npm - @limitless-exchange/sdk - Versions diffs - 1.0.2 → 1.0.4 - Mend

@limitless-exchange/sdk 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1,3 +1,8 @@
+// src/types/api-tokens.ts
+var ScopeTrading = "trading";
+var ScopeAccountCreation = "account_creation";
+var ScopeDelegatedSigning = "delegated_signing";
 // src/types/logger.ts
 var NoOpLogger = class {
   debug() {
@@ -155,6 +160,40 @@ function getContractAddress(contractType, chainId = DEFAULT_CHAIN_ID) {
   return address;
 }
+// src/utils/sdk-tracking.ts
+var SDK_ID = "lmts-sdk-ts";
+function isNodeRuntime() {
+  return typeof process !== "undefined" && !!process.versions?.node;
+}
+function resolveSdkVersion() {
+  if ("1.0.4") {
+    return "1.0.4";
+  }
+  return "0.0.0";
+}
+function resolveRuntimeToken() {
+  if (isNodeRuntime()) {
+    return `node/${process.versions.node}`;
+  }
+  return "runtime/unknown";
+}
+function buildSdkTrackingHeaders() {
+  const sdkVersion = resolveSdkVersion();
+  const headers = {
+    "x-sdk-version": `${SDK_ID}/${sdkVersion}`
+  };
+  if (isNodeRuntime()) {
+    headers["user-agent"] = `${SDK_ID}/${sdkVersion} (${resolveRuntimeToken()})`;
+  }
+  return headers;
+}
+function buildWebSocketTrackingHeaders() {
+  if (!isNodeRuntime()) {
+    return {};
+  }
+  return buildSdkTrackingHeaders();
+}
 // src/api/errors.ts
 var APIError = class _APIError extends Error {
   /**
@@ -227,6 +266,19 @@ var ValidationError = class _ValidationError extends APIError {
   }
 };
+// src/api/hmac.ts
+import { createHmac } from "crypto";
+function buildHMACMessage(timestamp, method, path, body) {
+  return `${timestamp}
+${method.toUpperCase()}
+${path}
+${body}`;
+}
+function computeHMACSignature(secret, timestamp, method, path, body) {
+  const key = Buffer.from(secret, "base64");
+  return createHmac("sha256", key).update(buildHMACMessage(timestamp, method, path, body)).digest("base64");
+}
 // src/api/http.ts
 var HttpClient = class {
   /**
@@ -236,10 +288,14 @@ var HttpClient = class {
    */
   constructor(config = {}) {
     this.apiKey = config.apiKey || process.env.LIMITLESS_API_KEY;
+    this.hmacCredentials = config.hmacCredentials ? {
+      tokenId: config.hmacCredentials.tokenId,
+      secret: config.hmacCredentials.secret
+    } : void 0;
     this.logger = config.logger || new NoOpLogger();
-    if (!this.apiKey) {
+    if (!this.apiKey && !this.hmacCredentials) {
       this.logger.warn(
-        "API key not set. Authenticated endpoints will fail. Set LIMITLESS_API_KEY environment variable or pass apiKey parameter."
+        "Authentication not set. Authenticated endpoints will fail. Set LIMITLESS_API_KEY environment variable, pass apiKey, or configure hmacCredentials."
       );
     }
     const keepAlive = config.keepAlive !== false;
@@ -266,6 +322,7 @@ var HttpClient = class {
       headers: {
         "Content-Type": "application/json",
         Accept: "application/json",
+        ...buildSdkTrackingHeaders(),
         ...config.additionalHeaders
       }
     });
@@ -283,21 +340,42 @@ var HttpClient = class {
    */
   setupInterceptors() {
     this.client.interceptors.request.use(
-      (config) => {
-        if (this.apiKey) {
-          config.headers["X-API-Key"] = this.apiKey;
+      (rawConfig) => {
+        const config = rawConfig;
+        const headers = config.headers || (config.headers = {});
+        const identityToken = config.identityToken;
+        delete headers["X-API-Key"];
+        delete headers["lmts-api-key"];
+        delete headers["lmts-timestamp"];
+        delete headers["lmts-signature"];
+        delete headers.identity;
+        if (identityToken) {
+          headers.identity = `Bearer ${identityToken}`;
+        } else if (this.hmacCredentials) {
+          const requestPath = this.getRequestPath(config);
+          const requestBody = this.getRequestBodyForSignature(config.data);
+          const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+          const signature = computeHMACSignature(
+            this.hmacCredentials.secret,
+            timestamp,
+            config.method || "GET",
+            requestPath,
+            requestBody
+          );
+          headers["lmts-api-key"] = this.hmacCredentials.tokenId;
+          headers["lmts-timestamp"] = timestamp;
+          headers["lmts-signature"] = signature;
+        } else if (this.apiKey) {
+          headers["X-API-Key"] = this.apiKey;
         }
         const fullUrl = `${config.baseURL || ""}${config.url || ""}`;
         const method = config.method?.toUpperCase() || "GET";
-        const logHeaders = { ...config.headers };
-        if (logHeaders["X-API-Key"]) {
-          logHeaders["X-API-Key"] = "***";
-        }
+        const logHeaders = this.maskSensitiveHeaders(headers);
         this.logger.debug(`\u2192 ${method} ${fullUrl}`, {
           headers: logHeaders,
           body: config.data
         });
-        return config;
+        return rawConfig;
       },
       (error) => Promise.reject(error)
     );
@@ -352,6 +430,42 @@ var HttpClient = class {
       }
     );
   }
+  /**
+   * Extracts a human-readable error message from API response payload.
+   * @internal
+   */
+  extractErrorMessage(data, fallback) {
+    if (!data) {
+      return fallback;
+    }
+    if (typeof data === "object") {
+      if (Array.isArray(data.message)) {
+        const messages = data.message.map((err) => {
+          const details = Object.entries(err || {}).filter(([_key, val]) => val !== "" && val !== null && val !== void 0).map(([key, val]) => `${key}: ${val}`).join(", ");
+          return details || JSON.stringify(err);
+        }).filter((msg) => msg.trim() !== "").join(" | ");
+        return messages || data.error || JSON.stringify(data);
+      }
+      return data.message || data.error || data.msg || data.errors && JSON.stringify(data.errors) || JSON.stringify(data);
+    }
+    return String(data);
+  }
+  /**
+   * Creates a typed API error class from status code.
+   * @internal
+   */
+  createTypedApiError(status, message, data, url, method) {
+    if (status === 429) {
+      return new RateLimitError(message, status, data, url, method);
+    }
+    if (status === 401 || status === 403) {
+      return new AuthenticationError(message, status, data, url, method);
+    }
+    if (status === 400) {
+      return new ValidationError(message, status, data, url, method);
+    }
+    return new APIError(message, status, data, url, method);
+  }
   /**
    * Sets the API key for authenticated requests.
    *
@@ -360,12 +474,86 @@ var HttpClient = class {
   setApiKey(apiKey) {
     this.apiKey = apiKey;
   }
+  /**
+   * Returns the configured API key, if any.
+   */
+  getApiKey() {
+    return this.apiKey;
+  }
   /**
    * Clears the API key.
    */
   clearApiKey() {
     this.apiKey = void 0;
   }
+  /**
+   * Sets HMAC credentials for scoped API-token authentication.
+   */
+  setHMACCredentials(credentials) {
+    this.hmacCredentials = {
+      tokenId: credentials.tokenId,
+      secret: credentials.secret
+    };
+  }
+  /**
+   * Clears HMAC credentials.
+   */
+  clearHMACCredentials() {
+    this.hmacCredentials = void 0;
+  }
+  /**
+   * Returns a copy of the configured HMAC credentials, if any.
+   */
+  getHMACCredentials() {
+    if (!this.hmacCredentials) {
+      return void 0;
+    }
+    return {
+      tokenId: this.hmacCredentials.tokenId,
+      secret: this.hmacCredentials.secret
+    };
+  }
+  /**
+   * Returns the logger attached to this HTTP client.
+   */
+  getLogger() {
+    return this.logger;
+  }
+  /**
+   * Returns true when cookie/header-based auth is configured on the underlying client.
+   * This is primarily used for custom authenticated flows that don't use API keys or HMAC.
+   */
+  hasConfiguredHeaderAuth() {
+    const defaultHeaders = this.client.defaults.headers;
+    const candidates = [defaultHeaders?.common, defaultHeaders];
+    for (const headers of candidates) {
+      if (!headers) {
+        continue;
+      }
+      const authValues = [
+        headers.Cookie,
+        headers.cookie,
+        headers.Authorization,
+        headers.authorization,
+        headers.identity
+      ];
+      if (authValues.some((value) => typeof value === "string" && value.trim() !== "")) {
+        return true;
+      }
+    }
+    return false;
+  }
+  /**
+   * Ensures the client has some authenticated transport configured.
+   */
+  requireAuth(operation) {
+    if (this.apiKey || this.hmacCredentials || this.hasConfiguredHeaderAuth()) {
+      return;
+    }
+    throw new Error(
+      `Authentication is required for ${operation}; pass apiKey, hmacCredentials, cookie/auth headers, or set LIMITLESS_API_KEY.`
+    );
+  }
   /**
    * Performs a GET request.
    *
@@ -377,6 +565,38 @@ var HttpClient = class {
     const response = await this.client.get(url, config);
     return response.data;
   }
+  /**
+   * Performs a GET request with identity-token authentication.
+   */
+  async getWithIdentity(url, identityToken, config) {
+    const response = await this.client.get(url, {
+      ...config,
+      identityToken
+    });
+    return response.data;
+  }
+  /**
+   * Performs a GET request and returns raw response metadata.
+   *
+   * @remarks
+   * Use this when callers need access to status code or headers (e.g. redirect `Location`).
+   *
+   * @param url - Request URL
+   * @param config - Additional request configuration
+   * @returns Promise resolving to status, headers, and response data
+   */
+  async getRaw(url, config) {
+    const response = await this.client.get(url, config);
+    if (response.status >= 400) {
+      const message = this.extractErrorMessage(response.data, `Request failed with status ${response.status}`);
+      throw this.createTypedApiError(response.status, message, response.data, url, "GET");
+    }
+    return {
+      status: response.status,
+      headers: response.headers,
+      data: response.data
+    };
+  }
   /**
    * Performs a POST request.
    *
@@ -389,6 +609,36 @@ var HttpClient = class {
     const response = await this.client.post(url, data, config);
     return response.data;
   }
+  /**
+   * Performs a POST request with identity-token authentication.
+   */
+  async postWithIdentity(url, identityToken, data, config) {
+    const response = await this.client.post(url, data, {
+      ...config,
+      identityToken
+    });
+    return response.data;
+  }
+  /**
+   * Performs a POST request with additional per-request headers.
+   */
+  async postWithHeaders(url, data, headers, config) {
+    const response = await this.client.post(url, data, {
+      ...config,
+      headers: {
+        ...config?.headers || {},
+        ...headers || {}
+      }
+    });
+    return response.data;
+  }
+  /**
+   * Performs a PATCH request.
+   */
+  async patch(url, data, config) {
+    const response = await this.client.patch(url, data, config);
+    return response.data;
+  }
   /**
    * Performs a DELETE request.
    *
@@ -411,6 +661,28 @@ var HttpClient = class {
     const response = await this.client.delete(url, deleteConfig);
     return response.data;
   }
+  getRequestPath(config) {
+    const resolved = new URL(config.url || "", config.baseURL || this.client.defaults.baseURL || DEFAULT_API_URL);
+    return `${resolved.pathname}${resolved.search}`;
+  }
+  getRequestBodyForSignature(data) {
+    if (data === void 0 || data === null || data === "") {
+      return "";
+    }
+    if (typeof data === "string") {
+      return data;
+    }
+    return JSON.stringify(data);
+  }
+  maskSensitiveHeaders(headers) {
+    const masked = { ...headers };
+    for (const key of ["X-API-Key", "lmts-api-key", "lmts-timestamp", "lmts-signature", "identity"]) {
+      if (masked[key] !== void 0) {
+        masked[key] = key === "identity" ? "Bearer ***" : "***";
+      }
+    }
+    return masked;
+  }
 };
 // src/api/retry.ts
@@ -594,6 +866,75 @@ var RetryableClient = class {
   }
 };
+// src/api-tokens/service.ts
+var ApiTokenService = class {
+  constructor(httpClient, logger) {
+    this.httpClient = httpClient;
+    this.logger = logger || new NoOpLogger();
+  }
+  async deriveToken(identityToken, input) {
+    if (!identityToken) {
+      throw new Error("Identity token is required for deriveToken");
+    }
+    this.logger.debug("Deriving API token", { scopes: input.scopes, label: input.label });
+    return this.httpClient.postWithIdentity("/auth/api-tokens/derive", identityToken, input);
+  }
+  async listTokens() {
+    this.httpClient.requireAuth("listTokens");
+    return this.httpClient.get("/auth/api-tokens");
+  }
+  async getCapabilities(identityToken) {
+    if (!identityToken) {
+      throw new Error("Identity token is required for getCapabilities");
+    }
+    return this.httpClient.getWithIdentity("/auth/api-tokens/capabilities", identityToken);
+  }
+  async revokeToken(tokenId) {
+    this.httpClient.requireAuth("revokeToken");
+    const response = await this.httpClient.delete(`/auth/api-tokens/${encodeURIComponent(tokenId)}`);
+    return response.message;
+  }
+};
+// src/partner-accounts/service.ts
+var _PartnerAccountService = class _PartnerAccountService {
+  constructor(httpClient, logger) {
+    this.httpClient = httpClient;
+    this.logger = logger || new NoOpLogger();
+  }
+  async createAccount(input, eoaHeaders) {
+    this.httpClient.requireAuth("createPartnerAccount");
+    const serverWalletMode = input.createServerWallet === true;
+    if (!serverWalletMode && !eoaHeaders) {
+      throw new Error("EOA headers are required when createServerWallet is not true");
+    }
+    if (input.displayName && input.displayName.length > _PartnerAccountService.DISPLAY_NAME_MAX_LENGTH) {
+      throw new Error(
+        `displayName must be at most ${_PartnerAccountService.DISPLAY_NAME_MAX_LENGTH} characters`
+      );
+    }
+    this.logger.debug("Creating partner account", {
+      displayName: input.displayName,
+      createServerWallet: input.createServerWallet
+    });
+    const payload = {
+      displayName: input.displayName,
+      createServerWallet: input.createServerWallet
+    };
+    return this.httpClient.postWithHeaders(
+      "/profiles/partner-accounts",
+      payload,
+      eoaHeaders ? {
+        "x-account": eoaHeaders.account,
+        "x-signing-message": eoaHeaders.signingMessage,
+        "x-signature": eoaHeaders.signature
+      } : void 0
+    );
+  }
+};
+_PartnerAccountService.DISPLAY_NAME_MAX_LENGTH = 44;
+var PartnerAccountService = _PartnerAccountService;
 // src/orders/builder.ts
 import { ethers } from "ethers";
 var ZERO_ADDRESS2 = "0x0000000000000000000000000000000000000000";
@@ -882,6 +1223,104 @@ var OrderBuilder = class {
   }
 };
+// src/delegated-orders/service.ts
+var DEFAULT_DELEGATED_FEE_RATE_BPS = 300;
+var DelegatedOrderService = class {
+  constructor(httpClient, logger) {
+    this.httpClient = httpClient;
+    this.logger = logger || new NoOpLogger();
+  }
+  async createOrder(params) {
+    this.httpClient.requireAuth("createDelegatedOrder");
+    if (!Number.isInteger(params.onBehalfOf) || params.onBehalfOf <= 0) {
+      throw new Error("onBehalfOf must be a positive integer");
+    }
+    const feeRateBps = params.feeRateBps && params.feeRateBps > 0 ? params.feeRateBps : DEFAULT_DELEGATED_FEE_RATE_BPS;
+    const builder = new OrderBuilder(ZERO_ADDRESS, feeRateBps);
+    const unsignedOrder = builder.buildOrder(params.args);
+    const payload = {
+      order: {
+        salt: unsignedOrder.salt,
+        maker: unsignedOrder.maker,
+        signer: unsignedOrder.signer,
+        taker: unsignedOrder.taker,
+        tokenId: unsignedOrder.tokenId,
+        makerAmount: unsignedOrder.makerAmount,
+        takerAmount: unsignedOrder.takerAmount,
+        expiration: unsignedOrder.expiration,
+        nonce: unsignedOrder.nonce,
+        feeRateBps: unsignedOrder.feeRateBps,
+        side: unsignedOrder.side,
+        signatureType: 0 /* EOA */,
+        ...unsignedOrder.price !== void 0 ? { price: unsignedOrder.price } : {}
+      },
+      orderType: params.orderType,
+      marketSlug: params.marketSlug,
+      ownerId: params.onBehalfOf,
+      onBehalfOf: params.onBehalfOf
+    };
+    this.logger.debug("Creating delegated order", {
+      marketSlug: params.marketSlug,
+      onBehalfOf: params.onBehalfOf,
+      feeRateBps
+    });
+    return this.httpClient.post("/orders", payload);
+  }
+  async cancel(orderId) {
+    this.httpClient.requireAuth("cancelDelegatedOrder");
+    const response = await this.httpClient.delete(`/orders/${encodeURIComponent(orderId)}`);
+    return response.message;
+  }
+  async cancelOnBehalfOf(orderId, onBehalfOf) {
+    this.httpClient.requireAuth("cancelDelegatedOrder");
+    if (!Number.isInteger(onBehalfOf) || onBehalfOf <= 0) {
+      throw new Error("onBehalfOf must be a positive integer");
+    }
+    const response = await this.httpClient.delete(
+      `/orders/${encodeURIComponent(orderId)}?onBehalfOf=${onBehalfOf}`
+    );
+    return response.message;
+  }
+  async cancelAll(marketSlug) {
+    this.httpClient.requireAuth("cancelAllDelegatedOrders");
+    const response = await this.httpClient.delete(`/orders/all/${encodeURIComponent(marketSlug)}`);
+    return response.message;
+  }
+  async cancelAllOnBehalfOf(marketSlug, onBehalfOf) {
+    this.httpClient.requireAuth("cancelAllDelegatedOrders");
+    if (!Number.isInteger(onBehalfOf) || onBehalfOf <= 0) {
+      throw new Error("onBehalfOf must be a positive integer");
+    }
+    const response = await this.httpClient.delete(
+      `/orders/all/${encodeURIComponent(marketSlug)}?onBehalfOf=${onBehalfOf}`
+    );
+    return response.message;
+  }
+};
+// src/utils/number-flex.ts
+function toFiniteNumber(value) {
+  if (typeof value === "number") {
+    return Number.isFinite(value) ? value : void 0;
+  }
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    if (trimmed.length === 0) {
+      return void 0;
+    }
+    const parsed = Number(trimmed);
+    return Number.isFinite(parsed) ? parsed : void 0;
+  }
+  return void 0;
+}
+function toFiniteInteger(value) {
+  const parsed = toFiniteNumber(value);
+  if (parsed === void 0) {
+    return void 0;
+  }
+  return Number.isSafeInteger(parsed) ? parsed : void 0;
+}
 // src/orders/signer.ts
 var OrderSigner = class {
   /**
@@ -1023,7 +1462,7 @@ var OrderValidationError = class extends Error {
   }
 };
 function isFOKOrder(args) {
-  return "amount" in args;
+  return "makerAmount" in args;
 }
 function validateOrderArgs(args) {
   if (!args.tokenId) {
@@ -1545,9 +1984,14 @@ var OrderClient = class {
       });
       const portfolioFetcher = new PortfolioFetcher(this.httpClient);
       const profile = await portfolioFetcher.getProfile(this.wallet.address);
+      const userId = toFiniteInteger(profile.id);
+      const feeRateBps = toFiniteInteger(profile.rank?.feeRateBps) ?? 300;
+      if (userId === void 0) {
+        throw new Error(`Invalid user profile id: ${profile.id}`);
+      }
       this.cachedUserData = {
-        userId: profile.id,
-        feeRateBps: profile.rank?.feeRateBps || 300
+        userId,
+        feeRateBps
       };
       this.orderBuilder = new OrderBuilder(
         this.wallet.address,
@@ -1659,26 +2103,27 @@ var OrderClient = class {
    * @internal
    */
   transformOrderResponse(apiResponse) {
+    const order = apiResponse.order;
     const cleanOrder = {
       order: {
-        id: apiResponse.order.id,
-        createdAt: apiResponse.order.createdAt,
-        makerAmount: apiResponse.order.makerAmount,
-        takerAmount: apiResponse.order.takerAmount,
-        expiration: apiResponse.order.expiration,
-        signatureType: apiResponse.order.signatureType,
-        salt: apiResponse.order.salt,
-        maker: apiResponse.order.maker,
-        signer: apiResponse.order.signer,
-        taker: apiResponse.order.taker,
-        tokenId: apiResponse.order.tokenId,
-        side: apiResponse.order.side,
-        feeRateBps: apiResponse.order.feeRateBps,
-        nonce: apiResponse.order.nonce,
-        signature: apiResponse.order.signature,
-        orderType: apiResponse.order.orderType,
-        price: apiResponse.order.price,
-        marketId: apiResponse.order.marketId
+        id: order.id,
+        createdAt: order.createdAt,
+        makerAmount: toFiniteNumber(order.makerAmount) ?? order.makerAmount,
+        takerAmount: toFiniteNumber(order.takerAmount) ?? order.takerAmount,
+        expiration: order.expiration,
+        signatureType: order.signatureType,
+        salt: toFiniteInteger(order.salt) ?? order.salt,
+        maker: order.maker,
+        signer: order.signer,
+        taker: order.taker,
+        tokenId: order.tokenId,
+        side: order.side,
+        feeRateBps: order.feeRateBps,
+        nonce: order.nonce,
+        signature: order.signature,
+        orderType: order.orderType,
+        price: order.price === void 0 || order.price === null ? order.price : toFiniteNumber(order.price) ?? order.price,
+        marketId: order.marketId
       }
     };
     if (apiResponse.makerMatches && apiResponse.makerMatches.length > 0) {
@@ -1811,6 +2256,174 @@ var OrderClient = class {
   }
 };
+// src/market-pages/fetcher.ts
+var MAX_REDIRECT_DEPTH = 3;
+var MarketPageFetcher = class {
+  /**
+   * Creates a new market-pages fetcher.
+   *
+   * @param httpClient - HTTP client for API calls
+   * @param logger - Optional logger
+   */
+  constructor(httpClient, logger) {
+    this.httpClient = httpClient;
+    this.logger = logger || new NoOpLogger();
+  }
+  /**
+   * Gets the navigation tree.
+   */
+  async getNavigation() {
+    this.logger.debug("Fetching navigation tree");
+    return this.httpClient.get("/navigation");
+  }
+  /**
+   * Resolves a market page by path.
+   *
+   * @remarks
+   * Handles 301 redirects manually by re-requesting `/market-pages/by-path` with the
+   * redirected path value from `Location` header.
+   */
+  async getMarketPageByPath(path) {
+    return this.getMarketPageByPathInternal(path, 0);
+  }
+  async getMarketPageByPathInternal(path, depth) {
+    const query = new URLSearchParams({ path }).toString();
+    const endpoint = `/market-pages/by-path?${query}`;
+    const requestConfig = {
+      maxRedirects: 0,
+      validateStatus: (status) => status === 200 || status === 301
+    };
+    this.logger.debug("Resolving market page by path", { path, depth });
+    const response = await this.httpClient.getRaw(endpoint, requestConfig);
+    if (response.status === 200) {
+      return response.data;
+    }
+    if (response.status !== 301) {
+      throw new Error(`Unexpected response status: ${response.status}`);
+    }
+    if (depth >= MAX_REDIRECT_DEPTH) {
+      throw new Error(
+        `Too many redirects while resolving market page path '${path}' (max ${MAX_REDIRECT_DEPTH})`
+      );
+    }
+    const locationHeader = response.headers?.location;
+    const location = Array.isArray(locationHeader) ? locationHeader[0] : locationHeader;
+    if (!location || typeof location !== "string") {
+      throw new Error("Redirect response missing valid Location header");
+    }
+    const redirectedPath = this.extractRedirectPath(location);
+    this.logger.info("Following market page redirect", {
+      from: path,
+      to: redirectedPath,
+      depth: depth + 1
+    });
+    return this.getMarketPageByPathInternal(redirectedPath, depth + 1);
+  }
+  extractRedirectPath(location) {
+    const directByPathPrefix = "/market-pages/by-path";
+    if (location.startsWith(directByPathPrefix)) {
+      const url = new URL(location, "https://api.limitless.exchange");
+      const path = url.searchParams.get("path");
+      if (!path) {
+        throw new Error("Redirect location '/market-pages/by-path' is missing required 'path' query parameter");
+      }
+      return path;
+    }
+    if (/^https?:\/\//i.test(location)) {
+      const url = new URL(location);
+      if (url.pathname === directByPathPrefix) {
+        const path = url.searchParams.get("path");
+        if (!path) {
+          throw new Error("Redirect location '/market-pages/by-path' is missing required 'path' query parameter");
+        }
+        return path;
+      }
+      return url.pathname || "/";
+    }
+    return location;
+  }
+  /**
+   * Gets markets for a market page with optional filtering and pagination.
+   */
+  async getMarkets(pageId, params = {}) {
+    if (params.cursor !== void 0 && params.page !== void 0) {
+      throw new Error("Parameters `cursor` and `page` are mutually exclusive");
+    }
+    const query = new URLSearchParams();
+    if (params.page !== void 0) {
+      query.append("page", String(params.page));
+    }
+    if (params.limit !== void 0) {
+      query.append("limit", String(params.limit));
+    }
+    if (params.sort) {
+      query.append("sort", params.sort);
+    }
+    if (params.cursor !== void 0) {
+      query.append("cursor", params.cursor);
+    }
+    if (params.filters) {
+      for (const [key, value] of Object.entries(params.filters)) {
+        if (Array.isArray(value)) {
+          for (const item of value) {
+            query.append(key, this.stringifyFilterValue(item));
+          }
+        } else {
+          query.append(key, this.stringifyFilterValue(value));
+        }
+      }
+    }
+    const queryString = query.toString();
+    const endpoint = `/market-pages/${pageId}/markets${queryString ? `?${queryString}` : ""}`;
+    this.logger.debug("Fetching market-page markets", { pageId, params });
+    const response = await this.httpClient.get(endpoint);
+    const markets = (response.data || []).map((marketData) => new Market(marketData, this.httpClient));
+    if (response.pagination) {
+      return {
+        data: markets,
+        pagination: response.pagination
+      };
+    }
+    if (response.cursor) {
+      return {
+        data: markets,
+        cursor: response.cursor
+      };
+    }
+    throw new Error("Invalid market-page response: expected `pagination` or `cursor` metadata");
+  }
+  /**
+   * Lists all property keys with options.
+   */
+  async getPropertyKeys() {
+    return this.httpClient.get("/property-keys");
+  }
+  /**
+   * Gets a single property key by ID.
+   */
+  async getPropertyKey(id) {
+    return this.httpClient.get(`/property-keys/${id}`);
+  }
+  /**
+   * Lists options for a property key, optionally filtered by parent option ID.
+   */
+  async getPropertyOptions(keyId, parentId) {
+    const query = new URLSearchParams();
+    if (parentId) {
+      query.append("parentId", parentId);
+    }
+    const queryString = query.toString();
+    const endpoint = `/property-keys/${keyId}/options${queryString ? `?${queryString}` : ""}`;
+    return this.httpClient.get(endpoint);
+  }
+  stringifyFilterValue(value) {
+    if (typeof value === "boolean") {
+      return value ? "true" : "false";
+    }
+    return String(value);
+  }
+};
 // src/websocket/client.ts
 import { io } from "socket.io-client";
 var WebSocketClient = class {
@@ -1829,6 +2442,7 @@ var WebSocketClient = class {
     this.config = {
       url: config.url || DEFAULT_WS_URL,
       apiKey: config.apiKey || process.env.LIMITLESS_API_KEY || "",
+      hmacCredentials: config.hmacCredentials,
       autoReconnect: config.autoReconnect ?? true,
       reconnectDelay: config.reconnectDelay || 1e3,
       maxReconnectAttempts: config.maxReconnectAttempts || Infinity,
@@ -1868,6 +2482,32 @@ var WebSocketClient = class {
       this.reconnectWithNewAuth();
     }
   }
+  /**
+   * Sets HMAC credentials for authenticated subscriptions.
+   *
+   * @remarks
+   * When configured alongside `apiKey`, this client uses HMAC headers for authenticated subscriptions.
+   */
+  setHMACCredentials(hmacCredentials) {
+    this.config.hmacCredentials = {
+      tokenId: hmacCredentials.tokenId,
+      secret: hmacCredentials.secret
+    };
+    if (this.socket?.connected) {
+      this.logger.info("HMAC credentials updated, reconnecting...");
+      this.reconnectWithNewAuth();
+    }
+  }
+  /**
+   * Clears HMAC credentials.
+   */
+  clearHMACCredentials() {
+    this.config.hmacCredentials = void 0;
+    if (this.socket?.connected) {
+      this.logger.info("HMAC credentials cleared, reconnecting...");
+      this.reconnectWithNewAuth();
+    }
+  }
   /**
    * Reconnects with new authentication credentials.
    * @internal
@@ -1913,10 +2553,29 @@ var WebSocketClient = class {
         // Add jitter to prevent thundering herd
         timeout: this.config.timeout
       };
-      if (this.config.apiKey) {
+      const extraHeaders = buildWebSocketTrackingHeaders();
+      if (this.config.hmacCredentials) {
+        const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+        const signature = computeHMACSignature(
+          this.config.hmacCredentials.secret,
+          timestamp,
+          "GET",
+          "/socket.io/?EIO=4&transport=websocket",
+          ""
+        );
+        socketOptions.extraHeaders = {
+          ...extraHeaders,
+          "lmts-api-key": this.config.hmacCredentials.tokenId,
+          "lmts-timestamp": timestamp,
+          "lmts-signature": signature
+        };
+      } else if (this.config.apiKey) {
         socketOptions.extraHeaders = {
+          ...extraHeaders,
           "X-API-Key": this.config.apiKey
         };
+      } else if (Object.keys(extraHeaders).length > 0) {
+        socketOptions.extraHeaders = extraHeaders;
       }
       this.socket = io(wsUrl + "/markets", socketOptions);
       this.attachPendingListeners();
@@ -1985,9 +2644,9 @@ var WebSocketClient = class {
       "subscribe_positions",
       "subscribe_transactions"
     ];
-    if (authenticatedChannels.includes(channel) && !this.config.apiKey) {
+    if (authenticatedChannels.includes(channel) && !this.config.apiKey && !this.config.hmacCredentials) {
       throw new Error(
-        `API key is required for '${channel}' subscription. Please provide an API key in the constructor or set LIMITLESS_API_KEY environment variable. You can generate an API key at https://limitless.exchange`
+        `Authentication is required for '${channel}' subscription. Please provide either apiKey or hmacCredentials when creating the WebSocket client.`
       );
     }
     const subscriptionKey = this.getSubscriptionKey(channel, options);
@@ -2181,37 +2840,105 @@ var WebSocketClient = class {
     return key.split(":")[0];
   }
 };
+// src/client.ts
+import { ethers as ethers3 } from "ethers";
+var Client = class _Client {
+  constructor(config = {}) {
+    this.http = new HttpClient(config);
+    const logger = this.http.getLogger?.() || new NoOpLogger();
+    this.markets = new MarketFetcher(this.http, logger);
+    this.portfolio = new PortfolioFetcher(this.http, logger);
+    this.pages = new MarketPageFetcher(this.http, logger);
+    this.apiTokens = new ApiTokenService(this.http, logger);
+    this.partnerAccounts = new PartnerAccountService(this.http, logger);
+    this.delegatedOrders = new DelegatedOrderService(this.http, logger);
+  }
+  /**
+   * Creates a root client around an existing shared HTTP client.
+   */
+  static fromHttpClient(httpClient) {
+    const client = Object.create(_Client.prototype);
+    const logger = httpClient.getLogger?.() || new NoOpLogger();
+    client.http = httpClient;
+    client.markets = new MarketFetcher(httpClient, logger);
+    client.portfolio = new PortfolioFetcher(httpClient, logger);
+    client.pages = new MarketPageFetcher(httpClient, logger);
+    client.apiTokens = new ApiTokenService(httpClient, logger);
+    client.partnerAccounts = new PartnerAccountService(httpClient, logger);
+    client.delegatedOrders = new DelegatedOrderService(httpClient, logger);
+    return client;
+  }
+  /**
+   * Creates a regular EIP-712 order client reusing the shared transport and market cache.
+   */
+  newOrderClient(walletOrPrivateKey, config = {}) {
+    const wallet = typeof walletOrPrivateKey === "string" ? new ethers3.Wallet(walletOrPrivateKey) : walletOrPrivateKey;
+    return new OrderClient({
+      httpClient: this.http,
+      wallet,
+      marketFetcher: this.markets,
+      logger: this.http.getLogger(),
+      ...config
+    });
+  }
+  /**
+   * Creates a WebSocket client reusing shared auth where possible.
+   */
+  newWebSocketClient(config = {}) {
+    return new WebSocketClient(
+      {
+        apiKey: config.apiKey || this.http.getApiKey(),
+        hmacCredentials: config.hmacCredentials || this.http.getHMACCredentials(),
+        ...config
+      },
+      this.http.getLogger()
+    );
+  }
+};
 export {
   APIError,
+  ApiTokenService,
   AuthenticationError,
   BASE_SEPOLIA_CHAIN_ID,
   CONTRACT_ADDRESSES,
+  Client,
   ConsoleLogger,
   DEFAULT_API_URL,
   DEFAULT_CHAIN_ID,
   DEFAULT_WS_URL,
+  DelegatedOrderService,
   HttpClient,
   Market,
   MarketFetcher,
+  MarketPageFetcher,
   NoOpLogger,
   OrderBuilder,
   OrderClient,
   OrderSigner,
   OrderType,
   OrderValidationError,
+  PartnerAccountService,
   PortfolioFetcher,
   RateLimitError,
   RetryConfig,
   RetryableClient,
   SIGNING_MESSAGE_TEMPLATE,
+  ScopeAccountCreation,
+  ScopeDelegatedSigning,
+  ScopeTrading,
   Side,
   SignatureType,
   ValidationError,
   WebSocketClient,
   WebSocketState,
   ZERO_ADDRESS,
+  buildHMACMessage,
+  computeHMACSignature,
   getContractAddress,
   retryOnErrors,
+  toFiniteInteger,
+  toFiniteNumber,
   validateOrderArgs,
   validateSignedOrder,
   validateUnsignedOrder,