npm - @pafi-dev/issuer - Versions diffs - 0.1.0 - Mend

@pafi-dev/issuer 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,1759 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  AuthError: () => AuthError,
+  AuthService: () => AuthService,
+  DefaultPolicyEngine: () => DefaultPolicyEngine,
+  FeeManager: () => FeeManager,
+  InMemoryCursorStore: () => InMemoryCursorStore,
+  IssuerApiHandlers: () => IssuerApiHandlers,
+  MemoryPointLedger: () => MemoryPointLedger,
+  MemorySessionStore: () => MemorySessionStore,
+  MintingGateway: () => MintingGateway,
+  MintingGatewayError: () => MintingGatewayError,
+  NonceManager: () => NonceManager,
+  PAFI_ISSUER_SDK_VERSION: () => PAFI_ISSUER_SDK_VERSION,
+  PointIndexer: () => PointIndexer,
+  PrivateKeySigner: () => PrivateKeySigner,
+  RelayError: () => RelayError,
+  RelayService: () => RelayService,
+  authenticateRequest: () => authenticateRequest,
+  createIssuerService: () => createIssuerService,
+  createSubgraphNativeUsdtQuoter: () => createSubgraphNativeUsdtQuoter,
+  createSubgraphPoolsProvider: () => createSubgraphPoolsProvider,
+  encodeExtData: () => import_core4.encodeExtData
+});
+module.exports = __toCommonJS(index_exports);
+// src/ledger/memoryLedger.ts
+var import_viem = require("viem");
+var MemoryPointLedger = class {
+  balances = /* @__PURE__ */ new Map();
+  locks = /* @__PURE__ */ new Map();
+  nextLockId = 1;
+  now;
+  constructor(opts = {}) {
+    this.now = opts.now ?? (() => Date.now());
+  }
+  // -------------------------------------------------------------------------
+  // Read
+  // -------------------------------------------------------------------------
+  async getBalance(userAddress) {
+    const key = (0, import_viem.getAddress)(userAddress);
+    this.purgeExpired();
+    const total = this.balances.get(key) ?? 0n;
+    const locked = this.lockedTotalFor(key);
+    return total - locked;
+  }
+  async getLockedRequests(userAddress) {
+    const key = (0, import_viem.getAddress)(userAddress);
+    this.purgeExpired();
+    const out = [];
+    for (const lock of this.locks.values()) {
+      if (lock.userAddress === key && lock.status === "PENDING") {
+        out.push({ ...lock });
+      }
+    }
+    return out;
+  }
+  // -------------------------------------------------------------------------
+  // Write
+  // -------------------------------------------------------------------------
+  async creditBalance(userAddress, amount, _reason) {
+    if (amount <= 0n) {
+      throw new Error("MemoryPointLedger: credit amount must be positive");
+    }
+    const key = (0, import_viem.getAddress)(userAddress);
+    const current = this.balances.get(key) ?? 0n;
+    this.balances.set(key, current + amount);
+  }
+  async lockForMinting(userAddress, amount, lockDurationMs) {
+    if (amount <= 0n) {
+      throw new Error("MemoryPointLedger: lock amount must be positive");
+    }
+    if (lockDurationMs <= 0) {
+      throw new Error("MemoryPointLedger: lockDurationMs must be positive");
+    }
+    const key = (0, import_viem.getAddress)(userAddress);
+    this.purgeExpired();
+    const total = this.balances.get(key) ?? 0n;
+    const alreadyLocked = this.lockedTotalFor(key);
+    const available = total - alreadyLocked;
+    if (available < amount) {
+      throw new Error(
+        `MemoryPointLedger: insufficient balance \u2014 available=${available}, requested=${amount}`
+      );
+    }
+    const lockId = `lock-${this.nextLockId++}`;
+    const now = this.now();
+    this.locks.set(lockId, {
+      lockId,
+      userAddress: key,
+      amount,
+      status: "PENDING",
+      createdAt: now,
+      expiresAt: now + lockDurationMs
+    });
+    return lockId;
+  }
+  async releaseLock(lockId) {
+    const lock = this.locks.get(lockId);
+    if (!lock) return;
+    if (lock.status === "PENDING") {
+      this.locks.delete(lockId);
+    }
+  }
+  async deductBalance(userAddress, amount, txHash) {
+    if (amount <= 0n) {
+      throw new Error("MemoryPointLedger: deduct amount must be positive");
+    }
+    const key = (0, import_viem.getAddress)(userAddress);
+    const current = this.balances.get(key) ?? 0n;
+    if (current < amount) {
+      throw new Error(
+        `MemoryPointLedger: cannot deduct ${amount} from balance ${current}`
+      );
+    }
+    this.balances.set(key, current - amount);
+    for (const lock of this.locks.values()) {
+      if (lock.userAddress === key && lock.status === "PENDING" && lock.amount === amount) {
+        lock.status = "MINTED";
+        lock.txHash = txHash;
+        return;
+      }
+    }
+  }
+  async updateMintStatus(lockId, status, txHash) {
+    const lock = this.locks.get(lockId);
+    if (!lock) {
+      throw new Error(`MemoryPointLedger: unknown lockId ${lockId}`);
+    }
+    lock.status = status;
+    if (txHash) lock.txHash = txHash;
+  }
+  // -------------------------------------------------------------------------
+  // Internal helpers
+  // -------------------------------------------------------------------------
+  /**
+   * Auto-expire any PENDING lock past its expiry. Called lazily on every
+   * read/write so the in-memory state stays self-cleaning without a timer.
+   */
+  purgeExpired() {
+    const now = this.now();
+    for (const lock of this.locks.values()) {
+      if (lock.status === "PENDING" && lock.expiresAt <= now) {
+        lock.status = "EXPIRED";
+      }
+    }
+  }
+  lockedTotalFor(userAddress) {
+    let total = 0n;
+    for (const lock of this.locks.values()) {
+      if (lock.userAddress === userAddress && lock.status === "PENDING") {
+        total += lock.amount;
+      }
+    }
+    return total;
+  }
+};
+// src/policy/defaultPolicy.ts
+var DefaultPolicyEngine = class {
+  ledger;
+  provider;
+  mintingOracleAddress;
+  verifyMintCap;
+  resolveIssuer;
+  constructor(opts) {
+    this.ledger = opts.ledger;
+    if (opts.provider) this.provider = opts.provider;
+    if (opts.mintingOracleAddress) {
+      this.mintingOracleAddress = opts.mintingOracleAddress;
+    }
+    if (opts.verifyMintCap) this.verifyMintCap = opts.verifyMintCap;
+    if (opts.resolveIssuer) this.resolveIssuer = opts.resolveIssuer;
+  }
+  async evaluate(request) {
+    if (request.amount <= 0n) {
+      return { approved: false, reason: "Amount must be positive" };
+    }
+    const available = await this.ledger.getBalance(request.userAddress);
+    if (available < request.amount) {
+      return {
+        approved: false,
+        reason: `Insufficient balance (available=${available}, requested=${request.amount})`
+      };
+    }
+    if (this.mintingOracleAddress && this.provider && this.verifyMintCap && this.resolveIssuer) {
+      try {
+        const issuer = await this.resolveIssuer(request.pointTokenAddress);
+        await this.verifyMintCap(
+          this.provider,
+          this.mintingOracleAddress,
+          issuer,
+          request.amount
+        );
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+          approved: false,
+          reason: `Minting cap check failed: ${msg}`
+        };
+      }
+    }
+    return { approved: true };
+  }
+};
+// src/signer/privateKeySigner.ts
+var import_viem2 = require("viem");
+var import_accounts = require("viem/accounts");
+var import_core = require("@pafi-dev/core");
+var PrivateKeySigner = class {
+  account;
+  walletClient;
+  constructor(opts) {
+    this.account = (0, import_accounts.privateKeyToAccount)(opts.privateKey);
+    this.walletClient = (0, import_viem2.createWalletClient)({
+      account: this.account,
+      chain: opts.chain,
+      transport: (0, import_viem2.http)(opts.rpcUrl)
+    });
+  }
+  async signMintRequest(domain, message) {
+    return (0, import_core.signMintRequest)(this.walletClient, domain, message);
+  }
+  async getAddress() {
+    return this.account.address;
+  }
+};
+// src/auth/memorySessionStore.ts
+var import_node_crypto = require("crypto");
+var import_viem3 = require("viem");
+var DEFAULT_NONCE_TTL_MS = 5 * 60 * 1e3;
+var MemorySessionStore = class {
+  nonces = /* @__PURE__ */ new Map();
+  // nonce → expiresAt
+  sessions = /* @__PURE__ */ new Map();
+  // tokenId → session
+  nonceTtlMs;
+  now;
+  constructor(opts = {}) {
+    this.nonceTtlMs = opts.nonceTtlMs ?? DEFAULT_NONCE_TTL_MS;
+    this.now = opts.now ?? (() => Date.now());
+  }
+  // -------------------------------------------------------------------------
+  // Nonces
+  // -------------------------------------------------------------------------
+  async createNonce() {
+    this.purgeExpiredNonces();
+    const nonce = (0, import_node_crypto.randomBytes)(16).toString("hex");
+    this.nonces.set(nonce, this.now() + this.nonceTtlMs);
+    return nonce;
+  }
+  async consumeNonce(nonce) {
+    this.purgeExpiredNonces();
+    const expiresAt = this.nonces.get(nonce);
+    if (expiresAt === void 0) return false;
+    this.nonces.delete(nonce);
+    return expiresAt > this.now();
+  }
+  // -------------------------------------------------------------------------
+  // Sessions
+  // -------------------------------------------------------------------------
+  async createSession(session) {
+    this.purgeExpiredSessions();
+    const normalized = {
+      ...session,
+      userAddress: (0, import_viem3.getAddress)(session.userAddress)
+    };
+    this.sessions.set(session.tokenId, normalized);
+  }
+  async getSession(tokenId) {
+    this.purgeExpiredSessions();
+    const session = this.sessions.get(tokenId);
+    if (!session) return null;
+    if (session.expiresAt.getTime() <= this.now()) {
+      this.sessions.delete(tokenId);
+      return null;
+    }
+    return { ...session };
+  }
+  async revokeSession(tokenId) {
+    this.sessions.delete(tokenId);
+  }
+  async revokeAllSessions(userAddress) {
+    const key = (0, import_viem3.getAddress)(userAddress);
+    for (const [tokenId, session] of this.sessions.entries()) {
+      if (session.userAddress === key) {
+        this.sessions.delete(tokenId);
+      }
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Housekeeping
+  // -------------------------------------------------------------------------
+  purgeExpiredNonces() {
+    const now = this.now();
+    for (const [nonce, expiresAt] of this.nonces.entries()) {
+      if (expiresAt <= now) this.nonces.delete(nonce);
+    }
+  }
+  purgeExpiredSessions() {
+    const now = this.now();
+    for (const [tokenId, session] of this.sessions.entries()) {
+      if (session.expiresAt.getTime() <= now) this.sessions.delete(tokenId);
+    }
+  }
+};
+// src/auth/nonceManager.ts
+var NonceManager = class {
+  constructor(store) {
+    this.store = store;
+  }
+  store;
+  /** Generate a fresh login nonce. The store is responsible for TTL. */
+  async generate() {
+    return this.store.createNonce();
+  }
+  /**
+   * Atomically validate + consume a nonce. Returns `true` iff the nonce
+   * was known and unexpired (and is now removed from the store).
+   */
+  async consume(nonce) {
+    return this.store.consumeNonce(nonce);
+  }
+};
+// src/auth/loginVerifier.ts
+var import_node_crypto2 = require("crypto");
+var import_jose = require("jose");
+var import_viem4 = require("viem");
+var import_core2 = require("@pafi-dev/core");
+// src/auth/errors.ts
+var AuthError = class extends Error {
+  code;
+  constructor(code, message) {
+    super(message);
+    this.name = "AuthError";
+    this.code = code;
+  }
+};
+// src/auth/loginVerifier.ts
+var DEFAULT_EXPIRES_IN = "24h";
+var AuthService = class {
+  sessionStore;
+  jwtSecret;
+  jwtExpiresIn;
+  domain;
+  chainId;
+  nonceManager;
+  now;
+  constructor(config) {
+    if (!config.jwtSecret || config.jwtSecret.length < 16) {
+      throw new Error("AuthService: jwtSecret must be at least 16 chars");
+    }
+    this.sessionStore = config.sessionStore;
+    this.jwtSecret = new TextEncoder().encode(config.jwtSecret);
+    this.jwtExpiresIn = config.jwtExpiresIn ?? DEFAULT_EXPIRES_IN;
+    this.domain = config.domain;
+    this.chainId = config.chainId;
+    this.nonceManager = new NonceManager(config.sessionStore);
+    this.now = config.now ?? (() => /* @__PURE__ */ new Date());
+  }
+  // -------------------------------------------------------------------------
+  // Public API
+  // -------------------------------------------------------------------------
+  /** Generate a fresh login nonce. */
+  async getNonce() {
+    return this.nonceManager.generate();
+  }
+  /**
+   * Verify a signed login message and issue a JWT on success.
+   * Throws an `AuthError` on any validation failure.
+   */
+  async login(message, signature) {
+    let parsed;
+    try {
+      parsed = (0, import_core2.parseLoginMessage)(message);
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      throw new AuthError("INVALID_MESSAGE", `Could not parse login message: ${msg}`);
+    }
+    if (parsed.domain !== this.domain) {
+      throw new AuthError(
+        "DOMAIN_MISMATCH",
+        `Expected domain "${this.domain}", got "${parsed.domain}"`
+      );
+    }
+    if (parsed.chainId !== this.chainId) {
+      throw new AuthError(
+        "CHAIN_MISMATCH",
+        `Expected chainId ${this.chainId}, got ${parsed.chainId}`
+      );
+    }
+    const now = this.now();
+    if (parsed.notBefore && parsed.notBefore.getTime() > now.getTime()) {
+      throw new AuthError(
+        "MESSAGE_NOT_YET_VALID",
+        "Login message is not yet valid"
+      );
+    }
+    if (parsed.expirationTime && parsed.expirationTime.getTime() <= now.getTime()) {
+      throw new AuthError("MESSAGE_EXPIRED", "Login message has expired");
+    }
+    const verifyResult = await (0, import_core2.verifyLoginMessage)(message, signature);
+    if (!verifyResult.valid) {
+      throw new AuthError(
+        "SIGNATURE_INVALID",
+        "Signature does not match the address in the login message"
+      );
+    }
+    const nonceOk = await this.nonceManager.consume(parsed.nonce);
+    if (!nonceOk) {
+      throw new AuthError(
+        "NONCE_INVALID",
+        "Nonce is unknown, expired, or already used"
+      );
+    }
+    const userAddress = (0, import_viem4.getAddress)(verifyResult.address);
+    const tokenId = (0, import_node_crypto2.randomBytes)(16).toString("hex");
+    const issuedAt = now;
+    const expiresAt = parseExpiry(issuedAt, this.jwtExpiresIn);
+    const session = {
+      tokenId,
+      userAddress,
+      chainId: this.chainId,
+      issuedAt,
+      expiresAt
+    };
+    await this.sessionStore.createSession(session);
+    const token = await new import_jose.SignJWT({
+      userAddress,
+      chainId: this.chainId
+    }).setProtectedHeader({ alg: "HS256" }).setJti(tokenId).setIssuedAt(Math.floor(issuedAt.getTime() / 1e3)).setExpirationTime(Math.floor(expiresAt.getTime() / 1e3)).sign(this.jwtSecret);
+    return { token, userAddress, tokenId, expiresAt };
+  }
+  /** Revoke the session backing the given JWT (logout). */
+  async logout(token) {
+    try {
+      const { payload } = await (0, import_jose.jwtVerify)(token, this.jwtSecret, {
+        clockTolerance: 60
+        // allow logout right after expiry
+      });
+      if (payload.jti) {
+        await this.sessionStore.revokeSession(payload.jti);
+      }
+    } catch {
+    }
+  }
+  /**
+   * Verify a JWT and return the authenticated user context. Throws an
+   * `AuthError` if the token is missing, malformed, expired, revoked, or
+   * signed by a different key.
+   */
+  async verifyToken(token) {
+    let payload;
+    try {
+      const result = await (0, import_jose.jwtVerify)(token, this.jwtSecret);
+      payload = result.payload;
+    } catch (err) {
+      if (err instanceof import_jose.errors.JWTExpired) {
+        throw new AuthError("TOKEN_EXPIRED", "JWT has expired");
+      }
+      if (err instanceof import_jose.errors.JWTInvalid || err instanceof import_jose.errors.JWSInvalid || err instanceof import_jose.errors.JWSSignatureVerificationFailed) {
+        throw new AuthError("TOKEN_INVALID", "JWT is invalid");
+      }
+      throw new AuthError("TOKEN_INVALID", "JWT verification failed");
+    }
+    const tokenId = payload.jti;
+    if (!tokenId) {
+      throw new AuthError("TOKEN_INVALID", "JWT is missing jti claim");
+    }
+    const session = await this.sessionStore.getSession(tokenId);
+    if (!session) {
+      throw new AuthError(
+        "SESSION_REVOKED",
+        "Session is no longer active (revoked or expired)"
+      );
+    }
+    const userAddress = payload.userAddress;
+    const chainId = payload.chainId;
+    if (!userAddress || typeof chainId !== "number") {
+      throw new AuthError("TOKEN_INVALID", "JWT payload is malformed");
+    }
+    return {
+      userAddress: (0, import_viem4.getAddress)(userAddress),
+      chainId,
+      tokenId
+    };
+  }
+};
+function parseExpiry(from, expiresIn) {
+  const match = expiresIn.match(/^(\d+)\s*(s|m|h|d)$/i);
+  if (!match) {
+    throw new Error(
+      `AuthService: unsupported jwtExpiresIn "${expiresIn}" \u2014 use e.g. "24h"`
+    );
+  }
+  const n = Number(match[1]);
+  const unit = match[2].toLowerCase();
+  const multiplier = unit === "s" ? 1e3 : unit === "m" ? 6e4 : unit === "h" ? 36e5 : 864e5;
+  return new Date(from.getTime() + n * multiplier);
+}
+// src/auth/jwtMiddleware.ts
+async function authenticateRequest(authHeader, authService) {
+  if (!authHeader) {
+    throw new AuthError(
+      "MISSING_TOKEN",
+      "Authorization header is required"
+    );
+  }
+  const match = authHeader.match(/^Bearer\s+(\S+)\s*$/i);
+  if (!match) {
+    throw new AuthError(
+      "MALFORMED_TOKEN",
+      "Authorization header must be in the form 'Bearer <token>'"
+    );
+  }
+  const token = match[1];
+  return authService.verifyToken(token);
+}
+// src/relay/types.ts
+var RelayError = class extends Error {
+  code;
+  cause;
+  constructor(code, message, cause) {
+    super(message);
+    this.name = "RelayError";
+    this.code = code;
+    if (cause !== void 0) this.cause = cause;
+  }
+};
+// src/relay/relayService.ts
+var import_core3 = require("@pafi-dev/core");
+var DEFAULT_CONFIRMATION_TIMEOUT_MS = 6e4;
+var RelayService = class {
+  relayAddress;
+  operatorWallet;
+  provider;
+  confirmationTimeoutMs;
+  simulateBeforeSubmit;
+  constructor(config) {
+    if (!config.relayAddress) {
+      throw new Error("RelayService: relayAddress is required");
+    }
+    if (!config.operatorWallet) {
+      throw new Error("RelayService: operatorWallet is required");
+    }
+    this.relayAddress = config.relayAddress;
+    this.operatorWallet = config.operatorWallet;
+    if (config.provider) this.provider = config.provider;
+    this.confirmationTimeoutMs = config.confirmationTimeoutMs ?? DEFAULT_CONFIRMATION_TIMEOUT_MS;
+    this.simulateBeforeSubmit = config.simulateBeforeSubmit ?? config.provider !== void 0;
+  }
+  /** Address the operator wallet is broadcasting from (for logging). */
+  operatorAddress() {
+    return this.operatorWallet.account?.address;
+  }
+  /**
+   * Build calldata for the Relay `mintAndSwap` function. Kept public so
+   * callers (e.g. the MintingGateway) can log or persist the encoded call
+   * for audit before broadcasting.
+   */
+  encodeCall(params) {
+    try {
+      return (0, import_core3.encodeMintAndSwap)(params.mint, params.swap);
+    } catch (err) {
+      throw new RelayError(
+        "ENCODE_FAILED",
+        `Failed to encode mintAndSwap calldata: ${errorMessage(err)}`,
+        err
+      );
+    }
+  }
+  /**
+   * Submit a `mintAndSwap` transaction. Flow:
+   *
+   *   1. (optional) pre-flight simulate via provider
+   *   2. writeContract through the operator wallet
+   *   3. (optional) wait for the receipt and surface gasUsed / status
+   *
+   * Throws a typed `RelayError` on any failure so the MintingGateway can
+   * decide whether to release the ledger lock (`SUBMIT_FAILED` and
+   * `SIMULATION_FAILED` are safe to release; `TX_REVERTED` and `TIMEOUT`
+   * need manual review because the tx may still land).
+   */
+  async submitMintAndSwap(params) {
+    if (this.simulateBeforeSubmit && this.provider) {
+      const operatorAddr = this.operatorWallet.account?.address;
+      if (operatorAddr) {
+        try {
+          await (0, import_core3.simulateMintAndSwap)(
+            this.provider,
+            this.relayAddress,
+            params.mint,
+            params.swap,
+            operatorAddr
+          );
+        } catch (err) {
+          const reason = err instanceof import_core3.SimulationError ? err.reason : errorMessage(err);
+          throw new RelayError(
+            "SIMULATION_FAILED",
+            `mintAndSwap would revert: ${reason}`,
+            err
+          );
+        }
+      }
+    }
+    let txHash;
+    try {
+      txHash = await this.operatorWallet.writeContract({
+        address: this.relayAddress,
+        abi: import_core3.relayAbi,
+        functionName: "mintAndSwap",
+        args: [params.mint, params.swap],
+        ...this.operatorWallet.account ? { account: this.operatorWallet.account } : {}
+      });
+    } catch (err) {
+      throw new RelayError(
+        "SUBMIT_FAILED",
+        `Failed to broadcast mintAndSwap: ${errorMessage(err)}`,
+        err
+      );
+    }
+    if (!this.provider) {
+      return { txHash };
+    }
+    try {
+      const receipt = await this.provider.waitForTransactionReceipt({
+        hash: txHash,
+        timeout: this.confirmationTimeoutMs
+      });
+      if (receipt.status !== "success") {
+        throw new RelayError(
+          "TX_REVERTED",
+          `mintAndSwap reverted on-chain (tx=${txHash})`
+        );
+      }
+      return {
+        txHash,
+        blockNumber: receipt.blockNumber,
+        gasUsed: receipt.gasUsed,
+        status: receipt.status
+      };
+    } catch (err) {
+      if (err instanceof RelayError) throw err;
+      throw new RelayError(
+        "TIMEOUT",
+        `Timed out waiting for mintAndSwap receipt (tx=${txHash}): ${errorMessage(err)}`,
+        err
+      );
+    }
+  }
+};
+function errorMessage(err) {
+  return err instanceof Error ? err.message : String(err);
+}
+// src/relay/feeManager.ts
+var DEFAULT_GAS_UNITS = 500000n;
+var DEFAULT_PREMIUM_BPS = 12e3;
+var FeeManager = class {
+  provider;
+  operatorWallet;
+  mintAndSwapGasUnits;
+  gasPremiumBps;
+  quoteNativeToUsdt;
+  rebalanceThresholdWei;
+  rebalanceUsdtAmount;
+  swapUsdtToNative;
+  constructor(config) {
+    if (!config.provider) throw new Error("FeeManager: provider required");
+    if (!config.operatorWallet)
+      throw new Error("FeeManager: operatorWallet required");
+    if (!config.quoteNativeToUsdt)
+      throw new Error("FeeManager: quoteNativeToUsdt required");
+    this.provider = config.provider;
+    this.operatorWallet = config.operatorWallet;
+    this.mintAndSwapGasUnits = config.mintAndSwapGasUnits ?? DEFAULT_GAS_UNITS;
+    this.gasPremiumBps = config.gasPremiumBps ?? DEFAULT_PREMIUM_BPS;
+    this.quoteNativeToUsdt = config.quoteNativeToUsdt;
+    if (config.rebalanceThresholdWei !== void 0) {
+      this.rebalanceThresholdWei = config.rebalanceThresholdWei;
+    }
+    if (config.rebalanceUsdtAmount !== void 0) {
+      this.rebalanceUsdtAmount = config.rebalanceUsdtAmount;
+    }
+    if (config.swapUsdtToNative) {
+      this.swapUsdtToNative = config.swapUsdtToNative;
+    }
+    const rebalanceFields = [
+      config.rebalanceThresholdWei,
+      config.rebalanceUsdtAmount,
+      config.swapUsdtToNative
+    ];
+    const someSet = rebalanceFields.some((v) => v !== void 0);
+    const allSet = rebalanceFields.every((v) => v !== void 0);
+    if (someSet && !allSet) {
+      throw new Error(
+        "FeeManager: rebalanceThresholdWei, rebalanceUsdtAmount, and swapUsdtToNative must all be set together"
+      );
+    }
+  }
+  /**
+   * Estimate the USDT fee the operator should charge for a single
+   * `mintAndSwap`. Computed as:
+   *
+   *   nativeCost = gasUnits × gasPrice
+   *   premiumNativeCost = nativeCost × premiumBps / 10_000
+   *   usdtFee = quoteNativeToUsdt(premiumNativeCost)
+   */
+  async estimateGasFee() {
+    const gasPrice = await this.provider.getGasPrice();
+    const nativeCost = gasPrice * this.mintAndSwapGasUnits;
+    const withPremium = nativeCost * BigInt(this.gasPremiumBps) / 10000n;
+    return this.quoteNativeToUsdt(withPremium);
+  }
+  /**
+   * Check the operator's native balance and, if it has dropped below the
+   * configured threshold, trigger a USDT→native rebalance via the injected
+   * `swapUsdtToNative` function.
+   *
+   * Returns `true` if a rebalance was performed, `false` otherwise.
+   * Silently no-ops when rebalance is not configured.
+   */
+  async rebalanceIfNeeded() {
+    if (this.rebalanceThresholdWei === void 0 || this.rebalanceUsdtAmount === void 0 || !this.swapUsdtToNative) {
+      return false;
+    }
+    const operatorAddress = this.operatorWallet.account?.address;
+    if (!operatorAddress) {
+      throw new Error(
+        "FeeManager: operator wallet has no account attached \u2014 cannot read balance"
+      );
+    }
+    const balance = await this.provider.getBalance({ address: operatorAddress });
+    if (balance >= this.rebalanceThresholdWei) {
+      return false;
+    }
+    await this.swapUsdtToNative(this.rebalanceUsdtAmount);
+    return true;
+  }
+};
+// src/gateway/types.ts
+var MintingGatewayError = class extends Error {
+  code;
+  /**
+   * True if the ledger lock was released before this error was thrown,
+   * meaning the user can safely retry. False means the funds are still
+   * locked (e.g. tx may still land on-chain) and retry would double-spend.
+   */
+  safeToRetry;
+  cause;
+  constructor(code, message, opts) {
+    super(message);
+    this.name = "MintingGatewayError";
+    this.code = code;
+    this.safeToRetry = opts.safeToRetry;
+    if (opts.cause !== void 0) this.cause = opts.cause;
+  }
+};
+// src/gateway/mintingGateway.ts
+var import_core4 = require("@pafi-dev/core");
+var DEFAULT_LOCK_BUFFER_MS = 6e4;
+var MintingGateway = class {
+  ledger;
+  policy;
+  signer;
+  relayService;
+  now;
+  defaultLockBufferMs;
+  constructor(config) {
+    if (!config.ledger) throw new Error("MintingGateway: ledger required");
+    if (!config.policy) throw new Error("MintingGateway: policy required");
+    if (!config.signer) throw new Error("MintingGateway: signer required");
+    if (!config.relayService)
+      throw new Error("MintingGateway: relayService required");
+    this.ledger = config.ledger;
+    this.policy = config.policy;
+    this.signer = config.signer;
+    this.relayService = config.relayService;
+    this.now = config.now ?? (() => Date.now());
+    this.defaultLockBufferMs = config.defaultLockBufferMs ?? DEFAULT_LOCK_BUFFER_MS;
+  }
+  async processMintAndCashOut(request) {
+    const { receiverConsent, receiverSignature } = request;
+    if (!receiverConsent || !receiverSignature) {
+      throw new MintingGatewayError(
+        "INVALID_REQUEST",
+        "receiverConsent and receiverSignature are required",
+        { safeToRetry: true }
+      );
+    }
+    if (receiverConsent.amount <= 0n) {
+      throw new MintingGatewayError(
+        "INVALID_REQUEST",
+        "consent amount must be positive",
+        { safeToRetry: true }
+      );
+    }
+    if (receiverConsent.originalReceiver !== request.userAddress) {
+      throw new MintingGatewayError(
+        "INVALID_REQUEST",
+        "consent.originalReceiver must equal request.userAddress",
+        { safeToRetry: true }
+      );
+    }
+    const nowSec = BigInt(Math.floor(this.now() / 1e3));
+    if (receiverConsent.deadline <= nowSec) {
+      throw new MintingGatewayError(
+        "CONSENT_EXPIRED",
+        "ReceiverConsent deadline has already passed",
+        { safeToRetry: true }
+      );
+    }
+    const consentResult = await (0, import_core4.verifyReceiverConsent)(
+      request.domain,
+      receiverConsent,
+      receiverSignature,
+      request.userAddress
+    );
+    if (!consentResult.isValid) {
+      throw new MintingGatewayError(
+        "INVALID_CONSENT_SIGNATURE",
+        `ReceiverConsent signature did not recover to ${request.userAddress}`,
+        { safeToRetry: true }
+      );
+    }
+    const policyDecision = await this.policy.evaluate({
+      userAddress: request.userAddress,
+      amount: receiverConsent.amount,
+      pointTokenAddress: request.pointTokenAddress,
+      chainId: request.chainId
+    });
+    if (!policyDecision.approved) {
+      const code = policyDecision.reason?.toLowerCase().includes("insufficient") ? "INSUFFICIENT_BALANCE" : "POLICY_REJECTED";
+      throw new MintingGatewayError(
+        code,
+        policyDecision.reason ?? "Minting request rejected by policy engine",
+        { safeToRetry: true }
+      );
+    }
+    const lockDurationMs = request.lockDurationMs ?? this.computeLockDurationMs(receiverConsent.deadline);
+    let lockId;
+    try {
+      lockId = await this.ledger.lockForMinting(
+        request.userAddress,
+        receiverConsent.amount,
+        lockDurationMs
+      );
+    } catch (err) {
+      throw new MintingGatewayError(
+        "INSUFFICIENT_BALANCE",
+        `Failed to lock ledger balance: ${errorMessage2(err)}`,
+        { safeToRetry: true, cause: err }
+      );
+    }
+    try {
+      let minterSignature;
+      try {
+        minterSignature = await this.signer.signMintRequest(request.domain, {
+          to: request.userAddress,
+          amount: receiverConsent.amount,
+          nonce: receiverConsent.nonce,
+          deadline: receiverConsent.deadline
+        });
+      } catch (err) {
+        await this.releaseLockSafely(lockId);
+        throw new MintingGatewayError(
+          "SIGNER_FAILED",
+          `Issuer signer failed: ${errorMessage2(err)}`,
+          { safeToRetry: true, cause: err }
+        );
+      }
+      const mintParams = {
+        pointToken: request.pointTokenAddress,
+        receiver: request.userAddress,
+        amount: receiverConsent.amount,
+        deadline: receiverConsent.deadline,
+        minterSig: minterSignature.serialized,
+        receiverSig: receiverSignature,
+        extData: receiverConsent.extData
+      };
+      const swapParams = {
+        path: request.swapPath,
+        deadline: request.swapDeadline
+      };
+      let relayResult;
+      try {
+        relayResult = await this.relayService.submitMintAndSwap({
+          mint: mintParams,
+          swap: swapParams
+        });
+      } catch (err) {
+        await this.handleRelayFailure(err, lockId);
+      }
+      const result = {
+        txHash: relayResult.txHash,
+        lockId
+      };
+      if (relayResult.blockNumber !== void 0) {
+        result.blockNumber = relayResult.blockNumber;
+      }
+      if (relayResult.gasUsed !== void 0) {
+        result.gasUsed = relayResult.gasUsed;
+      }
+      return result;
+    } catch (err) {
+      if (err instanceof MintingGatewayError) throw err;
+      await this.releaseLockSafely(lockId);
+      throw new MintingGatewayError(
+        "RELAY_SUBMIT_FAILED",
+        `Unexpected error: ${errorMessage2(err)}`,
+        { safeToRetry: true, cause: err }
+      );
+    }
+  }
+  // ---------------------------------------------------------------------------
+  // Internals
+  // ---------------------------------------------------------------------------
+  computeLockDurationMs(consentDeadlineSec) {
+    const nowMs = this.now();
+    const deadlineMs = Number(consentDeadlineSec) * 1e3;
+    const remaining = Math.max(0, deadlineMs - nowMs);
+    return remaining + this.defaultLockBufferMs;
+  }
+  /**
+   * Map a RelayError to a MintingGatewayError, releasing the lock only
+   * when the tx definitely did not land. `TX_REVERTED` and `TIMEOUT`
+   * leave the lock in place because the tx may still be in the mempool
+   * or already mined — releasing would enable a double-spend on retry.
+   * Always throws.
+   */
+  async handleRelayFailure(err, lockId) {
+    if (err instanceof RelayError) {
+      switch (err.code) {
+        case "ENCODE_FAILED":
+        case "SIMULATION_FAILED":
+        case "SUBMIT_FAILED":
+        case "NOT_CONFIGURED":
+          await this.releaseLockSafely(lockId);
+          throw new MintingGatewayError(
+            err.code === "SIMULATION_FAILED" ? "RELAY_SIMULATION_FAILED" : "RELAY_SUBMIT_FAILED",
+            err.message,
+            { safeToRetry: true, cause: err }
+          );
+        case "TX_REVERTED":
+          throw new MintingGatewayError("RELAY_REVERTED", err.message, {
+            safeToRetry: false,
+            cause: err
+          });
+        case "TIMEOUT":
+          throw new MintingGatewayError("RELAY_TIMEOUT", err.message, {
+            safeToRetry: false,
+            cause: err
+          });
+      }
+    }
+    await this.releaseLockSafely(lockId);
+    throw new MintingGatewayError(
+      "RELAY_SUBMIT_FAILED",
+      `Unexpected relay error: ${errorMessage2(err)}`,
+      { safeToRetry: true, cause: err }
+    );
+  }
+  /**
+   * Release a lock, swallowing any secondary error. We never want a lock
+   * release failure to mask the original error — the lock will auto-expire
+   * via TTL anyway.
+   */
+  async releaseLockSafely(lockId) {
+    try {
+      await this.ledger.releaseLock(lockId);
+    } catch {
+    }
+  }
+};
+function errorMessage2(err) {
+  return err instanceof Error ? err.message : String(err);
+}
+// src/indexer/types.ts
+var InMemoryCursorStore = class {
+  cursor;
+  async load() {
+    return this.cursor;
+  }
+  async save(blockNumber) {
+    this.cursor = blockNumber;
+  }
+};
+// src/indexer/pointIndexer.ts
+var import_viem5 = require("viem");
+var TRANSFER_EVENT = (0, import_viem5.parseAbiItem)(
+  "event Transfer(address indexed from, address indexed to, uint256 value)"
+);
+var ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
+var DEFAULT_CONFIRMATIONS = 3;
+var DEFAULT_BATCH_SIZE = 2000n;
+var DEFAULT_POLL_INTERVAL_MS = 5e3;
+var PointIndexer = class {
+  provider;
+  pointTokenAddress;
+  ledger;
+  cursorStore;
+  startBlock;
+  confirmations;
+  batchSize;
+  pollIntervalMs;
+  running = false;
+  timer;
+  constructor(config) {
+    if (!config.provider) throw new Error("PointIndexer: provider required");
+    if (!config.pointTokenAddress)
+      throw new Error("PointIndexer: pointTokenAddress required");
+    if (!config.ledger) throw new Error("PointIndexer: ledger required");
+    this.provider = config.provider;
+    this.pointTokenAddress = config.pointTokenAddress;
+    this.ledger = config.ledger;
+    this.cursorStore = config.cursorStore ?? new InMemoryCursorStore();
+    this.startBlock = config.fromBlock ?? 0n;
+    this.confirmations = BigInt(config.confirmations ?? DEFAULT_CONFIRMATIONS);
+    this.batchSize = BigInt(config.batchSize ?? Number(DEFAULT_BATCH_SIZE));
+    this.pollIntervalMs = config.pollIntervalMs ?? DEFAULT_POLL_INTERVAL_MS;
+  }
+  // -------------------------------------------------------------------------
+  // Lifecycle
+  // -------------------------------------------------------------------------
+  /** Begin polling. Schedules `tick()` on a loop. */
+  start() {
+    if (this.running) return;
+    this.running = true;
+    void this.tick();
+  }
+  /** Stop polling. Safe to call multiple times. */
+  stop() {
+    this.running = false;
+    if (this.timer) {
+      clearTimeout(this.timer);
+      this.timer = void 0;
+    }
+  }
+  /**
+   * Run one poll cycle: load cursor → scan [cursor, safeHead] in
+   * `batchSize` chunks → persist new cursor. Swallows any error and
+   * schedules the next tick. Visible for test harnesses via a public name.
+   */
+  async tick() {
+    if (!this.running) return;
+    try {
+      const latest = await this.provider.getBlockNumber();
+      const safeHead = latest - this.confirmations;
+      if (safeHead < 0n) {
+        this.scheduleNext();
+        return;
+      }
+      const stored = await this.cursorStore.load();
+      const from = stored ?? this.startBlock;
+      if (from > safeHead) {
+        this.scheduleNext();
+        return;
+      }
+      await this.processBlockRange(from, safeHead);
+    } catch {
+    }
+    this.scheduleNext();
+  }
+  scheduleNext() {
+    if (!this.running) return;
+    this.timer = setTimeout(() => void this.tick(), this.pollIntervalMs);
+  }
+  // -------------------------------------------------------------------------
+  // Block scanning
+  // -------------------------------------------------------------------------
+  /**
+   * Scan `[from, to]` inclusive for mint events in `batchSize` chunks.
+   * Callers can use this directly to backfill a specific range without
+   * engaging `start()`. On completion, the cursor is advanced to `to + 1`.
+   */
+  async processBlockRange(from, to) {
+    if (from > to) return;
+    let cursor = from;
+    while (cursor <= to) {
+      const chunkEnd = cursor + this.batchSize - 1n > to ? to : cursor + this.batchSize - 1n;
+      const logs = await this.provider.getLogs({
+        address: this.pointTokenAddress,
+        event: TRANSFER_EVENT,
+        args: { from: ZERO_ADDRESS },
+        fromBlock: cursor,
+        toBlock: chunkEnd
+      });
+      const events = this.decodeMintEvents(logs);
+      events.sort((a, b) => {
+        if (a.blockNumber !== b.blockNumber) {
+          return a.blockNumber < b.blockNumber ? -1 : 1;
+        }
+        return a.logIndex - b.logIndex;
+      });
+      for (const evt of events) {
+        await this.finalize(evt);
+      }
+      await this.cursorStore.save(chunkEnd + 1n);
+      cursor = chunkEnd + 1n;
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Internals
+  // -------------------------------------------------------------------------
+  decodeMintEvents(logs) {
+    const out = [];
+    for (const log of logs) {
+      const args = log.args;
+      if (!args.from || !args.to || args.value === void 0) continue;
+      if ((0, import_viem5.getAddress)(args.from) !== ZERO_ADDRESS) continue;
+      if (log.blockNumber === null || log.transactionHash === null) continue;
+      out.push({
+        to: (0, import_viem5.getAddress)(args.to),
+        amount: args.value,
+        blockNumber: log.blockNumber,
+        txHash: log.transactionHash,
+        logIndex: log.logIndex ?? 0
+      });
+    }
+    return out;
+  }
+  /**
+   * Finalize a single mint event: match it to a PENDING lock in the
+   * ledger, then call `deductBalance` (which also resolves the lock in
+   * the default `MemoryPointLedger`).
+   *
+   * No-matching-lock is a valid state: it means either the lock already
+   * expired, or the mint was authorized out-of-band (e.g. a direct
+   * `PointToken.mint()` from an EOA minter for testing). In that case we
+   * do NOT touch the ledger — crediting here would silently allow the
+   * issuer to mint without going through the gateway.
+   */
+  async finalize(evt) {
+    const locks = await this.ledger.getLockedRequests(evt.to);
+    const match = pickMatchingLock(locks, evt.amount);
+    if (!match) return;
+    try {
+      await this.ledger.deductBalance(evt.to, evt.amount, evt.txHash);
+    } catch {
+      return;
+    }
+    try {
+      await this.ledger.updateMintStatus(match.lockId, "MINTED", evt.txHash);
+    } catch {
+    }
+  }
+};
+function pickMatchingLock(locks, amount) {
+  let best;
+  for (const lock of locks) {
+    if (lock.status !== "PENDING") continue;
+    if (lock.amount !== amount) continue;
+    if (!best || lock.createdAt < best.createdAt) {
+      best = lock;
+    }
+  }
+  return best;
+}
+// src/api/handlers.ts
+var import_viem6 = require("viem");
+var import_core5 = require("@pafi-dev/core");
+var IssuerApiHandlers = class {
+  authService;
+  gateway;
+  ledger;
+  provider;
+  pointTokenAddress;
+  chainId;
+  contracts;
+  feeManager;
+  poolsProvider;
+  constructor(config) {
+    this.authService = config.authService;
+    this.gateway = config.gateway;
+    this.ledger = config.ledger;
+    this.provider = config.provider;
+    this.pointTokenAddress = config.pointTokenAddress;
+    this.chainId = config.chainId;
+    this.contracts = config.contracts;
+    if (config.feeManager) this.feeManager = config.feeManager;
+    if (config.poolsProvider) this.poolsProvider = config.poolsProvider;
+  }
+  // =========================================================================
+  // Public handlers (no auth required)
+  // =========================================================================
+  /** `GET /auth/nonce` */
+  async handleGetNonce() {
+    const nonce = await this.authService.getNonce();
+    return { nonce };
+  }
+  /** `POST /auth/login` */
+  async handleLogin(body) {
+    if (!body || typeof body.message !== "string" || body.message.length === 0 || typeof body.signature !== "string" || body.signature.length <= 2) {
+      throw new Error("handleLogin: message and signature are required");
+    }
+    const result = await this.authService.login(body.message, body.signature);
+    return {
+      token: result.token,
+      userAddress: result.userAddress,
+      expiresAt: result.expiresAt.getTime()
+    };
+  }
+  /**
+   * `GET /config?chainId=<id>`
+   *
+   * Returns the contract addresses and chain id that the frontend SDK
+   * needs to build EIP-712 messages and interact with on-chain.
+   */
+  async handleConfig(chainId) {
+    if (chainId !== this.chainId) {
+      throw new Error(
+        `handleConfig: unsupported chainId ${chainId}, issuer is configured for ${this.chainId}`
+      );
+    }
+    return { chainId: this.chainId, contracts: { ...this.contracts } };
+  }
+  /** `GET /gas-fee` — quoted in USDT (6-decimal base units). */
+  async handleGasFee() {
+    if (!this.feeManager) {
+      throw new Error(
+        "handleGasFee: feeManager is not configured on this issuer"
+      );
+    }
+    const gasFeeUsdt = await this.feeManager.estimateGasFee();
+    return { gasFeeUsdt };
+  }
+  // =========================================================================
+  // Protected handlers (JWT required — userAddress extracted by middleware)
+  // =========================================================================
+  /** `POST /auth/logout` */
+  async handleLogout(token) {
+    await this.authService.logout(token);
+  }
+  /**
+   * `GET /pools?chainId=<id>&pointToken=<addr>`
+   *
+   * Delegates to the injected `PoolsProvider`. The handler itself does
+   * not know where pools come from — that's an issuer decision.
+   */
+  async handlePools(_userAddress, request) {
+    if (!this.poolsProvider) {
+      throw new Error(
+        "handlePools: poolsProvider is not configured on this issuer"
+      );
+    }
+    if (request.chainId !== this.chainId) {
+      throw new Error(
+        `handlePools: unsupported chainId ${request.chainId}`
+      );
+    }
+    return this.poolsProvider(request);
+  }
+  /**
+   * `GET /user?chainId=<id>&user=<addr>&pointToken=<addr>`
+   *
+   * Returns per-user state the frontend needs to build a fresh
+   * `ReceiverConsent`: on-chain nonces + minter status + off-chain
+   * balance.
+   */
+  async handleUser(userAddress, request) {
+    if (request.chainId !== this.chainId) {
+      throw new Error(
+        `handleUser: unsupported chainId ${request.chainId}`
+      );
+    }
+    const normalizedAuthed = (0, import_viem6.getAddress)(userAddress);
+    const normalizedRequest = (0, import_viem6.getAddress)(request.userAddress);
+    if (normalizedAuthed !== normalizedRequest) {
+      throw new Error(
+        "handleUser: request userAddress must match authenticated user"
+      );
+    }
+    const pointToken = (0, import_viem6.getAddress)(request.pointTokenAddress);
+    if (pointToken !== this.pointTokenAddress) {
+      throw new Error(
+        `handleUser: unsupported pointToken ${pointToken}`
+      );
+    }
+    const [mintRequestNonce, receiverConsentNonce, balance, minter] = await Promise.all([
+      (0, import_core5.getMintRequestNonce)(this.provider, pointToken, normalizedAuthed),
+      (0, import_core5.getReceiverConsentNonce)(this.provider, pointToken, normalizedAuthed),
+      this.ledger.getBalance(normalizedAuthed),
+      (0, import_core5.isMinter)(this.provider, pointToken, normalizedAuthed)
+    ]);
+    return {
+      mintRequestNonce,
+      receiverConsentNonce,
+      balance,
+      isMinter: minter
+    };
+  }
+  /**
+   * `POST /build-consent-typed-data`
+   *
+   * Backend builds the full EIP-712 typed data payload for a
+   * ReceiverConsent message. The domain (name, version, chainId,
+   * verifyingContract) is read from the PointToken contract — mobile
+   * never needs to know or hardcode these values. Forward the
+   * response directly to `wallet.signTypedData()`.
+   *
+   * This ensures a single source of truth for domain + types, and
+   * makes contract upgrades (domain version bump) transparent to
+   * mobile apps — no app store review needed.
+   */
+  async handleBuildConsentTypedData(userAddress, request) {
+    if (request.chainId !== this.chainId) {
+      throw new Error(
+        `handleBuildConsentTypedData: unsupported chainId ${request.chainId}`
+      );
+    }
+    const pointToken = (0, import_viem6.getAddress)(request.pointTokenAddress);
+    if (pointToken !== this.pointTokenAddress) {
+      throw new Error(
+        `handleBuildConsentTypedData: unsupported pointToken ${pointToken}`
+      );
+    }
+    const name = await (0, import_core5.getTokenName)(this.provider, pointToken);
+    const domain = {
+      name,
+      verifyingContract: pointToken,
+      chainId: this.chainId
+    };
+    const typedData = (0, import_core5.buildReceiverConsentTypedData)(domain, request.receiverConsent);
+    return {
+      typedData: {
+        domain: typedData.domain,
+        types: typedData.types,
+        primaryType: typedData.primaryType,
+        message: typedData.message
+      }
+    };
+  }
+  /**
+   * `POST /claim-and-swap`
+   *
+   * The terminal handler: forwards the verified consent to the
+   * MintingGateway, which runs the 11-step flow.
+   */
+  async handleClaimAndSwap(userAddress, request) {
+    if (request.chainId !== this.chainId) {
+      throw new Error(
+        `handleClaimAndSwap: unsupported chainId ${request.chainId}`
+      );
+    }
+    const pointToken = (0, import_viem6.getAddress)(request.pointTokenAddress);
+    if (pointToken !== this.pointTokenAddress) {
+      throw new Error(
+        `handleClaimAndSwap: unsupported pointToken ${pointToken}`
+      );
+    }
+    const result = await this.gateway.processMintAndCashOut({
+      userAddress: (0, import_viem6.getAddress)(userAddress),
+      pointTokenAddress: pointToken,
+      chainId: request.chainId,
+      domain: request.domain,
+      receiverConsent: request.receiverConsent,
+      receiverSignature: request.receiverSignature,
+      swapPath: request.swapPath,
+      swapDeadline: request.swapDeadline
+    });
+    const response = {
+      txHash: result.txHash,
+      lockId: result.lockId
+    };
+    if (result.blockNumber !== void 0)
+      response.blockNumber = result.blockNumber;
+    if (result.gasUsed !== void 0) response.gasUsed = result.gasUsed;
+    return response;
+  }
+};
+// src/pools/subgraphPoolsProvider.ts
+var DEFAULT_CACHE_TTL_MS = 3e4;
+var POOL_QUERY = `
+  query GetPoolForPointToken($id: ID!) {
+    pafiToken(id: $id) {
+      id
+      pool {
+        id
+        feeTier
+        tickSpacing
+        hooks
+        token0 { id }
+        token1 { id }
+      }
+    }
+  }
+`;
+function createSubgraphPoolsProvider(config) {
+  if (!config.subgraphUrl) {
+    throw new Error(
+      "createSubgraphPoolsProvider: subgraphUrl is required"
+    );
+  }
+  const cacheTtl = config.cacheTtlMs ?? DEFAULT_CACHE_TTL_MS;
+  const fetchImpl = config.fetchImpl ?? globalThis.fetch;
+  const now = config.now ?? (() => Date.now());
+  const cache = /* @__PURE__ */ new Map();
+  if (!fetchImpl) {
+    throw new Error(
+      "createSubgraphPoolsProvider: no fetch implementation available \u2014 pass `fetchImpl` or run on Node 18+"
+    );
+  }
+  return async (request) => {
+    const cacheKey = `${request.chainId}:${request.pointTokenAddress.toLowerCase()}`;
+    if (cacheTtl > 0) {
+      const cached = cache.get(cacheKey);
+      if (cached && cached.expiresAt > now()) {
+        return { pools: cached.pools };
+      }
+    }
+    const pools = await fetchPoolsFromSubgraph(
+      fetchImpl,
+      config.subgraphUrl,
+      request.pointTokenAddress
+    );
+    if (cacheTtl > 0) {
+      cache.set(cacheKey, {
+        expiresAt: now() + cacheTtl,
+        pools
+      });
+    }
+    return { pools };
+  };
+}
+async function fetchPoolsFromSubgraph(fetchImpl, subgraphUrl, pointTokenAddress) {
+  let response;
+  try {
+    response = await fetchImpl(subgraphUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        query: POOL_QUERY,
+        variables: { id: pointTokenAddress.toLowerCase() }
+      })
+    });
+  } catch (err) {
+    console.warn(
+      "[subgraphPoolsProvider] subgraph unreachable:",
+      err.message
+    );
+    return [];
+  }
+  if (!response.ok) {
+    console.warn(
+      `[subgraphPoolsProvider] subgraph returned ${response.status}`
+    );
+    return [];
+  }
+  const json = await response.json();
+  if (json.errors && json.errors.length > 0) {
+    console.warn(
+      "[subgraphPoolsProvider] subgraph errors:",
+      json.errors.map((e) => e.message).join("; ")
+    );
+    return [];
+  }
+  const token = json.data?.pafiToken;
+  if (!token || !token.pool) {
+    return [];
+  }
+  const { pool } = token;
+  const [currency0, currency1] = sortCurrencies(
+    pool.token0.id,
+    pool.token1.id
+  );
+  const poolKey = {
+    currency0,
+    currency1,
+    fee: Number(pool.feeTier),
+    tickSpacing: Number(pool.tickSpacing),
+    hooks: pool.hooks
+  };
+  return [poolKey];
+}
+function sortCurrencies(a, b) {
+  return a.toLowerCase() < b.toLowerCase() ? [a, b] : [b, a];
+}
+// src/pools/subgraphNativeUsdtQuoter.ts
+var DEFAULT_CACHE_TTL_MS2 = 3e4;
+var DEFAULT_FALLBACK_PRICE = 3e3;
+var DEFAULT_USDT_DECIMALS = 6;
+var DEFAULT_NATIVE_DECIMALS = 18;
+var PRICE_QUERY = `
+  query GetEthPrice {
+    bundle(id: "1") {
+      ethPriceUSD
+    }
+  }
+`;
+function createSubgraphNativeUsdtQuoter(config) {
+  if (!config.subgraphUrl) {
+    throw new Error(
+      "createSubgraphNativeUsdtQuoter: subgraphUrl is required"
+    );
+  }
+  const usdtDecimals = config.usdtDecimals ?? DEFAULT_USDT_DECIMALS;
+  const nativeDecimals = config.nativeDecimals ?? DEFAULT_NATIVE_DECIMALS;
+  const cacheTtl = config.cacheTtlMs ?? DEFAULT_CACHE_TTL_MS2;
+  const fallbackPrice = config.fallbackEthPriceUsd ?? DEFAULT_FALLBACK_PRICE;
+  const fetchImpl = config.fetchImpl ?? globalThis.fetch;
+  const now = config.now ?? (() => Date.now());
+  if (!fetchImpl) {
+    throw new Error(
+      "createSubgraphNativeUsdtQuoter: no fetch implementation available \u2014 pass `fetchImpl` or run on Node 18+"
+    );
+  }
+  let cached;
+  async function getUsdtPerNative() {
+    if (cacheTtl > 0 && cached && cached.expiresAt > now()) {
+      return cached.usdtPerNative;
+    }
+    const price = await fetchEthPriceFromSubgraph(
+      fetchImpl,
+      config.subgraphUrl
+    );
+    const usdtPerNative = toUsdtPerNative(
+      price ?? fallbackPrice,
+      usdtDecimals
+    );
+    if (cacheTtl > 0) {
+      cached = {
+        usdtPerNative,
+        expiresAt: now() + cacheTtl
+      };
+    }
+    return usdtPerNative;
+  }
+  return async (amountNative) => {
+    if (amountNative === 0n) return 0n;
+    const usdtPerNative = await getUsdtPerNative();
+    return amountNative * usdtPerNative / 10n ** BigInt(nativeDecimals);
+  };
+}
+async function fetchEthPriceFromSubgraph(fetchImpl, subgraphUrl) {
+  let response;
+  try {
+    response = await fetchImpl(subgraphUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ query: PRICE_QUERY })
+    });
+  } catch (err) {
+    console.warn(
+      "[subgraphNativeUsdtQuoter] subgraph unreachable:",
+      err.message
+    );
+    return null;
+  }
+  if (!response.ok) {
+    console.warn(
+      `[subgraphNativeUsdtQuoter] subgraph returned ${response.status}`
+    );
+    return null;
+  }
+  const json = await response.json();
+  if (json.errors && json.errors.length > 0) {
+    console.warn(
+      "[subgraphNativeUsdtQuoter] subgraph errors:",
+      json.errors.map((e) => e.message).join("; ")
+    );
+    return null;
+  }
+  const raw = json.data?.bundle?.ethPriceUSD;
+  if (!raw) return null;
+  const parsed = Number(raw);
+  if (!Number.isFinite(parsed) || parsed <= 0) {
+    console.warn(
+      `[subgraphNativeUsdtQuoter] invalid ethPriceUSD from subgraph: ${raw}`
+    );
+    return null;
+  }
+  return parsed;
+}
+function toUsdtPerNative(priceFloat, usdtDecimals) {
+  const fixed = priceFloat.toFixed(usdtDecimals);
+  const [whole, fraction = ""] = fixed.split(".");
+  const padded = (fraction + "0".repeat(usdtDecimals)).slice(0, usdtDecimals);
+  return BigInt(whole + padded);
+}
+// src/config.ts
+function createIssuerService(config) {
+  if (!config.provider) {
+    throw new Error("createIssuerService: provider is required");
+  }
+  if (!config.operatorWallet) {
+    throw new Error("createIssuerService: operatorWallet is required");
+  }
+  if (!config.signer) {
+    throw new Error("createIssuerService: signer is required");
+  }
+  if (!config.pointTokenAddress) {
+    throw new Error("createIssuerService: pointTokenAddress is required");
+  }
+  if (!config.relayAddress) {
+    throw new Error("createIssuerService: relayAddress is required");
+  }
+  if (!config.auth?.jwtSecret) {
+    throw new Error("createIssuerService: auth.jwtSecret is required");
+  }
+  if (!config.auth?.domain) {
+    throw new Error("createIssuerService: auth.domain is required");
+  }
+  const ledger = config.ledger ?? new MemoryPointLedger();
+  const sessionStore = config.sessionStore ?? new MemorySessionStore();
+  const policy = config.policy ?? new DefaultPolicyEngine({ ledger });
+  const authServiceConfig = {
+    sessionStore,
+    jwtSecret: config.auth.jwtSecret,
+    domain: config.auth.domain,
+    chainId: config.chainId
+  };
+  if (config.auth.jwtExpiresIn) {
+    authServiceConfig.jwtExpiresIn = config.auth.jwtExpiresIn;
+  }
+  const authService = new AuthService(authServiceConfig);
+  const relayServiceConfig = {
+    relayAddress: config.relayAddress,
+    operatorWallet: config.operatorWallet,
+    provider: config.provider
+  };
+  if (config.relay?.simulateBeforeSubmit !== void 0) {
+    relayServiceConfig.simulateBeforeSubmit = config.relay.simulateBeforeSubmit;
+  }
+  if (config.relay?.confirmationTimeoutMs !== void 0) {
+    relayServiceConfig.confirmationTimeoutMs = config.relay.confirmationTimeoutMs;
+  }
+  const relayService = new RelayService(relayServiceConfig);
+  let feeManager;
+  if (config.fee) {
+    feeManager = new FeeManager({
+      ...config.fee,
+      provider: config.provider,
+      operatorWallet: config.operatorWallet
+    });
+  }
+  const gatewayConfig = {
+    ledger,
+    policy,
+    signer: config.signer,
+    relayService
+  };
+  if (config.gateway?.defaultLockBufferMs !== void 0) {
+    gatewayConfig.defaultLockBufferMs = config.gateway.defaultLockBufferMs;
+  }
+  const gateway = new MintingGateway(gatewayConfig);
+  const indexerConfig = {
+    provider: config.provider,
+    pointTokenAddress: config.pointTokenAddress,
+    ledger
+  };
+  if (config.indexer?.fromBlock !== void 0) {
+    indexerConfig.fromBlock = config.indexer.fromBlock;
+  }
+  if (config.indexer?.cursorStore) {
+    indexerConfig.cursorStore = config.indexer.cursorStore;
+  }
+  if (config.indexer?.confirmations !== void 0) {
+    indexerConfig.confirmations = config.indexer.confirmations;
+  }
+  if (config.indexer?.batchSize !== void 0) {
+    indexerConfig.batchSize = config.indexer.batchSize;
+  }
+  if (config.indexer?.pollIntervalMs !== void 0) {
+    indexerConfig.pollIntervalMs = config.indexer.pollIntervalMs;
+  }
+  const indexer = new PointIndexer(indexerConfig);
+  const handlersConfig = {
+    authService,
+    gateway,
+    ledger,
+    provider: config.provider,
+    pointTokenAddress: config.pointTokenAddress,
+    chainId: config.chainId,
+    contracts: config.contracts
+  };
+  if (feeManager) handlersConfig.feeManager = feeManager;
+  if (config.poolsProvider) handlersConfig.poolsProvider = config.poolsProvider;
+  const handlers = new IssuerApiHandlers(handlersConfig);
+  if (config.indexer?.autoStart) {
+    indexer.start();
+  }
+  return {
+    authService,
+    sessionStore,
+    ledger,
+    policy,
+    signer: config.signer,
+    relayService,
+    feeManager,
+    gateway,
+    indexer,
+    handlers
+  };
+}
+// src/index.ts
+var PAFI_ISSUER_SDK_VERSION = "0.1.0";
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AuthError,
+  AuthService,
+  DefaultPolicyEngine,
+  FeeManager,
+  InMemoryCursorStore,
+  IssuerApiHandlers,
+  MemoryPointLedger,
+  MemorySessionStore,
+  MintingGateway,
+  MintingGatewayError,
+  NonceManager,
+  PAFI_ISSUER_SDK_VERSION,
+  PointIndexer,
+  PrivateKeySigner,
+  RelayError,
+  RelayService,
+  authenticateRequest,
+  createIssuerService,
+  createSubgraphNativeUsdtQuoter,
+  createSubgraphPoolsProvider,
+  encodeExtData
+});
+//# sourceMappingURL=index.cjs.map