@hypawave/sdk 0.3.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/AGENTS.md CHANGED
@@ -91,12 +91,12 @@ For Paths 3a / 3b, there is no SDK — use raw HTTP with pubkey signatures per t
91
91
 
92
92
  ## Non-negotiables
93
93
 
94
- 1. **Preimage is mandatory** for principal settlements. Pay via a wallet that returns the preimage (LND, Core Lightning, LNbits admin key, Alby/NWC, Phoenixd). Consumer wallets like Wallet of Satoshi or Phoenix mobile cannot satisfy this.
94
+ 1. **Preimage is mandatory** for principal settlements. Pay via a wallet that returns the preimage (LND, Core Lightning, LNbits admin key, Alby/NWC, Phoenixd). Consumer wallets like Wallet of Satoshi or Phoenix mobile cannot satisfy this. The wallet also needs **funded outbound liquidity ≥ amount + fees** — a fresh/empty node or "fee-credit" balance can't pay even when total balance ≥ price. For small or test payments, a **custodial wallet over NWC (e.g. Coinos)** skips channel setup entirely — only funding is needed.
95
95
  2. **Confirm before unlocking.** Always submit preimage to the confirm endpoint before requesting file keys or download URLs.
96
96
  3. **Funds flow buyer→seller directly.** Never route principal through any Hypawave endpoint. Only activation fees (small, Hypawave-issued bolt11s) go to Hypawave.
97
97
  4. **Honor `terms_hash`** on Path 3b offers. If the server returns `409 terms_changed`, re-read the offer before paying.
98
98
  5. **Do not invent endpoints.** If a field or path is not in openapi.json, it does not exist.
99
- 6. **Encrypt client-side** for file attachments. AES-256-GCM. Hypawave never sees plaintext.
99
+ 6. **Encrypt client-side** for file attachments. AES-256-GCM. Hypawave never sees plaintext. `storeFile` requires `ciphertext_sha256` (SHA-256 hex of the bytes you upload) — Hypawave verifies + seals it so buyers can verify what they download.
100
100
 
101
101
  ## When you hit something the manual doesn't cover
102
102
 
package/CHANGELOG.md CHANGED
@@ -5,6 +5,31 @@ All notable changes to `@hypawave/sdk` are documented here.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
7
 
8
+ ## [0.4.1]
9
+
10
+ ### Changed
11
+ - Docs only — no API changes. Clarified payer-wallet requirements in `README.md`,
12
+ `AGENTS.md`, and the bundled `skills/hypawave/SKILL.md`: the wallet needs
13
+ **funded outbound liquidity ≥ amount + fees** (a fresh/empty node or Phoenix
14
+ "fee-credit" balance can't pay even when total balance ≥ price), and for small
15
+ or test payments a **custodial wallet over NWC (e.g. Coinos)** avoids channel
16
+ setup entirely — only funding is needed. Mirrors the buyer-wallet guidance in
17
+ `llms.txt`.
18
+
19
+ ## [0.4.0]
20
+
21
+ ### Added
22
+ - `StoreFileParams.ciphertext_sha256` (**required**) — the lowercase-hex SHA-256
23
+ of the exact ciphertext you upload. Hypawave verifies it against the stored
24
+ bytes and seals them at the first bolt11 mint, and returns it at key retrieval
25
+ so buyers can verify downloaded bytes before decrypting (content integrity /
26
+ anti-bait-and-switch).
27
+
28
+ ### Changed
29
+ - `storeFile()` now requires `ciphertext_sha256`. Compute `sha256` over the same
30
+ bytes you PUT to the presigned upload URL and pass it through. Calls without it
31
+ are rejected by the API with `400 validation_error`.
32
+
8
33
  ## [0.3.0]
9
34
 
10
35
  ### Added
package/README.md CHANGED
@@ -44,6 +44,8 @@ This SDK requires **programmable Lightning infrastructure** that exposes the pre
44
44
 
45
45
  - LND, CLN, Alby API, LNbits, NWC, or equivalent
46
46
 
47
+ The wallet also needs **funded outbound liquidity ≥ amount + routing fees** — a fresh/empty node or a "fee-credit" balance (e.g. Phoenix below the channel-open threshold) cannot pay even when total balance ≥ price; only spendable channel liquidity counts. For small or test payments, a **custodial wallet over NWC (e.g. Coinos)** skips channel setup entirely — no liquidity minimum, only funding is needed.
48
+
47
49
  **Consumer wallets (Wallet of Satoshi, Phoenix, etc.) do not reliably expose the preimage and are not suitable for agent integrations.** Files and data will not unlock without a preimage.
48
50
 
49
51
  ## Install
@@ -384,7 +386,7 @@ Additional methods available — see types for full signatures, or [openapi.json
384
386
  - `listInvoices(params?)` — list invoices with filters and pagination
385
387
  - `getPayerReceipt(invoiceId, preimage)` — payer receipt fetch using the Lightning preimage as proof of payment (no API key needed)
386
388
  - `getUploadUrl(params)` — signed URL for encrypted file upload (creator side)
387
- - `storeFile(params)` — register an uploaded file against an invoice
389
+ - `storeFile(params)` — register an uploaded file against an invoice (requires `ciphertext_sha256`: the SHA-256 hex of the bytes you uploaded; Hypawave verifies + seals it so buyers can verify what they download)
388
390
  - `storeFileKey(params)` — register a file's encryption key against an invoice
389
391
 
390
392
  ## Error Handling
package/dist/index.d.mts CHANGED
@@ -108,6 +108,13 @@ interface StoreFileParams {
108
108
  file_name: string;
109
109
  encrypted_file_url: string;
110
110
  iv_hex: string;
111
+ /**
112
+ * Lowercase-hex SHA-256 of the exact ciphertext uploaded to storage. Required.
113
+ * Hypawave verifies it against the stored bytes and seals them at the first
114
+ * bolt11 mint, and returns it at key retrieval so buyers can verify what they
115
+ * download. Compute over the same bytes you PUT to the presigned upload URL.
116
+ */
117
+ ciphertext_sha256: string;
111
118
  key_hash?: string;
112
119
  size?: number;
113
120
  }
package/dist/index.d.ts CHANGED
@@ -108,6 +108,13 @@ interface StoreFileParams {
108
108
  file_name: string;
109
109
  encrypted_file_url: string;
110
110
  iv_hex: string;
111
+ /**
112
+ * Lowercase-hex SHA-256 of the exact ciphertext uploaded to storage. Required.
113
+ * Hypawave verifies it against the stored bytes and seals them at the first
114
+ * bolt11 mint, and returns it at key retrieval so buyers can verify what they
115
+ * download. Compute over the same bytes you PUT to the presigned upload URL.
116
+ */
117
+ ciphertext_sha256: string;
111
118
  key_hash?: string;
112
119
  size?: number;
113
120
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hypawave/sdk",
3
- "version": "0.3.0",
3
+ "version": "0.4.1",
4
4
  "description": "TypeScript SDK for Lightning settlement, preimage proof, and execution unlocks for AI agents.",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -86,12 +86,12 @@ For Paths 3a / 3b, there is no SDK — use raw HTTP with pubkey signatures per t
86
86
 
87
87
  ## Non-negotiables
88
88
 
89
- 1. **Preimage is mandatory** for principal settlements. Pay via a wallet that returns the preimage (LND, Core Lightning, LNbits admin key, Alby/NWC, Phoenixd). Consumer wallets like Wallet of Satoshi or Phoenix mobile cannot satisfy this.
89
+ 1. **Preimage is mandatory** for principal settlements. Pay via a wallet that returns the preimage (LND, Core Lightning, LNbits admin key, Alby/NWC, Phoenixd). Consumer wallets like Wallet of Satoshi or Phoenix mobile cannot satisfy this. The wallet also needs **funded outbound liquidity ≥ amount + fees** — a fresh/empty node or "fee-credit" balance can't pay even when total balance ≥ price. For small or test payments, a **custodial wallet over NWC (e.g. Coinos)** skips channel setup entirely — only funding is needed.
90
90
  2. **Confirm before unlocking.** Always submit preimage to the confirm endpoint before requesting file keys or download URLs.
91
91
  3. **Funds flow buyer→seller directly.** Never route principal through any Hypawave endpoint. Only activation fees (small, Hypawave-issued bolt11s) go to Hypawave.
92
92
  4. **Honor `terms_hash`** on Path 3b offers. If the server returns `409 terms_changed`, re-read the offer before paying.
93
93
  5. **Do not invent endpoints.** If a field or path is not in openapi.json, it does not exist.
94
- 6. **Encrypt client-side** for file attachments. AES-256-GCM. Hypawave never sees plaintext.
94
+ 6. **Encrypt client-side** for file attachments. AES-256-GCM. Hypawave never sees plaintext. `storeFile` requires `ciphertext_sha256` (SHA-256 hex of the bytes you upload) — Hypawave verifies + seals it so buyers can verify what they download.
95
95
 
96
96
  ## When you hit something the manual doesn't cover
97
97