npm - @nokinc-flur/sdk - Versions diffs - 2.3.0 → 2.5.0 - Mend

@nokinc-flur/sdk 2.3.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -2955,76 +2955,142 @@ function createAccountsClient(opts) {
 }
 // src/me-offline/client.ts
+import { z as z14 } from "zod";
+// src/me-offline/revocation.ts
 import { z as z13 } from "zod";
-var Sha256Hex = z13.string().regex(/^[0-9a-f]{64}$/);
 var Base64Std3 = z13.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
-var ClaimNonce = z13.string().min(8).max(128).refine((value) => !value.includes("|"), {
+var CONSUMER_REVOCATION_DOMAIN = "flur:consumer-offline:v1:revocation";
+var REVOCATION_LIST_MAX_ENTRIES = 1e5;
+var RevocationListSchema = z13.object({
+  issuerId: z13.string().min(1).max(64),
+  /**
+   * Monotonic snapshot counter. A device MUST NOT replace a pinned list with
+   * one carrying a lower sequence — this defeats a downgrade/rollback attack
+   * that replays an older list to resurrect a revoked credential.
+   */
+  sequence: z13.number().int().nonnegative(),
+  issuedAtMs: z13.number().int().nonnegative(),
+  /**
+   * Freshness bound. After this instant the list is considered stale and the
+   * verifier treats it as untrustworthy (fail-closed), forcing a re-pin.
+   * Optional so the issuer may publish a list without a hard expiry.
+   */
+  notAfterMs: z13.number().int().positive().optional(),
+  /** OAC ids that are revoked AND not yet past their own validity window. */
+  revokedOacIds: z13.array(z13.string().uuid()).max(REVOCATION_LIST_MAX_ENTRIES)
+});
+var SignedRevocationListSchema = z13.object({
+  list: RevocationListSchema,
+  /** ASN.1 DER ECDSA P-256 issuer signature over the signing payload, base64. */
+  issuerSig: Base64Std3.min(16).max(2048),
+  /** Issuer's P-256 public key as SubjectPublicKeyInfo DER, base64. */
+  issuerPublicKeySpkiB64: Base64Std3.min(64).max(4096)
+});
+function revocationListSigningPayload(list) {
+  const payload = {
+    domain: CONSUMER_REVOCATION_DOMAIN,
+    issuerId: list.issuerId,
+    sequence: list.sequence,
+    issuedAtMs: list.issuedAtMs,
+    revokedOacIds: list.revokedOacIds
+  };
+  if (list.notAfterMs !== void 0) payload.notAfterMs = list.notAfterMs;
+  return payload;
+}
+function verifyRevocationList(signed, trustedKeys, options = {}) {
+  const parsed = SignedRevocationListSchema.safeParse(signed);
+  if (!parsed.success) return { ok: false, reason: "malformed" };
+  const list = parsed.data.list;
+  const nowMs = options.nowMs ?? Date.now();
+  const pinned = trustedKeys.filter(
+    (k) => k.issuerId === list.issuerId && (k.notBeforeMs === void 0 || nowMs >= k.notBeforeMs) && (k.notAfterMs === void 0 || nowMs <= k.notAfterMs)
+  );
+  if (pinned.length === 0) return { ok: false, reason: "untrusted_issuer" };
+  const signingBytes = canonicalJSONBytes(revocationListSigningPayload(list));
+  const signatureOk = pinned.some(
+    (k) => verifyIssuerP256(signingBytes, parsed.data.issuerSig, k.publicKeySpkiB64)
+  );
+  if (!signatureOk) return { ok: false, reason: "signature_invalid" };
+  if (list.notAfterMs !== void 0 && nowMs > list.notAfterMs) {
+    return { ok: false, reason: "stale" };
+  }
+  return { ok: true, list, revokedOacIds: new Set(list.revokedOacIds) };
+}
+function isOacRevoked(oacId, revokedOacIds) {
+  return revokedOacIds.has(oacId);
+}
+// src/me-offline/client.ts
+var Sha256Hex = z14.string().regex(/^[0-9a-f]{64}$/);
+var Base64Std4 = z14.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
+var ClaimNonce = z14.string().min(8).max(128).refine((value) => !value.includes("|"), {
   message: "nonce must not contain |"
 });
 var ACCOUNT_FUNDED_OAC_MAX_TTL_MS = 1e3 * 60 * 60 * 24;
-var IssuerTrustKeySchema = z13.object({
-  issuerId: z13.string().min(1).max(128),
-  alg: z13.literal("p256"),
-  publicKeySpkiB64: Base64Std3.min(64).max(4096),
-  notBeforeMs: z13.number().int().nonnegative().optional(),
-  notAfterMs: z13.number().int().positive().optional()
+var IssuerTrustKeySchema = z14.object({
+  issuerId: z14.string().min(1).max(128),
+  alg: z14.literal("p256"),
+  publicKeySpkiB64: Base64Std4.min(64).max(4096),
+  notBeforeMs: z14.number().int().nonnegative().optional(),
+  notAfterMs: z14.number().int().positive().optional()
 });
-var IssuerTrustBundleSchema = z13.object({
-  keys: z13.array(IssuerTrustKeySchema).min(1)
+var IssuerTrustBundleSchema = z14.object({
+  keys: z14.array(IssuerTrustKeySchema).min(1)
 });
 var CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS = 1e3 * 60 * 60 * 24;
-var AttestationSecurityLevelSchema = z13.enum([
+var AttestationSecurityLevelSchema = z14.enum([
   "STRONGBOX",
   "TEE",
   "SECURE_ENCLAVE",
   "SOFTWARE"
 ]);
-var DeviceKeyAlgSchema = z13.literal("p256");
-var RegisterDeviceKeyP256InputSchema = z13.object({
-  deviceId: z13.string().min(1).max(128),
+var DeviceKeyAlgSchema = z14.literal("p256");
+var RegisterDeviceKeyP256InputSchema = z14.object({
+  deviceId: z14.string().min(1).max(128),
   /** P-256 SubjectPublicKeyInfo DER, base64. */
-  publicKeySpkiB64: Base64Std3.min(64).max(4096),
+  publicKeySpkiB64: Base64Std4.min(64).max(4096),
   /** Base64 of the server-issued enrollment challenge string. */
-  challengeB64: Base64Std3.min(8).max(1024),
+  challengeB64: Base64Std4.min(8).max(1024),
   /** iOS App Attest payload or Android X.509 Key Attestation chain. */
-  attestationChainB64: z13.array(Base64Std3.min(16).max(16384)).min(1).max(16),
+  attestationChainB64: z14.array(Base64Std4.min(16).max(16384)).min(1).max(16),
   securityLevel: AttestationSecurityLevelSchema
 });
-var P256EnrollmentChallengeInputSchema = z13.object({
-  deviceId: z13.string().min(1).max(128)
+var P256EnrollmentChallengeInputSchema = z14.object({
+  deviceId: z14.string().min(1).max(128)
 });
-var P256EnrollmentChallengeResultSchema = z13.object({
-  challenge: z13.string().min(16),
-  expiresAtMs: z13.number().int().positive()
+var P256EnrollmentChallengeResultSchema = z14.object({
+  challenge: z14.string().min(16),
+  expiresAtMs: z14.number().int().positive()
 });
-var DeviceKeyRecordSchema = z13.object({
-  id: z13.string().uuid(),
-  userId: z13.string().uuid(),
-  deviceId: z13.string(),
+var DeviceKeyRecordSchema = z14.object({
+  id: z14.string().uuid(),
+  userId: z14.string().uuid(),
+  deviceId: z14.string(),
   /** Always 'p256' on the consumer offline rail. Field retained for forward-compat. */
   alg: DeviceKeyAlgSchema.default("p256"),
   /** P-256 SubjectPublicKeyInfo DER, base64. */
-  publicKeySpkiB64: Base64Std3.nullable().default(null),
+  publicKeySpkiB64: Base64Std4.nullable().default(null),
   securityLevel: AttestationSecurityLevelSchema.nullable().default(null),
-  hardwareBacked: z13.boolean().default(false),
-  attestedAtMs: z13.number().int().nonnegative().nullable().default(null),
-  createdAtMs: z13.number().int().nonnegative(),
-  revokedAtMs: z13.number().int().nonnegative().nullable()
+  hardwareBacked: z14.boolean().default(false),
+  attestedAtMs: z14.number().int().nonnegative().nullable().default(null),
+  createdAtMs: z14.number().int().nonnegative(),
+  revokedAtMs: z14.number().int().nonnegative().nullable()
 });
-var ConsumerOACSchema = z13.object({
-  oacId: z13.string().uuid(),
-  issuerId: z13.string().min(1).max(64),
-  userId: z13.string().uuid(),
-  deviceId: z13.string().min(1).max(128),
+var ConsumerOACSchema = z14.object({
+  oacId: z14.string().uuid(),
+  issuerId: z14.string().min(1).max(64),
+  userId: z14.string().uuid(),
+  deviceId: z14.string().min(1).max(128),
   /**
    * Always 'p256'. Required on the wire (backend always emits it).
    * Kept as a literal so input/output infer identically and the schema
    * can be nested inside other response shapes without Zod input/output
    * divergence under tsup DTS bundling.
    */
-  alg: z13.literal("p256"),
+  alg: z14.literal("p256"),
   /** P-256 SubjectPublicKeyInfo DER, base64. */
-  devicePubkeySpkiB64: Base64Std3.min(64).max(4096),
+  devicePubkeySpkiB64: Base64Std4.min(64).max(4096),
   /**
    * Per-transaction / cumulative offline spend ceilings. Zero is valid and
    * denotes an identity-only OAC: the credential proves who the holder is and
@@ -3032,104 +3098,104 @@ var ConsumerOACSchema = z13.object({
    * no offline spend authority (every claim against it routes to REVIEW).
    * Issued to zero-balance wallets so they can still be paid offline.
    */
-  perTxCapKobo: z13.number().int().nonnegative(),
-  cumulativeCapKobo: z13.number().int().nonnegative(),
-  currency: z13.string().length(3),
-  validFromMs: z13.number().int().nonnegative(),
-  validUntilMs: z13.number().int().nonnegative(),
-  counterSeed: z13.number().int().nonnegative(),
-  issuedAtMs: z13.number().int().nonnegative(),
+  perTxCapKobo: z14.number().int().nonnegative(),
+  cumulativeCapKobo: z14.number().int().nonnegative(),
+  currency: z14.string().length(3),
+  validFromMs: z14.number().int().nonnegative(),
+  validUntilMs: z14.number().int().nonnegative(),
+  counterSeed: z14.number().int().nonnegative(),
+  issuedAtMs: z14.number().int().nonnegative(),
   /**
    * Issuer-attested identity folded into the OAC so a single signed
    * credential serves both Tier B offline-verifiable identity and offline
    * spend authority. Verified offline against a pinned issuer key; the
    * backend remains authoritative at settlement.
    */
-  phoneE164: z13.string().regex(/^\+[1-9]\d{7,14}$/),
-  displayName: z13.string().min(1).max(64)
+  phoneE164: z14.string().regex(/^\+[1-9]\d{7,14}$/),
+  displayName: z14.string().min(1).max(64)
 });
-var SignedConsumerOACSchema = z13.object({
+var SignedConsumerOACSchema = z14.object({
   oac: ConsumerOACSchema,
   /** ASN.1 DER ECDSA P-256 issuer signature, base64. */
-  issuerSig: Base64Std3.min(16).max(2048),
+  issuerSig: Base64Std4.min(16).max(2048),
   /** Issuer's P-256 public key as SubjectPublicKeyInfo DER, base64. */
-  issuerPublicKeySpkiB64: Base64Std3.min(64).max(4096)
+  issuerPublicKeySpkiB64: Base64Std4.min(64).max(4096)
 });
 var OACRecordSchema = SignedConsumerOACSchema.extend({
-  currentOfflineSpentKobo: z13.number().int().nonnegative(),
-  status: z13.enum(["active", "superseded", "expired", "revoked"]),
-  supersededAtMs: z13.number().int().nonnegative().nullable(),
-  revokedAtMs: z13.number().int().nonnegative().nullable()
+  currentOfflineSpentKobo: z14.number().int().nonnegative(),
+  status: z14.enum(["active", "superseded", "expired", "revoked"]),
+  supersededAtMs: z14.number().int().nonnegative().nullable(),
+  revokedAtMs: z14.number().int().nonnegative().nullable()
 });
-var IssueAccountOacInputSchema = z13.object({
-  deviceId: z13.string().min(1).max(128),
-  perTxCapKobo: z13.number().int().positive().optional(),
-  cumulativeCapKobo: z13.number().int().positive().optional(),
-  ttlMs: z13.number().int().min(6e4).max(ACCOUNT_FUNDED_OAC_MAX_TTL_MS).optional()
+var IssueAccountOacInputSchema = z14.object({
+  deviceId: z14.string().min(1).max(128),
+  perTxCapKobo: z14.number().int().positive().optional(),
+  cumulativeCapKobo: z14.number().int().positive().optional(),
+  ttlMs: z14.number().int().min(6e4).max(ACCOUNT_FUNDED_OAC_MAX_TTL_MS).optional()
 });
-var OfflineStatusResultSchema = z13.object({
+var OfflineStatusResultSchema = z14.object({
   active: OACRecordSchema.nullable()
 });
-var ConsumerPaymentClaimSchema = z13.object({
+var ConsumerPaymentClaimSchema = z14.object({
   /** Always 'p256'. Retained for forward-compat and as an explicit domain marker. */
-  alg: z13.literal("p256").default("p256"),
-  oacId: z13.string().uuid(),
+  alg: z14.literal("p256").default("p256"),
+  oacId: z14.string().uuid(),
   encounterId: Sha256Hex.optional(),
-  payerUserId: z13.string().uuid(),
-  payeeUserId: z13.string().uuid(),
-  payerDeviceId: z13.string().min(1).max(128),
+  payerUserId: z14.string().uuid(),
+  payeeUserId: z14.string().uuid(),
+  payerDeviceId: z14.string().min(1).max(128),
   payerNonce: ClaimNonce,
   payeeNonce: ClaimNonce,
-  amountKobo: z13.number().int().positive(),
-  currency: z13.string().length(3).default("NGN"),
-  occurredAtMs: z13.number().int().nonnegative(),
-  completedAtMs: z13.number().int().nonnegative().optional(),
-  contextId: z13.string().max(128).optional(),
-  requestId: z13.string().uuid().optional(),
-  requestMode: z13.enum(["fixed", "editable"]).optional(),
-  requestTakerUserId: z13.string().uuid().optional(),
-  requestAmountKobo: z13.number().int().positive().optional(),
-  requestCurrency: z13.string().length(3).optional(),
-  requestReference: z13.string().max(128).nullable().optional(),
-  requestCreatedAtMs: z13.number().int().nonnegative().optional(),
-  requestExpiresAtMs: z13.number().int().positive().optional(),
-  requestNonce: z13.string().min(8).max(128).optional(),
-  requestTakerDeviceId: z13.string().min(1).max(128).nullable().optional(),
-  requestTakerPubkeySpkiB64: Base64Std3.min(64).max(4096).optional(),
-  requestTakerSignatureDerB64: Base64Std3.min(16).max(2048).optional(),
-  payerPubkeySpkiB64: Base64Std3.min(64).max(4096),
-  payerSignatureDerB64: Base64Std3.min(16).max(2048),
-  payeePubkeySpkiB64: Base64Std3.min(64).max(4096).optional(),
-  payeeSignatureDerB64: Base64Std3.min(16).max(2048).optional()
+  amountKobo: z14.number().int().positive(),
+  currency: z14.string().length(3).default("NGN"),
+  occurredAtMs: z14.number().int().nonnegative(),
+  completedAtMs: z14.number().int().nonnegative().optional(),
+  contextId: z14.string().max(128).optional(),
+  requestId: z14.string().uuid().optional(),
+  requestMode: z14.enum(["fixed", "editable"]).optional(),
+  requestTakerUserId: z14.string().uuid().optional(),
+  requestAmountKobo: z14.number().int().positive().optional(),
+  requestCurrency: z14.string().length(3).optional(),
+  requestReference: z14.string().max(128).nullable().optional(),
+  requestCreatedAtMs: z14.number().int().nonnegative().optional(),
+  requestExpiresAtMs: z14.number().int().positive().optional(),
+  requestNonce: z14.string().min(8).max(128).optional(),
+  requestTakerDeviceId: z14.string().min(1).max(128).nullable().optional(),
+  requestTakerPubkeySpkiB64: Base64Std4.min(64).max(4096).optional(),
+  requestTakerSignatureDerB64: Base64Std4.min(16).max(2048).optional(),
+  payerPubkeySpkiB64: Base64Std4.min(64).max(4096),
+  payerSignatureDerB64: Base64Std4.min(16).max(2048),
+  payeePubkeySpkiB64: Base64Std4.min(64).max(4096).optional(),
+  payeeSignatureDerB64: Base64Std4.min(16).max(2048).optional()
 });
-var ConsumerSettlementSchema = z13.object({
-  settlementId: z13.string().uuid(),
+var ConsumerSettlementSchema = z14.object({
+  settlementId: z14.string().uuid(),
   settlementKey: Sha256Hex,
   encounterId: Sha256Hex,
-  oacId: z13.string().uuid(),
-  payerUserId: z13.string().uuid(),
-  payeeUserId: z13.string().uuid(),
-  amountKobo: z13.number().int().positive(),
-  currency: z13.string().length(3),
-  status: z13.enum(["SETTLED", "REVIEW"]),
-  reviewReason: z13.string().nullable(),
-  ledgerRef: z13.string().nullable(),
+  oacId: z14.string().uuid(),
+  payerUserId: z14.string().uuid(),
+  payeeUserId: z14.string().uuid(),
+  amountKobo: z14.number().int().positive(),
+  currency: z14.string().length(3),
+  status: z14.enum(["SETTLED", "REVIEW"]),
+  reviewReason: z14.string().nullable(),
+  ledgerRef: z14.string().nullable(),
   /** ASN.1 DER ECDSA P-256 issuer signature, base64. */
-  issuerSig: Base64Std3.min(16).max(2048),
+  issuerSig: Base64Std4.min(16).max(2048),
   /** Canonical millisecond timestamp signed into the settlement receipt. */
-  issuedAtMs: z13.number().int().nonnegative(),
+  issuedAtMs: z14.number().int().nonnegative(),
   /** Compatibility alias for API consumers that predate issuedAtMs. */
-  createdAtMs: z13.number().int().nonnegative().optional()
+  createdAtMs: z14.number().int().nonnegative().optional()
 });
-var ConsumerSettleResultSchema = z13.object({
+var ConsumerSettleResultSchema = z14.object({
   settlement: ConsumerSettlementSchema,
   encounterId: Sha256Hex,
-  replayed: z13.boolean()
+  replayed: z14.boolean()
 });
-var RevokeDeviceKeyInputSchema = z13.object({
-  deviceId: z13.string().min(1).max(128),
+var RevokeDeviceKeyInputSchema = z14.object({
+  deviceId: z14.string().min(1).max(128),
   /** Step-up token from /api/v1/auth/send/verify with purpose='offline_revoke'. */
-  sendAuthToken: z13.string().min(16)
+  sendAuthToken: z14.string().min(16)
 });
 function createMeOfflineClient(opts) {
   const fetchImpl = opts.fetchImpl ?? globalThis.fetch;
@@ -3162,7 +3228,7 @@ function createMeOfflineClient(opts) {
     }
     return parser(raw);
   }
-  const deviceKeyItems = z13.object({ items: z13.array(DeviceKeyRecordSchema) });
+  const deviceKeyItems = z14.object({ items: z14.array(DeviceKeyRecordSchema) });
   return {
     issueP256EnrollmentChallenge: (input) => call(
       "POST",
@@ -3220,6 +3286,12 @@ function createMeOfflineClient(opts) {
       "/v1/issuer/keys",
       void 0,
       (raw) => IssuerTrustBundleSchema.parse(raw)
+    ),
+    getRevocations: () => call(
+      "GET",
+      "/v1/issuer/revocations",
+      void 0,
+      (raw) => SignedRevocationListSchema.parse(raw)
     )
   };
 }
@@ -3366,26 +3438,26 @@ function verifyClaimSignature(input) {
 }
 // src/me-offline/request.ts
-import { z as z14 } from "zod";
-var Base64Std4 = z14.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
+import { z as z15 } from "zod";
+var Base64Std5 = z15.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
 var CONSUMER_PAYMENT_REQUEST_DOMAIN = "flur:consumer-offline:v1:request";
-var ConsumerPaymentRequestEnvelopeSchema = z14.object({
-  requestId: z14.string().uuid(),
-  mode: z14.enum(["fixed", "editable"]),
-  takerUserId: z14.string().uuid(),
-  amountKobo: z14.number().int().positive(),
-  currency: z14.string().length(3).default("NGN"),
-  reference: z14.string().max(128).nullable().default(null),
-  createdAtMs: z14.number().int().nonnegative(),
-  expiresAtMs: z14.number().int().positive(),
-  nonce: z14.string().min(8).max(128),
-  takerDeviceId: z14.string().min(1).max(128).nullable().default(null),
-  takerPubkeySpkiB64: Base64Std4.min(64).max(4096).optional(),
-  takerSignatureDerB64: Base64Std4.min(16).max(2048).optional()
+var ConsumerPaymentRequestEnvelopeSchema = z15.object({
+  requestId: z15.string().uuid(),
+  mode: z15.enum(["fixed", "editable"]),
+  takerUserId: z15.string().uuid(),
+  amountKobo: z15.number().int().positive(),
+  currency: z15.string().length(3).default("NGN"),
+  reference: z15.string().max(128).nullable().default(null),
+  createdAtMs: z15.number().int().nonnegative(),
+  expiresAtMs: z15.number().int().positive(),
+  nonce: z15.string().min(8).max(128),
+  takerDeviceId: z15.string().min(1).max(128).nullable().default(null),
+  takerPubkeySpkiB64: Base64Std5.min(64).max(4096).optional(),
+  takerSignatureDerB64: Base64Std5.min(16).max(2048).optional()
 }).superRefine((value, ctx) => {
   if (value.expiresAtMs <= value.createdAtMs) {
     ctx.addIssue({
-      code: z14.ZodIssueCode.custom,
+      code: z15.ZodIssueCode.custom,
       path: ["expiresAtMs"],
       message: "expiresAtMs must be greater than createdAtMs"
     });
@@ -3396,21 +3468,21 @@ var ConsumerPaymentRequestEnvelopeSchema = z14.object({
   if (value.mode === "fixed" || hasSignature) {
     if (!value.takerDeviceId) {
       ctx.addIssue({
-        code: z14.ZodIssueCode.custom,
+        code: z15.ZodIssueCode.custom,
         path: ["takerDeviceId"],
         message: "signed requests require takerDeviceId"
       });
     }
     if (!value.takerPubkeySpkiB64) {
       ctx.addIssue({
-        code: z14.ZodIssueCode.custom,
+        code: z15.ZodIssueCode.custom,
         path: ["takerPubkeySpkiB64"],
         message: "signed requests require takerPubkeySpkiB64"
       });
     }
     if (!value.takerSignatureDerB64) {
       ctx.addIssue({
-        code: z14.ZodIssueCode.custom,
+        code: z15.ZodIssueCode.custom,
         path: ["takerSignatureDerB64"],
         message: "signed requests require takerSignatureDerB64"
       });
@@ -3581,6 +3653,7 @@ function base64UrlDecodeUtf8(input) {
 }
 // src/me-offline/oac.ts
+import { z as z16 } from "zod";
 var CONSUMER_OAC_DOMAIN = "flur:consumer-offline:v1:oac";
 function consumerOacSigningPayload(oac) {
   return { domain: CONSUMER_OAC_DOMAIN, ...oac };
@@ -3606,6 +3679,9 @@ function verifyOacOffline(signed, trustedKeys, options = {}) {
   }
   if (nowMs < oac.validFromMs) return { ok: false, reason: "not_yet_valid" };
   if (nowMs >= oac.validUntilMs) return { ok: false, reason: "expired" };
+  if (options.revokedOacIds?.has(oac.oacId)) {
+    return { ok: false, reason: "revoked" };
+  }
   return {
     ok: true,
     oac,
@@ -3623,15 +3699,28 @@ var CONSUMER_OAC_QR_PREFIX = "FLUROAC1.";
 function isConsumerOacQR(value) {
   return value.startsWith(CONSUMER_OAC_QR_PREFIX);
 }
-function encodeConsumerOacQR(signed) {
+var OacPresentmentRequestSchema = z16.object({
+  /** Requested amount in minor units (kobo). */
+  amountMinor: z16.number().int().positive().max(1e12).optional(),
+  /** Purpose/intent code (mirrors the NIBSS intent vocabulary). */
+  intent: z16.string().min(1).max(32).optional(),
+  /** Free-text reference / note. */
+  reference: z16.string().min(1).max(64).optional()
+}).strict();
+function encodeConsumerOacQR(signed, request) {
   const parsed = SignedConsumerOACSchema.parse(signed);
-  return `${CONSUMER_OAC_QR_PREFIX}${base64UrlEncodeUtf82(JSON.stringify(parsed))}`;
+  const base = `${CONSUMER_OAC_QR_PREFIX}${base64UrlEncodeUtf82(JSON.stringify(parsed))}`;
+  if (request === void 0) return base;
+  const parsedRequest = OacPresentmentRequestSchema.parse(request);
+  if (Object.keys(parsedRequest).length === 0) return base;
+  return `${base}.${base64UrlEncodeUtf82(JSON.stringify(parsedRequest))}`;
 }
 function decodeUnverifiedConsumerOacQR(value) {
   if (!value.startsWith(CONSUMER_OAC_QR_PREFIX)) {
     throw new Error("not a Flur consumer OAC QR");
   }
-  const encoded = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  const remainder = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  const encoded = remainder.split(".", 1)[0];
   let raw;
   try {
     raw = JSON.parse(base64UrlDecodeUtf82(encoded));
@@ -3640,6 +3729,21 @@ function decodeUnverifiedConsumerOacQR(value) {
   }
   return SignedConsumerOACSchema.parse(raw);
 }
+function decodeConsumerOacRequest(value) {
+  if (!value.startsWith(CONSUMER_OAC_QR_PREFIX)) return null;
+  const remainder = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  const dot = remainder.indexOf(".");
+  if (dot < 0) return null;
+  const suffix = remainder.slice(dot + 1);
+  if (suffix.length === 0) return null;
+  try {
+    const raw = JSON.parse(base64UrlDecodeUtf82(suffix));
+    const parsed = OacPresentmentRequestSchema.safeParse(raw);
+    return parsed.success ? parsed.data : null;
+  } catch {
+    return null;
+  }
+}
 function base64UrlEncodeUtf82(input) {
   const bytes = new TextEncoder().encode(input);
   let binary = "";
@@ -3935,14 +4039,14 @@ function base64UrlToBytes(input) {
 }
 // src/partner-funding/client.ts
-import { z as z15 } from "zod";
-var MinorString = z15.string().regex(/^-?\d+$/);
-var PositiveMinor = z15.union([
-  z15.number().int().positive(),
-  z15.string().regex(/^[1-9]\d{0,18}$/)
+import { z as z17 } from "zod";
+var MinorString = z17.string().regex(/^-?\d+$/);
+var PositiveMinor = z17.union([
+  z17.number().int().positive(),
+  z17.string().regex(/^[1-9]\d{0,18}$/)
 ]);
-var Currency = z15.string().trim().length(3).transform((v) => v.toUpperCase());
-var Metadata = z15.record(z15.unknown());
+var Currency = z17.string().trim().length(3).transform((v) => v.toUpperCase());
+var Metadata = z17.record(z17.unknown());
 var PARTNER_KINDS = ["bank", "merchant"];
 var CUSTODIAL_MODES = ["agent_of_bank", "flur_virtual_pool"];
 var PARTNER_PROFILE_STATUSES = [
@@ -3969,126 +4073,126 @@ var WITHDRAWAL_STATES = [
   "failed",
   "reversed"
 ];
-var PartnerProfileSchema = z15.object({
-  partnerAccountId: z15.string().uuid(),
-  kind: z15.enum(PARTNER_KINDS),
-  custodialMode: z15.enum(CUSTODIAL_MODES),
-  displayName: z15.string(),
-  bankCode: z15.string().nullable(),
-  poolAccountNumber: z15.string().nullable(),
-  status: z15.enum(PARTNER_PROFILE_STATUSES),
+var PartnerProfileSchema = z17.object({
+  partnerAccountId: z17.string().uuid(),
+  kind: z17.enum(PARTNER_KINDS),
+  custodialMode: z17.enum(CUSTODIAL_MODES),
+  displayName: z17.string(),
+  bankCode: z17.string().nullable(),
+  poolAccountNumber: z17.string().nullable(),
+  status: z17.enum(PARTNER_PROFILE_STATUSES),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z17.number().int().nonnegative(),
+  updatedAtMs: z17.number().int().nonnegative()
 });
-var UpsertPartnerProfileInputSchema = z15.object({
-  kind: z15.enum(PARTNER_KINDS),
-  custodialMode: z15.enum(CUSTODIAL_MODES),
-  displayName: z15.string().trim().min(1).max(200),
-  bankCode: z15.string().trim().min(1).max(64).optional(),
-  poolAccountNumber: z15.string().trim().min(1).max(64).optional(),
+var UpsertPartnerProfileInputSchema = z17.object({
+  kind: z17.enum(PARTNER_KINDS),
+  custodialMode: z17.enum(CUSTODIAL_MODES),
+  displayName: z17.string().trim().min(1).max(200),
+  bankCode: z17.string().trim().min(1).max(64).optional(),
+  poolAccountNumber: z17.string().trim().min(1).max(64).optional(),
   metadata: Metadata.optional()
 });
-var PartnerFundingEventInputSchema = z15.object({
-  externalRef: z15.string().trim().min(8).max(128),
-  direction: z15.enum(PARTNER_FUNDING_DIRECTIONS).optional(),
-  userId: z15.string().uuid().optional(),
-  accountId: z15.string().uuid().optional(),
+var PartnerFundingEventInputSchema = z17.object({
+  externalRef: z17.string().trim().min(8).max(128),
+  direction: z17.enum(PARTNER_FUNDING_DIRECTIONS).optional(),
+  userId: z17.string().uuid().optional(),
+  accountId: z17.string().uuid().optional(),
   amountMinor: PositiveMinor,
   currency: Currency,
-  fundingSource: z15.string().trim().min(1).max(64).optional(),
+  fundingSource: z17.string().trim().min(1).max(64).optional(),
   providerMetadata: Metadata.optional()
 });
-var PartnerFundingSchema = z15.object({
-  fundingId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  userId: z15.string().uuid().nullable(),
-  direction: z15.enum(PARTNER_FUNDING_DIRECTIONS),
-  currency: z15.string(),
+var PartnerFundingSchema = z17.object({
+  fundingId: z17.string().uuid(),
+  partnerId: z17.string().uuid(),
+  accountId: z17.string().uuid(),
+  userId: z17.string().uuid().nullable(),
+  direction: z17.enum(PARTNER_FUNDING_DIRECTIONS),
+  currency: z17.string(),
   amountMinor: MinorString,
-  externalRef: z15.string(),
-  status: z15.enum(PARTNER_FUNDING_STATUSES),
-  fundingSource: z15.string(),
-  ledgerRef: z15.string(),
+  externalRef: z17.string(),
+  status: z17.enum(PARTNER_FUNDING_STATUSES),
+  fundingSource: z17.string(),
+  ledgerRef: z17.string(),
   providerMetadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z17.number().int().nonnegative(),
+  updatedAtMs: z17.number().int().nonnegative()
 });
-var IngestFundingResultSchema = z15.object({
+var IngestFundingResultSchema = z17.object({
   funding: PartnerFundingSchema,
-  replayed: z15.boolean()
+  replayed: z17.boolean()
 });
-var PayoutDestinationSchema = z15.object({
-  destinationId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  bankCode: z15.string(),
-  accountNumber: z15.string(),
-  accountName: z15.string(),
-  status: z15.enum(PAYOUT_DESTINATION_STATUSES),
-  verifiedAtMs: z15.number().int().nonnegative().nullable(),
+var PayoutDestinationSchema = z17.object({
+  destinationId: z17.string().uuid(),
+  accountId: z17.string().uuid(),
+  partnerId: z17.string().uuid(),
+  bankCode: z17.string(),
+  accountNumber: z17.string(),
+  accountName: z17.string(),
+  status: z17.enum(PAYOUT_DESTINATION_STATUSES),
+  verifiedAtMs: z17.number().int().nonnegative().nullable(),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z17.number().int().nonnegative(),
+  updatedAtMs: z17.number().int().nonnegative()
 });
-var CreatePayoutDestinationInputSchema = z15.object({
-  partnerId: z15.string().uuid(),
-  bankCode: z15.string().trim().min(1).max(32),
-  accountNumber: z15.string().trim().min(4).max(64),
-  accountName: z15.string().trim().min(1).max(200),
+var CreatePayoutDestinationInputSchema = z17.object({
+  partnerId: z17.string().uuid(),
+  bankCode: z17.string().trim().min(1).max(32),
+  accountNumber: z17.string().trim().min(4).max(64),
+  accountName: z17.string().trim().min(1).max(200),
   metadata: Metadata.optional()
 });
-var ListPayoutDestinationsResultSchema = z15.object({
-  items: z15.array(PayoutDestinationSchema)
+var ListPayoutDestinationsResultSchema = z17.object({
+  items: z17.array(PayoutDestinationSchema)
 });
-var WithdrawalSchema = z15.object({
-  withdrawalId: z15.string().uuid(),
-  accountId: z15.string().uuid(),
-  userId: z15.string().uuid(),
-  partnerId: z15.string().uuid(),
-  destinationId: z15.string().uuid(),
-  currency: z15.string(),
+var WithdrawalSchema = z17.object({
+  withdrawalId: z17.string().uuid(),
+  accountId: z17.string().uuid(),
+  userId: z17.string().uuid(),
+  partnerId: z17.string().uuid(),
+  destinationId: z17.string().uuid(),
+  currency: z17.string(),
   amountMinor: MinorString,
-  state: z15.enum(WITHDRAWAL_STATES),
-  idempotencyKey: z15.string(),
-  providerRef: z15.string().nullable(),
-  lastError: z15.string().nullable(),
-  ledgerRef: z15.string(),
-  reverseLedgerRef: z15.string().nullable(),
+  state: z17.enum(WITHDRAWAL_STATES),
+  idempotencyKey: z17.string(),
+  providerRef: z17.string().nullable(),
+  lastError: z17.string().nullable(),
+  ledgerRef: z17.string(),
+  reverseLedgerRef: z17.string().nullable(),
   metadata: Metadata,
-  createdAtMs: z15.number().int().nonnegative(),
-  updatedAtMs: z15.number().int().nonnegative()
+  createdAtMs: z17.number().int().nonnegative(),
+  updatedAtMs: z17.number().int().nonnegative()
 });
-var CreateWithdrawalInputSchema = z15.object({
-  destinationId: z15.string().uuid(),
+var CreateWithdrawalInputSchema = z17.object({
+  destinationId: z17.string().uuid(),
   amountMinor: PositiveMinor,
   currency: Currency,
-  idempotencyKey: z15.string().trim().min(8).max(128),
+  idempotencyKey: z17.string().trim().min(8).max(128),
   metadata: Metadata.optional()
 });
-var CreateWithdrawalResultSchema = z15.object({
+var CreateWithdrawalResultSchema = z17.object({
   withdrawal: WithdrawalSchema,
-  replayed: z15.boolean()
+  replayed: z17.boolean()
 });
-var PayoutEventInputSchema = z15.object({
-  externalRef: z15.string().trim().min(8).max(128),
-  withdrawalId: z15.string().uuid().optional(),
-  state: z15.enum(["submitted", "processing", "paid", "failed"]),
-  providerRef: z15.string().trim().min(1).max(128).optional(),
-  failureCode: z15.string().trim().max(64).optional(),
-  failureMessage: z15.string().trim().max(512).optional(),
+var PayoutEventInputSchema = z17.object({
+  externalRef: z17.string().trim().min(8).max(128),
+  withdrawalId: z17.string().uuid().optional(),
+  state: z17.enum(["submitted", "processing", "paid", "failed"]),
+  providerRef: z17.string().trim().min(1).max(128).optional(),
+  failureCode: z17.string().trim().max(64).optional(),
+  failureMessage: z17.string().trim().max(512).optional(),
   providerMetadata: Metadata.optional()
 });
-var RecordPayoutEventResultSchema = z15.object({
+var RecordPayoutEventResultSchema = z17.object({
   withdrawal: WithdrawalSchema,
-  replayed: z15.boolean()
+  replayed: z17.boolean()
 });
-var ReconciliationReportSchema = z15.object({
-  partnerId: z15.string().uuid(),
-  currency: z15.string(),
-  fromMs: z15.number().int().nonnegative(),
-  toMs: z15.number().int().nonnegative(),
+var ReconciliationReportSchema = z17.object({
+  partnerId: z17.string().uuid(),
+  currency: z17.string(),
+  fromMs: z17.number().int().nonnegative(),
+  toMs: z17.number().int().nonnegative(),
   fundingsCreditMinor: MinorString,
   fundingsDebitMinor: MinorString,
   withdrawalsPaidMinor: MinorString,
@@ -4097,7 +4201,7 @@ var ReconciliationReportSchema = z15.object({
   expectedReserveBalanceMinor: MinorString,
   actualReserveBalanceMinor: MinorString,
   imbalanceMinor: MinorString,
-  generatedAtMs: z15.number().int().nonnegative()
+  generatedAtMs: z17.number().int().nonnegative()
 });
 function createPartnerFundingClient(partner) {
   return {
@@ -4249,19 +4353,19 @@ function createPartnerProfileAdminClient(opts) {
 }
 // src/artifacts/envelope.ts
-import { z as z16 } from "zod";
+import { z as z18 } from "zod";
 var FLUR_ARTIFACT_URI_SCHEME = "flur";
 var FLUR_ARTIFACT_VERSION = 1;
 var FLUR_ARTIFACT_URI_PREFIX = `${FLUR_ARTIFACT_URI_SCHEME}://v${FLUR_ARTIFACT_VERSION}/`;
 var ArtifactTypeRe = /^[a-z][a-z0-9_]{1,63}$/;
-var ArtifactHeaderSchema = z16.object({
-  v: z16.literal(FLUR_ARTIFACT_VERSION),
-  t: z16.string().regex(ArtifactTypeRe, "invalid artifact type"),
-  iss: z16.string().min(1).max(128),
-  kid: z16.string().min(1).max(128),
-  iat: z16.number().int().nonnegative(),
-  exp: z16.number().int().positive().optional(),
-  nonce: z16.string().min(8).max(64).regex(/^[A-Za-z0-9_-]+$/, "nonce must be url-safe")
+var ArtifactHeaderSchema = z18.object({
+  v: z18.literal(FLUR_ARTIFACT_VERSION),
+  t: z18.string().regex(ArtifactTypeRe, "invalid artifact type"),
+  iss: z18.string().min(1).max(128),
+  kid: z18.string().min(1).max(128),
+  iat: z18.number().int().nonnegative(),
+  exp: z18.number().int().positive().optional(),
+  nonce: z18.string().min(8).max(64).regex(/^[A-Za-z0-9_-]+$/, "nonce must be url-safe")
 });
 var FlurArtifactError = class extends Error {
   constructor(message, code) {
@@ -4400,7 +4504,7 @@ function verifyArtifactSignature(decoded, publicKeySpkiB64, options = {}) {
 }
 // src/artifacts/types.ts
-import { z as z17 } from "zod";
+import { z as z19 } from "zod";
 var ARTIFACT_TYPES = {
   OFFLINE_PAYMENT_AUTHORIZATION: "offline_payment_authorization",
   RECEIPT: "receipt",
@@ -4413,37 +4517,34 @@ var ARTIFACT_TYPES = {
   LEDGER_JOURNAL_ENTRY: "ledger_journal_entry",
   STATEMENT: "statement",
   PASS: "pass",
-  IDENTITY: "identity",
-  // Tier B: holder-signed identity attestation for offline trust. The
-  // envelope.iat / envelope.exp express the card's canonical lifetime.
-  PAY_CARD: "pay_card"
+  IDENTITY: "identity"
 };
-var HexString = (length) => z17.string().regex(
+var HexString = (length) => z19.string().regex(
   new RegExp(`^[0-9a-fA-F]{${length * 2}}$`),
   `expected ${length}-byte hex string`
 );
-var OfflinePaymentAuthorizationArtifactSchema = z17.object({
+var OfflinePaymentAuthorizationArtifactSchema = z19.object({
   authorization: OfflinePaymentAuthorizationSchema
 });
-var ReceiptArtifactSchema = z17.object({
-  receiptId: z17.string().min(1).max(64),
-  paymentReference: z17.string().min(1).max(64),
-  payerUserId: z17.string().min(1).max(64).optional(),
-  payeeUserId: z17.string().min(1).max(64),
-  amountKobo: z17.number().int().positive(),
-  currency: z17.literal("NGN"),
-  channel: z17.enum(["online", "offline_reconciled", "pay_link", "nqr"]),
-  settledAtMs: z17.number().int().positive(),
-  ledgerTxnId: z17.string().min(1).max(64).optional(),
-  memo: z17.string().max(140).optional(),
+var ReceiptArtifactSchema = z19.object({
+  receiptId: z19.string().min(1).max(64),
+  paymentReference: z19.string().min(1).max(64),
+  payerUserId: z19.string().min(1).max(64).optional(),
+  payeeUserId: z19.string().min(1).max(64),
+  amountKobo: z19.number().int().positive(),
+  currency: z19.literal("NGN"),
+  channel: z19.enum(["online", "offline_reconciled", "pay_link", "nqr"]),
+  settledAtMs: z19.number().int().positive(),
+  ledgerTxnId: z19.string().min(1).max(64).optional(),
+  memo: z19.string().max(140).optional(),
   hashChainPrev: HexString(32).optional()
 });
-var ShortId = z17.string().min(1).max(64);
-var PositiveInt = z17.number().int().positive();
-var NonNegativeInt = z17.number().int().nonnegative();
-var Currency2 = z17.literal("NGN");
-var Memo = z17.string().max(140);
-var NqrPaymentRequestArtifactSchema = z17.object({
+var ShortId = z19.string().min(1).max(64);
+var PositiveInt = z19.number().int().positive();
+var NonNegativeInt = z19.number().int().nonnegative();
+var Currency2 = z19.literal("NGN");
+var Memo = z19.string().max(140);
+var NqrPaymentRequestArtifactSchema = z19.object({
   requestId: ShortId,
   payeeUserId: ShortId,
   amountKobo: PositiveInt.optional(),
@@ -4451,7 +4552,7 @@ var NqrPaymentRequestArtifactSchema = z17.object({
   memo: Memo.optional(),
   expiresAtMs: PositiveInt.optional()
 });
-var PaymentIntentArtifactSchema = z17.object({
+var PaymentIntentArtifactSchema = z19.object({
   intentId: ShortId,
   payerUserId: ShortId,
   payeeUserId: ShortId,
@@ -4460,7 +4561,7 @@ var PaymentIntentArtifactSchema = z17.object({
   idempotencyKey: ShortId,
   createdAtMs: PositiveInt
 });
-var OfflineClaimArtifactSchema = z17.object({
+var OfflineClaimArtifactSchema = z19.object({
   claimId: ShortId,
   authorizationId: ShortId,
   payeeUserId: ShortId,
@@ -4469,10 +4570,10 @@ var OfflineClaimArtifactSchema = z17.object({
   claimedAtMs: PositiveInt,
   paymentReference: ShortId.optional()
 });
-var SettlementRecordArtifactSchema = z17.object({
+var SettlementRecordArtifactSchema = z19.object({
   settlementId: ShortId,
   ledgerTxnId: ShortId,
-  sourceRefType: z17.enum([
+  sourceRefType: z19.enum([
     "offline_authorization",
     "offline_claim",
     "transfer",
@@ -4483,12 +4584,12 @@ var SettlementRecordArtifactSchema = z17.object({
   currency: Currency2,
   settledAtMs: PositiveInt
 });
-var ReversalRecordArtifactSchema = z17.object({
+var ReversalRecordArtifactSchema = z19.object({
   reversalId: ShortId,
   originalTxnId: ShortId,
   amountKobo: PositiveInt,
   currency: Currency2,
-  reason: z17.enum([
+  reason: z19.enum([
     "user_dispute",
     "fraud",
     "duplicate",
@@ -4498,7 +4599,7 @@ var ReversalRecordArtifactSchema = z17.object({
   reversedAtMs: PositiveInt,
   memo: Memo.optional()
 });
-var LedgerJournalEntryArtifactSchema = z17.object({
+var LedgerJournalEntryArtifactSchema = z19.object({
   entryId: ShortId,
   journalId: ShortId,
   debitAccountId: ShortId,
@@ -4509,13 +4610,13 @@ var LedgerJournalEntryArtifactSchema = z17.object({
   refType: ShortId.optional(),
   refId: ShortId.optional()
 });
-var StatementArtifactSchema = z17.object({
+var StatementArtifactSchema = z19.object({
   statementId: ShortId,
   userId: ShortId,
   periodStartMs: PositiveInt,
   periodEndMs: PositiveInt,
-  openingBalanceKobo: z17.number().int(),
-  closingBalanceKobo: z17.number().int(),
+  openingBalanceKobo: z19.number().int(),
+  closingBalanceKobo: z19.number().int(),
   transactionCount: NonNegativeInt,
   currency: Currency2,
   hashChainPrev: HexString(32).optional()
@@ -4523,16 +4624,16 @@ var StatementArtifactSchema = z17.object({
   message: "periodEndMs must be greater than periodStartMs",
   path: ["periodEndMs"]
 });
-var PassArtifactSchema = z17.object({
+var PassArtifactSchema = z19.object({
   passId: ShortId,
   holderId: ShortId,
-  category: z17.enum(["membership", "ticket", "loyalty", "access", "voucher"]),
-  title: z17.string().min(1).max(120),
+  category: z19.enum(["membership", "ticket", "loyalty", "access", "voucher"]),
+  title: z19.string().min(1).max(120),
   validFromMs: PositiveInt,
   validUntilMs: PositiveInt.optional(),
-  metadata: z17.record(
-    z17.string().min(1).max(64),
-    z17.union([z17.string().max(280), z17.number(), z17.boolean()])
+  metadata: z19.record(
+    z19.string().min(1).max(64),
+    z19.union([z19.string().max(280), z19.number(), z19.boolean()])
   ).optional()
 }).refine(
   (v) => v.validUntilMs === void 0 || v.validUntilMs > v.validFromMs,
@@ -4541,10 +4642,10 @@ var PassArtifactSchema = z17.object({
     path: ["validUntilMs"]
   }
 );
-var IdentityArtifactSchema = z17.object({
+var IdentityArtifactSchema = z19.object({
   attestationId: ShortId,
   subjectId: ShortId,
-  claimType: z17.enum([
+  claimType: z19.enum([
     "phone_verified",
     "email_verified",
     "bvn_verified",
@@ -4554,12 +4655,6 @@ var IdentityArtifactSchema = z17.object({
   claimValueHash: HexString(32),
   attestedAtMs: PositiveInt
 });
-var PayCardArtifactSchema = z17.object({
-  userId: ShortId,
-  phoneE164: z17.string().regex(/^\+[1-9]\d{7,14}$/, "phoneE164 must be normalised E.164"),
-  displayName: z17.string().min(1).max(64),
-  devicePubKeySpkiB64: z17.string().min(64).max(256).regex(/^[A-Za-z0-9+/]+=*$/, "devicePubKeySpkiB64 must be standard base64")
-});
 var ARTIFACT_BODY_SCHEMAS = {
   [ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION]: OfflinePaymentAuthorizationArtifactSchema,
   [ARTIFACT_TYPES.RECEIPT]: ReceiptArtifactSchema,
@@ -4571,8 +4666,7 @@ var ARTIFACT_BODY_SCHEMAS = {
   [ARTIFACT_TYPES.LEDGER_JOURNAL_ENTRY]: LedgerJournalEntryArtifactSchema,
   [ARTIFACT_TYPES.STATEMENT]: StatementArtifactSchema,
   [ARTIFACT_TYPES.PASS]: PassArtifactSchema,
-  [ARTIFACT_TYPES.IDENTITY]: IdentityArtifactSchema,
-  [ARTIFACT_TYPES.PAY_CARD]: PayCardArtifactSchema
+  [ARTIFACT_TYPES.IDENTITY]: IdentityArtifactSchema
 };
 var HARDENED_ARTIFACT_TYPES = /* @__PURE__ */ new Set([
   ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION,
@@ -4585,8 +4679,7 @@ var HARDENED_ARTIFACT_TYPES = /* @__PURE__ */ new Set([
   ARTIFACT_TYPES.LEDGER_JOURNAL_ENTRY,
   ARTIFACT_TYPES.STATEMENT,
   ARTIFACT_TYPES.PASS,
-  ARTIFACT_TYPES.IDENTITY,
-  ARTIFACT_TYPES.PAY_CARD
+  ARTIFACT_TYPES.IDENTITY
 ]);
 function isKnownArtifactType(t) {
   return Object.values(ARTIFACT_TYPES).includes(t);
@@ -4671,130 +4764,6 @@ function createOfflinePaymentAuthorizationArtifactUri(input) {
     type: ARTIFACT_TYPES.OFFLINE_PAYMENT_AUTHORIZATION
   });
 }
-// src/artifacts/paycard.ts
-var PAY_CARD_DEFAULT_TTL_MS = 90 * 24 * 60 * 60 * 1e3;
-var PAY_CARD_REFRESH_THRESHOLD_MS = 30 * 24 * 60 * 60 * 1e3;
-var PAY_CARD_URI_PREFIX = `${FLUR_ARTIFACT_URI_PREFIX}${ARTIFACT_TYPES.PAY_CARD}/`;
-function createPayCardArtifactUri(input) {
-  if (input.data.userId !== input.issuer) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  const iat = input.issuedAtSeconds ?? Math.floor(Date.now() / 1e3);
-  const exp = input.expiresAtSeconds ?? iat + Math.floor(PAY_CARD_DEFAULT_TTL_MS / 1e3);
-  return createArtifactUri({
-    type: ARTIFACT_TYPES.PAY_CARD,
-    issuer: input.issuer,
-    keyId: input.keyId,
-    privateKey: input.privateKey,
-    nonce: input.nonce,
-    issuedAtSeconds: iat,
-    expiresAtSeconds: exp,
-    data: input.data
-  });
-}
-function isPayCardArtifactUri(uri) {
-  return typeof uri === "string" && uri.startsWith(PAY_CARD_URI_PREFIX);
-}
-function decodePayCardArtifact(uri) {
-  if (!isPayCardArtifactUri(uri)) {
-    throw new FlurArtifactError(
-      `URI does not start with ${PAY_CARD_URI_PREFIX}`,
-      "INVALID_URI"
-    );
-  }
-  const decoded = decodeArtifactUri(uri);
-  if (decoded.type !== ARTIFACT_TYPES.PAY_CARD) {
-    throw new FlurArtifactError(
-      `Expected pay_card, got ${decoded.type}`,
-      "TYPE_MISMATCH"
-    );
-  }
-  const parsed = PayCardArtifactSchema.safeParse(decoded.body.data);
-  if (!parsed.success) {
-    throw new FlurArtifactError(
-      `pay_card body invalid: ${parsed.error.message}`,
-      "INVALID_BODY"
-    );
-  }
-  if (parsed.data.userId !== decoded.body.iss) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  return {
-    body: {
-      ...decoded.body,
-      data: parsed.data
-    },
-    sig: decoded.sig,
-    decoded
-  };
-}
-function verifyPayCardArtifact(uri, publicKeySpkiB64, options = {}) {
-  if (!isPayCardArtifactUri(uri)) {
-    throw new FlurArtifactError(
-      `URI does not start with ${PAY_CARD_URI_PREFIX}`,
-      "INVALID_URI"
-    );
-  }
-  const verified = verifyArtifactUri(
-    uri,
-    publicKeySpkiB64,
-    options
-  );
-  if (verified.decoded.type !== ARTIFACT_TYPES.PAY_CARD) {
-    throw new FlurArtifactError(
-      `Expected pay_card, got ${verified.decoded.type}`,
-      "TYPE_MISMATCH"
-    );
-  }
-  if (verified.body.data.userId !== verified.body.iss) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  return {
-    body: verified.body,
-    sig: verified.sig,
-    decoded: verified.decoded
-  };
-}
-function inspectPayCardFreshness(decoded, nowMs = Date.now()) {
-  const exp = decoded.body.exp;
-  if (exp === void 0) return "no_expiry";
-  const remainingMs = exp * 1e3 - nowMs;
-  if (remainingMs <= 0) return "expired";
-  if (remainingMs <= PAY_CARD_REFRESH_THRESHOLD_MS)
-    return "refresh_recommended";
-  return "fresh";
-}
-function buildPayCardSigningInput(input) {
-  if (input.data.userId !== input.issuer) {
-    throw new FlurArtifactError(
-      "pay_card.data.userId must equal envelope issuer",
-      "INVALID_BODY"
-    );
-  }
-  const parsedData = PayCardArtifactSchema.parse(input.data);
-  const iat = input.issuedAtSeconds ?? Math.floor(Date.now() / 1e3);
-  const exp = input.expiresAtSeconds ?? iat + Math.floor(PAY_CARD_DEFAULT_TTL_MS / 1e3);
-  const body = buildArtifactBody({
-    type: ARTIFACT_TYPES.PAY_CARD,
-    issuer: input.issuer,
-    keyId: input.keyId,
-    data: parsedData,
-    nonce: input.nonce,
-    issuedAtSeconds: iat,
-    expiresAtSeconds: exp
-  });
-  return { body, bodyBytes: canonicalJSONBytes(body) };
-}
 export {
   ACCOUNT_FUNDED_OAC_MAX_TTL_MS,
   ACCOUNT_STATUSES,
@@ -4814,6 +4783,7 @@ export {
   CONSUMER_OAC_QR_PREFIX,
   CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS,
   CONSUMER_PAYMENT_REQUEST_DOMAIN,
+  CONSUMER_REVOCATION_DOMAIN,
   CONSUMER_SETTLEMENT_DOMAIN,
   CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX,
   CUSTODIAL_MODES,
@@ -4875,6 +4845,7 @@ export {
   OFFLINE_SMS_SETTLE_SIGNATURE_BYTES,
   OFFLINE_SMS_SETTLE_TOKEN_BYTES,
   OFFLINE_SMS_SETTLE_VERSION,
+  OacPresentmentRequestSchema,
   OfflineClaimArtifactSchema,
   OfflinePaymentAuthorizationArtifactSchema,
   OfflinePaymentAuthorizationSchema,
@@ -4892,9 +4863,6 @@ export {
   PASS_STATES,
   PAYLOAD_FORMAT_INDICATOR_VALUE,
   PAYOUT_DESTINATION_STATUSES,
-  PAY_CARD_DEFAULT_TTL_MS,
-  PAY_CARD_REFRESH_THRESHOLD_MS,
-  PAY_CARD_URI_PREFIX,
   POINT_OF_INITIATION,
   PartnerFundingEventInputSchema,
   PartnerFundingSchema,
@@ -4902,7 +4870,6 @@ export {
   PassArtifactSchema,
   PassMetadataSchema,
   PassSchema,
-  PayCardArtifactSchema,
   PayCollectionInputSchema,
   PaymentClaimSchema,
   PaymentIntentArtifactSchema,
@@ -4914,6 +4881,7 @@ export {
   RECEIPT_CHANNELS,
   RECEIPT_KINDS,
   REPLAY_WINDOW_MS,
+  REVOCATION_LIST_MAX_ENTRIES,
   ReceiptArtifactSchema,
   ReceiptPayloadSchema,
   ReceiptSchema,
@@ -4922,12 +4890,14 @@ export {
   RedemptionSchema,
   RegisterDeviceKeyP256InputSchema,
   ReversalRecordArtifactSchema,
+  RevocationListSchema,
   RevokeDeviceKeyInputSchema,
   SETTLEMENT_SCHEDULES,
   SettleResponseSchema,
   SettlementRecordArtifactSchema,
   SettlementSchema,
   SignedConsumerOACSchema,
+  SignedRevocationListSchema,
   StatementArtifactSchema,
   UpsertMerchantProfileInputSchema,
   UpsertPartnerProfileInputSchema,
@@ -4941,7 +4911,6 @@ export {
   buildConsumerPaymentRequest,
   buildOAC,
   buildPass,
-  buildPayCardSigningInput,
   buildPaymentRequest,
   buildReceipt,
   buildRedemption,
@@ -4976,17 +4945,16 @@ export {
   createPartnerFundingClient,
   createPartnerProfileAdminClient,
   createPassesClient,
-  createPayCardArtifactUri,
   createReceiptArtifactUri,
   createReceiptsClient,
   createSoftwareP256Signer,
   decodeArtifactUri,
   decodeAuthorizationQR,
   decodeBase45,
+  decodeConsumerOacRequest,
   decodeConsumerSettlementReceiptQR,
   decodeOfflineClaimSmsMessage,
   decodeOfflineSmsSettleToken,
-  decodePayCardArtifact,
   decodePaymentRequestQR,
   decodeUnverifiedConsumerOacQR,
   decodeUnverifiedConsumerSettlementReceiptQR,
@@ -5006,19 +4974,19 @@ export {
   generateDynamicQR,
   generateStaticQR,
   init,
-  inspectPayCardFreshness,
   isConsumerOacQR,
   isConsumerPaymentRequestExpired,
   isHardenedArtifactType,
   isKnownArtifactType,
+  isOacRevoked,
   isPassWithinValidity,
-  isPayCardArtifactUri,
   moneyMinorToNumber,
   normalizeE164,
   parseAmountInput,
   parseNQR,
   parseQR,
   readTLV,
+  revocationListSigningPayload,
   routingHint,
   signArtifact,
   signAuthorization,
@@ -5041,11 +5009,11 @@ export {
   verifyOacOffline,
   verifyOfflineSmsSettleToken,
   verifyPass,
-  verifyPayCardArtifact,
   verifyPaymentRequest,
   verifyReceipt,
   verifyRedemption,
   verifyRequestHMAC,
+  verifyRevocationList,
   writeTLV
 };
 //# sourceMappingURL=index.js.map