@opendatalabs/vana-sdk 3.4.1 → 3.5.1-pr.159.2d90789

package/dist/direct/escrow-payment.js

@@ -0,0 +1,72 @@
+import {
+  GENERIC_PAYMENT_TYPES,
+  NATIVE_ASSET_ADDRESS,
+  genericPaymentDomain
+} from "../protocol/escrow.js";
+const GRANT_OP_TYPE = "grant";
+function toDirectFeeBreakdown(breakdown) {
+  return {
+    registrationFee: breakdown.registrationFee,
+    dataAccessFee: breakdown.dataAccessFee,
+    registrationPaid: breakdown.registrationPaid
+  };
+}
+function toDirectPaymentReceipt(result) {
+  return {
+    opType: result.opType,
+    opId: result.opId,
+    asset: result.asset,
+    amount: result.amount,
+    paymentNonce: result.paymentNonce,
+    breakdown: toDirectFeeBreakdown(result.breakdown),
+    paidAt: result.paidAt
+  };
+}
+function createDefaultNonceSource() {
+  const counters = /* @__PURE__ */ new Map();
+  return (payerAddress) => {
+    const key = payerAddress.toLowerCase();
+    const next = (counters.get(key) ?? 0n) + 1n;
+    counters.set(key, next);
+    return next;
+  };
+}
+async function authorizeGrantPayment(params) {
+  const { payerAddress, required, config } = params;
+  const nonceSource = config.nonceSource ?? createDefaultNonceSource();
+  const paymentNonce = BigInt(await nonceSource(payerAddress));
+  const asset = required.asset || NATIVE_ASSET_ADDRESS;
+  const opId = required.grantId;
+  const amount = BigInt(required.amount);
+  const signature = await config.signTypedData({
+    domain: genericPaymentDomain(config.chainId, config.escrowContract),
+    types: GENERIC_PAYMENT_TYPES,
+    primaryType: "GenericPayment",
+    message: {
+      payerAddress,
+      opType: GRANT_OP_TYPE,
+      opId,
+      asset,
+      amount,
+      paymentNonce
+    }
+  });
+  const result = await config.client.payForOp({
+    payerAddress,
+    opType: GRANT_OP_TYPE,
+    opId,
+    asset,
+    amount: amount.toString(),
+    paymentNonce: paymentNonce.toString(),
+    signature
+  });
+  return toDirectPaymentReceipt(result);
+}
+export {
+  GRANT_OP_TYPE,
+  authorizeGrantPayment,
+  createDefaultNonceSource,
+  toDirectFeeBreakdown,
+  toDirectPaymentReceipt
+};
+//# sourceMappingURL=escrow-payment.js.map

package/dist/direct/escrow-payment.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/direct/escrow-payment.ts"],"sourcesContent":["/**\n * Escrow-backed payment authorization for the Direct Data Controller.\n *\n * @remarks\n * Builds on the DPv2 escrow surface added in `protocol/escrow`. When a Personal\n * Server read returns `402 Payment Required`, the controller settles the\n * grant's data-access fee through the escrow gateway:\n *\n *  1. Sign a `GenericPayment` EIP-712 message (op `\"grant\"`, opId = grantId)\n *     with the app key.\n *  2. POST it to the gateway's `/v1/escrow/pay` via {@link EscrowGatewayClient}.\n *  3. Map the gateway's {@link EscrowPayResult} into a typed\n *     {@link DirectPaymentReceipt} for the caller to inspect.\n *\n * This module adapts the escrow `payForOp` flow to the direct-read use case; it\n * does not define its own payment scheme.\n *\n * @category Direct\n * @module direct/escrow-payment\n */\n\nimport {\n  GENERIC_PAYMENT_TYPES,\n  NATIVE_ASSET_ADDRESS,\n  genericPaymentDomain,\n  type EscrowGatewayClient,\n  type EscrowPayResult,\n  type PaymentBreakdown,\n} from \"../protocol/escrow\";\nimport type {\n  DirectFeeBreakdown,\n  DirectPaymentReceipt,\n  PersonalServerPaymentRequired,\n} from \"./types\";\n\n/** The escrow `GenericPayment.opType` used for grant-lifecycle payments. */\nexport const GRANT_OP_TYPE = \"grant\" as const;\n\n/**\n * EIP-712 typed-data signer (e.g. viem `account.signTypedData`).\n *\n * @remarks\n * Kept structurally minimal so any viem account/wallet client satisfies it\n * without the SDK depending on viem's exact `signTypedData` overload set.\n */\nexport type SignTypedDataFn = (args: {\n  domain: ReturnType<typeof genericPaymentDomain>;\n  types: typeof GENERIC_PAYMENT_TYPES;\n  primaryType: \"GenericPayment\";\n  message: {\n    payerAddress: `0x${string}`;\n    opType: string;\n    opId: `0x${string}`;\n    asset: `0x${string}`;\n    amount: bigint;\n    paymentNonce: bigint;\n  };\n}) => Promise<`0x${string}`>;\n\n/** Supplies a monotonically-increasing payment nonce per payer. */\nexport type PaymentNonceSource = (\n  payerAddress: string,\n) => Promise<bigint> | bigint;\n\n/** Escrow settlement configuration for the controller. */\nexport interface EscrowPaymentConfig {\n  /** Client for the gateway escrow endpoints (`/v1/escrow/*`). */\n  client: EscrowGatewayClient;\n  /** Deployed `DataPortabilityEscrow` contract address. */\n  escrowContract: `0x${string}`;\n  /** Chain id for the EIP-712 domain (1480 mainnet, 14800 moksha). */\n  chainId: number;\n  /** App EIP-712 signer. */\n  signTypedData: SignTypedDataFn;\n  /**\n   * Supplies the next payment nonce for a payer. Defaults to a process-local\n   * monotonic counter seeded at 1. Provide a durable source in production so\n   * nonces survive restarts (the gateway rejects reused (payer, nonce) pairs).\n   */\n  nonceSource?: PaymentNonceSource;\n}\n\n/** Map the gateway {@link PaymentBreakdown} into the public {@link DirectFeeBreakdown}. */\nexport function toDirectFeeBreakdown(\n  breakdown: PaymentBreakdown,\n): DirectFeeBreakdown {\n  return {\n    registrationFee: breakdown.registrationFee,\n    dataAccessFee: breakdown.dataAccessFee,\n    registrationPaid: breakdown.registrationPaid,\n  };\n}\n\n/** Map a gateway {@link EscrowPayResult} into the public {@link DirectPaymentReceipt}. */\nexport function toDirectPaymentReceipt(\n  result: EscrowPayResult,\n): DirectPaymentReceipt {\n  return {\n    opType: result.opType,\n    opId: result.opId,\n    asset: result.asset,\n    amount: result.amount,\n    paymentNonce: result.paymentNonce,\n    breakdown: toDirectFeeBreakdown(result.breakdown),\n    paidAt: result.paidAt,\n  };\n}\n\n/** Default in-process monotonic nonce counter (seeded at 1 per payer). */\nexport function createDefaultNonceSource(): PaymentNonceSource {\n  const counters = new Map<string, bigint>();\n  return (payerAddress: string): bigint => {\n    const key = payerAddress.toLowerCase();\n    const next = (counters.get(key) ?? 0n) + 1n;\n    counters.set(key, next);\n    return next;\n  };\n}\n\n/**\n * Authorize an escrow payment for a grant data-access fee.\n *\n * @param params - The payment requirement, the payer address, and escrow config.\n * @returns The gateway's {@link EscrowPayResult} as a typed\n * {@link DirectPaymentReceipt}.\n */\nexport async function authorizeGrantPayment(params: {\n  payerAddress: `0x${string}`;\n  required: PersonalServerPaymentRequired;\n  config: EscrowPaymentConfig;\n}): Promise<DirectPaymentReceipt> {\n  const { payerAddress, required, config } = params;\n  const nonceSource = config.nonceSource ?? createDefaultNonceSource();\n  const paymentNonce = BigInt(await nonceSource(payerAddress));\n  const asset = (required.asset || NATIVE_ASSET_ADDRESS) as `0x${string}`;\n  const opId = required.grantId as `0x${string}`;\n  const amount = BigInt(required.amount);\n\n  const signature = await config.signTypedData({\n    domain: genericPaymentDomain(config.chainId, config.escrowContract),\n    types: GENERIC_PAYMENT_TYPES,\n    primaryType: \"GenericPayment\",\n    message: {\n      payerAddress,\n      opType: GRANT_OP_TYPE,\n      opId,\n      asset,\n      amount,\n      paymentNonce,\n    },\n  });\n\n  const result = await config.client.payForOp({\n    payerAddress,\n    opType: GRANT_OP_TYPE,\n    opId,\n    asset,\n    amount: amount.toString(),\n    paymentNonce: paymentNonce.toString(),\n    signature,\n  });\n\n  return toDirectPaymentReceipt(result);\n}\n"],"mappings":"AAqBA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OAIK;AAQA,MAAM,gBAAgB;AA+CtB,SAAS,qBACd,WACoB;AACpB,SAAO;AAAA,IACL,iBAAiB,UAAU;AAAA,IAC3B,eAAe,UAAU;AAAA,IACzB,kBAAkB,UAAU;AAAA,EAC9B;AACF;AAGO,SAAS,uBACd,QACsB;AACtB,SAAO;AAAA,IACL,QAAQ,OAAO;AAAA,IACf,MAAM,OAAO;AAAA,IACb,OAAO,OAAO;AAAA,IACd,QAAQ,OAAO;AAAA,IACf,cAAc,OAAO;AAAA,IACrB,WAAW,qBAAqB,OAAO,SAAS;AAAA,IAChD,QAAQ,OAAO;AAAA,EACjB;AACF;AAGO,SAAS,2BAA+C;AAC7D,QAAM,WAAW,oBAAI,IAAoB;AACzC,SAAO,CAAC,iBAAiC;AACvC,UAAM,MAAM,aAAa,YAAY;AACrC,UAAM,QAAQ,SAAS,IAAI,GAAG,KAAK,MAAM;AACzC,aAAS,IAAI,KAAK,IAAI;AACtB,WAAO;AAAA,EACT;AACF;AASA,eAAsB,sBAAsB,QAIV;AAChC,QAAM,EAAE,cAAc,UAAU,OAAO,IAAI;AAC3C,QAAM,cAAc,OAAO,eAAe,yBAAyB;AACnE,QAAM,eAAe,OAAO,MAAM,YAAY,YAAY,CAAC;AAC3D,QAAM,QAAS,SAAS,SAAS;AACjC,QAAM,OAAO,SAAS;AACtB,QAAM,SAAS,OAAO,SAAS,MAAM;AAErC,QAAM,YAAY,MAAM,OAAO,cAAc;AAAA,IAC3C,QAAQ,qBAAqB,OAAO,SAAS,OAAO,cAAc;AAAA,IAClE,OAAO;AAAA,IACP,aAAa;AAAA,IACb,SAAS;AAAA,MACP;AAAA,MACA,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF,CAAC;AAED,QAAM,SAAS,MAAM,OAAO,OAAO,SAAS;AAAA,IAC1C;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA,QAAQ,OAAO,SAAS;AAAA,IACxB,cAAc,aAAa,SAAS;AAAA,IACpC;AAAA,EACF,CAAC;AAED,SAAO,uBAAuB,MAAM;AACtC;","names":[]}

package/dist/direct/escrow-payment.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/direct/personal-server-read.cjs

@@ -0,0 +1,149 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var personal_server_read_exports = {};
+__export(personal_server_read_exports, {
+  buildPersonalServerDataReadRequest: () => buildPersonalServerDataReadRequest,
+  dataPathForScope: () => dataPathForScope,
+  parsePersonalServerPaymentRequired: () => parsePersonalServerPaymentRequired,
+  readPersonalServerData: () => readPersonalServerData
+});
+module.exports = __toCommonJS(personal_server_read_exports);
+var import_web3_signed_builder = require("../auth/web3-signed-builder");
+var import_escrow = require("../protocol/escrow");
+var import_escrow_payment = require("./escrow-payment");
+var import_errors = require("./errors");
+function stripTrailingSlash(url) {
+  return url.replace(/\/+$/, "");
+}
+function dataPathForScope(scope) {
+  return `/v1/data/${encodeURIComponent(scope)}`;
+}
+async function buildPersonalServerDataReadRequest(params) {
+  const base = stripTrailingSlash(params.personalServerUrl);
+  const path = dataPathForScope(params.scope);
+  const authorization = await (0, import_web3_signed_builder.buildWeb3SignedHeader)({
+    signMessage: params.signMessage,
+    aud: base,
+    method: "GET",
+    uri: path,
+    grantId: params.grantId
+  });
+  const headers = {
+    Authorization: authorization,
+    Accept: "application/json"
+  };
+  return { url: `${base}${path}`, method: "GET", path, headers };
+}
+async function parsePersonalServerPaymentRequired(res, grantId) {
+  let raw = void 0;
+  try {
+    raw = await res.json();
+  } catch {
+    raw = void 0;
+  }
+  const body = raw ?? {};
+  const resolvedGrantId = typeof body.grantId === "string" ? body.grantId : typeof body.opId === "string" ? body.opId : grantId;
+  const amountValue = typeof body.amount === "string" ? body.amount : typeof body.maxAmountRequired === "string" ? body.maxAmountRequired : "0";
+  return {
+    grantId: resolvedGrantId,
+    asset: typeof body.asset === "string" ? body.asset : import_escrow.NATIVE_ASSET_ADDRESS,
+    amount: amountValue,
+    raw
+  };
+}
+async function readPersonalServerData(params) {
+  const fetchFn = params.fetchFn ?? globalThis.fetch;
+  if (!fetchFn) {
+    throw new import_errors.PersonalServerReadError(
+      "No fetch implementation available for Personal Server read"
+    );
+  }
+  const initial = await buildPersonalServerDataReadRequest({
+    personalServerUrl: params.personalServerUrl,
+    scope: params.scope,
+    grantId: params.grantId,
+    signMessage: params.signMessage
+  });
+  let res = await fetchFn(initial.url, {
+    method: initial.method,
+    headers: initial.headers
+  });
+  let payment;
+  if (res.status === 402) {
+    const required = await parsePersonalServerPaymentRequired(
+      res,
+      params.grantId
+    );
+    if (!params.escrow) {
+      throw new import_errors.PaymentRequiredError(
+        "Personal Server requires payment but no escrow config is set",
+        {
+          scope: params.scope,
+          grantId: required.grantId,
+          asset: required.asset,
+          amount: required.amount
+        }
+      );
+    }
+    payment = await (0, import_escrow_payment.authorizeGrantPayment)({
+      payerAddress: params.payerAddress,
+      required,
+      config: params.escrow
+    });
+    const retry = await buildPersonalServerDataReadRequest({
+      personalServerUrl: params.personalServerUrl,
+      scope: params.scope,
+      grantId: params.grantId,
+      signMessage: params.signMessage
+    });
+    res = await fetchFn(retry.url, {
+      method: retry.method,
+      headers: retry.headers
+    });
+    if (res.status === 402) {
+      throw new import_errors.PaymentRequiredError(
+        "Personal Server still requires payment after escrow settlement",
+        {
+          scope: params.scope,
+          grantId: required.grantId,
+          asset: required.asset,
+          amount: required.amount,
+          payment
+        }
+      );
+    }
+  }
+  if (!res.ok) {
+    const detail = await res.text().catch(() => "");
+    throw new import_errors.PersonalServerReadError(
+      `Personal Server read failed: ${res.status} ${res.statusText}`,
+      res.status,
+      { scope: params.scope, body: detail.slice(0, 500) }
+    );
+  }
+  return { data: await res.json(), payment };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  buildPersonalServerDataReadRequest,
+  dataPathForScope,
+  parsePersonalServerPaymentRequired,
+  readPersonalServerData
+});
+//# sourceMappingURL=personal-server-read.cjs.map

package/dist/direct/personal-server-read.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/direct/personal-server-read.ts"],"sourcesContent":["/**\n * Personal Server data-read request builder and the 402 -> escrow-pay -> retry loop.\n *\n * @remarks\n * The read targets the Personal Server data path (`/v1/data/{scope}`),\n * authenticates with a Web3Signed header (built on {@link buildWeb3SignedHeader}),\n * and — on `402 Payment Required` — settles the grant's data-access fee through\n * the DPv2 escrow gateway and retries once.\n *\n * The 402 body is parsed into a {@link PersonalServerPaymentRequired} (grant id,\n * asset, and amount owed), which drives the escrow settlement.\n *\n * @category Direct\n * @module direct/personal-server-read\n */\n\nimport { buildWeb3SignedHeader } from \"../auth/web3-signed-builder\";\nimport type { Web3SignedSignFn } from \"../auth/web3-signed-builder\";\nimport { NATIVE_ASSET_ADDRESS } from \"../protocol/escrow\";\nimport {\n  authorizeGrantPayment,\n  type EscrowPaymentConfig,\n} from \"./escrow-payment\";\nimport { PaymentRequiredError, PersonalServerReadError } from \"./errors\";\nimport type {\n  DirectPaymentReceipt,\n  PersonalServerPaymentRequired,\n} from \"./types\";\n\n/** Minimal `Response`-like shape so the read loop is testable without a DOM. */\nexport interface FetchResponseLike {\n  ok: boolean;\n  status: number;\n  statusText: string;\n  headers: { get(name: string): string | null };\n  json(): Promise<unknown>;\n  text(): Promise<string>;\n}\n\n/** Minimal `fetch` signature accepted by {@link readPersonalServerData}. */\nexport type PersonalServerFetch = (\n  input: string,\n  init: {\n    method: string;\n    headers: Record<string, string>;\n  },\n) => Promise<FetchResponseLike>;\n\n/** A built, ready-to-send Personal Server data read request. */\nexport interface PersonalServerDataReadRequest {\n  /** Absolute URL of the read endpoint. */\n  url: string;\n  /** HTTP method (always `\"GET\"`). */\n  method: \"GET\";\n  /** Request path used in the Web3Signed `uri` claim (e.g. `/v1/data/{scope}`). */\n  path: string;\n  /** Headers including the Web3Signed `Authorization` value. */\n  headers: Record<string, string>;\n}\n\n/** Outcome of {@link readPersonalServerData}: the payload plus optional receipt. */\nexport interface PersonalServerReadResult {\n  /** The decoded JSON payload returned by the Personal Server. */\n  data: unknown;\n  /** Present only when this read required (and settled) a payment. */\n  payment?: DirectPaymentReceipt;\n}\n\nfunction stripTrailingSlash(url: string): string {\n  return url.replace(/\\/+$/, \"\");\n}\n\n/** Compute the data path for a scope (`/v1/data/{scope}`). */\nexport function dataPathForScope(scope: string): string {\n  return `/v1/data/${encodeURIComponent(scope)}`;\n}\n\n/**\n * Build a Web3Signed-authenticated Personal Server data read request.\n *\n * @param params - Personal Server URL, scope, grant id, and an EIP-191 signer.\n * @returns The request URL, method, path, and headers (including `Authorization`).\n */\nexport async function buildPersonalServerDataReadRequest(params: {\n  /** Base URL of the user's Personal Server. */\n  personalServerUrl: string;\n  /** Scope to read (e.g. `\"icloud_notes.notes\"`). */\n  scope: string;\n  /** Grant id authorizing the read. */\n  grantId: string;\n  /** EIP-191 signer for the Web3Signed header (the app key). */\n  signMessage: Web3SignedSignFn;\n}): Promise<PersonalServerDataReadRequest> {\n  const base = stripTrailingSlash(params.personalServerUrl);\n  const path = dataPathForScope(params.scope);\n  const authorization = await buildWeb3SignedHeader({\n    signMessage: params.signMessage,\n    aud: base,\n    method: \"GET\",\n    uri: path,\n    grantId: params.grantId,\n  });\n  const headers: Record<string, string> = {\n    Authorization: authorization,\n    Accept: \"application/json\",\n  };\n  return { url: `${base}${path}`, method: \"GET\", path, headers };\n}\n\n/**\n * Parse a `402 Payment Required` body into a {@link PersonalServerPaymentRequired}.\n *\n * @remarks\n * Accepts a few field spellings and falls back to the read's own grantId and the\n * native asset when a field is absent.\n *\n * @param res - The 402 response.\n * @param grantId - The grant id of the read (default `opId`).\n * @returns The parsed payment requirement.\n */\nexport async function parsePersonalServerPaymentRequired(\n  res: FetchResponseLike,\n  grantId: string,\n): Promise<PersonalServerPaymentRequired> {\n  let raw: unknown = undefined;\n  try {\n    raw = await res.json();\n  } catch {\n    raw = undefined;\n  }\n  const body = (raw ?? {}) as {\n    grantId?: unknown;\n    opId?: unknown;\n    asset?: unknown;\n    amount?: unknown;\n    maxAmountRequired?: unknown;\n  };\n  const resolvedGrantId =\n    typeof body.grantId === \"string\"\n      ? body.grantId\n      : typeof body.opId === \"string\"\n        ? body.opId\n        : grantId;\n  const amountValue =\n    typeof body.amount === \"string\"\n      ? body.amount\n      : typeof body.maxAmountRequired === \"string\"\n        ? body.maxAmountRequired\n        : \"0\";\n  return {\n    grantId: resolvedGrantId,\n    asset: typeof body.asset === \"string\" ? body.asset : NATIVE_ASSET_ADDRESS,\n    amount: amountValue,\n    raw,\n  };\n}\n\n/**\n * Read approved data from a Personal Server, settling a 402 via escrow.\n *\n * @remarks\n * Sends a Web3Signed-authenticated `GET /v1/data/{scope}`. On `402`, parses what\n * is owed, authorizes an escrow payment for the grant via `escrow`, and retries\n * once. If escrow is not configured, throws {@link PaymentRequiredError} carrying\n * the parsed requirement so callers can debug amount/asset.\n *\n * @param params - Connection details, app signer, optional escrow config and fetch.\n * @returns `{ data, payment? }`.\n */\nexport async function readPersonalServerData(params: {\n  personalServerUrl: string;\n  scope: string;\n  grantId: string;\n  payerAddress: `0x${string}`;\n  signMessage: Web3SignedSignFn;\n  escrow?: EscrowPaymentConfig;\n  fetchFn?: PersonalServerFetch;\n}): Promise<PersonalServerReadResult> {\n  const fetchFn =\n    params.fetchFn ?? (globalThis.fetch as unknown as PersonalServerFetch);\n  if (!fetchFn) {\n    throw new PersonalServerReadError(\n      \"No fetch implementation available for Personal Server read\",\n    );\n  }\n\n  const initial = await buildPersonalServerDataReadRequest({\n    personalServerUrl: params.personalServerUrl,\n    scope: params.scope,\n    grantId: params.grantId,\n    signMessage: params.signMessage,\n  });\n\n  let res = await fetchFn(initial.url, {\n    method: initial.method,\n    headers: initial.headers,\n  });\n\n  let payment: DirectPaymentReceipt | undefined;\n\n  if (res.status === 402) {\n    const required = await parsePersonalServerPaymentRequired(\n      res,\n      params.grantId,\n    );\n    if (!params.escrow) {\n      throw new PaymentRequiredError(\n        \"Personal Server requires payment but no escrow config is set\",\n        {\n          scope: params.scope,\n          grantId: required.grantId,\n          asset: required.asset,\n          amount: required.amount,\n        },\n      );\n    }\n\n    payment = await authorizeGrantPayment({\n      payerAddress: params.payerAddress,\n      required,\n      config: params.escrow,\n    });\n\n    // Re-sign and retry — the settled payment unlocks the read.\n    const retry = await buildPersonalServerDataReadRequest({\n      personalServerUrl: params.personalServerUrl,\n      scope: params.scope,\n      grantId: params.grantId,\n      signMessage: params.signMessage,\n    });\n    res = await fetchFn(retry.url, {\n      method: retry.method,\n      headers: retry.headers,\n    });\n\n    if (res.status === 402) {\n      throw new PaymentRequiredError(\n        \"Personal Server still requires payment after escrow settlement\",\n        {\n          scope: params.scope,\n          grantId: required.grantId,\n          asset: required.asset,\n          amount: required.amount,\n          payment,\n        },\n      );\n    }\n  }\n\n  if (!res.ok) {\n    const detail = await res.text().catch(() => \"\");\n    throw new PersonalServerReadError(\n      `Personal Server read failed: ${res.status} ${res.statusText}`,\n      res.status,\n      { scope: params.scope, body: detail.slice(0, 500) },\n    );\n  }\n\n  return { data: await res.json(), payment };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBA,iCAAsC;AAEtC,oBAAqC;AACrC,4BAGO;AACP,oBAA8D;AA6C9D,SAAS,mBAAmB,KAAqB;AAC/C,SAAO,IAAI,QAAQ,QAAQ,EAAE;AAC/B;AAGO,SAAS,iBAAiB,OAAuB;AACtD,SAAO,YAAY,mBAAmB,KAAK,CAAC;AAC9C;AAQA,eAAsB,mCAAmC,QASd;AACzC,QAAM,OAAO,mBAAmB,OAAO,iBAAiB;AACxD,QAAM,OAAO,iBAAiB,OAAO,KAAK;AAC1C,QAAM,gBAAgB,UAAM,kDAAsB;AAAA,IAChD,aAAa,OAAO;AAAA,IACpB,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,SAAS,OAAO;AAAA,EAClB,CAAC;AACD,QAAM,UAAkC;AAAA,IACtC,eAAe;AAAA,IACf,QAAQ;AAAA,EACV;AACA,SAAO,EAAE,KAAK,GAAG,IAAI,GAAG,IAAI,IAAI,QAAQ,OAAO,MAAM,QAAQ;AAC/D;AAaA,eAAsB,mCACpB,KACA,SACwC;AACxC,MAAI,MAAe;AACnB,MAAI;AACF,UAAM,MAAM,IAAI,KAAK;AAAA,EACvB,QAAQ;AACN,UAAM;AAAA,EACR;AACA,QAAM,OAAQ,OAAO,CAAC;AAOtB,QAAM,kBACJ,OAAO,KAAK,YAAY,WACpB,KAAK,UACL,OAAO,KAAK,SAAS,WACnB,KAAK,OACL;AACR,QAAM,cACJ,OAAO,KAAK,WAAW,WACnB,KAAK,SACL,OAAO,KAAK,sBAAsB,WAChC,KAAK,oBACL;AACR,SAAO;AAAA,IACL,SAAS;AAAA,IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;AAAA,IACrD,QAAQ;AAAA,IACR;AAAA,EACF;AACF;AAcA,eAAsB,uBAAuB,QAQP;AACpC,QAAM,UACJ,OAAO,WAAY,WAAW;AAChC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,QAAM,UAAU,MAAM,mCAAmC;AAAA,IACvD,mBAAmB,OAAO;AAAA,IAC1B,OAAO,OAAO;AAAA,IACd,SAAS,OAAO;AAAA,IAChB,aAAa,OAAO;AAAA,EACtB,CAAC;AAED,MAAI,MAAM,MAAM,QAAQ,QAAQ,KAAK;AAAA,IACnC,QAAQ,QAAQ;AAAA,IAChB,SAAS,QAAQ;AAAA,EACnB,CAAC;AAED,MAAI;AAEJ,MAAI,IAAI,WAAW,KAAK;AACtB,UAAM,WAAW,MAAM;AAAA,MACrB;AAAA,MACA,OAAO;AAAA,IACT;AACA,QAAI,CAAC,OAAO,QAAQ;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,QACA;AAAA,UACE,OAAO,OAAO;AAAA,UACd,SAAS,SAAS;AAAA,UAClB,OAAO,SAAS;AAAA,UAChB,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAEA,cAAU,UAAM,6CAAsB;AAAA,MACpC,cAAc,OAAO;AAAA,MACrB;AAAA,MACA,QAAQ,OAAO;AAAA,IACjB,CAAC;AAGD,UAAM,QAAQ,MAAM,mCAAmC;AAAA,MACrD,mBAAmB,OAAO;AAAA,MAC1B,OAAO,OAAO;AAAA,MACd,SAAS,OAAO;AAAA,MAChB,aAAa,OAAO;AAAA,IACtB,CAAC;AACD,UAAM,MAAM,QAAQ,MAAM,KAAK;AAAA,MAC7B,QAAQ,MAAM;AAAA,MACd,SAAS,MAAM;AAAA,IACjB,CAAC;AAED,QAAI,IAAI,WAAW,KAAK;AACtB,YAAM,IAAI;AAAA,QACR;AAAA,QACA;AAAA,UACE,OAAO,OAAO;AAAA,UACd,SAAS,SAAS;AAAA,UAClB,OAAO,SAAS;AAAA,UAChB,QAAQ,SAAS;AAAA,UACjB;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,SAAS,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC9C,UAAM,IAAI;AAAA,MACR,gCAAgC,IAAI,MAAM,IAAI,IAAI,UAAU;AAAA,MAC5D,IAAI;AAAA,MACJ,EAAE,OAAO,OAAO,OAAO,MAAM,OAAO,MAAM,GAAG,GAAG,EAAE;AAAA,IACpD;AAAA,EACF;AAEA,SAAO,EAAE,MAAM,MAAM,IAAI,KAAK,GAAG,QAAQ;AAC3C;","names":[]}

package/dist/direct/personal-server-read.d.ts

@@ -0,0 +1,103 @@
+/**
+ * Personal Server data-read request builder and the 402 -> escrow-pay -> retry loop.
+ *
+ * @remarks
+ * The read targets the Personal Server data path (`/v1/data/{scope}`),
+ * authenticates with a Web3Signed header (built on {@link buildWeb3SignedHeader}),
+ * and — on `402 Payment Required` — settles the grant's data-access fee through
+ * the DPv2 escrow gateway and retries once.
+ *
+ * The 402 body is parsed into a {@link PersonalServerPaymentRequired} (grant id,
+ * asset, and amount owed), which drives the escrow settlement.
+ *
+ * @category Direct
+ * @module direct/personal-server-read
+ */
+import type { Web3SignedSignFn } from "../auth/web3-signed-builder";
+import { type EscrowPaymentConfig } from "./escrow-payment";
+import type { DirectPaymentReceipt, PersonalServerPaymentRequired } from "./types";
+/** Minimal `Response`-like shape so the read loop is testable without a DOM. */
+export interface FetchResponseLike {
+    ok: boolean;
+    status: number;
+    statusText: string;
+    headers: {
+        get(name: string): string | null;
+    };
+    json(): Promise<unknown>;
+    text(): Promise<string>;
+}
+/** Minimal `fetch` signature accepted by {@link readPersonalServerData}. */
+export type PersonalServerFetch = (input: string, init: {
+    method: string;
+    headers: Record<string, string>;
+}) => Promise<FetchResponseLike>;
+/** A built, ready-to-send Personal Server data read request. */
+export interface PersonalServerDataReadRequest {
+    /** Absolute URL of the read endpoint. */
+    url: string;
+    /** HTTP method (always `"GET"`). */
+    method: "GET";
+    /** Request path used in the Web3Signed `uri` claim (e.g. `/v1/data/{scope}`). */
+    path: string;
+    /** Headers including the Web3Signed `Authorization` value. */
+    headers: Record<string, string>;
+}
+/** Outcome of {@link readPersonalServerData}: the payload plus optional receipt. */
+export interface PersonalServerReadResult {
+    /** The decoded JSON payload returned by the Personal Server. */
+    data: unknown;
+    /** Present only when this read required (and settled) a payment. */
+    payment?: DirectPaymentReceipt;
+}
+/** Compute the data path for a scope (`/v1/data/{scope}`). */
+export declare function dataPathForScope(scope: string): string;
+/**
+ * Build a Web3Signed-authenticated Personal Server data read request.
+ *
+ * @param params - Personal Server URL, scope, grant id, and an EIP-191 signer.
+ * @returns The request URL, method, path, and headers (including `Authorization`).
+ */
+export declare function buildPersonalServerDataReadRequest(params: {
+    /** Base URL of the user's Personal Server. */
+    personalServerUrl: string;
+    /** Scope to read (e.g. `"icloud_notes.notes"`). */
+    scope: string;
+    /** Grant id authorizing the read. */
+    grantId: string;
+    /** EIP-191 signer for the Web3Signed header (the app key). */
+    signMessage: Web3SignedSignFn;
+}): Promise<PersonalServerDataReadRequest>;
+/**
+ * Parse a `402 Payment Required` body into a {@link PersonalServerPaymentRequired}.
+ *
+ * @remarks
+ * Accepts a few field spellings and falls back to the read's own grantId and the
+ * native asset when a field is absent.
+ *
+ * @param res - The 402 response.
+ * @param grantId - The grant id of the read (default `opId`).
+ * @returns The parsed payment requirement.
+ */
+export declare function parsePersonalServerPaymentRequired(res: FetchResponseLike, grantId: string): Promise<PersonalServerPaymentRequired>;
+/**
+ * Read approved data from a Personal Server, settling a 402 via escrow.
+ *
+ * @remarks
+ * Sends a Web3Signed-authenticated `GET /v1/data/{scope}`. On `402`, parses what
+ * is owed, authorizes an escrow payment for the grant via `escrow`, and retries
+ * once. If escrow is not configured, throws {@link PaymentRequiredError} carrying
+ * the parsed requirement so callers can debug amount/asset.
+ *
+ * @param params - Connection details, app signer, optional escrow config and fetch.
+ * @returns `{ data, payment? }`.
+ */
+export declare function readPersonalServerData(params: {
+    personalServerUrl: string;
+    scope: string;
+    grantId: string;
+    payerAddress: `0x${string}`;
+    signMessage: Web3SignedSignFn;
+    escrow?: EscrowPaymentConfig;
+    fetchFn?: PersonalServerFetch;
+}): Promise<PersonalServerReadResult>;

package/dist/direct/personal-server-read.js

@@ -0,0 +1,124 @@
+import { buildWeb3SignedHeader } from "../auth/web3-signed-builder.js";
+import { NATIVE_ASSET_ADDRESS } from "../protocol/escrow.js";
+import {
+  authorizeGrantPayment
+} from "./escrow-payment.js";
+import { PaymentRequiredError, PersonalServerReadError } from "./errors.js";
+function stripTrailingSlash(url) {
+  return url.replace(/\/+$/, "");
+}
+function dataPathForScope(scope) {
+  return `/v1/data/${encodeURIComponent(scope)}`;
+}
+async function buildPersonalServerDataReadRequest(params) {
+  const base = stripTrailingSlash(params.personalServerUrl);
+  const path = dataPathForScope(params.scope);
+  const authorization = await buildWeb3SignedHeader({
+    signMessage: params.signMessage,
+    aud: base,
+    method: "GET",
+    uri: path,
+    grantId: params.grantId
+  });
+  const headers = {
+    Authorization: authorization,
+    Accept: "application/json"
+  };
+  return { url: `${base}${path}`, method: "GET", path, headers };
+}
+async function parsePersonalServerPaymentRequired(res, grantId) {
+  let raw = void 0;
+  try {
+    raw = await res.json();
+  } catch {
+    raw = void 0;
+  }
+  const body = raw ?? {};
+  const resolvedGrantId = typeof body.grantId === "string" ? body.grantId : typeof body.opId === "string" ? body.opId : grantId;
+  const amountValue = typeof body.amount === "string" ? body.amount : typeof body.maxAmountRequired === "string" ? body.maxAmountRequired : "0";
+  return {
+    grantId: resolvedGrantId,
+    asset: typeof body.asset === "string" ? body.asset : NATIVE_ASSET_ADDRESS,
+    amount: amountValue,
+    raw
+  };
+}
+async function readPersonalServerData(params) {
+  const fetchFn = params.fetchFn ?? globalThis.fetch;
+  if (!fetchFn) {
+    throw new PersonalServerReadError(
+      "No fetch implementation available for Personal Server read"
+    );
+  }
+  const initial = await buildPersonalServerDataReadRequest({
+    personalServerUrl: params.personalServerUrl,
+    scope: params.scope,
+    grantId: params.grantId,
+    signMessage: params.signMessage
+  });
+  let res = await fetchFn(initial.url, {
+    method: initial.method,
+    headers: initial.headers
+  });
+  let payment;
+  if (res.status === 402) {
+    const required = await parsePersonalServerPaymentRequired(
+      res,
+      params.grantId
+    );
+    if (!params.escrow) {
+      throw new PaymentRequiredError(
+        "Personal Server requires payment but no escrow config is set",
+        {
+          scope: params.scope,
+          grantId: required.grantId,
+          asset: required.asset,
+          amount: required.amount
+        }
+      );
+    }
+    payment = await authorizeGrantPayment({
+      payerAddress: params.payerAddress,
+      required,
+      config: params.escrow
+    });
+    const retry = await buildPersonalServerDataReadRequest({
+      personalServerUrl: params.personalServerUrl,
+      scope: params.scope,
+      grantId: params.grantId,
+      signMessage: params.signMessage
+    });
+    res = await fetchFn(retry.url, {
+      method: retry.method,
+      headers: retry.headers
+    });
+    if (res.status === 402) {
+      throw new PaymentRequiredError(
+        "Personal Server still requires payment after escrow settlement",
+        {
+          scope: params.scope,
+          grantId: required.grantId,
+          asset: required.asset,
+          amount: required.amount,
+          payment
+        }
+      );
+    }
+  }
+  if (!res.ok) {
+    const detail = await res.text().catch(() => "");
+    throw new PersonalServerReadError(
+      `Personal Server read failed: ${res.status} ${res.statusText}`,
+      res.status,
+      { scope: params.scope, body: detail.slice(0, 500) }
+    );
+  }
+  return { data: await res.json(), payment };
+}
+export {
+  buildPersonalServerDataReadRequest,
+  dataPathForScope,
+  parsePersonalServerPaymentRequired,
+  readPersonalServerData
+};
+//# sourceMappingURL=personal-server-read.js.map

package/dist/direct/personal-server-read.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/direct/personal-server-read.ts"],"sourcesContent":["/**\n * Personal Server data-read request builder and the 402 -> escrow-pay -> retry loop.\n *\n * @remarks\n * The read targets the Personal Server data path (`/v1/data/{scope}`),\n * authenticates with a Web3Signed header (built on {@link buildWeb3SignedHeader}),\n * and — on `402 Payment Required` — settles the grant's data-access fee through\n * the DPv2 escrow gateway and retries once.\n *\n * The 402 body is parsed into a {@link PersonalServerPaymentRequired} (grant id,\n * asset, and amount owed), which drives the escrow settlement.\n *\n * @category Direct\n * @module direct/personal-server-read\n */\n\nimport { buildWeb3SignedHeader } from \"../auth/web3-signed-builder\";\nimport type { Web3SignedSignFn } from \"../auth/web3-signed-builder\";\nimport { NATIVE_ASSET_ADDRESS } from \"../protocol/escrow\";\nimport {\n  authorizeGrantPayment,\n  type EscrowPaymentConfig,\n} from \"./escrow-payment\";\nimport { PaymentRequiredError, PersonalServerReadError } from \"./errors\";\nimport type {\n  DirectPaymentReceipt,\n  PersonalServerPaymentRequired,\n} from \"./types\";\n\n/** Minimal `Response`-like shape so the read loop is testable without a DOM. */\nexport interface FetchResponseLike {\n  ok: boolean;\n  status: number;\n  statusText: string;\n  headers: { get(name: string): string | null };\n  json(): Promise<unknown>;\n  text(): Promise<string>;\n}\n\n/** Minimal `fetch` signature accepted by {@link readPersonalServerData}. */\nexport type PersonalServerFetch = (\n  input: string,\n  init: {\n    method: string;\n    headers: Record<string, string>;\n  },\n) => Promise<FetchResponseLike>;\n\n/** A built, ready-to-send Personal Server data read request. */\nexport interface PersonalServerDataReadRequest {\n  /** Absolute URL of the read endpoint. */\n  url: string;\n  /** HTTP method (always `\"GET\"`). */\n  method: \"GET\";\n  /** Request path used in the Web3Signed `uri` claim (e.g. `/v1/data/{scope}`). */\n  path: string;\n  /** Headers including the Web3Signed `Authorization` value. */\n  headers: Record<string, string>;\n}\n\n/** Outcome of {@link readPersonalServerData}: the payload plus optional receipt. */\nexport interface PersonalServerReadResult {\n  /** The decoded JSON payload returned by the Personal Server. */\n  data: unknown;\n  /** Present only when this read required (and settled) a payment. */\n  payment?: DirectPaymentReceipt;\n}\n\nfunction stripTrailingSlash(url: string): string {\n  return url.replace(/\\/+$/, \"\");\n}\n\n/** Compute the data path for a scope (`/v1/data/{scope}`). */\nexport function dataPathForScope(scope: string): string {\n  return `/v1/data/${encodeURIComponent(scope)}`;\n}\n\n/**\n * Build a Web3Signed-authenticated Personal Server data read request.\n *\n * @param params - Personal Server URL, scope, grant id, and an EIP-191 signer.\n * @returns The request URL, method, path, and headers (including `Authorization`).\n */\nexport async function buildPersonalServerDataReadRequest(params: {\n  /** Base URL of the user's Personal Server. */\n  personalServerUrl: string;\n  /** Scope to read (e.g. `\"icloud_notes.notes\"`). */\n  scope: string;\n  /** Grant id authorizing the read. */\n  grantId: string;\n  /** EIP-191 signer for the Web3Signed header (the app key). */\n  signMessage: Web3SignedSignFn;\n}): Promise<PersonalServerDataReadRequest> {\n  const base = stripTrailingSlash(params.personalServerUrl);\n  const path = dataPathForScope(params.scope);\n  const authorization = await buildWeb3SignedHeader({\n    signMessage: params.signMessage,\n    aud: base,\n    method: \"GET\",\n    uri: path,\n    grantId: params.grantId,\n  });\n  const headers: Record<string, string> = {\n    Authorization: authorization,\n    Accept: \"application/json\",\n  };\n  return { url: `${base}${path}`, method: \"GET\", path, headers };\n}\n\n/**\n * Parse a `402 Payment Required` body into a {@link PersonalServerPaymentRequired}.\n *\n * @remarks\n * Accepts a few field spellings and falls back to the read's own grantId and the\n * native asset when a field is absent.\n *\n * @param res - The 402 response.\n * @param grantId - The grant id of the read (default `opId`).\n * @returns The parsed payment requirement.\n */\nexport async function parsePersonalServerPaymentRequired(\n  res: FetchResponseLike,\n  grantId: string,\n): Promise<PersonalServerPaymentRequired> {\n  let raw: unknown = undefined;\n  try {\n    raw = await res.json();\n  } catch {\n    raw = undefined;\n  }\n  const body = (raw ?? {}) as {\n    grantId?: unknown;\n    opId?: unknown;\n    asset?: unknown;\n    amount?: unknown;\n    maxAmountRequired?: unknown;\n  };\n  const resolvedGrantId =\n    typeof body.grantId === \"string\"\n      ? body.grantId\n      : typeof body.opId === \"string\"\n        ? body.opId\n        : grantId;\n  const amountValue =\n    typeof body.amount === \"string\"\n      ? body.amount\n      : typeof body.maxAmountRequired === \"string\"\n        ? body.maxAmountRequired\n        : \"0\";\n  return {\n    grantId: resolvedGrantId,\n    asset: typeof body.asset === \"string\" ? body.asset : NATIVE_ASSET_ADDRESS,\n    amount: amountValue,\n    raw,\n  };\n}\n\n/**\n * Read approved data from a Personal Server, settling a 402 via escrow.\n *\n * @remarks\n * Sends a Web3Signed-authenticated `GET /v1/data/{scope}`. On `402`, parses what\n * is owed, authorizes an escrow payment for the grant via `escrow`, and retries\n * once. If escrow is not configured, throws {@link PaymentRequiredError} carrying\n * the parsed requirement so callers can debug amount/asset.\n *\n * @param params - Connection details, app signer, optional escrow config and fetch.\n * @returns `{ data, payment? }`.\n */\nexport async function readPersonalServerData(params: {\n  personalServerUrl: string;\n  scope: string;\n  grantId: string;\n  payerAddress: `0x${string}`;\n  signMessage: Web3SignedSignFn;\n  escrow?: EscrowPaymentConfig;\n  fetchFn?: PersonalServerFetch;\n}): Promise<PersonalServerReadResult> {\n  const fetchFn =\n    params.fetchFn ?? (globalThis.fetch as unknown as PersonalServerFetch);\n  if (!fetchFn) {\n    throw new PersonalServerReadError(\n      \"No fetch implementation available for Personal Server read\",\n    );\n  }\n\n  const initial = await buildPersonalServerDataReadRequest({\n    personalServerUrl: params.personalServerUrl,\n    scope: params.scope,\n    grantId: params.grantId,\n    signMessage: params.signMessage,\n  });\n\n  let res = await fetchFn(initial.url, {\n    method: initial.method,\n    headers: initial.headers,\n  });\n\n  let payment: DirectPaymentReceipt | undefined;\n\n  if (res.status === 402) {\n    const required = await parsePersonalServerPaymentRequired(\n      res,\n      params.grantId,\n    );\n    if (!params.escrow) {\n      throw new PaymentRequiredError(\n        \"Personal Server requires payment but no escrow config is set\",\n        {\n          scope: params.scope,\n          grantId: required.grantId,\n          asset: required.asset,\n          amount: required.amount,\n        },\n      );\n    }\n\n    payment = await authorizeGrantPayment({\n      payerAddress: params.payerAddress,\n      required,\n      config: params.escrow,\n    });\n\n    // Re-sign and retry — the settled payment unlocks the read.\n    const retry = await buildPersonalServerDataReadRequest({\n      personalServerUrl: params.personalServerUrl,\n      scope: params.scope,\n      grantId: params.grantId,\n      signMessage: params.signMessage,\n    });\n    res = await fetchFn(retry.url, {\n      method: retry.method,\n      headers: retry.headers,\n    });\n\n    if (res.status === 402) {\n      throw new PaymentRequiredError(\n        \"Personal Server still requires payment after escrow settlement\",\n        {\n          scope: params.scope,\n          grantId: required.grantId,\n          asset: required.asset,\n          amount: required.amount,\n          payment,\n        },\n      );\n    }\n  }\n\n  if (!res.ok) {\n    const detail = await res.text().catch(() => \"\");\n    throw new PersonalServerReadError(\n      `Personal Server read failed: ${res.status} ${res.statusText}`,\n      res.status,\n      { scope: params.scope, body: detail.slice(0, 500) },\n    );\n  }\n\n  return { data: await res.json(), payment };\n}\n"],"mappings":"AAgBA,SAAS,6BAA6B;AAEtC,SAAS,4BAA4B;AACrC;AAAA,EACE;AAAA,OAEK;AACP,SAAS,sBAAsB,+BAA+B;AA6C9D,SAAS,mBAAmB,KAAqB;AAC/C,SAAO,IAAI,QAAQ,QAAQ,EAAE;AAC/B;AAGO,SAAS,iBAAiB,OAAuB;AACtD,SAAO,YAAY,mBAAmB,KAAK,CAAC;AAC9C;AAQA,eAAsB,mCAAmC,QASd;AACzC,QAAM,OAAO,mBAAmB,OAAO,iBAAiB;AACxD,QAAM,OAAO,iBAAiB,OAAO,KAAK;AAC1C,QAAM,gBAAgB,MAAM,sBAAsB;AAAA,IAChD,aAAa,OAAO;AAAA,IACpB,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,SAAS,OAAO;AAAA,EAClB,CAAC;AACD,QAAM,UAAkC;AAAA,IACtC,eAAe;AAAA,IACf,QAAQ;AAAA,EACV;AACA,SAAO,EAAE,KAAK,GAAG,IAAI,GAAG,IAAI,IAAI,QAAQ,OAAO,MAAM,QAAQ;AAC/D;AAaA,eAAsB,mCACpB,KACA,SACwC;AACxC,MAAI,MAAe;AACnB,MAAI;AACF,UAAM,MAAM,IAAI,KAAK;AAAA,EACvB,QAAQ;AACN,UAAM;AAAA,EACR;AACA,QAAM,OAAQ,OAAO,CAAC;AAOtB,QAAM,kBACJ,OAAO,KAAK,YAAY,WACpB,KAAK,UACL,OAAO,KAAK,SAAS,WACnB,KAAK,OACL;AACR,QAAM,cACJ,OAAO,KAAK,WAAW,WACnB,KAAK,SACL,OAAO,KAAK,sBAAsB,WAChC,KAAK,oBACL;AACR,SAAO;AAAA,IACL,SAAS;AAAA,IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;AAAA,IACrD,QAAQ;AAAA,IACR;AAAA,EACF;AACF;AAcA,eAAsB,uBAAuB,QAQP;AACpC,QAAM,UACJ,OAAO,WAAY,WAAW;AAChC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,QAAM,UAAU,MAAM,mCAAmC;AAAA,IACvD,mBAAmB,OAAO;AAAA,IAC1B,OAAO,OAAO;AAAA,IACd,SAAS,OAAO;AAAA,IAChB,aAAa,OAAO;AAAA,EACtB,CAAC;AAED,MAAI,MAAM,MAAM,QAAQ,QAAQ,KAAK;AAAA,IACnC,QAAQ,QAAQ;AAAA,IAChB,SAAS,QAAQ;AAAA,EACnB,CAAC;AAED,MAAI;AAEJ,MAAI,IAAI,WAAW,KAAK;AACtB,UAAM,WAAW,MAAM;AAAA,MACrB;AAAA,MACA,OAAO;AAAA,IACT;AACA,QAAI,CAAC,OAAO,QAAQ;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,QACA;AAAA,UACE,OAAO,OAAO;AAAA,UACd,SAAS,SAAS;AAAA,UAClB,OAAO,SAAS;AAAA,UAChB,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAEA,cAAU,MAAM,sBAAsB;AAAA,MACpC,cAAc,OAAO;AAAA,MACrB;AAAA,MACA,QAAQ,OAAO;AAAA,IACjB,CAAC;AAGD,UAAM,QAAQ,MAAM,mCAAmC;AAAA,MACrD,mBAAmB,OAAO;AAAA,MAC1B,OAAO,OAAO;AAAA,MACd,SAAS,OAAO;AAAA,MAChB,aAAa,OAAO;AAAA,IACtB,CAAC;AACD,UAAM,MAAM,QAAQ,MAAM,KAAK;AAAA,MAC7B,QAAQ,MAAM;AAAA,MACd,SAAS,MAAM;AAAA,IACjB,CAAC;AAED,QAAI,IAAI,WAAW,KAAK;AACtB,YAAM,IAAI;AAAA,QACR;AAAA,QACA;AAAA,UACE,OAAO,OAAO;AAAA,UACd,SAAS,SAAS;AAAA,UAClB,OAAO,SAAS;AAAA,UAChB,QAAQ,SAAS;AAAA,UACjB;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,SAAS,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC9C,UAAM,IAAI;AAAA,MACR,gCAAgC,IAAI,MAAM,IAAI,IAAI,UAAU;AAAA,MAC5D,IAAI;AAAA,MACJ,EAAE,OAAO,OAAO,OAAO,MAAM,OAAO,MAAM,GAAG,GAAG,EAAE;AAAA,IACpD;AAAA,EACF;AAEA,SAAO,EAAE,MAAM,MAAM,IAAI,KAAK,GAAG,QAAQ;AAC3C;","names":[]}

package/dist/direct/personal-server-read.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/direct/types.cjs

@@ -0,0 +1,35 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var types_exports = {};
+__export(types_exports, {
+  DirectOpType: () => DirectOpType
+});
+module.exports = __toCommonJS(types_exports);
+const DirectOpType = {
+  GrantRegistration: "grant_registration",
+  DataAccess: "data_access",
+  DataRegistration: "data_registration",
+  ServerRegistration: "server_registration",
+  BuilderRegistration: "builder_registration"
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DirectOpType
+});
+//# sourceMappingURL=types.cjs.map

package/dist/direct/types.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/direct/types.ts"],"sourcesContent":["/**\n * Shared types for the Direct Data Controller and the browser connect helper.\n *\n * @remarks\n * These types describe the \"two-tab\" Data Portability flow documented in the\n * builder guide: a backend controller creates an access request, the browser\n * opens Vana for user approval, and the backend reads the approved data from\n * the user's Personal Server (handling 402 Payment Required).\n *\n * @category Direct\n * @module direct/types\n */\n\n/**\n * Target environment for a {@link DirectDataController}.\n *\n * - `\"production\"` — Vana mainnet stack (default service URLs).\n * - `\"dev\"` — Vana internal dev/testnet stack. Use only when testing against\n *   Vana's dev infrastructure.\n */\nexport type DirectEnv = \"dev\" | \"production\";\n\n/**\n * App identity advertised to users during approval and attributed in Builder\n * League activity reports.\n */\nexport interface DirectAppConfig {\n  /** Stable, human-readable app id (e.g. `\"notes-lens\"`). */\n  id: string;\n  /** Display name shown to the user in the Vana approval UI. */\n  name: string;\n  /** Public homepage URL for the app. */\n  homepageUrl: string;\n}\n\n/**\n * Resolved app identity: the configured {@link DirectAppConfig} plus the app's\n * derived on-chain address (the address to fund and inspect).\n */\nexport interface AppIdentity extends DirectAppConfig {\n  /** The app's `0x`-prefixed on-chain address (derived from `appPrivateKey`). */\n  address: string;\n}\n\n/**\n * Resolved service URLs for a given {@link DirectEnv}.\n *\n * @remarks\n * Centralizes the per-environment base URLs the controller talks to. Each can\n * be overridden via {@link DirectDataControllerConfig.endpoints} when pointing\n * at a non-standard deployment.\n */\nexport interface DirectServiceEndpoints {\n  /** Vana chain id for this environment (1480 mainnet, 14800 moksha). */\n  chainId: number;\n  /** Base URL of the Vana Account access-request API that issues `dcr_*` ids. */\n  accessRequestBaseUrl: string;\n  /** Base URL users are sent to for approval (the Vana app). */\n  approvalAppBaseUrl: string;\n}\n\n/** Result of {@link DirectDataController.createAccessRequest}. */\nexport interface AccessRequest {\n  /** Opaque request id (e.g. `\"dcr_123\"`). */\n  requestId: string;\n  /** URL the browser opens so the user can approve the requested scopes. */\n  approvalUrl: string;\n  /** On-chain address of the (registered or reused) app. */\n  appAddress: string;\n}\n\n/** Lifecycle status of an access request. */\nexport type AccessRequestStatusValue =\n  | \"pending\"\n  | \"approved\"\n  | \"denied\"\n  | \"expired\";\n\n/** Result of {@link DirectDataController.getAccessRequestStatus}. */\nexport interface AccessRequestStatus {\n  /** Current lifecycle status of the request. */\n  status: AccessRequestStatusValue;\n  /** Personal Server base URL — present once `status === \"approved\"`. */\n  personalServerUrl?: string;\n  /** Grant id covering the approved scope — present once approved. */\n  grantId?: string;\n  /** The approved scope — present once approved. */\n  scope?: string;\n}\n\n/** Result of {@link DirectDataController.readApprovedData}. */\nexport interface ApprovedDataResult<T = unknown> {\n  /** The scope the data was read for. */\n  scope: string;\n  /** The decoded payload returned by the Personal Server. */\n  data: T;\n  /**\n   * Payment receipt — present only when this read required (and settled) a\n   * payment. Lets builders inspect the amount, asset, and fee breakdown without\n   * digging into the underlying 402/escrow exchange. Reads served from a paid-up\n   * grant omit this field.\n   */\n  payment?: DirectPaymentReceipt;\n}\n\n/**\n * Client for the Vana Account access-request API — the service that turns a\n * registered app + scopes into a `dcr_*` id and approval URL.\n *\n * @remarks\n * The controller uses a default client against the Vana Account endpoints. You\n * can inject your own implementation to point at a custom deployment or to\n * supply a test double.\n */\nexport interface AccessRequestClient {\n  /**\n   * Create an access request for the given app + scopes.\n   *\n   * @param input - App identity, source, scopes, and the post-approval return URL.\n   * @returns The created {@link AccessRequest}.\n   */\n  createAccessRequest(input: {\n    appAddress: string;\n    app: DirectAppConfig;\n    source: string;\n    scopes: string[];\n    returnUrl: string;\n  }): Promise<AccessRequest>;\n\n  /**\n   * Fetch the current status of a previously created access request.\n   *\n   * @param requestId - The `dcr_*` id returned by {@link AccessRequestClient.createAccessRequest}.\n   * @returns The current {@link AccessRequestStatus}.\n   */\n  getAccessRequestStatus(requestId: string): Promise<AccessRequestStatus>;\n}\n\n/**\n * Op-type vocabulary used by the DPv2 escrow payment surface.\n *\n * @remarks\n * These are the operations the gateway prices and settles via\n * `POST /v1/escrow/pay` (`opType` field of the `GenericPayment` message). A\n * direct data read settles the {@link DirectOpType.DataAccess} op for the\n * approved grant; the other op types are listed here for completeness and to\n * give builders a typed vocabulary when inspecting fee breakdowns.\n *\n * Note: the escrow `GenericPayment` `opType` is currently `\"grant\"` on the wire\n * for grant lifecycle payments; this enum names the higher-level fee categories\n * the gateway reports in a {@link PaymentBreakdown}.\n */\nexport const DirectOpType = {\n  GrantRegistration: \"grant_registration\",\n  DataAccess: \"data_access\",\n  DataRegistration: \"data_registration\",\n  ServerRegistration: \"server_registration\",\n  BuilderRegistration: \"builder_registration\",\n} as const;\n\n/** A direct-flow op type (see {@link DirectOpType}). */\nexport type DirectOpTypeValue =\n  (typeof DirectOpType)[keyof typeof DirectOpType];\n\n/**\n * What a Personal Server `402 Payment Required` tells the controller is owed for\n * a data read.\n *\n * @remarks\n * The PS read 402 body identifies the grant to settle and the amount/asset. The\n * controller settles it via the DPv2 escrow gateway (`/v1/escrow/pay`). The full\n * unmodified body is preserved under {@link PersonalServerPaymentRequired.raw}.\n */\nexport interface PersonalServerPaymentRequired {\n  /** Grant id to settle (the escrow `opId`). Defaults to the read's grantId. */\n  grantId: string;\n  /** Asset address owed (zero address = native VANA). */\n  asset: string;\n  /** Amount owed, as a decimal base-unit string (preserves uint256 precision). */\n  amount: string;\n  /** The full, unmodified 402 response body. */\n  raw: unknown;\n}\n\n/**\n * Structured payment metadata attached to a successful paid read.\n *\n * @remarks\n * Derived from the gateway's {@link EscrowPayResult}. Lets builders debug the\n * amount, asset, and per-op fee breakdown without re-deriving anything from the\n * raw 402/payment exchange.\n */\nexport interface DirectPaymentReceipt {\n  /** Op type settled (the gateway `opType`, e.g. `\"grant\"`). */\n  opType: string;\n  /** Op id settled (the grant id). */\n  opId: string;\n  /** Asset paid in (zero address = native VANA). */\n  asset: string;\n  /** Total amount paid, as a decimal base-unit string. */\n  amount: string;\n  /** Payment nonce used for this settlement. */\n  paymentNonce: string;\n  /** Fee breakdown reported by the gateway (registration vs data-access fee). */\n  breakdown: DirectFeeBreakdown;\n  /** ISO timestamp the gateway recorded the payment. */\n  paidAt: string;\n}\n\n/**\n * Per-op fee breakdown reported by the gateway.\n *\n * @remarks\n * Mirrors the escrow {@link PaymentBreakdown}: a one-time registration fee plus\n * the per-read data-access fee, and whether this settlement covered the\n * registration fee.\n */\nexport interface DirectFeeBreakdown {\n  /** One-time registration fee for the op, as a decimal base-unit string. */\n  registrationFee: string;\n  /** Per-read data-access fee, as a decimal base-unit string. */\n  dataAccessFee: string;\n  /** True when this settlement paid the registration fee. */\n  registrationPaid: boolean;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAwJO,MAAM,eAAe;AAAA,EAC1B,mBAAmB;AAAA,EACnB,YAAY;AAAA,EACZ,kBAAkB;AAAA,EAClB,oBAAoB;AAAA,EACpB,qBAAqB;AACvB;","names":[]}