npm - @pafi-dev/issuer - Versions diffs - 0.3.0-beta.3 → 0.3.0-beta.5 - Mend

@pafi-dev/issuer 0.3.0-beta.3 → 0.3.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -30,8 +30,6 @@ __export(index_exports, {
   IssuerApiHandlers: () => IssuerApiHandlers,
   MemoryPointLedger: () => MemoryPointLedger,
   MemorySessionStore: () => MemorySessionStore,
-  MintingGateway: () => MintingGateway,
-  MintingGatewayError: () => MintingGatewayError,
   NonceManager: () => NonceManager,
   PAFI_ISSUER_SDK_VERSION: () => PAFI_ISSUER_SDK_VERSION,
   PTRedeemError: () => PTRedeemError,
@@ -47,8 +45,7 @@ __export(index_exports, {
   authenticateRequest: () => authenticateRequest,
   createIssuerService: () => createIssuerService,
   createSubgraphNativeUsdtQuoter: () => createSubgraphNativeUsdtQuoter,
-  createSubgraphPoolsProvider: () => createSubgraphPoolsProvider,
-  encodeExtData: () => import_core4.encodeExtData
+  createSubgraphPoolsProvider: () => createSubgraphPoolsProvider
 });
 module.exports = __toCommonJS(index_exports);
@@ -636,170 +633,12 @@ var RelayError = class extends Error {
 // src/relay/relayService.ts
 var import_viem5 = require("viem");
 var import_core3 = require("@pafi-dev/core");
-var DEFAULT_CONFIRMATION_TIMEOUT_MS = 6e4;
 var RelayService = class {
-  relayAddress;
-  operatorWallet;
-  provider;
-  confirmationTimeoutMs;
-  simulateBeforeSubmit;
-  constructor(config) {
-    if (!config.relayAddress) {
-      throw new Error("RelayService: relayAddress is required");
-    }
-    if (!config.operatorWallet) {
-      throw new Error("RelayService: operatorWallet is required");
-    }
-    this.relayAddress = config.relayAddress;
-    this.operatorWallet = config.operatorWallet;
-    if (config.provider) this.provider = config.provider;
-    this.confirmationTimeoutMs = config.confirmationTimeoutMs ?? DEFAULT_CONFIRMATION_TIMEOUT_MS;
-    this.simulateBeforeSubmit = config.simulateBeforeSubmit ?? config.provider !== void 0;
-  }
-  /** Address the operator wallet is broadcasting from (for logging). */
-  operatorAddress() {
-    return this.operatorWallet.account?.address;
-  }
-  /**
-   * Build calldata for the Relay `mintAndSwap` function. Kept public so
-   * callers (e.g. the MintingGateway) can log or persist the encoded call
-   * for audit before broadcasting.
-   */
-  encodeCall(params) {
-    try {
-      return (0, import_core3.encodeMintAndSwap)(params.mint, params.swap);
-    } catch (err) {
-      throw new RelayError(
-        "ENCODE_FAILED",
-        `Failed to encode mintAndSwap calldata: ${errorMessage(err)}`,
-        err
-      );
-    }
-  }
-  /**
-   * Submit a `mintAndSwap` transaction. Flow:
-   *
-   *   1. (optional) pre-flight simulate via provider
-   *   2. writeContract through the operator wallet
-   *   3. (optional) wait for the receipt and surface gasUsed / status
-   *
-   * Throws a typed `RelayError` on any failure so the MintingGateway can
-   * decide whether to release the ledger lock (`SUBMIT_FAILED` and
-   * `SIMULATION_FAILED` are safe to release; `TX_REVERTED` and `TIMEOUT`
-   * need manual review because the tx may still land).
-   *
-   * @deprecated Since 0.3.0 — will be replaced by `prepareMint()` +
-   * `prepareBurn()` in the v1.4 sponsored-UserOp flow. The SC team
-   * still needs to finalize Relayer v2 ABI before the replacements
-   * can ship (blocker B1). Kept for v0.2.x consumers. Removed in 2.0.
-   */
-  async submitMintAndSwap(params) {
-    if (this.simulateBeforeSubmit && this.provider) {
-      const operatorAddr = this.operatorWallet.account?.address;
-      if (operatorAddr) {
-        try {
-          await (0, import_core3.simulateMintAndSwap)(
-            this.provider,
-            this.relayAddress,
-            params.mint,
-            params.swap,
-            operatorAddr
-          );
-        } catch (err) {
-          const reason = err instanceof import_core3.SimulationError ? err.reason : errorMessage(err);
-          throw new RelayError(
-            "SIMULATION_FAILED",
-            `mintAndSwap would revert: ${reason}`,
-            err
-          );
-        }
-      }
-    }
-    let txHash;
-    try {
-      txHash = await this.operatorWallet.writeContract({
-        address: this.relayAddress,
-        abi: import_core3.relayAbi,
-        functionName: "mintAndSwap",
-        args: [params.mint, params.swap],
-        ...this.operatorWallet.account ? { account: this.operatorWallet.account } : {}
-      });
-    } catch (err) {
-      throw new RelayError(
-        "SUBMIT_FAILED",
-        `Failed to broadcast mintAndSwap: ${errorMessage(err)}`,
-        err
-      );
-    }
-    if (!this.provider) {
-      return { txHash };
-    }
-    try {
-      const receipt = await this.provider.waitForTransactionReceipt({
-        hash: txHash,
-        timeout: this.confirmationTimeoutMs
-      });
-      if (receipt.status !== "success") {
-        throw new RelayError(
-          "TX_REVERTED",
-          `mintAndSwap reverted on-chain (tx=${txHash})`
-        );
-      }
-      return {
-        txHash,
-        blockNumber: receipt.blockNumber,
-        gasUsed: receipt.gasUsed,
-        status: receipt.status
-      };
-    } catch (err) {
-      if (err instanceof RelayError) throw err;
-      throw new RelayError(
-        "TIMEOUT",
-        `Timed out waiting for mintAndSwap receipt (tx=${txHash}): ${errorMessage(err)}`,
-        err
-      );
-    }
-  }
-  // ==========================================================================
-  // v1.4 — Sponsored UserOp preparation (beta with mocked SC contracts)
-  // ==========================================================================
-  //
-  // These two methods build unsigned `PartialUserOperation` payloads for
-  // the Frontend to sign (via Privy) and submit to the Bundler. The
-  // Issuer Backend no longer broadcasts — that's the Frontend's job.
-  //
-  // Uses mocked Relayer v2 + PointToken ABIs from `@pafi-dev/core/contracts`.
-  // When SC delivers real ABIs, the imports swap but these method bodies
-  // stay the same (calldata encoder is ABI-driven).
-  // ==========================================================================
   /**
-   * Build an unsigned UserOp for Scenario 1 (Mint).
-   *
-   * Flow:
-   *   1. Encode `Relayer.mint(request, userSig, issuerSig)` as the inner call
-   *   2. Optionally append a PT fee transfer from user → feeRecipient
-   *      (fee recovery happens on-chain via BatchExecutor, not via an
-   *      operator wallet)
-   *   3. Wrap all inner calls into `BatchExecutor.execute(calls[])`
-   *   4. Return a `PartialUserOperation` ready for:
-   *        - gas estimation (Bundler)
-   *        - paymaster sponsorship (PAFI Backend)
-   *        - user signature (Privy)
+   * Build an unsigned UserOp for Scenario 1 (Mint) — sig-gated
+   * `PointToken.mint(to, amount, deadline, minterSig)`.
    */
-  /**
-   * Build an unsigned UserOp for Scenario 1 (Mint) — direct
-   * `PointToken.mint(amount)` flow (v1.4 post-Relayer-removal).
-   *
-   * `msg.sender` inside the batch = user EOA via EIP-7702 delegation.
-   * `PointToken.mint` checks the caller is on its `minters` allowlist
-   * (gg56 BE pre-validates this off-chain to avoid wasted gas).
-   *
-   * Optional PT fee transfer is appended after the mint when
-   * `feeAmount > 0` — this is application-level fee recovery (no
-   * Relayer doing it for us). The user must end up with `amount - fee`
-   * net PT after the batch executes.
-   */
-  prepareMint(params) {
+  async prepareMint(params) {
     if (!params.batchExecutorAddress) {
       throw new RelayError(
         "ENCODE_FAILED",
@@ -818,12 +657,41 @@ var RelayService = class {
     if (params.amount <= 0n) {
       throw new RelayError("ENCODE_FAILED", "prepareMint: amount must be positive");
     }
+    if (!params.issuerSignerWallet) {
+      throw new RelayError(
+        "ENCODE_FAILED",
+        "prepareMint: issuerSignerWallet required (for MintRequest EIP-712 signature)"
+      );
+    }
+    if (params.deadline <= 0n) {
+      throw new RelayError("ENCODE_FAILED", "prepareMint: deadline must be positive");
+    }
+    let minterSig;
+    try {
+      const sig = await (0, import_core3.signMintRequest)(
+        params.issuerSignerWallet,
+        params.domain,
+        {
+          to: params.userAddress,
+          amount: params.amount,
+          nonce: params.mintRequestNonce,
+          deadline: params.deadline
+        }
+      );
+      minterSig = sig.serialized;
+    } catch (err) {
+      throw new RelayError(
+        "ENCODE_FAILED",
+        `prepareMint: failed to sign MintRequest: ${errorMessage(err)}`,
+        err
+      );
+    }
     let mintCallData;
     try {
       mintCallData = (0, import_viem5.encodeFunctionData)({
         abi: import_core3.POINT_TOKEN_V2_ABI,
         functionName: "mint",
-        args: [params.amount]
+        args: [params.userAddress, params.amount, params.deadline, minterSig]
       });
     } catch (err) {
       throw new RelayError(
@@ -871,13 +739,12 @@ var RelayService = class {
    * Build an unsigned UserOp for Scenario 2 (Burn/Redeem).
    *
    * Two modes:
-   *   - `mode: 'burn'` — direct `PointToken.burn(amount)`; `msg.sender`
-   *     via EIP-7702 delegation is the user, so no signature needed
-   *     on-chain (the BurnConsent was already verified off-chain by
-   *     the issuer backend before we got here)
-   *   - `mode: 'burnWithSig'` — `PointToken.burnWithSig(consent, sig)`;
-   *     used when the issuer hasn't verified the consent and the
-   *     contract has to do it on-chain
+   *   - `mode: 'burn'` — direct `PointToken.burn(from, amount)`; only
+   *     usable if the caller (via EIP-7702) is whitelisted as a burner.
+   *     Rare in v1.4; kept for admin/operator tools.
+   *   - `mode: 'burnWithSig'` — `PointToken.burn(from, amount, deadline,
+   *     burnerSig)`. Caller provides a pre-signed `BurnRequest` + sig
+   *     bytes (typically from `PTRedeemHandler`).
    */
   prepareBurn(params) {
     if (!params.pointTokenAddress) {
@@ -892,19 +759,24 @@ var RelayService = class {
     let burnCallData;
     try {
       if (params.mode === "burnWithSig") {
-        if (!params.burnConsent || !params.consentSignature) {
-          throw new Error("burnWithSig requires burnConsent + consentSignature");
+        if (!params.burnRequest || !params.burnerSignature) {
+          throw new Error("burnWithSig requires burnRequest + burnerSignature");
         }
         burnCallData = (0, import_viem5.encodeFunctionData)({
           abi: import_core3.POINT_TOKEN_V2_ABI,
-          functionName: "burnWithSig",
-          args: [params.burnConsent, params.consentSignature]
+          functionName: "burn",
+          args: [
+            params.burnRequest.from,
+            params.burnRequest.amount,
+            params.burnRequest.deadline,
+            params.burnerSignature
+          ]
         });
       } else {
         burnCallData = (0, import_viem5.encodeFunctionData)({
           abi: import_core3.POINT_TOKEN_V2_ABI,
           functionName: "burn",
-          args: [params.amount]
+          args: [params.userAddress, params.amount]
         });
       }
     } catch (err) {
@@ -974,252 +846,6 @@ var FeeManager = class {
   }
 };
-// src/gateway/types.ts
-var MintingGatewayError = class extends Error {
-  code;
-  /**
-   * True if the ledger lock was released before this error was thrown,
-   * meaning the user can safely retry. False means the funds are still
-   * locked (e.g. tx may still land on-chain) and retry would double-spend.
-   */
-  safeToRetry;
-  cause;
-  constructor(code, message, opts) {
-    super(message);
-    this.name = "MintingGatewayError";
-    this.code = code;
-    this.safeToRetry = opts.safeToRetry;
-    if (opts.cause !== void 0) this.cause = opts.cause;
-  }
-};
-// src/gateway/mintingGateway.ts
-var import_core4 = require("@pafi-dev/core");
-var DEFAULT_LOCK_BUFFER_MS = 6e4;
-var MintingGateway = class {
-  ledger;
-  policy;
-  signer;
-  relayService;
-  now;
-  defaultLockBufferMs;
-  constructor(config) {
-    if (!config.ledger) throw new Error("MintingGateway: ledger required");
-    if (!config.policy) throw new Error("MintingGateway: policy required");
-    if (!config.signer) throw new Error("MintingGateway: signer required");
-    if (!config.relayService)
-      throw new Error("MintingGateway: relayService required");
-    this.ledger = config.ledger;
-    this.policy = config.policy;
-    this.signer = config.signer;
-    this.relayService = config.relayService;
-    this.now = config.now ?? (() => Date.now());
-    this.defaultLockBufferMs = config.defaultLockBufferMs ?? DEFAULT_LOCK_BUFFER_MS;
-  }
-  /**
-   * @deprecated Since 0.3.0 — will be renamed to `processMint()` once
-   * the SC team finalizes Relayer v2 ABI. The new flow drops the
-   * swap steps entirely (no more single-call mint+swap); users swap
-   * separately on PAFI Web. Kept here for v0.2.x consumers. Removed in 2.0.
-   */
-  async processMintAndCashOut(request) {
-    const { receiverConsent, receiverSignature } = request;
-    if (!receiverConsent || !receiverSignature) {
-      throw new MintingGatewayError(
-        "INVALID_REQUEST",
-        "receiverConsent and receiverSignature are required",
-        { safeToRetry: true }
-      );
-    }
-    if (receiverConsent.amount <= 0n) {
-      throw new MintingGatewayError(
-        "INVALID_REQUEST",
-        "consent amount must be positive",
-        { safeToRetry: true }
-      );
-    }
-    if (receiverConsent.originalReceiver !== request.userAddress) {
-      throw new MintingGatewayError(
-        "INVALID_REQUEST",
-        "consent.originalReceiver must equal request.userAddress",
-        { safeToRetry: true }
-      );
-    }
-    const nowSec = BigInt(Math.floor(this.now() / 1e3));
-    if (receiverConsent.deadline <= nowSec) {
-      throw new MintingGatewayError(
-        "CONSENT_EXPIRED",
-        "ReceiverConsent deadline has already passed",
-        { safeToRetry: true }
-      );
-    }
-    const consentResult = await (0, import_core4.verifyReceiverConsent)(
-      request.domain,
-      receiverConsent,
-      receiverSignature,
-      request.userAddress
-    );
-    if (!consentResult.isValid) {
-      throw new MintingGatewayError(
-        "INVALID_CONSENT_SIGNATURE",
-        `ReceiverConsent signature did not recover to ${request.userAddress}`,
-        { safeToRetry: true }
-      );
-    }
-    const policyDecision = await this.policy.evaluate({
-      userAddress: request.userAddress,
-      amount: receiverConsent.amount,
-      pointTokenAddress: request.pointTokenAddress,
-      chainId: request.chainId
-    });
-    if (!policyDecision.approved) {
-      const code = policyDecision.reason?.toLowerCase().includes("insufficient") ? "INSUFFICIENT_BALANCE" : "POLICY_REJECTED";
-      throw new MintingGatewayError(
-        code,
-        policyDecision.reason ?? "Minting request rejected by policy engine",
-        { safeToRetry: true }
-      );
-    }
-    const lockDurationMs = request.lockDurationMs ?? this.computeLockDurationMs(receiverConsent.deadline);
-    let lockId;
-    try {
-      lockId = await this.ledger.lockForMinting(
-        request.userAddress,
-        receiverConsent.amount,
-        lockDurationMs,
-        request.pointTokenAddress
-      );
-    } catch (err) {
-      throw new MintingGatewayError(
-        "INSUFFICIENT_BALANCE",
-        `Failed to lock ledger balance: ${errorMessage2(err)}`,
-        { safeToRetry: true, cause: err }
-      );
-    }
-    try {
-      let minterSignature;
-      try {
-        minterSignature = await this.signer.signMintRequest(request.domain, {
-          to: request.userAddress,
-          amount: receiverConsent.amount,
-          nonce: receiverConsent.nonce,
-          deadline: receiverConsent.deadline
-        });
-      } catch (err) {
-        await this.releaseLockSafely(lockId);
-        throw new MintingGatewayError(
-          "SIGNER_FAILED",
-          `Issuer signer failed: ${errorMessage2(err)}`,
-          { safeToRetry: true, cause: err }
-        );
-      }
-      const mintParams = {
-        pointToken: request.pointTokenAddress,
-        receiver: request.userAddress,
-        amount: receiverConsent.amount,
-        deadline: receiverConsent.deadline,
-        minterSig: minterSignature.serialized,
-        receiverSig: receiverSignature,
-        extData: receiverConsent.extData
-      };
-      const swapParams = {
-        path: request.swapPath,
-        deadline: request.swapDeadline
-      };
-      let relayResult;
-      try {
-        relayResult = await this.relayService.submitMintAndSwap({
-          mint: mintParams,
-          swap: swapParams
-        });
-      } catch (err) {
-        await this.handleRelayFailure(err, lockId);
-      }
-      const result = {
-        txHash: relayResult.txHash,
-        lockId
-      };
-      if (relayResult.blockNumber !== void 0) {
-        result.blockNumber = relayResult.blockNumber;
-      }
-      if (relayResult.gasUsed !== void 0) {
-        result.gasUsed = relayResult.gasUsed;
-      }
-      return result;
-    } catch (err) {
-      if (err instanceof MintingGatewayError) throw err;
-      await this.releaseLockSafely(lockId);
-      throw new MintingGatewayError(
-        "RELAY_SUBMIT_FAILED",
-        `Unexpected error: ${errorMessage2(err)}`,
-        { safeToRetry: true, cause: err }
-      );
-    }
-  }
-  // ---------------------------------------------------------------------------
-  // Internals
-  // ---------------------------------------------------------------------------
-  computeLockDurationMs(consentDeadlineSec) {
-    const nowMs = this.now();
-    const deadlineMs = Number(consentDeadlineSec) * 1e3;
-    const remaining = Math.max(0, deadlineMs - nowMs);
-    return remaining + this.defaultLockBufferMs;
-  }
-  /**
-   * Map a RelayError to a MintingGatewayError, releasing the lock only
-   * when the tx definitely did not land. `TX_REVERTED` and `TIMEOUT`
-   * leave the lock in place because the tx may still be in the mempool
-   * or already mined — releasing would enable a double-spend on retry.
-   * Always throws.
-   */
-  async handleRelayFailure(err, lockId) {
-    if (err instanceof RelayError) {
-      switch (err.code) {
-        case "ENCODE_FAILED":
-        case "SIMULATION_FAILED":
-        case "SUBMIT_FAILED":
-        case "NOT_CONFIGURED":
-          await this.releaseLockSafely(lockId);
-          throw new MintingGatewayError(
-            err.code === "SIMULATION_FAILED" ? "RELAY_SIMULATION_FAILED" : "RELAY_SUBMIT_FAILED",
-            err.message,
-            { safeToRetry: true, cause: err }
-          );
-        case "TX_REVERTED":
-          throw new MintingGatewayError("RELAY_REVERTED", err.message, {
-            safeToRetry: false,
-            cause: err
-          });
-        case "TIMEOUT":
-          throw new MintingGatewayError("RELAY_TIMEOUT", err.message, {
-            safeToRetry: false,
-            cause: err
-          });
-      }
-    }
-    await this.releaseLockSafely(lockId);
-    throw new MintingGatewayError(
-      "RELAY_SUBMIT_FAILED",
-      `Unexpected relay error: ${errorMessage2(err)}`,
-      { safeToRetry: true, cause: err }
-    );
-  }
-  /**
-   * Release a lock, swallowing any secondary error. We never want a lock
-   * release failure to mask the original error — the lock will auto-expire
-   * via TTL anyway.
-   */
-  async releaseLockSafely(lockId) {
-    try {
-      await this.ledger.releaseLock(lockId);
-    } catch {
-    }
-  }
-};
-function errorMessage2(err) {
-  return err instanceof Error ? err.message : String(err);
-}
 // src/indexer/types.ts
 var InMemoryCursorStore = class {
   cursor;
@@ -1564,10 +1190,9 @@ var BurnIndexer = class {
 // src/api/handlers.ts
 var import_viem8 = require("viem");
-var import_core5 = require("@pafi-dev/core");
+var import_core4 = require("@pafi-dev/core");
 var IssuerApiHandlers = class {
   authService;
-  gateway;
   ledger;
   provider;
   /**
@@ -1586,7 +1211,6 @@ var IssuerApiHandlers = class {
   poolsProvider;
   constructor(config) {
     this.authService = config.authService;
-    this.gateway = config.gateway;
     this.ledger = config.ledger;
     this.provider = config.provider;
     const raw = config.pointTokenAddresses && config.pointTokenAddresses.length > 0 ? config.pointTokenAddresses : config.pointTokenAddress ? [config.pointTokenAddress] : [];
@@ -1710,11 +1334,11 @@ var IssuerApiHandlers = class {
       );
     }
     const [mintRequestNonce, receiverConsentNonce, offChainBalance, onChainBalance, minter] = await Promise.all([
-      (0, import_core5.getMintRequestNonce)(this.provider, pointToken, normalizedAuthed),
-      (0, import_core5.getReceiverConsentNonce)(this.provider, pointToken, normalizedAuthed),
+      (0, import_core4.getMintRequestNonce)(this.provider, pointToken, normalizedAuthed),
+      (0, import_core4.getReceiverConsentNonce)(this.provider, pointToken, normalizedAuthed),
       this.ledger.getBalance(normalizedAuthed, pointToken),
-      (0, import_core5.getPointTokenBalance)(this.provider, pointToken, normalizedAuthed),
-      (0, import_core5.isMinter)(this.provider, pointToken, normalizedAuthed)
+      (0, import_core4.getPointTokenBalance)(this.provider, pointToken, normalizedAuthed),
+      (0, import_core4.isMinter)(this.provider, pointToken, normalizedAuthed)
     ]);
     return {
       mintRequestNonce,
@@ -1752,13 +1376,13 @@ var IssuerApiHandlers = class {
         `handleBuildConsentTypedData: unsupported pointToken ${pointToken}`
       );
     }
-    const name = await (0, import_core5.getTokenName)(this.provider, pointToken);
+    const name = await (0, import_core4.getTokenName)(this.provider, pointToken);
     const domain = {
       name,
       verifyingContract: pointToken,
       chainId: this.chainId
     };
-    const typedData = (0, import_core5.buildReceiverConsentTypedData)(domain, request.receiverConsent);
+    const typedData = (0, import_core4.buildReceiverConsentTypedData)(domain, request.receiverConsent);
     return {
       typedData: {
         domain: typedData.domain,
@@ -1768,55 +1392,13 @@ var IssuerApiHandlers = class {
       }
     };
   }
-  /**
-   * `POST /claim-and-swap`
-   *
-   * @deprecated Since 0.3.0 — the single-call mint-then-swap flow is
-   * retired in v1.4. Use the new `handleClaim()` (mint only) and let
-   * the user swap separately on PAFI Web. See
-   * [V1.4_V1.5_OVERVIEW.md §4] for the new scenario model. Will be
-   * removed in 2.0.
-   *
-   * Legacy behavior: the terminal handler forwards the verified
-   * consent to the MintingGateway, which runs the 11-step flow.
-   */
-  async handleClaimAndSwap(userAddress, request) {
-    if (request.chainId !== this.chainId) {
-      throw new Error(
-        `handleClaimAndSwap: unsupported chainId ${request.chainId}`
-      );
-    }
-    const pointToken = (0, import_viem8.getAddress)(request.pointTokenAddress);
-    if (!this.supportedTokens.has(pointToken)) {
-      throw new Error(
-        `handleClaimAndSwap: unsupported pointToken ${pointToken}`
-      );
-    }
-    const result = await this.gateway.processMintAndCashOut({
-      userAddress: (0, import_viem8.getAddress)(userAddress),
-      pointTokenAddress: pointToken,
-      chainId: request.chainId,
-      domain: request.domain,
-      receiverConsent: request.receiverConsent,
-      receiverSignature: request.receiverSignature,
-      swapPath: request.swapPath,
-      swapDeadline: request.swapDeadline
-    });
-    const response = {
-      txHash: result.txHash,
-      lockId: result.lockId
-    };
-    if (result.blockNumber !== void 0)
-      response.blockNumber = result.blockNumber;
-    if (result.gasUsed !== void 0) response.gasUsed = result.gasUsed;
-    return response;
-  }
 };
 // src/api/handlers/ptRedeemHandler.ts
 var import_viem9 = require("viem");
-var import_core6 = require("@pafi-dev/core");
+var import_core5 = require("@pafi-dev/core");
 var DEFAULT_REDEEM_LOCK_MS = 15 * 60 * 1e3;
+var DEFAULT_SIG_DEADLINE_SEC = 15 * 60;
 var PTRedeemError = class extends Error {
   constructor(code, message) {
     super(message);
@@ -1828,11 +1410,14 @@ var PTRedeemError = class extends Error {
 var PTRedeemHandler = class {
   ledger;
   relayService;
+  provider;
   pointTokenAddress;
   batchExecutorAddress;
   chainId;
   domain;
+  burnerSignerWallet;
   redeemLockDurationMs;
+  signatureDeadlineSeconds;
   now;
   constructor(config) {
     if (!config.ledger.reservePendingCredit) {
@@ -1841,46 +1426,68 @@ var PTRedeemHandler = class {
         "PTRedeemHandler requires a ledger that implements reservePendingCredit() (v0.3.0+)"
       );
     }
+    if (!config.burnerSignerWallet) {
+      throw new PTRedeemError(
+        "SIGNING_FAILED",
+        "PTRedeemHandler requires burnerSignerWallet (issuer burner signer)"
+      );
+    }
     this.ledger = config.ledger;
     this.relayService = config.relayService;
+    this.provider = config.provider;
     this.pointTokenAddress = (0, import_viem9.getAddress)(config.pointTokenAddress);
     this.batchExecutorAddress = (0, import_viem9.getAddress)(config.batchExecutorAddress);
     this.chainId = config.chainId;
     this.domain = config.domain;
+    this.burnerSignerWallet = config.burnerSignerWallet;
     this.redeemLockDurationMs = config.redeemLockDurationMs ?? DEFAULT_REDEEM_LOCK_MS;
+    this.signatureDeadlineSeconds = config.signatureDeadlineSeconds ?? DEFAULT_SIG_DEADLINE_SEC;
     this.now = config.now ?? (() => Date.now());
   }
   async handle(request) {
     if (request.amount <= 0n) {
-      throw new PTRedeemError("INVALID_CONSENT", "redeem amount must be positive");
+      throw new PTRedeemError("INVALID_AMOUNT", "redeem amount must be positive");
     }
-    if (request.consent.amount !== request.amount) {
-      throw new PTRedeemError(
-        "AMOUNT_MISMATCH",
-        `consent.amount (${request.consent.amount}) must match request.amount (${request.amount})`
-      );
-    }
-    const nowSeconds = BigInt(Math.floor(this.now() / 1e3));
-    if (request.consent.deadline <= nowSeconds) {
+    let burnNonce;
+    try {
+      burnNonce = await this.provider.readContract({
+        address: this.pointTokenAddress,
+        abi: import_core5.POINT_TOKEN_V2_ABI,
+        functionName: "burnRequestNonces",
+        args: [request.userAddress]
+      });
+    } catch (err) {
       throw new PTRedeemError(
-        "EXPIRED_CONSENT",
-        `consent deadline (${request.consent.deadline}) already passed`
+        "NONCE_READ_FAILED",
+        `failed to read burnRequestNonces(${request.userAddress}): ${err instanceof Error ? err.message : String(err)}`
       );
     }
-    const verification = await (0, import_core6.verifyBurnConsent)(
-      {
-        name: this.domain.name,
-        chainId: this.chainId,
-        verifyingContract: this.domain.verifyingContract ?? this.pointTokenAddress
-      },
-      request.consent,
-      request.consentSignature,
-      request.userAddress
+    const deadline = BigInt(
+      Math.floor(this.now() / 1e3) + this.signatureDeadlineSeconds
     );
-    if (!verification.isValid) {
+    const domain = {
+      name: this.domain.name,
+      chainId: this.chainId,
+      verifyingContract: this.domain.verifyingContract ?? this.pointTokenAddress
+    };
+    const burnRequest = {
+      from: request.userAddress,
+      amount: request.amount,
+      nonce: burnNonce,
+      deadline
+    };
+    let burnerSignature;
+    try {
+      const sig = await (0, import_core5.signBurnRequest)(
+        this.burnerSignerWallet,
+        domain,
+        burnRequest
+      );
+      burnerSignature = sig.serialized;
+    } catch (err) {
       throw new PTRedeemError(
-        "SIGNATURE_MISMATCH",
-        `signer mismatch \u2014 expected ${request.userAddress}, got ${verification.recoveredAddress}`
+        "SIGNING_FAILED",
+        `failed to sign BurnRequest: ${err instanceof Error ? err.message : String(err)}`
       );
     }
     const lockId = await this.ledger.reservePendingCredit(
@@ -1895,33 +1502,21 @@ var PTRedeemHandler = class {
       aaNonce: request.aaNonce,
       pointTokenAddress: this.pointTokenAddress,
       batchExecutorAddress: this.batchExecutorAddress,
-      burnConsent: request.consent,
-      consentSignature: parseSigStruct(request.consentSignature)
+      burnRequest,
+      burnerSignature
     });
     return {
       lockId,
       userOp,
-      expiresInSeconds: Math.floor(this.redeemLockDurationMs / 1e3)
+      expiresInSeconds: Math.floor(this.redeemLockDurationMs / 1e3),
+      signatureDeadline: deadline
     };
   }
 };
-function parseSigStruct(serialized) {
-  const raw = serialized.slice(2);
-  if (raw.length !== 130) {
-    throw new PTRedeemError(
-      "INVALID_CONSENT",
-      `signature must be 65 bytes, got ${raw.length / 2}`
-    );
-  }
-  const r = `0x${raw.slice(0, 64)}`;
-  const s = `0x${raw.slice(64, 128)}`;
-  const v = parseInt(raw.slice(128, 130), 16);
-  return { v, r, s };
-}
 // src/api/handlers/topUpRedemptionHandler.ts
 var import_viem10 = require("viem");
-var import_core7 = require("@pafi-dev/core");
+var import_core6 = require("@pafi-dev/core");
 var TopUpRedemptionError = class extends Error {
   constructor(code, message) {
     super(message);
@@ -1950,7 +1545,7 @@ var TopUpRedemptionHandler = class {
       return { action: "NO_TOP_UP_NEEDED", offChainBalance };
     }
     const shortfall = request.requiredAmount - offChainBalance;
-    const onChainBalance = await (0, import_core7.getPointTokenBalance)(
+    const onChainBalance = await (0, import_core6.getPointTokenBalance)(
       this.provider,
       this.pointTokenAddress,
       request.userAddress
@@ -1963,24 +1558,10 @@ var TopUpRedemptionHandler = class {
         shortfall
       };
     }
-    if (request.redeemRequest.consent.amount < shortfall) {
-      throw new TopUpRedemptionError(
-        "CONSENT_AMOUNT_TOO_LOW",
-        `consent.amount (${request.redeemRequest.consent.amount}) must cover shortfall (${shortfall})`
-      );
-    }
-    if (request.redeemRequest.consent.amount !== shortfall) {
-      throw new TopUpRedemptionError(
-        "CONSENT_AMOUNT_TOO_LOW",
-        `consent.amount (${request.redeemRequest.consent.amount}) must equal shortfall (${shortfall}) exactly \u2014 re-sign with correct amount`
-      );
-    }
     const redeem = await this.ptRedeemHandler.handle({
       userAddress: request.userAddress,
       amount: shortfall,
-      consent: request.redeemRequest.consent,
-      consentSignature: request.redeemRequest.consentSignature,
-      aaNonce: request.redeemRequest.aaNonce
+      aaNonce: request.aaNonce
     });
     return {
       action: "TOP_UP_STARTED",
@@ -2202,7 +1783,7 @@ function toUsdtPerNative(priceFloat, usdtDecimals) {
 }
 // src/balance/balanceAggregator.ts
-var import_core8 = require("@pafi-dev/core");
+var import_core7 = require("@pafi-dev/core");
 var BalanceAggregator = class {
   provider;
   ledger;
@@ -2223,7 +1804,7 @@ var BalanceAggregator = class {
   async getCombinedBalance(user, pointToken) {
     const [offChain, onChain] = await Promise.all([
       this.ledger.getBalance(user, pointToken),
-      (0, import_core8.getPointTokenBalance)(this.provider, pointToken, user)
+      (0, import_core7.getPointTokenBalance)(this.provider, pointToken, user)
     ]);
     return {
       offChain,
@@ -2473,15 +2054,6 @@ function createIssuerService(config) {
   if (!config.provider) {
     throw new Error("createIssuerService: provider is required");
   }
-  if (!config.operatorWallet) {
-    throw new Error("createIssuerService: operatorWallet is required");
-  }
-  if (!config.signer) {
-    throw new Error("createIssuerService: signer is required");
-  }
-  if (!config.relayAddress) {
-    throw new Error("createIssuerService: relayAddress is required");
-  }
   if (!config.auth?.jwtSecret) {
     throw new Error("createIssuerService: auth.jwtSecret is required");
   }
@@ -2508,18 +2080,7 @@ function createIssuerService(config) {
     authServiceConfig.jwtExpiresIn = config.auth.jwtExpiresIn;
   }
   const authService = new AuthService(authServiceConfig);
-  const relayServiceConfig = {
-    relayAddress: config.relayAddress,
-    operatorWallet: config.operatorWallet,
-    provider: config.provider
-  };
-  if (config.relay?.simulateBeforeSubmit !== void 0) {
-    relayServiceConfig.simulateBeforeSubmit = config.relay.simulateBeforeSubmit;
-  }
-  if (config.relay?.confirmationTimeoutMs !== void 0) {
-    relayServiceConfig.confirmationTimeoutMs = config.relay.confirmationTimeoutMs;
-  }
-  const relayService = new RelayService(relayServiceConfig);
+  const relayService = new RelayService();
   let feeManager;
   if (config.fee) {
     feeManager = new FeeManager({
@@ -2527,16 +2088,6 @@ function createIssuerService(config) {
       provider: config.provider
     });
   }
-  const gatewayConfig = {
-    ledger,
-    policy,
-    signer: config.signer,
-    relayService
-  };
-  if (config.gateway?.defaultLockBufferMs !== void 0) {
-    gatewayConfig.defaultLockBufferMs = config.gateway.defaultLockBufferMs;
-  }
-  const gateway = new MintingGateway(gatewayConfig);
   const indexers = /* @__PURE__ */ new Map();
   for (const tokenAddress of tokenAddresses) {
     const indexerConfig = {
@@ -2564,7 +2115,6 @@ function createIssuerService(config) {
   const firstIndexer = indexers.get(tokenAddresses[0]);
   const handlersConfig = {
     authService,
-    gateway,
     ledger,
     provider: config.provider,
     pointTokenAddresses: tokenAddresses,
@@ -2584,10 +2134,8 @@ function createIssuerService(config) {
     sessionStore,
     ledger,
     policy,
-    signer: config.signer,
     relayService,
     feeManager,
-    gateway,
     indexers,
     indexer: firstIndexer,
     handlers
@@ -2608,8 +2156,6 @@ var PAFI_ISSUER_SDK_VERSION = "0.1.0";
   IssuerApiHandlers,
   MemoryPointLedger,
   MemorySessionStore,
-  MintingGateway,
-  MintingGatewayError,
   NonceManager,
   PAFI_ISSUER_SDK_VERSION,
   PTRedeemError,
@@ -2625,7 +2171,6 @@ var PAFI_ISSUER_SDK_VERSION = "0.1.0";
   authenticateRequest,
   createIssuerService,
   createSubgraphNativeUsdtQuoter,
-  createSubgraphPoolsProvider,
-  encodeExtData
+  createSubgraphPoolsProvider
 });
 //# sourceMappingURL=index.cjs.map