@pafi-dev/issuer 0.3.0-beta.7 → 0.3.0-beta.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +31 -6
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +79 -15
- package/dist/index.d.ts +79 -15
- package/dist/index.js +31 -6
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -1862,18 +1862,22 @@ var PafiBackendError = class extends Error {
|
|
|
1862
1862
|
get safeToRetry() {
|
|
1863
1863
|
if (this.serverSafeToRetry !== void 0) return this.serverSafeToRetry;
|
|
1864
1864
|
switch (this.code) {
|
|
1865
|
+
// Transient infra
|
|
1865
1866
|
case "PAYMASTER_UNAVAILABLE":
|
|
1866
1867
|
case "PAYMASTER_TIMEOUT":
|
|
1867
1868
|
case "RATE_LIMITER_UNAVAILABLE":
|
|
1869
|
+
case "KMS_UNAVAILABLE":
|
|
1870
|
+
case "SPONSOR_AUTH_SIGNING_FAILED":
|
|
1868
1871
|
case "INTERNAL_ERROR":
|
|
1869
1872
|
case "TIMEOUT":
|
|
1870
1873
|
case "NETWORK_ERROR":
|
|
1871
1874
|
return true;
|
|
1875
|
+
// Rate-limited — safe to retry after retryAfter window
|
|
1872
1876
|
case "RATE_LIMIT_EXCEEDED":
|
|
1873
1877
|
case "RATE_LIMIT_EXCEEDED_DAILY":
|
|
1874
1878
|
case "RATE_LIMIT_EXCEEDED_PER_USER":
|
|
1879
|
+
case "ISSUER_BUDGET_EXCEEDED":
|
|
1875
1880
|
return true;
|
|
1876
|
-
// after retryAfter
|
|
1877
1881
|
default:
|
|
1878
1882
|
return false;
|
|
1879
1883
|
}
|
|
@@ -1921,15 +1925,36 @@ var PafiBackendClient = class {
|
|
|
1921
1925
|
}
|
|
1922
1926
|
}
|
|
1923
1927
|
/**
|
|
1924
|
-
* Request
|
|
1925
|
-
* See [SPONSORED_PATH_FLOW.md §4.1] for the API contract.
|
|
1928
|
+
* Request a SponsorAuth signature from PAFI sponsor-relayer (beta.8+).
|
|
1926
1929
|
*
|
|
1927
|
-
*
|
|
1928
|
-
*
|
|
1929
|
-
*
|
|
1930
|
+
* The relayer:
|
|
1931
|
+
* 1. Authenticates user (JWT) + issuer (API key)
|
|
1932
|
+
* 2. Per-(user, scenario) rate limit + per-issuer daily budget
|
|
1933
|
+
* 3. Scenario-specific intent validation (mint cap, KYC, etc.)
|
|
1934
|
+
* 4. Allocates nonce + signs SponsorAuth payload via KMS PAFI key
|
|
1935
|
+
* 5. Returns `{ sponsorAuth, payload }` for the FE to forward to
|
|
1936
|
+
* Privy's `signUserOperation({ sponsorAuth, payload })`.
|
|
1937
|
+
*
|
|
1938
|
+
* Retries on transient failures (5xx, timeouts, KMS unavailable,
|
|
1939
|
+
* rate-limit-with-retryAfter). 4xx that are not `safeToRetry` fail fast.
|
|
1940
|
+
*
|
|
1941
|
+
* See `pafi-backend/docs/SPONSOR_AUTH_DESIGN.md` for the full spec.
|
|
1930
1942
|
*
|
|
1931
1943
|
* @throws PafiBackendError on final failure after exhausting retries
|
|
1932
1944
|
*/
|
|
1945
|
+
async requestSponsorAuth(req) {
|
|
1946
|
+
return this.postWithRetry(
|
|
1947
|
+
"/sponsor-auth",
|
|
1948
|
+
req
|
|
1949
|
+
);
|
|
1950
|
+
}
|
|
1951
|
+
/**
|
|
1952
|
+
* @deprecated Coinbase paymaster path — replaced by `requestSponsorAuth`
|
|
1953
|
+
* in beta.8. Will be removed in 1.0. Migrate by:
|
|
1954
|
+
* 1. Switch to `requestSponsorAuth` returning `{ sponsorAuth, payload }`
|
|
1955
|
+
* 2. Pass both to Privy `signUserOperation` instead of merging
|
|
1956
|
+
* paymasterData into the UserOp callData
|
|
1957
|
+
*/
|
|
1933
1958
|
async requestSponsorship(req) {
|
|
1934
1959
|
return this.postWithRetry(
|
|
1935
1960
|
"/paymaster/sponsor",
|