@odatano/x402 0.3.1 → 0.4.1

package/.github/workflows/test.yaml

@@ -46,4 +46,13 @@ jobs:
         run: npm run build
 
       - name: Run tests
-        run: npm test
+        run: npm run test:coverage
+
+      - name: Upload coverage to Codecov
+        # Only upload once per CI run — pick a single Node version.
+        if: matrix.node == '22.x'
+        uses: codecov/codecov-action@v4
+        with:
+          files: ./coverage/lcov.info
+          token: ${{ secrets.CODECOV_TOKEN }}
+          fail_ci_if_error: false

package/CHANGELOG.md

@@ -4,6 +4,19 @@ All notable changes to `@odatano/x402` are documented here. The format follows [
 
 **Pre-1.0 caveat:** minor versions may include breaking changes until `1.0.0`.
 
+## [0.4.0] - 2026-06-19
+
+### Changed (breaking)
+- **Dropped the direct `@emurgo/cardano-serialization-lib-nodejs` (CSL) dependency.** x402 no longer carries a CBOR/transaction library of its own; all tx parsing and building now go through `@odatano/core`'s Buildooor stack (CSL-free since core `1.8.0`). **The `@odatano/core` peer requirement is now `>=1.9.1`** (was `>=1.7.8`). Upgrade `@odatano/core` in the same step.
+- **`buildUnsignedPaymentTx` now delegates to core's tx-builder.** UTxO selection, change, min-ADA and fee are handled by core (Buildooor `keepRelevant`) instead of x402's own CSL coin-selection. Consequences: the v2 `nonceRef` is now the built tx's first input (was x402's largest-UTxO pick); the validity-range upper bound is derived from a POSIX deadline and read back from the built tx, so `ttlSlot` reflects what the builder set (and may be `null` if unset) rather than a value x402 computed. The result shape (`unsignedTxCborHex`, `txHashHex`, `requiredSignerHex`, `nonceRef`, `inputs`, `ttlSlot`) and the `BuildUnsignedTxArgs` (`buyerBech32`, `requirements`, `ttlSlotsFromNow`) are unchanged. This helper is browser-buyer convenience only; it is not on the facilitator/validation path.
+
+### Added
+- `bech32` runtime dependency, for CSL-free Shelley address introspection (`srv/helpers/address.ts`) used to derive `requiredSignerHex` and validate Base/Enterprise key-cred addresses.
+
+### Internal
+- `srv/core/decode.ts` parses via core's pure `parseTransaction`; `srv/bridge.ts` gained typed `parseTransaction` and `buildUnsignedTransfer` wrappers (single coupling point preserved).
+- Test fixtures (`test/fixtures/{constants,build-tx}.ts`) rebuilt on `@harmoniclabs/buildooor` (dev-only); shared `core-parse-mock` stubs the core barrel down to its pure parser so decode-exercising suites don't load uncompiled `@cds-models` sources. Suite: 317 tests across 25 suites, all green.
+
 ## [0.3.1] - 2026-05-15
 
 ### Fixed
@@ -35,7 +48,7 @@ All notable changes to `@odatano/x402` are documented here. The format follows [
 - `PaymentClaim.payTo` , verified recipient address now populated on the claim (was previously only on the requirements entry). Useful for `onAccepted` audit and receipts.
 
 ### Changed
-- Test count: 177 → 230 (HTTP-server round-trips, multi-accept + dynamic-pricing across `requirements`/`validate`/`verify`/`cap`/`express`, 4 receipts cases, 5 grants cases, 13 client-error cases).
+- Test count: 177 → 236 (HTTP-server round-trips, multi-accept + dynamic-pricing across `requirements`/`validate`/`verify`/`cap`/`express`, 4 receipts cases, 5 grants cases, 13 client-error cases).
 - `srv/middleware/{cap,express}.ts` now emit `accepts[]` via `buildPaymentRequirementsMulti()`; single-entry callers are unaffected (one-entry array produces a body byte-identical to v0.2).
 - `srv/facilitator/verify.ts` decodes the envelope BEFORE selecting a requirements entry; multi-accept depends on knowing which `(payTo, asset)` the tx actually credited.
 

package/LICENSE

@@ -1,21 +1,169 @@
-MIT License
-
-Copyright (c) 2026 ODATANO
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   Copyright [16.05.2026] [Maximilian Weber]

package/README.md

@@ -1,9 +1,12 @@
+![PDATANOX402](datano-x402.png)
 # @odatano/x402
 
-[![npm](https://img.shields.io/npm/v/@odatano/x402?color=cb3837&logo=npm)](https://www.npmjs.com/package/@odatano/x402)
-[![tests](https://github.com/ODATANO/x402/actions/workflows/test.yaml/badge.svg)](https://github.com/ODATANO/x402/actions/workflows/test.yaml)
-[![@odatano/core](https://img.shields.io/github/package-json/dependency-version/ODATANO/x402/peer/@odatano/core?label=%40odatano%2Fcore&color=0e7c66)](https://www.npmjs.com/package/@odatano/core)
-[![spec](https://img.shields.io/badge/Cardano--x402-v2-blueviolet)](https://github.com/masumi-network/x402-cardano)
+[![Tests](https://github.com/ODATANO/x402/actions/workflows/test.yaml/badge.svg)](https://github.com/ODATANO/x402/actions/workflows/test.yaml)
+[![Coverage](https://codecov.io/gh/ODATANO/x402/branch/main/graph/badge.svg)](https://codecov.io/gh/ODATANO/x402)
+[![@odatano/core](https://img.shields.io/badge/@odatano/core-1.9.1-blue)](https://www.npmjs.com/package/@odatano/core)
+[![npm](https://img.shields.io/npm/v/@odatano/x402?color=blue&logo=npm)](https://www.npmjs.com/package/@odatano/x402)
+[![npm downloads](https://img.shields.io/npm/dt/@odatano/x402?logo=npm&label=downloads&color=blue)](https://www.npmjs.com/package/@odatano/x402)
+[![License](https://img.shields.io/badge/license-Apache%202.0-yellow)](LICENSE)
 
 x402 payment gating for SAP CAP applications, backed by Cardano.
 
@@ -17,7 +20,7 @@ Implements the **Cardano-x402-v2** spec on top of [`@odatano/core`](https://www.
 npm install @odatano/x402 @odatano/core
 ```
 
-`@odatano/core` (the Cardano bridge) is a peer dependency. Install whichever version meets `>=1.7.8`.
+`@odatano/core` (the Cardano bridge) is a peer dependency. Install whichever version meets `>=1.9.1`.
 
 ## Quick Start
 
@@ -81,7 +84,7 @@ Configure the Cardano backend in `package.json`:
 
 - Node.js 22+
 - `@sap/cds >= 9` (peer)
-- `@odatano/core >= 1.7.8` (peer)
+- `@odatano/core >= 1.9.1` (peer)
 - `express ^4` (peer), only if you use `x402Middleware`
 - A Cardano backend reachable via `@odatano/core` (Blockfrost / Koios / Ogmios)
 
@@ -90,9 +93,9 @@ Configure the Cardano backend in `package.json`:
 ```bash
 npm install                # Workspace install: covers root + examples/*
 npm run build              # tsc, emits .js/.d.ts next to .ts (outDir: .)
-npm test                   # 177 tests, ~13s
+npm test                   # 232 tests, ~13s
 ```
 
 ## License
 
-Apache-2.0.
+Apache-2.0 (see [LICENSE](LICENSE))

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@odatano/x402",
-  "version": "0.3.1",
+  "version": "0.4.1",
   "description": "x402 Cardano-v2 payment library for SAP CAP applications",
   "license": "Apache-2.0",
   "main": "srv/index.js",
@@ -23,11 +23,11 @@
     "test:coverage": "jest --coverage"
   },
   "dependencies": {
-    "@emurgo/cardano-serialization-lib-nodejs": "^15.0.3"
+    "bech32": "^2.0.0"
   },
   "peerDependencies": {
     "@cap-js/cds-types": ">=0.15",
-    "@odatano/core": ">=1.7.8",
+    "@odatano/core": ">=1.9.1",
     "@sap/cds": ">=9",
     "express": "^4"
   },
@@ -37,10 +37,11 @@
     }
   },
   "devDependencies": {
+    "@harmoniclabs/buildooor": "^0.2.6",
     "@cap-js/cds-typer": "^0.38.0",
     "@cap-js/cds-types": "^0.15.0",
     "@cap-js/sqlite": "^2",
-    "@odatano/core": "^1.7.8",
+    "@odatano/core": "^1.9.1",
     "@odatano/x402": ".",
     "@sap/cds": "^9",
     "@sap/cds-dk": "^9.4.3",
@@ -56,4 +57,4 @@
     "typescript": "^5",
     "typescript-eslint": "^8.59.3"
   }
-}
+}

package/release-0.4.0.md

@@ -0,0 +1,58 @@
+# @odatano/x402 0.4.0
+
+**Drop CSL, route all tx parsing/building through `@odatano/core`.**
+
+x402 no longer carries its own CBOR/transaction library. Both former CSL
+call sites now go through `@odatano/core`'s Buildooor stack (CSL-free since
+core `1.8.0`).
+
+## Highlights
+
+- **`decode.ts`** parses via core's pure `parseTransaction` instead of CSL
+  `Transaction`/`FixedTransaction`. The byte-stable tx hash is preserved.
+- **`buildUnsignedPaymentTx`** delegates UTxO selection, change, min-ADA and
+  fee to core's tx-builder. The v2 `nonceRef` and `ttlSlot` are read back
+  from the built tx rather than computed locally.
+- **New CSL-free Shelley address parser** (`srv/helpers/address.ts`, via
+  `bech32`) derives `requiredSignerHex` and validates Base/Enterprise
+  key-cred addresses.
+- **`bridge.ts`** gains typed `parseTransaction` + `buildUnsignedTransfer`
+  wrappers, keeping the single coupling point to core.
+
+## Breaking changes
+
+- **`@odatano/core` peer requirement raised `>=1.7.8` → `>=1.9.1`.** Upgrade
+  core in the same step.
+- **`buildUnsignedPaymentTx` now uses core's coin-selection.** The nonce is
+  the built tx's first input (was x402's largest-UTxO pick), and `ttlSlot`
+  reflects what the builder set (may be `null`) instead of a value x402
+  computed. The result shape (`unsignedTxCborHex`, `txHashHex`,
+  `requiredSignerHex`, `nonceRef`, `inputs`, `ttlSlot`) and the
+  `BuildUnsignedTxArgs` (`buyerBech32`, `requirements`, `ttlSlotsFromNow`)
+  are unchanged. This helper is browser-buyer convenience only; it is not on
+  the facilitator/validation path.
+
+## Dependencies
+
+- Removed: `@emurgo/cardano-serialization-lib-nodejs` (CSL).
+- Added: `bech32` (runtime), `@harmoniclabs/buildooor` (dev, test fixtures only).
+
+## Internal / tests
+
+- Test fixtures (`test/fixtures/{constants,build-tx}.ts`) rebuilt on
+  `@harmoniclabs/buildooor`. Shared `core-parse-mock` stubs the core barrel
+  down to its pure parser so decode-exercising suites don't load uncompiled
+  `@cds-models` sources.
+- **317 tests across 25 suites pass; `tsc` and `eslint` clean.**
+
+## Upgrade notes
+
+Bump both packages together:
+
+```bash
+npm install @odatano/x402@^0.4.0 @odatano/core@^1.9.1
+```
+
+If you call `buildUnsignedPaymentTx` directly, re-validate the browser-buyer
+signing path on a testnet (preprod): it is the one flow where an external
+wallet re-hashes the tx that core built.

package/srv/bridge.d.ts

@@ -61,5 +61,89 @@ export declare function getCurrentSlot(): Promise<number>;
  * caller's perspective.
  */
 export declare function isUtxoUnspent(txHash: string, outputIndex: number): Promise<boolean>;
-export declare const parseTransaction: ((cborHex: string) => unknown) | undefined;
+/** One output of a parsed tx. `assets[].unit` is `policyId+nameHex`. */
+export interface ParsedTxOutput {
+    address: string;
+    lovelace: string;
+    assets: Array<{
+        unit: string;
+        quantity: string;
+    }>;
+    datumHash: string | null;
+    inlineDatumHex: string | null;
+    referenceScriptHex: string | null;
+}
+/** Structured shape returned by `@odatano/core`'s `parseTransaction`. */
+export interface ParsedTx {
+    txHash: string;
+    network: 'mainnet' | 'testnet' | null;
+    inputs: Array<{
+        txHash: string;
+        outputIndex: number;
+    }>;
+    outputs: ParsedTxOutput[];
+    /** Validity-range lower bound in slots (decimal string) or null. */
+    validityStart: string | null;
+    /** Validity-range upper bound (TTL) in slots (decimal string) or null. */
+    validityEnd: string | null;
+    fee: string;
+    mint: Array<{
+        unit: string;
+        quantity: string;
+    }>;
+    requiredSigners: string[];
+    scriptDataHash: string | null;
+    witnesses: {
+        vkeyCount: number;
+        nativeScripts: number;
+        plutusScripts: number;
+        plutusData: number;
+        redeemers: number;
+    };
+}
+/**
+ * Parse signed-or-unsigned tx CBOR (hex) into structured fields. Pure,
+ * no init / no chain call. Throws `X402Error(INVALID_CBOR)` on malformed
+ * input so callers in the decode path get a precise, surfaceable code.
+ */
+export declare function parseTransaction(cborHex: string): ParsedTx;
+/** Request shape accepted by core's `build{Simple,MultiAsset}Transaction`. */
+export interface CoreTransferReq {
+    /** Buyer's bech32 — UTxO source and default change address. */
+    senderAddress: string;
+    /** Bech32 recipient (`payTo`). */
+    recipientAddress: string;
+    /** Defaults to `senderAddress`. */
+    changeAddress?: string;
+    /** Output ADA in lovelace (decimal string). For token outputs this is the riding min-ADA. */
+    lovelaceAmount: string;
+    /** Native assets on the output. `unit` = `policyId+assetNameHex`. Omit/empty for pure ADA. */
+    assets?: Array<{
+        unit: string;
+        quantity: string;
+    }>;
+    /** Validity-range upper bound as POSIX ms; core converts to a slot. */
+    validityEndMs?: number;
+}
+/** Subset of core's `TxBuildResult` that x402 consumes. */
+export interface CoreTxBuildResult {
+    unsignedTxCbor: string;
+    txBodyHash: string;
+    inputs: Array<{
+        txHash: string;
+        index: number;
+        lovelace: string;
+    }>;
+    outputs: Array<{
+        address: string;
+        lovelace: string;
+    }>;
+    feeLovelace: string;
+}
+/**
+ * Build an unsigned transfer tx via core's Buildooor builder. Routes to
+ * the multi-asset entry point when `assets` is non-empty (it rejects an
+ * empty asset list), otherwise the plain-ADA one.
+ */
+export declare function buildUnsignedTransfer(req: CoreTransferReq): Promise<CoreTxBuildResult>;
 //# sourceMappingURL=bridge.d.ts.map

package/srv/bridge.js

@@ -15,7 +15,6 @@
  * Both are called through directly here; no shim layer remains.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseTransaction = void 0;
 exports.init = init;
 exports.shutdown = shutdown;
 exports.getUtxosAtAddress = getUtxosAtAddress;
@@ -24,6 +23,8 @@ exports.getProtocolParameters = getProtocolParameters;
 exports.submitTransaction = submitTransaction;
 exports.getCurrentSlot = getCurrentSlot;
 exports.isUtxoUnspent = isUtxoUnspent;
+exports.parseTransaction = parseTransaction;
+exports.buildUnsignedTransfer = buildUnsignedTransfer;
 const errors_1 = require("./core/errors");
 // eslint-disable-next-line @typescript-eslint/no-require-imports
 const od = require('@odatano/core');
@@ -143,10 +144,35 @@ async function isUtxoUnspent(txHash, outputIndex) {
     await ensureInit();
     return od.getCardanoClient().isUtxoUnspent(txHash, outputIndex);
 }
-// ─── Re-export pure CBOR utilities (no bridge round-trip) ─────────────
-// parseTransaction is exported from @odatano/core's barrel and runs
-// entirely client-side. Re-export so x402 users don't need a second
-// import for tx introspection. We declare the type loosely (unknown
-// CBOR-parsed shape), consumers cast to ODATANO's `ParsedTransaction`
-// from `@odatano/core` directly if they need the structured fields.
-exports.parseTransaction = od ? od.parseTransaction : undefined;
+const odParseTransaction = od.parseTransaction;
+/**
+ * Parse signed-or-unsigned tx CBOR (hex) into structured fields. Pure,
+ * no init / no chain call. Throws `X402Error(INVALID_CBOR)` on malformed
+ * input so callers in the decode path get a precise, surfaceable code.
+ */
+function parseTransaction(cborHex) {
+    if (typeof odParseTransaction !== 'function') {
+        throw new errors_1.X402Error(errors_1.Codes.BRIDGE_UNAVAILABLE, '@odatano/core does not export parseTransaction (need >= 1.9.1)');
+    }
+    try {
+        return odParseTransaction(cborHex);
+    }
+    catch (err) {
+        throw new errors_1.X402Error(errors_1.Codes.INVALID_CBOR, `transaction CBOR did not decode: ${err?.message ?? err}`);
+    }
+}
+/**
+ * Build an unsigned transfer tx via core's Buildooor builder. Routes to
+ * the multi-asset entry point when `assets` is non-empty (it rejects an
+ * empty asset list), otherwise the plain-ADA one.
+ */
+async function buildUnsignedTransfer(req) {
+    await ensureInit();
+    const builder = od.getCardanoTxBuilder();
+    // Core's builder expects core's own protocol-parameter shape, so source
+    // it from the same client rather than re-deriving it here.
+    const params = await od.getCardanoClient().getProtocolParameters();
+    return req.assets && req.assets.length > 0
+        ? builder.buildMultiAssetTransaction(req, params)
+        : builder.buildSimpleAdaTransaction(req, params);
+}

package/srv/core/decode.js

@@ -17,42 +17,9 @@
  * `DecodedPayment` that downstream `validate.ts` checks against
  * `PaymentRequirementEntry` (the 6 mandatory checks).
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.decode = decode;
-const CSL = __importStar(require("@emurgo/cardano-serialization-lib-nodejs"));
+const bridge_1 = require("../bridge");
 const errors_1 = require("./errors");
 const SUPPORTED_VERSION = 2;
 const SUPPORTED_SCHEME = 'exact';
@@ -68,90 +35,45 @@ function decodeBase64ToBuffer(s, errCode) {
     }
     return buf;
 }
-function extractOutputs(txBody) {
-    const out = txBody.outputs();
-    const result = [];
-    for (let i = 0; i < out.len(); i++) {
-        const o = out.get(i);
-        const addr = o.address().to_bech32();
-        const value = o.amount();
-        const lovelace = value.coin().to_str();
-        const assets = [];
-        const ma = value.multiasset();
-        if (ma) {
-            const policies = ma.keys();
-            for (let p = 0; p < policies.len(); p++) {
-                const policy = policies.get(p);
-                const policyHex = Buffer.from(policy.to_bytes()).toString('hex').toLowerCase();
-                const assetMap = ma.get(policy);
-                if (!assetMap)
-                    continue;
-                const names = assetMap.keys();
-                for (let n = 0; n < names.len(); n++) {
-                    const name = names.get(n);
-                    const nameHex = Buffer.from(name.name()).toString('hex').toLowerCase();
-                    const qty = assetMap.get(name);
-                    if (!qty)
-                        continue;
-                    assets.push({
-                        unit: (policyHex + nameHex),
-                        policyId: policyHex,
-                        assetNameHex: nameHex,
-                        quantity: qty.to_str(),
-                    });
-                }
-            }
-        }
-        result.push({ outputIndex: i, address: addr, lovelace, assets });
-    }
-    return result;
-}
-function extractInputs(txBody) {
-    const ins = txBody.inputs();
-    const result = [];
-    for (let i = 0; i < ins.len(); i++) {
-        const inp = ins.get(i);
-        result.push({
-            txHash: Buffer.from(inp.transaction_id().to_bytes()).toString('hex').toLowerCase(),
-            outputIndex: inp.index(),
+function extractOutputs(outputs) {
+    return outputs.map((o, i) => {
+        const assets = o.assets.map(a => {
+            // core gives `unit` = policyId(56 hex) + assetNameHex; split it back
+            // into the (policyId, assetNameHex) pair x402's validate.ts expects.
+            const unit = a.unit.toLowerCase();
+            return {
+                unit,
+                policyId: unit.slice(0, 56),
+                assetNameHex: unit.slice(56),
+                quantity: a.quantity,
+            };
         });
-    }
-    return result;
+        return { outputIndex: i, address: o.address, lovelace: o.lovelace, assets };
+    });
+}
+function extractInputs(inputs) {
+    return inputs.map(inp => ({
+        txHash: inp.txHash.toLowerCase(),
+        outputIndex: inp.outputIndex,
+    }));
 }
 /**
- * Pull validity range bounds. CSL exposes `ttl()` (upper) since Shelley
- * and `validity_start_interval_bignum()` (lower) since Allegra. Both can
- * be absent, in which case we return null and the TTL check is skipped
- * (per v2 spec: only validate TTL if buyer set one).
+ * Convert core's decimal-string slot bounds to numbers. Both bounds can
+ * be null, in which case the downstream TTL check is skipped (per v2
+ * spec: only validate TTL if the buyer set one). Slots fit comfortably
+ * in a JS number (current preprod ~85M, max safe int 9e15).
  */
-function extractValidityRange(txBody) {
-    let ttlSlot = null;
-    let validityStartSlot = null;
-    try {
-        const ttl = txBody.ttl_bignum();
-        if (ttl) {
-            // BigNum → string → number; slots fit comfortably in JS number
-            // (current preprod ~85M, max safe int 9e15).
-            ttlSlot = Number(ttl.to_str());
-            if (!Number.isFinite(ttlSlot))
-                ttlSlot = null;
-        }
-    }
-    catch {
-        ttlSlot = null;
-    }
-    try {
-        const start = txBody.validity_start_interval_bignum();
-        if (start) {
-            validityStartSlot = Number(start.to_str());
-            if (!Number.isFinite(validityStartSlot))
-                validityStartSlot = null;
-        }
-    }
-    catch {
-        validityStartSlot = null;
-    }
-    return { ttlSlot, validityStartSlot };
+function extractValidityRange(parsed) {
+    const toSlot = (s) => {
+        if (s == null)
+            return null;
+        const n = Number(s);
+        return Number.isFinite(n) ? n : null;
+    };
+    return {
+        ttlSlot: toSlot(parsed.validityEnd),
+        validityStartSlot: toSlot(parsed.validityStart),
+    };
 }
 function parseNonceRef(nonce) {
     const m = NONCE_RE.exec(nonce);
@@ -200,28 +122,17 @@ function decode(paymentHeader) {
     if (typeof payload.nonce !== 'string' || payload.nonce.length === 0) {
         throw new errors_1.X402Error(errors_1.Codes.MISSING_FIELD, 'payload.nonce is required (v2 UTxO-ref)');
     }
-    // 3. Tx CBOR → CSL Transaction (parses both `transaction` and `fixed`
-    //    representation; we need both, Transaction for body access,
-    //    FixedTransaction for byte-stable hash).
+    // 3. Tx CBOR → structured fields via @odatano/core's pure Buildooor
+    //    parser. `parseTransaction` throws X402Error(INVALID_CBOR) on
+    //    malformed input, and its `txHash` (= body.hash) is byte-preserving,
+    //    the property the old CSL `FixedTransaction` path provided.
     const txBuf = decodeBase64ToBuffer(payload.transaction, errors_1.Codes.INVALID_CBOR);
-    let tx;
-    try {
-        tx = CSL.Transaction.from_bytes(txBuf);
-    }
-    catch {
-        throw new errors_1.X402Error(errors_1.Codes.INVALID_CBOR, 'transaction CBOR did not decode');
-    }
+    const txCborHex = txBuf.toString('hex');
+    const parsed = (0, bridge_1.parseTransaction)(txCborHex);
     // 4. Diagnostics
-    const txBody = tx.body();
-    const wits = tx.witness_set();
-    const vkeys = wits.vkeys();
-    const vkeyWitnessCount = vkeys ? vkeys.len() : 0;
-    const txHashBytes = CSL.FixedTransaction
-        .from_bytes(txBuf)
-        .transaction_hash()
-        .to_bytes();
-    const txHash = Buffer.from(txHashBytes).toString('hex').toLowerCase();
-    const validity = extractValidityRange(txBody);
+    const txHash = parsed.txHash.toLowerCase();
+    const vkeyWitnessCount = parsed.witnesses.vkeyCount;
+    const validity = extractValidityRange(parsed);
     const nonce = parseNonceRef(payload.nonce);
     const envelope = {
         x402Version: SUPPORTED_VERSION,
@@ -231,10 +142,10 @@ function decode(paymentHeader) {
     };
     return {
         envelope,
-        txCborHex: Buffer.from(txBuf).toString('hex'),
+        txCborHex,
         txHash,
-        outputs: extractOutputs(txBody),
-        inputs: extractInputs(txBody),
+        outputs: extractOutputs(parsed.outputs),
+        inputs: extractInputs(parsed.inputs),
         vkeyWitnessCount,
         ttlSlot: validity.ttlSlot,
         validityStartSlot: validity.validityStartSlot,

package/srv/helpers/address.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Minimal, CSL-free Shelley address introspection.
+ *
+ * The unsigned-tx builder needs two things from the buyer's bech32
+ * address that the (Buildooor-based) @odatano/core builder doesn't hand
+ * back: the payment-credential VKey hash (returned to the wallet as the
+ * `requiredSignerHex`), and a guard that the address is a Base/Enterprise
+ * key-cred address (script-cred and reward/stake addresses can't sign a
+ * normal spend). Rather than pull in a CBOR/address library, we decode
+ * the bech32 payload and read the 1-byte Shelley header directly.
+ *
+ * Shelley address header (CIP-19): the top nibble is the address type,
+ * the bottom nibble the network id. Payment credential is the 28 bytes
+ * following the header. Payment-cred kind by type:
+ *   0,2 base / 6 enterprise → key hash    (signable)
+ *   1,3 base / 7 enterprise → script hash (not signable)
+ *   4,5 pointer             → unsupported here
+ *   14,15 reward/stake      → not a payment address
+ */
+export interface ParsedPaymentAddress {
+    /** Buyer's payment-credential VKey hash (lowercase hex, 56 chars). */
+    paymentKeyHashHex: string;
+}
+/**
+ * Decode a bech32 Cardano address and extract its payment-credential
+ * VKey hash. Throws (with the same messages the old CSL path used) for
+ * malformed bech32, script-cred payment, or non-payment (reward/pointer)
+ * addresses.
+ */
+export declare function parsePaymentAddress(bech32Addr: string): ParsedPaymentAddress;
+//# sourceMappingURL=address.d.ts.map

package/srv/helpers/address.js

@@ -0,0 +1,57 @@
+"use strict";
+/**
+ * Minimal, CSL-free Shelley address introspection.
+ *
+ * The unsigned-tx builder needs two things from the buyer's bech32
+ * address that the (Buildooor-based) @odatano/core builder doesn't hand
+ * back: the payment-credential VKey hash (returned to the wallet as the
+ * `requiredSignerHex`), and a guard that the address is a Base/Enterprise
+ * key-cred address (script-cred and reward/stake addresses can't sign a
+ * normal spend). Rather than pull in a CBOR/address library, we decode
+ * the bech32 payload and read the 1-byte Shelley header directly.
+ *
+ * Shelley address header (CIP-19): the top nibble is the address type,
+ * the bottom nibble the network id. Payment credential is the 28 bytes
+ * following the header. Payment-cred kind by type:
+ *   0,2 base / 6 enterprise → key hash    (signable)
+ *   1,3 base / 7 enterprise → script hash (not signable)
+ *   4,5 pointer             → unsupported here
+ *   14,15 reward/stake      → not a payment address
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parsePaymentAddress = parsePaymentAddress;
+const bech32_1 = require("bech32");
+const PAYMENT_KEY_HASH_TYPES = new Set([0, 2, 6]); // base-key, base-key/script-stake, enterprise-key
+const SCRIPT_PAYMENT_TYPES = new Set([1, 3, 7]); // base-script*, enterprise-script
+/** Bech32 limit well above Cardano's longest (~103-char mainnet base addr). */
+const BECH32_LIMIT = 1023;
+/**
+ * Decode a bech32 Cardano address and extract its payment-credential
+ * VKey hash. Throws (with the same messages the old CSL path used) for
+ * malformed bech32, script-cred payment, or non-payment (reward/pointer)
+ * addresses.
+ */
+function parsePaymentAddress(bech32Addr) {
+    let bytes;
+    try {
+        const decoded = bech32_1.bech32.decode(bech32Addr, BECH32_LIMIT);
+        bytes = Uint8Array.from(bech32_1.bech32.fromWords(decoded.words));
+    }
+    catch {
+        throw new Error(`buildUnsignedPaymentTx: invalid bech32 address: ${bech32Addr}`);
+    }
+    // header (1 byte) + 28-byte payment credential.
+    if (bytes.length < 29) {
+        throw new Error(`buildUnsignedPaymentTx: invalid bech32 address: ${bech32Addr}`);
+    }
+    const addrType = bytes[0] >> 4;
+    if (SCRIPT_PAYMENT_TYPES.has(addrType)) {
+        throw new Error('buildUnsignedPaymentTx: payment credential must be a VKey hash, not a script');
+    }
+    if (!PAYMENT_KEY_HASH_TYPES.has(addrType)) {
+        // pointer (4,5), reward/stake (14,15), Byron-via-bech32, etc.
+        throw new Error('buildUnsignedPaymentTx: only Base / Enterprise addresses are supported');
+    }
+    const keyHash = bytes.slice(1, 29);
+    return { paymentKeyHashHex: Buffer.from(keyHash).toString('hex') };
+}

package/srv/helpers/build-unsigned-tx.d.ts

@@ -1,26 +1,27 @@
 /**
  * Server-side unsigned payment-tx builder for browser-buyer flows.
  *
- * The browser knows the buyer's bech32 (via CIP-30) but not the
- * signing keys. Replicating CSL coin-selection + protocol-params
- * fetch in the browser would mean shipping ~2 MB of WASM. So we
- * build the unsigned tx server-side, return the CBOR for the
- * wallet to sign, and let the browser submit the signed CBOR as
- * `payload.transaction` in the PAYMENT-SIGNATURE envelope.
+ * The browser knows the buyer's bech32 (via CIP-30) but not the signing
+ * keys, and shipping coin-selection + protocol-params logic to the
+ * browser would mean megabytes of WASM. So we build the unsigned tx
+ * server-side, return the CBOR for the wallet to sign, and let the
+ * browser submit the signed CBOR as `payload.transaction` in the
+ * PAYMENT-SIGNATURE envelope.
  *
- * Diff vs v1 of CHAINFEED's same-named helper:
- *   - Asset-agnostic, parses requirements.asset as a v2 string
- *     (`'lovelace'` or `'<policy>.<nameHex>'`).
- *   - Returns `nonceRef` alongside the unsigned CBOR, the server
- *     picks one of the buyer's chosen inputs as the v2 nonce UTxO,
- *     so the browser doesn't have to reason about it.
+ * The build itself (UTxO fetch, coin selection, change, min-ADA, fee) is
+ * delegated wholesale to `@odatano/core`'s Buildooor builder via
+ * `bridge.buildUnsignedTransfer`, x402 owns no tx-construction library.
+ * We add only the two x402-specific pieces core doesn't:
+ *   - the `requiredSignerHex` (buyer's payment-cred VKey hash), parsed
+ *     from the bech32 address (see `./address`);
+ *   - the v2 `nonceRef`, read back from the built tx's first input so it
+ *     is guaranteed to reference a UTxO the tx actually spends.
  *
- * **x402-spec deviation:** strict v2 has the buyer construct the
- * tx end-to-end. This helper is a "self-facilitator" pattern: the
- * server builds, the buyer signs, the server still validates the
- * signed tx against requirements before settling. Same security
- * model (the buyer's signature still authorises the spend), easier
- * browser ergonomics.
+ * **x402-spec deviation:** strict v2 has the buyer construct the tx
+ * end-to-end. This is the "self-facilitator" pattern: the server builds,
+ * the buyer signs, the server still validates the signed tx against
+ * requirements before settling. Same security model (the buyer's
+ * signature still authorises the spend), easier browser ergonomics.
  */
 import type { PaymentRequirementEntry } from '../core/types';
 export interface BuildUnsignedTxArgs {
@@ -29,7 +30,7 @@ export interface BuildUnsignedTxArgs {
     /** A single accepts[] entry, call `flatRequirements(body)` to extract. */
     requirements: PaymentRequirementEntry;
     /**
-     * Optional TTL in slots from "now" (= current chain tip slot).
+     * Optional TTL in slots from "now" (= current chain tip).
      * Default 1800 (≈30 min on Cardano's 1s-slot networks).
      */
     ttlSlotsFromNow?: number;
@@ -41,16 +42,16 @@ export interface UnsignedTxResult {
     txHashHex: string;
     /** Buyer's payment-cred VKey hash, wallet must sign for this. */
     requiredSignerHex: string;
-    /** v2 nonce reference `<txHash>#<index>`, picked from the buyer's chosen inputs. */
+    /** v2 nonce reference `<txHash>#<index>`, the tx's first spent input. */
     nonceRef: string;
-    /** Echo of the inputs chosen so the buyer's UI can show "spends these UTxOs". */
+    /** Echo of the inputs the builder selected so the buyer's UI can show "spends these UTxOs". */
     inputs: Array<{
         txHash: string;
         outputIndex: number;
         lovelace: string;
     }>;
-    /** TTL slot used for the validity-range upper bound. */
-    ttlSlot: number;
+    /** TTL slot used for the validity-range upper bound (as set by the builder). */
+    ttlSlot: number | null;
 }
 export declare function buildUnsignedPaymentTx(args: BuildUnsignedTxArgs): Promise<UnsignedTxResult>;
 //# sourceMappingURL=build-unsigned-tx.d.ts.map

package/srv/helpers/build-unsigned-tx.js

@@ -2,26 +2,27 @@
 /**
  * Server-side unsigned payment-tx builder for browser-buyer flows.
  *
- * The browser knows the buyer's bech32 (via CIP-30) but not the
- * signing keys. Replicating CSL coin-selection + protocol-params
- * fetch in the browser would mean shipping ~2 MB of WASM. So we
- * build the unsigned tx server-side, return the CBOR for the
- * wallet to sign, and let the browser submit the signed CBOR as
- * `payload.transaction` in the PAYMENT-SIGNATURE envelope.
+ * The browser knows the buyer's bech32 (via CIP-30) but not the signing
+ * keys, and shipping coin-selection + protocol-params logic to the
+ * browser would mean megabytes of WASM. So we build the unsigned tx
+ * server-side, return the CBOR for the wallet to sign, and let the
+ * browser submit the signed CBOR as `payload.transaction` in the
+ * PAYMENT-SIGNATURE envelope.
  *
- * Diff vs v1 of CHAINFEED's same-named helper:
- *   - Asset-agnostic, parses requirements.asset as a v2 string
- *     (`'lovelace'` or `'<policy>.<nameHex>'`).
- *   - Returns `nonceRef` alongside the unsigned CBOR, the server
- *     picks one of the buyer's chosen inputs as the v2 nonce UTxO,
- *     so the browser doesn't have to reason about it.
+ * The build itself (UTxO fetch, coin selection, change, min-ADA, fee) is
+ * delegated wholesale to `@odatano/core`'s Buildooor builder via
+ * `bridge.buildUnsignedTransfer`, x402 owns no tx-construction library.
+ * We add only the two x402-specific pieces core doesn't:
+ *   - the `requiredSignerHex` (buyer's payment-cred VKey hash), parsed
+ *     from the bech32 address (see `./address`);
+ *   - the v2 `nonceRef`, read back from the built tx's first input so it
+ *     is guaranteed to reference a UTxO the tx actually spends.
  *
- * **x402-spec deviation:** strict v2 has the buyer construct the
- * tx end-to-end. This helper is a "self-facilitator" pattern: the
- * server builds, the buyer signs, the server still validates the
- * signed tx against requirements before settling. Same security
- * model (the buyer's signature still authorises the spend), easier
- * browser ergonomics.
+ * **x402-spec deviation:** strict v2 has the buyer construct the tx
+ * end-to-end. This is the "self-facilitator" pattern: the server builds,
+ * the buyer signs, the server still validates the signed tx against
+ * requirements before settling. Same security model (the buyer's
+ * signature still authorises the spend), easier browser ergonomics.
  */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
@@ -58,146 +59,60 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.buildUnsignedPaymentTx = buildUnsignedPaymentTx;
-const CSL = __importStar(require("@emurgo/cardano-serialization-lib-nodejs"));
 const bridge = __importStar(require("../bridge"));
 const asset_1 = require("../core/asset");
+const address_1 = require("./address");
+/** ADA (lovelace) attached to a native-asset output to satisfy min-ADA. */
+const TOKEN_OUTPUT_LOVELACE = 2000000n;
+/** Cardano networks run 1-second slots, so TTL slots ≈ TTL seconds. */
+const SLOT_MS = 1000;
 async function buildUnsignedPaymentTx(args) {
     const { buyerBech32, requirements } = args;
-    // 1. Decode buyer address; derive payment-cred VKey hash.
-    let buyerAddress;
-    try {
-        buyerAddress = CSL.Address.from_bech32(buyerBech32);
-    }
-    catch {
-        throw new Error(`buildUnsignedPaymentTx: invalid bech32 address: ${buyerBech32}`);
-    }
-    const baseAddr = CSL.BaseAddress.from_address(buyerAddress);
-    const enterpriseAddr = CSL.EnterpriseAddress.from_address(buyerAddress);
-    const paymentCred = baseAddr?.payment_cred() ?? enterpriseAddr?.payment_cred();
-    if (!paymentCred) {
-        throw new Error('buildUnsignedPaymentTx: only Base / Enterprise addresses are supported');
-    }
-    const buyerVkeyHash = paymentCred.to_keyhash();
-    if (!buyerVkeyHash) {
-        throw new Error('buildUnsignedPaymentTx: payment credential must be a VKey hash, not a script');
-    }
-    const requiredSignerHex = Buffer.from(buyerVkeyHash.to_bytes()).toString('hex');
-    // 2. Fetch buyer UTxOs + protocol params + current slot in parallel.
-    const [utxos, params, currentSlot] = await Promise.all([
-        bridge.getUtxosAtAddress(buyerBech32),
-        bridge.getProtocolParameters(),
-        bridge.getCurrentSlot(),
-    ]);
-    if (utxos.length === 0) {
-        throw new Error(`buildUnsignedPaymentTx: no UTxOs at ${buyerBech32}`);
-    }
-    // 3. Pick the input(s) for coin-selection.
-    //    Strategy:
-    //      - If lovelace asset: pick largest-ADA UTxO; add second-largest as padding if first < 3 ADA.
-    //      - If native asset:   pick largest-ADA UTxO that ALSO holds enough of the asset;
-    //                           add padding the same way.
+    // 1. Validate the buyer address shape and derive the required signer.
+    //    Throws for bad bech32 / script-cred / non-payment addresses.
+    const { paymentKeyHashHex } = (0, address_1.parsePaymentAddress)(buyerBech32);
+    // 2. Translate the v2 requirement into a core transfer request.
     const parsedAsset = (0, asset_1.parseAsset)(requirements.asset);
     const required = BigInt(requirements.amount);
-    const sortedByAda = [...utxos].sort((a, b) => (BigInt(b.lovelace) - BigInt(a.lovelace) > 0n ? 1 : -1));
-    let inputs;
-    if (parsedAsset.isLovelace) {
-        // ADA payment: largest UTxO must cover required + fees + min-ADA change.
-        // Heuristic: required + 2_000_000 (≈2 ADA fee+change headroom).
-        const headroom = required + 2000000n;
-        const ok = sortedByAda.find(u => BigInt(u.lovelace) >= headroom);
-        if (!ok) {
-            throw new Error(`buildUnsignedPaymentTx: no UTxO at ${buyerBech32} with ≥ ${headroom} lovelace`);
-        }
-        inputs = [ok];
-    }
-    else {
-        const candidates = sortedByAda.filter(u => u.assets.some(a => a.unit === parsedAsset.unit && BigInt(a.quantity) >= required));
-        if (candidates.length === 0) {
-            throw new Error(`buildUnsignedPaymentTx: no UTxO at ${buyerBech32} holds ≥ ${required} of ${parsedAsset.unit}`);
+    const validityEndMs = Date.now() + (args.ttlSlotsFromNow ?? 1800) * SLOT_MS;
+    const req = parsedAsset.isLovelace
+        ? {
+            senderAddress: buyerBech32,
+            recipientAddress: requirements.payTo,
+            changeAddress: buyerBech32,
+            lovelaceAmount: required.toString(),
+            validityEndMs,
         }
-        const tokenInput = candidates[0];
-        inputs = [tokenInput];
-        if (BigInt(tokenInput.lovelace) < 3000000n) {
-            const padding = sortedByAda.find(u => u !== tokenInput);
-            if (!padding) {
-                throw new Error('buildUnsignedPaymentTx: no second UTxO available to fund fees');
-            }
-            inputs.push(padding);
-        }
-    }
-    // 4. Configure CSL TransactionBuilder from live protocol params.
-    const builder = CSL.TransactionBuilder.new(CSL.TransactionBuilderConfigBuilder.new()
-        .fee_algo(CSL.LinearFee.new(CSL.BigNum.from_str(String(params.minFeeA)), CSL.BigNum.from_str(String(params.minFeeB))))
-        .pool_deposit(CSL.BigNum.from_str(String(params.poolDeposit)))
-        .key_deposit(CSL.BigNum.from_str(String(params.keyDeposit)))
-        .max_value_size(Number(params.maxValSize))
-        .max_tx_size(Number(params.maxTxSize))
-        .coins_per_utxo_byte(CSL.BigNum.from_str(String(params.coinsPerUtxoSize)))
-        .build());
-    // 5. Wire inputs (preserve full multi-asset payload).
-    for (const u of inputs) {
-        const inMa = CSL.MultiAsset.new();
-        const byPolicy = new Map();
-        for (const a of u.assets) {
-            const arr = byPolicy.get(a.policyId) ?? [];
-            arr.push({ name: a.assetNameHex, qty: a.quantity });
-            byPolicy.set(a.policyId, arr);
-        }
-        for (const [policyHex, items] of byPolicy) {
-            const policyHash = CSL.ScriptHash.from_bytes(Buffer.from(policyHex, 'hex'));
-            const assetMap = CSL.Assets.new();
-            for (const { name, qty } of items) {
-                assetMap.insert(CSL.AssetName.new(Buffer.from(name, 'hex')), CSL.BigNum.from_str(qty));
-            }
-            inMa.insert(policyHash, assetMap);
-        }
-        const inV = CSL.Value.new(CSL.BigNum.from_str(u.lovelace));
-        if (u.assets.length)
-            inV.set_multiasset(inMa);
-        builder.add_key_input(buyerVkeyHash, CSL.TransactionInput.new(CSL.TransactionHash.from_bytes(Buffer.from(u.txHash, 'hex')), u.outputIndex), inV);
-    }
-    // 6. Output to payTo.
-    const payToAddr = CSL.Address.from_bech32(requirements.payTo);
-    let payOut;
-    if (parsedAsset.isLovelace) {
-        const v = CSL.Value.new(CSL.BigNum.from_str(required.toString()));
-        payOut = CSL.TransactionOutput.new(payToAddr, v);
-    }
-    else {
-        const payOutMa = CSL.MultiAsset.new();
-        const payAssets = CSL.Assets.new();
-        const policyHash = CSL.ScriptHash.from_bytes(Buffer.from(parsedAsset.policyId, 'hex'));
-        payAssets.insert(CSL.AssetName.new(Buffer.from(parsedAsset.assetNameHex, 'hex')), CSL.BigNum.from_str(required.toString()));
-        payOutMa.insert(policyHash, payAssets);
-        const payOutV = CSL.Value.new(CSL.BigNum.from_str('0'));
-        payOutV.set_multiasset(payOutMa);
-        const provisional = CSL.TransactionOutput.new(payToAddr, payOutV);
-        const minAda = CSL.min_ada_for_output(provisional, CSL.DataCost.new_coins_per_byte(CSL.BigNum.from_str(String(params.coinsPerUtxoSize))));
-        payOutV.set_coin(minAda);
-        payOut = CSL.TransactionOutput.new(payToAddr, payOutV);
+        : {
+            senderAddress: buyerBech32,
+            recipientAddress: requirements.payTo,
+            changeAddress: buyerBech32,
+            // Native-asset output rides a fixed min-ADA; change reconciles the rest.
+            lovelaceAmount: TOKEN_OUTPUT_LOVELACE.toString(),
+            assets: [{ unit: parsedAsset.unit, quantity: required.toString() }],
+            validityEndMs,
+        };
+    // 3. Delegate the build (UTxO fetch + coin selection + change + fee).
+    const result = await bridge.buildUnsignedTransfer(req);
+    // 4. Read the built tx back to recover the v2 nonce (first spent input,
+    //    guaranteed present) and the TTL slot the builder actually set.
+    const parsed = bridge.parseTransaction(result.unsignedTxCbor);
+    const nonceInput = parsed.inputs[0];
+    if (!nonceInput) {
+        throw new Error('buildUnsignedPaymentTx: builder produced a tx with no inputs');
     }
-    builder.add_output(payOut);
-    // 7. TTL (slot of upper bound). Default 1800 slots ≈ 30 min.
-    const ttlSlot = currentSlot + (args.ttlSlotsFromNow ?? 1800);
-    builder.set_ttl_bignum(CSL.BigNum.from_str(String(ttlSlot)));
-    // 8. Change to buyer.
-    builder.add_change_if_needed(buyerAddress);
-    // 9. Build body, compute hash, return unsigned tx.
-    const txBody = builder.build();
-    const txHash = CSL.FixedTransaction.new_from_body_bytes(txBody.to_bytes()).transaction_hash();
-    const emptyWits = CSL.TransactionWitnessSet.new();
-    const unsigned = CSL.Transaction.new(txBody, emptyWits);
-    // Pick the first input as the v2 nonce UTxO.
-    // It MUST appear in tx.inputs (which it does by construction) and be
-    // unspent (which it is, we just queried it from the buyer's UTxO set).
-    const nonceInput = inputs[0];
     const nonceRef = `${nonceInput.txHash}#${nonceInput.outputIndex}`;
+    const ttlSlot = parsed.validityEnd != null ? Number(parsed.validityEnd) : null;
     return {
-        unsignedTxCborHex: Buffer.from(unsigned.to_bytes()).toString('hex'),
-        txHashHex: Buffer.from(txHash.to_bytes()).toString('hex').toLowerCase(),
-        requiredSignerHex,
+        unsignedTxCborHex: result.unsignedTxCbor,
+        txHashHex: result.txBodyHash.toLowerCase(),
+        requiredSignerHex: paymentKeyHashHex,
         nonceRef,
-        inputs: inputs.map(i => ({ txHash: i.txHash, outputIndex: i.outputIndex, lovelace: i.lovelace })),
+        inputs: result.inputs.map(i => ({
+            txHash: i.txHash,
+            outputIndex: i.index,
+            lovelace: i.lovelace,
+        })),
         ttlSlot,
     };
 }