@drm3/sdk 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (228) hide show
  1. package/LICENSE +75 -0
  2. package/README.md +426 -0
  3. package/bin/drm3.js +255 -0
  4. package/dist/alerts-bell.d.ts +7 -0
  5. package/dist/alerts-bell.d.ts.map +1 -0
  6. package/dist/alerts-bell.js +118 -0
  7. package/dist/alerts-bell.js.map +1 -0
  8. package/dist/alerts-fetch.d.ts +41 -0
  9. package/dist/alerts-fetch.d.ts.map +1 -0
  10. package/dist/alerts-fetch.js +60 -0
  11. package/dist/alerts-fetch.js.map +1 -0
  12. package/dist/alerts-styles.d.ts +4 -0
  13. package/dist/alerts-styles.d.ts.map +1 -0
  14. package/dist/alerts-styles.js +49 -0
  15. package/dist/alerts-styles.js.map +1 -0
  16. package/dist/alerts.d.ts +3 -0
  17. package/dist/alerts.d.ts.map +1 -0
  18. package/dist/alerts.global.js +206 -0
  19. package/dist/alerts.global.text.js +2 -0
  20. package/dist/alerts.js +21 -0
  21. package/dist/alerts.js.map +1 -0
  22. package/dist/index.d.ts +64 -0
  23. package/dist/index.d.ts.map +1 -0
  24. package/dist/index.js +117 -0
  25. package/dist/index.js.map +1 -0
  26. package/dist/keys-canonical.d.ts +7 -0
  27. package/dist/keys-canonical.d.ts.map +1 -0
  28. package/dist/keys-canonical.js +57 -0
  29. package/dist/keys-canonical.js.map +1 -0
  30. package/dist/keys-generate.d.ts +39 -0
  31. package/dist/keys-generate.d.ts.map +1 -0
  32. package/dist/keys-generate.js +39 -0
  33. package/dist/keys-generate.js.map +1 -0
  34. package/dist/keys-verify.d.ts +62 -0
  35. package/dist/keys-verify.d.ts.map +1 -0
  36. package/dist/keys-verify.js +68 -0
  37. package/dist/keys-verify.js.map +1 -0
  38. package/dist/keys.d.ts +4 -0
  39. package/dist/keys.d.ts.map +1 -0
  40. package/dist/keys.js +22 -0
  41. package/dist/keys.js.map +1 -0
  42. package/dist/meter/adapter.d.ts +35 -0
  43. package/dist/meter/adapter.d.ts.map +1 -0
  44. package/dist/meter/adapter.js +0 -0
  45. package/dist/meter/adapter.js.map +1 -0
  46. package/dist/meter/cascade.d.ts +56 -0
  47. package/dist/meter/cascade.d.ts.map +1 -0
  48. package/dist/meter/cascade.js +64 -0
  49. package/dist/meter/cascade.js.map +1 -0
  50. package/dist/meter/client.d.ts +78 -0
  51. package/dist/meter/client.d.ts.map +1 -0
  52. package/dist/meter/client.js +84 -0
  53. package/dist/meter/client.js.map +1 -0
  54. package/dist/meter/core.d.ts +37 -0
  55. package/dist/meter/core.d.ts.map +1 -0
  56. package/dist/meter/core.js +49 -0
  57. package/dist/meter/core.js.map +1 -0
  58. package/dist/meter/gate-client.d.ts +94 -0
  59. package/dist/meter/gate-client.d.ts.map +1 -0
  60. package/dist/meter/gate-client.js +77 -0
  61. package/dist/meter/gate-client.js.map +1 -0
  62. package/dist/meter/gate-decide.d.ts +61 -0
  63. package/dist/meter/gate-decide.d.ts.map +1 -0
  64. package/dist/meter/gate-decide.js +54 -0
  65. package/dist/meter/gate-decide.js.map +1 -0
  66. package/dist/meter/gate.d.ts +10 -0
  67. package/dist/meter/gate.d.ts.map +1 -0
  68. package/dist/meter/gate.js +10 -0
  69. package/dist/meter/gate.js.map +1 -0
  70. package/dist/meter/index.d.ts +28 -0
  71. package/dist/meter/index.d.ts.map +1 -0
  72. package/dist/meter/index.js +28 -0
  73. package/dist/meter/index.js.map +1 -0
  74. package/dist/meter/meters-buckets.d.ts +56 -0
  75. package/dist/meter/meters-buckets.d.ts.map +1 -0
  76. package/dist/meter/meters-buckets.js +111 -0
  77. package/dist/meter/meters-buckets.js.map +1 -0
  78. package/dist/meter/meters-charge.d.ts +13 -0
  79. package/dist/meter/meters-charge.d.ts.map +1 -0
  80. package/dist/meter/meters-charge.js +76 -0
  81. package/dist/meter/meters-charge.js.map +1 -0
  82. package/dist/meter/meters.d.ts +63 -0
  83. package/dist/meter/meters.d.ts.map +1 -0
  84. package/dist/meter/meters.js +44 -0
  85. package/dist/meter/meters.js.map +1 -0
  86. package/dist/meter/plans.d.ts +63 -0
  87. package/dist/meter/plans.d.ts.map +1 -0
  88. package/dist/meter/plans.js +114 -0
  89. package/dist/meter/plans.js.map +1 -0
  90. package/dist/meter/pricebook.d.ts +32 -0
  91. package/dist/meter/pricebook.d.ts.map +1 -0
  92. package/dist/meter/pricebook.js +38 -0
  93. package/dist/meter/pricebook.js.map +1 -0
  94. package/dist/meter/resolve.d.ts +103 -0
  95. package/dist/meter/resolve.d.ts.map +1 -0
  96. package/dist/meter/resolve.js +100 -0
  97. package/dist/meter/resolve.js.map +1 -0
  98. package/dist/meter/sink.d.ts +26 -0
  99. package/dist/meter/sink.d.ts.map +1 -0
  100. package/dist/meter/sink.js +9 -0
  101. package/dist/meter/sink.js.map +1 -0
  102. package/dist/meter/sql/d1.d.ts +32 -0
  103. package/dist/meter/sql/d1.d.ts.map +1 -0
  104. package/dist/meter/sql/d1.js +41 -0
  105. package/dist/meter/sql/d1.js.map +1 -0
  106. package/dist/meter/sql/driver.d.ts +34 -0
  107. package/dist/meter/sql/driver.d.ts.map +1 -0
  108. package/dist/meter/sql/driver.js +17 -0
  109. package/dist/meter/sql/driver.js.map +1 -0
  110. package/dist/meter/sql/postgres.d.ts +23 -0
  111. package/dist/meter/sql/postgres.d.ts.map +1 -0
  112. package/dist/meter/sql/postgres.js +36 -0
  113. package/dist/meter/sql/postgres.js.map +1 -0
  114. package/dist/meter/sql/schema.d.ts +13 -0
  115. package/dist/meter/sql/schema.d.ts.map +1 -0
  116. package/dist/meter/sql/schema.js +32 -0
  117. package/dist/meter/sql/schema.js.map +1 -0
  118. package/dist/meter/sql/sql-adapter.d.ts +36 -0
  119. package/dist/meter/sql/sql-adapter.d.ts.map +1 -0
  120. package/dist/meter/sql/sql-adapter.js +124 -0
  121. package/dist/meter/sql/sql-adapter.js.map +1 -0
  122. package/dist/meter/sql/statements.d.ts +30 -0
  123. package/dist/meter/sql/statements.d.ts.map +1 -0
  124. package/dist/meter/sql/statements.js +24 -0
  125. package/dist/meter/sql/statements.js.map +1 -0
  126. package/dist/meter/types.d.ts +48 -0
  127. package/dist/meter/types.d.ts.map +1 -0
  128. package/dist/meter/types.js +8 -0
  129. package/dist/meter/types.js.map +1 -0
  130. package/dist/meter/units.d.ts +33 -0
  131. package/dist/meter/units.d.ts.map +1 -0
  132. package/dist/meter/units.js +45 -0
  133. package/dist/meter/units.js.map +1 -0
  134. package/dist/meter/wallet-buckets.d.ts +63 -0
  135. package/dist/meter/wallet-buckets.d.ts.map +1 -0
  136. package/dist/meter/wallet-buckets.js +131 -0
  137. package/dist/meter/wallet-buckets.js.map +1 -0
  138. package/dist/meter/wallet-charge.d.ts +15 -0
  139. package/dist/meter/wallet-charge.d.ts.map +1 -0
  140. package/dist/meter/wallet-charge.js +64 -0
  141. package/dist/meter/wallet-charge.js.map +1 -0
  142. package/dist/meter/wallet.d.ts +68 -0
  143. package/dist/meter/wallet.d.ts.map +1 -0
  144. package/dist/meter/wallet.js +47 -0
  145. package/dist/meter/wallet.js.map +1 -0
  146. package/dist/receipts-api.d.ts +5 -0
  147. package/dist/receipts-api.d.ts.map +1 -0
  148. package/dist/receipts-api.js +117 -0
  149. package/dist/receipts-api.js.map +1 -0
  150. package/dist/receipts-chain.d.ts +3 -0
  151. package/dist/receipts-chain.d.ts.map +1 -0
  152. package/dist/receipts-chain.js +121 -0
  153. package/dist/receipts-chain.js.map +1 -0
  154. package/dist/receipts-modal.d.ts +14 -0
  155. package/dist/receipts-modal.d.ts.map +1 -0
  156. package/dist/receipts-modal.js +100 -0
  157. package/dist/receipts-modal.js.map +1 -0
  158. package/dist/receipts-registry.d.ts +4 -0
  159. package/dist/receipts-registry.d.ts.map +1 -0
  160. package/dist/receipts-registry.js +54 -0
  161. package/dist/receipts-registry.js.map +1 -0
  162. package/dist/receipts-render.d.ts +9 -0
  163. package/dist/receipts-render.d.ts.map +1 -0
  164. package/dist/receipts-render.js +83 -0
  165. package/dist/receipts-render.js.map +1 -0
  166. package/dist/receipts-types.d.ts +61 -0
  167. package/dist/receipts-types.d.ts.map +1 -0
  168. package/dist/receipts-types.js +12 -0
  169. package/dist/receipts-types.js.map +1 -0
  170. package/dist/receipts-ui.d.ts +10 -0
  171. package/dist/receipts-ui.d.ts.map +1 -0
  172. package/dist/receipts-ui.js +103 -0
  173. package/dist/receipts-ui.js.map +1 -0
  174. package/dist/receipts-verify.d.ts +8 -0
  175. package/dist/receipts-verify.d.ts.map +1 -0
  176. package/dist/receipts-verify.js +113 -0
  177. package/dist/receipts-verify.js.map +1 -0
  178. package/dist/receipts.d.ts +9 -0
  179. package/dist/receipts.d.ts.map +1 -0
  180. package/dist/receipts.global.js +587 -0
  181. package/dist/receipts.global.text.js +2 -0
  182. package/dist/receipts.js +28 -0
  183. package/dist/receipts.js.map +1 -0
  184. package/dist/sso/index.d.ts +4 -0
  185. package/dist/sso/index.d.ts.map +1 -0
  186. package/dist/sso/index.js +10 -0
  187. package/dist/sso/index.js.map +1 -0
  188. package/dist/sso/jwt.d.ts +29 -0
  189. package/dist/sso/jwt.d.ts.map +1 -0
  190. package/dist/sso/jwt.js +73 -0
  191. package/dist/sso/jwt.js.map +1 -0
  192. package/dist/sso/launch.d.ts +70 -0
  193. package/dist/sso/launch.d.ts.map +1 -0
  194. package/dist/sso/launch.js +75 -0
  195. package/dist/sso/launch.js.map +1 -0
  196. package/dist/sso/revocation.d.ts +23 -0
  197. package/dist/sso/revocation.d.ts.map +1 -0
  198. package/dist/sso/revocation.js +53 -0
  199. package/dist/sso/revocation.js.map +1 -0
  200. package/dist/switcher.d.ts +22 -0
  201. package/dist/switcher.d.ts.map +1 -0
  202. package/dist/switcher.js +174 -0
  203. package/dist/switcher.js.map +1 -0
  204. package/dist/x402/chain.d.ts +49 -0
  205. package/dist/x402/chain.d.ts.map +1 -0
  206. package/dist/x402/chain.js +33 -0
  207. package/dist/x402/chain.js.map +1 -0
  208. package/dist/x402/crypto.d.ts +25 -0
  209. package/dist/x402/crypto.d.ts.map +1 -0
  210. package/dist/x402/crypto.js +74 -0
  211. package/dist/x402/crypto.js.map +1 -0
  212. package/dist/x402/eip712.d.ts +20 -0
  213. package/dist/x402/eip712.d.ts.map +1 -0
  214. package/dist/x402/eip712.js +49 -0
  215. package/dist/x402/eip712.js.map +1 -0
  216. package/dist/x402/envelope.d.ts +45 -0
  217. package/dist/x402/envelope.d.ts.map +1 -0
  218. package/dist/x402/envelope.js +50 -0
  219. package/dist/x402/envelope.js.map +1 -0
  220. package/dist/x402/index.d.ts +41 -0
  221. package/dist/x402/index.d.ts.map +1 -0
  222. package/dist/x402/index.js +41 -0
  223. package/dist/x402/index.js.map +1 -0
  224. package/dist/x402/verify.d.ts +51 -0
  225. package/dist/x402/verify.d.ts.map +1 -0
  226. package/dist/x402/verify.js +110 -0
  227. package/dist/x402/verify.js.map +1 -0
  228. package/package.json +100 -0
@@ -0,0 +1,174 @@
1
+ // @drm3/app-sdk/switcher - the DRM3 cross-app "waffle" switcher, as a one-call drop-in.
2
+ //
3
+ // import { mountAppSwitcher } from "@drm3/app-sdk/switcher";
4
+ // mountAppSwitcher(document.getElementById("drm3-apps"));
5
+ //
6
+ // Framework-agnostic, zero deps. Injects its own scoped styles, lazy-loads the canonical app
7
+ // catalog with live health from status.drm3.network, and renders a tile grid with a "you are
8
+ // here" marker for the current app. The same switcher that ships in the DRM3 account hub.
9
+ import { fetchApps, fetchBalance } from "./index.js";
10
+ const HEALTH = {
11
+ up: ["All systems go", "#22c55e"],
12
+ degraded: ["Partial outage", "#f59e0b"],
13
+ down: ["Down", "#ef4444"],
14
+ unknown: ["Status unknown", "#9ca3af"],
15
+ };
16
+ let stylesInjected = false;
17
+ function injectStyles() {
18
+ if (stylesInjected || typeof document === "undefined")
19
+ return;
20
+ stylesInjected = true;
21
+ const s = document.createElement("style");
22
+ s.textContent = `
23
+ .drm3sw{position:relative;display:inline-block;font-family:ui-sans-serif,system-ui,sans-serif}
24
+ .drm3sw-btn{display:grid;place-items:center;width:38px;height:38px;border:0;border-radius:10px;
25
+ background:transparent;color:inherit;cursor:pointer;opacity:.8}
26
+ .drm3sw-btn:hover{opacity:1;background:rgba(127,127,127,.12)}
27
+ .drm3sw-menu{position:absolute;right:0;top:46px;width:312px;max-height:70vh;overflow:auto;z-index:9999;
28
+ background:#0b0f14;border:1px solid #1e2733;border-radius:14px;padding:10px;
29
+ box-shadow:0 18px 50px rgba(0,0,0,.5);display:none}
30
+ .drm3sw[data-open="1"] .drm3sw-menu{display:block}
31
+ .drm3sw-h{display:flex;justify-content:space-between;align-items:center;padding:6px 8px 10px;
32
+ color:#cbd5e1;font-size:13px;font-weight:600}
33
+ .drm3sw-h span{color:#64748b;font-size:11px;font-weight:500}
34
+ .drm3sw-list{display:block}
35
+ .drm3sw-grid{display:grid;grid-template-columns:1fr 1fr;gap:8px}
36
+ .drm3sw-sec{padding:9px 4px 6px;font-size:10.5px;font-weight:700;text-transform:uppercase;letter-spacing:.08em;color:#64748b}
37
+ .drm3sw-a{display:flex;flex-direction:column;gap:7px;padding:11px;border-radius:11px;text-decoration:none;
38
+ background:#0f141b;border:1px solid #1b2430;transition:border-color .12s,transform .12s}
39
+ .drm3sw-a:hover{border-color:#2b6cb0;transform:translateY(-1px)}
40
+ .drm3sw-a[data-here="1"]{border-color:#2b6cb0;background:#101a26}
41
+ .drm3sw-ic{width:30px;height:30px;border-radius:9px;display:grid;place-items:center;color:#fff;
42
+ font-weight:700;font-size:14px}
43
+ .drm3sw-nm{color:#e8eef5;font-size:13px;font-weight:600;line-height:1.15}
44
+ .drm3sw-hl{display:flex;align-items:center;gap:5px;color:#94a3b8;font-size:10.5px}
45
+ .drm3sw-dot{width:6px;height:6px;border-radius:50%}
46
+ .drm3sw-foot{padding:10px 8px 4px;margin-top:6px;border-top:1px solid #1b2430}
47
+ .drm3sw-foot a{color:#7aa7d6;font-size:12px;text-decoration:none}
48
+ .drm3sw-foot a:hover{text-decoration:underline}`;
49
+ document.head.appendChild(s);
50
+ }
51
+ const WAFFLE_SVG = `<svg width="20" height="20" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
52
+ <circle cx="4" cy="4" r="1.9"/><circle cx="10" cy="4" r="1.9"/><circle cx="16" cy="4" r="1.9"/>
53
+ <circle cx="4" cy="10" r="1.9"/><circle cx="10" cy="10" r="1.9"/><circle cx="16" cy="10" r="1.9"/>
54
+ <circle cx="4" cy="16" r="1.9"/><circle cx="10" cy="16" r="1.9"/><circle cx="16" cy="16" r="1.9"/></svg>`;
55
+ function esc(s) {
56
+ return s.replace(/[&<>"]/g, (c) => ({ "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;" })[c]);
57
+ }
58
+ function isHere(a, currentId) {
59
+ if (currentId && a.id === currentId)
60
+ return true;
61
+ if (typeof location === "undefined")
62
+ return false;
63
+ try {
64
+ const h = new URL(a.url).hostname;
65
+ return !!h && (location.hostname === h || location.hostname.endsWith(h));
66
+ }
67
+ catch {
68
+ return false;
69
+ }
70
+ }
71
+ function tile(a, here) {
72
+ const [label, color] = HEALTH[a.health || "unknown"] || HEALTH.unknown;
73
+ const accent = a.color || "#2b6cb0";
74
+ return `<a class="drm3sw-a"${here ? ' data-here="1"' : ""} href="${esc(a.url)}">
75
+ <div class="drm3sw-ic" style="background:linear-gradient(135deg,${esc(accent)},#0f172a)">${esc((a.name || "?")[0])}</div>
76
+ <div class="drm3sw-nm">${esc(a.name)}</div>
77
+ <div class="drm3sw-hl"><span class="drm3sw-dot" style="background:${color}"></span>${esc(label)}</div>
78
+ </a>`;
79
+ }
80
+ // Sectioned layout (Current / Switch application) to match the Newsboy switcher.
81
+ function renderList(apps, currentId) {
82
+ if (!apps.length)
83
+ return `<div style="padding:14px 8px;color:#64748b;font-size:12px">No apps available.</div>`;
84
+ const cur = apps.filter((a) => isHere(a, currentId));
85
+ const oth = apps.filter((a) => !isHere(a, currentId));
86
+ let h = "";
87
+ if (cur.length)
88
+ h += `<div class="drm3sw-sec">Current</div><div class="drm3sw-grid">${cur.map((a) => tile(a, true)).join("")}</div>`;
89
+ if (oth.length)
90
+ h += `<div class="drm3sw-sec">Switch application</div><div class="drm3sw-grid">${oth.map((a) => tile(a, false)).join("")}</div>`;
91
+ return h;
92
+ }
93
+ /**
94
+ * Mount the DRM3 app-switcher into `target`. Idempotent per element; lazy-loads on first open.
95
+ * Signed-in-only: when the user is not authenticated, nothing is rendered (the target is left empty).
96
+ */
97
+ export function mountAppSwitcher(target, opts = {}) {
98
+ if (!target || typeof document === "undefined")
99
+ return;
100
+ // The switcher is private to a signed-in user. Resolve auth first and only build the
101
+ // UI when a DRM3 session is confirmed; otherwise leave the target empty (fail closed).
102
+ if (opts.authed === false) {
103
+ target.replaceChildren();
104
+ return;
105
+ }
106
+ if (opts.authed === true) {
107
+ buildSwitcher(target, opts);
108
+ return;
109
+ }
110
+ // Unknown: probe the account hub. fetchBalance returns null when not signed in (or the
111
+ // hub is unreachable), so an unauthenticated visitor never sees the switcher.
112
+ void fetchBalance(opts.ssoToken).then((bal) => {
113
+ if (bal)
114
+ buildSwitcher(target, opts);
115
+ });
116
+ }
117
+ function buildSwitcher(target, opts) {
118
+ injectStyles();
119
+ target.classList.add("drm3sw");
120
+ target.innerHTML = `<button class="drm3sw-btn" aria-label="DRM3 apps" aria-expanded="false">${WAFFLE_SVG}</button>
121
+ <div class="drm3sw-menu" role="menu">
122
+ <div class="drm3sw-h">DRM3 apps <span>live status</span></div>
123
+ <div class="drm3sw-list">Loading...</div>
124
+ <div class="drm3sw-foot"><a href="https://drm3.network/account">Your DRM3 account &rarr;</a></div>
125
+ </div>`;
126
+ const btn = target.querySelector(".drm3sw-btn");
127
+ const list = target.querySelector(".drm3sw-list");
128
+ let cache = null;
129
+ let fetching = false;
130
+ // Fetch the catalog once, render from cache, and refresh quietly. Preloaded on
131
+ // mount (default) so the first open is instant instead of a spinner-then-pop.
132
+ const load = async () => {
133
+ if (cache)
134
+ list.innerHTML = renderList(cache, opts.currentId);
135
+ if (fetching)
136
+ return;
137
+ fetching = true;
138
+ try {
139
+ cache = await fetchApps();
140
+ list.innerHTML = renderList(cache, opts.currentId);
141
+ }
142
+ catch {
143
+ if (!cache)
144
+ list.innerHTML = `<div style="padding:14px 8px;color:#64748b;font-size:12px">Could not load apps.</div>`;
145
+ }
146
+ finally {
147
+ fetching = false;
148
+ }
149
+ };
150
+ const close = () => {
151
+ target.removeAttribute("data-open");
152
+ btn.setAttribute("aria-expanded", "false");
153
+ };
154
+ btn.addEventListener("click", (e) => {
155
+ e.stopPropagation();
156
+ const open = target.getAttribute("data-open") === "1";
157
+ if (open)
158
+ return close();
159
+ target.setAttribute("data-open", "1");
160
+ btn.setAttribute("aria-expanded", "true");
161
+ load(); // refresh health on open (instant paint from cache first)
162
+ });
163
+ if (opts.preload !== false)
164
+ load();
165
+ document.addEventListener("click", (e) => {
166
+ if (!target.contains(e.target))
167
+ close();
168
+ });
169
+ document.addEventListener("keydown", (e) => {
170
+ if (e.key === "Escape")
171
+ close();
172
+ });
173
+ }
174
+ //# sourceMappingURL=switcher.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"switcher.js","sourceRoot":"","sources":["../src/switcher.ts"],"names":[],"mappings":"AAAA,wFAAwF;AACxF,EAAE;AACF,+DAA+D;AAC/D,4DAA4D;AAC5D,EAAE;AACF,6FAA6F;AAC7F,6FAA6F;AAC7F,0FAA0F;AAE1F,OAAO,EAAgB,SAAS,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAEnE,MAAM,MAAM,GAAqC;IAC/C,EAAE,EAAE,CAAC,gBAAgB,EAAE,SAAS,CAAC;IACjC,QAAQ,EAAE,CAAC,gBAAgB,EAAE,SAAS,CAAC;IACvC,IAAI,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC;IACzB,OAAO,EAAE,CAAC,gBAAgB,EAAE,SAAS,CAAC;CACvC,CAAC;AAEF,IAAI,cAAc,GAAG,KAAK,CAAC;AAE3B,SAAS,YAAY;IACnB,IAAI,cAAc,IAAI,OAAO,QAAQ,KAAK,WAAW;QAAE,OAAO;IAC9D,cAAc,GAAG,IAAI,CAAC;IACtB,MAAM,CAAC,GAAG,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC,CAAC,WAAW,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;gDA0B8B,CAAC;IAC/C,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,GAAG;;;yGAGsF,CAAC;AAE1G,SAAS,GAAG,CAAC,CAAS;IACpB,OAAO,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAW,CAAC,CAAC;AAC/G,CAAC;AAED,SAAS,MAAM,CAAC,CAAU,EAAE,SAAkB;IAC5C,IAAI,SAAS,IAAI,CAAC,CAAC,EAAE,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,OAAO,QAAQ,KAAK,WAAW;QAAE,OAAO,KAAK,CAAC;IAClD,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QAClC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,IAAI,CAAC,CAAU,EAAE,IAAa;IACrC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,IAAI,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC;IACvE,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,IAAI,SAAS,CAAC;IACpC,OAAO,sBAAsB,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;oEACX,GAAG,CAAC,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;2BACzF,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;sEACgC,KAAK,YAAY,GAAG,CAAC,KAAK,CAAC;KAC5F,CAAC;AACN,CAAC;AAED,iFAAiF;AACjF,SAAS,UAAU,CAAC,IAAe,EAAE,SAAkB;IACrD,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,qFAAqF,CAAC;IAC/G,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACtD,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,IAAI,GAAG,CAAC,MAAM;QAAE,CAAC,IAAI,iEAAiE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;IACrI,IAAI,GAAG,CAAC,MAAM;QAAE,CAAC,IAAI,4EAA4E,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;IACjJ,OAAO,CAAC,CAAC;AACX,CAAC;AAmBD;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAA0B,EAAE,OAAwB,EAAE;IACrF,IAAI,CAAC,MAAM,IAAI,OAAO,QAAQ,KAAK,WAAW;QAAE,OAAO;IAEvD,qFAAqF;IACrF,uFAAuF;IACvF,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC1B,MAAM,CAAC,eAAe,EAAE,CAAC;QACzB,OAAO;IACT,CAAC;IACD,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QACzB,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC5B,OAAO;IACT,CAAC;IACD,uFAAuF;IACvF,8EAA8E;IAC9E,KAAK,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;QAC5C,IAAI,GAAG;YAAE,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CAAC,MAAmB,EAAE,IAAqB;IAC/D,YAAY,EAAE,CAAC;IACf,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,CAAC,SAAS,GAAG,2EAA2E,UAAU;;;;;OAKnG,CAAC;IACN,MAAM,GAAG,GAAG,MAAM,CAAC,aAAa,CAAC,aAAa,CAAsB,CAAC;IACrE,MAAM,IAAI,GAAG,MAAM,CAAC,aAAa,CAAC,cAAc,CAAgB,CAAC;IACjE,IAAI,KAAK,GAAqB,IAAI,CAAC;IACnC,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,+EAA+E;IAC/E,8EAA8E;IAC9E,MAAM,IAAI,GAAG,KAAK,IAAmB,EAAE;QACrC,IAAI,KAAK;YAAE,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9D,IAAI,QAAQ;YAAE,OAAO;QACrB,QAAQ,GAAG,IAAI,CAAC;QAChB,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,SAAS,EAAE,CAAC;YAC1B,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,KAAK;gBAAE,IAAI,CAAC,SAAS,GAAG,uFAAuF,CAAC;QACvH,CAAC;gBAAS,CAAC;YACT,QAAQ,GAAG,KAAK,CAAC;QACnB,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,MAAM,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;QACpC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC,CAAC;IACF,GAAG,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;QAClC,CAAC,CAAC,eAAe,EAAE,CAAC;QACpB,MAAM,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,GAAG,CAAC;QACtD,IAAI,IAAI;YAAE,OAAO,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;QACtC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC1C,IAAI,EAAE,CAAC,CAAC,0DAA0D;IACpE,CAAC,CAAC,CAAC;IACH,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK;QAAE,IAAI,EAAE,CAAC;IACnC,QAAQ,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;QACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAc,CAAC;YAAE,KAAK,EAAE,CAAC;IAClD,CAAC,CAAC,CAAC;IACH,QAAQ,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;QACzC,IAAK,CAAmB,CAAC,GAAG,KAAK,QAAQ;YAAE,KAAK,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC"}
@@ -0,0 +1,49 @@
1
+ /**
2
+ * @drm3/sdk/x402 - chain / asset config + resolution.
3
+ *
4
+ * The asset/chain a payment is bound to. Defaults are USDC on Base (the DRM3
5
+ * gateway default); an app on another asset/chain overrides these. The EIP-712
6
+ * domain binds a signature to exactly this asset + chain, so a signature for any
7
+ * other asset or chain cannot verify.
8
+ */
9
+ /** USDC (native, Circle) on Base mainnet. */
10
+ export declare const X402_ASSET_USDC_BASE = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913";
11
+ /** eip155:8453 (Base). */
12
+ export declare const BASE_CHAIN_ID = 8453n;
13
+ /** x402 network label for Base. */
14
+ export declare const BASE_NETWORK = "base";
15
+ /** Circle FiatTokenV2 EIP-712 domain name on Base. */
16
+ export declare const USDC_DOMAIN_NAME = "USD Coin";
17
+ /** Circle FiatTokenV2 EIP-712 domain version on Base. */
18
+ export declare const USDC_DOMAIN_VERSION = "2";
19
+ /** Default advertised authorization lifetime. */
20
+ export declare const DEFAULT_MAX_TIMEOUT_SECONDS = 60;
21
+ /** Default in-flight grace (seconds) so a fresh authorization is not rejected as near-expiry. */
22
+ export declare const DEFAULT_GRACE_SECONDS = 6n;
23
+ /**
24
+ * The asset/chain a payment is bound to. Defaults are USDC on Base (the DRM3
25
+ * gateway default); an app on another asset/chain overrides these. The EIP-712
26
+ * domain binds a signature to exactly this asset + chain, so a signature for any
27
+ * other asset or chain cannot verify.
28
+ */
29
+ export interface X402ChainConfig {
30
+ /** x402 network label. Default "base". */
31
+ network?: string;
32
+ /** ERC-20 (verifyingContract) address. Default native USDC on Base. */
33
+ asset?: string;
34
+ /** EIP-155 chain id. Default 8453n (Base). */
35
+ chainId?: bigint;
36
+ /** EIP-712 domain name. Default "USD Coin". */
37
+ domainName?: string;
38
+ /** EIP-712 domain version. Default "2". */
39
+ domainVersion?: string;
40
+ }
41
+ export interface ResolvedChain {
42
+ network: string;
43
+ asset: string;
44
+ chainId: bigint;
45
+ domainName: string;
46
+ domainVersion: string;
47
+ }
48
+ export declare function resolveChain(c?: X402ChainConfig): ResolvedChain;
49
+ //# sourceMappingURL=chain.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"chain.d.ts","sourceRoot":"","sources":["../../src/x402/chain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,6CAA6C;AAC7C,eAAO,MAAM,oBAAoB,+CAA+C,CAAC;AACjF,0BAA0B;AAC1B,eAAO,MAAM,aAAa,QAAQ,CAAC;AACnC,mCAAmC;AACnC,eAAO,MAAM,YAAY,SAAS,CAAC;AACnC,sDAAsD;AACtD,eAAO,MAAM,gBAAgB,aAAa,CAAC;AAC3C,yDAAyD;AACzD,eAAO,MAAM,mBAAmB,MAAM,CAAC;AACvC,iDAAiD;AACjD,eAAO,MAAM,2BAA2B,KAAK,CAAC;AAC9C,iGAAiG;AACjG,eAAO,MAAM,qBAAqB,KAAK,CAAC;AAExC;;;;;GAKG;AACH,MAAM,WAAW,eAAe;IAC9B,0CAA0C;IAC1C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uEAAuE;IACvE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,8CAA8C;IAC9C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+CAA+C;IAC/C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,2CAA2C;IAC3C,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,wBAAgB,YAAY,CAAC,CAAC,GAAE,eAAoB,GAAG,aAAa,CAQnE"}
@@ -0,0 +1,33 @@
1
+ /**
2
+ * @drm3/sdk/x402 - chain / asset config + resolution.
3
+ *
4
+ * The asset/chain a payment is bound to. Defaults are USDC on Base (the DRM3
5
+ * gateway default); an app on another asset/chain overrides these. The EIP-712
6
+ * domain binds a signature to exactly this asset + chain, so a signature for any
7
+ * other asset or chain cannot verify.
8
+ */
9
+ // ─── Chain / asset config ───
10
+ /** USDC (native, Circle) on Base mainnet. */
11
+ export const X402_ASSET_USDC_BASE = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913";
12
+ /** eip155:8453 (Base). */
13
+ export const BASE_CHAIN_ID = 8453n;
14
+ /** x402 network label for Base. */
15
+ export const BASE_NETWORK = "base";
16
+ /** Circle FiatTokenV2 EIP-712 domain name on Base. */
17
+ export const USDC_DOMAIN_NAME = "USD Coin";
18
+ /** Circle FiatTokenV2 EIP-712 domain version on Base. */
19
+ export const USDC_DOMAIN_VERSION = "2";
20
+ /** Default advertised authorization lifetime. */
21
+ export const DEFAULT_MAX_TIMEOUT_SECONDS = 60;
22
+ /** Default in-flight grace (seconds) so a fresh authorization is not rejected as near-expiry. */
23
+ export const DEFAULT_GRACE_SECONDS = 6n;
24
+ export function resolveChain(c = {}) {
25
+ return {
26
+ network: c.network ?? BASE_NETWORK,
27
+ asset: c.asset ?? X402_ASSET_USDC_BASE,
28
+ chainId: c.chainId ?? BASE_CHAIN_ID,
29
+ domainName: c.domainName ?? USDC_DOMAIN_NAME,
30
+ domainVersion: c.domainVersion ?? USDC_DOMAIN_VERSION,
31
+ };
32
+ }
33
+ //# sourceMappingURL=chain.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"chain.js","sourceRoot":"","sources":["../../src/x402/chain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,+BAA+B;AAE/B,6CAA6C;AAC7C,MAAM,CAAC,MAAM,oBAAoB,GAAG,4CAA4C,CAAC;AACjF,0BAA0B;AAC1B,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,CAAC;AACnC,mCAAmC;AACnC,MAAM,CAAC,MAAM,YAAY,GAAG,MAAM,CAAC;AACnC,sDAAsD;AACtD,MAAM,CAAC,MAAM,gBAAgB,GAAG,UAAU,CAAC;AAC3C,yDAAyD;AACzD,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAG,CAAC;AACvC,iDAAiD;AACjD,MAAM,CAAC,MAAM,2BAA2B,GAAG,EAAE,CAAC;AAC9C,iGAAiG;AACjG,MAAM,CAAC,MAAM,qBAAqB,GAAG,EAAE,CAAC;AA6BxC,MAAM,UAAU,YAAY,CAAC,IAAqB,EAAE;IAClD,OAAO;QACL,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,YAAY;QAClC,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB;QACtC,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,aAAa;QACnC,UAAU,EAAE,CAAC,CAAC,UAAU,IAAI,gBAAgB;QAC5C,aAAa,EAAE,CAAC,CAAC,aAAa,IAAI,mBAAmB;KACtD,CAAC;AACJ,CAAC"}
@@ -0,0 +1,25 @@
1
+ /**
2
+ * @drm3/sdk/x402 - secp256k1 / keccak256 primitives + hex helpers.
3
+ *
4
+ * The cryptographic floor of the x402 gateway: keccak256, EIP-3009 signer
5
+ * recovery (`ecrecover`), and the hex/bigint conversions the rest of the module
6
+ * builds on. Byte-identical to MorScan's reference implementation: DO NOT relax
7
+ * any check, constant, byte order, or comparison.
8
+ */
9
+ /** keccak256 hash of arbitrary bytes. */
10
+ export declare function keccak256(data: Uint8Array): Uint8Array;
11
+ /**
12
+ * Recover the signer's Ethereum address from a secp256k1 signature.
13
+ *
14
+ * @param messageHash - 32-byte hash of the signed message
15
+ * @param sigHex - 65-byte signature as hex string (r || s || v)
16
+ * @returns Checksumless lowercase Ethereum address (0x-prefixed)
17
+ */
18
+ export declare function ecrecover(messageHash: Uint8Array, sigHex: string): string;
19
+ /** Decode a hex string (with or without 0x prefix) to bytes. */
20
+ export declare function hexToBytes(hex: string): Uint8Array;
21
+ /** Encode bytes to a lowercase hex string (no 0x prefix). */
22
+ export declare function bytesToHex(bytes: Uint8Array): string;
23
+ /** Convert a big-endian byte array to a BigInt. */
24
+ export declare function bytesToBigInt(bytes: Uint8Array): bigint;
25
+ //# sourceMappingURL=crypto.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/x402/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,yCAAyC;AACzC,wBAAgB,SAAS,CAAC,IAAI,EAAE,UAAU,GAAG,UAAU,CAEtD;AAED;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CA8BzE;AAED,gEAAgE;AAChE,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAQlD;AAED,6DAA6D;AAC7D,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAMpD;AAED,mDAAmD;AACnD,wBAAgB,aAAa,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAMvD"}
@@ -0,0 +1,74 @@
1
+ /**
2
+ * @drm3/sdk/x402 - secp256k1 / keccak256 primitives + hex helpers.
3
+ *
4
+ * The cryptographic floor of the x402 gateway: keccak256, EIP-3009 signer
5
+ * recovery (`ecrecover`), and the hex/bigint conversions the rest of the module
6
+ * builds on. Byte-identical to MorScan's reference implementation: DO NOT relax
7
+ * any check, constant, byte order, or comparison.
8
+ */
9
+ import { secp256k1 } from "@noble/curves/secp256k1.js";
10
+ import { keccak_256 } from "@noble/hashes/sha3.js";
11
+ /** keccak256 hash of arbitrary bytes. */
12
+ export function keccak256(data) {
13
+ return keccak_256(data);
14
+ }
15
+ /**
16
+ * Recover the signer's Ethereum address from a secp256k1 signature.
17
+ *
18
+ * @param messageHash - 32-byte hash of the signed message
19
+ * @param sigHex - 65-byte signature as hex string (r || s || v)
20
+ * @returns Checksumless lowercase Ethereum address (0x-prefixed)
21
+ */
22
+ export function ecrecover(messageHash, sigHex) {
23
+ const sigBytes = hexToBytes(sigHex);
24
+ if (sigBytes.length !== 65) {
25
+ throw new Error(`Signature must be 65 bytes, got ${sigBytes.length}`);
26
+ }
27
+ const r = sigBytes.slice(0, 32);
28
+ const s = sigBytes.slice(32, 64);
29
+ let v = sigBytes[64];
30
+ // Normalize v: EIP-155 uses 27/28, @noble/curves uses 0/1
31
+ if (v >= 27)
32
+ v -= 27;
33
+ if (v !== 0 && v !== 1) {
34
+ throw new Error(`Invalid recovery id: ${v}`);
35
+ }
36
+ const rBig = bytesToBigInt(r);
37
+ const sBig = bytesToBigInt(s);
38
+ const sig = new secp256k1.Signature(rBig, sBig, v);
39
+ const pubkey = sig.recoverPublicKey(messageHash);
40
+ // Uncompressed public key (65 bytes: 0x04 || x || y) - skip the 0x04 prefix
41
+ const pubkeyBytes = pubkey.toBytes(false).slice(1); // 64 bytes
42
+ // Ethereum address = last 20 bytes of keccak256(pubkey_bytes)
43
+ const hash = keccak256(pubkeyBytes);
44
+ const address = hash.slice(12);
45
+ return `0x${bytesToHex(address)}`;
46
+ }
47
+ /** Decode a hex string (with or without 0x prefix) to bytes. */
48
+ export function hexToBytes(hex) {
49
+ const h = hex.startsWith("0x") ? hex.slice(2) : hex;
50
+ if (h.length % 2 !== 0)
51
+ throw new Error("Invalid hex string");
52
+ const bytes = new Uint8Array(h.length / 2);
53
+ for (let i = 0; i < bytes.length; i++) {
54
+ bytes[i] = Number.parseInt(h.slice(i * 2, i * 2 + 2), 16);
55
+ }
56
+ return bytes;
57
+ }
58
+ /** Encode bytes to a lowercase hex string (no 0x prefix). */
59
+ export function bytesToHex(bytes) {
60
+ let hex = "";
61
+ for (let i = 0; i < bytes.length; i++) {
62
+ hex += bytes[i].toString(16).padStart(2, "0");
63
+ }
64
+ return hex;
65
+ }
66
+ /** Convert a big-endian byte array to a BigInt. */
67
+ export function bytesToBigInt(bytes) {
68
+ let result = 0n;
69
+ for (let i = 0; i < bytes.length; i++) {
70
+ result = (result << 8n) | BigInt(bytes[i]);
71
+ }
72
+ return result;
73
+ }
74
+ //# sourceMappingURL=crypto.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/x402/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,yCAAyC;AACzC,MAAM,UAAU,SAAS,CAAC,IAAgB;IACxC,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,SAAS,CAAC,WAAuB,EAAE,MAAc;IAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,QAAQ,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,mCAAmC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAErB,0DAA0D;IAC1D,IAAI,CAAC,IAAI,EAAE;QAAE,CAAC,IAAI,EAAE,CAAC;IACrB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAE9B,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,GAAG,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IAEjD,4EAA4E;IAC5E,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW;IAE/D,8DAA8D;IAC9D,MAAM,IAAI,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAE/B,OAAO,KAAK,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;AACpC,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,MAAM,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACpD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,mDAAmD;AACnD,MAAM,UAAU,aAAa,CAAC,KAAiB;IAC7C,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
@@ -0,0 +1,20 @@
1
+ /**
2
+ * @drm3/sdk/x402 - EIP-712 / EIP-3009 TransferWithAuthorization digest.
3
+ *
4
+ * The typed-data typehashes + domain separator + the `transferAuthDigest` a
5
+ * client signs (and `verifyX402Payment` recovers against). Byte-identical to
6
+ * MorScan's reference implementation: DO NOT change any type string or byte
7
+ * order.
8
+ */
9
+ import { type X402ChainConfig } from "./chain.js";
10
+ export interface X402Authorization {
11
+ from: string;
12
+ to: string;
13
+ value: string;
14
+ validAfter: string;
15
+ validBefore: string;
16
+ nonce: string;
17
+ }
18
+ /** EIP-712 digest of a TransferWithAuthorization struct, bound to the given asset/chain. */
19
+ export declare function transferAuthDigest(a: X402Authorization, chainConfig?: X402ChainConfig): Uint8Array;
20
+ //# sourceMappingURL=eip712.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"eip712.d.ts","sourceRoot":"","sources":["../../src/x402/eip712.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAsB,KAAK,eAAe,EAAgB,MAAM,YAAY,CAAC;AAGpF,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;CACf;AAgDD,4FAA4F;AAC5F,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,iBAAiB,EAAE,WAAW,GAAE,eAAoB,GAAG,UAAU,CActG"}
@@ -0,0 +1,49 @@
1
+ /**
2
+ * @drm3/sdk/x402 - EIP-712 / EIP-3009 TransferWithAuthorization digest.
3
+ *
4
+ * The typed-data typehashes + domain separator + the `transferAuthDigest` a
5
+ * client signs (and `verifyX402Payment` recovers against). Byte-identical to
6
+ * MorScan's reference implementation: DO NOT change any type string or byte
7
+ * order.
8
+ */
9
+ import { resolveChain } from "./chain.js";
10
+ import { hexToBytes, keccak256 } from "./crypto.js";
11
+ // ─── EIP-712 / EIP-3009 verification ───
12
+ function encUint(v) {
13
+ const out = new Uint8Array(32);
14
+ let x = v;
15
+ for (let i = 31; i >= 0 && x > 0n; i--) {
16
+ out[i] = Number(x & 0xffn);
17
+ x >>= 8n;
18
+ }
19
+ return out;
20
+ }
21
+ function encAddress(addr) {
22
+ const out = new Uint8Array(32);
23
+ out.set(hexToBytes(addr), 12);
24
+ return out;
25
+ }
26
+ function concat(...parts) {
27
+ const total = parts.reduce((n, p) => n + p.length, 0);
28
+ const out = new Uint8Array(total);
29
+ let off = 0;
30
+ for (const p of parts) {
31
+ out.set(p, off);
32
+ off += p.length;
33
+ }
34
+ return out;
35
+ }
36
+ const enc = new TextEncoder();
37
+ const TYPEHASH = keccak256(enc.encode("TransferWithAuthorization(address from,address to,uint256 value,uint256 validAfter,uint256 validBefore,bytes32 nonce)"));
38
+ const DOMAIN_TYPEHASH = keccak256(enc.encode("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"));
39
+ /** EIP-712 domain separator for the asset/chain in `chain`. */
40
+ function domainSeparator(chain) {
41
+ return keccak256(concat(DOMAIN_TYPEHASH, keccak256(enc.encode(chain.domainName)), keccak256(enc.encode(chain.domainVersion)), encUint(chain.chainId), encAddress(chain.asset)));
42
+ }
43
+ /** EIP-712 digest of a TransferWithAuthorization struct, bound to the given asset/chain. */
44
+ export function transferAuthDigest(a, chainConfig = {}) {
45
+ const chain = resolveChain(chainConfig);
46
+ const structHash = keccak256(concat(TYPEHASH, encAddress(a.from), encAddress(a.to), encUint(BigInt(a.value)), encUint(BigInt(a.validAfter)), encUint(BigInt(a.validBefore)), hexToBytes(a.nonce)));
47
+ return keccak256(concat(new Uint8Array([0x19, 0x01]), domainSeparator(chain), structHash));
48
+ }
49
+ //# sourceMappingURL=eip712.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"eip712.js","sourceRoot":"","sources":["../../src/x402/eip712.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAA4C,YAAY,EAAE,MAAM,YAAY,CAAC;AACpF,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAWpD,0CAA0C;AAE1C,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;QAC3B,CAAC,KAAK,EAAE,CAAC;IACX,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,UAAU,CAAC,IAAY;IAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,MAAM,CAAC,GAAG,KAAmB;IACpC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;AAC9B,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,uHAAuH,CAAC,CAAC,CAAC;AAChK,MAAM,eAAe,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,oFAAoF,CAAC,CAAC,CAAC;AAEpI,+DAA+D;AAC/D,SAAS,eAAe,CAAC,KAAoB;IAC3C,OAAO,SAAS,CACd,MAAM,CACJ,eAAe,EACf,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,EACvC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EACtB,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CACxB,CACF,CAAC;AACJ,CAAC;AAED,4FAA4F;AAC5F,MAAM,UAAU,kBAAkB,CAAC,CAAoB,EAAE,cAA+B,EAAE;IACxF,MAAM,KAAK,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,SAAS,CAC1B,MAAM,CACJ,QAAQ,EACR,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,EAClB,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAChB,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EACxB,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAC7B,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,EAC9B,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CACpB,CACF,CAAC;IACF,OAAO,SAAS,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;AAC7F,CAAC"}
@@ -0,0 +1,45 @@
1
+ /**
2
+ * @drm3/sdk/x402 - the spec-shaped 402 envelope + offers-menu builder.
3
+ *
4
+ * `x402Requirements` (the single `accepts` entry, x402 "exact" scheme) and
5
+ * `x402Body` (the full 402 Payment Required JSON body), plus the gateway +
6
+ * envelope option types. The payTo, price, and chain overrides come from the
7
+ * caller's config.
8
+ */
9
+ import { type X402ChainConfig } from "./chain.js";
10
+ /** Config for advertising and verifying an x402 gateway. `payTo` = the shared DRM3 gateway wallet. */
11
+ export interface X402GatewayConfig extends X402ChainConfig {
12
+ /** The wallet payments settle to (the shared DRM3 x402 gateway wallet). */
13
+ payTo: string;
14
+ /** The required price per call, in atomic asset units (USDC = 6 decimals). */
15
+ priceAtomic: bigint;
16
+ }
17
+ /** Options for the `accepts` requirement + the full 402 body. */
18
+ export interface X402EnvelopeOptions {
19
+ /** The resource URL being paid for. */
20
+ resource: string;
21
+ /** Human description shown in the `accepts` entry. */
22
+ description: string;
23
+ /** Advertised authorization lifetime. Default 60. */
24
+ maxTimeoutSeconds?: number;
25
+ /** Additive, non-spec access-door menu (app-specific; x402 clients ignore it). */
26
+ offers?: unknown;
27
+ /** Additive, non-spec plain-language pointer for a human who lands on the 402. */
28
+ hint?: string;
29
+ /** Optional error string to attach (e.g. why a submitted X-PAYMENT failed). */
30
+ error?: string;
31
+ }
32
+ /**
33
+ * The single `accepts` entry we advertise (x402 "exact" scheme). The client must
34
+ * sign a `TransferWithAuthorization` under the EIP-712 domain in `extra`.
35
+ */
36
+ export declare function x402Requirements(config: X402GatewayConfig, opts: Pick<X402EnvelopeOptions, "resource" | "description" | "maxTimeoutSeconds">): Record<string, unknown>;
37
+ /**
38
+ * Build the 402 Payment Required JSON body: the spec-shaped x402 envelope
39
+ * (`x402Version` + `accepts`, untouched for client compatibility) plus ADDITIVE
40
+ * non-spec fields the caller supplies - `offers` (an access-door menu) and `hint`
41
+ * (a plain-language pointer). x402 clients ignore unknown top-level fields, so
42
+ * the additions cannot break them.
43
+ */
44
+ export declare function x402Body(config: X402GatewayConfig, opts: X402EnvelopeOptions): Record<string, unknown>;
45
+ //# sourceMappingURL=envelope.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"envelope.d.ts","sourceRoot":"","sources":["../../src/x402/envelope.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAA+B,KAAK,eAAe,EAAgB,MAAM,YAAY,CAAC;AAI7F,sGAAsG;AACtG,MAAM,WAAW,iBAAkB,SAAQ,eAAe;IACxD,2EAA2E;IAC3E,KAAK,EAAE,MAAM,CAAC;IACd,8EAA8E;IAC9E,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,iEAAiE;AACjE,MAAM,WAAW,mBAAmB;IAClC,uCAAuC;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,WAAW,EAAE,MAAM,CAAC;IACpB,qDAAqD;IACrD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kFAAkF;IAClF,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,kFAAkF;IAClF,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+EAA+E;IAC/E,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,iBAAiB,EACzB,IAAI,EAAE,IAAI,CAAC,mBAAmB,EAAE,UAAU,GAAG,aAAa,GAAG,mBAAmB,CAAC,GAChF,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAezB;AAED;;;;;;GAMG;AACH,wBAAgB,QAAQ,CAAC,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,mBAAmB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAStG"}
@@ -0,0 +1,50 @@
1
+ /**
2
+ * @drm3/sdk/x402 - the spec-shaped 402 envelope + offers-menu builder.
3
+ *
4
+ * `x402Requirements` (the single `accepts` entry, x402 "exact" scheme) and
5
+ * `x402Body` (the full 402 Payment Required JSON body), plus the gateway +
6
+ * envelope option types. The payTo, price, and chain overrides come from the
7
+ * caller's config.
8
+ */
9
+ import { DEFAULT_MAX_TIMEOUT_SECONDS, resolveChain } from "./chain.js";
10
+ /**
11
+ * The single `accepts` entry we advertise (x402 "exact" scheme). The client must
12
+ * sign a `TransferWithAuthorization` under the EIP-712 domain in `extra`.
13
+ */
14
+ export function x402Requirements(config, opts) {
15
+ const chain = resolveChain(config);
16
+ return {
17
+ scheme: "exact",
18
+ network: chain.network,
19
+ maxAmountRequired: config.priceAtomic.toString(),
20
+ resource: opts.resource,
21
+ description: opts.description,
22
+ mimeType: "application/json",
23
+ payTo: config.payTo,
24
+ maxTimeoutSeconds: opts.maxTimeoutSeconds ?? DEFAULT_MAX_TIMEOUT_SECONDS,
25
+ asset: chain.asset,
26
+ // EIP-712 domain the client must sign under (per x402 exact/evm scheme).
27
+ extra: { name: chain.domainName, version: chain.domainVersion },
28
+ };
29
+ }
30
+ /**
31
+ * Build the 402 Payment Required JSON body: the spec-shaped x402 envelope
32
+ * (`x402Version` + `accepts`, untouched for client compatibility) plus ADDITIVE
33
+ * non-spec fields the caller supplies - `offers` (an access-door menu) and `hint`
34
+ * (a plain-language pointer). x402 clients ignore unknown top-level fields, so
35
+ * the additions cannot break them.
36
+ */
37
+ export function x402Body(config, opts) {
38
+ const body = {
39
+ x402Version: 1,
40
+ accepts: [x402Requirements(config, opts)],
41
+ };
42
+ if (opts.offers !== undefined)
43
+ body.offers = opts.offers;
44
+ if (opts.hint !== undefined)
45
+ body.hint = opts.hint;
46
+ if (opts.error)
47
+ body.error = opts.error;
48
+ return body;
49
+ }
50
+ //# sourceMappingURL=envelope.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"envelope.js","sourceRoot":"","sources":["../../src/x402/envelope.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,2BAA2B,EAAwB,YAAY,EAAE,MAAM,YAAY,CAAC;AA4B7F;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAC9B,MAAyB,EACzB,IAAiF;IAEjF,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACnC,OAAO;QACL,MAAM,EAAE,OAAO;QACf,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,iBAAiB,EAAE,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE;QAChD,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,QAAQ,EAAE,kBAAkB;QAC5B,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IAAI,2BAA2B;QACxE,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,yEAAyE;QACzE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE,KAAK,CAAC,aAAa,EAAE;KAChE,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,QAAQ,CAAC,MAAyB,EAAE,IAAyB;IAC3E,MAAM,IAAI,GAA4B;QACpC,WAAW,EAAE,CAAC;QACd,OAAO,EAAE,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;KAC1C,CAAC;IACF,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;QAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IACzD,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;IACnD,IAAI,IAAI,CAAC,KAAK;QAAE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IACxC,OAAO,IAAI,CAAC;AACd,CAAC"}
@@ -0,0 +1,41 @@
1
+ /**
2
+ * @drm3/sdk/x402 - the ONE shared DRM3 x402 payment gateway core.
3
+ *
4
+ * x402 agent micropayments (https://www.x402.org) - the "exact" scheme on Base.
5
+ * This is the studio model applied to x402: like one Stripe is one gateway for
6
+ * every checkout, this is one x402 gateway library for every DRM3 app. Every app
7
+ * (except MorScan, which stays its own animal with its own wallet + commerce
8
+ * seam) imports THIS to advertise a 402 and verify the signed EIP-3009 payment
9
+ * that follows, and every app points at the ONE shared DRM3 x402 gateway wallet
10
+ * (the funded `X402_PAY_TO`). The payTo, the price, and the storage (the replay
11
+ * gate / settlement ledger) are the caller's app-specific config; the crypto,
12
+ * the verification, and the 402 envelope live here, once.
13
+ *
14
+ * What this module is:
15
+ * - the secp256k1 / keccak256 primitives (`keccak256`, `ecrecover`, hex helpers),
16
+ * - the EIP-712 / EIP-3009 `TransferWithAuthorization` digest + full server-side
17
+ * verification of an `X-PAYMENT` header (`verifyX402Payment`), and
18
+ * - the spec-shaped 402 envelope + offers-menu builder (`x402Requirements`,
19
+ * `x402Body`).
20
+ *
21
+ * What this module is NOT: it holds no signing key, touches no database, and
22
+ * broadcasts nothing on-chain. `verifyX402Payment` here is pure and synchronous
23
+ * (envelope structure, scheme/network, payTo, amount, validity window, and the
24
+ * EIP-712 signature recovering the payer). The nonce-replay gate, the per-payer
25
+ * abuse cap, and settlement are storage-specific and stay in the calling app
26
+ * (Newsboy runs them against Postgres, for example). The verification here is
27
+ * byte-identical to MorScan's reference implementation: DO NOT relax any check.
28
+ *
29
+ * Zero runtime deps beyond @noble; Workers, Bun, and Node.
30
+ *
31
+ * This file is a thin barrel: the implementation lives in sibling modules split
32
+ * by concern - `crypto.ts` (secp/keccak/hex), `chain.ts` (asset/chain config),
33
+ * `eip712.ts` (the TransferWithAuthorization digest), `envelope.ts` (the 402
34
+ * envelope), and `verify.ts` (X-PAYMENT decoding + verification).
35
+ */
36
+ export { bytesToBigInt, bytesToHex, ecrecover, hexToBytes, keccak256 } from "./crypto.js";
37
+ export { BASE_CHAIN_ID, BASE_NETWORK, DEFAULT_GRACE_SECONDS, DEFAULT_MAX_TIMEOUT_SECONDS, USDC_DOMAIN_NAME, USDC_DOMAIN_VERSION, X402_ASSET_USDC_BASE, type X402ChainConfig, } from "./chain.js";
38
+ export { type X402Authorization, transferAuthDigest } from "./eip712.js";
39
+ export { type X402EnvelopeOptions, type X402GatewayConfig, x402Body, x402Requirements, } from "./envelope.js";
40
+ export { type DecodedPaymentHeader, decodePaymentHeader, type X402Payment, type X402VerifyConfig, type X402VerifyResult, verifyX402Payment, } from "./verify.js";
41
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/x402/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC1F,OAAO,EACL,aAAa,EACb,YAAY,EACZ,qBAAqB,EACrB,2BAA2B,EAC3B,gBAAgB,EAChB,mBAAmB,EACnB,oBAAoB,EACpB,KAAK,eAAe,GACrB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,KAAK,iBAAiB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACzE,OAAO,EACL,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,QAAQ,EACR,gBAAgB,GACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,KAAK,oBAAoB,EACzB,mBAAmB,EACnB,KAAK,WAAW,EAChB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,iBAAiB,GAClB,MAAM,aAAa,CAAC"}