@key0ai/key0 0.1.0 → 0.2.0

package/src/integrations/fastify.ts

@@ -3,27 +3,179 @@ import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
 import { createKey0, type Key0Config } from "../factory.js";
 import type { ValidateAccessTokenConfig } from "../middleware.js";
 import { validateToken } from "../middleware.js";
-import { Key0Error } from "../types/index.js";
+import type { X402PaymentRequiredResponse } from "../types/index.js";
+import { CHAIN_CONFIGS, Key0Error } from "../types/index.js";
+import {
+	buildDiscoveryResponse,
+	buildHttpPaymentRequirements,
+	decodePaymentSignature,
+	settlePayment,
+} from "./settlement.js";
 
 /**
- * Fastify plugin that serves the agent card and A2A endpoint.
+ * Fastify plugin that serves the agent card and the unified x402 endpoint.
  *
  * Usage:
  *   fastify.register(key0Plugin, { config, adapter });
+ *
+ * This auto-serves:
+ *   GET  /.well-known/agent.json  — A2A agent card (discovery)
+ *   POST /x402/access             — unified x402 HTTP endpoint
  */
 export async function key0Plugin(fastify: FastifyInstance, opts: Key0Config): Promise<void> {
-	const { requestHandler: _requestHandler, agentCard } = createKey0(opts);
+	const { engine, agentCard } = createKey0(opts);
+	const networkConfig = CHAIN_CONFIGS[opts.config.network];
 
 	// Agent Card
 	fastify.get(`/${AGENT_CARD_PATH}`, async (_request: FastifyRequest, reply: FastifyReply) => {
 		return reply.send(agentCard);
 	});
+	fastify.get("/.well-known/agent.json", async (_request: FastifyRequest, reply: FastifyReply) => {
+		return reply.send(agentCard);
+	});
+
+	// Unified x402 endpoint
+	fastify.post("/x402/access", async (request: FastifyRequest, reply: FastifyReply) => {
+		const startTime = Date.now();
+		try {
+			console.log("\n[x402-access/fastify] ========== NEW REQUEST ==========");
+
+			const body = (request.body as Record<string, unknown>) || {};
+			let planId = body["planId"] as string | undefined;
+			let requestId = body["requestId"] as string | undefined;
+			const resourceId = (body["resourceId"] as string) || "default";
+
+			const paymentSignature = request.headers["payment-signature"] as string | undefined;
+
+			// Extract planId from PAYMENT-SIGNATURE if not in body
+			if (!planId && paymentSignature) {
+				try {
+					const decoded = decodePaymentSignature(paymentSignature);
+					const sigPlanId = decoded.accepted?.extra?.["planId"] as string | undefined;
+					if (sigPlanId) {
+						console.log(
+							`[x402-access/fastify] Extracted planId="${sigPlanId}" from PAYMENT-SIGNATURE`,
+						);
+						planId = sigPlanId;
+					}
+				} catch {
+					// Fall through to discovery
+				}
+			}
+
+			// CASE 1: No planId → 400 pointing to GET /discovery
+			if (!planId) {
+				return reply.code(400).send({
+					error:
+						"Please select a plan from the discovery API response to purchase access. Endpoint: GET /discovery",
+				});
+			}
+
+			// Auto-generate requestId
+			if (!requestId) {
+				requestId = `http-${crypto.randomUUID()}`;
+			}
+
+			// CASE 2: planId, no PAYMENT-SIGNATURE → Challenge
+			if (!paymentSignature) {
+				console.log("[x402-access/fastify] → CASE 2: Challenge 402");
+				const { challengeId } = await engine.requestHttpAccess(requestId, planId, resourceId);
+
+				const requirements: X402PaymentRequiredResponse = buildHttpPaymentRequirements(
+					planId,
+					resourceId,
+					opts.config,
+					networkConfig,
+					{
+						inputSchema: {
+							type: "object",
+							properties: {
+								planId: { type: "string", description: `Tier to purchase. Must be '${planId}'` },
+								requestId: { type: "string", description: "Client-generated UUID for idempotency" },
+								resourceId: { type: "string", description: "Optional resource identifier" },
+							},
+							required: ["planId"],
+						},
+						outputSchema: {
+							type: "object",
+							properties: {
+								accessToken: { type: "string", description: "JWT token for API access" },
+								tokenType: { type: "string", description: "Token type (usually 'Bearer')" },
+								expiresAt: { type: "string", description: "ISO 8601 expiration timestamp" },
+								resourceEndpoint: {
+									type: "string",
+									description: "URL to access the protected resource",
+								},
+								txHash: { type: "string", description: "On-chain transaction hash" },
+								explorerUrl: { type: "string", description: "Blockchain explorer URL" },
+							},
+						},
+						description: `Access to ${resourceId} via ${planId} tier`,
+					},
+				);
+
+				const encoded = Buffer.from(JSON.stringify(requirements)).toString("base64");
+				reply.header("payment-required", encoded);
+				reply.header(
+					"www-authenticate",
+					`Payment realm="${opts.config.agentUrl}", accept="exact", challenge="${challengeId}"`,
+				);
+
+				return reply
+					.code(402)
+					.send({ ...requirements, challengeId, requestId, error: "Payment required" });
+			}
+
+			// CASE 3: planId + PAYMENT-SIGNATURE → Settle
+			console.log("[x402-access/fastify] → CASE 3: Settlement");
+
+			const existingGrant = await engine.preSettlementCheck(requestId);
+			if (existingGrant) {
+				return reply.code(200).send(existingGrant);
+			}
+
+			const paymentPayload = decodePaymentSignature(paymentSignature);
+			const { txHash, settleResponse, payer } = await settlePayment(
+				paymentPayload,
+				opts.config,
+				networkConfig,
+			);
+
+			const grant = await engine.processHttpPayment(
+				requestId,
+				planId,
+				resourceId,
+				txHash,
+				payer as `0x${string}` | undefined,
+			);
+
+			const paymentResponse = Buffer.from(JSON.stringify(settleResponse)).toString("base64");
+			reply.header("payment-response", paymentResponse);
+
+			return reply.code(200).send(grant);
+		} catch (err: unknown) {
+			const elapsed = Date.now() - startTime;
+			console.error(`[x402-access/fastify] Error after ${elapsed}ms:`, err);
+
+			if (err instanceof Key0Error) {
+				if (err.code === "PROOF_ALREADY_REDEEMED" && err.details?.["grant"]) {
+					return reply.code(200).send(err.details["grant"]);
+				}
+				return reply.code(err.httpStatus).send(err.toJSON());
+			}
+
+			return reply.code(500).send({
+				error: "INTERNAL_ERROR",
+				message: err instanceof Error ? err.message : "Internal server error",
+			});
+		} finally {
+			console.log(`[x402-access/fastify] Request completed in ${Date.now() - startTime}ms`);
+		}
+	});
 
-	// A2A endpoint
-	const basePath = opts.config.basePath ?? "/a2a";
-	fastify.post(basePath, async (_request: FastifyRequest, reply: FastifyReply) => {
-		// TODO: Use official A2A Fastify handler when available
-		return reply.code(501).send({ error: "Fastify support pending A2A SDK update" });
+	fastify.get("/discovery", async (_request: FastifyRequest, reply: FastifyReply) => {
+		const discoveryResponse = buildDiscoveryResponse(opts.config, networkConfig);
+		return reply.send({ discoveryResponse });
 	});
 }
 

package/src/integrations/hono.ts

@@ -3,26 +3,182 @@ import { Hono } from "hono";
 import { createKey0, type Key0Config } from "../factory.js";
 import type { ValidateAccessTokenConfig } from "../middleware.js";
 import { validateToken } from "../middleware.js";
-import { Key0Error } from "../types/index.js";
+import type { X402PaymentRequiredResponse } from "../types/index.js";
+import { CHAIN_CONFIGS, Key0Error } from "../types/index.js";
+import {
+	buildDiscoveryResponse,
+	buildHttpPaymentRequirements,
+	decodePaymentSignature,
+	settlePayment,
+} from "./settlement.js";
 
 /**
- * Create a Hono app that serves the agent card and A2A endpoint.
- * Mount it as a sub-app: mainApp.route("/", key0App(opts));
+ * Create a Hono app that serves the agent card and the unified x402 endpoint.
+ *
+ * Usage:
+ *   mainApp.route("/", key0App(opts));
+ *
+ * This auto-serves:
+ *   GET  /.well-known/agent.json  — A2A agent card (discovery)
+ *   POST /x402/access             — unified x402 HTTP endpoint
  */
 export function key0App(opts: Key0Config): Hono {
-	const { requestHandler: _requestHandler, agentCard } = createKey0(opts);
+	const { engine, agentCard } = createKey0(opts);
 	const app = new Hono();
+	const networkConfig = CHAIN_CONFIGS[opts.config.network];
 
+	// Agent Card
 	app.get(`/${AGENT_CARD_PATH}`, (c) => c.json(agentCard));
+	app.get("/.well-known/agent.json", (c) => c.json(agentCard));
 
-	const basePath = opts.config.basePath ?? "/a2a";
-	app.post(basePath, async (c) => {
-		// TODO: Use official A2A Hono handler when available
-		// For now, this is a placeholder or we need to bridge manually.
-		// Since we want clean code, and manual bridging is verbose,
-		// we'll leave this as a basic implementation returning 501 for now
-		// or better, throw an error saying "Use Express integration for A2A support currently".
-		return c.json({ error: "Hono support pending A2A SDK update" }, 501);
+	// Unified x402 endpoint
+	app.post("/x402/access", async (c) => {
+		const startTime = Date.now();
+		try {
+			console.log("\n[x402-access/hono] ========== NEW REQUEST ==========");
+
+			const body = await c.req.json().catch(() => ({}));
+			let { planId, resourceId = "default" } = body as {
+				planId?: string;
+				resourceId?: string;
+			};
+			let { requestId } = body as { requestId?: string };
+
+			const paymentSignature = c.req.header("payment-signature");
+
+			// Extract planId from PAYMENT-SIGNATURE if not in body
+			if (!planId && paymentSignature) {
+				try {
+					const decoded = decodePaymentSignature(paymentSignature);
+					const sigPlanId = decoded.accepted?.extra?.["planId"] as string | undefined;
+					if (sigPlanId) {
+						console.log(
+							`[x402-access/hono] Extracted planId="${sigPlanId}" from PAYMENT-SIGNATURE`,
+						);
+						planId = sigPlanId;
+					}
+				} catch {
+					// Fall through to discovery
+				}
+			}
+
+			// CASE 1: No planId → 400 pointing to GET /discovery
+			if (!planId) {
+				return c.json(
+					{
+						error:
+							"Please select a plan from the discovery API response to purchase access. Endpoint: GET /discovery",
+					},
+					400,
+				);
+			}
+
+			// Auto-generate requestId
+			if (!requestId) {
+				requestId = `http-${crypto.randomUUID()}`;
+			}
+
+			// CASE 2: planId, no PAYMENT-SIGNATURE → Challenge
+			if (!paymentSignature) {
+				console.log("[x402-access/hono] → CASE 2: Challenge 402");
+				const { challengeId } = await engine.requestHttpAccess(requestId, planId, resourceId);
+
+				const requirements: X402PaymentRequiredResponse = buildHttpPaymentRequirements(
+					planId,
+					resourceId,
+					opts.config,
+					networkConfig,
+					{
+						inputSchema: {
+							type: "object",
+							properties: {
+								planId: { type: "string", description: `Tier to purchase. Must be '${planId}'` },
+								requestId: { type: "string", description: "Client-generated UUID for idempotency" },
+								resourceId: { type: "string", description: "Optional resource identifier" },
+							},
+							required: ["planId"],
+						},
+						outputSchema: {
+							type: "object",
+							properties: {
+								accessToken: { type: "string", description: "JWT token for API access" },
+								tokenType: { type: "string", description: "Token type (usually 'Bearer')" },
+								expiresAt: { type: "string", description: "ISO 8601 expiration timestamp" },
+								resourceEndpoint: {
+									type: "string",
+									description: "URL to access the protected resource",
+								},
+								txHash: { type: "string", description: "On-chain transaction hash" },
+								explorerUrl: { type: "string", description: "Blockchain explorer URL" },
+							},
+						},
+						description: `Access to ${resourceId} via ${planId} tier`,
+					},
+				);
+
+				const encoded = Buffer.from(JSON.stringify(requirements)).toString("base64");
+				c.header("payment-required", encoded);
+				c.header(
+					"www-authenticate",
+					`Payment realm="${opts.config.agentUrl}", accept="exact", challenge="${challengeId}"`,
+				);
+
+				return c.json({ ...requirements, challengeId, requestId, error: "Payment required" }, 402);
+			}
+
+			// CASE 3: planId + PAYMENT-SIGNATURE → Settle
+			console.log("[x402-access/hono] → CASE 3: Settlement");
+
+			const existingGrant = await engine.preSettlementCheck(requestId);
+			if (existingGrant) {
+				return c.json(existingGrant, 200);
+			}
+
+			const paymentPayload = decodePaymentSignature(paymentSignature);
+			const { txHash, settleResponse, payer } = await settlePayment(
+				paymentPayload,
+				opts.config,
+				networkConfig,
+			);
+
+			const grant = await engine.processHttpPayment(
+				requestId,
+				planId,
+				resourceId,
+				txHash,
+				payer as `0x${string}` | undefined,
+			);
+
+			const paymentResponse = Buffer.from(JSON.stringify(settleResponse)).toString("base64");
+			c.header("payment-response", paymentResponse);
+
+			return c.json(grant, 200);
+		} catch (err: unknown) {
+			const elapsed = Date.now() - startTime;
+			console.error(`[x402-access/hono] Error after ${elapsed}ms:`, err);
+
+			if (err instanceof Key0Error) {
+				if (err.code === "PROOF_ALREADY_REDEEMED" && err.details?.["grant"]) {
+					return c.json(err.details["grant"], 200);
+				}
+				return c.json(err.toJSON(), err.httpStatus as any);
+			}
+
+			return c.json(
+				{
+					error: "INTERNAL_ERROR",
+					message: err instanceof Error ? err.message : "Internal server error",
+				},
+				500,
+			);
+		} finally {
+			console.log(`[x402-access/hono] Request completed in ${Date.now() - startTime}ms`);
+		}
+	});
+
+	app.get("/discovery", (c) => {
+		const discoveryResponse = buildDiscoveryResponse(opts.config, networkConfig);
+		return c.json({ discoveryResponse });
 	});
 
 	return app;

package/src/integrations/settlement.ts

@@ -111,9 +111,8 @@ export function buildHttpPaymentRequirements(
 		throw new Key0Error("TIER_NOT_FOUND", `Plan "${planId}" not found`, 400);
 	}
 
-	const basePath = config.basePath ?? "/a2a";
 	const baseUrl = config.agentUrl.replace(/\/$/, "");
-	const resourceUrl = `${baseUrl}${basePath}/jsonrpc`;
+	const resourceUrl = `${baseUrl}/x402/access`;
 
 	const amountRaw = parseDollarToUsdcMicro(tier.unitAmount);
 	const network = `eip155:${networkConfig.chainId}`;
@@ -165,7 +164,6 @@ export function buildDiscoveryResponse(
 	config: SellerConfig,
 	networkConfig: NetworkConfig,
 ): X402PaymentRequiredResponse {
-	const _basePath = config.basePath ?? "/a2a";
 	const baseUrl = config.agentUrl.replace(/\/$/, "");
 	const resourceUrl = `${baseUrl}/x402/access`;
 

package/src/types/agent-card.ts

@@ -1,7 +1,12 @@
 export type PaymentProtocol = "x402" | "stripe" | "lightning";
 
-// A2A spec-compliant AgentSkill type
-// See: https://a2a-protocol.org/latest/specification/#44-agent-discovery-objects
+/**
+ * A2A AgentSkill with Key0 extensions.
+ *
+ * Standard A2A fields: id, name, description, tags, examples, inputModes, outputModes, security.
+ * Key0 extensions: endpoint, inputSchema, workflow — these provide machine-readable
+ * metadata for automated agent clients.
+ */
 export type AgentSkill = {
 	readonly id: string;
 	readonly name: string;
@@ -11,6 +16,12 @@ export type AgentSkill = {
 	readonly inputModes?: readonly string[];
 	readonly outputModes?: readonly string[];
 	readonly security?: Record<string, string[]>;
+	/** @key0 Direct endpoint URL and HTTP method for this skill. */
+	readonly endpoint?: { readonly url: string; readonly method: "GET" | "POST" };
+	/** @key0 JSON Schema for the skill's input parameters. */
+	readonly inputSchema?: Record<string, unknown>;
+	/** @key0 Step-by-step workflow instructions for automated clients. */
+	readonly workflow?: readonly string[];
 };
 
 export type AgentInterface = {

package/src/types/config.ts

@@ -83,7 +83,7 @@ export type SellerConfig = {
 	readonly mcp?: boolean | undefined;
 
 	// Customization
-	readonly basePath?: string; // defaults to "/a2a"
+	readonly basePath?: string; // defaults to "/agent"
 	readonly resourceEndpointTemplate?: string; // e.g. "https://api.example.com/photos/{resourceId}"
 
 	// Settlement strategy (optional — defaults to facilitatorUrl mode)

package/dist/integrations/x402-http-middleware.d.ts

@@ -1,15 +0,0 @@
-import type { NextFunction, Request, Response } from "express";
-import type { ChallengeEngine } from "../core/index.js";
-import type { SellerConfig } from "../types/index.js";
-export { buildDiscoveryResponse, buildHttpPaymentRequirements, decodePaymentSignature, settlePayment, settleViaFacilitator, settleViaGasWallet, } from "./settlement.js";
-/**
- * Express middleware that intercepts AccessRequest calls on the JSON-RPC endpoint
- * and implements the x402 HTTP flow for clients that do NOT send X-A2A-Extensions.
- *
- * Routing:
- *   X-A2A-Extensions present → A2A-native client → pass through to A2A JSON-RPC handler
- *   message/send + no payment-signature → HTTP 402 with PaymentRequirements
- *   message/send + payment-signature   → settle → HTTP 200 with AccessGrant
- */
-export declare function createX402HttpMiddleware(engine: ChallengeEngine, config: SellerConfig): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
-//# sourceMappingURL=x402-http-middleware.d.ts.map

package/dist/integrations/x402-http-middleware.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"x402-http-middleware.d.ts","sourceRoot":"","sources":["../../src/integrations/x402-http-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD,OAAO,KAAK,EAGX,YAAY,EAEZ,MAAM,mBAAmB,CAAC;AAgB3B,OAAO,EACN,sBAAsB,EACtB,4BAA4B,EAC5B,sBAAsB,EACtB,aAAa,EACb,oBAAoB,EACpB,kBAAkB,GAClB,MAAM,iBAAiB,CAAC;AAEzB;;;;;;;;GAQG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,IAGvE,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDAwM7D"}

package/dist/integrations/x402-http-middleware.js

@@ -1,171 +0,0 @@
-import { CHAIN_CONFIGS } from "../types/config-shared.js";
-import { Key0Error } from "../types/index.js";
-import { buildDiscoveryResponse as buildDiscoveryResponseImpl, buildHttpPaymentRequirements, decodePaymentSignature, settlePayment, } from "./settlement.js";
-// x402 v2 headers
-const PAYMENT_SIGNATURE_HEADER = "payment-signature";
-const PAYMENT_REQUIRED_HEADER = "payment-required";
-const PAYMENT_RESPONSE_HEADER = "payment-response";
-const X_A2A_EXTENSIONS_HEADER = "x-a2a-extensions";
-// Re-export shared settlement utilities so callers can import from a single place
-export { buildDiscoveryResponse, buildHttpPaymentRequirements, decodePaymentSignature, settlePayment, settleViaFacilitator, settleViaGasWallet, } from "./settlement.js";
-/**
- * Express middleware that intercepts AccessRequest calls on the JSON-RPC endpoint
- * and implements the x402 HTTP flow for clients that do NOT send X-A2A-Extensions.
- *
- * Routing:
- *   X-A2A-Extensions present → A2A-native client → pass through to A2A JSON-RPC handler
- *   message/send + no payment-signature → HTTP 402 with PaymentRequirements
- *   message/send + payment-signature   → settle → HTTP 200 with AccessGrant
- */
-export function createX402HttpMiddleware(engine, config) {
-    const networkConfig = CHAIN_CONFIGS[config.network];
-    return async (req, res, next) => {
-        console.log("\n[x402-http-middleware] ========== NEW REQUEST ==========");
-        console.log("[x402-http-middleware] Method:", req.method);
-        console.log("[x402-http-middleware] Path:", req.path);
-        console.log("[x402-http-middleware] Headers:", JSON.stringify(req.headers, null, 2));
-        // Intercept response to log the body
-        const originalJson = res.json.bind(res);
-        const originalSend = res.send.bind(res);
-        res.json = (body) => {
-            console.log("[x402-http-middleware] Response Status:", res.statusCode);
-            console.log("[x402-http-middleware] Response Body:", JSON.stringify(body, null, 2));
-            return originalJson(body);
-        };
-        res.send = (body) => {
-            console.log("[x402-http-middleware] Response Status:", res.statusCode);
-            console.log("[x402-http-middleware] Response Body:", typeof body === "string" ? body : JSON.stringify(body, null, 2));
-            return originalSend(body);
-        };
-        try {
-            // 1. If X-A2A-Extensions header present, this is an A2A client → pass through
-            const hasA2AExtensions = req.headers[X_A2A_EXTENSIONS_HEADER];
-            console.log(`[x402-http-middleware] X-A2A-Extensions header present: ${!!hasA2AExtensions}`);
-            if (hasA2AExtensions) {
-                console.log("[x402-http-middleware] → Passing through to A2A JSON-RPC handler");
-                return next();
-            }
-            // 2. Parse JSON-RPC body
-            const body = req.body;
-            console.log("[x402-http-middleware] Body:", JSON.stringify(body, null, 2));
-            if (!body || typeof body !== "object") {
-                console.log("[x402-http-middleware] → No valid body, passing through");
-                return next();
-            }
-            // 3. Only intercept message/send
-            console.log(`[x402-http-middleware] Method in body: ${body.method}`);
-            if (body.method !== "message/send") {
-                console.log("[x402-http-middleware] → Not a message/send call, passing through");
-                return next();
-            }
-            // 4. Extract AccessRequest from message parts
-            // Route on tierId presence, not on type field
-            const params = body.params;
-            if (!params || !params.message || !params.message.parts) {
-                console.log("[x402-http-middleware] → No valid message parts, passing through");
-                return next();
-            }
-            let accessRequest = null;
-            console.log(`[x402-http-middleware] Parsing ${params.message.parts.length} message parts...`);
-            for (const part of params.message.parts) {
-                console.log(`[x402-http-middleware] - Part kind: ${part.kind}`);
-                if (part.kind === "data" && part.data && part.data.type === "AccessRequest") {
-                    accessRequest = part.data;
-                    console.log("[x402-http-middleware] ✓ Found AccessRequest data part");
-                    break;
-                }
-                if (part.kind === "text") {
-                    try {
-                        const parsed = JSON.parse(part.text);
-                        if (parsed.type === "AccessRequest") {
-                            accessRequest = parsed;
-                            console.log("[x402-http-middleware] ✓ Found AccessRequest in text part");
-                            break;
-                        }
-                    }
-                    catch {
-                        continue;
-                    }
-                }
-            }
-            if (!accessRequest) {
-                console.log("[x402-http-middleware] → No data found in message parts, passing through");
-                return next();
-            }
-            const resourceId = accessRequest.resourceId || "default";
-            const planId = accessRequest.planId;
-            const requestId = accessRequest.requestId || `http-${crypto.randomUUID()}`;
-            console.log(`[x402-http-middleware] AccessRequest: planId=${planId}, resourceId=${resourceId}, requestId=${requestId}`);
-            // 5a. Discovery case: no planId → return 402 with full product catalog
-            if (!planId) {
-                console.log("[x402-http-middleware] → No planId provided, returning discovery 402");
-                const discoveryResponse = buildDiscoveryResponseImpl(config, networkConfig);
-                const encoded = Buffer.from(JSON.stringify(discoveryResponse)).toString("base64");
-                res.setHeader(PAYMENT_REQUIRED_HEADER, encoded);
-                return res.status(402).json({
-                    ...discoveryResponse,
-                    error: "Payment required",
-                });
-            }
-            // 5b. Check for PAYMENT-SIGNATURE header
-            const paymentSignatureRaw = req.headers[PAYMENT_SIGNATURE_HEADER];
-            console.log(`[x402-http-middleware] PAYMENT-SIGNATURE header present: ${!!paymentSignatureRaw}`);
-            if (!paymentSignatureRaw) {
-                // ===== STEP 1: No payment → create PENDING record and return HTTP 402 =====
-                console.log("[x402-http-middleware] → STEP 1: Issuing 402 challenge");
-                const { challengeId } = await engine.requestHttpAccess(requestId, planId, resourceId);
-                console.log(`[x402-http-middleware] ✓ PENDING record created, challengeId=${challengeId}`);
-                const requirements = buildHttpPaymentRequirements(planId, resourceId, config, networkConfig);
-                console.log("[x402-http-middleware] Payment requirements:", JSON.stringify(requirements, null, 2));
-                const base64Requirements = Buffer.from(JSON.stringify(requirements)).toString("base64");
-                res.setHeader(PAYMENT_REQUIRED_HEADER, base64Requirements);
-                return res.status(402).json({
-                    ...requirements,
-                    challengeId,
-                    error: "PAYMENT-SIGNATURE header is required",
-                });
-            }
-            // ===== STEP 2: Has PAYMENT-SIGNATURE → settle and return access grant =====
-            console.log("[x402-http-middleware] → STEP 2: Processing payment");
-            console.log(`[x402-http-middleware] PAYMENT-SIGNATURE (first 50 chars): ${paymentSignatureRaw.substring(0, 50)}...`);
-            // Pre-settlement check: avoid burning USDC if already delivered/expired/cancelled
-            const existingGrant = await engine.preSettlementCheck(requestId);
-            if (existingGrant) {
-                console.log("[x402-http-middleware] ✓ Already delivered, returning cached grant");
-                return res.status(200).json(existingGrant);
-            }
-            // Decode the header then settle via shared settlement layer
-            const paymentPayload = decodePaymentSignature(paymentSignatureRaw);
-            const { txHash, settleResponse: _settleResponse, payer, } = await settlePayment(paymentPayload, config, networkConfig);
-            console.log(`[x402-http-middleware] ✓ Payment settled, txHash: ${txHash}`);
-            const grant = await engine.processHttpPayment(requestId, planId, resourceId, txHash, payer);
-            console.log("[x402-http-middleware] ✓ Access grant issued:", JSON.stringify(grant, null, 2));
-            const settlementResponse = {
-                success: true,
-                transaction: txHash,
-                network: `eip155:${networkConfig.chainId}`,
-                ...(payer && { payer }),
-            };
-            res.setHeader(PAYMENT_RESPONSE_HEADER, Buffer.from(JSON.stringify(settlementResponse)).toString("base64"));
-            return res.status(200).json(grant);
-        }
-        catch (err) {
-            console.error("[x402-http-middleware] ✗ ERROR:", err);
-            if (err instanceof Key0Error) {
-                // Return the grant directly for PROOF_ALREADY_REDEEMED (status 200)
-                if (err.code === "PROOF_ALREADY_REDEEMED" && err.details?.["grant"]) {
-                    return res.status(200).json(err.details["grant"]);
-                }
-                return res.status(err.httpStatus).json(err.toJSON());
-            }
-            return res.status(500).json({
-                error: "INTERNAL_ERROR",
-                message: err instanceof Error ? err.message : "Internal server error",
-            });
-        }
-        finally {
-            console.log("[x402-http-middleware] ========== REQUEST COMPLETE ==========\n");
-        }
-    };
-}
-//# sourceMappingURL=x402-http-middleware.js.map

package/dist/integrations/x402-http-middleware.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"x402-http-middleware.js","sourceRoot":"","sources":["../../src/integrations/x402-http-middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAO1D,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EACN,sBAAsB,IAAI,0BAA0B,EACpD,4BAA4B,EAC5B,sBAAsB,EACtB,aAAa,GACb,MAAM,iBAAiB,CAAC;AAEzB,kBAAkB;AAClB,MAAM,wBAAwB,GAAG,mBAAmB,CAAC;AACrD,MAAM,uBAAuB,GAAG,kBAAkB,CAAC;AACnD,MAAM,uBAAuB,GAAG,kBAAkB,CAAC;AACnD,MAAM,uBAAuB,GAAG,kBAAkB,CAAC;AAEnD,kFAAkF;AAClF,OAAO,EACN,sBAAsB,EACtB,4BAA4B,EAC5B,sBAAsB,EACtB,aAAa,EACb,oBAAoB,EACpB,kBAAkB,GAClB,MAAM,iBAAiB,CAAC;AAEzB;;;;;;;;GAQG;AACH,MAAM,UAAU,wBAAwB,CAAC,MAAuB,EAAE,MAAoB;IACrF,MAAM,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEpD,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAChE,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAErF,qCAAqC;QACrC,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAExC,GAAG,CAAC,IAAI,GAAG,CAAC,IAAS,EAAE,EAAE;YACxB,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;YACvE,OAAO,CAAC,GAAG,CAAC,uCAAuC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACpF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,GAAG,CAAC,IAAI,GAAG,CAAC,IAAS,EAAE,EAAE;YACxB,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;YACvE,OAAO,CAAC,GAAG,CACV,uCAAuC,EACvC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAC/D,CAAC;YACF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,IAAI,CAAC;YACJ,8EAA8E;YAC9E,MAAM,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC;YAC7F,IAAI,gBAAgB,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;gBAChF,OAAO,IAAI,EAAE,CAAC;YACf,CAAC;YAED,yBAAyB;YACzB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvC,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;gBACvE,OAAO,IAAI,EAAE,CAAC;YACf,CAAC;YAED,iCAAiC;YACjC,OAAO,CAAC,GAAG,CAAC,0CAA0C,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;gBACjF,OAAO,IAAI,EAAE,CAAC;YACf,CAAC;YAED,8CAA8C;YAC9C,8CAA8C;YAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAC3B,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACzD,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;gBAChF,OAAO,IAAI,EAAE,CAAC;YACf,CAAC;YAED,IAAI,aAAa,GAAyB,IAAI,CAAC;YAE/C,OAAO,CAAC,GAAG,CAAC,kCAAkC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,mBAAmB,CAAC,CAAC;YAC9F,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACzC,OAAO,CAAC,GAAG,CAAC,uCAAuC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBAChE,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;oBAC7E,aAAa,GAAG,IAAI,CAAC,IAAqB,CAAC;oBAC3C,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;oBACtE,MAAM;gBACP,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC1B,IAAI,CAAC;wBACJ,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBACrC,IAAI,MAAM,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;4BACrC,aAAa,GAAG,MAAuB,CAAC;4BACxC,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;4BACzE,MAAM;wBACP,CAAC;oBACF,CAAC;oBAAC,MAAM,CAAC;wBACR,SAAS;oBACV,CAAC;gBACF,CAAC;YACF,CAAC;YAED,IAAI,CAAC,aAAa,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;gBACxF,OAAO,IAAI,EAAE,CAAC;YACf,CAAC;YAED,MAAM,UAAU,GAAG,aAAa,CAAC,UAAU,IAAI,SAAS,CAAC;YACzD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;YACpC,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,IAAI,QAAQ,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC3E,OAAO,CAAC,GAAG,CACV,gDAAgD,MAAM,gBAAgB,UAAU,eAAe,SAAS,EAAE,CAC1G,CAAC;YAEF,uEAAuE;YACvE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACb,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAC;gBACpF,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;gBAC5E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAClF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,OAAO,CAAC,CAAC;gBAChD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC3B,GAAG,iBAAiB;oBACpB,KAAK,EAAE,kBAAkB;iBACzB,CAAC,CAAC;YACJ,CAAC;YAED,yCAAyC;YACzC,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,wBAAwB,CAAuB,CAAC;YACxF,OAAO,CAAC,GAAG,CACV,4DAA4D,CAAC,CAAC,mBAAmB,EAAE,CACnF,CAAC;YAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC1B,6EAA6E;gBAC7E,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;gBAEtE,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;gBACtF,OAAO,CAAC,GAAG,CAAC,gEAAgE,WAAW,EAAE,CAAC,CAAC;gBAE3F,MAAM,YAAY,GAAG,4BAA4B,CAChD,MAAM,EACN,UAAU,EACV,MAAM,EACN,aAAa,CACb,CAAC;gBACF,OAAO,CAAC,GAAG,CACV,8CAA8C,EAC9C,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CACrC,CAAC;gBAEF,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACxF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,kBAAkB,CAAC,CAAC;gBAE3D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC3B,GAAG,YAAY;oBACf,WAAW;oBACX,KAAK,EAAE,sCAAsC;iBAC7C,CAAC,CAAC;YACJ,CAAC;YAED,6EAA6E;YAC7E,OAAO,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAC;YACnE,OAAO,CAAC,GAAG,CACV,8DAA8D,mBAAmB,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CACvG,CAAC;YAEF,kFAAkF;YAClF,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YACjE,IAAI,aAAa,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAC;gBAClF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC5C,CAAC;YAED,4DAA4D;YAC5D,MAAM,cAAc,GAAG,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;YACnE,MAAM,EACL,MAAM,EACN,cAAc,EAAE,eAAe,EAC/B,KAAK,GACL,GAAG,MAAM,aAAa,CAAC,cAAc,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;YAE/D,OAAO,CAAC,GAAG,CAAC,qDAAqD,MAAM,EAAE,CAAC,CAAC;YAE3E,MAAM,KAAK,GAAgB,MAAM,MAAM,CAAC,kBAAkB,CACzD,SAAS,EACT,MAAM,EACN,UAAU,EACV,MAAM,EACN,KAAkC,CAClC,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,+CAA+C,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAE7F,MAAM,kBAAkB,GAAuB;gBAC9C,OAAO,EAAE,IAAI;gBACb,WAAW,EAAE,MAAM;gBACnB,OAAO,EAAE,UAAU,aAAa,CAAC,OAAO,EAAE;gBAC1C,GAAG,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,CAAC;aACvB,CAAC;YACF,GAAG,CAAC,SAAS,CACZ,uBAAuB,EACvB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAClE,CAAC;YAEF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACvB,OAAO,CAAC,KAAK,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YACtD,IAAI,GAAG,YAAY,SAAS,EAAE,CAAC;gBAC9B,oEAAoE;gBACpE,IAAI,GAAG,CAAC,IAAI,KAAK,wBAAwB,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;gBACnD,CAAC;gBACD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;YACtD,CAAC;YACD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC3B,KAAK,EAAE,gBAAgB;gBACvB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;aACrE,CAAC,CAAC;QACJ,CAAC;gBAAS,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAChF,CAAC;IACF,CAAC,CAAC;AACH,CAAC"}