npm - @fibo-crypto/react-sdk - Versions diffs - 0.3.0 - Mend

@fibo-crypto/react-sdk 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/LICENSE +21 -0
package/README.md +312 -0
package/dist/chunk-FRD4NVYJ.js +109 -0
package/dist/chunk-FRD4NVYJ.js.map +1 -0
package/dist/client.d.ts +284 -0
package/dist/client.js +3 -0
package/dist/client.js.map +1 -0
package/dist/index.d.ts +189 -0
package/dist/index.js +407 -0
package/dist/index.js.map +1 -0
package/package.json +75 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Fibo
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,312 @@
+# `@fibo-crypto/react-sdk`
+React SDK for [Fibo SaaS](https://docs.fibo-crypto.fr) — non-custodial crypto infrastructure for B2B platforms. Wraps the [Fibo REST API](https://docs.fibo-crypto.fr/docs/api-reference/introduction) and the underlying [Privy](https://privy.io) embedded-wallet provider so integrators get a single dependency to install.
+Status: **PoC v0.3**. Provides `FiboProvider`, `useFiboApi`, `useFiboAuth`, `useFiboWallet` (EVM + Solana + Bitcoin), `useFiboBalance`, `useFiboTransactions`, `useFiboSwap` (EVM same-chain + cross-chain via Biconomy MEE). Higher-level write-flows for `useFiboTransfer` + `useFiboYield` ship in v0.4+.
+## Install
+```bash
+# During pre-release: install from the tarball produced by `npm run pack:tgz`
+npm install <path-to-fibo-react-sdk-0.1.0.tgz> --legacy-peer-deps
+# Once published to public npm (post-M5):
+npm install @fibo-crypto/react-sdk --legacy-peer-deps
+```
+> **Note — `--legacy-peer-deps` flag**: Privy v3 declares optional peer dependencies (`@abstract-foundation/agw-client`, `@solana/kit`, `permissionless`, etc.) that npm 7+ may surface as `ERESOLVE` errors. If your install fails, retry with `--legacy-peer-deps`. A future SDK release will pin compatible versions in `overrides` so the flag is no longer needed.
+Peer deps: `react ^18 || ^19`, `react-dom ^18 || ^19`. The Privy SDK comes as a transitive dependency (per [ADR 0003](https://github.com/vigimani/fibo-saas/blob/main/docs/adr/0003-privy-as-transitive-dep-in-sdk.md)) — you don't install it separately.
+## Quickstart
+```tsx
+import { FiboProvider } from '@fibo-crypto/react-sdk';
+export default function RootLayout({ children }: { children: React.ReactNode }) {
+  return (
+    <FiboProvider
+      publishableKey={process.env.NEXT_PUBLIC_FIBO_PUBLISHABLE_KEY!}
+      externalUserId={session?.user?.id}
+      loginMethods={['email', 'passkey']}
+      theme={{ accent: '#5B44F9' }}
+    >
+      {children}
+    </FiboProvider>
+  );
+}
+```
+`publishableKey` is your `pk_test_*` / `pk_live_*` from the Fibo dashboard (or via `fibo keys mint` from the CLI). Never embed an `sk_*` in your frontend bundle.
+## Usage
+### `useFiboAuth()`
+Privy's auth state surfaced through Fibo's interface — login/logout, ready state, current user.
+```tsx
+import { useFiboAuth } from '@fibo-crypto/react-sdk';
+function LoginCard() {
+  const { isReady, isAuthenticated, user, login, logout } = useFiboAuth();
+  if (!isReady) return null;
+  if (!isAuthenticated) return <button onClick={login}>Sign in</button>;
+  return (
+    <div>
+      <p>Hello, {user?.email}</p>
+      <button onClick={logout}>Sign out</button>
+    </div>
+  );
+}
+```
+### `useFiboWallet()`
+Reads the user's embedded wallet addresses across **EVM + Solana + Bitcoin**. EVM and Solana are auto-provisioned by `FiboProvider` on the first login; Bitcoin requires an explicit creation step (`createBitcoinWallet()`).
+```tsx
+import { useFiboWallet } from '@fibo-crypto/react-sdk';
+function WalletAddresses() {
+  const {
+    isReady,
+    addresses,
+    bitcoinWallets,
+    createBitcoinWallet,
+  } = useFiboWallet();
+  if (!isReady) return <p>Loading…</p>;
+  return (
+    <ul>
+      <li>EVM: {addresses.evm ?? '—'}</li>
+      <li>Solana: {addresses.solana ?? '—'}</li>
+      <li>
+        Bitcoin: {addresses.bitcoin ?? (
+          <button onClick={() => createBitcoinWallet()}>Create BTC wallet</button>
+        )}
+      </li>
+    </ul>
+  );
+}
+```
+For raw PSBT signing on Bitcoin (transfers / swaps), use Privy's `@privy-io/react-auth/extended-chains` `useSignRawHash` hook directly — wire it into `@scure/btc-signer` PSBT inputs. A higher-level `useFiboBitcoinSwap` hook lands in v0.4.
+### `useFiboBalance(address, opts?)`
+Fetches the on-chain balance for an EVM address. Pass `null` for `address` while you wait for a wallet to be ready. Optional `refreshIntervalMs` enables polling.
+```tsx
+import { useFiboWallet, useFiboBalance } from '@fibo-crypto/react-sdk';
+function BalanceBadge() {
+  const { addresses } = useFiboWallet();
+  const { balance, isLoading, error, refetch } = useFiboBalance(
+    addresses.evm,
+    { refreshIntervalMs: 10_000 }, // poll every 10s
+  );
+  if (isLoading) return <span>Loading…</span>;
+  if (error) return <span>Error: {error.message}</span>;
+  return <span>{balance?.usdc.formatted ?? '—'} USDC</span>;
+}
+```
+### `useFiboSwap()`
+Quote → sign → submit ceremony for cross-chain (and same-chain) swaps via Biconomy MEE. The hook handles the full EIP-7702 authorization flow + MEE quote signing under the hood — Privy renders the signature UI.
+```tsx
+import { useFiboSwap, useFiboWallet } from '@fibo-crypto/react-sdk';
+function SwapButton() {
+  const { addresses } = useFiboWallet();
+  const {
+    quote,
+    executeSwap,
+    currentQuote,
+    expiresInSeconds,
+    isExpired,
+    isLoading,
+    phase,
+    error,
+    result,
+    reset,
+  } = useFiboSwap();
+  // 1. Get a quote (user picks amount via your UI)
+  async function onQuote() {
+    await quote({
+      source:      { token: '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913', chainId: 8453, amount: '5' }, // 5 USDC
+      destination: { token: '0x0000000000000000000000000000000000000000', chainId: 8453 }, // ETH
+      // userAddress auto-resolved from useFiboWallet().addresses.evm
+    });
+  }
+  // 2. Execute (user clicks confirm)
+  async function onExecute() {
+    const exec = await executeSwap();
+    console.log('MEE super hash:', exec.super_hash);
+    console.log('Tracker:', exec.tracker_url);
+  }
+  // 3. Allow re-quoting after success or error
+  const isDone = phase === 'done' || phase === 'error';
+  return (
+    <div>
+      <button onClick={onQuote} disabled={isLoading}>Get quote</button>
+      {currentQuote && phase !== 'done' && (
+        <>
+          <p>You receive ~{currentQuote.breakdown.destination.amount} (expires {expiresInSeconds}s)</p>
+          <button onClick={onExecute} disabled={isExpired || isLoading}>
+            {isLoading ? phase : 'Execute swap'}
+          </button>
+        </>
+      )}
+      {error && <p>Error: {error.message}</p>}
+      {result && (
+        <>
+          <p>Submitted ✓ super_hash={result.super_hash}</p>
+          <button onClick={reset}>New swap</button>
+        </>
+      )}
+      {isDone && !result && <button onClick={reset}>Try again</button>}
+    </div>
+  );
+}
+```
+`phase` walks through `'idle' → 'quoting' → 'preparing' → 'signing_authorization' → 'submitting' → 'signing_mee_quote' → 'executing' → 'done'`. Useful for showing fine-grained loading copy ("Awaiting signature…" vs "Submitting on-chain…"). Use `isLoading` for "is the hook currently working" boolean (true during any phase except `'idle'`, `'done'`, `'error'`).
+**Multi-wallet note**: `useFiboSwap` auto-resolves the EVM address from the first Privy embedded wallet (`walletClientType === 'privy'`). If the user has multiple EVM wallets connected (e.g., external wallet + embedded), pass `userAddress` explicitly in the `quote()` params to control which wallet is used. A wallet-picker flow lands in v0.4.
+**Scope v0.3**: EVM same-chain + EVM cross-chain swaps (the routes that go through Biconomy MEE). Solana and Bitcoin swaps land in v0.4 with their own ceremonies.
+### `useFiboTransactions(opts?)`
+Lists the tenant's recent transactions. Supports filtering by `status` + cursor pagination via `before`.
+```tsx
+import { useFiboTransactions } from '@fibo-crypto/react-sdk';
+function RecentSwaps() {
+  const { transactions, isLoading, hasMore, nextBefore } = useFiboTransactions({
+    status: 'confirmed',
+    limit: 20,
+  });
+  if (isLoading) return <p>Loading…</p>;
+  return (
+    <ul>
+      {transactions.map((tx) => (
+        <li key={tx.id}>
+          {tx.kind} — {tx.source_amount} {tx.source_currency} →{' '}
+          {tx.dest_amount} {tx.dest_currency}
+        </li>
+      ))}
+      {hasMore && <button onClick={() => /* pass nextBefore as `before` */}>Load more</button>}
+    </ul>
+  );
+}
+```
+### `useFiboApi()`
+Returns the typed REST client. Use for any endpoint not covered by a higher-level hook.
+```tsx
+import { useFiboApi } from '@fibo-crypto/react-sdk';
+function CustomCall() {
+  const api = useFiboApi();
+  useEffect(() => {
+    api.listTransactions({ status: 'failed', limit: 5 }).then((r) => console.log(r.data));
+  }, [api]);
+  return null;
+}
+```
+### Non-React contexts
+The HTTP client is exported standalone via the `/client` sub-export — no React dependency, usable from a Node.js script or Bun:
+```ts
+import { createFiboClient } from '@fibo-crypto/react-sdk/client';
+const fibo = createFiboClient({
+  baseUrl: 'https://api.fibo-crypto.fr',
+  apiKey: process.env.FIBO_API_KEY!,
+});
+const balance = await fibo.getEvmBalance('0xabc...');
+```
+## Configuration
+| Prop | Default | Description |
+|---|---|---|
+| `publishableKey` | (required) | Your Fibo `pk_*` key |
+| `baseUrl` | `https://api.fibo-crypto.fr` | Override for sandbox / local dev (`http://localhost:3001`) |
+| `externalUserId` | `undefined` | Your own user id, echoed in webhook payloads |
+| `loginMethods` | `['email', 'google', 'apple']` | Privy login providers shown in the modal |
+| `theme.accent` | `#5B44F9` | Accent color for Privy modals |
+| `theme.fontFamily` | `undefined` | Font family for Privy modals |
+| `privyAppIdOverride` | (Fibo's shared app) | Rarely used — only when a custom contractual Privy app is provisioned |
+## Errors
+Every API call throws `FiboApiError` on a non-2xx response — fields `status`, `code`, `message`, `details`, `request_id`.
+```ts
+import { FiboApiError } from '@fibo-crypto/react-sdk';
+try {
+  await api.prepareTx({ quote_id, user_address });
+} catch (err) {
+  if (err instanceof FiboApiError) {
+    console.error(`Fibo error ${err.code} (${err.status})`, err.message);
+    if (err.request_id) console.error('request_id:', err.request_id);
+  } else {
+    throw err;
+  }
+}
+```
+`request_id` is the canonical trace id for the request — include it when reporting issues to Fibo support.
+## Build & publish
+```bash
+npm install              # one-time
+npm run typecheck         # tsc --noEmit, strict + noUncheckedIndexedAccess
+npm run build             # tsup -> dist/ (ESM + d.ts)
+npm run pack:tgz          # produces fibo-react-sdk-0.3.0.tgz
+```
+The tarball can be referenced directly in an integrator's `package.json` (`"@fibo-crypto/react-sdk": "https://cdn.fibo-crypto.fr/sdk/react-sdk-0.3.0.tgz"`) ahead of the public npm publication.
+## Roadmap
+**Shipped in v0.3** (current):
+- Privy v3 — bitcoin-taproot in extended-chains
+- `useFiboWallet` — EVM + Solana + Bitcoin address readout + BTC creation
+- `useFiboSwap` — EVM quote → sign → submit ceremony via Biconomy MEE
+**Shipped in v0.2**:
+- `useFiboBalance` — EVM balance with optional polling
+- `useFiboTransactions` — paginated history
+**Next (v0.4+)**:
+- `useFiboSwap` extended to Solana + Bitcoin routes
+- `useFiboTransfer` — cross-chain transfer
+- `useFiboYield` — Aave + Beefy supply/withdraw
+- Sub-export `@fibo-crypto/react-sdk/monerium` — drop-in SEPA on-ramp connector
+- Sub-export `@fibo-crypto/react-sdk/transak` — drop-in card on-ramp connector
+- React Native package `@fibo/native-sdk` — same hooks, Privy Expo runtime
+## License
+UNLICENSED — internal use only during PoC. Public license decision lands at first paid integrator.

package/dist/chunk-FRD4NVYJ.js ADDED Viewed

@@ -0,0 +1,109 @@
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.fibo-crypto.fr";
+var FiboApiError = class extends Error {
+  status;
+  code;
+  details;
+  request_id;
+  constructor(info) {
+    super(`[${info.status} ${info.code}] ${info.message}`);
+    this.name = "FiboApiError";
+    this.status = info.status;
+    this.code = info.code;
+    this.details = info.details;
+    this.request_id = info.request_id;
+  }
+};
+async function parseError(res) {
+  const text = await res.text();
+  try {
+    const j = JSON.parse(text);
+    return {
+      status: res.status,
+      code: j.error?.code ?? `http_${res.status}`,
+      message: j.error?.message ?? res.statusText,
+      details: j.error?.details,
+      request_id: j.error?.request_id
+    };
+  } catch {
+    return {
+      status: res.status,
+      code: `http_${res.status}`,
+      message: res.statusText
+    };
+  }
+}
+function createFiboClient(config) {
+  if (!config.allowSecretKey && config.apiKey.startsWith("sk_")) {
+    throw new Error(
+      "FiboProvider / createFiboClient requires a publishable key (pk_test_* / pk_live_*). Secret keys (sk_*) must never be embedded in browser code. For trusted server-side contexts, pass `allowSecretKey: true` explicitly."
+    );
+  }
+  const baseUrl = (config.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  async function request(args) {
+    const headers = {
+      Accept: "application/json",
+      Authorization: `Bearer ${config.apiKey}`
+    };
+    if (args.body !== void 0) headers["Content-Type"] = "application/json";
+    const res = await fetch(`${baseUrl}${args.path}`, {
+      method: args.method,
+      headers,
+      body: args.body !== void 0 ? JSON.stringify(args.body) : void 0,
+      signal: args.signal
+    });
+    if (res.status === 204) return void 0;
+    if (!res.ok) throw new FiboApiError(await parseError(res));
+    const text = await res.text();
+    if (!text) return void 0;
+    return JSON.parse(text);
+  }
+  return {
+    request,
+    health: () => request({ method: "GET", path: "/health" }),
+    quoteSwap: (params) => request({
+      method: "POST",
+      path: "/v1/quote",
+      body: { product: "swap", ...params }
+    }),
+    quoteBuyEure: (params) => request({
+      method: "POST",
+      path: "/v1/quote",
+      body: { product: "buy_eure", ...params }
+    }),
+    prepareTx: (params) => request({ method: "POST", path: "/v1/prepare-tx", body: params }),
+    submit: (params) => request({ method: "POST", path: "/v1/submit", body: params }),
+    executeSignedQuote: (params) => request({
+      method: "POST",
+      path: "/v1/execute-signed-quote",
+      body: params
+    }),
+    getTransaction: (id, opts) => request({
+      method: "GET",
+      path: `/v1/transactions/${id}`,
+      signal: opts?.signal
+    }),
+    listTransactions: (params, opts) => {
+      const qs = new URLSearchParams();
+      if (params?.limit !== void 0) qs.set("limit", String(params.limit));
+      if (params?.status) qs.set("status", params.status);
+      if (params?.before) qs.set("before", params.before);
+      const query = qs.toString();
+      return request({
+        method: "GET",
+        path: `/v1/transactions${query ? `?${query}` : ""}`,
+        signal: opts?.signal
+      });
+    },
+    moneriumCreateOrder: (params) => request({ method: "POST", path: "/v1/monerium/orders", body: params }),
+    getEvmBalance: (address, opts) => request({
+      method: "GET",
+      path: `/v1/balance/evm/${address}`,
+      signal: opts?.signal
+    })
+  };
+}
+export { DEFAULT_BASE_URL, FiboApiError, createFiboClient };
+//# sourceMappingURL=chunk-FRD4NVYJ.js.map
+//# sourceMappingURL=chunk-FRD4NVYJ.js.map

package/dist/chunk-FRD4NVYJ.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/client.ts"],"names":[],"mappings":";AAqBO,IAAM,gBAAA,GAAmB;AA+BzB,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtB,MAAA;AAAA,EACA,IAAA;AAAA,EACA,OAAA;AAAA,EACA,UAAA;AAAA,EAEhB,YAAY,IAAA,EAAwB;AAClC,IAAA,KAAA,CAAM,CAAA,CAAA,EAAI,KAAK,MAAM,CAAA,CAAA,EAAI,KAAK,IAAI,CAAA,EAAA,EAAK,IAAA,CAAK,OAAO,CAAA,CAAE,CAAA;AACrD,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AACZ,IAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AACnB,IAAA,IAAA,CAAK,OAAO,IAAA,CAAK,IAAA;AACjB,IAAA,IAAA,CAAK,UAAU,IAAA,CAAK,OAAA;AACpB,IAAA,IAAA,CAAK,aAAa,IAAA,CAAK,UAAA;AAAA,EACzB;AACF;AAEA,eAAe,WAAW,GAAA,EAA0C;AAClE,EAAA,MAAM,IAAA,GAAO,MAAM,GAAA,CAAI,IAAA,EAAK;AAC5B,EAAA,IAAI;AACF,IAAA,MAAM,CAAA,GAAI,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAQzB,IAAA,OAAO;AAAA,MACL,QAAQ,GAAA,CAAI,MAAA;AAAA,MACZ,MAAM,CAAA,CAAE,KAAA,EAAO,IAAA,IAAQ,CAAA,KAAA,EAAQ,IAAI,MAAM,CAAA,CAAA;AAAA,MACzC,OAAA,EAAS,CAAA,CAAE,KAAA,EAAO,OAAA,IAAW,GAAA,CAAI,UAAA;AAAA,MACjC,OAAA,EAAS,EAAE,KAAA,EAAO,OAAA;AAAA,MAClB,UAAA,EAAY,EAAE,KAAA,EAAO;AAAA,KACvB;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,QAAQ,GAAA,CAAI,MAAA;AAAA,MACZ,IAAA,EAAM,CAAA,KAAA,EAAQ,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,MACxB,SAAS,GAAA,CAAI;AAAA,KACf;AAAA,EACF;AACF;AAmDO,SAAS,iBAAiB,MAAA,EAAsC;AAMrE,EAAA,IAAI,CAAC,MAAA,CAAO,cAAA,IAAkB,OAAO,MAAA,CAAO,UAAA,CAAW,KAAK,CAAA,EAAG;AAC7D,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAGF;AAAA,EACF;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,OAAA,IAAW,gBAAA,EAAkB,OAAA,CAAQ,OAAO,EAAE,CAAA;AAEtE,EAAA,eAAe,QAAW,IAAA,EAA+B;AACvD,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,MAAA,EAAQ,kBAAA;AAAA,MACR,aAAA,EAAe,CAAA,OAAA,EAAU,MAAA,CAAO,MAAM,CAAA;AAAA,KACxC;AACA,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,OAAA,CAAQ,cAAc,CAAA,GAAI,kBAAA;AAEvD,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,CAAA,EAAG,OAAO,CAAA,EAAG,IAAA,CAAK,IAAI,CAAA,CAAA,EAAI;AAAA,MAChD,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,OAAA;AAAA,MACA,IAAA,EAAM,KAAK,IAAA,KAAS,MAAA,GAAY,KAAK,SAAA,CAAU,IAAA,CAAK,IAAI,CAAA,GAAI,MAAA;AAAA,MAC5D,QAAQ,IAAA,CAAK;AAAA,KACd,CAAA;AAED,IAAA,IAAI,GAAA,CAAI,MAAA,KAAW,GAAA,EAAK,OAAO,MAAA;AAC/B,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI,MAAM,IAAI,YAAA,CAAa,MAAM,UAAA,CAAW,GAAG,CAAC,CAAA;AAEzD,IAAA,MAAM,IAAA,GAAO,MAAM,GAAA,CAAI,IAAA,EAAK;AAC5B,IAAA,IAAI,CAAC,MAAM,OAAO,MAAA;AAClB,IAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAAA,EACxB;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,MAAA,EAAQ,MAAM,OAAA,CAAQ,EAAE,QAAQ,KAAA,EAAO,IAAA,EAAM,WAAW,CAAA;AAAA,IACxD,SAAA,EAAW,CAAC,MAAA,KACV,OAAA,CAAQ;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,IAAA,EAAM,WAAA;AAAA,MACN,IAAA,EAAM,EAAE,OAAA,EAAS,MAAA,EAAQ,GAAG,MAAA;AAAO,KACpC,CAAA;AAAA,IACH,YAAA,EAAc,CAAC,MAAA,KACb,OAAA,CAAQ;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,IAAA,EAAM,WAAA;AAAA,MACN,IAAA,EAAM,EAAE,OAAA,EAAS,UAAA,EAAY,GAAG,MAAA;AAAO,KACxC,CAAA;AAAA,IACH,SAAA,EAAW,CAAC,MAAA,KACV,OAAA,CAAQ,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,MAAA,EAAQ,CAAA;AAAA,IAClE,MAAA,EAAQ,CAAC,MAAA,KACP,OAAA,CAAQ,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,MAAA,EAAQ,CAAA;AAAA,IAC9D,kBAAA,EAAoB,CAAC,MAAA,KACnB,OAAA,CAAQ;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,IAAA,EAAM,0BAAA;AAAA,MACN,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,IACH,cAAA,EAAgB,CAAC,EAAA,EAAI,IAAA,KACnB,OAAA,CAAQ;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,oBAAoB,EAAE,CAAA,CAAA;AAAA,MAC5B,QAAQ,IAAA,EAAM;AAAA,KACf,CAAA;AAAA,IACH,gBAAA,EAAkB,CAAC,MAAA,EAAQ,IAAA,KAAS;AAClC,MAAA,MAAM,EAAA,GAAK,IAAI,eAAA,EAAgB;AAC/B,MAAA,IAAI,MAAA,EAAQ,UAAU,MAAA,EAAW,EAAA,CAAG,IAAI,OAAA,EAAS,MAAA,CAAO,MAAA,CAAO,KAAK,CAAC,CAAA;AACrE,MAAA,IAAI,QAAQ,MAAA,EAAQ,EAAA,CAAG,GAAA,CAAI,QAAA,EAAU,OAAO,MAAM,CAAA;AAClD,MAAA,IAAI,QAAQ,MAAA,EAAQ,EAAA,CAAG,GAAA,CAAI,QAAA,EAAU,OAAO,MAAM,CAAA;AAClD,MAAA,MAAM,KAAA,GAAQ,GAAG,QAAA,EAAS;AAC1B,MAAA,OAAO,OAAA,CAAQ;AAAA,QACb,MAAA,EAAQ,KAAA;AAAA,QACR,MAAM,CAAA,gBAAA,EAAmB,KAAA,GAAQ,CAAA,CAAA,EAAI,KAAK,KAAK,EAAE,CAAA,CAAA;AAAA,QACjD,QAAQ,IAAA,EAAM;AAAA,OACf,CAAA;AAAA,IACH,CAAA;AAAA,IACA,mBAAA,EAAqB,CAAC,MAAA,KACpB,OAAA,CAAQ,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,MAAA,EAAQ,CAAA;AAAA,IACvE,aAAA,EAAe,CAAC,OAAA,EAAS,IAAA,KACvB,OAAA,CAAQ;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,mBAAmB,OAAO,CAAA,CAAA;AAAA,MAChC,QAAQ,IAAA,EAAM;AAAA,KACf;AAAA,GACL;AACF","file":"chunk-FRD4NVYJ.js","sourcesContent":["// HTTP client for the Fibo backend.\n//\n// `createFiboClient({ baseUrl, apiKey })` returns a typed wrapper around\n// every endpoint the SDK consumes. No React dependency — usable from\n// any Node.js or browser context. The React-aware FiboProvider in\n// ./FiboProvider.tsx wires this client into a context for the hooks.\n\nimport type {\n EvmBalanceResponse,\n Eip7702Signature,\n ExecuteResponse,\n MoneriumOrderResponse,\n PrepareTxResponse,\n QuoteResponse,\n SubmitResponse,\n TransactionState,\n TransactionListParams,\n TransactionListResponse,\n} from './types.js';\n\n/** Default API base URL — exported so callers and FiboProvider stay in sync. */\nexport const DEFAULT_BASE_URL = 'https://api.fibo-crypto.fr';\n\nexport interface FiboClientConfig {\n /** API base URL — defaults to https://api.fibo-crypto.fr if omitted. */\n baseUrl?: string;\n /**\n * Bearer token used on every request. MUST be a publishable key\n * (`pk_test_*` / `pk_live_*`) when used from browser contexts —\n * secret keys (`sk_*`) are rejected to prevent accidentally embedding\n * them in client bundles where any visitor could extract them.\n *\n * For trusted server-side contexts (Node scripts, CLI tools, backend-\n * to-backend integrations) where an `sk_*` is intentional, set\n * `allowSecretKey: true` to bypass the guard.\n */\n apiKey: string;\n /**\n * Opt-out of the `pk_*`-only check. Use only in trusted server-side\n * contexts. Defaults to false. The `@fibo-crypto/cli` admin tool passes true.\n */\n allowSecretKey?: boolean;\n}\n\nexport interface FiboApiErrorInfo {\n status: number;\n code: string;\n message: string;\n details?: unknown;\n request_id?: string;\n}\n\nexport class FiboApiError extends Error {\n public readonly status: number;\n public readonly code: string;\n public readonly details?: unknown;\n public readonly request_id?: string;\n\n constructor(info: FiboApiErrorInfo) {\n super(`[${info.status} ${info.code}] ${info.message}`);\n this.name = 'FiboApiError';\n this.status = info.status;\n this.code = info.code;\n this.details = info.details;\n this.request_id = info.request_id;\n }\n}\n\nasync function parseError(res: Response): Promise<FiboApiErrorInfo> {\n const text = await res.text();\n try {\n const j = JSON.parse(text) as {\n error?: {\n code?: string;\n message?: string;\n details?: unknown;\n request_id?: string;\n };\n };\n return {\n status: res.status,\n code: j.error?.code ?? `http_${res.status}`,\n message: j.error?.message ?? res.statusText,\n details: j.error?.details,\n request_id: j.error?.request_id,\n };\n } catch {\n return {\n status: res.status,\n code: `http_${res.status}`,\n message: res.statusText,\n };\n }\n}\n\ninterface RequestArgs {\n method: 'GET' | 'POST' | 'DELETE' | 'PUT';\n path: string;\n body?: unknown;\n /** Pass to cancel the fetch — e.g., on component unmount or address change. */\n signal?: AbortSignal;\n}\n\nexport interface FiboClient {\n request<T>(args: RequestArgs): Promise<T>;\n health(): Promise<{ ok: boolean; ts: number }>;\n quoteSwap(params: {\n source: { token: string; chain_id: number; amount: string };\n destination: { token: string; chain_id: number };\n user_address: string;\n }): Promise<Extract<QuoteResponse, { kind: 'swap' }>>;\n quoteBuyEure(params: {\n fiat_amount: string;\n user_address: string;\n }): Promise<Extract<QuoteResponse, { kind: 'buy_eure' }>>;\n prepareTx(params: {\n quote_id: string;\n user_address: string;\n }): Promise<PrepareTxResponse>;\n submit(params: {\n quote_id: string;\n transaction_id: string;\n signatures: { step_index: number; signature: Eip7702Signature }[];\n }): Promise<SubmitResponse>;\n executeSignedQuote(params: {\n transaction_id: string;\n quote_signature: `0x${string}`;\n }): Promise<ExecuteResponse>;\n getTransaction(id: string, opts?: { signal?: AbortSignal }): Promise<TransactionState>;\n listTransactions(\n params?: TransactionListParams,\n opts?: { signal?: AbortSignal },\n ): Promise<TransactionListResponse>;\n moneriumCreateOrder(params: {\n user_address: string;\n amount: string;\n chain?: string;\n }): Promise<MoneriumOrderResponse>;\n getEvmBalance(\n address: string,\n opts?: { signal?: AbortSignal },\n ): Promise<EvmBalanceResponse>;\n}\n\nexport function createFiboClient(config: FiboClientConfig): FiboClient {\n // Browser-safety guard: reject secret keys unless the caller explicitly\n // opts out. Even though the backend accepts both pk_ and sk_ on data-plane\n // routes (Stripe-style — sk_ has all pk_ permissions plus more), embedding\n // an sk_ in a browser bundle leaks it to every visitor. Fail fast at SDK\n // construction time rather than waiting for the integrator to notice.\n if (!config.allowSecretKey && config.apiKey.startsWith('sk_')) {\n throw new Error(\n 'FiboProvider / createFiboClient requires a publishable key (pk_test_* / pk_live_*). ' +\n 'Secret keys (sk_*) must never be embedded in browser code. ' +\n 'For trusted server-side contexts, pass `allowSecretKey: true` explicitly.',\n );\n }\n\n const baseUrl = (config.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, '');\n\n async function request<T>(args: RequestArgs): Promise<T> {\n const headers: Record<string, string> = {\n Accept: 'application/json',\n Authorization: `Bearer ${config.apiKey}`,\n };\n if (args.body !== undefined) headers['Content-Type'] = 'application/json';\n\n const res = await fetch(`${baseUrl}${args.path}`, {\n method: args.method,\n headers,\n body: args.body !== undefined ? JSON.stringify(args.body) : undefined,\n signal: args.signal,\n });\n\n if (res.status === 204) return undefined as T;\n if (!res.ok) throw new FiboApiError(await parseError(res));\n\n const text = await res.text();\n if (!text) return undefined as T;\n return JSON.parse(text) as T;\n }\n\n return {\n request,\n health: () => request({ method: 'GET', path: '/health' }),\n quoteSwap: (params) =>\n request({\n method: 'POST',\n path: '/v1/quote',\n body: { product: 'swap', ...params },\n }),\n quoteBuyEure: (params) =>\n request({\n method: 'POST',\n path: '/v1/quote',\n body: { product: 'buy_eure', ...params },\n }),\n prepareTx: (params) =>\n request({ method: 'POST', path: '/v1/prepare-tx', body: params }),\n submit: (params) =>\n request({ method: 'POST', path: '/v1/submit', body: params }),\n executeSignedQuote: (params) =>\n request({\n method: 'POST',\n path: '/v1/execute-signed-quote',\n body: params,\n }),\n getTransaction: (id, opts) =>\n request({\n method: 'GET',\n path: `/v1/transactions/${id}`,\n signal: opts?.signal,\n }),\n listTransactions: (params, opts) => {\n const qs = new URLSearchParams();\n if (params?.limit !== undefined) qs.set('limit', String(params.limit));\n if (params?.status) qs.set('status', params.status);\n if (params?.before) qs.set('before', params.before);\n const query = qs.toString();\n return request({\n method: 'GET',\n path: `/v1/transactions${query ? `?${query}` : ''}`,\n signal: opts?.signal,\n });\n },\n moneriumCreateOrder: (params) =>\n request({ method: 'POST', path: '/v1/monerium/orders', body: params }),\n getEvmBalance: (address, opts) =>\n request({\n method: 'GET',\n path: `/v1/balance/evm/${address}`,\n signal: opts?.signal,\n }),\n };\n}\n\n// Re-export types so a consumer importing from '@fibo-crypto/react-sdk/client' gets\n// the type definitions without a separate import.\nexport type * from './types.js';\n"]}