@gvnrdao/dh-lit-ops 0.0.108 → 0.0.182

package/dist/modules/lit-ops.module.js

@@ -415,29 +415,6 @@ class LitOps {
         };
         return this.actionExecutor.executeAction(request, litClient);
     }
-    /**
-     * TEST-ONLY: Execute arbitrary local LIT Action code for debugging PKP authorization.
-     *
-     * This helper is intended for Jest / integration tests to run a minimal action
-     * (e.g. sign-only) with either wildcard or CID-scoped session signatures.
-     */
-    async runLocalLitActionCodeForTest(options) {
-        const { code, pkpPublicKey, params, pkpTokenId, cid } = options;
-        const litClient = await this.clientManager.getClient({
-            litNetwork: this.config.network,
-            debug: this.config.debug,
-        });
-        const request = {
-            code,
-            cid, // Optional CID: when provided, session sigs are scoped to this action
-            pkpPublicKey,
-            params,
-            signer: this.config.signer,
-            pkpTokenId,
-        };
-        const result = await this.actionExecutor.executeAction(request, litClient);
-        return result.response;
-    }
     /**
      * Execute a LIT Action from IPFS
      */
@@ -653,7 +630,7 @@ class LitOps {
      * @param signer - The wallet to use for session signatures
      * @returns PKP validation result with signature verification
      */
-    async validatePKPSecurity(targetPkpTokenId, expectedCid, signerPkp, signer, options) {
+    async validatePKPSecurity(targetPkpTokenId, expectedCid, signerPkp, signer) {
         console.log(`🔍 LIT-OPS TRACE: validatePKPSecurity ENTRY`);
         console.log(`   - targetPkpTokenId: "${targetPkpTokenId}"`);
         console.log(`   - targetPkpTokenId type: ${typeof targetPkpTokenId}`);
@@ -675,54 +652,25 @@ class LitOps {
                 : (() => {
                     throw new Error("Unsupported LIT network");
                 })()).pkpValidator.cid;
-            // Convert validator CID to hex format for signature message
-            // The contract expects the validator's CID in the signature, not the PKP's CID
-            // Use registry CID (same as cr-lit branch) - this is the source of truth
-            const validatorCidHex = (0, dh_lit_actions_1.cidToHex)(pkpValidatorCid);
             if (this.config.debug) {
-                console.log(`   PKP Validator CID (IPFS): ${pkpValidatorCid}`);
-                console.log(`   Validator CID (hex): ${validatorCidHex}`);
-                console.log(`   PKP's expected CID (hex): ${expectedCid}`);
+                console.log(`   PKP Validator CID: ${pkpValidatorCid}`);
             }
             // Execute PKP Validator LIT Action
-            // NOTE: Even though the validator PKP is burned/immutable (read-only),
-            // we still pass its tokenId so the session signature is scoped to the
-            // validator resource. The Lit nodes will simply treat the resource as
-            // non-signing, but scoping keeps the session principle of least privilege.
-            // Normalize signer PKP token ID to hex format for session scoping
-            // NOTE: signerPkp IS the validator PKP (passed from call site)
-            let sessionScopedSignerTokenId = signerPkp.tokenId;
-            try {
-                const normalizedHex = BigInt(signerPkp.tokenId)
-                    .toString(16)
-                    .padStart(64, "0");
-                sessionScopedSignerTokenId = `0x${normalizedHex}`;
-            }
-            catch (tokenErr) {
-                console.warn("⚠️  Failed to normalize signer PKP tokenId to hex, using raw value", tokenErr);
-            }
-            if (this.config.debug) {
-                console.log(`   Signer PKP (validator) Public Key: ${signerPkp.publicKey.substring(0, 20)}...`);
-                console.log(`   Signer PKP (validator) Token ID: ${signerPkp.tokenId}`);
-                console.log(`   Signer PKP (validator) ETH Address: ${signerPkp.ethAddress}`);
-            }
+            // NOTE: We do NOT pass the validator PKP token ID here because the validator
+            // performs READ-ONLY operations (no signing). Passing undefined for pkpTokenId
+            // will skip adding LitPKPResource to the session signature, which is correct
+            // for burned/immutable validator PKPs that can't sign via session signatures.
             console.log(`\n🔍 LIT-OPS TRACE: About to call executeActionFromCID with jsParams:`);
             console.log(`   - targetPkpTokenId: "${targetPkpTokenId}"`);
             console.log(`   - expectedCid: "${expectedCid}"`);
-            console.log(`   - certificationCid: "${validatorCidHex}"`);
-            console.log(`   - signerPkp.publicKey: "${signerPkp.publicKey.substring(0, 20)}..."`);
-            // Use signerPkp directly (which IS the validator PKP from call site, matching cr-lit)
-            // The LIT Action will use globalThis.publicKey which is set from pkpPublicKey parameter
-            const litResult = await this.executeActionFromCID(pkpValidatorCid, signerPkp.publicKey, // ✅ Use signerPkp.publicKey (validator PKP, matching cr-lit)
-            {
+            const litResult = await this.executeActionFromCID(pkpValidatorCid, signerPkp.publicKey, {
                 targetPkpTokenId,
-                expectedCid, // PKP's LIT Action CID (for validation check)
-                certificationCid: validatorCidHex, // Validator's CID (for signature message) - from registry
+                expectedCid, // Expected to be in hex format
                 message: `PKP validation: ${Date.now()}`,
                 // Ensure the LIT Action knows which network (datil vs datil-test)
                 network: this.config.network,
-            }, signer, sessionScopedSignerTokenId, // ✅ Use normalized signerPkp.tokenId for session scoping (matching cr-lit)
-            signerPkp.ethAddress // ✅ Use signerPkp.ethAddress for capacity delegation (matching cr-lit)
+            }, signer
+            // Intentionally NOT passing signerPkp.tokenId - validator is read-only
             );
             if (this.config.debug) {
                 console.log(`   LIT Action Success: ${litResult.success}`);
@@ -781,7 +729,7 @@ class LitOps {
                             console.log("   🔍 Verifying signature authenticity...");
                         }
                         try {
-                            // Compute validator PKP address from public key (CRITICAL: Use signerPkp.publicKey, matching cr-lit)
+                            // Compute PKP address from public key (publicKey already includes 0x prefix)
                             const cleanPublicKey = signerPkp.publicKey.startsWith("0x")
                                 ? signerPkp.publicKey
                                 : `0x${signerPkp.publicKey}`;
@@ -929,24 +877,10 @@ class LitOps {
                             litActionCids: litActionCids,
                         }),
                     }, timeoutMs);
-                    // Read response body first (whether success or error)
-                    const responseText = await response.text();
-                    let result;
-                    try {
-                        result = JSON.parse(responseText);
-                    }
-                    catch {
-                        // If response is not JSON, treat as plain text error
-                        if (!response.ok) {
-                            throw new Error(`Service request failed: ${response.status} ${response.statusText} - ${responseText}`);
-                        }
-                        throw new Error(`Invalid JSON response from service: ${responseText}`);
-                    }
                     if (!response.ok) {
-                        // Extract error message from JSON response
-                        const errorDetails = result.error || result.message || response.statusText;
-                        throw new Error(`Service request failed: ${response.status} ${errorDetails}`);
+                        throw new Error(`Service request failed: ${response.status} ${response.statusText}`);
                     }
+                    const result = (await response.json());
                     const duration = Date.now() - startTime;
                     // The service may wrap the LitOps result as { success, data }
                     // Unwrap if needed to maintain a stable SDK return shape
@@ -1138,16 +1072,8 @@ class LitOps {
                     console.log(`   - pkpTokenId startsWith '0x': ${pkpData.tokenId.startsWith("0x")}`);
                     console.log(`   - litActionCidHex (expectedCid): "${litActionCidHex}"`);
                     console.log(`   - validatorPkp: "${validatorPkp}"`);
-                    // Get validator version and contract info from config
-                    const validatorVersion = this.config.validatorVersion;
-                    const ethRpcUrl = this.config.ethRpcUrl;
-                    const pkpValidationRegistry = this.config.pkpValidationRegistry;
                     validationResult = await this.validatePKPSecurity(pkpData.tokenId, litActionCidHex, // Pass hex format CID
-                    validatorPkp, signer, {
-                        validatorVersion,
-                        ethRpcUrl,
-                        pkpValidationRegistry,
-                    });
+                    validatorPkp, signer);
                     // If validation succeeds, break out of retry loop
                     if (validationResult.success) {
                         if (this.config.debug && attempt > 1) {
@@ -1569,19 +1495,10 @@ class LitOps {
         if (!litActionInfo || !litActionInfo.cid || !litActionInfo.pkp) {
             throw new Error("UCD mint validator LIT Action not found in registry");
         }
-        // CRITICAL: Use validator PKP details from registry (not loan PKP)
-        // The validator PKP is the one that signs mint authorization messages
-        const validatorPkpTokenId = litActionInfo.pkp.tokenId;
-        const validatorCid = litActionInfo.cid;
-        const validatorPkpPublicKey = litActionInfo.pkp.publicKey;
-        const validatorPkpEthAddress = litActionInfo.pkp.ethAddress;
         if (this.config.debug) {
             console.log("📡 Calling UCD Mint Validator LIT Action:");
             console.log("   Network:", this.config.network);
-            console.log("   Validator CID:", validatorCid);
-            console.log("   Validator PKP Token ID:", validatorPkpTokenId);
-            console.log("   Validator PKP Public Key:", validatorPkpPublicKey);
-            console.log("   Validator PKP ETH Address:", validatorPkpEthAddress);
+            console.log("   CID:", litActionInfo.cid);
             console.log("   Position:", request.authMessage.positionId);
             console.log("   Amount:", request.authMessage.amount);
             console.log("   Timestamp:", request.authMessage.timestamp);
@@ -1604,7 +1521,7 @@ class LitOps {
                 chain = "sepolia";
                 bitcoinProviderUrl =
                     process.env.BITCOIN_PROVIDER_URL ||
-                        "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api/esplora";
+                        "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
                 break;
             case 1337: // Hardhat local testnet (actual deployment chainId)
             case 31337: // Hardhat local testnet (standard default)
@@ -1638,14 +1555,10 @@ class LitOps {
                 mode: request.authMessage.mode,
             },
             amount: request.authMessage.amount,
-            // Contract addresses must be at top level to become globalThis.contractAddresses in LIT Action
+            // Contracts must be at top level to become globalThis.contractAddresses in LIT Action
             ...(request.authMessage.contractAddresses && {
                 contractAddresses: request.authMessage.contractAddresses,
             }),
-            // Price providers with API keys for faster price fetching
-            ...(request.priceProviders && {
-                priceProviders: request.priceProviders,
-            }),
         };
         // Add custom RPC URL for local development (ngrok tunnels)
         if (request.customRpcUrl) {
@@ -1654,115 +1567,15 @@ class LitOps {
                 console.log("   Custom RPC URL:", request.customRpcUrl);
             }
         }
-        // Verify PKP authorization before executing LIT Action
-        // Use validator PKP details (not loan PKP)
-        if (validatorCid && validatorPkpTokenId) {
-            console.log("[LitOps] ======= PKP Authorization Check =======");
-            console.log("[LitOps] Validator PKP Token ID:", validatorPkpTokenId);
-            console.log("[LitOps] Validator Lit Action CID:", validatorCid);
-            try {
-                const pkpAuthorizer = new pkp_authorizer_module_1.PKPAuthorizer({
-                    debug: this.config.debug,
-                    signer: this.config.signer,
-                    network: this.config.network, // Pass LIT network (e.g., 'datil') for PKP authorization check
-                });
-                const isPermitted = await pkpAuthorizer.isActionPermitted(validatorPkpTokenId, validatorCid);
-                console.log("[LitOps] PKP Authorization Status:", isPermitted ? "✅ AUTHORIZED" : "❌ NOT AUTHORIZED");
-                if (!isPermitted) {
-                    console.warn("[LitOps] ⚠️  PKP is not authorized for this Lit Action CID");
-                    console.warn("[LitOps]   This may cause signing to fail or timeout");
-                    console.warn("[LitOps]   Session signatures may use wildcard authorization instead");
-                }
-                // Get comprehensive permission check for debugging
-                const permissionCheck = await pkpAuthorizer.checkPermissions(validatorPkpTokenId, validatorCid);
-                console.log("[LitOps] Permitted Actions Count:", permissionCheck.permittedActions.length);
-                console.log("[LitOps] CID in Permitted List:", permissionCheck.isPermitted);
-                if (permissionCheck.permittedActions.length > 0) {
-                    console.log("[LitOps] Sample Permitted Actions:", permissionCheck.permittedActions.slice(0, 3));
-                }
-            }
-            catch (authError) {
-                console.warn("[LitOps] ⚠️  Failed to check PKP authorization:", authError instanceof Error ? authError.message : String(authError));
-                console.warn("[LitOps]   Continuing with execution - may use wildcard authorization");
-            }
-            console.log("[LitOps] ================================");
-        }
-        else {
-            console.log("[LitOps] ⚠️  Skipping PKP authorization check (CID or tokenId missing)");
-            if (!validatorCid) {
-                console.log("[LitOps]   Validator CID:", validatorCid);
-            }
-            if (!validatorPkpTokenId) {
-                console.log("[LitOps]   Validator PKP Token ID:", validatorPkpTokenId);
-            }
-        }
-        // CRITICAL: Use validator PKP token ID (not loan PKP)
-        // Session signatures must authorize the validator PKP to sign, not the loan PKP
-        // PKP token ID should already be in decimal format from the registry
-        // Don't normalize it - session-signature-manager will handle the conversion to hex
-        // The registry stores token IDs as decimal strings, and session-signature-manager
-        // expects decimal input which it then converts to hex for LitPKPResource
-        const normalizedPkpTokenId = validatorPkpTokenId;
-        // Check if we should use local code execution
-        // CRITICAL: If we have a registry CID, always use IPFS mode
-        // Never use local code when we have a deployed registry CID
-        const useLocalCode = this.config.litActionExecution === 'local' && !validatorCid;
-        if (this.config.debug) {
-            console.log("🔍 [DEBUG] litActionExecution config:", this.config.litActionExecution);
-            console.log("🔍 [DEBUG] Validator CID available:", validatorCid);
-            console.log("🔍 [DEBUG] useLocalCode:", useLocalCode, "(ignored if registry CID exists)");
-        }
-        let result;
-        if (useLocalCode) {
-            // Only use local code if NO registry CID is available (shouldn't happen in production)
-            // Read code from local dist file
-            const fs = require('fs');
-            const path = require('path');
-            // Try multiple possible paths
-            const possiblePaths = [
-                path.join(__dirname, '../../lit-actions/dist/ucd-mint-validator.action.js'),
-                path.join(process.cwd(), 'lit-actions/dist/ucd-mint-validator.action.js'),
-                path.join(process.cwd(), '../lit-actions/dist/ucd-mint-validator.action.js'),
-            ];
-            let codePath;
-            for (const p of possiblePaths) {
-                if (fs.existsSync(p)) {
-                    codePath = p;
-                    break;
-                }
-            }
-            if (!codePath) {
-                throw new Error(`Local LIT action code not found. Tried: ${possiblePaths.join(', ')}. Please build lit-actions first.`);
-            }
-            const code = fs.readFileSync(codePath, 'utf8');
-            if (this.config.debug) {
-                console.log("📦 Using LOCAL LIT Action code (not IPFS)");
-                console.log("   Code path:", codePath);
-                console.log("   Code size:", code.length, "bytes");
-            }
-            result = await this.executeActionFromCode(code, validatorPkpPublicKey, // Use validator PKP public key
-            litActionParams, this.config.signer, normalizedPkpTokenId, // Validator PKP token ID
-            validatorCid // Validator CID for authorization validation
-            );
-        }
-        else {
-            // Always use IPFS mode when we have a registry CID
-            // This ensures the Lit SDK uses the correct CID from the registry for authorization
-            // Execute LIT Action (single attempt - retry logic is in SDK layer)
-            // CRITICAL: Pass validator PKP token ID for session signature PKP scoping (fixes signEcdsa timeout)
-            // Use normalized decimal format for consistent conversion in session-signature-manager
-            result = await this.actionExecutor.executeAction({
-                cid: validatorCid, // Use validator CID from registry
-                pkpPublicKey: validatorPkpPublicKey, // Use validator PKP public key
-                params: litActionParams,
-                signer: this.config.signer,
-                pkpTokenId: normalizedPkpTokenId, // Validator PKP token ID (decimal string)
-                pkpEthAddress: validatorPkpEthAddress, // Validator PKP ETH address for capacity credit delegation
-            }, litClient);
-        }
+        // Execute LIT Action (single attempt - retry logic is in SDK layer)
+        const result = await this.actionExecutor.executeAction({
+            cid: litActionInfo.cid,
+            pkpPublicKey: litActionInfo.pkp.publicKey,
+            params: litActionParams,
+            signer: this.config.signer,
+            priceProviders: request.priceProviders, // Pass price provider API keys (standalone mode)
+        }, litClient);
         if (this.config.debug) {
-            console.log("📋 [DEBUG] litActionParams passed to LIT Action:", JSON.stringify(litActionParams, null, 2));
-            console.log("📋 [DEBUG] contractAddresses in litActionParams:", litActionParams.contractAddresses);
             console.log("📥 LIT Action response:", {
                 success: result.success,
                 hasSignature: !!result.signatures,
@@ -1802,8 +1615,6 @@ class LitOps {
             newCollateral: responseData?.newCollateral,
             btcPrice: responseData?.btcPrice,
             authorizedSpendsHash: responseData?.authorizedSpendsHash,
-            ucdDebtHash: responseData?.ucdDebtHash,
-            contractBundleHash: responseData?.contractBundleHash,
             timestamp: responseData?.timestamp,
             reason: responseData?.reason,
             failedStep: responseData?.failedStep,
@@ -1816,298 +1627,6 @@ class LitOps {
         }
         return returnValue;
     }
-    /**
-     * Request extend position authorization from Extend Position Validator LIT Action
-     *
-     * In SERVICE mode: Delegates to lit-ops-server
-     * In STANDALONE mode: Executes LIT action locally
-     *
-     * @param request - Authorization request with authMessage and userSignature
-     * @returns Extend authorization response from LIT Action
-     */
-    async requestExtendAuthorization(request) {
-        // In SERVICE mode, delegate to lit-ops-server
-        if (this.config.mode === "service") {
-            return this.requestExtendAuthorizationViaService(request);
-        }
-        return this.requestExtendAuthorizationStandalone(request);
-    }
-    /**
-     * Request extend authorization via lit-ops-server (SERVICE mode)
-     */
-    async requestExtendAuthorizationViaService(request) {
-        if (!this.config.serviceEndpoint) {
-            throw new Error("Service endpoint not configured for service mode");
-        }
-        const url = `${this.config.serviceEndpoint}/api/lit/extend/authorize`;
-        if (this.config.debug) {
-            console.log("🌐 Requesting extend authorization via service:", url);
-            console.log("   Position ID:", request.authMessage.positionId);
-            console.log("   New Term:", request.authMessage.newTerm);
-        }
-        try {
-            const response = await fetch(url, {
-                method: "POST",
-                headers: {
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({
-                    authMessage: request.authMessage,
-                    userSignature: request.userSignature,
-                    customRpcUrl: request.customRpcUrl,
-                    customBitcoinRpcUrl: request.customBitcoinRpcUrl,
-                }),
-            });
-            if (!response.ok) {
-                const errorText = await response.text();
-                throw new Error(`Service error (${response.status}): ${errorText}`);
-            }
-            const envelope = await response.json();
-            if (envelope.success && envelope.data) {
-                return envelope.data;
-            }
-            else if (!envelope.success && envelope.error) {
-                return {
-                    approved: false,
-                    error: envelope.error,
-                    reason: "Service returned error",
-                };
-            }
-            return envelope;
-        }
-        catch (error) {
-            if (this.config.debug) {
-                console.error("❌ Service extend authorization failed:", error);
-            }
-            return {
-                approved: false,
-                error: error instanceof Error ? error.message : String(error),
-                reason: "Service request failed",
-            };
-        }
-    }
-    /**
-     * Request extend authorization locally (STANDALONE mode)
-     */
-    async requestExtendAuthorizationStandalone(request) {
-        // Get LIT Action info from registry
-        const litActions = this.config.network === "datil"
-            ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-            : (() => {
-                throw new Error("Unsupported LIT network");
-            })();
-        // Note: extendPositionValidator needs to be added to registry
-        // For now, we'll throw an error if not found
-        const litActionInfo = litActions.extendPositionValidator;
-        if (!litActionInfo || !litActionInfo.cid || !litActionInfo.pkp) {
-            throw new Error("Extend position validator LIT Action not found in registry");
-        }
-        if (this.config.debug) {
-            console.log("📡 Calling Extend Position Validator LIT Action:");
-            console.log("   Network:", this.config.network);
-            console.log("   CID:", litActionInfo.cid);
-            console.log("   Position:", request.authMessage.positionId);
-            console.log("   New Term:", request.authMessage.newTerm);
-        }
-        // Verify PKP authorization before executing LIT Action
-        if (litActionInfo.cid && litActionInfo.pkp.tokenId) {
-            console.log("[LitOps] ======= PKP Authorization Check =======");
-            console.log("[LitOps] PKP Token ID:", litActionInfo.pkp.tokenId);
-            console.log("[LitOps] Lit Action CID:", litActionInfo.cid);
-            try {
-                const pkpAuthorizer = new pkp_authorizer_module_1.PKPAuthorizer({
-                    debug: this.config.debug,
-                    signer: this.config.signer,
-                    network: this.config.network, // Pass LIT network (e.g., 'datil') for PKP authorization check
-                });
-                const isPermitted = await pkpAuthorizer.isActionPermitted(litActionInfo.pkp.tokenId, litActionInfo.cid);
-                console.log("[LitOps] PKP Authorization Status:", isPermitted ? "✅ AUTHORIZED" : "❌ NOT AUTHORIZED");
-                if (!isPermitted) {
-                    console.warn("[LitOps] ⚠️  PKP is not authorized for this Lit Action CID");
-                    console.warn("[LitOps]   This may cause signing to fail or timeout");
-                    console.warn("[LitOps]   Session signatures may use wildcard authorization instead");
-                }
-                // Get comprehensive permission check for debugging
-                const permissionCheck = await pkpAuthorizer.checkPermissions(litActionInfo.pkp.tokenId, litActionInfo.cid);
-                console.log("[LitOps] Permitted Actions Count:", permissionCheck.permittedActions.length);
-                console.log("[LitOps] CID in Permitted List:", permissionCheck.isPermitted);
-                if (permissionCheck.permittedActions.length > 0) {
-                    console.log("[LitOps] Sample Permitted Actions:", permissionCheck.permittedActions.slice(0, 3));
-                }
-            }
-            catch (authError) {
-                console.warn("[LitOps] ⚠️  Failed to check PKP authorization:", authError instanceof Error ? authError.message : String(authError));
-                console.warn("[LitOps]   Continuing with execution - may use wildcard authorization");
-            }
-            console.log("[LitOps] ================================");
-        }
-        else {
-            console.log("[LitOps] ⚠️  Skipping PKP authorization check (CID or tokenId missing)");
-            if (!litActionInfo.cid) {
-                console.log("[LitOps]   CID:", litActionInfo.cid);
-            }
-            if (!litActionInfo.pkp.tokenId) {
-                console.log("[LitOps]   PKP Token ID:", litActionInfo.pkp.tokenId);
-            }
-        }
-        // Get LIT client for execution
-        const litClient = await this.clientManager.getClient({
-            litNetwork: this.config.network,
-            debug: this.config.debug,
-        });
-        // Determine chain and Bitcoin provider from chainId
-        let chain;
-        let bitcoinProviderUrl;
-        switch (request.authMessage.chainId) {
-            case 1: // Ethereum mainnet
-                chain = "ethereum";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL || "https://mempool.space/api";
-                break;
-            case 11155111: // Sepolia testnet
-                chain = "sepolia";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL ||
-                        "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api/esplora";
-                break;
-            case 1337: // Hardhat local testnet (actual deployment chainId)
-            case 31337: // Hardhat local testnet (standard default)
-                chain = "hardhat";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL || "http://127.0.0.1:18443";
-                break;
-            default:
-                throw new Error(`Unsupported chainId: ${request.authMessage.chainId}`);
-        }
-        if (request.customBitcoinRpcUrl) {
-            bitcoinProviderUrl = request.customBitcoinRpcUrl;
-            if (this.config.debug) {
-                console.log("   Custom Bitcoin RPC URL:", request.customBitcoinRpcUrl);
-            }
-        }
-        const litActionParams = {
-            chain,
-            bitcoinProviderUrl,
-            auth: {
-                positionId: request.authMessage.positionId,
-                timestamp: request.authMessage.timestamp,
-                chainId: request.authMessage.chainId,
-                newTerm: request.authMessage.newTerm,
-                action: request.authMessage.action,
-                signature: request.userSignature,
-                mode: request.authMessage.mode,
-            },
-            selectedTerm: request.authMessage.newTerm,
-            // Contract addresses must be at top level to become globalThis.contractAddresses in LIT Action
-            ...(request.authMessage.contractAddresses && {
-                contractAddresses: request.authMessage.contractAddresses,
-            }),
-            // Price providers with API keys for faster price fetching
-            ...(request.priceProviders && {
-                priceProviders: request.priceProviders,
-            }),
-        };
-        // Debug: Log priceProviders to verify they're being passed
-        if (this.config.debug) {
-            console.log("   Price Providers:", request.priceProviders);
-            console.log("   Price Providers in litActionParams:", litActionParams.priceProviders);
-        }
-        if (request.customRpcUrl) {
-            litActionParams.customRpcUrl = request.customRpcUrl;
-        }
-        // PKP token ID should already be in decimal format from the registry
-        // Don't normalize it - session-signature-manager will handle the conversion to hex
-        // The registry stores token IDs as decimal strings, and session-signature-manager
-        // expects decimal input which it then converts to hex for LitPKPResource
-        const normalizedPkpTokenId = litActionInfo.pkp.tokenId;
-        // Check if we should use local code execution
-        // CRITICAL: If we have a registry CID, always use IPFS mode
-        // Never use local code when we have a deployed registry CID
-        const useLocalCode = this.config.litActionExecution === 'local' && !litActionInfo.cid;
-        if (this.config.debug) {
-            console.log("🔍 [DEBUG] litActionExecution config:", this.config.litActionExecution);
-            console.log("🔍 [DEBUG] Registry CID available:", litActionInfo.cid);
-            console.log("🔍 [DEBUG] useLocalCode:", useLocalCode, "(ignored if registry CID exists)");
-        }
-        let result;
-        if (useLocalCode) {
-            // Only use local code if NO registry CID is available (shouldn't happen in production)
-            // Read code from local dist file
-            const fs = require('fs');
-            const path = require('path');
-            // Try multiple possible paths
-            const possiblePaths = [
-                path.join(__dirname, '../../lit-actions/dist/extend-position-validator.action.js'),
-                path.join(process.cwd(), 'lit-actions/dist/extend-position-validator.action.js'),
-                path.join(process.cwd(), '../lit-actions/dist/extend-position-validator.action.js'),
-            ];
-            let codePath;
-            for (const p of possiblePaths) {
-                if (fs.existsSync(p)) {
-                    codePath = p;
-                    break;
-                }
-            }
-            if (!codePath) {
-                throw new Error(`Local LIT action code not found. Tried: ${possiblePaths.join(', ')}. Please build lit-actions first.`);
-            }
-            const code = fs.readFileSync(codePath, 'utf8');
-            if (this.config.debug) {
-                console.log("📦 Using LOCAL LIT Action code (not IPFS)");
-                console.log("   Code path:", codePath);
-                console.log("   Code size:", code.length, "bytes");
-            }
-            result = await this.executeActionFromCode(code, litActionInfo.pkp.publicKey, litActionParams, this.config.signer, normalizedPkpTokenId, // Normalized to decimal string for consistent handling
-            litActionInfo.cid // Still provide CID for authorization validation
-            );
-        }
-        else {
-            // Always use IPFS mode when we have a registry CID
-            // This ensures the Lit SDK uses the correct CID from the registry for authorization
-            // Execute LIT Action (single attempt - retry logic is in SDK layer)
-            // CRITICAL: Pass pkpTokenId for session signature PKP scoping (fixes signEcdsa timeout)
-            // Use normalized decimal format for consistent conversion in session-signature-manager
-            result = await this.actionExecutor.executeAction({
-                cid: litActionInfo.cid, // Use registry CID
-                pkpPublicKey: litActionInfo.pkp.publicKey,
-                params: litActionParams,
-                signer: this.config.signer,
-                pkpTokenId: normalizedPkpTokenId, // Normalized to decimal string for consistent handling
-                pkpEthAddress: litActionInfo.pkp.ethAddress, // Required for capacity credit delegation
-            }, litClient);
-        }
-        let responseData = result.response;
-        if (typeof result.response === "string") {
-            try {
-                responseData = JSON.parse(result.response);
-            }
-            catch (e) {
-                // Ignore parse errors
-            }
-        }
-        // Handle signature: prefer LIT SDK format (result.signatures), fall back to responseData.signature
-        let signature;
-        if (result.signatures) {
-            signature = JSON.stringify(result.signatures);
-        }
-        else if (responseData?.signature) {
-            signature = responseData.signature;
-        }
-        return {
-            approved: responseData?.approved ?? false,
-            signature,
-            btcPrice: responseData?.btcPrice,
-            availableBTCBalance: responseData?.availableBTCBalance,
-            extensionFee: responseData?.extensionFee,
-            newTotalDebt: responseData?.newTotalDebt,
-            newCollateralRatioBps: responseData?.newCollateralRatioBps,
-            quantumTimestamp: responseData?.quantumTimestamp,
-            timestamp: responseData?.timestamp,
-            reason: responseData?.reason,
-            failedStep: responseData?.failedStep,
-            error: result.error,
-        };
-    }
     /**
      * Request BTC withdrawal authorization (dual-mode)
      *
@@ -2135,7 +1654,7 @@ class LitOps {
         if (!this.config.serviceEndpoint) {
             throw new Error("Service endpoint not configured for service mode");
         }
-        const url = `${this.config.serviceEndpoint}/api/lit/withdrawal/authorize`;
+        const url = `${this.config.serviceEndpoint}/api/lit/withdraw-btc/authorize`;
         if (this.config.debug) {
             console.log("🌐 Requesting withdrawal authorization via service:", url);
             console.log("   Position ID:", request.authMessage.positionId);
@@ -2143,13 +1662,20 @@ class LitOps {
             console.log("   Address:", request.authMessage.withdrawalAddress);
         }
         try {
+            // Transform authMessage: SDK uses withdrawalAddress, server expects destinationAddress
+            const transformedAuthMessage = {
+                ...request.authMessage,
+                destinationAddress: request.authMessage.withdrawalAddress,
+            };
+            // Remove withdrawalAddress from the transformed message
+            delete transformedAuthMessage.withdrawalAddress;
             const response = await fetch(url, {
                 method: "POST",
                 headers: {
                     "Content-Type": "application/json",
                 },
                 body: JSON.stringify({
-                    authMessage: request.authMessage,
+                    authMessage: transformedAuthMessage,
                     userSignature: request.userSignature,
                     customRpcUrl: request.customRpcUrl,
                     customBitcoinRpcUrl: request.customBitcoinRpcUrl,
@@ -2163,19 +1689,27 @@ class LitOps {
             if (this.config.debug) {
                 console.log("📥 Service response:", envelope);
             }
+            // Extract data from envelope (server wraps in { success, data } structure)
+            const result = envelope.data || envelope;
             // Return the result from service
             return {
-                approved: envelope.approved ?? false,
-                signature: envelope.signature,
-                totalDeduction: envelope.totalDeduction,
-                remainingCollateral: envelope.remainingCollateral,
-                newCollateralRatioBps: envelope.newCollateralRatioBps,
-                destinationAddress: envelope.destinationAddress,
-                btcPrice: envelope.btcPrice,
-                timestamp: envelope.timestamp,
-                reason: envelope.reason,
-                failedStep: envelope.failedStep,
-                error: envelope.error,
+                approved: result.approved ?? false,
+                signature: result.signature,
+                actionHash: result.actionHash,
+                authorizedSpendsHash: result.authorizedSpendsHash,
+                ucdDebtHash: result.ucdDebtHash,
+                totalDeduction: result.totalDeduction,
+                remainingCollateral: result.remainingCollateral,
+                newCollateralRatioBps: result.newCollateralRatioBps,
+                destinationAddress: result.destinationAddress,
+                btcPrice: result.btcPrice,
+                timestamp: result.timestamp,
+                utxoTxid: result.utxoTxid,
+                utxoVout: result.utxoVout,
+                utxoSatoshis: result.utxoSatoshis,
+                reason: result.reason,
+                failedStep: result.failedStep,
+                error: result.error,
             };
         }
         catch (error) {
@@ -2228,7 +1762,7 @@ class LitOps {
                 chain = "sepolia";
                 bitcoinProviderUrl =
                     process.env.BITCOIN_PROVIDER_URL ||
-                        "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api/esplora";
+                        "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
                 break;
             case 1337: // Hardhat local testnet (actual deployment chainId)
             case 31337: // Hardhat local testnet (standard default)
@@ -2270,21 +1804,12 @@ class LitOps {
                 console.log("   Custom RPC URL:", request.customRpcUrl);
             }
         }
-        // PKP token ID should already be in decimal format from the registry
-        // Don't normalize it - session-signature-manager will handle the conversion to hex
-        // The registry stores token IDs as decimal strings, and session-signature-manager
-        // expects decimal input which it then converts to hex for LitPKPResource
-        const normalizedPkpTokenId = litActionInfo.pkp.tokenId;
         // Execute LIT Action
-        // CRITICAL: Pass pkpTokenId for session signature PKP scoping (fixes signEcdsa timeout)
-        // Use normalized decimal format for consistent conversion in session-signature-manager
         const result = await this.actionExecutor.executeAction({
             cid: litActionInfo.cid,
             pkpPublicKey: litActionInfo.pkp.publicKey,
             params: litActionParams,
             signer: this.config.signer,
-            pkpTokenId: normalizedPkpTokenId, // Normalized to decimal string for consistent handling
-            pkpEthAddress: litActionInfo.pkp.ethAddress, // Required for capacity credit delegation
         }, litClient);
         if (this.config.debug) {
             console.log("📥 LIT Action response:", {
@@ -2336,82 +1861,6 @@ class LitOps {
         }
         return returnValue;
     }
-    /**
-     * Request payment authorization from Process Payment Validator LIT Action
-     *
-     * In SERVICE mode: Delegates to lit-ops-server
-     * In STANDALONE mode: Executes LIT action locally
-     *
-     * @param request - Payment authorization request
-     * @returns Payment authorization response from LIT Action
-     */
-    async requestPaymentAuthorization(request) {
-        // In SERVICE mode, delegate to lit-ops-server
-        if (this.config.mode === "service") {
-            return this.requestPaymentAuthorizationViaService(request);
-        }
-        return this.requestPaymentAuthorizationStandalone(request);
-    }
-    /**
-     * Request payment authorization via lit-ops-server (SERVICE mode)
-     */
-    async requestPaymentAuthorizationViaService(request) {
-        if (!this.config.serviceEndpoint) {
-            throw new Error("Service endpoint not configured for service mode");
-        }
-        const url = `${this.config.serviceEndpoint}/api/lit/payment/authorize`;
-        if (this.config.debug) {
-            console.log("🌐 Requesting payment authorization via service:", url);
-            console.log("   Position ID:", request.positionId);
-            console.log("   Payment Amount:", request.paymentAmount);
-            console.log("   Price Providers:", request.priceProviders);
-        }
-        const requestBody = {
-            positionId: request.positionId,
-            paymentAmount: request.paymentAmount,
-            chainId: request.chainId,
-            mode: request.mode,
-            contractAddresses: request.contractAddresses,
-            customRpcUrl: request.customRpcUrl,
-            customBitcoinRpcUrl: request.customBitcoinRpcUrl,
-            priceProviders: request.priceProviders,
-        };
-        try {
-            const response = await fetch(url, {
-                method: "POST",
-                headers: {
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify(requestBody),
-            });
-            if (!response.ok) {
-                const errorText = await response.text();
-                throw new Error(`Service error (${response.status}): ${errorText}`);
-            }
-            const envelope = await response.json();
-            if (envelope.success && envelope.data) {
-                return envelope.data;
-            }
-            else if (!envelope.success && envelope.error) {
-                return {
-                    approved: false,
-                    error: envelope.error,
-                    reason: "Service returned error",
-                };
-            }
-            return envelope;
-        }
-        catch (error) {
-            if (this.config.debug) {
-                console.error("❌ Service payment authorization failed:", error);
-            }
-            return {
-                approved: false,
-                error: error instanceof Error ? error.message : String(error),
-                reason: "Service request failed",
-            };
-        }
-    }
     /**
      * Sign Bitcoin transaction for BTC withdrawal execution (Phase 2)
      *
@@ -2461,23 +1910,25 @@ class LitOps {
             if (this.config.debug) {
                 console.log("📥 Service response:", envelope);
             }
+            // Extract data from envelope (server wraps in { success, data } structure)
+            const result = envelope.data || envelope;
             return {
-                success: envelope.success ?? false,
-                unsignedTxHex: envelope.unsignedTxHex,
-                sigHash: envelope.sigHash,
-                signature: envelope.signature,
-                pkpPublicKey: envelope.pkpPublicKey,
-                pkpBtcAddress: envelope.pkpBtcAddress,
-                destination: envelope.destination,
-                userReceivesAmount: envelope.userReceivesAmount,
-                networkFee: envelope.networkFee,
-                changeAmount: envelope.changeAmount,
-                utxo: envelope.utxo,
-                authorization: envelope.authorization,
-                timestamp: envelope.timestamp,
-                action: envelope.action,
-                error: envelope.error,
-                failedStep: envelope.failedStep,
+                success: result.success ?? false,
+                unsignedTxHex: result.unsignedTxHex,
+                sigHash: result.sigHash,
+                signature: result.signature,
+                pkpPublicKey: result.pkpPublicKey,
+                pkpBtcAddress: result.pkpBtcAddress,
+                destination: result.destination,
+                userReceivesAmount: result.userReceivesAmount,
+                networkFee: result.networkFee,
+                changeAmount: result.changeAmount,
+                utxo: result.utxo,
+                authorization: result.authorization,
+                timestamp: result.timestamp,
+                action: result.action,
+                error: result.error,
+                failedStep: result.failedStep,
             };
         }
         catch (error) {
@@ -2488,206 +1939,6 @@ class LitOps {
             };
         }
     }
-    /**
-     * Request payment authorization locally (STANDALONE mode)
-     */
-    async requestPaymentAuthorizationStandalone(request) {
-        // Get LIT Action info from registry
-        const litActions = this.config.network === "datil"
-            ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-            : (() => {
-                throw new Error("Unsupported LIT network");
-            })();
-        const litActionInfo = litActions.processPaymentValidator;
-        if (!litActionInfo || !litActionInfo.cid || !litActionInfo.pkp) {
-            throw new Error("Process payment validator LIT Action not found in registry");
-        }
-        if (this.config.debug) {
-            console.log("📡 Calling Process Payment Validator LIT Action:");
-            console.log("   Network:", this.config.network);
-            console.log("   CID:", litActionInfo.cid);
-            console.log("   Position:", request.positionId);
-            console.log("   Payment Amount:", request.paymentAmount);
-        }
-        // Verify PKP authorization before executing LIT Action
-        if (litActionInfo.cid && litActionInfo.pkp.tokenId) {
-            console.log("[LitOps] ======= PKP Authorization Check =======");
-            console.log("[LitOps] PKP Token ID:", litActionInfo.pkp.tokenId);
-            console.log("[LitOps] Lit Action CID:", litActionInfo.cid);
-            try {
-                const pkpAuthorizer = new pkp_authorizer_module_1.PKPAuthorizer({
-                    debug: this.config.debug,
-                    signer: this.config.signer,
-                    network: this.config.network, // Pass LIT network (e.g., 'datil') for PKP authorization check
-                });
-                const isPermitted = await pkpAuthorizer.isActionPermitted(litActionInfo.pkp.tokenId, litActionInfo.cid);
-                console.log("[LitOps] PKP Authorization Status:", isPermitted ? "✅ AUTHORIZED" : "❌ NOT AUTHORIZED");
-                if (!isPermitted) {
-                    console.warn("[LitOps] ⚠️  PKP is not authorized for this Lit Action CID");
-                    console.warn("[LitOps]   This may cause signing to fail or timeout");
-                    console.warn("[LitOps]   Session signatures may use wildcard authorization instead");
-                }
-                // Get comprehensive permission check for debugging
-                const permissionCheck = await pkpAuthorizer.checkPermissions(litActionInfo.pkp.tokenId, litActionInfo.cid);
-                console.log("[LitOps] Permitted Actions Count:", permissionCheck.permittedActions.length);
-                console.log("[LitOps] CID in Permitted List:", permissionCheck.isPermitted);
-                if (permissionCheck.permittedActions.length > 0) {
-                    console.log("[LitOps] Sample Permitted Actions:", permissionCheck.permittedActions.slice(0, 3));
-                }
-            }
-            catch (authError) {
-                console.warn("[LitOps] ⚠️  Failed to check PKP authorization:", authError instanceof Error ? authError.message : String(authError));
-                console.warn("[LitOps]   Continuing with execution - may use wildcard authorization");
-            }
-            console.log("[LitOps] ================================");
-        }
-        else {
-            console.log("[LitOps] ⚠️  Skipping PKP authorization check (CID or tokenId missing)");
-            if (!litActionInfo.cid) {
-                console.log("[LitOps]   CID:", litActionInfo.cid);
-            }
-            if (!litActionInfo.pkp.tokenId) {
-                console.log("[LitOps]   PKP Token ID:", litActionInfo.pkp.tokenId);
-            }
-        }
-        // PKP token ID should already be in decimal format from the registry
-        // Don't normalize it - session-signature-manager will handle the conversion to hex
-        // The registry stores token IDs as decimal strings, and session-signature-manager
-        // expects decimal input which it then converts to hex for LitPKPResource
-        const normalizedPkpTokenId = litActionInfo.pkp.tokenId;
-        // Get LIT client for execution
-        const litClient = await this.clientManager.getClient({
-            litNetwork: this.config.network,
-            debug: this.config.debug,
-        });
-        // Determine chain and Bitcoin provider from chainId
-        let chain;
-        let bitcoinProviderUrl;
-        switch (request.chainId) {
-            case 1:
-                chain = "ethereum";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL || "https://mempool.space/api";
-                break;
-            case 11155111:
-                chain = "sepolia";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL ||
-                        "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api/esplora";
-                break;
-            case 1337:
-            case 31337:
-                chain = "hardhat";
-                bitcoinProviderUrl =
-                    process.env.BITCOIN_PROVIDER_URL || "http://127.0.0.1:18443";
-                break;
-            default:
-                throw new Error(`Unsupported chainId: ${request.chainId}`);
-        }
-        if (request.customBitcoinRpcUrl) {
-            bitcoinProviderUrl = request.customBitcoinRpcUrl;
-        }
-        // Support both legacy `contracts` (standalone) and newer `contractAddresses`
-        const contractAddresses = request.contractAddresses ?? request.contracts;
-        const litActionParams = {
-            chain,
-            bitcoinProviderUrl,
-            positionId: request.positionId,
-            paymentAmount: request.paymentAmount,
-            ...(contractAddresses && {
-                contractAddresses,
-            }),
-            ...(request.priceProviders && {
-                priceProviders: request.priceProviders,
-            }),
-        };
-        if (request.customRpcUrl) {
-            litActionParams.customRpcUrl = request.customRpcUrl;
-        }
-        // Check if we should use local code execution
-        // CRITICAL: If we have a registry CID, always use IPFS mode
-        // Never use local code when we have a deployed registry CID
-        const useLocalCode = this.config.litActionExecution === 'local' && !litActionInfo.cid;
-        if (this.config.debug) {
-            console.log("🔍 [DEBUG] litActionExecution config:", this.config.litActionExecution);
-            console.log("🔍 [DEBUG] Registry CID available:", litActionInfo.cid);
-            console.log("🔍 [DEBUG] useLocalCode:", useLocalCode, "(ignored if registry CID exists)");
-        }
-        let result;
-        if (useLocalCode) {
-            // Only use local code if NO registry CID is available (shouldn't happen in production)
-            // Read code from local dist file
-            const fs = require('fs');
-            const path = require('path');
-            // Try multiple possible paths
-            const possiblePaths = [
-                path.join(__dirname, '../../lit-actions/dist/process-payment-validator.action.js'),
-                path.join(process.cwd(), 'lit-actions/dist/process-payment-validator.action.js'),
-                path.join(process.cwd(), '../lit-actions/dist/process-payment-validator.action.js'),
-            ];
-            let codePath;
-            for (const p of possiblePaths) {
-                if (fs.existsSync(p)) {
-                    codePath = p;
-                    break;
-                }
-            }
-            if (!codePath) {
-                throw new Error(`Local LIT action code not found. Tried: ${possiblePaths.join(', ')}. Please build lit-actions first.`);
-            }
-            const code = fs.readFileSync(codePath, 'utf8');
-            if (this.config.debug) {
-                console.log("📦 Using LOCAL LIT Action code (not IPFS)");
-                console.log("   Code path:", codePath);
-                console.log("   Code size:", code.length, "bytes");
-            }
-            result = await this.executeActionFromCode(code, litActionInfo.pkp.publicKey, litActionParams, this.config.signer, normalizedPkpTokenId, // Normalized to decimal string for consistent handling
-            litActionInfo.cid // Still provide CID for authorization validation
-            );
-        }
-        else {
-            // Always use IPFS mode when we have a registry CID
-            // This ensures the Lit SDK uses the correct CID from the registry for authorization
-            // Execute LIT Action (single attempt - retry logic is in SDK layer)
-            // CRITICAL: Pass pkpTokenId for session signature PKP scoping (fixes signEcdsa timeout)
-            // Use normalized decimal format for consistent conversion in session-signature-manager
-            result = await this.actionExecutor.executeAction({
-                cid: litActionInfo.cid, // Use registry CID
-                pkpPublicKey: litActionInfo.pkp.publicKey,
-                params: litActionParams,
-                signer: this.config.signer,
-                pkpTokenId: normalizedPkpTokenId, // Normalized to decimal string for consistent handling
-                pkpEthAddress: litActionInfo.pkp.ethAddress, // Required for capacity credit delegation
-            }, litClient);
-        }
-        let responseData = result.response;
-        if (typeof result.response === "string") {
-            try {
-                responseData = JSON.parse(result.response);
-            }
-            catch (e) {
-                // Ignore parse errors
-            }
-        }
-        // Handle signature: prefer LIT SDK format (result.signatures), fall back to responseData.signature
-        let signature;
-        if (result.signatures) {
-            signature = JSON.stringify(result.signatures);
-        }
-        else if (responseData?.signature) {
-            signature = responseData.signature;
-        }
-        return {
-            approved: responseData?.approved ?? false,
-            signature,
-            btcPrice: responseData?.btcPrice,
-            paymentAmount: responseData?.paymentAmount,
-            timestamp: responseData?.timestamp,
-            reason: responseData?.reason,
-            failedStep: responseData?.failedStep,
-            error: result.error,
-        };
-    }
     /**
      * Sign Bitcoin transaction locally (STANDALONE mode)
      */
@@ -2724,7 +1975,7 @@ class LitOps {
                 bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "https://mempool.space/api";
                 break;
             case 11155111: // Sepolia testnet
-                bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api";
+                bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
                 break;
             case 1337: // Hardhat local testnet (actual deployment chainId)
             case 31337: // Hardhat local testnet (standard default)
@@ -2746,7 +1997,7 @@ class LitOps {
             bitcoinProviderUrl, // For Bitcoin UTXO queries
             auth: request.auth,
             publicKey: request.publicKey,
-            contracts: request.contracts,
+            contractAddresses: request.contractAddresses,
         };
         // Add custom EVM RPC URL for local development (Hardhat)
         if (request.customRpcUrl) {
@@ -2771,6 +2022,30 @@ class LitOps {
                 hasSignature: !!result.signatures,
                 error: result.error,
             });
+            // Log per-node debug information if available
+            if (result.debug) {
+                console.log("\n🔍 PER-NODE DEBUG INFORMATION:");
+                console.log("=====================================");
+                const debugInfo = result.debug;
+                if (debugInfo.allNodeResponses) {
+                    console.log("\n📊 All Node Responses:");
+                    console.log(JSON.stringify(debugInfo.allNodeResponses, null, 2));
+                }
+                if (debugInfo.allNodeLogs) {
+                    console.log("\n📝 All Node Logs:");
+                    debugInfo.allNodeLogs.forEach((nodeLog, index) => {
+                        console.log(`\n--- Node ${index + 1} ---`);
+                        console.log(JSON.stringify(nodeLog, null, 2));
+                    });
+                }
+                if (debugInfo.rawNodeHTTPResponses) {
+                    console.log("\n🌐 Raw Node HTTP Responses:");
+                    console.log(JSON.stringify(debugInfo.rawNodeHTTPResponses, null, 2));
+                }
+            }
+            else {
+                console.log("⚠️  No per-node debug information available in result");
+            }
         }
         // Parse response if it's a string
         let responseData = result.response;