@neus/sdk 1.0.2 → 1.0.4

package/cjs/utils.cjs

@@ -1,3 +1,4 @@
+"use strict";
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
@@ -29,7 +30,9 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // utils.js
 var utils_exports = {};
 __export(utils_exports, {
+  DEFAULT_HOSTED_VERIFY_URL: () => DEFAULT_HOSTED_VERIFY_URL,
   NEUS_CONSTANTS: () => NEUS_CONSTANTS,
+  PORTABLE_PROOF_SIGNER_HEADER: () => PORTABLE_PROOF_SIGNER_HEADER,
   StatusPoller: () => StatusPoller,
   buildVerificationRequest: () => buildVerificationRequest,
   computeContentHash: () => computeContentHash,
@@ -39,14 +42,22 @@ __export(utils_exports, {
   deriveDid: () => deriveDid,
   formatTimestamp: () => formatTimestamp,
   formatVerificationStatus: () => formatVerificationStatus,
+  getHostedCheckoutUrl: () => getHostedCheckoutUrl,
   isFailureStatus: () => isFailureStatus,
   isSuccessStatus: () => isSuccessStatus,
   isSupportedChain: () => isSupportedChain,
   isTerminalStatus: () => isTerminalStatus,
   normalizeAddress: () => normalizeAddress,
+  resolveDID: () => resolveDID,
+  resolveZkPassportConfig: () => resolveZkPassportConfig,
+  signMessage: () => signMessage,
+  standardizeVerificationRequest: () => standardizeVerificationRequest,
+  toAgentDelegationMaxSpend: () => toAgentDelegationMaxSpend,
+  toHexUtf8: () => toHexUtf8,
   validateQHash: () => validateQHash,
   validateSignatureComponents: () => validateSignatureComponents,
   validateTimestamp: () => validateTimestamp,
+  validateUniversalAddress: () => validateUniversalAddress,
   validateVerifierPayload: () => validateVerifierPayload,
   validateWalletAddress: () => validateWalletAddress,
   withRetry: () => withRetry
@@ -120,21 +131,77 @@ var ValidationError = class extends SDKError {
 };
 
 // utils.js
+var PORTABLE_PROOF_SIGNER_HEADER = "Portable Proof Verification Request";
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function encodeBase58Bytes(input) {
+  let source;
+  if (input instanceof Uint8Array) {
+    source = input;
+  } else if (input instanceof ArrayBuffer) {
+    source = new Uint8Array(input);
+  } else if (ArrayBuffer.isView(input)) {
+    source = new Uint8Array(input.buffer, input.byteOffset, input.byteLength);
+  } else if (typeof Buffer !== "undefined" && typeof Buffer.isBuffer === "function" && Buffer.isBuffer(input)) {
+    source = new Uint8Array(input);
+  } else {
+    throw new SDKError("Unsupported non-EVM signature byte format", "INVALID_SIGNATURE_FORMAT");
+  }
+  if (source.length === 0) return "";
+  let zeroes = 0;
+  while (zeroes < source.length && source[zeroes] === 0) {
+    zeroes++;
+  }
+  const iFactor = Math.log(256) / Math.log(58);
+  const size = (source.length - zeroes) * iFactor + 1 >>> 0;
+  const b58 = new Uint8Array(size);
+  let length = 0;
+  for (let i = zeroes; i < source.length; i++) {
+    let carry = source[i];
+    let j = 0;
+    for (let k = size - 1; (carry !== 0 || j < length) && k >= 0; k--, j++) {
+      carry += 256 * b58[k];
+      b58[k] = carry % 58;
+      carry = carry / 58 | 0;
+    }
+    length = j;
+  }
+  let it = size - length;
+  while (it < size && b58[it] === 0) {
+    it++;
+  }
+  let out = BASE58_ALPHABET[0].repeat(zeroes);
+  for (; it < size; it++) {
+    out += BASE58_ALPHABET[b58[it]];
+  }
+  return out;
+}
 function deterministicStringify(obj) {
   if (obj === null || obj === void 0) {
     return JSON.stringify(obj);
   }
   if (typeof obj !== "object") {
+    if (typeof obj === "string") return JSON.stringify(obj.normalize("NFC"));
     return JSON.stringify(obj);
   }
   if (Array.isArray(obj)) {
-    return "[" + obj.map((item) => deterministicStringify(item)).join(",") + "]";
+    return `[${obj.map((item) => item === void 0 ? "null" : deterministicStringify(item)).join(",")}]`;
   }
-  const sortedKeys = Object.keys(obj).sort();
+  const sortedKeys = Object.keys(obj).filter((k) => obj[k] !== void 0).sort();
   const pairs = sortedKeys.map(
-    (key) => JSON.stringify(key) + ":" + deterministicStringify(obj[key])
+    (key) => `${JSON.stringify(key)}:${deterministicStringify(obj[key])}`
   );
-  return "{" + pairs.join(",") + "}";
+  return `{${pairs.join(",")}}`;
+}
+function chainLineForPortableProofSigner(chain, chainId) {
+  if (typeof chain === "string" && chain.length > 0) {
+    const m = chain.match(/^eip155:(\d+)$/);
+    if (m) return Number(m[1]);
+    return chain;
+  }
+  if (typeof chainId === "number" && Number.isFinite(chainId) && chainId > 0) {
+    return chainId;
+  }
+  throw new SDKError("chainId is required (or provide chain for universal mode)", "INVALID_CHAIN_CONTEXT");
 }
 function constructVerificationMessage({ walletAddress, signedTimestamp, data, verifierIds, chainId, chain }) {
   if (!walletAddress || typeof walletAddress !== "string") {
@@ -149,28 +216,28 @@ function constructVerificationMessage({ walletAddress, signedTimestamp, data, ve
   if (!Array.isArray(verifierIds) || verifierIds.length === 0) {
     throw new SDKError("verifierIds is required and must be a non-empty array", "INVALID_VERIFIER_IDS");
   }
-  const chainContext = typeof chain === "string" && chain.length > 0 ? chain : chainId;
-  if (!chainContext) {
+  if ((typeof chain !== "string" || !chain.length) && !(typeof chainId === "number" && chainId > 0)) {
     throw new SDKError("chainId is required (or provide chain for universal mode)", "INVALID_CHAIN_CONTEXT");
   }
-  if (chainContext === chainId && typeof chainId !== "number") {
-    throw new SDKError("chainId must be a number when provided", "INVALID_CHAIN_ID");
-  }
-  if (chainContext === chain && (typeof chain !== "string" || !chain.includes(":"))) {
+  if (typeof chain === "string" && chain.length > 0 && !chain.includes(":")) {
     throw new SDKError('chain must be a "namespace:reference" string', "INVALID_CHAIN");
   }
+  if ((!chain || !chain.length) && typeof chainId !== "number") {
+    throw new SDKError("chainId must be a number when provided", "INVALID_CHAIN_ID");
+  }
+  const chainLine = chainLineForPortableProofSigner(chain, chainId);
   const namespace = typeof chain === "string" && chain.includes(":") ? chain.split(":")[0] : "eip155";
   const normalizedWalletAddress = namespace === "eip155" ? walletAddress.toLowerCase() : walletAddress;
   const dataString = deterministicStringify(data);
   const messageComponents = [
-    "NEUS Verification Request",
+    PORTABLE_PROOF_SIGNER_HEADER,
     `Wallet: ${normalizedWalletAddress}`,
-    `Chain: ${chainContext}`,
+    `Chain: ${chainLine}`,
     `Verifiers: ${verifierIds.join(",")}`,
     `Data: ${dataString}`,
     `Timestamp: ${signedTimestamp}`
   ];
-  return messageComponents.join("\n");
+  return messageComponents.join("\n").normalize("NFC");
 }
 function validateWalletAddress(address) {
   if (!address || typeof address !== "string") {
@@ -178,6 +245,25 @@ function validateWalletAddress(address) {
   }
   return /^0x[a-fA-F0-9]{40}$/.test(address);
 }
+function validateUniversalAddress(address, chain) {
+  if (!address || typeof address !== "string") return false;
+  const value = address.trim();
+  if (!value) return false;
+  const chainRef = typeof chain === "string" ? chain.trim().toLowerCase() : "";
+  const namespace = chainRef.includes(":") ? chainRef.split(":")[0] : "";
+  if (validateWalletAddress(value)) return true;
+  if (namespace === "eip155") return false;
+  if (namespace === "solana") {
+    return /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(value);
+  }
+  if (namespace === "bip122") {
+    return /^(bc1|tb1|bcrt1)[a-z0-9]{11,87}$/.test(value.toLowerCase()) || /^[13mn2][a-km-zA-HJ-NP-Z1-9]{25,62}$/.test(value);
+  }
+  if (namespace === "near") {
+    return /^[a-z0-9._-]{2,64}$/.test(value);
+  }
+  return /^[A-Za-z0-9][A-Za-z0-9._:-]{1,127}$/.test(value);
+}
 function validateTimestamp(timestamp, maxAgeMs = 5 * 60 * 1e3) {
   if (!timestamp || typeof timestamp !== "number") {
     return false;
@@ -199,7 +285,7 @@ function createVerificationData(content, owner, reference = null) {
   };
   return {
     content,
-    owner: owner.toLowerCase(),
+    owner: validateWalletAddress(owner) ? owner.toLowerCase() : owner,
     reference: reference || {
       // Must be a valid backend enum value; 'content' is not supported.
       type: "other",
@@ -224,9 +310,234 @@ function deriveDid(address, chainIdOrChain) {
     return `did:pkh:eip155:${chainContext}:${address.toLowerCase()}`;
   }
 }
+async function resolveDID(params, options = {}) {
+  const endpointPath = options.endpoint || "/api/v1/profile/did/resolve";
+  const apiUrl = typeof options.apiUrl === "string" ? options.apiUrl.trim() : "";
+  const resolveEndpoint = (path) => {
+    if (!path || typeof path !== "string") return null;
+    const trimmedPath = path.trim();
+    if (!trimmedPath) return null;
+    if (/^https?:\/\//i.test(trimmedPath)) return trimmedPath;
+    if (trimmedPath.startsWith("/")) {
+      if (!apiUrl) return trimmedPath;
+      try {
+        return new URL(trimmedPath, apiUrl.endsWith("/") ? apiUrl : `${apiUrl}/`).toString();
+      } catch {
+        return null;
+      }
+    }
+    const base = apiUrl || NEUS_CONSTANTS.API_BASE_URL;
+    if (!base || typeof base !== "string") return null;
+    try {
+      return new URL(trimmedPath, base.endsWith("/") ? base : `${base}/`).toString();
+    } catch {
+      return null;
+    }
+  };
+  const endpoint = resolveEndpoint(endpointPath);
+  if (!endpoint) {
+    throw new SDKError("resolveDID requires a valid endpoint", "INVALID_ENDPOINT");
+  }
+  const payload = {
+    walletAddress: params?.walletAddress,
+    chainId: params?.chainId,
+    chain: params?.chain
+  };
+  const isRelative = endpoint.startsWith("/") || !/^https?:\/\//i.test(endpoint);
+  const credentialsMode = options.credentials !== void 0 ? options.credentials : isRelative ? "same-origin" : "omit";
+  try {
+    const response = await fetch(endpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Accept: "application/json",
+        ...options.headers || {}
+      },
+      body: JSON.stringify(payload),
+      credentials: credentialsMode
+    });
+    const json = await response.json().catch(() => null);
+    if (!response.ok) {
+      const msg = json?.error?.message || json?.error || json?.message || "DID resolution failed";
+      throw new SDKError(msg, "DID_RESOLVE_FAILED", json);
+    }
+    const did = json?.data?.did || json?.did;
+    if (!did || typeof did !== "string") {
+      throw new SDKError("DID resolution missing DID", "DID_RESOLVE_MISSING", json);
+    }
+    return { did, data: json?.data || null, raw: json };
+  } catch (error) {
+    if (error instanceof SDKError) throw error;
+    throw new SDKError(`DID resolution failed: ${error?.message || error}`, "DID_RESOLVE_FAILED");
+  }
+}
+async function standardizeVerificationRequest(params, options = {}) {
+  const endpointPath = options.endpoint || "/api/v1/verification/standardize";
+  const apiUrl = typeof options.apiUrl === "string" ? options.apiUrl.trim() : "";
+  const resolveEndpoint = (path) => {
+    if (!path || typeof path !== "string") return null;
+    const trimmedPath = path.trim();
+    if (!trimmedPath) return null;
+    if (/^https?:\/\//i.test(trimmedPath)) return trimmedPath;
+    if (trimmedPath.startsWith("/")) {
+      if (!apiUrl) return trimmedPath;
+      try {
+        return new URL(trimmedPath, apiUrl.endsWith("/") ? apiUrl : `${apiUrl}/`).toString();
+      } catch {
+        return null;
+      }
+    }
+    const base = apiUrl || NEUS_CONSTANTS.API_BASE_URL;
+    if (!base || typeof base !== "string") return null;
+    try {
+      return new URL(trimmedPath, base.endsWith("/") ? base : `${base}/`).toString();
+    } catch {
+      return null;
+    }
+  };
+  const endpoint = resolveEndpoint(endpointPath);
+  if (!endpoint) {
+    throw new SDKError("standardizeVerificationRequest requires a valid endpoint", "INVALID_ENDPOINT");
+  }
+  const isRelative = endpoint.startsWith("/") || !/^https?:\/\//i.test(endpoint);
+  const credentialsMode = options.credentials !== void 0 ? options.credentials : isRelative ? "same-origin" : "omit";
+  try {
+    const response = await fetch(endpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Accept: "application/json",
+        ...options.headers || {}
+      },
+      body: JSON.stringify(params || {}),
+      credentials: credentialsMode
+    });
+    const json = await response.json().catch(() => null);
+    if (!response.ok) {
+      const msg = json?.error?.message || json?.error || json?.message || "Standardize request failed";
+      throw new SDKError(msg, "STANDARDIZE_FAILED", json);
+    }
+    return json?.data || json;
+  } catch (error) {
+    if (error instanceof SDKError) throw error;
+    throw new SDKError(`Standardize request failed: ${error?.message || error}`, "STANDARDIZE_FAILED");
+  }
+}
+function resolveZkPassportConfig(overrides = {}) {
+  const defaults = {
+    provider: "zkpassport",
+    scope: "basic_kyc",
+    checkSanctions: true,
+    requireFaceMatch: true,
+    faceMatchMode: "strict"
+  };
+  return {
+    ...defaults,
+    ...overrides && typeof overrides === "object" ? overrides : {}
+  };
+}
+function toHexUtf8(value) {
+  const input = typeof value === "string" ? value : String(value || "");
+  const bytes = new TextEncoder().encode(input);
+  return `0x${Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("")}`;
+}
+async function signMessage({ provider, message, walletAddress, chain } = {}) {
+  const msg = typeof message === "string" ? message : String(message || "");
+  if (!msg) {
+    throw new SDKError("signMessage: message is required", "INVALID_ARGUMENT");
+  }
+  const resolvedProvider = provider || (typeof window !== "undefined" && window?.ethereum ? window.ethereum : null);
+  if (!resolvedProvider) {
+    throw new SDKError("signMessage: provider is required", "SIGNER_UNAVAILABLE");
+  }
+  const chainStr = typeof chain === "string" && chain.trim().length > 0 ? chain.trim() : "eip155";
+  const namespace = chainStr.includes(":") ? chainStr.split(":")[0] || "eip155" : "eip155";
+  const resolveAddress = async () => {
+    if (typeof walletAddress === "string" && walletAddress.trim().length > 0) return walletAddress;
+    if (namespace === "solana") {
+      if (resolvedProvider?.publicKey && typeof resolvedProvider.publicKey.toBase58 === "function") {
+        const pk = resolvedProvider.publicKey.toBase58();
+        if (typeof pk === "string" && pk) return pk;
+      }
+      if (typeof resolvedProvider.getAddress === "function") {
+        const addr = await resolvedProvider.getAddress().catch(() => null);
+        if (typeof addr === "string" && addr) return addr;
+      }
+      if (typeof resolvedProvider.address === "string" && resolvedProvider.address) return resolvedProvider.address;
+      return null;
+    }
+    if (typeof resolvedProvider.address === "string" && resolvedProvider.address) return resolvedProvider.address;
+    if (typeof resolvedProvider.getAddress === "function") return resolvedProvider.getAddress();
+    if (typeof resolvedProvider.request === "function") {
+      let accounts = await resolvedProvider.request({ method: "eth_accounts" }).catch(() => []);
+      if (!Array.isArray(accounts) || accounts.length === 0) {
+        accounts = await resolvedProvider.request({ method: "eth_requestAccounts" }).catch(() => []);
+      }
+      if (Array.isArray(accounts) && accounts[0]) return accounts[0];
+    }
+    return null;
+  };
+  if (namespace !== "eip155") {
+    if (typeof resolvedProvider.signMessage === "function") {
+      const encoded = typeof msg === "string" ? new TextEncoder().encode(msg) : msg;
+      const result = await resolvedProvider.signMessage(encoded);
+      if (typeof result === "string" && result) return result;
+      if (result instanceof Uint8Array) return encodeBase58Bytes(result);
+      if (result instanceof ArrayBuffer) return encodeBase58Bytes(new Uint8Array(result));
+      if (ArrayBuffer.isView(result)) return encodeBase58Bytes(result);
+      if (typeof Buffer !== "undefined" && typeof Buffer.isBuffer === "function" && Buffer.isBuffer(result)) return encodeBase58Bytes(result);
+    }
+    throw new SDKError("Non-EVM signing requires provider.signMessage", "SIGNER_UNAVAILABLE");
+  }
+  const address = await resolveAddress();
+  if (typeof resolvedProvider.request === "function" && address) {
+    let firstPersonalSignError = null;
+    try {
+      const sig = await resolvedProvider.request({ method: "personal_sign", params: [msg, address] });
+      if (typeof sig === "string" && sig) return sig;
+    } catch (error) {
+      firstPersonalSignError = error;
+    }
+    let secondPersonalSignError = null;
+    try {
+      const sig = await resolvedProvider.request({ method: "personal_sign", params: [address, msg] });
+      if (typeof sig === "string" && sig) return sig;
+    } catch (error) {
+      secondPersonalSignError = error;
+      const signatureErrorMessage = String(
+        error?.message || error?.reason || firstPersonalSignError?.message || firstPersonalSignError?.reason || ""
+      ).toLowerCase();
+      const needsHex = /byte|bytes|invalid byte sequence|encoding|non-hex/i.test(signatureErrorMessage);
+      if (needsHex) {
+        try {
+          const hexMsg = toHexUtf8(msg);
+          const sig = await resolvedProvider.request({ method: "personal_sign", params: [hexMsg, address] });
+          if (typeof sig === "string" && sig) return sig;
+        } catch {
+        }
+      }
+    }
+    try {
+      const sig = await resolvedProvider.request({ method: "eth_sign", params: [address, msg] });
+      if (typeof sig === "string" && sig) return sig;
+    } catch {
+    }
+    if (secondPersonalSignError || firstPersonalSignError) {
+      const lastError = secondPersonalSignError || firstPersonalSignError;
+      const isUserRejection = [4001, "ACTION_REJECTED"].includes(lastError?.code);
+      if (isUserRejection) {
+        throw lastError;
+      }
+    }
+  }
+  if (typeof resolvedProvider.signMessage === "function") {
+    const result = await resolvedProvider.signMessage(msg);
+    if (typeof result === "string" && result) return result;
+  }
+  throw new SDKError("Unable to sign message with provided wallet/provider", "SIGNER_UNAVAILABLE");
+}
 function isTerminalStatus(status) {
-  if (!status || typeof status !== "string")
-    return false;
+  if (!status || typeof status !== "string") return false;
   const successStates = [
     "verified",
     "verified_no_verifiers",
@@ -247,8 +558,7 @@ function isTerminalStatus(status) {
   return successStates.includes(status) || failureStates.includes(status);
 }
 function isSuccessStatus(status) {
-  if (!status || typeof status !== "string")
-    return false;
+  if (!status || typeof status !== "string") return false;
   const successStates = [
     "verified",
     "verified_no_verifiers",
@@ -259,8 +569,7 @@ function isSuccessStatus(status) {
   return successStates.includes(status);
 }
 function isFailureStatus(status) {
-  if (!status || typeof status !== "string")
-    return false;
+  if (!status || typeof status !== "string") return false;
   const failureStates = [
     "rejected",
     "rejected_verifier_failure",
@@ -407,7 +716,7 @@ var StatusPoller = class {
       const pollAttempt = async () => {
         try {
           this.attempt++;
-          const response = await this.client.getStatus(this.qHash);
+          const response = await this.client.getProof(this.qHash);
           if (isTerminalStatus(response.status)) {
             resolve(response);
             return;
@@ -452,7 +761,7 @@ var StatusPoller = class {
   }
 };
 var NEUS_CONSTANTS = {
-  // Hub chain (where all verifications occur)
+  /** Default EVM chain id for NEUS protocol signing context (`HUB_CHAIN_ID` name kept for compatibility). */
   HUB_CHAIN_ID: 84532,
   // Supported target chains for cross-chain propagation
   TESTNET_CHAINS: [
@@ -506,23 +815,20 @@ function validateVerifierPayload(verifierId, data) {
   const id = verifierId.replace(/@\d+$/, "");
   if (id === "nft-ownership") {
     ["contractAddress", "tokenId", "chainId"].forEach((key) => {
-      if (!(key in data))
-        result.missing.push(key);
+      if (!(key in data)) result.missing.push(key);
     });
     if (!("ownerAddress" in data)) {
-      result.warnings.push("ownerAddress omitted (most deployments default to the signed walletAddress)");
+      result.warnings.push("ownerAddress omitted (defaults to the signed walletAddress)");
     }
   } else if (id === "token-holding") {
     ["contractAddress", "minBalance", "chainId"].forEach((key) => {
-      if (!(key in data))
-        result.missing.push(key);
+      if (!(key in data)) result.missing.push(key);
     });
     if (!("ownerAddress" in data)) {
-      result.warnings.push("ownerAddress omitted (most deployments default to the signed walletAddress)");
+      result.warnings.push("ownerAddress omitted (defaults to the signed walletAddress)");
     }
   } else if (id === "ownership-basic") {
-    if (!("owner" in data))
-      result.missing.push("owner");
+    if (!("owner" in data)) result.missing.push("owner");
     const hasContent = typeof data.content === "string" && data.content.length > 0;
     const hasContentHash = typeof data.contentHash === "string" && data.contentHash.length > 0;
     const hasRefId = typeof data.reference?.id === "string" && data.reference.id.length > 0;
@@ -586,8 +892,7 @@ async function withRetry(fn, options = {}) {
       return await fn();
     } catch (error) {
       lastError = error;
-      if (attempt === maxAttempts)
-        break;
+      if (attempt === maxAttempts) break;
       const delayMs = Math.min(
         baseDelay * Math.pow(backoffFactor, attempt - 1),
         maxDelay
@@ -655,9 +960,72 @@ function validateSignatureComponents({ walletAddress, signature, signedTimestamp
   }
   return result;
 }
+function toAgentDelegationMaxSpend(humanAmount, decimals) {
+  if (humanAmount === void 0 || humanAmount === null) {
+    throw new ValidationError("humanAmount is required", "humanAmount", humanAmount);
+  }
+  const s0 = String(humanAmount).trim();
+  if (!s0) {
+    throw new ValidationError("humanAmount must be non-empty", "humanAmount", humanAmount);
+  }
+  if (s0.startsWith("-") || s0.startsWith("+")) {
+    throw new ValidationError("humanAmount must be non-negative", "humanAmount", humanAmount);
+  }
+  const d = Number(decimals);
+  if (!Number.isInteger(d) || d < 0 || d > 78) {
+    throw new ValidationError("decimalPlaces must be an integer from 0 to 78", "decimals", decimals);
+  }
+  if (!/^(?:\d+\.?\d*|\.\d+)$/.test(s0)) {
+    throw new ValidationError(
+      'humanAmount must be a decimal string (e.g. "100" or "100.50")',
+      "humanAmount",
+      humanAmount
+    );
+  }
+  const dot = s0.indexOf(".");
+  const intPart = dot === -1 ? s0 : s0.slice(0, dot);
+  const fracRaw = dot === -1 ? "" : s0.slice(dot + 1);
+  const intNormalized = intPart === "" ? "0" : (() => {
+    const s = intPart.replace(/^0+/, "");
+    return s === "" ? "0" : s;
+  })();
+  if (!/^\d+$/.test(intNormalized)) {
+    throw new ValidationError("humanAmount has an invalid integer part", "humanAmount", humanAmount);
+  }
+  if (fracRaw && !/^\d*$/.test(fracRaw)) {
+    throw new ValidationError("humanAmount has an invalid fractional part", "humanAmount", humanAmount);
+  }
+  const fracPadded = `${fracRaw}${"0".repeat(d)}`.slice(0, d);
+  const base = BigInt(10) ** BigInt(d);
+  const value = BigInt(intNormalized) * base + BigInt(fracPadded || "0");
+  const out = value.toString();
+  if (out.length > 78) {
+    throw new ValidationError("maxSpend exceeds 78-digit limit after conversion", "humanAmount", humanAmount);
+  }
+  return out;
+}
+var DEFAULT_HOSTED_VERIFY_URL = "https://neus.network/verify";
+function getHostedCheckoutUrl(opts = {}) {
+  const base = typeof opts.baseUrl === "string" && opts.baseUrl.trim() ? opts.baseUrl.replace(/\/+$/, "") : DEFAULT_HOSTED_VERIFY_URL;
+  const params = new URLSearchParams();
+  if (opts.gateId) params.set("gateId", String(opts.gateId));
+  if (opts.returnUrl) params.set("returnUrl", String(opts.returnUrl));
+  if (Array.isArray(opts.verifiers) && opts.verifiers.length > 0) {
+    params.set("verifiers", opts.verifiers.filter(Boolean).join(","));
+  }
+  if (opts.preset) params.set("preset", String(opts.preset));
+  if (opts.mode) params.set("mode", String(opts.mode));
+  if (opts.intent) params.set("intent", String(opts.intent));
+  if (opts.origin) params.set("origin", String(opts.origin));
+  if (opts.oauthProvider) params.set("oauthProvider", String(opts.oauthProvider));
+  const qs = params.toString();
+  return qs ? `${base}?${qs}` : base;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  DEFAULT_HOSTED_VERIFY_URL,
   NEUS_CONSTANTS,
+  PORTABLE_PROOF_SIGNER_HEADER,
   StatusPoller,
   buildVerificationRequest,
   computeContentHash,
@@ -667,14 +1035,22 @@ function validateSignatureComponents({ walletAddress, signature, signedTimestamp
   deriveDid,
   formatTimestamp,
   formatVerificationStatus,
+  getHostedCheckoutUrl,
   isFailureStatus,
   isSuccessStatus,
   isSupportedChain,
   isTerminalStatus,
   normalizeAddress,
+  resolveDID,
+  resolveZkPassportConfig,
+  signMessage,
+  standardizeVerificationRequest,
+  toAgentDelegationMaxSpend,
+  toHexUtf8,
   validateQHash,
   validateSignatureComponents,
   validateTimestamp,
+  validateUniversalAddress,
   validateVerifierPayload,
   validateWalletAddress,
   withRetry

package/cli/neus.mjs

@@ -0,0 +1,58 @@
+#!/usr/bin/env node
+const argv = process.argv.slice(2);
+const sub = argv[0];
+
+function usage() {
+  process.stderr.write("Usage: neus init\n");
+  process.stderr.write("Prints hosted MCP config and doc URLs. Does not write files.\n");
+  process.exit(sub && sub !== "help" && sub !== "--help" && sub !== "-h" ? 1 : 0);
+}
+
+function printInit() {
+  const mcpBlock = {
+    mcpServers: {
+      neus: {
+        type: "streamableHttp",
+        url: "https://mcp.neus.network/mcp",
+      },
+    },
+  };
+
+  const lines = [
+    "# NEUS",
+    "",
+    "## MCP",
+    JSON.stringify(mcpBlock, null, 2),
+    "",
+    "## URLs",
+    "MCP: https://mcp.neus.network/mcp",
+    "Verify:    https://neus.network/verify",
+    "Explorer:  https://neus.network/hub",
+    "",
+    "## Docs",
+    "MCP setup:        https://docs.neus.network/mcp/setup",
+    "LLM / assistants: https://docs.neus.network/platform/llm-docs",
+    "Agents:           https://docs.neus.network/agents/overview",
+    "Agent identity:   https://docs.neus.network/agents/agent-identity",
+    "Agent delegation: https://docs.neus.network/agents/agent-delegation",
+    "Integration:      https://docs.neus.network/integration",
+    "Quickstart:       https://docs.neus.network/quickstart",
+    "Machine route map: https://neus.network/llms.txt",
+    "",
+    "This command only prints to stdout; it does not modify files or create accounts.",
+    "Use Authorization: Bearer <access key> when a tool returns auth_required (see MCP auth).",
+  ];
+
+  process.stdout.write(`${lines.join("\n")}\n`);
+}
+
+if (!sub || sub === "help" || sub === "--help" || sub === "-h") {
+  usage();
+}
+
+if (sub === "init") {
+  printInit();
+  process.exit(0);
+}
+
+usage();