@dexterai/x402 2.0.0 → 3.0.0

package/dist/client/index.js

@@ -379,16 +379,40 @@ function createSolanaAdapter(config) {
 }
 
 // src/adapters/evm.ts
+var PERMIT2_ADDRESS = "0x000000000022D473030F116dDEE9F6B43aC78BA3";
+var X402_EXACT_PERMIT2_PROXY = "0x402085c248EeA27D92E8b30b2C58ed07f9E20001";
+var PERMIT2_WITNESS_TYPES = {
+  PermitWitnessTransferFrom: [
+    { name: "permitted", type: "TokenPermissions" },
+    { name: "spender", type: "address" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" },
+    { name: "witness", type: "Witness" }
+  ],
+  TokenPermissions: [
+    { name: "token", type: "address" },
+    { name: "amount", type: "uint256" }
+  ],
+  Witness: [
+    { name: "to", type: "address" },
+    { name: "validAfter", type: "uint256" }
+  ]
+};
+var MAX_UINT256 = BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
 var BASE_MAINNET = "eip155:8453";
 var BASE_SEPOLIA = "eip155:84532";
 var ARBITRUM_ONE = "eip155:42161";
 var POLYGON = "eip155:137";
 var OPTIMISM = "eip155:10";
 var AVALANCHE = "eip155:43114";
+var BSC_MAINNET = "eip155:56";
 var SKALE_BASE = "eip155:1187947933";
 var SKALE_BASE_SEPOLIA = "eip155:324705682";
 var ETHEREUM_MAINNET = "eip155:1";
+var BSC_USDT = "0x55d398326f99059fF775485246999027B3197955";
+var BSC_USDC = "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d";
 var CHAIN_IDS = {
+  [BSC_MAINNET]: 56,
   [BASE_MAINNET]: 8453,
   [BASE_SEPOLIA]: 84532,
   [ARBITRUM_ONE]: 42161,
@@ -400,6 +424,7 @@ var CHAIN_IDS = {
   [ETHEREUM_MAINNET]: 1
 };
 var DEFAULT_RPC_URLS2 = {
+  [BSC_MAINNET]: "https://bsc-dataseed1.binance.org",
   [BASE_MAINNET]: "https://api.dexter.cash/api/base/rpc",
   [BASE_SEPOLIA]: "https://sepolia.base.org",
   [ARBITRUM_ONE]: "https://arb1.arbitrum.io/rpc",
@@ -411,6 +436,7 @@ var DEFAULT_RPC_URLS2 = {
   [ETHEREUM_MAINNET]: "https://eth.llamarpc.com"
 };
 var USDC_ADDRESSES = {
+  [BSC_MAINNET]: BSC_USDC,
   [BASE_MAINNET]: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
   [BASE_SEPOLIA]: "0x036CbD53842c5426634e7929541eC2318f3dCF7e",
   [ARBITRUM_ONE]: "0xaf88d065e77c8cC2239327C5EDb3A432268e5831",
@@ -421,6 +447,10 @@ var USDC_ADDRESSES = {
   [SKALE_BASE_SEPOLIA]: "0x2e08028E3C4c2356572E096d8EF835cD5C6030bD",
   [ETHEREUM_MAINNET]: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48"
 };
+var BSC_STABLECOIN_ADDRESSES = {
+  [BSC_USDT]: { symbol: "USDT", decimals: 18 },
+  [BSC_USDC]: { symbol: "USDC", decimals: 18 }
+};
 function isEvmWallet(wallet) {
   if (!wallet || typeof wallet !== "object") return false;
   const w = wallet;
@@ -428,7 +458,7 @@ function isEvmWallet(wallet) {
 }
 var EvmAdapter = class {
   name = "EVM";
-  networks = [BASE_MAINNET, BASE_SEPOLIA, ETHEREUM_MAINNET, ARBITRUM_ONE];
+  networks = [BSC_MAINNET, BASE_MAINNET, BASE_SEPOLIA, ETHEREUM_MAINNET, ARBITRUM_ONE];
   config;
   log;
   constructor(config = {}) {
@@ -439,6 +469,7 @@ var EvmAdapter = class {
   canHandle(network) {
     if (this.networks.includes(network)) return true;
     if (network === "base") return true;
+    if (network === "bsc") return true;
     if (network === "ethereum") return true;
     if (network === "arbitrum") return true;
     if (network.startsWith("eip155:")) return true;
@@ -452,6 +483,7 @@ var EvmAdapter = class {
       return DEFAULT_RPC_URLS2[network];
     }
     if (network === "base") return DEFAULT_RPC_URLS2[BASE_MAINNET];
+    if (network === "bsc") return DEFAULT_RPC_URLS2[BSC_MAINNET];
     if (network === "ethereum") return DEFAULT_RPC_URLS2[ETHEREUM_MAINNET];
     if (network === "arbitrum") return DEFAULT_RPC_URLS2[ARBITRUM_ONE];
     return DEFAULT_RPC_URLS2[BASE_MAINNET];
@@ -471,6 +503,7 @@ var EvmAdapter = class {
       return parseInt(chainIdStr, 10);
     }
     if (network === "base") return 8453;
+    if (network === "bsc") return 56;
     if (network === "ethereum") return 1;
     if (network === "arbitrum") return 42161;
     return 8453;
@@ -520,13 +553,19 @@ var EvmAdapter = class {
     const paddedAddress = address.slice(2).toLowerCase().padStart(64, "0");
     return selector + paddedAddress;
   }
-  async buildTransaction(accept, wallet, _rpcUrl) {
+  async buildTransaction(accept, wallet, rpcUrl) {
     if (!isEvmWallet(wallet)) {
       throw new Error("Invalid EVM wallet");
     }
     if (!wallet.address) {
       throw new Error("Wallet not connected");
     }
+    if (accept.scheme === "exact-approval") {
+      return this.buildApprovalTransaction(accept, wallet, rpcUrl);
+    }
+    if (accept.extra?.assetTransferMethod === "permit2") {
+      return this.buildPermit2Transaction(accept, wallet, rpcUrl);
+    }
     const { payTo, asset, extra } = accept;
     const amount = accept.amount ?? accept.maxAmountRequired;
     if (!amount) {
@@ -597,6 +636,393 @@ var EvmAdapter = class {
       signature
     };
   }
+  // ===========================================================================
+  // exact-approval: BSC and other chains without EIP-3009
+  // ===========================================================================
+  /**
+   * Build a payment transaction for chains that use the approval-based scheme.
+   * The facilitator's /supported response provides the EIP-712 domain and types
+   * in accept.extra, so the client doesn't hardcode any contract addresses.
+   */
+  async buildApprovalTransaction(accept, wallet, rpcUrl) {
+    const { payTo, asset, extra } = accept;
+    const amount = accept.amount ?? accept.maxAmountRequired;
+    if (!amount) {
+      throw new Error("Missing amount in payment requirements");
+    }
+    const facilitatorContract = extra?.facilitatorContract;
+    if (!facilitatorContract) {
+      throw new Error(
+        "exact-approval scheme requires extra.facilitatorContract from the facilitator. The /supported endpoint should provide this."
+      );
+    }
+    if (!wallet.signTypedData) {
+      throw new Error("Wallet does not support signTypedData (EIP-712)");
+    }
+    this.log("Building approval-based transaction:", {
+      from: wallet.address,
+      to: payTo,
+      amount,
+      asset,
+      network: accept.network,
+      facilitatorContract
+    });
+    const url = rpcUrl || this.getDefaultRpcUrl(accept.network);
+    const fee = extra?.fee ?? "0";
+    const totalNeeded = BigInt(amount) + BigInt(fee);
+    const currentAllowance = await this.readAllowance(url, asset, wallet.address, facilitatorContract);
+    if (currentAllowance < totalNeeded) {
+      if (!wallet.sendTransaction) {
+        throw new Error(
+          "BSC payments require a wallet that supports sendTransaction for the one-time token approval. Use createEvmKeypairWallet() or a browser wallet with transaction support."
+        );
+      }
+      const approvalAmount = this.calculateApprovalAmount(amount, fee, extra?.approvalStrategy);
+      this.log(`Approving ${approvalAmount} for ${facilitatorContract} (current allowance: ${currentAllowance})`);
+      const approveTxHash = await wallet.sendTransaction({
+        to: asset,
+        data: this.encodeApprove(facilitatorContract, approvalAmount),
+        value: 0n
+      });
+      this.log(`Approval tx sent: ${approveTxHash}`);
+      await this.waitForReceipt(url, approveTxHash);
+      this.log("Approval confirmed");
+    } else {
+      this.log("Sufficient allowance, skipping approval");
+    }
+    const nonceBytes = new Uint8Array(16);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(nonceBytes);
+    const nonce = [...nonceBytes].reduce((acc, b) => acc * 256n + BigInt(b), 0n).toString();
+    const paymentIdBytes = new Uint8Array(32);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(paymentIdBytes);
+    const paymentId = "0x" + [...paymentIdBytes].map((b) => b.toString(16).padStart(2, "0")).join("");
+    const now = Math.floor(Date.now() / 1e3);
+    const deadline = now + (accept.maxTimeoutSeconds || 300);
+    const eip712Domain = extra?.eip712Domain;
+    const domain = eip712Domain ? {
+      name: eip712Domain.name,
+      version: eip712Domain.version,
+      chainId: BigInt(eip712Domain.chainId),
+      verifyingContract: eip712Domain.verifyingContract
+    } : {
+      name: "DexterBSCFacilitator",
+      version: "1",
+      chainId: BigInt(this.getChainId(accept.network)),
+      verifyingContract: facilitatorContract
+    };
+    const types = extra?.eip712Types ?? {
+      Payment: [
+        { name: "from", type: "address" },
+        { name: "to", type: "address" },
+        { name: "token", type: "address" },
+        { name: "amount", type: "uint256" },
+        { name: "fee", type: "uint256" },
+        { name: "nonce", type: "uint256" },
+        { name: "deadline", type: "uint256" },
+        { name: "paymentId", type: "bytes32" }
+      ]
+    };
+    const message = {
+      from: wallet.address,
+      to: payTo,
+      token: asset,
+      amount: BigInt(amount),
+      fee: BigInt(fee),
+      nonce: BigInt(nonce),
+      deadline: BigInt(deadline),
+      paymentId
+    };
+    const signature = await wallet.signTypedData({
+      domain,
+      types,
+      primaryType: "Payment",
+      message
+    });
+    this.log("EIP-712 Payment signature obtained");
+    const payload = {
+      from: wallet.address,
+      to: payTo,
+      token: asset,
+      amount,
+      fee,
+      nonce,
+      deadline,
+      paymentId,
+      signature
+    };
+    return {
+      serialized: JSON.stringify(payload),
+      signature
+    };
+  }
+  // ===========================================================================
+  // Permit2: Universal ERC-20 payments via Uniswap's Permit2 contract
+  // ===========================================================================
+  /**
+   * Build a Permit2 payment transaction. Used when the facilitator signals
+   * assetTransferMethod: "permit2" in extra (e.g., BSC where EIP-3009 is unavailable).
+   *
+   * Flow:
+   * 1. Check if token has approved the Permit2 contract. If not, approve(Permit2, maxUint256).
+   * 2. Sign EIP-712 PermitWitnessTransferFrom against the Permit2 contract.
+   * 3. Return { permit2Authorization, signature } payload for the facilitator.
+   */
+  async buildPermit2Transaction(accept, wallet, rpcUrl) {
+    const { payTo, asset } = accept;
+    const amount = accept.amount ?? accept.maxAmountRequired;
+    if (!amount) {
+      throw new Error("Missing amount in payment requirements");
+    }
+    if (!wallet.signTypedData) {
+      throw new Error("Wallet does not support signTypedData (EIP-712)");
+    }
+    this.log("Building Permit2 transaction:", {
+      from: wallet.address,
+      to: payTo,
+      amount,
+      asset,
+      network: accept.network
+    });
+    const url = rpcUrl || this.getDefaultRpcUrl(accept.network);
+    const currentAllowance = await this.readAllowance(url, asset, wallet.address, PERMIT2_ADDRESS);
+    let approvalExtension;
+    if (currentAllowance < BigInt(amount)) {
+      const approveData = this.encodeApprove(PERMIT2_ADDRESS, MAX_UINT256);
+      if (wallet.signTransaction) {
+        this.log(`Signing Permit2 approval for relay (current allowance: ${currentAllowance})`);
+        const chainId2 = this.getChainId(accept.network);
+        const gasPrice = await this.readGasPrice(url);
+        const nonce2 = await this.readNonce(url, wallet.address);
+        const signedTx = await wallet.signTransaction({
+          to: asset,
+          data: approveData,
+          chainId: chainId2,
+          gas: 50000n,
+          // standard ERC-20 approve
+          gasPrice,
+          nonce: nonce2
+        });
+        approvalExtension = {
+          erc20ApprovalGasSponsoring: {
+            info: {
+              from: wallet.address,
+              asset,
+              spender: PERMIT2_ADDRESS,
+              amount: MAX_UINT256.toString(),
+              signedTransaction: signedTx,
+              version: "1"
+            }
+          }
+        };
+        this.log("Permit2 approval signed for facilitator relay");
+      } else if (wallet.sendTransaction) {
+        this.log(`Approving Permit2 directly (current allowance: ${currentAllowance})`);
+        const approveTxHash = await wallet.sendTransaction({
+          to: asset,
+          data: approveData,
+          value: 0n
+        });
+        this.log(`Permit2 approval tx sent: ${approveTxHash}`);
+        await this.waitForReceipt(url, approveTxHash);
+        this.log("Permit2 approval confirmed");
+      } else {
+        throw new Error(
+          "Permit2 payments require a wallet that supports signTransaction or sendTransaction for the one-time Permit2 approval. Use createEvmKeypairWallet() or a browser wallet with transaction support."
+        );
+      }
+    } else {
+      this.log("Sufficient Permit2 allowance, skipping approval");
+    }
+    const nonceBytes = new Uint8Array(32);
+    (globalThis.crypto ?? (await import("crypto")).webcrypto).getRandomValues(nonceBytes);
+    const nonce = [...nonceBytes].reduce((acc, b) => acc * 256n + BigInt(b), 0n);
+    const now = Math.floor(Date.now() / 1e3);
+    const validAfter = now - 600;
+    const deadline = now + (accept.maxTimeoutSeconds || 300);
+    const chainId = this.getChainId(accept.network);
+    const domain = {
+      name: "Permit2",
+      chainId: BigInt(chainId),
+      verifyingContract: PERMIT2_ADDRESS
+    };
+    const message = {
+      permitted: {
+        token: asset,
+        amount: BigInt(amount)
+      },
+      spender: X402_EXACT_PERMIT2_PROXY,
+      nonce,
+      deadline: BigInt(deadline),
+      witness: {
+        to: payTo,
+        validAfter: BigInt(validAfter)
+      }
+    };
+    const signature = await wallet.signTypedData({
+      domain,
+      types: PERMIT2_WITNESS_TYPES,
+      primaryType: "PermitWitnessTransferFrom",
+      message
+    });
+    this.log("Permit2 PermitWitnessTransferFrom signature obtained");
+    const payload = {
+      signature,
+      permit2Authorization: {
+        from: wallet.address,
+        permitted: {
+          token: asset,
+          amount
+        },
+        spender: X402_EXACT_PERMIT2_PROXY,
+        nonce: nonce.toString(),
+        deadline: String(deadline),
+        witness: {
+          to: payTo,
+          validAfter: String(validAfter)
+        }
+      }
+    };
+    return {
+      serialized: JSON.stringify(payload),
+      signature,
+      extensions: approvalExtension
+    };
+  }
+  /**
+   * Read ERC-20 allowance via raw eth_call (no viem dependency needed).
+   */
+  async readAllowance(rpcUrl, token, owner, spender) {
+    const selector = "0xdd62ed3e";
+    const paddedOwner = owner.slice(2).toLowerCase().padStart(64, "0");
+    const paddedSpender = spender.slice(2).toLowerCase().padStart(64, "0");
+    const data = selector + paddedOwner + paddedSpender;
+    try {
+      const response = await fetch(rpcUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          jsonrpc: "2.0",
+          id: 1,
+          method: "eth_call",
+          params: [{ to: token, data }, "latest"]
+        })
+      });
+      const result = await response.json();
+      if (result.error || !result.result || result.result === "0x") return 0n;
+      return BigInt(result.result);
+    } catch {
+      return 0n;
+    }
+  }
+  /**
+   * Encode ERC-20 approve(address,uint256) calldata.
+   */
+  encodeApprove(spender, amount) {
+    const selector = "0x095ea7b3";
+    const paddedSpender = spender.slice(2).toLowerCase().padStart(64, "0");
+    const paddedAmount = amount.toString(16).padStart(64, "0");
+    return selector + paddedSpender + paddedAmount;
+  }
+  /**
+   * Wait for a transaction receipt by polling eth_getTransactionReceipt.
+   */
+  async waitForReceipt(rpcUrl, txHash, timeoutMs = 3e4) {
+    const start = Date.now();
+    while (Date.now() - start < timeoutMs) {
+      try {
+        const response = await fetch(rpcUrl, {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method: "eth_getTransactionReceipt",
+            params: [txHash]
+          })
+        });
+        const result = await response.json();
+        if (result.result) {
+          if (result.result.status === "0x0") {
+            throw new Error(`Approval transaction reverted: ${txHash}`);
+          }
+          return;
+        }
+      } catch (err) {
+        if (err instanceof Error && err.message.includes("reverted")) throw err;
+      }
+      await new Promise((r) => setTimeout(r, 2e3));
+    }
+    throw new Error(`Approval transaction receipt timeout after ${timeoutMs}ms: ${txHash}`);
+  }
+  /**
+   * Read gas price via eth_gasPrice RPC call.
+   */
+  async readGasPrice(rpcUrl) {
+    try {
+      const response = await fetch(rpcUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ jsonrpc: "2.0", id: 1, method: "eth_gasPrice", params: [] })
+      });
+      const result = await response.json();
+      return result.result ? BigInt(result.result) : 50000000n;
+    } catch {
+      return 50000000n;
+    }
+  }
+  /**
+   * Read transaction count (nonce) via eth_getTransactionCount RPC call.
+   */
+  async readNonce(rpcUrl, address) {
+    try {
+      const response = await fetch(rpcUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          jsonrpc: "2.0",
+          id: 1,
+          method: "eth_getTransactionCount",
+          params: [address, "latest"]
+        })
+      });
+      const result = await response.json();
+      return result.result ? parseInt(result.result, 16) : 0;
+    } catch {
+      return 0;
+    }
+  }
+  /**
+   * Calculate how much to approve based on the facilitator's approval strategy.
+   * Buffered approvals reduce the number of on-chain approval txs for micropayments.
+   */
+  calculateApprovalAmount(paymentAmount, fee, strategy) {
+    const total = BigInt(paymentAmount) + BigInt(fee);
+    if (!strategy || strategy.mode === "exact") {
+      return total;
+    }
+    const multiple = BigInt(strategy.defaultMultiple ?? 10);
+    const buffered = total * multiple;
+    if (strategy.maxCapUsd) {
+      const decimals = this.inferDecimals(paymentAmount);
+      const maxCap = BigInt(Math.floor(strategy.maxCapUsd * Math.pow(10, decimals)));
+      if (buffered > maxCap) return maxCap;
+    }
+    if (strategy.exactAboveUsd) {
+      const decimals = this.inferDecimals(paymentAmount);
+      const threshold = BigInt(Math.floor(strategy.exactAboveUsd * Math.pow(10, decimals)));
+      if (BigInt(paymentAmount) > threshold) return total;
+    }
+    return buffered;
+  }
+  /**
+   * Infer token decimals from payment amount magnitude.
+   * BSC stablecoins use 18 decimals, all others use 6.
+   * A $1 payment is 1000000 (6 dec) or 1000000000000000000 (18 dec).
+   * If the amount has > 12 digits, it's almost certainly 18 decimals.
+   */
+  inferDecimals(amount) {
+    return amount.length > 12 ? 18 : 6;
+  }
 };
 function createEvmAdapter(config) {
   return new EvmAdapter(config);
@@ -610,6 +1036,9 @@ function isKnownUSDC(asset) {
   for (const addr of Object.values(USDC_ADDRESSES)) {
     if (addr.toLowerCase() === lc) return true;
   }
+  for (const addr of Object.keys(BSC_STABLECOIN_ADDRESSES)) {
+    if (addr.toLowerCase() === lc) return true;
+  }
   return false;
 }
 
@@ -718,6 +1147,19 @@ function createX402Client(config) {
     }
     return candidates[0];
   }
+  function getChainDisplayName(network, adapterName) {
+    const names = {
+      "eip155:56": "BSC",
+      "eip155:8453": "Base",
+      "eip155:84532": "Base Sepolia",
+      "eip155:42161": "Arbitrum",
+      "eip155:137": "Polygon",
+      "eip155:10": "Optimism",
+      "eip155:43114": "Avalanche",
+      "eip155:1": "Ethereum"
+    };
+    return names[network] || adapterName;
+  }
   function getRpcUrl(network, adapter) {
     return rpcUrls[network] || adapter.getDefaultRpcUrl(network);
   }
@@ -810,6 +1252,9 @@ function createX402Client(config) {
       accepted: accept,
       payload
     };
+    if (signedTx.extensions) {
+      paymentSignature.extensions = signedTx.extensions;
+    }
     const paymentSignatureHeader = btoa(JSON.stringify(paymentSignature));
     const passResponse = await customFetch(passUrl, {
       ...init,
@@ -932,10 +1377,10 @@ function createX402Client(config) {
       const balance = await adapter.getBalance(accept, wallet, rpcUrl);
       const requiredAmount = Number(paymentAmount) / Math.pow(10, decimals);
       if (balance < requiredAmount) {
-        const network = adapter.name === "EVM" ? "Base" : "Solana";
+        const chainName = getChainDisplayName(accept.network, adapter.name);
         throw new X402Error(
           "insufficient_balance",
-          `Insufficient USDC balance on ${network}. Have $${balance.toFixed(4)}, need $${requiredAmount.toFixed(4)}`
+          `Insufficient balance on ${chainName}. Have $${balance.toFixed(4)}, need $${requiredAmount.toFixed(4)}`
         );
       }
       log(`Balance OK: $${balance.toFixed(4)} >= $${requiredAmount.toFixed(4)}`);
@@ -988,6 +1433,9 @@ function createX402Client(config) {
       accepted: accept,
       payload
     };
+    if (signedTx.extensions) {
+      paymentSignature.extensions = signedTx.extensions;
+    }
     const paymentSignatureHeader = btoa(JSON.stringify(paymentSignature));
     log("Retrying request with payment...");
     const retryResponse = await fetchWithRetry(input, {
@@ -1116,7 +1564,16 @@ async function createEvmKeypairWallet(privateKey) {
   const account = privateKeyToAccount(normalizedKey);
   return {
     address: account.address,
-    signTypedData: (params) => account.signTypedData(params)
+    signTypedData: (params) => account.signTypedData(params),
+    signTransaction: (params) => account.signTransaction({
+      to: params.to,
+      data: params.data,
+      chainId: params.chainId,
+      gas: params.gas,
+      gasPrice: params.gasPrice,
+      nonce: params.nonce,
+      type: "legacy"
+    })
   };
 }
 function isEvmKeypairWallet(wallet) {
@@ -1183,55 +1640,84 @@ function wrapFetch(fetchImpl, options) {
 }
 
 // src/client/discovery.ts
-var DEFAULT_MARKETPLACE = "https://x402.dexter.cash/api/facilitator/marketplace/resources";
-async function searchAPIs(options = {}) {
+var DEFAULT_CAPABILITY_ENDPOINT = "https://x402.dexter.cash/api/x402gle/capability";
+function formatPriceLabel(priceUsdc) {
+  if (priceUsdc == null) return "price on request";
+  if (priceUsdc === 0) return "free";
+  if (priceUsdc < 0.01) return `$${priceUsdc.toFixed(4)}`;
+  return `$${priceUsdc.toFixed(2)}`;
+}
+function mapResult(r) {
+  return {
+    resourceId: r.resourceId,
+    name: r.displayName ?? r.resourceUrl,
+    url: r.resourceUrl,
+    method: r.method || "GET",
+    price: formatPriceLabel(r.pricing.usdc),
+    priceUsdc: r.pricing.usdc,
+    network: r.pricing.network,
+    description: r.description ?? "",
+    category: r.category ?? "uncategorized",
+    qualityScore: r.verification.qualityScore,
+    verified: r.verification.status === "pass",
+    verificationStatus: r.verification.status,
+    totalCalls: r.usage.totalSettlements,
+    totalVolumeUsdc: r.usage.totalVolumeUsdc,
+    iconUrl: r.icon,
+    host: r.host,
+    gamingFlags: r.gaming.flags,
+    gamingSuspicious: r.gaming.suspicious,
+    tier: r.tier,
+    similarity: Math.round(r.similarity * 1e3) / 1e3,
+    why: r.why,
+    score: r.score
+  };
+}
+async function capabilitySearch(options) {
+  if (!options?.query || !options.query.trim()) {
+    throw new Error("capabilitySearch: query is required");
+  }
   const {
     query,
-    category,
-    network,
-    maxPrice,
-    verifiedOnly,
-    sort = "marketplace",
     limit = 20,
-    marketplaceUrl = DEFAULT_MARKETPLACE
+    unverified,
+    testnets,
+    rerank,
+    endpoint = DEFAULT_CAPABILITY_ENDPOINT
   } = options;
   const params = new URLSearchParams();
-  if (query) params.set("search", query);
-  if (category) params.set("category", category);
-  if (network) params.set("network", network);
-  if (maxPrice !== void 0) params.set("maxPrice", String(maxPrice));
-  if (verifiedOnly) params.set("verified", "true");
-  params.set("sort", sort);
-  params.set("order", "desc");
-  params.set("limit", String(Math.min(limit, 50)));
-  const url = `${marketplaceUrl}?${params.toString()}`;
+  params.set("q", query);
+  params.set("limit", String(Math.min(Math.max(limit, 1), 50)));
+  if (unverified) params.set("unverified", "true");
+  if (testnets) params.set("testnets", "true");
+  if (rerank === false) params.set("rerank", "false");
+  const url = `${endpoint}?${params.toString()}`;
   const response = await fetch(url, {
-    headers: { "Accept": "application/json" },
-    signal: AbortSignal.timeout(15e3)
+    headers: { Accept: "application/json" },
+    signal: AbortSignal.timeout(2e4)
   });
   if (!response.ok) {
-    throw new Error(`Marketplace search failed: ${response.status}`);
+    const body = await response.text().catch(() => "");
+    throw new Error(`Capability search failed: ${response.status} ${body.slice(0, 400)}`);
   }
   const data = await response.json();
-  if (!data.resources) return [];
-  return data.resources.map((r) => ({
-    name: r.displayName || r.resourceUrl,
-    url: r.resourceUrl,
-    method: r.method || "GET",
-    price: r.priceLabel || (r.priceUsdc ? `$${r.priceUsdc.toFixed(4)}` : "free"),
-    priceUsdc: r.priceUsdc ?? null,
-    network: r.priceNetwork ?? null,
-    description: r.description || "",
-    category: r.category || "uncategorized",
-    qualityScore: r.qualityScore ?? null,
-    verified: r.verificationStatus === "pass",
-    totalCalls: r.totalSettlements || 0,
-    totalVolume: r.totalVolumeUsdc ? `$${r.totalVolumeUsdc.toLocaleString("en-US", { minimumFractionDigits: 2 })}` : null,
-    seller: r.seller?.displayName ?? null,
-    sellerReputation: r.reputationScore ?? null,
-    authRequired: r.authRequired || false,
-    lastActive: r.lastSettlementAt ?? null
-  }));
+  if (!data.ok) {
+    throw new Error(
+      `Capability search error${data.stage ? ` at stage ${data.stage}` : ""}: ${data.error ?? "unknown"}`
+    );
+  }
+  return {
+    query: data.query,
+    strongResults: data.strongResults.map(mapResult),
+    relatedResults: data.relatedResults.map(mapResult),
+    strongCount: data.strongCount,
+    relatedCount: data.relatedCount,
+    topSimilarity: data.topSimilarity,
+    noMatchReason: data.noMatchReason,
+    rerank: data.rerank,
+    intent: data.intent,
+    durationMs: data.durationMs
+  };
 }
 
 // src/client/budget-account.ts
@@ -1368,6 +1854,7 @@ export {
   SOLANA_MAINNET,
   USDC_MINT,
   X402Error,
+  capabilitySearch,
   createBudgetAccount,
   createEvmAdapter,
   createEvmKeypairWallet,
@@ -1380,6 +1867,5 @@ export {
   getSponsoredRecommendations,
   isEvmKeypairWallet,
   isKeypairWallet,
-  searchAPIs,
   wrapFetch
 };