@pafi-dev/issuer 0.5.41 → 0.5.43

package/dist/index.cjs

@@ -34,10 +34,11 @@ __export(index_exports, {
   IssuerStateError: () => IssuerStateError,
   IssuerStateValidator: () => IssuerStateValidator,
   LockNotFoundError: () => LockNotFoundError,
+  MemoryPendingUserOpStore: () => MemoryPendingUserOpStore,
   MemorySessionStore: () => MemorySessionStore,
   NonceManager: () => NonceManager,
   PAFI_ISSUER_SDK_VERSION: () => PAFI_ISSUER_SDK_VERSION,
-  PAFI_SUBGRAPH_URL: () => import_core15.PAFI_SUBGRAPH_URL,
+  PAFI_SUBGRAPH_URL: () => import_core14.PAFI_SUBGRAPH_URL,
   PTClaimError: () => PTClaimError,
   PTClaimHandler: () => PTClaimHandler,
   PTRedeemError: () => PTRedeemError,
@@ -54,8 +55,6 @@ __export(index_exports, {
   RelayService: () => RelayService,
   SwapError: () => SwapError,
   SwapHandler: () => SwapHandler,
-  TopUpRedemptionError: () => TopUpRedemptionError,
-  TopUpRedemptionHandler: () => TopUpRedemptionHandler,
   authenticateRequest: () => authenticateRequest,
   createIssuerService: () => createIssuerService,
   createNativePtQuoter: () => createNativePtQuoter,
@@ -640,15 +639,13 @@ var RelayService = class {
     });
   }
   /**
-   * Build an unsigned UserOp for Scenario 2 (Burn/Redeem).
+   * Build an unsigned UserOp for Scenario 2 (Burn/Redeem) — sig-gated
+   * `PointToken.burn(from, amount, deadline, burnerSig)`. Caller
+   * provides a pre-signed `BurnRequest` + sig bytes (typically from
+   * `PTRedeemHandler`).
    *
-   * Two modes:
-   *   - `mode: 'burn'` — direct `PointToken.burn(from, amount)`; only
-   *     usable if the caller (via EIP-7702) is whitelisted as a burner.
-   *     Rare in v1.4; kept for admin/operator tools.
-   *   - `mode: 'burnWithSig'` — `PointToken.burn(from, amount, deadline,
-   *     burnerSig)`. Caller provides a pre-signed `BurnRequest` + sig
-   *     bytes (typically from `PTRedeemHandler`).
+   * Direct burn (no sig) was dropped in v1.4 — every burn now goes
+   * through the issuer-signed `BurnRequest` path.
    */
   async prepareBurn(params) {
     if (!params.pointTokenAddress) {
@@ -660,29 +657,24 @@ var RelayService = class {
         "prepareBurn: batchExecutorAddress required"
       );
     }
+    if (!params.burnRequest || !params.burnerSignature) {
+      throw new RelayError(
+        "ENCODE_FAILED",
+        "prepareBurn: burnRequest + burnerSignature required"
+      );
+    }
     let burnCallData;
     try {
-      if (params.mode === "burnWithSig") {
-        if (!params.burnRequest || !params.burnerSignature) {
-          throw new Error("burnWithSig requires burnRequest + burnerSignature");
-        }
-        burnCallData = (0, import_viem3.encodeFunctionData)({
-          abi: import_core2.POINT_TOKEN_V2_ABI,
-          functionName: "burn",
-          args: [
-            params.burnRequest.from,
-            params.burnRequest.amount,
-            params.burnRequest.deadline,
-            params.burnerSignature
-          ]
-        });
-      } else {
-        burnCallData = (0, import_viem3.encodeFunctionData)({
-          abi: import_core2.POINT_TOKEN_V2_ABI,
-          functionName: "burn",
-          args: [params.userAddress, params.amount]
-        });
-      }
+      burnCallData = (0, import_viem3.encodeFunctionData)({
+        abi: import_core2.POINT_TOKEN_V2_ABI,
+        functionName: "burn",
+        args: [
+          params.burnRequest.from,
+          params.burnRequest.amount,
+          params.burnRequest.deadline,
+          params.burnerSignature
+        ]
+      });
     } catch (err) {
       throw new RelayError(
         "ENCODE_FAILED",
@@ -1150,7 +1142,6 @@ var IssuerApiHandlers = class {
   pafiWebUrl;
   feeManager;
   poolsProvider;
-  claim;
   constructor(config) {
     this.authService = config.authService;
     this.ledger = config.ledger;
@@ -1168,7 +1159,6 @@ var IssuerApiHandlers = class {
     if (config.pafiWebUrl) this.pafiWebUrl = config.pafiWebUrl;
     if (config.feeManager) this.feeManager = config.feeManager;
     if (config.poolsProvider) this.poolsProvider = config.poolsProvider;
-    if (config.claim) this.claim = config.claim;
   }
   // =========================================================================
   // Public handlers (no auth required)
@@ -1302,91 +1292,9 @@ var IssuerApiHandlers = class {
       isMinter: minter
     };
   }
-  /**
-   * `POST /claim`
-   *
-   * Policy gate + ledger lock + MintRequest signing in a single atomic
-   * step. Returns an unsigned UserOp the frontend attaches paymaster data
-   * to and submits via EIP-7702 + Bundler.
-   *
-   * Order of operations:
-   *   1. Validate request fields.
-   *   2. policy.evaluate() — throws if denied; cannot be bypassed.
-   *   3. ledger.lockForMinting() — reserves the balance.
-   *   4. Read on-chain mintRequestNonce + token name in parallel.
-   *   5. relayService.prepareMint() — sign MintRequest + encode UserOp.
-   *   6. On any error after step 3, release the lock before re-throwing.
-   */
-  async handleClaim(userAddress, request) {
-    if (!this.claim) {
-      throw new Error("handleClaim: claim is not configured on this issuer");
-    }
-    if (request.chainId !== this.chainId) {
-      throw new Error(`handleClaim: unsupported chainId ${request.chainId}`);
-    }
-    const pointToken = (0, import_viem6.getAddress)(request.pointTokenAddress);
-    if (!this.supportedTokens.has(pointToken)) {
-      throw new Error(`handleClaim: unsupported pointToken ${pointToken}`);
-    }
-    if (request.amount <= 0n) {
-      throw new Error("handleClaim: amount must be positive");
-    }
-    const nowSecs = BigInt(Math.floor(Date.now() / 1e3));
-    if (request.deadline <= nowSecs) {
-      throw new Error("handleClaim: deadline is in the past");
-    }
-    const { policy, relayService, issuerSignerWallet, batchExecutorAddress } = this.claim;
-    const lockDurationMs = this.claim.lockDurationMs ?? 15 * 60 * 1e3;
-    const normalizedUser = (0, import_viem6.getAddress)(userAddress);
-    const decision = await policy.evaluate({
-      userAddress: normalizedUser,
-      amount: request.amount,
-      pointTokenAddress: pointToken,
-      chainId: this.chainId
-    });
-    if (!decision.approved) {
-      throw new Error(`handleClaim: policy denied \u2014 ${decision.reason ?? "no reason given"}`);
-    }
-    const lockId = await this.ledger.lockForMinting(
-      normalizedUser,
-      request.amount,
-      lockDurationMs,
-      pointToken
-    );
-    try {
-      const [mintRequestNonce, tokenName] = await Promise.all([
-        (0, import_core3.getMintRequestNonce)(this.provider, pointToken, normalizedUser),
-        (0, import_core3.getTokenName)(this.provider, pointToken)
-      ]);
-      const domain = {
-        name: tokenName,
-        verifyingContract: pointToken,
-        chainId: this.chainId
-      };
-      const userOp = await relayService.prepareMint({
-        userAddress: normalizedUser,
-        aaNonce: request.aaNonce,
-        batchExecutorAddress,
-        pointTokenAddress: pointToken,
-        amount: request.amount,
-        issuerSignerWallet,
-        domain,
-        mintRequestNonce,
-        deadline: request.deadline,
-        feeAmount: request.feeAmount,
-        feeRecipient: request.feeRecipient
-      });
-      return {
-        lockId,
-        userOp,
-        expiresInSeconds: Math.floor(lockDurationMs / 1e3)
-      };
-    } catch (err) {
-      await this.ledger.releaseLock(lockId).catch(() => {
-      });
-      throw err;
-    }
-  }
+  // Note: legacy `handleClaim` (sync sponsored-claim returning calls[]) was
+  // removed in 0.5.43 — callers should use `PTClaimHandler` directly or
+  // wire `IssuerApiAdapter.claim()` which composes the full flow.
 };
 
 // src/api/handlers/ptRedeemHandler.ts
@@ -1625,70 +1533,6 @@ var PTRedeemHandler = class {
   }
 };
 
-// src/api/handlers/topUpRedemptionHandler.ts
-var import_viem8 = require("viem");
-var import_core5 = require("@pafi-dev/core");
-var TopUpRedemptionError = class extends Error {
-  constructor(code, message) {
-    super(message);
-    this.code = code;
-    this.name = "TopUpRedemptionError";
-  }
-  code;
-};
-var TopUpRedemptionHandler = class {
-  ledger;
-  ptRedeemHandler;
-  provider;
-  pointTokenAddress;
-  constructor(config) {
-    this.ledger = config.ledger;
-    this.ptRedeemHandler = config.ptRedeemHandler;
-    this.provider = config.provider;
-    this.pointTokenAddress = (0, import_viem8.getAddress)(config.pointTokenAddress);
-  }
-  async handle(request) {
-    if ((0, import_viem8.getAddress)(request.authenticatedAddress) !== (0, import_viem8.getAddress)(request.userAddress)) {
-      throw new TopUpRedemptionError(
-        "UNAUTHORIZED",
-        `userAddress (${request.userAddress}) does not match authenticated session (${request.authenticatedAddress})`
-      );
-    }
-    const offChainBalance = await this.ledger.getBalance(
-      request.userAddress,
-      this.pointTokenAddress
-    );
-    if (offChainBalance >= request.requiredAmount) {
-      return { action: "NO_TOP_UP_NEEDED", offChainBalance };
-    }
-    const shortfall = request.requiredAmount - offChainBalance;
-    const onChainBalance = await (0, import_core5.getPointTokenBalance)(
-      this.provider,
-      this.pointTokenAddress,
-      request.userAddress
-    );
-    if (onChainBalance < shortfall) {
-      return {
-        action: "INSUFFICIENT_ONCHAIN",
-        offChainBalance,
-        onChainBalance,
-        shortfall
-      };
-    }
-    const redeem = await this.ptRedeemHandler.handle({
-      authenticatedAddress: request.authenticatedAddress,
-      userAddress: request.userAddress,
-      amount: shortfall,
-      aaNonce: request.aaNonce
-    });
-    return {
-      action: "TOP_UP_STARTED",
-      shortfall,
-      redeem
-    };
-  }
-};
-
 // src/api/statusHandlers.ts
 var LockNotFoundError = class extends PafiSdkError {
   code = "LOCK_NOT_FOUND";
@@ -1790,11 +1634,11 @@ async function handleRedeemStatus(params) {
 }
 
 // src/api/mobileHandlers.ts
-var import_viem9 = require("viem");
-var import_core8 = require("@pafi-dev/core");
+var import_viem8 = require("viem");
+var import_core7 = require("@pafi-dev/core");
 
 // src/userop-store/serialize.ts
-var import_core6 = require("@pafi-dev/core");
+var import_core5 = require("@pafi-dev/core");
 function serializeEntryToJsonRpc(entry, signature, variant = "sponsored") {
   if (variant === "fallback") {
     if (!entry.fallback) {
@@ -1802,7 +1646,7 @@ function serializeEntryToJsonRpc(entry, signature, variant = "sponsored") {
         "serializeEntryToJsonRpc: variant=fallback requested but the stored entry has no `fallback` branch \u2014 caller should resubmit with variant='sponsored' or re-prepare with a fee configured."
       );
     }
-    return (0, import_core6.serializeUserOpToJsonRpc)(
+    return (0, import_core5.serializeUserOpToJsonRpc)(
       {
         sender: entry.sender,
         nonce: BigInt(entry.nonce),
@@ -1817,7 +1661,7 @@ function serializeEntryToJsonRpc(entry, signature, variant = "sponsored") {
       signature
     );
   }
-  return (0, import_core6.serializeUserOpToJsonRpc)(
+  return (0, import_core5.serializeUserOpToJsonRpc)(
     {
       sender: entry.sender,
       nonce: BigInt(entry.nonce),
@@ -1836,8 +1680,35 @@ function serializeEntryToJsonRpc(entry, signature, variant = "sponsored") {
   );
 }
 
+// src/userop-store/memoryStore.ts
+var MemoryPendingUserOpStore = class {
+  entries = /* @__PURE__ */ new Map();
+  now;
+  constructor(now = () => Date.now()) {
+    this.now = now;
+  }
+  async save(lockId, entry, ttlSeconds) {
+    this.entries.set(lockId, {
+      entry,
+      expiresAt: this.now() + ttlSeconds * 1e3
+    });
+  }
+  async get(lockId) {
+    const hit = this.entries.get(lockId);
+    if (!hit) return null;
+    if (hit.expiresAt <= this.now()) {
+      this.entries.delete(lockId);
+      return null;
+    }
+    return hit.entry;
+  }
+  async delete(lockId) {
+    this.entries.delete(lockId);
+  }
+};
+
 // src/userop-store/prepareUserOp.ts
-var import_core7 = require("@pafi-dev/core");
+var import_core6 = require("@pafi-dev/core");
 function serializeUserOpTypedData(td) {
   return {
     domain: td.domain,
@@ -1872,9 +1743,9 @@ async function prepareMobileUserOp(params) {
     params.partialUserOp,
     params.paymasterFields
   );
-  const userOpHash = (0, import_core7.computeUserOpHash)(userOp, params.chainId);
+  const userOpHash = (0, import_core6.computeUserOpHash)(userOp, params.chainId);
   const typedData = serializeUserOpTypedData(
-    (0, import_core7.buildUserOpTypedData)(userOp, params.chainId)
+    (0, import_core6.buildUserOpTypedData)(userOp, params.chainId)
   );
   let fallback;
   let fallbackEntry;
@@ -1884,9 +1755,9 @@ async function prepareMobileUserOp(params) {
       maxFeePerGas: userOp.maxFeePerGas,
       maxPriorityFeePerGas: userOp.maxPriorityFeePerGas
     };
-    const fallbackHash = (0, import_core7.computeUserOpHash)(fallbackUserOp, params.chainId);
+    const fallbackHash = (0, import_core6.computeUserOpHash)(fallbackUserOp, params.chainId);
     const fallbackTypedData = serializeUserOpTypedData(
-      (0, import_core7.buildUserOpTypedData)(fallbackUserOp, params.chainId)
+      (0, import_core6.buildUserOpTypedData)(fallbackUserOp, params.chainId)
     );
     fallback = {
       userOp: fallbackUserOp,
@@ -2020,7 +1891,7 @@ async function handleMobilePrepare(params) {
     params.provider.estimateFeesPerGas(),
     params.provider.getCode({ address: params.userAddress })
   ]);
-  const needsDelegation = (0, import_core8.parseEip7702DelegatedAddress)(userCode) === null;
+  const needsDelegation = (0, import_core7.parseEip7702DelegatedAddress)(userCode) === null;
   const sponsoredOp = {
     ...params.partialUserOp,
     maxFeePerGas: fees.maxFeePerGas ?? params.partialUserOp.maxFeePerGas ?? 0n,
@@ -2054,7 +1925,7 @@ async function handleMobileSubmit(params) {
   if (!entry) {
     throw new PendingUserOpNotFoundError(params.lockId);
   }
-  if ((0, import_viem9.getAddress)(entry.sender) !== (0, import_viem9.getAddress)(params.authenticatedAddress)) {
+  if ((0, import_viem8.getAddress)(entry.sender) !== (0, import_viem8.getAddress)(params.authenticatedAddress)) {
     throw new PendingUserOpForbiddenError(params.lockId);
   }
   const variant = params.variant ?? "sponsored";
@@ -2062,7 +1933,7 @@ async function handleMobileSubmit(params) {
   const result = await relayUserOp({
     client: params.pafiBackendClient,
     userOp: userOpJson,
-    entryPoint: params.entryPoint ?? import_core8.ENTRY_POINT_V08
+    entryPoint: params.entryPoint ?? import_core7.ENTRY_POINT_V08
   });
   await params.bindUserOpHash(params.lockId, result.userOpHash);
   await params.store.delete(params.lockId);
@@ -2070,8 +1941,8 @@ async function handleMobileSubmit(params) {
 }
 
 // src/api/handlers/ptClaimHandler.ts
-var import_viem10 = require("viem");
-var import_core9 = require("@pafi-dev/core");
+var import_viem9 = require("viem");
+var import_core8 = require("@pafi-dev/core");
 
 // src/issuer-state/types.ts
 var IssuerStateError = class extends PafiSdkError {
@@ -2111,7 +1982,7 @@ var PTClaimHandler = class {
     };
   }
   async handle(request) {
-    if ((0, import_viem10.getAddress)(request.authenticatedAddress) !== (0, import_viem10.getAddress)(request.userAddress)) {
+    if ((0, import_viem9.getAddress)(request.authenticatedAddress) !== (0, import_viem9.getAddress)(request.userAddress)) {
       throw new PTClaimError(
         "VALIDATION_FAILED",
         `userAddress (${request.userAddress}) does not match authenticated session (${request.authenticatedAddress})`
@@ -2134,7 +2005,7 @@ var PTClaimHandler = class {
         );
       }
     }
-    const { batchExecutor: batchExecutorAddress } = (0, import_core9.getContractAddresses)(
+    const { batchExecutor: batchExecutorAddress } = (0, import_core8.getContractAddresses)(
       request.chainId
     );
     const lockId = await this.cfg.ledger.lockForMinting(
@@ -2194,8 +2065,8 @@ var PTClaimHandler = class {
         );
       }
     }
-    const calls = (0, import_core9.decodeBatchExecuteCalls)(userOp.callData);
-    const callsFallback = fallback ? (0, import_core9.decodeBatchExecuteCalls)(fallback.callData) : void 0;
+    const calls = (0, import_core8.decodeBatchExecuteCalls)(userOp.callData);
+    const callsFallback = fallback ? (0, import_core8.decodeBatchExecuteCalls)(fallback.callData) : void 0;
     return {
       userOp,
       fallback,
@@ -2210,7 +2081,7 @@ var PTClaimHandler = class {
 };
 
 // src/api/handlers/swapHandler.ts
-var import_core10 = require("@pafi-dev/core");
+var import_core9 = require("@pafi-dev/core");
 var SwapError = class extends PafiSdkError {
   httpStatus = "unprocessable";
   code;
@@ -2236,7 +2107,7 @@ var SwapHandler = class {
       throw new SwapError("INVALID_AMOUNT", "amountIn must be positive");
     }
     const slippageBps = request.slippageBps ?? this.cfg.defaultSlippageBps;
-    const { usdt, pafiFeeRecipient, universalRouter } = (0, import_core10.getContractAddresses)(
+    const { usdt, pafiFeeRecipient, universalRouter } = (0, import_core9.getContractAddresses)(
       request.chainId
     );
     const poolsResponse = await this.cfg.poolsProvider({
@@ -2251,7 +2122,7 @@ var SwapHandler = class {
     }
     let fallbackQuote;
     try {
-      fallbackQuote = await (0, import_core10.findBestQuote)(
+      fallbackQuote = await (0, import_core9.findBestQuote)(
         this.cfg.provider,
         request.chainId,
         request.pointTokenAddress,
@@ -2282,7 +2153,7 @@ var SwapHandler = class {
     let sponsoredPath = fallbackQuote.bestRoute.path;
     if (feeAmount > 0n) {
       try {
-        const sponsoredQuote = await (0, import_core10.findBestQuote)(
+        const sponsoredQuote = await (0, import_core9.findBestQuote)(
           this.cfg.provider,
           request.chainId,
           request.pointTokenAddress,
@@ -2300,7 +2171,7 @@ var SwapHandler = class {
       }
     }
     const minAmountOutSponsored = estimatedUsdtOutSponsored * BigInt(1e4 - slippageBps) / 10000n;
-    const sponsoredOp = (0, import_core10.buildSwapWithGasDeduction)({
+    const sponsoredOp = (0, import_core9.buildSwapWithGasDeduction)({
       userAddress: request.userAddress,
       aaNonce: request.aaNonce,
       pointTokenAddress: request.pointTokenAddress,
@@ -2313,7 +2184,7 @@ var SwapHandler = class {
       gasFeePt: feeAmount,
       feeRecipient: pafiFeeRecipient
     });
-    const fallbackOp = feeAmount > 0n ? (0, import_core10.buildSwapWithGasDeduction)({
+    const fallbackOp = feeAmount > 0n ? (0, import_core9.buildSwapWithGasDeduction)({
       userAddress: request.userAddress,
       aaNonce: request.aaNonce,
       pointTokenAddress: request.pointTokenAddress,
@@ -2335,14 +2206,14 @@ var SwapHandler = class {
       estimatedUsdtOutFallback: fallbackOp ? estimatedUsdtOutFallback : void 0,
       minAmountOutFallback: fallbackOp ? minAmountOutFallback : void 0,
       deadline,
-      calls: (0, import_core10.decodeBatchExecuteCalls)(sponsoredOp.callData),
-      callsFallback: fallbackOp ? (0, import_core10.decodeBatchExecuteCalls)(fallbackOp.callData) : void 0
+      calls: (0, import_core9.decodeBatchExecuteCalls)(sponsoredOp.callData),
+      callsFallback: fallbackOp ? (0, import_core9.decodeBatchExecuteCalls)(fallbackOp.callData) : void 0
     };
   }
 };
 
 // src/api/handlers/perpDepositHandler.ts
-var import_core11 = require("@pafi-dev/core");
+var import_core10 = require("@pafi-dev/core");
 var PerpDepositError = class extends PafiSdkError {
   httpStatus = "unprocessable";
   code;
@@ -2366,26 +2237,26 @@ var PerpDepositHandler = class {
     if (request.amount <= 0n) {
       throw new PerpDepositError("INVALID_AMOUNT", "amount must be positive");
     }
-    const brokerHash = import_core11.BROKER_HASHES[request.brokerId];
-    const tokenHash = import_core11.TOKEN_HASHES.USDC;
-    const vault = import_core11.ORDERLY_VAULT_ADDRESSES[request.chainId];
+    const brokerHash = import_core10.BROKER_HASHES[request.brokerId];
+    const tokenHash = import_core10.TOKEN_HASHES.USDC;
+    const vault = import_core10.ORDERLY_VAULT_ADDRESSES[request.chainId];
     if (!vault) {
       throw new PerpDepositError(
         "PERP_DEPOSIT_UNAVAILABLE",
         `no Orderly Vault for chainId ${request.chainId}`
       );
     }
-    const { orderlyRelay: relayAddress, pafiFeeRecipient } = (0, import_core11.getContractAddresses)(request.chainId);
+    const { orderlyRelay: relayAddress, pafiFeeRecipient } = (0, import_core10.getContractAddresses)(request.chainId);
     const [usdcAddress, brokerAllowed] = await Promise.all([
       this.cfg.provider.readContract({
         address: vault,
-        abi: import_core11.ORDERLY_VAULT_ABI,
+        abi: import_core10.ORDERLY_VAULT_ABI,
         functionName: "getAllowedToken",
         args: [tokenHash]
       }),
       this.cfg.provider.readContract({
         address: vault,
-        abi: import_core11.ORDERLY_VAULT_ABI,
+        abi: import_core10.ORDERLY_VAULT_ABI,
         functionName: "getAllowedBroker",
         args: [brokerHash]
       })
@@ -2396,7 +2267,7 @@ var PerpDepositHandler = class {
         `broker "${request.brokerId}" is not whitelisted on Orderly Vault`
       );
     }
-    const accountId = (0, import_core11.computeAccountId)(request.userAddress, brokerHash);
+    const accountId = (0, import_core10.computeAccountId)(request.userAddress, brokerHash);
     const requestForQuote = {
       token: usdcAddress,
       receiver: request.userAddress,
@@ -2407,7 +2278,7 @@ var PerpDepositHandler = class {
     const [relayTokenFee, ptGasFee] = await Promise.all([
       this.cfg.provider.readContract({
         address: relayAddress,
-        abi: import_core11.ORDERLY_RELAY_ABI,
+        abi: import_core10.ORDERLY_RELAY_ABI,
         functionName: "quoteTokenFee",
         args: [requestForQuote]
       }),
@@ -2427,7 +2298,7 @@ var PerpDepositHandler = class {
       totalAmount: request.amount,
       maxFee
     };
-    const sponsoredOp = (0, import_core11.buildPerpDepositViaRelay)({
+    const sponsoredOp = (0, import_core10.buildPerpDepositViaRelay)({
       userAddress: request.userAddress,
       aaNonce: request.aaNonce,
       relayAddress,
@@ -2436,7 +2307,7 @@ var PerpDepositHandler = class {
       gasFeePt: ptGasFee,
       gasFeePtRecipient: pafiFeeRecipient
     });
-    const fallbackOp = ptGasFee > 0n ? (0, import_core11.buildPerpDepositViaRelay)({
+    const fallbackOp = ptGasFee > 0n ? (0, import_core10.buildPerpDepositViaRelay)({
       userAddress: request.userAddress,
       aaNonce: request.aaNonce,
       relayAddress,
@@ -2453,22 +2324,22 @@ var PerpDepositHandler = class {
       brokerHash,
       usdcAddress,
       relayAddress,
-      calls: (0, import_core11.decodeBatchExecuteCalls)(sponsoredOp.callData),
-      callsFallback: fallbackOp ? (0, import_core11.decodeBatchExecuteCalls)(fallbackOp.callData) : void 0
+      calls: (0, import_core10.decodeBatchExecuteCalls)(sponsoredOp.callData),
+      callsFallback: fallbackOp ? (0, import_core10.decodeBatchExecuteCalls)(fallbackOp.callData) : void 0
     };
   }
 };
 
 // src/api/delegateHandler.ts
-var import_core12 = require("@pafi-dev/core");
+var import_core11 = require("@pafi-dev/core");
 var DEFAULT_DELEGATE_GAS = {
   callGasLimit: 100000n,
   verificationGasLimit: 150000n,
   preVerificationGas: 50000n
 };
 async function handleDelegateSubmit(params) {
-  const { batchExecutor } = (0, import_core12.getContractAddresses)(params.chainId);
-  const callData = (0, import_core12.encodeBatchExecute)([]);
+  const { batchExecutor } = (0, import_core11.getContractAddresses)(params.chainId);
+  const callData = (0, import_core11.encodeBatchExecute)([]);
   const userOp = {
     sender: params.userAddress,
     nonce: params.aaNonce,
@@ -2491,7 +2362,7 @@ async function handleDelegateSubmit(params) {
     ...userOp,
     ...paymasterFields ?? {}
   };
-  const userOpJson = (0, import_core12.serializeUserOpToJsonRpc)(
+  const userOpJson = (0, import_core11.serializeUserOpToJsonRpc)(
     {
       sender: merged.sender,
       nonce: merged.nonce,
@@ -2510,7 +2381,7 @@ async function handleDelegateSubmit(params) {
     // is the user's "consent"; no separate AA signature is needed.
     "0x"
   );
-  const authorization = (0, import_core12.buildEip7702Authorization)({
+  const authorization = (0, import_core11.buildEip7702Authorization)({
     chainId: params.chainId,
     address: batchExecutor,
     nonce: params.delegationNonce,
@@ -2519,7 +2390,7 @@ async function handleDelegateSubmit(params) {
   const result = await relayUserOp({
     client: params.pafiBackendClient,
     userOp: userOpJson,
-    entryPoint: import_core12.ENTRY_POINT_V08,
+    entryPoint: import_core11.ENTRY_POINT_V08,
     eip7702Auth: authorization
   });
   return {
@@ -2530,7 +2401,7 @@ async function handleDelegateSubmit(params) {
 }
 
 // src/api/quoteHelper.ts
-var import_core13 = require("@pafi-dev/core");
+var import_core12 = require("@pafi-dev/core");
 var DEFAULT_DEADLINE_SECONDS = 300;
 async function quotePointTokenToUsdt(params) {
   const now = params.now ?? (() => Date.now());
@@ -2554,11 +2425,11 @@ async function quotePointTokenToUsdt(params) {
       quoteError: "QUOTE_UNAVAILABLE"
     };
   }
-  const { usdt: usdtAddress } = (0, import_core13.getContractAddresses)(params.chainId);
+  const { usdt: usdtAddress } = (0, import_core12.getContractAddresses)(params.chainId);
   let estimatedUsdtOut = 0n;
   let gasEstimate = 0n;
   try {
-    const best = await (0, import_core13.findBestQuote)(
+    const best = await (0, import_core12.findBestQuote)(
       params.provider,
       params.chainId,
       params.pointTokenAddress,
@@ -2620,8 +2491,8 @@ function createSdkErrorMapper(factories) {
 }
 
 // src/api/issuerApiAdapter.ts
-var import_viem11 = require("viem");
-var import_core14 = require("@pafi-dev/core");
+var import_viem10 = require("viem");
+var import_core13 = require("@pafi-dev/core");
 var IssuerApiAdapter = class {
   cfg;
   constructor(config) {
@@ -2642,7 +2513,7 @@ var IssuerApiAdapter = class {
   async pools(authenticatedAddress, chainId, pointTokenAddress) {
     const result = await this.cfg.issuerService.api.handlePools(
       authenticatedAddress,
-      { chainId, pointTokenAddress: (0, import_viem11.getAddress)(pointTokenAddress) }
+      { chainId, pointTokenAddress: (0, import_viem10.getAddress)(pointTokenAddress) }
     );
     return { pools: result.pools };
   }
@@ -2651,8 +2522,8 @@ var IssuerApiAdapter = class {
       authenticatedAddress,
       {
         chainId,
-        userAddress: (0, import_viem11.getAddress)(userAddress),
-        pointTokenAddress: (0, import_viem11.getAddress)(pointTokenAddress)
+        userAddress: (0, import_viem10.getAddress)(userAddress),
+        pointTokenAddress: (0, import_viem10.getAddress)(pointTokenAddress)
       }
     );
     return {
@@ -2670,13 +2541,13 @@ var IssuerApiAdapter = class {
       this.cfg.issuerService.api.handleGasFee(),
       this.cfg.issuerService.api.handlePools(authenticatedAddress, {
         chainId,
-        pointTokenAddress: (0, import_viem11.getAddress)(pointTokenAddress)
+        pointTokenAddress: (0, import_viem10.getAddress)(pointTokenAddress)
       })
     ]);
     const quote = await quotePointTokenToUsdt({
       provider: this.cfg.provider,
       chainId,
-      pointTokenAddress: (0, import_viem11.getAddress)(pointTokenAddress),
+      pointTokenAddress: (0, import_viem10.getAddress)(pointTokenAddress),
       pointAmount,
       pools: poolsResult.pools,
       gasFeeUsdt: gasFeeResult.gasFeeUsdt
@@ -2695,8 +2566,13 @@ var IssuerApiAdapter = class {
   }
   // ------------------------------ Action endpoints -------------------------
   async claim(input) {
-    const pointTokenAddress = (0, import_viem11.getAddress)(input.pointTokenAddress);
-    const result = await this.cfg.ptClaimHandler.handle({
+    const ptClaimHandler = this.assertHandler(
+      this.cfg.ptClaimHandler,
+      "ptClaimHandler",
+      "claim"
+    );
+    const pointTokenAddress = (0, import_viem10.getAddress)(input.pointTokenAddress);
+    const result = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
       amount: input.amount,
@@ -2736,8 +2612,8 @@ var IssuerApiAdapter = class {
       "burn"
     );
     return {
-      calls: (0, import_core14.decodeBatchExecuteCalls)(response.userOp.callData),
-      callsFallback: response.fallback ? (0, import_core14.decodeBatchExecuteCalls)(response.fallback.userOp.callData) : void 0,
+      calls: (0, import_core13.decodeBatchExecuteCalls)(response.userOp.callData),
+      callsFallback: response.fallback ? (0, import_core13.decodeBatchExecuteCalls)(response.fallback.userOp.callData) : void 0,
       feeAmount: response.feeAmount.toString(),
       lockId: response.lockId,
       lockIdFallback: response.fallback?.lockId,
@@ -2749,10 +2625,15 @@ var IssuerApiAdapter = class {
     };
   }
   async swap(input) {
-    const result = await this.cfg.swapHandler.handle({
+    const swapHandler = this.assertHandler(
+      this.cfg.swapHandler,
+      "swapHandler",
+      "swap"
+    );
+    const result = await swapHandler.handle({
       userAddress: input.authenticatedAddress,
       chainId: input.chainId,
-      pointTokenAddress: (0, import_viem11.getAddress)(input.pointTokenAddress),
+      pointTokenAddress: (0, import_viem10.getAddress)(input.pointTokenAddress),
       amountIn: input.amountIn,
       aaNonce: input.aaNonce,
       slippageBps: input.slippageBps
@@ -2776,7 +2657,12 @@ var IssuerApiAdapter = class {
     };
   }
   async perpDeposit(input) {
-    const result = await this.cfg.perpHandler.handle({
+    const perpHandler = this.assertHandler(
+      this.cfg.perpHandler,
+      "perpHandler",
+      "perpDeposit"
+    );
+    const result = await perpHandler.handle({
       userAddress: input.authenticatedAddress,
       chainId: input.chainId,
       amount: input.amount,
@@ -2805,8 +2691,13 @@ var IssuerApiAdapter = class {
   }
   // ------------------------------ Mobile endpoints -------------------------
   async claimPrepare(input) {
-    const pointTokenAddress = (0, import_viem11.getAddress)(input.pointTokenAddress);
-    const claimResult = await this.cfg.ptClaimHandler.handle({
+    const ptClaimHandler = this.assertHandler(
+      this.cfg.ptClaimHandler,
+      "ptClaimHandler",
+      "claimPrepare"
+    );
+    const pointTokenAddress = (0, import_viem10.getAddress)(input.pointTokenAddress);
+    const claimResult = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
       amount: input.amount,
@@ -2851,7 +2742,7 @@ var IssuerApiAdapter = class {
   }
   async redeemPrepare(input) {
     this.assertRedeemHandler();
-    const pointTokenAddress = (0, import_viem11.getAddress)(input.pointTokenAddress);
+    const pointTokenAddress = (0, import_viem10.getAddress)(input.pointTokenAddress);
     const redeemResponse = await this.cfg.ptRedeemHandler.handle({
       userAddress: input.authenticatedAddress,
       authenticatedAddress: input.authenticatedAddress,
@@ -2915,23 +2806,23 @@ var IssuerApiAdapter = class {
   }
   // ------------------------------ Delegate endpoints -----------------------
   async delegateStatus(authenticatedAddress, chainId) {
-    const { batchExecutor } = (0, import_core14.getContractAddresses)(chainId);
+    const { batchExecutor } = (0, import_core13.getContractAddresses)(chainId);
     const code = await this.cfg.provider.getCode({
       address: authenticatedAddress
     });
     return {
-      isDelegated: (0, import_core14.parseEip7702DelegatedAddress)(code) !== null,
+      isDelegated: (0, import_core13.parseEip7702DelegatedAddress)(code) !== null,
       batchExecutorAddress: batchExecutor
     };
   }
   async delegatePrepare(authenticatedAddress, chainId) {
-    const { batchExecutor } = (0, import_core14.getContractAddresses)(chainId);
+    const { batchExecutor } = (0, import_core13.getContractAddresses)(chainId);
     const accountNonce = BigInt(
       await this.cfg.provider.getTransactionCount({
         address: authenticatedAddress
       })
     );
-    const authorizationHash = (0, import_core14.computeAuthorizationHash)(
+    const authorizationHash = (0, import_core13.computeAuthorizationHash)(
       chainId,
       batchExecutor,
       accountNonce
@@ -2964,7 +2855,7 @@ var IssuerApiAdapter = class {
    */
   async buildSponsorAuth(authenticatedAddress, callData, chainId, scenario) {
     if (!this.cfg.pafiIssuerId) return void 0;
-    return (0, import_core14.buildAndSignSponsorAuth)({
+    return (0, import_core13.buildAndSignSponsorAuth)({
       userAddress: authenticatedAddress,
       callData,
       chainId,
@@ -2996,11 +2887,25 @@ var IssuerApiAdapter = class {
       );
     }
   }
+  /**
+   * Narrow an optional handler to non-null and throw a clear error when
+   * the issuer wired the adapter without it. Lets issuers opt out of
+   * flows they don't expose (gg56 ships only mobile claim/redeem, so
+   * `swapHandler` + `perpHandler` aren't constructed).
+   */
+  assertHandler(handler, fieldName, methodName) {
+    if (handler === null || handler === void 0) {
+      throw new Error(
+        `${fieldName} not wired \u2014 IssuerApiAdapter.${methodName}() requires a configured ${fieldName}.`
+      );
+    }
+    return handler;
+  }
 };
 
 // src/pools/subgraphPoolsProvider.ts
-var import_viem12 = require("viem");
-var import_core15 = require("@pafi-dev/core");
+var import_viem11 = require("viem");
+var import_core14 = require("@pafi-dev/core");
 var DEFAULT_CACHE_TTL_MS = 3e4;
 var POOL_QUERY = `
   query GetPoolForPointToken($id: ID!) {
@@ -3018,7 +2923,7 @@ var POOL_QUERY = `
   }
 `;
 function createSubgraphPoolsProvider(config = {}) {
-  const subgraphUrl = config.subgraphUrl ?? import_core15.PAFI_SUBGRAPH_URL;
+  const subgraphUrl = config.subgraphUrl ?? import_core14.PAFI_SUBGRAPH_URL;
   try {
     const parsed = new URL(subgraphUrl);
     if (process.env.NODE_ENV === "production" && parsed.protocol !== "https:") {
@@ -3100,7 +3005,7 @@ async function fetchPoolsFromSubgraph(fetchImpl, subgraphUrl, pointTokenAddress)
     return [];
   }
   const { pool } = token;
-  if (!(0, import_viem12.isAddress)(pool.hooks)) {
+  if (!(0, import_viem11.isAddress)(pool.hooks)) {
     console.error(
       "[PAFI] SubgraphPoolsProvider: invalid hooks address in response:",
       pool.hooks,
@@ -3108,7 +3013,7 @@ async function fetchPoolsFromSubgraph(fetchImpl, subgraphUrl, pointTokenAddress)
     );
     return [];
   }
-  if (!(0, import_viem12.isAddress)(pool.token0.id) || !(0, import_viem12.isAddress)(pool.token1.id)) {
+  if (!(0, import_viem11.isAddress)(pool.token0.id) || !(0, import_viem11.isAddress)(pool.token1.id)) {
     console.error(
       "[PAFI] SubgraphPoolsProvider: invalid token address in response \u2014 skipping pool"
     );
@@ -3150,7 +3055,7 @@ var PRICE_QUERY = `
   }
 `;
 function createSubgraphNativeUsdtQuoter(config = {}) {
-  const subgraphUrl = config.subgraphUrl ?? import_core15.PAFI_SUBGRAPH_URL;
+  const subgraphUrl = config.subgraphUrl ?? import_core14.PAFI_SUBGRAPH_URL;
   try {
     const parsed = new URL(subgraphUrl);
     if (process.env.NODE_ENV === "production" && parsed.protocol !== "https:") {
@@ -3258,8 +3163,8 @@ function toUsdtPerNative(priceFloat, usdtDecimals) {
 }
 
 // src/pools/nativePtQuoter.ts
-var import_viem13 = require("viem");
-var CHAINLINK_ABI = (0, import_viem13.parseAbi)([
+var import_viem12 = require("viem");
+var CHAINLINK_ABI = (0, import_viem12.parseAbi)([
   "function latestRoundData() external view returns (uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound)"
 ]);
 var CHAINLINK_MAX_AGE_S = 3600n;
@@ -3280,7 +3185,7 @@ function createNativePtQuoter(config) {
     provider,
     pointTokenAddress,
     chainlinkFeedAddress = "0x71041dddad3595F9CEd3DcCFBe3D1F4b0a16Bb70",
-    subgraphUrl = import_core15.PAFI_SUBGRAPH_URL,
+    subgraphUrl = import_core14.PAFI_SUBGRAPH_URL,
     cacheTtlMs = 3e4,
     fallbackEthPriceUsd = 3e3,
     fallbackPtPriceUsdt = 0.1,
@@ -3362,7 +3267,7 @@ function parseBigDecimalTo18(s) {
 }
 
 // src/balance/balanceAggregator.ts
-var import_core16 = require("@pafi-dev/core");
+var import_core15 = require("@pafi-dev/core");
 var BalanceAggregator = class {
   provider;
   ledger;
@@ -3383,7 +3288,7 @@ var BalanceAggregator = class {
   async getCombinedBalance(user, pointToken) {
     const [offChain, onChain] = await Promise.all([
       this.ledger.getBalance(user, pointToken),
-      (0, import_core16.getPointTokenBalance)(this.provider, pointToken, user)
+      (0, import_core15.getPointTokenBalance)(this.provider, pointToken, user)
     ]);
     return {
       offChain,
@@ -3616,8 +3521,8 @@ var PafiBackendClient = class {
 };
 
 // src/config.ts
-var import_viem14 = require("viem");
-var import_core17 = require("@pafi-dev/core");
+var import_viem13 = require("viem");
+var import_core16 = require("@pafi-dev/core");
 function createIssuerService(config) {
   if (!config.provider) {
     throw new Error("createIssuerService: provider is required");
@@ -3637,7 +3542,7 @@ function createIssuerService(config) {
       "createIssuerService: at least one of pointTokenAddress / pointTokenAddresses is required"
     );
   }
-  const tokenAddresses = rawAddresses.map((a) => (0, import_viem14.getAddress)(a));
+  const tokenAddresses = rawAddresses.map((a) => (0, import_viem13.getAddress)(a));
   const ledger = config.ledger;
   const sessionStore = config.sessionStore ?? new MemorySessionStore();
   const policy = config.policy ?? new DefaultPolicyEngine({ ledger });
@@ -3687,7 +3592,7 @@ function createIssuerService(config) {
     indexers.set(tokenAddress, new PointIndexer(indexerConfig));
   }
   const firstIndexer = indexers.get(tokenAddresses[0]);
-  const chainAddresses = (0, import_core17.getContractAddresses)(config.chainId);
+  const chainAddresses = (0, import_core16.getContractAddresses)(config.chainId);
   const resolvedContracts = {
     batchExecutor: chainAddresses.batchExecutor,
     usdt: chainAddresses.usdt,
@@ -3706,15 +3611,6 @@ function createIssuerService(config) {
   };
   if (feeManager) handlersConfig.feeManager = feeManager;
   if (config.poolsProvider) handlersConfig.poolsProvider = config.poolsProvider;
-  if (config.claim) {
-    handlersConfig.claim = {
-      policy,
-      relayService,
-      issuerSignerWallet: config.claim.issuerSignerWallet,
-      batchExecutorAddress: config.claim.batchExecutorAddress ?? chainAddresses.batchExecutor,
-      lockDurationMs: config.claim.lockDurationMs
-    };
-  }
   const handlers = new IssuerApiHandlers(handlersConfig);
   if (config.indexer?.autoStart) {
     for (const idx of indexers.values()) {
@@ -3735,8 +3631,8 @@ function createIssuerService(config) {
 }
 
 // src/issuer-state/validator.ts
-var import_viem15 = require("viem");
-var import_core18 = require("@pafi-dev/core");
+var import_viem14 = require("viem");
+var import_core17 = require("@pafi-dev/core");
 var ISSUER_RECORD_TTL_MS = 3e4;
 var IssuerStateValidator = class _IssuerStateValidator {
   constructor(provider, registryAddress) {
@@ -3753,7 +3649,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    * `CONTRACT_ADDRESSES` map for the given chain.
    */
   static forChain(provider, chainId) {
-    const { issuerRegistry } = (0, import_core18.getContractAddresses)(chainId);
+    const { issuerRegistry } = (0, import_core17.getContractAddresses)(chainId);
     return new _IssuerStateValidator(provider, issuerRegistry);
   }
   /**
@@ -3762,7 +3658,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    */
   invalidate(pointToken) {
     if (pointToken) {
-      const key = (0, import_viem15.getAddress)(pointToken);
+      const key = (0, import_viem14.getAddress)(pointToken);
       this.pointTokenIssuerCache.delete(key);
       this.stateCache.delete(key);
       this.inflight.delete(key);
@@ -3777,23 +3673,23 @@ var IssuerStateValidator = class _IssuerStateValidator {
    * The issuer field is set at `initialize()` and never changes.
    */
   async getIssuerAddressForPointToken(pointToken) {
-    const key = (0, import_viem15.getAddress)(pointToken);
+    const key = (0, import_viem14.getAddress)(pointToken);
     const cached = this.pointTokenIssuerCache.get(key);
     if (cached) return cached;
     const issuer = await this.provider.readContract({
       address: key,
-      abi: import_core18.POINT_TOKEN_V2_ABI,
+      abi: import_core17.POINT_TOKEN_V2_ABI,
       functionName: "issuer"
     });
-    this.pointTokenIssuerCache.set(key, (0, import_viem15.getAddress)(issuer));
-    return (0, import_viem15.getAddress)(issuer);
+    this.pointTokenIssuerCache.set(key, (0, import_viem14.getAddress)(issuer));
+    return (0, import_viem14.getAddress)(issuer);
   }
   /**
    * Read registry record + totalSupply, with 30s cache and in-flight
    * deduplication. Does NOT throw on inactive/missing — returns raw state.
    */
   async getIssuerState(pointToken) {
-    const tokenAddr = (0, import_viem15.getAddress)(pointToken);
+    const tokenAddr = (0, import_viem14.getAddress)(pointToken);
     const now = Date.now();
     const cached = this.stateCache.get(tokenAddr);
     if (cached && cached.expiresAt > now) return cached.value;
@@ -3863,13 +3759,13 @@ var IssuerStateValidator = class _IssuerStateValidator {
     const [issuerTuple, totalSupply] = await Promise.all([
       this.provider.readContract({
         address: this.registryAddress,
-        abi: import_core18.issuerRegistryGetIssuerFlatAbi,
+        abi: import_core17.issuerRegistryGetIssuerFlatAbi,
         functionName: "getIssuer",
         args: [issuerAddr]
       }),
       this.provider.readContract({
         address: tokenAddr,
-        abi: import_core18.POINT_TOKEN_V2_ABI,
+        abi: import_core17.POINT_TOKEN_V2_ABI,
         functionName: "totalSupply"
       })
     ]);
@@ -3908,6 +3804,7 @@ var PAFI_ISSUER_SDK_VERSION = "0.4.0";
   IssuerStateError,
   IssuerStateValidator,
   LockNotFoundError,
+  MemoryPendingUserOpStore,
   MemorySessionStore,
   NonceManager,
   PAFI_ISSUER_SDK_VERSION,
@@ -3928,8 +3825,6 @@ var PAFI_ISSUER_SDK_VERSION = "0.4.0";
   RelayService,
   SwapError,
   SwapHandler,
-  TopUpRedemptionError,
-  TopUpRedemptionHandler,
   authenticateRequest,
   createIssuerService,
   createNativePtQuoter,