@leashmarket/core 0.1.0

package/dist/receipt/hash.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Synchronous SHA-256 via `@noble/hashes` so receipts can be hashed in
+ * Node, in the browser (Privy buyer), and in workers without depending
+ * on `node:crypto` or async `crypto.subtle`.
+ */
+export declare function requestHash(input: {
+    method: string;
+    url: string;
+    body: string | null;
+    headers?: Record<string, string>;
+}): string;
+export declare function sha256Hex(data: string): string;
+/** Stable JSON stringify with sorted keys (shallow + deep for plain objects). */
+export declare function canonicalJson(value: unknown): string;
+//# sourceMappingURL=hash.d.ts.map

package/dist/receipt/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/receipt/hash.ts"],"names":[],"mappings":"AAGA;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,GAAG,MAAM,CAUT;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED,iFAAiF;AACjF,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAEpD"}

package/dist/receipt/hash.js

@@ -0,0 +1,40 @@
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex, utf8ToBytes } from '@noble/hashes/utils';
+/**
+ * Synchronous SHA-256 via `@noble/hashes` so receipts can be hashed in
+ * Node, in the browser (Privy buyer), and in workers without depending
+ * on `node:crypto` or async `crypto.subtle`.
+ */
+export function requestHash(input) {
+    const parts = [input.method, input.url, input.body ?? ''];
+    if (input.headers) {
+        const keys = Object.keys(input.headers).sort();
+        for (const k of keys) {
+            parts.push(`${k}=${String(input.headers[k])}`);
+        }
+    }
+    const concatenated = `${parts.join('\n')}\n`;
+    return `sha256:${bytesToHex(sha256(utf8ToBytes(concatenated)))}`;
+}
+export function sha256Hex(data) {
+    return bytesToHex(sha256(utf8ToBytes(data)));
+}
+/** Stable JSON stringify with sorted keys (shallow + deep for plain objects). */
+export function canonicalJson(value) {
+    return JSON.stringify(sortKeys(value));
+}
+function sortKeys(value) {
+    if (value === null || typeof value !== 'object') {
+        return value;
+    }
+    if (Array.isArray(value)) {
+        return value.map(sortKeys);
+    }
+    const obj = value;
+    const out = {};
+    for (const k of Object.keys(obj).sort()) {
+        out[k] = sortKeys(obj[k]);
+    }
+    return out;
+}
+//# sourceMappingURL=hash.js.map

package/dist/receipt/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/receipt/hash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAE9D;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,KAK3B;IACC,MAAM,KAAK,GAAa,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACpE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAC/C,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IACD,MAAM,YAAY,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;IAC7C,OAAO,UAAU,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,IAAY;IACpC,OAAO,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,aAAa,CAAC,KAAc;IAC1C,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7B,CAAC;IACD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,MAAM,GAAG,GAA4B,EAAE,CAAC;IACxC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;QACxC,GAAG,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/receipt/verify.d.ts

@@ -0,0 +1,10 @@
+export type VerifyResult = {
+    ok: true;
+    count: number;
+} | {
+    ok: false;
+    nonce: number;
+    reason: string;
+};
+export declare function verifyReceiptChain(lines: string[]): VerifyResult;
+//# sourceMappingURL=verify.d.ts.map

package/dist/receipt/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/receipt/verify.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,YAAY,GACpB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAC3B;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjD,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,YAAY,CA8BhE"}

package/dist/receipt/verify.js

@@ -0,0 +1,36 @@
+import { ReceiptV1Schema } from '@leashmarket/schemas';
+import { computeReceiptHash } from './build.js';
+export function verifyReceiptChain(lines) {
+    let prev = null;
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i]?.trim();
+        if (!line)
+            continue;
+        let parsed;
+        try {
+            parsed = JSON.parse(line);
+        }
+        catch {
+            return { ok: false, nonce: i, reason: 'invalid_json' };
+        }
+        const r = ReceiptV1Schema.safeParse(parsed);
+        if (!r.success) {
+            return { ok: false, nonce: i, reason: 'invalid_schema' };
+        }
+        const rec = r.data;
+        if (rec.nonce !== i) {
+            return { ok: false, nonce: i, reason: 'nonce_mismatch' };
+        }
+        if (rec.prev_receipt_hash !== prev) {
+            return { ok: false, nonce: i, reason: 'prev_hash_mismatch' };
+        }
+        const { receipt_hash, ...rest } = rec;
+        const expected = computeReceiptHash(rest);
+        if (receipt_hash !== expected) {
+            return { ok: false, nonce: i, reason: 'receipt_hash_mismatch' };
+        }
+        prev = rec.receipt_hash;
+    }
+    return { ok: true, count: lines.filter((l) => l.trim()).length };
+}
+//# sourceMappingURL=verify.js.map

package/dist/receipt/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/receipt/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAMhD,MAAM,UAAU,kBAAkB,CAAC,KAAe;IAChD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,IAAI,MAAe,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAY,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;QACzD,CAAC;QACD,MAAM,CAAC,GAAG,eAAe,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;YACf,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QAC3D,CAAC;QACD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC;QACnB,IAAI,GAAG,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QAC3D,CAAC;QACD,IAAI,GAAG,CAAC,iBAAiB,KAAK,IAAI,EAAE,CAAC;YACnC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QAC/D,CAAC;QACD,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,GAAG,CAAC;QACtC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAClE,CAAC;QACD,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC;IAC1B,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;AACnE,CAAC"}

package/dist/tokens/index.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Static registry of well-known SPL token mints used by the Leash UI / CLI
+ * surfaces to enrich raw RPC balances with symbols, decimals, and the
+ * correct token program id. The registry deliberately stays small —
+ * stables + bluechips that are policy-relevant for x402 / agent treasuries.
+ *
+ * For full registry resolution (Token-2022 metadata, Jupiter token list,
+ * etc.) consume an external source; this module covers the common case so
+ * SDK consumers never need to hard-code mint addresses.
+ *
+ * Mainnet and devnet entries are listed separately because devnet stables
+ * are usually faucet-mintable test versions with different mint authorities
+ * than their mainnet counterparts.
+ */
+export declare const TOKEN_PROGRAM_ID = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
+export declare const TOKEN_2022_PROGRAM_ID = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
+export type TokenProgram = 'spl-token' | 'spl-token-2022';
+export type TokenNetwork = 'mainnet' | 'devnet';
+export type KnownToken = {
+    mint: string;
+    symbol: string;
+    name: string;
+    decimals: number;
+    /**
+     * SPL token program owning this mint. Defaults to legacy `spl-token` when
+     * omitted by callers; explicit on every entry below for clarity.
+     */
+    program: TokenProgram;
+    /** True when the token is a USD-pegged stablecoin. */
+    stable: boolean;
+};
+export declare const KNOWN_TOKENS: Record<TokenNetwork, ReadonlyArray<KnownToken>>;
+/** Look up a known token by mint address on a given network. */
+export declare function lookupToken(mint: string, network: TokenNetwork): KnownToken | undefined;
+/**
+ * Symbols of the well-known USD-pegged stablecoins Leash supports for x402
+ * settlement. Restricted to the registry's stable entries so consumers can
+ * pin a typed dropdown without re-deriving the list.
+ */
+export type KnownStableSymbol = 'USDC' | 'USDT' | 'USDG';
+/** All stablecoin tickers we recognise on at least one network. */
+export declare const KNOWN_STABLE_SYMBOLS: ReadonlyArray<KnownStableSymbol>;
+/**
+ * Look up a known token by ticker symbol (case-insensitive) on a given
+ * network. Useful for translating a user-facing currency dropdown into the
+ * underlying mint address required by x402 `AssetAmount` prices.
+ */
+export declare function lookupTokenBySymbol(symbol: string, network: TokenNetwork): KnownToken | undefined;
+/**
+ * Reverse-lookup a currency ticker for an asset mint. Falls back to `'USDC'`
+ * (the v0.1 default settlement currency) when the mint is unknown — buyer
+ * receipts surface a usable label even if the seller advertises a token the
+ * Leash registry hasn't catalogued yet.
+ */
+export declare function currencyForAsset(asset: string | null | undefined, network: TokenNetwork): string;
+/**
+ * Mints we always want to render in a treasury UI even when the agent
+ * holds zero — the headline stables. Other tokens only appear once the
+ * agent actually holds a balance.
+ */
+export declare function pinnedMints(network: TokenNetwork): string[];
+/**
+ * Heuristic mapping of an RPC URL to a logical network bucket. Treats
+ * anything containing `devnet`, `localhost`, or a private-network IP as
+ * devnet; everything else as mainnet.
+ */
+export declare function networkFromRpc(rpc: string): TokenNetwork;
+/**
+ * Resolve the canonical USDC mint for the given network. Used by buyer-kit
+ * pre-flight checks ("does the treasury have enough?") and by UI to seed
+ * default token selectors.
+ */
+export declare function defaultUsdcMint(network: TokenNetwork): KnownToken;
+/**
+ * Look up the SPL token program a known mint lives under (`spl-token` for
+ * legacy or `spl-token-2022` for Token-2022). Tries both networks since
+ * known stable mints are disjoint, so callers don't have to thread the
+ * x402 envelope's CAIP-2 network down through every layer.
+ *
+ * Returns `null` when the mint isn't catalogued — callers should default
+ * to legacy SPL token for back-compat, but this lets surfaces that DO
+ * understand Token-2022 (Pay card, buyer-kit preflight, withdraw flow)
+ * pick the right ATA without hard-coding mints.
+ */
+export declare function tokenProgramForMint(mint: string): TokenProgram | null;
+//# sourceMappingURL=index.d.ts.map

package/dist/tokens/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tokens/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,eAAO,MAAM,gBAAgB,gDAAgD,CAAC;AAC9E,eAAO,MAAM,qBAAqB,gDAAgD,CAAC;AAEnF,MAAM,MAAM,YAAY,GAAG,WAAW,GAAG,gBAAgB,CAAC;AAC1D,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,QAAQ,CAAC;AAEhD,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,OAAO,EAAE,YAAY,CAAC;IACtB,sDAAsD;IACtD,MAAM,EAAE,OAAO,CAAC;CACjB,CAAC;AAwEF,eAAO,MAAM,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,aAAa,CAAC,UAAU,CAAC,CAGxE,CAAC;AAEF,gEAAgE;AAChE,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,GAAG,UAAU,GAAG,SAAS,CAEvF;AAED;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAEzD,mEAAmE;AACnE,eAAO,MAAM,oBAAoB,EAAE,aAAa,CAAC,iBAAiB,CAA4B,CAAC;AAE/F;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,GAAG,UAAU,GAAG,SAAS,CAGjG;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EAAE,OAAO,EAAE,YAAY,GAAG,MAAM,CAGhG;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,MAAM,EAAE,CAE3D;AAED;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,CAExD;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,YAAY,GAAG,UAAU,CAMjE;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CAOrE"}

package/dist/tokens/index.js

@@ -0,0 +1,163 @@
+/**
+ * Static registry of well-known SPL token mints used by the Leash UI / CLI
+ * surfaces to enrich raw RPC balances with symbols, decimals, and the
+ * correct token program id. The registry deliberately stays small —
+ * stables + bluechips that are policy-relevant for x402 / agent treasuries.
+ *
+ * For full registry resolution (Token-2022 metadata, Jupiter token list,
+ * etc.) consume an external source; this module covers the common case so
+ * SDK consumers never need to hard-code mint addresses.
+ *
+ * Mainnet and devnet entries are listed separately because devnet stables
+ * are usually faucet-mintable test versions with different mint authorities
+ * than their mainnet counterparts.
+ */
+export const TOKEN_PROGRAM_ID = 'TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA';
+export const TOKEN_2022_PROGRAM_ID = 'TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb';
+const MAINNET = [
+    {
+        mint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
+        symbol: 'USDC',
+        name: 'USD Coin',
+        decimals: 6,
+        program: 'spl-token',
+        stable: true,
+    },
+    {
+        mint: 'Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB',
+        symbol: 'USDT',
+        name: 'Tether USD',
+        decimals: 6,
+        program: 'spl-token',
+        stable: true,
+    },
+    {
+        mint: '2u1tszSeqZ3qBWF3uNGPFc8TzMk2tdiwknnRMWGWjGWH',
+        symbol: 'USDG',
+        name: 'Global Dollar',
+        decimals: 6,
+        program: 'spl-token-2022',
+        stable: true,
+    },
+    {
+        mint: 'So11111111111111111111111111111111111111112',
+        symbol: 'wSOL',
+        name: 'Wrapped SOL',
+        decimals: 9,
+        program: 'spl-token',
+        stable: false,
+    },
+];
+const DEVNET = [
+    {
+        mint: '4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU',
+        symbol: 'USDC',
+        name: 'USD Coin (devnet)',
+        decimals: 6,
+        program: 'spl-token',
+        stable: true,
+    },
+    {
+        mint: 'EcFc2cMyZxaKBkFK1XooxiyDyCPneLXiMwSJiVY6eTad',
+        symbol: 'USDT',
+        name: 'Tether USD (devnet)',
+        decimals: 6,
+        program: 'spl-token',
+        stable: true,
+    },
+    {
+        mint: '4F6PM96JJxngmHnZLBh9n58RH4aTVNWvDs2nuwrT5BP7',
+        symbol: 'USDG',
+        name: 'Global Dollar (devnet)',
+        decimals: 6,
+        program: 'spl-token-2022',
+        stable: true,
+    },
+    {
+        mint: 'So11111111111111111111111111111111111111112',
+        symbol: 'wSOL',
+        name: 'Wrapped SOL (devnet)',
+        decimals: 9,
+        program: 'spl-token',
+        stable: false,
+    },
+];
+export const KNOWN_TOKENS = {
+    mainnet: MAINNET,
+    devnet: DEVNET,
+};
+/** Look up a known token by mint address on a given network. */
+export function lookupToken(mint, network) {
+    return KNOWN_TOKENS[network].find((t) => t.mint === mint);
+}
+/** All stablecoin tickers we recognise on at least one network. */
+export const KNOWN_STABLE_SYMBOLS = ['USDC', 'USDT', 'USDG'];
+/**
+ * Look up a known token by ticker symbol (case-insensitive) on a given
+ * network. Useful for translating a user-facing currency dropdown into the
+ * underlying mint address required by x402 `AssetAmount` prices.
+ */
+export function lookupTokenBySymbol(symbol, network) {
+    const upper = symbol.trim().toUpperCase();
+    return KNOWN_TOKENS[network].find((t) => t.symbol.toUpperCase() === upper);
+}
+/**
+ * Reverse-lookup a currency ticker for an asset mint. Falls back to `'USDC'`
+ * (the v0.1 default settlement currency) when the mint is unknown — buyer
+ * receipts surface a usable label even if the seller advertises a token the
+ * Leash registry hasn't catalogued yet.
+ */
+export function currencyForAsset(asset, network) {
+    if (!asset)
+        return 'USDC';
+    return lookupToken(asset, network)?.symbol ?? 'USDC';
+}
+/**
+ * Mints we always want to render in a treasury UI even when the agent
+ * holds zero — the headline stables. Other tokens only appear once the
+ * agent actually holds a balance.
+ */
+export function pinnedMints(network) {
+    return KNOWN_TOKENS[network].filter((t) => t.stable).map((t) => t.mint);
+}
+/**
+ * Heuristic mapping of an RPC URL to a logical network bucket. Treats
+ * anything containing `devnet`, `localhost`, or a private-network IP as
+ * devnet; everything else as mainnet.
+ */
+export function networkFromRpc(rpc) {
+    return /devnet|localhost|127\.0\.0\.1/.test(rpc) ? 'devnet' : 'mainnet';
+}
+/**
+ * Resolve the canonical USDC mint for the given network. Used by buyer-kit
+ * pre-flight checks ("does the treasury have enough?") and by UI to seed
+ * default token selectors.
+ */
+export function defaultUsdcMint(network) {
+    const usdc = KNOWN_TOKENS[network].find((t) => t.symbol === 'USDC');
+    if (!usdc) {
+        throw new Error(`No USDC mint registered for network "${network}"`);
+    }
+    return usdc;
+}
+/**
+ * Look up the SPL token program a known mint lives under (`spl-token` for
+ * legacy or `spl-token-2022` for Token-2022). Tries both networks since
+ * known stable mints are disjoint, so callers don't have to thread the
+ * x402 envelope's CAIP-2 network down through every layer.
+ *
+ * Returns `null` when the mint isn't catalogued — callers should default
+ * to legacy SPL token for back-compat, but this lets surfaces that DO
+ * understand Token-2022 (Pay card, buyer-kit preflight, withdraw flow)
+ * pick the right ATA without hard-coding mints.
+ */
+export function tokenProgramForMint(mint) {
+    const trimmed = mint.trim();
+    for (const net of ['mainnet', 'devnet']) {
+        const hit = KNOWN_TOKENS[net].find((t) => t.mint === trimmed);
+        if (hit)
+            return hit.program;
+    }
+    return null;
+}
+//# sourceMappingURL=index.js.map

package/dist/tokens/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tokens/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,6CAA6C,CAAC;AAC9E,MAAM,CAAC,MAAM,qBAAqB,GAAG,6CAA6C,CAAC;AAmBnF,MAAM,OAAO,GAA8B;IACzC;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,gBAAgB;QACzB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,6CAA6C;QACnD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,KAAK;KACd;CACF,CAAC;AAEF,MAAM,MAAM,GAA8B;IACxC;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,8CAA8C;QACpD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,gBAAgB;QACzB,MAAM,EAAE,IAAI;KACb;IACD;QACE,IAAI,EAAE,6CAA6C;QACnD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,KAAK;KACd;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAoD;IAC3E,OAAO,EAAE,OAAO;IAChB,MAAM,EAAE,MAAM;CACf,CAAC;AAEF,gEAAgE;AAChE,MAAM,UAAU,WAAW,CAAC,IAAY,EAAE,OAAqB;IAC7D,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;AAC5D,CAAC;AASD,mEAAmE;AACnE,MAAM,CAAC,MAAM,oBAAoB,GAAqC,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAE/F;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc,EAAE,OAAqB;IACvE,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1C,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,CAAC;AAC7E,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAgC,EAAE,OAAqB;IACtF,IAAI,CAAC,KAAK;QAAE,OAAO,MAAM,CAAC;IAC1B,OAAO,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,MAAM,IAAI,MAAM,CAAC;AACvD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,OAAqB;IAC/C,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;AAC1E,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW;IACxC,OAAO,+BAA+B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;AAC1E,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,OAAqB;IACnD,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,wCAAwC,OAAO,GAAG,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,KAAK,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAU,EAAE,CAAC;QACjD,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;QAC9D,IAAI,GAAG;YAAE,OAAO,GAAG,CAAC,OAAO,CAAC;IAC9B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/treasury/balance.d.ts

@@ -0,0 +1,3 @@
+import type { Connection } from '@solana/web3.js';
+export declare function getSplTokenBalance(connection: Connection, ownerBase58: string, mintBase58: string): Promise<bigint>;
+//# sourceMappingURL=balance.d.ts.map

package/dist/treasury/balance.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"balance.d.ts","sourceRoot":"","sources":["../../src/treasury/balance.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlD,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,MAAM,CAAC,CAUjB"}

package/dist/treasury/balance.js

@@ -0,0 +1,13 @@
+import { PublicKey } from '@solana/web3.js';
+export async function getSplTokenBalance(connection, ownerBase58, mintBase58) {
+    const owner = new PublicKey(ownerBase58);
+    const mint = new PublicKey(mintBase58);
+    const accounts = await connection.getParsedTokenAccountsByOwner(owner, { mint });
+    let sum = 0n;
+    for (const { account } of accounts.value) {
+        const amount = account.data.parsed.info.tokenAmount.amount;
+        sum += BigInt(amount);
+    }
+    return sum;
+}
+//# sourceMappingURL=balance.js.map

package/dist/treasury/balance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"balance.js","sourceRoot":"","sources":["../../src/treasury/balance.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAAsB,EACtB,WAAmB,EACnB,UAAkB;IAElB,MAAM,KAAK,GAAG,IAAI,SAAS,CAAC,WAAW,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,6BAA6B,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACjF,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;QAC3D,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/treasury/inspect-token-account.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Read the live state of a single SPL token account (legacy SPL or
+ * Token-2022) over JSON-RPC and surface the bits Leash cares about for
+ * pre-flight diagnostics: holdings (`amount`), the SPL **delegate**, and the
+ * outstanding **delegated allowance**.
+ *
+ * The raw on-chain layout is parsed by the RPC's `jsonParsed` encoder, so we
+ * never have to ship a base58 / Borsh decoder here. Returns `null` when the
+ * account does not exist (uninitialised ATA) so callers can distinguish
+ * "truly empty" from "missing".
+ *
+ * Used by `@leashmarket/buyer-kit` to reclassify a generic facilitator
+ * `transaction_simulation` failure into a precise
+ * `insufficient_balance` / `insufficient_allowance` / `no_delegate`
+ * verdict on the resulting receipt.
+ */
+export type SplTokenAccountState = {
+    /** The token account address that was inspected. */
+    address: string;
+    /** SPL mint this account holds. */
+    mint: string;
+    /** On-chain owner of the token account (treasury PDA, wallet, etc.). */
+    owner: string;
+    /** Holdings in atomic units (e.g. `5_000_000n` for 5 USDC at 6 decimals). */
+    amount: bigint;
+    /** SPL token decimals as reported by the RPC's parsed encoding. */
+    decimals: number;
+    /** SPL delegate address (the authority approved to spend), or `null`. */
+    delegate: string | null;
+    /** Outstanding allowance in atomic units. `0n` when no delegate is set. */
+    delegatedAmount: bigint;
+    /** Which token program owns this account (matters for instruction encoding). */
+    program: 'spl-token' | 'spl-token-2022' | 'unknown';
+};
+export type InspectSplTokenAccountOptions = {
+    rpcUrl: string;
+    /** The token account address (an ATA, typically). */
+    address: string;
+};
+/**
+ * Returns the parsed state of `address` or `null` if the account does not
+ * exist on-chain. Throws on RPC transport errors (so callers can decide
+ * whether to surface a degraded-mode warning vs. fail open).
+ */
+export declare function inspectSplTokenAccount(opts: InspectSplTokenAccountOptions): Promise<SplTokenAccountState | null>;
+//# sourceMappingURL=inspect-token-account.d.ts.map

package/dist/treasury/inspect-token-account.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inspect-token-account.d.ts","sourceRoot":"","sources":["../../src/treasury/inspect-token-account.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,MAAM,MAAM,oBAAoB,GAAG;IACjC,oDAAoD;IACpD,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,wEAAwE;IACxE,KAAK,EAAE,MAAM,CAAC;IACd,6EAA6E;IAC7E,MAAM,EAAE,MAAM,CAAC;IACf,mEAAmE;IACnE,QAAQ,EAAE,MAAM,CAAC;IACjB,yEAAyE;IACzE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,2EAA2E;IAC3E,eAAe,EAAE,MAAM,CAAC;IACxB,gFAAgF;IAChF,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,SAAS,CAAC;CACrD,CAAC;AAEF,MAAM,MAAM,6BAA6B,GAAG;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,qDAAqD;IACrD,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAoBF;;;;GAIG;AACH,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,6BAA6B,GAClC,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CA2BtC"}

package/dist/treasury/inspect-token-account.js

@@ -0,0 +1,67 @@
+/**
+ * Read the live state of a single SPL token account (legacy SPL or
+ * Token-2022) over JSON-RPC and surface the bits Leash cares about for
+ * pre-flight diagnostics: holdings (`amount`), the SPL **delegate**, and the
+ * outstanding **delegated allowance**.
+ *
+ * The raw on-chain layout is parsed by the RPC's `jsonParsed` encoder, so we
+ * never have to ship a base58 / Borsh decoder here. Returns `null` when the
+ * account does not exist (uninitialised ATA) so callers can distinguish
+ * "truly empty" from "missing".
+ *
+ * Used by `@leashmarket/buyer-kit` to reclassify a generic facilitator
+ * `transaction_simulation` failure into a precise
+ * `insufficient_balance` / `insufficient_allowance` / `no_delegate`
+ * verdict on the resulting receipt.
+ */
+/**
+ * Returns the parsed state of `address` or `null` if the account does not
+ * exist on-chain. Throws on RPC transport errors (so callers can decide
+ * whether to surface a degraded-mode warning vs. fail open).
+ */
+export async function inspectSplTokenAccount(opts) {
+    const result = await rpc(opts.rpcUrl, 'getAccountInfo', [
+        opts.address,
+        { encoding: 'jsonParsed', commitment: 'confirmed' },
+    ]);
+    if (!result.value)
+        return null;
+    const parsed = result.value.data.parsed;
+    // Only token accounts have `parsed.type === 'account'`. Anything else
+    // (mint accounts, plain wallets, etc.) is not what callers asked for.
+    if (parsed.type !== 'account')
+        return null;
+    const info = parsed.info;
+    const programLabel = result.value.data.program === 'spl-token'
+        ? 'spl-token'
+        : result.value.data.program === 'spl-token-2022'
+            ? 'spl-token-2022'
+            : 'unknown';
+    return {
+        address: opts.address,
+        mint: info.mint,
+        owner: info.owner,
+        amount: BigInt(info.tokenAmount.amount),
+        decimals: info.tokenAmount.decimals,
+        delegate: info.delegate ?? null,
+        delegatedAmount: info.delegatedAmount ? BigInt(info.delegatedAmount.amount) : 0n,
+        program: programLabel,
+    };
+}
+async function rpc(rpcUrl, method, params) {
+    const res = await fetch(rpcUrl, {
+        method: 'POST',
+        headers: { 'content-type': 'application/json' },
+        body: JSON.stringify({ jsonrpc: '2.0', id: 1, method, params }),
+        cache: 'no-store',
+    });
+    if (!res.ok)
+        throw new Error(`RPC ${method} HTTP ${res.status}`);
+    const json = (await res.json());
+    if (json.error)
+        throw new Error(`RPC ${method}: ${json.error.message}`);
+    if (json.result === undefined)
+        throw new Error(`RPC ${method}: empty result`);
+    return json.result;
+}
+//# sourceMappingURL=inspect-token-account.js.map

package/dist/treasury/inspect-token-account.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inspect-token-account.js","sourceRoot":"","sources":["../../src/treasury/inspect-token-account.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AA6CH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,IAAmC;IAEnC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAkC,IAAI,CAAC,MAAM,EAAE,gBAAgB,EAAE;QACvF,IAAI,CAAC,OAAO;QACZ,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE;KACpD,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;IACxC,sEAAsE;IACtE,sEAAsE;IACtE,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;IACzB,MAAM,YAAY,GAChB,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,WAAW;QACvC,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,gBAAgB;YAC9C,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,SAAS,CAAC;IAClB,OAAO;QACL,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;QACvC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ;QACnC,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI;QAC/B,eAAe,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;QAChF,OAAO,EAAE,YAAY;KACtB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,GAAG,CAAI,MAAc,EAAE,MAAc,EAAE,MAAiB;IACrE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;QAC9B,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QAC/D,KAAK,EAAE,UAAU;KACkB,CAAC,CAAC;IACvC,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,OAAO,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACjE,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAgD,CAAC;IAC/E,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,OAAO,MAAM,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACxE,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,OAAO,MAAM,gBAAgB,CAAC,CAAC;IAC9E,OAAO,IAAI,CAAC,MAAM,CAAC;AACrB,CAAC"}

package/dist/treasury/list-balances.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Enumerate every SPL token an owner holds (legacy SPL + Token-2022),
+ * enrich with metadata from the {@link KNOWN_TOKENS} registry, and pin
+ * stablecoin entries with zero balance when missing so UI surfaces always
+ * render them.
+ *
+ * This consolidates logic that previously lived in
+ * `apps/playground/app/api/agents/balance/route.ts` and
+ * `apps/playground/app/api/wallet/balance/route.ts`. Calling it from the SDK means
+ * any future Leash surface (CLI, mobile, downstream agents) gets the same
+ * canonical balance shape without re-implementing the RPC plumbing.
+ */
+import { KNOWN_TOKENS, type TokenNetwork } from '../tokens/index.js';
+export type SplTokenBalance = {
+    mint: string;
+    symbol: string | null;
+    name: string | null;
+    decimals: number;
+    /** Atomic integer string (e.g. `"1500000"` for 1.5 USDC). */
+    amount: string;
+    /** UI decimal as a number — best-effort, lossy for very large amounts. */
+    ui: number;
+    program: 'spl-token' | 'spl-token-2022';
+    /** True when the mint is in {@link KNOWN_TOKENS} for the requested network. */
+    known: boolean;
+};
+export type ListSplBalancesOptions = {
+    /** Owner address (a wallet, an agent treasury PDA, etc.). */
+    owner: string;
+    /** Solana RPC endpoint to query. */
+    rpcUrl: string;
+    /** Logical network bucket — controls which mints get pinned. */
+    network: TokenNetwork;
+    /**
+     * If true, include stable-coin mints from {@link KNOWN_TOKENS} with zero
+     * balance when the owner doesn't hold them. Defaults to `true`. Disable
+     * for callers that want a strict on-chain view (e.g. analytics).
+     */
+    pinKnownStables?: boolean;
+};
+export type ListSplBalancesResult = {
+    owner: string;
+    network: TokenNetwork;
+    /** SOL balance as decimal (lossy for large balances; see `lamports`). */
+    sol: number;
+    /** Raw lamport count as a string (lossless). */
+    lamports: string;
+    tokens: SplTokenBalance[];
+};
+/**
+ * Enumerate balances. Tolerates RPC failures on either token program — if
+ * Token-2022 calls fail (some RPCs lag here), the function still returns
+ * legacy SPL balances rather than throwing.
+ */
+export declare function listSplBalances(opts: ListSplBalancesOptions): Promise<ListSplBalancesResult>;
+export { KNOWN_TOKENS };
+//# sourceMappingURL=list-balances.d.ts.map

package/dist/treasury/list-balances.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-balances.d.ts","sourceRoot":"","sources":["../../src/treasury/list-balances.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,YAAY,EAMZ,KAAK,YAAY,EAClB,MAAM,oBAAoB,CAAC;AAE5B,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,MAAM,EAAE,MAAM,CAAC;IACf,0EAA0E;IAC1E,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,WAAW,GAAG,gBAAgB,CAAC;IACxC,+EAA+E;IAC/E,KAAK,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,6DAA6D;IAC7D,KAAK,EAAE,MAAM,CAAC;IACd,oCAAoC;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,gEAAgE;IAChE,OAAO,EAAE,YAAY,CAAC;IACtB;;;;OAIG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,YAAY,CAAC;IACtB,yEAAyE;IACzE,GAAG,EAAE,MAAM,CAAC;IACZ,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,eAAe,EAAE,CAAC;CAC3B,CAAC;AAEF;;;;GAIG;AACH,wBAAsB,eAAe,CACnC,IAAI,EAAE,sBAAsB,GAC3B,OAAO,CAAC,qBAAqB,CAAC,CA6ChC;AAsFD,OAAO,EAAE,YAAY,EAAE,CAAC"}