@pafi-dev/issuer 0.29.0 → 0.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -2332,6 +2332,7 @@ var PTRedeemHandler = class {
2332
2332
  chainId;
2333
2333
  domainResolver;
2334
2334
  burnerSignerWallet;
2335
+ supportedTokens;
2335
2336
  redeemLockDurationMs;
2336
2337
  signatureDeadlineSeconds;
2337
2338
  now;
@@ -2371,6 +2372,13 @@ var PTRedeemHandler = class {
2371
2372
  this.chainId = config.chainId;
2372
2373
  this.domainResolver = config.domainResolver;
2373
2374
  this.burnerSignerWallet = config.burnerSignerWallet;
2375
+ if (!config.supportedTokens) {
2376
+ throw new PTRedeemError(
2377
+ "UNSUPPORTED_POINT_TOKEN",
2378
+ "PTRedeemHandler requires `supportedTokens` (issuer's allow-listed PointToken contracts). See audit PACI5-18."
2379
+ );
2380
+ }
2381
+ this.supportedTokens = config.supportedTokens;
2374
2382
  if (this.burnerSignerWallet?.account?.type === "local") {
2375
2383
  console.warn("[PAFI] PTRedeemHandler: burnerSignerWallet uses a local (private key) account. Use a KMS-backed signer in production.");
2376
2384
  }
@@ -2399,6 +2407,12 @@ var PTRedeemHandler = class {
2399
2407
  throw new PTRedeemError("INVALID_AMOUNT", "redeem amount must be positive");
2400
2408
  }
2401
2409
  const pointTokenAddress = (0, import_viem8.getAddress)(request.pointTokenAddress);
2410
+ if (!this.supportedTokens.has(pointTokenAddress)) {
2411
+ throw new PTRedeemError(
2412
+ "UNSUPPORTED_POINT_TOKEN",
2413
+ `redeem: pointTokenAddress ${pointTokenAddress} is not in the issuer's supported-token allowlist. Check IssuerApiHandlers.supportedTokens and PTRedeemHandler.config.supportedTokens point at the same set.`
2414
+ );
2415
+ }
2402
2416
  if (this.redemptionService) {
2403
2417
  const decision = await this.redemptionService.evaluate(
2404
2418
  request.userAddress,
@@ -3156,6 +3170,12 @@ var PTClaimHandler = class {
3156
3170
  cfg;
3157
3171
  inFlightNonces = /* @__PURE__ */ new Map();
3158
3172
  constructor(config) {
3173
+ if (!config.supportedTokens) {
3174
+ throw new PTClaimError(
3175
+ "UNSUPPORTED_POINT_TOKEN",
3176
+ "PTClaimHandler requires `supportedTokens` (issuer's allow-listed PointToken contracts). See audit PACI5-18."
3177
+ );
3178
+ }
3159
3179
  const lockDurationMs = config.lockDurationMs ?? DEFAULT_LOCK_MS;
3160
3180
  const signatureDeadlineSeconds = config.signatureDeadlineSeconds ?? DEFAULT_SIG_DEADLINE_SEC2;
3161
3181
  const maxAllowedSignatureMs = lockDurationMs - M11_SAFETY_MARGIN_MS2;
@@ -3187,6 +3207,14 @@ var PTClaimHandler = class {
3187
3207
  if (request.amount <= 0n) {
3188
3208
  throw new PTClaimError("INVALID_AMOUNT", "claim amount must be positive");
3189
3209
  }
3210
+ const pointTokenAddress = (0, import_viem10.getAddress)(request.pointTokenAddress);
3211
+ if (!this.cfg.supportedTokens.has(pointTokenAddress)) {
3212
+ throw new PTClaimError(
3213
+ "UNSUPPORTED_POINT_TOKEN",
3214
+ `claim: pointTokenAddress ${pointTokenAddress} is not in the issuer's supported-token allowlist. Check IssuerApiHandlers.supportedTokens and PTClaimHandler.config.supportedTokens point at the same set.`,
3215
+ { requested: pointTokenAddress }
3216
+ );
3217
+ }
3190
3218
  if (this.cfg.issuerStateValidator) {
3191
3219
  try {
3192
3220
  await this.cfg.issuerStateValidator.preValidateMint(
@@ -5243,7 +5271,7 @@ var MemoryRedemptionHistoryStore = class {
5243
5271
  };
5244
5272
 
5245
5273
  // src/index.ts
5246
- var PAFI_ISSUER_SDK_VERSION = true ? "0.28.1" : "dev";
5274
+ var PAFI_ISSUER_SDK_VERSION = true ? "0.30.0" : "dev";
5247
5275
  // Annotate the CommonJS export names for ESM import in node:
5248
5276
  0 && (module.exports = {
5249
5277
  AdapterMisconfiguredError,