@gvnrdao/dh-lit-ops 0.0.73 → 0.0.75

package/dist/modules/lit-ops.module.js

@@ -478,8 +478,6 @@ class LitOps {
             pkpPublicKey,
             params,
             signer,
-            // Include pkpTokenId for session signature scoping (required for burned PKPs)
-            pkpTokenId: pkpTokenId || params?.pkpTokenId,
         };
         return this.actionExecutor.executeAction(request, litClient);
     }
@@ -651,44 +649,28 @@ class LitOps {
             // Get the PKP validator CID
             const pkpValidatorCid = (this.config.network === "datil"
                 ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-                : dh_lit_actions_1.DH_LIT_ACTIONS_DATIL_TEST).pkpValidator.cid;
+                : (() => {
+                    throw new Error("Unsupported LIT network");
+                })()).pkpValidator.cid;
             if (this.config.debug) {
                 console.log(`   PKP Validator CID: ${pkpValidatorCid}`);
             }
             // Execute PKP Validator LIT Action
-            // NOTE: Even though the validator PKP is burned/immutable (read-only),
-            // we still pass its tokenId so the session signature is scoped to the
-            // validator resource. The Lit nodes will simply treat the resource as
-            // non-signing, but scoping keeps the session principle of least privilege.
+            // NOTE: We do NOT pass the validator PKP token ID here because the validator
+            // performs READ-ONLY operations (no signing). Passing undefined for pkpTokenId
+            // will skip adding LitPKPResource to the session signature, which is correct
+            // for burned/immutable validator PKPs that can't sign via session signatures.
             console.log(`\n🔍 LIT-OPS TRACE: About to call executeActionFromCID with jsParams:`);
             console.log(`   - targetPkpTokenId: "${targetPkpTokenId}"`);
             console.log(`   - expectedCid: "${expectedCid}"`);
-            let sessionScopedSignerTokenId = signerPkp.tokenId;
-            try {
-                const normalizedHex = BigInt(signerPkp.tokenId)
-                    .toString(16)
-                    .padStart(64, "0");
-                sessionScopedSignerTokenId = `0x${normalizedHex}`;
-            }
-            catch (tokenErr) {
-                console.warn("⚠️  Failed to normalize signer PKP tokenId to hex, using raw value", tokenErr);
-            }
-            // Convert validator CID to hex format for signature message
-            // The contract expects the validator's CID in the signature, not the PKP's CID
-            const validatorCidHex = (0, dh_lit_actions_1.cidToHex)(pkpValidatorCid);
-            if (this.config.debug) {
-                console.log(`   Validator CID (IPFS): ${pkpValidatorCid}`);
-                console.log(`   Validator CID (hex): ${validatorCidHex}`);
-                console.log(`   PKP's expected CID (hex): ${expectedCid}`);
-            }
             const litResult = await this.executeActionFromCID(pkpValidatorCid, signerPkp.publicKey, {
                 targetPkpTokenId,
-                expectedCid, // PKP's LIT Action CID (for validation check)
-                certificationCid: validatorCidHex, // Validator's CID (for signature message)
+                expectedCid, // Expected to be in hex format
                 message: `PKP validation: ${Date.now()}`,
                 // Ensure the LIT Action knows which network (datil vs datil-test)
                 network: this.config.network,
-            }, signer, sessionScopedSignerTokenId, signerPkp.ethAddress // Required for capacity delegation on Datil
+            }, signer
+            // Intentionally NOT passing signerPkp.tokenId - validator is read-only
             );
             if (this.config.debug) {
                 console.log(`   LIT Action Success: ${litResult.success}`);
@@ -1247,7 +1229,9 @@ class LitOps {
             console.log("🎯 Creating new Diamond Hands Loan PKP");
             console.log("   Using authorization CID:", (networkOverride ?? this.config.network) === "datil"
                 ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL.authorizationDummy.cid
-                : dh_lit_actions_1.DH_LIT_ACTIONS_DATIL_TEST.authorizationDummy.cid);
+                : (() => {
+                    throw new Error("Unsupported LIT network");
+                })());
             console.log(`   Mode: ${this.config.mode}`);
             if (networkOverride) {
                 console.log("   Network override:", networkOverride);
@@ -1260,12 +1244,16 @@ class LitOps {
             throw new Error("Signer is required for standalone mode");
         }
         const selectedNetwork = networkOverride ?? this.config.network;
-        const authDummyCid = (selectedNetwork === "datil"
+        const registry = selectedNetwork === "datil"
             ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-            : dh_lit_actions_1.DH_LIT_ACTIONS_DATIL_TEST).authorizationDummy.cid;
+            : (() => {
+                throw new Error("Unsupported LIT network");
+            })();
+        // Vault PKP must authorize btcTransactionSigner for Bitcoin transaction signing
+        const btcTxSignerCid = registry.btcTransactionSigner.cid;
         console.log(`🔍 LIT-OPS TRACE: getNewDiamondHandsLoanPkp - selectedNetwork = "${selectedNetwork}"`);
-        console.log(`🔍 LIT-OPS TRACE: getNewDiamondHandsLoanPkp - authorizationDummy.cid = "${authDummyCid}"`);
-        return this.createAndValidatePkpToLitAction(authDummyCid, effectiveSigner);
+        console.log(`🔍 LIT-OPS TRACE: getNewDiamondHandsLoanPkp - btcTransactionSigner.cid = "${btcTxSignerCid}"`);
+        return this.createAndValidatePkpToLitAction(btcTxSignerCid, effectiveSigner);
     }
     /**
      * Request mint authorization from UCD Mint Validator LIT Action
@@ -1305,6 +1293,125 @@ class LitOps {
         }
         return this.requestMintAuthorizationStandalone(request);
     }
+    /**
+     * DEV ONLY: Run BTC Always Signer LIT Action
+     * Intermediate testing tool for Bitcoin transaction structure validation
+     * Signs Bitcoin transactions WITHOUT authorization checks
+     *
+     * @param request - Bitcoin transaction parameters
+     * @returns Signature result with transaction structure
+     */
+    async runBtcAlwaysSigner(request) {
+        if (this.config.debug) {
+            console.log("🔧 [runBtcAlwaysSigner] DEV MODE ONLY");
+            console.log("   Mode:", this.config.mode);
+        }
+        // Service mode: Call server endpoint
+        if (this.config.mode === "service") {
+            return this.runBtcAlwaysSignerViaService(request);
+        }
+        // Standalone mode: Execute locally
+        return this.runBtcAlwaysSignerStandalone(request);
+    }
+    /**
+     * Run BTC Always Signer via service (SERVICE mode)
+     */
+    async runBtcAlwaysSignerViaService(request) {
+        if (!this.config.serviceEndpoint) {
+            throw new Error("Service endpoint not configured for service mode");
+        }
+        const url = `${this.config.serviceEndpoint}/api/lit/dev/btc-always-signer`;
+        if (this.config.debug) {
+            console.log("🌐 Running BTC always-signer via service:", url);
+            console.log("   Destination:", request.destination);
+            console.log("   Amount:", request.amount);
+        }
+        try {
+            const response = await fetch(url, {
+                method: "POST",
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify(request),
+            });
+            if (!response.ok) {
+                const errorText = await response.text();
+                throw new Error(`Service error (${response.status}): ${errorText}`);
+            }
+            const result = (await response.json());
+            if (this.config.debug) {
+                console.log("✅ BTC always-signer completed via service");
+            }
+            return result.data || result;
+        }
+        catch (error) {
+            if (this.config.debug) {
+                console.error("❌ Service BTC always-signer failed:", error);
+            }
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+    /**
+     * Run BTC Always Signer locally (STANDALONE mode)
+     */
+    async runBtcAlwaysSignerStandalone(request) {
+        // Get always-signer LIT Action CID
+        const alwaysSignerCid = "QmRcQTDiZJq5arXngdxCX1LPnTW1fvx78tBD9vZmMXg8Ly";
+        if (this.config.debug) {
+            console.log("📡 Calling BTC Always Signer LIT Action:");
+            console.log("   CID:", alwaysSignerCid);
+            console.log("   Destination:", request.destination);
+            console.log("   Amount:", request.amount);
+        }
+        try {
+            // Execute LIT Action
+            // NOTE: The always-signer LIT Action expects params in (globalThis as any).params
+            // so we nest the parameters under a 'params' key
+            const result = await this.executeActionFromCID(alwaysSignerCid, request.pkpPublicKey, {
+                params: {
+                    amount: request.amount,
+                    fee: request.fee,
+                    destination: request.destination,
+                    utxo: request.utxo,
+                    network: request.network,
+                    pkpPublicKey: request.pkpPublicKey,
+                },
+            }, this.config.signer, // Use signer from LitOps config
+            undefined, // No PKP token ID needed
+            undefined // No PKP ETH address needed
+            );
+            if (this.config.debug) {
+                console.log("✅ BTC Always Signer executed");
+                console.log("   Success:", result.success);
+            }
+            // Parse response
+            const response = typeof result.response === "string"
+                ? JSON.parse(result.response)
+                : result.response;
+            // Extract actual signature from LIT SDK response
+            // LIT SDK puts signatures in result.signatures.btcTxSig
+            if (result.signatures?.btcTxSig) {
+                response.signature = {
+                    r: result.signatures.btcTxSig.r,
+                    s: result.signatures.btcTxSig.s,
+                    recid: result.signatures.btcTxSig.recid,
+                };
+            }
+            return response;
+        }
+        catch (error) {
+            if (this.config.debug) {
+                console.error("❌ BTC Always Signer failed:", error);
+            }
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
     /**
      * Request mint authorization via lit-ops-server (SERVICE mode)
      */
@@ -1381,7 +1488,9 @@ class LitOps {
         // Get LIT Action info from registry
         const litActions = this.config.network === "datil"
             ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-            : dh_lit_actions_1.DH_LIT_ACTIONS_DATIL_TEST;
+            : (() => {
+                throw new Error("Unsupported LIT network");
+            })();
         const litActionInfo = litActions.ucdMintValidator;
         if (!litActionInfo || !litActionInfo.cid || !litActionInfo.pkp) {
             throw new Error("UCD mint validator LIT Action not found in registry");
@@ -1412,7 +1521,7 @@ class LitOps {
                 chain = "sepolia";
                 bitcoinProviderUrl =
                     process.env.BITCOIN_PROVIDER_URL ||
-                        "https://diamond-hands-btc-faucet-6b39a1072059.herokuapp.com/api";
+                        "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
                 break;
             case 1337: // Hardhat local testnet (actual deployment chainId)
             case 31337: // Hardhat local testnet (standard default)
@@ -1444,11 +1553,12 @@ class LitOps {
                 action: request.authMessage.action,
                 signature: request.userSignature,
                 mode: request.authMessage.mode,
-                ...(request.authMessage.contracts && {
-                    contracts: request.authMessage.contracts,
-                }),
             },
             amount: request.authMessage.amount,
+            // Contracts must be at top level to become globalThis.contracts in LIT Action
+            ...(request.authMessage.contracts && {
+                contracts: request.authMessage.contracts,
+            }),
         };
         // Add custom RPC URL for local development (ngrok tunnels)
         if (request.customRpcUrl) {
@@ -1463,6 +1573,7 @@ class LitOps {
             pkpPublicKey: litActionInfo.pkp.publicKey,
             params: litActionParams,
             signer: this.config.signer,
+            priceProviders: request.priceProviders, // Pass price provider API keys (standalone mode)
         }, litClient);
         if (this.config.debug) {
             console.log("📥 LIT Action response:", {
@@ -1492,59 +1603,12 @@ class LitOps {
             console.log("🔍 responseData (FULL OBJECT):", JSON.stringify(responseData, null, 2));
             console.log("🔍 responseData keys:", Object.keys(responseData || {}));
         }
-        // Extract actual signature from Lit Action execution result
-        // The signature is in result.signatures.ucdMintAuth.signature (not in response JSON)
-        let actualSignature;
-        try {
-            if (result.signatures && typeof result.signatures === 'object') {
-                const signatures = result.signatures;
-                if (signatures.ucdMintAuth && signatures.ucdMintAuth.signature) {
-                    const sig = signatures.ucdMintAuth.signature;
-                    if (typeof sig === 'string' && sig !== 'success') {
-                        actualSignature = sig;
-                        if (this.config.debug) {
-                            console.log('✅ Extracted signature from Lit Action execution result', {
-                                signatureLength: actualSignature.length,
-                                signaturePreview: actualSignature.substring(0, 20) + '...',
-                            });
-                        }
-                    }
-                    else if (this.config.debug) {
-                        console.warn('⚠️  Signature in Lit Action result is not a valid string', {
-                            signatureType: typeof sig,
-                            signatureValue: sig,
-                        });
-                    }
-                }
-                else if (this.config.debug) {
-                    console.warn('⚠️  No ucdMintAuth signature found in Lit Action execution result', {
-                        signaturesKeys: Object.keys(signatures),
-                    });
-                }
-            }
-            else if (this.config.debug) {
-                console.warn('⚠️  Lit Action execution result has no signatures object', {
-                    hasSignatures: !!result.signatures,
-                    signaturesType: typeof result.signatures,
-                });
-            }
-        }
-        catch (sigError) {
-            // Don't fail authorization if signature extraction fails - signature is optional
-            if (this.config.debug) {
-                console.warn('⚠️  Error extracting signature from Lit Action result (non-fatal)', {
-                    error: sigError instanceof Error ? sigError.message : String(sigError),
-                });
-            }
-        }
-        // Ensure signature is a hex string (add 0x prefix if missing)
-        if (actualSignature && !actualSignature.startsWith("0x")) {
-            actualSignature = "0x" + actualSignature;
-        }
         // Return standardized response
         const returnValue = {
             approved: responseData?.approved ?? false,
-            signature: actualSignature, // Return extracted hex string directly (matching pkp-authorization.module.ts pattern)
+            signature: result.signatures
+                ? JSON.stringify(result.signatures)
+                : undefined,
             mintAmount: responseData?.mintAmount,
             mintFee: responseData?.mintFee,
             newDebt: responseData?.newDebt,
@@ -1563,6 +1627,477 @@ class LitOps {
         }
         return returnValue;
     }
+    /**
+     * Request BTC withdrawal authorization (dual-mode)
+     *
+     * @param request - Authorization request with authMessage and userSignature
+     * @returns Withdrawal authorization response from LIT Action
+     */
+    async requestWithdrawalAuthorization(request) {
+        // In SERVICE mode, delegate to lit-ops-server
+        if (this.config.mode === "service") {
+            if (this.config.debug) {
+                console.log("🌐 [requestWithdrawalAuthorization] Using SERVICE mode - delegating to server");
+            }
+            return this.requestWithdrawalAuthorizationViaService(request);
+        }
+        // STANDALONE mode: Execute LIT action locally
+        if (this.config.debug) {
+            console.log("🔧 [requestWithdrawalAuthorization] Using STANDALONE mode - executing locally");
+        }
+        return this.requestWithdrawalAuthorizationStandalone(request);
+    }
+    /**
+     * Request withdrawal authorization via lit-ops-server (SERVICE mode)
+     */
+    async requestWithdrawalAuthorizationViaService(request) {
+        if (!this.config.serviceEndpoint) {
+            throw new Error("Service endpoint not configured for service mode");
+        }
+        const url = `${this.config.serviceEndpoint}/api/lit/withdraw-btc/authorize`;
+        if (this.config.debug) {
+            console.log("🌐 Requesting withdrawal authorization via service:", url);
+            console.log("   Position ID:", request.authMessage.positionId);
+            console.log("   Amount:", request.authMessage.amount);
+            console.log("   Address:", request.authMessage.withdrawalAddress);
+        }
+        try {
+            // Transform authMessage: SDK uses withdrawalAddress, server expects destinationAddress
+            const transformedAuthMessage = {
+                ...request.authMessage,
+                destinationAddress: request.authMessage.withdrawalAddress,
+            };
+            // Remove withdrawalAddress from the transformed message
+            delete transformedAuthMessage.withdrawalAddress;
+            const response = await fetch(url, {
+                method: "POST",
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({
+                    authMessage: transformedAuthMessage,
+                    userSignature: request.userSignature,
+                    customRpcUrl: request.customRpcUrl,
+                    customBitcoinRpcUrl: request.customBitcoinRpcUrl,
+                }),
+            });
+            if (!response.ok) {
+                const errorText = await response.text();
+                throw new Error(`Service error (${response.status}): ${errorText}`);
+            }
+            const envelope = await response.json();
+            if (this.config.debug) {
+                console.log("📥 Service response:", envelope);
+            }
+            // Extract data from envelope (server wraps in { success, data } structure)
+            const result = envelope.data || envelope;
+            // Return the result from service
+            return {
+                approved: result.approved ?? false,
+                signature: result.signature,
+                actionHash: result.actionHash,
+                authorizedSpendsHash: result.authorizedSpendsHash,
+                ucdDebtHash: result.ucdDebtHash,
+                totalDeduction: result.totalDeduction,
+                remainingCollateral: result.remainingCollateral,
+                newCollateralRatioBps: result.newCollateralRatioBps,
+                destinationAddress: result.destinationAddress,
+                btcPrice: result.btcPrice,
+                timestamp: result.timestamp,
+                utxoTxid: result.utxoTxid,
+                utxoVout: result.utxoVout,
+                utxoSatoshis: result.utxoSatoshis,
+                reason: result.reason,
+                failedStep: result.failedStep,
+                error: result.error,
+            };
+        }
+        catch (error) {
+            console.error("❌ Service request failed:", error);
+            return {
+                approved: false,
+                error: error instanceof Error ? error.message : String(error),
+                reason: "Service request failed",
+            };
+        }
+    }
+    /**
+     * Request withdrawal authorization locally (STANDALONE mode)
+     */
+    async requestWithdrawalAuthorizationStandalone(request) {
+        // Get LIT Action info from registry
+        const litActions = this.config.network === "datil"
+            ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
+            : (() => {
+                throw new Error("Unsupported LIT network");
+            })();
+        const litActionInfo = litActions.btcWithdrawal;
+        if (!litActionInfo || !litActionInfo.cid || !litActionInfo.pkp) {
+            throw new Error("BTC withdrawal LIT Action not found in registry");
+        }
+        if (this.config.debug) {
+            console.log("📡 Calling BTC Withdrawal LIT Action:");
+            console.log("   Network:", this.config.network);
+            console.log("   CID:", litActionInfo.cid);
+            console.log("   Position:", request.authMessage.positionId);
+            console.log("   Amount:", request.authMessage.amount);
+            console.log("   Address:", request.authMessage.withdrawalAddress);
+            console.log("   Timestamp:", request.authMessage.timestamp);
+        }
+        // Get LIT client for execution
+        const litClient = await this.clientManager.getClient({
+            litNetwork: this.config.network,
+            debug: this.config.debug,
+        });
+        // Determine chain and Bitcoin provider from chainId
+        let chain;
+        let bitcoinProviderUrl;
+        switch (request.authMessage.chainId) {
+            case 1: // Ethereum mainnet
+                chain = "ethereum";
+                bitcoinProviderUrl =
+                    process.env.BITCOIN_PROVIDER_URL || "https://mempool.space/api";
+                break;
+            case 11155111: // Sepolia testnet
+                chain = "sepolia";
+                bitcoinProviderUrl =
+                    process.env.BITCOIN_PROVIDER_URL ||
+                        "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
+                break;
+            case 1337: // Hardhat local testnet (actual deployment chainId)
+            case 31337: // Hardhat local testnet (standard default)
+                chain = "hardhat";
+                bitcoinProviderUrl =
+                    process.env.BITCOIN_PROVIDER_URL || "http://127.0.0.1:18443";
+                break;
+            default:
+                throw new Error(`Unsupported chainId: ${request.authMessage.chainId}`);
+        }
+        // Override with custom Bitcoin RPC URL if provided
+        if (request.customBitcoinRpcUrl) {
+            bitcoinProviderUrl = request.customBitcoinRpcUrl;
+            if (this.config.debug) {
+                console.log("   Custom Bitcoin RPC URL:", request.customBitcoinRpcUrl);
+            }
+        }
+        // Execute LIT Action
+        const litActionParams = {
+            chain,
+            bitcoinProviderUrl,
+            auth: {
+                positionId: request.authMessage.positionId,
+                timestamp: request.authMessage.timestamp,
+                chainId: request.authMessage.chainId,
+                destinationAddress: request.authMessage.withdrawalAddress,
+                amount: request.authMessage.amount,
+                action: request.authMessage.action,
+                signature: request.userSignature,
+                mode: request.authMessage.mode,
+            },
+            // Always pass contracts (undefined in prod mode)
+            contracts: request.authMessage.contracts,
+        };
+        // Add custom RPC URL for local development
+        if (request.customRpcUrl) {
+            litActionParams.customRpcUrl = request.customRpcUrl;
+            if (this.config.debug) {
+                console.log("   Custom RPC URL:", request.customRpcUrl);
+            }
+        }
+        // Execute LIT Action
+        const result = await this.actionExecutor.executeAction({
+            cid: litActionInfo.cid,
+            pkpPublicKey: litActionInfo.pkp.publicKey,
+            params: litActionParams,
+            signer: this.config.signer,
+        }, litClient);
+        if (this.config.debug) {
+            console.log("📥 LIT Action response:", {
+                success: result.success,
+                hasSignature: !!result.signatures,
+                error: result.error,
+            });
+            console.log("📥 LIT Action result.response (raw):", result.response);
+        }
+        // Parse response if it's a string
+        let responseData = result.response;
+        if (typeof result.response === "string") {
+            try {
+                responseData = JSON.parse(result.response);
+                if (this.config.debug) {
+                    console.log("📥 Parsed response data:", responseData);
+                }
+            }
+            catch (e) {
+                if (this.config.debug) {
+                    console.error("❌ Failed to parse response string:", e);
+                }
+            }
+        }
+        // Return standardized response including UTXO data from Bitcoin network query
+        const returnValue = {
+            approved: responseData?.approved ?? false,
+            signature: result.signatures
+                ? JSON.stringify(result.signatures)
+                : undefined,
+            actionHash: responseData?.actionHash,
+            authorizedSpendsHash: responseData?.authorizedSpendsHash,
+            ucdDebtHash: responseData?.ucdDebtHash,
+            totalDeduction: responseData?.totalDeduction,
+            remainingCollateral: responseData?.remainingCollateral,
+            newCollateralRatioBps: responseData?.newCollateralRatioBps,
+            destinationAddress: responseData?.destinationAddress,
+            btcPrice: responseData?.btcPrice,
+            timestamp: responseData?.timestamp,
+            utxoTxid: responseData?.utxoTxid, // Real Bitcoin UTXO txid from network query
+            utxoVout: responseData?.utxoVout, // Real Bitcoin UTXO vout from network query
+            utxoSatoshis: responseData?.utxoSatoshis, // UTXO value for validation
+            reason: responseData?.reason,
+            failedStep: responseData?.failedStep,
+            error: result.error,
+        };
+        if (this.config.debug) {
+            console.log("🎁 STANDALONE RETURN VALUE:", JSON.stringify(returnValue, null, 2));
+        }
+        return returnValue;
+    }
+    /**
+     * Sign Bitcoin transaction for BTC withdrawal execution (Phase 2)
+     *
+     * Dual-mode method: Delegates to service endpoint or executes locally
+     */
+    async signBTCTransaction(request) {
+        // In SERVICE mode, delegate to lit-ops-server
+        if (this.config.mode === "service") {
+            if (this.config.debug) {
+                console.log("🌐 [signBTCTransaction] Using SERVICE mode - delegating to server");
+            }
+            return this.signBTCTransactionViaService(request);
+        }
+        // STANDALONE mode: Execute LIT action locally
+        if (this.config.debug) {
+            console.log("🔧 [signBTCTransaction] Using STANDALONE mode - executing locally");
+        }
+        return this.signBTCTransactionStandalone(request);
+    }
+    /**
+     * Sign Bitcoin transaction via lit-ops-server (SERVICE mode)
+     */
+    async signBTCTransactionViaService(request) {
+        if (!this.config.serviceEndpoint) {
+            throw new Error("Service endpoint not configured for service mode");
+        }
+        const url = `${this.config.serviceEndpoint}/api/lit/btc/sign-transaction`;
+        if (this.config.debug) {
+            console.log("🌐 Signing BTC transaction via service:", url);
+            console.log("   Position ID:", request.auth.positionId);
+            console.log("   UTXO:", `${request.auth.utxo.txid}:${request.auth.utxo.vout}`);
+            console.log("   Network Fee:", request.auth.networkFee);
+        }
+        try {
+            const response = await fetch(url, {
+                method: "POST",
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify(request),
+            });
+            if (!response.ok) {
+                const errorText = await response.text();
+                throw new Error(`Service error (${response.status}): ${errorText}`);
+            }
+            const envelope = await response.json();
+            if (this.config.debug) {
+                console.log("📥 Service response:", envelope);
+            }
+            // Extract data from envelope (server wraps in { success, data } structure)
+            const result = envelope.data || envelope;
+            return {
+                success: result.success ?? false,
+                unsignedTxHex: result.unsignedTxHex,
+                sigHash: result.sigHash,
+                signature: result.signature,
+                pkpPublicKey: result.pkpPublicKey,
+                pkpBtcAddress: result.pkpBtcAddress,
+                destination: result.destination,
+                userReceivesAmount: result.userReceivesAmount,
+                networkFee: result.networkFee,
+                changeAmount: result.changeAmount,
+                utxo: result.utxo,
+                authorization: result.authorization,
+                timestamp: result.timestamp,
+                action: result.action,
+                error: result.error,
+                failedStep: result.failedStep,
+            };
+        }
+        catch (error) {
+            console.error("❌ Service request failed:", error);
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+    /**
+     * Sign Bitcoin transaction locally (STANDALONE mode)
+     */
+    async signBTCTransactionStandalone(request) {
+        // Get LIT Action info from registry
+        const litActions = this.config.network === "datil"
+            ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
+            : (() => {
+                throw new Error("Unsupported LIT network");
+            })();
+        const litActionInfo = litActions.btcTransactionSigner;
+        if (!litActionInfo || !litActionInfo.cid) {
+            throw new Error("BTC transaction signer LIT Action not found in registry");
+        }
+        if (this.config.debug) {
+            console.log("📡 Calling BTC Transaction Signer LIT Action:");
+            console.log("   Network:", this.config.network);
+            console.log("   CID:", litActionInfo.cid);
+            console.log("   Position:", request.auth.positionId);
+            console.log("   UTXO:", `${request.auth.utxo.txid}:${request.auth.utxo.vout}`);
+            console.log("   Network Fee:", request.auth.networkFee);
+        }
+        // Get LIT client for execution
+        const litClient = await this.clientManager.getClient({
+            litNetwork: this.config.network,
+            debug: this.config.debug,
+        });
+        // Build LIT Action parameters
+        // Determine Bitcoin provider URL based on network
+        let bitcoinProviderUrl;
+        const chainId = request.auth.chainId;
+        switch (chainId) {
+            case 1: // Ethereum mainnet
+                bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "https://mempool.space/api";
+                break;
+            case 11155111: // Sepolia testnet
+                bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "https://diamond-hands-btc-faucet-jw-b86e9451a147.herokuapp.com/api";
+                break;
+            case 1337: // Hardhat local testnet (actual deployment chainId)
+            case 31337: // Hardhat local testnet (standard default)
+                bitcoinProviderUrl = process.env.BITCOIN_PROVIDER_URL || "http://127.0.0.1:18443";
+                break;
+            default:
+                throw new Error(`Unsupported chainId: ${chainId}`);
+        }
+        // Override with custom Bitcoin RPC URL if provided (for local development with ngrok)
+        if (request.customBitcoinRpcUrl) {
+            bitcoinProviderUrl = request.customBitcoinRpcUrl;
+            if (this.config.debug) {
+                console.log("   Custom Bitcoin RPC URL (override):", request.customBitcoinRpcUrl);
+            }
+        }
+        const litActionParams = {
+            chain: request.chain,
+            bitcoinNetwork: request.bitcoinNetwork,
+            bitcoinProviderUrl, // For Bitcoin UTXO queries
+            auth: request.auth,
+            publicKey: request.publicKey,
+            contracts: request.contracts,
+        };
+        // Add custom EVM RPC URL for local development (Hardhat)
+        if (request.customRpcUrl) {
+            litActionParams.customRpcUrl = request.customRpcUrl;
+            if (this.config.debug) {
+                console.log("   Custom EVM RPC URL:", request.customRpcUrl);
+            }
+        }
+        if (this.config.debug) {
+            console.log("   Bitcoin Provider URL:", bitcoinProviderUrl);
+        }
+        // Execute LIT Action
+        const result = await this.actionExecutor.executeAction({
+            cid: litActionInfo.cid,
+            pkpPublicKey: request.publicKey,
+            params: litActionParams,
+            signer: this.config.signer,
+        }, litClient);
+        if (this.config.debug) {
+            console.log("📥 LIT Action response:", {
+                success: result.success,
+                hasSignature: !!result.signatures,
+                error: result.error,
+            });
+            // Log per-node debug information if available
+            if (result.debug) {
+                console.log("\n🔍 PER-NODE DEBUG INFORMATION:");
+                console.log("=====================================");
+                const debugInfo = result.debug;
+                if (debugInfo.allNodeResponses) {
+                    console.log("\n📊 All Node Responses:");
+                    console.log(JSON.stringify(debugInfo.allNodeResponses, null, 2));
+                }
+                if (debugInfo.allNodeLogs) {
+                    console.log("\n📝 All Node Logs:");
+                    debugInfo.allNodeLogs.forEach((nodeLog, index) => {
+                        console.log(`\n--- Node ${index + 1} ---`);
+                        console.log(JSON.stringify(nodeLog, null, 2));
+                    });
+                }
+                if (debugInfo.rawNodeHTTPResponses) {
+                    console.log("\n🌐 Raw Node HTTP Responses:");
+                    console.log(JSON.stringify(debugInfo.rawNodeHTTPResponses, null, 2));
+                }
+            }
+            else {
+                console.log("⚠️  No per-node debug information available in result");
+            }
+        }
+        // Parse response if it's a string
+        let responseData = result.response;
+        if (typeof result.response === "string") {
+            try {
+                responseData = JSON.parse(result.response);
+                if (this.config.debug) {
+                    console.log("📥 Parsed response data:", responseData);
+                }
+            }
+            catch (e) {
+                if (this.config.debug) {
+                    console.error("❌ Failed to parse response string:", e);
+                }
+            }
+        }
+        // Extract combined signature from LIT SDK result
+        // LIT SDK returns signatures in result.signatures.btcTxSig after combination
+        let combinedSignature;
+        if (result.signatures && typeof result.signatures === 'object') {
+            const btcTxSig = result.signatures.btcTxSig;
+            if (btcTxSig && btcTxSig.signature) {
+                // LIT SDK combined signature
+                combinedSignature = btcTxSig.signature;
+                if (this.config.debug && combinedSignature) {
+                    console.log("✅ Extracted combined signature from LIT SDK:", {
+                        signatureLength: combinedSignature.length,
+                        signatureStart: combinedSignature.substring(0, 20) + "..."
+                    });
+                }
+            }
+        }
+        // Return standardized response
+        return {
+            success: responseData?.success ?? false,
+            unsignedTxHex: responseData?.unsignedTxHex,
+            sigHash: responseData?.sigHash,
+            signature: combinedSignature || responseData?.signature,
+            pkpPublicKey: responseData?.pkpPublicKey,
+            pkpBtcAddress: responseData?.pkpBtcAddress,
+            destination: responseData?.destination,
+            userReceivesAmount: responseData?.userReceivesAmount,
+            networkFee: responseData?.networkFee,
+            changeAmount: responseData?.changeAmount,
+            utxo: responseData?.utxo,
+            authorization: responseData?.authorization,
+            timestamp: responseData?.timestamp,
+            action: responseData?.action,
+            error: result.error || responseData?.error,
+            failedStep: responseData?.failedStep,
+        };
+    }
     /**
      * Get trustless BTC price from Price Oracle LIT Action
      *
@@ -1579,7 +2114,9 @@ class LitOps {
         // Get LIT Action info from registry
         const litActions = (this.config.network === "datil"
             ? dh_lit_actions_1.DH_LIT_ACTIONS_DATIL
-            : dh_lit_actions_1.DH_LIT_ACTIONS_DATIL_TEST);
+            : (() => {
+                throw new Error("Unsupported LIT network");
+            })());
         console.log("litActions in getActions", litActions);
         const litActionInfo = litActions.priceOracle;
         if (!litActionInfo || !litActionInfo.cid) {