 +1306,10 @@ function createX402Client(config) {
       const balance = await adapter.getBalance(accept, wallet, rpcUrl);
       const requiredAmount = Number(paymentAmount) / Math.pow(10, decimals);
       if (balance < requiredAmount) {
-        const network = adapter.name === "EVM" ? "Base" : "Solana";
+        const chainName = getChainDisplayName(accept.network, adapter.name);
         throw new X402Error(
           "insufficient_balance",
-          `Insufficient USDC balance on ${network}. Have $${balance.toFixed(4)}, need $${requiredAmount.toFixed(4)}`
+          `Insufficient balance on ${chainName}. Have $${balance.toFixed(4)}, need $${requiredAmount.toFixed(4)}`
         );
       }
       log(`Balance OK: $${balance.toFixed(4)} >= $${requiredAmount.toFixed(4)}`);