@guiie/buda-mcp 1.5.0 → 1.5.1

package/src/tools/remittances.ts

@@ -34,7 +34,8 @@ export const quoteRemittanceToolSchema = {
     "Requests a price quote for a fiat remittance to a saved recipient. " +
     "Returns a remittance object in 'quoted' state with an expiry timestamp. " +
     "NOT idempotent — creates a new remittance record each call. " +
-    "To execute, call accept_remittance_quote with the returned ID before it expires. " +
+    "IMPORTANT: Pass confirmation_token='CONFIRM' to execute. " +
+    "To execute the transfer, call accept_remittance_quote with the returned ID before it expires. " +
     "Requires BUDA_API_KEY and BUDA_API_SECRET. " +
     "Example: 'Get a remittance quote to send 100000 CLP to recipient 5.'",
   inputSchema: {
@@ -52,8 +53,12 @@ export const quoteRemittanceToolSchema = {
         type: "number",
         description: "ID of the saved remittance recipient.",
       },
+      confirmation_token: {
+        type: "string",
+        description: "Safety confirmation. Must equal exactly 'CONFIRM' (case-sensitive) to create the quote.",
+      },
     },
-    required: ["currency", "amount", "recipient_id"],
+    required: ["currency", "amount", "recipient_id", "confirmation_token"],
   },
 };
 
@@ -178,10 +183,28 @@ export async function handleGetRemittance(
 }
 
 export async function handleQuoteRemittance(
-  args: { currency: string; amount: number; recipient_id: number },
+  args: { currency: string; amount: number; recipient_id: number; confirmation_token: string },
   client: BudaClient,
 ): Promise<{ content: Array<{ type: "text"; text: string }>; isError?: boolean }> {
-  const { currency, amount, recipient_id } = args;
+  const { currency, amount, recipient_id, confirmation_token } = args;
+
+  if (confirmation_token !== "CONFIRM") {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            error:
+              "Remittance quote not created. confirmation_token must equal 'CONFIRM' to execute. " +
+              "Review the details and set confirmation_token='CONFIRM' to proceed.",
+            code: "CONFIRMATION_REQUIRED",
+            preview: { currency, amount, recipient_id },
+          }),
+        },
+      ],
+      isError: true,
+    };
+  }
 
   const validationError = validateCurrency(currency);
   if (validationError) {
@@ -283,6 +306,9 @@ export function register(server: McpServer, client: BudaClient): void {
       currency: z.string().min(2).max(10).describe("Fiat currency code (e.g. 'CLP', 'COP')."),
       amount: z.number().positive().describe("Amount to remit (positive number)."),
       recipient_id: z.number().int().positive().describe("ID of the saved remittance recipient."),
+      confirmation_token: z
+        .string()
+        .describe("Safety confirmation. Must equal exactly 'CONFIRM' (case-sensitive) to create the quote."),
     },
     (args) => handleQuoteRemittance(args, client),
   );

package/src/tools/technical_indicators.ts

@@ -191,7 +191,7 @@ export async function handleTechnicalIndicators(
     const macdResult = macd(closes, 12, 26, 9);
     const bbResult = bollingerBands(closes, 20, 2);
     const sma20 = parseFloat(sma(closes, 20).toFixed(2));
-    const sma50 = parseFloat(sma(closes, 50).toFixed(2));
+    const sma50 = closes.length >= 50 ? parseFloat(sma(closes, 50).toFixed(2)) : null;
     const lastClose = closes[closes.length - 1];
 
     // Signal interpretations
@@ -230,6 +230,7 @@ export async function handleTechnicalIndicators(
         bollinger_bands: bbResult,
         sma_20: sma20,
         sma_50: sma50,
+        sma_50_warning: sma50 === null ? `insufficient data (need 50 candles, have ${closes.length})` : undefined,
       },
       signals: {
         rsi_signal: rsiSignal,

package/src/tools/withdrawals.ts

@@ -1,7 +1,7 @@
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { z } from "zod";
 import { BudaClient, BudaApiError } from "../client.js";
-import { validateCurrency } from "../validation.js";
+import { validateCurrency, validateCryptoAddress } from "../validation.js";
 import { flattenAmount } from "../utils.js";
 import type { WithdrawalsResponse, SingleWithdrawalResponse, Withdrawal } from "../types.js";
 
@@ -120,6 +120,7 @@ export const createWithdrawalToolSchema = {
   description:
     "Create a withdrawal on Buda.com. Supports both crypto (address) and fiat (bank_account_id) withdrawals. " +
     "Exactly one of address or bank_account_id must be provided. " +
+    "WARNING: Crypto withdrawals are irreversible — verify the destination address carefully before confirming. " +
     "IMPORTANT: Pass confirmation_token='CONFIRM' to execute. " +
     "Requires BUDA_API_KEY and BUDA_API_SECRET.",
   inputSchema: {
@@ -213,6 +214,16 @@ export async function handleCreateWithdrawal(
     };
   }
 
+  if (hasAddress) {
+    const addrError = validateCryptoAddress(address!, currency);
+    if (addrError) {
+      return {
+        content: [{ type: "text", text: JSON.stringify({ error: addrError, code: "INVALID_ADDRESS" }) }],
+        isError: true,
+      };
+    }
+  }
+
   try {
     const payload: Record<string, unknown> = { amount: String(amount) };
     if (hasAddress) {

package/src/utils.ts

@@ -5,7 +5,9 @@ import type { Amount, OhlcvCandle } from "./types.js";
  * All numeric strings are cast to float via parseFloat.
  */
 export function flattenAmount(amount: Amount): { value: number; currency: string } {
-  return { value: parseFloat(amount[0]), currency: amount[1] };
+  const value = parseFloat(amount[0]);
+  if (isNaN(value)) throw new Error(`Invalid amount value: "${amount[0]}"`);
+  return { value, currency: amount[1] };
 }
 
 /**

package/src/validation.ts

@@ -30,3 +30,32 @@ export function validateCurrency(id: string): string | null {
   }
   return null;
 }
+
+// Per-currency address format rules.
+// Unknown currencies pass through (undefined rule) — the exchange validates those.
+const ADDRESS_RULES: Record<string, RegExp> = {
+  BTC:  /^(bc1[a-z0-9]{6,87}|[13][a-zA-HJ-NP-Z0-9]{25,34})$/,
+  ETH:  /^0x[0-9a-fA-F]{40}$/,
+  USDC: /^0x[0-9a-fA-F]{40}$/,
+  USDT: /^0x[0-9a-fA-F]{40}$/,
+  LTC:  /^(ltc1[a-z0-9]{6,87}|[LM3][a-zA-HJ-NP-Z0-9]{25,34})$/,
+  BCH:  /^(bitcoincash:)?[qp][a-z0-9]{41}$/,
+  XRP:  /^r[1-9A-HJ-NP-Za-km-z]{24,33}$/,
+};
+
+/**
+ * Validates a crypto withdrawal address against known per-currency formats.
+ * Returns an error message string if the address is invalid, or null if valid
+ * (including null for unknown currencies, where the exchange is the last line of defence).
+ */
+export function validateCryptoAddress(address: string, currency: string): string | null {
+  const rule = ADDRESS_RULES[currency.toUpperCase()];
+  if (!rule) return null;
+  if (!rule.test(address)) {
+    return (
+      `Invalid ${currency.toUpperCase()} address format. ` +
+      `Double-check the destination address — crypto withdrawals are irreversible.`
+    );
+  }
+  return null;
+}

package/src/version.ts

@@ -3,6 +3,14 @@ import { fileURLToPath } from "url";
 import { dirname, join } from "path";
 
 const _dir = dirname(fileURLToPath(import.meta.url));
-export const VERSION: string = (
-  JSON.parse(readFileSync(join(_dir, "../package.json"), "utf8")) as { version: string }
-).version;
+
+let _version = "unknown";
+try {
+  _version = (
+    JSON.parse(readFileSync(join(_dir, "../package.json"), "utf8")) as { version: string }
+  ).version;
+} catch {
+  // package.json not found in deployment — use fallback
+}
+
+export const VERSION: string = _version;

package/test/unit.ts

@@ -6,7 +6,7 @@
 import { createHmac } from "crypto";
 import { BudaClient, BudaApiError } from "../src/client.js";
 import { MemoryCache } from "../src/cache.js";
-import { validateMarketId } from "../src/validation.js";
+import { validateMarketId, validateCryptoAddress } from "../src/validation.js";
 import { handlePlaceOrder } from "../src/tools/place_order.js";
 import { handleCancelOrder } from "../src/tools/cancel_order.js";
 import { flattenAmount, getLiquidityRating, aggregateTradesToCandles } from "../src/utils.js";
@@ -1911,7 +1911,7 @@ await test("handleCreateReceiveAddress: INVALID_CURRENCY without fetch", async (
   };
   try {
     const client = {} as BudaClient;
-    const result = await handleCreateReceiveAddress({ currency: "!!!!" }, client);
+    const result = await handleCreateReceiveAddress({ currency: "!!!!", confirmation_token: "CONFIRM" }, client);
     assert(result.isError === true, "should be error");
     assert(!fetchCalled.value, "fetch should not have been called");
     const parsed = JSON.parse(result.content[0].text) as { code: string };
@@ -1938,7 +1938,7 @@ await test("handleCreateReceiveAddress: happy path", async () => {
     );
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
-    const result = await handleCreateReceiveAddress({ currency: "BTC" }, client);
+    const result = await handleCreateReceiveAddress({ currency: "BTC", confirmation_token: "CONFIRM" }, client);
     assert(!result.isError, "should not be error");
     const parsed = JSON.parse(result.content[0].text) as {
       id: number;
@@ -1961,7 +1961,7 @@ await test("handleCreateReceiveAddress: fiat currency API error passthrough", as
     new Response(JSON.stringify({ message: "Not found" }), { status: 404 });
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
-    const result = await handleCreateReceiveAddress({ currency: "CLP" }, client);
+    const result = await handleCreateReceiveAddress({ currency: "CLP", confirmation_token: "CONFIRM" }, client);
     assert(result.isError === true, "should be error for fiat");
     const parsed = JSON.parse(result.content[0].text) as { code: number };
     assertEqual(parsed.code, 404, "code should be 404");
@@ -1985,7 +1985,7 @@ await test("handleQuoteRemittance: INVALID_CURRENCY without fetch", async () =>
   };
   try {
     const client = {} as BudaClient;
-    const result = await handleQuoteRemittance({ currency: "!!!", amount: 100, recipient_id: 1 }, client);
+    const result = await handleQuoteRemittance({ currency: "!!!", amount: 100, recipient_id: 1, confirmation_token: "CONFIRM" }, client);
     assert(result.isError === true, "should be error");
     assert(!fetchCalled.value, "fetch should not have been called");
     const parsed = JSON.parse(result.content[0].text) as { code: string };
@@ -2014,7 +2014,7 @@ await test("handleQuoteRemittance: happy path", async () => {
     );
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
-    const result = await handleQuoteRemittance({ currency: "CLP", amount: 100000, recipient_id: 5 }, client);
+    const result = await handleQuoteRemittance({ currency: "CLP", amount: 100000, recipient_id: 5, confirmation_token: "CONFIRM" }, client);
     assert(!result.isError, "should not be error");
     const parsed = JSON.parse(result.content[0].text) as {
       id: number;
@@ -2035,7 +2035,7 @@ await test("handleQuoteRemittance: 404 unknown recipient passthrough", async ()
     new Response(JSON.stringify({ message: "Not found" }), { status: 404 });
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
-    const result = await handleQuoteRemittance({ currency: "CLP", amount: 100000, recipient_id: 9999 }, client);
+    const result = await handleQuoteRemittance({ currency: "CLP", amount: 100000, recipient_id: 9999, confirmation_token: "CONFIRM" }, client);
     assert(result.isError === true, "should be error");
     const parsed = JSON.parse(result.content[0].text) as { code: number };
     assertEqual(parsed.code, 404, "code should be 404");
@@ -2732,19 +2732,19 @@ await test("handleCreateWithdrawal: crypto path + CONFIRM", async () => {
           currency: "BTC",
           amount: ["0.01", "BTC"],
           fee: ["0.0001", "BTC"],
-          address: "bc1q...",
-          tx_hash: null,
-          bank_account_id: null,
-          created_at: "2024-01-01T00:00:00Z",
-          updated_at: "2024-01-01T00:00:00Z",
-        },
-      }),
-      { status: 201, headers: { "Content-Type": "application/json" } },
-    );
+      address: "bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq",
+        tx_hash: null,
+        bank_account_id: null,
+        created_at: "2024-01-01T00:00:00Z",
+        updated_at: "2024-01-01T00:00:00Z",
+      },
+    }),
+    { status: 201, headers: { "Content-Type": "application/json" } },
+  );
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
     const result = await handleCreateWithdrawal(
-      { currency: "BTC", amount: 0.01, address: "bc1q...", confirmation_token: "CONFIRM" },
+      { currency: "BTC", amount: 0.01, address: "bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq", confirmation_token: "CONFIRM" },
       client,
     );
     assert(!result.isError, "should not be error");
@@ -2804,7 +2804,7 @@ await test("handleCreateWithdrawal: 422 insufficient balance passthrough", async
   try {
     const client = new BudaClient("https://www.buda.com/api/v2");
     const result = await handleCreateWithdrawal(
-      { currency: "BTC", amount: 999, address: "bc1q...", confirmation_token: "CONFIRM" },
+      { currency: "BTC", amount: 999, address: "bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq", confirmation_token: "CONFIRM" },
       client,
     );
     assert(result.isError === true, "should be error");
@@ -3064,6 +3064,249 @@ await test("handleCreateLightningInvoice: API error passthrough", async () => {
   }
 });
 
+// ----------------------------------------------------------------
+// Fix 3 — validateCryptoAddress
+// ----------------------------------------------------------------
+
+section("validateCryptoAddress");
+
+await test("validateCryptoAddress: valid BTC bech32 address passes", () => {
+  assertEqual(validateCryptoAddress("bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq", "BTC"), null, "valid bech32 should pass");
+});
+
+await test("validateCryptoAddress: valid BTC legacy P2PKH address passes", () => {
+  assertEqual(validateCryptoAddress("1BpEi6DfDAUFd153wiGrvkiKyhSua3FrN", "BTC"), null, "valid P2PKH should pass");
+});
+
+await test("validateCryptoAddress: BTC address too short after bc1 prefix is rejected", () => {
+  // bc1 + fewer than 6 alphanumeric chars — too short to be a real address
+  assert(validateCryptoAddress("bc1qa", "BTC") !== null, "bc1 + 1 char should fail");
+});
+
+await test("validateCryptoAddress: BTC address with wrong prefix is rejected", () => {
+  assert(validateCryptoAddress("XpubBadAddress1234567890abcdefgh", "BTC") !== null, "wrong prefix should fail");
+});
+
+await test("validateCryptoAddress: valid ETH address passes", () => {
+  // Standard 40-hex-char Ethereum address (checksummed)
+  assertEqual(validateCryptoAddress("0x742d35Cc6634C0532925a3b844Bc454e4438f44e", "ETH"), null, "valid ETH address should pass");
+});
+
+await test("validateCryptoAddress: ETH address wrong length is rejected", () => {
+  assert(validateCryptoAddress("0xde0B295669a9FD93d5F28D9", "ETH") !== null, "short ETH address should fail");
+});
+
+await test("validateCryptoAddress: valid XRP address passes", () => {
+  assertEqual(validateCryptoAddress("rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh", "XRP"), null, "valid XRP address should pass");
+});
+
+await test("validateCryptoAddress: XRP address with wrong prefix is rejected", () => {
+  assert(validateCryptoAddress("xHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh", "XRP") !== null, "XRP with 'x' prefix should fail");
+});
+
+await test("validateCryptoAddress: unknown currency returns null (pass-through)", () => {
+  // ALGO not in ADDRESS_RULES — should pass through to let exchange validate
+  assertEqual(validateCryptoAddress("SOMEADDRESS123", "ALGO"), null, "unknown currency should pass through");
+});
+
+await test("validateCryptoAddress: USDC treated as EVM address", () => {
+  assertEqual(validateCryptoAddress("0x742d35Cc6634C0532925a3b844Bc454e4438f44e", "USDC"), null, "valid EVM address for USDC should pass");
+  assert(validateCryptoAddress("not-an-address", "USDC") !== null, "invalid EVM address for USDC should fail");
+});
+
+// ----------------------------------------------------------------
+// Fix 4 — handleLightningWithdrawal BOLT-11 validation
+// ----------------------------------------------------------------
+
+section("handleLightningWithdrawal — BOLT-11 format guard");
+
+await test("handleLightningWithdrawal: non-BOLT11 string returns INVALID_INVOICE before API call", async () => {
+  let fetchCalled = false;
+  const savedFetch = globalThis.fetch;
+  globalThis.fetch = async () => {
+    fetchCalled = true;
+    return new Response("{}", { status: 200 });
+  };
+  try {
+    const client = new BudaClient(undefined, "key", "secret");
+    const result = await handleLightningWithdrawal(
+      { invoice: "not-a-lightning-invoice-at-all-just-garbage-string-here", confirmation_token: "CONFIRM" },
+      client,
+    );
+    const parsed = JSON.parse(result.content[0].text) as { code: string };
+    assertEqual(parsed.code, "INVALID_INVOICE", "should return INVALID_INVOICE");
+    assert(result.isError === true, "isError should be true");
+    assert(!fetchCalled, "fetch should NOT have been called");
+  } finally {
+    globalThis.fetch = savedFetch;
+  }
+});
+
+await test("handleLightningWithdrawal: testnet invoice prefix 'lntb' is accepted (passes format check)", async () => {
+  // A syntactically valid lntb prefix — API will reject it, but format guard should pass
+  const savedFetch = globalThis.fetch;
+  globalThis.fetch = async () => new Response(
+    JSON.stringify({ message: "invalid invoice" }), { status: 422 },
+  );
+  try {
+    const client = new BudaClient(undefined, "key", "secret");
+    const fakeInvoice = "lntb1230n1pj8ygappp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypq";
+    const result = await handleLightningWithdrawal(
+      { invoice: fakeInvoice, confirmation_token: "CONFIRM" },
+      client,
+    );
+    // Should NOT return INVALID_INVOICE — the format guard passes; API error is expected
+    const parsed = JSON.parse(result.content[0].text) as { code: string };
+    assert(parsed.code !== "INVALID_INVOICE", "BOLT-11 prefix should pass format guard");
+  } finally {
+    globalThis.fetch = savedFetch;
+  }
+});
+
+await test("handleLightningWithdrawal: invoice without BOLT-11 prefix still blocked by INVALID_INVOICE after CONFIRM", async () => {
+  const client = new BudaClient(undefined, "key", "secret");
+  const result = await handleLightningWithdrawal(
+    { invoice: "bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq", confirmation_token: "CONFIRM" },
+    client,
+  );
+  const parsed = JSON.parse(result.content[0].text) as { code: string };
+  assertEqual(parsed.code, "INVALID_INVOICE", "BTC address passed as invoice should fail BOLT-11 check");
+});
+
+// ----------------------------------------------------------------
+// Fix 5 — Dead man's switch: TRANSPORT_NOT_SUPPORTED on HTTP
+// ----------------------------------------------------------------
+
+section("handleScheduleCancelAll — HTTP transport guard");
+
+await test("handleScheduleCancelAll: transport='http' returns TRANSPORT_NOT_SUPPORTED", async () => {
+  const client = new BudaClient(undefined, "key", "secret");
+  // Simulate what register() does on HTTP transport by calling handleScheduleCancelAll
+  // We test the transport guard via the register() wrapper indirectly through a fake server tool.
+  // Since handleScheduleCancelAll itself doesn't know the transport, we test the guard
+  // by verifying the pattern: a fake dispatch that mirrors the http register() closure.
+  const transportGuard = (transport: "stdio" | "http") => {
+    if (transport === "http") {
+      return Promise.resolve({
+        content: [{ type: "text" as const, text: JSON.stringify({ code: "TRANSPORT_NOT_SUPPORTED" }) }],
+        isError: true,
+      });
+    }
+    return handleScheduleCancelAll(
+      { market_id: "BTC-CLP", ttl_seconds: 30, confirmation_token: "CONFIRM" },
+      client,
+    );
+  };
+
+  const result = await transportGuard("http");
+  const parsed = JSON.parse(result.content[0].text) as { code: string };
+  assertEqual(parsed.code, "TRANSPORT_NOT_SUPPORTED", "HTTP transport should return TRANSPORT_NOT_SUPPORTED");
+  assert(result.isError === true, "isError should be true");
+});
+
+await test("handleScheduleCancelAll: transport='stdio' still works normally", async () => {
+  const client = new BudaClient(undefined, "key", "secret");
+  const result = await handleScheduleCancelAll(
+    { market_id: "BTC-CLP", ttl_seconds: 10, confirmation_token: "CONFIRM" },
+    client,
+  );
+  const parsed = JSON.parse(result.content[0].text) as { active: boolean; warning: string };
+  assert(parsed.active === true, "stdio transport should arm the switch");
+  assert(typeof parsed.warning === "string", "should include in-memory warning");
+  // Clean up timer
+  const { handleDisarmCancelTimer: disarm } = await import("../src/tools/dead_mans_switch.js");
+  disarm({ market_id: "BTC-CLP" });
+});
+
+// ----------------------------------------------------------------
+// Fix 6 — place_batch_orders: max_notional cap
+// ----------------------------------------------------------------
+
+section("handlePlaceBatchOrders — max_notional cap");
+
+await test("handlePlaceBatchOrders: exceeding max_notional rejects before any API call", async () => {
+  let fetchCalled = false;
+  const savedFetch = globalThis.fetch;
+  globalThis.fetch = async () => {
+    fetchCalled = true;
+    return new Response("{}", { status: 200 });
+  };
+  try {
+    const client = new BudaClient(undefined, "key", "secret");
+    const result = await handlePlaceBatchOrders(
+      {
+        orders: [
+          { market_id: "BTC-CLP", type: "Bid", price_type: "limit", amount: 1, limit_price: 50_000_000 },
+          { market_id: "BTC-CLP", type: "Bid", price_type: "limit", amount: 0.5, limit_price: 50_000_000 },
+        ],
+        max_notional: 60_000_000,
+        confirmation_token: "CONFIRM",
+      },
+      client,
+    );
+    // total notional = 1*50_000_000 + 0.5*50_000_000 = 75_000_000 > 60_000_000
+    const parsed = JSON.parse(result.content[0].text) as { code: string; total_notional: number };
+    assertEqual(parsed.code, "NOTIONAL_CAP_EXCEEDED", "should return NOTIONAL_CAP_EXCEEDED");
+    assert(parsed.total_notional === 75_000_000, "total_notional should be computed correctly");
+    assert(result.isError === true, "isError should be true");
+    assert(!fetchCalled, "fetch should NOT have been called");
+  } finally {
+    globalThis.fetch = savedFetch;
+  }
+});
+
+await test("handlePlaceBatchOrders: within max_notional proceeds to API calls", async () => {
+  const savedFetch = globalThis.fetch;
+  globalThis.fetch = async () => new Response(
+    JSON.stringify({ order: { id: 99, state: "pending", market_id: "btc-clp" } }),
+    { status: 200 },
+  );
+  try {
+    const client = new BudaClient(undefined, "key", "secret");
+    const result = await handlePlaceBatchOrders(
+      {
+        orders: [
+          { market_id: "BTC-CLP", type: "Bid", price_type: "limit", amount: 0.001, limit_price: 50_000_000 },
+        ],
+        max_notional: 100_000,
+        confirmation_token: "CONFIRM",
+      },
+      client,
+    );
+    // total notional = 0.001 * 50_000_000 = 50_000 < 100_000 — should proceed
+    const parsed = JSON.parse(result.content[0].text) as { succeeded: number };
+    assertEqual(parsed.succeeded, 1, "order within cap should succeed");
+  } finally {
+    globalThis.fetch = savedFetch;
+  }
+});
+
+await test("handlePlaceBatchOrders: market orders contribute 0 to notional (cap not triggered)", async () => {
+  const savedFetch = globalThis.fetch;
+  globalThis.fetch = async () => new Response(
+    JSON.stringify({ order: { id: 100, state: "pending", market_id: "btc-clp" } }),
+    { status: 200 },
+  );
+  try {
+    const client = new BudaClient(undefined, "key", "secret");
+    const result = await handlePlaceBatchOrders(
+      {
+        orders: [
+          { market_id: "BTC-CLP", type: "Bid", price_type: "market", amount: 999 },
+        ],
+        max_notional: 1,
+        confirmation_token: "CONFIRM",
+      },
+      client,
+    );
+    // Market order contributes 0, so notional = 0 < 1 — cap should NOT trigger
+    const parsed = JSON.parse(result.content[0].text) as { code?: string; succeeded?: number };
+    assert(parsed.code !== "NOTIONAL_CAP_EXCEEDED", "market order should not trigger notional cap");
+  } finally {
+    globalThis.fetch = savedFetch;
+  }
+});
+
 // ----------------------------------------------------------------
 // Summary
 // ----------------------------------------------------------------