@hachej/boring-core 0.1.42 → 0.1.44

package/dist/PostgresMeteringStore-CzNv6xil.d.ts

@@ -0,0 +1,224 @@
+import { C as CoreConfig } from './types-CWtJ4kgd.js';
+import { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+
+interface RunMigrationsOptions {
+    migrationsFolder?: string;
+}
+declare function runMigrations(config: CoreConfig, options?: RunMigrationsOptions): Promise<void>;
+
+declare class InsufficientCreditError extends Error {
+    readonly availableMicros: number;
+    readonly requiredMicros: number;
+    readonly statusCode = 402;
+    readonly code = "PAYMENT_REQUIRED";
+    constructor(availableMicros: number, requiredMicros: number);
+}
+interface MeteringBalance {
+    userId: string;
+    grantedMicros: number;
+    usedMicros: number;
+    remainingMicros: number;
+    activeReservedMicros: number;
+    /** remainingMicros minus activeReservedMicros; what a new reservation sees. */
+    availableMicros: number;
+}
+type CreditLedgerKind = 'grant' | 'purchase' | 'usage' | 'refund' | 'fallback';
+/** One normalized, display-safe credit-ledger row for the account activity view.
+ * `amountMicros` is SIGNED: positive = credits added (grant/purchase), negative =
+ * consumed/removed (usage/refund). `description` is generic — no prompt/repo/model/
+ * provider/order/session details. */
+interface CreditLedgerEntry {
+    id: string;
+    kind: CreditLedgerKind;
+    amountMicros: number;
+    createdAt: string;
+    description: string;
+}
+interface GrantOnceInput {
+    userId: string;
+    /** Unique per (userId, reason); repeat calls with the same reason are no-ops. */
+    reason: string;
+    amountMicros: number;
+    expiresAt?: Date;
+}
+interface ReserveInput {
+    userId: string;
+    workspaceId?: string;
+    sessionId?: string;
+    /** Stable run id; at most one active reservation may exist per runId. */
+    runId: string;
+    source?: string;
+    amountMicros: number;
+    ttlSeconds: number;
+    /**
+     * Reject when the user's available balance (remaining minus active
+     * reservations) is below this floor. Defaults to amountMicros, i.e. the
+     * reservation must fit entirely.
+     */
+    minAvailableMicros?: number;
+}
+interface ReserveResult {
+    reservationId: string;
+}
+interface RecordUsageInput {
+    /** Stable idempotency key; a second insert with the same id is a no-op. */
+    usageId: string;
+    userId: string;
+    workspaceId?: string;
+    sessionId?: string;
+    runId?: string;
+    messageId?: string;
+    source?: string;
+    provider?: string;
+    model?: string;
+    inputTokens?: number;
+    outputTokens?: number;
+    cacheReadTokens?: number;
+    cacheWriteTokens?: number;
+    /** Provider-reported cost, in micros, before host pricing policy. */
+    providerCostMicros?: number;
+    /** Host-priced cost actually charged against the balance. */
+    billedCostMicros: number;
+    stopReason?: string;
+    metadata?: Record<string, unknown>;
+}
+interface RecordUsageResult {
+    inserted: boolean;
+}
+type ReservationFinalStatus = 'settled' | 'released';
+interface FinishReservationInput {
+    /** Preferred key: the id returned by reserve(). */
+    reservationId?: string;
+    /** Fallback key; pair with userId to scope across tenants. */
+    runId?: string;
+    userId?: string;
+}
+declare class PostgresMeteringStore {
+    private db;
+    constructor(db: PostgresJsDatabase);
+    /** Idempotently create a grant keyed by (userId, reason). */
+    grantOnce(input: GrantOnceInput): Promise<{
+        created: boolean;
+    }>;
+    /**
+     * Credit a purchase exactly once GLOBALLY per order id. The order id is the
+     * primary key, so a webhook retry or a delivery misrouted to a different user
+     * can never double-credit. A per-order advisory lock serializes this against
+     * revokePurchase so a refund that arrives BEFORE order_created (out-of-order
+     * delivery) leaves a 'refunded' tombstone that blocks this grant — the user
+     * never keeps credits for a refunded order. Returns `granted: false` when the
+     * order was already processed or has been refunded.
+     */
+    grantPurchaseOnce(input: {
+        orderId: string;
+        userId: string;
+        amountMicros: number;
+        source?: string;
+        storeId?: string;
+        testMode?: boolean;
+        currency?: string;
+        variantId?: string;
+    }): Promise<{
+        granted: boolean;
+    }>;
+    /**
+     * Revoke a refunded/disputed purchase. Under the same per-order advisory lock
+     * as grantPurchaseOnce, supports repeated PARTIAL refunds:
+     *  - `refundFraction` is the cumulative fraction of the order (by money) that
+     *    has been refunded — i.e. LS `refunded_amount / total` (both tax-inclusive),
+     *    which maps the refund onto the same basis as the credited amount. The
+     *    revoked credits = round(creditedMicros × fraction), capped at credited.
+     *    The method debits only the delta since the last refund. Omit (undefined)
+     *    for a full refund of the entire credited amount.
+     *  - granted order  → debit the delta, track cumulative `refunded_micros`, and
+     *    mark 'refunded' once fully revoked; returns revoked=true when a debit was
+     *    posted.
+     *  - not yet seen   → write a 'refunded' tombstone so a later order_created
+     *    cannot grant; returns revoked=false (nothing was credited yet).
+     *  - already fully refunded / no new delta → no-op; returns revoked=false.
+     */
+    revokePurchase(orderId: string, opts?: {
+        refundFraction?: number;
+        source?: string;
+        allowTombstone?: boolean;
+        expectedStoreId?: string;
+        expectedTestMode?: boolean;
+        expectedCurrency?: string;
+    }): Promise<{
+        revoked: boolean;
+    }>;
+    /**
+     * Insert a refund debit idempotently by id. If the id already exists (manual
+     * repair / corrupted retry), VERIFY the existing row is the same debit (user +
+     * amount) — throw on mismatch so a caller never records a refund the balance was
+     * not actually debited for. Returns true iff a new debit row was written.
+     */
+    private insertVerifiedLedgerDebit;
+    /** Total billed micros already recorded for a run (for fallback top-up so a
+     * partial-success run isn't charged the hold ON TOP of its real usage). */
+    billedMicrosForRun(userId: string, runId: string): Promise<number>;
+    /** Total billed micros for a specific RESERVATION (run attempt). Preferred over
+     * billedMicrosForRun for fallback top-up: runId is reused on client-nonce
+     * replay, so summing by runId would count a prior attempt's billing and let a
+     * later reusing attempt settle free. */
+    billedMicrosForReservation(userId: string, reservationId: string): Promise<number>;
+    /** Durably record that an ACTIVE reservation must be charged the fallback hold if
+     * it expires, BEFORE attempting the actual fallback charge. Committed on its own so
+     * the intent survives a subsequent failed charge write — the expiry sweep then
+     * charges a marked reservation even with zero billed rows (no free started run on a
+     * brief finalization-time DB outage). Idempotent; a no-op on a non-active row. */
+    markReservationFallbackCharge(userId: string, reservationId: string): Promise<void>;
+    getBalance(userId: string, now?: Date): Promise<MeteringBalance>;
+    /** Most-recent credit ledger for the account activity view: grants/purchases
+     * (positive) merged with usage/refund/fallback debits (negative), newest first,
+     * scoped to the user and capped at `limit` (clamped 1..50). Descriptions are
+     * generic/sanitized; zero-amount usage rows (zero-token) are omitted as noise. */
+    listLedger(userId: string, limit: number): Promise<CreditLedgerEntry[]>;
+    /**
+     * Reserve credit for a run. Serialized per user (advisory transaction
+     * lock) so concurrent reservations cannot jointly overdraw. Idempotent per
+     * runId: re-reserving while a reservation is still active returns the
+     * existing reservation instead of double-holding. Throws
+     * InsufficientCreditError when the available balance is below
+     * minAvailableMicros (default: the reservation amount itself).
+     */
+    reserve(input: ReserveInput, now?: Date): Promise<ReserveResult>;
+    /** Idempotent ledger insert; returns whether a new row was written. Serialized
+     * under the user's advisory lock so a positive debit is ordered with that user's
+     * reserve()/expiry: a debit that pushes the balance below the floor is visible to a
+     * concurrent reserve (which then waits and is refused), keeping the documented
+     * "overshoot → next run refused" boundary even for over-budget/misrouted runs. */
+    recordUsage(input: RecordUsageInput): Promise<RecordUsageResult>;
+    /**
+     * Finish a reservation. Settling also recovers reservations that expired
+     * before a delayed settlement retry, so charged usage never leaves a
+     * reservation dangling. Releasing only touches active rows. Idempotent:
+     * repeat calls are no-ops.
+     *
+     * A runId may have more than one row (an expired row plus a fresh active
+     * retry), so the runId fallback resolves to the single newest matching row
+     * — a settle never flips both the dead and the live reservation together.
+     */
+    finishReservation(input: FinishReservationInput, status: ReservationFinalStatus): Promise<{
+        updated: boolean;
+    }>;
+    /** Expire stale active reservations without charging. Returns the count. */
+    expireStaleReservations(now?: Date): Promise<number>;
+    /**
+     * Expire one user's stale active reservations under the SINGLE charge-aware
+     * policy. CALLER MUST already hold pg_advisory_xact_lock(hashtext(userId)).
+     * A reservation that reached TTL without an explicit settle/release had a failed
+     * finalization: if it has POSITIVE billed usage (`billedTotal > 0`) OR carries the
+     * durable `charge_on_expire` marker, the run did chargeable work, so top it up to
+     * the hold (idempotent) rather than free it; a reservation with only zero-billed
+     * rows and no marker is a non-billable/pre-execution abandon and is freed (so a
+     * user who closed the tab isn't over-charged).
+     */
+    private expireUserStaleReservations;
+    private computeBalance;
+    private sumGrants;
+    private sumUsage;
+    private sumActiveReservations;
+}
+
+export { type CreditLedgerEntry as C, type FinishReservationInput as F, type GrantOnceInput as G, InsufficientCreditError as I, type MeteringBalance as M, PostgresMeteringStore as P, type RecordUsageInput as R, type RecordUsageResult as a, type ReservationFinalStatus as b, type ReserveInput as c, type ReserveResult as d, type RunMigrationsOptions as e, runMigrations as r };

package/dist/app/front/index.d.ts

@@ -10,16 +10,28 @@ interface ChatFirstPublicShellOptions {
         eyebrow?: string;
         title?: string;
         description?: string;
+        footer?: ReactNode;
     };
     suggestions?: ChatSuggestion[];
+    /**
+     * Hand-drawn "Your agent" / "Your remote computer" annotations point at the
+     * composer and the workspace surface to teach the empty public shell. Apps
+     * that open a center panel on load (e.g. a landing page) should disable them,
+     * otherwise the fixed-position arrows overlay the open panel. Defaults to on.
+     */
+    showTeachingArrows?: boolean;
 }
 
 type ChatEntryMode = 'auth-first' | 'chat-first';
-interface CoreWorkspaceAgentFrontProps<TSession extends WorkspaceAgentSession = WorkspaceAgentSession> extends Omit<WorkspaceAgentFrontProps<TSession>, 'workspaceId' | 'frontPluginHotReload' | 'hotReloadEnabled'> {
+type RoutedWorkspaceAgentProps<TSession extends WorkspaceAgentSession = WorkspaceAgentSession> = Omit<WorkspaceAgentFrontProps<TSession>, 'workspaceId' | 'frontPluginHotReload' | 'hotReloadEnabled'>;
+interface CoreWorkspaceAgentFrontProps<TSession extends WorkspaceAgentSession = WorkspaceAgentSession> extends RoutedWorkspaceAgentProps<TSession> {
     /** Core consumes plugins statically for now; app-level hot reload is explicitly unsupported. */
     hotReload?: false;
     chatEntryMode?: ChatEntryMode;
     chatFirstPublicShell?: ChatFirstPublicShellOptions;
+    /** Extra workspace props used only by the unauthenticated chat-first public shell. */
+    chatFirstPublicWorkspaceProps?: Partial<RoutedWorkspaceAgentProps<TSession>>;
+    publicPaths?: string[];
     authPages?: CoreFrontAuthPagesOverride;
     cspNonce?: string;
     children?: ReactNode;
@@ -29,6 +41,207 @@ interface CoreWorkspaceAgentFrontProps<TSession extends WorkspaceAgentSession =
     loadingFallback?: ReactNode;
     bootPreloadPaths?: string[];
 }
-declare function CoreWorkspaceAgentFront<TSession extends WorkspaceAgentSession = WorkspaceAgentSession>({ authPages, cspNonce, children, workspaceRoute, workspaceIdParam, workspaceHref, loadingFallback, bootPreloadPaths, topBarLeft, topBarRight, appTitle, bridgeEndpoint, hotReload, chatEntryMode, chatFirstPublicShell, ...workspaceProps }: CoreWorkspaceAgentFrontProps<TSession>): react_jsx_runtime.JSX.Element;
+/** Default top-bar right content. Exported so apps can compose extra widgets
+ * (e.g. a credit balance badge) alongside the user menu. */
+declare function DefaultTopBarRight(): react_jsx_runtime.JSX.Element;
+declare function CoreWorkspaceAgentFront<TSession extends WorkspaceAgentSession = WorkspaceAgentSession>({ authPages, cspNonce, children, workspaceRoute, workspaceIdParam, workspaceHref, loadingFallback, bootPreloadPaths, topBarLeft, topBarRight, appTitle, bridgeEndpoint, hotReload, chatEntryMode, chatFirstPublicShell, chatFirstPublicWorkspaceProps, publicPaths, ...workspaceProps }: CoreWorkspaceAgentFrontProps<TSession>): react_jsx_runtime.JSX.Element;
 
-export { type ChatFirstPublicShellOptions, CoreWorkspaceAgentFront, type CoreWorkspaceAgentFrontProps };
+interface CreditBalanceBadgeProps {
+    /** Base URL for the credits API (default: same origin). */
+    apiBaseUrl?: string;
+    /** Fallback enable for the add-credits action. The server's `checkoutEnabled`
+     * (from /api/credits/balance) takes precedence when present. */
+    buyEnabled?: boolean;
+    /** Poll interval for the balance, ms (default 30s). */
+    pollMs?: number;
+    locale?: string;
+}
+/**
+ * Top-bar credit balance: a DISCRETE remaining-balance figure plus a small "+" button.
+ * Clicking "+" opens a popover of fixed top-up amounts (Anthropic-style); picking one starts
+ * the server-created checkout and opens it. Polls `/api/credits/balance`; hides itself when
+ * credits are disabled or the user is unauthenticated.
+ */
+declare function CreditBalanceBadge({ apiBaseUrl, buyEnabled, pollMs, locale, }: CreditBalanceBadgeProps): react_jsx_runtime.JSX.Element | null;
+
+interface CreditsSettingsPanelProps {
+    /** Base URL for the credits API (default: same origin). */
+    apiBaseUrl?: string;
+    locale?: string;
+}
+/**
+ * Account-settings "Billing & credits" panel: current balance (+ debt/low notices,
+ * staleness), a pack picker → checkout, and a lazy-loaded recent-activity list.
+ * Renders nothing when credits are disabled or the user is unauthenticated.
+ */
+declare function CreditsSettingsPanel({ apiBaseUrl, locale }: CreditsSettingsPanelProps): react_jsx_runtime.JSX.Element | null;
+
+/** Front-end helpers for the credit balance badge + buy-credits flow. */
+/** Display-ready credit pack (server-authored). The client never infers price from
+ * the id and never sees the provider's price/variant id. */
+interface CreditPack {
+    id: string;
+    creditMicros: number;
+    /** Price in the currency's minor unit (e.g. cents). For a custom pack, the MINIMUM. */
+    priceMinor: number;
+    currency: string;
+    label: string;
+    isDefault: boolean;
+    /** Pay-what-you-want pack: the buyer enters the amount on the hosted checkout, so
+     * `creditMicros` is 0 here and `priceMinor` is the minimum. The picker shows an
+     * "enter amount" option instead of a fixed price. */
+    custom?: boolean;
+}
+interface CreditBalanceResponse {
+    enabled: boolean;
+    userId: string;
+    grantedMicros: number;
+    usedMicros: number;
+    remainingMicros: number;
+    activeReservedMicros: number;
+    availableMicros: number;
+    /** Amount owed when the ledger went negative (e.g. refund of spent credits). */
+    debtMicros: number;
+    /** Server truth: whether the Buy-credits checkout is wired (avoids client drift). */
+    checkoutEnabled?: boolean;
+    /** Display-ready packs (present only when checkout is wired). */
+    packs?: CreditPack[];
+    currency: 'credits';
+}
+type CreditLedgerKind = 'grant' | 'purchase' | 'usage' | 'refund' | 'fallback';
+/** One credit-activity row (mirrors the server `CreditLedgerEntry`). `amountMicros`
+ * is signed: positive = added, negative = consumed/removed. */
+interface CreditLedgerEntry {
+    id: string;
+    kind: CreditLedgerKind;
+    amountMicros: number;
+    createdAt: string;
+    description: string;
+}
+/** Format SIGNED credit micros as a currency string with an explicit +/− sign.
+ * `currency` is the configured display currency (1 credit-unit = 1 major unit); defaults
+ * to EUR for callers without a configured purchase currency. */
+declare function formatSignedCreditMicros(micros: number, currency?: string, locale?: string): string;
+/** Format a minor-unit price (e.g. cents) in its currency for pack labels/buttons. */
+declare function formatMinorPrice(priceMinor: number, currency: string, locale?: string): string;
+/** Format credit micros as a currency string. 1 credit-unit = 1 major unit of the
+ * configured display `currency` (µ/1e6). Defaults to EUR for callers without a
+ * configured purchase currency (e.g. a consumption-only deployment). */
+declare function formatCreditMicros(micros: number, currency?: string, locale?: string): string;
+/** True when the remaining balance is at or below the low-balance threshold. */
+declare function isLowBalance(micros: number, thresholdMicros?: number): boolean;
+/** Stable server error code for an out-of-credits rejection (mirrors the agent's
+ * ErrorCode enum). Kept here so the credits feature owns the credit↔code mapping
+ * and the agent stays billing-agnostic. */
+declare const PAYMENT_REQUIRED_ERROR_CODE = "PAYMENT_REQUIRED";
+/** True when a run-rejected notice was an out-of-credits rejection. Hosts use this
+ * in renderNoticeAction to decide whether to show the Buy-credits CTA. */
+declare function isPaymentRequiredNotice(notice: {
+    errorCode?: string;
+}): boolean;
+
+/** Window event other code can dispatch to force an immediate balance refetch —
+ * e.g. the chat dispatching `window.dispatchEvent(new Event(CREDITS_REFRESH_EVENT))`
+ * when a run finishes, so the balance updates without waiting for the poll. */
+declare const CREDITS_REFRESH_EVENT = "credits:refresh";
+interface UseCreditBalanceOptions {
+    /** Base URL for the credits API (default: same origin). */
+    apiBaseUrl?: string;
+    /** Poll interval for the balance, ms (default 30s). */
+    pollMs?: number;
+    /** Credit pack id to purchase (server maps it to a Lemon Squeezy variant). */
+    pack?: string;
+}
+interface UseCreditBalanceResult {
+    /** Latest balance, or null before the first successful load. */
+    balance: CreditBalanceResponse | null;
+    /** True when credits are disabled or the user is unauthenticated (UI should hide). */
+    hidden: boolean;
+    /** Set when a balance fetch failed (network/server) before a successful load; null
+     * otherwise. Lets a consumer show an error state rather than an endless spinner. */
+    error: string | null;
+    /** Refetch the balance now. */
+    refresh: () => Promise<void>;
+    /** Refetch now, then a short backoff burst (~15s) — credit writes settle
+     * asynchronously after a run/purchase, so a single refetch can read a stale value.
+     * Concurrent bursts are deduped (a new call restarts the window). */
+    refreshWithRetry: () => void;
+    /** Start a Lemon Squeezy checkout (server creates it, sets the buyer id from the
+     * session) and open it in a new tab. Resolves to an error message on failure.
+     * Pass a pack id to buy a specific pack. */
+    buy: (pack?: string) => Promise<string | null>;
+    /** True while a checkout request is in flight. */
+    buying: boolean;
+    /** Epoch ms of the last successful balance read (null before first load). */
+    lastUpdatedAt: number | null;
+    /** True while a refresh (incl. a retry burst) is in flight. */
+    updating: boolean;
+}
+/**
+ * Shared credit-balance state for the top-bar badge and the settings panel:
+ * polls `/api/credits/balance`, refetches on window focus and on the
+ * `credits:refresh` event, and exposes a server-side checkout action. The buyer
+ * id is set SERVER-side (POST /api/credits/checkout) so the client never supplies it.
+ */
+declare function useCreditBalance({ apiBaseUrl, pollMs, pack, }?: UseCreditBalanceOptions): UseCreditBalanceResult;
+
+interface UseCreditHistoryResult {
+    entries: CreditLedgerEntry[] | null;
+    loading: boolean;
+    error: boolean;
+    /** Fetch (or refetch) the activity. Call lazily, e.g. when the section expands. */
+    load: () => Promise<void>;
+}
+/**
+ * Lazy loader for the account credit-activity list (`GET /api/credits/history`).
+ * Does NOT fetch on mount — call `load()` when the section is opened. `entries` is
+ * null until the first load; `[]` means "no activity yet".
+ */
+declare function useCreditHistory(apiBaseUrl?: string, limit?: number): UseCreditHistoryResult;
+
+type CheckoutReturnStatus = 'idle' | 'checking' | 'confirmed' | 'processing' | 'cancelled';
+interface UseCheckoutReturnHandlerOptions {
+    apiBaseUrl?: string;
+    /** Query param name the LS redirect uses (default 'checkout'). */
+    param?: string;
+}
+interface UseCheckoutReturnHandlerResult {
+    status: CheckoutReturnStatus;
+    dismiss: () => void;
+}
+/**
+ * Handle the return from a Lemon Squeezy hosted checkout. The URL marker (`?checkout=
+ * return|success|cancelled`) is NOT treated as proof of payment — on a return we poll
+ * the AUTHENTICATED balance and only show success once it actually increases (credits
+ * settle asynchronously via the webhook). The marker is stripped immediately so a reload
+ * can't replay it, and a `credits:refresh` event + BroadcastChannel signal refresh any
+ * other open app tab. Returns the status for a small banner to render.
+ */
+declare function useCheckoutReturnHandler({ apiBaseUrl, param }?: UseCheckoutReturnHandlerOptions): UseCheckoutReturnHandlerResult;
+
+interface CheckoutReturnBannerProps {
+    apiBaseUrl?: string;
+    /** Query param the LS redirect uses (default 'checkout'). */
+    param?: string;
+}
+/**
+ * Renders the post-checkout return state (see useCheckoutReturnHandler). Mount it once
+ * near the app root. It NEVER claims success from the URL — only after the server
+ * balance actually increases. ARIA-live so the status is announced. Self-hides when idle.
+ */
+declare function CheckoutReturnBanner({ apiBaseUrl, param }: CheckoutReturnBannerProps): react_jsx_runtime.JSX.Element | null;
+
+interface BuyCreditsNoticeActionProps {
+    /** Base URL for the credits API (default: same origin). */
+    apiBaseUrl?: string;
+    label?: string;
+}
+/**
+ * Inline "Buy credits" action for a PAYMENT_REQUIRED run-rejected notice. Self-contained:
+ * starts a server-created checkout (the buyer id is set server-side) on click. Renders
+ * nothing once the server reports checkout is disabled, so it can't dangle a dead button.
+ * Mount it from a host's renderNoticeAction (see isPaymentRequiredNotice).
+ */
+declare function BuyCreditsNoticeAction({ apiBaseUrl, label }: BuyCreditsNoticeActionProps): react_jsx_runtime.JSX.Element | null;
+
+export { BuyCreditsNoticeAction, type BuyCreditsNoticeActionProps, CREDITS_REFRESH_EVENT, type ChatFirstPublicShellOptions, CheckoutReturnBanner, type CheckoutReturnBannerProps, type CheckoutReturnStatus, CoreWorkspaceAgentFront, type CoreWorkspaceAgentFrontProps, CreditBalanceBadge, type CreditBalanceBadgeProps, type CreditBalanceResponse, type CreditLedgerEntry, type CreditLedgerKind, type CreditPack, CreditsSettingsPanel, type CreditsSettingsPanelProps, DefaultTopBarRight, PAYMENT_REQUIRED_ERROR_CODE, type UseCheckoutReturnHandlerResult, type UseCreditBalanceOptions, type UseCreditBalanceResult, type UseCreditHistoryResult, formatCreditMicros, formatMinorPrice, formatSignedCreditMicros, isLowBalance, isPaymentRequiredNotice, useCheckoutReturnHandler, useCreditBalance, useCreditHistory };