@miradexio/client 0.1.0

package/dist/address/index.js

@@ -0,0 +1,134 @@
+import { validateBase58Check, validateXrpAddress } from './base58.js';
+import { validateBech32 } from './bech32.js';
+import { validateEvmAddress } from './evm.js';
+import { validateSolanaAddress } from './solana.js';
+import { validateMoneroAddress } from './monero.js';
+import { validateTonAddress } from './ton.js';
+import { validatePolkadotAddress } from './polkadot.js';
+const CHAIN_VALIDATORS = {
+    // BTC: bech32 or base58check — mainnet and testnet
+    bitcoin: (addr) => {
+        if (addr.startsWith('bc1'))
+            return validateBech32(addr, 'bc');
+        if (addr.startsWith('tb1'))
+            return validateBech32(addr, 'tb');
+        // Mainnet: 1..=0x00, 3..=0x05 | Testnet: m/n=0x6f, 2=0xc4
+        return validateBase58Check(addr, [0x00, 0x05, 0x6f, 0xc4]);
+    },
+    // EVM chains — all share EIP-55
+    ethereum: validateEvmAddress,
+    bsc: validateEvmAddress,
+    polygon: validateEvmAddress,
+    arbitrum: validateEvmAddress,
+    avalanche: validateEvmAddress,
+    base: validateEvmAddress,
+    // Litecoin: bech32 (ltc1) or base58check (L=0x30, M=0x32, 3=0x05)
+    litecoin: (addr) => {
+        if (addr.startsWith('ltc1'))
+            return validateBech32(addr, 'ltc');
+        return validateBase58Check(addr, [0x30, 0x32, 0x05]);
+    },
+    // Bitcoin Cash: legacy base58check (same as BTC) or cashaddr
+    bitcoincash: (addr) => {
+        if (addr.startsWith('bitcoincash:') || addr.startsWith('q') || addr.startsWith('p')) {
+            // CashAddr — basic format check (full cashaddr decode is complex)
+            const stripped = addr.replace('bitcoincash:', '');
+            if (/^[qp][0-9a-z]{41}$/.test(stripped))
+                return { valid: true };
+            return { valid: false, reason: 'Invalid cashaddr format' };
+        }
+        return validateBase58Check(addr, [0x00, 0x05]);
+    },
+    solana: validateSolanaAddress,
+    monero: validateMoneroAddress,
+    // Tron: base58check starting with T (version byte 0x41)
+    tron: (addr) => validateBase58Check(addr, [0x41]),
+    ton: validateTonAddress,
+    polkadot: validatePolkadotAddress,
+    // Cosmos: bech32 with "cosmos" HRP
+    cosmos: (addr) => validateBech32(addr, 'cosmos'),
+    // THORChain: bech32 with "thor" HRP
+    thorchain: (addr) => validateBech32(addr, 'thor'),
+    xrp: validateXrpAddress,
+    // Dogecoin: base58check (D=0x1e, 9/A=0x16)
+    dogecoin: (addr) => validateBase58Check(addr, [0x1e, 0x16]),
+    // Dash: base58check (X=0x4c, 7=0x10)
+    dash: (addr) => validateBase58Check(addr, [0x4c, 0x10]),
+    // Zcash: bech32 (zs1) or base58check (t1=0x1cb8, t3=0x1cbd)
+    zcash: (addr) => {
+        if (addr.startsWith('zs1'))
+            return validateBech32(addr, 'zs');
+        // Zcash transparent uses 2-byte version prefixes
+        // t1... = mainnet P2PKH, t3... = mainnet P2SH
+        if (addr.startsWith('t1') || addr.startsWith('t3')) {
+            return validateBase58Check(addr, [0x1c]); // first byte of 2-byte version
+        }
+        return { valid: false, reason: 'Zcash address must start with t1, t3, or zs1' };
+    },
+};
+const TOKEN_TO_CHAIN = {
+    BTC: 'bitcoin',
+    'BTC-LN': 'bitcoin',
+    ETH: 'ethereum',
+    USDT: 'ethereum',
+    USDC: 'ethereum',
+    DAI: 'ethereum',
+    WBTC: 'ethereum',
+    LTC: 'litecoin',
+    BCH: 'bitcoincash',
+    SOL: 'solana',
+    BNB: 'bsc',
+    POL: 'polygon',
+    ARB: 'arbitrum',
+    TRX: 'tron',
+    TON: 'ton',
+    DOT: 'polkadot',
+    AVAX: 'avalanche',
+    ATOM: 'cosmos',
+    XRP: 'xrp',
+    DOGE: 'dogecoin',
+    DASH: 'dash',
+    RUNE: 'thorchain',
+    ZEC: 'zcash',
+    XMR: 'monero',
+};
+/**
+ * Validate a cryptocurrency address for a given token or chain.
+ * Pure function — works identically in Node.js and browser.
+ */
+export function validateAddress(address, tokenOrChain) {
+    if (!address || !address.trim())
+        return { valid: false, reason: 'Address is empty' };
+    const chain = resolveChain(tokenOrChain);
+    const validator = CHAIN_VALIDATORS[chain];
+    if (!validator) {
+        // Unknown chain — accept any non-empty address
+        return { valid: true };
+    }
+    return validator(address.trim());
+}
+export function resolveChain(tokenOrChain) {
+    return TOKEN_TO_CHAIN[tokenOrChain.toUpperCase()] ?? tokenOrChain.toLowerCase();
+}
+export function getSupportedChains() {
+    return Object.keys(CHAIN_VALIDATORS);
+}
+const CHAIN_TO_TOKENS = (() => {
+    const out = {};
+    for (const [token, chain] of Object.entries(TOKEN_TO_CHAIN)) {
+        if (!out[chain])
+            out[chain] = [];
+        out[chain].push(token);
+    }
+    // Base shares stablecoins with Ethereum in practice; surface the common set
+    // so the address book and pickers don't render an empty Tokens column.
+    if (!out['base'])
+        out['base'] = ['ETH', 'USDC'];
+    return out;
+})();
+/** Tokens commonly received on a given chain. Used to populate the
+ *  Tokens column in the address book without per-row tagging. */
+export function tokensForChain(chain) {
+    return CHAIN_TO_TOKENS[resolveChain(chain)] ?? [];
+}
+//# sourceMappingURL=index.js.map

package/dist/address/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/address/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AASxD,MAAM,gBAAgB,GAA8B;IAClD,mDAAmD;IACnD,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;QAChB,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9D,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9D,0DAA0D;QAC1D,OAAO,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,gCAAgC;IAChC,QAAQ,EAAE,kBAAkB;IAC5B,GAAG,EAAE,kBAAkB;IACvB,OAAO,EAAE,kBAAkB;IAC3B,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,kBAAkB;IAC7B,IAAI,EAAE,kBAAkB;IAExB,kEAAkE;IAClE,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE;QACjB,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;YAAE,OAAO,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChE,OAAO,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IACvD,CAAC;IAED,6DAA6D;IAC7D,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE;QACpB,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACpF,kEAAkE;YAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;YAClD,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;YAChE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;QAC7D,CAAC;QACD,OAAO,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,EAAE,qBAAqB;IAC7B,MAAM,EAAE,qBAAqB;IAE7B,wDAAwD;IACxD,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;IAEjD,GAAG,EAAE,kBAAkB;IACvB,QAAQ,EAAE,uBAAuB;IAEjC,mCAAmC;IACnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,EAAE,QAAQ,CAAC;IAEhD,oCAAoC;IACpC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC;IAEjD,GAAG,EAAE,kBAAkB;IAEvB,2CAA2C;IAC3C,QAAQ,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAE3D,qCAAqC;IACrC,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAEvD,4DAA4D;IAC5D,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE;QACd,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9D,iDAAiD;QACjD,8CAA8C;QAC9C,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,OAAO,mBAAmB,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,+BAA+B;QAC3E,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,8CAA8C,EAAE,CAAC;IAClF,CAAC;CACF,CAAC;AAEF,MAAM,cAAc,GAA2B;IAC7C,GAAG,EAAE,SAAS;IACd,QAAQ,EAAE,SAAS;IACnB,GAAG,EAAE,UAAU;IACf,IAAI,EAAE,UAAU;IAChB,IAAI,EAAE,UAAU;IAChB,GAAG,EAAE,UAAU;IACf,IAAI,EAAE,UAAU;IAChB,GAAG,EAAE,UAAU;IACf,GAAG,EAAE,aAAa;IAClB,GAAG,EAAE,QAAQ;IACb,GAAG,EAAE,KAAK;IACV,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,UAAU;IACf,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,KAAK;IACV,GAAG,EAAE,UAAU;IACf,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,QAAQ;IACd,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,UAAU;IAChB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,WAAW;IACjB,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,QAAQ;CACd,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe,EAAE,YAAoB;IACnE,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,EAAE,CAAC;IAErF,MAAM,KAAK,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAE1C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,+CAA+C;QAC/C,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,YAAoB;IAC/C,OAAO,cAAc,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,IAAI,YAAY,CAAC,WAAW,EAAE,CAAC;AAClF,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,OAAO,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,eAAe,GAAsC,CAAC,GAAG,EAAE;IAC/D,MAAM,GAAG,GAA6B,EAAE,CAAC;IACzC,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;QACjC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,4EAA4E;IAC5E,uEAAuE;IACvE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAChD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC,EAAE,CAAC;AAEL;iEACiE;AACjE,MAAM,UAAU,cAAc,CAAC,KAAa;IAC1C,OAAO,eAAe,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;AACpD,CAAC"}

package/dist/address/monero.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Monero address validation.
+ * Standard: 95 chars, starts with 4 (mainnet) or 5 (testnet)
+ * Subaddress: 95 chars, starts with 8 (mainnet) or 7 (testnet)
+ * Integrated: 106 chars, starts with 4 (mainnet)
+ *
+ * Uses Monero's modified base58 which encodes in 8-byte blocks.
+ * We validate format + length rather than full checksum because
+ * Monero base58 is non-standard (no base58check).
+ */
+export declare function validateMoneroAddress(address: string): {
+    valid: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=monero.d.ts.map

package/dist/address/monero.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"monero.d.ts","sourceRoot":"","sources":["../../src/address/monero.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAoB1F"}

package/dist/address/monero.js

@@ -0,0 +1,30 @@
+/**
+ * Monero address validation.
+ * Standard: 95 chars, starts with 4 (mainnet) or 5 (testnet)
+ * Subaddress: 95 chars, starts with 8 (mainnet) or 7 (testnet)
+ * Integrated: 106 chars, starts with 4 (mainnet)
+ *
+ * Uses Monero's modified base58 which encodes in 8-byte blocks.
+ * We validate format + length rather than full checksum because
+ * Monero base58 is non-standard (no base58check).
+ */
+const MONERO_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
+export function validateMoneroAddress(address) {
+    if (address.length !== 95 && address.length !== 106) {
+        return {
+            valid: false,
+            reason: `Monero address must be 95 or 106 characters, got ${address.length}`,
+        };
+    }
+    const first = address[0];
+    if (first !== '4' && first !== '8' && first !== '5' && first !== '7') {
+        return { valid: false, reason: `Must start with 4, 5, 7, or 8, got '${first}'` };
+    }
+    for (const c of address) {
+        if (!MONERO_ALPHABET.includes(c)) {
+            return { valid: false, reason: `Invalid character '${c}'` };
+        }
+    }
+    return { valid: true };
+}
+//# sourceMappingURL=monero.js.map

package/dist/address/monero.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"monero.js","sourceRoot":"","sources":["../../src/address/monero.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,eAAe,GAAG,4DAA4D,CAAC;AAErF,MAAM,UAAU,qBAAqB,CAAC,OAAe;IACnD,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,IAAI,OAAO,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACpD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,oDAAoD,OAAO,CAAC,MAAM,EAAE;SAC7E,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IACzB,IAAI,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,GAAG,EAAE,CAAC;QACrE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,uCAAuC,KAAK,GAAG,EAAE,CAAC;IACnF,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAsB,CAAC,GAAG,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC"}

package/dist/address/polkadot.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Polkadot SS58 address validation.
+ * Format: base58(prefix + pubkey + checksum)
+ * Network 0 = Polkadot mainnet (prefix byte 0x00)
+ */
+export declare function validatePolkadotAddress(address: string): {
+    valid: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=polkadot.d.ts.map

package/dist/address/polkadot.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"polkadot.d.ts","sourceRoot":"","sources":["../../src/address/polkadot.ts"],"names":[],"mappings":"AAKA;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CA8B5F"}

package/dist/address/polkadot.js

@@ -0,0 +1,36 @@
+import { base58 } from '@scure/base';
+import { blake2b } from '@noble/hashes/blake2.js';
+const SS58_PREFIX = new TextEncoder().encode('SS58PRE');
+/**
+ * Polkadot SS58 address validation.
+ * Format: base58(prefix + pubkey + checksum)
+ * Network 0 = Polkadot mainnet (prefix byte 0x00)
+ */
+export function validatePolkadotAddress(address) {
+    if (address.length < 46 || address.length > 48) {
+        return { valid: false, reason: `Expected 46-48 characters, got ${address.length}` };
+    }
+    try {
+        const decoded = base58.decode(address);
+        if (decoded.length < 35) {
+            return { valid: false, reason: 'Decoded data too short' };
+        }
+        const prefixLen = decoded[0] < 64 ? 1 : 2;
+        const pubkey = decoded.slice(prefixLen, prefixLen + 32);
+        const checksum = decoded.slice(prefixLen + 32, prefixLen + 34);
+        // Verify checksum: blake2b(SS58PRE + prefix + pubkey)[0:2]
+        const input = new Uint8Array(SS58_PREFIX.length + prefixLen + 32);
+        input.set(SS58_PREFIX);
+        input.set(decoded.slice(0, prefixLen), SS58_PREFIX.length);
+        input.set(pubkey, SS58_PREFIX.length + prefixLen);
+        const hash = blake2b(input, { dkLen: 64 });
+        if (hash[0] !== checksum[0] || hash[1] !== checksum[1]) {
+            return { valid: false, reason: 'Invalid SS58 checksum' };
+        }
+        return { valid: true };
+    }
+    catch {
+        return { valid: false, reason: 'Invalid SS58 encoding' };
+    }
+}
+//# sourceMappingURL=polkadot.js.map

package/dist/address/polkadot.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"polkadot.js","sourceRoot":"","sources":["../../src/address/polkadot.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAElD,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAExD;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC/C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,kCAAkC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;IACtF,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACxB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,SAAS,GAAG,EAAE,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,GAAG,EAAE,EAAE,SAAS,GAAG,EAAE,CAAC,CAAC;QAE/D,2DAA2D;QAC3D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,MAAM,GAAG,SAAS,GAAG,EAAE,CAAC,CAAC;QAClE,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvB,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3D,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;QAElD,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAC3D,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;IAC3D,CAAC;AACH,CAAC"}

package/dist/address/solana.d.ts

@@ -0,0 +1,5 @@
+export declare function validateSolanaAddress(address: string): {
+    valid: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=solana.d.ts.map

package/dist/address/solana.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"solana.d.ts","sourceRoot":"","sources":["../../src/address/solana.ts"],"names":[],"mappings":"AAEA,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAc1F"}

package/dist/address/solana.js

@@ -0,0 +1,17 @@
+import { base58 } from '@scure/base';
+export function validateSolanaAddress(address) {
+    if (address.length < 32 || address.length > 44) {
+        return { valid: false, reason: 'Solana address must be 32-44 characters' };
+    }
+    try {
+        const decoded = base58.decode(address);
+        if (decoded.length !== 32) {
+            return { valid: false, reason: `Decoded length ${decoded.length}, expected 32 bytes` };
+        }
+        return { valid: true };
+    }
+    catch {
+        return { valid: false, reason: 'Invalid base58 encoding' };
+    }
+}
+//# sourceMappingURL=solana.js.map

package/dist/address/solana.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"solana.js","sourceRoot":"","sources":["../../src/address/solana.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,MAAM,UAAU,qBAAqB,CAAC,OAAe;IACnD,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC/C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,yCAAyC,EAAE,CAAC;IAC7E,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,OAAO,CAAC,MAAM,qBAAqB,EAAE,CAAC;QACzF,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;IAC7D,CAAC;AACH,CAAC"}

package/dist/address/ton.d.ts

@@ -0,0 +1,11 @@
+/**
+ * TON address validation.
+ * Bounceable: EQ + 46 chars base64url
+ * Non-bounceable: UQ + 46 chars base64url
+ * Raw: 0: prefix with hex (rarely used by users)
+ */
+export declare function validateTonAddress(address: string): {
+    valid: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=ton.d.ts.map

package/dist/address/ton.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ton.d.ts","sourceRoot":"","sources":["../../src/address/ton.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAqBvF"}

package/dist/address/ton.js

@@ -0,0 +1,28 @@
+/**
+ * TON address validation.
+ * Bounceable: EQ + 46 chars base64url
+ * Non-bounceable: UQ + 46 chars base64url
+ * Raw: 0: prefix with hex (rarely used by users)
+ */
+export function validateTonAddress(address) {
+    // User-friendly format: EQ/UQ + 46 base64url chars
+    if (/^(EQ|UQ)[A-Za-z0-9_-]{46}$/.test(address)) {
+        try {
+            const b64 = address.slice(2).replace(/-/g, '+').replace(/_/g, '/');
+            const decoded = Buffer.from(b64, 'base64');
+            if (decoded.length !== 34) {
+                return { valid: false, reason: `Decoded length ${decoded.length}, expected 34` };
+            }
+            return { valid: true };
+        }
+        catch {
+            return { valid: false, reason: 'Invalid base64url encoding' };
+        }
+    }
+    // Raw format: 0:hex (64 hex chars)
+    if (/^0:[0-9a-fA-F]{64}$/.test(address)) {
+        return { valid: true };
+    }
+    return { valid: false, reason: 'TON address must start with EQ/UQ (48 chars) or 0: (66 chars)' };
+}
+//# sourceMappingURL=ton.js.map

package/dist/address/ton.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ton.js","sourceRoot":"","sources":["../../src/address/ton.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,mDAAmD;IACnD,IAAI,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;gBAC1B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,OAAO,CAAC,MAAM,eAAe,EAAE,CAAC;YACnF,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QACzB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,4BAA4B,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,IAAI,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACxC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,+DAA+D,EAAE,CAAC;AACnG,CAAC"}

package/dist/api/index.d.ts

@@ -0,0 +1,80 @@
+import type { Logger } from '../interfaces/logger.js';
+import { ApiError, NetworkError } from '../lib/errors.js';
+import type { CreateSwapBody, CreateSwapResponse, LimitsResponse, LiquidityResponse, PowChallenge, ProvidersResponse, QuotesResponse, RateResponse, RecentSwap, SwapAction, SwapActionResponse, SwapDetail, SwapPair, SwapTokenMap, VerifyKeysBody, VerifyKeysResponse } from '../wire/server/index.js';
+export { ApiError, NetworkError };
+export interface ApiClientConfig {
+    readonly baseUrl: string;
+    readonly timeout?: number;
+    readonly maxRetries?: number;
+    readonly retryBaseMs?: number;
+    readonly fetchFn?: typeof globalThis.fetch;
+    readonly logger?: Logger;
+}
+export interface GetQuotesParams {
+    readonly from: string;
+    readonly to: string;
+    readonly amount: string;
+    readonly fromChain?: string;
+    readonly toChain?: string;
+}
+export interface GetRateParams {
+    readonly from: string;
+    readonly to: string;
+    readonly fromChain?: string;
+    readonly toChain?: string;
+}
+export interface GetLimitsParams {
+    readonly from: string;
+    readonly to: string;
+    readonly fromChain?: string;
+    readonly toChain?: string;
+}
+export declare class ApiClient {
+    private readonly baseUrl;
+    private readonly timeout;
+    private readonly maxRetries;
+    private readonly retryBaseMs;
+    private readonly fetchFn;
+    private readonly logger;
+    constructor(config: ApiClientConfig);
+    getTokens(): Promise<SwapTokenMap>;
+    getPairs(): Promise<readonly SwapPair[]>;
+    getQuotes(params: GetQuotesParams): Promise<QuotesResponse>;
+    getRate(params: GetRateParams): Promise<RateResponse>;
+    getLimits(params: GetLimitsParams): Promise<LimitsResponse>;
+    getProviders(): Promise<ProvidersResponse>;
+    getLiquidity(): Promise<LiquidityResponse>;
+    getRecents(): Promise<readonly RecentSwap[]>;
+    getChallenge(): Promise<PowChallenge>;
+    createSwap(body: CreateSwapBody, powHeader?: string): Promise<CreateSwapResponse>;
+    getSwapDetail(id: string): Promise<SwapDetail>;
+    getSwapByFundingAddress(address: string): Promise<SwapDetail | null>;
+    executeAction(swapId: string, action: SwapAction, timeoutMs?: number): Promise<SwapActionResponse>;
+    verifyKeys(keys: VerifyKeysBody): Promise<VerifyKeysResponse>;
+    private buildQuery;
+    private get;
+    private post;
+    /**
+     * `X-Pow-Payload` carries a single-use proof-of-work header that the
+     * server consumes via Redis SETNX in `verifyPowSolution`. If the request
+     * fails after the server has already verified PoW (e.g. simulateSwap
+     * returns 503 because mocknet pools shifted between quote and create),
+     * a transparent retry would resubmit the same header and bounce off
+     * replay protection with `403 challenge already used`. The caller must
+     * fetch a fresh challenge instead. Detect that case and skip the retry
+     * wrapper so the original error surfaces unmodified to the caller.
+     */
+    private hasSingleUseToken;
+    private request;
+    /**
+     * Single attempt: perform the fetch, parse the envelope, classify the result.
+     *
+     * Throw types map to {@link ErrorCategory} via the unified taxonomy:
+     *  - {@link ApiError}('SCHEMA_MISMATCH') → category `protocol`     → fail.
+     *  - {@link ApiError}(status 4xx)        → category `client-*`     → bounded / fatal per status.
+     *  - {@link ApiError}(status 5xx)        → category `server`       → unbounded retry.
+     *  - {@link NetworkError}                 → category `network`      → unbounded retry.
+     */
+    private runOnce;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/api/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/api/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAqB1D,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,kBAAkB,EAClB,UAAU,EACV,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,kBAAkB,EACnB,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;AAElC,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;IAC3C,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA0B;IAClD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;gBAEpB,MAAM,EAAE,eAAe;IAS7B,SAAS,IAAI,OAAO,CAAC,YAAY,CAAC;IAQlC,QAAQ,IAAI,OAAO,CAAC,SAAS,QAAQ,EAAE,CAAC;IAQxC,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC;IAW3D,OAAO,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAUrD,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC;IAU3D,YAAY,IAAI,OAAO,CAAC,iBAAiB,CAAC;IAI1C,YAAY,IAAI,OAAO,CAAC,iBAAiB,CAAC;IAI1C,UAAU,IAAI,OAAO,CAAC,SAAS,UAAU,EAAE,CAAC;IAQ5C,YAAY,IAAI,OAAO,CAAC,YAAY,CAAC;IAIrC,UAAU,CAAC,IAAI,EAAE,cAAc,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAkBjF,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAI9C,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAOpE,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,UAAU,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,kBAAkB,CAAC;IAWxB,UAAU,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAKnE,OAAO,CAAC,UAAU;IAOlB,OAAO,CAAC,GAAG;IAQX,OAAO,CAAC,IAAI;IAUZ;;;;;;;;;OASG;IACH,OAAO,CAAC,iBAAiB;YAKX,OAAO;IA2BrB;;;;;;;;OAQG;YACW,OAAO;CA2EtB"}

package/dist/api/index.js

@@ -0,0 +1,213 @@
+import { z } from 'zod';
+import { noopLogger } from '../interfaces/logger.js';
+import { ApiError, NetworkError } from '../lib/errors.js';
+import { withRetry } from '../lib/retry.js';
+import { apiEnvelopeSchema, createSwapBodySchema, createSwapResponseSchema, limitsResponseSchema, liquidityResponseSchema, powChallengeSchema, providersResponseSchema, quotesResponseSchema, rateResponseSchema, recentSwapSchema, swapActionBodySchema, swapActionResponseSchema, swapDetailSchema, swapPairSchema, swapTokenMapSchema, verifyKeysBodySchema, verifyKeysResponseSchema, } from '../wire/server/index.js';
+// Re-exported for back-compat; canonical definitions live in lib/errors.ts.
+export { ApiError, NetworkError };
+export class ApiClient {
+    baseUrl;
+    timeout;
+    maxRetries;
+    retryBaseMs;
+    fetchFn;
+    logger;
+    constructor(config) {
+        this.baseUrl = config.baseUrl.replace(/\/+$/, '');
+        this.timeout = config.timeout ?? 60_000;
+        this.maxRetries = config.maxRetries ?? 3;
+        this.retryBaseMs = config.retryBaseMs ?? 500;
+        this.fetchFn = config.fetchFn ?? globalThis.fetch.bind(globalThis);
+        this.logger = config.logger ?? noopLogger;
+    }
+    async getTokens() {
+        const { tokens } = await this.get('/api/v1/swap/tokens', z.object({ tokens: swapTokenMapSchema }));
+        return tokens;
+    }
+    async getPairs() {
+        const { pairs } = await this.get('/api/v1/swap/pairs', z.object({ pairs: z.array(swapPairSchema) }));
+        return pairs;
+    }
+    async getQuotes(params) {
+        const qs = this.buildQuery({
+            from: params.from,
+            to: params.to,
+            amount: params.amount,
+            fromChain: params.fromChain,
+            toChain: params.toChain,
+        });
+        return this.get(`/api/v1/swap/quotes?${qs}`, quotesResponseSchema);
+    }
+    async getRate(params) {
+        const qs = this.buildQuery({
+            from: params.from,
+            to: params.to,
+            fromChain: params.fromChain,
+            toChain: params.toChain,
+        });
+        return this.get(`/api/v1/swap/rate?${qs}`, rateResponseSchema);
+    }
+    async getLimits(params) {
+        const qs = this.buildQuery({
+            from: params.from,
+            to: params.to,
+            fromChain: params.fromChain,
+            toChain: params.toChain,
+        });
+        return this.get(`/api/v1/swap/limits?${qs}`, limitsResponseSchema);
+    }
+    async getProviders() {
+        return this.get('/api/v1/swap/providers', providersResponseSchema);
+    }
+    async getLiquidity() {
+        return this.get('/api/v1/swap/liquidity', liquidityResponseSchema);
+    }
+    async getRecents() {
+        const { recents } = await this.get('/api/v1/swap/recents', z.object({ recents: z.array(recentSwapSchema) }));
+        return recents;
+    }
+    async getChallenge() {
+        return this.get('/api/v1/pow/challenge', powChallengeSchema);
+    }
+    async createSwap(body, powHeader) {
+        const validBody = createSwapBodySchema.parse(body);
+        // Swap creation is the slowest end-to-end path: server submits the
+        // proof-of-work check, registers the THORChain memo (≥1 broadcast +
+        // poll for reference assignment), and round-trips to the engine. 15-25 s
+        // is typical; pathological cases (memo retries, slow upstream) can push
+        // toward a minute. Use a 2 min ceiling instead of the API client's
+        // generic 60 s default so the user doesn't see a spurious timeout
+        // while a real swap is mid-flight.
+        return this.post('/api/v1/swap/new', createSwapResponseSchema, validBody, powHeader ? { 'X-Pow-Payload': powHeader } : undefined, 120_000);
+    }
+    async getSwapDetail(id) {
+        return this.get(`/api/v1/swap/${encodeURIComponent(id)}`, swapDetailSchema);
+    }
+    async getSwapByFundingAddress(address) {
+        return this.get(`/api/v1/swap/get-id/${encodeURIComponent(address)}`, swapDetailSchema.nullable());
+    }
+    async executeAction(swapId, action, timeoutMs) {
+        const validBody = swapActionBodySchema.parse(action);
+        return this.post(`/api/v1/swap/${encodeURIComponent(swapId)}/action`, swapActionResponseSchema, validBody, undefined, timeoutMs);
+    }
+    async verifyKeys(keys) {
+        const validBody = verifyKeysBodySchema.parse(keys);
+        return this.post('/api/v1/swap/verify-keys', verifyKeysResponseSchema, validBody);
+    }
+    buildQuery(params) {
+        const filtered = Object.entries(params).filter((entry) => entry[1] !== undefined);
+        return new URLSearchParams(filtered).toString();
+    }
+    get(path, schema, timeoutMs) {
+        return this.request('GET', path, schema, undefined, undefined, timeoutMs);
+    }
+    post(path, schema, body, extraHeaders, timeoutMs) {
+        return this.request('POST', path, schema, body, extraHeaders, timeoutMs);
+    }
+    /**
+     * `X-Pow-Payload` carries a single-use proof-of-work header that the
+     * server consumes via Redis SETNX in `verifyPowSolution`. If the request
+     * fails after the server has already verified PoW (e.g. simulateSwap
+     * returns 503 because mocknet pools shifted between quote and create),
+     * a transparent retry would resubmit the same header and bounce off
+     * replay protection with `403 challenge already used`. The caller must
+     * fetch a fresh challenge instead. Detect that case and skip the retry
+     * wrapper so the original error surfaces unmodified to the caller.
+     */
+    hasSingleUseToken(extraHeaders) {
+        if (!extraHeaders)
+            return false;
+        return Object.prototype.hasOwnProperty.call(extraHeaders, 'X-Pow-Payload');
+    }
+    async request(method, path, responseSchema, body, extraHeaders, timeoutMs) {
+        const url = `${this.baseUrl}${path}`;
+        const effectiveTimeout = timeoutMs ?? this.timeout;
+        this.logger.debug({ method, path }, 'API request');
+        if (this.hasSingleUseToken(extraHeaders)) {
+            return this.runOnce(method, path, url, responseSchema, body, extraHeaders, effectiveTimeout);
+        }
+        return withRetry(async () => this.runOnce(method, path, url, responseSchema, body, extraHeaders, effectiveTimeout), {
+            maxBoundedRetries: this.maxRetries,
+            baseMs: this.retryBaseMs,
+            logger: this.logger,
+            label: `${method} ${path}`,
+        });
+    }
+    /**
+     * Single attempt: perform the fetch, parse the envelope, classify the result.
+     *
+     * Throw types map to {@link ErrorCategory} via the unified taxonomy:
+     *  - {@link ApiError}('SCHEMA_MISMATCH') → category `protocol`     → fail.
+     *  - {@link ApiError}(status 4xx)        → category `client-*`     → bounded / fatal per status.
+     *  - {@link ApiError}(status 5xx)        → category `server`       → unbounded retry.
+     *  - {@link NetworkError}                 → category `network`      → unbounded retry.
+     */
+    async runOnce(method, path, url, responseSchema, body, extraHeaders, effectiveTimeout) {
+        const ac = new AbortController();
+        const timer = setTimeout(() => ac.abort(), effectiveTimeout);
+        let res;
+        try {
+            res = await this.fetchFn(url, {
+                method,
+                headers: {
+                    'Content-Type': 'application/json',
+                    Accept: 'application/json',
+                    ...extraHeaders,
+                },
+                body: body !== undefined ? JSON.stringify(body) : undefined,
+                signal: ac.signal,
+            });
+        }
+        catch (fetchErr) {
+            clearTimeout(timer);
+            throw normaliseFetchError(fetchErr, effectiveTimeout);
+        }
+        clearTimeout(timer);
+        let raw;
+        try {
+            raw = await res.json();
+        }
+        catch (parseErr) {
+            // Body parse failure — undici / browser fetch sometimes truncate on
+            // connection reset, surface as transient network failure.
+            throw new NetworkError('Failed to parse response body', {
+                cause: parseErr,
+                details: { status: res.status },
+            });
+        }
+        const parsed = apiEnvelopeSchema(responseSchema).safeParse(raw);
+        if (!parsed.success) {
+            this.logger.error({ method, path, status: res.status, issues: parsed.error.issues }, 'Schema mismatch');
+            throw new ApiError('Server response did not match expected schema', 502, 'SCHEMA_MISMATCH', { details: { method, path, status: res.status, issues: parsed.error.issues } });
+        }
+        const envelope = parsed.data;
+        if (!envelope.success) {
+            const { code, message, details } = envelope.error;
+            this.logger.warn({ method, path, status: res.status, code }, 'API error');
+            throw new ApiError(message, res.status, code, {
+                details: typeof details === 'object' && details !== null
+                    ? details
+                    : undefined,
+            });
+        }
+        return envelope.data;
+    }
+}
+/**
+ * Normalise anything thrown from `fetch()` into a {@link NetworkError} so the
+ * retry classifier sees a single shape regardless of platform.
+ *
+ * Cross-platform: `TypeError` covers undici / browser fetch failures;
+ * `DOMException('AbortError')` covers per-request timeout. Other errors fall
+ * through with their original message preserved.
+ */
+function normaliseFetchError(err, timeoutMs) {
+    if (typeof DOMException !== 'undefined' && err instanceof DOMException && err.name === 'AbortError') {
+        return new NetworkError(`Request timeout after ${String(timeoutMs)}ms`, { cause: err });
+    }
+    if (err instanceof Error) {
+        return new NetworkError(err.message, { cause: err });
+    }
+    return new NetworkError(String(err));
+}
+//# sourceMappingURL=index.js.map