npm - @nokinc-flur/sdk - Versions diffs - 2.2.0 → 2.4.0 - Mend

@nokinc-flur/sdk 2.2.0 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -2961,7 +2961,17 @@ var Base64Std3 = z13.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
 var ClaimNonce = z13.string().min(8).max(128).refine((value) => !value.includes("|"), {
   message: "nonce must not contain |"
 });
-var ACCOUNT_FUNDED_OAC_MAX_TTL_MS = 1e3 * 60 * 60 * 24 * 7;
+var ACCOUNT_FUNDED_OAC_MAX_TTL_MS = 1e3 * 60 * 60 * 24;
+var IssuerTrustKeySchema = z13.object({
+  issuerId: z13.string().min(1).max(128),
+  alg: z13.literal("p256"),
+  publicKeySpkiB64: Base64Std3.min(64).max(4096),
+  notBeforeMs: z13.number().int().nonnegative().optional(),
+  notAfterMs: z13.number().int().positive().optional()
+});
+var IssuerTrustBundleSchema = z13.object({
+  keys: z13.array(IssuerTrustKeySchema).min(1)
+});
 var CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS = 1e3 * 60 * 60 * 24;
 var AttestationSecurityLevelSchema = z13.enum([
   "STRONGBOX",
@@ -3015,13 +3025,28 @@ var ConsumerOACSchema = z13.object({
   alg: z13.literal("p256"),
   /** P-256 SubjectPublicKeyInfo DER, base64. */
   devicePubkeySpkiB64: Base64Std3.min(64).max(4096),
-  perTxCapKobo: z13.number().int().positive(),
-  cumulativeCapKobo: z13.number().int().positive(),
+  /**
+   * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+   * denotes an identity-only OAC: the credential proves who the holder is and
+   * binds their device key for offline-verifiable first contact, but carries
+   * no offline spend authority (every claim against it routes to REVIEW).
+   * Issued to zero-balance wallets so they can still be paid offline.
+   */
+  perTxCapKobo: z13.number().int().nonnegative(),
+  cumulativeCapKobo: z13.number().int().nonnegative(),
   currency: z13.string().length(3),
   validFromMs: z13.number().int().nonnegative(),
   validUntilMs: z13.number().int().nonnegative(),
   counterSeed: z13.number().int().nonnegative(),
-  issuedAtMs: z13.number().int().nonnegative()
+  issuedAtMs: z13.number().int().nonnegative(),
+  /**
+   * Issuer-attested identity folded into the OAC so a single signed
+   * credential serves both Tier B offline-verifiable identity and offline
+   * spend authority. Verified offline against a pinned issuer key; the
+   * backend remains authoritative at settlement.
+   */
+  phoneE164: z13.string().regex(/^\+[1-9]\d{7,14}$/),
+  displayName: z13.string().min(1).max(64)
 });
 var SignedConsumerOACSchema = z13.object({
   oac: ConsumerOACSchema,
@@ -3189,6 +3214,12 @@ function createMeOfflineClient(opts) {
       `/v1/me/offline/settlements/${encodeURIComponent(idOrKey)}`,
       void 0,
       (raw) => ConsumerSettlementSchema.parse(raw)
+    ),
+    getIssuerKeys: () => call(
+      "GET",
+      "/v1/issuer/keys",
+      void 0,
+      (raw) => IssuerTrustBundleSchema.parse(raw)
     )
   };
 }
@@ -3549,13 +3580,130 @@ function base64UrlDecodeUtf8(input) {
   throw new Error("base64 decoder unavailable");
 }
+// src/me-offline/oac.ts
+import { z as z15 } from "zod";
+var CONSUMER_OAC_DOMAIN = "flur:consumer-offline:v1:oac";
+function consumerOacSigningPayload(oac) {
+  return { domain: CONSUMER_OAC_DOMAIN, ...oac };
+}
+function verifyOacOffline(signed, trustedKeys, options = {}) {
+  const parsed = SignedConsumerOACSchema.safeParse(signed);
+  if (!parsed.success) return { ok: false, reason: "malformed" };
+  const oacParsed = ConsumerOACSchema.safeParse(parsed.data.oac);
+  if (!oacParsed.success) return { ok: false, reason: "malformed" };
+  const oac = oacParsed.data;
+  const nowMs = options.nowMs ?? Date.now();
+  const pinned = trustedKeys.filter(
+    (k) => k.issuerId === oac.issuerId && (k.notBeforeMs === void 0 || nowMs >= k.notBeforeMs) && (k.notAfterMs === void 0 || nowMs <= k.notAfterMs)
+  );
+  if (pinned.length === 0) return { ok: false, reason: "untrusted_issuer" };
+  const signingBytes = canonicalJSONBytes(consumerOacSigningPayload(oac));
+  const signatureOk = pinned.some(
+    (k) => verifyIssuerP256(signingBytes, parsed.data.issuerSig, k.publicKeySpkiB64)
+  );
+  if (!signatureOk) return { ok: false, reason: "signature_invalid" };
+  if (oac.validUntilMs - oac.validFromMs > ACCOUNT_FUNDED_OAC_MAX_TTL_MS) {
+    return { ok: false, reason: "window_too_long" };
+  }
+  if (nowMs < oac.validFromMs) return { ok: false, reason: "not_yet_valid" };
+  if (nowMs >= oac.validUntilMs) return { ok: false, reason: "expired" };
+  return {
+    ok: true,
+    oac,
+    identity: {
+      oacId: oac.oacId,
+      issuerId: oac.issuerId,
+      userId: oac.userId,
+      phoneE164: oac.phoneE164,
+      displayName: oac.displayName,
+      devicePubkeySpkiB64: oac.devicePubkeySpkiB64
+    }
+  };
+}
+var CONSUMER_OAC_QR_PREFIX = "FLUROAC1.";
+function isConsumerOacQR(value) {
+  return value.startsWith(CONSUMER_OAC_QR_PREFIX);
+}
+var OacPresentmentRequestSchema = z15.object({
+  /** Requested amount in minor units (kobo). */
+  amountMinor: z15.number().int().positive().max(1e12).optional(),
+  /** Purpose/intent code (mirrors the NIBSS intent vocabulary). */
+  intent: z15.string().min(1).max(32).optional(),
+  /** Free-text reference / note. */
+  reference: z15.string().min(1).max(64).optional()
+}).strict();
+function encodeConsumerOacQR(signed, request) {
+  const parsed = SignedConsumerOACSchema.parse(signed);
+  const base = `${CONSUMER_OAC_QR_PREFIX}${base64UrlEncodeUtf82(JSON.stringify(parsed))}`;
+  if (request === void 0) return base;
+  const parsedRequest = OacPresentmentRequestSchema.parse(request);
+  if (Object.keys(parsedRequest).length === 0) return base;
+  return `${base}.${base64UrlEncodeUtf82(JSON.stringify(parsedRequest))}`;
+}
+function decodeUnverifiedConsumerOacQR(value) {
+  if (!value.startsWith(CONSUMER_OAC_QR_PREFIX)) {
+    throw new Error("not a Flur consumer OAC QR");
+  }
+  const remainder = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  const encoded = remainder.split(".", 1)[0];
+  let raw;
+  try {
+    raw = JSON.parse(base64UrlDecodeUtf82(encoded));
+  } catch {
+    throw new Error("consumer OAC QR is malformed");
+  }
+  return SignedConsumerOACSchema.parse(raw);
+}
+function decodeConsumerOacRequest(value) {
+  if (!value.startsWith(CONSUMER_OAC_QR_PREFIX)) return null;
+  const remainder = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  const dot = remainder.indexOf(".");
+  if (dot < 0) return null;
+  const suffix = remainder.slice(dot + 1);
+  if (suffix.length === 0) return null;
+  try {
+    const raw = JSON.parse(base64UrlDecodeUtf82(suffix));
+    const parsed = OacPresentmentRequestSchema.safeParse(raw);
+    return parsed.success ? parsed.data : null;
+  } catch {
+    return null;
+  }
+}
+function base64UrlEncodeUtf82(input) {
+  const bytes = new TextEncoder().encode(input);
+  let binary = "";
+  for (const byte of bytes) binary += String.fromCharCode(byte);
+  const base64 = typeof btoa === "function" ? btoa(binary) : typeof Buffer !== "undefined" ? Buffer.from(bytes).toString("base64") : void 0;
+  if (!base64) throw new Error("base64 encoder unavailable");
+  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function base64UrlDecodeUtf82(input) {
+  const base64 = input.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = base64.padEnd(
+    base64.length + (4 - base64.length % 4) % 4,
+    "="
+  );
+  if (typeof atob === "function") {
+    const binary = atob(padded);
+    const bytes = new Uint8Array(binary.length);
+    for (let index = 0; index < binary.length; index++) {
+      bytes[index] = binary.charCodeAt(index);
+    }
+    return new TextDecoder().decode(bytes);
+  }
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(padded, "base64").toString("utf8");
+  }
+  throw new Error("base64 decoder unavailable");
+}
 // src/me-offline/sms.ts
 import { p256 as p2563 } from "@noble/curves/nist";
 var OFFLINE_CLAIM_SMS_PREFIX = "FLURC1.";
 var CLAIM_TOKEN_RE = /(?:^|\s)(FLURC1\.[A-Za-z0-9_-]+={0,2})(?:\s|$)/;
 function encodeOfflineClaimSmsMessage(claim) {
   const parsed = ConsumerPaymentClaimSchema.parse(claim);
-  return `${OFFLINE_CLAIM_SMS_PREFIX}${base64UrlEncodeUtf82(
+  return `${OFFLINE_CLAIM_SMS_PREFIX}${base64UrlEncodeUtf83(
     JSON.stringify(parsed)
   )}`;
 }
@@ -3565,7 +3713,7 @@ function decodeOfflineClaimSmsMessage(message) {
   const encoded = token.slice(OFFLINE_CLAIM_SMS_PREFIX.length);
   let raw;
   try {
-    raw = JSON.parse(base64UrlDecodeUtf82(encoded));
+    raw = JSON.parse(base64UrlDecodeUtf83(encoded));
   } catch {
     throw new Error("offline claim QR token is malformed");
   }
@@ -3791,10 +3939,10 @@ function bytesToBase64Url(bytes) {
   }
   return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
 }
-function base64UrlEncodeUtf82(input) {
+function base64UrlEncodeUtf83(input) {
   return bytesToBase64Url(utf8(input));
 }
-function base64UrlDecodeUtf82(input) {
+function base64UrlDecodeUtf83(input) {
   return new TextDecoder().decode(base64UrlToBytes(input));
 }
 function base64UrlToBytes(input) {
@@ -3816,14 +3964,14 @@ function base64UrlToBytes(input) {
 }
 // src/partner-funding/client.ts
-import { z as z15 } from "zod";
-var MinorString = z15.string().regex(/^-?\d+$/);
-var PositiveMinor = z15.union([
-  z15.number().int().positive(),
-  z15.string().regex(/^[1-9]\d{0,18}$/)
+import { z as z16 } from "zod";
+var MinorString = z16.string().regex(/^-?\d+$/);
+var PositiveMinor = z16.union([
+  z16.number().int().positive(),
+  z16.string().regex(/^[1-9]\d{0,18}$/)
 ]);
-var Currency = z15.string().trim().length(3).transform((v) => v.toUpperCase());
-var Metadata = z15.record(z15.unknown());
+var Currency = z16.string().trim().length(3).transform((v) => v.toUpperCase());
+var Metadata = z16.record(z16.unknown());
 var PARTNER_KINDS = ["bank", "merchant"];
 var CUSTODIAL_MODES = ["agent_of_bank", "flur_virtual_pool"];
 var PARTNER_PROFILE_STATUSES = [
@@ -3850,126 +3998,126 @@ var WITHDRAWAL_STATES = [
   "failed",
   "reversed"
 ];
-var PartnerProfileSchema = z15.object({
-  partnerAccountId: z15.string().uuid(),
-  kind: z15.enum(PARTNER_KINDS),
-  custodialMode: z15.enum(CUSTODIAL_MODES),
-  displayName: z15.string(),
-  bankCode: z15.string().nullable(),
-  poolAccountNumber: z15.string().nullable(),
-  status: z15.enum(PARTNER_PROFILE_STATUSES),
+var PartnerProfileSchema = z16.object({
+  partnerAccountId: z16.string().uuid(),
+  kind: z16.enum(PARTNER_KINDS),
+  custodialMode: z16.enum(CUSTODIAL_MODES),
+  displayName: z16.string(),
+  bankCode: z16.string().nullable(),
+  poolAccountNumber: z16.string().nullable(),
+  status: z16.enum(PARTNER_PROFILE_STATUSES),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z16.number().int().nonnegative(),
+  updatedAtMs: z16.number().int().nonnegative()
 });
-var UpsertPartnerProfileInputSchema = z15.object({
-  kind: z15.enum(PARTNER_KINDS),
-  custodialMode: z15.enum(CUSTODIAL_MODES),
-  displayName: z15.string().trim().min(1).max(200),
-  bankCode: z15.string().trim().min(1).max(64).optional(),
-  poolAccountNumber: z15.string().trim().min(1).max(64).optional(),
+var UpsertPartnerProfileInputSchema = z16.object({
+  kind: z16.enum(PARTNER_KINDS),
+  custodialMode: z16.enum(CUSTODIAL_MODES),
+  displayName: z16.string().trim().min(1).max(200),
+  bankCode: z16.string().trim().min(1).max(64).optional(),
+  poolAccountNumber: z16.string().trim().min(1).max(64).optional(),
   metadata: Metadata.optional()
 });
-var PartnerFundingEventInputSchema = z15.object({
-  externalRef: z15.string().trim().min(8).max(128),
-  direction: z15.enum(PARTNER_FUNDING_DIRECTIONS).optional(),
-  userId: z15.string().uuid().optional(),
-  accountId: z15.string().uuid().optional(),
+var PartnerFundingEventInputSchema = z16.object({
+  externalRef: z16.string().trim().min(8).max(128),
+  direction: z16.enum(PARTNER_FUNDING_DIRECTIONS).optional(),
+  userId: z16.string().uuid().optional(),
+  accountId: z16.string().uuid().optional(),
   amountMinor: PositiveMinor,
   currency: Currency,
-  fundingSource: z15.string().trim().min(1).max(64).optional(),
+  fundingSource: z16.string().trim().min(1).max(64).optional(),
   providerMetadata: Metadata.optional()
 });
-var PartnerFundingSchema = z15.object({
-  fundingId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  userId: z15.string().uuid().nullable(),
-  direction: z15.enum(PARTNER_FUNDING_DIRECTIONS),
-  currency: z15.string(),
+var PartnerFundingSchema = z16.object({
+  fundingId: z16.string().uuid(),
+  partnerId: z16.string().uuid(),
+  accountId: z16.string().uuid(),
+  userId: z16.string().uuid().nullable(),
+  direction: z16.enum(PARTNER_FUNDING_DIRECTIONS),
+  currency: z16.string(),
   amountMinor: MinorString,
-  externalRef: z15.string(),
-  status: z15.enum(PARTNER_FUNDING_STATUSES),
-  fundingSource: z15.string(),
-  ledgerRef: z15.string(),
+  externalRef: z16.string(),
+  status: z16.enum(PARTNER_FUNDING_STATUSES),
+  fundingSource: z16.string(),
+  ledgerRef: z16.string(),
   providerMetadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z16.number().int().nonnegative(),
+  updatedAtMs: z16.number().int().nonnegative()
 });
-var IngestFundingResultSchema = z15.object({
+var IngestFundingResultSchema = z16.object({
   funding: PartnerFundingSchema,
-  replayed: z15.boolean()
+  replayed: z16.boolean()
 });
-var PayoutDestinationSchema = z15.object({
-  destinationId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  bankCode: z15.string(),
-  accountNumber: z15.string(),
-  accountName: z15.string(),
-  status: z15.enum(PAYOUT_DESTINATION_STATUSES),
-  verifiedAtMs: z15.number().int().nonnegative().nullable(),
+var PayoutDestinationSchema = z16.object({
+  destinationId: z16.string().uuid(),
+  accountId: z16.string().uuid(),
+  partnerId: z16.string().uuid(),
+  bankCode: z16.string(),
+  accountNumber: z16.string(),
+  accountName: z16.string(),
+  status: z16.enum(PAYOUT_DESTINATION_STATUSES),
+  verifiedAtMs: z16.number().int().nonnegative().nullable(),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z16.number().int().nonnegative(),
+  updatedAtMs: z16.number().int().nonnegative()
 });
-var CreatePayoutDestinationInputSchema = z15.object({
-  partnerId: z15.string().uuid(),
-  bankCode: z15.string().trim().min(1).max(32),
-  accountNumber: z15.string().trim().min(4).max(64),
-  accountName: z15.string().trim().min(1).max(200),
+var CreatePayoutDestinationInputSchema = z16.object({
+  partnerId: z16.string().uuid(),
+  bankCode: z16.string().trim().min(1).max(32),
+  accountNumber: z16.string().trim().min(4).max(64),
+  accountName: z16.string().trim().min(1).max(200),
   metadata: Metadata.optional()
 });
-var ListPayoutDestinationsResultSchema = z15.object({
-  items: z15.array(PayoutDestinationSchema)
+var ListPayoutDestinationsResultSchema = z16.object({
+  items: z16.array(PayoutDestinationSchema)
 });
-var WithdrawalSchema = z15.object({
-  withdrawalId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  userId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  destinationId: z15.string().uuid(),
-  currency: z15.string(),
+var WithdrawalSchema = z16.object({
+  withdrawalId: z16.string().uuid(),
+  accountId: z16.string().uuid(),
+  userId: z16.string().uuid(),
+  partnerId: z16.string().uuid(),
+  destinationId: z16.string().uuid(),
+  currency: z16.string(),
   amountMinor: MinorString,
-  state: z15.enum(WITHDRAWAL_STATES),
-  idempotencyKey: z15.string(),
-  providerRef: z15.string().nullable(),
-  lastError: z15.string().nullable(),
-  ledgerRef: z15.string(),
-  reverseLedgerRef: z15.string().nullable(),
+  state: z16.enum(WITHDRAWAL_STATES),
+  idempotencyKey: z16.string(),
+  providerRef: z16.string().nullable(),
+  lastError: z16.string().nullable(),
+  ledgerRef: z16.string(),
+  reverseLedgerRef: z16.string().nullable(),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z16.number().int().nonnegative(),
+  updatedAtMs: z16.number().int().nonnegative()
 });
-var CreateWithdrawalInputSchema = z15.object({
-  destinationId: z15.string().uuid(),
+var CreateWithdrawalInputSchema = z16.object({
+  destinationId: z16.string().uuid(),
   amountMinor: PositiveMinor,
   currency: Currency,
-  idempotencyKey: z15.string().trim().min(8).max(128),
+  idempotencyKey: z16.string().trim().min(8).max(128),
   metadata: Metadata.optional()
 });
-var CreateWithdrawalResultSchema = z15.object({
+var CreateWithdrawalResultSchema = z16.object({
   withdrawal: WithdrawalSchema,
-  replayed: z15.boolean()
+  replayed: z16.boolean()
 });
-var PayoutEventInputSchema = z15.object({
-  externalRef: z15.string().trim().min(8).max(128),
-  withdrawalId: z15.string().uuid().optional(),
-  state: z15.enum(["submitted", "processing", "paid", "failed"]),
-  providerRef: z15.string().trim().min(1).max(128).optional(),
-  failureCode: z15.string().trim().max(64).optional(),
-  failureMessage: z15.string().trim().max(512).optional(),
+var PayoutEventInputSchema = z16.object({
+  externalRef: z16.string().trim().min(8).max(128),
+  withdrawalId: z16.string().uuid().optional(),
+  state: z16.enum(["submitted", "processing", "paid", "failed"]),
+  providerRef: z16.string().trim().min(1).max(128).optional(),
+  failureCode: z16.string().trim().max(64).optional(),
+  failureMessage: z16.string().trim().max(512).optional(),
   providerMetadata: Metadata.optional()
 });
-var RecordPayoutEventResultSchema = z15.object({
+var RecordPayoutEventResultSchema = z16.object({
   withdrawal: WithdrawalSchema,
-  replayed: z15.boolean()
+  replayed: z16.boolean()
 });
-var ReconciliationReportSchema = z15.object({
-  partnerId: z15.string().uuid(),
-  currency: z15.string(),
-  fromMs: z15.number().int().nonnegative(),
-  toMs: z15.number().int().nonnegative(),
+var ReconciliationReportSchema = z16.object({
+  partnerId: z16.string().uuid(),
+  currency: z16.string(),
+  fromMs: z16.number().int().nonnegative(),
+  toMs: z16.number().int().nonnegative(),
   fundingsCreditMinor: MinorString,
   fundingsDebitMinor: MinorString,
   withdrawalsPaidMinor: MinorString,
@@ -3978,7 +4126,7 @@ var ReconciliationReportSchema = z15.object({
   expectedReserveBalanceMinor: MinorString,
   actualReserveBalanceMinor: MinorString,
   imbalanceMinor: MinorString,
-  generatedAtMs: z15.number().int().nonnegative()
+  generatedAtMs: z16.number().int().nonnegative()
 });
 function createPartnerFundingClient(partner) {
   return {
@@ -4130,19 +4278,19 @@ function createPartnerProfileAdminClient(opts) {
 }
 // src/artifacts/envelope.ts
-import { z as z16 } from "zod";
+import { z as z17 } from "zod";
 var FLUR_ARTIFACT_URI_SCHEME = "flur";
 var FLUR_ARTIFACT_VERSION = 1;
 var FLUR_ARTIFACT_URI_PREFIX = `${FLUR_ARTIFACT_URI_SCHEME}://v${FLUR_ARTIFACT_VERSION}/`;
 var ArtifactTypeRe = /^[a-z][a-z0-9_]{1,63}$/;
-var ArtifactHeaderSchema = z16.object({
-  v: z16.literal(FLUR_ARTIFACT_VERSION),
-  t: z16.string().regex(ArtifactTypeRe, "invalid artifact type"),
-  iss: z16.string().min(1).max(128),
-  kid: z16.string().min(1).max(128),
-  iat: z16.number().int().nonnegative(),
-  exp: z16.number().int().positive().optional(),
-  nonce: z16.string().min(8).max(64).regex(/^[A-Za-z0-9_-]+$/, "nonce must be url-safe")
+var ArtifactHeaderSchema = z17.object({
+  v: z17.literal(FLUR_ARTIFACT_VERSION),
+  t: z17.string().regex(ArtifactTypeRe, "invalid artifact type"),
+  iss: z17.string().min(1).max(128),
+  kid: z17.string().min(1).max(128),
+  iat: z17.number().int().nonnegative(),
+  exp: z17.number().int().positive().optional(),
+  nonce: z17.string().min(8).max(64).regex(/^[A-Za-z0-9_-]+$/, "nonce must be url-safe")
 });
 var FlurArtifactError = class extends Error {
   constructor(message, code) {
@@ -4281,7 +4429,7 @@ function verifyArtifactSignature(decoded, publicKeySpkiB64, options = {}) {
 }
 // src/artifacts/types.ts
-import { z as z17 } from "zod";
+import { z as z18 } from "zod";
 var ARTIFACT_TYPES = {
   OFFLINE_PAYMENT_AUTHORIZATION: "offline_payment_authorization",
   RECEIPT: "receipt",
@@ -4294,37 +4442,34 @@ var ARTIFACT_TYPES = {
   LEDGER_JOURNAL_ENTRY: "ledger_journal_entry",
   STATEMENT: "statement",
   PASS: "pass",
-  IDENTITY: "identity",
-  // Tier B: holder-signed identity attestation for offline trust. The
-  // envelope.iat / envelope.exp express the card's canonical lifetime.
-  PAY_CARD: "pay_card"
+  IDENTITY: "identity"
 };
-var HexString = (length) => z17.string().regex(
+var HexString = (length) => z18.string().regex(
   new RegExp(`^[0-9a-fA-F]{${length * 2}}$`),
   `expected ${length}-byte hex string`
 );
-var OfflinePaymentAuthorizationArtifactSchema = z17.object({
+var OfflinePaymentAuthorizationArtifactSchema = z18.object({
   authorization: OfflinePaymentAuthorizationSchema
 });
-var ReceiptArtifactSchema = z17.object({
-  receiptId: z17.string().min(1).max(64),
-  paymentReference: z17.string().min(1).max(64),
-  payerUserId: z17.string().min(1).max(64).optional(),
-  payeeUserId: z17.string().min(1).max(64),
-  amountKobo: z17.number().int().positive(),
-  currency: z17.literal("NGN"),
-  channel: z17.enum(["online", "offline_reconciled", "pay_link", "nqr"]),
-  settledAtMs: z17.number().int().positive(),
-  ledgerTxnId: z17.string().min(1).max(64).optional(),
-  memo: z17.string().max(140).optional(),
+var ReceiptArtifactSchema = z18.object({
+  receiptId: z18.string().min(1).max(64),
+  paymentReference: z18.string().min(1).max(64),
+  payerUserId: z18.string().min(1).max(64).optional(),
+  payeeUserId: z18.string().min(1).max(64),
+  amountKobo: z18.number().int().positive(),
+  currency: z18.literal("NGN"),
+  channel: z18.enum(["online", "offline_reconciled", "pay_link", "nqr"]),
+  settledAtMs: z18.number().int().positive(),
+  ledgerTxnId: z18.string().min(1).max(64).optional(),
+  memo: z18.string().max(140).optional(),
   hashChainPrev: HexString(32).optional()
 });
-var ShortId = z17.string().min(1).max(64);
-var PositiveInt = z17.number().int().positive();
-var NonNegativeInt = z17.number().int().nonnegative();
-var Currency2 = z17.literal("NGN");
-var Memo = z17.string().max(140);
-var NqrPaymentRequestArtifactSchema = z17.object({
+var ShortId = z18.string().min(1).max(64);
+var PositiveInt = z18.number().int().positive();
+var NonNegativeInt = z18.number().int().nonnegative();
+var Currency2 = z18.literal("NGN");
+var Memo = z18.string().max(140);
+var NqrPaymentRequestArtifactSchema = z18.object({
   requestId: ShortId,
   payeeUserId: ShortId,
   amountKobo: PositiveInt.optional(),
@@ -4332,7 +4477,7 @@ var NqrPaymentRequestArtifactSchema = z17.object({
   memo: Memo.optional(),
   expiresAtMs: PositiveInt.optional()
 });
-var PaymentIntentArtifactSchema = z17.object({
+var PaymentIntentArtifactSchema = z18.object({
   intentId: ShortId,
   payerUserId: ShortId,
   payeeUserId: ShortId,
@@ -4341,7 +4486,7 @@ var PaymentIntentArtifactSchema = z17.object({
   idempotencyKey: ShortId,
   createdAtMs: PositiveInt
 });
-var OfflineClaimArtifactSchema = z17.object({
+var OfflineClaimArtifactSchema = z18.object({
   claimId: ShortId,
   authorizationId: ShortId,
   payeeUserId: ShortId,
@@ -4350,10 +4495,10 @@ var OfflineClaimArtifactSchema = z17.object({
   claimedAtMs: PositiveInt,
   paymentReference: ShortId.optional()
 });
-var SettlementRecordArtifactSchema = z17.object({
+var SettlementRecordArtifactSchema = z18.object({
   settlementId: ShortId,
   ledgerTxnId: ShortId,
-  sourceRefType: z17.enum([
+  sourceRefType: z18.enum([
     "offline_authorization",
     "offline_claim",
     "transfer",
@@ -4364,12 +4509,12 @@ var SettlementRecordArtifactSchema = z17.object({
   currency: Currency2,
   settledAtMs: PositiveInt
 });
-var ReversalRecordArtifactSchema = z17.object({
+var ReversalRecordArtifactSchema = z18.object({
   reversalId: ShortId,
   originalTxnId: ShortId,
   amountKobo: PositiveInt,
   currency: Currency2,
-  reason: z17.enum([
+  reason: z18.enum([
     "user_dispute",
     "fraud",
     "duplicate",
@@ -4379,7 +4524,7 @@ var ReversalRecordArtifactSchema = z17.object({
   reversedAtMs: PositiveInt,
   memo: Memo.optional()
 });
-var LedgerJournalEntryArtifactSchema = z17.object({
+var LedgerJournalEntryArtifactSchema = z18.object({
   entryId: ShortId,
   journalId: ShortId,
   debitAccountId: ShortId,
@@ -4390,13 +4535,13 @@ var LedgerJournalEntryArtifactSchema = z17.object({
   refType: ShortId.optional(),
   refId: ShortId.optional()
 });
-var StatementArtifactSchema = z17.object({
+var StatementArtifactSchema = z18.object({
   statementId: ShortId,
   userId: ShortId,
   periodStartMs: PositiveInt,
   periodEndMs: PositiveInt,
-  openingBalanceKobo: z17.number().int(),
-  closingBalanceKobo: z17.number().int(),
+  openingBalanceKobo: z18.number().int(),
+  closingBalanceKobo: z18.number().int(),
   transactionCount: NonNegativeInt,
   currency: Currency2,
   hashChainPrev: HexString(32).optional()
@@ -4404,16 +4549,16 @@ var StatementArtifactSchema = z17.object({
   message: "periodEndMs must be greater than periodStartMs",
   path: ["periodEndMs"]
 });
-var PassArtifactSchema = z17.object({
+var PassArtifactSchema = z18.object({
   passId: ShortId,
   holderId: ShortId,
-  category: z17.enum(["membership", "ticket", "loyalty", "access", "voucher"]),
-  title: z17.string().min(1).max(120),
+  category: z18.enum(["membership", "ticket", "loyalty", "access", "voucher"]),
+  title: z18.string().min(1).max(120),
   validFromMs: PositiveInt,
   validUntilMs: PositiveInt.optional(),
-  metadata: z17.record(
-    z17.string().min(1).max(64),
-    z17.union([z17.string().max(280), z17.number(), z17.boolean()])
+  metadata: z18.record(
+    z18.string().min(1).max(64),
+    z18.union([z18.string().max(280), z18.number(), z18.boolean()])
   ).optional()
 }).refine(
   (v) => v.validUntilMs === void 0 || v.validUntilMs > v.validFromMs,
@@ -4422,10 +4567,10 @@ var PassArtifactSchema = z17.object({
     path: ["validUntilMs"]
   }
 );
-var IdentityArtifactSchema = z17.object({
+var IdentityArtifactSchema = z18.object({
   attestationId: ShortId,
   subjectId: ShortId,
-  claimType: z17.enum([
+  claimType: z18.enum([
     "phone_verified",
     "email_verified",
     "bvn_verified",
@@ -4435,12 +4580,6 @@ var IdentityArtifactSchema = z17.object({
   claimValueHash: HexString(32),
   attestedAtMs: PositiveInt
 });
-var PayCardArtifactSchema = z17.object({
-  userId: ShortId,
-  phoneE164: z17.string().regex(/^\+[1-9]\d{7,14}$/, "phoneE164 must be normalised E.164"),
-  displayName: z17.string().min(1).max(64),
-  devicePubKeySpkiB64: z17.string().min(64).max(256).regex(/^[A-Za-z0-9+/]+=*$/, "devicePubKeySpkiB64 must be standard base64")
-});
 var ARTIFACT_BODY_SCHEMAS = {
   [ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION]: OfflinePaymentAuthorizationArtifactSchema,
   [ARTIFACT_TYPES.RECEIPT]: ReceiptArtifactSchema,
@@ -4452,8 +4591,7 @@ var ARTIFACT_BODY_SCHEMAS = {
   [ARTIFACT_TYPES.LEDGER_JOURNAL_ENTRY]: LedgerJournalEntryArtifactSchema,
   [ARTIFACT_TYPES.STATEMENT]: StatementArtifactSchema,
   [ARTIFACT_TYPES.PASS]: PassArtifactSchema,
-  [ARTIFACT_TYPES.IDENTITY]: IdentityArtifactSchema,
-  [ARTIFACT_TYPES.PAY_CARD]: PayCardArtifactSchema
+  [ARTIFACT_TYPES.IDENTITY]: IdentityArtifactSchema
 };
 var HARDENED_ARTIFACT_TYPES = /* @__PURE__ */ new Set([
   ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION,
@@ -4466,8 +4604,7 @@ var HARDENED_ARTIFACT_TYPES = /* @__PURE__ */ new Set([
   ARTIFACT_TYPES.LEDGER_JOURNAL_ENTRY,
   ARTIFACT_TYPES.STATEMENT,
   ARTIFACT_TYPES.PASS,
-  ARTIFACT_TYPES.IDENTITY,
-  ARTIFACT_TYPES.PAY_CARD
+  ARTIFACT_TYPES.IDENTITY
 ]);
 function isKnownArtifactType(t) {
   return Object.values(ARTIFACT_TYPES).includes(t);
@@ -4552,130 +4689,6 @@ function createOfflinePaymentAuthorizationArtifactUri(input) {
     type: ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION
   });
 }
-// src/artifacts/paycard.ts
-var PAY_CARD_DEFAULT_TTL_MS = 90 * 24 * 60 * 60 * 1e3;
-var PAY_CARD_REFRESH_THRESHOLD_MS = 30 * 24 * 60 * 60 * 1e3;
-var PAY_CARD_URI_PREFIX = `${FLUR_ARTIFACT_URI_PREFIX}${ARTIFACT_TYPES.PAY_CARD}/`;
-function createPayCardArtifactUri(input) {
-  if (input.data.userId !== input.issuer) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  const iat = input.issuedAtSeconds ?? Math.floor(Date.now() / 1e3);
-  const exp = input.expiresAtSeconds ?? iat + Math.floor(PAY_CARD_DEFAULT_TTL_MS / 1e3);
-  return createArtifactUri({
-    type: ARTIFACT_TYPES.PAY_CARD,
-    issuer: input.issuer,
-    keyId: input.keyId,
-    privateKey: input.privateKey,
-    nonce: input.nonce,
-    issuedAtSeconds: iat,
-    expiresAtSeconds: exp,
-    data: input.data
-  });
-}
-function isPayCardArtifactUri(uri) {
-  return typeof uri === "string" && uri.startsWith(PAY_CARD_URI_PREFIX);
-}
-function decodePayCardArtifact(uri) {
-  if (!isPayCardArtifactUri(uri)) {
-    throw new FlurArtifactError(
-      `URI does not start with ${PAY_CARD_URI_PREFIX}`,
-      "INVALID_URI"
-    );
-  }
-  const decoded = decodeArtifactUri(uri);
-  if (decoded.type !== ARTIFACT_TYPES.PAY_CARD) {
-    throw new FlurArtifactError(
-      `Expected pay_card, got ${decoded.type}`,
-      "TYPE_MISMATCH"
-    );
-  }
-  const parsed = PayCardArtifactSchema.safeParse(decoded.body.data);
-  if (!parsed.success) {
-    throw new FlurArtifactError(
-      `pay_card body invalid: ${parsed.error.message}`,
-      "INVALID_BODY"
-    );
-  }
-  if (parsed.data.userId !== decoded.body.iss) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  return {
-    body: {
-      ...decoded.body,
-      data: parsed.data
-    },
-    sig: decoded.sig,
-    decoded
-  };
-}
-function verifyPayCardArtifact(uri, publicKeySpkiB64, options = {}) {
-  if (!isPayCardArtifactUri(uri)) {
-    throw new FlurArtifactError(
-      `URI does not start with ${PAY_CARD_URI_PREFIX}`,
-      "INVALID_URI"
-    );
-  }
-  const verified = verifyArtifactUri(
-    uri,
-    publicKeySpkiB64,
-    options
-  );
-  if (verified.decoded.type !== ARTIFACT_TYPES.PAY_CARD) {
-    throw new FlurArtifactError(
-      `Expected pay_card, got ${verified.decoded.type}`,
-      "TYPE_MISMATCH"
-    );
-  }
-  if (verified.body.data.userId !== verified.body.iss) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  return {
-    body: verified.body,
-    sig: verified.sig,
-    decoded: verified.decoded
-  };
-}
-function inspectPayCardFreshness(decoded, nowMs = Date.now()) {
-  const exp = decoded.body.exp;
-  if (exp === void 0) return "no_expiry";
-  const remainingMs = exp * 1e3 - nowMs;
-  if (remainingMs <= 0) return "expired";
-  if (remainingMs <= PAY_CARD_REFRESH_THRESHOLD_MS)
-    return "refresh_recommended";
-  return "fresh";
-}
-function buildPayCardSigningInput(input) {
-  if (input.data.userId !== input.issuer) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  const parsedData = PayCardArtifactSchema.parse(input.data);
-  const iat = input.issuedAtSeconds ?? Math.floor(Date.now() / 1e3);
-  const exp = input.expiresAtSeconds ?? iat + Math.floor(PAY_CARD_DEFAULT_TTL_MS / 1e3);
-  const body = buildArtifactBody({
-    type: ARTIFACT_TYPES.PAY_CARD,
-    issuer: input.issuer,
-    keyId: input.keyId,
-    data: parsedData,
-    nonce: input.nonce,
-    issuedAtSeconds: iat,
-    expiresAtSeconds: exp
-  });
-  return { body, bodyBytes: canonicalJSONBytes(body) };
-}
 export {
   ACCOUNT_FUNDED_OAC_MAX_TTL_MS,
   ACCOUNT_STATUSES,
@@ -4691,6 +4704,8 @@ export {
   CLAIM_DOMAIN_V2,
   COLLECTION_INTENT_STATUSES,
   COLLECTION_PAYMENT_STATUSES,
+  CONSUMER_OAC_DOMAIN,
+  CONSUMER_OAC_QR_PREFIX,
   CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS,
   CONSUMER_PAYMENT_REQUEST_DOMAIN,
   CONSUMER_SETTLEMENT_DOMAIN,
@@ -4729,6 +4744,8 @@ export {
   IdentityArtifactSchema,
   IngestFundingResultSchema,
   IssueAccountOacInputSchema,
+  IssuerTrustBundleSchema,
+  IssuerTrustKeySchema,
   LedgerJournalEntryArtifactSchema,
   ListPayoutDestinationsResultSchema,
   MEMBERSHIP_ROLES,
@@ -4752,6 +4769,7 @@ export {
   OFFLINE_SMS_SETTLE_SIGNATURE_BYTES,
   OFFLINE_SMS_SETTLE_TOKEN_BYTES,
   OFFLINE_SMS_SETTLE_VERSION,
+  OacPresentmentRequestSchema,
   OfflineClaimArtifactSchema,
   OfflinePaymentAuthorizationArtifactSchema,
   OfflinePaymentAuthorizationSchema,
@@ -4769,9 +4787,6 @@ export {
   PASS_STATES,
   PAYLOAD_FORMAT_INDICATOR_VALUE,
   PAYOUT_DESTINATION_STATUSES,
-  PAY_CARD_DEFAULT_TTL_MS,
-  PAY_CARD_REFRESH_THRESHOLD_MS,
-  PAY_CARD_URI_PREFIX,
   POINT_OF_INITIATION,
   PartnerFundingEventInputSchema,
   PartnerFundingSchema,
@@ -4779,7 +4794,6 @@ export {
   PassArtifactSchema,
   PassMetadataSchema,
   PassSchema,
-  PayCardArtifactSchema,
   PayCollectionInputSchema,
   PaymentClaimSchema,
   PaymentIntentArtifactSchema,
@@ -4818,7 +4832,6 @@ export {
   buildConsumerPaymentRequest,
   buildOAC,
   buildPass,
-  buildPayCardSigningInput,
   buildPaymentRequest,
   buildReceipt,
   buildRedemption,
@@ -4832,6 +4845,7 @@ export {
   computeConsumerClaimEncounterId,
   computeEncounterId,
   constantTimeEqual,
+  consumerOacSigningPayload,
   consumerPaymentRequestSigningBytes,
   consumerPaymentRequestSigningPayload,
   consumerSettlementSigningPayload,
@@ -4852,23 +4866,24 @@ export {
   createPartnerFundingClient,
   createPartnerProfileAdminClient,
   createPassesClient,
-  createPayCardArtifactUri,
   createReceiptArtifactUri,
   createReceiptsClient,
   createSoftwareP256Signer,
   decodeArtifactUri,
   decodeAuthorizationQR,
   decodeBase45,
+  decodeConsumerOacRequest,
   decodeConsumerSettlementReceiptQR,
   decodeOfflineClaimSmsMessage,
   decodeOfflineSmsSettleToken,
-  decodePayCardArtifact,
   decodePaymentRequestQR,
+  decodeUnverifiedConsumerOacQR,
   decodeUnverifiedConsumerSettlementReceiptQR,
   derToRawP256Signature,
   encodeArtifactUri,
   encodeAuthorizationQR,
   encodeBase45,
+  encodeConsumerOacQR,
   encodeConsumerSettlementReceiptQR,
   encodeNQR,
   encodeOfflineClaimSmsMessage,
@@ -4880,12 +4895,11 @@ export {
   generateDynamicQR,
   generateStaticQR,
   init,
-  inspectPayCardFreshness,
+  isConsumerOacQR,
   isConsumerPaymentRequestExpired,
   isHardenedArtifactType,
   isKnownArtifactType,
   isPassWithinValidity,
-  isPayCardArtifactUri,
   moneyMinorToNumber,
   normalizeE164,
   parseAmountInput,
@@ -4911,9 +4925,9 @@ export {
   verifyConsumerSettlement,
   verifyConsumerSettlementReceiptQR,
   verifyOAC,
+  verifyOacOffline,
   verifyOfflineSmsSettleToken,
   verifyPass,
-  verifyPayCardArtifact,
   verifyPaymentRequest,
   verifyReceipt,
   verifyRedemption,