@neus/sdk 1.1.0 → 1.1.1

package/cjs/index.cjs

@@ -167,6 +167,89 @@ var init_errors = __esm({
   }
 });
 
+// sponsor.js
+async function fetchSponsorGrant(params = {}) {
+  const {
+    apiUrl = "https://api.neus.network",
+    appId,
+    orgWallet,
+    verifierIds = [],
+    targetChains = [],
+    origin,
+    expiresInSeconds = 900,
+    fetchImpl = fetch
+  } = params;
+  const normalizedAppId = typeof appId === "string" ? appId.trim() : "";
+  const normalizedOrg = typeof orgWallet === "string" ? orgWallet.trim().toLowerCase() : "";
+  if (!normalizedAppId) {
+    throw new ValidationError("appId is required for sponsor grant");
+  }
+  if (!normalizedOrg || !/^0x[a-f0-9]{40}$/.test(normalizedOrg)) {
+    throw new ValidationError("orgWallet must be a valid EVM address");
+  }
+  let base = String(apiUrl || "https://api.neus.network").replace(/\/+$/, "");
+  try {
+    const url = new URL(base);
+    if (url.hostname.endsWith("neus.network") && url.protocol === "http:") {
+      url.protocol = "https:";
+    }
+    base = url.toString().replace(/\/+$/, "");
+  } catch {
+  }
+  const headers = {
+    "Content-Type": "application/json",
+    Accept: "application/json",
+    "X-Neus-App": normalizedAppId,
+    "X-Neus-Sdk": "js"
+  };
+  if (typeof origin === "string" && origin.trim()) {
+    headers.Origin = origin.trim();
+  }
+  const body = {
+    orgWallet: normalizedOrg,
+    scope: "sponsored-verification",
+    expiresInSeconds,
+    ...Array.isArray(verifierIds) && verifierIds.length > 0 ? { verifierIds: verifierIds.map((v) => String(v).trim()).filter(Boolean).slice(0, 25) } : {},
+    ...Array.isArray(targetChains) && targetChains.length > 0 ? { targetChains: targetChains.filter((n) => Number.isFinite(Number(n))).slice(0, 25) } : {}
+  };
+  let response;
+  try {
+    response = await fetchImpl(`${base}/api/v1/sponsor/grant`, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(body)
+    });
+  } catch (error) {
+    throw new NetworkError(`Sponsor grant request failed: ${error?.message || String(error)}`);
+  }
+  let payload;
+  try {
+    payload = await response.json();
+  } catch {
+    payload = { success: false, error: { message: "Invalid JSON response" } };
+  }
+  if (!response.ok || payload?.success !== true) {
+    throw ApiError.fromResponse(response, payload);
+  }
+  const token = payload?.data?.sponsorGrant;
+  if (!token || typeof token !== "string") {
+    throw new ApiError("Sponsor grant response missing sponsorGrant token", payload?.error);
+  }
+  return {
+    sponsorGrant: token,
+    exp: payload?.data?.exp,
+    orgWallet: payload?.data?.orgWallet || normalizedOrg,
+    appId: payload?.data?.appId || normalizedAppId,
+    maxCredits: payload?.data?.maxCredits
+  };
+}
+var init_sponsor = __esm({
+  "sponsor.js"() {
+    "use strict";
+    init_errors();
+  }
+});
+
 // utils.js
 function encodeBase58Bytes(input) {
   let source;
@@ -956,6 +1039,8 @@ function getHostedCheckoutUrl(opts = {}) {
   if (opts.intent) params.set("intent", String(opts.intent));
   if (opts.origin) params.set("origin", String(opts.origin));
   if (opts.oauthProvider) params.set("oauthProvider", String(opts.oauthProvider));
+  if (opts.appId) params.set("appId", String(opts.appId));
+  if (opts.billingWallet) params.set("billingWallet", String(opts.billingWallet).trim().toLowerCase());
   const qs = params.toString();
   return qs ? `${base}?${qs}` : base;
 }
@@ -1091,6 +1176,7 @@ var init_client = __esm({
   "client.js"() {
     "use strict";
     init_errors();
+    init_sponsor();
     init_utils();
     FALLBACK_PUBLIC_VERIFIER_CATALOG = {
       "ownership-basic": { supportsDirectApi: true },
@@ -1430,6 +1516,54 @@ var init_client = __esm({
           }
         } catch {
         }
+        this._sponsorGrantCache = null;
+      }
+      _getBillingWallet() {
+        const raw = this.config.billingWallet || this.config.sponsorOrgWallet || this.config.orgWallet || null;
+        if (typeof raw !== "string") return null;
+        const trimmed = raw.trim().toLowerCase();
+        return /^0x[a-f0-9]{40}$/.test(trimmed) ? trimmed : null;
+      }
+      _resolveIntegratorOrigin() {
+        if (typeof this.config.appOrigin === "string" && this.config.appOrigin.trim()) {
+          return this.config.appOrigin.trim();
+        }
+        try {
+          if (typeof window !== "undefined" && window.location?.origin) {
+            return window.location.origin;
+          }
+        } catch {
+        }
+        return null;
+      }
+      async _resolveSponsorGrantHeaders(verifierIds = []) {
+        const appId = typeof this.config.appId === "string" ? this.config.appId.trim() : "";
+        const orgWallet = this._getBillingWallet();
+        if (!appId || !orgWallet) {
+          return {};
+        }
+        const normalizedVerifierIds = Array.isArray(verifierIds) ? verifierIds.map((v) => String(v || "").trim()).filter(Boolean).slice(0, 25) : [];
+        const cacheKey = `${appId}:${orgWallet}:${normalizedVerifierIds.join(",")}`;
+        const now = Date.now();
+        if (this._sponsorGrantCache && this._sponsorGrantCache.key === cacheKey && this._sponsorGrantCache.expMs > now + 3e4) {
+          return { "X-Sponsor-Grant": this._sponsorGrantCache.token };
+        }
+        const origin = this._resolveIntegratorOrigin();
+        const grant = await fetchSponsorGrant({
+          apiUrl: this.baseUrl,
+          appId,
+          orgWallet,
+          verifierIds: normalizedVerifierIds,
+          origin
+        });
+        const expSeconds = Number(grant?.exp);
+        const expMs = Number.isFinite(expSeconds) && expSeconds > 0 ? expSeconds * 1e3 : now + 15 * 60 * 1e3;
+        this._sponsorGrantCache = {
+          key: cacheKey,
+          token: grant.sponsorGrant,
+          expMs
+        };
+        return { "X-Sponsor-Grant": grant.sponsorGrant };
       }
       _getHubChainId() {
         const configured = Number(this.config?.hubChainId);
@@ -2102,7 +2236,8 @@ ${bytes.length}`;
           ...delegationQHash && { delegationQHash },
           options: optionsPayload
         };
-        const response = await this._makeRequest("POST", "/api/v1/verification", requestData);
+        const sponsorHeaders = await this._resolveSponsorGrantHeaders(normalizedVerifierIds);
+        const response = await this._makeRequest("POST", "/api/v1/verification", requestData, sponsorHeaders);
         if (!response.success) {
           throw new ApiError(`Verification failed: ${response.error?.message || "Unknown error"}`, response.error);
         }
@@ -2495,7 +2630,20 @@ ${bytes.length}`;
             };
           }
         }
-        const response = await this._makeRequest("GET", `/api/v1/proofs/check?${qs.toString()}`, null, headersOverride);
+        let mergedHeaders = headersOverride;
+        if (!mergedHeaders) {
+          try {
+            const sponsorHeaders = await this._resolveSponsorGrantHeaders(
+              Array.isArray(params.verifierIds) ? params.verifierIds : params.verifierIds ? [params.verifierIds] : []
+            );
+            if (sponsorHeaders && Object.keys(sponsorHeaders).length > 0) {
+              mergedHeaders = sponsorHeaders;
+            }
+          } catch (error) {
+            this._log("Sponsor grant unavailable for gateCheck (continuing without)", error?.message || String(error));
+          }
+        }
+        const response = await this._makeRequest("GET", `/api/v1/proofs/check?${qs.toString()}`, null, mergedHeaders);
         if (!response.success) {
           throw new ApiError(`Gate check failed: ${response.error?.message || "Unknown error"}`, response.error);
         }
@@ -2784,6 +2932,7 @@ __export(index_exports, {
   default: () => index_default,
   delay: () => delay,
   deriveDid: () => deriveDid,
+  fetchSponsorGrant: () => fetchSponsorGrant,
   formatTimestamp: () => formatTimestamp,
   formatVerificationStatus: () => formatVerificationStatus,
   getHostedCheckoutUrl: () => getHostedCheckoutUrl,
@@ -2850,6 +2999,7 @@ function combineGates(...gates) {
 }
 
 // index.js
+init_sponsor();
 init_errors();
 var index_default = {
   NeusClient: () => Promise.resolve().then(() => (init_client(), client_exports)).then((m) => m.NeusClient),
@@ -2892,6 +3042,7 @@ var index_default = {
   createVerificationData,
   delay,
   deriveDid,
+  fetchSponsorGrant,
   formatTimestamp,
   formatVerificationStatus,
   getHostedCheckoutUrl,

package/cjs/utils.cjs

@@ -1012,6 +1012,8 @@ function getHostedCheckoutUrl(opts = {}) {
   if (opts.intent) params.set("intent", String(opts.intent));
   if (opts.origin) params.set("origin", String(opts.origin));
   if (opts.oauthProvider) params.set("oauthProvider", String(opts.oauthProvider));
+  if (opts.appId) params.set("appId", String(opts.appId));
+  if (opts.billingWallet) params.set("billingWallet", String(opts.billingWallet).trim().toLowerCase());
   const qs = params.toString();
   return qs ? `${base}?${qs}` : base;
 }

package/cli/neus.mjs

@@ -496,14 +496,21 @@ function cursorConfigPath(scope, cwd) {
 }
 
 function vscodeConfigPath(scope, cwd) {
-  return scope === 'user'
-    ? path.join(
-        process.env.APPDATA || path.join(os.homedir(), 'AppData', 'Roaming'),
-        'Code',
-        'User',
-        'mcp.json'
-      )
-    : path.join(cwd, '.vscode', 'mcp.json');
+  if (scope !== 'user') {
+    return path.join(cwd, '.vscode', 'mcp.json');
+  }
+  if (process.platform === 'darwin') {
+    return path.join(os.homedir(), 'Library', 'Application Support', 'Code', 'User', 'mcp.json');
+  }
+  if (process.platform === 'win32') {
+    return path.join(
+      process.env.APPDATA || path.join(os.homedir(), 'AppData', 'Roaming'),
+      'Code',
+      'User',
+      'mcp.json'
+    );
+  }
+  return path.join(os.homedir(), '.config', 'Code', 'User', 'mcp.json');
 }
 
 function claudeProjectConfigPath(cwd) {
@@ -1255,9 +1262,10 @@ function printResultSummary(command, scope, results, accessKey) {
     );
   }
   if (command === 'init' || command === 'setup') {
-    lines.push('Claude Code skill bundle: https://docs.neus.network/mcp/claude-code-marketplace');
+    lines.push('All hosts (Cursor, Codex, OpenClaw, Hermes, Windsurf, Gemini, …): https://docs.neus.network/mcp/ide-plugin');
+    lines.push('Claude Code plugin: neus-trust@neus — same page');
     lines.push(
-      'Cursor / VS Code: same command when those apps are detected (local MCP config) — https://docs.neus.network/mcp/setup'
+      'Auto-setup clients: claude, cursor, vscode — re-run with --client to limit scope'
     );
   }
   if ((command === 'init' || command === 'auth') && accessKey) {

package/client.js

@@ -1,4 +1,5 @@
 import { ApiError, ValidationError, NetworkError, ConfigurationError } from './errors.js';
+import { fetchSponsorGrant } from './sponsor.js';
 import {
   PORTABLE_PROOF_SIGNER_HEADER,
   constructVerificationMessage,
@@ -396,6 +397,77 @@ export class NeusClient {
     } catch {
       void 0;
     }
+
+    /** @type {{ token: string, expMs: number, key: string } | null} */
+    this._sponsorGrantCache = null;
+  }
+
+  _getBillingWallet() {
+    const raw =
+      this.config.billingWallet ||
+      this.config.sponsorOrgWallet ||
+      this.config.orgWallet ||
+      null;
+    if (typeof raw !== 'string') return null;
+    const trimmed = raw.trim().toLowerCase();
+    return /^0x[a-f0-9]{40}$/.test(trimmed) ? trimmed : null;
+  }
+
+  _resolveIntegratorOrigin() {
+    if (typeof this.config.appOrigin === 'string' && this.config.appOrigin.trim()) {
+      return this.config.appOrigin.trim();
+    }
+    try {
+      if (typeof window !== 'undefined' && window.location?.origin) {
+        return window.location.origin;
+      }
+    } catch {
+      void 0;
+    }
+    return null;
+  }
+
+  async _resolveSponsorGrantHeaders(verifierIds = []) {
+    const appId = typeof this.config.appId === 'string' ? this.config.appId.trim() : '';
+    const orgWallet = this._getBillingWallet();
+    if (!appId || !orgWallet) {
+      return {};
+    }
+
+    const normalizedVerifierIds = Array.isArray(verifierIds)
+      ? verifierIds.map((v) => String(v || '').trim()).filter(Boolean).slice(0, 25)
+      : [];
+    const cacheKey = `${appId}:${orgWallet}:${normalizedVerifierIds.join(',')}`;
+    const now = Date.now();
+    if (
+      this._sponsorGrantCache &&
+      this._sponsorGrantCache.key === cacheKey &&
+      this._sponsorGrantCache.expMs > now + 30_000
+    ) {
+      return { 'X-Sponsor-Grant': this._sponsorGrantCache.token };
+    }
+
+    const origin = this._resolveIntegratorOrigin();
+    const grant = await fetchSponsorGrant({
+      apiUrl: this.baseUrl,
+      appId,
+      orgWallet,
+      verifierIds: normalizedVerifierIds,
+      origin
+    });
+
+    const expSeconds = Number(grant?.exp);
+    const expMs = Number.isFinite(expSeconds) && expSeconds > 0
+      ? expSeconds * 1000
+      : now + 15 * 60 * 1000;
+
+    this._sponsorGrantCache = {
+      key: cacheKey,
+      token: grant.sponsorGrant,
+      expMs
+    };
+
+    return { 'X-Sponsor-Grant': grant.sponsorGrant };
   }
 
   _getHubChainId() {
@@ -1147,7 +1219,8 @@ export class NeusClient {
       options: optionsPayload
     };
 
-    const response = await this._makeRequest('POST', '/api/v1/verification', requestData);
+    const sponsorHeaders = await this._resolveSponsorGrantHeaders(normalizedVerifierIds);
+    const response = await this._makeRequest('POST', '/api/v1/verification', requestData, sponsorHeaders);
 
     if (!response.success) {
       throw new ApiError(`Verification failed: ${response.error?.message || 'Unknown error'}`, response.error);
@@ -1619,7 +1692,23 @@ export class NeusClient {
       }
     }
 
-    const response = await this._makeRequest('GET', `/api/v1/proofs/check?${qs.toString()}`, null, headersOverride);
+    let mergedHeaders = headersOverride;
+    if (!mergedHeaders) {
+      try {
+        const sponsorHeaders = await this._resolveSponsorGrantHeaders(
+          Array.isArray(params.verifierIds)
+            ? params.verifierIds
+            : (params.verifierIds ? [params.verifierIds] : [])
+        );
+        if (sponsorHeaders && Object.keys(sponsorHeaders).length > 0) {
+          mergedHeaders = sponsorHeaders;
+        }
+      } catch (error) {
+        this._log('Sponsor grant unavailable for gateCheck (continuing without)', error?.message || String(error));
+      }
+    }
+
+    const response = await this._makeRequest('GET', `/api/v1/proofs/check?${qs.toString()}`, null, mergedHeaders);
     if (!response.success) {
       throw new ApiError(`Gate check failed: ${response.error?.message || 'Unknown error'}`, response.error);
     }